diff --git a/.openpublishing.publish.config.json b/.openpublishing.publish.config.json
index 576b2cc42a..e06f28392e 100644
--- a/.openpublishing.publish.config.json
+++ b/.openpublishing.publish.config.json
@@ -105,4 +105,4 @@
"git_repository_branch_open_to_public_contributors": "master",
"skip_source_output_uploading": false,
"dependent_repositories": []
-}
+}
\ No newline at end of file
diff --git a/browsers/edge/Index.md b/browsers/edge/Index.md
index 60c93b0051..29090e5faa 100644
--- a/browsers/edge/Index.md
+++ b/browsers/edge/Index.md
@@ -16,6 +16,8 @@ localizationpriority: high
- Windows 10
- Windows 10 Mobile
+>Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
+
Microsoft Edge is the new, default web browser for Windows 10, helping you to experience modern web standards, better performance, improved security, and increased reliability. Microsoft Edge also introduces new features like Web Note, Reading View, and Cortana that you can use along with your normal web browsing abilities.
Microsoft Edge lets you stay up-to-date through the Windows Store and to manage your enterprise through Group Policy or your mobile device management (MDM) tools.
@@ -48,11 +50,11 @@ However, if you're running web apps that continue to use:
* legacy document modes
-You'll need to keep running them using IE11. If you don't have IE11 installed anymore, you can download it from the Windows Store or from the [Internet Explorer 11 download page](http://go.microsoft.com/fwlink/p/?linkid=290956). Alternatively, you can also use Enterprise Mode with Microsoft Edge to transition only the sites that need these technologies to load in IE11. For info about Enterprise Mode and Edge, see [Use Enterprise Mode to improve compatibility](emie-to-improve-compatibility.md).
+You'll need to keep running them using IE11. If you don't have IE11 installed anymore, you can download it from the Windows Store or from the [Internet Explorer 11 download page](https://go.microsoft.com/fwlink/p/?linkid=290956). Alternatively, you can also use Enterprise Mode with Microsoft Edge to transition only the sites that need these technologies to load in IE11. For info about Enterprise Mode and Edge, see [Use Enterprise Mode to improve compatibility](emie-to-improve-compatibility.md).
## Related topics
-- [Download Internet Explorer 11](http://go.microsoft.com/fwlink/p/?linkid=290956)
-- [Internet Explorer 11 (IE11) - Deployment Guide for IT Pros](http://go.microsoft.com/fwlink/p/?LinkId=760644)
-- [Internet Explorer 11 - FAQ for IT Pros](http://go.microsoft.com/fwlink/p/?LinkId=760645)
-- [Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide](http://go.microsoft.com/fwlink/p/?LinkId=760646)
+- [Download Internet Explorer 11](https://go.microsoft.com/fwlink/p/?linkid=290956)
+- [Internet Explorer 11 (IE11) - Deployment Guide for IT Pros](https://go.microsoft.com/fwlink/p/?LinkId=760644)
+- [Internet Explorer 11 - FAQ for IT Pros](https://go.microsoft.com/fwlink/p/?LinkId=760645)
+- [Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide](https://go.microsoft.com/fwlink/p/?LinkId=760646)
diff --git a/browsers/edge/available-policies.md b/browsers/edge/available-policies.md
index 22c69f91b8..c7e1e2fcd2 100644
--- a/browsers/edge/available-policies.md
+++ b/browsers/edge/available-policies.md
@@ -19,7 +19,7 @@ localizationpriority: high
Microsoft Edge works with Group Policy and Microsoft Intune to help you manage your organization's computer settings. Group Policy objects (GPO's) can include registry-based Administrative Template policy settings, security settings, software deployment information, scripts, folder redirection, and preferences.
By using Group Policy and Intune, you can set up a policy setting once, and then copy that setting onto many computers. For example, you can set up multiple security settings in a GPO that's linked to a domain, and then apply all of those settings to every computer in the domain.
-**Note**
For more info about Group Policy, see the [Group Policy TechCenter](http://go.microsoft.com/fwlink/p/?LinkId=214514). This site provides links to the latest technical documentation, videos, and downloads for Group Policy. For more info about the tools you can use to change your Group Policy objects, see the Internet Explorer 11 topics, [Group Policy and the Group Policy Management Console (GPMC)](http://go.microsoft.com/fwlink/p/?LinkId=617921), [Group Policy and the Local Group Policy Editor](http://go.microsoft.com/fwlink/p/?LinkId=617922), [Group Policy and the Advanced Group Policy Management (AGPM)](http://go.microsoft.com/fwlink/p/?LinkId=617923), and [Group Policy and Windows Powershell](http://go.microsoft.com/fwlink/p/?LinkId=617924).
+
**Note**
For more info about Group Policy, see the [Group Policy TechCenter](https://go.microsoft.com/fwlink/p/?LinkId=214514). This site provides links to the latest technical documentation, videos, and downloads for Group Policy. For more info about the tools you can use to change your Group Policy objects, see the Internet Explorer 11 topics, [Group Policy and the Group Policy Management Console (GPMC)](https://go.microsoft.com/fwlink/p/?LinkId=617921), [Group Policy and the Local Group Policy Editor](https://go.microsoft.com/fwlink/p/?LinkId=617922), [Group Policy and the Advanced Group Policy Management (AGPM)](https://go.microsoft.com/fwlink/p/?LinkId=617923), and [Group Policy and Windows Powershell](https://go.microsoft.com/fwlink/p/?LinkId=617924).
## Group Policy settings
Microsoft Edge works with these Group Policy settings (`Computer Configuration\Administrative Templates\Windows Components\Microsoft Edge\`) to help you manage your company's web browser configurations:
@@ -48,7 +48,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
|Show message when opening sites in Internet Explorer |Windows 10 Insider Preview |This policy setting lets you decide whether employees see an additional page in Microsoft Edge, stating that a site has been opened using Internet Explorer 11.
If you enable this setting, employees see an additional page in Microsoft Edge, stating that a site has been opened using Internet Explorer 11.
If you disable or don’t configure this setting, the default app behavior occurs and no additional page appears. |**Enabled:** Shows an additional page in Microsoft Edge, stating that a site has been opened using Internet Explorer 11.
**Disabled or not configured (default):** Doesn’t show an additional page in Microsoft Edge, stating that a site has been opened using Internet Explorer 11. |
## Using Microsoft Intune to manage your Mobile Data Management (MDM) settings for Microsoft Edge
-If you manage your policies using Intune, you'll want to use these MDM policy settings. You can see the full list of available policies, on the [Policy CSP]( http://go.microsoft.com/fwlink/p/?LinkId=722885) page.
+If you manage your policies using Intune, you'll want to use these MDM policy settings. You can see the full list of available policies, on the [Policy CSP]( https://go.microsoft.com/fwlink/p/?LinkId=722885) page.
**Note**
The **Supports** column uses these options:
@@ -102,8 +102,8 @@ These are additional Windows 10-specific MDM policy settings that work with Mic
|AllowSyncMySettings |Desktop |
- **URI full path.** ./Vendor/MSFT/Policy/Config/Experience/AllowSyncMySettings
- **Data type.** Integer
- **Allowed values:**
- **0.** Employees can’t sync settings between PCs.
- **1 (default).** Employees can sync between PCs.
|
## Related topics
-* [Group Policy TechCenter](http://go.microsoft.com/fwlink/p/?LinkId=214514)
-* [Mobile Data Management (MDM) settings]( http://go.microsoft.com/fwlink/p/?LinkId=722885)
+* [Group Policy TechCenter](https://go.microsoft.com/fwlink/p/?LinkId=214514)
+* [Mobile Data Management (MDM) settings]( https://go.microsoft.com/fwlink/p/?LinkId=722885)
diff --git a/browsers/edge/emie-to-improve-compatibility.md b/browsers/edge/emie-to-improve-compatibility.md
index 1a8c85b533..4d6bfce510 100644
--- a/browsers/edge/emie-to-improve-compatibility.md
+++ b/browsers/edge/emie-to-improve-compatibility.md
@@ -19,7 +19,7 @@ localizationpriority: high
If you have specific web sites and apps that you know have compatibility problems with Microsoft Edge, you can use the Enterprise Mode site list so that the web sites will automatically open using Internet Explorer 11. Additionally, if you know that your intranet sites aren't going to work properly with Microsoft Edge, you can set all intranet sites to automatically open using IE11.
Using Enterprise Mode means that you can continue to use Microsoft Edge as your default browser, while also ensuring that your apps continue working on IE11.
-**Note**
If you want to use Group Policy to set Internet Explorer as your default browser, you can find the info here, [Set the default browser using Group Policy]( http://go.microsoft.com/fwlink/p/?LinkId=620714).
+
**Note**
If you want to use Group Policy to set Internet Explorer as your default browser, you can find the info here, [Set the default browser using Group Policy]( https://go.microsoft.com/fwlink/p/?LinkId=620714).
## Fix specific websites
@@ -27,7 +27,7 @@ Microsoft Edge doesn't support ActiveX controls, Browser Helper Objects, VBScrip
 **To add sites to your list**
-1. In the Enterprise Mode Site List Manager, click **Add**.
If you already have an existing site list, you can import it into the tool. After it's in the tool, the xml updates the list, checking **Open in IE** for each site. For info about importing the site list, see [Import your Enterprise Mode site list to the Enterprise Mode Site List Manager](http://go.microsoft.com/fwlink/p/?LinkId=618322).
+1. In the Enterprise Mode Site List Manager, click **Add**.
If you already have an existing site list, you can import it into the tool. After it's in the tool, the xml updates the list, checking **Open in IE** for each site. For info about importing the site list, see [Import your Enterprise Mode site list to the Enterprise Mode Site List Manager](https://go.microsoft.com/fwlink/p/?LinkId=618322).
2. Type or paste the URL for the website that’s experiencing compatibility problems, like *<domain>*.com or *<domain>*.com/*<path>* into the **URL** box.
You don’t need to include the `http://` or `https://` designation. The tool will automatically try both versions during validation.
@@ -37,11 +37,11 @@ Microsoft Edge doesn't support ActiveX controls, Browser Helper Objects, VBScrip
5. Click **Save** to validate your website and to add it to the site list for your enterprise.
If your site passes validation, it’s added to the global compatibility list. If the site doesn’t pass validation, you’ll get an error message explaining the problem. You’ll then be able to either cancel the site or ignore the validation problem and add it to your list anyway.
-6. On the **File** menu, go to where you want to save the file, and then click **Save to XML**.
You can save the file locally or to a network share. However, you must make sure you deploy it to the location specified in your Group Policy setting. For more info, see [Turn on Enterprise Mode and use a site list](http://go.microsoft.com/fwlink/p/?LinkId=618952).
+6. On the **File** menu, go to where you want to save the file, and then click **Save to XML**.
You can save the file locally or to a network share. However, you must make sure you deploy it to the location specified in your Group Policy setting. For more info, see [Turn on Enterprise Mode and use a site list](https://go.microsoft.com/fwlink/p/?LinkId=618952).
### Set up Microsoft Edge to use the Enterprise Mode site list
-You must turn on the **Use Enterprise Mode Site List** Group Policy setting before Microsoft Edge can use the Enterprise Mode site list. This Group Policy applies to both Microsoft Edge and IE11, letting Microsoft Edge switch to IE11 as needed, based on the Enterprise Mode site list. For more info about IE11 and Enterprise Mode, see [Enterprise Mode for Internet Explorer 11 (IE11)](http://go.microsoft.com/fwlink/p/?linkid=618377).
+You must turn on the **Use Enterprise Mode Site List** Group Policy setting before Microsoft Edge can use the Enterprise Mode site list. This Group Policy applies to both Microsoft Edge and IE11, letting Microsoft Edge switch to IE11 as needed, based on the Enterprise Mode site list. For more info about IE11 and Enterprise Mode, see [Enterprise Mode for Internet Explorer 11 (IE11)](https://go.microsoft.com/fwlink/p/?linkid=618377).
 **To turn on Enterprise Mode using Group Policy**
@@ -70,7 +70,7 @@ You must turn on the **Use Enterprise Mode Site List** Group Policy setting befo
## Fix your intranet sites
You can add the **Send all intranet traffic over to Internet Explorer** Group Policy setting for Windows 10 so that all of your intranet sites open in IE11. This means that even if your employees are using Microsoft Edge, they will automatically switch to IE11 while viewing the intranet.
-
**Note**
If you want to use Group Policy to set IE as the default browser for Internet sites, you can find the info here, [Set the default browser using Group Policy]( http://go.microsoft.com/fwlink/p/?LinkId=620714).
+
**Note**
If you want to use Group Policy to set IE as the default browser for Internet sites, you can find the info here, [Set the default browser using Group Policy]( https://go.microsoft.com/fwlink/p/?LinkId=620714).
 **To turn on Sends all intranet traffic over to Internet Explorer using Group Policy**
@@ -81,11 +81,11 @@ You can add the **Send all intranet traffic over to Internet Explorer** Group Po
3. Refresh your policy in your organization and then view the affected sites in Microsoft Edge.
The site shows a message in Microsoft Edge, saying that the page needs IE. At the same time, the page opens in IE11; in a new frame if it's not yet running, or in a new tab if it is.
## Related topics
-* [Blog: How Microsoft Edge and Internet Explorer 11 on Windows 10 work better together in the Enterprise](http://go.microsoft.com/fwlink/p/?LinkID=624035)
-* [Enterprise Mode Site List Manager for Windows 7 and Windows 8.1 download](http://go.microsoft.com/fwlink/p/?LinkId=394378)
-* [Enterprise Mode Site List Manager for Windows 10 download](http://go.microsoft.com/fwlink/?LinkId=746562)
-* [Enterprise Mode for Internet Explorer 11 (IE11)](http://go.microsoft.com/fwlink/p/?linkid=618377)
-* [Set the default browser using Group Policy]( http://go.microsoft.com/fwlink/p/?LinkId=620714)
+* [Blog: How Microsoft Edge and Internet Explorer 11 on Windows 10 work better together in the Enterprise](https://go.microsoft.com/fwlink/p/?LinkID=624035)
+* [Enterprise Mode Site List Manager for Windows 7 and Windows 8.1 download](https://go.microsoft.com/fwlink/p/?LinkId=394378)
+* [Enterprise Mode Site List Manager for Windows 10 download](https://go.microsoft.com/fwlink/?LinkId=746562)
+* [Enterprise Mode for Internet Explorer 11 (IE11)](https://go.microsoft.com/fwlink/p/?linkid=618377)
+* [Set the default browser using Group Policy]( https://go.microsoft.com/fwlink/p/?LinkId=620714)
diff --git a/browsers/edge/enterprise-guidance-using-microsoft-edge-and-ie11.md b/browsers/edge/enterprise-guidance-using-microsoft-edge-and-ie11.md
index 436053d3ec..a3dcf46f40 100644
--- a/browsers/edge/enterprise-guidance-using-microsoft-edge-and-ie11.md
+++ b/browsers/edge/enterprise-guidance-using-microsoft-edge-and-ie11.md
@@ -21,7 +21,7 @@ localizationpriority: high
- Windows 10
## Enterprise guidance
-Microsoft Edge is the default browser experience for Windows 10 and Windows 10 Mobile. However, if you're running web apps that need ActiveX controls, we recommend that you continue to use Internet Explorer 11 for them. If you don't have IE11 installed anymore, you can download it from the Windows Store or from the [Internet Explorer 11 download page](http://go.microsoft.com/fwlink/p/?linkid=290956).
+Microsoft Edge is the default browser experience for Windows 10 and Windows 10 Mobile. However, if you're running web apps that need ActiveX controls, we recommend that you continue to use Internet Explorer 11 for them. If you don't have IE11 installed anymore, you can download it from the Windows Store or from the [Internet Explorer 11 download page](https://go.microsoft.com/fwlink/p/?linkid=290956).
We also recommend that you upgrade to IE11 if you're running any earlier versions of Internet Explorer. IE11 is supported on Windows 7, Windows 8.1, and Windows 10. So any legacy apps that work with IE11 will continue to work even as you migrate to Windows 10.
diff --git a/browsers/edge/hardware-and-software-requirements.md b/browsers/edge/hardware-and-software-requirements.md
index 2c56db269a..d423c37bd4 100644
--- a/browsers/edge/hardware-and-software-requirements.md
+++ b/browsers/edge/hardware-and-software-requirements.md
@@ -29,7 +29,7 @@ Some of the components in this table might also need additional system resources
| Item | Minimum requirements |
| ------------------ | -------------------------------------------- |
| Computer/processor | 1 gigahertz (GHz) or faster (32-bit (x86) or 64-bit (x64)) |
-| Operating system |
- Windows 10 (32-bit or 64-bit)
- Windows 10 Mobile
**Note**
For specific Windows 10 Mobile requirements, see the [Minimum hardware requirements for Windows 10 Mobile](http://go.microsoft.com/fwlink/p/?LinkID=699266) topic. |
+| Operating system |
- Windows 10 (32-bit or 64-bit)
- Windows 10 Mobile
**Note**
For specific Windows 10 Mobile requirements, see the [Minimum hardware requirements for Windows 10 Mobile](https://go.microsoft.com/fwlink/p/?LinkID=699266) topic. |
| Memory |
- Windows 10 (32-bit) - 1 GB
- Windows 10 (64-bit) - 2 GB
|
| Hard drive space | - Windows 10 (32-bit) - 16 GB
- Windows 10 (64-bit) - 20 GB
|
| DVD drive | DVD-ROM drive (if installing from a DVD-ROM) |
diff --git a/browsers/internet-explorer/ie11-deploy-guide/activex-installation-using-group-policy.md b/browsers/internet-explorer/ie11-deploy-guide/activex-installation-using-group-policy.md
index 816aad03bb..11347ac764 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/activex-installation-using-group-policy.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/activex-installation-using-group-policy.md
@@ -35,7 +35,7 @@ You use the ActiveX Installer Service (AXIS) and Group Policy to manage your Act
- **ActiveX installation policy for sites in trusted zones.** Identifies how AXIS should behave when a website tries to install an ActiveX control. First, AXIS looks to see if the site appears in either the list of approved installation sites or in the **Trusted sites** zone. If the does, then AXIS checks to make sure the control meets your company's policy requirements. If the ActiveX control meets all of these requirements, the control is installed.
-For more information about the ActiveX Installer Service, see [Administering the ActiveX Installer Service in Windows 7](http://go.microsoft.com/fwlink/p/?LinkId=214503).
+For more information about the ActiveX Installer Service, see [Administering the ActiveX Installer Service in Windows 7](https://go.microsoft.com/fwlink/p/?LinkId=214503).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md b/browsers/internet-explorer/ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md
index 99717bb268..a923c7b2dd 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md
@@ -99,7 +99,7 @@ After you’ve added all of your sites to the tool and saved the file to XML, yo
## Related topics
- [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md b/browsers/internet-explorer/ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md
index 886cbed096..4770a4ffb0 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md
@@ -108,7 +108,7 @@ You can save the file locally or to a network share. However, you must make sure
After you’ve added all of your sites to the tool and saved the file to XML, you can configure the rest of the Enterprise Mode functionality to use it. You can also turn Enterprise Mode on locally, so your users have the option to use Enterprise Mode on individual websites from the **Tools** menu. For more information, see [Turn on local control and logging for Enterprise Mode](turn-on-local-control-and-logging-for-enterprise-mode.md).
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
- [Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md b/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md
index 6ae191787f..7e8c3c6910 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md
@@ -53,7 +53,7 @@ You can save the file locally or to a network share. However, you must make sure
After you’ve added all of your sites to the tool and saved the file to XML, you can configure the rest of the Enterprise Mode functionality to use it. You can also turn Enterprise Mode on locally, so your users have the option to use Enterprise Mode on individual websites from the **Tools** menu. For more information, see [Turn on local control and logging for Enterprise Mode](turn-on-local-control-and-logging-for-enterprise-mode.md).
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md b/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md
index 6f22bf4dfc..b18fa646cd 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md
@@ -69,7 +69,7 @@ You can save the file locally or to a network share. However, you must make sure
After you’ve added all of your sites to the tool and saved the file to XML, you can configure the rest of the Enterprise Mode functionality to use it. You can also turn Enterprise Mode on locally, so your users have the option to use Enterprise Mode on individual websites from the **Tools** menu. For more information, see [Turn on local control and logging for Enterprise Mode](turn-on-local-control-and-logging-for-enterprise-mode.md).
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/administrative-templates-and-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/administrative-templates-and-ie11.md
index 1774c25fd3..137b689b2f 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/administrative-templates-and-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/administrative-templates-and-ie11.md
@@ -23,7 +23,7 @@ Administrative Templates are made up of a hierarchy of policy categories and sub
- Text explanations about each setting and the supported version of Internet Explorer.
-For a conceptual overview of Administrative Templates, see [Managing Group Policy ADMX Files Step-by-Step Guide](http://go.microsoft.com/fwlink/p/?LinkId=214519).
+For a conceptual overview of Administrative Templates, see [Managing Group Policy ADMX Files Step-by-Step Guide](https://go.microsoft.com/fwlink/p/?LinkId=214519).
## What are Administrative Templates?
Administrative Templates are XML-based, multi-language files that define the registry-based Group Policy settings in the Local Group Policy Editor. There are two types of Administrative Templates:
@@ -34,7 +34,7 @@ Administrative Templates are XML-based, multi-language files that define the reg
## How do I store Administrative Templates?
As an admin, you can create a central store folder on your SYSVOL directory, named **PolicyDefinitions**. For example, %*SystemRoot*%\\PolicyDefinitions. This folder provides a single, centralized storage location for your Administrative Templates (both ADMX and ADML) files, so they can be used by your domain-based Group Policy Objects (GPOs).
-**Important**
Your Group Policy tools use the ADMX files in your store, ignoring any local copies. For more information about creating a central store, see [Scenario 1: Editing the Local GPO Using ADMX Files](http://go.microsoft.com/fwlink/p/?LinkId=276810).
+
**Important**
Your Group Policy tools use the ADMX files in your store, ignoring any local copies. For more information about creating a central store, see [Scenario 1: Editing the Local GPO Using ADMX Files](https://go.microsoft.com/fwlink/p/?LinkId=276810).
## Administrative Templates-related Group Policy settings
When you install Internet Explorer 11, it updates the local administrative files, Inetres.admx and Inetres.adml, both located in the **PolicyDefinitions** folder.
@@ -68,11 +68,11 @@ IE11 provides these new policy settings, which are editable in the Local Group P
## Editing Group Policy settings
Regardless which tool you're using to edit your Group Policy settings, you'll need to follow one of these guides for step-by-step editing instructions:
-- **If you're using the Group Policy Management Console (GPMC) or the Local Group Policy Editor.** See [Edit Administrative Template Policy Settings](http://go.microsoft.com/fwlink/p/?LinkId=214521) for step-by-step instructions about editing your Administrative Templates.
+- **If you're using the Group Policy Management Console (GPMC) or the Local Group Policy Editor.** See [Edit Administrative Template Policy Settings](https://go.microsoft.com/fwlink/p/?LinkId=214521) for step-by-step instructions about editing your Administrative Templates.
-- **If you're using GPMC with Advanced Group Policy Management (AGPM).** See [Checklist: Create, Edit, and Deploy a GPO](http://go.microsoft.com/fwlink/p/?LinkId=214522) for step-by-step instructions about how to check out a GPO from the AGPM archive, edit it, and request deployment.
+- **If you're using GPMC with Advanced Group Policy Management (AGPM).** See [Checklist: Create, Edit, and Deploy a GPO](https://go.microsoft.com/fwlink/p/?LinkId=214522) for step-by-step instructions about how to check out a GPO from the AGPM archive, edit it, and request deployment.
## Related topics
-- [Administrative templates (.admx) for Windows 10 download](http://go.microsoft.com/fwlink/p/?LinkId=746579)
-- [Administrative Templates (.admx) for Windows 8.1 and Windows Server 2012 R2](http://go.microsoft.com/fwlink/p/?LinkId=746580)
+- [Administrative templates (.admx) for Windows 10 download](https://go.microsoft.com/fwlink/p/?LinkId=746579)
+- [Administrative Templates (.admx) for Windows 8.1 and Windows Server 2012 R2](https://go.microsoft.com/fwlink/p/?LinkId=746580)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/auto-configuration-and-auto-proxy-problems-with-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/auto-configuration-and-auto-proxy-problems-with-ie11.md
index ede7f497c1..a64b645896 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/auto-configuration-and-auto-proxy-problems-with-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/auto-configuration-and-auto-proxy-problems-with-ie11.md
@@ -32,7 +32,7 @@ If you experience issues while setting up your proxy server, you can try these t
2. Click **Settings** or **LAN Settings**, and then look at your proxy server address.
-3. If you have multiple proxy servers, click **Advanced** to look at all of the additional addresses.
**Note**
If IE11 uses a proxy server for local IP addresses, regardless whether you turned on the **Bypass Proxy Server for Local Addresses** option, see [Internet Explorer Uses Proxy Server for Local IP Address Even if the "Bypass Proxy Server for Local Addresses" Option Is Turned On](http://go.microsoft.com/fwlink/p/?LinkId=85652).
+3. If you have multiple proxy servers, click **Advanced** to look at all of the additional addresses.
**Note**
If IE11 uses a proxy server for local IP addresses, regardless whether you turned on the **Bypass Proxy Server for Local Addresses** option, see [Internet Explorer Uses Proxy Server for Local IP Address Even if the "Bypass Proxy Server for Local Addresses" Option Is Turned On](https://go.microsoft.com/fwlink/p/?LinkId=85652).
 **To check that you've turned on the correct settings**
diff --git a/browsers/internet-explorer/ie11-deploy-guide/auto-configuration-settings-for-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/auto-configuration-settings-for-ie11.md
index 9a5efa2a85..c430862513 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/auto-configuration-settings-for-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/auto-configuration-settings-for-ie11.md
@@ -37,7 +37,7 @@ For custom graphics and branding, add the `FEATURE\AUTOCONFIG\BRANDING` registry
## Updating your automatic configuration settings
After adding the `FEATURE\AUTOCONFIG\BRANDING` registry key, you can change your automatic configuration settings to pick up the updated branding.
-
**Important**
Your branding changes won't be added or updated if you've previously chosen the **Disable external branding of IE** setting in the `User Configuration\Administrative Templates\Windows Components\Internet Explorer` Group Policy object. This setting is intended to prevent branding by a third-party, like an Internet service or content provider. For more information about Group Policy, including videos and the latest technical documentation, see the [Group Policy TechCenter](http://go.microsoft.com/fwlink/p/?LinkId=214514).
+
**Important**
Your branding changes won't be added or updated if you've previously chosen the **Disable external branding of IE** setting in the `User Configuration\Administrative Templates\Windows Components\Internet Explorer` Group Policy object. This setting is intended to prevent branding by a third-party, like an Internet service or content provider. For more information about Group Policy, including videos and the latest technical documentation, see the [Group Policy TechCenter](https://go.microsoft.com/fwlink/p/?LinkId=214514).
 **To update your settings**
diff --git a/browsers/internet-explorer/ie11-deploy-guide/auto-detect-settings-for-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/auto-detect-settings-for-ie11.md
index 4844421fea..b93b60f816 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/auto-detect-settings-for-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/auto-detect-settings-for-ie11.md
@@ -29,7 +29,7 @@ To use automatic detection, you have to set up your DHCP and DNS servers.
**No
2. Choose the **Automatically detect configuration settings** box to automatically detect your browser settings. For more information about the **Automatic Configuration** page, see [Use the Automatic Configuration page in the IEAK 11 Wizard](../ie11-ieak/auto-config-ieak11-wizard.md).
-3. Open the [DHCP Administrative Tool](http://go.microsoft.com/fwlink/p/?LinkId=302212), create a new option type, using the code number 252, and then associate it with the URL to your configuration file. For detailed instructions about how to do this, see [Create an option 252 entry in DHCP](http://go.microsoft.com/fwlink/p/?LinkId=294649).
+3. Open the [DHCP Administrative Tool](https://go.microsoft.com/fwlink/p/?LinkId=302212), create a new option type, using the code number 252, and then associate it with the URL to your configuration file. For detailed instructions about how to do this, see [Create an option 252 entry in DHCP](https://go.microsoft.com/fwlink/p/?LinkId=294649).
 **To turn on automatic detection for DNS servers**
@@ -37,7 +37,7 @@ To use automatic detection, you have to set up your DHCP and DNS servers.
**No
2. Choose the **Automatically detect configuration settings** box to automatically detect your browser settings.
-3. In your DNS database file, create a host record named, **WPAD**. This record has the IP address of the web server storing your automatic configuration (.js, .jvs, .pac, or .ins) file.
**-OR-**
Create a canonical name (CNAME) alias record named, **WPAD**. This record has the resolved name (not the IP address) of the server storing your automatic configuration (.pac) file.
**Note**
For more information about creating a **WPAD** entry, see [Creating a WPAD entry in DNS](http://go.microsoft.com/fwlink/p/?LinkId=294651).
+3. In your DNS database file, create a host record named, **WPAD**. This record has the IP address of the web server storing your automatic configuration (.js, .jvs, .pac, or .ins) file.
**-OR-**
Create a canonical name (CNAME) alias record named, **WPAD**. This record has the resolved name (not the IP address) of the server storing your automatic configuration (.pac) file.
**Note**
For more information about creating a **WPAD** entry, see [Creating a WPAD entry in DNS](https://go.microsoft.com/fwlink/p/?LinkId=294651).
4. After the database file propagates to the server, the DNS name, `wpad..com` resolves to the server name that includes your automatic configuration file.**Note**
Internet Explorer 11 creates a default URL template based on the host name, **wpad**. For example, `http://wpad..com/wpad.dat`. Because of this, you need to set up a file or redirection point in your web server **WPAD** record, named **wpad.dat**. The **wpad.dat** record delivers the contents of your automatic configuration file.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/auto-proxy-configuration-settings-for-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/auto-proxy-configuration-settings-for-ie11.md
index 3e63de28b0..119052b438 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/auto-proxy-configuration-settings-for-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/auto-proxy-configuration-settings-for-ie11.md
@@ -36,7 +36,7 @@ You have two options to restrict your users' ability to override the automatic c
- **Using Microsoft Active Directory.** Choose **Disable changing proxy settings** from the Administrative Templates setting.
-- **Not Using Active Directory.** Choose the **Prevent changing proxy settings** setting in the `User Configuration\Administrative Templates\Windows Components\Internet Explorer` Group Policy object. For more information about Group Policy, see the [Group Policy TechCenter](http://go.microsoft.com/fwlink/p/?LinkId=214514).
+- **Not Using Active Directory.** Choose the **Prevent changing proxy settings** setting in the `User Configuration\Administrative Templates\Windows Components\Internet Explorer` Group Policy object. For more information about Group Policy, see the [Group Policy TechCenter](https://go.microsoft.com/fwlink/p/?LinkId=214514).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/browser-cache-changes-and-roaming-profiles.md b/browsers/internet-explorer/ie11-deploy-guide/browser-cache-changes-and-roaming-profiles.md
index 00c6e38225..36de09f8ce 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/browser-cache-changes-and-roaming-profiles.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/browser-cache-changes-and-roaming-profiles.md
@@ -14,7 +14,7 @@ ms.sitesec: library
# Browser cache changes and roaming profiles
We’ve redesigned the browser cache to improve the performance, flexibility, reliability, and scalability of Internet Explorer and the apps that rely on the Windows Internet (WinINet) cache. Our new database design stops multiple clients from simultaneously accessing and using cached information, while also providing a higher level of data integrity.
-You won’t notice any changes to the management of your roaming profile data if you use our new database implementation in conjunction with the [roaming user profile guidelines](http://go.microsoft.com/fwlink/p/?LinkId=401544). This means that IE data that’s stored in the `AppData\Roaming` user profile folder is still be uploaded to your normal profile storage location after a user successfully logs off.**Note**
Cookies in a roaming profile can only be set by Internet Explorer for the desktop, with Enhanced Protected Mode turned off. Cookies set by the immersive version of IE or by Windows Store apps, can’t be part of a roaming profile. For more information about persistent cookies and roaming, see [Persistent cookies are not roamed in Internet Explorer](http://go.microsoft.com/fwlink/p/?LinkId=401545).
+You won’t notice any changes to the management of your roaming profile data if you use our new database implementation in conjunction with the [roaming user profile guidelines](https://go.microsoft.com/fwlink/p/?LinkId=401544). This means that IE data that’s stored in the `AppData\Roaming` user profile folder is still be uploaded to your normal profile storage location after a user successfully logs off.
**Note**
Cookies in a roaming profile can only be set by Internet Explorer for the desktop, with Enhanced Protected Mode turned off. Cookies set by the immersive version of IE or by Windows Store apps, can’t be part of a roaming profile. For more information about persistent cookies and roaming, see [Persistent cookies are not roamed in Internet Explorer](https://go.microsoft.com/fwlink/p/?LinkId=401545).
To get the best results while using roaming profiles, we strongly recommend the following:
diff --git a/browsers/internet-explorer/ie11-deploy-guide/choose-how-to-install-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/choose-how-to-install-ie11.md
index da141bbcc1..cf90d5c6b3 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/choose-how-to-install-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/choose-how-to-install-ie11.md
@@ -17,13 +17,13 @@ Before you install Internet Explorer 11, you should:
- **Check vendor support for updated functionality.** Check whether third-party vendors have new versions or updates to necessary add-ons, apps, or code libraries.
-- **Choose the right version of Internet Explorer.** IE11 comes pre-installed on Windows 8.1 and Windows Server 2012 R2 or you can download it for Windows 7 SP1 or Windows Server 2008 R2 with Service Pack 1 (SP1) from the [Internet Explorer Downloads](http://go.microsoft.com/fwlink/p/?LinkId=214251) site.
+- **Choose the right version of Internet Explorer.** IE11 comes pre-installed on Windows 8.1 and Windows Server 2012 R2 or you can download it for Windows 7 SP1 or Windows Server 2008 R2 with Service Pack 1 (SP1) from the [Internet Explorer Downloads](https://go.microsoft.com/fwlink/p/?LinkId=214251) site.
- **Choose how you'll deploy your installation package.** Your deployment method should be based on whether you're installing to computers already running Windows, or if you're deploying IE11 as part of a Windows installation.
- - **Existing computers running Windows.** Use System Center R2 2012 System Center 2012 R2 Configuration Manager, System Center Essentials 2010, Windows Server Updates Services (WSUS), or Microsoft Intune to deploy IE11. For more information about how to use these systems, see [System Center 2012 R2 Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkID=276664), [System Center Essentials 2010](http://go.microsoft.com/fwlink/p/?LinkId=395200), [Windows Server Update Services](http://go.microsoft.com/fwlink/p/?LinkID=276790), and [Microsoft Intune Overview](http://go.microsoft.com/fwlink/p/?linkid=276667).
+ - **Existing computers running Windows.** Use System Center R2 2012 System Center 2012 R2 Configuration Manager, System Center Essentials 2010, Windows Server Updates Services (WSUS), or Microsoft Intune to deploy IE11. For more information about how to use these systems, see [System Center 2012 R2 Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkID=276664), [System Center Essentials 2010](https://go.microsoft.com/fwlink/p/?LinkId=395200), [Windows Server Update Services](https://go.microsoft.com/fwlink/p/?LinkID=276790), and [Microsoft Intune Overview](https://go.microsoft.com/fwlink/p/?linkid=276667).
- - **As part of a Windows deployment.** Update your Windows images to include IE11, and then add the update to your MDT deployment share or to your Windows image. For instructions about how to create and use Windows images, see [Create and Manage a Windows Image Using DISM](http://go.microsoft.com/fwlink/p/?LinkId=299408). For general information about deploying IE, see [Microsoft Deployment Toolkit (MDT)](http://go.microsoft.com/fwlink/p/?LinkId=331148), [Windows ADK Overview](http://go.microsoft.com/fwlink/p/?LinkId=276669).
+ - **As part of a Windows deployment.** Update your Windows images to include IE11, and then add the update to your MDT deployment share or to your Windows image. For instructions about how to create and use Windows images, see [Create and Manage a Windows Image Using DISM](https://go.microsoft.com/fwlink/p/?LinkId=299408). For general information about deploying IE, see [Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?LinkId=331148), [Windows ADK Overview](https://go.microsoft.com/fwlink/p/?LinkId=276669).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md b/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md
index ab5a60cbce..22d411f58d 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md
@@ -24,7 +24,7 @@ Before you start, you need to make sure you have the following:
- Latest cumulative security update (for all supported versions of Internet Explorer):
- 1. Go to the [Microsoft Security Bulletin](http://go.microsoft.com/fwlink/p/?LinkID=718223) page, and change the filter to **Windows Internet Explorer 11**.
+ 1. Go to the [Microsoft Security Bulletin](https://go.microsoft.com/fwlink/p/?LinkID=718223) page, and change the filter to **Windows Internet Explorer 11**.
@@ -34,7 +34,7 @@ Before you start, you need to make sure you have the following:
3. Click the link that represents both your operating system version and Internet Explorer 11, and then follow the instructions in the **How to get this update** section.
-- [Setup and configuration package](http://go.microsoft.com/fwlink/p/?LinkId=517719), including:
+- [Setup and configuration package](https://go.microsoft.com/fwlink/p/?LinkId=517719), including:
- Configuration-related PowerShell scripts
@@ -138,7 +138,7 @@ You need to set up your computers for data collection by running the provided Po
**To set up Enterprise Site Discovery**
-- Start PowerShell in elevated mode (using admin privileges) and run IETElemetrySetUp.ps1 by by-passing the PowerShell execution policy, using this command: `powershell -ExecutionPolicy Bypass .\IETElemetrySetUp.ps1`. For more info, see [about Execution Policies](http://go.microsoft.com/fwlink/p/?linkid=517460).
+- Start PowerShell in elevated mode (using admin privileges) and run IETElemetrySetUp.ps1 by by-passing the PowerShell execution policy, using this command: `powershell -ExecutionPolicy Bypass .\IETElemetrySetUp.ps1`. For more info, see [about Execution Policies](https://go.microsoft.com/fwlink/p/?linkid=517460).
### WMI only: Set up your firewall for WMI data
If you choose to use WMI as your data output, you need to make sure that your WMI data can travel through your firewall for the domain. If you’re sure, you can skip this section; otherwise, follow these steps:
@@ -465,7 +465,7 @@ You can completely remove the data stored on your employee’s computers.
- `Remove-Item -Path 'HKCU:\Software\Microsoft\Internet Explorer\WMITelemetry'`
## Related topics
-* [Enterprise Mode Site List Manager (schema v.2) download](http://go.microsoft.com/fwlink/?LinkId=746562)
+* [Enterprise Mode Site List Manager (schema v.2) download](https://go.microsoft.com/fwlink/?LinkId=746562)
* [Enterprise Mode for Internet Explorer 11 (IE11)](enterprise-mode-overview-for-ie11.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/customize-ie11-install-packages.md b/browsers/internet-explorer/ie11-deploy-guide/customize-ie11-install-packages.md
index 59d5f7b349..7a8162ee05 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/customize-ie11-install-packages.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/customize-ie11-install-packages.md
@@ -28,7 +28,7 @@ In addition, you can configure IE before, during, or after deployment, using the
- **Group Policy**. Configures and enforces IE11 settings. For more information about settings and configuration options, see [Group policy objects and Internet Explorer 11 (IE11)](group-policy-objects-and-ie11.md).
- **Unattend.xml**. Customizes some of the IE settings during your Windows installation. This option only applies if you're updating a Windows image with IE11.
**Note**
-You'll only see the new IE11 Unattend.xml settings if your Unattend.xml file's associated with a Windows image that includes the IE11 update. For more information about editing and using the Unattend.xml file, see [Unattended Windows Setup Reference](http://go.microsoft.com/fwlink/p/?LinkId=276788). For more information about using the Windows System Image Manager, see [Windows System Image Manager Technical Reference](http://go.microsoft.com/fwlink/p/?LinkId=276789).
+You'll only see the new IE11 Unattend.xml settings if your Unattend.xml file's associated with a Windows image that includes the IE11 update. For more information about editing and using the Unattend.xml file, see [Unattended Windows Setup Reference](https://go.microsoft.com/fwlink/p/?LinkId=276788). For more information about using the Windows System Image Manager, see [Windows System Image Manager Technical Reference](https://go.microsoft.com/fwlink/p/?LinkId=276789).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
index 16af47ddd2..360620938d 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
@@ -34,8 +34,8 @@ If you delete a site by mistake, you’ll need to manually add it back using the
- [Add sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.1)](add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md)
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/deploy-ie11-using-software-distribution-tools.md b/browsers/internet-explorer/ie11-deploy-guide/deploy-ie11-using-software-distribution-tools.md
index cc8ef4ae26..6654729ec6 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/deploy-ie11-using-software-distribution-tools.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/deploy-ie11-using-software-distribution-tools.md
@@ -13,13 +13,13 @@ ms.sitesec: library
# Deploy Internet Explorer 11 using software distribution tools
If you already manage software distribution and updates on your network through software distribution tools, you can also use these tools for ongoing deployments of Internet Explorer. Software distribution tools include:
-- **System Center R2 2012 System Center 2012 R2 Configuration Manager.** Deploy and install Internet Explorer 11 on your user's computers through a software distribution package. For more information about using this tool, see [System Center R2 2012 Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkID=276664).
+- **System Center R2 2012 System Center 2012 R2 Configuration Manager.** Deploy and install Internet Explorer 11 on your user's computers through a software distribution package. For more information about using this tool, see [System Center R2 2012 Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkID=276664).
-- **Windows Server Update Services (WSUS).** Download a single copy of the IE11 updates, caching them to local servers so your users' computers can receive the updates directly from the WSUS servers, instead of through Windows Update. For more information about using this tool, see [Windows Server Update Services](http://go.microsoft.com/fwlink/p/?LinkID=276790).
+- **Windows Server Update Services (WSUS).** Download a single copy of the IE11 updates, caching them to local servers so your users' computers can receive the updates directly from the WSUS servers, instead of through Windows Update. For more information about using this tool, see [Windows Server Update Services](https://go.microsoft.com/fwlink/p/?LinkID=276790).
-- **Group Policy Software Installation.** Deploy and install IE11 on your user's computers through a combination of Group Policy and Microsoft Active Directory. For more information about using this tool, see [Group Policy Software Installation overview](http://go.microsoft.com/fwlink/p/?LinkId=296365).
+- **Group Policy Software Installation.** Deploy and install IE11 on your user's computers through a combination of Group Policy and Microsoft Active Directory. For more information about using this tool, see [Group Policy Software Installation overview](https://go.microsoft.com/fwlink/p/?LinkId=296365).
-- **Microsoft Deployment Toolkit (MDT).** Add the IE11 update to your deployment share, using MDT to update your previously-deployed Windows image. For more information about using this tool, see [Microsoft Deployment Toolkit (MDT)](http://go.microsoft.com/fwlink/p/?LinkID=331148).
+- **Microsoft Deployment Toolkit (MDT).** Add the IE11 update to your deployment share, using MDT to update your previously-deployed Windows image. For more information about using this tool, see [Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?LinkID=331148).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/deploy-pinned-sites-using-mdt-2013.md b/browsers/internet-explorer/ie11-deploy-guide/deploy-pinned-sites-using-mdt-2013.md
index bfea483922..affd42d162 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/deploy-pinned-sites-using-mdt-2013.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/deploy-pinned-sites-using-mdt-2013.md
@@ -22,10 +22,10 @@ ms.sitesec: library
You can pin websites to the Windows 8.1 taskbar for quick access. You pin a website simply by dragging its tab to the taskbar. Some websites can also extend the icon’s Jump List.
-The ability to pin websites to the Windows 8.1 taskbar can help make end users in businesses more productive. As an IT professional, for example, you can pin intranet and SharePoint websites to the taskbar to make them immediately available to users. In this article, you learn how to deploy pinned websites by using Lite Touch Installation in the [Microsoft Deployment Toolkit (MDT) 2013](http://go.microsoft.com/fwlink/p/?LinkId=398474).
+The ability to pin websites to the Windows 8.1 taskbar can help make end users in businesses more productive. As an IT professional, for example, you can pin intranet and SharePoint websites to the taskbar to make them immediately available to users. In this article, you learn how to deploy pinned websites by using Lite Touch Installation in the [Microsoft Deployment Toolkit (MDT) 2013](https://go.microsoft.com/fwlink/p/?LinkId=398474).
## Deploying pinned websites in MDT 2013
-This topic requires that you have a complete MDT 2013 deployment share that contains Windows 8.1 which comes with Internet Explorer 11. If you’re deploying to Windows 7 clients and need to learn how to add IE11 to an MDT 2013 deployment share as an update, see [Installing Internet Explorer 11 using Microsoft Deployment Toolkit (MDT)](http://go.microsoft.com/fwlink/p/?LinkId=398475) in the TechNet library.
+This topic requires that you have a complete MDT 2013 deployment share that contains Windows 8.1 which comes with Internet Explorer 11. If you’re deploying to Windows 7 clients and need to learn how to add IE11 to an MDT 2013 deployment share as an update, see [Installing Internet Explorer 11 using Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?LinkId=398475) in the TechNet library.
Deploying pinned websites in MDT 2013 is a 4-step process:
@@ -101,13 +101,13 @@ With the .website files ready to copy to the **Public Links** folder on target c
## Updating intranet websites for pinning
The MDT 2013 deployment share and task sequences are now ready to pin websites to the taskbar during deployment. This pinning feature can include intranet sites important in your organization.
-You can make your intranet websites act more like applications by extending them to fully support the Windows 8.1 taskbar. This includes creating custom Jump Lists, thumbnail previews, and notifications. For info about extending your intranet websites, see [Pinned Sites Developer Documentation](http://go.microsoft.com/fwlink/p/?LinkId=398484) on MSDN. For more ideas about what to pin, see [Add-ons](http://go.microsoft.com/fwlink/p/?LinkId=398483) in the Internet Explorer Gallery.
+You can make your intranet websites act more like applications by extending them to fully support the Windows 8.1 taskbar. This includes creating custom Jump Lists, thumbnail previews, and notifications. For info about extending your intranet websites, see [Pinned Sites Developer Documentation](https://go.microsoft.com/fwlink/p/?LinkId=398484) on MSDN. For more ideas about what to pin, see [Add-ons](https://go.microsoft.com/fwlink/p/?LinkId=398483) in the Internet Explorer Gallery.
## Related topics
-- [Unattended Windows Setup Reference](http://go.microsoft.com/fwlink/p/?LinkId=276788)
-- [Windows System Image Manager Technical Reference](http://go.microsoft.com/fwlink/p/?LinkId=276789)
-- [Microsoft Deployment Toolkit (MDT)](http://go.microsoft.com/fwlink/p/?LinkId=331148)
-- [Windows ADK Overview](http://go.microsoft.com/fwlink/p/?LinkId=276669)
+- [Unattended Windows Setup Reference](https://go.microsoft.com/fwlink/p/?LinkId=276788)
+- [Windows System Image Manager Technical Reference](https://go.microsoft.com/fwlink/p/?LinkId=276789)
+- [Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?LinkId=331148)
+- [Windows ADK Overview](https://go.microsoft.com/fwlink/p/?LinkId=276669)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/deprecated-document-modes.md b/browsers/internet-explorer/ie11-deploy-guide/deprecated-document-modes.md
index 4b0660cb93..0be45f20c1 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/deprecated-document-modes.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/deprecated-document-modes.md
@@ -26,7 +26,7 @@ Windows Internet Explorer 8 introduced document modes as a way to move from the
This means that while Internet Explorer 11 will continue to support document modes, Microsoft Edge won’t. And because of that, it also means that if you want to use Microsoft Edge, you’re going to have to update your legacy webpages and apps to support modern features, browsers, and devices.
**Note**
-For specific details about the technologies and APIs that are no longer supported in Microsoft Edge, see [A break from the past, part 2: Saying goodbye to ActiveX, VBScript, attachEvent](http://go.microsoft.com/fwlink/p/?LinkId=615953).
+For specific details about the technologies and APIs that are no longer supported in Microsoft Edge, see [A break from the past, part 2: Saying goodbye to ActiveX, VBScript, attachEvent](https://go.microsoft.com/fwlink/p/?LinkId=615953).
## What is document mode?
Each release after Internet Explorer 8 has helped with the transition by introducing additional document modes that emulated previously supported versions, while also introducing support for features defined by industry standards. During this time, numerous websites and apps were updated to the latest and greatest industry standards, while many other sites and apps continued to simply rely on document modes to work properly.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md
index 602456e9d1..7ebacccb8b 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md
@@ -38,8 +38,8 @@ If your change passes validation, it’s added to the global site list. If the u
You can save the file locally or to a network share. However, you must make sure you deploy it to the location specified in your registry key. For more information about the registry key, see [Turn on Enterprise Mode and use a site list](turn-on-enterprise-mode-and-use-a-site-list.md).
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/enhanced-protected-mode-problems-with-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/enhanced-protected-mode-problems-with-ie11.md
index 0e467ceb7e..971612c41b 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enhanced-protected-mode-problems-with-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enhanced-protected-mode-problems-with-ie11.md
@@ -16,7 +16,7 @@ Enhanced Protected Mode further restricts Protected Mode to deny potential attac
You can use your company’s Group Policy to turn Enhanced Protected Mode on or off for all users. For more information, see the [Group policy objects and Internet Explorer 11 (IE11)](group-policy-objects-and-ie11.md) information in this guide.
-For more information about Enhanced Protected Mode, see the [Enhanced Protected Mode](http://go.microsoft.com/fwlink/p/?LinkId=267512) post on IEBlog, and both the [Understanding Enhanced Protected Mode](http://go.microsoft.com/fwlink/p/?LinkId=282662) and the [Enhanced Protected Mode and Local Files](http://go.microsoft.com/fwlink/p/?LinkId=282663) blog posts on IEInternals.
+For more information about Enhanced Protected Mode, see the [Enhanced Protected Mode](https://go.microsoft.com/fwlink/p/?LinkId=267512) post on IEBlog, and both the [Understanding Enhanced Protected Mode](https://go.microsoft.com/fwlink/p/?LinkId=282662) and the [Enhanced Protected Mode and Local Files](https://go.microsoft.com/fwlink/p/?LinkId=282663) blog posts on IEInternals.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md
index 0e139e5c9e..b45f274bcc 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md
@@ -34,8 +34,8 @@ This file is not intended for distribution to your managed devices. Instead, it
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md b/browsers/internet-explorer/ie11-deploy-guide/fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md
index 7fec74ed4e..94e5e4a1da 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md
@@ -18,7 +18,7 @@ The Internet Explorer 11 Enterprise Mode site list lets you specify document mo
Enterprises can have critical apps that are coded explicitly for a specific browser version and that might not be in their direct control, making it very difficult and expensive to update to modern standards or newer browser versions. Because you can decide which URLs should open using specific document modes, this update helps ensure better compatibility, faster upgrades, and reduced testing and fixing costs.
## How does this fix work?
-You can continue to use your legacy and orphaned web apps, by specifying a document mode in the centralized Enterprise Mode site list. Then, when IE11 goes to a site on your list, the browser loads the page in the specified document mode just as it would if it were specified through an X-UA-Compatible meta tag on the site. For more information about document modes and X-UA-compatible headers, see [Defining document compatibility](http://go.microsoft.com/fwlink/p/?LinkId=518412).
+You can continue to use your legacy and orphaned web apps, by specifying a document mode in the centralized Enterprise Mode site list. Then, when IE11 goes to a site on your list, the browser loads the page in the specified document mode just as it would if it were specified through an X-UA-Compatible meta tag on the site. For more information about document modes and X-UA-compatible headers, see [Defining document compatibility](https://go.microsoft.com/fwlink/p/?LinkId=518412).
**Important**
Enterprise Mode takes precedence over document modes, so sites that are already included in the Enterprise Mode site list won’t be affected by this update and will continue to load in Enterprise Mode, as usual.
@@ -40,7 +40,7 @@ To see if this fix might help you, run through this process one step at a time,
2. Starting with the **11 (Default)** option, test your broken scenario.
-If that doesn’t work, continue down to the next lowest document mode, stopping as soon as you find a document mode that fixes your problems. For more information about the Emulation tool, see [Emulate browsers, screen sizes, and GPS locations](http://go.microsoft.com/fwlink/p/?LinkId=518417).
+If that doesn’t work, continue down to the next lowest document mode, stopping as soon as you find a document mode that fixes your problems. For more information about the Emulation tool, see [Emulate browsers, screen sizes, and GPS locations](https://go.microsoft.com/fwlink/p/?LinkId=518417).
3. If none of the document modes fix your issue, change the **Browser Profile** to **Enterprise**, pick the mode you want to test with starting with **8** (IE8 Enterprise Mode), and then test your broken scenario.
@@ -94,8 +94,8 @@ By default, IE11 uses the **Display intranet sites in Compatibility View** setti
To help you move forward, you can now use the Enterprise Mode site list to specify sites or web paths to use the IE7 document mode, which goes down to IE5 “Quirks” mode if the page doesn’t have an explicit `DOCTYPE` tag. Using this document mode effectively helps you provide the Compatibility View functionality for single sites or a group of sites, which after thorough testing, can help you turn off Compatibility View as the default setting for your intranet sites.
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
- [Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/fix-validation-problems-using-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/fix-validation-problems-using-the-enterprise-mode-site-list-manager.md
index bbe1126304..cb34e15ac9 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/fix-validation-problems-using-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/fix-validation-problems-using-the-enterprise-mode-site-list-manager.md
@@ -33,8 +33,8 @@ There are typically 3 types of errors you’ll see:
Another possibility is that redirection happens multiple times, with an intermediary site experiencing compatibility issues. For example, an employee types a short URL that then redirects multiple times, finally ending up on a non-intranet site. In this situation, you might want to add the intermediary URLs to your Enterprise Mode site list, in case there’s logic in one of them that has compatibility issues.
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-advanced-group-policy-mgmt-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-advanced-group-policy-mgmt-ie11.md
index c790100b59..3ae9e11aab 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-advanced-group-policy-mgmt-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-advanced-group-policy-mgmt-ie11.md
@@ -29,7 +29,7 @@ From AGPM you can:
- **Manage your GPO lifecycle with change control features.** You can use the available version-control, history, and auditing features to help you manage your GPOs while moving through your archive, to your editing process, and finally to your GPO deployment.
**Note**
-For more information about AGPM, and to get the license, see [Microsoft Advanced Group Policy Management 4.0 SP1 Step-by-Step Guide](http://go.microsoft.com/fwlink/p/?LinkId=294916).
+For more information about AGPM, and to get the license, see [Microsoft Advanced Group Policy Management 4.0 SP1 Step-by-Step Guide](https://go.microsoft.com/fwlink/p/?LinkId=294916).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-group-policy-mgmt-console-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-group-policy-mgmt-console-ie11.md
index f084039195..2a7f645030 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-group-policy-mgmt-console-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-group-policy-mgmt-console-ie11.md
@@ -31,10 +31,10 @@ The GPMC lets you:
- Create scriptable interfaces to support all of the operations available within the GPMC. You can't use scripts to edit individual policy settings in a GPO.
-For more information about the GPMC, see [Group Policy Management Console](http://go.microsoft.com/fwlink/p/?LinkId=214515) on TechNet.
+For more information about the GPMC, see [Group Policy Management Console](https://go.microsoft.com/fwlink/p/?LinkId=214515) on TechNet.
## Searching for Group Policy settings
-To search for Group Policy settings in the Group Policy Management Console (GPMC), use the [Group Policy Search tool](http://go.microsoft.com/fwlink/p/?LinkId=279857). To find the Group Policy settings, click **Windows Components**, and then click **Internet Explorer**.
+To search for Group Policy settings in the Group Policy Management Console (GPMC), use the [Group Policy Search tool](https://go.microsoft.com/fwlink/p/?LinkId=279857). To find the Group Policy settings, click **Windows Components**, and then click **Internet Explorer**.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-local-group-policy-editor-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-local-group-policy-editor-ie11.md
index 82b8c15411..4e9b26b3fc 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-local-group-policy-editor-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-local-group-policy-editor-ie11.md
@@ -14,7 +14,7 @@ ms.sitesec: library
# Group Policy, the Local Group Policy Editor, and Internet Explorer 11
A Microsoft Management Console (MMC)-based tool that manages both computer and user-related configurations for an individual computer policy. This tool is included with Windows® 7 Service Pack 1 (SP1) and Windows 8.1.
-Here's a list of the policy settings you can use, based on the configuration type. For more info, see [Local Group Policy Editor](http://go.microsoft.com/fwlink/p/?LinkId=294912).
+Here's a list of the policy settings you can use, based on the configuration type. For more info, see [Local Group Policy Editor](https://go.microsoft.com/fwlink/p/?LinkId=294912).
|Computer configuration |User configuration |
|-----------------------|-------------------|
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-objects-and-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-objects-and-ie11.md
index fe85ee8a60..37e54ed67e 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-objects-and-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-objects-and-ie11.md
@@ -17,7 +17,7 @@ Group Policy, based on Microsoft Active Directory Domain Services (AD DS), lets
By using Group Policy, you can set up a policy setting once, and then copy that setting onto many computers. For example, you can set up multiple Internet Explorer 11 security settings in a GPO that's linked to a domain, and then apply all of those settings to every computer in the domain.
**Note**
-For more information about Group Policy, see the [Group Policy TechCenter](http://go.microsoft.com/fwlink/p/?LinkId=214514). This site provides links to the latest technical documentation, videos, and downloads for Group Policy.
+For more information about Group Policy, see the [Group Policy TechCenter](https://go.microsoft.com/fwlink/p/?LinkId=214514). This site provides links to the latest technical documentation, videos, and downloads for Group Policy.
## Managing settings with GPOs
After deploying IE11 to your organization, you can continue to manage the browser settings by using Active Directory Domain Services (AD DS) together with the following Group Policy-related setting management groups:
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-preferences-and-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-preferences-and-ie11.md
index 7a83784eb4..4d460e76ab 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-preferences-and-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-preferences-and-ie11.md
@@ -24,7 +24,7 @@ Group Policy preferences are less strict than Group Policy settings, based on:
|Targeting and filtering |
- Targeting is specific, with a user interface for each type of targeting item
- Supports targeting at the individual preference item level
|- Filtering is based on Windows Management Instrumentation (WMI), and requires writing WMI queries
- Supports filtering at the Group Policy Object (GPO) level
|
-For more information about Group Policy preferences, see the [Group Policy Settings Reference for Windows and Windows Server](http://go.microsoft.com/fwlink/p/?LinkId=279876).
+For more information about Group Policy preferences, see the [Group Policy Settings Reference for Windows and Windows Server](https://go.microsoft.com/fwlink/p/?LinkId=279876).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-problems-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-problems-ie11.md
index eae262566b..037d8a5da7 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-problems-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-problems-ie11.md
@@ -12,10 +12,10 @@ ms.sitesec: library
# Group Policy problems with Internet Explorer 11
-If you're having problems with Group Policy and Internet Explorer 11, or if you're looking for high-level information about the concepts and techniques used to troubleshoot Group Policy, as well as links to detailed reference topics, procedures, and troubleshooting scenario guides, see [Group Policy Analysis and Troubleshooting Overview](http://go.microsoft.com/fwlink/p/?LinkId=279872).
+If you're having problems with Group Policy and Internet Explorer 11, or if you're looking for high-level information about the concepts and techniques used to troubleshoot Group Policy, as well as links to detailed reference topics, procedures, and troubleshooting scenario guides, see [Group Policy Analysis and Troubleshooting Overview](https://go.microsoft.com/fwlink/p/?LinkId=279872).
## Group Policy Object-related Log Files
-You can use the Event Viewer to review Group Policy-related messages in the **Windows Logs**, **System** file. All of the Group Policy-related events are shown with a source of **GroupPolicy**. For more information about the Event Viewer, see [What information appears in event logs? (Event Viewer)](http://go.microsoft.com/fwlink/p/?LinkId=294917).
+You can use the Event Viewer to review Group Policy-related messages in the **Windows Logs**, **System** file. All of the Group Policy-related events are shown with a source of **GroupPolicy**. For more information about the Event Viewer, see [What information appears in event logs? (Event Viewer)](https://go.microsoft.com/fwlink/p/?LinkId=294917).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-shortcut-extensions-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-shortcut-extensions-ie11.md
index c22a9b343e..a5c8385649 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-shortcut-extensions-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-shortcut-extensions-ie11.md
@@ -35,7 +35,7 @@ You can create and configure shortcuts for any domain-based Group Policy Object
5. Type the required shortcut settings and your comments into the **Description** box, and click **OK**.
-For more information about shortcut extensions, including step-by-step guidance, see [Shortcuts Extension](http://go.microsoft.com/fwlink/p/?LinkId=214525) and [Configure a Shortcut Item](http://go.microsoft.com/fwlink/p/?LinkId=301837).
+For more information about shortcut extensions, including step-by-step guidance, see [Shortcuts Extension](https://go.microsoft.com/fwlink/p/?LinkId=214525) and [Configure a Shortcut Item](https://go.microsoft.com/fwlink/p/?LinkId=301837).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-windows-powershell-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-windows-powershell-ie11.md
index 3a4e3a12ec..c44db29784 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-windows-powershell-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-windows-powershell-ie11.md
@@ -24,7 +24,7 @@ Each cmdlet is a single-function command-line tool that can:
- Configure registry-based policy settings and registry settings for Group Policy preferences.
-For more info about PowerShell and Group Policy management, see [Use Windows PowerShell to Manage Group Policy](http://go.microsoft.com/fwlink/p/?LinkId=276828).
+For more info about PowerShell and Group Policy management, see [Use Windows PowerShell to Manage Group Policy](https://go.microsoft.com/fwlink/p/?LinkId=276828).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/import-into-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/import-into-the-enterprise-mode-site-list-manager.md
index d75450f2f7..a52315fec5 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/import-into-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/import-into-the-enterprise-mode-site-list-manager.md
@@ -35,8 +35,8 @@ Importing your file overwrites everything that’s currently in the tool, so mak
3. Review the alert message about all of your entries being overwritten. If you still want to import the file, click **Yes**.
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/index.md b/browsers/internet-explorer/ie11-deploy-guide/index.md
index 7b5cae11db..b1b9d3ce0b 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/index.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/index.md
@@ -37,11 +37,11 @@ Because this content isn't intended to be a step-by-step guide, not all of the s
|[Manage Internet Explorer 11](manage-ie11-overview.md) |Use the topics in this section to learn about how to auto detect your settings, auto configure your configuration settings, and auto configure your proxy configuration settings for IE. |
|[Troubleshoot Internet Explorer 11 (IE11)](troubleshoot-ie11.md) |Use the topics in this section to learn how to troubleshoot several of the more common problems experienced with IE. |
|[Out-of-date ActiveX control blocking](out-of-date-activex-control-blocking.md) |ActiveX controls are small apps that let websites provide content, like videos, games, and let you interact with content like toolbars. Unfortunately, because many ActiveX controls aren’t automatically updated, they can become outdated as new versions are released. It’s very important that you keep your ActiveX controls up-to-date because malicious software (or malware) can target security flaws in outdated controls, damaging your computer by collecting info from it, installing unwanted software, or by letting someone else control it remotely. To help avoid this situation, IE includes a new security feature, called out-of-date ActiveX control blocking. |
-|[Deprecated document modes and Internet Explorer 11](deprecated-document-modes.md) |Internet Explorer 8 introduced document modes as a way to move from the proprietary coding of web features to a more standardized type of coding that could run on multiple browsers and devices. Starting with Windows 10, we’re deprecating document modes.This means that while IE11 will continue to support document modes, Microsoft Edge won’t. And because of that, it also means that if you want to use Microsoft Edge, you’re going to have to update your legacy webpages and apps to support modern features, browsers, and devices.
Note
For specific details about the technologies and APIs that are no longer supported in Microsoft Edge, see [A break from the past, part 2: Saying goodbye to ActiveX, VBScript, attachEvent](http://go.microsoft.com/fwlink/p/?LinkId=615953). |
+|[Deprecated document modes and Internet Explorer 11](deprecated-document-modes.md) |Internet Explorer 8 introduced document modes as a way to move from the proprietary coding of web features to a more standardized type of coding that could run on multiple browsers and devices. Starting with Windows 10, we’re deprecating document modes.
This means that while IE11 will continue to support document modes, Microsoft Edge won’t. And because of that, it also means that if you want to use Microsoft Edge, you’re going to have to update your legacy webpages and apps to support modern features, browsers, and devices.
Note
For specific details about the technologies and APIs that are no longer supported in Microsoft Edge, see [A break from the past, part 2: Saying goodbye to ActiveX, VBScript, attachEvent](https://go.microsoft.com/fwlink/p/?LinkId=615953). |
|[What is the Internet Explorer 11 Blocker Toolkit?](what-is-the-internet-explorer-11-blocker-toolkit.md) |The IE11 Blocker Toolkit lets you turn off the automatic delivery of IE11 through the Automatic Updates feature of Windows Update. |
|[Missing Internet Explorer Maintenance (IEM) settings for Internet Explorer 11](missing-internet-explorer-maintenance-settings-for-ie11.md) |The Internet Explorer Maintenance (IEM) settings have been deprecated in favor of Group Policy preferences, Administrative Templates (.admx), and the Internet Explorer Administration Kit 11 (IEAK 11).
Because of this change, your IEM-configured settings will no longer work on computers running Internet Explorer 10 or newer. To fix this, you need to update the affected settings using Group Policy preferences, Administrative Templates (.admx), or the IEAK 11.
Because Group Policy Preferences and IEAK 11 run using asynchronous processes, you should choose to use only one of the tools within each group of settings. For example, using only IEAK 11 in the Security settings or Group Policy Preferences within the Internet Zone settings. Also, it's important to remember that policy is enforced and can't be changed by the user, while preferences are configured, but can be changed by the user. |
|[Missing the Compatibility View Button](missing-the-compatibility-view-button.md) |Compatibility View was introduced in Internet Explorer 8 to help existing content continue to work with Windows Internet Explorer 7, while developers updated their content to support modern interoperable web standards. Since then, the IE web platform, and the web itself, have changed so that most public web content looks for standards-based features instead of IE 7-compatible behavior.
Thanks to these changes, using IE11 in the latest standards mode is more compatible with the web than ever before. As a result, IE11 simplifies web page compatibility for users by removing the Compatibility View button and reducing the number of compatibility options in the F12 developer tools for developers. |
-|[Deploy pinned websites using Microsoft Deployment Toolkit (MDT) 2013](deploy-pinned-sites-using-mdt-2013.md) |You can pin websites to the Windows 8.1 taskbar for quick access. You pin a website simply by dragging its tab to the taskbar. Some websites can also extend the icon’s Jump List.
The ability to pin websites to the Windows 8.1 taskbar can help make end-users in businesses more productive. As an IT professional, for example, you can pin intranet and SharePoint websites to the taskbar to make them immediately available to employees. In this article, you learn how to deploy pinned websites by using Lite Touch Installation in the [Microsoft Deployment Toolkit (MDT) 2013](http://go.microsoft.com/fwlink/p/?LinkId=398474).
+|[Deploy pinned websites using Microsoft Deployment Toolkit (MDT) 2013](deploy-pinned-sites-using-mdt-2013.md) |You can pin websites to the Windows 8.1 taskbar for quick access. You pin a website simply by dragging its tab to the taskbar. Some websites can also extend the icon’s Jump List.
The ability to pin websites to the Windows 8.1 taskbar can help make end-users in businesses more productive. As an IT professional, for example, you can pin intranet and SharePoint websites to the taskbar to make them immediately available to employees. In this article, you learn how to deploy pinned websites by using Lite Touch Installation in the [Microsoft Deployment Toolkit (MDT) 2013](https://go.microsoft.com/fwlink/p/?LinkId=398474).
## IE11 naming conventions
@@ -56,5 +56,5 @@ IE11 offers differing experiences in Windows 8.1:
## Related topics
- [Internet Explorer 11 - FAQ for IT Pros](../ie11-faq/faq-for-it-pros-ie11.md)
- [Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide](../ie11-ieak/index.md)
-- [Microsoft Edge - Deployment Guide for IT Pros](http://go.microsoft.com/fwlink/p/?LinkId=760643)
+- [Microsoft Edge - Deployment Guide for IT Pros](https://go.microsoft.com/fwlink/p/?LinkId=760643)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-microsoft-intune.md b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-microsoft-intune.md
index c14130d8c1..37a5a38754 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-microsoft-intune.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-microsoft-intune.md
@@ -11,7 +11,7 @@ ms.sitesec: library
# Install Internet Explorer 11 (IE11) using Microsoft Intune
-Internet Explorer 11 is available as an update in Microsoft Intune. Microsoft Intune uses Windows cloud services to help you manage updates, monitor and protect your computers, provide remote assistance, track hardware and software inventory, and set security policies. For more information, see the [Documentation Library for Microsoft Intune](http://go.microsoft.com/fwlink/p/?LinkId=301805).
+Internet Explorer 11 is available as an update in Microsoft Intune. Microsoft Intune uses Windows cloud services to help you manage updates, monitor and protect your computers, provide remote assistance, track hardware and software inventory, and set security policies. For more information, see the [Documentation Library for Microsoft Intune](https://go.microsoft.com/fwlink/p/?LinkId=301805).
## Adding and deploying the IE11 package
You can add and then deploy the IE11 package to any computer that's managed by Microsoft Intune.
@@ -22,7 +22,7 @@ You can add and then deploy the IE11 package to any computer that's managed by M
2. Add your IE11 package as either an external link or as a Windows installer package (.exe or .msi).
-For more info about how to decide which one to use, and how to use it, see [Deploy and configure apps](http://go.microsoft.com/fwlink/p/?LinkId=301806).
+For more info about how to decide which one to use, and how to use it, see [Deploy and configure apps](https://go.microsoft.com/fwlink/p/?LinkId=301806).
 **To automatically deploy and install the IE11 package**
@@ -32,7 +32,7 @@ For more info about how to decide which one to use, and how to use it, see [Depl
3. After the package is on your employee's computers, the installation process runs, based on what you set up in your wizard.
-For more info about this, see [Deploy and configure apps](http://go.microsoft.com/fwlink/p/?LinkId=301806).
+For more info about this, see [Deploy and configure apps](https://go.microsoft.com/fwlink/p/?LinkId=301806).
 **To let your employees install the IE11 package**
@@ -40,7 +40,7 @@ For more info about this, see [Deploy and configure apps](http://go.microsoft.co
2. Any employee in the assigned group can now install the package.
-For more info about this, see [Update apps using Microsoft Intune](http://go.microsoft.com/fwlink/p/?LinkId=301808)
+For more info about this, see [Update apps using Microsoft Intune](https://go.microsoft.com/fwlink/p/?LinkId=301808)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-operating-system-deployment-systems.md b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-operating-system-deployment-systems.md
index 10ee844152..88f8a3c2f5 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-operating-system-deployment-systems.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-operating-system-deployment-systems.md
@@ -16,15 +16,15 @@ You can install Internet Explorer 11 (IE11) using Microsoft Deployment Toolkit
You'll need to extract the .cab file for each supported operating system and platform combination and the .msu file for each prerequisite update. Download the IE11 update and prerequisites here:
-- [Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=279697)
+- [Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=279697)
-- [Microsoft Update Catalog](http://go.microsoft.com/fwlink/p/?LinkId=214287)
+- [Microsoft Update Catalog](https://go.microsoft.com/fwlink/p/?LinkId=214287)
After you install the .msu file updates, you'll need to add them to your MDT deployment. You'll also need to extract the IE11 .cab update file from the IE11 installation package, using the `/x` command-line option. For example, `IE11-Windows6.1-x64-en-us.exe /x:c:\ie11cab`.
## Installing IE11 using Microsoft Deployment Toolkit (MDT)
-MDT adds IE11 to your Windows images, regardless whether you are creating or deploying a customized or non-customized image. MDT also lets you perform offline servicing during the System Center 2012 R2 Configuration Manager task sequence, letting you add IE11 before starting Windows. For info, see [Microsoft Deployment Toolkit (MDT)](http://go.microsoft.com/fwlink/p/?linkid=331148).
+MDT adds IE11 to your Windows images, regardless whether you are creating or deploying a customized or non-customized image. MDT also lets you perform offline servicing during the System Center 2012 R2 Configuration Manager task sequence, letting you add IE11 before starting Windows. For info, see [Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?linkid=331148).
 **To add IE11 to a MDT deployment share**
@@ -43,9 +43,9 @@ You can add the IE11 update while you're performing offline servicing, or slipst
These articles have step-by-step details about adding packages to your Windows images:
-- For Windows 8.1, see [Add or Remove Packages Offline Using DISM](http://go.microsoft.com/fwlink/p/?LinkId=276791).
+- For Windows 8.1, see [Add or Remove Packages Offline Using DISM](https://go.microsoft.com/fwlink/p/?LinkId=276791).
-- For Windows 7 SP1, see [Add or Remove Packages Offline](http://go.microsoft.com/fwlink/p/?LinkId=214490).
+- For Windows 7 SP1, see [Add or Remove Packages Offline](https://go.microsoft.com/fwlink/p/?LinkId=214490).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-system-center-configuration-manager.md b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-system-center-configuration-manager.md
index e2d8357a13..3e5c532158 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-system-center-configuration-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-system-center-configuration-manager.md
@@ -12,7 +12,7 @@ ms.sitesec: library
# Install Internet Explorer 11 (IE11) using System Center 2012 R2 Configuration Manager
-You can install Internet Explorer 11 (IE11) by using [System Center R2 2012 Configuration Manager](http://go.microsoft.com/fwlink/p/?linkid=276664). Complete these steps for each operating system and platform combination.
+You can install Internet Explorer 11 (IE11) by using [System Center R2 2012 Configuration Manager](https://go.microsoft.com/fwlink/p/?linkid=276664). Complete these steps for each operating system and platform combination.
 **To install IE11**
@@ -24,7 +24,7 @@ You can install Internet Explorer 11 (IE11) by using [System Center R2 2012 Con
4. Move the installation package to your distribution points, and then advertise the package.
-You can also use System Center Essentials 2010 to deploy IE11 installation packages. For info, see [System Center Essentials 2010](http://go.microsoft.com/fwlink/p/?linkid=395200) and the [System Center Essentials 2010 Operations Guide](http://go.microsoft.com/fwlink/p/?LinkId=214266).
+You can also use System Center Essentials 2010 to deploy IE11 installation packages. For info, see [System Center Essentials 2010](https://go.microsoft.com/fwlink/p/?linkid=395200) and the [System Center Essentials 2010 Operations Guide](https://go.microsoft.com/fwlink/p/?LinkId=214266).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-windows-server-update-services-wsus.md b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-windows-server-update-services-wsus.md
index 834f2e439a..d3d5a75fb7 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-windows-server-update-services-wsus.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-windows-server-update-services-wsus.md
@@ -11,7 +11,7 @@ ms.sitesec: library
# Install Internet Explorer 11 (IE11) using Windows Server Update Services (WSUS)
-Windows Server Update Services (WSUS) lets you download a single copy of the Microsoft product update and cache it on your local WSUS servers. You can then configure your computers to get the update from your local servers instead of Windows Update. For more information about WSUS, see [Windows Server Update Services](http://go.microsoft.com/fwlink/p/?LinkID=276790).
+Windows Server Update Services (WSUS) lets you download a single copy of the Microsoft product update and cache it on your local WSUS servers. You can then configure your computers to get the update from your local servers instead of Windows Update. For more information about WSUS, see [Windows Server Update Services](https://go.microsoft.com/fwlink/p/?LinkID=276790).
 **To import from Windows Update to WSUS**
diff --git a/browsers/internet-explorer/ie11-deploy-guide/install-problems-with-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/install-problems-with-ie11.md
index 436279ba14..b077e4a853 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/install-problems-with-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/install-problems-with-ie11.md
@@ -21,7 +21,7 @@ If you do, you can:
- Temporarily turn off your antispyware and antivirus software.
-- Try another IE11 installer. For example from [Windows Update](http://go.microsoft.com/fwlink/p/?LinkId=302315) or from the [Download Internet Explorer 11](http://go.microsoft.com/fwlink/p/?linkid=327753) website.
+- Try another IE11 installer. For example from [Windows Update](https://go.microsoft.com/fwlink/p/?LinkId=302315) or from the [Download Internet Explorer 11](https://go.microsoft.com/fwlink/p/?linkid=327753) website.
- Review the `IE11_main.log` file in the `\Windows` folder. This log file has information about each installation and is appended for each subsequent installation.
@@ -38,16 +38,16 @@ If Internet Explorer doesn't finish installing, it might mean that Windows Updat
2. After the uninstall finishes, restart your computer.
-2. Run [Windows Update](http://go.microsoft.com/fwlink/p/?LinkId=302315), clicking **Check for updates**.
+2. Run [Windows Update](https://go.microsoft.com/fwlink/p/?LinkId=302315), clicking **Check for updates**.
3. Check the list for IE11. If it's included in the list of updates for download, exclude it before you update your computer.
-If you get an error during the Windows Update process, see [Fix the problem with Microsoft Windows Update that is not working](http://go.microsoft.com/fwlink/p/?LinkId=302316).
+If you get an error during the Windows Update process, see [Fix the problem with Microsoft Windows Update that is not working](https://go.microsoft.com/fwlink/p/?LinkId=302316).
4. Restart your computer, making sure all of your the updates are finished.
-5. Try to reinstall IE11 from either Windows Update (if you saw it in Step 3) or from the [Download Internet Explorer 11](http://go.microsoft.com/fwlink/p/?linkid=327753) website.
+5. Try to reinstall IE11 from either Windows Update (if you saw it in Step 3) or from the [Download Internet Explorer 11](https://go.microsoft.com/fwlink/p/?linkid=327753) website.
-If these steps didn't fix your problem, see [Troubleshooting a failed installation of Internet Explorer 11](http://go.microsoft.com/fwlink/p/?LinkId=304130).
+If these steps didn't fix your problem, see [Troubleshooting a failed installation of Internet Explorer 11](https://go.microsoft.com/fwlink/p/?LinkId=304130).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/missing-internet-explorer-maintenance-settings-for-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/missing-internet-explorer-maintenance-settings-for-ie11.md
index 9b2e1ed634..3964c4c779 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/missing-internet-explorer-maintenance-settings-for-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/missing-internet-explorer-maintenance-settings-for-ie11.md
@@ -34,11 +34,11 @@ For more information about all of the new options and Group Policy, see:
- [Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](../ie11-ieak/index.md)
-- [Group Policy Settings Reference for Windows and Windows Server](http://go.microsoft.com/fwlink/p/?LinkId=279876)
+- [Group Policy Settings Reference for Windows and Windows Server](https://go.microsoft.com/fwlink/p/?LinkId=279876)
-- [Group Policy ADMX Syntax Reference Guide](http://go.microsoft.com/fwlink/p/?LinkId=276830)
+- [Group Policy ADMX Syntax Reference Guide](https://go.microsoft.com/fwlink/p/?LinkId=276830)
-- [Enable and Disable Settings in a Preference Item](http://go.microsoft.com/fwlink/p/?LinkId=282671)
+- [Enable and Disable Settings in a Preference Item](https://go.microsoft.com/fwlink/p/?LinkId=282671)
## IEM replacements
The IEM settings have replacements you can use in either Group Policy Preferences or IEAK 11.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/net-framework-problems-with-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/net-framework-problems-with-ie11.md
index e958cd4c17..b17d3b59ae 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/net-framework-problems-with-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/net-framework-problems-with-ie11.md
@@ -19,7 +19,7 @@ If you’re having problems launching your legacy apps while running Internet Ex
2. **For x64 systems or for 64-bit processes on x64 systems:** Go to the `HKLM\SOFTWARE\Wow6432Node\.NETFramework` registry key and change the **EnableIEHosting** value to **1**.
-For more information, see the [Web Applications](http://go.microsoft.com/fwlink/p/?LinkId=308903) section of the Application Compatibility in the .NET Framework 4.5 page.
+For more information, see the [Web Applications](https://go.microsoft.com/fwlink/p/?LinkId=308903) section of the Application Compatibility in the .NET Framework 4.5 page.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md
index 4f515957e4..d63465dbe0 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md
@@ -95,5 +95,5 @@ After you've finished updating and deploying your Group Policy, you can use the
1. Open and run the Resultant Set of Policy (RSoP) wizard, specifying the information you want to see.
2. Open your wizard results in the Group Policy Management Console (GPMC).
-For complete instructions about how to add, open, and use RSoP, see [Use the RSoP Snap-in](http://go.microsoft.com/fwlink/p/?LinkId=395201)
+For complete instructions about how to add, open, and use RSoP, see [Use the RSoP Snap-in](https://go.microsoft.com/fwlink/p/?LinkId=395201)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/out-of-date-activex-control-blocking.md b/browsers/internet-explorer/ie11-deploy-guide/out-of-date-activex-control-blocking.md
index d401d44c35..8baab504ad 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/out-of-date-activex-control-blocking.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/out-of-date-activex-control-blocking.md
@@ -32,7 +32,7 @@ Out-of-date ActiveX control blocking lets you:
- Update the outdated control, so that it’s up-to-date and safer to use.
-The out-of-date ActiveX control blocking feature works with all [Security Zones](http://go.microsoft.com/fwlink/p/?LinkId=403863), except the Local Intranet Zone and the Trusted Sites Zone.
+The out-of-date ActiveX control blocking feature works with all [Security Zones](https://go.microsoft.com/fwlink/p/?LinkId=403863), except the Local Intranet Zone and the Trusted Sites Zone.
It also works with these operating system and IE combinations:
@@ -46,7 +46,7 @@ It also works with these operating system and IE combinations:
|Windows Server 2008 SP2 |Windows Internet Explorer 9 only |
|Windows Vista SP2 |Windows Internet Explorer 9 only |
-For more info about this new feature, see the [Internet Explorer begins blocking out-of-date ActiveX controls](http://go.microsoft.com/fwlink/p/?LinkId=507691) blog. To see the complete list of out-of-date Active controls blocked by this feature, see [Blocked out-of-date ActiveX controls](http://go.microsoft.com/fwlink/p/?LinkId=517023).
+For more info about this new feature, see the [Internet Explorer begins blocking out-of-date ActiveX controls](https://go.microsoft.com/fwlink/p/?LinkId=507691) blog. To see the complete list of out-of-date Active controls blocked by this feature, see [Blocked out-of-date ActiveX controls](https://go.microsoft.com/fwlink/p/?LinkId=517023).
## What does the out-of-date ActiveX control blocking notification look like?
When IE blocks an outdated ActiveX control, you’ll see a notification bar similar to this, depending on your version of IE:
@@ -89,7 +89,7 @@ IE opens the app’s website.
IE uses Microsoft’s versionlist.xml or versionlistWin7.xml file to determine whether an ActiveX control should be stopped from loading. These files are updated with newly-discovered out-of-date ActiveX controls, which IE automatically downloads to your local copy of the file.
You can see your copy of the file here `%LOCALAPPDATA%\Microsoft\Internet Explorer\VersionManager\versionlist.xml` or you can view Microsoft’s version, based on your operating system and version of IE, here:
-- [Internet Explorer 11 on Windows 7 SP1 or Windows Server 2008 R2](http://go.microsoft.com/fwlink/p/?LinkId=798230)
+- [Internet Explorer 11 on Windows 7 SP1 or Windows Server 2008 R2](https://go.microsoft.com/fwlink/p/?LinkId=798230)
- [All other configurations](https://go.microsoft.com/fwlink/p/?LinkId=403864)
**Security Note:**
Although we strongly recommend against it, if you don’t want your computer to automatically download the updated version list from Microsoft, run the following command from a command prompt:
@@ -100,7 +100,7 @@ reg add "HKCU\Software\Microsoft\Internet Explorer\VersionManager" /v DownloadVe
Turning off this automatic download breaks the out-of-date ActiveX control blocking feature by not letting the version list update with newly outdated controls, potentially compromising the security of your computer. Use this configuration option at your own risk.
## Out-of-date ActiveX control blocking on managed devices
-Out-of-date ActiveX control blocking includes 4 new Group Policy settings that you can use to manage your web browser configuration, based on your domain controller. You can download the administrative templates, including the new settings, from the [Administrative templates (.admx) for Windows 10](http://go.microsoft.com/fwlink/p/?LinkId=746579) page or the [Administrative Templates (.admx) for Windows 8.1 and Windows Server 2012 R2](http://go.microsoft.com/fwlink/p/?LinkId=746580) page, depending on your operating system.
+Out-of-date ActiveX control blocking includes 4 new Group Policy settings that you can use to manage your web browser configuration, based on your domain controller. You can download the administrative templates, including the new settings, from the [Administrative templates (.admx) for Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=746579) page or the [Administrative Templates (.admx) for Windows 8.1 and Windows Server 2012 R2](https://go.microsoft.com/fwlink/p/?LinkId=746580) page, depending on your operating system.
### Group Policy settings
Here’s a list of the new Group Policy info, including the settings, location, requirements, and Help text strings. All of these settings can be set in either the Computer Configuration or User Configuration scope, but Computer Configuration takes precedence over User Configuration.
@@ -156,7 +156,7 @@ Here’s a detailed example and description of what’s included in the VersionA
- **Allowed/Blocked** Whether IE blocked the ActiveX control.
-- **Enhanced Protected Mode (EPM)-compatible.** Whether the loaded ActiveX control is compatible with [Enhanced Protected Mode](http://go.microsoft.com/fwlink/p/?LinkId=403865).
**Note**
Enhanced Protected Mode isn’t supported on Internet Explorer 9 or earlier versions of IE. Therefore, if you’re using Internet Explorer 8 or Internet Explorer 9, all ActiveX controls will always be marked as not EPM-compatible.
+- **Enhanced Protected Mode (EPM)-compatible.** Whether the loaded ActiveX control is compatible with [Enhanced Protected Mode](https://go.microsoft.com/fwlink/p/?LinkId=403865).
**Note**
Enhanced Protected Mode isn’t supported on Internet Explorer 9 or earlier versions of IE. Therefore, if you’re using Internet Explorer 8 or Internet Explorer 9, all ActiveX controls will always be marked as not EPM-compatible.
- **Reason.** The ActiveX control can be blocked or allowed for any of these reasons:
@@ -176,7 +176,7 @@ Here’s a detailed example and description of what’s included in the VersionA
For Windows 10 you also have the option to log your inventory info to a local WMI class. Info logged to this class includes all of info you get from the .csv file, plus the CLSID of the loaded ActiveX control or the name of any apps started from an ActiveX control.
#### Before you begin
-Before you can use WMI to inventory your ActiveX controls, you need to [download the configuration package (.zip file)](http://go.microsoft.com/fwlink/p/?LinkId=616971), which includes:
+Before you can use WMI to inventory your ActiveX controls, you need to [download the configuration package (.zip file)](https://go.microsoft.com/fwlink/p/?LinkId=616971), which includes:
- **ConfigureWMILogging.ps1**. A Windows PowerShell script.
@@ -192,7 +192,7 @@ Before running the PowerShell script, you must copy both the .ps1 and .mof file
```
powershell –ExecutionPolicy Bypass .\ConfigureWMILogging.ps1
```
-For more info, see [about_Execution_Policies](http://go.microsoft.com/fwlink/p/?linkid=517460).
+For more info, see [about_Execution_Policies](https://go.microsoft.com/fwlink/p/?linkid=517460).
3. **Optional:** Set up your domain firewall for WMI data. For more info, see [Collect data using Enterprise Site Discovery](collect-data-using-enterprise-site-discovery.md).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/problems-after-installing-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/problems-after-installing-ie11.md
index 65ac8b88b0..544daf207b 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/problems-after-installing-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/problems-after-installing-ie11.md
@@ -34,7 +34,7 @@ RIES does not:
- Affect the applied Administrative Template Group Policy settings.
-RIES turns off all custom toolbars, browser extensions, and customizations installed with IE11. If you change your mind, you can turn each of the customizations back on through the **Manage Add-ons** dialog box. For more information about resetting IE settings, see [How to Reset Internet Explorer Settings](http://go.microsoft.com/fwlink/p/?LinkId=214528).
+RIES turns off all custom toolbars, browser extensions, and customizations installed with IE11. If you change your mind, you can turn each of the customizations back on through the **Manage Add-ons** dialog box. For more information about resetting IE settings, see [How to Reset Internet Explorer Settings](https://go.microsoft.com/fwlink/p/?LinkId=214528).
## IE is crashing or seems slow
If you notice that CPU usage is running higher than normal, or that IE is frequently crashing or slowing down, you should check your browser add-ons and video card. By default, IE11 uses graphics processing unit (GPU) rendering mode. However, some outdated video cards and video drivers don't support GPU hardware acceleration. If IE11 determines that your current video card or video driver doesn't support GPU hardware acceleration, it'll use Software Rendering mode.
@@ -56,10 +56,10 @@ After you turn each item back on, see if IE crashes or slows down. Doing it this
1. Open Internet Explorer for the desktop, click the **Tools** menu, and then click **Internet Options**.
2. On the **Advanced** tab, go to the **Accelerated graphics** section, and then turn on Software Rendering mode by choosing the **Use software rendering instead of GPU rendering** box.
-If the **Use software rendering instead of GPU rendering** option is greyed out, it means that your current video card or video driver doesn't support GPU hardware acceleration. For more information, see [Windows 10 Support](http://go.microsoft.com/fwlink/?LinkId=746588).
+If the **Use software rendering instead of GPU rendering** option is greyed out, it means that your current video card or video driver doesn't support GPU hardware acceleration. For more information, see [Windows 10 Support](https://go.microsoft.com/fwlink/?LinkId=746588).
## Adaptive streaming and DRM playback don’t work with Windows Server 2012 R2
-IE11 in Windows Server 2012 R2 doesn’t include media features like adaptive streaming or Digital Rights Management (DRM) playback. To add these features, you’ll need to download and install the Media Feature Pack from the [Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=320789), as well as an app that uses PlayReady DRM from the Windows Store, such as the Xbox Music app or Xbox Video app. The app must be installed to specifically turn on DRM features, while all other media features are installed with the Media Feature Pack.
+IE11 in Windows Server 2012 R2 doesn’t include media features like adaptive streaming or Digital Rights Management (DRM) playback. To add these features, you’ll need to download and install the Media Feature Pack from the [Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=320789), as well as an app that uses PlayReady DRM from the Windows Store, such as the Xbox Music app or Xbox Video app. The app must be installed to specifically turn on DRM features, while all other media features are installed with the Media Feature Pack.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
index e8d5863f27..017f71560c 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
@@ -33,8 +33,8 @@ This is a permanent removal and erases everything. However, if you determine it
2. Click **Yes** in the warning message.
Your sites are all cleared from your list.
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md
index 5ac02b4039..98e002f0ea 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md
@@ -31,8 +31,8 @@ You can save your current Enterprise Mode compatibility site list as an XML file
The first time a user starts Internet Explorer 11 on a managed device; Internet Explorer will look for a new version of the site list at the specified location. If the browser finds an updated site list, IE downloads the new XML site list and uses it.
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
index ebb873545e..b45e7b3744 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
@@ -29,8 +29,8 @@ You can search to see if a specific site already appears in your global Enterpri
The search query searches all of the text. For example, entering *“micro”* will return results like, www.microsoft.com, microsoft.com, and microsoft.com/images. Wildcard characters aren’t supported.
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/set-the-default-browser-using-group-policy.md b/browsers/internet-explorer/ie11-deploy-guide/set-the-default-browser-using-group-policy.md
index 4857a6af0a..7f11bf5d7f 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/set-the-default-browser-using-group-policy.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/set-the-default-browser-using-group-policy.md
@@ -17,7 +17,7 @@ You can use the Group Policy setting, **Set a default associations configuration
 **To set the default browser as Internet Explorer 11**
1. Open your Group Policy editor and go to the **Administrative Templates\\Windows Components\\File Explorer\\Set a default associations configuration file** setting.
-Turning this setting on also requires you to create and store a default associations configuration file, locally or on a network share. For more information about creating this file, see [Export or Import Default Application Associations]( http://go.microsoft.com/fwlink/p/?LinkId=618268).
+Turning this setting on also requires you to create and store a default associations configuration file, locally or on a network share. For more information about creating this file, see [Export or Import Default Application Associations]( https://go.microsoft.com/fwlink/p/?LinkId=618268).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-logging-and-data-collection.md b/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-logging-and-data-collection.md
index 7d015c9dbe..7a8ec67cc5 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-logging-and-data-collection.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-logging-and-data-collection.md
@@ -36,7 +36,7 @@ When you turn logging on, you need a valid URL that points to a server that can
 **To set up an endpoint server**
-1. Configure an IIS server to work with your Enterprise Mode data collection process. If you’re unsure how to set up IIS, see the [IIS installation webpage](http://go.microsoft.com/fwlink/p/?LinkId=507609).
+1. Configure an IIS server to work with your Enterprise Mode data collection process. If you’re unsure how to set up IIS, see the [IIS installation webpage](https://go.microsoft.com/fwlink/p/?LinkId=507609).
2. Open Internet Information Services (IIS) and turn on the ASP components from the **Add Roles and Features Wizard**, **Server Roles** page.
This lets you create an ASP form that accepts the incoming POST messages.
@@ -72,7 +72,7 @@ This is what your log files will look like after you set everything up and at le
## Using the GitHub sample to collect your data
-Microsoft has created the [EMIE-Data-Collection_Sample](http://go.microsoft.com/fwlink/p/?LinkId=507401) that shows how to collect your Enterprise Mode reports. This sample only shows how to collect data, it doesn’t show how to aggregate the data into your Enterprise Mode site list.
+Microsoft has created the [EMIE-Data-Collection_Sample](https://go.microsoft.com/fwlink/p/?LinkId=507401) that shows how to collect your Enterprise Mode reports. This sample only shows how to collect data, it doesn’t show how to aggregate the data into your Enterprise Mode site list.
This sample starts with you turning on Enterprise Mode and logging (either through Group Policy, or by manually setting the EnterpriseMode registry key) so that your users can use Enterprise Mode locally. For the steps to do this, go to [Turn on local control and logging for Enterprise Mode](turn-on-local-control-and-logging-for-enterprise-mode.md).
**Note**
If you decide to manually change the registry key, you can change the **Enable** setting to `[deployment url]/api/records/`, which automatically sends your reports to this page.
@@ -84,7 +84,7 @@ For logging, you’re going to need a valid URL that points to a server that can
1. Set up a server to collect your Enterprise Mode information from your users.
-2. Go to the Internet Explorer/[EMIE-Data_Collection_Sample](http://go.microsoft.com/fwlink/p/?LinkId=507401) page on GitHub and tap or click the **Download ZIP** button to download the complete project.
+2. Go to the Internet Explorer/[EMIE-Data_Collection_Sample](https://go.microsoft.com/fwlink/p/?LinkId=507401) page on GitHub and tap or click the **Download ZIP** button to download the complete project.
3. Open Microsoft Visual Studio 2013 with Update 2, and then open the PhoneHomeSample.sln file.
@@ -143,8 +143,8 @@ If you have errors while you’re publishing your project, you should try to upd
You may need to do some additional package cleanup to remove older package versions.
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
- [What is Enterprise Mode?](what-is-enterprise-mode.md)
- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
- [Turn on Enterprise Mode and use a site list](turn-on-enterprise-mode-and-use-a-site-list.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/system-requirements-and-language-support-for-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/system-requirements-and-language-support-for-ie11.md
index 5725a55e97..752fb6e58a 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/system-requirements-and-language-support-for-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/system-requirements-and-language-support-for-ie11.md
@@ -45,7 +45,7 @@ Some of the components in this table might also need additional system resources
You might experience start up issues where IE11 fails to launch an application that uses managed browser hosting controls with your legacy apps. This is because, starting with Internet Explorer 10, the browser started blocking legacy apps from using the .NET Framework 1.1 and 2.0. To fix this problem, see [.NET Framework problems with Internet Explorer 11](net-framework-problems-with-ie11.md).
## Support for multiple languages
-IE11 is available in 108 languages for Windows 8.1 and Windows 10 and in 97 languages for Windows 7 with SP1. For the list of languages and download links, see [Available language packs based on operating system](http://go.microsoft.com/fwlink/p/?LinkId=281818).
+IE11 is available in 108 languages for Windows 8.1 and Windows 10 and in 97 languages for Windows 7 with SP1. For the list of languages and download links, see [Available language packs based on operating system](https://go.microsoft.com/fwlink/p/?LinkId=281818).
Computers running localized versions of Windows should run the same version of IE11. For example, if your employees use the Spanish edition of Windows, you should deploy the Spanish version of IE11. On the other hand, if your employees use multiple localized versions of Windows, like Spanish, French, and Catalan, you should install IE11 in one of the languages, and then install language packs for the others.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/turn-on-enterprise-mode-and-use-a-site-list.md b/browsers/internet-explorer/ie11-deploy-guide/turn-on-enterprise-mode-and-use-a-site-list.md
index b468dcd7ac..abdbbc4db2 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/turn-on-enterprise-mode-and-use-a-site-list.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/turn-on-enterprise-mode-and-use-a-site-list.md
@@ -54,8 +54,8 @@ Turning this setting on also requires you to create and store a site list. For m
All of your managed devices must have access to this location if you want them to be able to access and use Enterprise Mode and your site list. For information about how to create and use an Enterprise Mode site list, see [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md).
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
- [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md)
- [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/updated-features-and-tools-with-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/updated-features-and-tools-with-ie11.md
index e1ef9cf2e4..af1ea520b4 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/updated-features-and-tools-with-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/updated-features-and-tools-with-ie11.md
@@ -36,7 +36,7 @@ Internet Explorer 11 includes several new features and tools. This topic includ
- **IE Administration Kit (IEAK).** Lets you create custom, branded versions of IE11. For more info and to download the tool, see [Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](../ie11-ieak/index.md).
-- **Unattend Settings.** Lets you update the Unattend.xml file, to customize the home page, favorites, search providers, feeds, Accelerators, Web Slices, and settings for top result searches. For more info, see the [Unattend Settings: Microsoft-Windows-IE-InternetExplorer](http://go.microsoft.com/fwlink/p/?LinkId=263709).
+- **Unattend Settings.** Lets you update the Unattend.xml file, to customize the home page, favorites, search providers, feeds, Accelerators, Web Slices, and settings for top result searches. For more info, see the [Unattend Settings: Microsoft-Windows-IE-InternetExplorer](https://go.microsoft.com/fwlink/p/?LinkId=263709).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/use-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/use-the-enterprise-mode-site-list-manager.md
index 3a69ea0490..06a50bf079 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/use-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/use-the-enterprise-mode-site-list-manager.md
@@ -26,7 +26,7 @@ Enterprise Mode is a compatibility mode that runs on Internet Explorer 11, lett
You can use IE11 and the Enterprise Mode Site List Manager to add individual website domains and domain paths and to specify whether the site renders using Enterprise Mode or the default mode.
## Enterprise Mode Site List Manager versions
-There are currently two versions of the Enterprise Site List Manager, both based on your schema and operating system. Download the [Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853) or the [Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378) tool, based on your operating system.
+There are currently two versions of the Enterprise Site List Manager, both based on your schema and operating system. Download the [Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853) or the [Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378) tool, based on your operating system.
|Operating system |Schema version |Enterprise Site List Manager version |
|-----------------|---------------|------------------------------------|
@@ -54,8 +54,8 @@ The following topics give you more information about the things that you can do
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
- [Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md)
- [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/using-enterprise-mode.md b/browsers/internet-explorer/ie11-deploy-guide/using-enterprise-mode.md
index ebce77b430..2a51d2abad 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/using-enterprise-mode.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/using-enterprise-mode.md
@@ -45,8 +45,8 @@ For instructions about how to add IE7 Enterprise Mode or IE8 Enterprise Mode to
For instructions and more info about how to fix your compatibility issues using Enterprise Mode, see [Fix web compatibility issues using document modes and the Enterprise Mode site list](fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md).
## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/using-inf-files-to-create-install-packages.md b/browsers/internet-explorer/ie11-deploy-guide/using-inf-files-to-create-install-packages.md
index 31a9c2207f..aeeb37ff4b 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/using-inf-files-to-create-install-packages.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/using-inf-files-to-create-install-packages.md
@@ -11,7 +11,7 @@ ms.sitesec: library
# Using Setup Information (.inf) files to create install packages
-IEAK 11 uses Setup information (.inf) files to provide uninstallation instructions. Uninstallation instructions let your employees remove components, like files, registry entries, or shortcuts, through the **Uninstall or change a program** box. For details about .inf files, see [INF File Sections and Directives](http://go.microsoft.com/fwlink/p/?LinkId=327959).
+IEAK 11 uses Setup information (.inf) files to provide uninstallation instructions. Uninstallation instructions let your employees remove components, like files, registry entries, or shortcuts, through the **Uninstall or change a program** box. For details about .inf files, see [INF File Sections and Directives](https://go.microsoft.com/fwlink/p/?LinkId=327959).
 **To add uninstallation instructions to the .inf files**
@@ -29,9 +29,9 @@ Make sure your script removes the uninstallation registry key, too. Otherwise, t
- You can't delete directories.
-- You can't use **RenFiles** to move a file to a different location, it only lets you rename a file in its existing location. For detailed information, see [INF RenFiles Directive](http://go.microsoft.com/fwlink/p/?LinkId=298508).
+- You can't use **RenFiles** to move a file to a different location, it only lets you rename a file in its existing location. For detailed information, see [INF RenFiles Directive](https://go.microsoft.com/fwlink/p/?LinkId=298508).
-- You can't use **CopyFiles** to copy a file to another place on your hard drive, it can only copy files from the source disk to the destination directory. For information, see [INF CopyFiles Directive](http://go.microsoft.com/fwlink/p/?LinkId=298510).
+- You can't use **CopyFiles** to copy a file to another place on your hard drive, it can only copy files from the source disk to the destination directory. For information, see [INF CopyFiles Directive](https://go.microsoft.com/fwlink/p/?LinkId=298510).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/virtualization-and-compatibility-with-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/virtualization-and-compatibility-with-ie11.md
index 3ead82e3b6..bcf1dc7226 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/virtualization-and-compatibility-with-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/virtualization-and-compatibility-with-ie11.md
@@ -15,14 +15,14 @@ ms.sitesec: library
If your company is considering upgrading to the latest version of Internet Explorer, but is hesitant because of a large number of web apps that need to be tested and moved, we recommend that you consider virtualization. Virtualization lets you set up a virtual environment where you can run earlier versions of IE.
**Important**
-We strongly suggest that while you're using virtualization, you also update your web apps so they run natively in the newer version of IE. For more information about how to update your code, see the [Internet Explorer 11 Compatibility Cookbook (Windows)](http://go.microsoft.com/fwlink/p/?LinkId=279707) to learn about the developer features that have been changed or deprecated since Internet Explorer 10.
+We strongly suggest that while you're using virtualization, you also update your web apps so they run natively in the newer version of IE. For more information about how to update your code, see the [Internet Explorer 11 Compatibility Cookbook (Windows)](https://go.microsoft.com/fwlink/p/?LinkId=279707) to learn about the developer features that have been changed or deprecated since Internet Explorer 10.
The Microsoft-supported options for virtualizing web apps are:
-- **Microsoft Enterprise Desktop Virtualization (MED-V).** Uses Microsoft Virtual PC to provide an enterprise solution for desktop virtualization. With MED-V, you can easily create, deliver, and manage corporate Virtual PC images on any Windows®-based desktop. For more information, see [MED-V](http://go.microsoft.com/fwlink/p/?LinkId=271653).
+- **Microsoft Enterprise Desktop Virtualization (MED-V).** Uses Microsoft Virtual PC to provide an enterprise solution for desktop virtualization. With MED-V, you can easily create, deliver, and manage corporate Virtual PC images on any Windows®-based desktop. For more information, see [MED-V](https://go.microsoft.com/fwlink/p/?LinkId=271653).
-- **Client Hyper-V.** Uses the same virtualization technology previously available in Windows Server, but now installed for Windows 8.1. For more information, see [Client Hyper-V](http://go.microsoft.com/fwlink/p/?LinkId=271654).
-For more information about virtualization options, see [Microsoft Desktop Virtualization](http://go.microsoft.com/fwlink/p/?LinkId=271662).
+- **Client Hyper-V.** Uses the same virtualization technology previously available in Windows Server, but now installed for Windows 8.1. For more information, see [Client Hyper-V](https://go.microsoft.com/fwlink/p/?LinkId=271654).
+For more information about virtualization options, see [Microsoft Desktop Virtualization](https://go.microsoft.com/fwlink/p/?LinkId=271662).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/what-is-enterprise-mode.md b/browsers/internet-explorer/ie11-deploy-guide/what-is-enterprise-mode.md
index deb9fe9032..44cf261391 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/what-is-enterprise-mode.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/what-is-enterprise-mode.md
@@ -32,7 +32,7 @@ Enterprise Mode includes the following features:
- **Improved web app and website compatibility.** Through improved emulation, Enterprise Mode lets many legacy web apps run unmodified on IE11, supporting a number of site patterns that aren’t currently supported by existing document modes.
- **Tool-based management for website lists.** Use the Enterprise Mode Site List Manager to add website domains and domain paths and to specify whether a site renders using Enterprise Mode.
-Download the [Enterprise Mode Site List Manager (schema v.2)](http://go.microsoft.com/fwlink/p/?LinkId=716853) or the [Enterprise Mode Site List Manager (schema v.1)](http://go.microsoft.com/fwlink/p/?LinkID=394378), based on your operating system and schema.
+Download the [Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853) or the [Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378), based on your operating system and schema.
- **Centralized control.** You can specify the websites or web apps to interpret using Enterprise Mode, through an XML file on a website or stored locally. Domains and paths within those domains can be treated differently, allowing granular control. Use Group Policy to let users turn Enterprise Mode on or off from the **Tools** menu and to decide whether the Enterprise browser profile appears on the **Emulation** tab of the F12 developer tools.
**Important**
All centrally-made decisions override any locally-made choices.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/what-is-the-internet-explorer-11-blocker-toolkit.md b/browsers/internet-explorer/ie11-deploy-guide/what-is-the-internet-explorer-11-blocker-toolkit.md
index 28b690e5d6..5fb6495a74 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/what-is-the-internet-explorer-11-blocker-toolkit.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/what-is-the-internet-explorer-11-blocker-toolkit.md
@@ -24,11 +24,11 @@ ms.sitesec: library
The Internet Explorer 11 Blocker Toolkit lets you turn off the automatic delivery of IE11 through the **Automatic Updates** feature of Windows Update.
**Important**
-The IE11 Blocker Toolkit doesn't stop users from manually installing IE11 from the [Microsoft Download Center](http://go.microsoft.com/fwlink/p/?linkid=327753). Also, even if you've installed previous versions of the toolkit before, like for Internet Explorer 10, you still need to install this version to prevent the installation of IE11.
+The IE11 Blocker Toolkit doesn't stop users from manually installing IE11 from the [Microsoft Download Center](https://go.microsoft.com/fwlink/p/?linkid=327753). Also, even if you've installed previous versions of the toolkit before, like for Internet Explorer 10, you still need to install this version to prevent the installation of IE11.
 **To install the toolkit**
-1. Download the IE11 Blocker Toolkit from [Toolkit to Disable Automatic Delivery of Internet Explorer 11](http://go.microsoft.com/fwlink/p/?LinkId=327745).
+1. Download the IE11 Blocker Toolkit from [Toolkit to Disable Automatic Delivery of Internet Explorer 11](https://go.microsoft.com/fwlink/p/?LinkId=327745).
2. Accept the license agreement and store the included 4 files on your local computer.
@@ -41,7 +41,7 @@ Wait for the message, **Blocking deployment of IE11 on the local machine. The op
6. Close the Command Prompt.
-For answers to frequently asked questions, see [Internet Explorer 11 Blocker Toolkit: Frequently Asked Questions](http://go.microsoft.com/fwlink/p/?LinkId=314063).
+For answers to frequently asked questions, see [Internet Explorer 11 Blocker Toolkit: Frequently Asked Questions](https://go.microsoft.com/fwlink/p/?LinkId=314063).
diff --git a/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.md b/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.md
index f8a608179f..384f432713 100644
--- a/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.md
+++ b/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.md
@@ -32,7 +32,7 @@ Answering frequently asked questions about Internet Explorer 11 (IE11) features
IE11 is preinstalled with Windows 8.1 and Windows Server 2012 R2. No additional action is required.
**Q: How do I install IE11 on Windows 7 with SP1 or Windows Server 2008 R2 with SP1?**
-You can install IE11 on computers running either Windows 7 with SP1 or Windows Server 2008 R2 with SP1. To download IE11, see the IE11 [home page](http://go.microsoft.com/fwlink/p/?LinkId=290956).
+You can install IE11 on computers running either Windows 7 with SP1 or Windows Server 2008 R2 with SP1. To download IE11, see the IE11 [home page](https://go.microsoft.com/fwlink/p/?LinkId=290956).
**Q: How does IE11 integrate with Windows 8.1?**
IE11 is the default handler for the HTTP and HTTPS protocols and the default browser for Windows 8.1. There are two experiences in Windows 8.1: Internet Explorer and Internet Explorer for the desktop. IE is the default browser for touch-first, immersive experiences. Internet Explorer for the desktop provides a more traditional window and tab management experience. The underlying platform of IE11 is fully interoperable across both IE and the familiar Internet Explorer for the desktop, letting developers write the same markup for both experiences.
@@ -58,10 +58,10 @@ Supported web standards include:
- And mutation observers like DOM4 and 5.3
-For more information about specific changes and additions, see the [IE11 guide for developers](http://go.microsoft.com/fwlink/p/?LinkId=313188).
+For more information about specific changes and additions, see the [IE11 guide for developers](https://go.microsoft.com/fwlink/p/?LinkId=313188).
**Q: What test tools exist to test for potential application compatibility issues?**
-The Compat Inspector tool supports Windows Internet Explorer 9 through IE11. For more information, see [Compat Inspector User Guide](http://go.microsoft.com/fwlink/p/?LinkId=313189). In addition, you can use the new [F12 Developer Tools](http://go.microsoft.com/fwlink/p/?LinkId=313190) that are included with IE11, or the [modern.ie](http://go.microsoft.com/fwlink/p/?linkid=308902) website for Microsoft Edge.
+The Compat Inspector tool supports Windows Internet Explorer 9 through IE11. For more information, see [Compat Inspector User Guide](https://go.microsoft.com/fwlink/p/?LinkId=313189). In addition, you can use the new [F12 Developer Tools](https://go.microsoft.com/fwlink/p/?LinkId=313190) that are included with IE11, or the [modern.ie](https://go.microsoft.com/fwlink/p/?linkid=308902) website for Microsoft Edge.
**Q: Why am I having problems launching my legacy apps with Internet Explorer 11**?
It’s most likely because IE no longer starts apps that use managed browser hosting controls, like in the .NET Framework 1.1 and 2.0. You can get IE11 to use managed browser hosting controls again, by:
@@ -70,10 +70,10 @@ It’s most likely because IE no longer starts apps that use managed browser hos
- **For x64 systems or for 64-bit processes on x64 systems:** Go to the `HKLM\SOFTWARE\Wow6432Node\.NETFramework` registry key and change the **EnableIEHosting** value to **1**.
-For more information, see the [Web Applications](http://go.microsoft.com/fwlink/p/?LinkId=308903) section of the Application Compatibility in the .NET Framework 4.5 page.
+For more information, see the [Web Applications](https://go.microsoft.com/fwlink/p/?LinkId=308903) section of the Application Compatibility in the .NET Framework 4.5 page.
**Q: Is there a compatibility list for IE?**
-Yes. You can review the XML-based [compatibility version list](http://go.microsoft.com/fwlink/p/?LinkId=403864).
+Yes. You can review the XML-based [compatibility version list](https://go.microsoft.com/fwlink/p/?LinkId=403864).
**Q: What is Enterprise Mode?**
Enterprise Mode is a compatibility mode designed for Enterprises. This mode lets websites render using a modified browser configuration that’s designed to avoid the common compatibility problems associated with web apps written and tested on older versions of IE, like Windows Internet Explorer 7 or Windows Internet Explorer 8.
@@ -84,7 +84,7 @@ Enterprise Mode Site List Manager tool gives you a way to add websites to your E
For more information, see all of the topics in [Use the Enterprise Mode Site List Manager](../ie11-deploy-guide/use-the-enterprise-mode-site-list-manager.md).
**Q: Are browser plug-ins supported in IE11?**
-The immersive version of IE11 provides an add-on–free experience, so browser plugins won't load and dependent content won't be displayed. This doesn't apply to Internet Explorer for the desktop. For more information, see [Browsing Without Plug-ins](http://go.microsoft.com/fwlink/p/?LinkId=242587). However, Internet Explorer for the desktop and IE11 on Windows 7 with SP1 do support browser plugins, including ActiveX controls such as Adobe Flash and Microsoft Silverlight.
+The immersive version of IE11 provides an add-on–free experience, so browser plugins won't load and dependent content won't be displayed. This doesn't apply to Internet Explorer for the desktop. For more information, see [Browsing Without Plug-ins](https://go.microsoft.com/fwlink/p/?LinkId=242587). However, Internet Explorer for the desktop and IE11 on Windows 7 with SP1 do support browser plugins, including ActiveX controls such as Adobe Flash and Microsoft Silverlight.
**Q: Is Adobe Flash supported on IE11?**
Adobe Flash is included as a platform feature and is available out of the box for Windows 8.1, running on both IE and Internet Explorer for the desktop. Users can turn this feature on or off using the **Manage Add-ons** dialog box, while administrators can turn this feature on or off using the Group Policy setting, **Turn off Adobe Flash in IE and prevent applications from using IE technology to instantiate Flash objects**.
@@ -116,15 +116,15 @@ For more information, see [New group policy settings for IE11](../ie11-deploy-gu
**Q: Is there a version of the Internet Explorer Administration Kit (IEAK) supporting IE11?**
Yes. The Internet Explorer Administration Kit 11 (IEAK 11) is available for download. IEAK 11 lets you create custom versions of IE11 for use in your organization. For more information, see the following resources:
-- [Internet Explorer Administration Kit Information and Downloads](http://go.microsoft.com/fwlink/p/?LinkId=214250) on the Internet Explorer TechCenter.
+- [Internet Explorer Administration Kit Information and Downloads](https://go.microsoft.com/fwlink/p/?LinkId=214250) on the Internet Explorer TechCenter.
- [Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide](../ie11-ieak/index.md)
**Q: Where can I get more information about IE11 for IT pros?**
-Visit the [Springboard Series for Microsoft Browsers](http://go.microsoft.com/fwlink/p/?LinkId=313191) webpage on TechNet.
+Visit the [Springboard Series for Microsoft Browsers](https://go.microsoft.com/fwlink/p/?LinkId=313191) webpage on TechNet.
**Q: Is there a version of the Internet Explorer Blocker Toolkit that will prevent automatic installation of IE11?**
-Yes. The IE11 Blocker Toolkit is available for download. For more information, see [Toolkit to Disable Automatic Delivery of IE11](http://go.microsoft.com/fwlink/p/?LinkId=328195) on the Microsoft Download Center.
+Yes. The IE11 Blocker Toolkit is available for download. For more information, see [Toolkit to Disable Automatic Delivery of IE11](https://go.microsoft.com/fwlink/p/?LinkId=328195) on the Microsoft Download Center.
**Q: Can I customize settings for IE on Windows 8.1?**
Settings can be customized in the following ways:
@@ -145,7 +145,7 @@ Group Policy settings can be set to open either IE or Internet Explorer for the
|Always in Internet Explorer for the desktop |Links always open in Internet Explorer for the desktop. |
## Related topics
-- [Microsoft Edge - Deployment Guide for IT Pros](http://go.microsoft.com/fwlink/p/?LinkId=760643)
+- [Microsoft Edge - Deployment Guide for IT Pros](https://go.microsoft.com/fwlink/p/?LinkId=760643)
- [Internet Explorer 11 (IE11) - Deployment Guide for IT Pros](../ie11-deploy-guide/index.md)
- [Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide](../ie11-ieak/index.md)
diff --git a/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md b/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md
index 54459ebc13..cf7ec51045 100644
--- a/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md
@@ -32,7 +32,7 @@ DHCP has a higher priority than DNS for automatic configuration. If DHCP provide
 **To set up automatic detection for DHCP servers**
-- Open the [DHCP Administrative Tool](http://go.microsoft.com/fwlink/p/?LinkId=302212), create a new option type, using the code number 252, and then associate it with the URL to your configuration file. For detailed instructions about how to do this, see [Create an option 252 entry in DHCP](http://go.microsoft.com/fwlink/p/?LinkId=294649).
+- Open the [DHCP Administrative Tool](https://go.microsoft.com/fwlink/p/?LinkId=302212), create a new option type, using the code number 252, and then associate it with the URL to your configuration file. For detailed instructions about how to do this, see [Create an option 252 entry in DHCP](https://go.microsoft.com/fwlink/p/?LinkId=294649).
**Examples:**
http://www.microsoft.com/webproxy.pac
http://marketing/config.ins
@@ -48,7 +48,7 @@ For more detailed info about how to set up your DHCP server, see your server doc
`mailserver1 IN A 192.55.200.51`
**-OR-**
Create a canonical name (CNAME) alias record, named **WPAD**. This record lets you use more than one name to point to a single host, letting you host both an FTP server and a web server on the same computer. It also includes the resolved name (not the IP address) of the server storing your automatic configuration (.pac) file.
-**Note**
For more info about creating a **WPAD** entry, see [Creating a WPAD entry in DNS](http://go.microsoft.com/fwlink/p/?LinkId=294651).
+**Note**
For more info about creating a **WPAD** entry, see [Creating a WPAD entry in DNS](https://go.microsoft.com/fwlink/p/?LinkId=294651).
2. After the database file propagates to the server, the DNS name, `wpad..com` resolves to the server name that includes your automatic configuration file.
diff --git a/browsers/internet-explorer/ie11-ieak/custom-components-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/custom-components-ieak11-wizard.md
index 180fc0121e..ca0125b893 100644
--- a/browsers/internet-explorer/ie11-ieak/custom-components-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/custom-components-ieak11-wizard.md
@@ -11,7 +11,7 @@ ms.sitesec: library
# Use the Custom Components page in the IEAK 11 Wizard
-The **Custom Components** page of the Internet Explorer Customization Wizard 11 lets you add up to 10 additional components that your employees can install at the same time they install IE. These components can be created by Microsoft or your organization as either compressed cabinet (.cab) or self-extracting executable (.exe) files. If you’re using Microsoft components, make sure you have the latest version and software patches from the [Microsoft Support](http://go.microsoft.com/fwlink/p/?LinkId=258658) site. To include Microsoft Update components, you must bundle the associated files into a custom component.
+The **Custom Components** page of the Internet Explorer Customization Wizard 11 lets you add up to 10 additional components that your employees can install at the same time they install IE. These components can be created by Microsoft or your organization as either compressed cabinet (.cab) or self-extracting executable (.exe) files. If you’re using Microsoft components, make sure you have the latest version and software patches from the [Microsoft Support](https://go.microsoft.com/fwlink/p/?LinkId=258658) site. To include Microsoft Update components, you must bundle the associated files into a custom component.
**Important**
You should sign any custom code that’s being downloaded over the Internet. The default settings of Internet Explorer 11 will automatically reject any unsigned code. For more info about digitally signing custom components, see [Security features and IEAK 11](security-and-ieak11.md).
diff --git a/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md b/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md
index 7bb21bf9bd..ba2b7e4076 100644
--- a/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md
+++ b/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md
@@ -11,7 +11,7 @@ ms.sitesec: library
# Customize Automatic Search for Internet Explorer using IEAK 11
-Internet Explorer lets websites advertise any search provider that uses the open search standard described at the A9 website ( [OpenSearch 1.1 Draft 5](http://go.microsoft.com/fwlink/p/?LinkId=208582)). When IE detects new search providers, the **Search** box becomes active and adds the new providers to the drop-down list of providers.
+Internet Explorer lets websites advertise any search provider that uses the open search standard described at the A9 website ( [OpenSearch 1.1 Draft 5](https://go.microsoft.com/fwlink/p/?LinkId=208582)). When IE detects new search providers, the **Search** box becomes active and adds the new providers to the drop-down list of providers.
Using the **Administrative Templates** section of Group Policy, you can prevent the search box from appearing, you can add a list of acceptable search providers, or you can restrict your employee’s ability to add or remove search providers.
diff --git a/browsers/internet-explorer/ie11-ieak/iexpress-command-line-options.md b/browsers/internet-explorer/ie11-ieak/iexpress-command-line-options.md
index 249c01e34c..13fff054c3 100644
--- a/browsers/internet-explorer/ie11-ieak/iexpress-command-line-options.md
+++ b/browsers/internet-explorer/ie11-ieak/iexpress-command-line-options.md
@@ -31,7 +31,7 @@ These command-line options work with IExpress:
|`/r:a` |Always restarts the computer after installation. |
|`/r:s` |Restarts the computer after installation without prompting the employee. |
-For more information, see [Command-line switches for IExpress software update packages](http://go.microsoft.com/fwlink/p/?LinkId=317973).
+For more information, see [Command-line switches for IExpress software update packages](https://go.microsoft.com/fwlink/p/?LinkId=317973).
## Related topics
- [IExpress Wizard for Windows Server 2008 R2 with SP1](iexpress-wizard-for-win-server.md)
diff --git a/browsers/internet-explorer/ie11-ieak/index.md b/browsers/internet-explorer/ie11-ieak/index.md
index de8d960649..b0c1e0c9fe 100644
--- a/browsers/internet-explorer/ie11-ieak/index.md
+++ b/browsers/internet-explorer/ie11-ieak/index.md
@@ -33,5 +33,5 @@ IE11 and IEAK 11 offers differing experiences between Windows 7 and Windows 8.1
## Related topics
- [Internet Explorer 11 - FAQ for IT Pros](../ie11-faq/faq-for-it-pros-ie11.md)
- [Internet Explorer 11 (IE11) - Deployment Guide for IT Pros](../ie11-deploy-guide/index.md)
-- [Microsoft Edge - Deployment Guide for IT Pros](http://go.microsoft.com/fwlink/p/?LinkId=760643)
+- [Microsoft Edge - Deployment Guide for IT Pros](https://go.microsoft.com/fwlink/p/?LinkId=760643)
diff --git a/browsers/internet-explorer/ie11-ieak/rsop-snapin-for-policy-settings-ieak11.md b/browsers/internet-explorer/ie11-ieak/rsop-snapin-for-policy-settings-ieak11.md
index e1c2731a4b..0760b36184 100644
--- a/browsers/internet-explorer/ie11-ieak/rsop-snapin-for-policy-settings-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/rsop-snapin-for-policy-settings-ieak11.md
@@ -11,7 +11,7 @@ ms.sitesec: library
# Using the Resultant Set of Policy (RSoP) snap-in to review policy settings
-After you’ve deployed your custom Internet Explorer package to your employees, you can use the Resultant Set of Policy (RSoP) snap-in to view your created policy settings. The RSoP snap-in is a two-step process. First, you run the RSoP wizard to determine what information should be viewed. Second, you open the specific items in the console window to view the settings. For complete instructions about how to use RSoP, see [Resultant Set of Policy](http://go.microsoft.com/fwlink/p/?LinkId=259479).
+After you’ve deployed your custom Internet Explorer package to your employees, you can use the Resultant Set of Policy (RSoP) snap-in to view your created policy settings. The RSoP snap-in is a two-step process. First, you run the RSoP wizard to determine what information should be viewed. Second, you open the specific items in the console window to view the settings. For complete instructions about how to use RSoP, see [Resultant Set of Policy](https://go.microsoft.com/fwlink/p/?LinkId=259479).
 **To add the RSoP snap-in**
diff --git a/browsers/internet-explorer/ie11-ieak/security-and-ieak11.md b/browsers/internet-explorer/ie11-ieak/security-and-ieak11.md
index 1464b71931..61e6caf344 100644
--- a/browsers/internet-explorer/ie11-ieak/security-and-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/security-and-ieak11.md
@@ -30,21 +30,21 @@ Because of this, the custom .cab files created by the Internet Explorer Customiz
### Understanding digital certificates
To sign your package and custom programs digitally, you must first obtain a digital certificate. You can obtain a certificate from a certification authority or a privately-controlled certificate server. For more info about obtaining certificates or setting up a certificate server, see the following:
-- Microsoft-trusted certification authorities ([Windows root certificate program requirements](http://go.microsoft.com/fwlink/p/?LinkId=759697)).
+- Microsoft-trusted certification authorities ([Windows root certificate program requirements](https://go.microsoft.com/fwlink/p/?LinkId=759697)).
-- Certificates overview documentation ([Certificates](http://go.microsoft.com/fwlink/p/?LinkId=759698)).
+- Certificates overview documentation ([Certificates](https://go.microsoft.com/fwlink/p/?LinkId=759698)).
-- Microsoft Active Directory Certificate Services ( [Active Directory Certificate Services](http://go.microsoft.com/fwlink/p/?LinkId=259521)).
+- Microsoft Active Directory Certificate Services ( [Active Directory Certificate Services](https://go.microsoft.com/fwlink/p/?LinkId=259521)).
-- Enterprise public key infrastructure (PKI) snap-in documentation ([Enterprise PKI](http://go.microsoft.com/fwlink/p/?LinkId=259526)).
+- Enterprise public key infrastructure (PKI) snap-in documentation ([Enterprise PKI](https://go.microsoft.com/fwlink/p/?LinkId=259526)).
After you get a certificate, you should note the public and private keys, which are a matched set of keys that are created by the software publisher for encryption and decryption. They are generated on your device at the time the certificate is requested, and your private key is never sent to the certification authority or any other party.
### Understanding code signing
Code signing varies, depening on how you plan to distribute your custom install package.
-- **If you plan to distribute custom packages over the Internet**, you must sign all custom components and the CMAK profile package (if used). Before you start the Internet Explorer Customization Wizard, make sure that both are signed. Typically, their respective manufacturers will have signed them. Otherwise, you can sign these using the Sign Tool (SignTool.exe) ( [SignTool.exe (Sign Tool)](http://go.microsoft.com/fwlink/p/?LinkId=71298)) or use the File Signing Tool (Signcode.exe) ([Signcode.exe (File Signing Tool)](http://go.microsoft.com/fwlink/p/?LinkId=71299)). You should read the documentation included with these tools for more info about all of the signing options.
-In addition, after you run the Internet Explorer Customization Wizard, we highly recommend that you sign the IEAK package and the branding.cab file (if you are using it separately from the package). You can do this also using the tools mentioned above. For more information, download Code-Signing Best Practices ([Code-Signing Best Practices](http://go.microsoft.com/fwlink/p/?LinkId=71300)).
+- **If you plan to distribute custom packages over the Internet**, you must sign all custom components and the CMAK profile package (if used). Before you start the Internet Explorer Customization Wizard, make sure that both are signed. Typically, their respective manufacturers will have signed them. Otherwise, you can sign these using the Sign Tool (SignTool.exe) ( [SignTool.exe (Sign Tool)](https://go.microsoft.com/fwlink/p/?LinkId=71298)) or use the File Signing Tool (Signcode.exe) ([Signcode.exe (File Signing Tool)](https://go.microsoft.com/fwlink/p/?LinkId=71299)). You should read the documentation included with these tools for more info about all of the signing options.
+In addition, after you run the Internet Explorer Customization Wizard, we highly recommend that you sign the IEAK package and the branding.cab file (if you are using it separately from the package). You can do this also using the tools mentioned above. For more information, download Code-Signing Best Practices ([Code-Signing Best Practices](https://go.microsoft.com/fwlink/p/?LinkId=71300)).
- **If you plan to distribute your custom packages over an intranet**, sign the custom files or preconfigure the Local intranet zone with a Low security setting, because the default security setting does not allow users to download unsigned programs or code.
diff --git a/devices/surface-hub/appendix-a-powershell-scripts-for-surface-hub.md b/devices/surface-hub/appendix-a-powershell-scripts-for-surface-hub.md
index 6b6083ba4b..c82891ed56 100644
--- a/devices/surface-hub/appendix-a-powershell-scripts-for-surface-hub.md
+++ b/devices/surface-hub/appendix-a-powershell-scripts-for-surface-hub.md
@@ -612,7 +612,7 @@ catch
{
PrintError "Some dependencies are missing"
PrintError "Please install the Windows PowerShell Module for Lync Online. For more information go to http://www.microsoft.com/download/details.aspx?id=39366"
- PrintError "Please install the Azure Active Directory module for PowerShell from http://go.microsoft.com/fwlink/p/?linkid=236297"
+ PrintError "Please install the Azure Active Directory module for PowerShell from https://go.microsoft.com/fwlink/p/?linkid=236297"
CleanupAndFail
}
@@ -1119,7 +1119,7 @@ if ($fHasOnline)
}
catch
{
- CleanupAndFail "To verify accounts in online tenants you need the Azure Active Directory module for PowerShell from http://go.microsoft.com/fwlink/p/?linkid=236297"
+ CleanupAndFail "To verify accounts in online tenants you need the Azure Active Directory module for PowerShell from https://go.microsoft.com/fwlink/p/?linkid=236297"
}
}
@@ -1518,7 +1518,7 @@ if ($online)
{
PrintError "Some dependencies are missing"
PrintError "Please install the Windows PowerShell Module for Lync Online. For more information go to http://www.microsoft.com/download/details.aspx?id=39366"
- PrintError "Please install the Azure Active Directory module for PowerShell from http://go.microsoft.com/fwlink/p/?linkid=236297"
+ PrintError "Please install the Azure Active Directory module for PowerShell from https://go.microsoft.com/fwlink/p/?linkid=236297"
CleanupAndFail
}
}
diff --git a/devices/surface-hub/create-a-device-account-using-office-365.md b/devices/surface-hub/create-a-device-account-using-office-365.md
index ac058c3745..de3aee64d1 100644
--- a/devices/surface-hub/create-a-device-account-using-office-365.md
+++ b/devices/surface-hub/create-a-device-account-using-office-365.md
@@ -100,8 +100,8 @@ From here on, you'll need to finish the account creation process using PowerShel
In order to run cmdlets used by these PowerShell scripts, the following must be installed for the admin PowerShell console:
-- [Microsoft Online Services Sign-In Assistant for IT Professionals BETA](http://go.microsoft.com/fwlink/?LinkId=718149)
-- [Windows Azure Active Directory Module for Windows PowerShell](http://go.microsoft.com/fwlink/p/?linkid=236297)
+- [Microsoft Online Services Sign-In Assistant for IT Professionals BETA](https://go.microsoft.com/fwlink/?LinkId=718149)
+- [Windows Azure Active Directory Module for Windows PowerShell](https://go.microsoft.com/fwlink/p/?linkid=236297)
- [Skype for Business Online, Windows PowerShell Module](http://www.microsoft.com/download/details.aspx?id=39366)
### Connecting to online services
diff --git a/devices/surface-hub/monitor-surface-hub.md b/devices/surface-hub/monitor-surface-hub.md
index 3083553e68..b28e3e7208 100644
--- a/devices/surface-hub/monitor-surface-hub.md
+++ b/devices/surface-hub/monitor-surface-hub.md
@@ -16,18 +16,18 @@ localizationpriority: medium
Monitoring for Microsoft Surface Hub devices is enabled through Microsoft Operations Management Suite (OMS).
-The [Operations Management Suite (OMS)](http://go.microsoft.com/fwlink/?LinkId=718138) is Microsoft's IT management solution that helps you manage and protect your entire IT infrastructure, including your Surface Hubs. You can use OMS to help you track the health of your Surface Hubs as well as understand how they are being used. Log files are read on the devices and sent to the OMS service. Issues like servers being offline, the calendar not syncing, or the device account being unable to log into Skype are shown in OMS in the Surface Hub dashboard. By using the data in the dashboard, you can identify devices that are not running, or that are having other problems, and potentially apply fixes for the detected issues.
+The [Operations Management Suite (OMS)](https://go.microsoft.com/fwlink/?LinkId=718138) is Microsoft's IT management solution that helps you manage and protect your entire IT infrastructure, including your Surface Hubs. You can use OMS to help you track the health of your Surface Hubs as well as understand how they are being used. Log files are read on the devices and sent to the OMS service. Issues like servers being offline, the calendar not syncing, or the device account being unable to log into Skype are shown in OMS in the Surface Hub dashboard. By using the data in the dashboard, you can identify devices that are not running, or that are having other problems, and potentially apply fixes for the detected issues.
### OMS requirements
In order to manage your Surface Hubs from the Microsoft Operations Management Suite (OMS), you'll need the following:
- A valid [subscription to OMS](http://www.microsoft.com/server-cloud/operations-management-suite/overview.aspx).
-- [Subscription level](http://go.microsoft.com/fwlink/?LinkId=718139) in line with the number of devices. OMS pricing varies depending on how many devices are enrolled, and how much data it processes. You'll want to take this into consideration when planning your Surface Hub rollout.
+- [Subscription level](https://go.microsoft.com/fwlink/?LinkId=718139) in line with the number of devices. OMS pricing varies depending on how many devices are enrolled, and how much data it processes. You'll want to take this into consideration when planning your Surface Hub rollout.
-Next, you will either add an OMS subscription to your existing Microsoft Azure subscription or create a new workspace directly through the OMS portal. Detailed instructions for setting up the account can be found at: [Onboard in minutes](http://go.microsoft.com/fwlink/?LinkId=718141). Once the OMS subscription is set up, there are two ways to enroll your Surface Hub devices:
+Next, you will either add an OMS subscription to your existing Microsoft Azure subscription or create a new workspace directly through the OMS portal. Detailed instructions for setting up the account can be found at: [Onboard in minutes](https://go.microsoft.com/fwlink/?LinkId=718141). Once the OMS subscription is set up, there are two ways to enroll your Surface Hub devices:
-1. Automatically through [InTune](http://go.microsoft.com/fwlink/?LinkId=718150), or
+1. Automatically through [InTune](https://go.microsoft.com/fwlink/?LinkId=718150), or
2. Manually through Settings.
### Setting up monitoring
diff --git a/devices/surface-hub/physically-install-your-surface-hub-device.md b/devices/surface-hub/physically-install-your-surface-hub-device.md
index 7c201fd78e..489e6a03a3 100644
--- a/devices/surface-hub/physically-install-your-surface-hub-device.md
+++ b/devices/surface-hub/physically-install-your-surface-hub-device.md
@@ -14,12 +14,12 @@ localizationpriority: medium
# Physically install Microsoft Surface Hub
-The Microsoft Surface Hub Readiness Guide will help make sure that your site is ready for the installation. You can download the Guide from the [Microsoft Download Center](http://go.microsoft.com/fwlink/?LinkId=718144). It includes planning information for both the 55" and 84" devices, as well as info on moving the Surface Hub from receiving to the installation location, mounting options, and a list of what's in the box.
+The Microsoft Surface Hub Readiness Guide will help make sure that your site is ready for the installation. You can download the Guide from the [Microsoft Download Center](https://go.microsoft.com/fwlink/?LinkId=718144). It includes planning information for both the 55" and 84" devices, as well as info on moving the Surface Hub from receiving to the installation location, mounting options, and a list of what's in the box.
You may also want to check out the Unpacking Guide. It will show you how to unpack the devices efficiently and safely. There are two guides, one for the 55" and one for the 84". A printed version of the Unpacking Guide is attached to the outside front of each unit's shipping crate.
-- Download the 55" Unpacking Guide from the [Microsoft Download Center](http://go.microsoft.com/fwlink/?LinkId=718145).
-- Download the 84" version from the [Microsoft Download Center](http://go.microsoft.com/fwlink/?LinkId=718146).
+- Download the 55" Unpacking Guide from the [Microsoft Download Center](https://go.microsoft.com/fwlink/?LinkId=718145).
+- Download the 84" version from the [Microsoft Download Center](https://go.microsoft.com/fwlink/?LinkId=718146).
diff --git a/devices/surface-hub/provisioning-packages-for-certificates-surface-hub.md b/devices/surface-hub/provisioning-packages-for-certificates-surface-hub.md
index cbad03aa49..59e451d855 100644
--- a/devices/surface-hub/provisioning-packages-for-certificates-surface-hub.md
+++ b/devices/surface-hub/provisioning-packages-for-certificates-surface-hub.md
@@ -58,7 +58,7 @@ In order to create and deploy provisioning packages, all of the following are re
### Install the Windows Imaging and Configuration Designer
-1. The Windows Imaging and Configuration Designer (ICD) is installed as part of the Windows 10 ADK. The installer for the ADK can be downloaded from the [Microsoft Download Center](http://go.microsoft.com/fwlink/?LinkId=718147).
+1. The Windows Imaging and Configuration Designer (ICD) is installed as part of the Windows 10 ADK. The installer for the ADK can be downloaded from the [Microsoft Download Center](https://go.microsoft.com/fwlink/?LinkId=718147).
>**Note** The ADK must be installed on a separate PC, not on the Surface Hub.
2. Run the installer, and set your preferences for installation. When asked what features you want to install, you will see a checklist like the one in the following figure. Note that **Windows Performance Toolkit** and **Windows Assessment Toolkit** should be unchecked, as they are not needed to run the ICD.
@@ -138,7 +138,7 @@ This example will demonstrate how to create a provisioning package to install a
### Create a provisioning package for apps
-This example will demonstrate how to create a provisioning package to install offline-licensed apps purchased from the Windows Store for Business. For information on offline-licensed apps and what you need to download in order to install them, see [Distribute offline apps](http://go.microsoft.com/fwlink/?LinkId=718148).
+This example will demonstrate how to create a provisioning package to install offline-licensed apps purchased from the Windows Store for Business. For information on offline-licensed apps and what you need to download in order to install them, see [Distribute offline apps](https://go.microsoft.com/fwlink/?LinkId=718148).
For each app you want to install on Surface Hubs, you'll need to download:
diff --git a/devices/surface-hub/surface-hub-administrators-guide.md b/devices/surface-hub/surface-hub-administrators-guide.md
index 6b08e5cb6f..275dd6a33b 100644
--- a/devices/surface-hub/surface-hub-administrators-guide.md
+++ b/devices/surface-hub/surface-hub-administrators-guide.md
@@ -39,7 +39,7 @@ Before you power on Microsoft Surface Hub for the first time, make sure you've [
[Physically install Microsoft Surface Hub](physically-install-your-surface-hub-device.md) |
-The Surface Hub Readiness Guide will help make sure that your site is ready for the installation. You can download the Guide from the [Microsoft Download Center](http://go.microsoft.com/fwlink/?LinkId=718144). It includes planning information for both the 55" and 84" devices, as well as info on moving the Surface Hub from receiving to the installation location, mounting options, and a list of what's in the box. |
+The Surface Hub Readiness Guide will help make sure that your site is ready for the installation. You can download the Guide from the [Microsoft Download Center](https://go.microsoft.com/fwlink/?LinkId=718144). It includes planning information for both the 55" and 84" devices, as well as info on moving the Surface Hub from receiving to the installation location, mounting options, and a list of what's in the box. |
[Prepare your environment for Microsoft Surface Hub](prepare-your-environment-for-surface-hub.md) |
diff --git a/devices/surface/advanced-uefi-security-features-for-surface-pro-3.md b/devices/surface/advanced-uefi-security-features-for-surface-pro-3.md
index 7a4c04dabc..7b231f3562 100644
--- a/devices/surface/advanced-uefi-security-features-for-surface-pro-3.md
+++ b/devices/surface/advanced-uefi-security-features-for-surface-pro-3.md
@@ -21,7 +21,7 @@ To address more granular control over the security of Surface devices, the v3.11
## Manually install the UEFI update
-Before you can configure the advanced security features of your Surface device, you must first install the v3.11.760.0 UEFI update. This update is installed automatically if you receive your updates from Windows Update. For more information about how to configure Windows to update automatically by using Windows Update, see [How to configure and use Automatic Updates in Windows]( http://go.microsoft.com/fwlink/p/?LinkID=618030).
+Before you can configure the advanced security features of your Surface device, you must first install the v3.11.760.0 UEFI update. This update is installed automatically if you receive your updates from Windows Update. For more information about how to configure Windows to update automatically by using Windows Update, see [How to configure and use Automatic Updates in Windows]( https://go.microsoft.com/fwlink/p/?LinkID=618030).
To update the UEFI on Surface Pro 3, you can download and install the Surface UEFI updates as part of the Surface Pro 3 Firmware and Driver Pack. These firmware and driver packs are available from the [Surface Pro 3 page](https://www.microsoft.com/download/details.aspx?id=38826) on the Microsoft Download Center. You can find out more about the firmware and driver packs at [Download the latest firmware and drivers for Surface devices](https://technet.microsoft.com/itpro/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices). The firmware and driver packs are available as both self-contained Windows Installer (.msi) and archive (.zip) formats. You can find out more about these two formats and how you can use them to update your drivers at [Manage Surface driver and firmware updates](https://technet.microsoft.com/itpro/surface/manage-surface-pro-3-firmware-updates).
@@ -49,13 +49,13 @@ After the v3.11.760.0 UEFI update is installed on a Surface device, an additiona
## Automate additional security settings
-As an IT professional with administrative privileges, you can automate the configuration of UEFI settings by leveraging [Surface Pro 3 Firmware Tools (476 KB)](http://go.microsoft.com/fwlink/p/?LinkID=618038) available from the Microsoft Download Center. These tools install a .NET assembly that can be called from any custom application or script.
+As an IT professional with administrative privileges, you can automate the configuration of UEFI settings by leveraging [Surface Pro 3 Firmware Tools (476 KB)](https://go.microsoft.com/fwlink/p/?LinkID=618038) available from the Microsoft Download Center. These tools install a .NET assembly that can be called from any custom application or script.
**Prerequisites**
- The sample scripts below leverage the previously mentioned extension and therefore assume that the tool has been installed on the device being managed.
- The scripts must be run with administrative privilege.
-- The Windows PowerShell command [**Set-ExecutionPolicy Unrestricted**](http://go.microsoft.com/fwlink/p/?LinkID=618039) must be called prior to running sample scripts if they are not digitally signed.
+- The Windows PowerShell command [**Set-ExecutionPolicy Unrestricted**](https://go.microsoft.com/fwlink/p/?LinkID=618039) must be called prior to running sample scripts if they are not digitally signed.
**Sample scripts**
diff --git a/devices/surface/customize-the-oobe-for-surface-deployments.md b/devices/surface/customize-the-oobe-for-surface-deployments.md
index 9160b9b3f5..8532617b50 100644
--- a/devices/surface/customize-the-oobe-for-surface-deployments.md
+++ b/devices/surface/customize-the-oobe-for-surface-deployments.md
@@ -22,9 +22,9 @@ It is common practice in a Windows deployment to customize the user experience f
In some scenarios, you may want to provide complete automation to ensure that at the end of a deployment, computers are ready for use without any interaction from the user. In other scenarios, you may want to leave key elements of the experience for users to perform necessary actions or select between important choices. For administrators deploying to Surface devices, each of these scenarios presents a unique challenge to overcome.
-This article provides a summary of the scenarios where a deployment might require additional steps. It also provides the required information to ensure that the desired experience is achieved on any newly deployed Surface device. This article is intended for administrators who are familiar with the deployment process, as well as concepts such as answer files and [reference images](http://go.microsoft.com/fwlink/p/?LinkID=618042).
+This article provides a summary of the scenarios where a deployment might require additional steps. It also provides the required information to ensure that the desired experience is achieved on any newly deployed Surface device. This article is intended for administrators who are familiar with the deployment process, as well as concepts such as answer files and [reference images](https://go.microsoft.com/fwlink/p/?LinkID=618042).
->**Note:** Although the OOBE phase of setup is still run during a deployment with an automated deployment solution such as the [Microsoft Deployment Toolkit (MDT)](http://go.microsoft.com/fwlink/p/?LinkId=618117) or System Center Configuration Manager Operating System Deployment (OSD), it is automated by the settings supplied in the Deployment Wizard and task sequence. For more information see:
+>**Note:** Although the OOBE phase of setup is still run during a deployment with an automated deployment solution such as the [Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?LinkId=618117) or System Center Configuration Manager Operating System Deployment (OSD), it is automated by the settings supplied in the Deployment Wizard and task sequence. For more information see:
- [Deploy Windows 10 with the Microsoft Deployment Toolkit](http://technet.microsoft.com/itpro/windows/deploy/deploy-windows-10-with-the-microsoft-deployment-toolkit)
- [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](http://technet.microsoft.com/itpro/windows/deploy/deploy-windows-10-with-system-center-2012-r2-configuration-manager)
@@ -36,7 +36,7 @@ This article provides a summary of the scenarios where a deployment might requir
When a wireless network adapter is present during OOBE, the **Join a wireless network** page is displayed, which prompts a user to connect to a wireless network. This page is not automatically hidden by deployment technologies, including MDT 2013, and therefore will be displayed even when a deployment is configured for complete automation.
-To ensure that an automated deployment is not stopped by this page, the page must be hidden by configuring an additional setting in the answer file, **HideWirelessSetupInOOBE**. You can find additional information about the **HideWirelessSetupInOOBE** setting in [Unattended Windows Setup Reference](http://go.microsoft.com/fwlink/p/?LinkID=618044).
+To ensure that an automated deployment is not stopped by this page, the page must be hidden by configuring an additional setting in the answer file, **HideWirelessSetupInOOBE**. You can find additional information about the **HideWirelessSetupInOOBE** setting in [Unattended Windows Setup Reference](https://go.microsoft.com/fwlink/p/?LinkID=618044).
## Scenario 2: Surface Pen pairing in OOBE
@@ -54,7 +54,7 @@ To provide the factory Surface Pen pairing experience in OOBE, you must copy fou
-The step-by-step process for adding these required files to an image is described in [Deploying Surface Pro 3 Pen and OneNote Tips](http://go.microsoft.com/fwlink/p/?LinkID=618045). This blog post also includes tips to ensure that the necessary updates for the Surface Pen Quick Note-Taking Experience are installed, which allows users to send notes to OneNote with a single click.
+The step-by-step process for adding these required files to an image is described in [Deploying Surface Pro 3 Pen and OneNote Tips](https://go.microsoft.com/fwlink/p/?LinkID=618045). This blog post also includes tips to ensure that the necessary updates for the Surface Pen Quick Note-Taking Experience are installed, which allows users to send notes to OneNote with a single click.
diff --git a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
index 6ee5c0b6f6..2df6fdcd7f 100644
--- a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
+++ b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
@@ -33,14 +33,14 @@ Installation files for administrative tools, drivers for accessories, and update
Recent additions to the downloads for Surface devices provide you with options to install Windows 10 on your Surface devices and update LTE devices with the latest Windows 10 drivers and firmware.
->**Note:** A battery charge of 40% or greater is required before you install firmware to a Surface device. See [Microsoft Support article KB2909710](http://go.microsoft.com/fwlink/p/?LinkId=618106) for more information.
+>**Note:** A battery charge of 40% or greater is required before you install firmware to a Surface device. See [Microsoft Support article KB2909710](https://go.microsoft.com/fwlink/p/?LinkId=618106) for more information.
## Surface Book
-Download the following updates [for Surface Book from the Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=691691).
+Download the following updates [for Surface Book from the Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=691691).
- SurfaceBook\_Win10\_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10
@@ -49,7 +49,7 @@ Download the following updates [for Surface Book from the Microsoft Download Cen
## Surface Pro 4
-Download the following updates for [Surface Pro 4 from the Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=691692).
+Download the following updates for [Surface Pro 4 from the Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=691692).
- SurfacePro4\_Win10\_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10
@@ -58,7 +58,7 @@ Download the following updates for [Surface Pro 4 from the Microsoft Download Ce
## Surface Pro 3
-Download the following updates [for Surface Pro 3 from the Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=690288).
+Download the following updates [for Surface Pro 3 from the Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=690288).
- SurfacePro3\_Win10\_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10
@@ -85,7 +85,7 @@ Download the following updates [for Surface Pro 3 from the Microsoft Download Ce
## Surface 3
-Download the following updates [for Surface 3 from the Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=690289).
+Download the following updates [for Surface 3 from the Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=690289).
- Surface3\_Win10\_xxxxxx.zip – Cumulative firmware and driver update package for Windows 10
@@ -102,7 +102,7 @@ Download the following updates [for Surface 3 from the Microsoft Download Center
## Surface 3 LTE
-Download the following updates [for AT&T 4G LTE versions of Surface 3 from the Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=690290).
+Download the following updates [for AT&T 4G LTE versions of Surface 3 from the Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=690290).
- Surface3\_US1\_Win10\_xxxxxx.msi – Surface 3 LTE AT&T - Cumulative firmware and driver update for locked carrier dependent AT&T devices in the US, running Windows 10
@@ -118,7 +118,7 @@ Download the following updates [for AT&T 4G LTE versions of Surface 3 from the M
- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1
-Download the following updates [for non-AT&T 4G LTE versions of Surface 3 from the Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=690291).
+Download the following updates [for non-AT&T 4G LTE versions of Surface 3 from the Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=690291).
- Surface3\_NAG\_Win10\_xxxxxx.msi – Surface 3 LTE North America - Cumulative firmware and driver update for unlocked carrier independent devices in the US, running Windows 10
@@ -134,7 +134,7 @@ Download the following updates [for non-AT&T 4G LTE versions of Surface 3 from t
- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1
-Download the following updates [for 4G LTE Surface 3 versions for regions outside North America from the Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=690292).
+Download the following updates [for 4G LTE Surface 3 versions for regions outside North America from the Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=690292).
- Surface3\_ROW\_Win10\_xxxxxx.msi – Surface 3 LTE rest of the world cumulative - Cumulative firmware and driver update for carrier independent devices outside of the US, as well as for Japan, running Windows 10
@@ -153,7 +153,7 @@ Download the following updates [for 4G LTE Surface 3 versions for regions outsid
## Surface Pro 2
-Download the following updates [for Surface Pro 2 from the Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=690293).
+Download the following updates [for Surface Pro 2 from the Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=690293).
- SurfacePro2\_Win10\_xxxxxx.zip – Cumulative firmware and driver update package for Windows 10
@@ -168,7 +168,7 @@ Download the following updates [for Surface Pro 2 from the Microsoft Download Ce
## Surface Pro
-Download the following updates [for Surface Pro from the Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=690294).
+Download the following updates [for Surface Pro from the Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=690294).
- SurfacePro\_Win10\_xxxxxx.zip – Cumulative firmware and driver update package for Windows 10
@@ -185,7 +185,7 @@ Download the following updates [for Surface Pro from the Microsoft Download Cent
There are no downloadable firmware or driver updates available for Surface RT. Updates can only be applied using Windows Update.
-If you have additional questions on the driver pack and updates, please contact [Microsoft Surface support for business](http://go.microsoft.com/fwlink/p/?LinkId=618107).
+If you have additional questions on the driver pack and updates, please contact [Microsoft Surface support for business](https://go.microsoft.com/fwlink/p/?LinkId=618107).
diff --git a/devices/surface/enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md b/devices/surface/enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md
index 03c803cc5c..dfda75ad0f 100644
--- a/devices/surface/enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md
+++ b/devices/surface/enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md
@@ -16,14 +16,14 @@ author: miladCA
Find out how to enable support for PEAP, EAP-FAST, or Cisco LEAP protocols on your Surface device.
-If you use PEAP, EAP-FAST, or Cisco LEAP in your enterprise network, you probably already know that these three wireless authentication protocols are not supported by Surface devices out of the box. Some users may discover this when they attempt to connect to your wireless network; others may discover it when they are unable to gain access to resources inside the network, like file shares and internal sites. For more information, see [Extensible Authentication Protocol](http://go.microsoft.com/fwlink/p/?LinkId=716899).
+If you use PEAP, EAP-FAST, or Cisco LEAP in your enterprise network, you probably already know that these three wireless authentication protocols are not supported by Surface devices out of the box. Some users may discover this when they attempt to connect to your wireless network; others may discover it when they are unable to gain access to resources inside the network, like file shares and internal sites. For more information, see [Extensible Authentication Protocol](https://go.microsoft.com/fwlink/p/?LinkId=716899).
You can add support for each protocol by executing a small MSI package from a USB stick or from a file share. For organizations that want to enable EAP support on their Surface devices, the MSI package format supports deployment with many management and deployment tools, like the Microsoft Deployment Toolkit (MDT) and System Center Configuration Manager.
## Download PEAP, EAP-FAST, or Cisco LEAP installation files
-You can download the MSI installation files for PEAP, EAP-FAST, or Cisco LEAP in a single zip archive file from the Microsoft Download Center. To download this file, go to the [Surface Tools for IT](http://go.microsoft.com/fwlink/p/?LinkId=618121) page on the Microsoft Download Center, click **Download**, and then select the **Cisco EAP-Supplicant Installer.zip** file.
+You can download the MSI installation files for PEAP, EAP-FAST, or Cisco LEAP in a single zip archive file from the Microsoft Download Center. To download this file, go to the [Surface Tools for IT](https://go.microsoft.com/fwlink/p/?LinkId=618121) page on the Microsoft Download Center, click **Download**, and then select the **Cisco EAP-Supplicant Installer.zip** file.
## Deploy PEAP, EAP-FAST, or Cisco LEAP with MDT
@@ -79,7 +79,7 @@ To specify the protocol(s) explicitly, follow these steps:
For organizations that manage Surface devices with Configuration Manager, it is even easier to deploy PEAP, EAP-FAST, or Cisco LEAP support to Surface devices. Simply import each MSI file as an application from the Software Library and configure a deployment to your Surface device collection.
-For more information on how to deploy applications with Configuration Manager see [How to Create Applications in Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=761079) and [How to Deploy Applications in Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=761080).
+For more information on how to deploy applications with Configuration Manager see [How to Create Applications in Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=761079) and [How to Deploy Applications in Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=761080).
diff --git a/devices/surface/ethernet-adapters-and-surface-device-deployment.md b/devices/surface/ethernet-adapters-and-surface-device-deployment.md
index b7dd253652..1babe7d7c6 100644
--- a/devices/surface/ethernet-adapters-and-surface-device-deployment.md
+++ b/devices/surface/ethernet-adapters-and-surface-device-deployment.md
@@ -25,7 +25,7 @@ Before you can address the concerns of how you will boot to your deployment envi
The primary concern when selecting an Ethernet adapter is how that adapter will boot your Surface device from the network. If you are pre-staging clients with Windows Deployment Services (WDS) or if you are using System Center Configuration Manager, you may also want to consider whether the removable Ethernet adapters will be dedicated to a specific Surface device or shared among multiple devices. See the [Manage MAC addresses with removable Ethernet adapters](#manage-mac-addresses) section of this article for more information on potential conflicts with shared adapters.
-Booting from the network (PXE boot) is only supported when you use an Ethernet adapter or docking station from Microsoft. To boot from the network, the chipset in the Ethernet adapter or dock must be detected and configured as a boot device in the firmware of the Surface device. Microsoft Ethernet adapters, such as the Surface Ethernet Adapter and the [Surface Dock](http://go.microsoft.com/fwlink/p/?LinkId=722364) use a chipset that is compatible with the Surface firmware.
+Booting from the network (PXE boot) is only supported when you use an Ethernet adapter or docking station from Microsoft. To boot from the network, the chipset in the Ethernet adapter or dock must be detected and configured as a boot device in the firmware of the Surface device. Microsoft Ethernet adapters, such as the Surface Ethernet Adapter and the [Surface Dock](https://go.microsoft.com/fwlink/p/?LinkId=722364) use a chipset that is compatible with the Surface firmware.
The following Ethernet devices are supported for network boot with Surface devices:
@@ -67,7 +67,7 @@ Another consideration for administrators performing Windows deployment over the
The simplest solution to avoid MAC address conflicts is to provide a dedicated removable Ethernet adapter for each Surface device. This can make sense in many scenarios where the Ethernet adapter or the additional functionality of the docking station will be used regularly. However, not all scenarios call for the additional connectivity of a docking station or support for wired networks.
-Another potential solution to avoid conflict when adapters are shared is to use the [Microsoft Deployment Toolkit (MDT)](http://go.microsoft.com/fwlink/p/?LinkId=618117) to perform deployment to Surface devices. MDT does not use the MAC address to identify individual computers and thus is not subject to this limitation. However, MDT does use Windows Deployment Services to provide PXE boot functionality, and is subject to the limitations regarding pre-staged clients which is covered later in this section.
+Another potential solution to avoid conflict when adapters are shared is to use the [Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?LinkId=618117) to perform deployment to Surface devices. MDT does not use the MAC address to identify individual computers and thus is not subject to this limitation. However, MDT does use Windows Deployment Services to provide PXE boot functionality, and is subject to the limitations regarding pre-staged clients which is covered later in this section.
When you use a shared adapter for deployment, the solution for affected deployment technologies is to use another means to identify unique systems. For Configuration Manager and WDS, both of which can be affected by this issue, the solution is to use the System Universal Unique Identifier (System UUID) that is embedded in the computer firmware by the computer manufacturer. For Surface devices, you can see this entry in the computer firmware under **Device Information**.
@@ -78,9 +78,9 @@ To access the firmware of a Surface device, follow these steps:
3. Press and release the **Power** button.
4. After the device begins to boot, release the **Volume Up** button.
-When deploying with WDS, the MAC address is only used to identify a computer when the deployment server is configured to respond only to known, pre-staged clients. When pre-staging a client, an administrator creates a computer account in Active Directory and defines that computer by the MAC address or the System UUID. To avoid the identity conflicts caused by shared Ethernet adapters, you should use [System UUID to define pre-staged clients](http://go.microsoft.com/fwlink/p/?LinkId=618118). Alternatively, you can configure WDS to respond to unknown clients that do not require definition by either MAC address or System UUID by selecting the **Respond to all client computers (known and unknown)** option on the [**PXE Response** tab](http://go.microsoft.com/fwlink/p/?LinkId=618119) in **Windows Deployment Server Properties**.
+When deploying with WDS, the MAC address is only used to identify a computer when the deployment server is configured to respond only to known, pre-staged clients. When pre-staging a client, an administrator creates a computer account in Active Directory and defines that computer by the MAC address or the System UUID. To avoid the identity conflicts caused by shared Ethernet adapters, you should use [System UUID to define pre-staged clients](https://go.microsoft.com/fwlink/p/?LinkId=618118). Alternatively, you can configure WDS to respond to unknown clients that do not require definition by either MAC address or System UUID by selecting the **Respond to all client computers (known and unknown)** option on the [**PXE Response** tab](https://go.microsoft.com/fwlink/p/?LinkId=618119) in **Windows Deployment Server Properties**.
-The potential for conflicts with shared Ethernet adapters is much higher with Configuration Manager. Where WDS only uses MAC addresses to define individual systems when configured to do so, Configuration Manager uses the MAC address to define individual systems whenever performing a deployment to new or unknown computers. This can result in improperly configured devices or even the inability to deploy more than one system with a shared Ethernet adapter. There are several potential solutions for this situation that are described in detail in the [How to Use The Same External Ethernet Adapter For Multiple SCCM OSD](http://go.microsoft.com/fwlink/p/?LinkId=618120) blog post on the Ask Premier Field Engineering (PFE) Platforms TechNet blog.
+The potential for conflicts with shared Ethernet adapters is much higher with Configuration Manager. Where WDS only uses MAC addresses to define individual systems when configured to do so, Configuration Manager uses the MAC address to define individual systems whenever performing a deployment to new or unknown computers. This can result in improperly configured devices or even the inability to deploy more than one system with a shared Ethernet adapter. There are several potential solutions for this situation that are described in detail in the [How to Use The Same External Ethernet Adapter For Multiple SCCM OSD](https://go.microsoft.com/fwlink/p/?LinkId=618120) blog post on the Ask Premier Field Engineering (PFE) Platforms TechNet blog.
diff --git a/devices/surface/manage-surface-dock-firmware-updates.md b/devices/surface/manage-surface-dock-firmware-updates.md
index 21c8a0d24f..f2d71be1b0 100644
--- a/devices/surface/manage-surface-dock-firmware-updates.md
+++ b/devices/surface/manage-surface-dock-firmware-updates.md
@@ -22,7 +22,7 @@ Like the firmware for Surface devices, firmware for Surface Dock is also contain
>**Note:** You can learn more about the firmware update process for Surface devices and how firmware is updated through driver installation at the following links:
- [How to manage and update Surface drivers and firmware](https://technet.microsoft.com/mt697551) from Microsoft Mechanics
-- [Windows Update Makes Surface Better](http://go.microsoft.com/fwlink/p/?LinkId=785354) on the Microsoft Devices Blog
+- [Windows Update Makes Surface Better](https://go.microsoft.com/fwlink/p/?LinkId=785354) on the Microsoft Devices Blog
@@ -79,7 +79,7 @@ Windows Update is the method that most users will use. The drivers for the Surfa
This method is used mostly in environments where Surface device drivers and firmware are managed separately from Windows Update. See [Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md) for more information about the different methods to manage Surface device driver and firmware updates. Updating the Surface Dock firmware through this method involves downloading and deploying an MSI package to the Surface device that contains the updated Surface Dock drivers and firmware. This is the same method recommended for updating all other Surface drivers and firmware. The two-phase firmware update process occurs in the background each time the Surface Dock is disconnected, just like it does with the Windows Update method.
-For more information about how to deploy MSI packages see [Create and deploy an application with System Center Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=785355).
+For more information about how to deploy MSI packages see [Create and deploy an application with System Center Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=785355).
>**Note:** When drivers are installed through Windows Update or the MSI package, registry keys are added that indicate the version of firmware installed on the Surface Dock and contained within the Surface Dock driver. These registry keys can be found in:
**HLKM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\WUDF\\Services\\SurfaceDockFwUpdate\\Parameters**
@@ -103,7 +103,7 @@ Firmware status is displayed for both the main chipset (displayed as **Component
The manual method using the Microsoft Surface Dock Updater tool to update the Surface Dock is used mostly in environments where IT prepares Surface Docks prior to delivery to the end user, or for troubleshooting of a Surface Dock. Microsoft Surface Dock Updater is a tool that you can run from any Surface device that is compatible with the Surface Dock, and will walk you through the process of performing the Surface Dock firmware update in the least possible amount of time. You can also use this tool to verify the firmware status of a connected Surface Dock.
-For more information about how to use the Microsoft Surface Dock Updater tool, please see [Microsoft Surface Dock Updater](surface-dock-updater.md). You can download the Microsoft Surface Dock Updater tool from the [Surface Tools for IT page](http://go.microsoft.com/fwlink/p/?LinkId=618121) on the Microsoft Download Center.
+For more information about how to use the Microsoft Surface Dock Updater tool, please see [Microsoft Surface Dock Updater](surface-dock-updater.md). You can download the Microsoft Surface Dock Updater tool from the [Surface Tools for IT page](https://go.microsoft.com/fwlink/p/?LinkId=618121) on the Microsoft Download Center.
diff --git a/devices/surface/manage-surface-pro-3-firmware-updates.md b/devices/surface/manage-surface-pro-3-firmware-updates.md
index 4c308a017a..521f6e38a2 100644
--- a/devices/surface/manage-surface-pro-3-firmware-updates.md
+++ b/devices/surface/manage-surface-pro-3-firmware-updates.md
@@ -31,26 +31,26 @@ The simplest solution to ensure that firmware on Surface devices in your organiz
Although this solution ensures that firmware will be updated as new releases are made available to Windows Update, it does present potential drawbacks. Each Surface device that receives Windows Updates directly will separately download each update rather than accessing a central location, which increases demand on Internet connectivity and bandwidth. Updates are also provided automatically to devices, without being subjected to testing or review by administrators.
-For details about Group Policy for client configuration of WSUS or Windows Update, see [Step 5: Configure Group Policy Settings for Automatic Updates](http://go.microsoft.com/fwlink/p/?LinkId=618172).
+For details about Group Policy for client configuration of WSUS or Windows Update, see [Step 5: Configure Group Policy Settings for Automatic Updates](https://go.microsoft.com/fwlink/p/?LinkId=618172).
**Windows Installer Package**
-The firmware and driver downloads for Surface devices now include Windows Installer files for firmware and driver updates. These Windows Installer packages can be deployed with utilities that support application deployment, including the Microsoft Deployment Toolkit (MDT) and System Center Configuration Manager. This solution allows for centralized deployment and for administrators to test and review firmware updates before they are deployed. For more information about the Windows Installer package delivery method for firmware and driver updates, including details on what drivers are updated by the package and why certain drivers and firmware are not updated by the Windows Installer package, see the [Surface Pro 3 MSI Now Available](http://go.microsoft.com/fwlink/p/?LinkId=618173) blog post.
+The firmware and driver downloads for Surface devices now include Windows Installer files for firmware and driver updates. These Windows Installer packages can be deployed with utilities that support application deployment, including the Microsoft Deployment Toolkit (MDT) and System Center Configuration Manager. This solution allows for centralized deployment and for administrators to test and review firmware updates before they are deployed. For more information about the Windows Installer package delivery method for firmware and driver updates, including details on what drivers are updated by the package and why certain drivers and firmware are not updated by the Windows Installer package, see the [Surface Pro 3 MSI Now Available](https://go.microsoft.com/fwlink/p/?LinkId=618173) blog post.
-For instructions on how to deploy with System Center Configuration Manager, refer to [How to Deploy Applications in Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=618175). For deployment of applications with MDT, see [Step 4: Add an application in the Deploy a Windows 8.1 Image Using MDT 2013](http://go.microsoft.com/fwlink/p/?LinkId=618176). Note that you can deploy applications separately from an operating system deployment through MDT by using a Post OS Installation task sequence.
+For instructions on how to deploy with System Center Configuration Manager, refer to [How to Deploy Applications in Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=618175). For deployment of applications with MDT, see [Step 4: Add an application in the Deploy a Windows 8.1 Image Using MDT 2013](https://go.microsoft.com/fwlink/p/?LinkId=618176). Note that you can deploy applications separately from an operating system deployment through MDT by using a Post OS Installation task sequence.
**Provisioning packages**
-New in Windows 10, provisioning packages (PPKG files) provide a simple method to apply a configuration to a destination device. You can find out more about provisioning packages, including instructions for how to create your own, in [Provisioning packages](http://go.microsoft.com/fwlink/p/?LinkId=761075). For easy application of a complete set of drivers and firmware to devices running Windows 10, a provisioning package is supplied for Surface Pro 3 devices. This file contains all of the instructions and required assets to update a Surface Pro 3 device with Windows 10 to the latest drivers and firmware.
+New in Windows 10, provisioning packages (PPKG files) provide a simple method to apply a configuration to a destination device. You can find out more about provisioning packages, including instructions for how to create your own, in [Provisioning packages](https://go.microsoft.com/fwlink/p/?LinkId=761075). For easy application of a complete set of drivers and firmware to devices running Windows 10, a provisioning package is supplied for Surface Pro 3 devices. This file contains all of the instructions and required assets to update a Surface Pro 3 device with Windows 10 to the latest drivers and firmware.
**Windows PowerShell**
-Another method you can use to update the firmware when Windows Updates are managed in the organization is to install the firmware from the firmware and driver pack by using PowerShell. This method allows for a similar deployment experience to the Windows Installer package and can similarly be deployed as a package by using System Center Configuration Manager. You can find the PowerShell script and details on how to perform the firmware deployment in the [Deploying Drivers and Firmware to Surface Pro](http://go.microsoft.com/fwlink/p/?LinkId=618177) blog post.
+Another method you can use to update the firmware when Windows Updates are managed in the organization is to install the firmware from the firmware and driver pack by using PowerShell. This method allows for a similar deployment experience to the Windows Installer package and can similarly be deployed as a package by using System Center Configuration Manager. You can find the PowerShell script and details on how to perform the firmware deployment in the [Deploying Drivers and Firmware to Surface Pro](https://go.microsoft.com/fwlink/p/?LinkId=618177) blog post.
## Operating system deployment considerations
-The deployment of firmware updates during an operating system deployment is a straightforward process. The firmware and driver pack can be imported into either System Center Configuration Manager or MDT, and are used to deploy a fully updated environment, complete with firmware, to a target Surface device. For a complete step-by-step guide for deployment to Surface Pro 3 using either Configuration Manager or MDT, download the [Deployment and Administration Guide for Surface Pro 3](http://go.microsoft.com/fwlink/p/?LinkId=618178) from the Microsoft Download Center.
+The deployment of firmware updates during an operating system deployment is a straightforward process. The firmware and driver pack can be imported into either System Center Configuration Manager or MDT, and are used to deploy a fully updated environment, complete with firmware, to a target Surface device. For a complete step-by-step guide for deployment to Surface Pro 3 using either Configuration Manager or MDT, download the [Deployment and Administration Guide for Surface Pro 3](https://go.microsoft.com/fwlink/p/?LinkId=618178) from the Microsoft Download Center.
The individual driver files are also made available in the Microsoft Download Center if you are using deployment tools. The driver files are available in the ZIP archive file in the list of available downloads for your device.
@@ -60,7 +60,7 @@ A best practice for deployment with any solution that uses the Windows Preinstal
**Update Surface Pro 3 firmware offline through USB**
-In some early versions of Surface Pro 3 firmware, PXE boot performance can be quite slow. This has been resolved with updated firmware, but for organizations where firmware will be updated through operating system deployment, this issue is encountered before the updates can be deployed to the device. In this scenario, you can deploy updated firmware through a USB drive to ensure that when the operating system deployment is initiated, the network boot is quick, and deployment can complete in a timely fashion. To create a USB drive to update Surface Pro 3 firmware, see [How to Update the Surface Pro 3 Firmware Offline using a USB Drive](http://go.microsoft.com/fwlink/p/?LinkId=618189) on the Ask Premier Field Engineering (PFE) Platforms TechNet Blog.
+In some early versions of Surface Pro 3 firmware, PXE boot performance can be quite slow. This has been resolved with updated firmware, but for organizations where firmware will be updated through operating system deployment, this issue is encountered before the updates can be deployed to the device. In this scenario, you can deploy updated firmware through a USB drive to ensure that when the operating system deployment is initiated, the network boot is quick, and deployment can complete in a timely fashion. To create a USB drive to update Surface Pro 3 firmware, see [How to Update the Surface Pro 3 Firmware Offline using a USB Drive](https://go.microsoft.com/fwlink/p/?LinkId=618189) on the Ask Premier Field Engineering (PFE) Platforms TechNet Blog.
diff --git a/devices/surface/microsoft-surface-data-eraser.md b/devices/surface/microsoft-surface-data-eraser.md
index b379604c7c..d885af5dd9 100644
--- a/devices/surface/microsoft-surface-data-eraser.md
+++ b/devices/surface/microsoft-surface-data-eraser.md
@@ -16,7 +16,7 @@ author: miladCA
Find out how the Microsoft Surface Data Eraser tool can help you securely wipe data from your Surface devices.
-[Microsoft Surface Data Eraser](http://go.microsoft.com/fwlink/p/?LinkId=691148) is a tool that boots from a USB stick and allows you to perform a secure wipe of all data from a compatible Surface device. A Microsoft Surface Data Eraser USB stick requires only the ability to boot from USB. The USB tool is easy to create by using the provided wizard, the Microsoft Surface Data Eraser Wrapper, and is easy to use with a simple graphic interface, no command line needed. To learn more about the data wiping capabilities and practices Microsoft uses during the service process for Surface, see [Protecting your data if you send your Surface in for service](http://go.microsoft.com/fwlink/p/?LinkId=691222).
+[Microsoft Surface Data Eraser](https://go.microsoft.com/fwlink/p/?LinkId=691148) is a tool that boots from a USB stick and allows you to perform a secure wipe of all data from a compatible Surface device. A Microsoft Surface Data Eraser USB stick requires only the ability to boot from USB. The USB tool is easy to create by using the provided wizard, the Microsoft Surface Data Eraser Wrapper, and is easy to use with a simple graphic interface, no command line needed. To learn more about the data wiping capabilities and practices Microsoft uses during the service process for Surface, see [Protecting your data if you send your Surface in for service](https://go.microsoft.com/fwlink/p/?LinkId=691222).
Compatible Surface devices include:
diff --git a/devices/surface/microsoft-surface-deployment-accelerator.md b/devices/surface/microsoft-surface-deployment-accelerator.md
index 28bbfd35f7..169358ad9a 100644
--- a/devices/surface/microsoft-surface-deployment-accelerator.md
+++ b/devices/surface/microsoft-surface-deployment-accelerator.md
@@ -20,13 +20,13 @@ SDA includes a wizard that automates the creation and configuration of a Microso
SDA is built on the powerful suite of deployment tools available from Microsoft including the Windows Assessment and Deployment Kit (ADK), the Microsoft Deployment Toolkit (MDT), and Windows Deployment Services (WDS). The resulting deployment share encompasses the recommended best practices for managing drivers during deployment and automating image creation and can serve as a starting point upon which you build your own customized deployment solution.
-You can find more information about how to deploy to Surface devices, including step-by-step walkthroughs of customized deployment solution implementation, on the Deploy page of the [Surface TechCenter](http://go.microsoft.com/fwlink/p/?LinkId=691693).
+You can find more information about how to deploy to Surface devices, including step-by-step walkthroughs of customized deployment solution implementation, on the Deploy page of the [Surface TechCenter](https://go.microsoft.com/fwlink/p/?LinkId=691693).
**Download Microsoft Surface Deployment Accelerator**
You can download the installation files for SDA from the Microsoft Download Center. To download the installation files:
-1. Go to the [Surface Tools for IT](http://go.microsoft.com/fwlink/p/?LinkId=618121) page on the Microsoft Download Center.
+1. Go to the [Surface Tools for IT](https://go.microsoft.com/fwlink/p/?LinkId=618121) page on the Microsoft Download Center.
2. Click the **Download** button, select the **Surface\_Deployment\_Accelerator\_xxxx.msi** file, and then click **Next**.
@@ -60,7 +60,7 @@ As you progress through the SDA wizard, you will be asked some basic questions a
When the SDA completes, you can use the deployment share to deploy over the network immediately. Simply boot your Surface device from the network using a Surface Ethernet Adapter and select the Surface deployment share you created with the SDA wizard. Select the **1- Deploy Microsoft Surface** task sequence and the wizard will walk you through an automated deployment of Windows to your Surface device.
-You can modify the task sequence in the MDT Deployment Workbench to [include your own apps](http://go.microsoft.com/fwlink/p/?linkid=691700), or to [pause the automated installation routine](http://go.microsoft.com/fwlink/p/?linkid=691701). While the installation is paused, you can make changes to customize your reference image. After the image is captured, you can configure a deployment task sequence and distribute this custom configuration by using the same network boot capabilities as before.
+You can modify the task sequence in the MDT Deployment Workbench to [include your own apps](https://go.microsoft.com/fwlink/p/?linkid=691700), or to [pause the automated installation routine](https://go.microsoft.com/fwlink/p/?linkid=691701). While the installation is paused, you can make changes to customize your reference image. After the image is captured, you can configure a deployment task sequence and distribute this custom configuration by using the same network boot capabilities as before.
>**Note:** With SDA v1.9.0258, Surface Pro 3, Surface Pro 4, and Surface Book are supported for Windows 10 deployment, and Surface Pro 3 is supported for Windows 8.1 deployment.
diff --git a/devices/surface/step-by-step-surface-deployment-accelerator.md b/devices/surface/step-by-step-surface-deployment-accelerator.md
index 3e6df89af7..2024ee1ca9 100644
--- a/devices/surface/step-by-step-surface-deployment-accelerator.md
+++ b/devices/surface/step-by-step-surface-deployment-accelerator.md
@@ -21,7 +21,7 @@ This article shows you how to install Microsoft Surface Deployment Accelerator (
For information about prerequisites and instructions for how to download and install SDA, see [Microsoft Surface Deployment Accelerator](microsoft-surface-deployment-accelerator.md).
-1. Download SDA, which is included in [Surface Tools for IT](http://go.microsoft.com/fwlink/p/?LinkId=618121) on the Microsoft Download Center.
+1. Download SDA, which is included in [Surface Tools for IT](https://go.microsoft.com/fwlink/p/?LinkId=618121) on the Microsoft Download Center.
2. Run the SDA installation file, named **Surface\_Deployment\_Accelerator\_*xxxx*.msi**, where *xxxx* is the current version number.
@@ -77,7 +77,7 @@ The following steps show you how to create a deployment share for Windows 10 th
- **Windows 10 Deployment Services**
- - Select the **Import boot media into the local Windows Deployment Service** check box if you would like to boot your Surface devices from the network to perform the Windows deployment. Windows Deployment Services must be installed and configured to respond to PXE boot requests. See [Windows Deployment Services Getting Started Guide for Windows Server 2012](http://go.microsoft.com/fwlink/p/?LinkId=761072) for more information about how to configure Windows Deployment Services for PXE boot.
+ - Select the **Import boot media into the local Windows Deployment Service** check box if you would like to boot your Surface devices from the network to perform the Windows deployment. Windows Deployment Services must be installed and configured to respond to PXE boot requests. See [Windows Deployment Services Getting Started Guide for Windows Server 2012](https://go.microsoft.com/fwlink/p/?LinkId=761072) for more information about how to configure Windows Deployment Services for PXE boot.
- **Windows 10 Source Files**
@@ -147,7 +147,7 @@ You can use USB media to perform an SDA deployment if your Surface device is una
-Before you can create bootable media files within the MDT Deployment Workbench or copy those files to a USB drive, you must first configure that USB drive to be bootable. Using [DiskPart](http://go.microsoft.com/fwlink/p/?LinkId=761073), create a partition, format the partition as FAT32, and set the partition to be active. To run DiskPart, open an administrative PowerShell or Command Prompt window, and then run the following sequence of commands, as shown in Figure 7:
+Before you can create bootable media files within the MDT Deployment Workbench or copy those files to a USB drive, you must first configure that USB drive to be bootable. Using [DiskPart](https://go.microsoft.com/fwlink/p/?LinkId=761073), create a partition, format the partition as FAT32, and set the partition to be active. To run DiskPart, open an administrative PowerShell or Command Prompt window, and then run the following sequence of commands, as shown in Figure 7:
1. **diskpart** – Opens DiskPart to manage disks and partitions.
diff --git a/devices/surface/surface-diagnostic-toolkit.md b/devices/surface/surface-diagnostic-toolkit.md
index 283a22273c..fcf3eb8f6b 100644
--- a/devices/surface/surface-diagnostic-toolkit.md
+++ b/devices/surface/surface-diagnostic-toolkit.md
@@ -16,7 +16,7 @@ author: miladCA
Find out how you can use the Microsoft Surface Diagnostic Toolkit to test the hardware of your Surface device.
-The [Microsoft Surface Diagnostic Toolkit](http://go.microsoft.com/fwlink/p/?LinkId=618121) is a small, portable diagnostic tool that runs through a suite of tests to diagnose the hardware of Surface devices. The Microsoft Surface Diagnostic Toolkit executable file is less than 3 MB, which allows it to be distributed through email. It does not require installation, so it can be run directly from a USB stick or over the network. The Microsoft Surface Diagnostic Toolkit walks you through several tests of individual components including the touchscreen, cameras, and sensors.
+The [Microsoft Surface Diagnostic Toolkit](https://go.microsoft.com/fwlink/p/?LinkId=618121) is a small, portable diagnostic tool that runs through a suite of tests to diagnose the hardware of Surface devices. The Microsoft Surface Diagnostic Toolkit executable file is less than 3 MB, which allows it to be distributed through email. It does not require installation, so it can be run directly from a USB stick or over the network. The Microsoft Surface Diagnostic Toolkit walks you through several tests of individual components including the touchscreen, cameras, and sensors.
>**Note:** A Surface device must boot into Windows to run the Microsoft Surface Diagnostic Toolkit. The Microsoft Surface Diagnostic Toolkit will run only on the following Surface devices:
@@ -123,7 +123,7 @@ This test checks for any outstanding Windows updates and will prompt you to inst
#### Device information
-This test reads the Device ID and serial number in addition to basic system information such as device model, operating system version, processor, memory, and storage. The Device ID is recorded in the name of the log file and can be used to identify a log file for a specific device. Several system log files are also collected, including update and rollback logs, and output from several Windows built-in tools, such as [DirectX Diagnostics](http://go.microsoft.com/fwlink/p/?LinkId=746476) and [System Information](http://go.microsoft.com/fwlink/p/?LinkId=746477), power configuration, disk health, and event logs. See the following list for a full set of collected log files:
+This test reads the Device ID and serial number in addition to basic system information such as device model, operating system version, processor, memory, and storage. The Device ID is recorded in the name of the log file and can be used to identify a log file for a specific device. Several system log files are also collected, including update and rollback logs, and output from several Windows built-in tools, such as [DirectX Diagnostics](https://go.microsoft.com/fwlink/p/?LinkId=746476) and [System Information](https://go.microsoft.com/fwlink/p/?LinkId=746477), power configuration, disk health, and event logs. See the following list for a full set of collected log files:
- Output of **Get-WindowsUpdateLog** if the operating system is Windows 10
@@ -350,11 +350,11 @@ The Windows System Assessment Tool (WinSAT) runs a series of benchmarks against
#### Performance Monitor test
-Performance and diagnostic trace logs are recorded from Performance Monitor for 30 seconds and collected in the .zip file output of the Microsoft Surface Diagnostic Toolkit by this test. You can analyze these trace logs with the [Windows Performance Analyzer](http://go.microsoft.com/fwlink/p/?LinkId=746486) to identify causes of application crashes, performance issues, or other undesirable behavior in Windows.
+Performance and diagnostic trace logs are recorded from Performance Monitor for 30 seconds and collected in the .zip file output of the Microsoft Surface Diagnostic Toolkit by this test. You can analyze these trace logs with the [Windows Performance Analyzer](https://go.microsoft.com/fwlink/p/?LinkId=746486) to identify causes of application crashes, performance issues, or other undesirable behavior in Windows.
#### Crash dump collection
-If your Surface device has encountered an error that caused the device to fail or produce a blue screen error, this stage of the Microsoft Surface Diagnostic Toolkit records the information from the automatically recorded crash dump files in the diagnostic log. You can use these crash dump files to identify a faulty driver, hardware component, or application through analysis. Use the [Windows Debugging Tool](http://go.microsoft.com/fwlink/p/?LinkId=746488) to analyze these files. If you are not familiar with the analysis of crash dump files, you can describe your issue and post a link to your crash dump files (uploaded to OneDrive or another file sharing service) in the [Windows TechNet Forums](http://go.microsoft.com/fwlink/p/?LinkId=746489).
+If your Surface device has encountered an error that caused the device to fail or produce a blue screen error, this stage of the Microsoft Surface Diagnostic Toolkit records the information from the automatically recorded crash dump files in the diagnostic log. You can use these crash dump files to identify a faulty driver, hardware component, or application through analysis. Use the [Windows Debugging Tool](https://go.microsoft.com/fwlink/p/?LinkId=746488) to analyze these files. If you are not familiar with the analysis of crash dump files, you can describe your issue and post a link to your crash dump files (uploaded to OneDrive or another file sharing service) in the [Windows TechNet Forums](https://go.microsoft.com/fwlink/p/?LinkId=746489).
#### Connected standby text
diff --git a/devices/surface/surface-dock-updater.md b/devices/surface/surface-dock-updater.md
index f9e106cf2d..91d4411699 100644
--- a/devices/surface/surface-dock-updater.md
+++ b/devices/surface/surface-dock-updater.md
@@ -16,7 +16,7 @@ author: jobotto
This article provides a detailed walkthrough of Microsoft Surface Dock Updater.
-The [Microsoft Surface Dock Updater](http://go.microsoft.com/fwlink/p/?LinkId=618121) tool allows you to check the firmware status of a Surface Dock and to manually update the firmware of Surface Dock devices. It is most often used to update Surface Docks prior to deployment of those Surface Docks to end users or as a troubleshooting tool. Microsoft Surface Dock Updater walks you through the process of updating the firmware on one or more Surface Docks, including the required connect and disconnect steps to perform the complete firmware installation.
+The [Microsoft Surface Dock Updater](https://go.microsoft.com/fwlink/p/?LinkId=618121) tool allows you to check the firmware status of a Surface Dock and to manually update the firmware of Surface Dock devices. It is most often used to update Surface Docks prior to deployment of those Surface Docks to end users or as a troubleshooting tool. Microsoft Surface Dock Updater walks you through the process of updating the firmware on one or more Surface Docks, including the required connect and disconnect steps to perform the complete firmware installation.
When you run the Microsoft Surface Dock Updater installer you will be prompted to accept an End User License Agreement (EULA).
@@ -25,7 +25,7 @@ When you run the Microsoft Surface Dock Updater installer you will be prompted t
## Update a Surface Dock with Microsoft Surface Dock Updater
-After you install the [Microsoft Surface Dock Updater](http://go.microsoft.com/fwlink/p/?LinkId=618121) tool, you can find Microsoft Surface Dock Updater under **All Apps** in your Start menu. Click **Microsoft Surface Dock Updater** to start the application.
+After you install the [Microsoft Surface Dock Updater](https://go.microsoft.com/fwlink/p/?LinkId=618121) tool, you can find Microsoft Surface Dock Updater under **All Apps** in your Start menu. Click **Microsoft Surface Dock Updater** to start the application.
To update a Surface Dock with Microsoft Surface Dock Updater, follow these steps:
diff --git a/education/windows/chromebook-migration-guide.md b/education/windows/chromebook-migration-guide.md
index 428efd3e77..81002929b2 100644
--- a/education/windows/chromebook-migration-guide.md
+++ b/education/windows/chromebook-migration-guide.md
@@ -260,7 +260,7 @@ Assign the setting-migration priority based on how critical the setting is to th
Many of your users may be using Google Apps Gmail to manage their email, calendars, and contacts. You need to create the list of users you will migrate and the best time to perform the migration.
-Office 365 supports automated migration from Google Apps Gmail to Office 365. For more information, see [Migrate Google Apps mailboxes to Office 365](http://go.microsoft.com/fwlink/p/?LinkId=690252).
+Office 365 supports automated migration from Google Apps Gmail to Office 365. For more information, see [Migrate Google Apps mailboxes to Office 365](https://go.microsoft.com/fwlink/p/?LinkId=690252).
**Identify the list of user mailboxes to migrate**
@@ -268,7 +268,7 @@ In regards to creating the list of users you will migrate, it might seem that th
Also, when you perform a migration it is a great time to verify that all user mailboxes are active. In many environments there are a significant number of mailboxes that were provisioned for users that are no longer a part of the institution (such as interns or student assistants). You can eliminate these users from your list of user mailboxes to migrate.
-Create your list of user mailboxes to migrate in Excel 2016 based on the format described in step 7 in [Create a list of Gmail mailboxes to migrate](http://go.microsoft.com/fwlink/p/?LinkId=690253). If you follow this format, you can use the Microsoft Excel spreadsheet to perform the actual migration later in the process.
+Create your list of user mailboxes to migrate in Excel 2016 based on the format described in step 7 in [Create a list of Gmail mailboxes to migrate](https://go.microsoft.com/fwlink/p/?LinkId=690253). If you follow this format, you can use the Microsoft Excel spreadsheet to perform the actual migration later in the process.
**Identify companion devices that access Google Apps Gmail**
@@ -276,7 +276,7 @@ In addition to Chromebook devices, users may have companion devices (smartphones
After you have identified each companion device, verify the settings for the device that are used to access Office 365. You only need to test one type of each companion device. For example, if users use Android phones to access Google Apps Gmail mailboxes, configure the device to access Office 365 and then record those settings. You can publish those settings on a website or to your helpdesk staff so that users will know how to access their Office 365 mailbox.
-In most instances, users will only need to provide in their Office 365 email account and password. However, you should verify this on each type of companion device. For more information about how to configure a companion device to work with Office 365, see [Compare how different mobile devices work with Office 365](http://go.microsoft.com/fwlink/p/?LinkId=690254).
+In most instances, users will only need to provide in their Office 365 email account and password. However, you should verify this on each type of companion device. For more information about how to configure a companion device to work with Office 365, see [Compare how different mobile devices work with Office 365](https://go.microsoft.com/fwlink/p/?LinkId=690254).
**Identify the optimal timing for the migration**
@@ -630,11 +630,11 @@ Examine each of the following network infrastructure technologies and services a
For more information that compares Internet bandwidth consumption for Chromebook and Windows devices, see the following resources:
- - [Chromebook vs. Windows Notebook Network Traffic Analysis](http://go.microsoft.com/fwlink/p/?LinkId=690255)
+ - [Chromebook vs. Windows Notebook Network Traffic Analysis](https://go.microsoft.com/fwlink/p/?LinkId=690255)
- - [Hidden Cost of Chromebook Deployments](http://go.microsoft.com/fwlink/p/?LinkId=690256)
+ - [Hidden Cost of Chromebook Deployments](https://go.microsoft.com/fwlink/p/?LinkId=690256)
- - [Microsoft Windows 8.1 Notebook vs. Chromebooks for Education](http://go.microsoft.com/fwlink/p/?LinkId=690257)
+ - [Microsoft Windows 8.1 Notebook vs. Chromebooks for Education](https://go.microsoft.com/fwlink/p/?LinkId=690257)
- **Power.** Although not specifically a network infrastructure, you need to ensure your classrooms have adequate power. Chromebook and Windows devices should consume similar amounts of power. This means that your existing power outlets should support the same number of Windows devices.
@@ -675,15 +675,15 @@ Table 7. Network infrastructure products and technologies and deployment resourc
| DHCP |
-[Core Network Guide](http://go.microsoft.com/fwlink/p/?LinkId=733920) [DHCP Deployment Guide](http://go.microsoft.com/fwlink/p/?LinkId=734021) [Core Network Guide](https://go.microsoft.com/fwlink/p/?LinkId=733920) [DHCP Deployment Guide](https://go.microsoft.com/fwlink/p/?LinkId=734021) |
| DNS |
-[Core Network Guide](http://go.microsoft.com/fwlink/p/?LinkId=733920) [Deploying Domain Name System (DNS)](http://go.microsoft.com/fwlink/p/?LinkId=734022) [Core Network Guide](https://go.microsoft.com/fwlink/p/?LinkId=733920) [Deploying Domain Name System (DNS)](https://go.microsoft.com/fwlink/p/?LinkId=734022) |
@@ -717,16 +717,16 @@ Table 8. AD DS, Azure AD and deployment resources
| AD DS |
-[Core Network Guide](http://go.microsoft.com/fwlink/p/?LinkId=733920) [Active Directory Domain Services Overview](http://go.microsoft.com/fwlink/p/?LinkId=733909) [Core Network Guide](https://go.microsoft.com/fwlink/p/?LinkId=733920) [Active Directory Domain Services Overview](https://go.microsoft.com/fwlink/p/?LinkId=733909) |
| Azure AD |
-[Azure Active Directory documentation](http://go.microsoft.com/fwlink/p/?LinkId=690258) [Manage and support Azure Active Directory Premium](http://go.microsoft.com/fwlink/p/?LinkId=690259) [Guidelines for Deploying Windows Server Active Directory on Azure Virtual Machines](http://go.microsoft.com/fwlink/p/?LinkId=690260) [Azure Active Directory documentation](https://go.microsoft.com/fwlink/p/?LinkId=690258) [Manage and support Azure Active Directory Premium](https://go.microsoft.com/fwlink/p/?LinkId=690259) [Guidelines for Deploying Windows Server Active Directory on Azure Virtual Machines](https://go.microsoft.com/fwlink/p/?LinkId=690260) |
@@ -760,38 +760,38 @@ Table 9. Management systems and deployment resources
| Windows provisioning packages |
-[Build and apply a provisioning package](http://go.microsoft.com/fwlink/p/?LinkId=733918) [Windows Imaging and Configuration Designer](http://go.microsoft.com/fwlink/p/?LinkId=733911) [Step-By-Step: Building Windows 10 Provisioning Packages](http://go.microsoft.com/fwlink/p/?LinkId=690261) [Build and apply a provisioning package](https://go.microsoft.com/fwlink/p/?LinkId=733918) [Windows Imaging and Configuration Designer](https://go.microsoft.com/fwlink/p/?LinkId=733911) [Step-By-Step: Building Windows 10 Provisioning Packages](https://go.microsoft.com/fwlink/p/?LinkId=690261) |
| Group Policy |
-[Core Network Companion Guide: Group Policy Deployment](http://go.microsoft.com/fwlink/p/?LinkId=733915) [Deploying Group Policy](http://go.microsoft.com/fwlink/p/?LinkId=734024) [Core Network Companion Guide: Group Policy Deployment](https://go.microsoft.com/fwlink/p/?LinkId=733915) [Deploying Group Policy](https://go.microsoft.com/fwlink/p/?LinkId=734024) |
| Configuration Manager |
-[Site Administration for System Center 2012 Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=733914) [Deploying Clients for System Center 2012 Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=733919) [Site Administration for System Center 2012 Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=733914) [Deploying Clients for System Center 2012 Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=733919) |
| Intune |
-[Set up and manage devices with Microsoft Intune](http://go.microsoft.com/fwlink/p/?LinkId=690262) [Smoother Management Of Office 365 Deployments with Windows Intune](http://go.microsoft.com/fwlink/p/?LinkId=690263) [System Center 2012 R2 Configuration Manager & Windows Intune](http://go.microsoft.com/fwlink/p/?LinkId=690264) [Set up and manage devices with Microsoft Intune](https://go.microsoft.com/fwlink/p/?LinkId=690262) [Smoother Management Of Office 365 Deployments with Windows Intune](https://go.microsoft.com/fwlink/p/?LinkId=690263) [System Center 2012 R2 Configuration Manager & Windows Intune](https://go.microsoft.com/fwlink/p/?LinkId=690264) |
| MDT |
-[MDT documentation in the Microsoft Deployment Toolkit (MDT) 2013](http://go.microsoft.com/fwlink/p/?LinkId=690324) [Step-By-Step: Installing Windows 8.1 From A USB Key](http://go.microsoft.com/fwlink/p/?LinkId=690265) [MDT documentation in the Microsoft Deployment Toolkit (MDT) 2013](https://go.microsoft.com/fwlink/p/?LinkId=690324) [Step-By-Step: Installing Windows 8.1 From A USB Key](https://go.microsoft.com/fwlink/p/?LinkId=690265) |
@@ -825,23 +825,23 @@ Table 10. Management systems and app deployment resources
| Group Policy |
-[Editing an AppLocker Policy](http://go.microsoft.com/fwlink/p/?LinkId=734025) [Group Policy Software Deployment Background](http://go.microsoft.com/fwlink/p/?LinkId=734026) [Assigning and Publishing Software](http://go.microsoft.com/fwlink/p/?LinkId=734027) [Editing an AppLocker Policy](https://go.microsoft.com/fwlink/p/?LinkId=734025) [Group Policy Software Deployment Background](https://go.microsoft.com/fwlink/p/?LinkId=734026) [Assigning and Publishing Software](https://go.microsoft.com/fwlink/p/?LinkId=734027) |
| Configuration Manager |
-[How to Deploy Applications in Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=733917) [Application Management in Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=733907) [How to Deploy Applications in Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=733917) [Application Management in Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=733907) |
| Intune |
-[Deploy apps to mobile devices in Microsoft Intune](http://go.microsoft.com/fwlink/p/?LinkId=733913) [Manage apps with Microsoft Intune](http://go.microsoft.com/fwlink/p/?LinkId=733910) [Deploy apps to mobile devices in Microsoft Intune](https://go.microsoft.com/fwlink/p/?LinkId=733913) [Manage apps with Microsoft Intune](https://go.microsoft.com/fwlink/p/?LinkId=733910) |
@@ -873,17 +873,17 @@ If you do no want to migrate any user or device settings from the Chromebook dev
In the [Plan for email migration](#plan-email-migrate) section, you identified the user mailboxes to migrate, identified the companion devices that access Google Apps Gmail, and identified the optimal timing for migration. You can perform this migration before or after you deploy the Windows devices.
-Office 365 supports automated migration from Google Apps Gmail to Office 365. For more information on how to automate the migration from Google Apps Gmail to Office 365, see [Migrate Google Apps mailboxes to Office 365](http://go.microsoft.com/fwlink/p/?LinkId=690252).
+Office 365 supports automated migration from Google Apps Gmail to Office 365. For more information on how to automate the migration from Google Apps Gmail to Office 365, see [Migrate Google Apps mailboxes to Office 365](https://go.microsoft.com/fwlink/p/?LinkId=690252).
Alternatively, if you want to migrate to Office 365 from:
- **On-premises Microsoft Exchange Server.** Use the following resources to migrate to Office 365 from an on-premises Microsoft Exchange Server:
- - [Cutover Exchange Migration and Single Sign-On](http://go.microsoft.com/fwlink/p/?LinkId=690266)
+ - [Cutover Exchange Migration and Single Sign-On](https://go.microsoft.com/fwlink/p/?LinkId=690266)
- - [Step-By-Step: Migration of Exchange 2003 Server to Office 365](http://go.microsoft.com/fwlink/p/?LinkId=690267)
+ - [Step-By-Step: Migration of Exchange 2003 Server to Office 365](https://go.microsoft.com/fwlink/p/?LinkId=690267)
- - [Step-By-Step: Migrating from Exchange 2007 to Office 365](http://go.microsoft.com/fwlink/p/?LinkId=690268)
+ - [Step-By-Step: Migrating from Exchange 2007 to Office 365](https://go.microsoft.com/fwlink/p/?LinkId=690268)
- **Another on-premises or cloud-based email service.** Follow the guidance from that vendor.
@@ -924,15 +924,15 @@ For example, if you selected to deploy Windows devices by each classroom, start
In some instances, you may receive the devices with Windows 10 already deployed, and want to use provisioning packages. In other cases, you may have a custom Windows 10 image that you want to deploy to the devices by using Configuration Manager and/or MDT. For information on how to deploy Windows 10 images to the devices, see the following resources:
-- [Windows Imaging and Configuration Designer](http://go.microsoft.com/fwlink/p/?LinkId=733911)
+- [Windows Imaging and Configuration Designer](https://go.microsoft.com/fwlink/p/?LinkId=733911)
-- [Build and apply a provisioning package](http://go.microsoft.com/fwlink/p/?LinkId=733918)
+- [Build and apply a provisioning package](https://go.microsoft.com/fwlink/p/?LinkId=733918)
-- [MDT documentation in the Microsoft Deployment Toolkit (MDT) 2013](http://go.microsoft.com/fwlink/p/?LinkId=690324)
+- [MDT documentation in the Microsoft Deployment Toolkit (MDT) 2013](https://go.microsoft.com/fwlink/p/?LinkId=690324)
-- [Step-By-Step: Installing Windows 8.1 From A USB Key](http://go.microsoft.com/fwlink/p/?LinkId=690265)
+- [Step-By-Step: Installing Windows 8.1 From A USB Key](https://go.microsoft.com/fwlink/p/?LinkId=690265)
-- [Operating System Deployment in Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=733916)
+- [Operating System Deployment in Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=733916)
In addition to the Windows 10 image deployment, you may need to perform the following tasks as a part of device deployment:
@@ -949,9 +949,9 @@ After you complete these steps, your management system should take over the day-
## Related topics
-[Try it out: Windows 10 deployment (for education)](http://go.microsoft.com/fwlink/p/?LinkId=623254)
+[Try it out: Windows 10 deployment (for education)](https://go.microsoft.com/fwlink/p/?LinkId=623254)
-[Try it out: Windows 10 in the classroom](http://go.microsoft.com/fwlink/p/?LinkId=623255)
+[Try it out: Windows 10 in the classroom](https://go.microsoft.com/fwlink/p/?LinkId=623255)
diff --git a/education/windows/deploy-windows-10-in-a-school.md b/education/windows/deploy-windows-10-in-a-school.md
index 53a866f3b8..b819adf9a0 100644
--- a/education/windows/deploy-windows-10-in-a-school.md
+++ b/education/windows/deploy-windows-10-in-a-school.md
@@ -1257,8 +1257,8 @@ Now, you have identified the tasks you need to perform monthly, at the end of an
##Related resources
-- [Try it out: Windows 10 deployment (for educational institutions)](http://go.microsoft.com/fwlink/p/?LinkId=623254)
-- [Try it out: Windows 10 in the classroom](http://go.microsoft.com/fwlink/p/?LinkId=623255)
-- [Chromebook migration guide](http://go.microsoft.com/fwlink/p/?LinkId=623249)
+- [Try it out: Windows 10 deployment (for educational institutions)](https://go.microsoft.com/fwlink/p/?LinkId=623254)
+- [Try it out: Windows 10 in the classroom](https://go.microsoft.com/fwlink/p/?LinkId=623255)
+- [Chromebook migration guide](https://go.microsoft.com/fwlink/p/?LinkId=623249)
diff --git a/education/windows/edu-deployment-recommendations.md b/education/windows/edu-deployment-recommendations.md
index 28792bb055..20539db158 100644
--- a/education/windows/edu-deployment-recommendations.md
+++ b/education/windows/edu-deployment-recommendations.md
@@ -13,7 +13,7 @@ author: CelesteDG
- Windows 10
-Your privacy is important to us, so we want to provide you with ways to customize the OS privacy settings, as well as some of the apps, so that you can choose what information is shared with Microsoft. To learn more about Microsoft’s commitment to privacy, see [Windows 10 and privacy](http://go.microsoft.com/fwlink/?LinkId=809305).
+Your privacy is important to us, so we want to provide you with ways to customize the OS privacy settings, as well as some of the apps, so that you can choose what information is shared with Microsoft. To learn more about Microsoft’s commitment to privacy, see [Windows 10 and privacy](https://go.microsoft.com/fwlink/?LinkId=809305).
Here are some best practices and specific privacy settings we’d like you to be aware of.
@@ -28,8 +28,8 @@ Keep these best practices in mind when deploying any edition of Windows 10 in sc
## Windows 10 Contacts privacy settings
If you’re an IT administrator who deploys Windows 10 in a school or district, we recommend that you review these deployment resources to make informed decisions about how you can configure telemetry for your school or district:
-* [Configure Windows telemetry in your organization](http://go.microsoft.com/fwlink/?LinkId=817241) - Describes the types of telemetry we gather and the ways you can manage this data.
-* [Manage connections from Windows operating system components to Microsoft services](http://go.microsoft.com/fwlink/?LinkId=817240) - Learn about network connections that Windows components make to Microsoft and also the privacy settings (such as location, camera, messaging, and more) that affect data that is shared with either Microsoft or apps and how you can manage this data.
+* [Configure Windows telemetry in your organization](https://go.microsoft.com/fwlink/?LinkId=817241) - Describes the types of telemetry we gather and the ways you can manage this data.
+* [Manage connections from Windows operating system components to Microsoft services](https://go.microsoft.com/fwlink/?LinkId=817240) - Learn about network connections that Windows components make to Microsoft and also the privacy settings (such as location, camera, messaging, and more) that affect data that is shared with either Microsoft or apps and how you can manage this data.
In particular, the **Contacts** area in the **Settings** > **Privacy** section lets you choose which apps can access a student’s contacts list. By default, this setting is turned on.
@@ -70,7 +70,7 @@ To allow only certain apps to have access to contacts, you can:
Skype Preview (a Universal Windows Platform [UWP] preview app) and Xbox are preinstalled as part of Windows 10.
-The Skype app replaces the integration of Skype features into Skype video and Messaging apps on Windows PCs and large tablets. The Skype app provides all these features in one place and lets users have a single place to manage both their chat and voice conversations so they can take better advantage of their screen. For information about the new Skype UWP app preview, see this [FAQ](http://go.microsoft.com/fwlink/?LinkId=821441).
+The Skype app replaces the integration of Skype features into Skype video and Messaging apps on Windows PCs and large tablets. The Skype app provides all these features in one place and lets users have a single place to manage both their chat and voice conversations so they can take better advantage of their screen. For information about the new Skype UWP app preview, see this [FAQ](https://go.microsoft.com/fwlink/?LinkId=821441).
With the Xbox app, students can use their Xbox profiles to play and make progress on their games using their Windows-based device. They can also unlock achievements and show off to their friends with game clips and screenshots. The Xbox app requires a Microsoft account, which is a personal account.
@@ -104,16 +104,16 @@ The profile page includes these sections:
#### Xbox
A user’s Xbox friends and their friends’ friends can see their real name and profile. By default, the Xbox privacy settings enforce that no personal identifying information of a minor is shared on the Xbox Live network, although adults in the child’s family can change these default settings to allow it to be more permissive.
-To learn more about how families can manage security and privacy settings on Xbox, see this [Xbox article on security](http://go.microsoft.com/fwlink/?LinkId=821445).
+To learn more about how families can manage security and privacy settings on Xbox, see this [Xbox article on security](https://go.microsoft.com/fwlink/?LinkId=821445).
### Delete an account if username is identifying
If you want to delete either (or both) the Skype and the Xbox accounts, here’s how to do it.
#### Skype
-To delete a Skype account, you can follow the instructions here: [How do I close my Skype account?](http://go.microsoft.com/fwlink/?LinkId=816515)
+To delete a Skype account, you can follow the instructions here: [How do I close my Skype account?](https://go.microsoft.com/fwlink/?LinkId=816515)
-If you need help deleting the account, you can contact Skype customer service by going to the [Skype support request page](http://go.microsoft.com/fwlink/?LinkId=816519). You may need to sign in and specify a Skype account. Once you’ve signed in, you can:
+If you need help deleting the account, you can contact Skype customer service by going to the [Skype support request page](https://go.microsoft.com/fwlink/?LinkId=816519). You may need to sign in and specify a Skype account. Once you’ve signed in, you can:
1. Select a help topic (**Account and Password**)
2. Select a related problem (**Deleting an account**)
3. Click **Next**.
@@ -121,7 +121,7 @@ If you need help deleting the account, you can contact Skype customer service by
#### Xbox
-To delete an Xbox account, you can follow the instructions here: [How to delete your Microsoft account and personal information associated with it](http://go.microsoft.com/fwlink/?LinkId=816521).
+To delete an Xbox account, you can follow the instructions here: [How to delete your Microsoft account and personal information associated with it](https://go.microsoft.com/fwlink/?LinkId=816521).
## Related topics
[Deploy Windows 10 in a school](deploy-windows-10-in-a-school.md)
diff --git a/education/windows/images/wsfb-minecraft-vl.png b/education/windows/images/wsfb-minecraft-vl.png
new file mode 100644
index 0000000000..e3fe6de6d7
Binary files /dev/null and b/education/windows/images/wsfb-minecraft-vl.png differ
diff --git a/education/windows/school-get-minecraft.md b/education/windows/school-get-minecraft.md
index 5c18b9e201..e1d8f75c0d 100644
--- a/education/windows/school-get-minecraft.md
+++ b/education/windows/school-get-minecraft.md
@@ -20,6 +20,12 @@ When you sign up for early access to [Minecraft Education Edition](http://educat
## Add Minecraft to your Windows Store for Business
+You can start with the Minecraft: Education Edition trial to get individual copies of the app. For more information, see [Minecraft: Education Edition - individual copies](#individual-copies).
+
+If you’ve been approved and are part of the Enrollment for Education Solutions program, you can purchase a volume license for Minecraft: Education Edition. For more information, see [Minecraft: Education Edition - volume license](#volume-license)
+
+### Minecraft: Education Edition - individual copies
+
1. Go to [http://education.minecraft.net/](http://education.minecraft.net/) and select **Get the app**.
@@ -42,15 +48,33 @@ When you sign up for early access to [Minecraft Education Edition](http://educat
-## Distribute Minecraft
+Now that the app is in your Store for Business inventory, you can choose how to distribute Minecraft. For more information on distribution options, see [Distribute Minecraft](#distribute-minecraft).
+
+### Minecraft: Education Edition - volume license
+
+Qualified education institutions can purchase Minecraft: Education Edition volume licenses through their Microsoft channel partner. Schools need to be part of the Enrollment for Education Solutions program. Educational institutions should work with their channel partner to determine which Minecraft: Education Edition licensing offer is best for their institution. The process looks like this:
+
+- Your channel partner will submit and process your volume license order, your licenses will be shown on [Volume Licensing Service Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx), and the copies will be available in [Windows Store for Business](https://www.microsoft.com/business-store) inventory.
+- You’ll receive an email with a link to Windows Store for Business.
+- Sign in to [Windows Store for Business](https://www.microsoft.com/business-store) to distribute and manage the Minecraft: Education Edition licenses. For more information on distribution options, see [Distribute Minecraft](#distribute-minecraft)
+
+## Distribute Minecraft
After Minecraft Education Edition is added to your Windows Store for Business, you have three options:
- You can install the app on your PC.
-- You can assign the app to others.
-- You can download the app to distribute.
+- You can assign the app to others.
+- You can download the app to distribute.
-
+Admins can also add Minecraft: Education Edition to the private store. This allows people in your organization to install the app from the private store. For more information, see [Distribute apps using your private store](https://technet.microsoft.com/itpro/windows/manage/distribute-apps-from-your-private-store).
+
+Here's the page you'll see for individual copies of **Minecraft: Education Edition**.
+
+
+
+Here's the page you'll see for volume licensed copies of of **Minecraft: Education Edition**.
+
+
### Install for me
You can install the app on your PC. This gives you a chance to test the app and know how you might help others in your organization use the app.
@@ -81,22 +105,22 @@ Enter email addresses for your students, and each student will get an email with
**To finish Minecraft install (for students)**
-Students will receive an email with a link that will install the app on their PC.
+1. Students will receive an email with a link that will install the app on their PC.
-
+ 
-1. Click **Get the app** to start the app install in Windows Store app.
-2. In Windows Store app, click **Install**.
+2. Click **Get the app** to start the app install in Windows Store app.
+3. In Windows Store app, click **Install**.
- 
+ 
-After installing the app, students can find Minecraft: Education Edition in Windows Store app under **My Library**.
+ After installing the app, students can find Minecraft: Education Edition in Windows Store app under **My Library**.
-
+ 
-When students click **My Libarary** they'll find apps assigned to them.
+ When students click **My Libarary** they'll find apps assigned to them.
-
+ 
### Download for others
Download for others allows teachers or IT admins to download a packages that they can install on student PCs. This will install Minecraft: Education Edition on the PC, and allows anyone with a Windows account to use the app on that PC. This option is best for younger students, and for shared computers. Choose this option when:
@@ -157,7 +181,7 @@ Minecraft: Education Edition adds a new role for teachers: **Basic Purchaser**.
- Acquire and manage the app
- Info on Support page (including links to documentation and access to support through customer service)
-
+ 
**To assign Basic Purchaser role**
@@ -178,7 +202,7 @@ Minecraft: Education Edition adds a new role for teachers: **Basic Purchaser**.
-## Private store
+## Private store
When you create you Windows Store for Business account, you'll have a set of apps included for free in your private store. Apps in your private store are available for all people in your organization to install and use.
@@ -191,7 +215,12 @@ These apps will automatically be in your private store:
- Fresh Paint
- Minecraft: Education Edition
-As an admin, you can remove any of these apps from the private store if you'd prefer to control how apps are distributed.
+As an admin, you can remove any of these apps from the private store if you'd prefer to control how apps are distributed.
+
+## Need more copies of Minecraft: Education Edition?
+You can purchase more licenses by working with your channel partner. Licenses are available at a lower rate than the price for individual copies that are available through Windows Store for Business. Individual copies are also available through Windows Store for Business.
+
+If you’ve purchased a volume license, be sure to let other basic purchasers in your organization know about the volume license. That should help prevent unnecessary purchases of individual copies.
## Learn more
diff --git a/education/windows/set-up-students-pcs-with-apps.md b/education/windows/set-up-students-pcs-with-apps.md
index 9d3f8be882..04e110de10 100644
--- a/education/windows/set-up-students-pcs-with-apps.md
+++ b/education/windows/set-up-students-pcs-with-apps.md
@@ -208,10 +208,10 @@ On a desktop computer, navigate to **Settings** > **Accounts** > **Work ac
- [Develop Universal Windows Education apps](https://msdn.microsoft.com/windows/uwp/apps-for-education/index)
-- [Build and apply a provisioning package]( http://go.microsoft.com/fwlink/p/?LinkId=629651)
+- [Build and apply a provisioning package]( https://go.microsoft.com/fwlink/p/?LinkId=629651)
-- Watch the video: [Provisioning Windows 10 Devices with New Tools](http://go.microsoft.com/fwlink/p/?LinkId=615921)
+- Watch the video: [Provisioning Windows 10 Devices with New Tools](https://go.microsoft.com/fwlink/p/?LinkId=615921)
-- Watch the video: [Windows 10 for Mobile Devices: Provisioning Is Not Imaging](http://go.microsoft.com/fwlink/p/?LinkId=615922)
+- Watch the video: [Windows 10 for Mobile Devices: Provisioning Is Not Imaging](https://go.microsoft.com/fwlink/p/?LinkId=615922)
diff --git a/education/windows/take-a-test-multiple-pcs.md b/education/windows/take-a-test-multiple-pcs.md
index 0110e7d52c..7d5f5d6c0e 100644
--- a/education/windows/take-a-test-multiple-pcs.md
+++ b/education/windows/take-a-test-multiple-pcs.md
@@ -131,7 +131,7 @@ On the **File** menu, select **Save.**
After you allow the package to be installed, the settings will be applied to the device
-[Learn how to apply a provisioning package in audit mode or OOBE.](http://go.microsoft.com/fwlink/p/?LinkID=692012)
+[Learn how to apply a provisioning package in audit mode or OOBE.](https://go.microsoft.com/fwlink/p/?LinkID=692012)
### Set up test account in Group Policy
diff --git a/education/windows/teacher-get-minecraft.md b/education/windows/teacher-get-minecraft.md
index c9c386545b..7c7eda6f8e 100644
--- a/education/windows/teacher-get-minecraft.md
+++ b/education/windows/teacher-get-minecraft.md
@@ -148,7 +148,7 @@ If you ran **InstallMinecraftEducationEdition.bat** and Minecraft: Education Edi
| App isn't available for other users. | No restart after install. If you don't restart the PC, and just switch users the app will not be available.| Restart PC. Run **InstallMinecraftEducationEdition.bat** again. If a restart doesn't work, contact your IT Admin. |
-If you are still having trouble installing the app, you can get more help on our [Support page](http://go.microsoft.com/fwlink/?LinkID=799757).
+If you are still having trouble installing the app, you can get more help on our [Support page](https://go.microsoft.com/fwlink/?LinkID=799757).
## Related topics
diff --git a/education/windows/windows-editions-for-education-customers.md b/education/windows/windows-editions-for-education-customers.md
index adb0625f1e..539c4da7fb 100644
--- a/education/windows/windows-editions-for-education-customers.md
+++ b/education/windows/windows-editions-for-education-customers.md
@@ -15,15 +15,15 @@ localizationpriority: high
- Windows 10
-Windows 10 Anniversary Update (Windows 10, version 1607) continues our commitment to productivity, security, and privacy for all customers. Windows 10 Pro and Windows 10 Enterprise offer the functionality and safety features demanded by business and education customers around the globe. Windows 10 is the most secure Windows we’ve ever built. All of our Windows commercial editions can be configured to support the needs of schools, through group policies, domain join, and more. To learn more about Microsoft’s commitment to security and privacy in Windows 10, see more on both [security](http://go.microsoft.com/fwlink/?LinkId=822619) and [privacy](http://go.microsoft.com/fwlink/?LinkId=822620).
+Windows 10 Anniversary Update (Windows 10, version 1607) continues our commitment to productivity, security, and privacy for all customers. Windows 10 Pro and Windows 10 Enterprise offer the functionality and safety features demanded by business and education customers around the globe. Windows 10 is the most secure Windows we’ve ever built. All of our Windows commercial editions can be configured to support the needs of schools, through group policies, domain join, and more. To learn more about Microsoft’s commitment to security and privacy in Windows 10, see more on both [security](https://go.microsoft.com/fwlink/?LinkId=822619) and [privacy](https://go.microsoft.com/fwlink/?LinkId=822620).
-Windows 10, version 1607 offers a variety of new features and functionality, such as simplified provisioning with the [Set up School PCs app](http://go.microsoft.com/fwlink/?LinkID=821951) or [Windows Imaging and Configuration Designer (ICD)](http://go.microsoft.com/fwlink/?LinkId=822623), easier delivery of digital assessments with [Take a Test](http://go.microsoft.com/fwlink/?LinkID=821956), and faster log in performance for shared devices than ever before. These features work with all Windows for desktop editions, excluding Windows 10 Home. You can find more information about Windows 10, version 1607 on [windows.com](http://www.windows.com/).
+Windows 10, version 1607 offers a variety of new features and functionality, such as simplified provisioning with the [Set up School PCs app](https://go.microsoft.com/fwlink/?LinkID=821951) or [Windows Imaging and Configuration Designer (ICD)](https://go.microsoft.com/fwlink/?LinkId=822623), easier delivery of digital assessments with [Take a Test](https://go.microsoft.com/fwlink/?LinkID=821956), and faster log in performance for shared devices than ever before. These features work with all Windows for desktop editions, excluding Windows 10 Home. You can find more information about Windows 10, version 1607 on [windows.com](http://www.windows.com/).
Windows 10, version 1607 introduces two editions designed for the unique needs of K-12 institutions: [Windows 10 Pro Education](#windows-10-pro-education) and [Windows 10 Education](#windows-10-education). These editions provide education-specific default settings for the evolving landscape in K-12 education IT environments.
## Windows 10 Pro Education
-Windows 10 Pro Education builds on the commercial version of Windows 10 Pro and provides important management controls needed in schools. Windows 10 Pro Education is effectively a variant of Windows 10 Pro that provides education-specific default settings, including the removal of Cortana1. These default settings disable tips, tricks and suggestions & Windows Store suggestions. More detailed information on these default settings is available in [Manage Windows 10 and Windows Store tips, tricks and suggestions](http://go.microsoft.com/fwlink/?LinkId=822627).
+Windows 10 Pro Education builds on the commercial version of Windows 10 Pro and provides important management controls needed in schools. Windows 10 Pro Education is effectively a variant of Windows 10 Pro that provides education-specific default settings, including the removal of Cortana1. These default settings disable tips, tricks and suggestions & Windows Store suggestions. More detailed information on these default settings is available in [Manage Windows 10 and Windows Store tips, tricks and suggestions](https://go.microsoft.com/fwlink/?LinkId=822627).
Windows 10 Pro Education is available on new devices pre-installed with Windows 10, version 1607 that are purchased with discounted K-12 academic licenses through OEM partners (these discounted licenses are sometimes referred to as National Academic or Shape the Future).
@@ -31,23 +31,23 @@ Existing devices running Windows 10 Pro, currently activated with the original O
Customers with Academic Volume Licensing agreements with rights for Windows can get Windows 10 Pro Education through the [Volume Licensing Service Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx), available at a later date.
-Customers that deploy Windows 10 Pro are able to configure the product to have similar feature settings to Windows 10 Pro Education using policies. More detailed information on these policies and the configuration steps required is available in [Manage Windows 10 and Windows Store tips, tricks and suggestions](http://go.microsoft.com/fwlink/?LinkId=822627). We recommend that K-12 customers using commercial Windows 10 Pro read the [document](http://go.microsoft.com/fwlink/?LinkId=822627) and apply desired settings for your environment.
+Customers that deploy Windows 10 Pro are able to configure the product to have similar feature settings to Windows 10 Pro Education using policies. More detailed information on these policies and the configuration steps required is available in [Manage Windows 10 and Windows Store tips, tricks and suggestions](https://go.microsoft.com/fwlink/?LinkId=822627). We recommend that K-12 customers using commercial Windows 10 Pro read the [document](https://go.microsoft.com/fwlink/?LinkId=822627) and apply desired settings for your environment.
## Windows 10 Education
-Windows 10 Education builds on Windows 10 Enterprise and provides the enterprise-grade manageability and security desired by many schools. Windows 10 Education is effectively a variant of Windows 10 Enterprise that provides education-specific default settings, including the removal of Cortana1. These default settings disable tips, tricks and suggestions & Windows Store suggestions. More detailed information on these default settings is available in [Manage Windows 10 and Windows Store tips, tricks and suggestions](http://go.microsoft.com/fwlink/?LinkId=822627).
+Windows 10 Education builds on Windows 10 Enterprise and provides the enterprise-grade manageability and security desired by many schools. Windows 10 Education is effectively a variant of Windows 10 Enterprise that provides education-specific default settings, including the removal of Cortana1. These default settings disable tips, tricks and suggestions & Windows Store suggestions. More detailed information on these default settings is available in [Manage Windows 10 and Windows Store tips, tricks and suggestions](https://go.microsoft.com/fwlink/?LinkId=822627).
-Windows 10 Education is available through Microsoft Volume Licensing. Customers who are already running Windows 10 Education can upgrade to Windows 10, version 1607 through Windows Update or from the [Volume Licensing Service Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx). We recommend Windows 10 Education to all K-12 customers as it provides the most complete and secure edition for education environments. If you do not have access to Windows 10 Education, contact your Microsoft representative or see more information [here](http://go.microsoft.com/fwlink/?LinkId=822628).
+Windows 10 Education is available through Microsoft Volume Licensing. Customers who are already running Windows 10 Education can upgrade to Windows 10, version 1607 through Windows Update or from the [Volume Licensing Service Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx). We recommend Windows 10 Education to all K-12 customers as it provides the most complete and secure edition for education environments. If you do not have access to Windows 10 Education, contact your Microsoft representative or see more information [here](https://go.microsoft.com/fwlink/?LinkId=822628).
-Customers that deploy Windows 10 Enterprise are able to configure the product to have similar feature settings to Windows 10 Education using policies. More detailed information on these policies and the configuration steps required is available in [Manage Windows 10 and Windows Store tips, tricks and suggestions](http://go.microsoft.com/fwlink/?LinkId=822627). We recommend that K-12 customers using commercial Windows 10 Enterprise read the [document](http://go.microsoft.com/fwlink/?LinkId=822627) and apply desired settings for your environment.
+Customers that deploy Windows 10 Enterprise are able to configure the product to have similar feature settings to Windows 10 Education using policies. More detailed information on these policies and the configuration steps required is available in [Manage Windows 10 and Windows Store tips, tricks and suggestions](https://go.microsoft.com/fwlink/?LinkId=822627). We recommend that K-12 customers using commercial Windows 10 Enterprise read the [document](https://go.microsoft.com/fwlink/?LinkId=822627) and apply desired settings for your environment.
For any other questions, contact [Microsoft Customer Service and Support](https://support.microsoft.com/en-us).
## Related topics
* [Windows deployment for education](http://aka.ms/edudeploy)
-* [Windows 10 upgrade paths](http://go.microsoft.com/fwlink/?LinkId=822787)
-* [Volume Activation for Windows 10](http://go.microsoft.com/fwlink/?LinkId=822788)
-* [Plan for volume activation](http://go.microsoft.com/fwlink/?LinkId=822789)
+* [Windows 10 upgrade paths](https://go.microsoft.com/fwlink/?LinkId=822787)
+* [Volume Activation for Windows 10](https://go.microsoft.com/fwlink/?LinkId=822788)
+* [Plan for volume activation](https://go.microsoft.com/fwlink/?LinkId=822789)
diff --git a/license.md b/license.md
index 8e1a232216..0e5cb57b99 100644
--- a/license.md
+++ b/license.md
@@ -2,6 +2,6 @@ Copyright (c) Microsoft Corporation. Distributed under the following terms:
1. Microsoft and any contributors to this project each grants you a license, under its respective copyrights, to the documentation under the [Creative Commons Attribution 3.0 United States License](http://creativecommons.org/licenses/by/3.0/us/legalcode). In addition, with respect to any sample code contained in the documentation, Microsoft and any such contributors grants you an additional license, under its respective intellectual property rights, to use the code to develop or design your software for Microsoft Windows.
-2. Microsoft, Windows, and/or other Microsoft products and services referenced in the documentation may be either trademarks or registered trademarks of Microsoft in the United States and/or other countries. This license does not grant you rights to use any names, logos, or trademarks. For Microsoft’s general trademark guidelines, go to [http://go.microsoft.com/fwlink/?LinkID=254653](http://go.microsoft.com/fwlink/?LinkID=254653).
+2. Microsoft, Windows, and/or other Microsoft products and services referenced in the documentation may be either trademarks or registered trademarks of Microsoft in the United States and/or other countries. This license does not grant you rights to use any names, logos, or trademarks. For Microsoft’s general trademark guidelines, go to [https://go.microsoft.com/fwlink/?LinkID=254653](https://go.microsoft.com/fwlink/?LinkID=254653).
3. Microsoft and any contributors reserves all others rights, whether under copyrights, patents, or trademarks, or by implication, estoppel or otherwise.
diff --git a/mdop/agpm/choosing-which-version-of-agpm-to-install.md b/mdop/agpm/choosing-which-version-of-agpm-to-install.md
index 0c96e2b93c..aa282a3033 100644
--- a/mdop/agpm/choosing-which-version-of-agpm-to-install.md
+++ b/mdop/agpm/choosing-which-version-of-agpm-to-install.md
@@ -19,7 +19,7 @@ We recommend that you install the AGPM Server on the most recent version of the
All versions of AGPM can manage only the policy settings that were introduced in the same version or an earlier version of the operating system on which AGPM is running. For example, if you install AGPM 4.0 SP2 on Windows Server 2012, you can manage policy settings that were introduced in Windows Server 2012 or earlier, but you cannot manage policy settings that were introduced later, in Windows 8.1 or Windows Server 2012 R2.
-If the version of the GPMC on your AGPM Server is older than the version on the computers that administrators use to manage Group Policy, the AGPM Server will be unable to store any policy settings that are not available in the older version of the GPMC. For information about which policy settings are available with which operating systems, see the [Group Policy Settings Reference for Windows and Windows Server](http://go.microsoft.com/fwlink/?LinkId=157345).
+If the version of the GPMC on your AGPM Server is older than the version on the computers that administrators use to manage Group Policy, the AGPM Server will be unable to store any policy settings that are not available in the older version of the GPMC. For information about which policy settings are available with which operating systems, see the [Group Policy Settings Reference for Windows and Windows Server](https://go.microsoft.com/fwlink/?LinkId=157345).
## AGPM 4.0 SP3
@@ -282,7 +282,7 @@ Table 4 lists the operating systems on which you can install the versions of AGP
## How to Get MDOP Technologies
-AGPM 4.0 SP2 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049) (http://go.microsoft.com/fwlink/?LinkId=322049).
+AGPM 4.0 SP2 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049).
## Related topics
diff --git a/mdop/agpm/index.md b/mdop/agpm/index.md
index 1439565b2c..7d17648258 100644
--- a/mdop/agpm/index.md
+++ b/mdop/agpm/index.md
@@ -43,15 +43,15 @@ In addition to the product documentation available online, supplemental product
MDOP Videos |
-For a list of available MDOP videos, go to [Microsoft Desktop Optimization Pack Technologies Videos](http://go.microsoft.com/fwlink/?LinkId=234275) (http://go.microsoft.com/fwlink/?LinkId=234275). |
+For a list of available MDOP videos, go to [Microsoft Desktop Optimization Pack Technologies Videos](https://go.microsoft.com/fwlink/?LinkId=234275) (https://go.microsoft.com/fwlink/?LinkId=234275). |
MDOP Virtual Labs |
-For a list of available MDOP virtual labs, go to [Microsoft Desktop Optimization Pack (MDOP) Virtual Labs](http://go.microsoft.com/fwlink/?LinkId=234276) (http://go.microsoft.com/fwlink/?LinkId=234276). |
+For a list of available MDOP virtual labs, go to [Microsoft Desktop Optimization Pack (MDOP) Virtual Labs](https://go.microsoft.com/fwlink/?LinkId=234276) (https://go.microsoft.com/fwlink/?LinkId=234276). |
MDOP TechCenter |
-For technical whitepapers, evaluation materials, blogs, and additional MDOP resources, go to [MDOP TechCenter](http://go.microsoft.com/fwlink/?LinkId=225286) (http://go.microsoft.com/fwlink/?LinkId=225286)
+ | For technical whitepapers, evaluation materials, blogs, and additional MDOP resources, go to [MDOP TechCenter](https://go.microsoft.com/fwlink/?LinkId=225286) (https://go.microsoft.com/fwlink/?LinkId=225286)
|
@@ -68,7 +68,7 @@ MDOP is a suite of products that can help streamline desktop deployment, managem
MDOP is also available for test and evaluation to [MSDN](http://msdn.microsoft.com/subscriptions/downloads/default.aspx?PV=42:178) and [TechNet](http://technet.microsoft.com/subscriptions/downloads/default.aspx?PV=42:178) subscribers in accordance with MDSN and TechNet agreements.
**Download MDOP**
-MDOP subscribers can download the software at the [Microsoft Volume Licensing website (MVLS)](http://go.microsoft.com/fwlink/?LinkId=166331).
+MDOP subscribers can download the software at the [Microsoft Volume Licensing website (MVLS)](https://go.microsoft.com/fwlink/?LinkId=166331).
**Purchase MDOP**
Visit the enterprise [Purchase Windows Enterprise Licensing](http://www.microsoft.com/windows/enterprise/how-to-buy.aspx) website to find out how to purchase MDOP for your business.
diff --git a/mdop/agpm/move-the-agpm-server-and-the-archive-agpm40.md b/mdop/agpm/move-the-agpm-server-and-the-archive-agpm40.md
index 4857c10d22..ac902a9785 100644
--- a/mdop/agpm/move-the-agpm-server-and-the-archive-agpm40.md
+++ b/mdop/agpm/move-the-agpm-server-and-the-archive-agpm40.md
@@ -32,7 +32,7 @@ A user account that is a member of the Domain Admins group and has access to the
1. Stop the AGPM Service. For more information, see [Start and Stop the AGPM Service](start-and-stop-the-agpm-service-agpm40.md).
- 2. Install Microsoft Advanced Group Policy Management - Server on the new server that will host the AGPM Service. During this process, you specify the new archive path, the location for the archive in relation to the AGPM Server. For more information, see [Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0](http://go.microsoft.com/fwlink/?LinkId=153505) (http://go.microsoft.com/fwlink/?LinkId=153505) and [Planning Guide for Microsoft Advanced Group Policy Management](http://go.microsoft.com/fwlink/?LinkId=156883) (http://go.microsoft.com/fwlink/?LinkId=156883).
+ 2. Install Microsoft Advanced Group Policy Management - Server on the new server that will host the AGPM Service. During this process, you specify the new archive path, the location for the archive in relation to the AGPM Server. For more information, see [Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0](https://go.microsoft.com/fwlink/?LinkId=153505) (https://go.microsoft.com/fwlink/?LinkId=153505) and [Planning Guide for Microsoft Advanced Group Policy Management](https://go.microsoft.com/fwlink/?LinkId=156883) (https://go.microsoft.com/fwlink/?LinkId=156883).
3. Either an AGPM Administrator (Full Control) must configure the AGPM Server connection for all Group Policy administrators who will use the new AGPM Server and remove the connection for the old AGPM Server, or else each Group Policy administrator must manually configure the new AGPM Server connection and remove the old AGPM Server connection for the AGPM snap-in on their computer. For more information, see [Configure AGPM Server Connections](configure-agpm-server-connections-agpm40.md).
@@ -62,9 +62,9 @@ A user account that is a member of the Domain Admins group and has access to the
- [Modify the AGPM Service](modify-the-agpm-service-agpm40.md)
-- [Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0](http://go.microsoft.com/fwlink/?LinkId=153505) (http://go.microsoft.com/fwlink/?LinkId=153505)
+- [Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0](https://go.microsoft.com/fwlink/?LinkId=153505) (https://go.microsoft.com/fwlink/?LinkId=153505)
-- [Planning Guide for Microsoft Advanced Group Policy Management](http://go.microsoft.com/fwlink/?LinkId=156883) (http://go.microsoft.com/fwlink/?LinkId=156883)
+- [Planning Guide for Microsoft Advanced Group Policy Management](https://go.microsoft.com/fwlink/?LinkId=156883) (https://go.microsoft.com/fwlink/?LinkId=156883)
- [Performing AGPM Administrator Tasks](performing-agpm-administrator-tasks-agpm40.md)
diff --git a/mdop/agpm/move-the-agpm-server-and-the-archive.md b/mdop/agpm/move-the-agpm-server-and-the-archive.md
index b3386feba0..b2ff901507 100644
--- a/mdop/agpm/move-the-agpm-server-and-the-archive.md
+++ b/mdop/agpm/move-the-agpm-server-and-the-archive.md
@@ -32,7 +32,7 @@ A user account that is a member of the Domain Admins group and has access to the
1. Stop the AGPM Service. For more information, see [Start and Stop the AGPM Service](start-and-stop-the-agpm-service-agpm30ops.md).
- 2. Install Microsoft Advanced Group Policy Management - Server on the new server that will host the AGPM Service. During this process, you specify the new archive path, the location for the archive in relation to the AGPM Server. For more information, see Step-by-Step Guide for Microsoft Advanced Group Policy Management 3.0 () and Planning Guide for Microsoft Advanced Group Policy Management ().
+ 2. Install Microsoft Advanced Group Policy Management - Server on the new server that will host the AGPM Service. During this process, you specify the new archive path, the location for the archive in relation to the AGPM Server. For more information, see Step-by-Step Guide for Microsoft Advanced Group Policy Management 3.0 () and Planning Guide for Microsoft Advanced Group Policy Management ().
3. Either an AGPM Administrator (Full Control) must configure the AGPM Server connection for all Group Policy administrators who will use the new AGPM Server and remove the connection for the old AGPM Server, or else each Group Policy administrator must manually configure the new AGPM Server connection and remove the old AGPM Server connection for the AGPM snap-in on their computer. For more information, see [Configure AGPM Server Connections](configure-agpm-server-connections-agpm30ops.md).
@@ -62,9 +62,9 @@ A user account that is a member of the Domain Admins group and has access to the
- [Modify the AGPM Service](modify-the-agpm-service-agpm30ops.md)
-- Step-by-Step Guide for Microsoft Advanced Group Policy Management 3.0 ()
+- Step-by-Step Guide for Microsoft Advanced Group Policy Management 3.0 ()
-- Planning Guide for Microsoft Advanced Group Policy Management ()
+- Planning Guide for Microsoft Advanced Group Policy Management ()
- [Performing AGPM Administrator Tasks](performing-agpm-administrator-tasks-agpm30ops.md)
diff --git a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp1.md b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp1.md
index 3c3a5edf6d..361d135a71 100644
--- a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp1.md
+++ b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp1.md
@@ -60,7 +60,7 @@ WORKAROUND: Manually start the AGPM Service after the domain controller is onlin
### Upgrade of AGPM Server to AGPM 4.0 SP1 is blocked when you upgrade from the AGPM 4.0 release plus the hotfix
-If you try to upgrade the AGPM server to AGPM 4.0. SP1 after installing AGPM 4.0 and then installing the AGPM hotfix (see Knowledge Base article [2643502](http://go.microsoft.com/fwlink/?LinkId=254474)), the upgrade fails and cannot be completed.
+If you try to upgrade the AGPM server to AGPM 4.0. SP1 after installing AGPM 4.0 and then installing the AGPM hotfix (see Knowledge Base article [2643502](https://go.microsoft.com/fwlink/?LinkId=254474)), the upgrade fails and cannot be completed.
WORKAROUND: Uninstall the AGPM 4.0 Server and then install AGPM 4.0 SP1.
diff --git a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp2.md b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp2.md
index 3b40da74ea..9d5f433b78 100644
--- a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp2.md
+++ b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp2.md
@@ -60,7 +60,7 @@ When the AGPM Service is installed on a domain controller on the Windows® 8 ope
### Upgrade of AGPM Server to AGPM 4.0 SP2 is blocked when you upgrade from the AGPM 4.0 release plus hotfix 1
-If you try to upgrade the AGPM server to AGPM 4.0. SP2 after installing AGPM 4.0 Server and then installing the AGPM hotfix named AGPM 4.0 reports incorrect differences in the HTML report (see Knowledge Base article [2643502](http://go.microsoft.com/fwlink/?LinkId=254474)), the upgrade fails and cannot be completed.
+If you try to upgrade the AGPM server to AGPM 4.0. SP2 after installing AGPM 4.0 Server and then installing the AGPM hotfix named AGPM 4.0 reports incorrect differences in the HTML report (see Knowledge Base article [2643502](https://go.microsoft.com/fwlink/?LinkId=254474)), the upgrade fails and cannot be completed.
**Workaround:** Uninstall the AGPM 4.0 Server and then install AGPM 4.0 SP2.
diff --git a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp3.md b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp3.md
index c3412ae653..ee8e39c778 100644
--- a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp3.md
+++ b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp3.md
@@ -66,7 +66,7 @@ When the AGPM Service is installed on a domain controller on the Windows® 8 ope
### Upgrade of AGPM Server to AGPM 4.0 SP2 is blocked when you upgrade from the AGPM 4.0 release plus hotfix 1
-If you try to upgrade the AGPM server to AGPM 4.0. SP2 after installing AGPM 4.0 Server and then installing the AGPM hotfix named AGPM 4.0 reports incorrect differences in the HTML report (see Knowledge Base article [2643502](http://go.microsoft.com/fwlink/?LinkId=254474)), the upgrade fails and cannot be completed.
+If you try to upgrade the AGPM server to AGPM 4.0. SP2 after installing AGPM 4.0 Server and then installing the AGPM hotfix named AGPM 4.0 reports incorrect differences in the HTML report (see Knowledge Base article [2643502](https://go.microsoft.com/fwlink/?LinkId=254474)), the upgrade fails and cannot be completed.
**Workaround:** Uninstall the AGPM 4.0 Server and then install AGPM 4.0 SP2.
diff --git a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40.md b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40.md
index 0f6e6394b6..21eafbce4e 100644
--- a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40.md
+++ b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40.md
@@ -22,33 +22,33 @@ Microsoft Advanced Group Policy Management (AGPM) 4.0 extends the capabilities o
The following documents can help you get started with AGPM 4.0.
-- For an overview of the capabilities of AGPM, see [Overview of Microsoft Advanced Group Policy Management](http://go.microsoft.com/fwlink/?LinkID=162671) (http://go.microsoft.com/fwlink/?LinkID=162671).
+- For an overview of the capabilities of AGPM, see [Overview of Microsoft Advanced Group Policy Management](https://go.microsoft.com/fwlink/?LinkID=162671) (https://go.microsoft.com/fwlink/?LinkID=162671).
-- For information about how AGPM 4.0 differs from AGPM 3.0, see [What's New in AGPM 4.0](http://go.microsoft.com/fwlink/?LinkId=160058) (http://go.microsoft.com/fwlink/?LinkId=160058).
+- For information about how AGPM 4.0 differs from AGPM 3.0, see [What's New in AGPM 4.0](https://go.microsoft.com/fwlink/?LinkId=160058) (https://go.microsoft.com/fwlink/?LinkId=160058).
-- For guidance about how to determine whether AGPM 4.0, AGPM 3.0, or AGPM 2.5 is appropriate for your environment, see [Choosing Which Version of AGPM to Install](http://go.microsoft.com/fwlink/?LinkId=145981) (http://go.microsoft.com/fwlink/?LinkId=145981).
+- For guidance about how to determine whether AGPM 4.0, AGPM 3.0, or AGPM 2.5 is appropriate for your environment, see [Choosing Which Version of AGPM to Install](https://go.microsoft.com/fwlink/?LinkId=145981) (https://go.microsoft.com/fwlink/?LinkId=145981).
-- For basic guidance about how to install AGPM and a sample scenario for using AGPM, see [Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0](http://go.microsoft.com/fwlink/?LinkID=153505) (http://go.microsoft.com/fwlink/?LinkID=153505). This guide is primarily designed to help evaluators and first-time users.
+- For basic guidance about how to install AGPM and a sample scenario for using AGPM, see [Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0](https://go.microsoft.com/fwlink/?LinkID=153505) (https://go.microsoft.com/fwlink/?LinkID=153505). This guide is primarily designed to help evaluators and first-time users.
-- For information about how to upgrade from an earlier version of AGPM or detailed guidance about how to plan the deployment of AGPM in your organization, see the [Planning Guide for Microsoft Advanced Group Policy Management 4.0](http://go.microsoft.com/fwlink/?LinkID=156883) (http://go.microsoft.com/fwlink/?LinkID=156883).
+- For information about how to upgrade from an earlier version of AGPM or detailed guidance about how to plan the deployment of AGPM in your organization, see the [Planning Guide for Microsoft Advanced Group Policy Management 4.0](https://go.microsoft.com/fwlink/?LinkID=156883) (https://go.microsoft.com/fwlink/?LinkID=156883).
-- For information about how to use AGPM to perform specific tasks, see the Advanced Group Policy Management 4.0 Help, which is also available on TechNet as the [Operations Guide for AGPM 4.0](http://go.microsoft.com/fwlink/?LinkId=159872) (http://go.microsoft.com/fwlink/?LinkId=159872).
+- For information about how to use AGPM to perform specific tasks, see the Advanced Group Policy Management 4.0 Help, which is also available on TechNet as the [Operations Guide for AGPM 4.0](https://go.microsoft.com/fwlink/?LinkId=159872) (https://go.microsoft.com/fwlink/?LinkId=159872).
## More information
For more information about AGPM, see the following:
-- [Advanced Group Policy Management TechNet Library](http://go.microsoft.com/fwlink/?LinkID=146846) (http://go.microsoft.com/fwlink/?LinkID=146846)
+- [Advanced Group Policy Management TechNet Library](https://go.microsoft.com/fwlink/?LinkID=146846) (https://go.microsoft.com/fwlink/?LinkID=146846)
-- [Microsoft Desktop Optimization Pack TechCenter](http://go.microsoft.com/fwlink/?LinkId=159870) (http://www.microsoft.com/technet/mdop)
+- [Microsoft Desktop Optimization Pack TechCenter](https://go.microsoft.com/fwlink/?LinkId=159870) (http://www.microsoft.com/technet/mdop)
-- [Group Policy TechCenter](http://go.microsoft.com/fwlink/?LinkId=145531) (http://www.microsoft.com/gp)
+- [Group Policy TechCenter](https://go.microsoft.com/fwlink/?LinkId=145531) (http://www.microsoft.com/gp)
## Providing feedback
-You can post feedback or questions about AGPM to the [Group Policy Forum](http://go.microsoft.com/fwlink/?LinkId=145532) (http://go.microsoft.com/fwlink/?LinkId=145532).
+You can post feedback or questions about AGPM to the [Group Policy Forum](https://go.microsoft.com/fwlink/?LinkId=145532) (https://go.microsoft.com/fwlink/?LinkId=145532).
## Known issues with AGPM 4.0
diff --git a/mdop/agpm/resources-for-agpm.md b/mdop/agpm/resources-for-agpm.md
index aea623d985..6819ebac13 100644
--- a/mdop/agpm/resources-for-agpm.md
+++ b/mdop/agpm/resources-for-agpm.md
@@ -15,21 +15,21 @@ ms.prod: w10
### Documents for download
-- [Advanced Group Policy Management 4.0 documents](http://go.microsoft.com/fwlink/?LinkID=158931)
+- [Advanced Group Policy Management 4.0 documents](https://go.microsoft.com/fwlink/?LinkID=158931)
### Microsoft Desktop Optimization Pack resources
-- [Microsoft Desktop Optimization Pack (MDOP) for Software Assurance TechCenter](http://go.microsoft.com/fwlink/?LinkID=159870) (http://www.microsoft.com/technet/mdop): Links to MDOP videos and resources.
+- [Microsoft Desktop Optimization Pack (MDOP) for Software Assurance TechCenter](https://go.microsoft.com/fwlink/?LinkID=159870) (http://www.microsoft.com/technet/mdop): Links to MDOP videos and resources.
-- [Enterprise products: MDOP](http://go.microsoft.com/fwlink/?LinkID=160297): Overviews and information about the benefits of applications in MDOP.
+- [Enterprise products: MDOP](https://go.microsoft.com/fwlink/?LinkID=160297): Overviews and information about the benefits of applications in MDOP.
### Group Policy resources
-- [Group Policy TechCenter](http://go.microsoft.com/fwlink/?LinkID=145531) (http://www.microsoft.com/grouppolicy): Links to Group Policy documentation, tools, and downloads.
+- [Group Policy TechCenter](https://go.microsoft.com/fwlink/?LinkID=145531) (http://www.microsoft.com/grouppolicy): Links to Group Policy documentation, tools, and downloads.
-- [Group Policy Team Blog](http://go.microsoft.com/fwlink/?LinkID=75192) (http://blogs.technet.com/GroupPolicy): Stay current on the latest news about Group Policy with articles by the Group Policy Team and other experts.
+- [Group Policy Team Blog](https://go.microsoft.com/fwlink/?LinkID=75192) (http://blogs.technet.com/GroupPolicy): Stay current on the latest news about Group Policy with articles by the Group Policy Team and other experts.
-- [Group Policy Forum](http://go.microsoft.com/fwlink/?LinkID=145532): Do you have questions about Group Policy or AGPM? You can post your questions to the forum, and receive answers from the experts.
+- [Group Policy Forum](https://go.microsoft.com/fwlink/?LinkID=145532): Do you have questions about Group Policy or AGPM? You can post your questions to the forum, and receive answers from the experts.
diff --git a/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-25.md b/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-25.md
index fdd71d9044..fa74f313d2 100644
--- a/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-25.md
+++ b/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-25.md
@@ -57,7 +57,7 @@ You should install AGPM Server on a member server or domain controller with the
Specifically, if your AGPM Server is running Windows Server 2003 and the version of the GPMC that accompanied it, and your Group Policy administrators’ computers are running Windows Vista and the version of the GPMC that accompanied it, you can still manage most policy settings. However, policy settings from the GPMC in Windows Vista that are not available in the GPMC in Windows Server 2003—such as those related to folder redirection, wireless networking (IEEE 802.11), and deployed printers—cannot be stored by the AGPM Server, even though administrators can configure them using AGPM on their computers.
-If you must install AGPM Server on a computer with an older version of GPMC than your Group Policy administrators are running, see the Group Policy Settings Reference for details about which policy settings are available with which operating systems. To download the Group Policy Settings Reference, see .
+If you must install AGPM Server on a computer with an older version of GPMC than your Group Policy administrators are running, see the Group Policy Settings Reference for details about which policy settings are available with which operating systems. To download the Group Policy Settings Reference, see .
**Note**
Archives cannot be migrated from an AGPM Server or a GPOVault Server running Windows Server 2003 to an AGPM Server running Windows Vista.
diff --git a/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-30.md b/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-30.md
index d74d9b2f90..84a55aac70 100644
--- a/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-30.md
+++ b/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-30.md
@@ -64,7 +64,7 @@ Before you install AGPM Server, you must be a member of the Domain Admins group
- Windows Server 2008: The GPMC is automatically installed by AGPM if not present.
- - Windows Vista: You must install the GPMC from RSAT before you install AGPM. For more information, see .
+ - Windows Vista: You must install the GPMC from RSAT before you install AGPM. For more information, see .
- .NET Framework 3.5
@@ -90,7 +90,7 @@ The following Windows features are required by AGPM Client and will be automatic
- Windows Server 2008: The GPMC is automatically installed by AGPM if not present.
- - Windows Vista: You must install the GPMC from RSAT before you install AGPM. For more information, see .
+ - Windows Vista: You must install the GPMC from RSAT before you install AGPM. For more information, see .
- .NET Framework 3.0
diff --git a/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-40.md b/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-40.md
index c6c50f7339..364f0682a2 100644
--- a/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-40.md
+++ b/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-40.md
@@ -109,9 +109,9 @@ Before you install AGPM Server, you must be a member of the Domain Admins group
- Windows Server 2008 R2 or Windows Server 2008: If the GPMC is not present, it is automatically installed by AGPM.
- - Windows 7: You must install the GPMC from RSAT before you install AGPM. For more information, see [Remote Server Administration Tools for Windows 7](http://go.microsoft.com/fwlink/?LinkID=131280) (http://go.microsoft.com/fwlink/?LinkID=131280).
+ - Windows 7: You must install the GPMC from RSAT before you install AGPM. For more information, see [Remote Server Administration Tools for Windows 7](https://go.microsoft.com/fwlink/?LinkID=131280) (https://go.microsoft.com/fwlink/?LinkID=131280).
- - Windows Vista with SP1: You must install the GPMC from RSAT before you install AGPM. For more information, see [Remote Server Administration Tools for Windows Vista with Service Pack 1](http://go.microsoft.com/fwlink/?LinkID=116179) (http://go.microsoft.com/fwlink/?LinkID=116179).
+ - Windows Vista with SP1: You must install the GPMC from RSAT before you install AGPM. For more information, see [Remote Server Administration Tools for Windows Vista with Service Pack 1](https://go.microsoft.com/fwlink/?LinkID=116179) (https://go.microsoft.com/fwlink/?LinkID=116179).
- The .NET Framework 3.5 or later versions
@@ -141,9 +141,9 @@ The following Windows features are required by AGPM Client and unless otherwise
- Windows Server 2008 R2 or Windows Server 2008: If the GPMC is not present, it is automatically installed by AGPM.
- - Windows 7: You must install the GPMC from RSAT before you install AGPM. For more information, see [Remote Server Administration Tools for Windows 7](http://go.microsoft.com/fwlink/?LinkID=131280) (http://go.microsoft.com/fwlink/?LinkID=131280).
+ - Windows 7: You must install the GPMC from RSAT before you install AGPM. For more information, see [Remote Server Administration Tools for Windows 7](https://go.microsoft.com/fwlink/?LinkID=131280) (https://go.microsoft.com/fwlink/?LinkID=131280).
- - Windows Vista with SP1: You must install the GPMC from RSAT before you install AGPM. For more information, see [Remote Server Administration Tools for Windows Vista with Service Pack 1](http://go.microsoft.com/fwlink/?LinkID=116179) (http://go.microsoft.com/fwlink/?LinkID=116179).
+ - Windows Vista with SP1: You must install the GPMC from RSAT before you install AGPM. For more information, see [Remote Server Administration Tools for Windows Vista with Service Pack 1](https://go.microsoft.com/fwlink/?LinkID=116179) (https://go.microsoft.com/fwlink/?LinkID=116179).
- The .NET Framework 3.0 or later version
diff --git a/mdop/agpm/technical-overview-of-agpm.md b/mdop/agpm/technical-overview-of-agpm.md
index 66258c0203..73852bc4e2 100644
--- a/mdop/agpm/technical-overview-of-agpm.md
+++ b/mdop/agpm/technical-overview-of-agpm.md
@@ -101,7 +101,7 @@ Table 1 describes both the items that AGPM installs or creates and the parts of
### Additional references
-For more information about the files installed by AGPM, see the [Planning Guide for AGPM](http://go.microsoft.com/fwlink/?LinkId=160060).
+For more information about the files installed by AGPM, see the [Planning Guide for AGPM](https://go.microsoft.com/fwlink/?LinkId=160060).
## Archive
@@ -121,7 +121,7 @@ When AGPM creates the archive, it gives Full Control to SYSTEM, Administrators,
### Additional references
-For information about how to back up the archive, restore the archive from a backup, or move both the AGPM Server and the archive, see the "Performing AGPM Administrator Tasks" section in the [Operations Guide for AGPM](http://go.microsoft.com/fwlink/?LinkId=160061).
+For information about how to back up the archive, restore the archive from a backup, or move both the AGPM Server and the archive, see the "Performing AGPM Administrator Tasks" section in the [Operations Guide for AGPM](https://go.microsoft.com/fwlink/?LinkId=160061).
## Roles and permissions
@@ -268,7 +268,7 @@ The ability to delegate access to GPOs in the production environment for a domai
### Additional references
-For information about what tasks can be performed by Group Policy administrators assigned a particular role or about which permissions are required to perform a specific task, see the [Operations Guide for AGPM](http://go.microsoft.com/fwlink/?LinkId=160061).
+For information about what tasks can be performed by Group Policy administrators assigned a particular role or about which permissions are required to perform a specific task, see the [Operations Guide for AGPM](https://go.microsoft.com/fwlink/?LinkId=160061).
diff --git a/mdop/agpm/whats-new-in-agpm-40-sp1.md b/mdop/agpm/whats-new-in-agpm-40-sp1.md
index 78c1991bf6..bc8d5bf649 100644
--- a/mdop/agpm/whats-new-in-agpm-40-sp1.md
+++ b/mdop/agpm/whats-new-in-agpm-40-sp1.md
@@ -60,7 +60,7 @@ The changes and support for the AGPM 4.0 SP1 installer are:
### Ability to upgrade or update to AGPM 4.0 SP1 without re-entering configuration parameters
-You can upgrade the AGPM client or server to AGPM 4.0 SP1 only from AGPM 4.0 without being prompted to re-enter configuration parameters (called “Smart Upgrade”), as shown in the following table. If you are upgrading to AGPM 4.0 SP1 from other versions of AGPM, as shown in the table, you must use the “Classic Upgrade,” which requires you to re-enter the configuration parameters. Since each version of AGPM is associated with a particular operating system, refer to [Choosing Which Version of AGPM to Install](http://go.microsoft.com/fwlink/?LinkId=254350), and be sure to upgrade your operating system as appropriate before performing an upgrade.
+You can upgrade the AGPM client or server to AGPM 4.0 SP1 only from AGPM 4.0 without being prompted to re-enter configuration parameters (called “Smart Upgrade”), as shown in the following table. If you are upgrading to AGPM 4.0 SP1 from other versions of AGPM, as shown in the table, you must use the “Classic Upgrade,” which requires you to re-enter the configuration parameters. Since each version of AGPM is associated with a particular operating system, refer to [Choosing Which Version of AGPM to Install](https://go.microsoft.com/fwlink/?LinkId=254350), and be sure to upgrade your operating system as appropriate before performing an upgrade.
diff --git a/mdop/agpm/whats-new-in-agpm-40-sp2.md b/mdop/agpm/whats-new-in-agpm-40-sp2.md
index 7c7e323813..571237f2a3 100644
--- a/mdop/agpm/whats-new-in-agpm-40-sp2.md
+++ b/mdop/agpm/whats-new-in-agpm-40-sp2.md
@@ -34,11 +34,11 @@ The new and changed Group Policy client-side extensions are:
- **Force automatic setup for all users**. If you enable this policy setting, IT administrators can determine whether to create the Work Folders partnership automatically on end-user devices without input from end users. If you enable this policy setting, the synchronization will be set up according to how you configure the **Specify Work Folders settings** policy setting. If you set the **Force automatic setup for all users** policy setting to **Disabled** or **Not configured**, the Work Folders partnership will be configured according to how you set the **Automatic Provisioning** option in the **Specify Work Folders settings** policy setting.
-For more information about the Work Folders feature, see [Work Folders Overview](http://go.microsoft.com/fwlink/?LinkId=330444).
+For more information about the Work Folders feature, see [Work Folders Overview](https://go.microsoft.com/fwlink/?LinkId=330444).
### Customer feedback and hotfix rollup
-AGPM 4.0 SP2 includes a rollup of hotfixes to address issues found since the AGPM 4.0 Service Pack 1 (SP1) release. AGPM 4.0 SP2 contains the latest fixes up to and including Microsoft Advanced Group Policy Management 4.0 SP1 Hotfix 1. For more information, see Knowledge Base article [2873472](http://go.microsoft.com/fwlink/?LinkId=325400)).
+AGPM 4.0 SP2 includes a rollup of hotfixes to address issues found since the AGPM 4.0 Service Pack 1 (SP1) release. AGPM 4.0 SP2 contains the latest fixes up to and including Microsoft Advanced Group Policy Management 4.0 SP1 Hotfix 1. For more information, see Knowledge Base article [2873472](https://go.microsoft.com/fwlink/?LinkId=325400)).
### New Group Policy extensions in settings and difference reports
@@ -58,7 +58,7 @@ The changes and support for the AGPM 4.0 SP2 installer are:
### Ability to upgrade to AGPM 4.0 SP2 without reentering configuration parameters
-You can upgrade the AGPM Client or AGPM Server to AGPM 4.0 SP2 without being prompted to reenter configuration parameters (called the Smart Upgrade) only from AGPM 4.0 onward, as shown in the following table. If you are upgrading to AGPM 4.0 SP2 from other versions of AGPM, as shown in the table, you must use the Classic Upgrade, which requires you to reenter the configuration parameters. Because each version of AGPM is associated with a particular operating system, see [Choosing Which Version of AGPM to Install](http://go.microsoft.com/fwlink/?LinkId=254350) and make sure that you upgrade your operating system as appropriate before you upgrade AGPM.
+You can upgrade the AGPM Client or AGPM Server to AGPM 4.0 SP2 without being prompted to reenter configuration parameters (called the Smart Upgrade) only from AGPM 4.0 onward, as shown in the following table. If you are upgrading to AGPM 4.0 SP2 from other versions of AGPM, as shown in the table, you must use the Classic Upgrade, which requires you to reenter the configuration parameters. Because each version of AGPM is associated with a particular operating system, see [Choosing Which Version of AGPM to Install](https://go.microsoft.com/fwlink/?LinkId=254350) and make sure that you upgrade your operating system as appropriate before you upgrade AGPM.
**AGPM 4.0 SP2 supported upgrades**
@@ -217,7 +217,7 @@ If the GPMC is not enabled, the installer enables it during the installation.
## How to Get MDOP Technologies
-AGPM 4.0 SP2 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049) (http://go.microsoft.com/fwlink/?LinkId=322049).
+AGPM 4.0 SP2 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049).
## Related topics
diff --git a/mdop/agpm/whats-new-in-agpm-40-sp3.md b/mdop/agpm/whats-new-in-agpm-40-sp3.md
index a639608821..e598c1a4b8 100644
--- a/mdop/agpm/whats-new-in-agpm-40-sp3.md
+++ b/mdop/agpm/whats-new-in-agpm-40-sp3.md
@@ -34,7 +34,7 @@ AGPM 4.0 SP3 includes a rollup of all fixes up to and including Microsoft Advanc
### Ability to upgrade to AGPM 4.0 SP3 without re-entering configuration parameters
-You can upgrade the AGPM Client or AGPM Server to AGPM 4.0 SP3 without being prompted to re-enter configuration parameters (called the Smart Upgrade) only from AGPM 4.0 and later, as shown in the following table. If you are upgrading to AGPM 4.0 SP3 from other versions of AGPM, as shown in the table, you must use the Classic Upgrade, which requires you to re-enter the configuration parameters. Because each version of AGPM is associated with a particular operating system, see [Choosing Which Version of AGPM to Install](http://go.microsoft.com/fwlink/?LinkId=254350) and make sure that you upgrade your operating system as appropriate before you upgrade AGPM.
+You can upgrade the AGPM Client or AGPM Server to AGPM 4.0 SP3 without being prompted to re-enter configuration parameters (called the Smart Upgrade) only from AGPM 4.0 and later, as shown in the following table. If you are upgrading to AGPM 4.0 SP3 from other versions of AGPM, as shown in the table, you must use the Classic Upgrade, which requires you to re-enter the configuration parameters. Because each version of AGPM is associated with a particular operating system, see [Choosing Which Version of AGPM to Install](https://go.microsoft.com/fwlink/?LinkId=254350) and make sure that you upgrade your operating system as appropriate before you upgrade AGPM.
**AGPM 4.0 SP3 supported upgrades**
@@ -231,7 +231,7 @@ If the GPMC is not enabled, the installer enables it during the installation.
## How to Get MDOP Technologies
-AGPM 4.0 SP3 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049) (http://go.microsoft.com/fwlink/?LinkId=322049).
+AGPM 4.0 SP3 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049).
## Related topics
diff --git a/mdop/appv-v4/about-app-v-package-accelerators--app-v-46-sp1-.md b/mdop/appv-v4/about-app-v-package-accelerators--app-v-46-sp1-.md
index 20e54288a5..1bd5cb4df4 100644
--- a/mdop/appv-v4/about-app-v-package-accelerators--app-v-46-sp1-.md
+++ b/mdop/appv-v4/about-app-v-package-accelerators--app-v-46-sp1-.md
@@ -47,7 +47,7 @@ You should also review any settings or configuration files associated with the v
## Securing App-V Package Accelerators
-Always save App-V Package Accelerators and any associated installation media in a secure location on the network to protect the App-V Package Accelerators and the installation files from being tampered with or becoming corrupted. Because Package Accelerators can also contain password and user-specific information, you must save App-V Package Accelerators in a secure location, and you must digitally sign the Package Accelerator after you create it so that the publisher can be verified when the Package Accelerator is applied. For more information about digital signatures, see [Application Guidelines on Digital Signature Practices for Common Criteria Security](http://go.microsoft.com/fwlink/?LinkId=204705) (http://go.microsoft.com/fwlink/?LinkId=204705).
+Always save App-V Package Accelerators and any associated installation media in a secure location on the network to protect the App-V Package Accelerators and the installation files from being tampered with or becoming corrupted. Because Package Accelerators can also contain password and user-specific information, you must save App-V Package Accelerators in a secure location, and you must digitally sign the Package Accelerator after you create it so that the publisher can be verified when the Package Accelerator is applied. For more information about digital signatures, see [Application Guidelines on Digital Signature Practices for Common Criteria Security](https://go.microsoft.com/fwlink/?LinkId=204705) (https://go.microsoft.com/fwlink/?LinkId=204705).
## Related topics
diff --git a/mdop/appv-v4/about-microsoft-application-virtualization-45-sp1.md b/mdop/appv-v4/about-microsoft-application-virtualization-45-sp1.md
index 84d328ae99..ae8f74d031 100644
--- a/mdop/appv-v4/about-microsoft-application-virtualization-45-sp1.md
+++ b/mdop/appv-v4/about-microsoft-application-virtualization-45-sp1.md
@@ -15,13 +15,13 @@ ms.prod: w8
This service pack contains the following changes:
-- Support for Windows 7 and Windows Server 2008 R2: App-V 4.5 SP1 provides support for Windows 7 and Windows Server 2008 R2, including support for Windows 7 features such as the taskbar, AppLocker, BranchCache, and BitLocker To Go. Windows Server 2008 R2 support applies only to Application Virtualization Server. For more information about AppLocker support in Windows 7, see [Windows AppLocker](http://go.microsoft.com/fwlink/?LinkID=156732) (http://go.microsoft.com/fwlink/?LinkID=156732).
+- Support for Windows 7 and Windows Server 2008 R2: App-V 4.5 SP1 provides support for Windows 7 and Windows Server 2008 R2, including support for Windows 7 features such as the taskbar, AppLocker, BranchCache, and BitLocker To Go. Windows Server 2008 R2 support applies only to Application Virtualization Server. For more information about AppLocker support in Windows 7, see [Windows AppLocker](https://go.microsoft.com/fwlink/?LinkID=156732) (https://go.microsoft.com/fwlink/?LinkID=156732).
-- Support for third-party Kerberos realms: App-V 4.5 SP1 provides support for environments that have a trust relationship and mapped user accounts between a Windows domain and an MIT Kerberos realm, which is a scenario commonly used at many universities. For information about how to enable this support, see [How to Configure the Client for MIT Kerberos Realm Support](http://go.microsoft.com/fwlink/?LinkId=166004) (http://go.microsoft.com/fwlink/?LinkId=166004).
+- Support for third-party Kerberos realms: App-V 4.5 SP1 provides support for environments that have a trust relationship and mapped user accounts between a Windows domain and an MIT Kerberos realm, which is a scenario commonly used at many universities. For information about how to enable this support, see [How to Configure the Client for MIT Kerberos Realm Support](https://go.microsoft.com/fwlink/?LinkId=166004) (https://go.microsoft.com/fwlink/?LinkId=166004).
- Improved support for application publishing and streaming through HTTP/HTTPS: App-V 4.5 SP1 provides support for application publishing and streaming through the HTTP/HTTPS protocols for Windows XP Home Edition, Windows Vista Home Basic, and Windows 7 Home Basic.
-- Customer Feedback and Hotfix Rollup: App-V 4.5 SP1 also includes a rollup of fixes to address issues found after the Microsoft Application Virtualization (App-V) 4.5 CU1 release. The updates result from a combination of known issues and customer feedback from our internal teams, partners, and customers who are using App-V 4.5. For a full list of the updates, see [article 976338](http://go.microsoft.com/fwlink/?LinkId=167121) in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkId=167121).
+- Customer Feedback and Hotfix Rollup: App-V 4.5 SP1 also includes a rollup of fixes to address issues found after the Microsoft Application Virtualization (App-V) 4.5 CU1 release. The updates result from a combination of known issues and customer feedback from our internal teams, partners, and customers who are using App-V 4.5. For a full list of the updates, see [article 976338](https://go.microsoft.com/fwlink/?LinkId=167121) in the Microsoft Knowledge Base (https://go.microsoft.com/fwlink/?LinkId=167121).
## In This Section
diff --git a/mdop/appv-v4/about-microsoft-application-virtualization-45-sp2.md b/mdop/appv-v4/about-microsoft-application-virtualization-45-sp2.md
index 841c1186d3..b5a9241cfa 100644
--- a/mdop/appv-v4/about-microsoft-application-virtualization-45-sp2.md
+++ b/mdop/appv-v4/about-microsoft-application-virtualization-45-sp2.md
@@ -15,11 +15,11 @@ ms.prod: w8
This service pack contains the following changes:
-- Support for Office 2010: Microsoft Application Virtualization (App-V) 4.5 SP2 now supports the virtualization of Microsoft Office 2010. For prescriptive guidance for sequencing Office 2010 with App-V 4.5 SP2, see [Prescriptive guidance for sequencing Office 2010 in Microsoft App-V 4.6](http://go.microsoft.com/fwlink/?LinkId=191539) (http://go.microsoft.com/fwlink/?LinkId=191539).
+- Support for Office 2010: Microsoft Application Virtualization (App-V) 4.5 SP2 now supports the virtualization of Microsoft Office 2010. For prescriptive guidance for sequencing Office 2010 with App-V 4.5 SP2, see [Prescriptive guidance for sequencing Office 2010 in Microsoft App-V 4.6](https://go.microsoft.com/fwlink/?LinkId=191539) (https://go.microsoft.com/fwlink/?LinkId=191539).
-- Support for Database Mirroring: App-V 4.5 SP2 now supports Microsoft SQL Server Database Mirroring. For more information about configuring database mirroring in your App-V environment, see [How to Configure Microsoft SQL Server Mirroring Support for App-V](http://go.microsoft.com/fwlink/?LinkId=190880) (http://go.microsoft.com/fwlink/?LinkId=190880).
+- Support for Database Mirroring: App-V 4.5 SP2 now supports Microsoft SQL Server Database Mirroring. For more information about configuring database mirroring in your App-V environment, see [How to Configure Microsoft SQL Server Mirroring Support for App-V](https://go.microsoft.com/fwlink/?LinkId=190880) (https://go.microsoft.com/fwlink/?LinkId=190880).
-- Customer Feedback and Hotfix Rollup: App-V 4.5 SP2 also includes a rollup of fixes to address issues found after the App-V 4.5 SP1 release. The updates address a combination of known issues and customer feedback from Microsoft internal teams, partners, and customers who are using App-V 4.5. For a full list of the updates, see article 980847 in the Microsoft Knowledge Base (KB) at [Description of Microsoft Application Virtualization 4.5 Service Pack 2](http://go.microsoft.com/fwlink/?LinkId=191540) (http://go.microsoft.com/fwlink/?LinkId=191540).
+- Customer Feedback and Hotfix Rollup: App-V 4.5 SP2 also includes a rollup of fixes to address issues found after the App-V 4.5 SP1 release. The updates address a combination of known issues and customer feedback from Microsoft internal teams, partners, and customers who are using App-V 4.5. For a full list of the updates, see article 980847 in the Microsoft Knowledge Base (KB) at [Description of Microsoft Application Virtualization 4.5 Service Pack 2](https://go.microsoft.com/fwlink/?LinkId=191540) (https://go.microsoft.com/fwlink/?LinkId=191540).
## In This Section
diff --git a/mdop/appv-v4/about-microsoft-application-virtualization-46-sp2.md b/mdop/appv-v4/about-microsoft-application-virtualization-46-sp2.md
index ce05dc3362..b24beae096 100644
--- a/mdop/appv-v4/about-microsoft-application-virtualization-46-sp2.md
+++ b/mdop/appv-v4/about-microsoft-application-virtualization-46-sp2.md
@@ -26,7 +26,7 @@ App-V 4.6 SP2 adds support for Windows 8 and Windows Server 2012 Remote Deskto
**Support for coexistence with App-V 5.0 client**
-App-V 4.6 SP2 provides support for coexistence with the Microsoft Application Virtualization 5.0 client. Review the App-V 5.0 documentation for instructions on how to configure the App-V 5.0 client for coexistence with the App-V 4.6 SP2 client. For more information about App-V 5.0, see [Application Virtualization 5](http://go.microsoft.com/fwlink/?LinkId=267599) on TechNet.
+App-V 4.6 SP2 provides support for coexistence with the Microsoft Application Virtualization 5.0 client. Review the App-V 5.0 documentation for instructions on how to configure the App-V 5.0 client for coexistence with the App-V 4.6 SP2 client. For more information about App-V 5.0, see [Application Virtualization 5](https://go.microsoft.com/fwlink/?LinkId=267599) on TechNet.
**Ability to virtualize Adobe Reader X with Protected Mode**
@@ -82,7 +82,7 @@ Specify a path to an RTF or TXT file that provides packaging and deployment guid
**Microsoft Application Error Reporting no longer needs to be installed**
-When you are installing the App-V 4.6 SP2 client by using setup.msi, you no longer need to install Microsoft Application Error Reporting (dw20shared.msi). App-V 4.6 SP2 now uses Microsoft Error Reporting. For more information, see [How to Install the App-V Client by Using Setup.msi](http://go.microsoft.com/fwlink/?LinkId=267237).
+When you are installing the App-V 4.6 SP2 client by using setup.msi, you no longer need to install Microsoft Application Error Reporting (dw20shared.msi). App-V 4.6 SP2 now uses Microsoft Error Reporting. For more information, see [How to Install the App-V Client by Using Setup.msi](https://go.microsoft.com/fwlink/?LinkId=267237).
**Customer feedback and hotfix rollup**
@@ -91,7 +91,7 @@ App-V 4.6 SP2 includes a rollup of fixes to address issues found since the App
## In This Section
-[App-V 4.6 SP2 Release Notes](http://go.microsoft.com/fwlink/?LinkId=267600)
+[App-V 4.6 SP2 Release Notes](https://go.microsoft.com/fwlink/?LinkId=267600)
Provides the most up-to-date information about known issues with App-V 4.6 SP2.
diff --git a/mdop/appv-v4/about-microsoft-application-virtualization-46-sp3.md b/mdop/appv-v4/about-microsoft-application-virtualization-46-sp3.md
index 5493513ee4..0a642d3bc9 100644
--- a/mdop/appv-v4/about-microsoft-application-virtualization-46-sp3.md
+++ b/mdop/appv-v4/about-microsoft-application-virtualization-46-sp3.md
@@ -23,7 +23,7 @@ App-V 4.6 SP3 includes support for Windows Server 2012 R2 and Windows 8.1
## How to Get MDOP Technologies
-App-V is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049) (http://go.microsoft.com/fwlink/?LinkId=322049).
+App-V is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049).
## Related topics
diff --git a/mdop/appv-v4/about-the-deployment-tab.md b/mdop/appv-v4/about-the-deployment-tab.md
index bfaa07b2ad..e3cfc4fcb6 100644
--- a/mdop/appv-v4/about-the-deployment-tab.md
+++ b/mdop/appv-v4/about-the-deployment-tab.md
@@ -117,7 +117,7 @@ Use the **Output Options** controls to specify the output options for the applic
Compression Algorithm |
Use to select the method for compressing the SFT file for streaming across a network. Select one of the following compression methods:
-Compressed—Specifies that the SFT file be compressed in the [ZLIB](http://go.microsoft.com/fwlink/?LinkId=111475) format. Compressed—Specifies that the SFT file be compressed in the [ZLIB](https://go.microsoft.com/fwlink/?LinkId=111475) format. Not Compressed—The default; specifies that the SFT file not be compressed. |
diff --git a/mdop/appv-v4/about-the-virtual-file-system-tab.md b/mdop/appv-v4/about-the-virtual-file-system-tab.md
index 4a68cdad5f..e33d52c82f 100644
--- a/mdop/appv-v4/about-the-virtual-file-system-tab.md
+++ b/mdop/appv-v4/about-the-virtual-file-system-tab.md
@@ -15,7 +15,7 @@ ms.prod: w8
The virtual file system is created during sequencing. It maps directories and files that are added or modified outside the package root directory. The **Virtual File System** tab displays the entire virtual file system for a sequenced application package. It also allows you to add, edit, and delete file associations.
-For information about the virtual file system and its use, see the section “VFS Installs” of [Advanced Sequencing Topics](http://go.microsoft.com/fwlink/?LinkId=114543), at http://go.microsoft.com/fwlink/?LinkId=114543.
+For information about the virtual file system and its use, see the section “VFS Installs” of [Advanced Sequencing Topics](https://go.microsoft.com/fwlink/?LinkId=114543), at https://go.microsoft.com/fwlink/?LinkId=114543.
## Columns
diff --git a/mdop/appv-v4/app-v-45-sp2-release-notes.md b/mdop/appv-v4/app-v-45-sp2-release-notes.md
index 2acd2c8c91..fef2e9aafc 100644
--- a/mdop/appv-v4/app-v-45-sp2-release-notes.md
+++ b/mdop/appv-v4/app-v-45-sp2-release-notes.md
@@ -20,33 +20,33 @@ Read these Release Notes thoroughly before you install the Microsoft Application
-For updated information about known issues, please visit the Microsoft TechNet Library at [App-V 4.5 SP2 Release Notes](http://go.microsoft.com/fwlink/?LinkId=184640) (http://go.microsoft.com/fwlink/?LinkId=184640).
+For updated information about known issues, please visit the Microsoft TechNet Library at [App-V 4.5 SP2 Release Notes](https://go.microsoft.com/fwlink/?LinkId=184640) (https://go.microsoft.com/fwlink/?LinkId=184640).
## About Microsoft Application Virtualization 4.5 Service Pack 2
These Release Notes have been updated to reflect the changes introduced with Microsoft Application Virtualization (App-V) 4.5 Service Pack 2 (SP2). This service pack contains the following changes:
-- Support for Office 2010: App-V 4.5 SP2 now supports the virtualization of Microsoft Office 2010. For prescriptive guidance for sequencing Microsoft Office 2010 with App-V 4.5 SP2, see [Prescriptive guidance for sequencing Office 2010 in Microsoft App-V 4.6](http://go.microsoft.com/fwlink/?LinkId=191539) (http://go.microsoft.com/fwlink/?LinkId=191539).
+- Support for Office 2010: App-V 4.5 SP2 now supports the virtualization of Microsoft Office 2010. For prescriptive guidance for sequencing Microsoft Office 2010 with App-V 4.5 SP2, see [Prescriptive guidance for sequencing Office 2010 in Microsoft App-V 4.6](https://go.microsoft.com/fwlink/?LinkId=191539) (https://go.microsoft.com/fwlink/?LinkId=191539).
-- Support for Database Mirroring: App-V 4.5 SP2 now supports Microsoft SQL Server Database Mirroring. For more information about configuring database mirroring in your App-V environment, see [How to Configure Microsoft SQL Server Mirroring Support for App-V](http://go.microsoft.com/fwlink/?LinkId=190880) (http://go.microsoft.com/fwlink/?LinkId=190880).
+- Support for Database Mirroring: App-V 4.5 SP2 now supports Microsoft SQL Server Database Mirroring. For more information about configuring database mirroring in your App-V environment, see [How to Configure Microsoft SQL Server Mirroring Support for App-V](https://go.microsoft.com/fwlink/?LinkId=190880) (https://go.microsoft.com/fwlink/?LinkId=190880).
-- Customer Feedback and Hotfix Rollup: App-V 4.5 SP2 also includes a rollup of fixes to address issues found after the App-V 4.5 SP1 release. The updates address a combination of known issues and customer feedback from Microsoft internal teams, partners, and customers who are using App-V 4.5. For a full list of the updates, see article 980847 in the Microsoft Knowledge Base (KB) at [Description of Microsoft Application Virtualization 4.5 Service Pack 2](http://go.microsoft.com/fwlink/?LinkId=191540) (http://go.microsoft.com/fwlink/?LinkId=191540).
+- Customer Feedback and Hotfix Rollup: App-V 4.5 SP2 also includes a rollup of fixes to address issues found after the App-V 4.5 SP1 release. The updates address a combination of known issues and customer feedback from Microsoft internal teams, partners, and customers who are using App-V 4.5. For a full list of the updates, see article 980847 in the Microsoft Knowledge Base (KB) at [Description of Microsoft Application Virtualization 4.5 Service Pack 2](https://go.microsoft.com/fwlink/?LinkId=191540) (https://go.microsoft.com/fwlink/?LinkId=191540).
## About the Product Documentation
-Comprehensive documentation for Application Virtualization (App-V) is available on Microsoft TechNet in the [Application Virtualization TechCenter Library](http://go.microsoft.com/fwlink/?LinkId=122939) (http://go.microsoft.com/fwlink/?LinkId=122939). The TechNet documentation includes the online Help for the Application Virtualization Sequencer, the Application Virtualization Clients, and the Application Virtualization Server. It also includes the Application Virtualization Planning and Deployment Guide and the Application Virtualization Operations Guide.
+Comprehensive documentation for Application Virtualization (App-V) is available on Microsoft TechNet in the [Application Virtualization TechCenter Library](https://go.microsoft.com/fwlink/?LinkId=122939) (https://go.microsoft.com/fwlink/?LinkId=122939). The TechNet documentation includes the online Help for the Application Virtualization Sequencer, the Application Virtualization Clients, and the Application Virtualization Server. It also includes the Application Virtualization Planning and Deployment Guide and the Application Virtualization Operations Guide.
## Protect Against Security Vulnerabilities and Viruses
-To help protect against security vulnerabilities and viruses, we recommend that you install the latest available security updates for any new software being installed. For more information, see [Microsoft Security](http://go.microsoft.com/fwlink/?LinkId=3482) (http://go.microsoft.com/fwlink/?LinkId=3482).
+To help protect against security vulnerabilities and viruses, we recommend that you install the latest available security updates for any new software being installed. For more information, see [Microsoft Security](https://go.microsoft.com/fwlink/?LinkId=3482) (https://go.microsoft.com/fwlink/?LinkId=3482).
## Provide Feedback
-You can provide feedback, make a suggestion, or report an issue with the Microsoft Application Virtualization (App-V) Management System through the community forum on the Application Virtualization TechCenter [App-V Documentation Forum](http://go.microsoft.com/fwlink/?LinkId=122917) (http://go.microsoft.com/fwlink/?LinkId=122917).
+You can provide feedback, make a suggestion, or report an issue with the Microsoft Application Virtualization (App-V) Management System through the community forum on the Application Virtualization TechCenter [App-V Documentation Forum](https://go.microsoft.com/fwlink/?LinkId=122917) (https://go.microsoft.com/fwlink/?LinkId=122917).
You can also send your documentation feedback directly to the App-V documentation team at .
@@ -57,13 +57,13 @@ This section provides the most up-to-date information about issues with Microsof
### Guidance for installing Server Management Console
-If you have to install management software on systems other than the primary Application Virtualization publishing and streaming server, the server installation supports installing the Application Virtualization Management Console and Application Virtualization Management Web service on separate servers from the primary App-V Management Server. To distribute the management components across multiple servers, Kerberos delegation must be enabled on the server where the Application Virtualization Web service is installed. For information about how to enable this support, see [How to Configure the Server to be Trusted for Delegation](http://go.microsoft.com/fwlink/?LinkId=166682) (http://go.microsoft.com/fwlink/?LinkId=166682).
+If you have to install management software on systems other than the primary Application Virtualization publishing and streaming server, the server installation supports installing the Application Virtualization Management Console and Application Virtualization Management Web service on separate servers from the primary App-V Management Server. To distribute the management components across multiple servers, Kerberos delegation must be enabled on the server where the Application Virtualization Web service is installed. For information about how to enable this support, see [How to Configure the Server to be Trusted for Delegation](https://go.microsoft.com/fwlink/?LinkId=166682) (https://go.microsoft.com/fwlink/?LinkId=166682).
### Guidance for installing or upgrading clients to App-V 4.5 SP2 by using Setup.msi
When installing or upgrading your App-V Clients to App-V 4.5 SP2 by using Setup.msi, the prerequisites are not installed automatically.
-WORKAROUND You must manually install the prerequisites before installing or upgrading the App-V Clients to App-V 4.5 SP2. For detailed procedures about how to install the prerequisites and the App-V Client, see [How to Install the Client by Using the Command Line](http://go.microsoft.com/fwlink/?LinkId=144106) (http://go.microsoft.com/fwlink/?LinkId=144106).
+WORKAROUND You must manually install the prerequisites before installing or upgrading the App-V Clients to App-V 4.5 SP2. For detailed procedures about how to install the prerequisites and the App-V Client, see [How to Install the Client by Using the Command Line](https://go.microsoft.com/fwlink/?LinkId=144106) (https://go.microsoft.com/fwlink/?LinkId=144106).
When this has been completed, install the App-V 4.5 SP2 Clients by using Setup.msi with administrative credentials. This file is available on the App-V 4.5 SP2 release media in the Installers\\Client folder.
@@ -158,11 +158,11 @@ When using Internet Information Services (IIS) 6.0 or IIS 7.0 for icon or OSD
**Setspn -r HTTP/<Server FQDN>**
-For more information, see [Integrated Windows Authentication (IIS 6.0)](http://go.microsoft.com/fwlink/?LinkId=131407) (http://go.microsoft.com/fwlink/?LinkId=131407).
+For more information, see [Integrated Windows Authentication (IIS 6.0)](https://go.microsoft.com/fwlink/?LinkId=131407) (https://go.microsoft.com/fwlink/?LinkId=131407).
### .NET compatibility changes
-Microsoft Application Virtualization (App-V) Cumulative Update 1 or later supports sequencing the .NET Framework on Windows XP SP2 or later. Sequencing routines for .NET applications that were written for SoftGrid 4.2 might have to be updated when used with the App-V 4.5 Sequencer. For details and workarounds, see the Application Virtualization TechCenter article at [Support for .NET in Microsoft Application Virtualization 4.5](http://go.microsoft.com/fwlink/?LinkId=123412) (http://go.microsoft.com/fwlink/?LinkId=123412).
+Microsoft Application Virtualization (App-V) Cumulative Update 1 or later supports sequencing the .NET Framework on Windows XP SP2 or later. Sequencing routines for .NET applications that were written for SoftGrid 4.2 might have to be updated when used with the App-V 4.5 Sequencer. For details and workarounds, see the Application Virtualization TechCenter article at [Support for .NET in Microsoft Application Virtualization 4.5](https://go.microsoft.com/fwlink/?LinkId=123412) (https://go.microsoft.com/fwlink/?LinkId=123412).
### After client upgrade from App-V 4.2, some applications are not shown
@@ -192,7 +192,7 @@ Application Virtualization administrators must have Read and Execute permissions
When used in conjunction with KEEPCURRENTSETTINGS=1, the following client installer command-line parameters are ignored: SWICACHESIZE, MINFREESPACEMB, ALLOWINDEPENDENTFILESTREAMING, APPLICATIONSOURCEROOT, ICONSOURCEROOT, OSDSOURCEROOT, SYSTEMEVENTLOGLEVEL, SWIGLOBALDATA, DOTIMEOUTMINUTES, SWIFSDRIVE, AUTOLOADTARGET, AUTOLOADTRIGGERS, SWIUSERDATA, and REQUIRESECURECONNECTION.
-WORKAROUND If you have settings you want to retain, use KEEPCURRENTSETTINGS=1, and then set the other parameters after deployment. The App-V ADM Template can be used to set the following client settings: APPLICATIONSOURCEROOT, ICONSOURCEROOT, OSDSOURCEROOT, AUTOLOADTARGET, AUTOLOADTRIGGERS, DOTIMEOUTMINUTES, and ALLOWINDEPENDENTFILESTREAMING. You can download the ADM Template from the Microsoft DownLoad Center at [Microsoft Application Virtualization Administrative Template (ADM Template)](http://go.microsoft.com/fwlink/?LinkId=121835) (http://go.microsoft.com/fwlink/?LinkId=121835).
+WORKAROUND If you have settings you want to retain, use KEEPCURRENTSETTINGS=1, and then set the other parameters after deployment. The App-V ADM Template can be used to set the following client settings: APPLICATIONSOURCEROOT, ICONSOURCEROOT, OSDSOURCEROOT, AUTOLOADTARGET, AUTOLOADTRIGGERS, DOTIMEOUTMINUTES, and ALLOWINDEPENDENTFILESTREAMING. You can download the ADM Template from the Microsoft DownLoad Center at [Microsoft Application Virtualization Administrative Template (ADM Template)](https://go.microsoft.com/fwlink/?LinkId=121835) (https://go.microsoft.com/fwlink/?LinkId=121835).
### Release Notes Copyright Information
diff --git a/mdop/appv-v4/app-v-46-release-notes.md b/mdop/appv-v4/app-v-46-release-notes.md
index 81d8a1852e..854a3c4ca1 100644
--- a/mdop/appv-v4/app-v-46-release-notes.md
+++ b/mdop/appv-v4/app-v-46-release-notes.md
@@ -23,7 +23,7 @@ Read these Release Notes thoroughly before you install the Microsoft Application
## Protect Against Security Vulnerabilities and Viruses
-To help protect against security vulnerabilities and viruses, it is important to install the latest available security updates for any new software being installed. For more information, see the [Microsoft Security Web site](http://go.microsoft.com/fwlink/?LinkId=3482) (http://go.microsoft.com/fwlink/?LinkId=3482).
+To help protect against security vulnerabilities and viruses, it is important to install the latest available security updates for any new software being installed. For more information, see the [Microsoft Security Web site](https://go.microsoft.com/fwlink/?LinkId=3482) (https://go.microsoft.com/fwlink/?LinkId=3482).
## Known Issues with Application Virtualization 4.6
diff --git a/mdop/appv-v4/app-v-46-sp1-release-notes.md b/mdop/appv-v4/app-v-46-sp1-release-notes.md
index 80d4220900..6b315e90ba 100644
--- a/mdop/appv-v4/app-v-46-sp1-release-notes.md
+++ b/mdop/appv-v4/app-v-46-sp1-release-notes.md
@@ -23,7 +23,7 @@ Read these Release Notes thoroughly before you install the Microsoft Application
## Protect Against Security Vulnerabilities and Viruses
-To help protect against security vulnerabilities and viruses, it is important to install the latest available security updates for any new software being installed. For more information, see the [Microsoft Security website](http://go.microsoft.com/fwlink/?LinkId=3482) (http://go.microsoft.com/fwlink/?LinkId=3482).
+To help protect against security vulnerabilities and viruses, it is important to install the latest available security updates for any new software being installed. For more information, see the [Microsoft Security website](https://go.microsoft.com/fwlink/?LinkId=3482) (https://go.microsoft.com/fwlink/?LinkId=3482).
## Known Issues with Application Virtualization 4.6 SP1
diff --git a/mdop/appv-v4/app-v-46-sp2-release-notes.md b/mdop/appv-v4/app-v-46-sp2-release-notes.md
index f2414f7825..a9e792b831 100644
--- a/mdop/appv-v4/app-v-46-sp2-release-notes.md
+++ b/mdop/appv-v4/app-v-46-sp2-release-notes.md
@@ -22,7 +22,7 @@ These release notes contain information that is required to successfully install
## About the Product Documentation
-For more information about documentation for App-V, see the [Application Virtualization](http://go.microsoft.com/fwlink/?LinkID=232982) page on Microsoft TechNet.
+For more information about documentation for App-V, see the [Application Virtualization](https://go.microsoft.com/fwlink/?LinkID=232982) page on Microsoft TechNet.
## Providing feedback
@@ -34,9 +34,9 @@ This email address is not a support channel, but your feedback will help us to p
-For the latest information about MDOP and additional learning resources, see the [MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032) page.
+For the latest information about MDOP and additional learning resources, see the [MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032) page.
-For more information about new updates or to provide feedback, follow us on [Facebook](http://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](http://go.microsoft.com/fwlink/p/?LinkId=242447).
+For more information about new updates or to provide feedback, follow us on [Facebook](https://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](https://go.microsoft.com/fwlink/p/?LinkId=242447).
## Known Issues with App-V 4.6 SP2
diff --git a/mdop/appv-v4/app-v-46-sp3-release-notes.md b/mdop/appv-v4/app-v-46-sp3-release-notes.md
index f3b3bbd638..53e91e93f6 100644
--- a/mdop/appv-v4/app-v-46-sp3-release-notes.md
+++ b/mdop/appv-v4/app-v-46-sp3-release-notes.md
@@ -20,7 +20,7 @@ Read these Release Notes thoroughly before you install the Microsoft Application
## Protect Against Security Vulnerabilities and Viruses
-To help protect against security vulnerabilities and viruses, it is important to install the latest available security updates for any new software being installed. For more information, see the [Microsoft Security website](http://go.microsoft.com/fwlink/?LinkId=3482) (http://go.microsoft.com/fwlink/?LinkId=3482).
+To help protect against security vulnerabilities and viruses, it is important to install the latest available security updates for any new software being installed. For more information, see the [Microsoft Security website](https://go.microsoft.com/fwlink/?LinkId=3482) (https://go.microsoft.com/fwlink/?LinkId=3482).
## Known Issues with Application Virtualization 4.6 SP3
diff --git a/mdop/appv-v4/app-v-client-registry-values-sp1.md b/mdop/appv-v4/app-v-client-registry-values-sp1.md
index d1abb66e68..ce05856766 100644
--- a/mdop/appv-v4/app-v-client-registry-values-sp1.md
+++ b/mdop/appv-v4/app-v-client-registry-values-sp1.md
@@ -86,7 +86,7 @@ The following table provides information about the registry values associated wi
Controls which messages are written to the log. The value indicates a threshold of what is logged—everything less than or equal to that value is logged. For example, a value of 0x3 (Warning) indicates that Warnings (0x3), Errors (0x2), and Critical Errors (0x1) are logged.
Value Range: 0x0 = None, 0x1 = Critical, 0x2 = Error, 0x3 = Warning, 0x4 = Information (Default), 0x5 = Verbose.
The log level is configurable from the Application Virtualization (App-V) client console and from the command prompt. At a command prompt, the command sftlist.exe /verboselog will increase the log level to verbose. For more information on command-line details see
-http://go.microsoft.com/fwlink/?LinkId=141467http://go.microsoft.com/fwlink/?LinkId=141467
+https://go.microsoft.com/fwlink/?LinkId=141467https://go.microsoft.com/fwlink/?LinkId=141467
. |
diff --git a/mdop/appv-v4/app-v-desktop-client-security.md b/mdop/appv-v4/app-v-desktop-client-security.md
index 1ac437a216..24bf4ce063 100644
--- a/mdop/appv-v4/app-v-desktop-client-security.md
+++ b/mdop/appv-v4/app-v-desktop-client-security.md
@@ -56,7 +56,7 @@ When using the ADM Template, remember that the settings are Group Policy prefere
-For a full description of the ADM Template, the specific settings, and guidance to successfully deploy clients in your environment, see the App-V ADM Template white paper at [http://go.microsoft.com/fwlink/LinkId=122063](http://go.microsoft.com/fwlink/?LinkId=122063).
+For a full description of the ADM Template, the specific settings, and guidance to successfully deploy clients in your environment, see the App-V ADM Template white paper at [https://go.microsoft.com/fwlink/LinkId=122063](https://go.microsoft.com/fwlink/?LinkId=122063).
## Removing OSD File Type Associations
diff --git a/mdop/appv-v4/app-v-interoperability-with-windows-applocker.md b/mdop/appv-v4/app-v-interoperability-with-windows-applocker.md
index 19861182b0..30fcea79ef 100644
--- a/mdop/appv-v4/app-v-interoperability-with-windows-applocker.md
+++ b/mdop/appv-v4/app-v-interoperability-with-windows-applocker.md
@@ -16,7 +16,7 @@ ms.prod: w8
Version 4.5 SP1 of the Microsoft Application Virtualization (App-V) client supports the AppLocker feature of Windows 7. The AppLocker feature enables IT administrators to specify which applications are restricted from running on computers. This document describes how to configure the AppLocker rules to work with the App-V virtual environment and virtualized applications.
**Note**
-Windows AppLocker must first be enabled before configuring Windows AppLocker rules for virtual applications. For more information about enabling Windows AppLocker, [Windows AppLocker](http://go.microsoft.com/fwlink/?LinkId=156732) (http://go.microsoft.com/fwlink/?LinkId=156732).
+Windows AppLocker must first be enabled before configuring Windows AppLocker rules for virtual applications. For more information about enabling Windows AppLocker, [Windows AppLocker](https://go.microsoft.com/fwlink/?LinkId=156732) (https://go.microsoft.com/fwlink/?LinkId=156732).
diff --git a/mdop/appv-v4/app-v-pre-installation-checklist.md b/mdop/appv-v4/app-v-pre-installation-checklist.md
index 4986b4222b..1a675afc30 100644
--- a/mdop/appv-v4/app-v-pre-installation-checklist.md
+++ b/mdop/appv-v4/app-v-pre-installation-checklist.md
@@ -52,7 +52,7 @@ The following checklist is intended to provide a high-level list of items to con
Install Microsoft SQL Server 2008. |
-[Install SQL Server 2008](http://go.microsoft.com/fwlink/?LinkId=181924) (http://go.microsoft.com/fwlink/?LinkId=181924). |
+[Install SQL Server 2008](https://go.microsoft.com/fwlink/?LinkId=181924) (https://go.microsoft.com/fwlink/?LinkId=181924). |
diff --git a/mdop/appv-v4/app-v-upgrade-checklist.md b/mdop/appv-v4/app-v-upgrade-checklist.md
index 1cc521ddb6..7e2266af13 100644
--- a/mdop/appv-v4/app-v-upgrade-checklist.md
+++ b/mdop/appv-v4/app-v-upgrade-checklist.md
@@ -81,7 +81,7 @@ Before trying to upgrade to Microsoft Application Virtualization (App-V) 4.5 or
- Any version 4.2 reports that were created and saved will be overwritten when the server is upgraded to version 4.5. If you have to keep these reports, you must save a backup copy of the SftMMC.msc file located in the SoftGrid Management Console folder on the server and use that copy to replace the new SftMMC.msc that is installed during the upgrade.
-- For additional information about upgrading from previous versions, see [Upgrading to Microsoft Application Virtualization 4.5 FAQ](http://go.microsoft.com/fwlink/?LinkId=120358) (http://go.microsoft.com/fwlink/?LinkId=120358).
+- For additional information about upgrading from previous versions, see [Upgrading to Microsoft Application Virtualization 4.5 FAQ](https://go.microsoft.com/fwlink/?LinkId=120358) (https://go.microsoft.com/fwlink/?LinkId=120358).
## App-V 4.6 Client Package Support
diff --git a/mdop/appv-v4/application-virtualization-client-hardware-and-software-requirements.md b/mdop/appv-v4/application-virtualization-client-hardware-and-software-requirements.md
index c26601e8b8..b840409951 100644
--- a/mdop/appv-v4/application-virtualization-client-hardware-and-software-requirements.md
+++ b/mdop/appv-v4/application-virtualization-client-hardware-and-software-requirements.md
@@ -85,16 +85,16 @@ The hardware requirements requirements are applicable to all versions.
**Note**
The following software prerequisites are installed automatically if you are using the Setup.exe method. If you are using the Setup.msi installation program, the following products must be installed first.
-- **Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)**—For more information about installing Microsoft Visual C++ 2005 SP1 Redistributable Package (x86), see [Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)](http://go.microsoft.com/fwlink/?LinkId=119961) (http://go.microsoft.com/fwlink/?LinkId=119961). For version 4.5 SP2 of the App-V client, download Vcredist\_x86.exe from [Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package ATL Security Update](http://go.microsoft.com/fwlink/?LinkId=169360) (http://go.microsoft.com/fwlink/?LinkId=169360).
+- **Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)**—For more information about installing Microsoft Visual C++ 2005 SP1 Redistributable Package (x86), see [Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)](https://go.microsoft.com/fwlink/?LinkId=119961) (https://go.microsoft.com/fwlink/?LinkId=119961). For version 4.5 SP2 of the App-V client, download Vcredist\_x86.exe from [Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package ATL Security Update](https://go.microsoft.com/fwlink/?LinkId=169360) (https://go.microsoft.com/fwlink/?LinkId=169360).
-- **Microsoft Core XML Services (MSXML) 6.0 SP1 (x86)**—For more information about installing Microsoft Core XML Services (MSXML) 6.0 SP1 (x86), see [Microsoft Core XML Services (MSXML) 6.0 SP1 (x86)](http://go.microsoft.com/fwlink/?LinkId=63266) (http://go.microsoft.com/fwlink/?LinkId=63266).
+- **Microsoft Core XML Services (MSXML) 6.0 SP1 (x86)**—For more information about installing Microsoft Core XML Services (MSXML) 6.0 SP1 (x86), see [Microsoft Core XML Services (MSXML) 6.0 SP1 (x86)](https://go.microsoft.com/fwlink/?LinkId=63266) (https://go.microsoft.com/fwlink/?LinkId=63266).
**Note**
For the Application Virtualization (App-V) 4.6 Desktop Client, the following additional software prerequisite is installed automatically if you are using the Setup.exe method. If you are using the Setup.msi installation program, you must also install with the other prerequisites listed.
-- **Microsoft Visual C++ 2008 SP1 Redistributable Package (x86)**—For more information about installing Microsoft Visual C++ 2008 SP1 Redistributable Package (x86), see [Microsoft Visual C++ 2008 SP1 Redistributable Package (x86)](http://go.microsoft.com/fwlink/?LinkId=150700) (http://go.microsoft.com/fwlink/?LinkId=150700).
+- **Microsoft Visual C++ 2008 SP1 Redistributable Package (x86)**—For more information about installing Microsoft Visual C++ 2008 SP1 Redistributable Package (x86), see [Microsoft Visual C++ 2008 SP1 Redistributable Package (x86)](https://go.microsoft.com/fwlink/?LinkId=150700) (https://go.microsoft.com/fwlink/?LinkId=150700).
@@ -149,9 +149,9 @@ The Application Virtualization (App-V) 4.6 Desktop Client supports 32-bit and 64
**Note**
The following software prerequisites are installed automatically if you are using the Setup.exe method. If you are using the Setup.msi installation program, the following products must be installed first.
-- **Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)**—For more information about installing Microsoft Visual C++ 2005 SP1 Redistributable Package (x86), see [Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)](http://go.microsoft.com/fwlink/?LinkId=119961) (http://go.microsoft.com/fwlink/?LinkId=119961). For version 4.5 SP2 of the App-V client, download Vcredist\_x86.exe from [Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package ATL Security Update](http://go.microsoft.com/fwlink/?LinkId=169360) (http://go.microsoft.com/fwlink/?LinkId=169360).
+- **Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)**—For more information about installing Microsoft Visual C++ 2005 SP1 Redistributable Package (x86), see [Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)](https://go.microsoft.com/fwlink/?LinkId=119961) (https://go.microsoft.com/fwlink/?LinkId=119961). For version 4.5 SP2 of the App-V client, download Vcredist\_x86.exe from [Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package ATL Security Update](https://go.microsoft.com/fwlink/?LinkId=169360) (https://go.microsoft.com/fwlink/?LinkId=169360).
-- **Microsoft Core XML Services (MSXML) 6.0 SP1 (x86)**—For more information about installing Microsoft Core XML Services (MSXML) 6.0 SP1 (x86), see [Microsoft Core XML Services (MSXML) 6.0 SP1 (x86)](http://go.microsoft.com/fwlink/?LinkId=63266) (http://go.microsoft.com/fwlink/?LinkId=63266).
+- **Microsoft Core XML Services (MSXML) 6.0 SP1 (x86)**—For more information about installing Microsoft Core XML Services (MSXML) 6.0 SP1 (x86), see [Microsoft Core XML Services (MSXML) 6.0 SP1 (x86)](https://go.microsoft.com/fwlink/?LinkId=63266) (https://go.microsoft.com/fwlink/?LinkId=63266).
- **Microsoft Application Error Reporting**—The installation program for this software is included in the **Support\\Watson** folder in the self-extracting archive file.
@@ -160,7 +160,7 @@ The following software prerequisites are installed automatically if you are usin
**Note**
For the Application Virtualization (App-V) 4.6 Desktop Client, the following additional software prerequisite is installed automatically if you are using the Setup.exe method. If you are using the Setup.msi installation program, you must also install with the other prerequisites listed.
-- **Microsoft Visual C++ 2008 SP1 Redistributable Package (x86)**—For more information about installing Microsoft Visual C++ 2008 SP1 Redistributable Package (x86), see [Microsoft Visual C++ 2008 SP1 Redistributable Package (x86)](http://go.microsoft.com/fwlink/?LinkId=150700) (http://go.microsoft.com/fwlink/?LinkId=150700).
+- **Microsoft Visual C++ 2008 SP1 Redistributable Package (x86)**—For more information about installing Microsoft Visual C++ 2008 SP1 Redistributable Package (x86), see [Microsoft Visual C++ 2008 SP1 Redistributable Package (x86)](https://go.microsoft.com/fwlink/?LinkId=150700) (https://go.microsoft.com/fwlink/?LinkId=150700).
@@ -234,9 +234,9 @@ The hardware requirements requirements are applicable to all versions.
**Note**
The following software prerequisites are installed automatically if you are using the Setup.exe method. If you are using the Setup.msi installation program, the following products must be installed first.
-- **Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)**—For more information about installing Microsoft Visual C++ 2005 SP1 Redistributable Package (x86), see [Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)](http://go.microsoft.com/fwlink/?LinkId=119961) (http://go.microsoft.com/fwlink/?LinkId=119961). For version 4.5 SP2 of the App-V client, download Vcredist\_x86.exe from [Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package ATL Security Update](http://go.microsoft.com/fwlink/?LinkId=169360) (http://go.microsoft.com/fwlink/?LinkId=169360).
+- **Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)**—For more information about installing Microsoft Visual C++ 2005 SP1 Redistributable Package (x86), see [Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)](https://go.microsoft.com/fwlink/?LinkId=119961) (https://go.microsoft.com/fwlink/?LinkId=119961). For version 4.5 SP2 of the App-V client, download Vcredist\_x86.exe from [Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package ATL Security Update](https://go.microsoft.com/fwlink/?LinkId=169360) (https://go.microsoft.com/fwlink/?LinkId=169360).
-- **Microsoft Core XML Services (MSXML) 6.0 SP1 (x86)**—For more information about installing Microsoft Core XML Services (MSXML) 6.0 SP1 (x86), see [Microsoft Core XML Services (MSXML) 6.0 SP1 (x86)](http://go.microsoft.com/fwlink/?LinkId=63266) (http://go.microsoft.com/fwlink/?LinkId=63266).
+- **Microsoft Core XML Services (MSXML) 6.0 SP1 (x86)**—For more information about installing Microsoft Core XML Services (MSXML) 6.0 SP1 (x86), see [Microsoft Core XML Services (MSXML) 6.0 SP1 (x86)](https://go.microsoft.com/fwlink/?LinkId=63266) (https://go.microsoft.com/fwlink/?LinkId=63266).
- **Microsoft Application Error Reporting**—The installation program for this software is included in the **Support\\Watson** folder in the self-extracting archive file.
@@ -245,7 +245,7 @@ The following software prerequisites are installed automatically if you are usin
**Note**
For the Application Virtualization (App-V) 4.6 Desktop Client, the following additional software prerequisite is installed automatically if you are using the Setup.exe method. If you are using the Setup.msi installation program, you must also install with the other prerequisites listed.
-- **Microsoft Visual C++ 2008 SP1 Redistributable Package (x86)**—For more information about installing Microsoft Visual C++ 2008 SP1 Redistributable Package (x86), see [Microsoft Visual C++ 2008 SP1 Redistributable Package (x86)](http://go.microsoft.com/fwlink/?LinkId=150700) (http://go.microsoft.com/fwlink/?LinkId=150700).
+- **Microsoft Visual C++ 2008 SP1 Redistributable Package (x86)**—For more information about installing Microsoft Visual C++ 2008 SP1 Redistributable Package (x86), see [Microsoft Visual C++ 2008 SP1 Redistributable Package (x86)](https://go.microsoft.com/fwlink/?LinkId=150700) (https://go.microsoft.com/fwlink/?LinkId=150700).
diff --git a/mdop/appv-v4/application-virtualization-client-installer-command-line-parameters.md b/mdop/appv-v4/application-virtualization-client-installer-command-line-parameters.md
index 6171672825..07c6eadf1c 100644
--- a/mdop/appv-v4/application-virtualization-client-installer-command-line-parameters.md
+++ b/mdop/appv-v4/application-virtualization-client-installer-command-line-parameters.md
@@ -285,7 +285,7 @@ The following table lists all available Microsoft Application Virtualization Cli
Important
If set to a value of 1, the following client installer command-line parameters are ignored:
SWICACHESIZE, MINFREESPACEMB, ALLOWINDEPENDENTFILESTREAMING, APPLICATIONSOURCEROOT, ICONSOURCEROOT, OSDSOURCEROOT, SYSTEMEVENTLOGLEVEL, SWIGLOBALDATA, DOTIMEOUTMINUTES, SWIFSDRIVE, AUTOLOADTARGET, AUTOLOADTRIGGERS, and SWIUSERDATA.
-For further information about setting these values after installation, see “How to Configure the App-V Client Registry Settings by Using the Command Line” in the Application Virtualization (App-V) Operations Guide ([http://go.microsoft.com/fwlink/?LinkId=122939](http://go.microsoft.com/fwlink/?LinkId=122939)).
+For further information about setting these values after installation, see “How to Configure the App-V Client Registry Settings by Using the Command Line” in the Application Virtualization (App-V) Operations Guide ([https://go.microsoft.com/fwlink/?LinkId=122939](https://go.microsoft.com/fwlink/?LinkId=122939)).
diff --git a/mdop/appv-v4/configuring-app-v-administration-for-a-distributed-environment.md b/mdop/appv-v4/configuring-app-v-administration-for-a-distributed-environment.md
index be27f4388f..097da31e02 100644
--- a/mdop/appv-v4/configuring-app-v-administration-for-a-distributed-environment.md
+++ b/mdop/appv-v4/configuring-app-v-administration-for-a-distributed-environment.md
@@ -48,7 +48,7 @@ To set up the environment where SQL Servers use domain-based service accounts, y
- Linked servers
-For information about configuring Active Directory Domain Services when the SQL service uses a domain-based account, see
.
+For information about configuring Active Directory Domain Services when the SQL service uses a domain-based account, see .
diff --git a/mdop/appv-v4/configuring-certificates-to-support-app-v-management-server-or-streaming-server.md b/mdop/appv-v4/configuring-certificates-to-support-app-v-management-server-or-streaming-server.md
index 9d14275aea..34f4b265ea 100644
--- a/mdop/appv-v4/configuring-certificates-to-support-app-v-management-server-or-streaming-server.md
+++ b/mdop/appv-v4/configuring-certificates-to-support-app-v-management-server-or-streaming-server.md
@@ -38,7 +38,7 @@ The App-V certificate is submitted to a certification authority (CA) that is con
This configuration is necessary only when using an NLB cluster. When the client connects to the server, it will connect using the fully qualified domain name (FQDN) of the NLB cluster and not the FQDN of an individual server. If you do not add the SAN property with the FQDN of the server nodes in the cluster, all client connections are refused because the common name of the certificate won’t match the server name.
-For more detailed information about configuring certificates with the SAN attribute, see .
+For more detailed information about configuring certificates with the SAN attribute, see .
## Related topics
diff --git a/mdop/appv-v4/configuring-certificates-to-support-secure-streaming.md b/mdop/appv-v4/configuring-certificates-to-support-secure-streaming.md
index 1e904c03a9..50c237450f 100644
--- a/mdop/appv-v4/configuring-certificates-to-support-secure-streaming.md
+++ b/mdop/appv-v4/configuring-certificates-to-support-secure-streaming.md
@@ -35,7 +35,7 @@ The scenarios for obtaining and installing a certificate for App-V are as follow
If a PKI infrastructure has been deployed, consult with the PKI administrators to acquire a certificate that complies with the requirements described in this topic. If a PKI infrastructure is not available, use a third-party CA to obtain a valid certificate.
-For step-by-step guidance for obtaining and installing a certificate, see .
+For step-by-step guidance for obtaining and installing a certificate, see .
## Related topics
diff --git a/mdop/appv-v4/configuring-certificates-to-support-the-app-v-web-management-service.md b/mdop/appv-v4/configuring-certificates-to-support-the-app-v-web-management-service.md
index 15f49413c8..41b7a484cd 100644
--- a/mdop/appv-v4/configuring-certificates-to-support-the-app-v-web-management-service.md
+++ b/mdop/appv-v4/configuring-certificates-to-support-the-app-v-web-management-service.md
@@ -30,7 +30,7 @@ The name of the certificate must match the name of the server. It is a best prac
-App-V can use IIS servers to support different infrastructure configurations. For more information about configuring IIS servers to support HTTPS, see .
+App-V can use IIS servers to support different infrastructure configurations. For more information about configuring IIS servers to support HTTPS, see .
## Related topics
diff --git a/mdop/appv-v4/configuring-iis-for-secure-streaming.md b/mdop/appv-v4/configuring-iis-for-secure-streaming.md
index b5b3018970..32b9bd5155 100644
--- a/mdop/appv-v4/configuring-iis-for-secure-streaming.md
+++ b/mdop/appv-v4/configuring-iis-for-secure-streaming.md
@@ -18,9 +18,9 @@ With the release of Microsoft Application Virtualization (App-V) version 4.5, yo
**Note**
If you want to stream applications from a file server, you should enhance the security of the communications to the application packages. This can be achieved using IPsec. For more information see the following topics in the TechNet Library:
-- For Windows Server 2003,
+- For Windows Server 2003,
-- For Windows Server 2008,
+- For Windows Server 2008,
@@ -35,9 +35,9 @@ When you use IIS to stream virtual applications with HTTP or HTTPS, to support A
Use the following KB articles as guidance for adding MIME types:
-IIS 6.0:
+IIS 6.0:
-IIS 7.0:
+IIS 7.0:
## Kerberos Authentication
diff --git a/mdop/appv-v4/electronic-software-distribution-based-scenario-overview.md b/mdop/appv-v4/electronic-software-distribution-based-scenario-overview.md
index bd51a8de61..9980c9e2c5 100644
--- a/mdop/appv-v4/electronic-software-distribution-based-scenario-overview.md
+++ b/mdop/appv-v4/electronic-software-distribution-based-scenario-overview.md
@@ -16,7 +16,7 @@ ms.prod: w8
If you plan to use an electronic software distribution (ESD) solution to deploy virtual applications, it is important to understand the factors that go into and are affected by that decision. This topic describes the benefits of using an ESD-based scenario and provides information about the publishing and package streaming methods that you will need to consider as you proceed with your deployment.
**Important**
-Whichever ESD solution you use, you must be familiar with the requirements of your particular solution. If you are using System Center Configuration Manager 2007 R2 or later, see the System Center Configuration Manager documentation at .
+Whichever ESD solution you use, you must be familiar with the requirements of your particular solution. If you are using System Center Configuration Manager 2007 R2 or later, see the System Center Configuration Manager documentation at .
diff --git a/mdop/appv-v4/how-to-configure-a-read-only-cache-on-the-app-v-client--rds--sp1.md b/mdop/appv-v4/how-to-configure-a-read-only-cache-on-the-app-v-client--rds--sp1.md
index b57bb891ef..b883b5b994 100644
--- a/mdop/appv-v4/how-to-configure-a-read-only-cache-on-the-app-v-client--rds--sp1.md
+++ b/mdop/appv-v4/how-to-configure-a-read-only-cache-on-the-app-v-client--rds--sp1.md
@@ -140,7 +140,7 @@ Although you can publish the applications by using several different methods, th
## How to Use Symbolic Links when Upgrading the Cache
-Instead of changing the AppFS key FILENAME value every time that a new cache file is deployed that contains new or upgraded packages, you can use a symbolic link in the following operating systems: Windows Vista, Windows 7, and Windows Server 2008. For more information about symbolic links, see [Symbolic Links](http://go.microsoft.com/fwlink/?LinkId=157626) (http://go.microsoft.com/fwlink/?LinkId=157626). In contrast, Windows XP does not support the use of symbolic links, and you must use junction points instead. For more information about junctions, see [article 205524](http://go.microsoft.com/fwlink/?LinkId=182553) in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkId=182553), and also the tool [Junction v1.05](http://go.microsoft.com/fwlink/?LinkId=182554) (http://go.microsoft.com/fwlink/?LinkId=182554).
+Instead of changing the AppFS key FILENAME value every time that a new cache file is deployed that contains new or upgraded packages, you can use a symbolic link in the following operating systems: Windows Vista, Windows 7, and Windows Server 2008. For more information about symbolic links, see [Symbolic Links](https://go.microsoft.com/fwlink/?LinkId=157626) (https://go.microsoft.com/fwlink/?LinkId=157626). In contrast, Windows XP does not support the use of symbolic links, and you must use junction points instead. For more information about junctions, see [article 205524](https://go.microsoft.com/fwlink/?LinkId=182553) in the Microsoft Knowledge Base (https://go.microsoft.com/fwlink/?LinkId=182553), and also the tool [Junction v1.05](https://go.microsoft.com/fwlink/?LinkId=182554) (https://go.microsoft.com/fwlink/?LinkId=182554).
**To configure a symbolic link to reference the cache**
diff --git a/mdop/appv-v4/how-to-configure-a-read-only-cache-on-the-app-v-client--vdi-.md b/mdop/appv-v4/how-to-configure-a-read-only-cache-on-the-app-v-client--vdi-.md
index a36457280d..1d39c091ec 100644
--- a/mdop/appv-v4/how-to-configure-a-read-only-cache-on-the-app-v-client--vdi-.md
+++ b/mdop/appv-v4/how-to-configure-a-read-only-cache-on-the-app-v-client--vdi-.md
@@ -13,7 +13,7 @@ ms.prod: w8
# How to Configure a Read-only Cache on the App-V Client (VDI)
-In Microsoft Application Virtualization (App-V) 4.6 the Client supports using a shared read-only cache. The shared read-only cache enables the Client to use disk space efficiently in a Virtual Desktop Infrastructure (VDI) system, where users run applications on Virtual Machines (VM) that are hosted in a data center server environment and share network storage on a Storage Area Network (SAN). The following procedures provide an overview of the process that is required to implement the App-V Client in either of the primary VDI architectures, known as “Pooled VM” or “Static VM”. It is assumed that you are familiar with the planning, deployment, and operation of the App-V system and its components, and also the operation and management of the VDI server. For more information about App-V, see [Application Virtualization](http://go.microsoft.com/fwlink/?LinkId=122939) (http://go.microsoft.com/fwlink/?LinkId=122939)
+In Microsoft Application Virtualization (App-V) 4.6 the Client supports using a shared read-only cache. The shared read-only cache enables the Client to use disk space efficiently in a Virtual Desktop Infrastructure (VDI) system, where users run applications on Virtual Machines (VM) that are hosted in a data center server environment and share network storage on a Storage Area Network (SAN). The following procedures provide an overview of the process that is required to implement the App-V Client in either of the primary VDI architectures, known as “Pooled VM” or “Static VM”. It is assumed that you are familiar with the planning, deployment, and operation of the App-V system and its components, and also the operation and management of the VDI server. For more information about App-V, see [Application Virtualization](https://go.microsoft.com/fwlink/?LinkId=122939) (https://go.microsoft.com/fwlink/?LinkId=122939)
**Note**
The details outlined in these procedures are intended as examples only. You might use different methods to complete the overall process.
@@ -151,7 +151,7 @@ Although you can publish the applications by using several different methods, th
## How to Use Symbolic Links when Upgrading the Cache
-Instead of modifying the AppFS key FILENAME value every time that a new cache file is deployed that contains new or upgraded packages, you can use a symbolic link in the following operating systems: Windows Vista, Windows 7, and Windows Server 2008. For more information about symbolic links, see [Symbolic Links](http://go.microsoft.com/fwlink/?LinkId=157626) (http://go.microsoft.com/fwlink/?LinkId=157626). In contrast, Windows XP does not support the use of symbolic links, and you must use junction points instead. For more information about junctions, see [article 205524](http://go.microsoft.com/fwlink/?LinkId=182553) in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkId=182553), and also the tool [Junction v1.05](http://go.microsoft.com/fwlink/?LinkId=182554) (http://go.microsoft.com/fwlink/?LinkId=182554).
+Instead of modifying the AppFS key FILENAME value every time that a new cache file is deployed that contains new or upgraded packages, you can use a symbolic link in the following operating systems: Windows Vista, Windows 7, and Windows Server 2008. For more information about symbolic links, see [Symbolic Links](https://go.microsoft.com/fwlink/?LinkId=157626) (https://go.microsoft.com/fwlink/?LinkId=157626). In contrast, Windows XP does not support the use of symbolic links, and you must use junction points instead. For more information about junctions, see [article 205524](https://go.microsoft.com/fwlink/?LinkId=182553) in the Microsoft Knowledge Base (https://go.microsoft.com/fwlink/?LinkId=182553), and also the tool [Junction v1.05](https://go.microsoft.com/fwlink/?LinkId=182554) (https://go.microsoft.com/fwlink/?LinkId=182554).
**To configure a symbolic link to reference the cache**
diff --git a/mdop/appv-v4/how-to-configure-microsoft-sql-server-mirroring-support-for-app-v.md b/mdop/appv-v4/how-to-configure-microsoft-sql-server-mirroring-support-for-app-v.md
index 381bb8e72c..2ca3425059 100644
--- a/mdop/appv-v4/how-to-configure-microsoft-sql-server-mirroring-support-for-app-v.md
+++ b/mdop/appv-v4/how-to-configure-microsoft-sql-server-mirroring-support-for-app-v.md
@@ -24,17 +24,17 @@ This procedure is written for administrators who are familiar with setting up an
1. Set up SQL Server database mirroring of the App-V database following your standard business practices for database mirroring. Use the following links for general information about implementing Microsoft SQL Server database mirroring:
- - **Microsoft SQL 2005**—[Setting Up Database Mirroring](http://go.microsoft.com/fwlink/?LinkId=187478) (http://go.microsoft.com/fwlink/?LinkId=187478)
+ - **Microsoft SQL 2005**—[Setting Up Database Mirroring](https://go.microsoft.com/fwlink/?LinkId=187478) (https://go.microsoft.com/fwlink/?LinkId=187478)
- - **Microsoft SQL 2008**—[Setting Up Database Mirroring](http://go.microsoft.com/fwlink/?LinkId=187477) (http://go.microsoft.com/fwlink/?LinkId=187477)
+ - **Microsoft SQL 2008**—[Setting Up Database Mirroring](https://go.microsoft.com/fwlink/?LinkId=187477) (https://go.microsoft.com/fwlink/?LinkId=187477)
- In addition, you can find Best Practices information in [Database Mirroring Best Practices and Performance Considerations](http://go.microsoft.com/fwlink/?LinkId=190270) (http://go.microsoft.com/fwlink/?LinkId=190270).
+ In addition, you can find Best Practices information in [Database Mirroring Best Practices and Performance Considerations](https://go.microsoft.com/fwlink/?LinkId=190270) (https://go.microsoft.com/fwlink/?LinkId=190270).
-2. After mirroring has been set up, verify that the App-V database shows a status of **(Principal, Synchronized)**, and the mirrored database shows a status of **(Mirror, Synchronized / Restoring)**. Resolve any mirroring issues before proceeding to the next step. For additional information about monitoring the status, see [Monitoring Mirroring Status](http://go.microsoft.com/fwlink/?LinkId=190279) (http://go.microsoft.com/fwlink/?LinkId=190279).
+2. After mirroring has been set up, verify that the App-V database shows a status of **(Principal, Synchronized)**, and the mirrored database shows a status of **(Mirror, Synchronized / Restoring)**. Resolve any mirroring issues before proceeding to the next step. For additional information about monitoring the status, see [Monitoring Mirroring Status](https://go.microsoft.com/fwlink/?LinkId=190279) (https://go.microsoft.com/fwlink/?LinkId=190279).
3. On the SQL Server computer that hosts the mirror of the App-V database, create the SQL Server Login for the network service account of the App-V Management Server by using the account name **<domain>\\<ManagementServerHostName>$**.
-4. Install the Microsoft SQL Server Native Client on the App-V Management Server, and on the computer running the App-V Management Web Service if installed on a different computer. If you plan to have additional App-V Management Servers connect to the mirrored SQL database for load balancing, you must install the Microsoft SQL Server Native Client on those computers as well. You can download the Microsoft SQL Server Native Client from the [Microsoft SQL Server 2008 Feature Pack](http://go.microsoft.com/fwlink/?LinkId=187479) page in the Microsoft Download Center (http://go.microsoft.com/fwlink/?LinkId=187479).
+4. Install the Microsoft SQL Server Native Client on the App-V Management Server, and on the computer running the App-V Management Web Service if installed on a different computer. If you plan to have additional App-V Management Servers connect to the mirrored SQL database for load balancing, you must install the Microsoft SQL Server Native Client on those computers as well. You can download the Microsoft SQL Server Native Client from the [Microsoft SQL Server 2008 Feature Pack](https://go.microsoft.com/fwlink/?LinkId=187479) page in the Microsoft Download Center (https://go.microsoft.com/fwlink/?LinkId=187479).
5. Check the registry key **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Softgrid\\4.5\\Server\\SQLServerName** and make sure that it contains only the host name of the SQL Server. If it includes an instance name, for example *serverhostname\\instancename*, the instance name must be removed.
@@ -58,7 +58,7 @@ This procedure is written for administrators who are familiar with setting up an
- Click the **All** tab, and then select the entry **Failover Partner**. Click **Edit Value**, and then enter the server name of the failover SQL Server. Click **OK**.
**Important**
- The App-V system uses Kerberos authentication. Therefore, when you configure SQL mirroring where Kerberos Authentication is enabled on the SQL Server and the SQL Server service runs under a domain user account, you must manually configure an SPN. For more information, see “When SQL Service Uses Domain-Based Account” in the article [Configuring App-V Administration for a Distributed Environment](http://go.microsoft.com/fwlink/?LinkId=203186) (http://go.microsoft.com/fwlink/?LinkId=203186).
+ The App-V system uses Kerberos authentication. Therefore, when you configure SQL mirroring where Kerberos Authentication is enabled on the SQL Server and the SQL Server service runs under a domain user account, you must manually configure an SPN. For more information, see “When SQL Service Uses Domain-Based Account” in the article [Configuring App-V Administration for a Distributed Environment](https://go.microsoft.com/fwlink/?LinkId=203186) (https://go.microsoft.com/fwlink/?LinkId=203186).
diff --git a/mdop/appv-v4/how-to-configure-the-app-v-client-registry-settings-by-using-the-command-line.md b/mdop/appv-v4/how-to-configure-the-app-v-client-registry-settings-by-using-the-command-line.md
index 4bc97b888f..4e744f991f 100644
--- a/mdop/appv-v4/how-to-configure-the-app-v-client-registry-settings-by-using-the-command-line.md
+++ b/mdop/appv-v4/how-to-configure-the-app-v-client-registry-settings-by-using-the-command-line.md
@@ -21,7 +21,7 @@ After the Application Virtualization (App-V) Client has been deployed and config
- Using a scripting language such as VBScript or Windows PowerShell
-There is also an ADM template that you can use. For more information about the ADM template, see .
+There is also an ADM template that you can use. For more information about the ADM template, see .
**Caution**
Use care when you edit the registry because errors can leave the computer in an unusable state. Be sure to follow your standard business practices that relate to registry edits. Thoroughly test all proposed changes in a test environment before you deploy them to production computers.
diff --git a/mdop/appv-v4/how-to-configure-user-permissions.md b/mdop/appv-v4/how-to-configure-user-permissions.md
index 062e47ecaa..629ffaef76 100644
--- a/mdop/appv-v4/how-to-configure-user-permissions.md
+++ b/mdop/appv-v4/how-to-configure-user-permissions.md
@@ -13,7 +13,7 @@ ms.prod: w8
# How to Configure User Permissions
-You can enable and disable some actions for users who do not have administrative rights by editing the key values under the **Permissions** registry key (HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\SoftGrid\\4.5\\Client\\Permissions). This key is primarily designed to help prevent users from making mistakes rather than to provide any special security, because users with administrative rights can edit any of these key values. The following procedures are examples of how to change the key values. For more information about the Application Virtualization (App-V) Client registry keys and values, see .
+You can enable and disable some actions for users who do not have administrative rights by editing the key values under the **Permissions** registry key (HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\SoftGrid\\4.5\\Client\\Permissions). This key is primarily designed to help prevent users from making mistakes rather than to provide any special security, because users with administrative rights can edit any of these key values. The following procedures are examples of how to change the key values. For more information about the Application Virtualization (App-V) Client registry keys and values, see .
**To change user permissions**
diff --git a/mdop/appv-v4/how-to-configure-windows-server-2008-firewall-for-app-v.md b/mdop/appv-v4/how-to-configure-windows-server-2008-firewall-for-app-v.md
index 222433549f..0dda96e157 100644
--- a/mdop/appv-v4/how-to-configure-windows-server-2008-firewall-for-app-v.md
+++ b/mdop/appv-v4/how-to-configure-windows-server-2008-firewall-for-app-v.md
@@ -13,7 +13,7 @@ ms.prod: w8
# How to Configure Windows Server 2008 Firewall for App-V
-With the introduction of Windows Server 2008, the firewall and IPsec components were merged into one service, and the capabilities of this service were enhanced. The new firewall service supports incoming and outgoing stateful inspection. Also, you can configure specific firewall rules and IPsec policies through group policies. For additional information about the Windows firewall in Windows Server 2008, see .
+With the introduction of Windows Server 2008, the firewall and IPsec components were merged into one service, and the capabilities of this service were enhanced. The new firewall service supports incoming and outgoing stateful inspection. Also, you can configure specific firewall rules and IPsec policies through group policies. For additional information about the Windows firewall in Windows Server 2008, see .
The following procedure does not include adding an exception for ICO and OSD publishing through SMB or HTTP/HTTPS. Those exceptions are automatically added based on the network profile and roles installed on the Windows Server 2008 firewall.
diff --git a/mdop/appv-v4/how-to-connect-to-an-application-virtualization-system.md b/mdop/appv-v4/how-to-connect-to-an-application-virtualization-system.md
index fa1078f6d6..aa0122d615 100644
--- a/mdop/appv-v4/how-to-connect-to-an-application-virtualization-system.md
+++ b/mdop/appv-v4/how-to-connect-to-an-application-virtualization-system.md
@@ -22,15 +22,15 @@ You must connect the Application Virtualization Server Management Console to an
**Note**
There are three components to Application Virtualization server management: the Application Virtualization Management Console, the Management Web Service, and the SQL Datastore. If these components are distributed across different physical machines, you must configure security properly for the components to communicate across the system. For more information, see the following manuals and articles:
- [How to Configure the Server to be Trusted for Delegation](http://go.microsoft.com/fwlink/?LinkID=166682) (http://go.microsoft.com/fwlink/?LinkID=166682)
+ [How to Configure the Server to be Trusted for Delegation](https://go.microsoft.com/fwlink/?LinkID=166682) (https://go.microsoft.com/fwlink/?LinkID=166682)
- [Planning and Deployment Guide for the Application Virtualization System](http://go.microsoft.com/fwlink/?LinkID=122063) (http://go.microsoft.com/fwlink/?LinkID=122063)
+ [Planning and Deployment Guide for the Application Virtualization System](https://go.microsoft.com/fwlink/?LinkID=122063) (https://go.microsoft.com/fwlink/?LinkID=122063)
- [Operations Guide for the Application Virtualization System](http://go.microsoft.com/fwlink/?LinkID=133129) (http://go.microsoft.com/fwlink/?LinkID=133129)
+ [Operations Guide for the Application Virtualization System](https://go.microsoft.com/fwlink/?LinkID=133129) (https://go.microsoft.com/fwlink/?LinkID=133129)
- [Article 930472](http://go.microsoft.com/fwlink/?LinkId=114647) in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkId=114647)
+ [Article 930472](https://go.microsoft.com/fwlink/?LinkId=114647) in the Microsoft Knowledge Base (https://go.microsoft.com/fwlink/?LinkId=114647)
- [Article 930565](http://go.microsoft.com/fwlink/?LinkId=114648) in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkId=114648)
+ [Article 930565](https://go.microsoft.com/fwlink/?LinkId=114648) in the Microsoft Knowledge Base (https://go.microsoft.com/fwlink/?LinkId=114648)
diff --git a/mdop/appv-v4/how-to-determine-which-type-of-application-to-sequence---app-v-46-sp1-.md b/mdop/appv-v4/how-to-determine-which-type-of-application-to-sequence---app-v-46-sp1-.md
index 3dbb001d9a..509609cc59 100644
--- a/mdop/appv-v4/how-to-determine-which-type-of-application-to-sequence---app-v-46-sp1-.md
+++ b/mdop/appv-v4/how-to-determine-which-type-of-application-to-sequence---app-v-46-sp1-.md
@@ -41,12 +41,12 @@ Use the following table to determine which type of application you should sequen
Add-on or Plug-in |
-Select this option to create a package that extends the functionality of a standard application, for example, a plug-in for Microsoft Excel. Additionally, you can use plug-ins for natively installed applications, or another package that is linked by using Dynamic Suite Composition. For more information about Dynamic Suite Composition, see [How To Use Dynamic Suite Composition](http://go.microsoft.com/fwlink/?LinkId=203804) (http://go.microsoft.com/fwlink/?LinkId=203804). |
+Select this option to create a package that extends the functionality of a standard application, for example, a plug-in for Microsoft Excel. Additionally, you can use plug-ins for natively installed applications, or another package that is linked by using Dynamic Suite Composition. For more information about Dynamic Suite Composition, see [How To Use Dynamic Suite Composition](https://go.microsoft.com/fwlink/?LinkId=203804) (https://go.microsoft.com/fwlink/?LinkId=203804). |
[How to Sequence a New Add-on or Plug-in Application (App-V 4.6 SP1)](how-to-sequence-a-new-add-on-or-plug-in-application--app-v-46-sp1-.md) |
Middleware |
-Select this option to create a package that is required by a standard application, for example, the Microsoft .NET Framework. Middleware packages are used for linking to other packages by using Dynamic Suite Composition. For more information about Dynamic Suite Composition, see [How To Use Dynamic Suite Composition](http://go.microsoft.com/fwlink/?LinkId=203804) (http://go.microsoft.com/fwlink/?LinkId=203804). |
+Select this option to create a package that is required by a standard application, for example, the Microsoft .NET Framework. Middleware packages are used for linking to other packages by using Dynamic Suite Composition. For more information about Dynamic Suite Composition, see [How To Use Dynamic Suite Composition](https://go.microsoft.com/fwlink/?LinkId=203804) (https://go.microsoft.com/fwlink/?LinkId=203804). |
[How to Sequence a New Middleware Application (App-V 4.6 SP1)](how-to-sequence-a-new-middleware-application--app-v-46-sp1-.md) |
diff --git a/mdop/appv-v4/how-to-install-a-database.md b/mdop/appv-v4/how-to-install-a-database.md
index ed8d0ddb38..392f11afda 100644
--- a/mdop/appv-v4/how-to-install-a-database.md
+++ b/mdop/appv-v4/how-to-install-a-database.md
@@ -44,7 +44,7 @@ To install the database, you must use a network account with the appropriate per
8. Select a name for the database, and then click **Next**.
**Note**
- If error 25109 is displayed when you try to complete this step, you have incorrectly set up the permissions necessary to install the database. For details on setting up the necessary SQL permissions, please see .
+ If error 25109 is displayed when you try to complete this step, you have incorrectly set up the permissions necessary to install the database. For details on setting up the necessary SQL permissions, please see .
diff --git a/mdop/appv-v4/how-to-install-the-app-v-client-by-using-setupmsi-new.md b/mdop/appv-v4/how-to-install-the-app-v-client-by-using-setupmsi-new.md
index f7276d6353..2be69b363b 100644
--- a/mdop/appv-v4/how-to-install-the-app-v-client-by-using-setupmsi-new.md
+++ b/mdop/appv-v4/how-to-install-the-app-v-client-by-using-setupmsi-new.md
@@ -27,7 +27,7 @@ The x86 versions of the following software are required for both x86 and x64 ver
**To install Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)**
-1. Download the [Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)](http://go.microsoft.com/fwlink/?LinkId=119961) software package from the Microsoft Download Center (http://go.microsoft.com/fwlink/?LinkId=119961). \[Template Token Value\] For version 4.5 SP2 and later of the App-V client, download vcredist\_x86.exe from [Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package ATL Security Update](http://go.microsoft.com/fwlink/?LinkId=169360) (http://go.microsoft.com/fwlink/?LinkId=169360).\[Template Token Value\]
+1. Download the [Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)](https://go.microsoft.com/fwlink/?LinkId=119961) software package from the Microsoft Download Center (https://go.microsoft.com/fwlink/?LinkId=119961). \[Template Token Value\] For version 4.5 SP2 and later of the App-V client, download vcredist\_x86.exe from [Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package ATL Security Update](https://go.microsoft.com/fwlink/?LinkId=169360) (https://go.microsoft.com/fwlink/?LinkId=169360).\[Template Token Value\]
2. To install silently, use the command-line option “/Q” with vcredist\_x86.exe—for example, **vcredist\_x86.exe /Q**.
@@ -42,7 +42,7 @@ For version 4.6 and later of the App-V client, you must also install the Micros
****
-1. Download the [Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package ATL Security Update](http://go.microsoft.com/fwlink/?LinkId=150700) software package from the Microsoft Download Center (http://go.microsoft.com/fwlink/?LinkId=150700).
+1. Download the [Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package ATL Security Update](https://go.microsoft.com/fwlink/?LinkId=150700) software package from the Microsoft Download Center (https://go.microsoft.com/fwlink/?LinkId=150700).
2. To install silently, use the command-line option “/Q” with vcredist\_x86.exe—for example, **vcredist\_x86.exe /Q**.
@@ -50,7 +50,7 @@ For version 4.6 and later of the App-V client, you must also install the Micros
****
-1. Download the [Microsoft Core XML Services (MSXML) 6.0 SP1 (x86)](http://go.microsoft.com/fwlink/?LinkId=63266) software package from the Microsoft Download Center (http://go.microsoft.com/fwlink/?LinkId=63266).
+1. Download the [Microsoft Core XML Services (MSXML) 6.0 SP1 (x86)](https://go.microsoft.com/fwlink/?LinkId=63266) software package from the Microsoft Download Center (https://go.microsoft.com/fwlink/?LinkId=63266).
2. To install silently, use the command-line option /quiet—for example, **msiexec /i msxml6\_x86.msi /quiet**.
@@ -130,7 +130,7 @@ For App-V 4.6 SP2 and later, you no longer need to install Microsoft Applicati
¹ App-V “Languages” release.
**Note**
-If you need to find the product code, you can use the Orca.exe database editor or a similar tool to examine Windows Installer files to find the value of the *ProductCode* property. For more information about using Orca.exe, see [Windows Installer Development Tools](http://go.microsoft.com/fwlink/?LinkId=150008) (http://go.microsoft.com/fwlink/?LinkId=150008).
+If you need to find the product code, you can use the Orca.exe database editor or a similar tool to examine Windows Installer files to find the value of the *ProductCode* property. For more information about using Orca.exe, see [Windows Installer Development Tools](https://go.microsoft.com/fwlink/?LinkId=150008) (https://go.microsoft.com/fwlink/?LinkId=150008).
diff --git a/mdop/appv-v4/how-to-install-the-client-by-using-the-command-line-new.md b/mdop/appv-v4/how-to-install-the-client-by-using-the-command-line-new.md
index 1aa3391b31..79b0480381 100644
--- a/mdop/appv-v4/how-to-install-the-client-by-using-the-command-line-new.md
+++ b/mdop/appv-v4/how-to-install-the-client-by-using-the-command-line-new.md
@@ -22,7 +22,7 @@ When you install the App-V client to use with a read-only cache, for example wit
-For more information about setting these parameter values after installation, see [How to Configure the App-V Client Registry Settings by Using the Command Line](http://go.microsoft.com/fwlink/?LinkId=169355) (http://go.microsoft.com/fwlink/?LinkId=169355) in the Application Virtualization (App-V) Operations Guide.
+For more information about setting these parameter values after installation, see [How to Configure the App-V Client Registry Settings by Using the Command Line](https://go.microsoft.com/fwlink/?LinkId=169355) (https://go.microsoft.com/fwlink/?LinkId=169355) in the Application Virtualization (App-V) Operations Guide.
**Note**
If a configuration setting on the user’s computer depends on the client installation path, note that the Application Virtualization (App-V) 4.5 client copies its installation files to a different folder than previous versions did. By default, a new installation of the App-V 4.5 client will copy its installation files to the \\Program Files\\Microsoft Application Virtualization Client folder. If an earlier version of the client is already installed, running the App-V 4.5 client installer will perform an upgrade of the existing client using the existing installation folder.
diff --git a/mdop/appv-v4/how-to-manage-reports-in-the-server-management-console.md b/mdop/appv-v4/how-to-manage-reports-in-the-server-management-console.md
index 3ae240b774..cb5f03e6a3 100644
--- a/mdop/appv-v4/how-to-manage-reports-in-the-server-management-console.md
+++ b/mdop/appv-v4/how-to-manage-reports-in-the-server-management-console.md
@@ -16,7 +16,7 @@ ms.prod: w8
To effectively manage the Application Virtualization System, you can use the Application Virtualization Server Management Console to generate a variety of reports that provide information about the system. This information includes daily usage information for a specific application or all applications, and system error tracking.
**Note**
-- During installation, the installation script installs only the English language version of report viewer. For the report viewer to display the correct information in other languages, it is necessary to install a language pack from the following location: .
+- During installation, the installation script installs only the English language version of report viewer. For the report viewer to display the correct information in other languages, it is necessary to install a language pack from the following location: .
- When you add or edit an application in the Server Management Console, you must make sure that the application names and versions exactly match those in the OSD files. The reporting feature uses the application names and versions data fields when it identifies application usage data on which to report. If the data fields do not match, the usage records will be skipped.
diff --git a/mdop/appv-v4/how-to-manually-install-the-application-virtualization-client.md b/mdop/appv-v4/how-to-manually-install-the-application-virtualization-client.md
index 04478ab1e2..d677286608 100644
--- a/mdop/appv-v4/how-to-manually-install-the-application-virtualization-client.md
+++ b/mdop/appv-v4/how-to-manually-install-the-application-virtualization-client.md
@@ -48,7 +48,7 @@ For App-V version 4.6 and later, when the App-V client is installed, SFTLDR.DLL
**Note**
For App-V version 4.6 and later, the wizard will also install Microsoft Visual C++ 2008 SP1 Redistributable Package (x86).
- For more information about installing Microsoft Visual C++ 2008 SP1 Redistributable Package (x86), see (http://go.microsoft.com/fwlink/?LinkId=150700).
+ For more information about installing Microsoft Visual C++ 2008 SP1 Redistributable Package (x86), see (https://go.microsoft.com/fwlink/?LinkId=150700).
diff --git a/mdop/appv-v4/how-to-modify-private-key-permissions-to-support-management-server-or-streaming-server.md b/mdop/appv-v4/how-to-modify-private-key-permissions-to-support-management-server-or-streaming-server.md
index 340d259e7b..3f19a6ff37 100644
--- a/mdop/appv-v4/how-to-modify-private-key-permissions-to-support-management-server-or-streaming-server.md
+++ b/mdop/appv-v4/how-to-modify-private-key-permissions-to-support-management-server-or-streaming-server.md
@@ -15,7 +15,7 @@ ms.prod: w8
To support a more secure App-V installation, you can use the following procedures to modify private keys in either Windows Server 2003 or Windows Server 2008. To modify the permissions of the private key, you can use the Windows Server 2003 Resource Kit tool `WinHttpCertCfg.exe`.
-For Windows Server 2003, the procedure requires that a certificate that meets the prerequisites listed in this document is installed on the computer or computers on which you will install the App-V Management or Streaming Server. Additional information about using the `WinHttpCertCfg.exe` tool is available at .
+For Windows Server 2003, the procedure requires that a certificate that meets the prerequisites listed in this document is installed on the computer or computers on which you will install the App-V Management or Streaming Server. Additional information about using the `WinHttpCertCfg.exe` tool is available at .
In Windows Server 2008, the process of changing the ACLs on the private key is much simpler. The certificate’s user interface can be used to manage private key permissions.
diff --git a/mdop/appv-v4/how-to-sequence-a-new-middleware-application--app-v-46-sp1-.md b/mdop/appv-v4/how-to-sequence-a-new-middleware-application--app-v-46-sp1-.md
index 7f9d8a6238..e4ee46311b 100644
--- a/mdop/appv-v4/how-to-sequence-a-new-middleware-application--app-v-46-sp1-.md
+++ b/mdop/appv-v4/how-to-sequence-a-new-middleware-application--app-v-46-sp1-.md
@@ -15,7 +15,7 @@ ms.prod: w8
Use the following procedure to create a new middleware virtual application package using the Application Virtualization (App-V) Sequencer. A middleware application is software that connects software modules or applications. For more information about the types of applications that you can sequence, see [How to Determine Which Type of Application to Sequence (App-V 4.6 SP1)](how-to-determine-which-type-of-application-to-sequence---app-v-46-sp1-.md).
-Use this type of package by using Dynamic Suite Composition in App-V. Dynamic Suite Composition enables you to define a virtual application package as being dependent on another virtual application package. The dependency enables the application to interact with the middleware or plug-in in the virtual environment, where typically this interaction is prevented. This is useful because a secondary application package can be used with several other primary applications, which enables each primary application to reference the same secondary package. For more information about how to use Dynamic Suite Composition, see [How To Use Dynamic Suite Composition](http://go.microsoft.com/fwlink/?LinkID=203804&clcid=0x409) in the Microsoft Technical Library (http://go.microsoft.com/fwlink/?LinkID=203804&clcid=0x409).
+Use this type of package by using Dynamic Suite Composition in App-V. Dynamic Suite Composition enables you to define a virtual application package as being dependent on another virtual application package. The dependency enables the application to interact with the middleware or plug-in in the virtual environment, where typically this interaction is prevented. This is useful because a secondary application package can be used with several other primary applications, which enables each primary application to reference the same secondary package. For more information about how to use Dynamic Suite Composition, see [How To Use Dynamic Suite Composition](https://go.microsoft.com/fwlink/?LinkID=203804&clcid=0x409) in the Microsoft Technical Library (https://go.microsoft.com/fwlink/?LinkID=203804&clcid=0x409).
**Important**
During sequencing, if the computer running the App-V Sequencer is running Windows Vista or Windows 7 and a restart is initiated outside of the virtual environment, for example, **Start** / **Shut Down**, you must click **Cancel** when prompted to close the program that is preventing Windows from shutting down. If you click **Force shut down**, the package creation fails. When you click **Cancel**, App-V Sequencer successfully records the restart while the application is being sequenced.
diff --git a/mdop/appv-v4/how-to-use-the-differential-sft-file.md b/mdop/appv-v4/how-to-use-the-differential-sft-file.md
index 356e75ae96..4eaab255ce 100644
--- a/mdop/appv-v4/how-to-use-the-differential-sft-file.md
+++ b/mdop/appv-v4/how-to-use-the-differential-sft-file.md
@@ -19,7 +19,7 @@ You do not need to use the Differential SFT file if you are using Configuration
The following procedure shows how to use the mkdiffpkg.exe that is included in the Sequencer installation to create the Differential SFT file, after completing the upgrade of the virtual application package, and to deploy the Differential SFT file. Completing this procedure helps ensure that if the package is somehow unloaded from the client computer, the next time the user tries to run the application, the client will fall back to the override URL, which is set to stream the full package V2.sft from the local file share. This will avoid any failure for the user when starting the application. If the entire client becomes corrupted or is uninstalled, it is recommended that the ESD system be configured to deploy the full version of the upgraded package, V2.sft, to the client.
-For more information about upgrading a package, see “How to Upgrade an Existing Virtual Application” in the App-V 4.5 Operations Guide at
+For more information about upgrading a package, see “How to Upgrade an Existing Virtual Application” in the App-V 4.5 Operations Guide at
**Note**
As a prerequisite, all user computers being targeted by the ESD must have the V1.sft file fully loaded into their local cache, and file streaming must be enabled on all computers.
diff --git a/mdop/appv-v4/installing-app-v-management-server-or-streaming-server-securely.md b/mdop/appv-v4/installing-app-v-management-server-or-streaming-server-securely.md
index dfb29159d0..76c7a6b830 100644
--- a/mdop/appv-v4/installing-app-v-management-server-or-streaming-server-securely.md
+++ b/mdop/appv-v4/installing-app-v-management-server-or-streaming-server-securely.md
@@ -29,7 +29,7 @@ When you prepare to install or configure a secure Management or Streaming Server
- The certificate fully qualified domain name (FQDN) must match the server on which it is installed. For example, if the client is calling `RTSPS://Myserver.mycompany.com/content/MyApp.sft` and the certificate **Issued To** field is set to `Server1.mycompany.com`, the client will not connect to the server and the session ends. The failure is reported to the user.
**Note**
- If you are using App-V in a Network Load Balancing cluster, you must configure the certificate with Subject Alternate Names (SANs) to support RTSPS. For information about configuring the certification authority (CA) and creating certificates with SANs, see .
+ If you are using App-V in a Network Load Balancing cluster, you must configure the certificate with Subject Alternate Names (SANs) to support RTSPS. For information about configuring the certification authority (CA) and creating certificates with SANs, see .
diff --git a/mdop/appv-v4/internet-facing-server-scenarios-for-perimeter-networks.md b/mdop/appv-v4/internet-facing-server-scenarios-for-perimeter-networks.md
index 3afca7b8ac..2f098de85a 100644
--- a/mdop/appv-v4/internet-facing-server-scenarios-for-perimeter-networks.md
+++ b/mdop/appv-v4/internet-facing-server-scenarios-for-perimeter-networks.md
@@ -19,9 +19,9 @@ App-V 4.5 supports Internet-facing server scenarios, in which users who are not
You can set up an Internet-facing solution, using an ISA Server, where the App-V infrastructure is on the internal network in the following ways:
-- Create a Web Publishing rule for the IIS server that is hosting the ICO and OSD files—and optionally, the packages for streaming—located on the internal network. Detailed steps are provided at .
+- Create a Web Publishing rule for the IIS server that is hosting the ICO and OSD files—and optionally, the packages for streaming—located on the internal network. Detailed steps are provided at .
-- Create a Server Publishing rule for the App-V Web Management Server (RTSPS). Detailed steps are provided at [http://go.microsoft.com/fwlink/?LinkId=151983&](http://go.microsoft.com/fwlink/?LinkId=151983).
+- Create a Server Publishing rule for the App-V Web Management Server (RTSPS). Detailed steps are provided at [https://go.microsoft.com/fwlink/?LinkId=151983&](https://go.microsoft.com/fwlink/?LinkId=151983).
As shown in the following illustration, if the infrastructure has implemented other firewalls between the client and the ISA Server or between the ISA Server and the internal network, both RTSPS (TCP 322) and HTTPS (TCP 443) firewall rules must be created to support the flow of traffic. Also, if firewalls have been implemented between the ISA Server and the internal network, the default traffic required for domain members must be permitted to tunnel through the firewall (DNS, LDAP, Kerberos, SMB/CIFS).
diff --git a/mdop/appv-v4/introduction-to-the-application-virtualization-security-guide.md b/mdop/appv-v4/introduction-to-the-application-virtualization-security-guide.md
index adec680218..af5992e3ff 100644
--- a/mdop/appv-v4/introduction-to-the-application-virtualization-security-guide.md
+++ b/mdop/appv-v4/introduction-to-the-application-virtualization-security-guide.md
@@ -16,7 +16,7 @@ ms.prod: w8
This Microsoft Application Virtualization (App-V) security guide provides instructions for administrators who are responsible for configuring the security features that were selected for the App-V deployment.
**Note**
-This documentation does not provide guidance for choosing the specific security options. That information is provided in the App-V Security Best Practices white paper available at .
+This documentation does not provide guidance for choosing the specific security options. That information is provided in the App-V Security Best Practices white paper available at .
@@ -40,9 +40,9 @@ When planning an enhanced security App-V environment, you can consider several d
**Note**
For more information about App-V infrastructure models, see the following documentation:
-- [App-V Planning and Deployment Guide](http://go.microsoft.com/fwlink/?LinkId=122063)
+- [App-V Planning and Deployment Guide](https://go.microsoft.com/fwlink/?LinkId=122063)
-- [Infrastructure Planning and Design Guide Series](http://go.microsoft.com/fwlink/?LinkId=151986)
+- [Infrastructure Planning and Design Guide Series](https://go.microsoft.com/fwlink/?LinkId=151986)
diff --git a/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-1-privacy-statement.md b/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-1-privacy-statement.md
index 7afd24e30d..23fb3c6739 100644
--- a/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-1-privacy-statement.md
+++ b/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-1-privacy-statement.md
@@ -76,7 +76,7 @@ The Customer Experience Improvement Program (“CEIP”) collects basic informat
### Information Collected, Processed, or Transmitted:
-For more information about the information collected, processed, or transmitted by CEIP, see the CEIP privacy statement at .
+For more information about the information collected, processed, or transmitted by CEIP, see the CEIP privacy statement at .
### Use of Information:
@@ -99,7 +99,7 @@ Microsoft Error Reporting provides a service that allows you to report problems
### Information Collected, Processed, or Transmitted:
-For information about the information collected, processed, or transmitted by Microsoft Error Reporting, see the Microsoft Error Reporting privacy statement at .
+For information about the information collected, processed, or transmitted by Microsoft Error Reporting, see the Microsoft Error Reporting privacy statement at .
### Use of Information:
@@ -107,7 +107,7 @@ We use the error reporting data to solve customer problems and improve our softw
### Important Information:
-App-V does not change your Microsoft Error Reporting settings. If you previously turned on error reporting, it will send the information described above. Enterprise customers can use Group Policy to configure how Microsoft Error Reporting behaves on their computers. Configuration options include the ability to turn off Microsoft Error Reporting. If you are an administrator and wish to configure Group Policy for Microsoft Error Reporting, technical details are available at [http://go.microsoft.com/fwlink/?LinkId=35776](http://go.microsoft.com/fwlink/?LinkID=35776).
+App-V does not change your Microsoft Error Reporting settings. If you previously turned on error reporting, it will send the information described above. Enterprise customers can use Group Policy to configure how Microsoft Error Reporting behaves on their computers. Configuration options include the ability to turn off Microsoft Error Reporting. If you are an administrator and wish to configure Group Policy for Microsoft Error Reporting, technical details are available at [https://go.microsoft.com/fwlink/?LinkId=35776](https://go.microsoft.com/fwlink/?LinkID=35776).
## Application Package Accelerators
diff --git a/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-2-privacy-statement.md b/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-2-privacy-statement.md
index b0491f8e4e..302e639e9f 100644
--- a/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-2-privacy-statement.md
+++ b/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-2-privacy-statement.md
@@ -74,7 +74,7 @@ Microsoft Error Reporting provides a service that allows you to report problems
**Information Collected, Processed, or Transmitted: **
-For information about the information collected, processed, or transmitted by Microsoft Error Reporting, see the Microsoft Error Reporting privacy statement at .
+For information about the information collected, processed, or transmitted by Microsoft Error Reporting, see the Microsoft Error Reporting privacy statement at .
**Use of Information:**
@@ -92,7 +92,7 @@ Enterprise customers can use Group Policy to configure how Microsoft Error Repor
**What This Feature Does:**
-Microsoft Update is a service that provides Windows updates as well as updates for other Microsoft software, including App-V. For details about what information is collected, how it is used and how to change your settings, see the Update Services Privacy Statement at .
+Microsoft Update is a service that provides Windows updates as well as updates for other Microsoft software, including App-V. For details about what information is collected, how it is used and how to change your settings, see the Update Services Privacy Statement at .
**Choice/Control: **
@@ -176,7 +176,7 @@ The Customer Experience Improvement Program (“CEIP”) collects basic informat
**Information Collected, Processed, or Transmitted: **
-For more information about the information collected, processed, or transmitted by CEIP, see the CEIP privacy statement at .
+For more information about the information collected, processed, or transmitted by CEIP, see the CEIP privacy statement at .
**Use of Information:**
diff --git a/mdop/appv-v4/microsoft-application-virtualization-client-management-help.md b/mdop/appv-v4/microsoft-application-virtualization-client-management-help.md
index ee0e6c8fb8..0540f12a76 100644
--- a/mdop/appv-v4/microsoft-application-virtualization-client-management-help.md
+++ b/mdop/appv-v4/microsoft-application-virtualization-client-management-help.md
@@ -17,7 +17,7 @@ The Microsoft Application Virtualization Desktop Client and the Client for Remot
This help documentation supports the Application Virtualization Desktop Client and Client for Remote Desktop Services. It includes conceptual information, step-by-step procedures, and a user interface reference.
-For the latest updates to this help documentation, please visit the Microsoft TechNet Library at .
+For the latest updates to this help documentation, please visit the Microsoft TechNet Library at .
## In This Section
diff --git a/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes-45-sp1.md b/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes-45-sp1.md
index 81c5d1af3f..9d99351b50 100644
--- a/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes-45-sp1.md
+++ b/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes-45-sp1.md
@@ -20,35 +20,35 @@ Read these Release Notes thoroughly before you install the Application Virtualiz
-For updated information about known issues, please visit the Microsoft TechNet Library at .
+For updated information about known issues, please visit the Microsoft TechNet Library at .
## About Microsoft Application Virtualization 4.5 Service Pack 1
These Release Notes have been updated to reflect the changes introduced with Microsoft Application Virtualization (App-V) 4.5 Service Pack 1 (SP1). This service pack contains the following changes:
-- Support for Windows 7 and Windows Server 2008 R2: App-V 4.5 SP1 provides support for Windows 7 and Windows Server 2008 R2, including support for Windows 7 features such as the taskbar, AppLocker, BranchCache, and BitLocker To Go. Windows Server 2008 R2 support is for the Application Virtualization Server only. For more information on AppLocker support in Windows 7, see .
+- Support for Windows 7 and Windows Server 2008 R2: App-V 4.5 SP1 provides support for Windows 7 and Windows Server 2008 R2, including support for Windows 7 features such as the taskbar, AppLocker, BranchCache, and BitLocker To Go. Windows Server 2008 R2 support is for the Application Virtualization Server only. For more information on AppLocker support in Windows 7, see .
-- Support for 3rd Party Kerberos Realms: App-V 4.5 SP1 provides support for environments that have a trust relationship and mapped user accounts between a Windows domain and an MIT Kerberos realm, which is a scenario that is common at many universities. For information on how to enable this support, please visit the Microsoft TechNet Library at .
+- Support for 3rd Party Kerberos Realms: App-V 4.5 SP1 provides support for environments that have a trust relationship and mapped user accounts between a Windows domain and an MIT Kerberos realm, which is a scenario that is common at many universities. For information on how to enable this support, please visit the Microsoft TechNet Library at .
- Improved support for application publishing and streaming via HTTP/HTTPS: App-V 4.5 SP1 provides support for application publishing and streaming via the HTTP/HTTPS protocols for Windows XP Home Edition, Windows Vista Home Basic, and Windows 7 Home Basic.
-- Customer Feedback and Hotfix Rollup: App-V 4.5 SP1 also includes a rollup up of fixes to address issues found since the Microsoft Application Virtualization (App-V) 4.5 CU1 release. The updates are a result of a combination of known issues and customer feedback from our internal teams, partners, and customers who are using App-V 4.5. For a full list of the updates, see the KB article at .
+- Customer Feedback and Hotfix Rollup: App-V 4.5 SP1 also includes a rollup up of fixes to address issues found since the Microsoft Application Virtualization (App-V) 4.5 CU1 release. The updates are a result of a combination of known issues and customer feedback from our internal teams, partners, and customers who are using App-V 4.5. For a full list of the updates, see the KB article at .
## About the Product Documentation
-Comprehensive documentation for Application Virtualization (App-V) is available on Microsoft TechNet in the Application Virtualization (App-V) TechCenter at . The TechNet documentation includes the online Help for the Application Virtualization Sequencer, the Application Virtualization Client, and the Application Virtualization Server. It also includes the Application Virtualization Planning and Deployment Guide and the Application Virtualization Operations Guide.
+Comprehensive documentation for Application Virtualization (App-V) is available on Microsoft TechNet in the Application Virtualization (App-V) TechCenter at . The TechNet documentation includes the online Help for the Application Virtualization Sequencer, the Application Virtualization Client, and the Application Virtualization Server. It also includes the Application Virtualization Planning and Deployment Guide and the Application Virtualization Operations Guide.
## Protect Against Security Vulnerabilities and Viruses
-To help protect against security vulnerabilities and viruses, we recommend that you install the latest available security updates for any new software being installed. For more information, see the Microsoft Security Web site at .
+To help protect against security vulnerabilities and viruses, we recommend that you install the latest available security updates for any new software being installed. For more information, see the Microsoft Security Web site at .
## Providing Feedback
-You can provide feedback, make a suggestion, or report an issue with the Microsoft Application Virtualization (App-V) Management System via a community forum on the Microsoft Application Virtualization TechCenter ().
+You can provide feedback, make a suggestion, or report an issue with the Microsoft Application Virtualization (App-V) Management System via a community forum on the Microsoft Application Virtualization TechCenter ().
You can also provide your feedback on the documentation directly to the App-V documentation team. Send your documentation feedback to appvdocs@microsoft.com.
@@ -59,13 +59,13 @@ This section provides the most up-to-date information about issues with Microsof
### Guidance for installing Server Management Console
-If you need to install management software onto systems other than the primary Application Virtualization publishing and streaming server, the server install supports installing the Management Console and Management Web service on separate servers from the primary App-V Management Server. To distribute the management components across multiple servers, Kerberos delegation must be enabled on the server where the Web service is installed. For information on how to enable this support, please visit the Microsoft TechNet Library at
+If you need to install management software onto systems other than the primary Application Virtualization publishing and streaming server, the server install supports installing the Management Console and Management Web service on separate servers from the primary App-V Management Server. To distribute the management components across multiple servers, Kerberos delegation must be enabled on the server where the Web service is installed. For information on how to enable this support, please visit the Microsoft TechNet Library at
### Guidance for installing or upgrading clients to App-V 4.5 SP1 using setup.msi
When installing or upgrading your App-V clients to App-V 4.5 SP1 by using setup.msi, the prerequisites are not installed automatically.
-WORKAROUND You must manually install the prerequisites before installing or upgrading the App-V client to App-V 4.5 SP1. For detailed procedures for installing the prerequisites and the App-V client, see .
+WORKAROUND You must manually install the prerequisites before installing or upgrading the App-V client to App-V 4.5 SP1. For detailed procedures for installing the prerequisites and the App-V client, see .
When this has been completed, install the App-V 4.5 SP1 client by using setup.msi with elevated privileges. This file is available on the App-V 4.5 SP1 release media in the Installers\\Client folder.
@@ -158,11 +158,11 @@ When using IIS 6.0 or 7.0 for icon or OSD file retrieval and streaming of pack
Setspn -r HTTP/<Server FQDN>
-For more information, see .
+For more information, see .
### .NET compatibility changes
-Microsoft Application Virtualization (App-V) Cumulative Update 1 or later supports sequencing the .NET Framework on Windows XP (SP2 or later). Sequencing routines for .NET applications that were written for SoftGrid 4.2 might need to be updated when used with the App-V 4.5 Sequencer. For details and workarounds, please refer to the Knowledge Base article at .
+Microsoft Application Virtualization (App-V) Cumulative Update 1 or later supports sequencing the .NET Framework on Windows XP (SP2 or later). Sequencing routines for .NET applications that were written for SoftGrid 4.2 might need to be updated when used with the App-V 4.5 Sequencer. For details and workarounds, please refer to the Knowledge Base article at .
### After client upgrade from App-V 4.2, some applications are not shown
@@ -192,7 +192,7 @@ The Application Virtualization administrators must be given read and execute per
When used in conjunction with KEEPCURRENTSETTINGS=1, the following client installer command-line parameters are ignored: SWICACHESIZE, MINFREESPACEMB, ALLOWINDEPENDENTFILESTREAMING, APPLICATIONSOURCEROOT, ICONSOURCEROOT, OSDSOURCEROOT, SYSTEMEVENTLOGLEVEL, SWIGLOBALDATA, DOTIMEOUTMINUTES, SWIFSDRIVE, AUTOLOADTARGET, AUTOLOADTRIGGERS, SWIUSERDATA, and REQUIRESECURECONNECTION.
-WORKAROUND If you have settings you want to retain, use KEEPCURRENTSETTINGS=1 and then set the other parameters after deployment. The App-V ADM Template can be used to set the following client settings: APPLICATIONSOURCEROOT, ICONSOURCEROOT, OSDSOURCEROOT, AUTOLOADTARGET, AUTOLOADTRIGGERS, DOTIMEOUTMINUTES, and ALLOWINDEPENDENTFILESTREAMING. The ADM Template can be found at .
+WORKAROUND If you have settings you want to retain, use KEEPCURRENTSETTINGS=1 and then set the other parameters after deployment. The App-V ADM Template can be used to set the following client settings: APPLICATIONSOURCEROOT, ICONSOURCEROOT, OSDSOURCEROOT, AUTOLOADTARGET, AUTOLOADTRIGGERS, DOTIMEOUTMINUTES, and ALLOWINDEPENDENTFILESTREAMING. The ADM Template can be found at .
## Release Notes Copyright Information
diff --git a/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes.md b/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes.md
index 6aaec04ce5..4c9a41543a 100644
--- a/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes.md
+++ b/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes.md
@@ -20,7 +20,7 @@ Read these Release Notes thoroughly before you install the Application Virtualiz
-For updated information about known issues, please visit the Microsoft TechNet Library at .
+For updated information about known issues, please visit the Microsoft TechNet Library at .
## About Microsoft Application Virtualization 4.5 Cumulative Update 1
@@ -34,24 +34,24 @@ These Release Notes have been updated to reflect the changes introduced with Mic
-- Improved support for sequencing the .NET Framework: App-V 4.5 CU1 addresses previous issues with sequencing the .NET Framework 3.5 and earlier on Windows XP (SP2 or later). For more information about the new capabilities, see the TechNet article at .
+- Improved support for sequencing the .NET Framework: App-V 4.5 CU1 addresses previous issues with sequencing the .NET Framework 3.5 and earlier on Windows XP (SP2 or later). For more information about the new capabilities, see the TechNet article at .
-- Customer Feedback and Hotfix Rollup: App-V 4.5 CU1 also includes a rollup up of fixes to address issues found since the App-V 4.5 RTM release. This includes a combination of known issues and customer feedback from our internal teams, partners, and customers who are using App-V 4.5. For a full list of the included updates, see the KB article at .
+- Customer Feedback and Hotfix Rollup: App-V 4.5 CU1 also includes a rollup up of fixes to address issues found since the App-V 4.5 RTM release. This includes a combination of known issues and customer feedback from our internal teams, partners, and customers who are using App-V 4.5. For a full list of the included updates, see the KB article at .
## About the Product Documentation
-Comprehensive documentation for Application Virtualization (App-V) is available on Microsoft TechNet in the Application Virtualization (App-V) TechCenter at . The TechNet documentation includes the online Help for the Application Virtualization Sequencer, the Application Virtualization Client, and the Application Virtualization Server. It also includes the Application Virtualization Planning and Deployment Guide and the Application Virtualization Operations Guide.
+Comprehensive documentation for Application Virtualization (App-V) is available on Microsoft TechNet in the Application Virtualization (App-V) TechCenter at . The TechNet documentation includes the online Help for the Application Virtualization Sequencer, the Application Virtualization Client, and the Application Virtualization Server. It also includes the Application Virtualization Planning and Deployment Guide and the Application Virtualization Operations Guide.
## Protect Against Security Vulnerabilities and Viruses
-To help protect against security vulnerabilities and viruses, it is important to install the latest available security updates for any new software being installed. For more information, see the Microsoft Security Web site at .
+To help protect against security vulnerabilities and viruses, it is important to install the latest available security updates for any new software being installed. For more information, see the Microsoft Security Web site at .
## Providing Feedback
-You can provide feedback, make a suggestion, or report an issue with the Microsoft Application Virtualization (App-V) Management System via a community forum on the Microsoft Application Virtualization TechCenter ().
+You can provide feedback, make a suggestion, or report an issue with the Microsoft Application Virtualization (App-V) Management System via a community forum on the Microsoft Application Virtualization TechCenter ().
You can also provide your feedback on the documentation directly to the App-V documentation team. Send your documentation feedback to appvdocs@microsoft.com.
@@ -64,7 +64,7 @@ This section provides the most up-to-date information about issues with Microsof
When installing or upgrading your App-V clients to App-V 4.5 CU1 by using setup.msi, the prerequisites are not installed automatically.
-WORKAROUND You must manually install the prerequisites before installing or upgrading the App-V client to 4.5 CU1. For detailed procedures for installing the prerequisites and the App-V client, see .
+WORKAROUND You must manually install the prerequisites before installing or upgrading the App-V client to 4.5 CU1. For detailed procedures for installing the prerequisites and the App-V client, see .
When this has been completed, install the App-V 4.5 CU1 client by using setup.msi with elevated privileges. This file is available on the App-V 4.5 CU1 release media in the Installers\\Client folder.
@@ -98,7 +98,7 @@ You must use the **Advanced** button to set the “Include inheritable permissio
When sequencing on Windows 7 Beta, you might be unable to save your sequenced package because of a sharing violation.
-WORKAROUND As specified in the best practices section of the Microsoft Application Virtualization 4.5 Sequencing Guide (see ), you must shutdown and disable the following software programs before you begin sequencing:
+WORKAROUND As specified in the best practices section of the Microsoft Application Virtualization 4.5 Sequencing Guide (see ), you must shutdown and disable the following software programs before you begin sequencing:
- Windows Defender
@@ -198,7 +198,7 @@ When using IIS 6.0 or 7.0 for icon or OSD file retrieval and streaming of pack
Setspn -r HTTP/<Server FQDN>
-For more information, see .
+For more information, see .
### On upgrade from RC, the default permissions on client logs do not allow for non-admin users to access the logs for troubleshooting and support
@@ -208,7 +208,7 @@ WORKAROUND After the upgrade, reset existing client logs or manually change
### .NET compatibility changes
-Microsoft Application Virtualization Cumulative Update 1 supports sequencing the .NET Framework on Windows XP (SP2 or later). Sequencing routines for .NET applications that were written for SoftGrid 4.2 might need to be updated when used with the App-V 4.5 Sequencer. For details and workarounds, please refer to the Knowledge Base article at .
+Microsoft Application Virtualization Cumulative Update 1 supports sequencing the .NET Framework on Windows XP (SP2 or later). Sequencing routines for .NET applications that were written for SoftGrid 4.2 might need to be updated when used with the App-V 4.5 Sequencer. For details and workarounds, please refer to the Knowledge Base article at .
### After client upgrade from App-V 4.2, some applications are not shown
@@ -249,11 +249,11 @@ The Application Virtualization administrators must be given read and execute per
When used in conjunction with KEEPCURRENTSETTINGS=1, the following client installer command-line parameters are ignored: SWICACHESIZE, MINFREESPACEMB, ALLOWINDEPENDENTFILESTREAMING, APPLICATIONSOURCEROOT, ICONSOURCEROOT, OSDSOURCEROOT, SYSTEMEVENTLOGLEVEL, SWIGLOBALDATA, DOTIMEOUTMINUTES, SWIFSDRIVE, AUTOLOADTARGET, AUTOLOADTRIGGERS, SWIUSERDATA, and REQUIRESECURECONNECTION.
-WORKAROUND If you have settings you want to retain, use KEEPCURRENTSETTINGS=1 and then set the other parameters after deployment. The App-V ADM Template can be used to set the following client settings: APPLICATIONSOURCEROOT, ICONSOURCEROOT, OSDSOURCEROOT, AUTOLOADTARGET, AUTOLOADTRIGGERS, DOTIMEOUTMINUTES, and ALLOWINDEPENDENTFILESTREAMING. The ADM Template can be found at .
+WORKAROUND If you have settings you want to retain, use KEEPCURRENTSETTINGS=1 and then set the other parameters after deployment. The App-V ADM Template can be used to set the following client settings: APPLICATIONSOURCEROOT, ICONSOURCEROOT, OSDSOURCEROOT, AUTOLOADTARGET, AUTOLOADTRIGGERS, DOTIMEOUTMINUTES, and ALLOWINDEPENDENTFILESTREAMING. The ADM Template can be found at .
### Error initializing virtual applications with Symantec Endpoint Protection
-When using Symantec Endpoint Protection with the Application and Device Control feature enabled, virtual applications might fail to start, with the error “The application failed to initialize properly (0xc000007b)”. For details and workarounds, please refer to the Knowledge Base article at .
+When using Symantec Endpoint Protection with the Application and Device Control feature enabled, virtual applications might fail to start, with the error “The application failed to initialize properly (0xc000007b)”. For details and workarounds, please refer to the Knowledge Base article at .
**Important**
This issue has been fixed in Microsoft Application Virtualization 4.5 Cumulative Update 1.
diff --git a/mdop/appv-v4/operations-guide-for-the-application-virtualization-system.md b/mdop/appv-v4/operations-guide-for-the-application-virtualization-system.md
index 8afa6d07aa..1dda9afeed 100644
--- a/mdop/appv-v4/operations-guide-for-the-application-virtualization-system.md
+++ b/mdop/appv-v4/operations-guide-for-the-application-virtualization-system.md
@@ -32,9 +32,9 @@ Provides information about operational tasks for using the Application Virtualiz
For more information about general App-V sequencing best practices, see the following Microsoft Web sites:
-MCS Sequencing Guidelines at
+MCS Sequencing Guidelines at
-Best Practices for Sequencing at
+Best Practices for Sequencing at
diff --git a/mdop/appv-v4/planning-for-client-security.md b/mdop/appv-v4/planning-for-client-security.md
index 01e2af6c8f..2ebb17ce06 100644
--- a/mdop/appv-v4/planning-for-client-security.md
+++ b/mdop/appv-v4/planning-for-client-security.md
@@ -28,7 +28,7 @@ By default, at installation the App-V client is configured with the minimum perm
### File Type Associations
-By default, the installation of the client registers file type associations (FTAs) for OSD files, which enables users to start applications directly from OSD files instead of the published shortcuts. If a user with local administrator rights receives an OSD file containing malicious code, either in e-mail or downloaded from a Web site, the user can open the OSD file and start the application even if the client has been set to restrict the **Add Application** permission. You can unregister the FTAs for the OSD to reduce this risk. Also, consider blocking this extension in the e-mail system and at the firewall. For more information about configuring Outlook to block extensions, see .
+By default, the installation of the client registers file type associations (FTAs) for OSD files, which enables users to start applications directly from OSD files instead of the published shortcuts. If a user with local administrator rights receives an OSD file containing malicious code, either in e-mail or downloaded from a Web site, the user can open the OSD file and start the application even if the client has been set to restrict the **Add Application** permission. You can unregister the FTAs for the OSD to reduce this risk. Also, consider blocking this extension in the e-mail system and at the firewall. For more information about configuring Outlook to block extensions, see .
**Security Note: **
@@ -66,7 +66,7 @@ If you are using IIS to publish the ICO and OSD files, configure a MIME type for
### Package Streaming
-When a user launches an application for the first time, or if auto-loading parameters have been set on the client, the application package is streamed from a server to the client cache. This process supports the RTSP/RTSPS, HTTP/HTTPS, and SMB/CIFS protocols. The OSD files control which protocols are used, unless the **ApplicationSourceRoot** or **OverrideURL** setting has been configured on the clients. You should configure communication to occur over RTSPS, HTTPS, or IPsec for SMB/CIFS to achieve higher levels of security. For more information about choosing which communication method to use, see the App-V Planning and Deployment Guide at .
+When a user launches an application for the first time, or if auto-loading parameters have been set on the client, the application package is streamed from a server to the client cache. This process supports the RTSP/RTSPS, HTTP/HTTPS, and SMB/CIFS protocols. The OSD files control which protocols are used, unless the **ApplicationSourceRoot** or **OverrideURL** setting has been configured on the clients. You should configure communication to occur over RTSPS, HTTPS, or IPsec for SMB/CIFS to achieve higher levels of security. For more information about choosing which communication method to use, see the App-V Planning and Deployment Guide at .
**Note**
If you are using IIS to publish packages (SFT files), configure a MIME type for SFT=Binary; otherwise, IIS will refuse to serve the SFT files to clients.
diff --git a/mdop/appv-v4/planning-for-migration-from-previous-versions.md b/mdop/appv-v4/planning-for-migration-from-previous-versions.md
index dd24ad0381..1decd3f69e 100644
--- a/mdop/appv-v4/planning-for-migration-from-previous-versions.md
+++ b/mdop/appv-v4/planning-for-migration-from-previous-versions.md
@@ -197,7 +197,7 @@ Windows Installer files generated by the App-V 4.5 Sequencer display the error m
Any 4.2 reports that were created and saved will be overwritten when the server is upgraded to 4.5. If you need to keep these reports, you must save a backup copy of the SftMMC.msc file located in the SoftGrid Management Console folder on the server and use that copy to replace the new SftMMC.msc that is installed during the upgrade.
-For additional information about upgrading from previous versions, see [Upgrading to Microsoft Application Virtualization 4.5 FAQ](http://go.microsoft.com/fwlink/?LinkId=120358) (http://go.microsoft.com/fwlink/?LinkId=120358).
+For additional information about upgrading from previous versions, see [Upgrading to Microsoft Application Virtualization 4.5 FAQ](https://go.microsoft.com/fwlink/?LinkId=120358) (https://go.microsoft.com/fwlink/?LinkId=120358).
## Related topics
diff --git a/mdop/appv-v4/planning-for-server-security.md b/mdop/appv-v4/planning-for-server-security.md
index 4664961cac..3c58e54c1a 100644
--- a/mdop/appv-v4/planning-for-server-security.md
+++ b/mdop/appv-v4/planning-for-server-security.md
@@ -38,9 +38,9 @@ The Application Virtualization Management Server and Application Virtualization
It is recommended that communications between App-V Management Server, Management Service and the data store be secured with Internet Protocol Security (IPsec). Specifically, create policies that secure the communication channel between the data store (SQL) and the Management Server and the data store and the Management Service. You can also deploy server and domain isolation with IPsec, ensuring all App-V infrastructure components communicate only with secure channels. For information about implementing IPsec, refer to the following documentation:
-- For Windows Server 2003, see (http://go.microsoft.com/fwlink/?LinkId=133226).
+- For Windows Server 2003, see (https://go.microsoft.com/fwlink/?LinkId=133226).
-- For Windows Server 2008, see (http://go.microsoft.com/fwlink/?LinkId=133227).
+- For Windows Server 2008, see (https://go.microsoft.com/fwlink/?LinkId=133227).
### Content Directory
@@ -65,7 +65,7 @@ Installing or configuring an App-V Management Server or Streaming Server to use
- Certificate fully qualified domain name (FQDN) must match the server on which it is installed. For example, if the client is calling `RTSPS://Myserver.mycompany.com/content/MyApp.sft`, but the certificate **Issued To** field contains `Myserver1.mycompany.com`, the client will not connect to the server and the session is terminated, even if `Myserver.mycompany.com` and `Myserver1.mycompany.com` resolve to the same IP address.
**Note**
- If you use App-V in a network load balanced cluster, the certificate must be configured with *Subject Alternate Names* (SANs) to support RTSPS. For information about configuring the certification authority (CA) and creating certificates with SANs, see (http://go.microsoft.com/fwlink/?LinkId=133228).
+ If you use App-V in a network load balanced cluster, the certificate must be configured with *Subject Alternate Names* (SANs) to support RTSPS. For information about configuring the certification authority (CA) and creating certificates with SANs, see (https://go.microsoft.com/fwlink/?LinkId=133228).
@@ -74,13 +74,13 @@ Installing or configuring an App-V Management Server or Streaming Server to use
- You must change the permissions for the *Certificate Private Key* to enable access by the Server App-V Service. By default, the App-V Management Server and Streaming Server services run under the Network Service account. When a PKCS\#10 is generated on the server, a private key is created. Only the Local System and Administrators groups have access to this key. These default ACLs prevent the App-V server from accepting secure connections.
**Note**
- For information about configuring a public key infrastructure (PKI), see (http://go.microsoft.com/fwlink/?LinkId=133229).
+ For information about configuring a public key infrastructure (PKI), see (https://go.microsoft.com/fwlink/?LinkId=133229).
### Configuring IIS Servers with HTTPS
-App-V might use IIS servers in certain infrastructure configurations. For more information about configuring IIS servers, see (http://go.microsoft.com/fwlink/?LinkId=133230).
+App-V might use IIS servers in certain infrastructure configurations. For more information about configuring IIS servers, see (https://go.microsoft.com/fwlink/?LinkId=133230).
**Note**
If you are using IIS to publish the ICO and OSD files, configure a MIME type for OSD=TXT; otherwise, IIS will refuse to serve the ICO and OSD files to clients.
diff --git a/mdop/appv-v4/support-for-client-reporting-over-http.md b/mdop/appv-v4/support-for-client-reporting-over-http.md
index a857fad0b2..74fab84491 100644
--- a/mdop/appv-v4/support-for-client-reporting-over-http.md
+++ b/mdop/appv-v4/support-for-client-reporting-over-http.md
@@ -15,7 +15,7 @@ ms.prod: w8
Version 4.6 of the App-V client now supports the use of HTTP communication when sending client reporting data to the publishing server. This feature supports scenarios where a customer has implemented a custom HTTP(S) publishing server that is configured to collect and process client data.
-For more information on HTTP publishing servers, see
+For more information on HTTP publishing servers, see
## Client Reporting over HTTP
diff --git a/mdop/appv-v4/virtual-application-package-additional-components.md b/mdop/appv-v4/virtual-application-package-additional-components.md
index 84ab9e06e7..d917912857 100644
--- a/mdop/appv-v4/virtual-application-package-additional-components.md
+++ b/mdop/appv-v4/virtual-application-package-additional-components.md
@@ -27,13 +27,13 @@ To locate the required existing public assemblies, open the directory where the
Use any of the following links to download and install the correct version of the required prerequisites:
-- [Microsoft Visual C++ 2005 Redistributable Package (x64)](http://go.microsoft.com/fwlink/?LinkId=152697)
+- [Microsoft Visual C++ 2005 Redistributable Package (x64)](https://go.microsoft.com/fwlink/?LinkId=152697)
-- [Microsoft Visual C++ 2005 SP1 Redistributable Package (x64)](http://go.microsoft.com/fwlink/?LinkId=152698)
+- [Microsoft Visual C++ 2005 SP1 Redistributable Package (x64)](https://go.microsoft.com/fwlink/?LinkId=152698)
-- [Microsoft Visual C++ 2008 Redistributable Package (x64)](http://go.microsoft.com/fwlink/?LinkId=152699)
+- [Microsoft Visual C++ 2008 Redistributable Package (x64)](https://go.microsoft.com/fwlink/?LinkId=152699)
-- [Microsoft Visual C++ 2008 SP1 Redistributable Package (x64)](http://go.microsoft.com/fwlink/?LinkId=152700)
+- [Microsoft Visual C++ 2008 SP1 Redistributable Package (x64)](https://go.microsoft.com/fwlink/?LinkId=152700)
diff --git a/mdop/appv-v5/about-app-v-50-reporting.md b/mdop/appv-v5/about-app-v-50-reporting.md
index 77ba670095..0a5dfb415b 100644
--- a/mdop/appv-v5/about-app-v-50-reporting.md
+++ b/mdop/appv-v5/about-app-v-50-reporting.md
@@ -32,7 +32,7 @@ The following list displays the end–to-end high-level workflow for reporting i
2. Install the App-V 5.0 reporting server and associated database. For more information about installing the reporting server see [How to install the Reporting Server on a Standalone Computer and Connect it to the Database](how-to-install-the-reporting-server-on-a-standalone-computer-and-connect-it-to-the-database.md). Configure the time when the computer running the App-V 5.0 client should send data to the reporting server.
-3. If you are not using an electronic software distribution system such as Configuration Manager to view reports then you can define reports in SQL Server Reporting Service. Download predefined appvshort Reports from the Download Center at .
+3. If you are not using an electronic software distribution system such as Configuration Manager to view reports then you can define reports in SQL Server Reporting Service. Download predefined appvshort Reports from the Download Center at .
**Note**
If you are using the Configuration Manager integration with App-V 5.0, most reports are generated from Configuration Manager rather than from App-V 5.0.
@@ -287,7 +287,7 @@ To retrieve report information and create reports using App-V 5.0 you must use o
- **Microsoft SQL Server Reporting Services (SSRS)** - Microsoft SQL Server Reporting Services is available with Microsoft SQL Server. SSRS is not installed when you install the App-V 5.0 reporting server. It must be deployed separately to generate the associated reports.
- Use the following link for more information about using [Microsoft SQL Server Reporting Services](http://go.microsoft.com/fwlink/?LinkId=285596).
+ Use the following link for more information about using [Microsoft SQL Server Reporting Services](https://go.microsoft.com/fwlink/?LinkId=285596).
- **Scripting** – You can generate reports by scripting directly against the App-V 5.0 reporting database. For example:
@@ -295,7 +295,7 @@ To retrieve report information and create reports using App-V 5.0 you must use o
**spProcessClientReport** is scheduled to run at midnight or 12:00 AM.
- To run the Microsoft SQL Server Scheduled Stored procedure, the Microsoft SQL Server Agent must be running. You should ensure that the Microsoft SQL Server Agent is set to **AutoStart**. For more information see [Autostart SQL Server Agent (SQL Server Management Studio)](http://go.microsoft.com/fwlink/?LinkId=287045).
+ To run the Microsoft SQL Server Scheduled Stored procedure, the Microsoft SQL Server Agent must be running. You should ensure that the Microsoft SQL Server Agent is set to **AutoStart**. For more information see [Autostart SQL Server Agent (SQL Server Management Studio)](https://go.microsoft.com/fwlink/?LinkId=287045).
The stored procedure is also created when using the App-V 5.0 database scripts.
diff --git a/mdop/appv-v5/about-app-v-50-sp1.md b/mdop/appv-v5/about-app-v-50-sp1.md
index e6f75ebc8c..6f86684497 100644
--- a/mdop/appv-v5/about-app-v-50-sp1.md
+++ b/mdop/appv-v5/about-app-v-50-sp1.md
@@ -33,7 +33,7 @@ This service pack contains the following changes:
## How to Get MDOP Technologies
-App-V 5.0 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049) (http://go.microsoft.com/fwlink/?LinkId=322049).
+App-V 5.0 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049).
## Got a suggestion for App-V?
diff --git a/mdop/appv-v5/about-app-v-50-sp2.md b/mdop/appv-v5/about-app-v-50-sp2.md
index 22d8bd0187..a5362bac7d 100644
--- a/mdop/appv-v5/about-app-v-50-sp2.md
+++ b/mdop/appv-v5/about-app-v-50-sp2.md
@@ -13,7 +13,7 @@ ms.prod: w10
# About App-V 5.0 SP2
-App-V 5.0 SP2 provides an improved integrated platform, more flexible virtualization, and powerful management for virtualized applications. For more information see, [App-V 5.0 Overview](http://go.microsoft.com/fwlink/p/?LinkId=325265) (http://go.microsoft.com/fwlink/?LinkId=325265).
+App-V 5.0 SP2 provides an improved integrated platform, more flexible virtualization, and powerful management for virtualized applications. For more information see, [App-V 5.0 Overview](https://go.microsoft.com/fwlink/p/?LinkId=325265) (https://go.microsoft.com/fwlink/?LinkId=325265).
## Changes in Standard App-V 5.0 SP2 Functionality
@@ -101,7 +101,7 @@ This document focuses on creating a Microsoft Office 2013 App-V 5.0 Package. How
In previous versions of App-V 5.0 the Client Management User Interface (UI) was provided with the App-V 5.0 Client installation. With App-V 5.0 SP2 this is no longer the case. Administrators now have the option to deploy the App-V 5.0 Client UI as a Virtual Application (using all supported App-V deployment configurations) or as an installed application.
-For more information see [Microsoft Application Virtualization 5.0 Client UI Application](http://go.microsoft.com/fwlink/p/?LinkId=386345) (http://go.microsoft.com/fwlink/?LinkId=386345).
+For more information see [Microsoft Application Virtualization 5.0 Client UI Application](https://go.microsoft.com/fwlink/p/?LinkId=386345) (https://go.microsoft.com/fwlink/?LinkId=386345).
### Side-by-Side (SxS) Assembly Automatic Packaging and Deployment
@@ -157,7 +157,7 @@ App-V 5.0 SP2 provides updated documentation for the following scenarios:
## How to Get MDOP Technologies
-App-V 5.0 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049) (http://go.microsoft.com/fwlink/?LinkId=322049).
+App-V 5.0 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049).
## Got a suggestion for App-V?
diff --git a/mdop/appv-v5/about-app-v-50-sp3.md b/mdop/appv-v5/about-app-v-50-sp3.md
index 23f370c5a5..aeca744a26 100644
--- a/mdop/appv-v5/about-app-v-50-sp3.md
+++ b/mdop/appv-v5/about-app-v-50-sp3.md
@@ -816,7 +816,7 @@ Client-Catalog Client-Integration Client-Orchestration Client-PackageConfig Clie
## How to Get MDOP Technologies
-App-V is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049).
+App-V is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049).
## Got a suggestion for App-V?
diff --git a/mdop/appv-v5/about-app-v-50.md b/mdop/appv-v5/about-app-v-50.md
index a015d9082d..af2eb38ec2 100644
--- a/mdop/appv-v5/about-app-v-50.md
+++ b/mdop/appv-v5/about-app-v-50.md
@@ -13,7 +13,7 @@ ms.prod: w10
# About App-V 5.0
-App-V 5.0 provides an improved integrated platform, more flexible virtualization, and powerful management for virtualized applications. For more information see the [App-V 5.0 Overview](http://go.microsoft.com/fwlink/?LinkId=325265) (http://go.microsoft.com/fwlink/?LinkId=325265).
+App-V 5.0 provides an improved integrated platform, more flexible virtualization, and powerful management for virtualized applications. For more information see the [App-V 5.0 Overview](https://go.microsoft.com/fwlink/?LinkId=325265) (https://go.microsoft.com/fwlink/?LinkId=325265).
## What’s new?
@@ -87,7 +87,7 @@ The following table displays some of the differences between App-V 4.6 and App-V
## How to Get MDOP Technologies
-App-V 5.0 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049) (http://go.microsoft.com/fwlink/?LinkId=322049).
+App-V 5.0 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049).
## Got a suggestion for App-V?
diff --git a/mdop/appv-v5/about-app-v-51-reporting.md b/mdop/appv-v5/about-app-v-51-reporting.md
index d225aab003..38584df2af 100644
--- a/mdop/appv-v5/about-app-v-51-reporting.md
+++ b/mdop/appv-v5/about-app-v-51-reporting.md
@@ -32,7 +32,7 @@ The following list displays the end–to-end high-level workflow for reporting i
2. Install the App-V 5.1 reporting server and associated database. For more information about installing the reporting server see [How to install the Reporting Server on a Standalone Computer and Connect it to the Database](how-to-install-the-reporting-server-on-a-standalone-computer-and-connect-it-to-the-database51.md). Configure the time when the computer running the App-V 5.1 client should send data to the reporting server.
-3. If you are not using an electronic software distribution system such as Configuration Manager to view reports then you can define reports in SQL Server Reporting Service. Download predefined appvshort Reports from the Download Center at .
+3. If you are not using an electronic software distribution system such as Configuration Manager to view reports then you can define reports in SQL Server Reporting Service. Download predefined appvshort Reports from the Download Center at .
**Note**
If you are using the Configuration Manager integration with App-V 5.1, most reports are generated from Configuration Manager rather than from App-V 5.1.
@@ -287,7 +287,7 @@ To retrieve report information and create reports using App-V 5.1 you must use o
- **Microsoft SQL Server Reporting Services (SSRS)** - Microsoft SQL Server Reporting Services is available with Microsoft SQL Server. SSRS is not installed when you install the App-V 5.1 reporting server. It must be deployed separately to generate the associated reports.
- Use the following link for more information about using [Microsoft SQL Server Reporting Services](http://go.microsoft.com/fwlink/?LinkId=285596).
+ Use the following link for more information about using [Microsoft SQL Server Reporting Services](https://go.microsoft.com/fwlink/?LinkId=285596).
- **Scripting** – You can generate reports by scripting directly against the App-V 5.1 reporting database. For example:
@@ -295,7 +295,7 @@ To retrieve report information and create reports using App-V 5.1 you must use o
**spProcessClientReport** is scheduled to run at midnight or 12:00 AM.
- To run the Microsoft SQL Server Scheduled Stored procedure, the Microsoft SQL Server Agent must be running. You should ensure that the Microsoft SQL Server Agent is set to **AutoStart**. For more information see [Autostart SQL Server Agent (SQL Server Management Studio)](http://go.microsoft.com/fwlink/?LinkId=287045).
+ To run the Microsoft SQL Server Scheduled Stored procedure, the Microsoft SQL Server Agent must be running. You should ensure that the Microsoft SQL Server Agent is set to **AutoStart**. For more information see [Autostart SQL Server Agent (SQL Server Management Studio)](https://go.microsoft.com/fwlink/?LinkId=287045).
The stored procedure is also created when using the App-V 5.1 database scripts.
diff --git a/mdop/appv-v5/about-app-v-51.md b/mdop/appv-v5/about-app-v-51.md
index 54e14130c6..3e026b4e25 100644
--- a/mdop/appv-v5/about-app-v-51.md
+++ b/mdop/appv-v5/about-app-v-51.md
@@ -503,7 +503,7 @@ Previously, the 4.6 root folder was not recognized and could not be accessed by
## How to Get MDOP Technologies
-App-V is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049).
+App-V is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049).
## Got a suggestion for App-V?
diff --git a/mdop/appv-v5/accessibility-for-app-v-50.md b/mdop/appv-v5/accessibility-for-app-v-50.md
index a58364ec78..364b488643 100644
--- a/mdop/appv-v5/accessibility-for-app-v-50.md
+++ b/mdop/appv-v5/accessibility-for-app-v-50.md
@@ -110,7 +110,7 @@ For information about the availability of Microsoft product documentation and bo
(609) 987-8116 |
-[http://www.learningally.org/](http://go.microsoft.com/fwlink/?linkid=239) |
+[http://www.learningally.org/](https://go.microsoft.com/fwlink/?linkid=239) |
Web addresses can change, so you might be unable to connect to the website or sites mentioned here. |
@@ -132,7 +132,7 @@ Microsoft Support Services are subject to the prices, terms, and conditions in p
## For More Information
-For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](http://go.microsoft.com/fwlink/?linkid=8431).
+For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](https://go.microsoft.com/fwlink/?linkid=8431).
## Related topics
diff --git a/mdop/appv-v5/accessibility-for-app-v-51.md b/mdop/appv-v5/accessibility-for-app-v-51.md
index 1d53ac7b5d..6dd47f7bf3 100644
--- a/mdop/appv-v5/accessibility-for-app-v-51.md
+++ b/mdop/appv-v5/accessibility-for-app-v-51.md
@@ -131,7 +131,7 @@ For information about the availability of Microsoft product documentation and bo
(609) 987-8116 |
-[http://www.learningally.org/](http://go.microsoft.com/fwlink/?linkid=239) |
+[http://www.learningally.org/](https://go.microsoft.com/fwlink/?linkid=239) |
Web addresses can change, so you might be unable to connect to the website or sites mentioned here. |
@@ -153,7 +153,7 @@ Microsoft Support Services are subject to the prices, terms, and conditions in p
## For More Information
-For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](http://go.microsoft.com/fwlink/?linkid=8431).
+For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](https://go.microsoft.com/fwlink/?linkid=8431).
## Related topics
diff --git a/mdop/appv-v5/app-v-50-prerequisites.md b/mdop/appv-v5/app-v-50-prerequisites.md
index 29c64a87d8..92befd0ba0 100644
--- a/mdop/appv-v5/app-v-50-prerequisites.md
+++ b/mdop/appv-v5/app-v-50-prerequisites.md
@@ -121,7 +121,7 @@ The following table lists the installation prerequisites for the App-V 5.0 clien
[Visual C++ Redistributable Packages for Visual Studio 2013](http://www.microsoft.com/download/details.aspx?id=40784) (http://www.microsoft.com/download/details.aspx?id=40784)
This prerequisite is only required if you have installed Hotfix Package 4 for Application Virtualization 5.0 SP2 or later.
-[The Microsoft Visual C++ 2010 Redistributable](http://www.microsoft.com/download/details.aspx?id=26999) (http://go.microsoft.com/fwlink/?LinkId=26999)
+[The Microsoft Visual C++ 2010 Redistributable](http://www.microsoft.com/download/details.aspx?id=26999) (https://go.microsoft.com/fwlink/?LinkId=26999)
[Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)](http://www.microsoft.com/download/details.aspx?id=5638) (http://www.microsoft.com/download/details.aspx?id=5638)
@@ -166,7 +166,7 @@ The following table lists the installation prerequisites for the App-V 5.0 Remot
-Download and install [KB2533623](http://go.microsoft.com/fwlink/?LinkId=286102 ) (http://go.microsoft.com/fwlink/?LinkId=286102)
+Download and install [KB2533623](https://go.microsoft.com/fwlink/?LinkId=286102 ) (https://go.microsoft.com/fwlink/?LinkId=286102)
Important
@@ -181,7 +181,7 @@ The following table lists the installation prerequisites for the App-V 5.0 Remot
[Visual C++ Redistributable Packages for Visual Studio 2013](http://www.microsoft.com/download/details.aspx?id=40784) (http://www.microsoft.com/download/details.aspx?id=40784)
This prerequisite is required only if you have installed Hotfix Package 4 for Application Virtualization 5.0 SP2 or later.
-
[The Microsoft Visual C++ 2010 Redistributable](http://www.microsoft.com/download/details.aspx?id=26999) (http://go.microsoft.com/fwlink/?LinkId=26999)
+[The Microsoft Visual C++ 2010 Redistributable](http://www.microsoft.com/download/details.aspx?id=26999) (https://go.microsoft.com/fwlink/?LinkId=26999)
[Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)](http://www.microsoft.com/download/details.aspx?id=5638) (http://www.microsoft.com/download/details.aspx?id=5638)
@@ -230,7 +230,7 @@ If the system requirements of a locally installed application exceed the require
Download and install [KB2533623](http://support.microsoft.com/kb/2533623) (http://support.microsoft.com/kb/2533623)
-
For computers running Microsoft Windows Server 2008 R2 SP1, download and install [KB2533623](http://go.microsoft.com/fwlink/?LinkId=286102 ) (http://go.microsoft.com/fwlink/?LinkId=286102)
+For computers running Microsoft Windows Server 2008 R2 SP1, download and install [KB2533623](https://go.microsoft.com/fwlink/?LinkId=286102 ) (https://go.microsoft.com/fwlink/?LinkId=286102)
Important
@@ -313,7 +313,7 @@ The installation of the App-V 5.0 server on a computer that runs any previous ve
[Microsoft Visual C++ 2010 SP1 Redistributable Package (x64)](http://www.microsoft.com/download/details.aspx?id=13523) (http://www.microsoft.com/download/details.aspx?id=13523)
-
[Microsoft Visual C++ 2010 SP1 Redistributable Package (x86)](http://go.microsoft.com/fwlink/?LinkId=267110) (http://go.microsoft.com/fwlink/?LinkId=267110)
+
[Microsoft Visual C++ 2010 SP1 Redistributable Package (x86)](https://go.microsoft.com/fwlink/?LinkId=267110) (https://go.microsoft.com/fwlink/?LinkId=267110)
64-bit ASP.NET registration
The App-V 5.0 server components are dependent but they have varying requirements and installation options that must be deployed. Use the following information to prepare your environment to run the App-V 5.0 management server.
@@ -345,7 +345,7 @@ The installation of the App-V 5.0 server on a computer that runs any previous ve
[Microsoft .NET Framework 4 (Full Package)](http://www.microsoft.com/download/details.aspx?id=17718) (http://www.microsoft.com/download/details.aspx?id=17718)
[Microsoft Visual C++ 2010 SP1 Redistributable Package (x86)](http://go.microsoft.com/fwlink/?LinkId=267110)(http://go.microsoft.com/fwlink/?LinkId=267110)
[Microsoft Visual C++ 2010 SP1 Redistributable Package (x86)](https://go.microsoft.com/fwlink/?LinkId=267110)(https://go.microsoft.com/fwlink/?LinkId=267110)
The App-V 5.0 server components are dependent but they have varying requirements and installation options that must be deployed. Use the following information to prepare your environment to run the App-V 5.0 management database.
@@ -354,14 +354,14 @@ The installation of the App-V 5.0 server on a computer that runs any previous ve
Custom App-V 5.0 database name (if applicable) – you must specify a unique database name. The default value for the management database is AppVManagement.
App-V 5.0 management server location – specifies the machine account on which the management server is deployed. This should be specified in the following format Domain\MachineAccount.
App-V 5.0 management server installation administrator - specifies the account that will be used to install the App-V 5.0 management server. You should use the following format: Domain\AdministratorLoginName.
Microsoft SQL Server Service Agent - configure the computer running the App-V 5.0 Management Database so that Microsoft SQL Server Agent service is restarted automatically. For more information see [Configure SQL Server Agent to Restart Services Automatically](http://go.microsoft.com/fwlink/?LinkId=273725) (http://go.microsoft.com/fwlink/?LinkId=273725).
Microsoft SQL Server Service Agent - configure the computer running the App-V 5.0 Management Database so that Microsoft SQL Server Agent service is restarted automatically. For more information see [Configure SQL Server Agent to Restart Services Automatically](https://go.microsoft.com/fwlink/?LinkId=273725) (https://go.microsoft.com/fwlink/?LinkId=273725).
Reporting Server |
[Microsoft .NET Framework 4 (Full Package)](http://www.microsoft.com/download/details.aspx?id=17718) (http://www.microsoft.com/download/details.aspx?id=17718) [Microsoft Visual C++ 2010 SP1 Redistributable Package (x86)](http://go.microsoft.com/fwlink/?LinkId=267110)(http://go.microsoft.com/fwlink/?LinkId=267110) [Microsoft Visual C++ 2010 SP1 Redistributable Package (x86)](https://go.microsoft.com/fwlink/?LinkId=267110)(https://go.microsoft.com/fwlink/?LinkId=267110)
Note
To help reduce the risk of unwanted or malicious data being sent to the reporting server, you should restrict access to the Reporting Web Service per your corporate security policy.
@@ -388,7 +388,7 @@ The installation of the App-V 5.0 server on a computer that runs any previous ve
[Microsoft .NET Framework 4 (Full Package)](http://www.microsoft.com/download/details.aspx?id=17718) (http://www.microsoft.com/download/details.aspx?id=17718) [Microsoft Visual C++ 2010 SP1 Redistributable Package (x86)](http://go.microsoft.com/fwlink/?LinkId=267110)(http://go.microsoft.com/fwlink/?LinkId=267110) [Microsoft Visual C++ 2010 SP1 Redistributable Package (x86)](https://go.microsoft.com/fwlink/?LinkId=267110)(https://go.microsoft.com/fwlink/?LinkId=267110)
The App-V 5.0 server components are dependent but they have varying requirements and installation options that must be deployed. Use the following information to prepare your environment to run the App-V 5.0 reporting database.
@@ -404,7 +404,7 @@ The installation of the App-V 5.0 server on a computer that runs any previous ve
Publishing Server |
[Microsoft .NET Framework 4 (Full Package)](http://www.microsoft.com/download/details.aspx?id=17718) (http://www.microsoft.com/download/details.aspx?id=17718) [Microsoft Visual C++ 2010 SP1 Redistributable Package (x86)](http://go.microsoft.com/fwlink/?LinkId=267110)(http://go.microsoft.com/fwlink/?LinkId=267110) [Microsoft Visual C++ 2010 SP1 Redistributable Package (x86)](https://go.microsoft.com/fwlink/?LinkId=267110)(https://go.microsoft.com/fwlink/?LinkId=267110) Windows Web Server with the IIS role with the following features: Common HTTP Features (static content and default document), Application Development (ASP.NET, .NET Extensibility, ISAPI Extensions and ISAPI Filters), Security (Windows Authentication, Request Filtering), Security (Windows Authentication, Request Filtering), Management Tools (IIS Management Console) 64-bit ASP.NET registration
diff --git a/mdop/appv-v5/app-v-50-security-considerations.md b/mdop/appv-v5/app-v-50-security-considerations.md
index 80465b3f69..3ab2c1e27b 100644
--- a/mdop/appv-v5/app-v-50-security-considerations.md
+++ b/mdop/appv-v5/app-v-50-security-considerations.md
@@ -32,9 +32,9 @@ Effective as of June, 2014, the PackageStoreAccessControl (PSAC) feature that wa
**Physically secure your computers**. Security is incomplete without physical security. Anyone with physical access to an App-V 5.0 server could potentially attack the entire client base. Any potential physical attacks must be considered high risk and mitigated appropriately. App-V 5.0 servers should be stored in a physically secure server room with controlled access. Secure these computers when administrators are not physically present by having the operating system lock the computer, or by using a secured screen saver.
-**Apply the most recent security updates to all computers**. To stay informed about the latest updates for operating systems, Microsoft SQL Server, and App-V 5.0, subscribe to the Security Notification service ().
+**Apply the most recent security updates to all computers**. To stay informed about the latest updates for operating systems, Microsoft SQL Server, and App-V 5.0, subscribe to the Security Notification service ().
-**Use strong passwords or pass phrases**. Always use strong passwords with 15 or more characters for all App-V 5.0 and App-V 5.0 administrator accounts. Never use blank passwords. For more information about password concepts, see the “Account Passwords and Policies” white paper on TechNet ().
+**Use strong passwords or pass phrases**. Always use strong passwords with 15 or more characters for all App-V 5.0 and App-V 5.0 administrator accounts. Never use blank passwords. For more information about password concepts, see the “Account Passwords and Policies” white paper on TechNet ().
## Accounts and groups in App-V 5.0
diff --git a/mdop/appv-v5/app-v-50-sp3-supported-configurations.md b/mdop/appv-v5/app-v-50-sp3-supported-configurations.md
index b8f5ab3ec8..d322d23b00 100644
--- a/mdop/appv-v5/app-v-50-sp3-supported-configurations.md
+++ b/mdop/appv-v5/app-v-50-sp3-supported-configurations.md
@@ -41,7 +41,7 @@ The App-V 5.0 SP3 Server does not support the following scenarios:
The following table lists the operating systems that are supported for the App-V 5.0 SP3 Management server installation.
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/p/?LinkId=31975). See [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/p/?LinkId=31976) for more information.
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/p/?LinkId=31975). See [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/p/?LinkId=31976) for more information.
diff --git a/mdop/appv-v5/app-v-50-supported-configurations.md b/mdop/appv-v5/app-v-50-supported-configurations.md
index 017bbdc6b2..5ccd534c4c 100644
--- a/mdop/appv-v5/app-v-50-supported-configurations.md
+++ b/mdop/appv-v5/app-v-50-supported-configurations.md
@@ -56,7 +56,7 @@ The App-V 5.0 server does not support the following scenarios:
The following table lists the operating systems that are supported for the App-V 5.0 management server installation.
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/p/?LinkId=31976).
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/p/?LinkId=31976).
@@ -117,7 +117,7 @@ Deployment of the management server role to a computer with Remote Desktop Shari
The following table lists the operating systems that are supported for the App-V 5.0 publishing server installation.
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/p/?LinkId=31976).
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/p/?LinkId=31976).
@@ -173,7 +173,7 @@ Microsoft provides support for the current service pack and, in some cases, the
The following table lists the operating systems that are supported for the App-V 5.0 reporting server installation.
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/p/?LinkId=31976).
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/p/?LinkId=31976).
@@ -281,7 +281,7 @@ The following table lists the SQL Server versions that are supported for the Ap
The following table lists the operating systems that are supported for the App-V 5.0 client installation.
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/p/?LinkId=31976).
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/p/?LinkId=31976).
@@ -350,7 +350,7 @@ The following list displays the supported hardware configuration for the App-V 5
The following table lists the operating systems that are supported for App-V 5.0 Remote Desktop client installation.
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/p/?LinkId=31976).
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/p/?LinkId=31976).
@@ -394,7 +394,7 @@ The following list displays the supported hardware configuration for the App-V 5
The following table lists the operating systems that are supported for App-V 5.0 Sequencer installation.
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/p/?LinkId=31976).
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/p/?LinkId=31976).
diff --git a/mdop/appv-v5/app-v-51-security-considerations.md b/mdop/appv-v5/app-v-51-security-considerations.md
index 0d4858a9e0..9601386069 100644
--- a/mdop/appv-v5/app-v-51-security-considerations.md
+++ b/mdop/appv-v5/app-v-51-security-considerations.md
@@ -32,9 +32,9 @@ Effective as of June, 2014, the PackageStoreAccessControl (PSAC) feature that wa
**Physically secure your computers**. Security is incomplete without physical security. Anyone with physical access to an App-V 5.1 server could potentially attack the entire client base. Any potential physical attacks must be considered high risk and mitigated appropriately. App-V 5.1 servers should be stored in a physically secure server room with controlled access. Secure these computers when administrators are not physically present by having the operating system lock the computer, or by using a secured screen saver.
-**Apply the most recent security updates to all computers**. To stay informed about the latest updates for operating systems, Microsoft SQL Server, and App-V 5.1, subscribe to the Security Notification service ().
+**Apply the most recent security updates to all computers**. To stay informed about the latest updates for operating systems, Microsoft SQL Server, and App-V 5.1, subscribe to the Security Notification service ().
-**Use strong passwords or pass phrases**. Always use strong passwords with 15 or more characters for all App-V 5.1 and App-V 5.1 administrator accounts. Never use blank passwords. For more information about password concepts, see the “Account Passwords and Policies” white paper on TechNet ().
+**Use strong passwords or pass phrases**. Always use strong passwords with 15 or more characters for all App-V 5.1 and App-V 5.1 administrator accounts. Never use blank passwords. For more information about password concepts, see the “Account Passwords and Policies” white paper on TechNet ().
## Accounts and groups in App-V 5.1
diff --git a/mdop/appv-v5/app-v-51-supported-configurations.md b/mdop/appv-v5/app-v-51-supported-configurations.md
index e577b07048..9c74ff17a6 100644
--- a/mdop/appv-v5/app-v-51-supported-configurations.md
+++ b/mdop/appv-v5/app-v-51-supported-configurations.md
@@ -39,7 +39,7 @@ The App-V 5.1 Server does not support the following scenarios:
The following table lists the operating systems that are supported for the App-V 5.1 Management server installation.
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/p/?LinkId=31975). See [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/p/?LinkId=31976) for more information.
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/p/?LinkId=31975). See [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/p/?LinkId=31976) for more information.
diff --git a/mdop/appv-v5/application-publishing-and-client-interaction.md b/mdop/appv-v5/application-publishing-and-client-interaction.md
index 116dc7fb5b..8d791d1880 100644
--- a/mdop/appv-v5/application-publishing-and-client-interaction.md
+++ b/mdop/appv-v5/application-publishing-and-client-interaction.md
@@ -247,7 +247,7 @@ To change the default location of the package store during setup, see [How to De
### Shared Content Store
-If the App-V Client is configured in Shared Content Store mode, no data is written to disk when a stream fault occurs, which means that the packages require minimal local disk space (publishing data). The use of less disk space is highly desirable in VDI environments, where local storage can be limited, and streaming the applications from a high performance network location (such as a SAN) is preferable. For more information on shared content store mode, see .
+If the App-V Client is configured in Shared Content Store mode, no data is written to disk when a stream fault occurs, which means that the packages require minimal local disk space (publishing data). The use of less disk space is highly desirable in VDI environments, where local storage can be limited, and streaming the applications from a high performance network location (such as a SAN) is preferable. For more information on shared content store mode, see .
**Note**
The machine and package store must be located on a local drive, even when you’re using Shared Content Store configurations for the App-V Client.
@@ -589,9 +589,9 @@ App-V packages can be configured with a primary feature block during sequencing.
After the initial stream of any publishing data and the primary feature block, requests for additional files perform stream faults. These blocks of data are downloaded to the package store on an as-needed basis. This allows a user to download only a small part of the package, typically enough to launch the package and run normal tasks. All other blocks are downloaded when a user initiates an operation that requires data not currently in the package store.
-For more information on App-V Package streaming visit: .
+For more information on App-V Package streaming visit: .
-Sequencing for streaming optimization is available at: .
+Sequencing for streaming optimization is available at: .
### Package upgrades
@@ -803,7 +803,7 @@ This process will re-create both the local and network locations for AppData and
In an App-V Full Infrastructure, after applications are sequenced they are managed and published to users or computers via the App-V Management and Publishing servers. This section details the operations that occur during the common App-V application lifecycle operations (Add, publishing, launch, upgrade, and removal) and the file and registry locations that are changed and modified from the App-V Client perspective. The App-V Client operations are performed as a series of PowerShell commands initiated on the computer running the App-V Client.
-This document focuses on App-V Full Infrastructure solutions. For specific information on App-V Integration with Configuration Manager 2012 visit: .
+This document focuses on App-V Full Infrastructure solutions. For specific information on App-V Integration with Configuration Manager 2012 visit: .
The App-V application lifecycle tasks are triggered at user login (default), machine startup, or as background timed operations. The settings for the App-V Client operations, including Publishing Servers, refresh intervals, package script enablement, and others, are configured during setup of the client or post-setup with PowerShell commands. See the How to Deploy the Client section on TechNet at: [How to Deploy the App-V Client](how-to-deploy-the-app-v-client-gb18030.md) or utilize the PowerShell:
@@ -1311,7 +1311,7 @@ The App-V Client supports publishing applications with support for COM integrati
App-V supports registering COM objects from the package to the local operating system with two process types: Out-of-process and in-process. Registering COM objects is accomplished with one or a combination of multiple modes of operation for a specific App-V package that includes off, Isolated, and Integrated. The integrated mode is configured for either the out-of-process or in-process type. Configuration of COM modes and types is accomplished with dynamic configuration files (deploymentconfig.xml or userconfig.xml).
-Details on App-V integration are available at: .
+Details on App-V integration are available at: .
### Software clients and application capabilities
@@ -1380,7 +1380,7 @@ For situations where there is more than one application that could register the
The AppPath extension point supports calling App-V applications directly from the operating system. This is typically accomplished from the Run or Start Screen, depending on the operating system, which enables administrators to provide access to App-V applications from operating system commands or scripts without calling the specific path to the executable. It therefore avoids modifying the system path environment variable on all systems, as it is accomplished during publishing.
-The AppPath extension point is configured either in the manifest or in the dynamic configuration files and is stored in the registry on the local machine during publishing for the user. For additional information on AppPath review: .
+The AppPath extension point is configured either in the manifest or in the dynamic configuration files and is stored in the registry on the local machine during publishing for the user. For additional information on AppPath review: .
### Virtual application
@@ -1502,7 +1502,7 @@ App-V Packages contain the Manifest file inside of the appv package file, which
### Example for dynamic configuration files
-The example below shows the combination of the Manifest, Deployment Configuration and User Configuration files after publishing and during normal operation. These examples are abbreviated examples of each of the files. The purpose is show the combination of the files only and not to be a complete description of the specific categories available in each of the files. For more information review the App-V 5 Sequencing Guide at:
+The example below shows the combination of the Manifest, Deployment Configuration and User Configuration files after publishing and during normal operation. These examples are abbreviated examples of each of the files. The purpose is show the combination of the files only and not to be a complete description of the specific categories available in each of the files. For more information review the App-V 5 Sequencing Guide at:
**Manifest**
diff --git a/mdop/appv-v5/application-publishing-and-client-interaction51.md b/mdop/appv-v5/application-publishing-and-client-interaction51.md
index 0754f6a1d8..47c268f62b 100644
--- a/mdop/appv-v5/application-publishing-and-client-interaction51.md
+++ b/mdop/appv-v5/application-publishing-and-client-interaction51.md
@@ -92,7 +92,7 @@ The Sequencer creates App-V packages and produces a virtualized application. The
-For information about sequencing, see [Application Virtualization Sequencing Guide](http://go.microsoft.com/fwlink/?LinkID=269810).
+For information about sequencing, see [Application Virtualization Sequencing Guide](https://go.microsoft.com/fwlink/?LinkID=269810).
## What’s in the appv file?
@@ -247,7 +247,7 @@ To change the default location of the package store during setup, see [How to De
### Shared Content Store
-If the App-V Client is configured in Shared Content Store mode, no data is written to disk when a stream fault occurs, which means that the packages require minimal local disk space (publishing data). The use of less disk space is highly desirable in VDI environments, where local storage can be limited, and streaming the applications from a high performance network location (such as a SAN) is preferable. For more information on shared content store mode, see .
+If the App-V Client is configured in Shared Content Store mode, no data is written to disk when a stream fault occurs, which means that the packages require minimal local disk space (publishing data). The use of less disk space is highly desirable in VDI environments, where local storage can be limited, and streaming the applications from a high performance network location (such as a SAN) is preferable. For more information on shared content store mode, see .
**Note**
The machine and package store must be located on a local drive, even when you’re using Shared Content Store configurations for the App-V Client.
@@ -589,9 +589,9 @@ App-V packages can be configured with a primary feature block during sequencing.
After the initial stream of any publishing data and the primary feature block, requests for additional files perform stream faults. These blocks of data are downloaded to the package store on an as-needed basis. This allows a user to download only a small part of the package, typically enough to launch the package and run normal tasks. All other blocks are downloaded when a user initiates an operation that requires data not currently in the package store.
-For more information on App-V Package streaming visit: .
+For more information on App-V Package streaming visit: .
-Sequencing for streaming optimization is available at: .
+Sequencing for streaming optimization is available at: .
### Package upgrades
@@ -803,7 +803,7 @@ This process will re-create both the local and network locations for AppData and
In an App-V Full Infrastructure, after applications are sequenced they are managed and published to users or computers via the App-V Management and Publishing servers. This section details the operations that occur during the common App-V application lifecycle operations (Add, publishing, launch, upgrade, and removal) and the file and registry locations that are changed and modified from the App-V Client perspective. The App-V Client operations are performed as a series of PowerShell commands initiated on the computer running the App-V Client.
-This document focuses on App-V Full Infrastructure solutions. For specific information on App-V Integration with Configuration Manager 2012 visit: .
+This document focuses on App-V Full Infrastructure solutions. For specific information on App-V Integration with Configuration Manager 2012 visit: .
The App-V application lifecycle tasks are triggered at user login (default), machine startup, or as background timed operations. The settings for the App-V Client operations, including Publishing Servers, refresh intervals, package script enablement, and others, are configured during setup of the client or post-setup with PowerShell commands. See the How to Deploy the Client section on TechNet at: [How to Deploy the App-V Client](how-to-deploy-the-app-v-client-51gb18030.md) or utilize the PowerShell:
@@ -1311,7 +1311,7 @@ The App-V Client supports publishing applications with support for COM integrati
App-V supports registering COM objects from the package to the local operating system with two process types: Out-of-process and in-process. Registering COM objects is accomplished with one or a combination of multiple modes of operation for a specific App-V package that includes off, Isolated, and Integrated. The integrated mode is configured for either the out-of-process or in-process type. Configuration of COM modes and types is accomplished with dynamic configuration files (deploymentconfig.xml or userconfig.xml).
-Details on App-V integration are available at: .
+Details on App-V integration are available at: .
### Software clients and application capabilities
@@ -1380,7 +1380,7 @@ For situations where there is more than one application that could register the
The AppPath extension point supports calling App-V applications directly from the operating system. This is typically accomplished from the Run or Start Screen, depending on the operating system, which enables administrators to provide access to App-V applications from operating system commands or scripts without calling the specific path to the executable. It therefore avoids modifying the system path environment variable on all systems, as it is accomplished during publishing.
-The AppPath extension point is configured either in the manifest or in the dynamic configuration files and is stored in the registry on the local machine during publishing for the user. For additional information on AppPath review: .
+The AppPath extension point is configured either in the manifest or in the dynamic configuration files and is stored in the registry on the local machine during publishing for the user. For additional information on AppPath review: .
### Virtual application
@@ -1502,7 +1502,7 @@ App-V Packages contain the Manifest file inside of the appv package file, which
### Example for dynamic configuration files
-The example below shows the combination of the Manifest, Deployment Configuration and User Configuration files after publishing and during normal operation. These examples are abbreviated examples of each of the files. The purpose is show the combination of the files only and not to be a complete description of the specific categories available in each of the files. For more information review the App-V 5 Sequencing Guide at:
+The example below shows the combination of the Manifest, Deployment Configuration and User Configuration files after publishing and during normal operation. These examples are abbreviated examples of each of the files. The purpose is show the combination of the files only and not to be a complete description of the specific categories available in each of the files. For more information review the App-V 5 Sequencing Guide at:
**Manifest**
diff --git a/mdop/appv-v5/deploying-app-v-50-packages-by-using-electronic-software-distribution--esd-.md b/mdop/appv-v5/deploying-app-v-50-packages-by-using-electronic-software-distribution--esd-.md
index 90f6a35518..b587a6d203 100644
--- a/mdop/appv-v5/deploying-app-v-50-packages-by-using-electronic-software-distribution--esd-.md
+++ b/mdop/appv-v5/deploying-app-v-50-packages-by-using-electronic-software-distribution--esd-.md
@@ -15,7 +15,7 @@ ms.prod: w10
You can deploy App-V 5.0 packages using an Electronic Software Distribution (ESD) solution. For information about planning to deploy App-V packages with an ESD, see [Planning to Deploy App-V 5.0 with an Electronic Software Distribution System](planning-to-deploy-app-v-50-with-an-electronic-software-distribution-system.md).
-To deploy App-V packages with Microsoft System Center 2012 Configuration Manager, see [Introduction to Application Management in Configuration Manager](http://go.microsoft.com/fwlink/?LinkId=281816)
+To deploy App-V packages with Microsoft System Center 2012 Configuration Manager, see [Introduction to Application Management in Configuration Manager](https://go.microsoft.com/fwlink/?LinkId=281816)
## How to deploy virtualized packages using an ESD
@@ -39,7 +39,7 @@ Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-micros
## Other resources for using an ESD and App-V 5.0
-Use the following link for more information about [App-V and Citrix Integration](http://go.microsoft.com/fwlink/?LinkId=330294 ) (http://go.microsoft.com/fwlink/?LinkId=330294).
+Use the following link for more information about [App-V and Citrix Integration](https://go.microsoft.com/fwlink/?LinkId=330294 ) (https://go.microsoft.com/fwlink/?LinkId=330294).
[Operations for App-V 5.0](operations-for-app-v-50.md)
diff --git a/mdop/appv-v5/deploying-app-v-51-packages-by-using-electronic-software-distribution--esd-.md b/mdop/appv-v5/deploying-app-v-51-packages-by-using-electronic-software-distribution--esd-.md
index 1e8db3d31a..2b24f5e756 100644
--- a/mdop/appv-v5/deploying-app-v-51-packages-by-using-electronic-software-distribution--esd-.md
+++ b/mdop/appv-v5/deploying-app-v-51-packages-by-using-electronic-software-distribution--esd-.md
@@ -15,7 +15,7 @@ ms.prod: w10
You can deploy App-V 5.1 packages using an Electronic Software Distribution (ESD) solution. For information about planning to deploy App-V packages with an ESD, see [Planning to Deploy App-V 5.1 with an Electronic Software Distribution System](planning-to-deploy-app-v-51-with-an-electronic-software-distribution-system.md).
-To deploy App-V packages with Microsoft System Center 2012 Configuration Manager, see [Introduction to Application Management in Configuration Manager](http://go.microsoft.com/fwlink/?LinkId=281816)
+To deploy App-V packages with Microsoft System Center 2012 Configuration Manager, see [Introduction to Application Management in Configuration Manager](https://go.microsoft.com/fwlink/?LinkId=281816)
## How to deploy virtualized packages using an ESD
@@ -39,7 +39,7 @@ Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-micros
## Other resources for using an ESD and App-V 5.1
-Use the following link for more information about [App-V and Citrix Integration](http://go.microsoft.com/fwlink/?LinkId=330294 ) (http://go.microsoft.com/fwlink/?LinkId=330294).
+Use the following link for more information about [App-V and Citrix Integration](https://go.microsoft.com/fwlink/?LinkId=330294 ) (https://go.microsoft.com/fwlink/?LinkId=330294).
[Operations for App-V 5.1](operations-for-app-v-51.md)
diff --git a/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v.md b/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v.md
index 17fcf783cc..eec1bd9312 100644
--- a/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v.md
+++ b/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v.md
@@ -73,16 +73,16 @@ The following table shows the App-V versions, methods of Office package creation
Sequencing Office 2010 is one of the main methods for creating an Office 2010 package on App-V 5.0. Microsoft has provided a detailed recipe through a Knowledge Base article. To create an Office 2010 package on App-V 5.0, refer to the following link for detailed instructions:
-[How To Sequence Microsoft Office 2010 in Microsoft Application Virtualization 5.0](http://go.microsoft.com/fwlink/p/?LinkId=330676)
+[How To Sequence Microsoft Office 2010 in Microsoft Application Virtualization 5.0](https://go.microsoft.com/fwlink/p/?LinkId=330676)
## Creating Office 2010 App-V 5.0 packages using package accelerators
Office 2010 App-V 5.0 packages can be created through package accelerators. Microsoft has provided package accelerators for creating Office 2010 on Windows 8 and Windows 7. To create Office 2010 packages on App-V using Package accelerators, refer to the following pages to access the appropriate package accelerator:
-- [App-V 5.0 Package Accelerator for Office Professional Plus 2010 – Windows 8](http://go.microsoft.com/fwlink/p/?LinkId=330677)
+- [App-V 5.0 Package Accelerator for Office Professional Plus 2010 – Windows 8](https://go.microsoft.com/fwlink/p/?LinkId=330677)
-- [App-V 5.0 Package Accelerator for Office Professional Plus 2010 – Windows 7](http://go.microsoft.com/fwlink/p/?LinkId=330678)
+- [App-V 5.0 Package Accelerator for Office Professional Plus 2010 – Windows 7](https://go.microsoft.com/fwlink/p/?LinkId=330678)
For detailed instructions on how to create virtual application packages using App-V package accelerators, see [How to Create a Virtual Application Package Using an App-V Package Accelerator](how-to-create-a-virtual-application-package-using-an-app-v-package-accelerator.md).
@@ -178,7 +178,7 @@ The following table provides a full list of supported integration points for Off
| |
Active X Controls: |
-For more information on ActiveX controls, refer to [ActiveX Control API Reference](http://go.microsoft.com/fwlink/p/?LinkId=331361). |
+For more information on ActiveX controls, refer to [ActiveX Control API Reference](https://go.microsoft.com/fwlink/p/?LinkId=331361). |
|
@@ -276,19 +276,19 @@ The following table provides a full list of supported integration points for Off
**Office 2013 App-V 5.0 Packages 5.0 Additional Resources**
-[Supported scenarios for deploying Microsoft Office as a sequenced App-V Package](http://go.microsoft.com/fwlink/p/?LinkId=330680)
+[Supported scenarios for deploying Microsoft Office as a sequenced App-V Package](https://go.microsoft.com/fwlink/p/?LinkId=330680)
**Office 2010 App-V 5.0 Packages**
-[Microsoft Office 2010 Sequencing Kit for Microsoft Application Virtualization 5.0](http://go.microsoft.com/fwlink/p/?LinkId=330681)
+[Microsoft Office 2010 Sequencing Kit for Microsoft Application Virtualization 5.0](https://go.microsoft.com/fwlink/p/?LinkId=330681)
-[Known issues when you create or use an App-V 5.0 Office 2010 package](http://go.microsoft.com/fwlink/p/?LinkId=330682)
+[Known issues when you create or use an App-V 5.0 Office 2010 package](https://go.microsoft.com/fwlink/p/?LinkId=330682)
-[How to sequence Microsoft Office 2010 in Microsoft Application Virtualization 5.0](http://go.microsoft.com/fwlink/p/?LinkId=330676)
+[How to sequence Microsoft Office 2010 in Microsoft Application Virtualization 5.0](https://go.microsoft.com/fwlink/p/?LinkId=330676)
**Connection Groups**
-[Deploying Connection Groups in Microsoft App-V v5](http://go.microsoft.com/fwlink/p/?LinkId=330683)
+[Deploying Connection Groups in Microsoft App-V v5](https://go.microsoft.com/fwlink/p/?LinkId=330683)
[Managing Connection Groups](managing-connection-groups.md)
diff --git a/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v51.md b/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v51.md
index 8423b1637e..e48ac4f848 100644
--- a/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v51.md
+++ b/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v51.md
@@ -74,16 +74,16 @@ The following table shows the App-V versions, methods of Office package creation
Sequencing Office 2010 is one of the main methods for creating an Office 2010 package on App-V 5.1. Microsoft has provided a detailed recipe through a Knowledge Base article. To create an Office 2010 package on App-V 5.1, refer to the following link for detailed instructions:
-[How To Sequence Microsoft Office 2010 in Microsoft Application Virtualization 5.0](http://go.microsoft.com/fwlink/p/?LinkId=330676)
+[How To Sequence Microsoft Office 2010 in Microsoft Application Virtualization 5.0](https://go.microsoft.com/fwlink/p/?LinkId=330676)
## Creating Office 2010 App-V 5.1 packages using package accelerators
Office 2010 App-V 5.1 packages can be created through package accelerators. Microsoft has provided package accelerators for creating Office 2010 on Windows 10, Windows 8 and Windows 7. To create Office 2010 packages on App-V using Package accelerators, refer to the following pages to access the appropriate package accelerator:
-- [App-V 5.0 Package Accelerator for Office Professional Plus 2010 – Windows 8](http://go.microsoft.com/fwlink/p/?LinkId=330677)
+- [App-V 5.0 Package Accelerator for Office Professional Plus 2010 – Windows 8](https://go.microsoft.com/fwlink/p/?LinkId=330677)
-- [App-V 5.0 Package Accelerator for Office Professional Plus 2010 – Windows 7](http://go.microsoft.com/fwlink/p/?LinkId=330678)
+- [App-V 5.0 Package Accelerator for Office Professional Plus 2010 – Windows 7](https://go.microsoft.com/fwlink/p/?LinkId=330678)
For detailed instructions on how to create virtual application packages using App-V package accelerators, see [How to Create a Virtual Application Package Using an App-V Package Accelerator](how-to-create-a-virtual-application-package-using-an-app-v-package-accelerator51.md).
@@ -179,7 +179,7 @@ The following table provides a full list of supported integration points for Off
Active X Controls: |
-For more information on ActiveX controls, refer to [ActiveX Control API Reference](http://go.microsoft.com/fwlink/p/?LinkId=331361). |
+For more information on ActiveX controls, refer to [ActiveX Control API Reference](https://go.microsoft.com/fwlink/p/?LinkId=331361). |
|
@@ -277,19 +277,19 @@ The following table provides a full list of supported integration points for Off
**Office 2013 App-V Packages Additional Resources**
-[Supported scenarios for deploying Microsoft Office as a sequenced App-V Package](http://go.microsoft.com/fwlink/p/?LinkId=330680)
+[Supported scenarios for deploying Microsoft Office as a sequenced App-V Package](https://go.microsoft.com/fwlink/p/?LinkId=330680)
**Office 2010 App-V Packages**
-[Microsoft Office 2010 Sequencing Kit for Microsoft Application Virtualization 5.0](http://go.microsoft.com/fwlink/p/?LinkId=330681)
+[Microsoft Office 2010 Sequencing Kit for Microsoft Application Virtualization 5.0](https://go.microsoft.com/fwlink/p/?LinkId=330681)
-[Known issues when you create or use an App-V 5.0 Office 2010 package](http://go.microsoft.com/fwlink/p/?LinkId=330682)
+[Known issues when you create or use an App-V 5.0 Office 2010 package](https://go.microsoft.com/fwlink/p/?LinkId=330682)
-[How to sequence Microsoft Office 2010 in Microsoft Application Virtualization 5.0](http://go.microsoft.com/fwlink/p/?LinkId=330676)
+[How to sequence Microsoft Office 2010 in Microsoft Application Virtualization 5.0](https://go.microsoft.com/fwlink/p/?LinkId=330676)
**Connection Groups**
-[Deploying Connection Groups in Microsoft App-V v5](http://go.microsoft.com/fwlink/p/?LinkId=330683)
+[Deploying Connection Groups in Microsoft App-V v5](https://go.microsoft.com/fwlink/p/?LinkId=330683)
[Managing Connection Groups](managing-connection-groups51.md)
diff --git a/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v.md b/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v.md
index d6f50efe56..a0615d5921 100644
--- a/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v.md
+++ b/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v.md
@@ -859,21 +859,21 @@ The following table describes the requirements and options for deploying Visio 2
**Office 2013 App-V 5.0 Packages 5.0 Additional Resources**
-[Office Deployment Tool for Click-to-Run](http://go.microsoft.com/fwlink/p/?LinkID=330672)
+[Office Deployment Tool for Click-to-Run](https://go.microsoft.com/fwlink/p/?LinkID=330672)
-[Supported scenarios for deploying Microsoft Office as a sequenced App-V Package](http://go.microsoft.com/fwlink/p/?LinkId=330680)
+[Supported scenarios for deploying Microsoft Office as a sequenced App-V Package](https://go.microsoft.com/fwlink/p/?LinkId=330680)
**Office 2010 App-V 5.0 Packages**
-[Microsoft Office 2010 Sequencing Kit for Microsoft Application Virtualization 5.0](http://go.microsoft.com/fwlink/p/?LinkId=330681)
+[Microsoft Office 2010 Sequencing Kit for Microsoft Application Virtualization 5.0](https://go.microsoft.com/fwlink/p/?LinkId=330681)
-[Known issues when you create or use an App-V 5.0 Office 2010 package](http://go.microsoft.com/fwlink/p/?LinkId=330682)
+[Known issues when you create or use an App-V 5.0 Office 2010 package](https://go.microsoft.com/fwlink/p/?LinkId=330682)
-[How to sequence Microsoft Office 2010 in Microsoft Application Virtualization 5.0](http://go.microsoft.com/fwlink/p/?LinkId=330676)
+[How to sequence Microsoft Office 2010 in Microsoft Application Virtualization 5.0](https://go.microsoft.com/fwlink/p/?LinkId=330676)
**Connection Groups**
-[Deploying Connection Groups in Microsoft App-V v5](http://go.microsoft.com/fwlink/p/?LinkId=330683)
+[Deploying Connection Groups in Microsoft App-V v5](https://go.microsoft.com/fwlink/p/?LinkId=330683)
[Managing Connection Groups](managing-connection-groups.md)
diff --git a/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v51.md b/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v51.md
index 4004b3a502..cc8b0e0899 100644
--- a/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v51.md
+++ b/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v51.md
@@ -859,21 +859,21 @@ The following table describes the requirements and options for deploying Visio 2
**Office 2013 App-V Packages Additional Resources**
-[Office Deployment Tool for Click-to-Run](http://go.microsoft.com/fwlink/p/?LinkID=330672)
+[Office Deployment Tool for Click-to-Run](https://go.microsoft.com/fwlink/p/?LinkID=330672)
-[Supported scenarios for deploying Microsoft Office as a sequenced App-V Package](http://go.microsoft.com/fwlink/p/?LinkId=330680)
+[Supported scenarios for deploying Microsoft Office as a sequenced App-V Package](https://go.microsoft.com/fwlink/p/?LinkId=330680)
**Office 2010 App-V Packages**
-[Microsoft Office 2010 Sequencing Kit for Microsoft Application Virtualization 5.0](http://go.microsoft.com/fwlink/p/?LinkId=330681)
+[Microsoft Office 2010 Sequencing Kit for Microsoft Application Virtualization 5.0](https://go.microsoft.com/fwlink/p/?LinkId=330681)
-[Known issues when you create or use an App-V 5.0 Office 2010 package](http://go.microsoft.com/fwlink/p/?LinkId=330682)
+[Known issues when you create or use an App-V 5.0 Office 2010 package](https://go.microsoft.com/fwlink/p/?LinkId=330682)
-[How to sequence Microsoft Office 2010 in Microsoft Application Virtualization 5.0](http://go.microsoft.com/fwlink/p/?LinkId=330676)
+[How to sequence Microsoft Office 2010 in Microsoft Application Virtualization 5.0](https://go.microsoft.com/fwlink/p/?LinkId=330676)
**Connection Groups**
-[Deploying Connection Groups in Microsoft App-V v5](http://go.microsoft.com/fwlink/p/?LinkId=330683)
+[Deploying Connection Groups in Microsoft App-V v5](https://go.microsoft.com/fwlink/p/?LinkId=330683)
[Managing Connection Groups](managing-connection-groups51.md)
diff --git a/mdop/appv-v5/getting-started-with-app-v-50--rtm.md b/mdop/appv-v5/getting-started-with-app-v-50--rtm.md
index 3840ca02e8..368114618a 100644
--- a/mdop/appv-v5/getting-started-with-app-v-50--rtm.md
+++ b/mdop/appv-v5/getting-started-with-app-v-50--rtm.md
@@ -78,10 +78,10 @@ App-V consists of the following elements:
For more information about these elements, see [High Level Architecture for App-V 5.0](high-level-architecture-for-app-v-50.md).
-If you are new to this product, we recommend that you read the documentation thoroughly. Before you deploy it to a production environment, we also recommend that you validate your deployment plan in a test network environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at .
+If you are new to this product, we recommend that you read the documentation thoroughly. Before you deploy it to a production environment, we also recommend that you validate your deployment plan in a test network environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at .
**Note**
-A downloadable version of this administrator’s guide is not available. However, you can learn about a special mode of the TechNet Library that allows you to select articles, group them in a collection, and print them or export them to a file at (http://go.microsoft.com/fwlink/?LinkId=272491).
+A downloadable version of this administrator’s guide is not available. However, you can learn about a special mode of the TechNet Library that allows you to select articles, group them in a collection, and print them or export them to a file at (https://go.microsoft.com/fwlink/?LinkId=272491).
diff --git a/mdop/appv-v5/getting-started-with-app-v-51.md b/mdop/appv-v5/getting-started-with-app-v-51.md
index a52ed5a6af..345a6d90cc 100644
--- a/mdop/appv-v5/getting-started-with-app-v-51.md
+++ b/mdop/appv-v5/getting-started-with-app-v-51.md
@@ -78,10 +78,10 @@ App-V consists of the following elements:
For more information about these elements, see [High Level Architecture for App-V 5.1](high-level-architecture-for-app-v-51.md).
-If you are new to this product, we recommend that you read the documentation thoroughly. Before you deploy it to a production environment, we also recommend that you validate your deployment plan in a test network environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at .
+If you are new to this product, we recommend that you read the documentation thoroughly. Before you deploy it to a production environment, we also recommend that you validate your deployment plan in a test network environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at .
**Note**
-A downloadable version of this administrator’s guide is not available. However, you can learn about a special mode of the TechNet Library that allows you to select articles, group them in a collection, and print them or export them to a file at (http://go.microsoft.com/fwlink/?LinkId=272491).
+A downloadable version of this administrator’s guide is not available. However, you can learn about a special mode of the TechNet Library that allows you to select articles, group them in a collection, and print them or export them to a file at (https://go.microsoft.com/fwlink/?LinkId=272491).
diff --git a/mdop/appv-v5/how-to-deploy-app-v-50-packages-using-electronic-software-distribution.md b/mdop/appv-v5/how-to-deploy-app-v-50-packages-using-electronic-software-distribution.md
index 0c26992a88..e173b618dd 100644
--- a/mdop/appv-v5/how-to-deploy-app-v-50-packages-using-electronic-software-distribution.md
+++ b/mdop/appv-v5/how-to-deploy-app-v-50-packages-using-electronic-software-distribution.md
@@ -56,7 +56,7 @@ Use one of the following methods to publish packages to App-V client computers w
3. After you create the virtual application, deploy the package by using your ESD solution.
- If you are using System Center Configuration Manager, start by reviewing [Introduction to Application Management in Configuration Manager](http://go.microsoft.com/fwlink/?LinkId=281816) for information about using App-V 5.0 and System Center 2012 Configuration Manager.
+ If you are using System Center Configuration Manager, start by reviewing [Introduction to Application Management in Configuration Manager](https://go.microsoft.com/fwlink/?LinkId=281816) for information about using App-V 5.0 and System Center 2012 Configuration Manager.
**Got a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issu**e? Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv).
diff --git a/mdop/appv-v5/how-to-deploy-app-v-51-packages-using-electronic-software-distribution.md b/mdop/appv-v5/how-to-deploy-app-v-51-packages-using-electronic-software-distribution.md
index 57d35ae0fd..8dc2d96f99 100644
--- a/mdop/appv-v5/how-to-deploy-app-v-51-packages-using-electronic-software-distribution.md
+++ b/mdop/appv-v5/how-to-deploy-app-v-51-packages-using-electronic-software-distribution.md
@@ -56,7 +56,7 @@ Use one of the following methods to publish packages to App-V client computers w
3. After you create the virtual application, deploy the package by using your ESD solution.
- If you are using System Center Configuration Manager, start by reviewing [Introduction to Application Management in Configuration Manager](http://go.microsoft.com/fwlink/?LinkId=281816) for information about using App-V 5.1 and System Center 2012 Configuration Manager.
+ If you are using System Center Configuration Manager, start by reviewing [Introduction to Application Management in Configuration Manager](https://go.microsoft.com/fwlink/?LinkId=281816) for information about using App-V 5.1 and System Center 2012 Configuration Manager.
**Got a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv).
diff --git a/mdop/appv-v5/how-to-install-the-app-v-50-client-for-shared-content-store-mode.md b/mdop/appv-v5/how-to-install-the-app-v-50-client-for-shared-content-store-mode.md
index 665ed2cb64..a457bb620d 100644
--- a/mdop/appv-v5/how-to-install-the-app-v-50-client-for-shared-content-store-mode.md
+++ b/mdop/appv-v5/how-to-install-the-app-v-50-client-for-shared-content-store-mode.md
@@ -20,7 +20,7 @@ Before performing this procedure if necessary uninstall any existing version of
-For more information about SCS mode, see [Shared Content Store in Microsoft App-V 5.0 – Behind the Scenes](http://go.microsoft.com/fwlink/?LinkId=316879) (http://go.microsoft.com/fwlink/?LinkId=316879).
+For more information about SCS mode, see [Shared Content Store in Microsoft App-V 5.0 – Behind the Scenes](https://go.microsoft.com/fwlink/?LinkId=316879) (https://go.microsoft.com/fwlink/?LinkId=316879).
**Install and configure the App-V 5.0 client for SCS mode**
diff --git a/mdop/appv-v5/how-to-install-the-app-v-51-client-for-shared-content-store-mode.md b/mdop/appv-v5/how-to-install-the-app-v-51-client-for-shared-content-store-mode.md
index 5db3961fc1..a6ec22970a 100644
--- a/mdop/appv-v5/how-to-install-the-app-v-51-client-for-shared-content-store-mode.md
+++ b/mdop/appv-v5/how-to-install-the-app-v-51-client-for-shared-content-store-mode.md
@@ -20,7 +20,7 @@ Before performing this procedure if necessary uninstall any existing version of
-For more information about SCS mode, see [Shared Content Store in Microsoft App-V 5.0 – Behind the Scenes](http://go.microsoft.com/fwlink/?LinkId=316879) (http://go.microsoft.com/fwlink/?LinkId=316879).
+For more information about SCS mode, see [Shared Content Store in Microsoft App-V 5.0 – Behind the Scenes](https://go.microsoft.com/fwlink/?LinkId=316879) (https://go.microsoft.com/fwlink/?LinkId=316879).
**Install and configure the App-V 5.1 client for SCS mode**
diff --git a/mdop/appv-v5/how-to-manage-app-v-50-packages-running-on-a-stand-alone-computer-by-using-powershell.md b/mdop/appv-v5/how-to-manage-app-v-50-packages-running-on-a-stand-alone-computer-by-using-powershell.md
index 002ace03c3..64a701c578 100644
--- a/mdop/appv-v5/how-to-manage-app-v-50-packages-running-on-a-stand-alone-computer-by-using-powershell.md
+++ b/mdop/appv-v5/how-to-manage-app-v-50-packages-running-on-a-stand-alone-computer-by-using-powershell.md
@@ -168,7 +168,7 @@ Use the following information to remove a package from the computer.
**Example**: Remove-AppvClientPackage “ContosoApplication”
**Note**
-App-V cmdlets have been assigned to variables for the previous examples for clarity only; assignment is not a requirement. Most cmdlets can be combined as displayed in [To add and publish a package](#bkmk-add-pub-pkg-standalone-posh). For a detailed tutorial, see [App-V 5.0 Client PowerShell Deep Dive](http://go.microsoft.com/fwlink/?LinkId=324466).
+App-V cmdlets have been assigned to variables for the previous examples for clarity only; assignment is not a requirement. Most cmdlets can be combined as displayed in [To add and publish a package](#bkmk-add-pub-pkg-standalone-posh). For a detailed tutorial, see [App-V 5.0 Client PowerShell Deep Dive](https://go.microsoft.com/fwlink/?LinkId=324466).
diff --git a/mdop/appv-v5/how-to-manage-app-v-51-packages-running-on-a-stand-alone-computer-by-using-powershell.md b/mdop/appv-v5/how-to-manage-app-v-51-packages-running-on-a-stand-alone-computer-by-using-powershell.md
index 045445d18b..e9326746d0 100644
--- a/mdop/appv-v5/how-to-manage-app-v-51-packages-running-on-a-stand-alone-computer-by-using-powershell.md
+++ b/mdop/appv-v5/how-to-manage-app-v-51-packages-running-on-a-stand-alone-computer-by-using-powershell.md
@@ -168,7 +168,7 @@ Use the following information to remove a package from the computer.
**Example**: Remove-AppvClientPackage “ContosoApplication”
**Note**
-App-V cmdlets have been assigned to variables for the previous examples for clarity only; assignment is not a requirement. Most cmdlets can be combined as displayed in [To add and publish a package](#bkmk-add-pub-pkg-standalone-posh). For a detailed tutorial, see [App-V 5.0 Client PowerShell Deep Dive](http://go.microsoft.com/fwlink/?LinkId=324466).
+App-V cmdlets have been assigned to variables for the previous examples for clarity only; assignment is not a requirement. Most cmdlets can be combined as displayed in [To add and publish a package](#bkmk-add-pub-pkg-standalone-posh). For a detailed tutorial, see [App-V 5.0 Client PowerShell Deep Dive](https://go.microsoft.com/fwlink/?LinkId=324466).
diff --git a/mdop/appv-v5/how-to-modify-app-v-50-client-configuration-using-the-admx-template-and-group-policy.md b/mdop/appv-v5/how-to-modify-app-v-50-client-configuration-using-the-admx-template-and-group-policy.md
index 74d46be60b..daf5ce0ce1 100644
--- a/mdop/appv-v5/how-to-modify-app-v-50-client-configuration-using-the-admx-template-and-group-policy.md
+++ b/mdop/appv-v5/how-to-modify-app-v-50-client-configuration-using-the-admx-template-and-group-policy.md
@@ -20,7 +20,7 @@ Use the App-V 5.0 ADMX template to configure App-V 5.0 client settings using the
1. To modify the App-V 5.0 client configuration, locate the **ADMXTemplate** files that are available with App-V 5.0.
**Note**
- Use the following link to download the App-V 5.0 **ADMX Templates**: .
+ Use the following link to download the App-V 5.0 **ADMX Templates**: .
diff --git a/mdop/appv-v5/how-to-modify-app-v-51-client-configuration-using-the-admx-template-and-group-policy.md b/mdop/appv-v5/how-to-modify-app-v-51-client-configuration-using-the-admx-template-and-group-policy.md
index 5b2fbda5e8..d52f3cb261 100644
--- a/mdop/appv-v5/how-to-modify-app-v-51-client-configuration-using-the-admx-template-and-group-policy.md
+++ b/mdop/appv-v5/how-to-modify-app-v-51-client-configuration-using-the-admx-template-and-group-policy.md
@@ -20,7 +20,7 @@ Use the Microsoft Application Virtualization (App-V) 5.1 ADMX template to config
1. To modify the App-V 5.1 client configuration, locate the **ADMXTemplate** files that are available with App-V 5.1.
**Note**
- Use the following link to download the App-V 5.1 **ADMX Templates**: .
+ Use the following link to download the App-V 5.1 **ADMX Templates**: .
diff --git a/mdop/appv-v5/index.md b/mdop/appv-v5/index.md
index 595ae97ee5..32649ad47e 100644
--- a/mdop/appv-v5/index.md
+++ b/mdop/appv-v5/index.md
@@ -37,11 +37,11 @@ View updated product information and known issues for App-V 5.0 SP2.
[Release Notes for App-V 5.0](release-notes-for-app-v-50.md)
View updated product information and known issues for App-V 5.0.
-[MDOP TechCenter Page](http://go.microsoft.com/fwlink/p/?LinkId=225286)
+[MDOP TechCenter Page](https://go.microsoft.com/fwlink/p/?LinkId=225286)
Learn about the latest MDOP information and resources.
-[MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032)
-Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28http://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28http://go.microsoft.com/fwlink/p/?LinkId=242447).
+[MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032)
+Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28https://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28https://go.microsoft.com/fwlink/p/?LinkId=242447).
## Got a suggestion for App-V?
diff --git a/mdop/appv-v5/migrating-from-a-previous-version-app-v-50.md b/mdop/appv-v5/migrating-from-a-previous-version-app-v-50.md
index 61dfa74130..bce39362ac 100644
--- a/mdop/appv-v5/migrating-from-a-previous-version-app-v-50.md
+++ b/mdop/appv-v5/migrating-from-a-previous-version-app-v-50.md
@@ -183,7 +183,7 @@ Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-micros
[Operations for App-V 5.0](operations-for-app-v-50.md)
-[A simplified Microsoft App-V 5.1 Management Server upgrade procedure](http://go.microsoft.com/fwlink/p/?LinkId=786330)
+[A simplified Microsoft App-V 5.1 Management Server upgrade procedure](https://go.microsoft.com/fwlink/p/?LinkId=786330)
diff --git a/mdop/appv-v5/migrating-to-app-v-51-from-a-previous-version.md b/mdop/appv-v5/migrating-to-app-v-51-from-a-previous-version.md
index 9ebb64b839..66c6dbe443 100644
--- a/mdop/appv-v5/migrating-to-app-v-51-from-a-previous-version.md
+++ b/mdop/appv-v5/migrating-to-app-v-51-from-a-previous-version.md
@@ -319,7 +319,7 @@ Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-micros
[Operations for App-V 5.1](operations-for-app-v-51.md)
-[A simplified Microsoft App-V 5.1 Management Server upgrade procedure](http://go.microsoft.com/fwlink/p/?LinkId=786330)
+[A simplified Microsoft App-V 5.1 Management Server upgrade procedure](https://go.microsoft.com/fwlink/p/?LinkId=786330)
diff --git a/mdop/appv-v5/performance-guidance-for-application-virtualization-50.md b/mdop/appv-v5/performance-guidance-for-application-virtualization-50.md
index e2f3c105d7..7d40072283 100644
--- a/mdop/appv-v5/performance-guidance-for-application-virtualization-50.md
+++ b/mdop/appv-v5/performance-guidance-for-application-virtualization-50.md
@@ -21,9 +21,9 @@ You should read and understand the following information before reading this doc
- [Microsoft Application Virtualization 5.0 Administrator's Guide](microsoft-application-virtualization-50-administrators-guide.md)
-- [App-V 5 SP2 Application Publishing and Client Interaction](http://go.microsoft.com/fwlink/?LinkId=395206)
+- [App-V 5 SP2 Application Publishing and Client Interaction](https://go.microsoft.com/fwlink/?LinkId=395206)
-- [Microsoft Application Virtualization 5.0 Sequencing Guide](http://go.microsoft.com/fwlink/?LinkId=269953)
+- [Microsoft Application Virtualization 5.0 Sequencing Guide](https://go.microsoft.com/fwlink/?LinkId=269953)
**Note**
Some terms used in this document may have different meanings depending on external source and context. For more information about terms used in this document followed by an asterisk **\*** review the [Application Virtualization Performance Guidance Terminology](#bkmk-terms1) section of this document.
diff --git a/mdop/appv-v5/performance-guidance-for-application-virtualization-51.md b/mdop/appv-v5/performance-guidance-for-application-virtualization-51.md
index 00d873e79f..eae8fc5f75 100644
--- a/mdop/appv-v5/performance-guidance-for-application-virtualization-51.md
+++ b/mdop/appv-v5/performance-guidance-for-application-virtualization-51.md
@@ -21,9 +21,9 @@ You should read and understand the following information before reading this doc
- [Microsoft Application Virtualization 5.1 Administrator's Guide](microsoft-application-virtualization-51-administrators-guide.md)
-- [App-V 5 SP2 Application Publishing and Client Interaction](http://go.microsoft.com/fwlink/?LinkId=395206)
+- [App-V 5 SP2 Application Publishing and Client Interaction](https://go.microsoft.com/fwlink/?LinkId=395206)
-- [Microsoft Application Virtualization Sequencing Guide](http://go.microsoft.com/fwlink/?LinkId=269953)
+- [Microsoft Application Virtualization Sequencing Guide](https://go.microsoft.com/fwlink/?LinkId=269953)
**Note**
Some terms used in this document may have different meanings depending on external source and context. For more information about terms used in this document followed by an asterisk **\*** review the [Application Virtualization Performance Guidance Terminology](#bkmk-terms1) section of this document.
diff --git a/mdop/appv-v5/planning-for-high-availability-with-app-v-50.md b/mdop/appv-v5/planning-for-high-availability-with-app-v-50.md
index b3d640ca76..9926bf487d 100644
--- a/mdop/appv-v5/planning-for-high-availability-with-app-v-50.md
+++ b/mdop/appv-v5/planning-for-high-availability-with-app-v-50.md
@@ -43,16 +43,16 @@ Review the following for more information about configuring IIS and Network Load
- Provides information about configuring Internet Information Services (IIS) 7.0.
- [Achieving High Availability and Scalability - ARR and NLB](http://go.microsoft.com/fwlink/?LinkId=316369) (http://go.microsoft.com/fwlink/?LinkId=316369)
+ [Achieving High Availability and Scalability - ARR and NLB](https://go.microsoft.com/fwlink/?LinkId=316369) (https://go.microsoft.com/fwlink/?LinkId=316369)
- Configuring Microsoft Windows Server
- [Network Load Balancing](http://go.microsoft.com/fwlink/?LinkId=316370) (http://go.microsoft.com/fwlink/?LinkId=316370).
+ [Network Load Balancing](https://go.microsoft.com/fwlink/?LinkId=316370) (https://go.microsoft.com/fwlink/?LinkId=316370).
This information also applies to IIS Network Load Balancing (NLB) clusters in Windows Server 2008, Windows Server 2008 R2, or Windows Server 2012.
**Note**
- The IIS Network Load Balancing functionality in Windows Server 2012 is generally the same as in Windows Server 2008 R2. However, some task details are changed in Windows Server 2012. For information on new ways to do tasks, see [Common Management Tasks and Navigation in Windows Server 2012 R2 Preview and Windows Server 2012](http://go.microsoft.com/fwlink/?LinkId=316371) (http://go.microsoft.com/fwlink/?LinkId=316371).
+ The IIS Network Load Balancing functionality in Windows Server 2012 is generally the same as in Windows Server 2008 R2. However, some task details are changed in Windows Server 2012. For information on new ways to do tasks, see [Common Management Tasks and Navigation in Windows Server 2012 R2 Preview and Windows Server 2012](https://go.microsoft.com/fwlink/?LinkId=316371) (https://go.microsoft.com/fwlink/?LinkId=316371).
@@ -77,9 +77,9 @@ The following steps can be used to validate the configuration:
Review the following for more information about configuring Windows Server Failover clusters:
-- [Checklist: Create a Clustered File Server](http://go.microsoft.com/fwlink/?LinkId=316372) (http://go.microsoft.com/fwlink/?LinkId=316372).
+- [Checklist: Create a Clustered File Server](https://go.microsoft.com/fwlink/?LinkId=316372) (https://go.microsoft.com/fwlink/?LinkId=316372).
-- [Use Cluster Shared Volumes in a Windows Server 2012 Failover Cluster](http://go.microsoft.com/fwlink/?LinkId=316373) (http://go.microsoft.com/fwlink/?LinkId=316373).
+- [Use Cluster Shared Volumes in a Windows Server 2012 Failover Cluster](https://go.microsoft.com/fwlink/?LinkId=316373) (https://go.microsoft.com/fwlink/?LinkId=316373).
## Support for Microsoft SQL Server Mirroring
@@ -88,9 +88,9 @@ Using Microsoft SQL Server mirroring, where the App-V 5.0 management server data
Review the following for more information about configuring Microsoft SQL Server Mirroring:
-- [How to: Prepare a Mirror Database for Mirroring (Transact-SQL)](http://go.microsoft.com/fwlink/?LinkId=316375) (http://go.microsoft.com/fwlink/?LinkId=316375)
+- [How to: Prepare a Mirror Database for Mirroring (Transact-SQL)](https://go.microsoft.com/fwlink/?LinkId=316375) (https://go.microsoft.com/fwlink/?LinkId=316375)
-- [Establish a Database Mirroring Session Using Windows Authentication (SQL Server Management Studio)](http://go.microsoft.com/fwlink/?LinkId=316377) (http://go.microsoft.com/fwlink/?LinkId=316377)
+- [Establish a Database Mirroring Session Using Windows Authentication (SQL Server Management Studio)](https://go.microsoft.com/fwlink/?LinkId=316377) (https://go.microsoft.com/fwlink/?LinkId=316377)
The following steps can be used to validate the configuration:
@@ -124,13 +124,13 @@ This topic describes how to change the Windows registry by using Registry Editor
Click any of the following links for more information:
-- [How to: Prepare a Mirror Database for Mirroring (Transact-SQL)](http://go.microsoft.com/fwlink/?LinkId=394235) (http://go.microsoft.com/fwlink/?LinkId=394235).
+- [How to: Prepare a Mirror Database for Mirroring (Transact-SQL)](https://go.microsoft.com/fwlink/?LinkId=394235) (https://go.microsoft.com/fwlink/?LinkId=394235).
-- [How to: Configure a Database Mirroring Session (SQL Server Management Studio)](http://go.microsoft.com/fwlink/?LinkId=394236) (http://go.microsoft.com/fwlink/?LinkId=394236).
+- [How to: Configure a Database Mirroring Session (SQL Server Management Studio)](https://go.microsoft.com/fwlink/?LinkId=394236) (https://go.microsoft.com/fwlink/?LinkId=394236).
-- [Establish a Database Mirroring Session Using Windows Authentication (SQL Server Management Studio)](http://go.microsoft.com/fwlink/?LinkId=394237) (http://go.microsoft.com/fwlink/?LinkId=394237).
+- [Establish a Database Mirroring Session Using Windows Authentication (SQL Server Management Studio)](https://go.microsoft.com/fwlink/?LinkId=394237) (https://go.microsoft.com/fwlink/?LinkId=394237).
-- [Deprecated Database Engine Features in SQL Server 2012](http://go.microsoft.com/fwlink/?LinkId=394238) (http://go.microsoft.com/fwlink/?LinkId=394238).
+- [Deprecated Database Engine Features in SQL Server 2012](https://go.microsoft.com/fwlink/?LinkId=394238) (https://go.microsoft.com/fwlink/?LinkId=394238).
## Support for Microsoft SQL Server Always On configuration
diff --git a/mdop/appv-v5/planning-for-high-availability-with-app-v-51.md b/mdop/appv-v5/planning-for-high-availability-with-app-v-51.md
index 86d1ce0564..02824b3260 100644
--- a/mdop/appv-v5/planning-for-high-availability-with-app-v-51.md
+++ b/mdop/appv-v5/planning-for-high-availability-with-app-v-51.md
@@ -43,16 +43,16 @@ Review the following for more information about configuring IIS and Network Load
- Provides information about configuring Internet Information Services (IIS) 7.0.
- [Achieving High Availability and Scalability - ARR and NLB](http://go.microsoft.com/fwlink/?LinkId=316369) (http://go.microsoft.com/fwlink/?LinkId=316369)
+ [Achieving High Availability and Scalability - ARR and NLB](https://go.microsoft.com/fwlink/?LinkId=316369) (https://go.microsoft.com/fwlink/?LinkId=316369)
- Configuring Microsoft Windows Server
- [Network Load Balancing](http://go.microsoft.com/fwlink/?LinkId=316370) (http://go.microsoft.com/fwlink/?LinkId=316370).
+ [Network Load Balancing](https://go.microsoft.com/fwlink/?LinkId=316370) (https://go.microsoft.com/fwlink/?LinkId=316370).
This information also applies to IIS Network Load Balancing (NLB) clusters in Windows Server 2008, Windows Server 2008 R2, or Windows Server 2012.
**Note**
- The IIS Network Load Balancing functionality in Windows Server 2012 is generally the same as in Windows Server 2008 R2. However, some task details are changed in Windows Server 2012. For information on new ways to do tasks, see [Common Management Tasks and Navigation in Windows Server 2012 R2 Preview and Windows Server 2012](http://go.microsoft.com/fwlink/?LinkId=316371) (http://go.microsoft.com/fwlink/?LinkId=316371).
+ The IIS Network Load Balancing functionality in Windows Server 2012 is generally the same as in Windows Server 2008 R2. However, some task details are changed in Windows Server 2012. For information on new ways to do tasks, see [Common Management Tasks and Navigation in Windows Server 2012 R2 Preview and Windows Server 2012](https://go.microsoft.com/fwlink/?LinkId=316371) (https://go.microsoft.com/fwlink/?LinkId=316371).
@@ -77,9 +77,9 @@ The following steps can be used to validate the configuration:
Review the following for more information about configuring Windows Server Failover clusters:
-- [Checklist: Create a Clustered File Server](http://go.microsoft.com/fwlink/?LinkId=316372) (http://go.microsoft.com/fwlink/?LinkId=316372).
+- [Checklist: Create a Clustered File Server](https://go.microsoft.com/fwlink/?LinkId=316372) (https://go.microsoft.com/fwlink/?LinkId=316372).
-- [Use Cluster Shared Volumes in a Windows Server 2012 Failover Cluster](http://go.microsoft.com/fwlink/?LinkId=316373) (http://go.microsoft.com/fwlink/?LinkId=316373).
+- [Use Cluster Shared Volumes in a Windows Server 2012 Failover Cluster](https://go.microsoft.com/fwlink/?LinkId=316373) (https://go.microsoft.com/fwlink/?LinkId=316373).
## Support for Microsoft SQL Server Mirroring
@@ -88,9 +88,9 @@ Using Microsoft SQL Server mirroring, where the App-V 5.1 management server data
Review the following for more information about configuring Microsoft SQL Server Mirroring:
-- [How to: Prepare a Mirror Database for Mirroring (Transact-SQL)](http://go.microsoft.com/fwlink/?LinkId=316375) (http://go.microsoft.com/fwlink/?LinkId=316375)
+- [How to: Prepare a Mirror Database for Mirroring (Transact-SQL)](https://go.microsoft.com/fwlink/?LinkId=316375) (https://go.microsoft.com/fwlink/?LinkId=316375)
-- [Establish a Database Mirroring Session Using Windows Authentication (SQL Server Management Studio)](http://go.microsoft.com/fwlink/?LinkId=316377) (http://go.microsoft.com/fwlink/?LinkId=316377)
+- [Establish a Database Mirroring Session Using Windows Authentication (SQL Server Management Studio)](https://go.microsoft.com/fwlink/?LinkId=316377) (https://go.microsoft.com/fwlink/?LinkId=316377)
The following steps can be used to validate the configuration:
@@ -124,13 +124,13 @@ This topic describes how to change the Windows registry by using Registry Editor
Click any of the following links for more information:
-- [How to: Prepare a Mirror Database for Mirroring (Transact-SQL)](http://go.microsoft.com/fwlink/?LinkId=394235) (http://go.microsoft.com/fwlink/?LinkId=394235).
+- [How to: Prepare a Mirror Database for Mirroring (Transact-SQL)](https://go.microsoft.com/fwlink/?LinkId=394235) (https://go.microsoft.com/fwlink/?LinkId=394235).
-- [How to: Configure a Database Mirroring Session (SQL Server Management Studio)](http://go.microsoft.com/fwlink/?LinkId=394236) (http://go.microsoft.com/fwlink/?LinkId=394236).
+- [How to: Configure a Database Mirroring Session (SQL Server Management Studio)](https://go.microsoft.com/fwlink/?LinkId=394236) (https://go.microsoft.com/fwlink/?LinkId=394236).
-- [Establish a Database Mirroring Session Using Windows Authentication (SQL Server Management Studio)](http://go.microsoft.com/fwlink/?LinkId=394237) (http://go.microsoft.com/fwlink/?LinkId=394237).
+- [Establish a Database Mirroring Session Using Windows Authentication (SQL Server Management Studio)](https://go.microsoft.com/fwlink/?LinkId=394237) (https://go.microsoft.com/fwlink/?LinkId=394237).
-- [Deprecated Database Engine Features in SQL Server 2012](http://go.microsoft.com/fwlink/?LinkId=394238) (http://go.microsoft.com/fwlink/?LinkId=394238).
+- [Deprecated Database Engine Features in SQL Server 2012](https://go.microsoft.com/fwlink/?LinkId=394238) (https://go.microsoft.com/fwlink/?LinkId=394238).
## Support for Microsoft SQL Server Always On configuration
diff --git a/mdop/appv-v5/planning-for-using-app-v-with-office.md b/mdop/appv-v5/planning-for-using-app-v-with-office.md
index b1ffa81b34..477dfb7dd4 100644
--- a/mdop/appv-v5/planning-for-using-app-v-with-office.md
+++ b/mdop/appv-v5/planning-for-using-app-v-with-office.md
@@ -292,7 +292,7 @@ The Office 2013 App-V package supports the following integration points with the
Active X Controls: |
-For more information on ActiveX controls, refer to [ActiveX Control API Reference](http://go.microsoft.com/fwlink/p/?LinkId=331361). |
+For more information on ActiveX controls, refer to [ActiveX Control API Reference](https://go.microsoft.com/fwlink/p/?LinkId=331361). |
Groove.SiteClient |
diff --git a/mdop/appv-v5/planning-for-using-app-v-with-office51.md b/mdop/appv-v5/planning-for-using-app-v-with-office51.md
index 031528c7a8..c6edab05da 100644
--- a/mdop/appv-v5/planning-for-using-app-v-with-office51.md
+++ b/mdop/appv-v5/planning-for-using-app-v-with-office51.md
@@ -296,7 +296,7 @@ The Office 2013 App-V package supports the following integration points with the
Active X Controls: |
-For more information on ActiveX controls, refer to [ActiveX Control API Reference](http://go.microsoft.com/fwlink/p/?LinkId=331361). |
+For more information on ActiveX controls, refer to [ActiveX Control API Reference](https://go.microsoft.com/fwlink/p/?LinkId=331361). |
Groove.SiteClient |
diff --git a/mdop/appv-v5/planning-to-deploy-app-v-50-with-an-electronic-software-distribution-system.md b/mdop/appv-v5/planning-to-deploy-app-v-50-with-an-electronic-software-distribution-system.md
index cad59aab8b..e5cdaf09d2 100644
--- a/mdop/appv-v5/planning-to-deploy-app-v-50-with-an-electronic-software-distribution-system.md
+++ b/mdop/appv-v5/planning-to-deploy-app-v-50-with-an-electronic-software-distribution-system.md
@@ -13,7 +13,7 @@ ms.prod: w10
# Planning to Deploy App-V 5.0 with an Electronic Software Distribution System
-If you are using an electronic software distribution system to deploy App-V packages, review the following planning considerations. For information about using System Center Configuration Manager to deploy App-V, see [Introduction to Application Management in Configuration Manager](http://go.microsoft.com/fwlink/?LinkId=281816).
+If you are using an electronic software distribution system to deploy App-V packages, review the following planning considerations. For information about using System Center Configuration Manager to deploy App-V, see [Introduction to Application Management in Configuration Manager](https://go.microsoft.com/fwlink/?LinkId=281816).
Review the following component and architecture requirements options that apply when you use an ESD to deploy App-V packages:
diff --git a/mdop/appv-v5/planning-to-deploy-app-v-51-with-an-electronic-software-distribution-system.md b/mdop/appv-v5/planning-to-deploy-app-v-51-with-an-electronic-software-distribution-system.md
index 63025c63a7..28262e158a 100644
--- a/mdop/appv-v5/planning-to-deploy-app-v-51-with-an-electronic-software-distribution-system.md
+++ b/mdop/appv-v5/planning-to-deploy-app-v-51-with-an-electronic-software-distribution-system.md
@@ -13,7 +13,7 @@ ms.prod: w10
# Planning to Deploy App-V 5.1 with an Electronic Software Distribution System
-If you are using an electronic software distribution system to deploy App-V packages, review the following planning considerations. For information about using System Center Configuration Manager to deploy App-V, see [Introduction to Application Management in Configuration Manager](http://go.microsoft.com/fwlink/?LinkId=281816).
+If you are using an electronic software distribution system to deploy App-V packages, review the following planning considerations. For information about using System Center Configuration Manager to deploy App-V, see [Introduction to Application Management in Configuration Manager](https://go.microsoft.com/fwlink/?LinkId=281816).
Review the following component and architecture requirements options that apply when you use an ESD to deploy App-V packages:
diff --git a/mdop/appv-v5/release-notes-for-app-v-50-sp1.md b/mdop/appv-v5/release-notes-for-app-v-50-sp1.md
index 5de0457e2e..6d617d34bd 100644
--- a/mdop/appv-v5/release-notes-for-app-v-50-sp1.md
+++ b/mdop/appv-v5/release-notes-for-app-v-50-sp1.md
@@ -34,9 +34,9 @@ This email address is not a support channel, but your feedback will help us to p
-For the latest information about MDOP and additional learning resources, see the [MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032) page.
+For the latest information about MDOP and additional learning resources, see the [MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032) page.
-For more information about new updates or to provide feedback, follow us on [Facebook](http://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](http://go.microsoft.com/fwlink/p/?LinkId=242447).
+For more information about new updates or to provide feedback, follow us on [Facebook](https://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](https://go.microsoft.com/fwlink/p/?LinkId=242447).
## Known Issues with App-V 5.0 SP1
diff --git a/mdop/appv-v5/release-notes-for-app-v-50-sp2.md b/mdop/appv-v5/release-notes-for-app-v-50-sp2.md
index f3f88d512f..98cda38565 100644
--- a/mdop/appv-v5/release-notes-for-app-v-50-sp2.md
+++ b/mdop/appv-v5/release-notes-for-app-v-50-sp2.md
@@ -34,9 +34,9 @@ This email address is not a support channel, but your feedback will help us to p
-For the latest information about MDOP and additional learning resources, see the [MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032) page.
+For the latest information about MDOP and additional learning resources, see the [MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032) page.
-For more information about new updates or to provide feedback, follow us on [Facebook](http://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](http://go.microsoft.com/fwlink/p/?LinkId=242447).
+For more information about new updates or to provide feedback, follow us on [Facebook](https://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](https://go.microsoft.com/fwlink/p/?LinkId=242447).
## Known Issues with Hotfix Package 4 for Application Virtualization 5.0 SP2
@@ -125,7 +125,7 @@ The first time that end users start an application in the package after they log
### App-V 5.0 Service Pack 2 (App-V 5.0 SP2) does not include a new version of the App-V Server
-App-V 5.0 SP2 does not include a new version of the App-V Server. If you deploy App-V 5.0 SP2 clients running Windows 8.1 in your environment and plan to manage the clients using the App-V infrastructure, you must install [Hotfix Package 2 for Microsoft Application Virtualization 5.0 Service Pack 1](http://go.microsoft.com/fwlink/?LinkId=386634). (http://go.microsoft.com/fwlink/?LinkId=386634)
+App-V 5.0 SP2 does not include a new version of the App-V Server. If you deploy App-V 5.0 SP2 clients running Windows 8.1 in your environment and plan to manage the clients using the App-V infrastructure, you must install [Hotfix Package 2 for Microsoft Application Virtualization 5.0 Service Pack 1](https://go.microsoft.com/fwlink/?LinkId=386634). (https://go.microsoft.com/fwlink/?LinkId=386634)
If you are running and managing App-V 5.0 SP2 clients using any of the following methods no client update is required:
diff --git a/mdop/appv-v5/release-notes-for-app-v-50.md b/mdop/appv-v5/release-notes-for-app-v-50.md
index 2df214ccdb..7ee8552e81 100644
--- a/mdop/appv-v5/release-notes-for-app-v-50.md
+++ b/mdop/appv-v5/release-notes-for-app-v-50.md
@@ -34,9 +34,9 @@ This email address is not a support channel, but your feedback will help us to p
-For the latest information about MDOP and additional learning resources, see the [MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032) page.
+For the latest information about MDOP and additional learning resources, see the [MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032) page.
-For more information about new updates or to provide feedback, follow us on [Facebook](http://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](http://go.microsoft.com/fwlink/p/?LinkId=242447).
+For more information about new updates or to provide feedback, follow us on [Facebook](https://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](https://go.microsoft.com/fwlink/p/?LinkId=242447).
## Known Issues with App-V 5.0
diff --git a/mdop/appv-v5/troubleshooting-app-v-50.md b/mdop/appv-v5/troubleshooting-app-v-50.md
index 8bffb9304f..9a76a66e8f 100644
--- a/mdop/appv-v5/troubleshooting-app-v-50.md
+++ b/mdop/appv-v5/troubleshooting-app-v-50.md
@@ -13,7 +13,7 @@ ms.prod: w10
# Troubleshooting App-V 5.0
-Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905).
+Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905).
## How to Find Troubleshooting Content
@@ -28,7 +28,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the MDOP product documentation**
-1. Use a web browser to navigate to the [MDOP Information Experience](http://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
+1. Use a web browser to navigate to the [MDOP Information Experience](https://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
2. Enter applicable search terms in the **Search TechNet with Bing** search box at the top of the MDOP Information Experience home page.
@@ -36,7 +36,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the TechNet Wiki**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Enter applicable search terms in the **Search TechNet Wiki** search box on the TechNet Wiki home page.
@@ -49,7 +49,7 @@ If you have a troubleshooting tip or a best practice to share that is not alread
**To create a TechNet Wiki troubleshooting or best practices article**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Log in with your Windows Live ID.
diff --git a/mdop/appv-v5/troubleshooting-app-v-51.md b/mdop/appv-v5/troubleshooting-app-v-51.md
index 734f0b8ff5..b44a3b27b5 100644
--- a/mdop/appv-v5/troubleshooting-app-v-51.md
+++ b/mdop/appv-v5/troubleshooting-app-v-51.md
@@ -13,7 +13,7 @@ ms.prod: w10
# Troubleshooting App-V 5.1
-Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905).
+Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905).
## How to Find Troubleshooting Content
@@ -28,7 +28,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the MDOP product documentation**
-1. Use a web browser to navigate to the [MDOP Information Experience](http://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
+1. Use a web browser to navigate to the [MDOP Information Experience](https://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
2. Enter applicable search terms in the **Search TechNet with Bing** search box at the top of the MDOP Information Experience home page.
@@ -36,7 +36,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the TechNet Wiki**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Enter applicable search terms in the **Search TechNet Wiki** search box on the TechNet Wiki home page.
@@ -49,7 +49,7 @@ If you have a troubleshooting tip or a best practice to share that is not alread
**To create a TechNet Wiki troubleshooting or best practices article**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Log in with your Windows Live ID.
diff --git a/mdop/dart-v10/about-dart-10.md b/mdop/dart-v10/about-dart-10.md
index 109f623a7a..0640700499 100644
--- a/mdop/dart-v10/about-dart-10.md
+++ b/mdop/dart-v10/about-dart-10.md
@@ -77,7 +77,7 @@ DaRT 10 is available in the following languages:
## How to Get MDOP Technologies
-DaRT 10 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049) (http://go.microsoft.com/fwlink/?LinkId=322049).
+DaRT 10 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049).
## Related topics
diff --git a/mdop/dart-v10/accessibility-for-dart-10.md b/mdop/dart-v10/accessibility-for-dart-10.md
index 7e3a6e4cc2..fd48e49ce5 100644
--- a/mdop/dart-v10/accessibility-for-dart-10.md
+++ b/mdop/dart-v10/accessibility-for-dart-10.md
@@ -63,7 +63,7 @@ For information about the availability of Microsoft product documentation and bo
(609) 987-8116 |
-[http://www.learningally.org/](http://go.microsoft.com/fwlink/?linkid=239) |
+[http://www.learningally.org/](https://go.microsoft.com/fwlink/?linkid=239) |
Web addresses can change, so you might be unable to connect to the website or sites mentioned here. |
@@ -85,7 +85,7 @@ Microsoft Support Services are subject to the prices, terms, and conditions in p
## For more information
-For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](http://go.microsoft.com/fwlink/?linkid=8431).
+For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](https://go.microsoft.com/fwlink/?linkid=8431).
## Related topics
diff --git a/mdop/dart-v10/creating-the-dart-10-recovery-image.md b/mdop/dart-v10/creating-the-dart-10-recovery-image.md
index 6ec9e53ef1..8256160e22 100644
--- a/mdop/dart-v10/creating-the-dart-10-recovery-image.md
+++ b/mdop/dart-v10/creating-the-dart-10-recovery-image.md
@@ -131,7 +131,7 @@ If you include the Crash Analyzer tool in the ISO image, you must also include t
If you installed the Microsoft Windows Software Development Kit (SDK) or the Microsoft Windows Development Kit (WDK), the Windows 10 Debugging Tools are added to the recovery image by default, and the path to the Debugging Tools is automatically filled in. You can change the path of the Windows 10 Debugging Tools if the files are located somewhere other than the location indicated by the default file path. A link in the wizard lets you download and install debugging tools for Windows if they are not already installed.
-To download the Windows Debugging Tools, see [Debugging Tools for Windows](http://go.microsoft.com/fwlink/?LinkId=266248). Install the Debugging Tools to the default location.
+To download the Windows Debugging Tools, see [Debugging Tools for Windows](https://go.microsoft.com/fwlink/?LinkId=266248). Install the Debugging Tools to the default location.
**Note**
The DaRT wizard checks for the tools in the `HKLM\Software\Microsoft\Windows Kits\Installed Roots\WindowsDebuggersRoot` registry key. If the registry value is not there, the wizard looks in one of the following locations, depending on your system architecture:
diff --git a/mdop/dart-v10/dart-10-privacy-statement.md b/mdop/dart-v10/dart-10-privacy-statement.md
index 4a652b3b2e..86cfb6143e 100644
--- a/mdop/dart-v10/dart-10-privacy-statement.md
+++ b/mdop/dart-v10/dart-10-privacy-statement.md
@@ -52,7 +52,7 @@ We will occasionally update this privacy statement to reflect changes in our pro
## For More Information
-Microsoft welcomes your comments regarding this privacy statement. If you have questions about this statement or believe that we have not adhered to it, please [contact us](http://go.microsoft.com/fwlink/?LinkID=245853).
+Microsoft welcomes your comments regarding this privacy statement. If you have questions about this statement or believe that we have not adhered to it, please [contact us](https://go.microsoft.com/fwlink/?LinkID=245853).
Microsoft PrivacyMicrosoft CorporationOne Microsoft WayRedmond, Washington 98052 USA
@@ -68,15 +68,15 @@ Microsoft Update is a service that provides Windows updates as well as updates f
**Information Collected, Processed, or Transmitted:**
-For details about what information is collected and how it is used, see the Update Services Privacy Statement at .
+For details about what information is collected and how it is used, see the Update Services Privacy Statement at .
**Use of Information:**
-For details about what information is collected and how it is used, see the Update Services Privacy Statement at .
+For details about what information is collected and how it is used, see the Update Services Privacy Statement at .
**Choice/Control:**
-For details about controlling this feature, see the Update Services Privacy Statement at [http://go.microsoft.com/fwlink/?LinkId=244000](http://go.microsoft.com/fwlink/?LinkId=244400).
+For details about controlling this feature, see the Update Services Privacy Statement at [https://go.microsoft.com/fwlink/?LinkId=244000](https://go.microsoft.com/fwlink/?LinkId=244400).
## Related topics
diff --git a/mdop/dart-v10/dart-10-supported-configurations.md b/mdop/dart-v10/dart-10-supported-configurations.md
index de6b9f182a..2d008d3a24 100644
--- a/mdop/dart-v10/dart-10-supported-configurations.md
+++ b/mdop/dart-v10/dart-10-supported-configurations.md
@@ -103,7 +103,7 @@ Make sure that you allocate enough space for any additional tools that you want
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/p/?LinkId=31976).
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/p/?LinkId=31976).
diff --git a/mdop/dart-v10/deploying-dart-10-to-administrator-computers.md b/mdop/dart-v10/deploying-dart-10-to-administrator-computers.md
index 9ed61b0530..d19ed538ef 100644
--- a/mdop/dart-v10/deploying-dart-10-to-administrator-computers.md
+++ b/mdop/dart-v10/deploying-dart-10-to-administrator-computers.md
@@ -36,7 +36,7 @@ You can change, repair, or remove the DaRT installation by double-clicking the D
## How to get DaRT 10
-To get the DaRT software, see [How to Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049).
+To get the DaRT software, see [How to Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049).
## Other resources for deploying DaRT 10 to administrator computers
diff --git a/mdop/dart-v10/deploying-dart-10.md b/mdop/dart-v10/deploying-dart-10.md
index ef3667c79c..3e450d791a 100644
--- a/mdop/dart-v10/deploying-dart-10.md
+++ b/mdop/dart-v10/deploying-dart-10.md
@@ -36,7 +36,7 @@ Microsoft Diagnostics and Recovery Toolset (DaRT) 10 supports a number of differ
### How to get DaRT
-This technology is a part of the Microsoft Desktop Optimization Pack (MDOP). Enterprise customers can get MDOP with Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/p/?LinkId=322049) (http://go.microsoft.com/fwlink/p/?LinkId=322049).
+This technology is a part of the Microsoft Desktop Optimization Pack (MDOP). Enterprise customers can get MDOP with Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/p/?LinkId=322049) (https://go.microsoft.com/fwlink/p/?LinkId=322049).
## Other Resources for deploying DaRT
diff --git a/mdop/dart-v10/getting-started-with-dart-10.md b/mdop/dart-v10/getting-started-with-dart-10.md
index e42d71fae1..86a8d667ea 100644
--- a/mdop/dart-v10/getting-started-with-dart-10.md
+++ b/mdop/dart-v10/getting-started-with-dart-10.md
@@ -13,12 +13,12 @@ ms.prod: w10
# Getting Started with DaRT 10
-Microsoft Diagnostics and Recovery Toolset (DaRT) 10 requires thorough planning before you deploy it or use its features. If you are new to this product, we recommend that you read the documentation carefully. Before you deploy the product to a production environment, we also recommend that you validate your deployment plan in a test network environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at [http://go.microsoft.com/fwlink/p/?LinkId=80347](http://go.microsoft.com/fwlink/?LinkId=80347).
+Microsoft Diagnostics and Recovery Toolset (DaRT) 10 requires thorough planning before you deploy it or use its features. If you are new to this product, we recommend that you read the documentation carefully. Before you deploy the product to a production environment, we also recommend that you validate your deployment plan in a test network environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at [https://go.microsoft.com/fwlink/p/?LinkId=80347](https://go.microsoft.com/fwlink/?LinkId=80347).
**Note**
-A downloadable version of this administrator’s guide is not available. However, you can learn about a special mode of the TechNet Library that allows you to select articles, group them in a collection, and print them or export them to a file at (http://go.microsoft.com/fwlink/?LinkId=272493).
+A downloadable version of this administrator’s guide is not available. However, you can learn about a special mode of the TechNet Library that allows you to select articles, group them in a collection, and print them or export them to a file at (https://go.microsoft.com/fwlink/?LinkId=272493).
-Additional downloadable information about this product can also be found at .
+Additional downloadable information about this product can also be found at .
@@ -40,7 +40,7 @@ Additional downloadable information about this product can also be found at Other resources for this product
diff --git a/mdop/dart-v10/how-to-deploy-dart-10.md b/mdop/dart-v10/how-to-deploy-dart-10.md
index 7dbd6d1771..28bd009367 100644
--- a/mdop/dart-v10/how-to-deploy-dart-10.md
+++ b/mdop/dart-v10/how-to-deploy-dart-10.md
@@ -13,7 +13,7 @@ ms.prod: w10
# How to Deploy DaRT 10
-The following instructions explain how to deploy Microsoft Diagnostics and Recovery Toolset (DaRT) 10 in your environment. To get the DaRT software, see [How to Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049). It is assumed that you are installing all functionality on one administrator computer. If you need to deploy or uninstall DaRT 10 on multiple computers, using an electronic software distribution system, for example, it might be easier to use command line installation options. Descriptions and examples of the available command line options are provided in this section.
+The following instructions explain how to deploy Microsoft Diagnostics and Recovery Toolset (DaRT) 10 in your environment. To get the DaRT software, see [How to Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049). It is assumed that you are installing all functionality on one administrator computer. If you need to deploy or uninstall DaRT 10 on multiple computers, using an electronic software distribution system, for example, it might be easier to use command line installation options. Descriptions and examples of the available command line options are provided in this section.
**Important**
Before you install DaRT, see [DaRT 10 Supported Configurations](dart-10-supported-configurations.md) to ensure that you have installed all of the prerequisite software and that the computer meets the minimum system requirements. The computer onto which you install DaRT must be running Windows 10.
diff --git a/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-10.md b/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-10.md
index 999f139443..74f3d457c4 100644
--- a/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-10.md
+++ b/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-10.md
@@ -32,7 +32,7 @@ After you have finished running the Microsoft Diagnostics and Recovery Toolset (
3. Configure the WDS server to use the boot.wim file for DaRT by following your standard WDS deployment procedures.
-For more information about how to deploy DaRT as a remote partition, see [Walkthrough: Deploy an Image by Using PXE](http://go.microsoft.com/fwlink/?LinkId=212108) and [Windows Deployment Services Getting Started Guide](http://go.microsoft.com/fwlink/?LinkId=212106).
+For more information about how to deploy DaRT as a remote partition, see [Walkthrough: Deploy an Image by Using PXE](https://go.microsoft.com/fwlink/?LinkId=212108) and [Windows Deployment Services Getting Started Guide](https://go.microsoft.com/fwlink/?LinkId=212106).
## Related topics
diff --git a/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-10.md b/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-10.md
index bf7628c1c6..3d1ec87121 100644
--- a/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-10.md
+++ b/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-10.md
@@ -34,11 +34,11 @@ After you have finished running the Microsoft Diagnostics and Recovery Toolset (
3. Use the boot.wim file to create a bootable recovery partition by using your company’s standard method for creating a custom Windows RE image.
- For more information about how to create or customize a recovery partition, see [Customizing the Windows RE Experience](http://go.microsoft.com/fwlink/?LinkId=214222).
+ For more information about how to create or customize a recovery partition, see [Customizing the Windows RE Experience](https://go.microsoft.com/fwlink/?LinkId=214222).
4. Replace the target partition in your Windows 10 image with the recovery partition.
- For more information about how to deploy a recovery solution to reinstall the factory image in the event of a system failure, see [Deploy a System Recovery Image](http://go.microsoft.com/fwlink/?LinkId=214221).
+ For more information about how to deploy a recovery solution to reinstall the factory image in the event of a system failure, see [Deploy a System Recovery Image](https://go.microsoft.com/fwlink/?LinkId=214221).
## Related topics
diff --git a/mdop/dart-v10/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-10.md b/mdop/dart-v10/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-10.md
index 03dd4fd404..9731655f49 100644
--- a/mdop/dart-v10/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-10.md
+++ b/mdop/dart-v10/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-10.md
@@ -89,7 +89,7 @@ A file is provided that is named inv32.xml and contains remote connection inform
**To customize the Remote Connection process**
-1. You can customize the Remote Connection process by editing the winpeshl.ini file. For more information about how to edit the winpeshl.ini file, see [Winpeshl.ini Files](http://go.microsoft.com/fwlink/?LinkId=219413).
+1. You can customize the Remote Connection process by editing the winpeshl.ini file. For more information about how to edit the winpeshl.ini file, see [Winpeshl.ini Files](https://go.microsoft.com/fwlink/?LinkId=219413).
Specify the following commands and parameters to customize how a remote connection is established with an end-user computer:
diff --git a/mdop/dart-v10/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-10.md b/mdop/dart-v10/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-10.md
index 1351fd5141..87290ce300 100644
--- a/mdop/dart-v10/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-10.md
+++ b/mdop/dart-v10/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-10.md
@@ -13,7 +13,7 @@ ms.prod: w10
# How to Run the Crash Analyzer on an End-user Computer
-To run **Crash Analyzer** from the **Diagnostics and Recovery Toolset** window on an end-user computer that is experiencing problems, you must have the Microsoft Debugging Tools for Windows and the symbol files installed. To download the Windows Debugging Tools, see [Debugging Tools for Windows](http://go.microsoft.com/fwlink/?LinkId=266248).
+To run **Crash Analyzer** from the **Diagnostics and Recovery Toolset** window on an end-user computer that is experiencing problems, you must have the Microsoft Debugging Tools for Windows and the symbol files installed. To download the Windows Debugging Tools, see [Debugging Tools for Windows](https://go.microsoft.com/fwlink/?LinkId=266248).
**To run the Crash Analyzer on an end-user computer**
diff --git a/mdop/dart-v10/index.md b/mdop/dart-v10/index.md
index 7d404dfd1c..403e85d410 100644
--- a/mdop/dart-v10/index.md
+++ b/mdop/dart-v10/index.md
@@ -39,17 +39,17 @@ DaRT 10 is an important part of the Microsoft Desktop Optimization Pack (MDOP),
### More Information
-[How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049)
+[How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049)
Get information about how to download DaRT.
[Release Notes for DaRT 10](release-notes-for-dart-10.md)
View updated product information and known issues for DaRT 10.
-[MDOP TechCenter Page](http://go.microsoft.com/fwlink/p/?LinkId=225286)
+[MDOP TechCenter Page](https://go.microsoft.com/fwlink/p/?LinkId=225286)
Learn about the latest MDOP information and resources.
-[MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032)
-Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28http://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28http://go.microsoft.com/fwlink/p/?LinkId=242447).
+[MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032)
+Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28https://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28https://go.microsoft.com/fwlink/p/?LinkId=242447).
diff --git a/mdop/dart-v10/planning-to-create-the-dart-10-recovery-image.md b/mdop/dart-v10/planning-to-create-the-dart-10-recovery-image.md
index b80f07b582..9b29c873ca 100644
--- a/mdop/dart-v10/planning-to-create-the-dart-10-recovery-image.md
+++ b/mdop/dart-v10/planning-to-create-the-dart-10-recovery-image.md
@@ -45,7 +45,7 @@ The following items are required or recommended for creating the DaRT recovery i
Windows Debugging Tools for your platform |
-Required when you run the Crash Analyzer to determine the cause of a computer failure. We recommend that you specify the path of the Windows Debugging Tools at the time that you create the DaRT recovery image. You can download the Windows Debugging Tools here: [Download and Install Debugging Tools for Windows](http://go.microsoft.com/fwlink/?LinkId=99934). |
+Required when you run the Crash Analyzer to determine the cause of a computer failure. We recommend that you specify the path of the Windows Debugging Tools at the time that you create the DaRT recovery image. You can download the Windows Debugging Tools here: [Download and Install Debugging Tools for Windows](https://go.microsoft.com/fwlink/?LinkId=99934). |
Optional: Windows symbols files for use with Crash Analyzer |
diff --git a/mdop/dart-v10/security-considerations-for-dart-10.md b/mdop/dart-v10/security-considerations-for-dart-10.md
index 9735070a44..709e51c264 100644
--- a/mdop/dart-v10/security-considerations-for-dart-10.md
+++ b/mdop/dart-v10/security-considerations-for-dart-10.md
@@ -22,7 +22,7 @@ This topic contains a brief overview about the accounts and groups, log files, a
**Physically secure your computers**. When administrators and help desk workers are not physically at their computers, they should lock their computers and use a secured screen saver.
-**Apply the most recent security updates to all computers**. Stay informed about new updates for operating systems by subscribing to the Security Notification service ().
+**Apply the most recent security updates to all computers**. Stay informed about new updates for operating systems by subscribing to the Security Notification service ().
## Limit end-user access to DaRT tools
diff --git a/mdop/dart-v10/troubleshooting-dart-10.md b/mdop/dart-v10/troubleshooting-dart-10.md
index 08accb0d61..a6e6ec0996 100644
--- a/mdop/dart-v10/troubleshooting-dart-10.md
+++ b/mdop/dart-v10/troubleshooting-dart-10.md
@@ -13,7 +13,7 @@ ms.prod: w10
# Troubleshooting DaRT 10
-Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905).
+Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905).
## How to find troubleshooting content
@@ -28,7 +28,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the MDOP product documentation**
-1. Use a web browser to navigate to the [MDOP Information Experience](http://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
+1. Use a web browser to navigate to the [MDOP Information Experience](https://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
2. Enter applicable search terms in the **Search TechNet with Bing** search box at the top of the MDOP Information Experience home page.
@@ -36,7 +36,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the TechNet wiki**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Enter applicable search terms in the **Search TechNet Wiki** search box on the TechNet Wiki home page.
@@ -49,7 +49,7 @@ If you have a troubleshooting tip or a best practice to share that is not alread
**To create a TechNet Wiki troubleshooting or best practices article**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Log in with your Windows Live ID.
diff --git a/mdop/dart-v7/accessibility-for-dart-70.md b/mdop/dart-v7/accessibility-for-dart-70.md
index 6d7062c6f5..7f7b30dbda 100644
--- a/mdop/dart-v7/accessibility-for-dart-70.md
+++ b/mdop/dart-v7/accessibility-for-dart-70.md
@@ -63,7 +63,7 @@ For information about the availability of Microsoft product documentation and bo
(609) 987-8116 |
-[http://www.learningally.org/](http://go.microsoft.com/fwlink/?linkid=239) |
+[http://www.learningally.org/](https://go.microsoft.com/fwlink/?linkid=239) |
Web addresses can change, so you might be unable to connect to the website or sites mentioned here. |
@@ -85,7 +85,7 @@ Microsoft Support Services are subject to the prices, terms, and conditions in p
## For More Information
-For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](http://go.microsoft.com/fwlink/?linkid=8431).
+For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](https://go.microsoft.com/fwlink/?linkid=8431).
## Related topics
diff --git a/mdop/dart-v7/deploying-the-dart-70-recovery-image-dart-7.md b/mdop/dart-v7/deploying-the-dart-70-recovery-image-dart-7.md
index 544162e5da..6642ad1b4b 100644
--- a/mdop/dart-v7/deploying-the-dart-70-recovery-image-dart-7.md
+++ b/mdop/dart-v7/deploying-the-dart-70-recovery-image-dart-7.md
@@ -31,7 +31,7 @@ The **DaRT Recovery Image Wizard** only provides the option to burn a CD or DVD.
## Deploy the DaRT Recovery Image Using a USB Flash Drive
-After you have finished running the DaRT Recovery Image Wizard, you can use the tool at to copy the ISO image file to a USB flash drive (UFD).
+After you have finished running the DaRT Recovery Image Wizard, you can use the tool at to copy the ISO image file to a USB flash drive (UFD).
[How to Deploy the DaRT Recovery Image Using a USB Flash Drive](how-to-deploy-the-dart-recovery-image-using-a-usb-flash-drive-dart-7.md)
diff --git a/mdop/dart-v7/getting-started-with-dart-70-new-ia.md b/mdop/dart-v7/getting-started-with-dart-70-new-ia.md
index 070ce0b204..8bd67ea8a4 100644
--- a/mdop/dart-v7/getting-started-with-dart-70-new-ia.md
+++ b/mdop/dart-v7/getting-started-with-dart-70-new-ia.md
@@ -13,12 +13,12 @@ ms.prod: w7
# Getting Started with DaRT 7.0
-DaRT requires thorough planning before you deploy it or use its features. If you are new to this product, we recommend that you read the documentation carefully. Before you deploy the product to a production environment, we also recommend that you validate your deployment plan in a test network environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at [http://go.microsoft.com/fwlink/p/?LinkId=80347](http://go.microsoft.com/fwlink/?LinkId=80347).
+DaRT requires thorough planning before you deploy it or use its features. If you are new to this product, we recommend that you read the documentation carefully. Before you deploy the product to a production environment, we also recommend that you validate your deployment plan in a test network environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at [https://go.microsoft.com/fwlink/p/?LinkId=80347](https://go.microsoft.com/fwlink/?LinkId=80347).
This section provides general information for administrators who are evaluating and using Microsoft Diagnostics and Recovery Toolset (DaRT) 7.
**Note**
-A downloadable version of this document and the DaRT 7 Evaluation Guide can be downloaded from .
+A downloadable version of this document and the DaRT 7 Evaluation Guide can be downloaded from .
diff --git a/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-7.md b/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-7.md
index 1f376b0945..1f0f1174e8 100644
--- a/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-7.md
+++ b/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-7.md
@@ -34,9 +34,9 @@ After you have finished running the DaRT Recovery Image Wizard and created the r
For more information about how to deploy DaRT as a remote partition, see the following:
-- [Walkthrough: Deploy an Image by Using PXE](http://go.microsoft.com/fwlink/?LinkId=212108)
+- [Walkthrough: Deploy an Image by Using PXE](https://go.microsoft.com/fwlink/?LinkId=212108)
-- [Windows Deployment Services Getting Started Guide](http://go.microsoft.com/fwlink/?LinkId=212106)
+- [Windows Deployment Services Getting Started Guide](https://go.microsoft.com/fwlink/?LinkId=212106)
## Related topics
diff --git a/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-7.md b/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-7.md
index e4131ffd30..5edc3fa7e6 100644
--- a/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-7.md
+++ b/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-7.md
@@ -34,13 +34,13 @@ After you have finished running the DaRT Recovery Image Wizard and created the r
3. Use the boot.wim file to create a bootable recovery partition by using your company’s standard method for creating a custom Windows RE image.
- For more information about how to create or customize a recovery partition, see [Customizing the Windows RE Experience](http://go.microsoft.com/fwlink/?LinkId=214222).
+ For more information about how to create or customize a recovery partition, see [Customizing the Windows RE Experience](https://go.microsoft.com/fwlink/?LinkId=214222).
4. Replace the target partition in your Windows 7 image with the recovery partition.
-After your Windows 7 image is ready, distribute the image to computers in your enterprise by using your company’s standard image deployment process. For more information about how to create a Windows 7 image, see [Building a Standard Image of Windows 7: Step-by-Step Guide](http://go.microsoft.com/fwlink/?LinkId=212103).
+After your Windows 7 image is ready, distribute the image to computers in your enterprise by using your company’s standard image deployment process. For more information about how to create a Windows 7 image, see [Building a Standard Image of Windows 7: Step-by-Step Guide](https://go.microsoft.com/fwlink/?LinkId=212103).
-For more information about how to deploy a recovery solution to reinstall the factory image in the event of a system failure, see [Deploy a System Recovery Image](http://go.microsoft.com/fwlink/?LinkId=214221).
+For more information about how to deploy a recovery solution to reinstall the factory image in the event of a system failure, see [Deploy a System Recovery Image](https://go.microsoft.com/fwlink/?LinkId=214221).
## Related topics
diff --git a/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-using-a-usb-flash-drive-dart-7.md b/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-using-a-usb-flash-drive-dart-7.md
index 122915aa9a..20ae92ca78 100644
--- a/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-using-a-usb-flash-drive-dart-7.md
+++ b/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-using-a-usb-flash-drive-dart-7.md
@@ -13,7 +13,7 @@ ms.prod: w7
# How to Deploy the DaRT Recovery Image Using a USB Flash Drive
-After you have finished running the **DaRT Recovery Image Wizard**, you can use the tool at to copy the ISO image file to a USB flash drive (UFD).
+After you have finished running the **DaRT Recovery Image Wizard**, you can use the tool at to copy the ISO image file to a USB flash drive (UFD).
You can also manually copy the ISO image file to a UFD by following the steps provided in this section.
diff --git a/mdop/dart-v7/how-to-recover-remote-computers-using-the-dart-recovery-image-dart-7.md b/mdop/dart-v7/how-to-recover-remote-computers-using-the-dart-recovery-image-dart-7.md
index 8e663a0e6e..47324aed1c 100644
--- a/mdop/dart-v7/how-to-recover-remote-computers-using-the-dart-recovery-image-dart-7.md
+++ b/mdop/dart-v7/how-to-recover-remote-computers-using-the-dart-recovery-image-dart-7.md
@@ -84,7 +84,7 @@ A file is provided that is named inv32.xml and contains remote connection inform
**To customize the Remote Connection process**
-1. You can customize the Remote Connection process by editing the winpeshl.ini file. For more information about how to edit the winpeshl.ini file, see [Winpeshl.ini Files](http://go.microsoft.com/fwlink/?LinkId=219413).
+1. You can customize the Remote Connection process by editing the winpeshl.ini file. For more information about how to edit the winpeshl.ini file, see [Winpeshl.ini Files](https://go.microsoft.com/fwlink/?LinkId=219413).
Specify the following commands and parameters to customize how a remote connection is established with an end-user computer:
diff --git a/mdop/dart-v7/how-to-use-the-dart-recovery-image-wizard-to-create-the-recovery-image-dart-7.md b/mdop/dart-v7/how-to-use-the-dart-recovery-image-wizard-to-create-the-recovery-image-dart-7.md
index 9395091dd1..9639ec5f67 100644
--- a/mdop/dart-v7/how-to-use-the-dart-recovery-image-wizard-to-create-the-recovery-image-dart-7.md
+++ b/mdop/dart-v7/how-to-use-the-dart-recovery-image-wizard-to-create-the-recovery-image-dart-7.md
@@ -63,7 +63,7 @@ For more information about remotely running the DaRT tools, see [How to Recover
### To add the Debugging Tools for Windows to the DaRT recovery image
-In the **Crash Analyzer** dialog box of the **DaRT Recovery Image Wizard**, you are asked to specify the location of the Debugging Tools for Windows. If you do not have a copy of the tools, you can download them from Microsoft. The following link to the download page is provided in the wizard: [Download and Install Debugging Tools for Windows](http://go.microsoft.com/fwlink/?LinkId=99934).
+In the **Crash Analyzer** dialog box of the **DaRT Recovery Image Wizard**, you are asked to specify the location of the Debugging Tools for Windows. If you do not have a copy of the tools, you can download them from Microsoft. The following link to the download page is provided in the wizard: [Download and Install Debugging Tools for Windows](https://go.microsoft.com/fwlink/?LinkId=99934).
You can either specify the location of the debugging tools on the computer where you are running the **DaRT Recovery Image Wizard**, or you can decide to use the tools that are located on the destination computer. If you decide to use a copy on another computer, you must make sure that the tools are installed on each computer on which you are diagnosing a crash.
diff --git a/mdop/dart-v7/index.md b/mdop/dart-v7/index.md
index d973a76adc..4a73455bd5 100644
--- a/mdop/dart-v7/index.md
+++ b/mdop/dart-v7/index.md
@@ -42,11 +42,11 @@ DaRT is an important part of the Microsoft Desktop Optimization Pack (MDOP), a d
[Release Notes for DaRT 7.0](release-notes-for-dart-70-new-ia.md)
View updated product information and known issues for DaRT 7.
-[MDOP TechCenter Page](http://go.microsoft.com/fwlink/p/?LinkId=225286)
+[MDOP TechCenter Page](https://go.microsoft.com/fwlink/p/?LinkId=225286)
Learn about the latest MDOP information and resources.
-[MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032)
-Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28http://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28http://go.microsoft.com/fwlink/p/?LinkId=242447).
+[MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032)
+Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28https://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28https://go.microsoft.com/fwlink/p/?LinkId=242447).
diff --git a/mdop/dart-v7/planning-to-create-the-dart-70-recovery-image.md b/mdop/dart-v7/planning-to-create-the-dart-70-recovery-image.md
index 00a6fe704b..29c955432d 100644
--- a/mdop/dart-v7/planning-to-create-the-dart-70-recovery-image.md
+++ b/mdop/dart-v7/planning-to-create-the-dart-70-recovery-image.md
@@ -33,7 +33,7 @@ The following items are required or recommended for creating the DaRT recovery i
- Windows Debugging Tools for your platform
- Windows Debugging Tools are required when you run **Crash Analyzer** to determine the cause of a computer crash. We recommend that you specify the path of the Windows Debugging Tools at the time that you create the DaRT recovery image. If it is necessary, you can download the Windows Debugging Tools here: [Download and Install Debugging Tools for Windows](http://go.microsoft.com/fwlink/?LinkId=99934).
+ Windows Debugging Tools are required when you run **Crash Analyzer** to determine the cause of a computer crash. We recommend that you specify the path of the Windows Debugging Tools at the time that you create the DaRT recovery image. If it is necessary, you can download the Windows Debugging Tools here: [Download and Install Debugging Tools for Windows](https://go.microsoft.com/fwlink/?LinkId=99934).
- Optional: **Standalone System Sweeper** definitions
diff --git a/mdop/dart-v7/release-notes-for-dart-70-new-ia.md b/mdop/dart-v7/release-notes-for-dart-70-new-ia.md
index 4500f156a1..d085930a67 100644
--- a/mdop/dart-v7/release-notes-for-dart-70-new-ia.md
+++ b/mdop/dart-v7/release-notes-for-dart-70-new-ia.md
@@ -37,7 +37,7 @@ We are interested in your feedback on DaRT 7. You can send your feedback to dar
## Protect Against Security Vulnerabilities and Viruses
-To help protect against security vulnerabilities and viruses, we recommend that you install the latest available security updates for any new software being installed. For more information, see [Microsoft Security](http://go.microsoft.com/fwlink/?LinkId=3482) (http://go.microsoft.com/fwlink/?LinkId=3482).
+To help protect against security vulnerabilities and viruses, we recommend that you install the latest available security updates for any new software being installed. For more information, see [Microsoft Security](https://go.microsoft.com/fwlink/?LinkId=3482) (https://go.microsoft.com/fwlink/?LinkId=3482).
## Known Issues with DaRT 7.0
@@ -58,7 +58,7 @@ If you delete a file that has Unicode characters in its file name and try to res
DaRT command-line installation fails silently if run with the quiet mode option unless it is run by using elevated administrator permissions.
-**Workaround:** Run the command-line installation by using elevated administrator permissions. DaRT installation supports the typical Windows Installer options for command-line installation. Please see [Command-Line Options](http://go.microsoft.com/fwlink/?LinkId=160689) for Windows Installer for more information about the several available switches.
+**Workaround:** Run the command-line installation by using elevated administrator permissions. DaRT installation supports the typical Windows Installer options for command-line installation. Please see [Command-Line Options](https://go.microsoft.com/fwlink/?LinkId=160689) for Windows Installer for more information about the several available switches.
### File Search cannot move a folder to a different volume
diff --git a/mdop/dart-v7/troubleshooting-dart-70-new-ia.md b/mdop/dart-v7/troubleshooting-dart-70-new-ia.md
index cc0700ce62..a712896fe8 100644
--- a/mdop/dart-v7/troubleshooting-dart-70-new-ia.md
+++ b/mdop/dart-v7/troubleshooting-dart-70-new-ia.md
@@ -13,7 +13,7 @@ ms.prod: w7
# Troubleshooting DaRT 7.0
-Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905).
+Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905).
## How to Find Troubleshooting Content
@@ -28,7 +28,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the MDOP product documentation**
-1. Use a web browser to navigate to the [MDOP Information Experience](http://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
+1. Use a web browser to navigate to the [MDOP Information Experience](https://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
2. Enter applicable search terms in the **Search TechNet with Bing** search box at the top of the MDOP Information Experience home page.
@@ -36,7 +36,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the TechNet Wiki**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Enter applicable search terms in the **Search TechNet Wiki** search box on the TechNet Wiki home page.
@@ -49,7 +49,7 @@ If you have a troubleshooting tip or a best practice to share that is not alread
**To create a TechNet Wiki troubleshooting or best practices article**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Log in with your Windows Live ID.
diff --git a/mdop/dart-v8/about-dart-80-dart-8.md b/mdop/dart-v8/about-dart-80-dart-8.md
index 852ee39b05..edf23960e4 100644
--- a/mdop/dart-v8/about-dart-80-dart-8.md
+++ b/mdop/dart-v8/about-dart-80-dart-8.md
@@ -60,7 +60,7 @@ For more information, and for late-breaking news that did not make it into the d
## How to Get DaRT 8.0
-This technology is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049) (http://go.microsoft.com/fwlink/?LinkId=322049).
+This technology is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049).
## Related topics
diff --git a/mdop/dart-v8/about-dart-80-sp1.md b/mdop/dart-v8/about-dart-80-sp1.md
index d71b6c5db4..1e5ac5d349 100644
--- a/mdop/dart-v8/about-dart-80-sp1.md
+++ b/mdop/dart-v8/about-dart-80-sp1.md
@@ -50,7 +50,7 @@ DaRT 8.0 SP1 includes a rollup of fixes to address issues found since the DaRT 8
## How to Get DaRT 8.0 SP1
-DaRT 8.0 SP1 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049) (http://go.microsoft.com/fwlink/?LinkId=322049).
+DaRT 8.0 SP1 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049).
## Related topics
diff --git a/mdop/dart-v8/about-dart-81.md b/mdop/dart-v8/about-dart-81.md
index 7f311fe098..49272ee233 100644
--- a/mdop/dart-v8/about-dart-81.md
+++ b/mdop/dart-v8/about-dart-81.md
@@ -26,7 +26,7 @@ Microsoft Diagnostics and Recovery Toolset (DaRT) 8.1 provides the following enh
- The DaRT 8.1 image is built on Windows 8.1 Update 1 or later.
- For more information about WIMBoot, see [Windows Image File Boot (WIMBoot) Overview](http://go.microsoft.com/fwlink/?LinkId=517536).
+ For more information about WIMBoot, see [Windows Image File Boot (WIMBoot) Overview](https://go.microsoft.com/fwlink/?LinkId=517536).
- **Support for Windows Server 2012 R2 and Windows 8.1**
@@ -61,7 +61,7 @@ Microsoft Diagnostics and Recovery Toolset (DaRT) 8.1 provides the following enh
- **Microsoft .NET Framework 4.5.1**
- DaRT 8.1 requires that .NET Framework 4.5.1 is installed. To download, see [Microsoft.NET Framework 4.5.1](http://go.microsoft.com/fwlink/?LinkId=329038) in the Microsoft Download Center.
+ DaRT 8.1 requires that .NET Framework 4.5.1 is installed. To download, see [Microsoft.NET Framework 4.5.1](https://go.microsoft.com/fwlink/?LinkId=329038) in the Microsoft Download Center.
- **Windows 8.1 Debugging Tools**
@@ -99,7 +99,7 @@ DaRT 8.1 is available in the following languages:
## How to Get MDOP Technologies
-DaRT 8.1 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049) (http://go.microsoft.com/fwlink/?LinkId=322049).
+DaRT 8.1 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049).
## Related topics
diff --git a/mdop/dart-v8/accessibility-for-dart-80-dart-8.md b/mdop/dart-v8/accessibility-for-dart-80-dart-8.md
index ba9a4f51d9..15e828341c 100644
--- a/mdop/dart-v8/accessibility-for-dart-80-dart-8.md
+++ b/mdop/dart-v8/accessibility-for-dart-80-dart-8.md
@@ -63,7 +63,7 @@ For information about the availability of Microsoft product documentation and bo
(609) 987-8116 |
-[http://www.learningally.org/](http://go.microsoft.com/fwlink/?linkid=239) |
+[http://www.learningally.org/](https://go.microsoft.com/fwlink/?linkid=239) |
Web addresses can change, so you might be unable to connect to the website or sites mentioned here. |
@@ -85,7 +85,7 @@ Microsoft Support Services are subject to the prices, terms, and conditions in p
## For more information
-For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](http://go.microsoft.com/fwlink/?linkid=8431).
+For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](https://go.microsoft.com/fwlink/?linkid=8431).
## Related topics
diff --git a/mdop/dart-v8/creating-the-dart-80-recovery-image-dart-8.md b/mdop/dart-v8/creating-the-dart-80-recovery-image-dart-8.md
index f28f338047..b0f7f20fd2 100644
--- a/mdop/dart-v8/creating-the-dart-80-recovery-image-dart-8.md
+++ b/mdop/dart-v8/creating-the-dart-80-recovery-image-dart-8.md
@@ -131,7 +131,7 @@ If you include the Crash Analyzer tool in the ISO image, you must also include t
If you installed the Microsoft Windows Software Development Kit (SDK) or the Microsoft Windows Development Kit (WDK), the Windows 8 Debugging Tools are added to the recovery image by default, and the path to the Debugging Tools is automatically filled in. You can change the path of the Windows 8 Debugging Tools if the files are located somewhere other than the location indicated by the default file path. A link in the wizard lets you download and install debugging tools for Windows if they are not already installed.
-To download the Windows Debugging Tools, see [Debugging Tools for Windows](http://go.microsoft.com/fwlink/?LinkId=266248). Install the Debugging Tools to the default location.
+To download the Windows Debugging Tools, see [Debugging Tools for Windows](https://go.microsoft.com/fwlink/?LinkId=266248). Install the Debugging Tools to the default location.
**Note**
The DaRT wizard checks for the tools in the `HKLM\Software\Microsoft\Windows Kits\Installed Roots\WindowsDebuggersRoot` registry key. If the registry value is not there, the wizard looks in one of the following locations, depending on your system architecture:
diff --git a/mdop/dart-v8/dart-80-privacy-statement-dart-8.md b/mdop/dart-v8/dart-80-privacy-statement-dart-8.md
index 3108fce152..fe2208a231 100644
--- a/mdop/dart-v8/dart-80-privacy-statement-dart-8.md
+++ b/mdop/dart-v8/dart-80-privacy-statement-dart-8.md
@@ -52,7 +52,7 @@ We will occasionally update this privacy statement to reflect changes in our pro
## For More Information
-Microsoft welcomes your comments regarding this privacy statement. If you have questions about this statement or believe that we have not adhered to it, please [contact us](http://go.microsoft.com/fwlink/?LinkID=245853).
+Microsoft welcomes your comments regarding this privacy statement. If you have questions about this statement or believe that we have not adhered to it, please [contact us](https://go.microsoft.com/fwlink/?LinkID=245853).
Microsoft PrivacyMicrosoft CorporationOne Microsoft WayRedmond, Washington 98052 USA
@@ -68,15 +68,15 @@ Microsoft Update is a service that provides Windows updates as well as updates f
**Information Collected, Processed, or Transmitted:**
-For details about what information is collected and how it is used, see the Update Services Privacy Statement at .
+For details about what information is collected and how it is used, see the Update Services Privacy Statement at .
**Use of Information:**
-For details about what information is collected and how it is used, see the Update Services Privacy Statement at .
+For details about what information is collected and how it is used, see the Update Services Privacy Statement at .
**Choice/Control:**
-For details about controlling this feature, see the Update Services Privacy Statement at [http://go.microsoft.com/fwlink/?LinkId=244000](http://go.microsoft.com/fwlink/?LinkId=244400).
+For details about controlling this feature, see the Update Services Privacy Statement at [https://go.microsoft.com/fwlink/?LinkId=244000](https://go.microsoft.com/fwlink/?LinkId=244400).
## Windows Defender Offline
@@ -87,15 +87,15 @@ Windows Defender Offline (WDO) is included in the DaRT download. WDO helps prote
**Information Collected, Processed, or Transmitted:**
-For details about what information is collected and how it is used, see the WDO Privacy Statement at [http://go.microsoft.com/fwlink/?LinkId=246081](http://go.microsoft.com/fwlink/?LinkID=211807).
+For details about what information is collected and how it is used, see the WDO Privacy Statement at [https://go.microsoft.com/fwlink/?LinkId=246081](https://go.microsoft.com/fwlink/?LinkID=211807).
**Use of Information:**
-For details about what information is collected and how it is used, see the WDO Privacy Statement at .
+For details about what information is collected and how it is used, see the WDO Privacy Statement at .
**Choice/Control:**
-For details about controlling this feature, see the Windows Defender Offline Privacy Statement at .
+For details about controlling this feature, see the Windows Defender Offline Privacy Statement at .
## Related topics
diff --git a/mdop/dart-v8/dart-80-supported-configurations-dart-8.md b/mdop/dart-v8/dart-80-supported-configurations-dart-8.md
index 039d32f356..872da76c34 100644
--- a/mdop/dart-v8/dart-80-supported-configurations-dart-8.md
+++ b/mdop/dart-v8/dart-80-supported-configurations-dart-8.md
@@ -111,7 +111,7 @@ Make sure that you allocate enough space for any additional tools that you want
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/p/?LinkId=31976).
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/p/?LinkId=31976).
diff --git a/mdop/dart-v8/deploying-dart-80-dart-8.md b/mdop/dart-v8/deploying-dart-80-dart-8.md
index 8f3c973c4e..26bd31169b 100644
--- a/mdop/dart-v8/deploying-dart-80-dart-8.md
+++ b/mdop/dart-v8/deploying-dart-80-dart-8.md
@@ -36,7 +36,7 @@ Microsoft Diagnostics and Recovery Toolset (DaRT) 8.0 supports a number of diffe
### How to get DaRT
-This technology is a part of the Microsoft Desktop Optimization Pack (MDOP). Enterprise customers can get MDOP with Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/p/?LinkId=322049) (http://go.microsoft.com/fwlink/p/?LinkId=322049).
+This technology is a part of the Microsoft Desktop Optimization Pack (MDOP). Enterprise customers can get MDOP with Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/p/?LinkId=322049) (https://go.microsoft.com/fwlink/p/?LinkId=322049).
## Other Resources for deploying DaRT
diff --git a/mdop/dart-v8/deploying-dart-80-to-administrator-computers-dart-8.md b/mdop/dart-v8/deploying-dart-80-to-administrator-computers-dart-8.md
index cbaefbe48b..76300d9651 100644
--- a/mdop/dart-v8/deploying-dart-80-to-administrator-computers-dart-8.md
+++ b/mdop/dart-v8/deploying-dart-80-to-administrator-computers-dart-8.md
@@ -36,7 +36,7 @@ You can change, repair, or remove the DaRT installation by double-clicking the D
## How to get DaRT 8.0
-To get the DaRT software, see [How to Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049).
+To get the DaRT software, see [How to Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049).
## Other resources for deploying the DaRT 8.0 to administrator computers
diff --git a/mdop/dart-v8/getting-started-with-dart-80-dart-8.md b/mdop/dart-v8/getting-started-with-dart-80-dart-8.md
index b7cf71b4a0..25a08c738d 100644
--- a/mdop/dart-v8/getting-started-with-dart-80-dart-8.md
+++ b/mdop/dart-v8/getting-started-with-dart-80-dart-8.md
@@ -13,12 +13,12 @@ ms.prod: w8
# Getting Started with DaRT 8.0
-Microsoft Diagnostics and Recovery Toolset (DaRT) 8.0 requires thorough planning before you deploy it or use its features. If you are new to this product, we recommend that you read the documentation carefully. Before you deploy the product to a production environment, we also recommend that you validate your deployment plan in a test network environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at [http://go.microsoft.com/fwlink/p/?LinkId=80347](http://go.microsoft.com/fwlink/?LinkId=80347).
+Microsoft Diagnostics and Recovery Toolset (DaRT) 8.0 requires thorough planning before you deploy it or use its features. If you are new to this product, we recommend that you read the documentation carefully. Before you deploy the product to a production environment, we also recommend that you validate your deployment plan in a test network environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at [https://go.microsoft.com/fwlink/p/?LinkId=80347](https://go.microsoft.com/fwlink/?LinkId=80347).
**Note**
-A downloadable version of this administrator’s guide is not available. However, you can learn about a special mode of the TechNet Library that allows you to select articles, group them in a collection, and print them or export them to a file at (http://go.microsoft.com/fwlink/?LinkId=272493).
+A downloadable version of this administrator’s guide is not available. However, you can learn about a special mode of the TechNet Library that allows you to select articles, group them in a collection, and print them or export them to a file at (https://go.microsoft.com/fwlink/?LinkId=272493).
-Additional downloadable information about this product can also be found at .
+Additional downloadable information about this product can also be found at .
@@ -40,7 +40,7 @@ Additional downloadable information about this product can also be found at Other resources for this product
diff --git a/mdop/dart-v8/how-to-deploy-dart-80-dart-8.md b/mdop/dart-v8/how-to-deploy-dart-80-dart-8.md
index 0e281bcce4..e752e88d1d 100644
--- a/mdop/dart-v8/how-to-deploy-dart-80-dart-8.md
+++ b/mdop/dart-v8/how-to-deploy-dart-80-dart-8.md
@@ -13,7 +13,7 @@ ms.prod: w8
# How to Deploy DaRT 8.0
-The following instructions explain how to deploy Microsoft Diagnostics and Recovery Toolset (DaRT) 8.0 in your environment. To get the DaRT software, see [How to Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049). It is assumed that you are installing all functionality on one administrator computer. If you need to deploy or uninstall DaRT 8.0 on multiple computers, using an electronic software distribution system, for example, it might be easier to use command line installation options. Descriptions and examples of the available command line options are provided in this section.
+The following instructions explain how to deploy Microsoft Diagnostics and Recovery Toolset (DaRT) 8.0 in your environment. To get the DaRT software, see [How to Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049). It is assumed that you are installing all functionality on one administrator computer. If you need to deploy or uninstall DaRT 8.0 on multiple computers, using an electronic software distribution system, for example, it might be easier to use command line installation options. Descriptions and examples of the available command line options are provided in this section.
**Important**
Before you install DaRT, see [DaRT 8.0 Supported Configurations](dart-80-supported-configurations-dart-8.md) to ensure that you have installed all of the prerequisite software and that the computer meets the minimum system requirements. The computer onto which you install DaRT must be running Windows 8 or Windows Server 2012.
diff --git a/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-8.md b/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-8.md
index 533309871f..897ac180e8 100644
--- a/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-8.md
+++ b/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-8.md
@@ -32,7 +32,7 @@ After you have finished running the Microsoft Diagnostics and Recovery Toolset (
3. Configure the WDS server to use the boot.wim file for DaRT by following your standard WDS deployment procedures.
-For more information about how to deploy DaRT as a remote partition, see [Walkthrough: Deploy an Image by Using PXE](http://go.microsoft.com/fwlink/?LinkId=212108) and [Windows Deployment Services Getting Started Guide](http://go.microsoft.com/fwlink/?LinkId=212106).
+For more information about how to deploy DaRT as a remote partition, see [Walkthrough: Deploy an Image by Using PXE](https://go.microsoft.com/fwlink/?LinkId=212108) and [Windows Deployment Services Getting Started Guide](https://go.microsoft.com/fwlink/?LinkId=212106).
## Related topics
diff --git a/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-8.md b/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-8.md
index d54e1fefae..9f716da0a5 100644
--- a/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-8.md
+++ b/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-8.md
@@ -34,11 +34,11 @@ After you have finished running the Microsoft Diagnostics and Recovery Toolset (
3. Use the boot.wim file to create a bootable recovery partition by using your company’s standard method for creating a custom Windows RE image.
- For more information about how to create or customize a recovery partition, see [Customizing the Windows RE Experience](http://go.microsoft.com/fwlink/?LinkId=214222).
+ For more information about how to create or customize a recovery partition, see [Customizing the Windows RE Experience](https://go.microsoft.com/fwlink/?LinkId=214222).
4. Replace the target partition in your Windows 8 image with the recovery partition.
- For more information about how to deploy a recovery solution to reinstall the factory image in the event of a system failure, see [Deploy a System Recovery Image](http://go.microsoft.com/fwlink/?LinkId=214221).
+ For more information about how to deploy a recovery solution to reinstall the factory image in the event of a system failure, see [Deploy a System Recovery Image](https://go.microsoft.com/fwlink/?LinkId=214221).
## Related topics
diff --git a/mdop/dart-v8/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-8.md b/mdop/dart-v8/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-8.md
index 27123b0c22..69c3dce751 100644
--- a/mdop/dart-v8/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-8.md
+++ b/mdop/dart-v8/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-8.md
@@ -89,7 +89,7 @@ A file is provided that is named inv32.xml and contains remote connection inform
**To customize the Remote Connection process**
-1. You can customize the Remote Connection process by editing the winpeshl.ini file. For more information about how to edit the winpeshl.ini file, see [Winpeshl.ini Files](http://go.microsoft.com/fwlink/?LinkId=219413).
+1. You can customize the Remote Connection process by editing the winpeshl.ini file. For more information about how to edit the winpeshl.ini file, see [Winpeshl.ini Files](https://go.microsoft.com/fwlink/?LinkId=219413).
Specify the following commands and parameters to customize how a remote connection is established with an end-user computer:
diff --git a/mdop/dart-v8/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-8.md b/mdop/dart-v8/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-8.md
index 286ec2cba8..c64653f0c5 100644
--- a/mdop/dart-v8/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-8.md
+++ b/mdop/dart-v8/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-8.md
@@ -13,7 +13,7 @@ ms.prod: w8
# How to Run the Crash Analyzer on an End-user Computer
-To run **Crash Analyzer** from the **Diagnostics and Recovery Toolset** window on an end-user computer that is experiencing problems, you must have the Microsoft Debugging Tools for Windows and the symbol files installed. To download the Windows Debugging Tools, see [Debugging Tools for Windows](http://go.microsoft.com/fwlink/?LinkId=266248).
+To run **Crash Analyzer** from the **Diagnostics and Recovery Toolset** window on an end-user computer that is experiencing problems, you must have the Microsoft Debugging Tools for Windows and the symbol files installed. To download the Windows Debugging Tools, see [Debugging Tools for Windows](https://go.microsoft.com/fwlink/?LinkId=266248).
**To run the Crash Analyzer on an end-user computer**
diff --git a/mdop/dart-v8/index.md b/mdop/dart-v8/index.md
index 5e0d6c2d68..aa7739f75f 100644
--- a/mdop/dart-v8/index.md
+++ b/mdop/dart-v8/index.md
@@ -43,17 +43,17 @@ DaRT 8.0 is an important part of the Microsoft Desktop Optimization Pack (MDOP),
### More Information
-[How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049)
+[How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049)
Get information about how to download DaRT.
[Release Notes for DaRT 8.0](release-notes-for-dart-80--dart-8.md)
View updated product information and known issues for DaRT 8.0.
-[MDOP TechCenter Page](http://go.microsoft.com/fwlink/p/?LinkId=225286)
+[MDOP TechCenter Page](https://go.microsoft.com/fwlink/p/?LinkId=225286)
Learn about the latest MDOP information and resources.
-[MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032)
-Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28http://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28http://go.microsoft.com/fwlink/p/?LinkId=242447).
+[MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032)
+Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28https://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28https://go.microsoft.com/fwlink/p/?LinkId=242447).
diff --git a/mdop/dart-v8/microsoft-diagnostics-and-recovery-toolset--dart--users-should-use-windows-defender-offline--wdo--for-malware-detection.md b/mdop/dart-v8/microsoft-diagnostics-and-recovery-toolset--dart--users-should-use-windows-defender-offline--wdo--for-malware-detection.md
index d5759a4c80..f40ebfb98c 100644
--- a/mdop/dart-v8/microsoft-diagnostics-and-recovery-toolset--dart--users-should-use-windows-defender-offline--wdo--for-malware-detection.md
+++ b/mdop/dart-v8/microsoft-diagnostics-and-recovery-toolset--dart--users-should-use-windows-defender-offline--wdo--for-malware-detection.md
@@ -22,7 +22,7 @@ The Windows Defender tool distributes anti-malware updates more frequently than
Currently deployed DaRT images do not have to be removed or updated. We recommend that you deploy the bootable image that is provided by Windows Defender Offline for all future malware scans. Using an outdated version of the DaRT Defender tool could result in undetected malware.
-For more information about Windows Defender Offline downloads and FAQs, go to the following website: [What is Windows Defender Offline?](http://go.microsoft.com/fwlink/p/?LinkId=394127).
+For more information about Windows Defender Offline downloads and FAQs, go to the following website: [What is Windows Defender Offline?](https://go.microsoft.com/fwlink/p/?LinkId=394127).
diff --git a/mdop/dart-v8/planning-to-create-the-dart-80-recovery-image-dart-8.md b/mdop/dart-v8/planning-to-create-the-dart-80-recovery-image-dart-8.md
index d7368301d7..ae8c0392cd 100644
--- a/mdop/dart-v8/planning-to-create-the-dart-80-recovery-image-dart-8.md
+++ b/mdop/dart-v8/planning-to-create-the-dart-80-recovery-image-dart-8.md
@@ -45,7 +45,7 @@ The following items are required or recommended for creating the DaRT recovery i
Windows Debugging Tools for your platform |
-Required when you run the Crash Analyzer to determine the cause of a computer failure. We recommend that you specify the path of the Windows Debugging Tools at the time that you create the DaRT recovery image. You can download the Windows Debugging Tools here: [Download and Install Debugging Tools for Windows](http://go.microsoft.com/fwlink/?LinkId=99934). |
+Required when you run the Crash Analyzer to determine the cause of a computer failure. We recommend that you specify the path of the Windows Debugging Tools at the time that you create the DaRT recovery image. You can download the Windows Debugging Tools here: [Download and Install Debugging Tools for Windows](https://go.microsoft.com/fwlink/?LinkId=99934). |
Optional: Defender definitions |
diff --git a/mdop/dart-v8/release-notes-for-dart-80--dart-8.md b/mdop/dart-v8/release-notes-for-dart-80--dart-8.md
index afe0bcba01..99d7be85b7 100644
--- a/mdop/dart-v8/release-notes-for-dart-80--dart-8.md
+++ b/mdop/dart-v8/release-notes-for-dart-80--dart-8.md
@@ -19,14 +19,14 @@ Read these release notes thoroughly before you install Microsoft Diagnostics and
These release notes contain information that is required to successfully install DaRT 8.0. The release notes also contain information that is not available in the product documentation. If there is a difference between these release notes and other DaRT documentation, the latest change should be considered authoritative. These release notes supersede the content that is included with this product.
-To get the DaRT software, see [How to Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049).
+To get the DaRT software, see [How to Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049).
## About the product documentation
-For information about documentation for DaRT, see the [DaRT home page](http://go.microsoft.com/fwlink/?LinkID=252096) on Microsoft TechNet.
+For information about documentation for DaRT, see the [DaRT home page](https://go.microsoft.com/fwlink/?LinkID=252096) on Microsoft TechNet.
-To obtain a downloadable copy of DaRT documentation, see on the Microsoft Download Center.
+To obtain a downloadable copy of DaRT documentation, see on the Microsoft Download Center.
## Providing feedback
@@ -38,9 +38,9 @@ This email address is not a support channel, but your feedback will help us to p
-For the latest information about MDOP and additional learning resources, see the [MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032) page.
+For the latest information about MDOP and additional learning resources, see the [MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032) page.
-For more information about new updates or to provide feedback, follow us on [Facebook](http://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](http://go.microsoft.com/fwlink/p/?LinkId=242447).
+For more information about new updates or to provide feedback, follow us on [Facebook](https://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](https://go.microsoft.com/fwlink/p/?LinkId=242447).
## Known issues with DaRT 8.0
diff --git a/mdop/dart-v8/release-notes-for-dart-80-sp1.md b/mdop/dart-v8/release-notes-for-dart-80-sp1.md
index b5a77cc607..8be4a28b96 100644
--- a/mdop/dart-v8/release-notes-for-dart-80-sp1.md
+++ b/mdop/dart-v8/release-notes-for-dart-80-sp1.md
@@ -22,7 +22,7 @@ These release notes contain information that is required to successfully install
## About the product documentation
-For information about documentation for DaRT, see the [DaRT home page](http://go.microsoft.com/fwlink/?LinkID=252096) on Microsoft TechNet.
+For information about documentation for DaRT, see the [DaRT home page](https://go.microsoft.com/fwlink/?LinkID=252096) on Microsoft TechNet.
## Known issues with DaRT 8.0 SP1
diff --git a/mdop/dart-v8/security-considerations-for-dart-80--dart-8.md b/mdop/dart-v8/security-considerations-for-dart-80--dart-8.md
index b540c4f38c..2be87d0146 100644
--- a/mdop/dart-v8/security-considerations-for-dart-80--dart-8.md
+++ b/mdop/dart-v8/security-considerations-for-dart-80--dart-8.md
@@ -22,7 +22,7 @@ This topic contains a brief overview about the accounts and groups, log files, a
**Physically secure your computers**. When administrators and help desk workers are not physically at their computers, they should lock their computers and use a secured screen saver.
-**Apply the most recent security updates to all computers**. Stay informed about new updates for operating systems by subscribing to the Security Notification service ().
+**Apply the most recent security updates to all computers**. Stay informed about new updates for operating systems by subscribing to the Security Notification service ().
## Limit end-user access to DaRT tools
diff --git a/mdop/dart-v8/troubleshooting-dart-80-dart-8.md b/mdop/dart-v8/troubleshooting-dart-80-dart-8.md
index 5087597b76..4452434a46 100644
--- a/mdop/dart-v8/troubleshooting-dart-80-dart-8.md
+++ b/mdop/dart-v8/troubleshooting-dart-80-dart-8.md
@@ -13,7 +13,7 @@ ms.prod: w8
# Troubleshooting DaRT 8.0
-Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905).
+Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905).
## How to find troubleshooting content
@@ -28,7 +28,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the MDOP product documentation**
-1. Use a web browser to navigate to the [MDOP Information Experience](http://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
+1. Use a web browser to navigate to the [MDOP Information Experience](https://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
2. Enter applicable search terms in the **Search TechNet with Bing** search box at the top of the MDOP Information Experience home page.
@@ -36,7 +36,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the TechNet wiki**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Enter applicable search terms in the **Search TechNet Wiki** search box on the TechNet Wiki home page.
@@ -49,7 +49,7 @@ If you have a troubleshooting tip or a best practice to share that is not alread
**To create a TechNet Wiki troubleshooting or best practices article**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Log in with your Windows Live ID.
diff --git a/mdop/index.md b/mdop/index.md
index 4632622c96..0863054ac2 100644
--- a/mdop/index.md
+++ b/mdop/index.md
@@ -10,7 +10,7 @@ author: jamiejdt
The Microsoft Desktop Optimization Pack (MDOP) is a portfolio of technologies available as a subscription for Software Assurance customers. MDOP helps to improve compatibility and management, reduce support costs, improve asset management, and improve policy control.
-The MDOP Information Experience provides product documentation, videos, blogs, and other resources to help users implement and optimize their experience with the MDOP technologies. You can learn about updates and events by following us on [Facebook](http://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](http://go.microsoft.com/fwlink/p/?LinkId=242447).
+The MDOP Information Experience provides product documentation, videos, blogs, and other resources to help users implement and optimize their experience with the MDOP technologies. You can learn about updates and events by following us on [Facebook](https://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](https://go.microsoft.com/fwlink/p/?LinkId=242447).
## MDOP Documentation Links
@@ -31,14 +31,14 @@ The following table provides links to the product documentation for the MDOP pro
AGPM 4.0 - Windows Vista SP1, Windows 7, Windows Server 2008, Windows Server 2008 R2
AGPM 3.0- Windows Vista SP1, Windows Server 2008
AGPM 2.5 - Windows Vista, Windows Server 2003
-[Overview of Microsoft Advanced Group Policy Management](http://go.microsoft.com/fwlink/p/?LinkId=232980)(http://go.microsoft.com/fwlink/p/?LinkId=232980)
+ | [Overview of Microsoft Advanced Group Policy Management](https://go.microsoft.com/fwlink/p/?LinkId=232980)(https://go.microsoft.com/fwlink/p/?LinkId=232980)
[AGPM 4.0 SP3](https://technet.microsoft.com/library/mt346468.aspx) (https://technet.microsoft.com/library/mt346468.aspx)
-[AGPM 4.0 SP2](http://go.microsoft.com/fwlink/p/?LinkId=325035) (http://go.microsoft.com/fwlink/p/?LinkId=325035)
-[AGPM 4.0 SP1](http://go.microsoft.com/fwlink/p/?LinkId=286715) (http://go.microsoft.com/fwlink/p/?LinkId=286715)
-[AGPM 4.0](http://go.microsoft.com/fwlink/p/?LinkId=232964) (http://go.microsoft.com/fwlink/p/?LinkId=232964)
-[AGPM 3.0](http://go.microsoft.com/fwlink/p/?LinkId=232967) (http://go.microsoft.com/fwlink/p/?LinkId=232967)
-[AGPM 2.5](http://go.microsoft.com/fwlink/p/?LinkId=232969) (http://go.microsoft.com/fwlink/p/?LinkId=232969)
-[AGPM Whitepapers on the Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=232275) (http://go.microsoft.com/fwlink/p/?LinkId=232275) |
+[AGPM 4.0 SP2](https://go.microsoft.com/fwlink/p/?LinkId=325035) (https://go.microsoft.com/fwlink/p/?LinkId=325035)
+[AGPM 4.0 SP1](https://go.microsoft.com/fwlink/p/?LinkId=286715) (https://go.microsoft.com/fwlink/p/?LinkId=286715)
+[AGPM 4.0](https://go.microsoft.com/fwlink/p/?LinkId=232964) (https://go.microsoft.com/fwlink/p/?LinkId=232964)
+[AGPM 3.0](https://go.microsoft.com/fwlink/p/?LinkId=232967) (https://go.microsoft.com/fwlink/p/?LinkId=232967)
+[AGPM 2.5](https://go.microsoft.com/fwlink/p/?LinkId=232969) (https://go.microsoft.com/fwlink/p/?LinkId=232969)
+[AGPM Whitepapers on the Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=232275) (https://go.microsoft.com/fwlink/p/?LinkId=232275)
Microsoft Application Virtualization (App-V) lets you make applications available to end user computers without installing the applications directly on those computers. |
@@ -52,20 +52,20 @@ The following table provides links to the product documentation for the MDOP pro
[About Microsoft Application Virtualization 4.6 SP1](appv-v4/about-microsoft-application-virtualization-46-sp1.md)
[About Microsoft Application Virtualization 4.6](appv-v4/about-microsoft-application-virtualization-46.md)
[About Microsoft Application Virtualization 4.5](appv-v4/about-microsoft-application-virtualization-45.md)
-[SoftGrid](http://go.microsoft.com/fwlink/p/?LinkId=232981) (http://go.microsoft.com/fwlink/p/?LinkId=232981)
-[App-V Whitepapers on the Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=231902) (http://go.microsoft.com/fwlink/p/?LinkId=231902)
-[App-V 5.0 eBooks](http://go.microsoft.com/fwlink/p/?LinkId=309570) (http://go.microsoft.com/fwlink/p/?LinkId=309570)
+[SoftGrid](https://go.microsoft.com/fwlink/p/?LinkId=232981) (https://go.microsoft.com/fwlink/p/?LinkId=232981)
+[App-V Whitepapers on the Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=231902) (https://go.microsoft.com/fwlink/p/?LinkId=231902)
+[App-V 5.0 eBooks](https://go.microsoft.com/fwlink/p/?LinkId=309570) (https://go.microsoft.com/fwlink/p/?LinkId=309570)
Microsoft BitLocker Administration and Monitoring (MBAM) provides an administrative interface to enterprise-wide BitLocker drive encryption. |
[Microsoft BitLocker Administration and Monitoring 2.5](mbam-v25/index.md)
-[MBAM 2.5 Video Demonstration: Deploying MBAM 2.5](http://go.microsoft.com/fwlink/?LinkId=518206) (http://go.microsoft.com/fwlink/?LinkId=518206)
+[MBAM 2.5 Video Demonstration: Deploying MBAM 2.5](https://go.microsoft.com/fwlink/?LinkId=518206) (https://go.microsoft.com/fwlink/?LinkId=518206)
[About MBAM 2.5 SP1](mbam-v25/about-mbam-25-sp1.md)
[About MBAM 2.0 SP1](mbam-v2/about-mbam-20-sp1.md)
[Microsoft BitLocker Administration and Monitoring 2 Administrator's Guide](mbam-v2/index.md)
[Microsoft BitLocker Administration and Monitoring 1 Administrator's Guide](mbam-v1/index.md)
-[MBAM Whitepapers on the Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=231905) (http://go.microsoft.com/fwlink/p/?LinkId=231905)
-[MBAM 1.0 eBooks](http://go.microsoft.com/fwlink/p/?LinkId=309571) (http://go.microsoft.com/fwlink/p/?LinkId=309571) |
+[MBAM Whitepapers on the Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=231905) (https://go.microsoft.com/fwlink/p/?LinkId=231905)
+[MBAM 1.0 eBooks](https://go.microsoft.com/fwlink/p/?LinkId=309571) (https://go.microsoft.com/fwlink/p/?LinkId=309571)
Microsoft Diagnostics and Recovery Toolset (DaRT) helps troubleshoot and repair Windows-based computers.
@@ -82,15 +82,15 @@ The following table provides links to the product documentation for the MDOP pro
[About DaRT 8.0 SP1](dart-v8/about-dart-80-sp1.md)
[Diagnostics and Recovery Toolset 8 Administrator's Guide](dart-v8/index.md)
[Diagnostics and Recovery Toolset 7 Administrator's Guide](dart-v7/index.md)
-[DaRT 6.5](http://go.microsoft.com/fwlink/p/?LinkId=232983) (http://go.microsoft.com/fwlink/p/?LinkId=232983)
-[DaRT Whitepapers on the Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=232274) (http://go.microsoft.com/fwlink/p/?LinkId=232274)
-[DaRT 8.0 eBook](http://go.microsoft.com/fwlink/p/?LinkId=309573) (http://go.microsoft.com/fwlink/p/?LinkId=309573)
-[DaRT 7.0 eBook](http://go.microsoft.com/fwlink/p/?LinkId=309572) (http://go.microsoft.com/fwlink/p/?LinkId=309572) |
+[DaRT 6.5](https://go.microsoft.com/fwlink/p/?LinkId=232983) (https://go.microsoft.com/fwlink/p/?LinkId=232983)
+[DaRT Whitepapers on the Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=232274) (https://go.microsoft.com/fwlink/p/?LinkId=232274)
+[DaRT 8.0 eBook](https://go.microsoft.com/fwlink/p/?LinkId=309573) (https://go.microsoft.com/fwlink/p/?LinkId=309573)
+[DaRT 7.0 eBook](https://go.microsoft.com/fwlink/p/?LinkId=309572) (https://go.microsoft.com/fwlink/p/?LinkId=309572)
Microsoft Desktop Enterprise Monitoring (DEM) monitors and reports enterprise-wide desktop application and system failures. |
-[DEM 3.5](http://go.microsoft.com/fwlink/p/?LinkId=232985) (http://go.microsoft.com/fwlink/p/?LinkId=232985)
-[DEM Whitepapers on the Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=232276) (http://go.microsoft.com/fwlink/p/?LinkId=232276) |
+[DEM 3.5](https://go.microsoft.com/fwlink/p/?LinkId=232985) (https://go.microsoft.com/fwlink/p/?LinkId=232985)
+[DEM Whitepapers on the Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=232276) (https://go.microsoft.com/fwlink/p/?LinkId=232276) |
Microsoft Enterprise Desktop Virtualization (MED-V) uses Microsoft Virtual PC to provide an enterprise solution for desktop virtualization.
@@ -100,7 +100,7 @@ The following table provides links to the product documentation for the MDOP pro
| [Microsoft Enterprise Desktop Virtualization 2.0](medv-v2/index.md)
[About MED-V 1.0 SP1](medv-v1/about-med-v-10-sp1.md)
[Microsoft Enterprise Desktop Virtualization 1.0](medv-v1/index.md)
-[MED-V Whitepapers on the Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=231903) (http://go.microsoft.com/fwlink/p/?LinkId=231903) |
+[MED-V Whitepapers on the Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=231903) (https://go.microsoft.com/fwlink/p/?LinkId=231903)
Microsoft User Experience Virtualization (UE-V) captures settings to apply to computers accessed by the user including desktop computers, laptop computers, and VDI sessions. |
@@ -110,7 +110,7 @@ The following table provides links to the product documentation for the MDOP pro
[What's New in UE-V 2.0](uev-v2/whats-new-in-ue-v-20-new-uevv2.md)
[About User Experience Virtualization 1.0 SP1](uev-v1/about-user-experience-virtualization-10-sp1.md)
[Microsoft User Experience Virtualization (UE-V) 1.0](uev-v1/index.md)
-[UE-V 1.0 eBooks](http://go.microsoft.com/fwlink/p/?LinkId=309574) (http://go.microsoft.com/fwlink/p/?LinkId=309574)
+[UE-V 1.0 eBooks](https://go.microsoft.com/fwlink/p/?LinkId=309574) (https://go.microsoft.com/fwlink/p/?LinkId=309574)
[MDOP Solutions and Scenarios](solutions/index.md) |
@@ -138,20 +138,20 @@ In addition to the product documentation available online, supplemental product
MDOP Videos |
-For a list of available MDOP videos, go to [Microsoft Desktop Optimization Pack Technologies Videos](http://go.microsoft.com/fwlink/p/?LinkId=234275) (http://go.microsoft.com/fwlink/p/?LinkId=234275). |
+For a list of available MDOP videos, go to [Microsoft Desktop Optimization Pack Technologies Videos](https://go.microsoft.com/fwlink/p/?LinkId=234275) (https://go.microsoft.com/fwlink/p/?LinkId=234275). |
MDOP Virtual Labs |
-For a list of available MDOP virtual labs, go to [Microsoft Desktop Optimization Pack (MDOP) Virtual Labs](http://go.microsoft.com/fwlink/p/?LinkId=234276) (http://go.microsoft.com/fwlink/p/?LinkId=234276). |
+For a list of available MDOP virtual labs, go to [Microsoft Desktop Optimization Pack (MDOP) Virtual Labs](https://go.microsoft.com/fwlink/p/?LinkId=234276) (https://go.microsoft.com/fwlink/p/?LinkId=234276). |
MDOP TechCenter |
-For technical whitepapers, evaluation materials, blogs, and additional MDOP resources, go to [MDOP TechCenter](http://go.microsoft.com/fwlink/p/?LinkId=225286) (http://go.microsoft.com/fwlink/p/?LinkId=225286)
+ | For technical whitepapers, evaluation materials, blogs, and additional MDOP resources, go to [MDOP TechCenter](https://go.microsoft.com/fwlink/p/?LinkId=225286) (https://go.microsoft.com/fwlink/p/?LinkId=225286)
|
MDOP Forums |
-Join in the MDOP community where you can ask and answer questions at the [MDOP TechNet Forum](http://go.microsoft.com/fwlink/p/?LinkId=286973) (http://go.microsoft.com/fwlink/p/?LinkId=286973). |
+Join in the MDOP community where you can ask and answer questions at the [MDOP TechNet Forum](https://go.microsoft.com/fwlink/p/?LinkId=286973) (https://go.microsoft.com/fwlink/p/?LinkId=286973). |
@@ -167,7 +167,7 @@ MDOP is a suite of products that can help streamline desktop deployment, managem
MDOP is also available for test and evaluation to [MSDN](http://msdn.microsoft.com/subscriptions/downloads/default.aspx?PV=42:178) and [TechNet](http://technet.microsoft.com/subscriptions/downloads/default.aspx?PV=42:178) subscribers in accordance with MDSN and TechNet agreements.
**Download MDOP**
-MDOP subscribers can download the software at the [Microsoft Volume Licensing website (MVLS)](http://go.microsoft.com/fwlink/p/?LinkId=166331).
+MDOP subscribers can download the software at the [Microsoft Volume Licensing website (MVLS)](https://go.microsoft.com/fwlink/p/?LinkId=166331).
**Purchase MDOP**
Visit the enterprise [Purchase Windows Enterprise Licensing](http://www.microsoft.com/windows/enterprise/how-to-buy.aspx) website to find out how to purchase MDOP for your business.
diff --git a/mdop/mbam-v1/about-mbam-10.md b/mdop/mbam-v1/about-mbam-10.md
index f4c118ca23..e2ef22c1fb 100644
--- a/mdop/mbam-v1/about-mbam-10.md
+++ b/mdop/mbam-v1/about-mbam-10.md
@@ -18,7 +18,7 @@ Microsoft BitLocker Administration and Monitoring (MBAM) provides a simplified a
With Microsoft BitLocker Administration and Monitoring, you can select the BitLocker encryption policy options that are appropriate for your enterprise so that you can monitor the client compliance with those policies and then report the encryption status of both the enterprise and individual computers. In addition, you can access recovery key information when users forget their PIN or password or when their BIOS or boot record changes.
**Note**
-BitLocker is not covered in detail in this guide. For an overview of BitLocker, see [BitLocker Drive Encryption Overview](http://go.microsoft.com/fwlink/p/?LinkId=225013).
+BitLocker is not covered in detail in this guide. For an overview of BitLocker, see [BitLocker Drive Encryption Overview](https://go.microsoft.com/fwlink/p/?LinkId=225013).
diff --git a/mdop/mbam-v1/accessibility-for-mbam-10.md b/mdop/mbam-v1/accessibility-for-mbam-10.md
index 4f7f4dbc5b..8b435e8c20 100644
--- a/mdop/mbam-v1/accessibility-for-mbam-10.md
+++ b/mdop/mbam-v1/accessibility-for-mbam-10.md
@@ -63,7 +63,7 @@ For information about the availability of Microsoft product documentation and bo
(609) 987-8116 |
-[http://www.learningally.org/](http://go.microsoft.com/fwlink/?linkid=239) |
+[http://www.learningally.org/](https://go.microsoft.com/fwlink/?linkid=239) |
Web addresses can change, so you might be unable to connect to the website or sites mentioned here. |
@@ -85,7 +85,7 @@ Microsoft Support Services are subject to the prices, terms, and conditions in p
## For More Information
-For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](http://go.microsoft.com/fwlink/?linkid=8431).
+For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](https://go.microsoft.com/fwlink/?linkid=8431).
## Related topics
diff --git a/mdop/mbam-v1/deploying-the-mbam-10-server-infrastructure.md b/mdop/mbam-v1/deploying-the-mbam-10-server-infrastructure.md
index f125457210..69969978ba 100644
--- a/mdop/mbam-v1/deploying-the-mbam-10-server-infrastructure.md
+++ b/mdop/mbam-v1/deploying-the-mbam-10-server-infrastructure.md
@@ -13,7 +13,7 @@ ms.prod: w8
# Deploying the MBAM 1.0 Server Infrastructure
-You can install Microsoft BitLocker Administration and Monitoring (MBAM) Server features in different configurations by using one to five servers. Generally, you should use a configuration of three to five servers for production environments, depending on your scalability needs. For more information about performance scalability of MBAM and recommended deployment topologies, see the [MBAM Scalability and High-Availability Guide White Paper](http://go.microsoft.com/fwlink/p/?LinkId=258314).
+You can install Microsoft BitLocker Administration and Monitoring (MBAM) Server features in different configurations by using one to five servers. Generally, you should use a configuration of three to five servers for production environments, depending on your scalability needs. For more information about performance scalability of MBAM and recommended deployment topologies, see the [MBAM Scalability and High-Availability Guide White Paper](https://go.microsoft.com/fwlink/p/?LinkId=258314).
## Deploy all MBAM 1.0 on a single server
diff --git a/mdop/mbam-v1/evaluating-mbam-10.md b/mdop/mbam-v1/evaluating-mbam-10.md
index b78e64d267..0b462a18f1 100644
--- a/mdop/mbam-v1/evaluating-mbam-10.md
+++ b/mdop/mbam-v1/evaluating-mbam-10.md
@@ -69,7 +69,7 @@ BACKUP CERTIFICATE tdeCert TO FILE = 'C:\Backup\TDECertificate.cer'
ENCRYPTION BY PASSWORD = 'P@55w0rd');
GO
[MBAM 1.0 Deployment Prerequisites](mbam-10-deployment-prerequisites.md)
-[Database Encryption in SQL Server 2008 Enterprise Edition](http://go.microsoft.com/fwlink/?LinkId=269703) |
+[Database Encryption in SQL Server 2008 Enterprise Edition](https://go.microsoft.com/fwlink/?LinkId=269703)
|
diff --git a/mdop/mbam-v1/getting-started-with-mbam-10.md b/mdop/mbam-v1/getting-started-with-mbam-10.md
index 628a1b8928..ac95a2fb22 100644
--- a/mdop/mbam-v1/getting-started-with-mbam-10.md
+++ b/mdop/mbam-v1/getting-started-with-mbam-10.md
@@ -15,14 +15,14 @@ ms.prod: w8
Microsoft BitLocker Administration and Monitoring (MBAM) requires thorough planning before you deploy it or use its features. Because this product can affect every computer in your organization, you might disrupt your entire network if you do not plan your deployment carefully. However, if you plan your deployment carefully and manage it so that it meets your business needs, MBAM can help reduce your administrative overhead and total cost of ownership.
-If you are new to this product, we recommend that you read the documentation thoroughly. Before you deploy it to a production environment, we also recommend that you validate your deployment plan in a test network environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at .
+If you are new to this product, we recommend that you read the documentation thoroughly. Before you deploy it to a production environment, we also recommend that you validate your deployment plan in a test network environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at .
**Note**
-You can find a downloadable version of this documentation and the MBAM Evaluation Guide at .
+You can find a downloadable version of this documentation and the MBAM Evaluation Guide at .
-This section of the MBAM Administrator’s Guide includes high-level information about MBAM to provide you with a basic understanding of the product before you begin the deployment planning. Additional MBAM documentation can be found on the MBAM Documentation Resources Download page at .
+This section of the MBAM Administrator’s Guide includes high-level information about MBAM to provide you with a basic understanding of the product before you begin the deployment planning. Additional MBAM documentation can be found on the MBAM Documentation Resources Download page at .
## Getting started with MBAM 1.0
diff --git a/mdop/mbam-v1/high-availability-for-mbam-10.md b/mdop/mbam-v1/high-availability-for-mbam-10.md
index 2fdfbd6599..38b2537dc6 100644
--- a/mdop/mbam-v1/high-availability-for-mbam-10.md
+++ b/mdop/mbam-v1/high-availability-for-mbam-10.md
@@ -32,11 +32,11 @@ When you plan your MBAM installation, consider the following concerns that can a
The main concern for MBAM high availability is BitLocker key recovery availability. If the help desk cannot provide recovery keys, users who are locked out cannot unlock their computers. To avoid this problem, consider implementing redundant web servers and databases to ensure high availability.
-For more information about MBAM scalability and high availability, see the [MBAM Scalability White Paper](http://go.microsoft.com/fwlink/p/?LinkId=229025) (http://go.microsoft.com/fwlink/p/?LinkId=229025).
+For more information about MBAM scalability and high availability, see the [MBAM Scalability White Paper](https://go.microsoft.com/fwlink/p/?LinkId=229025) (https://go.microsoft.com/fwlink/p/?LinkId=229025).
-For general guidance on high availability for Microsoft SQL Server, see [High Availability](http://go.microsoft.com/fwlink/p/?LinkId=221504) (http://go.microsoft.com/fwlink/p/?LinkId=221504).
+For general guidance on high availability for Microsoft SQL Server, see [High Availability](https://go.microsoft.com/fwlink/p/?LinkId=221504) (https://go.microsoft.com/fwlink/p/?LinkId=221504).
-For general guidance on availability and scalability for web servers, see [Availability and Scalability](http://go.microsoft.com/fwlink/p/?LinkId=221503) (http://go.microsoft.com/fwlink/p/?LinkId=221503).
+For general guidance on availability and scalability for web servers, see [Availability and Scalability](https://go.microsoft.com/fwlink/p/?LinkId=221503) (https://go.microsoft.com/fwlink/p/?LinkId=221503).
## Related topics
diff --git a/mdop/mbam-v1/high-level-architecture-for-mbam-10.md b/mdop/mbam-v1/high-level-architecture-for-mbam-10.md
index 57d66ff003..25af4e0a30 100644
--- a/mdop/mbam-v1/high-level-architecture-for-mbam-10.md
+++ b/mdop/mbam-v1/high-level-architecture-for-mbam-10.md
@@ -15,7 +15,7 @@ ms.prod: w8
Microsoft BitLocker Administration and Monitoring (MBAM) is a client/server data encryption solution that can help you simplify BitLocker provisioning and deployment, improve BitLocker compliance and reporting, and reduce support costs. MBAM includes the features that are described in this topic.
-Additionally, there is a video that provides an overview of the MBAM architecture and MBAM Setup. For more information, see [MBAM Deployment and Architecture Overview](http://go.microsoft.com/fwlink/p/?LinkId=258392).
+Additionally, there is a video that provides an overview of the MBAM architecture and MBAM Setup. For more information, see [MBAM Deployment and Architecture Overview](https://go.microsoft.com/fwlink/p/?LinkId=258392).
## Architecture Overview
diff --git a/mdop/mbam-v1/how-to-configure-network-load-balancing-for-mbam.md b/mdop/mbam-v1/how-to-configure-network-load-balancing-for-mbam.md
index 4eccfd6064..1cc7c2b4b0 100644
--- a/mdop/mbam-v1/how-to-configure-network-load-balancing-for-mbam.md
+++ b/mdop/mbam-v1/how-to-configure-network-load-balancing-for-mbam.md
@@ -47,7 +47,7 @@ The following steps describe how to configure an NLB cluster virtual name and IP
Before you begin the procedures described in this topic, you must have the MBAM Administration and Monitoring Server feature successfully installed by using the same IIS port binding on two separate server computers that meet the prerequisites for both MBAM Server feature installation and NLB Cluster configuration.
**Note**
-This topic describes the basic process of using Network Load Balancing Manager to create an NLB Cluster. The exact steps to configure a Windows Server as part of an NLB cluster depend on the Windows Server version in use.. For more information about how to create NLBs on Windows Server 2008, see [Creating Network Load Balancing Clusters](http://go.microsoft.com/fwlink/?LinkId=197176) in the Windows Server 2008 TechNet library.
+This topic describes the basic process of using Network Load Balancing Manager to create an NLB Cluster. The exact steps to configure a Windows Server as part of an NLB cluster depend on the Windows Server version in use.. For more information about how to create NLBs on Windows Server 2008, see [Creating Network Load Balancing Clusters](https://go.microsoft.com/fwlink/?LinkId=197176) in the Windows Server 2008 TechNet library.
diff --git a/mdop/mbam-v1/index.md b/mdop/mbam-v1/index.md
index 22a039ab4b..e1d4cafd4f 100644
--- a/mdop/mbam-v1/index.md
+++ b/mdop/mbam-v1/index.md
@@ -38,11 +38,11 @@ Microsoft BitLocker Administration and Monitoring (MBAM) provides a simplified a
[Release Notes for MBAM 1.0](release-notes-for-mbam-10.md)
View updated product information and known issues for MBAM 1.0.
-[MDOP TechCenter Page](http://go.microsoft.com/fwlink/p/?LinkId=225286)
+[MDOP TechCenter Page](https://go.microsoft.com/fwlink/p/?LinkId=225286)
Learn about the latest MDOP information and resources.
-[MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032)
-Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28http://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28http://go.microsoft.com/fwlink/p/?LinkId=242447).
+[MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032)
+Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28https://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28https://go.microsoft.com/fwlink/p/?LinkId=242447).
diff --git a/mdop/mbam-v1/known-issues-in-the-mbam-international-release-mbam-1.md b/mdop/mbam-v1/known-issues-in-the-mbam-international-release-mbam-1.md
index 4f8f3f7279..389a47b9e9 100644
--- a/mdop/mbam-v1/known-issues-in-the-mbam-international-release-mbam-1.md
+++ b/mdop/mbam-v1/known-issues-in-the-mbam-international-release-mbam-1.md
@@ -32,7 +32,7 @@ If you are using a certificate for authentication between MBAM servers, after up
### MBAM Svclog File Filling Disk Space
-If you have followed Knowledge Base article 2668170, [http://support.microsoft.com/kb/2668170](http://go.microsoft.com/fwlink/?LinkID=247277), you might have to repeat the KB steps after you install this update.
+If you have followed Knowledge Base article 2668170, [http://support.microsoft.com/kb/2668170](https://go.microsoft.com/fwlink/?LinkID=247277), you might have to repeat the KB steps after you install this update.
**Workaround**: None.
diff --git a/mdop/mbam-v1/maintaining-mbam-10.md b/mdop/mbam-v1/maintaining-mbam-10.md
index edbecc6098..d0fc680506 100644
--- a/mdop/mbam-v1/maintaining-mbam-10.md
+++ b/mdop/mbam-v1/maintaining-mbam-10.md
@@ -22,7 +22,7 @@ The Microsoft System Center Operations Manager Management Pack for MBAM is a
This management pack monitors the critical interactions in the server-side infrastructure, such as the connections between the web services and databases and the operational calls between websites and their supportive web service. It also uploads the requests between desktop clients and their respective receiving web service endpoints.
-[Microsoft BitLocker Administration And Monitoring Management Pack](http://go.microsoft.com/fwlink/p/?LinkId=258390)
+[Microsoft BitLocker Administration And Monitoring Management Pack](https://go.microsoft.com/fwlink/p/?LinkId=258390)
## Ensure high availability for MBAM 1.0
diff --git a/mdop/mbam-v1/mbam-10-supported-configurations.md b/mdop/mbam-v1/mbam-10-supported-configurations.md
index 556ee45582..f460c7240a 100644
--- a/mdop/mbam-v1/mbam-10-supported-configurations.md
+++ b/mdop/mbam-v1/mbam-10-supported-configurations.md
@@ -23,7 +23,7 @@ This topic specifies the necessary requirements to install and run Microsoft Bit
The following table lists the operating systems that are supported for the Microsoft BitLocker Administration and Monitoring Server installation.
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/p/?LinkId=31976).
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/p/?LinkId=31976).
@@ -132,7 +132,7 @@ The following table lists the SQL Server versions that are supported for the MB
The following table lists the operating systems that are supported for MBAM Client installation.
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/p/?LinkId=31976).
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/p/?LinkId=31976).
diff --git a/mdop/mbam-v1/planning-for-mbam-10-server-deployment.md b/mdop/mbam-v1/planning-for-mbam-10-server-deployment.md
index b151537b84..2a75bde0f1 100644
--- a/mdop/mbam-v1/planning-for-mbam-10-server-deployment.md
+++ b/mdop/mbam-v1/planning-for-mbam-10-server-deployment.md
@@ -31,7 +31,7 @@ The following MBAM features represent the server infrastructure for an MBAM serv
MBAM server databases and features can be installed in different configurations, depending on your scalability needs. All MBAM Server features can be installed on a single server or distributed across multiple servers. Generally, we recommend that you use a three-server or five-server configuration for production environments, although configurations of two or four servers can also be used, depending on your computing needs.
**Note**
-For more information about performance scalability of MBAM and recommended deployment topologies, see the MBAM Scalability and High-Availability Guide white paper at .
+For more information about performance scalability of MBAM and recommended deployment topologies, see the MBAM Scalability and High-Availability Guide white paper at .
diff --git a/mdop/mbam-v1/release-notes-for-mbam-10.md b/mdop/mbam-v1/release-notes-for-mbam-10.md
index 9cfa0fa3f5..5a2becc998 100644
--- a/mdop/mbam-v1/release-notes-for-mbam-10.md
+++ b/mdop/mbam-v1/release-notes-for-mbam-10.md
@@ -24,7 +24,7 @@ These release notes contain information that is required to successfully install
For information about MBAM documentation, see the MBAM home page on Microsoft TechNet.
-To obtain a downloadable copy of the MBAM documentation, see on the Microsoft Download Center.
+To obtain a downloadable copy of the MBAM documentation, see on the Microsoft Download Center.
## Provide Feedback
@@ -36,9 +36,9 @@ This email address is not a support channel, but your feedback will help us to p
-For the latest information about MDOP and additional learning resources, see the [MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032) page.
+For the latest information about MDOP and additional learning resources, see the [MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032) page.
-For more information about new updates or to provide feedback, follow us on [Facebook](http://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](http://go.microsoft.com/fwlink/p/?LinkId=242447).
+For more information about new updates or to provide feedback, follow us on [Facebook](https://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](https://go.microsoft.com/fwlink/p/?LinkId=242447).
## Known Issues with MBAM 1.0
diff --git a/mdop/mbam-v1/security-considerations-for-mbam-10.md b/mdop/mbam-v1/security-considerations-for-mbam-10.md
index ec5c69ad30..18fd7f3ded 100644
--- a/mdop/mbam-v1/security-considerations-for-mbam-10.md
+++ b/mdop/mbam-v1/security-considerations-for-mbam-10.md
@@ -22,9 +22,9 @@ This topic contains a brief overview of the accounts and groups, log files, and
**Physically secure your computers**. Security is incomplete without physical security. Anyone with physical access to an MBAM Server could potentially attack the entire client base. Any potential physical attacks must be considered high risk and mitigated appropriately. MBAM servers should be stored in a physically secure server room with controlled access. Secure these computers when administrators are not physically present by having the operating system lock the computer, or by using a secured screen saver.
-**Apply the most recent security updates to all computers**. Stay informed about new updates for operating systems, Microsoft SQL Server, and MBAM by subscribing to the Security Notification service ().
+**Apply the most recent security updates to all computers**. Stay informed about new updates for operating systems, Microsoft SQL Server, and MBAM by subscribing to the Security Notification service ().
-**Use strong passwords or pass phrases**. Always use strong passwords with 15 or more characters for all MBAM and MBAM administrator accounts. Never use blank passwords. For more information about password concepts, see the “Account Passwords and Policies” white paper on TechNet ().
+**Use strong passwords or pass phrases**. Always use strong passwords with 15 or more characters for all MBAM and MBAM administrator accounts. Never use blank passwords. For more information about password concepts, see the “Account Passwords and Policies” white paper on TechNet ().
## Accounts and Groups in MBAM
@@ -186,7 +186,7 @@ When TDE is enabled on a database, all backups are encrypted. Thus, special care
For an example of how to enable TDE for MBAM database instances, see [Evaluating MBAM 1.0](evaluating-mbam-10.md).
-For more information about TDE in SQL Server 2008, see [Database Encryption in SQL Server 2008 Enterprise Edition](http://go.microsoft.com/fwlink/?LinkId=269703).
+For more information about TDE in SQL Server 2008, see [Database Encryption in SQL Server 2008 Enterprise Edition](https://go.microsoft.com/fwlink/?LinkId=269703).
## Related topics
diff --git a/mdop/mbam-v1/troubleshooting-mbam-10.md b/mdop/mbam-v1/troubleshooting-mbam-10.md
index 31b1dd1859..4a1a361b48 100644
--- a/mdop/mbam-v1/troubleshooting-mbam-10.md
+++ b/mdop/mbam-v1/troubleshooting-mbam-10.md
@@ -13,7 +13,7 @@ ms.prod: w8
# Troubleshooting MBAM 1.0
-Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905).
+Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905).
## How to Find Troubleshooting Content
@@ -28,7 +28,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the MDOP product documentation**
-1. Use a web browser to navigate to the [MDOP Information Experience](http://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
+1. Use a web browser to navigate to the [MDOP Information Experience](https://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
2. Enter applicable search terms in the **Search TechNet with Bing** search box at the top of the MDOP Information Experience home page.
@@ -36,7 +36,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the TechNet Wiki**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Enter applicable search terms in the **Search TechNet Wiki** search box on the TechNet Wiki home page.
@@ -49,7 +49,7 @@ If you have a troubleshooting tip or a best practice to share that is not alread
**To create a TechNet Wiki troubleshooting or best practices article**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Log in with your Windows Live ID.
diff --git a/mdop/mbam-v2/about-mbam-20-mbam-2.md b/mdop/mbam-v2/about-mbam-20-mbam-2.md
index ff196a4897..6a57731b36 100644
--- a/mdop/mbam-v2/about-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/about-mbam-20-mbam-2.md
@@ -21,7 +21,7 @@ Microsoft BitLocker Administration and Monitoring (MBAM) 2.0 provides a simpl
BitLocker Administration and Monitoring 2.0 enforces the BitLocker encryption policy options that you set for your enterprise, monitors the compliance of client computers with those policies, and reports on the encryption status of both the enterprise and the individual computers. In addition, MBAM lets you access the recovery key information when users forget their PIN or password, or when their BIOS or boot record changes.
**Note**
-BitLocker is not covered in detail in this guide. For an overview of BitLocker, see [BitLocker Drive Encryption Overview](http://go.microsoft.com/fwlink/p/?LinkId=225013).
+BitLocker is not covered in detail in this guide. For an overview of BitLocker, see [BitLocker Drive Encryption Overview](https://go.microsoft.com/fwlink/p/?LinkId=225013).
@@ -94,7 +94,7 @@ For more information, and for late-breaking news that is not included in the doc
## How to Get MBAM 2.0
-This technology is a part of the Microsoft Desktop Optimization Pack (MDOP). Enterprise customers can get MDOP with Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP?](http://go.microsoft.com/fwlink/p/?LinkId=322049)
+This technology is a part of the Microsoft Desktop Optimization Pack (MDOP). Enterprise customers can get MDOP with Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP?](https://go.microsoft.com/fwlink/p/?LinkId=322049)
## Related topics
diff --git a/mdop/mbam-v2/about-mbam-20-sp1.md b/mdop/mbam-v2/about-mbam-20-sp1.md
index ed45a5ea60..48b81f4257 100644
--- a/mdop/mbam-v2/about-mbam-20-sp1.md
+++ b/mdop/mbam-v2/about-mbam-20-sp1.md
@@ -131,7 +131,7 @@ You can configure a localized version of the Self-Service Portal “HelpdeskText
2. In the **Actions** pane, click **Add** to open the **Add Application Setting** dialog box.
-3. In the **Name** field, type **HelpdeskText**\_<*language*>, where <*language*> is the appropriate language code for the text. For example, to create a localized HelpdeskText statement in Spanish, you would name the parameter HelpdeskText\_es-es. For a list of the valid language codes that you can use, see [National Language Support (NLS) API Reference](http://go.microsoft.com/fwlink/?LinkId=317947).
+3. In the **Name** field, type **HelpdeskText**\_<*language*>, where <*language*> is the appropriate language code for the text. For example, to create a localized HelpdeskText statement in Spanish, you would name the parameter HelpdeskText\_es-es. For a list of the valid language codes that you can use, see [National Language Support (NLS) API Reference](https://go.microsoft.com/fwlink/?LinkId=317947).
4. In the **Value** field, type the localized text that you want to display to end users.
@@ -145,7 +145,7 @@ You can configure a localized version of the Self-Service Portal HelpdeskURL to
2. In the **Actions** pane, click **Add** to open the **Add Application Setting** dialog box.
-3. In the **Name** field, type **HelpdeskURL**\_<*language*>, where <*language*> is the appropriate language code for the URL. For example, to create a localized HelpdeskURL in Spanish, you would name the parameter HelpdeskURL\_es-es. For a list of the valid language codes you can use, see [National Language Support (NLS) API Reference](http://go.microsoft.com/fwlink/?LinkId=317947).
+3. In the **Name** field, type **HelpdeskURL**\_<*language*>, where <*language*> is the appropriate language code for the URL. For example, to create a localized HelpdeskURL in Spanish, you would name the parameter HelpdeskURL\_es-es. For a list of the valid language codes you can use, see [National Language Support (NLS) API Reference](https://go.microsoft.com/fwlink/?LinkId=317947).
4. In the **Value** field, type the localized HelpdeskURL that you want to display to end users.
@@ -181,7 +181,7 @@ If an end user’s browser is set to a language that does not have a correspondi
<*MBAM Self-Service Install Directory*>\\Self Service Website\\
**Note**
- Some language folders already exist, so you may not have to create one. If you do need to create a language folder, see [National Language Support (NLS) API Reference](http://go.microsoft.com/fwlink/?LinkId=317947) for a list of the valid names that you can use for the <*language*> folder.
+ Some language folders already exist, so you may not have to create one. If you do need to create a language folder, see [National Language Support (NLS) API Reference](https://go.microsoft.com/fwlink/?LinkId=317947) for a list of the valid names that you can use for the <*language*> folder.
@@ -470,7 +470,7 @@ MBAM 2.0 SP1 is now available in the following languages:
## How to Get MDOP Technologies
-MBAM 2.0 SP1 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049) (http://go.microsoft.com/fwlink/?LinkId=322049).
+MBAM 2.0 SP1 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049).
## Related topics
diff --git a/mdop/mbam-v2/accessibility-for-mbam-20-mbam-2.md b/mdop/mbam-v2/accessibility-for-mbam-20-mbam-2.md
index 6dea99fe3f..0dcfc82b06 100644
--- a/mdop/mbam-v2/accessibility-for-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/accessibility-for-mbam-20-mbam-2.md
@@ -63,7 +63,7 @@ For information about the availability of Microsoft product documentation and bo
(609) 987-8116 |
-[http://www.learningally.org/](http://go.microsoft.com/fwlink/?linkid=239) |
+[http://www.learningally.org/](https://go.microsoft.com/fwlink/?linkid=239) |
Web addresses can change, so you might be unable to connect to the website or sites mentioned here. |
@@ -85,7 +85,7 @@ Microsoft Support Services are subject to the prices, terms, and conditions in p
## For More Information
-For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](http://go.microsoft.com/fwlink/?linkid=8431).
+For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](https://go.microsoft.com/fwlink/?linkid=8431).
## Related topics
diff --git a/mdop/mbam-v2/deploying-mbam-with-configuration-manager-mbam2.md b/mdop/mbam-v2/deploying-mbam-with-configuration-manager-mbam2.md
index 67727acd97..d4c943d507 100644
--- a/mdop/mbam-v2/deploying-mbam-with-configuration-manager-mbam2.md
+++ b/mdop/mbam-v2/deploying-mbam-with-configuration-manager-mbam2.md
@@ -17,7 +17,7 @@ The following procedures describe how to deploy Microsoft BitLocker Administrati
Before you start the installation, ensure that you have met the prerequisites and hardware and software requirements for installing MBAM with Configuration Manager by reviewing [Planning to Deploy MBAM with Configuration Manager](planning-to-deploy-mbam-with-configuration-manager-2.md).
-If you ever have to reinstall MBAM with the Configuration Manager topology, you will need to remove certain Configuration Manager objects first. Read the [Knowledge Base article](http://go.microsoft.com/fwlink/?LinkId=286306) for more information.
+If you ever have to reinstall MBAM with the Configuration Manager topology, you will need to remove certain Configuration Manager objects first. Read the [Knowledge Base article](https://go.microsoft.com/fwlink/?LinkId=286306) for more information.
The steps to install MBAM with Configuration Manager are grouped into the following categories. Complete the steps for each category to complete the installation.
diff --git a/mdop/mbam-v2/getting-started-with-mbam-20-mbam-2.md b/mdop/mbam-v2/getting-started-with-mbam-20-mbam-2.md
index 8f6e2c1019..87b442cc09 100644
--- a/mdop/mbam-v2/getting-started-with-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/getting-started-with-mbam-20-mbam-2.md
@@ -15,9 +15,9 @@ ms.prod: w8
Microsoft BitLocker Administration and Monitoring (MBAM) 2.0 requires thorough planning before you deploy it or use its features. Because this product can affect every computer in your organization, you might disrupt your entire network if you do not plan your deployment carefully. However, if you plan your deployment carefully and manage it so that it meets your business requirements, BitLocker Administration and Monitoring 2.0 can help reduce your administrative overhead and total cost of ownership.
-If you are new to this product, we recommend that you read the documentation carefully. To get the MBAM software, see [How Do I Get MDOP?](http://go.microsoft.com/fwlink/p/?LinkId=322049). Before you deploy MBAM to a production environment, we also recommend that you validate your deployment plan in a test environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at .
+If you are new to this product, we recommend that you read the documentation carefully. To get the MBAM software, see [How Do I Get MDOP?](https://go.microsoft.com/fwlink/p/?LinkId=322049). Before you deploy MBAM to a production environment, we also recommend that you validate your deployment plan in a test environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at .
-This section of the MBAM 2.0 Administrator’s Guide includes high-level information about MBAM 2.0 to provide a basic understanding of the product before you begin to plan deployment. For specific information about deploying MBAM with the Configuration Manager integrated topology, see [Using MBAM with Configuration Manager](using-mbam-with-configuration-manager.md). You can find additional MBAM documentation on the Microsoft BitLocker Administration and Monitoring (MBAM) Documentation Resources Download Page at .
+This section of the MBAM 2.0 Administrator’s Guide includes high-level information about MBAM 2.0 to provide a basic understanding of the product before you begin to plan deployment. For specific information about deploying MBAM with the Configuration Manager integrated topology, see [Using MBAM with Configuration Manager](using-mbam-with-configuration-manager.md). You can find additional MBAM documentation on the Microsoft BitLocker Administration and Monitoring (MBAM) Documentation Resources Download Page at .
## Getting Started with MBAM 2.0
diff --git a/mdop/mbam-v2/how-to-install-and-configure-mbam-on-distributed-servers-mbam-2.md b/mdop/mbam-v2/how-to-install-and-configure-mbam-on-distributed-servers-mbam-2.md
index 9558074f46..7c31fda4ef 100644
--- a/mdop/mbam-v2/how-to-install-and-configure-mbam-on-distributed-servers-mbam-2.md
+++ b/mdop/mbam-v2/how-to-install-and-configure-mbam-on-distributed-servers-mbam-2.md
@@ -137,7 +137,7 @@ The following steps describe how to install general MBAM features.
-10. To optionally register a Service Principal Name (SPN) for the Self-Service Portal, select **Register this machine’s Service Principal Names (SPN) with Active Directory (Required for Windows Authentication)**. If you select this check box, MBAM Setup will not try to register the existing SPNs, and you can manually register the SPN before or after the MBAM installation. For instructions on registering the SPN manually, see [Manual SPN Registration](http://go.microsoft.com/fwlink/?LinkId=286758).
+10. To optionally register a Service Principal Name (SPN) for the Self-Service Portal, select **Register this machine’s Service Principal Names (SPN) with Active Directory (Required for Windows Authentication)**. If you select this check box, MBAM Setup will not try to register the existing SPNs, and you can manually register the SPN before or after the MBAM installation. For instructions on registering the SPN manually, see [Manual SPN Registration](https://go.microsoft.com/fwlink/?LinkId=286758).
11. Click **Next** to continue with the Microsoft BitLocker Administration and Monitoring Setup wizard.
@@ -160,13 +160,13 @@ The following steps describe how to install general MBAM features.
2. Download the four JavaScript files from the Microsoft CDN:
- - jQuery-1.7.2.min.js - [http://go.microsoft.com/p/fwlink/?LinkID=271736](http://go.microsoft.com/fwlink/p/?LinkID=271736)
+ - jQuery-1.7.2.min.js - [https://go.microsoft.com/p/fwlink/?LinkID=271736](https://go.microsoft.com/fwlink/p/?LinkID=271736)
- - MicrosoftAjax.js –[http://go.microsoft.com/p/fwlink/?LinkId=272283](http://go.microsoft.com/fwlink/p/?LinkId=272283)
+ - MicrosoftAjax.js –[https://go.microsoft.com/p/fwlink/?LinkId=272283](https://go.microsoft.com/fwlink/p/?LinkId=272283)
- - MicrosoftMvcAjax.js - [http://go.microsoft.com/p/fwlink/?LinkId=272284](http://go.microsoft.com/fwlink/p/?LinkId=272284)
+ - MicrosoftMvcAjax.js - [https://go.microsoft.com/p/fwlink/?LinkId=272284](https://go.microsoft.com/fwlink/p/?LinkId=272284)
- - MicrosoftMvcValidation.js -
+ - MicrosoftMvcValidation.js -
3. Copy the JavaScript files to the **Scripts** directory of the Self-Service Portal. This directory is located in *<MBAM Self-Service Install Directory>\\*Self Service Website\\Scripts.
@@ -227,7 +227,7 @@ The following steps describe how to install general MBAM features.
-12. To optionally register a Service Principal Name (SPN) for the Self-Service Portal, select **Register this machine’s Service Principal Names (SPN) with Active Directory (Required for Windows Authentication)**. If you select this check box, MBAM Setup will not try to register the existing SPNs, and you can manually register the SPN before or after the MBAM installation. For instructions on registering the SPN manually, see [Manual SPN Registration](http://go.microsoft.com/fwlink/?LinkId=286758).
+12. To optionally register a Service Principal Name (SPN) for the Self-Service Portal, select **Register this machine’s Service Principal Names (SPN) with Active Directory (Required for Windows Authentication)**. If you select this check box, MBAM Setup will not try to register the existing SPNs, and you can manually register the SPN before or after the MBAM installation. For instructions on registering the SPN manually, see [Manual SPN Registration](https://go.microsoft.com/fwlink/?LinkId=286758).
13. Click **Next** to continue with the Microsoft BitLocker Administration and Monitoring Setup wizard.
diff --git a/mdop/mbam-v2/index.md b/mdop/mbam-v2/index.md
index 9b13be4d7f..6bb7ed3791 100644
--- a/mdop/mbam-v2/index.md
+++ b/mdop/mbam-v2/index.md
@@ -39,13 +39,13 @@ Microsoft BitLocker Administration and Monitoring (MBAM) 2.0 provides a simpl
View updated product information and known issues for MBAM 2.0.
-- [MDOP TechCenter Page](http://go.microsoft.com/fwlink/p/?LinkId=225286)
+- [MDOP TechCenter Page](https://go.microsoft.com/fwlink/p/?LinkId=225286)
Learn about the latest MDOP information and resources.
-- [MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032)
+- [MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032)
- Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28http://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28http://go.microsoft.com/fwlink/p/?LinkId=242447).
+ Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28https://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28https://go.microsoft.com/fwlink/p/?LinkId=242447).
diff --git a/mdop/mbam-v2/mbam-20-deployment-prerequisites-mbam-2.md b/mdop/mbam-v2/mbam-20-deployment-prerequisites-mbam-2.md
index 32629af033..ca28148a37 100644
--- a/mdop/mbam-v2/mbam-20-deployment-prerequisites-mbam-2.md
+++ b/mdop/mbam-v2/mbam-20-deployment-prerequisites-mbam-2.md
@@ -275,7 +275,7 @@ For a list of supported operating systems, see [MBAM 2.0 Supported Configuration
ASP.NET MVC 2.0 |
-[ASP.NET MVC 2 download](http://go.microsoft.com/fwlink/?LinkId=392270) |
+[ASP.NET MVC 2 download](https://go.microsoft.com/fwlink/?LinkId=392270) |
Web Service IIS Management Tools |
@@ -310,12 +310,12 @@ For a list of supported operating systems, see [MBAM 2.0 Supported Configuration
For more information, see the BIOS documentation. |
-Windows 8 clients only: To have MBAM store and manage the TPM recovery keys: TPM auto-provisioning must be turned off, and MBAM must be set as the owner of the TPM before you deploy MBAM. To turn off TPM auto-provisioning, see [Disable-TpmAutoProvisioning](http://go.microsoft.com/fwlink/?LinkId=286468).
+ | Windows 8 clients only: To have MBAM store and manage the TPM recovery keys: TPM auto-provisioning must be turned off, and MBAM must be set as the owner of the TPM before you deploy MBAM. To turn off TPM auto-provisioning, see [Disable-TpmAutoProvisioning](https://go.microsoft.com/fwlink/?LinkId=286468).
|
-To turn off TPM auto-provisioning, see [Disable-TpmAutoProvisioning](http://go.microsoft.com/fwlink/?LinkId=286468).
+ | To turn off TPM auto-provisioning, see [Disable-TpmAutoProvisioning](https://go.microsoft.com/fwlink/?LinkId=286468).
Note
Ensure that the keyboard, video, or mouse are directly connected and not managed through a keyboard, video, or mouse (KVM) switch. A KVM switch can interfere with the ability of the computer to detect the physical presence of hardware.
diff --git a/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md b/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md
index 3a51b59b37..10985c643c 100644
--- a/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md
+++ b/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md
@@ -68,7 +68,7 @@ Microsoft Error Reporting provides a service that allows you to report problems
**Information Collected, Processed, or Transmitted:**
-For information about the information collected, processed, or transmitted by Microsoft Error Reporting, see the Microsoft Error Reporting privacy statement at [http://go.microsoft.com](http://go.microsoft.com/fwlink/?LinkID=244395).
+For information about the information collected, processed, or transmitted by Microsoft Error Reporting, see the Microsoft Error Reporting privacy statement at [https://go.microsoft.com](https://go.microsoft.com/fwlink/?LinkID=244395).
**Use of Information:**
@@ -98,15 +98,15 @@ Microsoft Update is a service that provides Windows updates as well as updates f
**Information Collected, Processed, or Transmitted:**
-For details about what information is collected and how it is used, see the Update Services Privacy Statement at .
+For details about what information is collected and how it is used, see the Update Services Privacy Statement at .
**Use of Information:**
-For details about what information is collected and how it is used, see the Update Services Privacy Statement at .
+For details about what information is collected and how it is used, see the Update Services Privacy Statement at .
**Choice/Control:**
-For details about controlling this feature, see the Update Services Privacy Statement at .
+For details about controlling this feature, see the Update Services Privacy Statement at .
### Customer Experience Improvement Program
@@ -116,7 +116,7 @@ The Customer Experience Improvement Program (“CEIP”) collects basic informat
**Information Collected, Processed, or Transmitted:**
-For more information about the information collected, processed, or transmitted by CEIP, see the CEIP privacy statement at .
+For more information about the information collected, processed, or transmitted by CEIP, see the CEIP privacy statement at .
**Use of Information:**
diff --git a/mdop/mbam-v2/mbam-20-security-considerations-mbam-2.md b/mdop/mbam-v2/mbam-20-security-considerations-mbam-2.md
index 0215cbc294..49e3c18cf1 100644
--- a/mdop/mbam-v2/mbam-20-security-considerations-mbam-2.md
+++ b/mdop/mbam-v2/mbam-20-security-considerations-mbam-2.md
@@ -22,9 +22,9 @@ This topic contains a brief overview about the accounts and groups, log files, a
**Physically secure your computers**. There is no security without physical security. An attacker who gets physical access to an MBAM Server could potentially use it to attack the entire client base. All potential physical attacks must be considered high risk and mitigated appropriately. MBAM servers should be stored in a secure server room with controlled access. Secure these computers when administrators are not physically present by having the operating system lock the computer, or by using a secured screen saver.
-**Apply the most recent security updates to all computers**. Stay informed about new updates for operating systems, Microsoft SQL Server, and MBAM by subscribing to the Security Notification service ().
+**Apply the most recent security updates to all computers**. Stay informed about new updates for operating systems, Microsoft SQL Server, and MBAM by subscribing to the Security Notification service ().
-**Use strong passwords or pass phrases**. Always use strong passwords with 15 or more characters for all MBAM and MBAM administrator accounts. Never use blank passwords. For more information about password concepts, see the “Account Passwords and Policies” white paper on TechNet ().
+**Use strong passwords or pass phrases**. Always use strong passwords with 15 or more characters for all MBAM and MBAM administrator accounts. Never use blank passwords. For more information about password concepts, see the “Account Passwords and Policies” white paper on TechNet ().
## Accounts and Groups in MBAM
@@ -185,7 +185,7 @@ When TDE is enabled on a database, all backups are encrypted. Thus, special care
For an example of how to enable TDE for MBAM database instances, see [Evaluating MBAM 2.0](evaluating-mbam-20-mbam-2.md).
-For more information about TDE in SQL Server 2008, see [SQL Server Encryption]( http://go.microsoft.com/fwlink/?LinkId=299883).
+For more information about TDE in SQL Server 2008, see [SQL Server Encryption]( https://go.microsoft.com/fwlink/?LinkId=299883).
## Related topics
diff --git a/mdop/mbam-v2/mbam-20-supported-configurations-mbam-2.md b/mdop/mbam-v2/mbam-20-supported-configurations-mbam-2.md
index 2f7ccf2976..8e7013294e 100644
--- a/mdop/mbam-v2/mbam-20-supported-configurations-mbam-2.md
+++ b/mdop/mbam-v2/mbam-20-supported-configurations-mbam-2.md
@@ -20,7 +20,7 @@ If you plan to install MBAM 2.0 by using the Configuration Manager topology and
The recommended configuration for running MBAM in a production environment is with two servers, depending on your scalability requirements. This configuration supports up to 200,000 MBAM clients. For an image and descriptions of the Stand-alone MBAM server infrastructure, see [High-Level Architecture for MBAM 2.0](high-level-architecture-for-mbam-20-mbam-2.md).
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/p/?LinkId=31976).
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/p/?LinkId=31976).
diff --git a/mdop/mbam-v2/planning-to-deploy-mbam-with-configuration-manager-2.md b/mdop/mbam-v2/planning-to-deploy-mbam-with-configuration-manager-2.md
index 6a3213a699..a0bbbee2b3 100644
--- a/mdop/mbam-v2/planning-to-deploy-mbam-with-configuration-manager-2.md
+++ b/mdop/mbam-v2/planning-to-deploy-mbam-with-configuration-manager-2.md
@@ -43,18 +43,18 @@ Ensure that you have met the following prerequisites before you install MBAM wit
|
Enable the Hardware Inventory Client Agent on the Configuration Manager Server. |
-For Configuration Manager 2007, see [How to Configure Hardware Inventory for a Site](http://go.microsoft.com/fwlink/?LinkId=301656).
-For System Center 2012 Configuration Manager, see [How to Configure Hardware Inventory in Configuration Manager](http://go.microsoft.com/fwlink/?LinkId=301685). |
+For Configuration Manager 2007, see [How to Configure Hardware Inventory for a Site](https://go.microsoft.com/fwlink/?LinkId=301656).
+For System Center 2012 Configuration Manager, see [How to Configure Hardware Inventory in Configuration Manager](https://go.microsoft.com/fwlink/?LinkId=301685). |
Enable the Desired Configuration Management (DCM) agent or the compliance settings, depending on the version of Configuration Manager that you are using. |
-For Configuration Manager 2007, enable the see [Desired Configuration Management Client Agent Properties](http://go.microsoft.com/fwlink/?LinkId=301686).
-For System Center 2012 Configuration Manager, see [Configuring Compliance Settings in Configuration Manager](http://go.microsoft.com/fwlink/?LinkId=301687). |
+For Configuration Manager 2007, enable the see [Desired Configuration Management Client Agent Properties](https://go.microsoft.com/fwlink/?LinkId=301686).
+For System Center 2012 Configuration Manager, see [Configuring Compliance Settings in Configuration Manager](https://go.microsoft.com/fwlink/?LinkId=301687). |
Define a reporting services point in Configuration Manager. Required for SQL Reporting Services. |
-For Configuration Manager 2007, see [How to Create a Reporting Services Point for SQL Reporting Services](http://go.microsoft.com/fwlink/?LinkId=301688).
-For System Center 2012 Configuration Manager, see [Prerequisites for Reporting in Configuration Manager](http://go.microsoft.com/fwlink/?LinkId=301689). |
+For Configuration Manager 2007, see [How to Create a Reporting Services Point for SQL Reporting Services](https://go.microsoft.com/fwlink/?LinkId=301688).
+For System Center 2012 Configuration Manager, see [Prerequisites for Reporting in Configuration Manager](https://go.microsoft.com/fwlink/?LinkId=301689). |
diff --git a/mdop/mbam-v2/release-notes-for-mbam-20-sp1.md b/mdop/mbam-v2/release-notes-for-mbam-20-sp1.md
index efd62a6169..911a162764 100644
--- a/mdop/mbam-v2/release-notes-for-mbam-20-sp1.md
+++ b/mdop/mbam-v2/release-notes-for-mbam-20-sp1.md
@@ -67,7 +67,7 @@ If you are using MBAM with Configuration Manager, and you want to upgrade to MBA
When you use Internet Explorer 10 to access the Administration and Monitoring Website, the **Submit** button on the website does not work.
-**Workaround**: On the server where you installed the Administration and Monitoring Website, install [Hotfix for ASP.NET browser definition files](http://go.microsoft.com/fwlink/?LinkId=317798).
+**Workaround**: On the server where you installed the Administration and Monitoring Website, install [Hotfix for ASP.NET browser definition files](https://go.microsoft.com/fwlink/?LinkId=317798).
### International domain names are not supported
diff --git a/mdop/mbam-v2/troubleshooting-mbam-20-mbam-2.md b/mdop/mbam-v2/troubleshooting-mbam-20-mbam-2.md
index 33672448b9..6eda8b11ab 100644
--- a/mdop/mbam-v2/troubleshooting-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/troubleshooting-mbam-20-mbam-2.md
@@ -13,7 +13,7 @@ ms.prod: w8
# Troubleshooting MBAM 2.0
-Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905).
+Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905).
## How to Find Troubleshooting Content
@@ -28,7 +28,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the MDOP product documentation**
-1. Use a web browser to navigate to the [MDOP Information Experience](http://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
+1. Use a web browser to navigate to the [MDOP Information Experience](https://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
2. Enter applicable search terms in the **Search TechNet with Bing** search box at the top of the MDOP Information Experience home page.
@@ -36,7 +36,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the TechNet Wiki**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Enter applicable search terms in the **Search TechNet Wiki** search box on the TechNet Wiki home page.
@@ -49,7 +49,7 @@ If you have a troubleshooting tip or a best practice to share that is not alread
**To create a TechNet Wiki troubleshooting or best practices article**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Log in with your Windows Live ID.
diff --git a/mdop/mbam-v25/about-mbam-25-sp1.md b/mdop/mbam-v25/about-mbam-25-sp1.md
index 4f19a1527d..96df87e28a 100644
--- a/mdop/mbam-v25/about-mbam-25-sp1.md
+++ b/mdop/mbam-v25/about-mbam-25-sp1.md
@@ -45,7 +45,7 @@ The following groups might be interested in using MBAM to manage BitLocker:
- Administrators who are responsible for client computers that are running Windows
**Note**
-BitLocker is not explained in detail in this MBAM documentation. For more information, see [BitLocker Drive Encryption Overview](http://go.microsoft.com/fwlink/p/?LinkId=225013).
+BitLocker is not explained in detail in this MBAM documentation. For more information, see [BitLocker Drive Encryption Overview](https://go.microsoft.com/fwlink/p/?LinkId=225013).
@@ -123,11 +123,11 @@ In MBAM 2.5, support was added for Federal Information Processing Standard (FIP
The Windows team has backported FIPS-compliant recovery keys with a hotfix, and MBAM 2.5 SP1 has added support for them as well.
**Note**
-Client computers that are running the Windows 8 operating system still require a DRA protector since the hotfix was not backported to that OS. See [Hotfix Package 2 for BitLocker Administration and Monitoring 2.5](https://support.microsoft.com/kb/3015477) to download and install the BitLocker hotfix for Windows 7 and Windows 8 computers. For information about DRA, see [Using Data Recovery Agents with BitLocker](http://go.microsoft.com/fwlink/?LinkId=393557).
+Client computers that are running the Windows 8 operating system still require a DRA protector since the hotfix was not backported to that OS. See [Hotfix Package 2 for BitLocker Administration and Monitoring 2.5](https://support.microsoft.com/kb/3015477) to download and install the BitLocker hotfix for Windows 7 and Windows 8 computers. For information about DRA, see [Using Data Recovery Agents with BitLocker](https://go.microsoft.com/fwlink/?LinkId=393557).
-To enable FIPS compliance in your organization, you must configure the Federal Information Processing Standard (FIPS) Group Policy settings. For configuration instructions, see [BitLocker Group Policy Settings](http://go.microsoft.com/fwlink/?LinkId=393560).
+To enable FIPS compliance in your organization, you must configure the Federal Information Processing Standard (FIPS) Group Policy settings. For configuration instructions, see [BitLocker Group Policy Settings](https://go.microsoft.com/fwlink/?LinkId=393560).
### Customize pre-boot recovery message and URL with new Group Policy setting
@@ -220,7 +220,7 @@ The compliance calculation logic for "Locked Fixed Data" volumes has been change
## How to Get MDOP Technologies
-MBAM is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of the Microsoft Software Assurance program. For more information about the Microsoft Software Assurance program and how to acquire the MDOP, see [How Do I Get MDOP?](http://go.microsoft.com/fwlink/?LinkId=322049).
+MBAM is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of the Microsoft Software Assurance program. For more information about the Microsoft Software Assurance program and how to acquire the MDOP, see [How Do I Get MDOP?](https://go.microsoft.com/fwlink/?LinkId=322049).
## MBAM 2.5 SP1 Release Notes
diff --git a/mdop/mbam-v25/about-mbam-25.md b/mdop/mbam-v25/about-mbam-25.md
index b9d9a8e8d4..89e69dbb3c 100644
--- a/mdop/mbam-v25/about-mbam-25.md
+++ b/mdop/mbam-v25/about-mbam-25.md
@@ -45,7 +45,7 @@ The following groups might be interested in using MBAM to manage BitLocker:
- Administrators who are responsible for client computers that are running Windows
**Note**
-BitLocker is not explained in detail in this MBAM documentation. For more information, see [BitLocker Drive Encryption Overview](http://go.microsoft.com/fwlink/p/?LinkId=225013).
+BitLocker is not explained in detail in this MBAM documentation. For more information, see [BitLocker Drive Encryption Overview](https://go.microsoft.com/fwlink/p/?LinkId=225013).
@@ -60,7 +60,7 @@ MBAM adds support for Microsoft SQL Server 2014, in addition to the same softwar
### MBAM Group Policy Templates downloaded separately
-The MBAM Group Policy Templates must be downloaded separately from the MBAM installation. In previous versions of MBAM, the MBAM installer included an MBAM Policy Template, which contained the required MBAM-specific Group Policy Objects (GPOs) that define MBAM implementation settings for BitLocker Drive Encryption. These GPOs have been removed from the MBAM installer. You now download the GPOs from [How to Get MDOP Group Policy (.admx) Templates](http://go.microsoft.com/fwlink/p/?LinkId=393941) and copy them to a server or workstation before you begin the MBAM Client installation. You can copy the Group Policy Templates to any server or workstation that is running a supported version of the Windows Server or Windows operating system.
+The MBAM Group Policy Templates must be downloaded separately from the MBAM installation. In previous versions of MBAM, the MBAM installer included an MBAM Policy Template, which contained the required MBAM-specific Group Policy Objects (GPOs) that define MBAM implementation settings for BitLocker Drive Encryption. These GPOs have been removed from the MBAM installer. You now download the GPOs from [How to Get MDOP Group Policy (.admx) Templates](https://go.microsoft.com/fwlink/p/?LinkId=393941) and copy them to a server or workstation before you begin the MBAM Client installation. You can copy the Group Policy Templates to any server or workstation that is running a supported version of the Windows Server or Windows operating system.
**Important**
Do not change the Group Policy settings in the **BitLocker Drive Encryption** node, or MBAM will not work correctly. When you configure the Group Policy settings in the **MDOP MBAM (BitLocker Management)** node, MBAM automatically configures the BitLocker Drive Encryption settings for you.
@@ -133,7 +133,7 @@ Copy the template files to the location that best meets your needs. For the lang
-For more information about template files, see [Managing Group Policy ADMX Files Step-by-Step Guide](http://go.microsoft.com/fwlink/?LinkId=392818).
+For more information about template files, see [Managing Group Policy ADMX Files Step-by-Step Guide](https://go.microsoft.com/fwlink/?LinkId=392818).
### Ability to enforce encryption policies on operating system and fixed data drives
@@ -189,9 +189,9 @@ The new Group Policy setting is located in the following GPO node: **Computer Co
MBAM 2.5 supports Federal Information Processing Standard (FIPS)-compliant BitLocker recovery keys on devices that are running the Windows 8.1 operating system. The recovery key was not FIPS compliant in earlier versions of Windows. This enhancement improves the drive recovery process in organizations that require FIPS compliance because it enables end users to use the Self-Service Portal or Administration and Monitoring Website (Help Desk) to recover their drives if they forget their PIN or password or get locked out of their computers. The new FIPS compliance feature does not extend to password protectors.
-To enable FIPS compliance in your organization, you must configure the Federal Information Processing Standard (FIPS) Group Policy settings. For configuration instructions, see [BitLocker Group Policy Settings](http://go.microsoft.com/fwlink/?LinkId=393560).
+To enable FIPS compliance in your organization, you must configure the Federal Information Processing Standard (FIPS) Group Policy settings. For configuration instructions, see [BitLocker Group Policy Settings](https://go.microsoft.com/fwlink/?LinkId=393560).
-For client computers that are running the Windows 8 or Windows 7 operating systems without the [installed BitLocker hotfix](https://support.microsoft.com/kb/3015477), IT administrators will continue to use the Data Recovery Agents (DRA) protector in FIPS-compliant environments. For information about DRA, see [Using Data Recovery Agents with BitLocker](http://go.microsoft.com/fwlink/?LinkId=393557).
+For client computers that are running the Windows 8 or Windows 7 operating systems without the [installed BitLocker hotfix](https://support.microsoft.com/kb/3015477), IT administrators will continue to use the Data Recovery Agents (DRA) protector in FIPS-compliant environments. For information about DRA, see [Using Data Recovery Agents with BitLocker](https://go.microsoft.com/fwlink/?LinkId=393557).
See [Hotfix Package 2 for BitLocker Administration and Monitoring 2.5](https://support.microsoft.com/kb/3015477) to download and install the BitLocker hotfix for Windows 7 and Windows 8 computers.
@@ -282,15 +282,15 @@ Windows PowerShell Help for MBAM is available in the following formats:
On TechNet as webpages |
-http://go.microsoft.com/fwlink/?LinkId=393498 |
+https://go.microsoft.com/fwlink/?LinkId=393498 |
On the Download Center as a Word .docx file |
-http://go.microsoft.com/fwlink/?LinkId=393497 |
+https://go.microsoft.com/fwlink/?LinkId=393497 |
On the Download Center as a .pdf file |
-http://go.microsoft.com/fwlink/?LinkId=393499 |
+https://go.microsoft.com/fwlink/?LinkId=393499 |
@@ -346,7 +346,7 @@ MBAM supports BitLocker on Encrypted Hard Drives that meet TCG specification req
## How to Get MDOP Technologies
-MBAM is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of the Microsoft Software Assurance program. For more information about the Microsoft Software Assurance program and how to acquire the MDOP, see [How Do I Get MDOP?](http://go.microsoft.com/fwlink/?LinkId=322049).
+MBAM is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of the Microsoft Software Assurance program. For more information about the Microsoft Software Assurance program and how to acquire the MDOP, see [How Do I Get MDOP?](https://go.microsoft.com/fwlink/?LinkId=322049).
## MBAM 2.5 Release Notes
diff --git a/mdop/mbam-v25/accessibility-for-mbam-25.md b/mdop/mbam-v25/accessibility-for-mbam-25.md
index c9526f1eee..9f43694659 100644
--- a/mdop/mbam-v25/accessibility-for-mbam-25.md
+++ b/mdop/mbam-v25/accessibility-for-mbam-25.md
@@ -63,7 +63,7 @@ For information about the availability of Microsoft product documentation and bo
(609) 987-8116 |
-[http://www.learningally.org/](http://go.microsoft.com/fwlink/?linkid=239) |
+[http://www.learningally.org/](https://go.microsoft.com/fwlink/?linkid=239) |
Web addresses can change, so you might be unable to connect to the website or sites mentioned here. |
@@ -85,7 +85,7 @@ Microsoft Support Services are subject to the prices, terms, and conditions in p
## For more information
-For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](http://go.microsoft.com/fwlink/?linkid=8431).
+For more information about how accessible technology for computers helps to improve the lives of people with disabilities, see the [Microsoft Accessibility website](https://go.microsoft.com/fwlink/?linkid=8431).
## Got a suggestion for MBAM?
diff --git a/mdop/mbam-v25/configuring-mbam-25-server-features-by-using-windows-powershell.md b/mdop/mbam-v25/configuring-mbam-25-server-features-by-using-windows-powershell.md
index d50cde850a..ebc86f347e 100644
--- a/mdop/mbam-v25/configuring-mbam-25-server-features-by-using-windows-powershell.md
+++ b/mdop/mbam-v25/configuring-mbam-25-server-features-by-using-windows-powershell.md
@@ -37,7 +37,7 @@ For information about the **Get-MbamBitLockerRecoveryKey** and **Get-MbamTPMOwne
## How to load Windows PowerShell Help for MBAM 2.5
-For a list of the Windows PowerShell cmdlets on TechNet, see [Microsoft Desktop Optimization Pack Automation with Windows PowerShell](http://go.microsoft.com/fwlink/?LinkId=392816).
+For a list of the Windows PowerShell cmdlets on TechNet, see [Microsoft Desktop Optimization Pack Automation with Windows PowerShell](https://go.microsoft.com/fwlink/?LinkId=392816).
**To load the MBAM 2.5 Help for Windows PowerShell cmdlets after installing the MBAM Server software**
@@ -68,15 +68,15 @@ Windows PowerShell Help for MBAM is available in the following formats:
On TechNet as webpages |
-http://go.microsoft.com/fwlink/?LinkId=393498 |
+https://go.microsoft.com/fwlink/?LinkId=393498 |
On the Download Center as a Word .docx file |
-http://go.microsoft.com/fwlink/?LinkId=393497 |
+https://go.microsoft.com/fwlink/?LinkId=393497 |
On the Download Center as a .pdf file |
-http://go.microsoft.com/fwlink/?LinkId=393499 |
+https://go.microsoft.com/fwlink/?LinkId=393499 |
@@ -193,7 +193,7 @@ Before starting the configuration, complete the following prerequisites.
This user account must be a part of the local administrators group or the Backup Operators group to register the MBAM Volume Shadow Copy Service (VSS) Writer.
By default, the database administrator or system administrator has the required "create any database" permissions.
-For more information about VSS Writer, see [Volume Shadow Copy Service](http://go.microsoft.com/fwlink/?LinkId=392814). |
+For more information about VSS Writer, see [Volume Shadow Copy Service](https://go.microsoft.com/fwlink/?LinkId=392814).
For the System Center Configuration Manager Integration feature only:
@@ -251,7 +251,7 @@ Before starting the configuration, complete the following prerequisites.
Ensure that the MBAM 2.5 Server software has been installed on the remote computer. Use the Credential Security Support Provider (CredSSP) Protocol to open the Windows PowerShell session. Enable Windows Remote Management (WinRM). If you fail to enable WinRM and to configure it correctly, the New-PSSession cmdlet that is described in this table displays an error and describes how to fix the issue. For more information about WinRM, see [Using Windows Remote Management](http://go.microsoft.com/fwlink/?LinkId=393064). Enable Windows Remote Management (WinRM). If you fail to enable WinRM and to configure it correctly, the New-PSSession cmdlet that is described in this table displays an error and describes how to fix the issue. For more information about WinRM, see [Using Windows Remote Management](https://go.microsoft.com/fwlink/?LinkId=393064). |
diff --git a/mdop/mbam-v25/copying-the-mbam-25-group-policy-templates.md b/mdop/mbam-v25/copying-the-mbam-25-group-policy-templates.md
index 087b44ec4b..9c4d42d879 100644
--- a/mdop/mbam-v25/copying-the-mbam-25-group-policy-templates.md
+++ b/mdop/mbam-v25/copying-the-mbam-25-group-policy-templates.md
@@ -22,7 +22,7 @@ MDOP Group Policy templates are available for download in a self-extracting, com
**How to download and deploy the MDOP Group Policy templates**
-1. Download the MDOP Group Policy templates from [How to Get MDOP Group Policy (.admx) Templates](http://go.microsoft.com/fwlink/p/?LinkId=393941) .
+1. Download the MDOP Group Policy templates from [How to Get MDOP Group Policy (.admx) Templates](https://go.microsoft.com/fwlink/p/?LinkId=393941) .
2. Run the downloaded file to extract the template folders.
diff --git a/mdop/mbam-v25/getting-started-with-mbam-25.md b/mdop/mbam-v25/getting-started-with-mbam-25.md
index ce79fb2767..d917998cbf 100644
--- a/mdop/mbam-v25/getting-started-with-mbam-25.md
+++ b/mdop/mbam-v25/getting-started-with-mbam-25.md
@@ -17,9 +17,9 @@ This topic provides a list of links to help you learn about Microsoft BitLocker
See the following resources for additional MBAM documentation:
-- [Microsoft BitLocker Administration and Monitoring Deployment Guide](http://go.microsoft.com/fwlink/?LinkId=396653)
+- [Microsoft BitLocker Administration and Monitoring Deployment Guide](https://go.microsoft.com/fwlink/?LinkId=396653)
-- [Microsoft Training Overview](http://go.microsoft.com/fwlink/p/?LinkId=80347)
+- [Microsoft Training Overview](https://go.microsoft.com/fwlink/p/?LinkId=80347)
Before you deploy MBAM to a production environment, we recommend that you validate your deployment plan in a test environment.
@@ -72,7 +72,7 @@ Before you start planning your MBAM deployment, review the following topics.
## How to get MDOP technologies
-MBAM 2.5 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and about acquiring MDOP, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049) (http://go.microsoft.com/fwlink/?LinkId=322049).
+MBAM 2.5 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and about acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049).
## Other resources for this product
diff --git a/mdop/mbam-v25/high-level-architecture-of-mbam-25-with-configuration-manager-integration-topology.md b/mdop/mbam-v25/high-level-architecture-of-mbam-25-with-configuration-manager-integration-topology.md
index 6a47917431..78d2526dde 100644
--- a/mdop/mbam-v25/high-level-architecture-of-mbam-25-with-configuration-manager-integration-topology.md
+++ b/mdop/mbam-v25/high-level-architecture-of-mbam-25-with-configuration-manager-integration-topology.md
@@ -139,7 +139,7 @@ MBAM Group Policy Templates
- The **MBAM Group Policy Templates** are Group Policy settings that define implementation settings for MBAM, which enable you to manage BitLocker drive encryption.
-- Before you run MBAM, you must download the Group Policy Templates from [How to Get MDOP Group Policy (.admx) Templates](http://go.microsoft.com/fwlink/p/?LinkId=393941) and copy them to a server or workstation that is running a supported Windows Server or Windows operating system.
+- Before you run MBAM, you must download the Group Policy Templates from [How to Get MDOP Group Policy (.admx) Templates](https://go.microsoft.com/fwlink/p/?LinkId=393941) and copy them to a server or workstation that is running a supported Windows Server or Windows operating system.
**Note**
The workstation does not have to be a dedicated computer.
diff --git a/mdop/mbam-v25/high-level-architecture-of-mbam-25-with-stand-alone-topology.md b/mdop/mbam-v25/high-level-architecture-of-mbam-25-with-stand-alone-topology.md
index 6cced98084..c0d16c3f7a 100644
--- a/mdop/mbam-v25/high-level-architecture-of-mbam-25-with-stand-alone-topology.md
+++ b/mdop/mbam-v25/high-level-architecture-of-mbam-25-with-stand-alone-topology.md
@@ -118,7 +118,7 @@ MBAM Group Policy Templates
- The MBAM Group Policy Templates are Group Policy settings that define implementation settings for MBAM, which enable you to manage BitLocker Drive Encryption.
-- Before you run MBAM, you must download the Group Policy Templates from [How to Get MDOP Group Policy (.admx) Templates](http://go.microsoft.com/fwlink/p/?LinkId=393941) and copy them to a server or workstation that is running a supported Windows Server or Windows operating system.
+- Before you run MBAM, you must download the Group Policy Templates from [How to Get MDOP Group Policy (.admx) Templates](https://go.microsoft.com/fwlink/p/?LinkId=393941) and copy them to a server or workstation that is running a supported Windows Server or Windows operating system.
- The workstation does not have to be a dedicated computer.
diff --git a/mdop/mbam-v25/how-to-configure-the-self-service-portal-when-client-computers-cannot-access-the-microsoft-content-delivery-network.md b/mdop/mbam-v25/how-to-configure-the-self-service-portal-when-client-computers-cannot-access-the-microsoft-content-delivery-network.md
index 11443abd41..75c1e1ac11 100644
--- a/mdop/mbam-v25/how-to-configure-the-self-service-portal-when-client-computers-cannot-access-the-microsoft-content-delivery-network.md
+++ b/mdop/mbam-v25/how-to-configure-the-self-service-portal-when-client-computers-cannot-access-the-microsoft-content-delivery-network.md
@@ -28,11 +28,11 @@ In MBAM 2.5 SP1, the JavaScript files are included in the product, and you do no
1. Download the following JavaScript files from the CDN:
- - [jQuery-1.10.2.min.js](http://go.microsoft.com/fwlink/?LinkID=390515)
+ - [jQuery-1.10.2.min.js](https://go.microsoft.com/fwlink/?LinkID=390515)
- - [jQuery.validate.min.js](http://go.microsoft.com/fwlink/?LinkID=390516)
+ - [jQuery.validate.min.js](https://go.microsoft.com/fwlink/?LinkID=390516)
- - [jQuery.validate.unobtrusive.min.js](http://go.microsoft.com/fwlink/?LinkID=390517)
+ - [jQuery.validate.unobtrusive.min.js](https://go.microsoft.com/fwlink/?LinkID=390517)
2. Copy the JavaScript files to the **Scripts** directory of the Self-Service Portal. This directory is located in *<MBAM Self-Service Install Directory>\\*Self Service Website\\Scripts.
diff --git a/mdop/mbam-v25/how-to-localize-the-helpdesktext-statement-that-points-users-to-more-self-service-portal-information.md b/mdop/mbam-v25/how-to-localize-the-helpdesktext-statement-that-points-users-to-more-self-service-portal-information.md
index 47933f4215..806f8c1fe6 100644
--- a/mdop/mbam-v25/how-to-localize-the-helpdesktext-statement-that-points-users-to-more-self-service-portal-information.md
+++ b/mdop/mbam-v25/how-to-localize-the-helpdesktext-statement-that-points-users-to-more-self-service-portal-information.md
@@ -32,7 +32,7 @@ In the following instructions, *SelfService* is the default virtual directory na
The name of the Language folder can also be the language neutral name **es** instead of **es-es**. If the end user’s browser is set to **es-es** and that folder does not exist, the parent locale (as defined in .NET) is recursively retrieved and checked, resolving to <MBAM Self-Service Install Directory>\\SelfServiceWebsite\\es\\Notice.txt before finally becoming the default Notice.txt file. This recursive fallback mimics the .NET resource loading rules.
- For a list of the valid language codes you can use, see [National Language Support (NLS) API Reference](http://go.microsoft.com/fwlink/?LinkId=317947).
+ For a list of the valid language codes you can use, see [National Language Support (NLS) API Reference](https://go.microsoft.com/fwlink/?LinkId=317947).
4. In the **Value** field, type the localized text that you want to display to end users.
diff --git a/mdop/mbam-v25/how-to-localize-the-self-service-portal-helpdeskurl.md b/mdop/mbam-v25/how-to-localize-the-self-service-portal-helpdeskurl.md
index 2c6f87f506..9142469468 100644
--- a/mdop/mbam-v25/how-to-localize-the-self-service-portal-helpdeskurl.md
+++ b/mdop/mbam-v25/how-to-localize-the-self-service-portal-helpdeskurl.md
@@ -34,7 +34,7 @@ In the following instructions, *SelfService* is the default virtual directory na
The name of the Language folder can also be the language neutral name **es** instead of **es-es**. If the end user’s browser is set to **es-es** and that folder does not exist, the parent locale (as defined in .NET) is recursively retrieved and checked, resolving to <MBAM Self-Service Install Directory>\\SelfServiceWebsite\\es\\Notice.txt before finally becoming the default Notice.txt file. This recursive fallback mimics the .NET resource loading rules.
- For a list of the valid language codes you can use, see [National Language Support (NLS) API Reference](http://go.microsoft.com/fwlink/?LinkId=317947).
+ For a list of the valid language codes you can use, see [National Language Support (NLS) API Reference](https://go.microsoft.com/fwlink/?LinkId=317947).
4. In the **Value** field, type the localized version of the `HelpdeskURL` value that you want to display to end users.
diff --git a/mdop/mbam-v25/how-to-localize-the-self-service-portal-notice-text.md b/mdop/mbam-v25/how-to-localize-the-self-service-portal-notice-text.md
index a718bcc0c5..99d5d15e63 100644
--- a/mdop/mbam-v25/how-to-localize-the-self-service-portal-notice-text.md
+++ b/mdop/mbam-v25/how-to-localize-the-self-service-portal-notice-text.md
@@ -48,7 +48,7 @@ If an end user’s browser is set to a language that does not have a correspondi
<*MBAM Self-Service Install Directory*>\\Self Service Website\\
**Note**
- Some language folders already exist, so you might not have to create a folder. If you do have to create a language folder, see [National Language Support (NLS) API Reference](http://go.microsoft.com/fwlink/?LinkId=317947) for a list of the valid names that you can use for the <*Language*> folder.
+ Some language folders already exist, so you might not have to create a folder. If you do have to create a language folder, see [National Language Support (NLS) API Reference](https://go.microsoft.com/fwlink/?LinkId=317947) for a list of the valid names that you can use for the <*Language*> folder.
diff --git a/mdop/mbam-v25/how-to-recover-a-corrupted-drive-mbam-25.md b/mdop/mbam-v25/how-to-recover-a-corrupted-drive-mbam-25.md
index a648d9fe0c..1828c9e862 100644
--- a/mdop/mbam-v25/how-to-recover-a-corrupted-drive-mbam-25.md
+++ b/mdop/mbam-v25/how-to-recover-a-corrupted-drive-mbam-25.md
@@ -37,7 +37,7 @@ You can use this procedure with the Administration and Monitoring Website (also
Use the repair-bde command to complete the recovery process. |
-To avoid a potential loss of data, it is strongly recommended that you review the [Manage-bde](http://go.microsoft.com/fwlink/?LinkId=393567) command before using it. |
+To avoid a potential loss of data, it is strongly recommended that you review the [Manage-bde](https://go.microsoft.com/fwlink/?LinkId=393567) command before using it. |
diff --git a/mdop/mbam-v25/how-to-recover-a-moved-drive-mbam-25.md b/mdop/mbam-v25/how-to-recover-a-moved-drive-mbam-25.md
index ceb184dd8f..609ec18b52 100644
--- a/mdop/mbam-v25/how-to-recover-a-moved-drive-mbam-25.md
+++ b/mdop/mbam-v25/how-to-recover-a-moved-drive-mbam-25.md
@@ -37,7 +37,7 @@ You may have given these roles different names when you created them. For more i
If the moved drive was configured to use a TPM chip on the original computer, complete the following additional steps. Otherwise, the recovery process is complete.
-4. After unlocking the drive and completing the start process, open a command prompt in WinRE mode and use the `manage-bde` command to decrypt the drive. Using this tool is the only way to remove the TPM plus the PIN protector without the original TPM chip. For information about the `manage-bde` command, see [Manage-bde](http://go.microsoft.com/fwlink/?LinkId=393567).
+4. After unlocking the drive and completing the start process, open a command prompt in WinRE mode and use the `manage-bde` command to decrypt the drive. Using this tool is the only way to remove the TPM plus the PIN protector without the original TPM chip. For information about the `manage-bde` command, see [Manage-bde](https://go.microsoft.com/fwlink/?LinkId=393567).
5. When the removal is completed, start the computer normally. The MBAM agent will now enforce the policy to encrypt the drive with the new computer’s TPM plus the PIN.
diff --git a/mdop/mbam-v25/index.md b/mdop/mbam-v25/index.md
index 897bb62a41..fd60429382 100644
--- a/mdop/mbam-v25/index.md
+++ b/mdop/mbam-v25/index.md
@@ -15,7 +15,7 @@ ms.prod: w10
Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 provides a simplified administrative interface that you can use to manage BitLocker Drive Encryption. You configure MBAM Group Policy Templates that enable you to set BitLocker Drive Encryption policy options that are appropriate for your enterprise, and then use them to monitor client compliance with those policies. You can also report on the encryption status of an individual computer and on the enterprise as a whole. In addition, you can access recovery key information when users forget their PIN or password or when their BIOS or boot record changes. For a more detailed description of MBAM, see [About MBAM 2.5](about-mbam-25.md).
-To get the MBAM software, see [How Do I Get MDOP](http://go.microsoft.com/fwlink/?LinkId=322049) (http://go.microsoft.com/fwlink/?LinkId=322049).
+To get the MBAM software, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049).
[Getting Started with MBAM 2.5](getting-started-with-mbam-25.md)
@@ -45,13 +45,13 @@ To get the MBAM software, see [How Do I Get MDOP](http://go.microsoft.com/fwlink
View updated product information and known issues for MBAM 2.5.
-- [MDOP TechCenter Page](http://go.microsoft.com/fwlink/p/?LinkId=225286)
+- [MDOP TechCenter Page](https://go.microsoft.com/fwlink/p/?LinkId=225286)
Learn about the latest MDOP information and resources.
-- [MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032)
+- [MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032)
- Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28http://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28http://go.microsoft.com/fwlink/p/?LinkId=242447).
+ Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28https://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28https://go.microsoft.com/fwlink/p/?LinkId=242447).
- [MBAM Deployment Guide](http://www.microsoft.com/download/details.aspx?id=38398)
diff --git a/mdop/mbam-v25/mbam-25-security-considerations.md b/mdop/mbam-v25/mbam-25-security-considerations.md
index 5da2d97409..533102fb68 100644
--- a/mdop/mbam-v25/mbam-25-security-considerations.md
+++ b/mdop/mbam-v25/mbam-25-security-considerations.md
@@ -104,7 +104,7 @@ The Read-AD\* cmdlets read information from Active Directory. The Write-Mbam\* c
**Create user-to-computer associations:** The MBAM Active Directory Data Import cmdlets gather information from Active Directory and insert the data into MBAM database. However, they do not associate users to volumes. You can download the Add-ComputerUser.ps1 PowerShell script to create user-to-machine associations, which let users regain access to a computer through the Administration and Monitoring Website or by using the Self-Service Portal for recovery. The Add-ComputerUser.ps1 script gathers data from the **Managed By** attribute in Active Directory (AD), the object owner in AD, or from a custom CSV file. The script then adds the discovered users to the recovery information pipeline object, which must be passed to Write-MbamRecoveryInformation to insert the data into the recovery database.
-Download the Add-ComputerUser.ps1 PowerShell script from the [Microsoft Download Center](http://go.microsoft.com/fwlink/?LinkId=613122).
+Download the Add-ComputerUser.ps1 PowerShell script from the [Microsoft Download Center](https://go.microsoft.com/fwlink/?LinkId=613122).
You can specify **help Add-ComputerUser.ps1** to get help for the script, including examples of how to use the cmdlets and the script.
@@ -287,7 +287,7 @@ For an example of how to enable TDE for MBAM database instances, see [Understand
**Physically secure your computers**. There is no security without physical security. An attacker who gets physical access to an MBAM Server could potentially use it to attack the entire client base. All potential physical attacks must be considered high risk and mitigated appropriately. MBAM Servers should be stored in a secure server room with controlled access. Secure these computers when administrators are not physically present by having the operating system lock the computer, or by using a secured screen saver.
-**Apply the most recent security updates to all computers**. Stay informed about new updates for Windows operating systems, SQL Server, and MBAM by subscribing to the Security Notification service at the [Security TechCenter](http://go.microsoft.com/fwlink/?LinkId=28819).
+**Apply the most recent security updates to all computers**. Stay informed about new updates for Windows operating systems, SQL Server, and MBAM by subscribing to the Security Notification service at the [Security TechCenter](https://go.microsoft.com/fwlink/?LinkId=28819).
**Use strong passwords or pass phrases**. Always use strong passwords with 15 or more characters for all MBAM administrator accounts. Never use blank passwords. For more information about password concepts, see [Password Policy](http://technet.microsoft.com/library/hh994572.aspx).
diff --git a/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md b/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md
index dbbd704e9b..21e84dabb1 100644
--- a/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md
+++ b/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md
@@ -260,7 +260,7 @@ The following table lists the installation prerequisites for the MBAM Administra
.NET Framework 4.5
Windows Server 2012 or Windows Server 2012 R2 - .NET Framework 4.5 is already installed for these versions of Windows Server, but you must enable it.
Windows Server 2008 R2 - .NET Framework 4.5 is not included with Windows Server 2008 R2, so you must [download Microsoft .NET Framework 4.5](http://go.microsoft.com/fwlink/?LinkId=392318) and install it separately.
+Windows Server 2008 R2 - .NET Framework 4.5 is not included with Windows Server 2008 R2, so you must [download Microsoft .NET Framework 4.5](https://go.microsoft.com/fwlink/?LinkId=392318) and install it separately.
Note
If you are upgrading from MBAM 2.0 or MBAM 2.0 SP1 and need to install .NET Framework 4.5, see [Release Notes for MBAM 2.5](release-notes-for-mbam-25.md) for an additional required step to make the websites work.
@@ -327,7 +327,7 @@ Setspn -s http/mbamvirtual.contoso.com contoso\mbamapppooluser
ASP.NET MVC 4.0 |
-[ASP.NET MVC 4 download](http://go.microsoft.com/fwlink/?LinkId=392271) |
+[ASP.NET MVC 4 download](https://go.microsoft.com/fwlink/?LinkId=392271) |
Web Service IIS Management Tools |
@@ -371,7 +371,7 @@ Setspn -s http/mbamvirtual.contoso.com contoso\mbamapppooluser
-Before installing the MBAM Client, download the MBAM Group Policy Templates from [How to Get MDOP Group Policy (.admx) Templates](http://go.microsoft.com/fwlink/p/?LinkId=393941) and configure them with the settings that you want to implement in your enterprise for BitLocker Drive Encryption. |
+Before installing the MBAM Client, download the MBAM Group Policy Templates from [How to Get MDOP Group Policy (.admx) Templates](https://go.microsoft.com/fwlink/p/?LinkId=393941) and configure them with the settings that you want to implement in your enterprise for BitLocker Drive Encryption. |
Before installing the MBAM Client, do the following:
diff --git a/mdop/mbam-v25/mbam-25-supported-configurations.md b/mdop/mbam-v25/mbam-25-supported-configurations.md
index cfe24704f3..ae4aa4c63c 100644
--- a/mdop/mbam-v25/mbam-25-supported-configurations.md
+++ b/mdop/mbam-v25/mbam-25-supported-configurations.md
@@ -18,7 +18,7 @@ You can run Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 in a St
For additional configurations that are specific to the Configuration Manager Integration topology, see [Versions of Configuration Manager that MBAM supports](#bkmk-cm-ramreqs).
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/p/?LinkId=31976).
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/p/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/p/?LinkId=31976).
diff --git a/mdop/mbam-v25/monitoring-web-service-request-performance-counters.md b/mdop/mbam-v25/monitoring-web-service-request-performance-counters.md
index e424414d23..13e646e1a9 100644
--- a/mdop/mbam-v25/monitoring-web-service-request-performance-counters.md
+++ b/mdop/mbam-v25/monitoring-web-service-request-performance-counters.md
@@ -78,7 +78,7 @@ If you are concerned about whether your MBAM Servers can support your client bas
The recommended tool for viewing MBAM performance counters is Windows Performance Monitor, which comes with Windows. If you are using Windows PowerShell, you don’t need to enable the counters before viewing them, as they are automatically registered by the Windows PowerShell **Enable-webapplication** cmdlet.
-For detailed instructions on how to view performance counters, see [How to View MBAM Performance Counters](http://go.microsoft.com/fwlink/?LinkId=393457).
+For detailed instructions on how to view performance counters, see [How to View MBAM Performance Counters](https://go.microsoft.com/fwlink/?LinkId=393457).
## Got a suggestion for MBAM?
diff --git a/mdop/mbam-v25/planning-for-mbam-25-group-policy-requirements.md b/mdop/mbam-v25/planning-for-mbam-25-group-policy-requirements.md
index 73bbf306fe..267668835a 100644
--- a/mdop/mbam-v25/planning-for-mbam-25-group-policy-requirements.md
+++ b/mdop/mbam-v25/planning-for-mbam-25-group-policy-requirements.md
@@ -91,7 +91,7 @@ When you are ready to configure the MBAM Group Policy settings you want, do the
-Copy the MBAM Group Policy Templates from [How to Get MDOP Group Policy (.admx) Templates](http://go.microsoft.com/fwlink/p/?LinkId=393941) and install them on a computer that is capable of running the Group Policy Management Console (GPMC) or Advanced Group Policy Management (AGPM). |
+Copy the MBAM Group Policy Templates from [How to Get MDOP Group Policy (.admx) Templates](https://go.microsoft.com/fwlink/p/?LinkId=393941) and install them on a computer that is capable of running the Group Policy Management Console (GPMC) or Advanced Group Policy Management (AGPM). |
[Copying the MBAM 2.5 Group Policy Templates](copying-the-mbam-25-group-policy-templates.md) |
diff --git a/mdop/mbam-v25/planning-for-mbam-25-high-availability.md b/mdop/mbam-v25/planning-for-mbam-25-high-availability.md
index 9dc7663655..84a3de74f4 100644
--- a/mdop/mbam-v25/planning-for-mbam-25-high-availability.md
+++ b/mdop/mbam-v25/planning-for-mbam-25-high-availability.md
@@ -34,7 +34,7 @@ MBAM enables you to configure and manage availability groups for the databases i
An availability group supports a set of read/write primary databases and one to four sets of corresponding secondary databases. Optionally, secondary databases can be made available for read-only permission, some backup operations, or for both.
-For information about how to set up availability groups, see [AlwaysOn Availability Groups](http://go.microsoft.com/fwlink/?LinkId=393277).
+For information about how to set up availability groups, see [AlwaysOn Availability Groups](https://go.microsoft.com/fwlink/?LinkId=393277).
## Microsoft SQL Server clustering
@@ -50,7 +50,7 @@ You can use Network Load Balancing to configure a highly available environment f
Before configuring load balancing, ensure that you have met the following prerequisites:
-- A load balancer must be available. You can use load balancers from Microsoft or another company. For more information about Microsoft load balancer technology, see [Build a Web Farm with IIS Servers](http://go.microsoft.com/fwlink/?LinkId=393326).
+- A load balancer must be available. You can use load balancers from Microsoft or another company. For more information about Microsoft load balancer technology, see [Build a Web Farm with IIS Servers](https://go.microsoft.com/fwlink/?LinkId=393326).
- At least two servers are running IIS and have met all of the MBAM prerequisites to support its web features, including ASP.NET MVC 4.
@@ -82,7 +82,7 @@ Complete the following tasks:
For instructions about how to automatically generate a key, see [Generate a Machine Key (IIS 7)](https://technet.microsoft.com/library/cc772287.aspx).
-The information about Load Balancing also applies to IIS Network Load Balancing (NLB) clusters in Windows Server 2012 or Windows Server 2008 R2. The IIS Network Load Balancing functionality in Windows Server 2012 is generally the same as in Windows Server 2008 R2. However, some task details are different in Windows Server 2012. For information about new ways to do tasks, see [Common Management Tasks and Navigation in Windows Server 2012 R2 Preview and Windows Server 2012](http://go.microsoft.com/fwlink/?LinkId=316371).
+The information about Load Balancing also applies to IIS Network Load Balancing (NLB) clusters in Windows Server 2012 or Windows Server 2008 R2. The IIS Network Load Balancing functionality in Windows Server 2012 is generally the same as in Windows Server 2008 R2. However, some task details are different in Windows Server 2012. For information about new ways to do tasks, see [Common Management Tasks and Navigation in Windows Server 2012 R2 Preview and Windows Server 2012](https://go.microsoft.com/fwlink/?LinkId=316371).
## Database mirroring in SQL Server
@@ -111,9 +111,9 @@ Enable-MbamWebApplication -SelfServicePortal -ComplianceAndAuditDBConnectionStri
The following links provide more information about configuring SQL Server mirroring:
-- [How to: Prepare a Mirror Database for Mirroring (Transact-SQL)](http://go.microsoft.com/fwlink/?LinkId=316375)
+- [How to: Prepare a Mirror Database for Mirroring (Transact-SQL)](https://go.microsoft.com/fwlink/?LinkId=316375)
-- [Establish a Database Mirroring Session Using Windows Authentication (SQL Server Management Studio)](http://go.microsoft.com/fwlink/?LinkId=316377)
+- [Establish a Database Mirroring Session Using Windows Authentication (SQL Server Management Studio)](https://go.microsoft.com/fwlink/?LinkId=316377)
## Backing up MBAM databases by using the Volume Shadow Copy Service (VSS)
diff --git a/mdop/mbam-v25/planning-how-to-secure-the-mbam-websites.md b/mdop/mbam-v25/planning-how-to-secure-the-mbam-websites.md
index 7c17c264a4..c3f9fe2ec2 100644
--- a/mdop/mbam-v25/planning-how-to-secure-the-mbam-websites.md
+++ b/mdop/mbam-v25/planning-how-to-secure-the-mbam-websites.md
@@ -140,7 +140,7 @@ If you use a fully qualified domain host name when you configure MBAM, you have
Configure constrained delegation for the SPN that you are registering for the application pool account. |
-[Configuring Constrained Delegation](http://go.microsoft.com/fwlink/?LinkId=394335)
+ | [Configuring Constrained Delegation](https://go.microsoft.com/fwlink/?LinkId=394335)
This requirement only applies to MBAM 2.5; it is not necessary in MBAM 2.5 SP1. |
@@ -176,7 +176,7 @@ If you use a NetBIOS host name when you configure MBAM, register one SPN for the
Configure constrained delegation for the SPNs that you are registering for the application pool account. |
-[Configuring Constrained Delegation](http://go.microsoft.com/fwlink/?LinkId=394335)
+ | [Configuring Constrained Delegation](https://go.microsoft.com/fwlink/?LinkId=394335)
This requirement only applies to MBAM 2.5; it is not necessary in MBAM 2.5 SP1. |
@@ -217,12 +217,12 @@ If you configure MBAM with a virtual host name that is a fully qualified domain
On the Domain Name Server (DNS) server, create an “A record” for the custom host name and point it to a web server or a load balancer. |
-See the “To configure DNS Host A Records” section in [Configure DNS Host Records](http://go.microsoft.com/fwlink/?LinkId=394337).
+ | See the “To configure DNS Host A Records” section in [Configure DNS Host Records](https://go.microsoft.com/fwlink/?LinkId=394337).
We recommend that you use A records instead of CNAMES. If you use CNAMES to point to the domain address, you must also register SPNs for the web server name in the application pool account. |
Configure constrained delegation for the SPNs that you are registering for the application pool account. |
-[Configuring Constrained Delegation](http://go.microsoft.com/fwlink/?LinkId=394335)
+ | [Configuring Constrained Delegation](https://go.microsoft.com/fwlink/?LinkId=394335)
This requirement only applies to MBAM 2.5; it is not necessary in MBAM 2.5 SP1. |
diff --git a/mdop/mbam-v25/prerequisites-for-the-configuration-manager-integration-feature.md b/mdop/mbam-v25/prerequisites-for-the-configuration-manager-integration-feature.md
index a8de68cf08..7417d8b4b8 100644
--- a/mdop/mbam-v25/prerequisites-for-the-configuration-manager-integration-feature.md
+++ b/mdop/mbam-v25/prerequisites-for-the-configuration-manager-integration-feature.md
@@ -43,8 +43,8 @@ When you install MBAM with Configuration Manager, the following additional prere
The Hardware Inventory Client Agent is on the Configuration Manager Server. |
-For System Center 2012 Configuration Manager, see [How to Configure Hardware Inventory in Configuration Manager](http://go.microsoft.com/fwlink/?LinkId=301685).
-For Configuration Manager 2007, see [How to Configure Hardware Inventory for a Site](http://go.microsoft.com/fwlink/?LinkId=301656). |
+For System Center 2012 Configuration Manager, see [How to Configure Hardware Inventory in Configuration Manager](https://go.microsoft.com/fwlink/?LinkId=301685).
+For Configuration Manager 2007, see [How to Configure Hardware Inventory for a Site](https://go.microsoft.com/fwlink/?LinkId=301656). |
One of the following is enabled, depending on the version of Configuration Manager that you are using:
@@ -52,13 +52,13 @@ When you install MBAM with Configuration Manager, the following additional prere
Compliance Settings - (System Center 2012 Configuration Manager) Desired Configuration Management (DCM) Client Agent – (Configuration Manager 2007) |
-For System Center 2012 Configuration Manager, see [Configuring Compliance Settings in Configuration Manager](http://go.microsoft.com/fwlink/?LinkId=301687).
-For Configuration Manager 2007, see [Desired Configuration Management Client Agent Properties](http://go.microsoft.com/fwlink/?LinkId=301686). |
+For System Center 2012 Configuration Manager, see [Configuring Compliance Settings in Configuration Manager](https://go.microsoft.com/fwlink/?LinkId=301687).
+For Configuration Manager 2007, see [Desired Configuration Management Client Agent Properties](https://go.microsoft.com/fwlink/?LinkId=301686). |
A reporting services point is defined in Configuration Manager. Required for SQL Server Reporting Services (SSRS). |
-For System Center 2012 Configuration Manager, see [Prerequisites for Reporting in Configuration Manager](http://go.microsoft.com/fwlink/?LinkId=301689).
-For Configuration Manager 2007, see [How to Create a Reporting Services Point for SQL Reporting Services](http://go.microsoft.com/fwlink/?LinkId=301688). |
+For System Center 2012 Configuration Manager, see [Prerequisites for Reporting in Configuration Manager](https://go.microsoft.com/fwlink/?LinkId=301689).
+For Configuration Manager 2007, see [How to Create a Reporting Services Point for SQL Reporting Services](https://go.microsoft.com/fwlink/?LinkId=301688). |
Configuration Manager 2007 requires Microsoft .NET Framework 2.0 |
diff --git a/mdop/mbam-v25/release-notes-for-mbam-25-sp1.md b/mdop/mbam-v25/release-notes-for-mbam-25-sp1.md
index d8cf0a12a2..7a1f4ce2ae 100644
--- a/mdop/mbam-v25/release-notes-for-mbam-25-sp1.md
+++ b/mdop/mbam-v25/release-notes-for-mbam-25-sp1.md
@@ -80,7 +80,7 @@ A user principal name (UPN) must be set for all service accounts in MBAM. If you
When you upgrade Internet Information Services (IIS) to the Microsoft .NET Framework 4.5, the Self-Service Portal and the Administration and Monitoring Website do not open.
-**Workaround:** See the article [Error message after you install the .NET Framework 4.0: "Could not load type 'System.ServiceModel.Activation.HttpModule'](http://go.microsoft.com/fwlink/?LinkId=393568).
+**Workaround:** See the article [Error message after you install the .NET Framework 4.0: "Could not load type 'System.ServiceModel.Activation.HttpModule'](https://go.microsoft.com/fwlink/?LinkId=393568).
### Administration and Monitoring Website displays a "Report cannot be found" error message when Reports are not configured
diff --git a/mdop/mbam-v25/release-notes-for-mbam-25.md b/mdop/mbam-v25/release-notes-for-mbam-25.md
index f0e69536dd..77fb10929e 100644
--- a/mdop/mbam-v25/release-notes-for-mbam-25.md
+++ b/mdop/mbam-v25/release-notes-for-mbam-25.md
@@ -37,7 +37,7 @@ This is fixed in MBAM 2.5 SP1.
If a computer has the MBAM 2.5 client installed and is encrypted by using the AES 256-bit with Diffuser cipher strength, the MBAM client is reported as noncompliant in the MBAM compliance reports.
-**Workaround:** Install the hotfix at [KB2975636](http://go.microsoft.com/fwlink/?LinkId=511972).
+**Workaround:** Install the hotfix at [KB2975636](https://go.microsoft.com/fwlink/?LinkId=511972).
### MBAM fails to encrypt a volume and reports an error if you set a TPM + PIN protector on a tablet device
@@ -61,7 +61,7 @@ If your client computers do not have access to the Microsoft Ajax Content Delive
When you upgrade Internet Information Services (IIS) to the Microsoft .NET Framework 4.5, the Self-Service Portal and the Administration and Monitoring Website do not open.
-**Workaround:** See the article [Error message after you install the .NET Framework 4.0: "Could not load type 'System.ServiceModel.Activation.HttpModule'](http://go.microsoft.com/fwlink/?LinkId=393568).
+**Workaround:** See the article [Error message after you install the .NET Framework 4.0: "Could not load type 'System.ServiceModel.Activation.HttpModule'](https://go.microsoft.com/fwlink/?LinkId=393568).
### Administration and Monitoring Website displays a "Report cannot be found" error message when Reports are not configured
diff --git a/mdop/mbam-v25/removing-mbam-server-features-or-software.md b/mdop/mbam-v25/removing-mbam-server-features-or-software.md
index 68a503a904..bc32e92632 100644
--- a/mdop/mbam-v25/removing-mbam-server-features-or-software.md
+++ b/mdop/mbam-v25/removing-mbam-server-features-or-software.md
@@ -57,7 +57,7 @@ Use the following steps as a general guide to remove MBAM Server features by usi
- Disable-MbamCMIntegration
- To get help with Windows PowerShell cmdlets, type **Get-Help** <*cmdlet*> or see the [Microsoft Desktop Optimization Pack Automation with Windows PowerShell](http://go.microsoft.com/fwlink/?LinkId=393498) page for the MBAM Windows PowerShell cmdlets.
+ To get help with Windows PowerShell cmdlets, type **Get-Help** <*cmdlet*> or see the [Microsoft Desktop Optimization Pack Automation with Windows PowerShell](https://go.microsoft.com/fwlink/?LinkId=393498) page for the MBAM Windows PowerShell cmdlets.
## Removing MBAM Server software
diff --git a/mdop/mbam-v25/troubleshooting-mbam-25.md b/mdop/mbam-v25/troubleshooting-mbam-25.md
index 039cf035e3..5afd3f7113 100644
--- a/mdop/mbam-v25/troubleshooting-mbam-25.md
+++ b/mdop/mbam-v25/troubleshooting-mbam-25.md
@@ -13,7 +13,7 @@ ms.prod: w10
# Troubleshooting MBAM 2.5
-Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905).
+Troubleshooting content is not included in the Administrator’s Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905).
## How to find troubleshooting content
@@ -28,7 +28,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the MDOP product documentation**
-1. Use a web browser to navigate to the [MDOP Information Experience](http://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
+1. Use a web browser to navigate to the [MDOP Information Experience](https://go.microsoft.com/fwlink/?LinkId=236032) TechNet home page.
2. Enter applicable search terms in the **Search TechNet with Bing** search box at the top of the MDOP Information Experience home page.
@@ -36,7 +36,7 @@ After you search the MDOP documentation, your next step would be to search the t
**To search the TechNet Wiki**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Enter applicable search terms in the **Search TechNet Wiki** search box on the TechNet Wiki home page.
@@ -49,7 +49,7 @@ If you have a troubleshooting tip or a best practice to share that is not alread
**To create a TechNet Wiki troubleshooting or best practices article**
-1. Use a web browser to navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Use a web browser to navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Log in with your Windows Live ID.
diff --git a/mdop/mbam-v25/upgrading-to-mbam-25-or-mbam-25-sp1-from-previous-versions.md b/mdop/mbam-v25/upgrading-to-mbam-25-or-mbam-25-sp1-from-previous-versions.md
index 8689fe73e0..80fa3a1a92 100644
--- a/mdop/mbam-v25/upgrading-to-mbam-25-or-mbam-25-sp1-from-previous-versions.md
+++ b/mdop/mbam-v25/upgrading-to-mbam-25-or-mbam-25-sp1-from-previous-versions.md
@@ -48,7 +48,7 @@ Review the following information before you start the upgrade.
To resolve this issue:
Run aspnet_regiis –i from the following location:
C:\windows\microsoft.net\Framework\v4.0.30319
-For more information, see: [ASP.NET IIS Registration Tool](http://go.microsoft.com/fwlink/?LinkId=393272). |
+For more information, see: [ASP.NET IIS Registration Tool](https://go.microsoft.com/fwlink/?LinkId=393272).
Register an SPN on the application pool account if all of the following are true:
diff --git a/mdop/mbam-v25/using-windows-powershell-to-administer-mbam-25.md b/mdop/mbam-v25/using-windows-powershell-to-administer-mbam-25.md
index 8354649b6f..41833fc753 100644
--- a/mdop/mbam-v25/using-windows-powershell-to-administer-mbam-25.md
+++ b/mdop/mbam-v25/using-windows-powershell-to-administer-mbam-25.md
@@ -70,15 +70,15 @@ Windows PowerShell Help for MBAM cmdlets is available in the following formats:
|
On TechNet as webpages |
-http://go.microsoft.com/fwlink/?LinkId=393498 |
+https://go.microsoft.com/fwlink/?LinkId=393498 |
On the Download Center as a Word .docx file |
-http://go.microsoft.com/fwlink/?LinkId=393497 |
+https://go.microsoft.com/fwlink/?LinkId=393497 |
On the Download Center as a .pdf file |
-http://go.microsoft.com/fwlink/?LinkId=393499 |
+https://go.microsoft.com/fwlink/?LinkId=393499 |
diff --git a/mdop/medv-v1/creating-a-virtual-pc-image-for-med-v.md b/mdop/medv-v1/creating-a-virtual-pc-image-for-med-v.md
index d8d020cc25..5b630c65bf 100644
--- a/mdop/medv-v1/creating-a-virtual-pc-image-for-med-v.md
+++ b/mdop/medv-v1/creating-a-virtual-pc-image-for-med-v.md
@@ -34,9 +34,9 @@ To create a Virtual PC image using Microsoft Virtual PC, refer to the Virtual PC
For more information, see the following:
-- [Windows Virtual PC Help](http://go.microsoft.com/fwlink/?LinkId=182378)
+- [Windows Virtual PC Help](https://go.microsoft.com/fwlink/?LinkId=182378)
-- [Create a virtual machine and install a guest operating system](http://go.microsoft.com/fwlink/?LinkId=182379)
+- [Create a virtual machine and install a guest operating system](https://go.microsoft.com/fwlink/?LinkId=182379)
## How to Install the MED-V Workspace .msi Package
@@ -203,9 +203,9 @@ Sysprep is Microsoft's system preparation utility for the Windows operating syst
2. From the Windows installation CD, extract *deploy.cab* to the root of the system drive, or download the latest Deployment Tools update from the Microsoft Web site.
- - For Windows 2000, see [Deployment Tools update for Windows 2000](http://go.microsoft.com/fwlink/?LinkId=143001).
+ - For Windows 2000, see [Deployment Tools update for Windows 2000](https://go.microsoft.com/fwlink/?LinkId=143001).
- - For Windows XP, see [Deployment Tools update for Windows XP](http://go.microsoft.com/fwlink/?LinkId=143000).
+ - For Windows XP, see [Deployment Tools update for Windows XP](https://go.microsoft.com/fwlink/?LinkId=143000).
3. Run **Setup Manager** (setupmgr.exe).
diff --git a/mdop/medv-v1/design-the-med-v-image-repositories.md b/mdop/medv-v1/design-the-med-v-image-repositories.md
index 98e48d55d6..a1f9c7d386 100644
--- a/mdop/medv-v1/design-the-med-v-image-repositories.md
+++ b/mdop/medv-v1/design-the-med-v-image-repositories.md
@@ -58,7 +58,7 @@ The image repository can reside on the same system as the MED-V server and the s
### Fault Tolerance
-If the image repository is unavailable, clients will not be able to download new or updated MED-V images. To design fault-tolerance options for the file server and fault-tolerant disks, see the [Infrastructure Planning and Design Microsoft SQL Server 2008](http://go.microsoft.com/fwlink/?LinkId=163302) guide.
+If the image repository is unavailable, clients will not be able to download new or updated MED-V images. To design fault-tolerance options for the file server and fault-tolerant disks, see the [Infrastructure Planning and Design Microsoft SQL Server 2008](https://go.microsoft.com/fwlink/?LinkId=163302) guide.
## Design and Place the IIS Servers
@@ -69,11 +69,11 @@ The IIS server can coexist on the same system as the MED-V server and the server
For each image repository, sum the number of clients that may download MED-V images using IIS. This is the maximum number of concurrent downloads that can occur when an image is loaded into the repository. Use the throughput sum and the service level expectations determined in [Define the Project Scope](define-the-project-scope.md) to plan the design of the IIS server infrastructure and to determine the appropriate amount of bandwidth to allocate for the repository.
-To design the IIS infrastructure, see the [Infrastructure Planning and Design Microsoft Internet Information Services](http://go.microsoft.com/fwlink/?LinkId=160826) guide.
+To design the IIS infrastructure, see the [Infrastructure Planning and Design Microsoft Internet Information Services](https://go.microsoft.com/fwlink/?LinkId=160826) guide.
### Fault Tolerance
-If the IIS server infrastructure is unavailable, clients will not be able to download new or updated images. To configure fault tolerance, the Windows Server 2008-based IIS server can be placed in a failover cluster. To design the fault tolerance for the IIS server infrastructure, see the [Infrastructure Planning and Design Microsoft Internet Information Services](http://go.microsoft.com/fwlink/?LinkId=160826) guide.
+If the IIS server infrastructure is unavailable, clients will not be able to download new or updated images. To configure fault tolerance, the Windows Server 2008-based IIS server can be placed in a failover cluster. To design the fault tolerance for the IIS server infrastructure, see the [Infrastructure Planning and Design Microsoft Internet Information Services](https://go.microsoft.com/fwlink/?LinkId=160826) guide.
## Related topics
diff --git a/mdop/medv-v1/design-the-med-v-server-infrastructure.md b/mdop/medv-v1/design-the-med-v-server-infrastructure.md
index 16803828f3..9a112b2835 100644
--- a/mdop/medv-v1/design-the-med-v-server-infrastructure.md
+++ b/mdop/medv-v1/design-the-med-v-server-infrastructure.md
@@ -45,7 +45,7 @@ If you place the database server in a location that is remote from the MED-V ser
### Form Factor
-If you will run SQL Server on the same server as MED-V, and if SQL Server will only be used to store data for that server, start with the MED-V recommendation and add resources for the SQL Server load. If SQL Server will store events and alerts from more than one MED-V instance, for information on how to scale up the server form factor, see the [Infrastructure Planning and Design Microsoft SQL Server 2008](http://go.microsoft.com/fwlink/?LinkId=163302) guide (http:// go.microsoft.com/fwlink/?LinkId=163302).
+If you will run SQL Server on the same server as MED-V, and if SQL Server will only be used to store data for that server, start with the MED-V recommendation and add resources for the SQL Server load. If SQL Server will store events and alerts from more than one MED-V instance, for information on how to scale up the server form factor, see the [Infrastructure Planning and Design Microsoft SQL Server 2008](https://go.microsoft.com/fwlink/?LinkId=163302) guide (http:// go.microsoft.com/fwlink/?LinkId=163302).
The size of the database depends on the number of client events that the database will store. Events are created by normal operation of the client, such as when a MED-V workspace is started, or when there is an error in the MED-V workspace. The default interval at which the client sends events is 1 minute.
@@ -71,7 +71,7 @@ To approximate the infrastructure optimization per second (IOPs) requirement, us
When MED-V client is running, if the server is unavailable, events will be backed up on the client and reports will be unavailable in the management console. Refer to the organization’s service level expectations determined in [Define the Project Scope](define-the-project-scope.md) to decide whether the design of a fault-tolerant SQL Server infrastructure is necessary.
-MED-V does not provide support for running SQL Server in an MSCS cluster. In order to provide warm standby and to avoid data loss in the event of a failure, you can place SQL Server in a log shipping configuration. For information on log shipping, see the [Infrastructure Planning and Design Microsoft SQL Server 2008](http://go.microsoft.com/fwlink/?LinkId=163302) guide (http://go.microsoft.com/fwlink/?LinkId=163302).
+MED-V does not provide support for running SQL Server in an MSCS cluster. In order to provide warm standby and to avoid data loss in the event of a failure, you can place SQL Server in a log shipping configuration. For information on log shipping, see the [Infrastructure Planning and Design Microsoft SQL Server 2008](https://go.microsoft.com/fwlink/?LinkId=163302) guide (https://go.microsoft.com/fwlink/?LinkId=163302).
## Design the Management Console
diff --git a/mdop/medv-v1/how-to-configure-the-image-web-distribution-server.md b/mdop/medv-v1/how-to-configure-the-image-web-distribution-server.md
index 054d2fba0c..5162470c80 100644
--- a/mdop/medv-v1/how-to-configure-the-image-web-distribution-server.md
+++ b/mdop/medv-v1/how-to-configure-the-image-web-distribution-server.md
@@ -20,7 +20,7 @@ An image repository is an optional server that is used for image distribution (w
An image distribution server requires the following:
-- Internet Information Services (IIS)—For information, see [Internet Information Services](http://go.microsoft.com/fwlink/?LinkId=142995).
+- Internet Information Services (IIS)—For information, see [Internet Information Services](https://go.microsoft.com/fwlink/?LinkId=142995).
During the IIS installation, when adding role services, select the following supported authentication methods:
@@ -46,7 +46,7 @@ An image distribution server requires the following:
- Restart IIS.
-- BITS Server Extensions for IIS—For information, see [Install BITS Server Extensions](http://go.microsoft.com/fwlink/?LinkId=142996).
+- BITS Server Extensions for IIS—For information, see [Install BITS Server Extensions](https://go.microsoft.com/fwlink/?LinkId=142996).
## Related topics
diff --git a/mdop/medv-v1/how-to-install-and-configure-the-med-v-server-component.md b/mdop/medv-v1/how-to-install-and-configure-the-med-v-server-component.md
index 0b992dd722..d5fa158ff6 100644
--- a/mdop/medv-v1/how-to-install-and-configure-the-med-v-server-component.md
+++ b/mdop/medv-v1/how-to-install-and-configure-the-med-v-server-component.md
@@ -87,9 +87,9 @@ The following server settings can be configured:
- Associate the server certificate with the port specified using netsh. For information, see the following:
- - [Netsh Commands for Hypertext Transfer Protocol (HTTP)](http://go.microsoft.com/fwlink/?LinkId=183314)
+ - [Netsh Commands for Hypertext Transfer Protocol (HTTP)](https://go.microsoft.com/fwlink/?LinkId=183314)
- - [How to: Configure a Port with an SSL Certificate](http://go.microsoft.com/fwlink/?LinkID=183315)
+ - [How to: Configure a Port with an SSL Certificate](https://go.microsoft.com/fwlink/?LinkID=183315)
- [How to: Configure a Port with an SSL Certificate](http://msdn.microsoft.com/library/ms733791.aspx)
diff --git a/mdop/medv-v1/med-v-10-sp1-and-sp2-release-notesmedv-10-sp1.md b/mdop/medv-v1/med-v-10-sp1-and-sp2-release-notesmedv-10-sp1.md
index d35cdc8ee7..8af4246244 100644
--- a/mdop/medv-v1/med-v-10-sp1-and-sp2-release-notesmedv-10-sp1.md
+++ b/mdop/medv-v1/med-v-10-sp1-and-sp2-release-notesmedv-10-sp1.md
@@ -28,7 +28,7 @@ Comprehensive documentation for Microsoft Enterprise Desktop Virtualization (MED
## Protect Against Security Vulnerabilities and Viruses
-To help protect against security vulnerabilities and viruses, you should install the latest available security updates for any new software that you are installing. For more information, see the Microsoft Security website at .
+To help protect against security vulnerabilities and viruses, you should install the latest available security updates for any new software that you are installing. For more information, see the Microsoft Security website at .
## What’s New in MED-V 1.0 SP2
diff --git a/mdop/medv-v1/med-v-10-sp1-supported-configurationsmedv-10-sp1.md b/mdop/medv-v1/med-v-10-sp1-supported-configurationsmedv-10-sp1.md
index 467c2a0a98..556b54dfb9 100644
--- a/mdop/medv-v1/med-v-10-sp1-supported-configurationsmedv-10-sp1.md
+++ b/mdop/medv-v1/med-v-10-sp1-supported-configurationsmedv-10-sp1.md
@@ -23,7 +23,7 @@ This topic specifies the requirements necessary to install and run Microsoft Ent
The following table lists the operating systems that are supported for MED-V 1.0 SP1 client installation.
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/?LinkId=31975) (http://go.microsoft.com/fwlink/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/?LinkId=31976) (http://go.microsoft.com/fwlink/?LinkId=31976).
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/?LinkId=31975) (https://go.microsoft.com/fwlink/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/?LinkId=31976) (https://go.microsoft.com/fwlink/?LinkId=31976).
@@ -146,7 +146,7 @@ MED-V 1.0 SP1 introduces changes to system requirements from those for MED-V 1
The following table lists the operating systems supported for MED-V 1.0 SP1 workspaces.
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/?LinkId=31975) (http://go.microsoft.com/fwlink/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/?LinkId=31976) (http://go.microsoft.com/fwlink/?LinkId=31976).
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/?LinkId=31975) (https://go.microsoft.com/fwlink/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/?LinkId=31976) (https://go.microsoft.com/fwlink/?LinkId=31976).
@@ -225,7 +225,7 @@ MED-V 1.0 SP1 introduces changes to system requirements from those for MED-V 1
The following table lists the operating systems supported for MED-V 1.0 SP1 server installations.
**Note**
-Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/?LinkId=31975) (http://go.microsoft.com/fwlink/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/?LinkId=31976) (http://go.microsoft.com/fwlink/?LinkId=31976).
+Microsoft provides support for the current service pack and, in some cases, the immediately preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/?LinkId=31975) (https://go.microsoft.com/fwlink/?LinkId=31975). For additional information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/?LinkId=31976) (https://go.microsoft.com/fwlink/?LinkId=31976).
diff --git a/mdop/medv-v1/med-v-installation-prerequisites.md b/mdop/medv-v1/med-v-installation-prerequisites.md
index 3957776b1d..053c904941 100644
--- a/mdop/medv-v1/med-v-installation-prerequisites.md
+++ b/mdop/medv-v1/med-v-installation-prerequisites.md
@@ -55,19 +55,19 @@ SQL Server can be installed on the same server as the MED-V server or on a remot
2. Install the following files on the MED-V server:
- - To install the prerequisites for the management pack objects collection for Microsoft SQL Server 2008, download [Microsoft SQL Server 2008 Native Client](http://go.microsoft.com/fwlink/?LinkId=164039) from the Microsoft Download Center.
+ - To install the prerequisites for the management pack objects collection for Microsoft SQL Server 2008, download [Microsoft SQL Server 2008 Native Client](https://go.microsoft.com/fwlink/?LinkId=164039) from the Microsoft Download Center.
- - To install the prerequisites for the management pack objects collection for Microsoft SQL Server 2005, download [Microsoft SQL Server 2005 Native Client](http://go.microsoft.com/fwlink/?LinkId=164038) from the Microsoft Download Center.
+ - To install the prerequisites for the management pack objects collection for Microsoft SQL Server 2005, download [Microsoft SQL Server 2005 Native Client](https://go.microsoft.com/fwlink/?LinkId=164038) from the Microsoft Download Center.
- - To install the required dll files for Microsoft SQL Server 2008, download [Microsoft SQL Server 2008 Management Objects Collection](http://go.microsoft.com/fwlink/?LinkId=164041) from the Microsoft Download Center.
+ - To install the required dll files for Microsoft SQL Server 2008, download [Microsoft SQL Server 2008 Management Objects Collection](https://go.microsoft.com/fwlink/?LinkId=164041) from the Microsoft Download Center.
- - To install the required dll files for Microsoft SQL Server 2005, download [Microsoft SQL Server 2005 Management Objects](http://go.microsoft.com/fwlink/?LinkId=164040) from the Microsoft Download Center.
+ - To install the required dll files for Microsoft SQL Server 2005, download [Microsoft SQL Server 2005 Management Objects](https://go.microsoft.com/fwlink/?LinkId=164040) from the Microsoft Download Center.
- - To install the stand-alone install packages that provide additional value for SQL Server 2008, download the [Microsoft SQL Server 2008 Feature Pack](http://go.microsoft.com/fwlink/?LinkId=163960) from the Microsoft Download Center.
+ - To install the stand-alone install packages that provide additional value for SQL Server 2008, download the [Microsoft SQL Server 2008 Feature Pack](https://go.microsoft.com/fwlink/?LinkId=163960) from the Microsoft Download Center.
- - To install the stand-alone install packages that provide additional value for SQL Server 2005, download the [Feature Pack for Microsoft SQL Server 2005]( http://go.microsoft.com/fwlink/?LinkId=163961) from the Microsoft Download Center.
+ - To install the stand-alone install packages that provide additional value for SQL Server 2005, download the [Feature Pack for Microsoft SQL Server 2005]( https://go.microsoft.com/fwlink/?LinkId=163961) from the Microsoft Download Center.
- For more information about these files, see [Microsoft SQL Server 2008 Feature Pack](http://go.microsoft.com/fwlink/?LinkId=163960) on the Microsoft Download Center (http://go.microsoft.com/fwlink/?LinkId=163960) or [Feature Pack for Microsoft SQL Server 2005](http://go.microsoft.com/fwlink/?LinkId=163961) on the Microsoft Download Center (http://go.microsoft.com/fwlink/?LinkId=163961).
+ For more information about these files, see [Microsoft SQL Server 2008 Feature Pack](https://go.microsoft.com/fwlink/?LinkId=163960) on the Microsoft Download Center (https://go.microsoft.com/fwlink/?LinkId=163960) or [Feature Pack for Microsoft SQL Server 2005](https://go.microsoft.com/fwlink/?LinkId=163961) on the Microsoft Download Center (https://go.microsoft.com/fwlink/?LinkId=163961).
## Antivirus/Backup Software Configuration
@@ -94,13 +94,13 @@ If Virtual PC for Windows exists on the host computer, uninstall it before insta
**To install Microsoft Virtual PC 2007 SP1**
-1. Download Virtual PC 2007 SP1 from the Microsoft Download Center [Virtual PC 2007 SP1](http://go.microsoft.com/fwlink/?LinkId=142994).
+1. Download Virtual PC 2007 SP1 from the Microsoft Download Center [Virtual PC 2007 SP1](https://go.microsoft.com/fwlink/?LinkId=142994).
2. Run the installation file on the host computer, and follow the wizard.
3. Install Virtual PC 2007 SP1 update on the host computer in elevated mode.
- For more information, see [the description of the hotfix package for Virtual PC 2007 SP1](http://go.microsoft.com/fwlink/?LinkId=150575).
+ For more information, see [the description of the hotfix package for Virtual PC 2007 SP1](https://go.microsoft.com/fwlink/?LinkId=150575).
**Note**
The Virtual PC 2007 SP1 update is required for running Virtual PC 2007 SP1.
diff --git a/mdop/medv-v2/configure-environment-prerequisites.md b/mdop/medv-v2/configure-environment-prerequisites.md
index 8e5f590264..6433d80f37 100644
--- a/mdop/medv-v2/configure-environment-prerequisites.md
+++ b/mdop/medv-v2/configure-environment-prerequisites.md
@@ -28,7 +28,7 @@ The MED-V Guest Agent is only supported in Windows XP SP3.
The MED-V Host and Guest agents and the MED-V Workspace Packager require the Microsoft .NET Framework 3.5 SP1.
**Important**
-You must also install the update [KB959209](http://go.microsoft.com/fwlink/?LinkId=204950) (http://go.microsoft.com/fwlink/?LinkId=204950), which addresses several known application compatibility issues.
+You must also install the update [KB959209](https://go.microsoft.com/fwlink/?LinkId=204950) (https://go.microsoft.com/fwlink/?LinkId=204950), which addresses several known application compatibility issues.
diff --git a/mdop/medv-v2/configure-installation-prerequisites.md b/mdop/medv-v2/configure-installation-prerequisites.md
index 7248ec2a87..faa82e6b04 100644
--- a/mdop/medv-v2/configure-installation-prerequisites.md
+++ b/mdop/medv-v2/configure-installation-prerequisites.md
@@ -31,7 +31,7 @@ If a version of Virtual PC for Windows already exists on the host computer, you
**To install Windows Virtual PC**
-1. Download [Windows Virtual PC](http://go.microsoft.com/fwlink/?LinkId=195918) from the Microsoft Download Center (http://go.microsoft.com/fwlink/?LinkId=195918).
+1. Download [Windows Virtual PC](https://go.microsoft.com/fwlink/?LinkId=195918) from the Microsoft Download Center (https://go.microsoft.com/fwlink/?LinkId=195918).
2. Run the installation file on the host computer, and follow the steps in the wizard.
@@ -59,13 +59,13 @@ In addition to the update listed here, we recommend that you review all availabl
1. Download the required Windows Virtual PC update from the Microsoft Download Center.
- [32-bit Update](http://go.microsoft.com/fwlink/?LinkId=195919) (http://go.microsoft.com/fwlink/?LinkId=195919).
+ [32-bit Update](https://go.microsoft.com/fwlink/?LinkId=195919) (https://go.microsoft.com/fwlink/?LinkId=195919).
- [64-bit Update](http://go.microsoft.com/fwlink/?LinkId=195920) (http://go.microsoft.com/fwlink/?LinkId=195920).
+ [64-bit Update](https://go.microsoft.com/fwlink/?LinkId=195920) (https://go.microsoft.com/fwlink/?LinkId=195920).
2. Run the installation file on the host computer in elevated mode, and follow the steps in the wizard.
- For more information about the hotfix package for Windows Virtual PC, see [article 977206](http://go.microsoft.com/fwlink/?LinkId=195921) (http://go.microsoft.com/fwlink/?LinkId=195921).
+ For more information about the hotfix package for Windows Virtual PC, see [article 977206](https://go.microsoft.com/fwlink/?LinkId=195921) (https://go.microsoft.com/fwlink/?LinkId=195921).
## How to Configure Antivirus/Backup Software
diff --git a/mdop/medv-v2/configuring-a-windows-virtual-pc-image-for-med-v.md b/mdop/medv-v2/configuring-a-windows-virtual-pc-image-for-med-v.md
index 887be3896a..c4a9a942e4 100644
--- a/mdop/medv-v2/configuring-a-windows-virtual-pc-image-for-med-v.md
+++ b/mdop/medv-v2/configuring-a-windows-virtual-pc-image-for-med-v.md
@@ -29,7 +29,7 @@ Follow these steps to configure your MED-V image for running first time setup:
1. As part of preparing your image for use with MED-V, you can configure various settings on the virtual machine, such as specifying the settings for running Windows Update. Specify all the necessary virtual machine settings before you create the MED-V workspace package.
-2. Before you create the MED-V workspace package, we recommend that you disable restore points on the virtual machine to prevent the differencing disk from growing unbounded. For more information, see [How to turn off and turn on System Restore in Windows XP](http://go.microsoft.com/fwlink/?LinkId=195927) (http://go.microsoft.com/fwlink/?LinkId=195927).
+2. Before you create the MED-V workspace package, we recommend that you disable restore points on the virtual machine to prevent the differencing disk from growing unbounded. For more information, see [How to turn off and turn on System Restore in Windows XP](https://go.microsoft.com/fwlink/?LinkId=195927) (https://go.microsoft.com/fwlink/?LinkId=195927).
**Note**
You can set up your Sysprep.inf file to disable restore points when first time setup is run. For an example of setting this GuiRunOnce key, see the sample Sysprep.inf file later in this section.
@@ -58,7 +58,7 @@ After you have completed customization of your MED-V image, you are ready to sea
2. In a MED-V environment, you can use Sysprep to assign unique security IDs (SID) and other settings to each MED-V workspace the first time that they are started.
**Note**
- For more information about how to use Sysprep, see [Sysprep Technical Reference](http://go.microsoft.com/fwlink/?LinkId=195930) (http://go.microsoft.com/fwlink/?LinkId=195930).
+ For more information about how to use Sysprep, see [Sysprep Technical Reference](https://go.microsoft.com/fwlink/?LinkId=195930) (https://go.microsoft.com/fwlink/?LinkId=195930).
@@ -81,13 +81,13 @@ After you have completed customization of your MED-V image, you are ready to sea
1. Create a folder named *Sysprep* in the root of the MED-V image system drive.
- 2. Download the deploy.cab file. For more information, see [Windows XP Service Pack 3 Deployment Tools](http://go.microsoft.com/fwlink/?LinkId=195928) From the Microsoft Download Center (http://go.microsoft.com/fwlink/?LinkId=195928).
+ 2. Download the deploy.cab file. For more information, see [Windows XP Service Pack 3 Deployment Tools](https://go.microsoft.com/fwlink/?LinkId=195928) From the Microsoft Download Center (https://go.microsoft.com/fwlink/?LinkId=195928).
3. From the deploy.cab file, copy or extract the Setupmgr.exe, Sysprep.exe, and Setupcl.exe files to the Sysprep folder.
4. In the Sysprep folder, run **Setup Manager** (Setupmgr.exe) to create a Sysprep.inf answer file.
- Or, you can create this file manually or use your company’s existing file. For more information, see [How to use the Sysprep tool to automate successful deployment of Windows XP](http://go.microsoft.com/fwlink/?LinkId=195929) (http://go.microsoft.com/fwlink/?LinkId=195929).
+ Or, you can create this file manually or use your company’s existing file. For more information, see [How to use the Sysprep tool to automate successful deployment of Windows XP](https://go.microsoft.com/fwlink/?LinkId=195929) (https://go.microsoft.com/fwlink/?LinkId=195929).
5. Follow the **Setup Manager** wizard.
diff --git a/mdop/medv-v2/creating-a-windows-virtual-pc-image-for-med-v.md b/mdop/medv-v2/creating-a-windows-virtual-pc-image-for-med-v.md
index 14202ab249..cdf7325436 100644
--- a/mdop/medv-v2/creating-a-windows-virtual-pc-image-for-med-v.md
+++ b/mdop/medv-v2/creating-a-windows-virtual-pc-image-for-med-v.md
@@ -32,11 +32,11 @@ To create a virtual image for MED-V, you must follow these steps.
To create a Windows Virtual PC image, see the Windows Virtual PC documentation:
-- [Windows Virtual PC Home Page](http://go.microsoft.com/fwlink/?LinkId=148103) (http://go.microsoft.com/fwlink/?LinkId=148103).
+- [Windows Virtual PC Home Page](https://go.microsoft.com/fwlink/?LinkId=148103) (https://go.microsoft.com/fwlink/?LinkId=148103).
-- [Windows Virtual PC Help](http://go.microsoft.com/fwlink/?LinkId=182378) (http://go.microsoft.com/fwlink/?LinkId=182378).
+- [Windows Virtual PC Help](https://go.microsoft.com/fwlink/?LinkId=182378) (https://go.microsoft.com/fwlink/?LinkId=182378).
-Alternately, if you already have a Windows Imaging (WIM) file that you want to use as the basis for your virtual image, you can convert it to a VHD that you use to build the MED-V workspace. For more information about how to convert a WIM to a virtual hard disk, see [Native VHD Support in Windows 7](http://go.microsoft.com/fwlink/?LinkId=195922) (http://go.microsoft.com/fwlink/?LinkId=195922).
+Alternately, if you already have a Windows Imaging (WIM) file that you want to use as the basis for your virtual image, you can convert it to a VHD that you use to build the MED-V workspace. For more information about how to convert a WIM to a virtual hard disk, see [Native VHD Support in Windows 7](https://go.microsoft.com/fwlink/?LinkId=195922) (https://go.microsoft.com/fwlink/?LinkId=195922).
**Important**
MED-V only supports one virtual hard disk per virtual machine and only one partition on each virtual disk.
@@ -50,12 +50,12 @@ After you have created your virtual hard disk, install Windows XP on the image.
MED-V requires that Windows XP SP3 is installed on the Windows Virtual PC image before you build the MED-V workspace.
-For more information about how to install Windows XP, see [Create a virtual machine and install a guest operating system](http://go.microsoft.com/fwlink/?LinkId=182379) (http://go.microsoft.com/fwlink/?LinkId=182379).
+For more information about how to install Windows XP, see [Create a virtual machine and install a guest operating system](https://go.microsoft.com/fwlink/?LinkId=182379) (https://go.microsoft.com/fwlink/?LinkId=182379).
## Installing the .NET Framework 3.5 SP1 on a Windows Virtual PC Image
-You must manually install the .NET Framework 3.5 SP1 and the update KB959209 into the Windows Virtual PC image that you prepare for use with MED-V. The update [KB959209](http://go.microsoft.com/fwlink/?LinkId=204950) (http://go.microsoft.com/fwlink/?LinkId=204950) addresses several known application compatibility issues.
+You must manually install the .NET Framework 3.5 SP1 and the update KB959209 into the Windows Virtual PC image that you prepare for use with MED-V. The update [KB959209](https://go.microsoft.com/fwlink/?LinkId=204950) (https://go.microsoft.com/fwlink/?LinkId=204950) addresses several known application compatibility issues.
## Applying Updates to the Windows Virtual PC Image
@@ -74,7 +74,7 @@ When you install updates to Windows XP, make sure that you remain on the version
### Installing an Optional Performance Update
-Although it is optional, we recommend that you install the following update for [hotfix KB972435](http://go.microsoft.com/fwlink/?LinkId=201077) (http://go.microsoft.com/fwlink/?LinkId=201077). This update increases the performance of shared folders in a Terminal Services session:
+Although it is optional, we recommend that you install the following update for [hotfix KB972435](https://go.microsoft.com/fwlink/?LinkId=201077) (https://go.microsoft.com/fwlink/?LinkId=201077). This update increases the performance of shared folders in a Terminal Services session:
**Note**
The update is publically available. However, you might be prompted to accept an agreement for Microsoft Services. Follow the prompts on the successive webpages to retrieve this hotfix.
@@ -107,16 +107,16 @@ When you configure the virtual image to work with MED-V, you must manually insta
For more information about how to install and use the Integration Components package, see the following:
-- [Install or Upgrade the Integration Components Package](http://go.microsoft.com/fwlink/?LinkId=195923) (http://go.microsoft.com/fwlink/?LinkId=195923).
+- [Install or Upgrade the Integration Components Package](https://go.microsoft.com/fwlink/?LinkId=195923) (https://go.microsoft.com/fwlink/?LinkId=195923).
-- [About Integration Features](http://go.microsoft.com/fwlink/?LinkId=195924) (http://go.microsoft.com/fwlink/?LinkId=195924).
+- [About Integration Features](https://go.microsoft.com/fwlink/?LinkId=195924) (https://go.microsoft.com/fwlink/?LinkId=195924).
### Installing RemoteApp Update
After you install the Integration Components package, you are prompted to install the following update: "Update for Windows XP SP3 to enable RemoteApp." This is a required component for MED-V.
**Important**
-If you are not prompted to install the RemoteApp update, you must download and install it manually. For more information and instructions about how to download this update, see [Update for Windows XP SP3 to enable RemoteApp](http://go.microsoft.com/fwlink/?LinkId=195925) (http://go.microsoft.com/fwlink/?LinkId=195925).
+If you are not prompted to install the RemoteApp update, you must download and install it manually. For more information and instructions about how to download this update, see [Update for Windows XP SP3 to enable RemoteApp](https://go.microsoft.com/fwlink/?LinkId=195925) (https://go.microsoft.com/fwlink/?LinkId=195925).
@@ -124,12 +124,12 @@ If you are not prompted to install the RemoteApp update, you must download and i
By default, Remote Desktop is enabled after you install the Integration Components package. For MED-V to be operational, ensure that Remote Desktop is enabled, and do not distribute any Group Policy that disables it.
-For information about how to enable Remote Desktop, see [Enable or disable Remote Desktop](http://go.microsoft.com/fwlink/?LinkId=201162) (http://go.microsoft.com/fwlink/?LinkId=201162).
+For information about how to enable Remote Desktop, see [Enable or disable Remote Desktop](https://go.microsoft.com/fwlink/?LinkId=201162) (https://go.microsoft.com/fwlink/?LinkId=201162).
## Customizing Internet Explorer by Using the Internet Explorer Administration Kit
-If you want, you can use the Internet Explorer Administration Kit to customize Internet Explorer on the guest operating system. For more information, see the [Internet Explorer 6 Administration Kit and Deployment Guide](http://go.microsoft.com/fwlink/?LinkId=200007) (http:// go.microsoft.com/fwlink/?LinkId=200007).
+If you want, you can use the Internet Explorer Administration Kit to customize Internet Explorer on the guest operating system. For more information, see the [Internet Explorer 6 Administration Kit and Deployment Guide](https://go.microsoft.com/fwlink/?LinkId=200007) (http:// go.microsoft.com/fwlink/?LinkId=200007).
**Warning**
You should consider security concerns associated with customizing Internet Explorer in the MED-V workspace. For more information, see [Security Best Practices for MED-V Operations](security-best-practices-for-med-v-operations.md).
diff --git a/mdop/medv-v2/determining-how-med-v-will-be-deployed.md b/mdop/medv-v2/determining-how-med-v-will-be-deployed.md
index cfd3d8eece..61a47be0c8 100644
--- a/mdop/medv-v2/determining-how-med-v-will-be-deployed.md
+++ b/mdop/medv-v2/determining-how-med-v-will-be-deployed.md
@@ -23,7 +23,7 @@ Because MED-V is a desktop-based solution, it works with your existing infrastru
If you are currently using an electronic software distribution solution, you can use that to distribute MED-V workspaces and their dependent applications. You can also use this solution for distribution of subsequent applications after MED-V is deployed. For more information about deploying MED-V with an ESD, see [How to Deploy a MED-V Workspace Through an Electronic Software Distribution System](how-to-deploy-a-med-v-workspace-through-an-electronic-software-distribution-system.md).
**Note**
-Whichever electronic software distribution solution that you use, you must be familiar with the requirements of your particular solution. If you are using System Center Configuration Manager 2007 R2 or a later version, see the [Configuration Manager Documentation Library](http://go.microsoft.com/fwlink/?LinkId=66999) in the Microsoft Technical Library (http://go.microsoft.com/fwlink/?LinkId=66999).
+Whichever electronic software distribution solution that you use, you must be familiar with the requirements of your particular solution. If you are using System Center Configuration Manager 2007 R2 or a later version, see the [Configuration Manager Documentation Library](https://go.microsoft.com/fwlink/?LinkId=66999) in the Microsoft Technical Library (https://go.microsoft.com/fwlink/?LinkId=66999).
diff --git a/mdop/medv-v2/end-to-end-operations-scenario-for-med-v-20.md b/mdop/medv-v2/end-to-end-operations-scenario-for-med-v-20.md
index 5a971ee220..6703f60d3e 100644
--- a/mdop/medv-v2/end-to-end-operations-scenario-for-med-v-20.md
+++ b/mdop/medv-v2/end-to-end-operations-scenario-for-med-v-20.md
@@ -26,7 +26,7 @@ The step-by-step procedures that you follow in a MED-V operations scenario inclu
- [Creating a Windows Virtual PC Image for MED-V](creating-a-windows-virtual-pc-image-for-med-v.md#bkmk-installingwindowsxpontovpc) reviews how to install the Windows XP SP3 operating system on your Windows Virtual PC image. MED-V requires that Windows XP SP3 is installed on the Windows Virtual PC image before you build the MED-V workspace.
-- [Creating a Windows Virtual PC Image for MED-V](creating-a-windows-virtual-pc-image-for-med-v.md#bkmk-installingnet) reviews how to manually install the .NET Framework 3.5 SP1 and the update KB959209 into the Windows Virtual PC image that you prepare for use with MED-V. MED-V requires the .NET Framework 3.5 SP1, and the update [KB959209](http://go.microsoft.com/fwlink/?LinkId=204950) (http://go.microsoft.com/fwlink/?LinkId=204950) addresses several known application compatibility issues.
+- [Creating a Windows Virtual PC Image for MED-V](creating-a-windows-virtual-pc-image-for-med-v.md#bkmk-installingnet) reviews how to manually install the .NET Framework 3.5 SP1 and the update KB959209 into the Windows Virtual PC image that you prepare for use with MED-V. MED-V requires the .NET Framework 3.5 SP1, and the update [KB959209](https://go.microsoft.com/fwlink/?LinkId=204950) (https://go.microsoft.com/fwlink/?LinkId=204950) addresses several known application compatibility issues.
- [Creating a Windows Virtual PC Image for MED-V](creating-a-windows-virtual-pc-image-for-med-v.md#bkmk-applypatchestovpc) reviews how to update your Windows XP image with the latest software updates and other hotfixes necessary or important for running MED-V.
diff --git a/mdop/medv-v2/how-to-add-or-remove-url-redirection-information-in-a-deployed-med-v-workspace.md b/mdop/medv-v2/how-to-add-or-remove-url-redirection-information-in-a-deployed-med-v-workspace.md
index f020b8536e..544141d6d3 100644
--- a/mdop/medv-v2/how-to-add-or-remove-url-redirection-information-in-a-deployed-med-v-workspace.md
+++ b/mdop/medv-v2/how-to-add-or-remove-url-redirection-information-in-a-deployed-med-v-workspace.md
@@ -37,7 +37,7 @@ You can add and remove URL redirection information by performing one of the foll
If you are adding URLs to the registry key, enter them one per line, as was required when you built the MED-V workspace package. For more information, see [Create a MED-V Workspace Package](create-a-med-v-workspace-package.md).
-2. Deploy the updated registry key by using Group Policy. For more information about how to use Group Policy, see [Group Policy Software Installation](http://go.microsoft.com/fwlink/?LinkId=195931) (http://go.microsoft.com/fwlink/?LinkId=195931).
+2. Deploy the updated registry key by using Group Policy. For more information about how to use Group Policy, see [Group Policy Software Installation](https://go.microsoft.com/fwlink/?LinkId=195931) (https://go.microsoft.com/fwlink/?LinkId=195931).
**Note**
This method of editing URL redirection information is a MED-V best practice.
diff --git a/mdop/medv-v2/how-to-deploy-a-med-v-workspace-in-a-windows-7-image.md b/mdop/medv-v2/how-to-deploy-a-med-v-workspace-in-a-windows-7-image.md
index d642c59eee..adfd91f54c 100644
--- a/mdop/medv-v2/how-to-deploy-a-med-v-workspace-in-a-windows-7-image.md
+++ b/mdop/medv-v2/how-to-deploy-a-med-v-workspace-in-a-windows-7-image.md
@@ -19,7 +19,7 @@ The following section provides information and instructions to help you deploy t
**To deploy a MED-V workspace in a Windows 7 image**
-1. Create a standard image of Windows 7. For more information, see [Building a Standard Image of Windows 7: Step-by-Step Guide](http://go.microsoft.com/fwlink/?LinkId=204843) (http://go.microsoft.com/fwlink/?LinkId=204843).
+1. Create a standard image of Windows 7. For more information, see [Building a Standard Image of Windows 7: Step-by-Step Guide](https://go.microsoft.com/fwlink/?LinkId=204843) (https://go.microsoft.com/fwlink/?LinkId=204843).
2. In the Windows 7 image, install Windows Virtual PC and the Windows Virtual PC updates. For more information, see [Configure Installation Prerequisites](configure-installation-prerequisites.md).
diff --git a/mdop/medv-v2/how-to-deploy-a-med-v-workspace-through-an-electronic-software-distribution-system.md b/mdop/medv-v2/how-to-deploy-a-med-v-workspace-through-an-electronic-software-distribution-system.md
index 09b62dd423..55ac6b1ec0 100644
--- a/mdop/medv-v2/how-to-deploy-a-med-v-workspace-through-an-electronic-software-distribution-system.md
+++ b/mdop/medv-v2/how-to-deploy-a-med-v-workspace-through-an-electronic-software-distribution-system.md
@@ -16,14 +16,14 @@ ms.prod: w7
An electronic software distribution system is designed to efficiently move software to many different computers over slow or fast network connections. The following section provides information and instructions to help you deploy your MED-V workspace throughout your enterprise by using a software distribution system.
**Note**
-Whichever software distribution solution that you use, you must be familiar with the requirements of your particular solution. If you are using System Center Configuration Manager 2007 R2 or a later version, see the [Configuration Manager Documentation Library](http://go.microsoft.com/fwlink/?LinkId=66999) in the Microsoft Technical Library (http://go.microsoft.com/fwlink/?LinkId=66999).
+Whichever software distribution solution that you use, you must be familiar with the requirements of your particular solution. If you are using System Center Configuration Manager 2007 R2 or a later version, see the [Configuration Manager Documentation Library](https://go.microsoft.com/fwlink/?LinkId=66999) in the Microsoft Technical Library (https://go.microsoft.com/fwlink/?LinkId=66999).
**Important**
If you are using System Center Configuration Manager 2007 SP2 and your MED-V workspaces are configured to operate in **NAT** mode, the virtual machines are classified as Internet-based clients and cannot find the closest distribution points from which to download content.
-The [hotfix to improve the functionality for VMs that are managed by MED-V](http://go.microsoft.com/fwlink/?LinkId=201088) (http://go.microsoft.com/fwlink/?LinkId=201088) adds new functionality to virtual machines that are managed by MED-V and that are configured to operate in **NAT** mode. The new functionality lets virtual machines access the closest distribution points. Therefore, the administrator can manage the virtual machine and the host computer in the same manner. This hotfix must be installed first on the site server and then on the client.
+The [hotfix to improve the functionality for VMs that are managed by MED-V](https://go.microsoft.com/fwlink/?LinkId=201088) (https://go.microsoft.com/fwlink/?LinkId=201088) adds new functionality to virtual machines that are managed by MED-V and that are configured to operate in **NAT** mode. The new functionality lets virtual machines access the closest distribution points. Therefore, the administrator can manage the virtual machine and the host computer in the same manner. This hotfix must be installed first on the site server and then on the client.
The update is publically available. However, you might be prompted to accept an agreement for Microsoft Services. Follow the prompts on the successive webpages to retrieve this hotfix.
diff --git a/mdop/medv-v2/how-to-deploy-the-med-v-components-through-an-electronic-software-distribution-system.md b/mdop/medv-v2/how-to-deploy-the-med-v-components-through-an-electronic-software-distribution-system.md
index e794a345cb..171a89953e 100644
--- a/mdop/medv-v2/how-to-deploy-the-med-v-components-through-an-electronic-software-distribution-system.md
+++ b/mdop/medv-v2/how-to-deploy-the-med-v-components-through-an-electronic-software-distribution-system.md
@@ -16,14 +16,14 @@ ms.prod: w7
An electronic software distribution system can help you efficiently move software to many computers over slow or fast network connections. The following section provides information and instructions to help you deploy the Microsoft Enterprise Desktop Virtualization (MED-V) 2.0 components throughout your enterprise by using a software distribution system.
**Note**
-Whichever software distribution solution that you use, you must be familiar with the requirements of your particular solution. If you are using System Center Configuration Manager 2007 R2 or a later version, see the [Configuration Manager Documentation Library](http://go.microsoft.com/fwlink/?LinkId=66999) in the Microsoft Technical Library (http://go.microsoft.com/fwlink/?LinkId=66999).
+Whichever software distribution solution that you use, you must be familiar with the requirements of your particular solution. If you are using System Center Configuration Manager 2007 R2 or a later version, see the [Configuration Manager Documentation Library](https://go.microsoft.com/fwlink/?LinkId=66999) in the Microsoft Technical Library (https://go.microsoft.com/fwlink/?LinkId=66999).
**Important**
If you are using System Center Configuration Manager 2007 SP2 and your MED-V workspaces are configured to operate in **NAT** mode, the virtual machines are classified as Internet-based clients and cannot find the closest distribution points from which to download content.
-The [hotfix to improve the functionality for VMs that are managed by MED-V](http://go.microsoft.com/fwlink/?LinkId=201088) (http://go.microsoft.com/fwlink/?LinkId=201088) adds new functionality to virtual machines that are managed by MED-V and that are configured to operate in **NAT** mode. The new functionality lets virtual machines access the closest distribution points. Therefore, the administrator can manage the virtual machine and the host computer in the same manner. This hotfix must be installed first on the site server and then on the client.
+The [hotfix to improve the functionality for VMs that are managed by MED-V](https://go.microsoft.com/fwlink/?LinkId=201088) (https://go.microsoft.com/fwlink/?LinkId=201088) adds new functionality to virtual machines that are managed by MED-V and that are configured to operate in **NAT** mode. The new functionality lets virtual machines access the closest distribution points. Therefore, the administrator can manage the virtual machine and the host computer in the same manner. This hotfix must be installed first on the site server and then on the client.
The update is publically available. However, you might be prompted to accept an agreement for Microsoft Services. Follow the prompts on the successive webpages to retrieve this hotfix.
diff --git a/mdop/medv-v2/how-to-manage-url-redirection-by-using-the-med-v-workspace-packager.md b/mdop/medv-v2/how-to-manage-url-redirection-by-using-the-med-v-workspace-packager.md
index 4b45e3baeb..163df79b5e 100644
--- a/mdop/medv-v2/how-to-manage-url-redirection-by-using-the-med-v-workspace-packager.md
+++ b/mdop/medv-v2/how-to-manage-url-redirection-by-using-the-med-v-workspace-packager.md
@@ -43,7 +43,7 @@ You can use the MED-V Workspace Packager to manage URL redirection in the MED-V
-4. Click **Save as…** to save the updated URL redirection files in the specified folder. MED-V creates a registry file that contains the updated URL redirection information. Deploy the updated registry key by using Group Policy. For more information about how to use Group Policy, see [Group Policy Software Installation](http://go.microsoft.com/fwlink/?LinkId=195931) (http://go.microsoft.com/fwlink/?LinkId=195931).
+4. Click **Save as…** to save the updated URL redirection files in the specified folder. MED-V creates a registry file that contains the updated URL redirection information. Deploy the updated registry key by using Group Policy. For more information about how to use Group Policy, see [Group Policy Software Installation](https://go.microsoft.com/fwlink/?LinkId=195931) (https://go.microsoft.com/fwlink/?LinkId=195931).
MED-V also creates a Windows PowerShell script in the specified folder that you can use to re-create the updated MED-V workspace package.
diff --git a/mdop/medv-v2/index.md b/mdop/medv-v2/index.md
index f5de2f22e6..7aaba93e6c 100644
--- a/mdop/medv-v2/index.md
+++ b/mdop/medv-v2/index.md
@@ -43,7 +43,7 @@ For more information about how to perform MED-V tasks, use the following section
For more information about MED-V, see
-[Microsoft Windows Enterprise: Improving Virtual PCs with MED-V](http://go.microsoft.com/fwlink/?LinkId=195917) (http://go.microsoft.com/fwlink/?LinkId=195917).
+[Microsoft Windows Enterprise: Improving Virtual PCs with MED-V](https://go.microsoft.com/fwlink/?LinkId=195917) (https://go.microsoft.com/fwlink/?LinkId=195917).
diff --git a/mdop/medv-v2/installing-and-removing-an-application-on-the-med-v-workspace.md b/mdop/medv-v2/installing-and-removing-an-application-on-the-med-v-workspace.md
index ab01f5aeb9..be5657cbfd 100644
--- a/mdop/medv-v2/installing-and-removing-an-application-on-the-med-v-workspace.md
+++ b/mdop/medv-v2/installing-and-removing-an-application-on-the-med-v-workspace.md
@@ -42,7 +42,7 @@ You can use Group Policy and Group Policy objects to assign or publish applicati
You can also use Group Policy and Group Policy objects in the same manner to remove applications from the MED-V workspace.
-For more information about how to add and remove applications by using Group Policy, see [Group Policy Software Installation](http://go.microsoft.com/fwlink/?LinkId=195931) (http://go.microsoft.com/fwlink/?LinkId=195931).
+For more information about how to add and remove applications by using Group Policy, see [Group Policy Software Installation](https://go.microsoft.com/fwlink/?LinkId=195931) (https://go.microsoft.com/fwlink/?LinkId=195931).
## Adding and Removing Applications by Using an ESD System
@@ -56,7 +56,7 @@ Microsoft Application Virtualization (App-V) provides the administrative capabil
You can use MED-V together with App-V to add and remove virtual applications on a deployed MED-V workspace. To manage applications in this manner, you must first install the App-V agent on the MED-V guest operating system. You can then use App-V in the MED-V workspace to add and remove the virtual applications.
-For information about how to install and use App-V, see [Application Virtualization](http://go.microsoft.com/fwlink/?LinkId=122939) (http://go.microsoft.com/fwlink/?LinkId=122939).
+For information about how to install and use App-V, see [Application Virtualization](https://go.microsoft.com/fwlink/?LinkId=122939) (https://go.microsoft.com/fwlink/?LinkId=122939).
**Important**
App-V applications that you publish to the MED-V workspace have file-type associations that cannot redirect from the host computer to the guest virtual machine. However, the end user can still access these file types by clicking **File**, and then by clicking **Open** on the published App-V application.
diff --git a/mdop/medv-v2/installing-applications-on-a-windows-virtual-pc-image.md b/mdop/medv-v2/installing-applications-on-a-windows-virtual-pc-image.md
index 397318a04a..414b6c825b 100644
--- a/mdop/medv-v2/installing-applications-on-a-windows-virtual-pc-image.md
+++ b/mdop/medv-v2/installing-applications-on-a-windows-virtual-pc-image.md
@@ -43,9 +43,9 @@ Repeat these steps for any software or application that you want to install on t
For more information about how to install software on a virtual image, see the following articles:
-- [Publish and Use Virtual Applications](http://go.microsoft.com/fwlink/?LinkId=195926) (http://go.microsoft.com/fwlink/?LinkId=195926).
+- [Publish and Use Virtual Applications](https://go.microsoft.com/fwlink/?LinkId=195926) (https://go.microsoft.com/fwlink/?LinkId=195926).
-- [Windows Virtual PC Help](http://go.microsoft.com/fwlink/?LinkId=182378) (http://go.microsoft.com/fwlink/?LinkId=182378).
+- [Windows Virtual PC Help](https://go.microsoft.com/fwlink/?LinkId=182378) (https://go.microsoft.com/fwlink/?LinkId=182378).
After you have installed all of the software that you want on the MED-V image, your image is ready to be packaged.
diff --git a/mdop/medv-v2/managing-automatic-updates-for-med-v-workspaces.md b/mdop/medv-v2/managing-automatic-updates-for-med-v-workspaces.md
index c7ad9749c6..c37764919e 100644
--- a/mdop/medv-v2/managing-automatic-updates-for-med-v-workspaces.md
+++ b/mdop/medv-v2/managing-automatic-updates-for-med-v-workspaces.md
@@ -21,7 +21,7 @@ The MED-V workspace is a virtual machine that contains a separate operating syst
The MED-V workspace wake-up policy guarantees that the MED-V virtual machine is made available for updates for the time that you specify in your MED-V configuration settings. This applies to both updates that are published from Microsoft through Windows Update and updates deployed and controlled by non-Microsoft solutions, such as antivirus applications.
**Important**
-The MED-V workspace wake-up policy is optimized for the Microsoft Update infrastructure. If you are using Microsoft System Center Configuration Manager to deploy non-Microsoft updates, we recommend that you also use the System Center Updates Publisher, which takes advantage of the same infrastructure as Microsoft Update and therefore benefits from the MED-V workspace wake-up policy. For more information, see [System Center Updates Publisher](http://go.microsoft.com/fwlink/?LinkId=200035) (http://go.microsoft.com/fwlink/?LinkId=200035).
+The MED-V workspace wake-up policy is optimized for the Microsoft Update infrastructure. If you are using Microsoft System Center Configuration Manager to deploy non-Microsoft updates, we recommend that you also use the System Center Updates Publisher, which takes advantage of the same infrastructure as Microsoft Update and therefore benefits from the MED-V workspace wake-up policy. For more information, see [System Center Updates Publisher](https://go.microsoft.com/fwlink/?LinkId=200035) (https://go.microsoft.com/fwlink/?LinkId=200035).
diff --git a/mdop/medv-v2/managing-med-v-workspace-settings-by-using-the-med-v-workspace-packager.md b/mdop/medv-v2/managing-med-v-workspace-settings-by-using-the-med-v-workspace-packager.md
index b6d6f97c32..c59322f69c 100644
--- a/mdop/medv-v2/managing-med-v-workspace-settings-by-using-the-med-v-workspace-packager.md
+++ b/mdop/medv-v2/managing-med-v-workspace-settings-by-using-the-med-v-workspace-packager.md
@@ -75,7 +75,7 @@ You can use the MED-V Workspace Packager to manage certain settings in the MED-V
-4. Click **Save as…** to save the updated configuration settings in the specified folder. MED-V creates a registry file that contains the updated settings. Deploy the updated registry file by using Group Policy. For more information about how to use Group Policy, see [Group Policy Software Installation](http://go.microsoft.com/fwlink/?LinkId=195931) (http://go.microsoft.com/fwlink/?LinkId=195931).
+4. Click **Save as…** to save the updated configuration settings in the specified folder. MED-V creates a registry file that contains the updated settings. Deploy the updated registry file by using Group Policy. For more information about how to use Group Policy, see [Group Policy Software Installation](https://go.microsoft.com/fwlink/?LinkId=195931) (https://go.microsoft.com/fwlink/?LinkId=195931).
MED-V also creates a Windows PowerShell script in the specified folder that you can use to re-create this updated registry file.
diff --git a/mdop/medv-v2/managing-software-updates-for-med-v-workspaces.md b/mdop/medv-v2/managing-software-updates-for-med-v-workspaces.md
index 0b1693f526..6be8fd72bd 100644
--- a/mdop/medv-v2/managing-software-updates-for-med-v-workspaces.md
+++ b/mdop/medv-v2/managing-software-updates-for-med-v-workspaces.md
@@ -32,7 +32,7 @@ For information about how to specify the configuration settings that define how
3. **Using Application Virtualization (APP-V)**
- If you use MED-V together with App-V, you can provide software updates to applications in the MED-V workspace by following the steps that are required by App-V for updating software. For more information, see [Application Virtualization](http://go.microsoft.com/fwlink/?LinkId=122939) (http://go.microsoft.com/fwlink/?LinkId=122939).
+ If you use MED-V together with App-V, you can provide software updates to applications in the MED-V workspace by following the steps that are required by App-V for updating software. For more information, see [Application Virtualization](https://go.microsoft.com/fwlink/?LinkId=122939) (https://go.microsoft.com/fwlink/?LinkId=122939).
4. **Updating Software in the Core Image**
diff --git a/mdop/medv-v2/med-v-20-best-practices.md b/mdop/medv-v2/med-v-20-best-practices.md
index fe5933aee8..2893ba441f 100644
--- a/mdop/medv-v2/med-v-20-best-practices.md
+++ b/mdop/medv-v2/med-v-20-best-practices.md
@@ -21,11 +21,11 @@ Although you can specify any settings that you prefer, a MED-V best practice is
### Disable restore points on the virtual machine
-Before you create the MED-V workspace package, we recommend that you disable restore points on the virtual machine to prevent the differencing disk from growing unbounded. For more information, see [How to turn off and turn on System Restore in Windows XP](http://go.microsoft.com/fwlink/?LinkId=195927) (http://go.microsoft.com/fwlink/?LinkId=195927).
+Before you create the MED-V workspace package, we recommend that you disable restore points on the virtual machine to prevent the differencing disk from growing unbounded. For more information, see [How to turn off and turn on System Restore in Windows XP](https://go.microsoft.com/fwlink/?LinkId=195927) (https://go.microsoft.com/fwlink/?LinkId=195927).
### Configure MED-V image to use local profiles
-We recommend that you apply only those policies that make sense in an application compatibility environment for Windows XP. For example, desktop customization policies do not typically have to be applied and should be disabled. For more information about how to allow only local profiles, see [Group Policy Settings for Roaming User Profiles](http://go.microsoft.com/fwlink/?LinkId=205072) (http://go.microsoft.com/fwlink/?LinkId=205072).
+We recommend that you apply only those policies that make sense in an application compatibility environment for Windows XP. For example, desktop customization policies do not typically have to be applied and should be disabled. For more information about how to allow only local profiles, see [Group Policy Settings for Roaming User Profiles](https://go.microsoft.com/fwlink/?LinkId=205072) (https://go.microsoft.com/fwlink/?LinkId=205072).
### Configure a Group Policy performance update
diff --git a/mdop/medv-v2/med-v-20-deployment-overview.md b/mdop/medv-v2/med-v-20-deployment-overview.md
index 6e43197850..4af2d324d5 100644
--- a/mdop/medv-v2/med-v-20-deployment-overview.md
+++ b/mdop/medv-v2/med-v-20-deployment-overview.md
@@ -137,7 +137,7 @@ After MED-V and its required components are installed, MED-V must be configured.
4. After the MED-V workspace is restarted by Ftscompletion.exe, the end user is logged on. If they did not save their password during first time setup, they are prompted for it again. The MED-V workspace is then started and configured for the user. Configuration includes applying Group Policy.
- We recommend that you apply only those policies that make sense in an application compatibility environment for Windows XP. For example, desktop personalization policies do not typically need to be applied and should be disabled. For more information about how to allow only local profiles, see [Group Policy Settings for Roaming User Profiles](http://go.microsoft.com/fwlink/?LinkId=205072) (http://go.microsoft.com/fwlink/?LinkId=205072).
+ We recommend that you apply only those policies that make sense in an application compatibility environment for Windows XP. For example, desktop personalization policies do not typically need to be applied and should be disabled. For more information about how to allow only local profiles, see [Group Policy Settings for Roaming User Profiles](https://go.microsoft.com/fwlink/?LinkId=205072) (https://go.microsoft.com/fwlink/?LinkId=205072).
After first time setup is complete, the end user is notified that the published applications are ready. They are then able to access the applications installed in the MED-V workspace from their **Start** menu.
diff --git a/mdop/medv-v2/med-v-20-release-notes.md b/mdop/medv-v2/med-v-20-release-notes.md
index 483af712b5..baecc7445e 100644
--- a/mdop/medv-v2/med-v-20-release-notes.md
+++ b/mdop/medv-v2/med-v-20-release-notes.md
@@ -22,12 +22,12 @@ Read these release notes thoroughly before you install the Microsoft Enterprise
## About the Product Documentation
-Documentation for Microsoft Enterprise Desktop Virtualization (MED-V) 2.0 is distributed with the product and is also located at [Microsoft Enterprise Desktop Virtualization 2.0](http://go.microsoft.com/fwlink/?LinkID=207065) (http://go.microsoft.com/fwlink/?LinkId=207065).
+Documentation for Microsoft Enterprise Desktop Virtualization (MED-V) 2.0 is distributed with the product and is also located at [Microsoft Enterprise Desktop Virtualization 2.0](https://go.microsoft.com/fwlink/?LinkID=207065) (https://go.microsoft.com/fwlink/?LinkId=207065).
## Protect Against Security Vulnerabilities and Viruses
-To help protect against security vulnerabilities and viruses, we recommend that you install the latest available security updates for any new software being installed. For more information, see [Microsoft Security](http://go.microsoft.com/fwlink/?LinkId=3482) (http://go.microsoft.com/fwlink/?LinkId=3482).
+To help protect against security vulnerabilities and viruses, we recommend that you install the latest available security updates for any new software being installed. For more information, see [Microsoft Security](https://go.microsoft.com/fwlink/?LinkId=3482) (https://go.microsoft.com/fwlink/?LinkId=3482).
## Known Issues with MED-V 2.0
diff --git a/mdop/medv-v2/operations-troubleshooting-medv2.md b/mdop/medv-v2/operations-troubleshooting-medv2.md
index ac2101a641..a789860a4e 100644
--- a/mdop/medv-v2/operations-troubleshooting-medv2.md
+++ b/mdop/medv-v2/operations-troubleshooting-medv2.md
@@ -82,7 +82,7 @@ None.
**Solution**
-You can specify the length of time that MED-V waits to close unresponsive applications by setting the WaitToKillAppTimeout registry key in the guest virtual machine. For more information, see [How To Increase Shutdown Time So That Processes Can Quit Properly in Windows XP](http://go.microsoft.com/fwlink/?LinkId=206819) (http://go.microsoft.com/fwlink/?LinkId=206819).
+You can specify the length of time that MED-V waits to close unresponsive applications by setting the WaitToKillAppTimeout registry key in the guest virtual machine. For more information, see [How To Increase Shutdown Time So That Processes Can Quit Properly in Windows XP](https://go.microsoft.com/fwlink/?LinkId=206819) (https://go.microsoft.com/fwlink/?LinkId=206819).
**Renaming a Published Application Shortcut in the Guest Virtual Machine does not Change the Published Name in the Host**. When you publish an application by creating a shortcut and then rename the shortcut in the guest virtual machine, the original application name remains in the host **Start** menu. The program continues to run as expected, however the program will always retain the original name.
diff --git a/mdop/medv-v2/technical-reference-for-med-v.md b/mdop/medv-v2/technical-reference-for-med-v.md
index 5f2c1e4e47..3f1ca2cd96 100644
--- a/mdop/medv-v2/technical-reference-for-med-v.md
+++ b/mdop/medv-v2/technical-reference-for-med-v.md
@@ -33,10 +33,10 @@ Provides information about how to upgrade your MED-V installation.
[Windows Virtual PC Application Exclude List](windows-virtual-pc-application-exclude-list.md)
Describes how to specify certain installed applications that you do not want published to the host computer.
-[MED-V 2 Configuration Cmdlets](http://go.microsoft.com/fwlink/?LinkId=213301)
+[MED-V 2 Configuration Cmdlets](https://go.microsoft.com/fwlink/?LinkId=213301)
Provides information about cmdlets you can use to perform various MED-V configuration tasks from the command line.
-[MED-V 2 Workspace Cmdlets](http://go.microsoft.com/fwlink/?LinkId=213302)
+[MED-V 2 Workspace Cmdlets](https://go.microsoft.com/fwlink/?LinkId=213302)
Provides information about cmdlets you can use to perform various MED-V workspace configuration tasks from the command line.
[Example MED-V Checklists](example-med-v-checklists.md)
diff --git a/mdop/solutions/how-to-download-and-deploy-mdop-group-policy--admx--templates.md b/mdop/solutions/how-to-download-and-deploy-mdop-group-policy--admx--templates.md
index 6d97c03bb7..fa6a813093 100644
--- a/mdop/solutions/how-to-download-and-deploy-mdop-group-policy--admx--templates.md
+++ b/mdop/solutions/how-to-download-and-deploy-mdop-group-policy--admx--templates.md
@@ -20,7 +20,7 @@ You can manage the feature settings of certain Microsoft Desktop Optimization Pa
**How to download and deploy the MDOP Group Policy templates**
-1. Download the MDOP Group Policy templates from .
+1. Download the MDOP Group Policy templates from .
2. Run the downloaded file to extract the template folders.
diff --git a/mdop/uev-v1/accessibility-for-ue-v.md b/mdop/uev-v1/accessibility-for-ue-v.md
index 945e5bd331..aebe2a9c77 100644
--- a/mdop/uev-v1/accessibility-for-ue-v.md
+++ b/mdop/uev-v1/accessibility-for-ue-v.md
@@ -62,7 +62,7 @@ For information about the availability of Microsoft product documentation and bo
(609) 987-8116 |
|
-[http://www.learningally.org/](http://go.microsoft.com/fwlink/p/?linkid=239) |
+[http://www.learningally.org/](https://go.microsoft.com/fwlink/p/?linkid=239) |
Web addresses can change, so you might be unable to connect to the website or sites that are mentioned here. |
@@ -83,7 +83,7 @@ Microsoft Support Services are subject to the prices, terms, and conditions in p
## For more information
-For more information about how accessible technology for computers can help to improve the lives of people with disabilities, see the [Microsoft Accessibility website](http://go.microsoft.com/fwlink/p/?linkid=8431).
+For more information about how accessible technology for computers can help to improve the lives of people with disabilities, see the [Microsoft Accessibility website](https://go.microsoft.com/fwlink/p/?linkid=8431).
## Related topics
diff --git a/mdop/uev-v1/changing-the-frequency-of-ue-v-scheduled-tasks.md b/mdop/uev-v1/changing-the-frequency-of-ue-v-scheduled-tasks.md
index 3f08b69f5b..d99aea03bd 100644
--- a/mdop/uev-v1/changing-the-frequency-of-ue-v-scheduled-tasks.md
+++ b/mdop/uev-v1/changing-the-frequency-of-ue-v-scheduled-tasks.md
@@ -15,7 +15,7 @@ ms.prod: w8
The Microsoft User Experience Virtualization (UE-V) Agent installer, AgentSetup.exe, creates two scheduled tasks during the UE-V Agent installation. The two tasks are the **Template Auto Update** task and the **Setting Storage Location Status** task. These scheduled tasks are not configurable with the UE-V tools. Administrators who wish to change the scheduled task for these items can create a script that uses the Schtasks.exe command-line options.
-For more information about Schtasks.exe, see [How to use Schtasks,exe to Schedule Tasks in Windows Server 2003](http://go.microsoft.com/fwlink/?LinkID=264854).
+For more information about Schtasks.exe, see [How to use Schtasks,exe to Schedule Tasks in Windows Server 2003](https://go.microsoft.com/fwlink/?LinkID=264854).
## Template Auto-Update
diff --git a/mdop/uev-v1/getting-started-with-user-experience-virtualization-10.md b/mdop/uev-v1/getting-started-with-user-experience-virtualization-10.md
index 6651234e46..79324f056c 100644
--- a/mdop/uev-v1/getting-started-with-user-experience-virtualization-10.md
+++ b/mdop/uev-v1/getting-started-with-user-experience-virtualization-10.md
@@ -33,10 +33,10 @@ User Experience Virtualization delivers an enhanced user state virtualization ex
This product requires thorough planning before you deploy it or use its features. Because this product can affect every computer in your organization, you might disrupt your entire network if you do not plan your deployment carefully. However, if you plan your deployment carefully and manage it so that it meets your business needs, this product can help reduce your administrative overhead and total cost of ownership.
-If you are new to this product, we recommend that you read the documentation carefully. Before you deploy the product to a production environment, we also recommend that you validate your deployment plan in a test network environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at
.
+If you are new to this product, we recommend that you read the documentation carefully. Before you deploy the product to a production environment, we also recommend that you validate your deployment plan in a test network environment. You might also consider taking a class about relevant technologies. For more information about Microsoft training opportunities, see the Microsoft Training Overview at .
**Note**
-A downloadable version of this administrator’s guide is not available. However, you can learn about a special mode of the TechNet Library that allows you to select articles, group them in a collection, and print them or export them to a file at (http://go.microsoft.com/fwlink/?LinkId=272497).
+A downloadable version of this administrator’s guide is not available. However, you can learn about a special mode of the TechNet Library that allows you to select articles, group them in a collection, and print them or export them to a file at (https://go.microsoft.com/fwlink/?LinkId=272497).
diff --git a/mdop/uev-v1/index.md b/mdop/uev-v1/index.md
index 149477d081..ce46b1dc0d 100644
--- a/mdop/uev-v1/index.md
+++ b/mdop/uev-v1/index.md
@@ -38,11 +38,11 @@ Microsoft User Experience Virtualization (UE-V) captures and centralizes applica
[Microsoft User Experience Virtualization (UE-V) 1.0 Release Notes](microsoft-user-experience-virtualization--ue-v--10-release-notes.md)
View updated product information and known issues for UE-V 1.0.
-[MDOP TechCenter Page](http://go.microsoft.com/fwlink/p/?LinkId=225286)
+[MDOP TechCenter Page](https://go.microsoft.com/fwlink/p/?LinkId=225286)
Learn about the latest MDOP information and resources.
-[MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032)
-Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28http://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28http://go.microsoft.com/fwlink/p/?LinkId=242447).
+[MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032)
+Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28https://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28https://go.microsoft.com/fwlink/p/?LinkId=242447).
diff --git a/mdop/uev-v1/installing-the-ue-v-group-policy-admx-templates.md b/mdop/uev-v1/installing-the-ue-v-group-policy-admx-templates.md
index c575f77c8b..d6b256689e 100644
--- a/mdop/uev-v1/installing-the-ue-v-group-policy-admx-templates.md
+++ b/mdop/uev-v1/installing-the-ue-v-group-policy-admx-templates.md
@@ -27,9 +27,9 @@ ADMX files can be installed and tested locally on any computer that runs the Win
**To download the UE-V ADMX templates**
-1. Download the UE-V ADMX template files: .
+1. Download the UE-V ADMX template files: .
-2. For more information about how to deploy the Group Policy templates, see .
+2. For more information about how to deploy the Group Policy templates, see .
## Related topics
diff --git a/mdop/uev-v1/microsoft-user-experience-virtualization--ue-v--10-release-notes.md b/mdop/uev-v1/microsoft-user-experience-virtualization--ue-v--10-release-notes.md
index aaf57aed0f..b348650d8e 100644
--- a/mdop/uev-v1/microsoft-user-experience-virtualization--ue-v--10-release-notes.md
+++ b/mdop/uev-v1/microsoft-user-experience-virtualization--ue-v--10-release-notes.md
@@ -59,7 +59,7 @@ WORKAROUND: None.
### UE-V does not support roaming settings between 32-bit and 64-bit versions of Microsoft Office
-We recommend that you install the 32-bit version of Microsoft Office for both 32-bit and 64-bit operating systems. To choose the Microsoft Office version that you need, click here. ([http://office.microsoft.com/word-help/choose-the-32-bit-or-64-bit-version-of-microsoft-office-HA010369476.aspx](http://go.microsoft.com/fwlink/?LinkID=247623)). UE-V supports roaming settings between identical architecture versions of Office. For example, 32-bit Office settings will roam between all 32-bit Office instances. UE-V does not support roaming settings between 32-bit and 64-bit versions of Office.
+We recommend that you install the 32-bit version of Microsoft Office for both 32-bit and 64-bit operating systems. To choose the Microsoft Office version that you need, click here. ([http://office.microsoft.com/word-help/choose-the-32-bit-or-64-bit-version-of-microsoft-office-HA010369476.aspx](https://go.microsoft.com/fwlink/?LinkID=247623)). UE-V supports roaming settings between identical architecture versions of Office. For example, 32-bit Office settings will roam between all 32-bit Office instances. UE-V does not support roaming settings between 32-bit and 64-bit versions of Office.
WORKAROUND: None
diff --git a/mdop/uev-v1/microsoft-user-experience-virtualization--ue-v--10-sp1-release-notes.md b/mdop/uev-v1/microsoft-user-experience-virtualization--ue-v--10-sp1-release-notes.md
index 89c2bfc59e..1aed81ba9b 100644
--- a/mdop/uev-v1/microsoft-user-experience-virtualization--ue-v--10-sp1-release-notes.md
+++ b/mdop/uev-v1/microsoft-user-experience-virtualization--ue-v--10-sp1-release-notes.md
@@ -54,7 +54,7 @@ WORKAROUND: None.
### UE-V does not support roaming settings between 32-bit and 64-bit versions of Microsoft Office
-We recommend that you install the 32-bit version of Microsoft Office for both 32-bit and 64-bit operating systems. To choose the Microsoft Office version that you need, click here ([http://office.microsoft.com/word-help/choose-the-32-bit-or-64-bit-version-of-microsoft-office-HA010369476.aspx](http://go.microsoft.com/fwlink/?LinkID=247623)). UE-V supports roaming settings between identical architecture versions of Office. For example, 32-bit Office settings will roam between all 32-bit Office instances. UE-V does not support roaming settings between 32-bit and 64-bit versions of Office.
+We recommend that you install the 32-bit version of Microsoft Office for both 32-bit and 64-bit operating systems. To choose the Microsoft Office version that you need, click here ([http://office.microsoft.com/word-help/choose-the-32-bit-or-64-bit-version-of-microsoft-office-HA010369476.aspx](https://go.microsoft.com/fwlink/?LinkID=247623)). UE-V supports roaming settings between identical architecture versions of Office. For example, 32-bit Office settings will roam between all 32-bit Office instances. UE-V does not support roaming settings between 32-bit and 64-bit versions of Office.
WORKAROUND: None
diff --git a/mdop/uev-v1/sharing-settings-location-templates-with-the-ue-v-template-gallery.md b/mdop/uev-v1/sharing-settings-location-templates-with-the-ue-v-template-gallery.md
index 545ab193ce..1ecf43b423 100644
--- a/mdop/uev-v1/sharing-settings-location-templates-with-the-ue-v-template-gallery.md
+++ b/mdop/uev-v1/sharing-settings-location-templates-with-the-ue-v-template-gallery.md
@@ -16,7 +16,7 @@ ms.prod: w8
## Share location templates with the template gallery
-The Microsoft User Experience Virtualization (UE-V) template gallery allows administrators to share their UE-V settings location templates. In the gallery, you can upload your settings location templates for other people to use, and you can download templates that other people have created. The UE-V template gallery is located on Microsoft TechNet here: .
+The Microsoft User Experience Virtualization (UE-V) template gallery allows administrators to share their UE-V settings location templates. In the gallery, you can upload your settings location templates for other people to use, and you can download templates that other people have created. The UE-V template gallery is located on Microsoft TechNet here: .
Before you share a settings location template on the UE-V template gallery, make sure it does not contain any personal or company information. You can use any XML viewer to open and view the contents of a settings location template file. The following template values should be reviewed before you share it with anyone outside your company.
diff --git a/mdop/uev-v1/supported-configurations-for-ue-v-10.md b/mdop/uev-v1/supported-configurations-for-ue-v-10.md
index aabe98a43b..8ab70ee12c 100644
--- a/mdop/uev-v1/supported-configurations-for-ue-v-10.md
+++ b/mdop/uev-v1/supported-configurations-for-ue-v-10.md
@@ -16,7 +16,7 @@ ms.prod: w8
Microsoft User Experience Virtualization (UE-V) supports the following described configurations.
**Note**
-Microsoft provides support for the current service pack, and in some cases, the preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](http://go.microsoft.com/fwlink/p/?LinkId=31975). For more information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](http://go.microsoft.com/fwlink/p/?LinkId=31976).
+Microsoft provides support for the current service pack, and in some cases, the preceding service pack. To find the support timelines for your product, see the [Lifecycle Supported Service Packs](https://go.microsoft.com/fwlink/p/?LinkId=31975). For more information about Microsoft Support Lifecycle Policy, see [Microsoft Support Lifecycle Support Policy FAQ](https://go.microsoft.com/fwlink/p/?LinkId=31976).
diff --git a/mdop/uev-v1/troubleshooting-ue-v-10.md b/mdop/uev-v1/troubleshooting-ue-v-10.md
index 03225ed777..7b0cc84f4e 100644
--- a/mdop/uev-v1/troubleshooting-ue-v-10.md
+++ b/mdop/uev-v1/troubleshooting-ue-v-10.md
@@ -13,7 +13,7 @@ ms.prod: w8
# Troubleshooting UE-V 1.0
-Troubleshooting content is not included in the Administrator's Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905).
+Troubleshooting content is not included in the Administrator's Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905).
## Find troubleshooting information
@@ -26,7 +26,7 @@ The first step to find help content in the Administrator’s Guide is to search
**To search the MDOP product documentation**
-1. Open a web browser and navigate to the [MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032) home page on TechNet.
+1. Open a web browser and navigate to the [MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032) home page on TechNet.
2. Locate the **Search TechNet with Bing** search box and enter your search term.
@@ -34,7 +34,7 @@ The first step to find help content in the Administrator’s Guide is to search
**To search the TechNet Wiki**
-1. Open a web browser and navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Open a web browser and navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Locate the **Search TechNet Wiki** search box and enter your search term.
@@ -47,7 +47,7 @@ If you have a troubleshooting tip or a best practice to share that is not alread
**To create a TechNet Wiki troubleshooting or best practices article**
-1. Open a web browser and navigate to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Open a web browser and navigate to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Log on with your Windows Live ID.
diff --git a/mdop/uev-v1/user-experience-virtualization-privacy-statement.md b/mdop/uev-v1/user-experience-virtualization-privacy-statement.md
index 45aa73a732..16c77e3adc 100644
--- a/mdop/uev-v1/user-experience-virtualization-privacy-statement.md
+++ b/mdop/uev-v1/user-experience-virtualization-privacy-statement.md
@@ -92,7 +92,7 @@ The Customer Experience Improvement Program (“CEIP”) collects basic informat
**Information Collected, Processed, or Transmitted:**
-For more information about the information collected, processed, or transmitted by CEIP, see the CEIP privacy statement at .
+For more information about the information collected, processed, or transmitted by CEIP, see the CEIP privacy statement at .
**Use of Information:**
@@ -119,7 +119,7 @@ Microsoft Error Reporting provides a service that allows you to report problems
**Information Collected, Processed, or Transmitted:**
-For information about the information collected, processed, or transmitted by Microsoft Error Reporting, see the Microsoft Error Reporting privacy statement at .
+For information about the information collected, processed, or transmitted by Microsoft Error Reporting, see the Microsoft Error Reporting privacy statement at .
**Use of Information:**
@@ -131,7 +131,7 @@ If you choose the recommended settings during Windows setup, you turn on automat
**Important Information:**
-Enterprise customers can use Group Policy to configure how Microsoft Error Reporting behaves on their computers. Configuration options include the ability to turn off Microsoft Error Reporting. If you are an administrator and wish to configure Group Policy for Microsoft Error Reporting, technical details are available at .
+Enterprise customers can use Group Policy to configure how Microsoft Error Reporting behaves on their computers. Configuration options include the ability to turn off Microsoft Error Reporting. If you are an administrator and wish to configure Group Policy for Microsoft Error Reporting, technical details are available at .
UE-V will not modify the Microsoft Error Reporting preference and will honor the system setting in the Control Panel and/or the setting enforced via Group Policy.
@@ -144,15 +144,15 @@ Microsoft Update is a service that provides Windows updates as well as updates f
**Information Collected, Processed, or Transmitted:**
-For details about what information is collected and how it is used, see the Update Services Privacy Statement at
+For details about what information is collected and how it is used, see the Update Services Privacy Statement at
**Use of Information:**
-- For details about what information is collected and how it is used, see the Update Services Privacy Statement at .
+- For details about what information is collected and how it is used, see the Update Services Privacy Statement at .
- Choice/Control:
- For details about controlling this feature, see the Update Services Privacy Statement at .
+ For details about controlling this feature, see the Update Services Privacy Statement at .
## Related topics
diff --git a/mdop/uev-v2/accessibility-for-ue-v-2x-both-uevv2.md b/mdop/uev-v2/accessibility-for-ue-v-2x-both-uevv2.md
index 64b640b2e6..8cfc4da6fd 100644
--- a/mdop/uev-v2/accessibility-for-ue-v-2x-both-uevv2.md
+++ b/mdop/uev-v2/accessibility-for-ue-v-2x-both-uevv2.md
@@ -57,7 +57,7 @@ For information about the availability of Microsoft product documentation and bo
(609) 987-8116 |
-[http://www.learningally.org/](http://go.microsoft.com/fwlink/p/?linkid=239) |
+[http://www.learningally.org/](https://go.microsoft.com/fwlink/p/?linkid=239) |
Web addresses can change, so you might be unable to connect to the website or sites that are mentioned here. |
@@ -78,7 +78,7 @@ Microsoft Support Services are subject to the prices, terms, and conditions in p
## For more information
-For more information about how accessible technology for computers can help to improve the lives of people with disabilities, see the [Microsoft Accessibility website](http://go.microsoft.com/fwlink/p/?linkid=8431).
+For more information about how accessible technology for computers can help to improve the lives of people with disabilities, see the [Microsoft Accessibility website](https://go.microsoft.com/fwlink/p/?linkid=8431).
## Got a suggestion for UE-V?
diff --git a/mdop/uev-v2/administering-ue-v-2x-with-windows-powershell-and-wmi-both-uevv2.md b/mdop/uev-v2/administering-ue-v-2x-with-windows-powershell-and-wmi-both-uevv2.md
index 5493bfd1dd..c5486d033d 100644
--- a/mdop/uev-v2/administering-ue-v-2x-with-windows-powershell-and-wmi-both-uevv2.md
+++ b/mdop/uev-v2/administering-ue-v-2x-with-windows-powershell-and-wmi-both-uevv2.md
@@ -16,7 +16,7 @@ ms.prod: w10
Microsoft User Experience Virtualization (UE-V) 2.0, 2.1, and 2.1 SP1 provide Windows PowerShell cmdlets, which can help administrators perform various UE-V tasks. The following sections provide more information about using Windows PowerShell in UE-V.
**Note**
-Administering UE-V 2 with Windows PowerShell requires Windows PowerShell 3.0 or higher. For a complete list of UE-V PowerShell cmdlets, see [UE-V 2 Cmdlet Reference](http://go.microsoft.com/fwlink/p/?LinkId=393495).
+Administering UE-V 2 with Windows PowerShell requires Windows PowerShell 3.0 or higher. For a complete list of UE-V PowerShell cmdlets, see [UE-V 2 Cmdlet Reference](https://go.microsoft.com/fwlink/p/?LinkId=393495).
diff --git a/mdop/uev-v2/changing-the-frequency-of-ue-v-2x-scheduled-tasks-both-uevv2.md b/mdop/uev-v2/changing-the-frequency-of-ue-v-2x-scheduled-tasks-both-uevv2.md
index 2971a05834..da5caca883 100644
--- a/mdop/uev-v2/changing-the-frequency-of-ue-v-2x-scheduled-tasks-both-uevv2.md
+++ b/mdop/uev-v2/changing-the-frequency-of-ue-v-2x-scheduled-tasks-both-uevv2.md
@@ -34,7 +34,7 @@ With the exception of Collect CEIP Data, these tasks must remain enabled as UE-V
These scheduled tasks are not configurable with the UE-V tools. Administrators who want to change the scheduled task for these items can create a script that uses the Schtasks.exe command-line options.
-For more information about Schtasks.exe, see [How to use Schtasks,exe to Schedule Tasks in Windows Server 2003](http://go.microsoft.com/fwlink/?LinkID=264854).
+For more information about Schtasks.exe, see [How to use Schtasks,exe to Schedule Tasks in Windows Server 2003](https://go.microsoft.com/fwlink/?LinkID=264854).
For more information about
diff --git a/mdop/uev-v2/configuring-the-company-settings-center-for-ue-v-2x-both-uevv2.md b/mdop/uev-v2/configuring-the-company-settings-center-for-ue-v-2x-both-uevv2.md
index 778b479ca2..239e324e35 100644
--- a/mdop/uev-v2/configuring-the-company-settings-center-for-ue-v-2x-both-uevv2.md
+++ b/mdop/uev-v2/configuring-the-company-settings-center-for-ue-v-2x-both-uevv2.md
@@ -48,7 +48,7 @@ The Company Settings Center can include a hyperlink that users can click to get
1. Open your preferred management tool:
- - **Group Policy** - If you have not already done so, download the ADMX template for UE-V 2 from [MDOP Administrative Templates](http://go.microsoft.com/fwlink/p/?LinkId=393941).
+ - **Group Policy** - If you have not already done so, download the ADMX template for UE-V 2 from [MDOP Administrative Templates](https://go.microsoft.com/fwlink/p/?LinkId=393941).
- **Windows PowerShell** – On a computer with the UE-V Agent installed, open **Windows PowerShell**. For more information about administering UE-V by using Windows PowerShell, see [Administering UE-V 2.x with Windows PowerShell and WMI](administering-ue-v-2x-with-windows-powershell-and-wmi-both-uevv2.md).
diff --git a/mdop/uev-v2/configuring-ue-v-2x-with-system-center-configuration-manager-2012-both-uevv2.md b/mdop/uev-v2/configuring-ue-v-2x-with-system-center-configuration-manager-2012-both-uevv2.md
index 0476446f14..036cada1cc 100644
--- a/mdop/uev-v2/configuring-ue-v-2x-with-system-center-configuration-manager-2012-both-uevv2.md
+++ b/mdop/uev-v2/configuring-ue-v-2x-with-system-center-configuration-manager-2012-both-uevv2.md
@@ -226,7 +226,7 @@ To distribute a new Notepad template, you would perform these steps:
## Get the UE-V Configuration Pack
-The UE-V Configuration Pack for Configuration Manager 2012 SP1 or later can be downloaded [here](http://go.microsoft.com/fwlink/?LinkId=317263).
+The UE-V Configuration Pack for Configuration Manager 2012 SP1 or later can be downloaded [here](https://go.microsoft.com/fwlink/?LinkId=317263).
## Got a suggestion for UE-V?
diff --git a/mdop/uev-v2/get-started-with-ue-v-2x-new-uevv2.md b/mdop/uev-v2/get-started-with-ue-v-2x-new-uevv2.md
index ccc160080f..4ec1527347 100644
--- a/mdop/uev-v2/get-started-with-ue-v-2x-new-uevv2.md
+++ b/mdop/uev-v2/get-started-with-ue-v-2x-new-uevv2.md
@@ -98,7 +98,7 @@ Before you proceed, make sure your environment includes these requirements for r
Also…
-- **MDOP License:** This technology is a part of the Microsoft Desktop Optimization Pack (MDOP). Enterprise customers can get MDOP with Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see How Do I Get MDOP (http://go.microsoft.com/fwlink/p/?LinkId=322049).
+- **MDOP License:** This technology is a part of the Microsoft Desktop Optimization Pack (MDOP). Enterprise customers can get MDOP with Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see How Do I Get MDOP (https://go.microsoft.com/fwlink/p/?LinkId=322049).
- **Administrative Credentials** for any computer on which you’ll be installing
diff --git a/mdop/uev-v2/index.md b/mdop/uev-v2/index.md
index 4875f0d7c9..6eeef89ebe 100644
--- a/mdop/uev-v2/index.md
+++ b/mdop/uev-v2/index.md
@@ -300,11 +300,11 @@ For more information, and for late-breaking news that did not make it into the d
### More information
-[MDOP TechCenter Page](http://go.microsoft.com/fwlink/p/?LinkId=225286)
+[MDOP TechCenter Page](https://go.microsoft.com/fwlink/p/?LinkId=225286)
Learn about the latest MDOP information and resources.
-[MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032)
-Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28http://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28http://go.microsoft.com/fwlink/p/?LinkId=242447).
+[MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032)
+Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com%29 or learn about updates by following us on [Facebook]%28https://go.microsoft.com/fwlink/p/?LinkId=242445%29 or [Twitter]%28https://go.microsoft.com/fwlink/p/?LinkId=242447).
## Got a suggestion for UE-V?
diff --git a/mdop/uev-v2/managing-the-ue-v-2x-agent-and-packages-with-windows-powershell-and-wmi-both-uevv2.md b/mdop/uev-v2/managing-the-ue-v-2x-agent-and-packages-with-windows-powershell-and-wmi-both-uevv2.md
index fe8bb33a9e..a903b15af8 100644
--- a/mdop/uev-v2/managing-the-ue-v-2x-agent-and-packages-with-windows-powershell-and-wmi-both-uevv2.md
+++ b/mdop/uev-v2/managing-the-ue-v-2x-agent-and-packages-with-windows-powershell-and-wmi-both-uevv2.md
@@ -13,7 +13,7 @@ ms.prod: w10
# Managing the UE-V 2.x Agent and Packages with Windows PowerShell and WMI
-You can use Windows Management Instrumentation (WMI) and Windows PowerShell to manage Microsoft User Experience Virtualization (UE-V) 2.0, 2.1, and 2.1 SP1 Agent configuration and synchronization behavior. For a complete list of UE-V PowerShell cmdlets, see [UE-V 2 Cmdlet Reference](http://go.microsoft.com/fwlink/?LinkId=393495) (http://go.microsoft.com/fwlink/?LinkId=393495).
+You can use Windows Management Instrumentation (WMI) and Windows PowerShell to manage Microsoft User Experience Virtualization (UE-V) 2.0, 2.1, and 2.1 SP1 Agent configuration and synchronization behavior. For a complete list of UE-V PowerShell cmdlets, see [UE-V 2 Cmdlet Reference](https://go.microsoft.com/fwlink/?LinkId=393495) (https://go.microsoft.com/fwlink/?LinkId=393495).
**To deploy the UE-V Agent by using Windows PowerShell**
diff --git a/mdop/uev-v2/managing-ue-v-2x-settings-location-templates-using-windows-powershell-and-wmi-both-uevv2.md b/mdop/uev-v2/managing-ue-v-2x-settings-location-templates-using-windows-powershell-and-wmi-both-uevv2.md
index daf1ff7f20..784a05752c 100644
--- a/mdop/uev-v2/managing-ue-v-2x-settings-location-templates-using-windows-powershell-and-wmi-both-uevv2.md
+++ b/mdop/uev-v2/managing-ue-v-2x-settings-location-templates-using-windows-powershell-and-wmi-both-uevv2.md
@@ -13,7 +13,7 @@ ms.prod: w10
# Managing UE-V 2.x Settings Location Templates Using Windows PowerShell and WMI
-Microsoft User Experience Virtualization (UE-V) 2.0, 2.1, and 2.1 SP1 use XML settings location templates to define the settings that User Experience Virtualization captures and applies. UE-V includes a set of standard settings location templates. It also includes the UE-V Generator tool that enables you to create custom settings location templates. After you create and deploy settings location templates, you can manage those templates by using Windows PowerShell and the Windows Management Instrumentation (WMI). For a complete list of UE-V PowerShell cmdlets, see [UE-V 2 Cmdlet Reference](http://go.microsoft.com/fwlink/p/?LinkId=393495) (http://go.microsoft.com/fwlink/p/?LinkId=393495).
+Microsoft User Experience Virtualization (UE-V) 2.0, 2.1, and 2.1 SP1 use XML settings location templates to define the settings that User Experience Virtualization captures and applies. UE-V includes a set of standard settings location templates. It also includes the UE-V Generator tool that enables you to create custom settings location templates. After you create and deploy settings location templates, you can manage those templates by using Windows PowerShell and the Windows Management Instrumentation (WMI). For a complete list of UE-V PowerShell cmdlets, see [UE-V 2 Cmdlet Reference](https://go.microsoft.com/fwlink/p/?LinkId=393495) (https://go.microsoft.com/fwlink/p/?LinkId=393495).
## Manage UE-V 2 settings location templates by using Windows PowerShell
diff --git a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md
index ce504d629b..3225fa1cbe 100644
--- a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md
+++ b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md
@@ -59,7 +59,7 @@ WORKAROUND: None.
### UE-V does not support roaming settings between 32-bit and 64-bit versions of Microsoft Office
-We recommend that you install the 32-bit version of Microsoft Office for both 32-bit and 64-bit operating systems. To choose the Microsoft Office version that you need, click here. ([http://office.microsoft.com/word-help/choose-the-32-bit-or-64-bit-version-of-microsoft-office-HA010369476.aspx](http://go.microsoft.com/fwlink/?LinkID=247623)). UE-V supports roaming settings between identical architecture versions of Office. For example, 32-bit Office settings will roam between all 32-bit Office instances. UE-V does not support roaming settings between 32-bit and 64-bit versions of Office.
+We recommend that you install the 32-bit version of Microsoft Office for both 32-bit and 64-bit operating systems. To choose the Microsoft Office version that you need, click here. ([http://office.microsoft.com/word-help/choose-the-32-bit-or-64-bit-version-of-microsoft-office-HA010369476.aspx](https://go.microsoft.com/fwlink/?LinkID=247623)). UE-V supports roaming settings between identical architecture versions of Office. For example, 32-bit Office settings will roam between all 32-bit Office instances. UE-V does not support roaming settings between 32-bit and 64-bit versions of Office.
WORKAROUND: None
diff --git a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-release-notesuevv21.md b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-release-notesuevv21.md
index dc3d01fbc5..f8ee54fd82 100644
--- a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-release-notesuevv21.md
+++ b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-release-notesuevv21.md
@@ -86,7 +86,7 @@ WORKAROUND: None.
### UE-V does not support roaming settings between 32-bit and 64-bit versions of Microsoft Office
-We recommend that you install the 32-bit version of Microsoft Office for both 32-bit and 64-bit operating systems. To choose the Microsoft Office version that you need, click here. ([http://office.microsoft.com/word-help/choose-the-32-bit-or-64-bit-version-of-microsoft-office-HA010369476.aspx](http://go.microsoft.com/fwlink/?LinkID=247623)). UE-V supports roaming settings between identical architecture versions of Office. For example, 32-bit Office settings will roam between all 32-bit Office instances. UE-V does not support roaming settings between 32-bit and 64-bit versions of Office.
+We recommend that you install the 32-bit version of Microsoft Office for both 32-bit and 64-bit operating systems. To choose the Microsoft Office version that you need, click here. ([http://office.microsoft.com/word-help/choose-the-32-bit-or-64-bit-version-of-microsoft-office-HA010369476.aspx](https://go.microsoft.com/fwlink/?LinkID=247623)). UE-V supports roaming settings between identical architecture versions of Office. For example, 32-bit Office settings will roam between all 32-bit Office instances. UE-V does not support roaming settings between 32-bit and 64-bit versions of Office.
WORKAROUND: None
diff --git a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-sp1-release-notes.md b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-sp1-release-notes.md
index b2d83bf32b..b4759fe68c 100644
--- a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-sp1-release-notes.md
+++ b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-sp1-release-notes.md
@@ -86,7 +86,7 @@ WORKAROUND: None.
### UE-V does not support roaming settings between 32-bit and 64-bit versions of Microsoft Office
-We recommend that you install the 32-bit version of Microsoft Office for both 32-bit and 64-bit operating systems. To choose the Microsoft Office version that you need, click here. ([http://office.microsoft.com/word-help/choose-the-32-bit-or-64-bit-version-of-microsoft-office-HA010369476.aspx](http://go.microsoft.com/fwlink/?LinkID=247623)). UE-V supports roaming settings between identical architecture versions of Office. For example, 32-bit Office settings will roam between all 32-bit Office instances. UE-V does not support roaming settings between 32-bit and 64-bit versions of Office.
+We recommend that you install the 32-bit version of Microsoft Office for both 32-bit and 64-bit operating systems. To choose the Microsoft Office version that you need, click here. ([http://office.microsoft.com/word-help/choose-the-32-bit-or-64-bit-version-of-microsoft-office-HA010369476.aspx](https://go.microsoft.com/fwlink/?LinkID=247623)). UE-V supports roaming settings between identical architecture versions of Office. For example, 32-bit Office settings will roam between all 32-bit Office instances. UE-V does not support roaming settings between 32-bit and 64-bit versions of Office.
WORKAROUND: None
diff --git a/mdop/uev-v2/prepare-a-ue-v-2x-deployment-new-uevv2.md b/mdop/uev-v2/prepare-a-ue-v-2x-deployment-new-uevv2.md
index 0916c46201..a97b55540e 100644
--- a/mdop/uev-v2/prepare-a-ue-v-2x-deployment-new-uevv2.md
+++ b/mdop/uev-v2/prepare-a-ue-v-2x-deployment-new-uevv2.md
@@ -83,7 +83,7 @@ See [User Experience Virtualization (UE-V) settings templates for Microsoft Offi
When you install the UE-V 2.1 or 2.1 SP1 Agent, it registers a default group of settings location templates that capture settings values for these common Microsoft applications.
**Tip**
-**Microsoft Office 2007 Settings Synchronization** – In UE-V 2.1 and 2.1 SP1, a settings location template is no longer included by default for Office 2007 applications. However, you can still use Office 2007 templates from UE-V 2.0 or earlier and can get the templates from the [UE-V template gallery](http://go.microsoft.com/fwlink/p/?LinkID=246589).
+**Microsoft Office 2007 Settings Synchronization** – In UE-V 2.1 and 2.1 SP1, a settings location template is no longer included by default for Office 2007 applications. However, you can still use Office 2007 templates from UE-V 2.0 or earlier and can get the templates from the [UE-V template gallery](https://go.microsoft.com/fwlink/p/?LinkID=246589).
@@ -172,7 +172,7 @@ UE-V 2.1 SP1 does not synchronize settings between the Microsoft Calculator in W
When you install the UE-V 2.0 Agent, it registers a default group of settings location templates that capture settings values for these common Microsoft applications.
**Tip**
-**Microsoft Office 2013 Settings Synchronization** – In UE-V 2.0, a settings location template is not included by default for Office 2013 applications, but is available for download from the [UE-V template gallery](http://go.microsoft.com/fwlink/p/?LinkID=246589). [Synchronizing Office 2013 with UE-V 2.0](synchronizing-office-2013-with-ue-v-20-both-uevv2.md) provides details about the supported templates that synchronize Office 2013 settings.
+**Microsoft Office 2013 Settings Synchronization** – In UE-V 2.0, a settings location template is not included by default for Office 2013 applications, but is available for download from the [UE-V template gallery](https://go.microsoft.com/fwlink/p/?LinkID=246589). [Synchronizing Office 2013 with UE-V 2.0](synchronizing-office-2013-with-ue-v-20-both-uevv2.md) provides details about the supported templates that synchronize Office 2013 settings.
@@ -517,7 +517,7 @@ This PowerShell cmdlet disables credential synchronization:
Disable-UevTemplate RoamingCredentialSettings
```
-[Group Policy](http://technet.microsoft.com/library/dn458893.aspx)**:** You must [deploy the latest MDOP ADMX template](http://go.microsoft.com/fwlink/p/?LinkId=393944) to enable credential synchronization through group policy. Credentials synchronization is managed with the Windows settings. To manage this feature with Group Policy, enable the Synchronize Windows settings policy.
+[Group Policy](http://technet.microsoft.com/library/dn458893.aspx)**:** You must [deploy the latest MDOP ADMX template](https://go.microsoft.com/fwlink/p/?LinkId=393944) to enable credential synchronization through group policy. Credentials synchronization is managed with the Windows settings. To manage this feature with Group Policy, enable the Synchronize Windows settings policy.
1. Open Group Policy Editor and navigate to **User Configuration – Administrative Templates – Windows Components – Microsoft User Experience Virtualization**.
@@ -597,7 +597,7 @@ The UE-V settings storage location and settings template catalog support storing
- Format the storage volume with an NTFS file system.
-- The share can use Distributed File System (DFS) replication, but Distributed File System Replication (DFSR) is specifically not supported. Distributed File System Namespaces (DFSN) are supported. For detailed information, see [Microsoft’s Support Statement Around Replicated User Profile Data](http://go.microsoft.com/fwlink/p/?LinkId=313991).
+- The share can use Distributed File System (DFS) replication, but Distributed File System Replication (DFSR) is specifically not supported. Distributed File System Namespaces (DFSN) are supported. For detailed information, see [Microsoft’s Support Statement Around Replicated User Profile Data](https://go.microsoft.com/fwlink/p/?LinkId=313991).
In addition, because SYSVOL uses DFSR for replication, SYSVOL cannot be used for UE-V data file replication.
@@ -692,12 +692,12 @@ Before you proceed, make sure your environment includes these requirements for r
Also…
-- **MDOP License:** This technology is a part of the Microsoft Desktop Optimization Pack (MDOP). Enterprise customers can get MDOP with Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see How Do I Get MDOP (http://go.microsoft.com/fwlink/p/?LinkId=322049).
+- **MDOP License:** This technology is a part of the Microsoft Desktop Optimization Pack (MDOP). Enterprise customers can get MDOP with Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see How Do I Get MDOP (https://go.microsoft.com/fwlink/p/?LinkId=322049).
- **Administrative Credentials** for any computer on which you’ll be installing
**Note**
-- The UE-V Windows PowerShell feature of the UE-V Agent requires .NET Framework 4 or higher and Windows PowerShell 3.0 or higher to be enabled. Download Windows PowerShell 3.0 [here](http://go.microsoft.com/fwlink/?LinkId=309609).
+- The UE-V Windows PowerShell feature of the UE-V Agent requires .NET Framework 4 or higher and Windows PowerShell 3.0 or higher to be enabled. Download Windows PowerShell 3.0 [here](https://go.microsoft.com/fwlink/?LinkId=309609).
- Install .NET Framework 4 or .NET Framework 4.5 on computers that run the Windows 7 or the Windows Server 2008 R2 operating system. The Windows 8, Windows 8.1, and Windows Server 2012 operating systems come with .NET Framework 4.5 installed. The Windows 10 operating system comes with .NET Framework 4.6 installed.
- The “Delete Roaming Cache” policy for Mandatory profiles is not supported with UE-V and should not be used.
diff --git a/mdop/uev-v2/security-considerations-for-ue-v-2x-both-uevv2.md b/mdop/uev-v2/security-considerations-for-ue-v-2x-both-uevv2.md
index ef418d7c0c..7aa983fc6e 100644
--- a/mdop/uev-v2/security-considerations-for-ue-v-2x-both-uevv2.md
+++ b/mdop/uev-v2/security-considerations-for-ue-v-2x-both-uevv2.md
@@ -33,143 +33,36 @@ Because settings packages might contain personal information, you should take ca
1. Set the following share-level SMB permissions for the setting storage location folder.
-
-
-
-
-
-
-
-
-
-
- Everyone |
- No permissions |
-
-
- Security group of UE-V |
- Full control |
-
-
-
-
-
+ | User account | Recommended permissions |
+ | - | - |
+ | Everyone | No permissions |
+ |Security group of UE-V | Full control |
2. Set the following NTFS file system permissions for the settings storage location folder.
-
-
-
-
-
-
-
-
-
-
-
- Creator/Owner |
- No permissions |
- No permissions |
-
-
- Domain Admins |
- Full control |
- This folder, subfolders, and files |
-
-
- Security group of UE-V users |
- List folder/read data, create folders/append data |
- This folder only |
-
-
- Everyone |
- Remove all permissions |
- No permissions |
-
-
-
-
-
+ | User account | Recommended permissions | Folder |
+ | - | - | - |
+ | Creator/Owner | No permissions | No permissions |
+ | Domain Admins | Full control | This folder, subfolders, and files |
+ | Security group of UE-V users | List folder/read data, create folders/append data | This folder only |
+ | Everyone | Remove all permissions | No permissions |
3. Set the following share-level SMB permissions for the settings template catalog folder.
-
-
-
-
-
-
-
-
-
-
- Everyone |
- No permissions |
-
-
- Domain computers |
- Read permission Levels |
-
-
- Administrators |
- Read/write permission levels |
-
-
-
-
+ | User account | Recommend permissions |
+ | - | - |
+ | Everyone | No permissions |
+ | Domain computers | Read permission Levels |
+ | Administrators | Read/write permission levels |
-
4. Set the following NTFS permissions for the settings template catalog folder.
-
-
-
-
-
-
-
-
-
-
-
- Creator/Owner |
- Full control |
- This folder, subfolders, and files |
-
-
- Domain Computers |
- List folder contents and Read permissions |
- This folder, subfolders, and files |
-
-
- Everyone |
- No permissions |
- No permissions |
-
-
- Administrators |
- Full Control |
- This folder, subfolders, and files |
-
-
-
-
-
+ | User account | Recommended permissions | Apply to |
+ | - | - | - |
+ | Creator/Owner | Full control | This folder, subfolders, and files |
+ | Domain Computers | List folder contents and Read permissions | This folder, subfolders, and files|
+ | Everyone| No permissions| No permissions|
+ | Administrators| Full Control| This folder, subfolders, and files|
### Use Windows Server as of Windows Server 2003 to host redirected file shares
diff --git a/mdop/uev-v2/synchronizing-office-2013-with-ue-v-20-both-uevv2.md b/mdop/uev-v2/synchronizing-office-2013-with-ue-v-20-both-uevv2.md
index fbba2bc34c..4b20fbb7a1 100644
--- a/mdop/uev-v2/synchronizing-office-2013-with-ue-v-20-both-uevv2.md
+++ b/mdop/uev-v2/synchronizing-office-2013-with-ue-v-20-both-uevv2.md
@@ -15,12 +15,12 @@ ms.prod: w10
Microsoft User Experience Virtualization (UE-V) 2.0 supports the synchronization of Microsoft Office 2013 application setting using a template available from the UE-V template gallery. The combination of UE-V 2 and App-V 5.0 SP2 support of Office 2013 Professional Plus enables the same experience on virtualized instance of Office 2013 from any UE-V-enabled device or virtualized desktop.
-To activate UE-V application settings support of Office 2013, you can download official UE-V Office 2013 templates from the [Microsoft User Experience Virtualization (UE-V) 2 Template Gallery](http://go.microsoft.com/fwlink/p/?LinkId=246589). This resource provides Microsoft-authored UE-V settings location templates as well as community-developed settings location templates.
+To activate UE-V application settings support of Office 2013, you can download official UE-V Office 2013 templates from the [Microsoft User Experience Virtualization (UE-V) 2 Template Gallery](https://go.microsoft.com/fwlink/p/?LinkId=246589). This resource provides Microsoft-authored UE-V settings location templates as well as community-developed settings location templates.
## Microsoft Office support in UE-V
-UE-V 1.0 and UE-V 2 include settings location templates for Microsoft Office 2010. These templates are distributed and registered as part of the UE-V Agent installation process. These templates help synchronize users’ Office experience between devices. The UE-V templates for Office 2013 provide a very similar settings experience to the templates for Office 2010. Microsoft Office 2013 settings roamed by Office 365 experience are not included in these settings. For a list of Office 365-specific settings, see [Overview of user and roaming settings for Office 2013](http://go.microsoft.com/fwlink/p/?LinkId=391220).
+UE-V 1.0 and UE-V 2 include settings location templates for Microsoft Office 2010. These templates are distributed and registered as part of the UE-V Agent installation process. These templates help synchronize users’ Office experience between devices. The UE-V templates for Office 2013 provide a very similar settings experience to the templates for Office 2010. Microsoft Office 2013 settings roamed by Office 365 experience are not included in these settings. For a list of Office 365-specific settings, see [Overview of user and roaming settings for Office 2013](https://go.microsoft.com/fwlink/p/?LinkId=391220).
## Synchronized Office 2013 Settings
@@ -112,7 +112,7 @@ You can deploy UE-V settings location template with the following methods:
- **Registering template via Template Catalog Path**. If you use the Settings Template Catalog Path to manage templates on users’ computers, copy the Office 2013 template into the folder defined in the UE-V Agent. The next time the Template Auto Update (ApplySettingsCatalog.exe) scheduled task runs, the settings location template will be registered on the device. For more information, see [Deploying the Settings Template Catalog for UE-V 2](http://technet.microsoft.com/library/dn458942.aspx#deploycatalogue).
-- **Registering template via Configuration Manager**. If you use Configuration Manager to manage your UE-V settings storage templates, then recreate the Template Baseline CAB, import it into Configuration Manager, and then deploy the baseline to your clients. For more information, see the guidance provided in the documentation for the [System Center 2012 Configuration Pack for Microsoft User Experience Virtualization 2](http://go.microsoft.com/fwlink/?LinkId=317263).
+- **Registering template via Configuration Manager**. If you use Configuration Manager to manage your UE-V settings storage templates, then recreate the Template Baseline CAB, import it into Configuration Manager, and then deploy the baseline to your clients. For more information, see the guidance provided in the documentation for the [System Center 2012 Configuration Pack for Microsoft User Experience Virtualization 2](https://go.microsoft.com/fwlink/?LinkId=317263).
## Got a suggestion for UE-V?
diff --git a/mdop/uev-v2/troubleshooting-ue-v-2x-both-uevv2.md b/mdop/uev-v2/troubleshooting-ue-v-2x-both-uevv2.md
index b46669f1a7..54488ba947 100644
--- a/mdop/uev-v2/troubleshooting-ue-v-2x-both-uevv2.md
+++ b/mdop/uev-v2/troubleshooting-ue-v-2x-both-uevv2.md
@@ -13,7 +13,7 @@ ms.prod: w10
# Troubleshooting UE-V 2.x
-Troubleshooting content is not included in the Administrator's Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905).
+Troubleshooting content is not included in the Administrator's Guide for this product. Instead, you can find troubleshooting information for this product on the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905).
## Find troubleshooting information
@@ -26,7 +26,7 @@ The first step to find help content in the Administrator’s Guide is to search
**To search the MDOP product documentation**
-1. Open a web browser and browse to the [MDOP Information Experience](http://go.microsoft.com/fwlink/p/?LinkId=236032) home page on TechNet.
+1. Open a web browser and browse to the [MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032) home page on TechNet.
2. Locate the **Search TechNet with Bing** search box and enter your search term.
@@ -34,7 +34,7 @@ The first step to find help content in the Administrator’s Guide is to search
**To search the TechNet Wiki**
-1. Open a web browser and browse to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Open a web browser and browse to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Locate the **Search TechNet Wiki** search box and enter your search term.
@@ -47,7 +47,7 @@ If you have a troubleshooting tip or a best practice to share that is not alread
**To create a TechNet Wiki troubleshooting or best practices article**
-1. Open a web browser and browse to the [TechNet Wiki](http://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
+1. Open a web browser and browse to the [TechNet Wiki](https://go.microsoft.com/fwlink/p/?LinkId=224905) home page.
2. Sign in with your Microsoft account.
diff --git a/mdop/uev-v2/whats-new-in-ue-v-21-new-uevv2.md b/mdop/uev-v2/whats-new-in-ue-v-21-new-uevv2.md
index a601d3e4a6..b0ac82f317 100644
--- a/mdop/uev-v2/whats-new-in-ue-v-21-new-uevv2.md
+++ b/mdop/uev-v2/whats-new-in-ue-v-21-new-uevv2.md
@@ -25,7 +25,7 @@ An Outlook profile must be created for any device on which a user wants to sync
-Previously UE-V included Microsoft Office 2010 settings location templates that were automatically distributed and registered with the UE-V Agent. UE-V 2.1 works with Office 365 to determine whether Office 2013 settings are roamed by Office 365. If settings are roamed by Office 365 they are not roamed by UE-V. [Overview of user and roaming settings for Office 2013](http://go.microsoft.com/fwlink/p/?LinkID=391220) provides more information.
+Previously UE-V included Microsoft Office 2010 settings location templates that were automatically distributed and registered with the UE-V Agent. UE-V 2.1 works with Office 365 to determine whether Office 2013 settings are roamed by Office 365. If settings are roamed by Office 365 they are not roamed by UE-V. [Overview of user and roaming settings for Office 2013](https://go.microsoft.com/fwlink/p/?LinkID=391220) provides more information.
To enable settings synchronization using UE-V 2.1, do one of the following:
@@ -33,7 +33,7 @@ To enable settings synchronization using UE-V 2.1, do one of the following:
- Do not enable the Office 365 synchronization experience during Office 2013 installation
-UE-V 2.1 ships [Office 2013 and Office 2010 templates](http://technet.microsoft.com/library/dn458932.aspx#autosyncsettings). This release removes the Office 2007 templates. Users can still use Office 2007 templates from UE-V 2.0 or earlier and can still get the templates from the UE-V template gallery located [here](http://go.microsoft.com/fwlink/p/?LinkID=246589).
+UE-V 2.1 ships [Office 2013 and Office 2010 templates](http://technet.microsoft.com/library/dn458932.aspx#autosyncsettings). This release removes the Office 2007 templates. Users can still use Office 2007 templates from UE-V 2.0 or earlier and can still get the templates from the UE-V template gallery located [here](https://go.microsoft.com/fwlink/p/?LinkID=246589).
## Fix for Distributed File System Namespace Users
diff --git a/mdop/uev-v2/whats-new-in-ue-v-21-sp1uevv21-sp1.md b/mdop/uev-v2/whats-new-in-ue-v-21-sp1uevv21-sp1.md
index d8950b0ead..017b35478b 100644
--- a/mdop/uev-v2/whats-new-in-ue-v-21-sp1uevv21-sp1.md
+++ b/mdop/uev-v2/whats-new-in-ue-v-21-sp1uevv21-sp1.md
@@ -64,7 +64,7 @@ An Outlook profile must be created for any device on which a user wants to sync
-Previously UE-V included Microsoft Office 2010 settings location templates that were automatically distributed and registered with the UE-V Agent. UE-V 2.1 works with Office 365 to determine whether Office 2013 settings are roamed by Office 365. If settings are roamed by Office 365 they are not roamed by UE-V. [Overview of user and roaming settings for Office 2013](http://go.microsoft.com/fwlink/p/?LinkID=391220) provides more information.
+Previously UE-V included Microsoft Office 2010 settings location templates that were automatically distributed and registered with the UE-V Agent. UE-V 2.1 works with Office 365 to determine whether Office 2013 settings are roamed by Office 365. If settings are roamed by Office 365 they are not roamed by UE-V. [Overview of user and roaming settings for Office 2013](https://go.microsoft.com/fwlink/p/?LinkID=391220) provides more information.
To enable settings synchronization using UE-V 2.1, do one of the following:
@@ -72,7 +72,7 @@ To enable settings synchronization using UE-V 2.1, do one of the following:
- Do not enable the Office 365 synchronization experience during Office 2013 installation
-UE-V 2.1 ships [Office 2013 and Office 2010 templates](http://technet.microsoft.com/library/dn458932.aspx#autosyncsettings). This release removes the Office 2007 templates. Users can still use Office 2007 templates from UE-V 2.0 or earlier and can still get the templates from the UE-V template gallery located [here](http://go.microsoft.com/fwlink/p/?LinkID=246589).
+UE-V 2.1 ships [Office 2013 and Office 2010 templates](http://technet.microsoft.com/library/dn458932.aspx#autosyncsettings). This release removes the Office 2007 templates. Users can still use Office 2007 templates from UE-V 2.0 or earlier and can still get the templates from the UE-V template gallery located [here](https://go.microsoft.com/fwlink/p/?LinkID=246589).
## Got a suggestion for UE-V?
diff --git a/mdop/uev-v2/working-with-custom-ue-v-2x-templates-and-the-ue-v-2x-generator-new-uevv2.md b/mdop/uev-v2/working-with-custom-ue-v-2x-templates-and-the-ue-v-2x-generator-new-uevv2.md
index d0fe551e08..115cb8405c 100644
--- a/mdop/uev-v2/working-with-custom-ue-v-2x-templates-and-the-ue-v-2x-generator-new-uevv2.md
+++ b/mdop/uev-v2/working-with-custom-ue-v-2x-templates-and-the-ue-v-2x-generator-new-uevv2.md
@@ -139,7 +139,7 @@ It is possible to create or edit settings location templates in an XML editor wi
## Share Settings Location Templates with the Template Gallery
-The Microsoft User Experience Virtualization (UE-V) 2.0 template gallery enables administrators to share their UE-V settings location templates. In the gallery, you can upload your settings location templates for other users to use, and you can download templates that other users have created. The UE-V template gallery is located on Microsoft TechNet [here](http://go.microsoft.com/fwlink/p/?LinkId=246589).
+The Microsoft User Experience Virtualization (UE-V) 2.0 template gallery enables administrators to share their UE-V settings location templates. In the gallery, you can upload your settings location templates for other users to use, and you can download templates that other users have created. The UE-V template gallery is located on Microsoft TechNet [here](https://go.microsoft.com/fwlink/p/?LinkId=246589).
Before you share a settings location template on the UE-V template gallery, ensure it does not contain any personal or company information. You can use any XML viewer to open and view the contents of a settings location template file. The following template values should be reviewed before you share a template with anyone outside your company.
diff --git a/windows/deploy/activate-using-active-directory-based-activation-client.md b/windows/deploy/activate-using-active-directory-based-activation-client.md
index 9c8f4c7fa1..2ccfe946be 100644
--- a/windows/deploy/activate-using-active-directory-based-activation-client.md
+++ b/windows/deploy/activate-using-active-directory-based-activation-client.md
@@ -22,7 +22,7 @@ localizationpriority: high
- Windows Server 2008 R2
**Looking for retail activation?**
-- [Get Help Activating Microsoft Windows](http://go.microsoft.com/fwlink/p/?LinkId=618644)
+- [Get Help Activating Microsoft Windows](https://go.microsoft.com/fwlink/p/?LinkId=618644)
Active Directory-based activation is implemented as a role service that relies on AD DS to store activation objects. Active Directory-based activation requires that the forest schema be updated by adprep.exe on a computer running Windows Server 2012 R2 or Windows Server 2012, but after the schema is updated, older domain controllers can still activate clients.
Any domain-joined computers running Windows 10, Windows 8.1, Windows 8, Windows Server 2012 R2, or Windows Server 2012 with a GVLK will be activated automatically and transparently. They will stay activated as long as they remain members of the domain and maintain periodic contact with a domain controller. Activation takes place after the Licensing service starts. When this service starts, the computer contacts AD DS automatically, receives the activation object, and is activated without user intervention.
diff --git a/windows/deploy/activate-using-key-management-service-vamt.md b/windows/deploy/activate-using-key-management-service-vamt.md
index 2bb06acd4e..0e20177f45 100644
--- a/windows/deploy/activate-using-key-management-service-vamt.md
+++ b/windows/deploy/activate-using-key-management-service-vamt.md
@@ -24,7 +24,7 @@ localizationpriority: high
**Looking for retail activation?**
-- [Get Help Activating Microsoft Windows](http://go.microsoft.com/fwlink/p/?LinkId=618644)
+- [Get Help Activating Microsoft Windows](https://go.microsoft.com/fwlink/p/?LinkId=618644)
There are three possible scenarios for volume activation of Windows 10 or Windows Server 2012 R2 by using a Key Management Service (KMS) host:
- Host KMS on a computer running Windows 10
@@ -48,7 +48,7 @@ To enable KMS functionality, a KMS key is installed on a KMS host; then, the hos
- To activate by using the telephone, type **slui.exe 4**.
3. After activating the KMS key, restart the Software Protection Service.
-For more information, see the information for Windows 7 in [Deploy KMS Activation](http://go.microsoft.com/fwlink/p/?LinkId=717032).
+For more information, see the information for Windows 7 in [Deploy KMS Activation](https://go.microsoft.com/fwlink/p/?LinkId=717032).
## Key Management Service in Windows Server 2012 R2
Installing a KMS host key on a computer running Windows Server allows you to activate computers running Windows Server 2012 R2, Windows Sever 2008 R2, Windows Server 2008, Windows 10, Windows 8.1, Windows 7, and Windows Vista.
@@ -60,7 +60,7 @@ This scenario is commonly used in larger organizations that do not find the over
**Note**
-If you receive error 0xC004F015 when trying to activate Windows 10 Enterprise, see [KB 3086418](http://go.microsoft.com/fwlink/p/?LinkId=620687).
+If you receive error 0xC004F015 when trying to activate Windows 10 Enterprise, see [KB 3086418](https://go.microsoft.com/fwlink/p/?LinkId=620687).
**Configure KMS in Windows Server 2012 R2**
@@ -122,7 +122,7 @@ The **/ato** command causes the operating system to attempt activation by using
The **/dlv** command displays the detailed licensing information. The response should return an error that states that the KMS activation count is too low. This confirms that KMS is functioning correctly, even though the client has not been activated.
-For more information about the use and syntax of slmgr.vbs, see [Slmgr.vbs Options](http://go.microsoft.com/fwlink/p/?LinkId=733639).
+For more information about the use and syntax of slmgr.vbs, see [Slmgr.vbs Options](https://go.microsoft.com/fwlink/p/?LinkId=733639).
## Key Management Service in earlier versions of Windows
@@ -133,7 +133,7 @@ If you have already established a KMS infrastructure in your organization for an
3. Install the new KMS host key on your KMS host.
4. Activate the new KMS host key by running the slmrg.vbs script.
-For detailed instructions, see [Update that enables Windows 8.1 and Windows 8 KMS hosts to activate a later version of Windows](http://go.microsoft.com/fwlink/p/?LinkId=618265) and [Update that enables Windows 7 and Windows Server 2008 R2 KMS hosts to activate Windows 10](http://go.microsoft.com/fwlink/p/?LinkId=626590).
+For detailed instructions, see [Update that enables Windows 8.1 and Windows 8 KMS hosts to activate a later version of Windows](https://go.microsoft.com/fwlink/p/?LinkId=618265) and [Update that enables Windows 7 and Windows Server 2008 R2 KMS hosts to activate Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=626590).
## See also
- [Volume Activation for Windows 10](volume-activation-windows-10.md)
diff --git a/windows/deploy/activate-windows-10-clients-vamt.md b/windows/deploy/activate-windows-10-clients-vamt.md
index 478ceda691..30cea0c7ff 100644
--- a/windows/deploy/activate-windows-10-clients-vamt.md
+++ b/windows/deploy/activate-windows-10-clients-vamt.md
@@ -24,7 +24,7 @@ localizationpriority: high
**Looking for retail activation?**
-- [Get Help Activating Microsoft Windows](http://go.microsoft.com/fwlink/p/?LinkId=618644)
+- [Get Help Activating Microsoft Windows](https://go.microsoft.com/fwlink/p/?LinkId=618644)
After you have configured Key Management Service (KMS) or Active Directory-based activation on your network, activating a client running Windows 10 is easy. If the computer has been configured with a Generic Volume License Key (GVLK), neither IT nor the user need take any action. It just works.
Enterprise edition images and installation media should already be configured with the GVLK. When the client computer starts, the Licensing service examines the current licensing condition of the computer.
@@ -84,7 +84,7 @@ KMS hosts on the network need to install a KMS key, and then be activated with M
### Activating subsequent Key Management Service hosts
-Each KMS key can be installed on up to six KMS hosts. These hosts can be physical computers or virtual machines. After activating a KMS host, the same host can be reactivated up to nine times with the same key. If the organization needs more than six KMS hosts, you can request additional activations for your organization’s KMS key by calling a Microsoft Volume [Licensing Activation Center](http://go.microsoft.com/fwlink/p/?LinkID=618264) to request an exception.
+Each KMS key can be installed on up to six KMS hosts. These hosts can be physical computers or virtual machines. After activating a KMS host, the same host can be reactivated up to nine times with the same key. If the organization needs more than six KMS hosts, you can request additional activations for your organization’s KMS key by calling a Microsoft Volume [Licensing Activation Center](https://go.microsoft.com/fwlink/p/?LinkID=618264) to request an exception.
## How Multiple Activation Key works
diff --git a/windows/deploy/active-directory-based-activation-overview.md b/windows/deploy/active-directory-based-activation-overview.md
index 9a64d7572a..7eced02f55 100644
--- a/windows/deploy/active-directory-based-activation-overview.md
+++ b/windows/deploy/active-directory-based-activation-overview.md
@@ -21,7 +21,7 @@ VAMT enables IT Professionals to manage and activate the Active Directory-Based
## Related topics
-- [How to Activate an Active Directory Forest Online](http://go.microsoft.com/fwlink/p/?LinkId=246565)
-- [How to Proxy Activate an Active Directory Forest](http://go.microsoft.com/fwlink/p/?LinkId=246566)
+- [How to Activate an Active Directory Forest Online](https://go.microsoft.com/fwlink/p/?LinkId=246565)
+- [How to Proxy Activate an Active Directory Forest](https://go.microsoft.com/fwlink/p/?LinkId=246566)
diff --git a/windows/deploy/appendix-information-sent-to-microsoft-during-activation-client.md b/windows/deploy/appendix-information-sent-to-microsoft-during-activation-client.md
index bcf9e7aa13..c8b4b71449 100644
--- a/windows/deploy/appendix-information-sent-to-microsoft-during-activation-client.md
+++ b/windows/deploy/appendix-information-sent-to-microsoft-during-activation-client.md
@@ -22,7 +22,7 @@ localizationpriority: medium
**Looking for retail activation?**
-- [Get Help Activating Microsoft Windows](http://go.microsoft.com/fwlink/p/?LinkId=618644)
+- [Get Help Activating Microsoft Windows](https://go.microsoft.com/fwlink/p/?LinkId=618644)
When you activate a computer running Windows 10, the following information is sent to Microsoft:
@@ -56,7 +56,7 @@ Standard computer information is also sent, but your computer’s IP address is
## Use of information
Microsoft uses the information to confirm that you have a licensed copy of the software. Microsoft does not use the information to contact individual consumers.
-For additional details, see [Windows 10 Privacy Statement](http://go.microsoft.com/fwlink/p/?LinkId=619879).
+For additional details, see [Windows 10 Privacy Statement](https://go.microsoft.com/fwlink/p/?LinkId=619879).
## See also
diff --git a/windows/deploy/change-history-for-deploy-windows-10.md b/windows/deploy/change-history-for-deploy-windows-10.md
index 3d0e742f97..f7b9f06baf 100644
--- a/windows/deploy/change-history-for-deploy-windows-10.md
+++ b/windows/deploy/change-history-for-deploy-windows-10.md
@@ -19,6 +19,13 @@ The topics in this library have been updated for Windows 10, version 1607 (also
- [Provision PCs with apps and certificates for initial deployment](provision-pcs-with-apps-and-certificates.md)
- [Provision PCs with common settings for initial deployment](provision-pcs-for-initial-deployment.md)
+=======
+
+## August 2016
+| New or changed topic | Description |
+|----------------------|-------------|
+| [Windows 10 edition upgrade](windows-10-edition-upgrades.md) | Updated with reboot requirements |
+
## July 2016
| New or changed topic | Description |
|----------------------|-------------|
diff --git a/windows/deploy/configure-a-pxe-server-to-load-windows-pe.md b/windows/deploy/configure-a-pxe-server-to-load-windows-pe.md
index 61bc2e47c8..c1f827f3a7 100644
--- a/windows/deploy/configure-a-pxe-server-to-load-windows-pe.md
+++ b/windows/deploy/configure-a-pxe-server-to-load-windows-pe.md
@@ -21,7 +21,7 @@ This walkthrough describes how to configure a PXE server to load Windows PE by
## Prerequisites
-- A deployment computer: A computer with the [Windows Assessment and Deployment Kit](http://go.microsoft.com/fwlink/p/?LinkId=526803) (Windows ADK) installed.
+- A deployment computer: A computer with the [Windows Assessment and Deployment Kit](https://go.microsoft.com/fwlink/p/?LinkId=526803) (Windows ADK) installed.
- A DHCP server: A DHCP server or DHCP proxy configured to respond to PXE client requests is required.
- A PXE server: A server running the TFTP service that can host Windows PE boot files that the client will download.
- A file server: A server hosting a network file share.
diff --git a/windows/deploy/configure-client-computers-vamt.md b/windows/deploy/configure-client-computers-vamt.md
index 704c8d01f9..c5334ea193 100644
--- a/windows/deploy/configure-client-computers-vamt.md
+++ b/windows/deploy/configure-client-computers-vamt.md
@@ -19,7 +19,7 @@ To enable the Volume Activation Management Tool (VAMT) to function correctly, ce
Organizations where the VAMT will be widely used may benefit from making these changes inside the master image for Windows.
**Important**
-This procedure only applies to clients running Windows Vista or later. For clients running Windows XP Service Pack 1, see [Connecting Through Windows Firewall](http://go.microsoft.com/fwlink/p/?LinkId=182933).
+This procedure only applies to clients running Windows Vista or later. For clients running Windows XP Service Pack 1, see [Connecting Through Windows Firewall](https://go.microsoft.com/fwlink/p/?LinkId=182933).
## Configuring the Windows Firewall to allow VAMT access
@@ -56,12 +56,12 @@ Enable the VAMT to access client computers across multiple subnets using the **W
- On the **Advanced** tab, verify selection of all profiles that are applicable to the network (Domain or Private/Public).
In certain scenarios, only a limited set of TCP/IP ports are allowed through a hardware firewall. Administrators must ensure that WMI (which relies on RPC over TCP/IP) is allowed through these types of firewalls. By default, the WMI port is a dynamically allocated random port above 1024. The following Microsoft knowledge article discusses how administrators can limit the range of dynamically-allocated ports. This is useful if, for example, the hardware firewall only allows traffic in a certain range of ports.
-For more info, see [How to configure RPC dynamic port allocation to work with firewalls](http://go.microsoft.com/fwlink/p/?LinkId=182911).
+For more info, see [How to configure RPC dynamic port allocation to work with firewalls](https://go.microsoft.com/fwlink/p/?LinkId=182911).
## Create a registry value for the VAMT to access workgroup-joined computer
**Caution**
-This section contains information about how to modify the registry. Make sure to back up the registry before you modify it; in addition, ensure that you know how to restore the registry, if a problem occurs. For more information about how to back up, restore, and modify the registry, see [Windows registry information for advanced users](http://go.microsoft.com/fwlink/p/?LinkId=182912).
+This section contains information about how to modify the registry. Make sure to back up the registry before you modify it; in addition, ensure that you know how to restore the registry, if a problem occurs. For more information about how to back up, restore, and modify the registry, see [Windows registry information for advanced users](https://go.microsoft.com/fwlink/p/?LinkId=182912).
On the client computer, create the following registry key using regedit.exe.
diff --git a/windows/deploy/create-a-windows-10-reference-image.md b/windows/deploy/create-a-windows-10-reference-image.md
index 50ec7f2fcf..1f91fff47c 100644
--- a/windows/deploy/create-a-windows-10-reference-image.md
+++ b/windows/deploy/create-a-windows-10-reference-image.md
@@ -115,7 +115,7 @@ By storing configuration items as MDT applications, it is easy to move these obj
In these examples, we assume that you downloaded the software in this list to the E:\\Downloads folder. The first application is added using the UI, but because MDT supports Windows PowerShell, you add the other applications using Windows PowerShell.
**Note**
-All the Microsoft Visual C++ downloads can be found on [The latest supported Visual C++ downloads](http://go.microsoft.com/fwlink/p/?LinkId=619523).
+All the Microsoft Visual C++ downloads can be found on [The latest supported Visual C++ downloads](https://go.microsoft.com/fwlink/p/?LinkId=619523).
### Create the install: Microsoft Office Professional Plus 2013 x86
diff --git a/windows/deploy/deploy-a-windows-10-image-using-mdt.md b/windows/deploy/deploy-a-windows-10-image-using-mdt.md
index 7f92cbc0d8..62ff5ee44b 100644
--- a/windows/deploy/deploy-a-windows-10-image-using-mdt.md
+++ b/windows/deploy/deploy-a-windows-10-image-using-mdt.md
@@ -28,7 +28,7 @@ Figure 1. The machines used in this topic.
## Step 1: Configure Active Directory permissions
-These steps will show you how to configure an Active Directory account with the permissions required to deploy a Windows 10 machine to the domain using MDT. These steps assume you have downloaded the sample [Set-OUPermissions.ps1 script](http://go.microsoft.com/fwlink/p/?LinkId=619362) and copied it to C:\\Setup\\Scripts on DC01. The account is used for Windows Preinstallation Environment (Windows PE) to connect to MDT01. In order for MDT to join machines into the contoso.com domain you need to create an account and configure permissions in Active Directory.
+These steps will show you how to configure an Active Directory account with the permissions required to deploy a Windows 10 machine to the domain using MDT. These steps assume you have downloaded the sample [Set-OUPermissions.ps1 script](https://go.microsoft.com/fwlink/p/?LinkId=619362) and copied it to C:\\Setup\\Scripts on DC01. The account is used for Windows Preinstallation Environment (Windows PE) to connect to MDT01. In order for MDT to join machines into the contoso.com domain you need to create an account and configure permissions in Active Directory.
1. On DC01, using Active Directory User and Computers, browse to **contoso.com / Contoso / Service Accounts**.
2. Select the **Service Accounts** organizational unit (OU) and create the MDT\_JD account using the following settings:
1. Name: MDT\_JD
@@ -177,7 +177,7 @@ Or, you can use this command in a normal command prompt:
wmic csproduct get name
```
-If you want a more standardized naming convention, try the ModelAliasExit.vbs script from the Deployment Guys blog post entitled [Using and Extending Model Aliases for Hardware Specific Application Installation](http://go.microsoft.com/fwlink/p/?LinkId=619536).
+If you want a more standardized naming convention, try the ModelAliasExit.vbs script from the Deployment Guys blog post entitled [Using and Extending Model Aliases for Hardware Specific Application Installation](https://go.microsoft.com/fwlink/p/?LinkId=619536).
@@ -217,7 +217,7 @@ In these steps, we assume you have downloaded PROWinx64.exe from Intel.com and s
For the Lenovo T420 model, you use the Lenovo ThinkVantage Update Retriever software to download the drivers. With Update Retriever, you need to specify the correct Lenovo Machine Type for the actual hardware (the first four characters of the model name). As an example, the Lenovo T420 model has the 4178B9G model name, meaning the Machine Type is 4178.
-To get the updates, you download the drivers from the Lenovo ThinkVantage Update Retriever using its export function. You can download the drivers from the [Lenovo website](http://go.microsoft.com/fwlink/p/?LinkId=619543).
+To get the updates, you download the drivers from the Lenovo ThinkVantage Update Retriever using its export function. You can download the drivers from the [Lenovo website](https://go.microsoft.com/fwlink/p/?LinkId=619543).
In these steps, we assume you have downloaded and extracted the drivers using ThinkVantage Update Retriever v5.0 to the E:\\Drivers\\Lenovo\\ThinkPad T420 (4178) folder.
@@ -227,7 +227,7 @@ In these steps, we assume you have downloaded and extracted the drivers using Th
### For the Latitude E6440
-For the Dell Latitude E6440 model, you use the Dell Driver CAB file, which is accessible via the [Dell TechCenter website](http://go.microsoft.com/fwlink/p/?LinkId=619544).
+For the Dell Latitude E6440 model, you use the Dell Driver CAB file, which is accessible via the [Dell TechCenter website](https://go.microsoft.com/fwlink/p/?LinkId=619544).
In these steps, we assume you have downloaded and extracted the CAB file for the Latitude E6440 model to the E:\\Drivers\\Dell\\Latitude E6440 folder.
@@ -237,7 +237,7 @@ In these steps, we assume you have downloaded and extracted the CAB file for the
### For the HP EliteBook 8560w
-For the HP EliteBook 8560w, you use HP SoftPaq Download Manager to get the drivers. The HP SoftPaq Download Manager can be accessed on the [HP Support site](http://go.microsoft.com/fwlink/p/?LinkId=619545).
+For the HP EliteBook 8560w, you use HP SoftPaq Download Manager to get the drivers. The HP SoftPaq Download Manager can be accessed on the [HP Support site](https://go.microsoft.com/fwlink/p/?LinkId=619545).
In these steps, we assume you have downloaded and extracted the drivers for the HP EliteBook 8650w model to the E:\\Drivers\\Windows 10 x64\\HP\\HP EliteBook 8560w folder.
@@ -630,7 +630,7 @@ Follow these steps to create a bootable USB stick from the offline media content
## Unified Extensible Firmware Interface (UEFI)-based deployments
-As referenced in [Windows 10 deployment tools](http://go.microsoft.com/fwlink/p/?LinkId=619546), Unified Extensible Firmware Interface (UEFI)-based deployments are becoming more common. In fact, when you create a generation 2 virtual machine in Hyper-V, you get a UEFI-based computer. During deployment, MDT automatically detects that you have an UEFI-based machine and creates the partitions UEFI requires. You do not need to update or change your task sequences in any way to accommodate UFEI.
+As referenced in [Windows 10 deployment tools](https://go.microsoft.com/fwlink/p/?LinkId=619546), Unified Extensible Firmware Interface (UEFI)-based deployments are becoming more common. In fact, when you create a generation 2 virtual machine in Hyper-V, you get a UEFI-based computer. During deployment, MDT automatically detects that you have an UEFI-based machine and creates the partitions UEFI requires. You do not need to update or change your task sequences in any way to accommodate UFEI.
diff --git a/windows/deploy/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md b/windows/deploy/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md
index e3e558c24b..b9624a46b9 100644
--- a/windows/deploy/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md
+++ b/windows/deploy/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md
@@ -81,7 +81,7 @@ Operating system deployment with Configuration Manager is part of the normal sof
## See also
-- [Microsoft Deployment Toolkit downloads and resources](http://go.microsoft.com/fwlink/p/?LinkId=618117)
+- [Microsoft Deployment Toolkit downloads and resources](https://go.microsoft.com/fwlink/p/?LinkId=618117)
- [Windows deployment tools](windows-deployment-scenarios-and-tools.md)
@@ -93,7 +93,7 @@ Operating system deployment with Configuration Manager is part of the normal sof
- [Sideload Windows Store apps](http://technet.microsoft.com/library/dn613831.aspx)
-- [Windows ADK for Windows 10](http://go.microsoft.com/fwlink/p/?LinkId=526803)
+- [Windows ADK for Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=526803)
diff --git a/windows/deploy/deploy-windows-10-with-the-microsoft-deployment-toolkit.md b/windows/deploy/deploy-windows-10-with-the-microsoft-deployment-toolkit.md
index 93028930c5..3fc7913c52 100644
--- a/windows/deploy/deploy-windows-10-with-the-microsoft-deployment-toolkit.md
+++ b/windows/deploy/deploy-windows-10-with-the-microsoft-deployment-toolkit.md
@@ -20,7 +20,7 @@ This guide will walk you through the process of deploying Windows 10 in an ente
The Microsoft Deployment Toolkit is a unified collection of tools, processes, and guidance for automating desktop and server deployment. In addition to reducing deployment time and standardizing desktop and server images, MDT enables you to more easily manage security and ongoing configurations. MDT builds on top of the core deployment tools in the Windows Assessment and Deployment Kit (Windows ADK) with additional guidance and features designed to reduce the complexity and time required for deployment in an enterprise environment.
MDT 2013 Update 2 supports the deployment of Windows 10, as well as Windows 7, Windows 8, Windows 8.1, and Windows Server 2012 R2. It also includes support for zero-touch installation (ZTI) with Microsoft System Center 2012 R2 Configuration Manager.
-To download the latest version of MDT, visit the [MDT resource page](http://go.microsoft.com/fwlink/p/?LinkId=618117).
+To download the latest version of MDT, visit the [MDT resource page](https://go.microsoft.com/fwlink/p/?LinkId=618117).
## In this section
@@ -71,13 +71,13 @@ Figure 2. The organizational unit (OU) structure used in this guide.
## Sample files
The information in this guide is designed to help you deploy Windows 10. In order to help you put the information you learn into practice more quickly, we recommend that you download a small set of sample files for the fictitious Contoso Corporation:
-- [Gather.ps1](http://go.microsoft.com/fwlink/p/?LinkId=619361). This sample Windows PowerShell script performs the MDT Gather process in a simulated MDT environment. This allows you to test the MDT gather process and check to see if it is working correctly without performing a full Windows deployment.
-- [Set-OUPermissions.ps1](http://go.microsoft.com/fwlink/p/?LinkId=619362). This sample Windows PowerShell script creates a domain account and then configures OU permissions to allow the account to join machines to the domain in the specified OU.
-- [MDTSample.zip](http://go.microsoft.com/fwlink/p/?LinkId=619363). This sample web service shows you how to configure a computer name dynamically using MDT.
+- [Gather.ps1](https://go.microsoft.com/fwlink/p/?LinkId=619361). This sample Windows PowerShell script performs the MDT Gather process in a simulated MDT environment. This allows you to test the MDT gather process and check to see if it is working correctly without performing a full Windows deployment.
+- [Set-OUPermissions.ps1](https://go.microsoft.com/fwlink/p/?LinkId=619362). This sample Windows PowerShell script creates a domain account and then configures OU permissions to allow the account to join machines to the domain in the specified OU.
+- [MDTSample.zip](https://go.microsoft.com/fwlink/p/?LinkId=619363). This sample web service shows you how to configure a computer name dynamically using MDT.
## Related topics
-[Microsoft Deployment Toolkit downloads and resources](http://go.microsoft.com/fwlink/p/?LinkId=618117)
+[Microsoft Deployment Toolkit downloads and resources](https://go.microsoft.com/fwlink/p/?LinkId=618117)
[Windows 10 deployment scenarios](windows-10-deployment-scenarios.md)
diff --git a/windows/deploy/deploy-windows-to-go.md b/windows/deploy/deploy-windows-to-go.md
index b4e13c5b8c..4b8717343e 100644
--- a/windows/deploy/deploy-windows-to-go.md
+++ b/windows/deploy/deploy-windows-to-go.md
@@ -19,156 +19,139 @@ author: mtniehaus
This topic helps you to deploy Windows To Go in your organization. Before you begin deployment, make sure that you have reviewed the topics [Windows To Go: feature overview](../plan/windows-to-go-overview.md) and [Prepare your organization for Windows To Go](../plan/prepare-your-organization-for-windows-to-go.md) to ensure that you have the correct hardware and are prepared to complete the deployment. You can then use the steps in this topic to start your Windows To Go deployment.
-**Note**
-This topic includes sample Windows PowerShell cmdlets that you can use to automate some of the procedures described. For more information, see [Using Cmdlets](http://go.microsoft.com/fwlink/p/?linkid=230693).
-
-
+>[!NOTE]
+>This topic includes sample Windows PowerShell cmdlets that you can use to automate some of the procedures described. For more information, see [Using Cmdlets](http://go.microsoft.com/fwlink/p/?linkid=230693).
## Deployment tips
-
The following is a list of items that you should be aware of before you start the deployment process:
-- Only use recommended USB drives for Windows To Go. Use of other drives is not supported. Check the list at [Windows To Go: feature overview](../plan/windows-to-go-overview.md) for the latest USB drives certified for use as Windows To Go drives.
+* Only use recommended USB drives for Windows To Go. Use of other drives is not supported. Check the list at [Windows To Go: feature overview](../plan/windows-to-go-overview.md) for the latest USB drives certified for use as Windows To Go drives.
-- After you provision a new workspace, always eject a Windows To Go drive using the **Safely Remove Hardware and Eject Media** control that can be found in the notification area or in Windows Explorer. Removing the drive from the USB port without ejecting it first can cause the drive to become corrupted.
+* After you provision a new workspace, always eject a Windows To Go drive using the **Safely Remove Hardware and Eject Media** control that can be found in the notification area or in Windows Explorer. Removing the drive from the USB port without ejecting it first can cause the drive to become corrupted.
-- When running a Windows To Go workspace, always shutdown the workspace before unplugging the drive.
+* When running a Windows To Go workspace, always shutdown the workspace before unplugging the drive.
-- System Center 2012 Configuration Manager SP1 and later includes support for user self-provisioning of Windows To Go drives. You can download Configuration Manager for evaluation from the [Microsoft TechNet Evaluation Center](http://go.microsoft.com/fwlink/p/?LinkId=618746). For more information on this deployment option, see [How to Provision Windows To Go in Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=619148).
+- System Center 2012 Configuration Manager SP1 and later includes support for user self-provisioning of Windows To Go drives. You can download Configuration Manager for evaluation from the [Microsoft TechNet Evaluation Center](https://go.microsoft.com/fwlink/p/?LinkId=618746). For more information on this deployment option, see [How to Provision Windows To Go in Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=619148).
-- If you are planning on using a USB drive duplicator to duplicate Windows To Go drives, do not configure offline domain join or BitLocker on the drive.
+* If you are planning on using a USB drive duplicator to duplicate Windows To Go drives, do not configure offline domain join or BitLocker on the drive.
## Basic deployment steps
-
Unless you are using a customized operating system image, your initial Windows To Go workspace will not be domain joined and will not contain applications. This is exactly like a new installation of Windows on a desktop or laptop computer. When planning your deployment, you should develop methods to join Windows to Go drives to the domain and install the standard applications that users in your organization require. These methods probably will be similar to the ones used for setting up desktop and laptop computers with domain privileges and applications. This section describes the instructions for creating the correct disk layout on the USB drive, applying the operating system image and the core Windows To Go specific configurations to the drive. The following steps are used in both small-scale and large-scale Windows To Go deployment scenarios.
-Completing these steps will give you a generic Windows To Go drive that can be distributed to your users and then customized for their usage as needed. This drive is also appropriate for use with USB drive duplicators. Your specific deployment scenarios will involve more than just these basic steps but these additional deployment considerations are similar to traditional PC deployment and can be incorporated into your Windows To Go deployment plan. For additional information, see [Windows Deployment Options](http://go.microsoft.com/fwlink/p/?LinkId=619149).
+Completing these steps will give you a generic Windows To Go drive that can be distributed to your users and then customized for their usage as needed. This drive is also appropriate for use with USB drive duplicators. Your specific deployment scenarios will involve more than just these basic steps but these additional deployment considerations are similar to traditional PC deployment and can be incorporated into your Windows To Go deployment plan. For additional information, see [Windows Deployment Options](https://go.microsoft.com/fwlink/p/?LinkId=619149).
-**Warning**
-If you are planning to use the generic Windows To Go drive as the master drive in a USB duplicator, the drive should not be booted. If the drive has been booted inadvertently it should be reprovisioned prior to duplication.
-
-
+>[!WARNING]
+>If you plan to use the generic Windows To Go drive as the master drive in a USB duplicator, the drive should not be booted. If the drive has been booted inadvertently it should be reprovisioned prior to duplication.
### Create the Windows To Go workspace
-In this step we are creating the operating system image that will be used on the Windows To Go drives. You can use the Windows To Go Creator Wizard or you can [do this manually](http://go.microsoft.com/fwlink/p/?LinkId=619174) using a combination of Windows PowerShell and command-line tools.
+In this step we are creating the operating system image that will be used on the Windows To Go drives. You can use the Windows To Go Creator Wizard or you can [do this manually](https://go.microsoft.com/fwlink/p/?LinkId=619174) using a combination of Windows PowerShell and command-line tools.
-**Warning**
-The preferred method for creating a single Windows To Go drive is to use the Windows To Go Creator Wizard included in Windows 10 Enterprise and Windows 10 Education.
+>[!WARNING]
+>The preferred method to create a single Windows To Go drive is to use the Windows To Go Creator Wizard included in Windows 10 Enterprise and Windows 10 Education.
-
+#### To create a Windows To Go workspace with the Windows To Go Creator Wizard
-**To create a Windows To Go workspace with the Windows To Go Creator Wizard**
+1. Sign into your Windows PC using an account with Administrator privileges.
-1. Sign into your Windows PC using an account with Administrator privileges.
+2. Insert the USB drive that you want to use as your Windows To Go drive into your PC.
-2. Insert the USB drive that you want to use as your Windows To Go drive into your PC.
+3. Verify that the .wim file location (which can be a network share, a DVD , or a USB drive) is accessible and that it contains a valid Windows 10 Enterprise or Windows 10 Education image that has been generalized using sysprep. Many environments can use the same image for both Windows To Go and desktop deployments.
-3. Verify that the .wim file location (which can be a network share, a DVD , or a USB drive) is accessible and that it contains a valid Windows 10 Enterprise or Windows 10 Education image that has been generalized using sysprep. Many environments can use the same image for both Windows To Go and desktop deployments.
+ >[!NOTE]
+ >For more information about .wim files, see [Windows System Image Manager (Windows SIM) Technical Reference](http://go.microsoft.com/fwlink/p/?LinkId=619150). For more information about using sysprep, see [Sysprep Overview](http://go.microsoft.com/fwlink/p/?LinkId=619151).
- **Note**
- For more information about .wim files, see [Windows System Image Manager (Windows SIM) Technical Reference](http://go.microsoft.com/fwlink/p/?LinkId=619150). For more information about using sysprep, see [Sysprep Overview](http://go.microsoft.com/fwlink/p/?LinkId=619151).
+4. Using Cortana, search for **Windows To Go** and then press **Enter**. If the **User Account Control** dialog box appears, confirm that the action it displays is what you want, and then click **Yes**. The **Windows To Go Creator Wizard** opens.
-
+5. On the **Choose the drive you want to use** page select the drive that represents the USB drive you inserted previously, then click **Next.**
-4. Using Cortana, search for **Windows To Go** and then press **Enter**. If the **User Account Control** dialog box appears, confirm that the action it displays is what you want, and then click **Yes**. The **Windows To Go Creator Wizard** opens.
+6. On the **Choose a Windows image** page, click **Add Search Location** and then navigate to the .wim file location and click select folder. The wizard will display the installable images present in the folder; select the Windows 10 Enterprise or Windows 10 Education image you wish to use and then click **Next**.
-5. On the **Choose the drive you want to use** page select the drive that represents the USB drive you inserted previously, then click **Next.**
+7. (Optional) On the **Set a BitLocker password (optional)** page, you can select **Use BitLocker with my Windows To Go Workspace** to encrypt your Windows To Go drive. If you do not wish to encrypt the drive at this time, click **Skip**. If you decide you want to add BitLocker protection later, see [Enable BitLocker protection for your Windows To Go drive](https://go.microsoft.com/fwlink/p/?LinkId=619152) for instructions.
+r
-6. On the **Choose a Windows image** page, click **Add Search Location** and then navigate to the .wim file location and click select folder. The wizard will display the installable images present in the folder; select the Windows 10 Enterprise or Windows 10 Education image you wish to use and then click **Next**.
-
-7. (Optional) On the **Set a BitLocker password (optional)** page, you can select **Use BitLocker with my Windows To Go Workspace** to encrypt your Windows To Go drive. If you do not wish to encrypt the drive at this time, click **Skip**. If you decide you want to add BitLocker protection later, see [Enable BitLocker protection for your Windows To Go drive](http://go.microsoft.com/fwlink/p/?LinkId=619152) for instructions.
-
- **Warning**
- If you are planning to use a USB-Duplicator to create multiple Windows To Go drives, do not enable BitLocker. Drives protected with BitLocker should not be duplicated.
-
-
+ >[!WARNING]
+ >If you plan to use a USB-Duplicator to create multiple Windows To Go drives, do not enable BitLocker. Drives protected with BitLocker should not be duplicated.
If you choose to encrypt the Windows To Go drive now:
- - Type a password that is at least eight characters long and conforms to your organizations password complexity policy. This password will be provided before the operating system is started so any characters you use must be able to be interpreted by the firmware. Some firmware does not support non-ASCII characters.
+ - Type a password that is at least eight characters long and conforms to your organizations password complexity policy. This password will be provided before the operating system is started so any characters you use must be able to be interpreted by the firmware. Some firmware does not support non-ASCII characters.
- - Retype the password, and then click Next.
- **Important**
- The BitLocker recovery password will be saved in the documents library of the computer used to create the workspace automatically. If your organization is using Active Directory Domain Services (AD DS) to store recovery passwords it will also be saved in AD DS under the computer account of the computer used to create the workspace. This password will be used only if you need to recover access to the drive because the BitLocker password specified in the previous step is not available, such as if a password is lost or forgotten. For more information about BitLocker and AD DS, see [Active Directory Domain Services considerations](http://go.microsoft.com/fwlink/p/?LinkId=619157).
+ >[!IMPORTANT]
+ >The BitLocker recovery password will be saved in the documents library of the computer used to create the workspace automatically. If your organization is using Active Directory Domain Services (AD DS) to store recovery passwords it will also be saved in AD DS under the computer account of the computer used to create the workspace. This password will be used only if you need to recover access to the drive because the BitLocker password specified in the previous step is not available, such as if a password is lost or forgotten. For more information about BitLocker and AD DS, see [Active Directory Domain Services considerations](https://go.microsoft.com/fwlink/p/?LinkId=619157).
-
+8. Verify that the USB drive inserted is the one you want to provision for Windows To Go and then click **Create** to start the Windows To Go workspace creation process.
-8. Verify that the USB drive inserted is the one you want to provision for Windows To Go and then click **Create** to start the Windows To Go workspace creation process.
+ >[!WARNING]
+ >The USB drive identified will be reformatted as part of the Windows To Go provisioning process and any data on the drive will be erased.
- **Warning**
- The USB drive identified will be reformatted as part of the Windows To Go provisioning process and any data on the drive will be erased.
+9. Wait for the creation process to complete, which can take 20 to 30 minutes. A completion page will be displayed that tells you when your Windows To Go workspace is ready to use. From the completion page you can configure the Windows To Go startup options to configure the current computer as a Windows To Go host computer.
-
+Your Windows To Go workspace is now ready to be started. You can now [prepare a host computer](https://go.microsoft.com/fwlink/p/?LinkId=619159) using the Windows To Go startup options and boot your Windows To Go drive.
-9. Wait for the creation process to complete, which can take 20 to 30 minutes. A completion page will be displayed that tells you when your Windows To Go workspace is ready to use. From the completion page you can configure the Windows To Go startup options to configure the current computer as a Windows To Go host computer.
-
-Your Windows To Go workspace is now ready to be started. You can now [prepare a host computer](http://go.microsoft.com/fwlink/p/?LinkId=619159) using the Windows To Go startup options and boot your Windows To Go drive.
-
-**Windows PowerShell equivalent commands**
+#### Windows PowerShell equivalent commands
The following Windows PowerShell cmdlet or cmdlets perform the same function as the preceding procedure. Enter each cmdlet on a single line, even though they may appear word-wrapped across several lines here because of formatting constraints. This procedure can only be used on PCs that are running Windows 10. Before starting, ensure that only the USB drive that you want to provision as a Windows To Go drive is connected to the PC.
-1. Using Cortana, search for **powershell**, right-click **Windows PowerShell**, and then select **Run as administrator**.
+1. Using Cortana, search for **powershell**, right-click **Windows PowerShell**, and then select **Run as administrator**.
-2. In the Windows PowerShell session type the following commands to partition a master boot record (MBR) disk for use with a FAT32 system partition and an NTFS-formatted operating system partition. This disk layout can support computers that use either UEFI or BIOS firmware:
+2. In the Windows PowerShell session type the following commands to partition a master boot record (MBR) disk for use with a FAT32 system partition and an NTFS-formatted operating system partition. This disk layout can support computers that use either UEFI or BIOS firmware:
``` syntax
-# The following command will set $Disk to all USB drives with >20 GB of storage
+ # The following command will set $Disk to all USB drives with >20 GB of storage
$Disk = Get-Disk | Where-Object {$_.Path -match "USBSTOR" -and $_.Size -gt 20Gb -and -not $_.IsBoot }
-#Clear the disk. This will delete any data on the disk. (and will fail if the disk is not yet initialized. If that happens, simply continue with ‘New-Partition…) Validate that this is the correct disk that you want to completely erase.
-#
-# To skip the confirmation prompt, append –confirm:$False
+ #Clear the disk. This will delete any data on the disk. (and will fail if the disk is not yet initialized. If that happens, simply continue with ‘New-Partition…) Validate that this is the correct disk that you want to completely erase.
+ #
+ # To skip the confirmation prompt, append –confirm:$False
Clear-Disk –InputObject $Disk[0] -RemoveData
-# This command initializes a new MBR disk
+ # This command initializes a new MBR disk
Initialize-Disk –InputObject $Disk[0] -PartitionStyle MBR
-# This command creates a 350 MB system partition
+ # This command creates a 350 MB system partition
$SystemPartition = New-Partition –InputObject $Disk[0] -Size (350MB) -IsActive
-# This formats the volume with a FAT32 Filesystem
-# To skip the confirmation dialog, append –Confirm:$False
+ # This formats the volume with a FAT32 Filesystem
+ # To skip the confirmation dialog, append –Confirm:$False
Format-Volume -NewFileSystemLabel "UFD-System" -FileSystem FAT32 `
-Partition $SystemPartition
-# This command creates the Windows volume using the maximum space available on the drive. The Windows To Go drive should not be used for other file storage.
+ # This command creates the Windows volume using the maximum space available on the drive. The Windows To Go drive should not be used for other file storage.
$OSPartition = New-Partition –InputObject $Disk[0] -UseMaximumSize
Format-Volume -NewFileSystemLabel "UFD-Windows" -FileSystem NTFS `
-Partition $OSPartition
-# This command assigns drive letters to the new drive, the drive letters chosen should not already be in use.
+ # This command assigns drive letters to the new drive, the drive letters chosen should not already be in use.
Set-Partition -InputObject $SystemPartition -NewDriveLetter "S"
Set-Partition -InputObject $OSPartition -NewDriveLetter "W"
-# This command sets the NODEFAULTDRIVELETTER flag on the partition which prevents drive letters being assigned to either partition when inserted into a different computer.
+ # This command sets the NODEFAULTDRIVELETTER flag on the partition which prevents drive letters being assigned to either partition when inserted into a different computer.
Set-Partition -InputObject $OSPartition -NoDefaultDriveLetter $TRUE
```
-3. Next you need to apply the operating system image that you want to use with Windows To Go to the operating system partition you just created on the disk (this may take 30 minutes or longer, depending on the size of the image and the speed of your USB connection). The following command shows how this can be accomplished using the [Deployment Image Servicing and Management](http://go.microsoft.com/fwlink/p/?LinkId=619161) command-line tool (DISM):
-
- **Tip**
- The index number must be set correctly to a valid Enterprise image in the .WIM file.
-
-
+3. Next you need to apply the operating system image that you want to use with Windows To Go to the operating system partition you just created on the disk (this may take 30 minutes or longer, depending on the size of the image and the speed of your USB connection). The following command shows how this can be accomplished using the [Deployment Image Servicing and Management](https://go.microsoft.com/fwlink/p/?LinkId=619161) command-line tool (DISM):
+ >[!TIP]
+ >The index number must be set correctly to a valid Enterprise image in the .WIM file.
+
``` syntax
-#The WIM file must contain a sysprep generalized image.
+ #The WIM file must contain a sysprep generalized image.
dism /apply-image /imagefile:n:\imagefolder\deploymentimages\mywtgimage.wim /index:1 /applydir:W:\
```
-4. Now use the [bcdboot](http://go.microsoft.com/fwlink/p/?LinkId=619163) command line tool to move the necessary boot components to the system partition on the disk. This helps ensure that the boot components, operating system versions, and architectures match. The `/f ALL` parameter indicates that boot components for UEFI and BIOS should be placed on the system partition of the disk. The following example illustrates this step:
+4. Now use the [bcdboot](https://go.microsoft.com/fwlink/p/?LinkId=619163) command line tool to move the necessary boot components to the system partition on the disk. This helps ensure that the boot components, operating system versions, and architectures match. The `/f ALL` parameter indicates that boot components for UEFI and BIOS should be placed on the system partition of the disk. The following example illustrates this step:
+
``` syntax
W:\Windows\System32\bcdboot W:\Windows /f ALL /s S:
```
-5. Apply SAN policy—OFFLINE\_INTERNAL - “4” to prevent the operating system from automatically bringing online any internally connected disk. This is done by creating and saving a **san\_policy.xml** file on the disk. The following example illustrates this step:
+5. Apply SAN policy—OFFLINE\_INTERNAL - “4” to prevent the operating system from automatically bringing online any internally connected disk. This is done by creating and saving a **san\_policy.xml** file on the disk. The following example illustrates this step:
``` syntax
@@ -200,13 +183,13 @@ The following Windows PowerShell cmdlet or cmdlets perform the same function as
```
-6. Place the **san\_policy.xml** file created in the previous step into the root directory of the Windows partition on the Windows To Go drive (W: from the previous examples) and run the following command:
+6. Place the **san\_policy.xml** file created in the previous step into the root directory of the Windows partition on the Windows To Go drive (W: from the previous examples) and run the following command:
``` syntax
Dism.exe /Image:W:\ /Apply-Unattend:W:\san_policy.xml
```
-7. Create an answer file (unattend.xml) that disables the use of Windows Recovery Environment with Windows To Go. You can use the following code sample to create a new answer file or you can paste it into an existing answer file:
+7. Create an answer file (unattend.xml) that disables the use of Windows Recovery Environment with Windows To Go. You can use the following code sample to create a new answer file or you can paste it into an existing answer file:
``` syntax
@@ -232,38 +215,38 @@ The following Windows PowerShell cmdlet or cmdlets perform the same function as
```
- Once the answer file has been saved, copy unattend.xml into the sysprep folder on the Windows To Go drive (for example, W:\\Windows\\System32\\sysprep\)
+ After the answer file has been saved, copy unattend.xml into the sysprep folder on the Windows To Go drive (for example, W:\\Windows\\System32\\sysprep\)
- **Important**
- Setup unattend files are processed based on their location. Setup will place a temporary unattend file into the **%systemroot%\\panther** folder which is the first location that setup will check for installation information. You should make sure that folder does not contain a previous version of an unattend.xml file to ensure that the one you just created is used.
+ >[!IMPORTANT]
+ >Setup unattend files are processed based on their location. Setup will place a temporary unattend file into the **%systemroot%\\panther** folder which is the first location that setup will check for installation information. You should make sure that folder does not contain a previous version of an unattend.xml file to ensure that the one you just created is used.
If you do not wish to boot your Windows To Go device on this computer and want to remove it to boot it on another PC, be sure to use the **Safely Remove Hardware and Eject Media** option to safely disconnect the drive before physically removing it from the PC.
-
-Your Windows To Go workspace is now ready to be started. You can now [prepare a host computer](http://go.microsoft.com/fwlink/p/?LinkId=619165) using the Windows To Go startup options to test your workspace configuration, [configure the workspace for offline domain join](http://go.microsoft.com/fwlink/p/?LinkId=619166), or [enable BitLocker protection for your Windows To Go drive](http://go.microsoft.com/fwlink/p/?LinkId=619167).
+Your Windows To Go workspace is now ready to be started. You can now [prepare a host computer](https://go.microsoft.com/fwlink/p/?LinkId=619165) using the Windows To Go startup options to test your workspace configuration, [configure the workspace for offline domain join](https://go.microsoft.com/fwlink/p/?LinkId=619166), or [enable BitLocker protection for your Windows To Go drive](https://go.microsoft.com/fwlink/p/?LinkId=619167).
+
### To prepare a host computer
Computers running Windows 8 and later can be configured as host computers that use Windows To Go automatically whenever a Windows To Go workspace is available at startup. When the Windows To Go startup options are enabled on a host computer, Windows will divert startup to the Windows To Go drive whenever it is attached to the computer. This makes it easy to switch from using the host computer to using the Windows To Go workspace.
-**Tip**
-If you will be using a PC running Windows 7 as your host computer, see [Tips for configuring your BIOS settings to work with Windows To Go](http://go.microsoft.com/fwlink/p/?LinkId=618951) for information to help you prepare the host computer.
+>[!TIP]
+>If you will be using a PC running Windows 7 as your host computer, see [Tips for configuring your BIOS settings to work with Windows To Go](https://go.microsoft.com/fwlink/p/?LinkId=618951) for information to help you prepare the host computer.
-
If you want to use the Windows To Go workspace, simply shut down the computer, plug in the Windows To Go drive, and turn on the computer. To use the host computer, shut down the Windows To Go workspace, unplug the Windows To Go drive, and turn on the computer.
To set the Windows To Go Startup options for host computers running Windows 10:
-1. Using Cortana, search for **Windows To Go startup options** and then press **Enter**.
+1. Using Cortana, search for **Windows To Go startup options** and then press **Enter**.
-2. In the **Windows To Go Startup Options** dialog box, select **Yes**, and then click **Save Changes** to configure the computer to boot from USB
+2. In the **Windows To Go Startup Options** dialog box, select **Yes**, and then click **Save Changes** to configure the computer to boot from USB
For host computers running Windows 8 or Windows 8.1:
-1. Press **Windows logo key+W**, search for **Windows To Go startup options**, and then press **Enter**.
-2. In the **Windows To Go Startup Options** dialog box, select **Yes**, and then click **Save Changes** to configure the computer to boot from USB.
+1. Press **Windows logo key+W**, search for **Windows To Go startup options**, and then press **Enter**.
+
+2. In the **Windows To Go Startup Options** dialog box, select **Yes**, and then click **Save Changes** to configure the computer to boot from USB.
You can configure your organization's computers to automatically start from the USB drive by enabling the following Group Policy setting:
@@ -271,7 +254,7 @@ You can configure your organization's computers to automatically start from the
After this policy setting is enabled, automatic starting of a Windows To Go workspace will be attempted when a USB drive is connected to the computer when it is started. Users will not be able to use the Windows To Go Startup Options to change this behavior. If you disable this policy setting, booting to Windows To Go when a USB drive is connected will not occur unless a user configures the option manually in the firmware. If you do not configure this policy setting, users who are members of the Administrators group can enable or disable booting from a USB drive using the Windows To Go Startup Options.
-Your host computer is now ready to boot directly into Windows To Go workspace when it is inserted prior to starting the computer. Optionally you can perform [Configure Windows To Go workspace for offline domain join](http://go.microsoft.com/fwlink/p/?LinkId=619169) and [Enable BitLocker protection for your Windows To Go drive](http://go.microsoft.com/fwlink/p/?LinkId=619152).
+Your host computer is now ready to boot directly into Windows To Go workspace when it is inserted prior to starting the computer. Optionally you can perform [Configure Windows To Go workspace for offline domain join](https://go.microsoft.com/fwlink/p/?LinkId=619169) and [Enable BitLocker protection for your Windows To Go drive](https://go.microsoft.com/fwlink/p/?LinkId=619152).
### Booting your Windows To Go workspace
@@ -302,80 +285,77 @@ Making sure that Windows To Go workspaces are effective when used off premises i
- A domain user account with rights to add computer accounts to the domain and is a member of the Administrator group on the Windows To Go host computer
-- [DirectAccess](http://go.microsoft.com/fwlink/p/?LinkId=619170) configured on the domain
+- [DirectAccess](https://go.microsoft.com/fwlink/p/?LinkId=619170) configured on the domain
**To configure your Windows To Go workspace for remote access**
-1. Start the host computer and sign in using a user account with privileges to add workstations to the domain and then run the following command from an elevated command prompt replacing the example placeholder parameters (denoted by <>) with the ones applicable for your environment:
+1. Start the host computer and sign in using a user account with privileges to add workstations to the domain and then run the following command from an elevated command prompt replacing the example placeholder parameters (denoted by <>) with the ones applicable for your environment:
``` syntax
djoin /provision /domain /machine /certtemplate /policynames /savefile /reuse
```
- **Note**
- The /certtemplate parameter supports the use of certificate templates for distributing certificates for DirectAccess, if your organization is not using certificate templates you can omit this parameter. Additionally, if are using djoin.exe with Windows Server 2008-based Domain Controllers, append the /downlevel switch during provisioning. For more information see the [Offline Domain Join Step-by-Step guide](http://go.microsoft.com/fwlink/p/?LinkId=619171).
+ >[!NOTE]
+ >The **/certtemplate** parameter supports the use of certificate templates for distributing certificates for DirectAccess, if your organization is not using certificate templates you can omit this parameter. Additionally, if are using djoin.exe with Windows Server 2008-based Domain Controllers, append the /downlevel switch during provisioning. For more information see the [Offline Domain Join Step-by-Step guide](https://go.microsoft.com/fwlink/p/?LinkId=619171).
-
+2. Insert the Windows To Go drive.
-2. Insert the Windows To Go drive.
+3. Launch an elevated Windows PowerShell prompt by right-clicking the Windows PowerShell shortcut in the taskbar, and then clicking **Run as Administrator**.
-3. Launch an elevated Windows PowerShell prompt by right-clicking the Windows PowerShell shortcut in the taskbar, and then clicking **Run as Administrator**.
-
-4. From the Windows PowerShell command prompt run:
+4. From the Windows PowerShell command prompt run:
``` syntax
-# The following command will set $Disk to all USB drives with >20 GB of storage
+ # The following command will set $Disk to all USB drives with >20 GB of storage
$Disk = Get-Disk | Where-Object {$_.Path -match "USBSTOR" -and $_.Size -gt 20Gb -and -not $_.IsBoot }
-#Clear the disk. This will delete any data on the disk. (and will fail if the disk is not yet initialized. If that happens, simply continue with ‘New-Partition…) Validate that this is the correct disk that you want to completely erase.
-#
-# To skip the confirmation prompt, append –confirm:$False
+ #Clear the disk. This will delete any data on the disk. (and will fail if the disk is not yet initialized. If that happens, simply continue with ‘New-Partition…) Validate that this is the correct disk that you want to completely erase.
+ #
+ # To skip the confirmation prompt, append –confirm:$False
Clear-Disk –InputObject $Disk[0] -RemoveData
-# This command initializes a new MBR disk
+ # This command initializes a new MBR disk
Initialize-Disk –InputObject $Disk[0] -PartitionStyle MBR
-# This command creates a 350 MB system partition
+ # This command creates a 350 MB system partition
$SystemPartition = New-Partition –InputObject $Disk[0] -Size (350MB) -IsActive
-# This formats the volume with a FAT32 Filesystem
-# To skip the confirmation dialog, append –Confirm:$False
+ # This formats the volume with a FAT32 Filesystem
+ # To skip the confirmation dialog, append –Confirm:$False
Format-Volume -NewFileSystemLabel "UFD-System" -FileSystem FAT32 `
-Partition $SystemPartition
-# This command creates the Windows volume using the maximum space available on the drive. The Windows To Go drive should not be used for other file storage.
+ # This command creates the Windows volume using the maximum space available on the drive. The Windows To Go drive should not be used for other file storage.
$OSPartition = New-Partition –InputObject $Disk[0] -UseMaximumSize
Format-Volume -NewFileSystemLabel "UFD-Windows" -FileSystem NTFS `
-Partition $OSPartition
-# This command assigns drive letters to the new drive, the drive letters chosen should not already be in use.
+ # This command assigns drive letters to the new drive, the drive letters chosen should not already be in use.
Set-Partition -InputObject $SystemPartition -NewDriveLetter "S"
Set-Partition -InputObject $OSPartition -NewDriveLetter "W"
-# This command toggles the NODEFAULTDRIVELETTER flag on the partition which prevents drive letters being assigned to either partition when inserted into a different computer.
+ # This command toggles the NODEFAULTDRIVELETTER flag on the partition which prevents drive letters being assigned to either partition when inserted into a different computer.
Set-Partition -InputObject $OSPartition -NoDefaultDriveLetter $TRUE
```
-5. Next you need to apply the operating system image that you want to use with Windows To Go to the operating system partition you just created on the disk (this may take 30 minutes or longer, depending on the size of the image and the speed of your USB connection). The following command shows how this can be accomplished using the [Deployment Image Servicing and Management](http://go.microsoft.com/fwlink/p/?LinkId=619161) command-line tool (DISM):
+5. Next you need to apply the operating system image that you want to use with Windows To Go to the operating system partition you just created on the disk (this may take 30 minutes or longer, depending on the size of the image and the speed of your USB connection). The following command shows how this can be accomplished using the [Deployment Image Servicing and Management](https://go.microsoft.com/fwlink/p/?LinkId=619161) command-line tool (DISM):
- **Tip**
- The index number must be set correctly to a valid Enterprise image in the .WIM file.
-
-
+ >[!TIP]
+ >The index number must be set correctly to a valid Enterprise image in the .WIM file.
+
``` syntax
-#The WIM file must contain a sysprep generalized image.
+ #The WIM file must contain a sysprep generalized image.
dism /apply-image /imagefile:n:\imagefolder\deploymentimages\mywtgimage.wim /index:1 /applydir:W:\
```
-6. Once those commands have completed, run the following command:
+6. After those commands have completed, run the following command:
``` syntax
djoin /requestodj /loadfile C:\example\path\domainmetadatafile /windowspath W:\Windows
```
-7. Next, we will need to edit the unattend.xml file to configure the first run (OOBE) settings. In this example we are hiding the Microsoft Software License Terms (EULA) page, configuring automatic updates to install important and recommended updates automatically, and identifying this workspace as part of a private office network. You can use other OOBE settings that you have configured for your organization if desired. For more information about the OOBE settings, see [OOBE](http://go.microsoft.com/fwlink/p/?LinkId=619172):
+7. Next, we will need to edit the unattend.xml file to configure the first run (OOBE) settings. In this example we are hiding the Microsoft Software License Terms (EULA) page, configuring automatic updates to install important and recommended updates automatically, and identifying this workspace as part of a private office network. You can use other OOBE settings that you have configured for your organization if desired. For more information about the OOBE settings, see [OOBE](https://go.microsoft.com/fwlink/p/?LinkId=619172):
``` syntax
@@ -415,14 +395,12 @@ Making sure that Windows To Go workspaces are effective when used off premises i
9. From a host computer, either on or off premises, start the computer and boot the Windows To Go workspace.
- 1. If on premises using a host computer with a direct network connection, sign on using your domain credentials.
+ * If on premises using a host computer with a direct network connection, sign on using your domain credentials.
- 2. If off premises, join a wired or wireless network with internet access and then sign on again using your domain credentials.
+ * If off premises, join a wired or wireless network with internet access and then sign on again using your domain credentials.
- **Note**
- Depending on your DirectAccess configuration you might be asked to insert your smart card to logon to the domain.
-
-
+ >[!NOTE]
+ >Depending on your DirectAccess configuration you might be asked to insert your smart card to log on to the domain.
You should now be able to access your organization’s network resources and work from your Windows To Go workspace as you would normally work from your standard desktop computer on premises.
@@ -430,13 +408,13 @@ You should now be able to access your organization’s network resources and wor
Enabling BitLocker on your Windows To Go drive will help ensure that your data is protected from unauthorized use and that if your Windows To Go drive is lost or stolen it will not be easy for an unauthorized person to obtain confidential data or use the workspace to gain access to protected resources in your organization. When BitLocker is enabled, each time you boot your Windows To Go drive, you will be asked to provide the BitLocker password to unlock the drive. The following procedure provides the steps for enabling BitLocker on your Windows To Go drive:
-**Prerequisites for enabling BitLocker scenario**
+#### Prerequisites for enabling BitLocker scenario
-- A Windows To Go drive that can be successfully provisioned.
+* A Windows To Go drive that can be successfully provisioned.
-- A computer running Windows 8 configured as a Windows To Go host computer
+* A computer running Windows 8 configured as a Windows To Go host computer
-- Review the following Group Policy settings for BitLocker Drive Encryption and modify the configuration as necessary:
+* Review the following Group Policy settings for BitLocker Drive Encryption and modify the configuration as necessary:
**\\Windows Components\\BitLocker Drive Encryption\\Operating System Drives\\Require additional authentication at startup**. This policy allows the use of a password key protector with an operating system drive; this policy must be enabled to configure BitLocker from within the Windows To Go workspace. This policy setting allows you to configure whether BitLocker requires additional authentication each time the computer starts and whether you are using BitLocker with or without a Trusted Platform Module (TPM). You must enable this setting and select the **Allow BitLocker without a compatible TPM** check box and then enable the **Configure use of passwords for operating system drives** setting.
@@ -448,9 +426,9 @@ You can choose to enable BitLocker protection on Windows To Go drives before dis
Enabling BitLocker during provisioning ensures that your operating system image is always protected by BitLocker. When enabling BitLocker during the provisioning process you can significantly reduce the time required for encrypting the drive by enabling BitLocker after configuring the disk and just prior to applying the image. If you use this method, you will need to give users their BitLocker password when you give then their Windows To Go workspace. Also, you should instruct your users to boot their workspace and change their BitLocker password as soon as possible (this can be done with standard user privileges).
-Enabling BitLocker after distribution requires that your users turn on BitLocker. This means that your Windows To Go workspaces are unprotected until the user enables BitLocker. Administrative rights on the Windows To Go workspace are required to enable BitLocker. For more information about BitLocker see the [BitLocker Overview](http://go.microsoft.com/fwlink/p/?LinkId=619173).
+Enabling BitLocker after distribution requires that your users turn on BitLocker. This means that your Windows To Go workspaces are unprotected until the user enables BitLocker. Administrative rights on the Windows To Go workspace are required to enable BitLocker. For more information about BitLocker see the [BitLocker Overview](https://go.microsoft.com/fwlink/p/?LinkId=619173).
-**BitLocker recovery keys**
+#### BitLocker recovery keys
BitLocker recovery keys are the keys that can be used to unlock a BitLocker protected drive if the standard unlock method fails. It is recommended that your BitLocker recovery keys be backed up to Active Directory Domain Services (AD DS). If you do not want to use AD DS to store recovery keys you can save recovery keys to a file or print them. How BitLocker recovery keys are managed differs depending on when BitLocker is enabled.
@@ -459,134 +437,122 @@ BitLocker recovery keys are the keys that can be used to unlock a BitLocker prot
- **Warning**
If BitLocker is enabled after distribution, the recovery key will be backed up to AD DS under the computer account of the workspace. If backing up recovery keys to AD DS is not used, they can be printed or saved to a file by the user. If the IT administrator wants a central record of recovery keys, a process by which the user provides the key to the IT department must be put in place.
-
+#### To enable BitLocker during provisioning
-**To enable BitLocker during provisioning**
+1. Start the host computer that is running Windows 8.
-1. Start the host computer that is running Windows 8.
+2. Insert your Windows To Go drive.
-2. Insert your Windows To Go drive.
+3. Launch an elevated Windows PowerShell prompt by right-clicking the Windows PowerShell shortcut in the taskbar, and then clicking **Run as Administrator**.
-3. Launch an elevated Windows PowerShell prompt by right-clicking the Windows PowerShell shortcut in the taskbar, and then clicking **Run as Administrator**.
+4. Provision the Windows To Go drive using the following cmdlets:
-4. Provision the Windows To Go drive using the following cmdlets:
+ >[!NOTE]
+ >If you used the [manual method for creating a workspace](https://go.microsoft.com/fwlink/p/?LinkId=619174) you should have already provisioned the Windows To Go drive. If so, you can continue on to the next step.
- **Note**
- If you used the [manual method for creating a workspace](http://go.microsoft.com/fwlink/p/?LinkId=619174) you should have already provisioned the Windows To Go drive. If so, you can continue on to the next step.
-
-
-
- ``` syntax
-# The following command will set $Disk to all USB drives with >20 GB of storage
+ ``` syntax
+ # The following command will set $Disk to all USB drives with >20 GB of storage
$Disk = Get-Disk | Where-Object {$_.Path -match "USBSTOR" -and $_.Size -gt 20Gb -and -not $_.IsBoot }
-#Clear the disk. This will delete any data on the disk. (and will fail if the disk is not yet initialized. If that happens, simply continue with ‘New-Partition…) Validate that this is the correct disk that you want to completely erase.
-#
-# To skip the confirmation prompt, append –confirm:$False
+ #Clear the disk. This will delete any data on the disk. (and will fail if the disk is not yet initialized. If that happens, simply continue with ‘New-Partition…) Validate that this is the correct disk that you want to completely erase.
+ #
+ # To skip the confirmation prompt, append –confirm:$False
Clear-Disk –InputObject $Disk[0] -RemoveData
-# This command initializes a new MBR disk
+ # This command initializes a new MBR disk
Initialize-Disk –InputObject $Disk[0] -PartitionStyle MBR
-# This command creates a 350 MB system partition
+ # This command creates a 350 MB system partition
$SystemPartition = New-Partition –InputObject $Disk[0] -Size (350MB) -IsActive
-# This formats the volume with a FAT32 Filesystem
-# To skip the confirmation dialog, append –Confirm:$False
+ # This formats the volume with a FAT32 Filesystem
+ # To skip the confirmation dialog, append –Confirm:$False
Format-Volume -NewFileSystemLabel "UFD-System" -FileSystem FAT32 `
-Partition $SystemPartition
-# This command creates the Windows volume using the maximum space available on the drive. The Windows To Go drive should not be used for other file storage.
+ # This command creates the Windows volume using the maximum space available on the drive. The Windows To Go drive should not be used for other file storage.
$OSPartition = New-Partition –InputObject $Disk[0] -UseMaximumSize
Format-Volume -NewFileSystemLabel "UFD-Windows" -FileSystem NTFS `
-Partition $OSPartition
-# This command assigns drive letters to the new drive, the drive letters chosen should not already be in use.
+ # This command assigns drive letters to the new drive, the drive letters chosen should not already be in use.
Set-Partition -InputObject $SystemPartition -NewDriveLetter "S"
Set-Partition -InputObject $OSPartition -NewDriveLetter "W"
-# This command toggles the NODEFAULTDRIVELETTER flag on the partition which prevents drive letters being assigned to either partition when inserted into a different computer.
+ # This command toggles the NODEFAULTDRIVELETTER flag on the partition which prevents drive letters being assigned to either partition when inserted into a different computer.
Set-Partition -InputObject $OSPartition -NoDefaultDriveLetter $TRUE
```
+
+ Next you need to apply the operating system image that you want to use with Windows To Go to the operating system partition you just created on the disk (this may take 30 minutes or longer, depending on the size of the image and the speed of your USB connection). The following command shows how this can be accomplished using the [Deployment Image Servicing and Management](https://go.microsoft.com/fwlink/p/?LinkId=619161) command-line tool (DISM):
+
+ >[!TIP]
+ >The index number must be set correctly to a valid Enterprise image in the .WIM file.
+
+ ``` syntax
+ #The WIM file must contain a sysprep generalized image.
+ dism /apply-image /imagefile:n:\imagefolder\deploymentimages\mywtgimage.wim /index:1 /applydir:W:\
+ ```
- Next you need to apply the operating system image that you want to use with Windows To Go to the operating system partition you just created on the disk (this may take 30 minutes or longer, depending on the size of the image and the speed of your USB connection). The following command shows how this can be accomplished using the [Deployment Image Servicing and Management](http://go.microsoft.com/fwlink/p/?LinkId=619161) command-line tool (DISM):
+5. In the same PowerShell session use the following cmdlet to add a recovery key to the drive:
- **Tip**
- The index number must be set correctly to a valid Enterprise image in the .WIM file.
+ ``` syntax
+ $BitlockerRecoveryProtector = Add-BitLockerKeyProtector W: -RecoveryPasswordProtector
+ ```
-
+6. Next, use the following cmdlets to save the recovery key to a file:
- ``` syntax
-#The WIM file must contain a sysprep generalized image.
- dism /apply-image /imagefile:n:\imagefolder\deploymentimages\mywtgimage.wim /index:1 /applydir:W:\
- ```
+ ``` syntax
+ #The BitLocker Recovery key is essential if for some reason you forget the BitLocker password
+ #This recovery key can also be backed up into Active Directory using manage-bde.exe or the
+ #PowerShell cmdlet Backup-BitLockerKeyProtector.
+ $RecoveryPassword = $BitlockerRecoveryProtector.KeyProtector.RecoveryPassword
+ $RecoveryPassword > WTG-Demo_Bitlocker_Recovery_Password.txt
+ ```
-5. In the same PowerShell session use the following cmdlet to add a recovery key to the drive:
+7. Then, use the following cmdlets to add the password as a secure string. If you omit the password the cmdlet will prompt you for the password before continuing the operation:
- ``` syntax
- $BitlockerRecoveryProtector = Add-BitLockerKeyProtector W: -RecoveryPasswordProtector
- ```
+ ``` syntax
+ # Create a variable to store the password
+ $spwd = ConvertTo-SecureString -String -AsplainText –Force
+ Enable-BitLocker W: -PasswordProtector $spwd
+ ```
+
+ >[!WARNING]
+ >To have BitLocker only encrypt used space on the disk append the parameter `–UsedSpaceOnly` to the `Enable-BitLocker` cmdlet. As data is added to the drive BitLocker will encrypt additional space. Using this parameter will speed up the preparation process as a smaller percentage of the disk will require encryption. If you are in a time critical situation where you cannot wait for encryption to complete you can also safely remove the Windows To Go drive during the encryption process. The next time the drive is inserted in a computer it will request the BitLocker password. Once the password is supplied, the encryption process will continue. If you do this, make sure your users know that BitLocker encryption is still in process and that they will be able to use the workspace while the encryption completes in the background.
-6. Next, use the following cmdlets to save the recovery key to a file:
+8. Copy the numerical recovery password and save it to a file in a safe location. The recovery password will be required if the password is lost or forgotten.
- ``` syntax
-#The BitLocker Recovery key is essential if for some reason you forget the BitLocker password
-#This recovery key can also be backed up into Active Directory using manage-bde.exe or the
-#PowerShell cmdlet Backup-BitLockerKeyProtector.
- $RecoveryPassword = $BitlockerRecoveryProtector.KeyProtector.RecoveryPassword
- $RecoveryPassword > WTG-Demo_Bitlocker_Recovery_Password.txt
- ```
+ >[!WARNING]
+ >If the **Choose how BitLocker-protected removable data drives can be recovered** Group Policy setting has been configured to back up recovery information to Active Directory Domain Services, the recovery information for the drive will be stored under the account of the host computer used to apply the recovery key.
+
+ If you want to have the recovery information stored under the account of the Windows To Go workspace you can turn BitLocker from within the Windows To Go workspace using the BitLocker Setup Wizard from the BitLocker Control Panel item as described in [To enable BitLocker after distribution](#enable-bitlocker).
-7. Then, use the following cmdlets to add the password as a secure string. If you omit the password the cmdlet will prompt you for the password before continuing the operation:
-
- ``` syntax
-# Create a variable to store the password
- $spwd = ConvertTo-SecureString -String -AsplainText –Force
- Enable-BitLocker W: -PasswordProtector $spwd
- ```
-
- **Warning**
- To have BitLocker only encrypt used space on the disk append the parameter `–UsedSpaceOnly` to the `Enable-BitLocker` cmdlet. As data is added to the drive BitLocker will encrypt additional space. Using this parameter will speed up the preparation process as a smaller percentage of the disk will require encryption. If you are in a time critical situation where you cannot wait for encryption to complete you can also safely remove the Windows To Go drive during the encryption process. The next time the drive is inserted in a computer it will request the BitLocker password. Once the password is supplied, the encryption process will continue. If you do this, make sure your users know that BitLocker encryption is still in process and that they will be able to use the workspace while the encryption completes in the background.
-
-
-
-8. Copy the numerical recovery password and save it to a file in a safe location. The recovery password will be required if the password is lost or forgotten.
-
- **Warning**
- If the **Choose how BitLocker-protected removable data drives can be recovered** Group Policy setting has been configured to back up recovery information to Active Directory Domain Services, the recovery information for the drive will be stored under the account of the host computer used to apply the recovery key.
-
- If you want to have the recovery information stored under the account of the Windows To Go workspace you can turn BitLocker from within the Windows To Go workspace using the BitLocker Setup Wizard from the BitLocker Control Panel item as described in [To enable BitLocker after distribution](#enable-bitlocker).
-
-
-
-9. Safely remove the Windows To Go drive.
+9. Safely remove the Windows To Go drive.
The Windows To Go drives are now ready to be distributed to users and are protected by BitLocker. When you distribute the drives, make sure the users know the following:
-- Initial BitLocker password that they will need to boot the drives.
+* Initial BitLocker password that they will need to boot the drives.
-- Current encryption status.
+* Current encryption status.
-- Instructions to change the BitLocker password after the initial boot.
+* Instructions to change the BitLocker password after the initial boot.
-- Instructions for how to retrieve the recovery password if necessary. This may be a help desk process, an automated password retrieval site, or a person to contact.
+* Instructions for how to retrieve the recovery password if necessary. This may be a help desk process, an automated password retrieval site, or a person to contact.
-**To enable BitLocker after distribution**
+#### To enable BitLocker after distribution
-1. Insert your Windows To Go drive into your host computer (that is currently shut down) and then turn on the computer and boot into your Windows To Go workspace
+1. Insert your Windows To Go drive into your host computer (that is currently shut down) and then turn on the computer and boot into your Windows To Go workspace
-2. Press **Windows logo key+W** to open **Search Settings**, type BitLocker and then select the item for BitLocker Drive Encryption.
+2. Press **Windows logo key+W** to open **Search Settings**, type BitLocker and then select the item for BitLocker Drive Encryption.
-3. The drives on the workspace are displayed, click **Turn BitLocker On** for the C: drive. The **BitLocker Setup Wizard** appears.
+3. The drives on the workspace are displayed, click **Turn BitLocker On** for the C: drive. The **BitLocker Setup Wizard** appears.
-4. Complete the steps in the **BitLocker Setup Wizard** selecting the password protection option.
+4. Complete the steps in the **BitLocker Setup Wizard** selecting the password protection option.
-**Note**
-If you have not configured the Group Policy setting **\\Windows Components\\BitLocker Drive Encryption\\Operating System Drives\\Require additional authentication at startup** to specify **Allow BitLocker without a compatible TPM** you will not be able to enable BitLocker from within the Windows To Go workspace.
-
-
+>[!NOTE]
+>If you have not configured the Group Policy setting **\\Windows Components\\BitLocker Drive Encryption\\Operating System Drives\\Require additional authentication at startup** to specify **Allow BitLocker without a compatible TPM** you will not be able to enable BitLocker from within the Windows To Go workspace.
### Advanced deployment sample script
@@ -594,38 +560,36 @@ The following sample script supports the provisioning of multiple Windows To Go
The sample script creates an unattend file that streamlines the deployment process so that the initial use of the Windows To Go drive does not prompt the end user for any additional configuration information before starting up.
-**Prerequisites for running the advanced deployment sample script**
+#### Prerequisites for running the advanced deployment sample script
-- To run this sample script you must open a Windows PowerShell session as an administrator from a domain-joined computer using an account that has permission to create domain accounts.
+* To run this sample script you must open a Windows PowerShell session as an administrator from a domain-joined computer using an account that has permission to create domain accounts.
-- Using offline domain join is required by this script, since the script does not create a local administrator user account. However, domain membership will automatically put “Domain admins” into the local administrators group. Review your domain policies. If you are using DirectAccess you will need to modify the djoin.exe command to include the `policynames` and potentially the `certtemplate` parameters.
+* Using offline domain join is required by this script, since the script does not create a local administrator user account. However, domain membership will automatically put “Domain admins” into the local administrators group. Review your domain policies. If you are using DirectAccess you will need to modify the djoin.exe command to include the `policynames` and potentially the `certtemplate` parameters.
-- The script needs to use drive letters, so you can only provision half as many drives as you have free drive letters.
+* The script needs to use drive letters, so you can only provision half as many drives as you have free drive letters.
-**To run the advanced deployment sample script**
+#### To run the advanced deployment sample script
-1. Copy entire the code sample titled “Windows To Go multiple drive provisioning sample script” into a PowerShell script (.ps1) file.
+1. Copy entire the code sample titled “Windows To Go multiple drive provisioning sample script” into a PowerShell script (.ps1) file.
-2. Make the modifications necessary for it to be appropriate to your deployment and save the file.
+2. Make the modifications necessary for it to be appropriate to your deployment and save the file.
-3. Configure the PowerShell execution policy. By default PowerShell’s execution policy is set to Restricted; that means that scripts won’t run until you have explicitly given them permission to. To configure PowerShell’s execution policy to allow the script to run, use the following command from an elevated PowerShell prompt:
+3. Configure the PowerShell execution policy. By default PowerShell’s execution policy is set to Restricted; that means that scripts won’t run until you have explicitly given them permission to. To configure PowerShell’s execution policy to allow the script to run, use the following command from an elevated PowerShell prompt:
``` syntax
Set-ExecutionPolicy RemoteSigned
```
- The RemoteSigned execution policy will prevent unsigned scripts from the internet from running on the computer, but will allow locally created scripts to run. For more information on execution policies, see [Set-ExecutionPolicy](http://go.microsoft.com/fwlink/p/?LinkId=619175).
+ The RemoteSigned execution policy will prevent unsigned scripts from the internet from running on the computer, but will allow locally created scripts to run. For more information on execution policies, see [Set-ExecutionPolicy](https://go.microsoft.com/fwlink/p/?LinkId=619175).
- **Tip**
- To get online help for any Windows PowerShell cmdlet, whether or not it is installed locally type the following cmdlet, replacing <cmdlet-name> with the name of the cmdlet you want to see the help for:
+ >[!TIP]
+ >To get online help for any Windows PowerShell cmdlet, whether or not it is installed locally type the following cmdlet, replacing <cmdlet-name> with the name of the cmdlet you want to see the help for:
+
+ >`Get-Help -Online`
+
+ >This command causes Windows PowerShell to open the online version of the help topic in your default Internet browser.
- `Get-Help -Online`
-
- This command causes Windows PowerShell to open the online version of the help topic in your default Internet browser.
-
-
-
-**Windows To Go multiple drive provisioning sample script**
+#### Windows To Go multiple drive provisioning sample script
``` syntax
<#
@@ -998,7 +962,7 @@ write-output "" "Provisioning script complete."
## Considerations when using different USB keyboard layouts with Windows To Go
-Before provisioning your Windows To Go drive you need to consider if your workspace will boot on a computer with a non-English USB keyboard attached. As described in [KB article 927824](http://go.microsoft.com/fwlink/p/?LinkId=619176) there is a known issue where the plug and play ID causes the keyboard to be incorrectly identified as an English 101 key keyboard. To avoid this problem, you can modify the provisioning script to set the override keyboard parameters.
+Before provisioning your Windows To Go drive you need to consider if your workspace will boot on a computer with a non-English USB keyboard attached. As described in [KB article 927824](https://go.microsoft.com/fwlink/p/?LinkId=619176) there is a known issue where the plug and play ID causes the keyboard to be incorrectly identified as an English 101 key keyboard. To avoid this problem, you can modify the provisioning script to set the override keyboard parameters.
In the PowerShell provisioning script, after the image has been applied, you can add the following commands that will correctly set the keyboard settings. The following example uses the Japanese keyboard layout:
@@ -1016,7 +980,7 @@ In the PowerShell provisioning script, after the image has been applied, you can
[Windows To Go: feature overview](../plan/windows-to-go-overview.md)
-[Windows 10 forums](http://go.microsoft.com/fwlink/p/?LinkId=618949)
+[Windows 10 forums](https://go.microsoft.com/fwlink/p/?LinkId=618949)
[Prepare your organization for Windows To Go](../plan/prepare-your-organization-for-windows-to-go.md)
@@ -1024,7 +988,7 @@ In the PowerShell provisioning script, after the image has been applied, you can
[Security and data protection considerations for Windows To Go](../plan/security-and-data-protection-considerations-for-windows-to-go.md)
-[BitLocker overview](http://go.microsoft.com/fwlink/p/?LinkId=619173)
+[BitLocker overview](https://go.microsoft.com/fwlink/p/?LinkId=619173)
diff --git a/windows/deploy/get-started-with-the-microsoft-deployment-toolkit.md b/windows/deploy/get-started-with-the-microsoft-deployment-toolkit.md
index 85ad95c548..4ef176092a 100644
--- a/windows/deploy/get-started-with-the-microsoft-deployment-toolkit.md
+++ b/windows/deploy/get-started-with-the-microsoft-deployment-toolkit.md
@@ -34,7 +34,7 @@ Figure 1. The machines used in this topic.
## Related topics
-[Microsoft Deployment Toolkit downloads and documentation](http://go.microsoft.com/fwlink/p/?LinkId=618117)
+[Microsoft Deployment Toolkit downloads and documentation](https://go.microsoft.com/fwlink/p/?LinkId=618117)
[Create a Windows 10 reference image](create-a-windows-10-reference-image.md)
diff --git a/windows/deploy/install-product-key-vamt.md b/windows/deploy/install-product-key-vamt.md
index f03f3510df..eed5461a87 100644
--- a/windows/deploy/install-product-key-vamt.md
+++ b/windows/deploy/install-product-key-vamt.md
@@ -31,7 +31,7 @@ You can use the Volume Activation Management Tool (VAMT) to install retail, Mult
**Note**
Product key installation will fail if VAMT finds mismatched key types or editions. VAMT will display the failure status and will continue the installation for the next product in the list. For more information on choosing the correct MAK or KMS Host key (CSVLK), see [How to Choose the Right
- Volume License Key for Windows](http://go.microsoft.com/fwlink/p/?linkid=238382).
+ Volume License Key for Windows](https://go.microsoft.com/fwlink/p/?linkid=238382).
## Related topics
diff --git a/windows/deploy/install-vamt.md b/windows/deploy/install-vamt.md
index 4be81d78de..e88d197a83 100644
--- a/windows/deploy/install-vamt.md
+++ b/windows/deploy/install-vamt.md
@@ -16,7 +16,7 @@ This topic describes how to install the Volume Activation Management Tool (VAMT)
## Install VAMT
-You can install VAMT as part of the [Windows Assessment and Deployment Kit (ADK)](http://go.microsoft.com/fwlink/p/?LinkId=526740) for Windows 10.
+You can install VAMT as part of the [Windows Assessment and Deployment Kit (ADK)](https://go.microsoft.com/fwlink/p/?LinkId=526740) for Windows 10.
**Important**
VAMT requires local administrator privileges on all managed computers in order to deposit confirmation IDs (CIDs), get the client products’ license status, and install product keys. If VAMT is being used to manage products and product keys on the local host computer and you do not have administrator privileges, start VAMT with elevated privileges. For Active Directory-Based Activation use, for best results we recommend running VAMT while logged on as a domain administrator.
diff --git a/windows/deploy/key-features-in-mdt-2013.md b/windows/deploy/key-features-in-mdt-2013.md
index 03f562ac8e..608ad3a059 100644
--- a/windows/deploy/key-features-in-mdt-2013.md
+++ b/windows/deploy/key-features-in-mdt-2013.md
@@ -50,7 +50,7 @@ MDT 2013 has many useful features, the most important of which are:
- **Support for Office 2013.** Provides added support for deploying Microsoft Office Professional Plus 2013.
- **Support for Modern UI app package provisioning.** Provisions applications based on the new Windows app package standard, which is used in Windows 8 and later.
- **Extensibility.** Provides the capability to extend MDT far beyond the built-in features by adding custom scripts, web services, System Center Orchestrator runbooks, PowerShell scripts, and VBScripts.
-- **Upgrade task sequence.** Provides a new upgrade task sequence template that you can use to upgrade existing Windows 7, Windows 8, and Windows 8.1 systems directly to Windows 10, automatically preserving all data, settings, applications, and drivers. For more information about using this new upgrade task sequence, refer to the [Microsoft Deployment Toolkit resource page](http://go.microsoft.com/fwlink/p/?LinkId=618117).
+- **Upgrade task sequence.** Provides a new upgrade task sequence template that you can use to upgrade existing Windows 7, Windows 8, and Windows 8.1 systems directly to Windows 10, automatically preserving all data, settings, applications, and drivers. For more information about using this new upgrade task sequence, refer to the [Microsoft Deployment Toolkit resource page](https://go.microsoft.com/fwlink/p/?LinkId=618117).
## Related topics
diff --git a/windows/deploy/manage-windows-upgrades-with-upgrade-analytics.md b/windows/deploy/manage-windows-upgrades-with-upgrade-analytics.md
index d2688e82f5..b75fb8989c 100644
--- a/windows/deploy/manage-windows-upgrades-with-upgrade-analytics.md
+++ b/windows/deploy/manage-windows-upgrades-with-upgrade-analytics.md
@@ -39,7 +39,7 @@ The Upgrade Analytics workflow steps you through the discovery and rationalizati
- [Manage connections from Windows operating system components to Microsoft services](https://technet.microsoft.com/itpro/windows/manage/manage-connections-from-windows-operating-system-components-to-microsoft-services)
-- [Windows 7, Windows 8, and Windows 8.1 appraiser telemetry events and fields](http://go.microsoft.com/fwlink/?LinkID=822965)
+- [Windows 7, Windows 8, and Windows 8.1 appraiser telemetry events and fields](https://go.microsoft.com/fwlink/?LinkID=822965)
##**Related topics**
diff --git a/windows/deploy/mdt-2013-lite-touch-components.md b/windows/deploy/mdt-2013-lite-touch-components.md
index 48f1a250ad..d51d5bece9 100644
--- a/windows/deploy/mdt-2013-lite-touch-components.md
+++ b/windows/deploy/mdt-2013-lite-touch-components.md
@@ -33,7 +33,7 @@ The rules (CustomSettings.ini and Bootstrap.ini) make up the brain of MDT. The r
- Domain to join, and organizational unit (OU) in Active Directory to hold the computer object
- Whether to enable BitLocker
- Regional settings
-You can manage hundreds of settings in the rules. For more information, see the [Microsoft Deployment Toolkit resource center](http://go.microsoft.com/fwlink/p/?LinkId=618117).
+You can manage hundreds of settings in the rules. For more information, see the [Microsoft Deployment Toolkit resource center](https://go.microsoft.com/fwlink/p/?LinkId=618117).
@@ -103,7 +103,7 @@ Selection profiles, which are available in the Advanced Configuration node, prov
MDT uses many log files during operating system deployments. By default the logs are client side, but by configuring the deployment settings, you can have MDT store them on the server, as well.
**Note**
-The easiest way to view log files is to use Configuration Manager Trace (CMTrace), which is included in the [System Center 2012 R2 Configuration Manager Toolkit](http://go.microsoft.com/fwlink/p/?LinkId=734717).
+The easiest way to view log files is to use Configuration Manager Trace (CMTrace), which is included in the [System Center 2012 R2 Configuration Manager Toolkit](https://go.microsoft.com/fwlink/p/?LinkId=734717).
## Monitoring
diff --git a/windows/deploy/migrate-application-settings.md b/windows/deploy/migrate-application-settings.md
index 6a8ffdc612..bdcb63af32 100644
--- a/windows/deploy/migrate-application-settings.md
+++ b/windows/deploy/migrate-application-settings.md
@@ -63,7 +63,7 @@ Next, you should go through the user interface and make a list of all of the ava
**How To Determine Where Each Setting is Stored**
-1. Download a file and registry monitoring tool, such as the Regmon and Filemon tools, from the [Windows Sysinternals Web site](http://go.microsoft.com/fwlink/p/?linkid=36109).
+1. Download a file and registry monitoring tool, such as the Regmon and Filemon tools, from the [Windows Sysinternals Web site](https://go.microsoft.com/fwlink/p/?linkid=36109).
2. Shut down as many applications as possible to limit the registry and file system activity on the computer.
diff --git a/windows/deploy/monitor-activation-client.md b/windows/deploy/monitor-activation-client.md
index 5b49e544c2..215c706ab1 100644
--- a/windows/deploy/monitor-activation-client.md
+++ b/windows/deploy/monitor-activation-client.md
@@ -24,7 +24,7 @@ localizationpriority: medium
**Looking for retail activation?**
-- [Get Help Activating Microsoft Windows](http://go.microsoft.com/fwlink/p/?LinkId=618644)
+- [Get Help Activating Microsoft Windows](https://go.microsoft.com/fwlink/p/?LinkId=618644)
You can monitor the success of the activation process for a computer running Windows 8.1 in several ways. The most popular methods include:
- Using the Volume Licensing Service Center website to track use of MAK keys.
diff --git a/windows/deploy/offline-migration-reference.md b/windows/deploy/offline-migration-reference.md
index f54d3b4c7b..c7c6c03af0 100644
--- a/windows/deploy/offline-migration-reference.md
+++ b/windows/deploy/offline-migration-reference.md
@@ -90,7 +90,7 @@ The following table defines the supported combination of online and offline oper
**Note**
-It is possible to run the ScanState tool while the drive remains encrypted by suspending Windows BitLocker Drive Encryption before booting into WinPE. For more information, see [this Microsoft site](http://go.microsoft.com/fwlink/p/?LinkId=190314).
+It is possible to run the ScanState tool while the drive remains encrypted by suspending Windows BitLocker Drive Encryption before booting into WinPE. For more information, see [this Microsoft site](https://go.microsoft.com/fwlink/p/?LinkId=190314).
diff --git a/windows/deploy/plan-for-volume-activation-client.md b/windows/deploy/plan-for-volume-activation-client.md
index 3e4a114155..1a00e837a8 100644
--- a/windows/deploy/plan-for-volume-activation-client.md
+++ b/windows/deploy/plan-for-volume-activation-client.md
@@ -24,7 +24,7 @@ localizationpriority: medium
**Looking for retail activation?**
-- [Get Help Activating Microsoft Windows](http://go.microsoft.com/fwlink/p/?LinkId=618644)
+- [Get Help Activating Microsoft Windows](https://go.microsoft.com/fwlink/p/?LinkId=618644)
*Product activation* is the process of validating software with the manufacturer after it has been installed on a specific computer. Activation confirms that the product is genuine—not a fraudulent copy—and that the product key or serial number is valid and has not been compromised or revoked. Activation also establishes a link or relationship between the product key and the particular installation.
@@ -84,7 +84,7 @@ allows permanent activation of computers that are isolated from the KMS or are p
To use a MAK, the computers to be activated must have a MAK installed. The MAK is used for one-time activation with the Microsoft online hosted activation services, by telephone, or by using VAMT proxy activation.
In the simplest terms, a MAK acts like a retail key, except that a MAK is valid for activating multiple computers. Each MAK can be used a specific number of times. The VAMT can assist in tracking the number of activations that have been performed with each key and how many remain.
-Organizations can download MAK and KMS keys from the [Volume Licensing Service Center](http://go.microsoft.com/fwlink/p/?LinkId=618213) website. Each MAK has a preset number of activations, which are based on a percentage of the count of licenses the organization purchases; however, you can increase the number of activations that are available with your MAK by calling Microsoft.
+Organizations can download MAK and KMS keys from the [Volume Licensing Service Center](https://go.microsoft.com/fwlink/p/?LinkId=618213) website. Each MAK has a preset number of activations, which are based on a percentage of the count of licenses the organization purchases; however, you can increase the number of activations that are available with your MAK by calling Microsoft.
### Key Management Service
@@ -178,8 +178,8 @@ Now it’s time to assemble the pieces into a working solution. By evaluating yo
## Choosing and acquiring keys
When you know which keys you need, you must obtain them. Generally speaking, volume licensing keys are collected in two ways:
-- Go to the **Product Keys** section of the [Volume Licensing Service Center](http://go.microsoft.com/fwlink/p/?LinkID=618213) for the following agreements: Open, Open Value, Select, Enterprise, and Services Provider License.
-- Contact your [Microsoft Activation Center](http://go.microsoft.com/fwlink/p/?LinkId=618264).
+- Go to the **Product Keys** section of the [Volume Licensing Service Center](https://go.microsoft.com/fwlink/p/?LinkID=618213) for the following agreements: Open, Open Value, Select, Enterprise, and Services Provider License.
+- Contact your [Microsoft Activation Center](https://go.microsoft.com/fwlink/p/?LinkId=618264).
### KMS host keys
diff --git a/windows/deploy/prepare-for-windows-deployment-with-mdt-2013.md b/windows/deploy/prepare-for-windows-deployment-with-mdt-2013.md
index 8f2bbad1b9..69e87bd76e 100644
--- a/windows/deploy/prepare-for-windows-deployment-with-mdt-2013.md
+++ b/windows/deploy/prepare-for-windows-deployment-with-mdt-2013.md
@@ -36,7 +36,7 @@ MDT 2013 Update 2 requires the following components:
## Install Windows ADK for Windows 10
-These steps assume that you have the MDT01 member server installed and configured and that you have downloaded [Windows ADK for Windows 10](http://go.microsoft.com/fwlink/p/?LinkId=526803) to the E:\\Downloads\\ADK folder.
+These steps assume that you have the MDT01 member server installed and configured and that you have downloaded [Windows ADK for Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=526803) to the E:\\Downloads\\ADK folder.
1. On MDT01, log on as Administrator in the CONTOSO domain using a password of **P@ssw0rd**.
2. Start the **ADK Setup** (E:\\Downloads\\ADK\\adksetup.exe), and on the first wizard page, click **Continue**.
3. On the **Select the features you want to change** page, select the features below and complete the wizard using the default settings:
@@ -46,7 +46,7 @@ These steps assume that you have the MDT01 member server installed and configure
## Install MDT 2013 Update 2
-These steps assume that you have downloaded [MDT 2013 Update 2](http://go.microsoft.com/fwlink/p/?LinkId=618117 ) to the E:\\Downloads\\MDT 2013 folder on MDT01.
+These steps assume that you have downloaded [MDT 2013 Update 2](https://go.microsoft.com/fwlink/p/?LinkId=618117 ) to the E:\\Downloads\\MDT 2013 folder on MDT01.
1. On MDT01, log on as Administrator in the CONTOSO domain using a password of **P@ssw0rd**.
2. Install **MDT** (E:\\Downloads\\MDT 2013\\MicrosoftDeploymentToolkit2013\_x64.msi) with the default settings.
@@ -103,7 +103,7 @@ Figure 7. The Sharing tab of the E:\\Logs folder after sharing it with PowerShel
## Use CMTrace to read log files (optional)
-The log files in MDT Lite Touch are formatted to be read by Configuration Manager Trace (CMTrace), which is available as part [of Microsoft System Center 2012 R2 Configuration Manager Toolkit](http://go.microsoft.com/fwlink/p/?LinkId=734717). You can use Notepad, but CMTrace formatting makes the logs easier to read.
+The log files in MDT Lite Touch are formatted to be read by Configuration Manager Trace (CMTrace), which is available as part [of Microsoft System Center 2012 R2 Configuration Manager Toolkit](https://go.microsoft.com/fwlink/p/?LinkId=734717). You can use Notepad, but CMTrace formatting makes the logs easier to read.
diff --git a/windows/deploy/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md b/windows/deploy/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md
index 88a8cac968..d389eb884d 100644
--- a/windows/deploy/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md
+++ b/windows/deploy/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md
@@ -75,7 +75,7 @@ Figure 6. The Configuration Manager service accounts used for operating system d
## Configure Active Directory permissions
-In order for the Configuration Manager Join Domain Account (CM\_JD) to join machines into the contoso.com domain you need to configure permissions in Active Directory. These steps assume you have downloaded the sample [Set-OUPermissions.ps1 script](http://go.microsoft.com/fwlink/p/?LinkId=619362) and copied it to C:\\Setup\\Scripts on DC01.
+In order for the Configuration Manager Join Domain Account (CM\_JD) to join machines into the contoso.com domain you need to configure permissions in Active Directory. These steps assume you have downloaded the sample [Set-OUPermissions.ps1 script](https://go.microsoft.com/fwlink/p/?LinkId=619362) and copied it to C:\\Setup\\Scripts on DC01.
1. On DC01, log on as Administrator in the CONTOSO domain using the password **P@ssw0rd**.
diff --git a/windows/deploy/provision-pcs-for-initial-deployment.md b/windows/deploy/provision-pcs-for-initial-deployment.md
index 6daf655797..fe8b805133 100644
--- a/windows/deploy/provision-pcs-for-initial-deployment.md
+++ b/windows/deploy/provision-pcs-for-initial-deployment.md
@@ -117,11 +117,11 @@ Use the Windows Imaging and Configuration Designer (ICD) tool included in the Wi
## Learn more
-- [Build and apply a provisioning package]( http://go.microsoft.com/fwlink/p/?LinkId=629651)
+- [Build and apply a provisioning package]( https://go.microsoft.com/fwlink/p/?LinkId=629651)
-- Watch the video: [Provisioning Windows 10 Devices with New Tools](http://go.microsoft.com/fwlink/p/?LinkId=615921)
+- Watch the video: [Provisioning Windows 10 Devices with New Tools](https://go.microsoft.com/fwlink/p/?LinkId=615921)
-- Watch the video: [Windows 10 for Mobile Devices: Provisioning Is Not Imaging](http://go.microsoft.com/fwlink/p/?LinkId=615922)
+- Watch the video: [Windows 10 for Mobile Devices: Provisioning Is Not Imaging](https://go.microsoft.com/fwlink/p/?LinkId=615922)
diff --git a/windows/deploy/provision-pcs-with-apps-and-certificates.md b/windows/deploy/provision-pcs-with-apps-and-certificates.md
index 820e7ab47a..783c3697b6 100644
--- a/windows/deploy/provision-pcs-with-apps-and-certificates.md
+++ b/windows/deploy/provision-pcs-with-apps-and-certificates.md
@@ -104,7 +104,7 @@ Universal apps that you can distribute in the provisioning package can be line-o
### Add other settings to your package
-For details about the settings you can customize in provisioning packages, see [Windows Provisioning settings reference]( http://go.microsoft.com/fwlink/p/?LinkId=619012).
+For details about the settings you can customize in provisioning packages, see [Windows Provisioning settings reference]( https://go.microsoft.com/fwlink/p/?LinkId=619012).
### Build your package
@@ -214,11 +214,11 @@ On a desktop computer, navigate to **Settings** > **Accounts** > **Work ac
## Learn more
-- [Build and apply a provisioning package]( http://go.microsoft.com/fwlink/p/?LinkId=629651)
+- [Build and apply a provisioning package]( https://go.microsoft.com/fwlink/p/?LinkId=629651)
-- Watch the video: [Provisioning Windows 10 Devices with New Tools](http://go.microsoft.com/fwlink/p/?LinkId=615921)
+- Watch the video: [Provisioning Windows 10 Devices with New Tools](https://go.microsoft.com/fwlink/p/?LinkId=615921)
-- Watch the video: [Windows 10 for Mobile Devices: Provisioning Is Not Imaging](http://go.microsoft.com/fwlink/p/?LinkId=615922)
+- Watch the video: [Windows 10 for Mobile Devices: Provisioning Is Not Imaging](https://go.microsoft.com/fwlink/p/?LinkId=615922)
diff --git a/windows/deploy/provisioning-packages.md b/windows/deploy/provisioning-packages.md
index fbeadf5826..47223a7427 100644
--- a/windows/deploy/provisioning-packages.md
+++ b/windows/deploy/provisioning-packages.md
@@ -90,7 +90,7 @@ The following table provides some examples of what can be configured using provi
\* Using a provisioning package for auto-enrollment to System Center Configuration Manager or Configuration Manager/Intune hybrid is not supported. Use the Configuration Manager console to enroll devices.
-For details about the settings you can customize in provisioning packages, see [Windows Provisioning settings reference]( http://go.microsoft.com/fwlink/p/?LinkId=619012).
+For details about the settings you can customize in provisioning packages, see [Windows Provisioning settings reference]( https://go.microsoft.com/fwlink/p/?LinkId=619012).
## Creating a provisioning package
@@ -106,17 +106,17 @@ When you run ADKsetup.exe for Windows 10, version 1607, select the following fea
> [!NOTE]
> In previous versions of the Windows 10 ADK, you had to install additional features for Windows ICD to run. Starting in version 1607, you can install Windows ICD without other ADK features.
-After you install Windows ICD, you can use it to create a provisioning package. For detailed instructions on how to create a provisioning package, see [Build and apply a provisioning package](http://go.microsoft.com/fwlink/p/?LinkID=629651).
+After you install Windows ICD, you can use it to create a provisioning package. For detailed instructions on how to create a provisioning package, see [Build and apply a provisioning package](https://go.microsoft.com/fwlink/p/?LinkID=629651).
## Applying a provisioning package to a device
-Provisioning packages can be applied both during image deployment and during runtime. For information on how to apply a provisioning package to a Windows 10-based device, see [Build and apply a provisioning package](http://go.microsoft.com/fwlink/p/?LinkID=629651).
+Provisioning packages can be applied both during image deployment and during runtime. For information on how to apply a provisioning package to a Windows 10-based device, see [Build and apply a provisioning package](https://go.microsoft.com/fwlink/p/?LinkID=629651).
## Learn more
-[Windows 10: Deployment](http://go.microsoft.com/fwlink/p/?LinkId=533708)
+[Windows 10: Deployment](https://go.microsoft.com/fwlink/p/?LinkId=533708)
## Related topics
diff --git a/windows/deploy/refresh-a-windows-7-computer-with-windows-10.md b/windows/deploy/refresh-a-windows-7-computer-with-windows-10.md
index f6ea4a2125..ea05d6a281 100644
--- a/windows/deploy/refresh-a-windows-7-computer-with-windows-10.md
+++ b/windows/deploy/refresh-a-windows-7-computer-with-windows-10.md
@@ -57,9 +57,9 @@ In this section, you learn to migrate additional data using a custom template. Y
1. Back up the **C:\\Data** folder (including all files and folders).
2. Scan the local disk for PDF documents (\*.pdf files) and restore them into the **C:\\Data\\PDF Documents** folder on the destination machine.
The custom USMT template is named MigContosoData.xml, and you can find it in the sample files for this documentation, which include:
-- [Gather script](http://go.microsoft.com/fwlink/p/?LinkId=619361)
-- [Set-OUPermissions](http://go.microsoft.com/fwlink/p/?LinkId=619362) script
-- [MDT Sample Web Service](http://go.microsoft.com/fwlink/p/?LinkId=619363)
+- [Gather script](https://go.microsoft.com/fwlink/p/?LinkId=619361)
+- [Set-OUPermissions](https://go.microsoft.com/fwlink/p/?LinkId=619362) script
+- [MDT Sample Web Service](https://go.microsoft.com/fwlink/p/?LinkId=619363)
### Add the custom XML template
@@ -76,7 +76,7 @@ In order to use the custom MigContosoData.xml USMT template, you need to copy it
After adding the additional USMT template and configuring the CustomSettings.ini file to use it, you are now ready to refresh a Windows 7 SP1 client to Windows 10. In these steps, we assume you have a Windows 7 SP1 client named PC0001 in your environment that is ready for a refresh to Windows 10.
**Note**
-MDT also supports an offline computer refresh. For more info on that scenario, see the USMTOfflineMigration property in the [MDT resource page](http://go.microsoft.com/fwlink/p/?LinkId=618117).
+MDT also supports an offline computer refresh. For more info on that scenario, see the USMTOfflineMigration property in the [MDT resource page](https://go.microsoft.com/fwlink/p/?LinkId=618117).
### Upgrade (refresh) a Windows 7 SP1 client
diff --git a/windows/deploy/scenario-online-activation-vamt.md b/windows/deploy/scenario-online-activation-vamt.md
index 41dda833ac..a5c448c186 100644
--- a/windows/deploy/scenario-online-activation-vamt.md
+++ b/windows/deploy/scenario-online-activation-vamt.md
@@ -110,7 +110,7 @@ To collect the status from select computers in the database, you can select comp
The same status appears under the **Status of Last Action** column in the product list view in the center pane.
**Note**
- Product key installation will fail if VAMT finds mismatched key types or editions. VAMT will display the failure status and will continue the installation for the next product in the list. For more information on choosing the correct product key, see [How to Choose the Right Volume License Key for Windows.](http://go.microsoft.com/fwlink/p/?linkid=238382)
+ Product key installation will fail if VAMT finds mismatched key types or editions. VAMT will display the failure status and will continue the installation for the next product in the list. For more information on choosing the correct product key, see [How to Choose the Right Volume License Key for Windows.](https://go.microsoft.com/fwlink/p/?linkid=238382)
## Step 9: Activate the client products
diff --git a/windows/deploy/scenario-proxy-activation-vamt.md b/windows/deploy/scenario-proxy-activation-vamt.md
index 2e475d02b4..8059e34cae 100644
--- a/windows/deploy/scenario-proxy-activation-vamt.md
+++ b/windows/deploy/scenario-proxy-activation-vamt.md
@@ -93,7 +93,7 @@ To collect the status from select computers in the database, you can select comp
The same status appears under the **Status of Last Action** column in the product list view in the center pane.
**Note**
- Product key installation will fail if VAMT finds mismatched key types or editions. VAMT displays the failure status and continues the installation for the next product in the list. For more information on choosing the correct product key, see [How to Choose the Right Volume License Key for Windows.](http://go.microsoft.com/fwlink/p/?linkid=238382)
+ Product key installation will fail if VAMT finds mismatched key types or editions. VAMT displays the failure status and continues the installation for the next product in the list. For more information on choosing the correct product key, see [How to Choose the Right Volume License Key for Windows.](https://go.microsoft.com/fwlink/p/?linkid=238382)
**Note**
Installing a MAK and overwriting the GVLK on client products must be done with care. If the RTM version of Windows Vista has been installed on the computer for more than 30 days, then its initial grace period has expired. As a result, it will enter Reduced Functionality Mode (RFM) if online activation is not completed successfully before the next logon attempt. However, you can use online activation to recover properly configured computers from RFM, as long as the computers are available on the network. RFM only applies to the RTM version of Windows Vista or the retail editions of Microsoft Office 2010. Windows Vista with SP1 or later, Windows 7, Windows 8, Windows 10, Windows Server 2008, Windows Server 2008 R2, and Windows Server 2012, and volume editions of Office 2010 will not enter RFM.
diff --git a/windows/deploy/set-up-mdt-2013-for-bitlocker.md b/windows/deploy/set-up-mdt-2013-for-bitlocker.md
index 7a76f8cdf7..6cfb4a8a57 100644
--- a/windows/deploy/set-up-mdt-2013-for-bitlocker.md
+++ b/windows/deploy/set-up-mdt-2013-for-bitlocker.md
@@ -24,7 +24,7 @@ To configure your environment for BitLocker, you will need to do the following:
4. Configure the rules (CustomSettings.ini) for BitLocker.
**Note**
-Even though it is not a BitLocker requirement, we recommend configuring BitLocker to store the recovery key and TPM owner information in Active Directory. For additional information about these features, see [Backing Up BitLocker and TPM Recovery Information to AD DS](http://go.microsoft.com/fwlink/p/?LinkId=619548). If you have access to Microsoft BitLocker Administration and Monitoring (MBAM), which is part of Microsoft Desktop Optimization Pack (MDOP), you have additional management features for BitLocker.
+Even though it is not a BitLocker requirement, we recommend configuring BitLocker to store the recovery key and TPM owner information in Active Directory. For additional information about these features, see [Backing Up BitLocker and TPM Recovery Information to AD DS](https://go.microsoft.com/fwlink/p/?LinkId=619548). If you have access to Microsoft BitLocker Administration and Monitoring (MBAM), which is part of Microsoft Desktop Optimization Pack (MDOP), you have additional management features for BitLocker.
For the purposes of this topic, we will use DC01, a domain controller that is a member of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md#proof).
@@ -81,7 +81,7 @@ If you consistently get the error "Windows BitLocker Drive Encryption Informatio
### Set permissions in Active Directory for BitLocker
-In addition to the Group Policy created previously, you need to configure permissions in Active Directory to be able to store the TPM recovery information. In these steps, we assume you have downloaded the [Add-TPMSelfWriteACE.vbs script](http://go.microsoft.com/fwlink/p/?LinkId=167133) from Microsoft to C:\\Setup\\Scripts on DC01.
+In addition to the Group Policy created previously, you need to configure permissions in Active Directory to be able to store the TPM recovery information. In these steps, we assume you have downloaded the [Add-TPMSelfWriteACE.vbs script](https://go.microsoft.com/fwlink/p/?LinkId=167133) from Microsoft to C:\\Setup\\Scripts on DC01.
1. On DC01, start an elevated PowerShell prompt (run as Administrator).
2. Configure the permissions by running the following command:
``` syntax
@@ -128,7 +128,7 @@ cscript.exe SetConfig.vbs SecurityChip Active
```
## Configure the Windows 10 task sequence to enable BitLocker
-When configuring a task sequence to run any BitLocker tool, either directly or using a custom script, it is helpful if you also add some logic to detect whether the BIOS is already configured on the machine. In this task sequence, we are using a sample script (ZTICheckforTPM.wsf) from the Deployment Guys web page to check the status on the TPM chip. You can download this script from the Deployment Guys Blog post, [Check to see if the TPM is enabled](http://go.microsoft.com/fwlink/p/?LinkId=619549). In the following task sequence, we have added five actions:
+When configuring a task sequence to run any BitLocker tool, either directly or using a custom script, it is helpful if you also add some logic to detect whether the BIOS is already configured on the machine. In this task sequence, we are using a sample script (ZTICheckforTPM.wsf) from the Deployment Guys web page to check the status on the TPM chip. You can download this script from the Deployment Guys Blog post, [Check to see if the TPM is enabled](https://go.microsoft.com/fwlink/p/?LinkId=619549). In the following task sequence, we have added five actions:
- **Check TPM Status.** Runs the ZTICheckforTPM.wsf script to determine if TPM is enabled. Depending on the status, the script will set the TPMEnabled and TPMActivated properties to either true or false.
- **Configure BIOS for TPM.** Runs the vendor tools (in this case, HP, Dell, and Lenovo). To ensure this action is run only when necessary, add a condition so the action is run only when the TPM chip is not already activated. Use the properties from the ZTICheckforTPM.wsf.
**Note**
diff --git a/windows/deploy/sideload-apps-in-windows-10.md b/windows/deploy/sideload-apps-in-windows-10.md
index 6265950f08..060edd4c87 100644
--- a/windows/deploy/sideload-apps-in-windows-10.md
+++ b/windows/deploy/sideload-apps-in-windows-10.md
@@ -69,7 +69,7 @@ You can sideload apps on managed or unmanaged devices.
-OR-
- You can use a runtime provisioning package to import a security certificate. For information about applying a provisioning package to a Windows 10 device, see runtime instructions on [Build and apply a provisioning package]( http://go.microsoft.com/fwlink/p/?LinkId=619162).
+ You can use a runtime provisioning package to import a security certificate. For information about applying a provisioning package to a Windows 10 device, see runtime instructions on [Build and apply a provisioning package]( https://go.microsoft.com/fwlink/p/?LinkId=619162).
**To install the app**
- From the folder with the appx package, run the PowerShell `Add-AppxPackage` command to install the appx package.
@@ -99,7 +99,7 @@ You can sideload apps on managed or unmanaged devices.
**To import the security certificate for unmanaged devices**
-- You can use a runtime provisioning package to import a security certificate. For information about applying a provisioning package to a Windows 10 mobile device, see runtime instructions on [Build and apply a provisioning package]( http://go.microsoft.com/fwlink/p/?LinkId=619164).
+- You can use a runtime provisioning package to import a security certificate. For information about applying a provisioning package to a Windows 10 mobile device, see runtime instructions on [Build and apply a provisioning package]( https://go.microsoft.com/fwlink/p/?LinkId=619164).
**To install the app**
diff --git a/windows/deploy/simulate-a-windows-10-deployment-in-a-test-environment.md b/windows/deploy/simulate-a-windows-10-deployment-in-a-test-environment.md
index a6c8789efb..1f77bcb17d 100644
--- a/windows/deploy/simulate-a-windows-10-deployment-in-a-test-environment.md
+++ b/windows/deploy/simulate-a-windows-10-deployment-in-a-test-environment.md
@@ -13,7 +13,7 @@ author: mtniehaus
# Simulate a Windows 10 deployment in a test environment
This topic will walk you through the process of creating a simulated environment on which to test your Windows 10 deployment using MDT. When working with advanced settings and rules, especially those like database calls, it is most efficient to be able to test the settings without having to run through a complete deployment. Luckily, MDT enables you to perform a simulated deployment by running the Gather process by itself. The simulation works best when you are using a domain-joined machine (client or server). In the following example, you use the PC0001 Windows 10 client.
-For the purposes of this topic, you already will have either downloaded and installed the free Microsoft System Center 2012 R2 Configuration Manager Toolkit, or copied Configuration Manager Trace (CMTrace) if you have access to the System Center 2012 R2 Configuration Manager media. We also assume that you have downloaded the [sample Gather.ps1 script](http://go.microsoft.com/fwlink/p/?LinkId=619361) from the TechNet gallery.
+For the purposes of this topic, you already will have either downloaded and installed the free Microsoft System Center 2012 R2 Configuration Manager Toolkit, or copied Configuration Manager Trace (CMTrace) if you have access to the System Center 2012 R2 Configuration Manager media. We also assume that you have downloaded the [sample Gather.ps1 script](https://go.microsoft.com/fwlink/p/?LinkId=619361) from the TechNet gallery.
1. On PC0001, log on as **CONTOSO\\Administrator** using the password **P@ssw0rd**.
2. Using Computer Management, add the **CONTOSO\\MDT\_BA** user account to the local **Administrators** group.
diff --git a/windows/deploy/update-windows-10-images-with-provisioning-packages.md b/windows/deploy/update-windows-10-images-with-provisioning-packages.md
index 0fbf772bbb..d292a6cba0 100644
--- a/windows/deploy/update-windows-10-images-with-provisioning-packages.md
+++ b/windows/deploy/update-windows-10-images-with-provisioning-packages.md
@@ -26,7 +26,7 @@ You can also put a provisioning package on a USB drive or SD card to apply to of
Rather than wiping a device and applying a new system image when you need to change configuration, you can reset the device to its original state and then apply a new provisioning package.
-For details about the settings you can customize in provisioning packages, see [Windows Provisioning settings reference]( http://go.microsoft.com/fwlink/p/?LinkId=619012).
+For details about the settings you can customize in provisioning packages, see [Windows Provisioning settings reference]( https://go.microsoft.com/fwlink/p/?LinkId=619012).
## Advantages
- You can configure new devices without reimaging.
@@ -40,7 +40,7 @@ For details about the settings you can customize in provisioning packages, see [
- Ensure compliance and security before a device is enrolled in MDM.
## Create package
-Use the Windows Imaging and Configuration Designer (ICD) tool included in the Windows Assessment and Deployment Kit (ADK) for Windows 10 to create a runtime provisioning package. [Install the ADK.](http://go.microsoft.com/fwlink/p/?LinkId=526740)
+Use the Windows Imaging and Configuration Designer (ICD) tool included in the Windows Assessment and Deployment Kit (ADK) for Windows 10 to create a runtime provisioning package. [Install the ADK.](https://go.microsoft.com/fwlink/p/?LinkId=526740)
1. Open Windows ICD (by default, `%windir%\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Imaging and Configuration Designer\x86\ICD.exe`).
@@ -52,7 +52,7 @@ Use the Windows Imaging and Configuration Designer (ICD) tool included in the Wi
5. On **New project**, click **Finish**. The workspace for your package opens.
-6. Configure settings. [Learn more about specific settings in provisioning packages.]( http://go.microsoft.com/fwlink/p/?LinkId=615916)
+6. Configure settings. [Learn more about specific settings in provisioning packages.]( https://go.microsoft.com/fwlink/p/?LinkId=615916)
7. On the **File** menu, select **Save.**
@@ -106,19 +106,19 @@ If your build is successful, the name of the provisioning package, output direct
## Add package to image
**To add a provisioning package to Windows 10 for desktop editions (Home, Pro, Enterprise, and Education)**
-- Follow the steps in the "To build an image for Windows 10 for desktop editions" section in [Use the Windows ICD command-line interface]( http://go.microsoft.com/fwlink/p/?LinkId=617371).
+- Follow the steps in the "To build an image for Windows 10 for desktop editions" section in [Use the Windows ICD command-line interface]( https://go.microsoft.com/fwlink/p/?LinkId=617371).
**To add a provisioning package to a Windows 10 Mobile image**
-- Follow the steps in the "To build an image for Windows 10 Mobile or Windows 10 IoT Core (IoT Core)" section in [Use the Windows ICD command-line interface]( http://go.microsoft.com/fwlink/p/?LinkId=617371).
+- Follow the steps in the "To build an image for Windows 10 Mobile or Windows 10 IoT Core (IoT Core)" section in [Use the Windows ICD command-line interface]( https://go.microsoft.com/fwlink/p/?LinkId=617371).
The provisioning package is placed in the FFU image and is flashed or sector written to the device. During device setup time, the provisioning engine starts and consumes the packages.
## Learn more
-- [Build and apply a provisioning package]( http://go.microsoft.com/fwlink/p/?LinkId=629651)
+- [Build and apply a provisioning package]( https://go.microsoft.com/fwlink/p/?LinkId=629651)
-- [Provisioning Windows 10 Devices with New Tools](http://go.microsoft.com/fwlink/p/?LinkId=615921)
+- [Provisioning Windows 10 Devices with New Tools](https://go.microsoft.com/fwlink/p/?LinkId=615921)
-- [Windows 10 for Mobile Devices: Provisioning Is Not Imaging](http://go.microsoft.com/fwlink/p/?LinkId=615922)
+- [Windows 10 for Mobile Devices: Provisioning Is Not Imaging](https://go.microsoft.com/fwlink/p/?LinkId=615922)
## Related topics
- [Configure devices without MDM](../manage/configure-devices-without-mdm.md)
\ No newline at end of file
diff --git a/windows/deploy/upgrade-analytics-architecture.md b/windows/deploy/upgrade-analytics-architecture.md
index bdd9d88b62..cd153c1420 100644
--- a/windows/deploy/upgrade-analytics-architecture.md
+++ b/windows/deploy/upgrade-analytics-architecture.md
@@ -23,7 +23,7 @@ For more information about what telemetry data Microsoft collects and how that d
[Manage connections from Windows operating system components to Microsoft services](https://technet.microsoft.com/itpro/windows/manage/manage-connections-from-windows-operating-system-components-to-microsoft-services)
-[Windows 7, Windows 8, and Windows 8.1 appraiser telemetry events and fields](http://go.microsoft.com/fwlink/?LinkID=822965)
+[Windows 7, Windows 8, and Windows 8.1 appraiser telemetry events and fields](https://go.microsoft.com/fwlink/?LinkID=822965)
##**Related topics**
diff --git a/windows/deploy/upgrade-analytics-get-started.md b/windows/deploy/upgrade-analytics-get-started.md
index 3e691ab5e1..d80f83c9d3 100644
--- a/windows/deploy/upgrade-analytics-get-started.md
+++ b/windows/deploy/upgrade-analytics-get-started.md
@@ -15,7 +15,7 @@ For system, application, and driver data to be shared with Microsoft, you must c
- [Manage connections from Windows operating system components to Microsoft services](https://technet.microsoft.com/itpro/windows/manage/manage-connections-from-windows-operating-system-components-to-microsoft-services)
-- [Windows 7, Windows 8, and Windows 8.1 appraiser telemetry events and fields](http://go.microsoft.com/fwlink/?LinkID=822965)
+- [Windows 7, Windows 8, and Windows 8.1 appraiser telemetry events and fields](https://go.microsoft.com/fwlink/?LinkID=822965)
This topic explains how to obtain and set up Upgrade Analytics components. If you haven’t done so already, see [Upgrade Analytics requirements](https://technet.microsoft.com/itpro/windows/deploy/upgrade-analytics-requirements) for information about requirements for using Upgrade Analytics.
@@ -37,7 +37,7 @@ If you are already using OMS, you’ll find Upgrade Analytics in the Solutions G
If you are not using OMS:
-1. Go to the [Upgrade Analytics page on Microsoft.com](http://go.microsoft.com/fwlink/?LinkID=799190&clcid=0x409) and click **Sign up** to kick off the onboarding process.
+1. Go to the [Upgrade Analytics page on Microsoft.com](https://go.microsoft.com/fwlink/?LinkID=799190&clcid=0x409) and click **Sign up** to kick off the onboarding process.
2. Sign in to Operations Management Suite (OMS). You can use either a Microsoft Account or a Work or School account to create a workspace. If your company is already using Azure Active Directory (Azure AD), use a Work or School account when you sign in to OMS. Using a Work or School account allows you to use identities from your Azure AD to manage permissions in OMS.
@@ -85,7 +85,7 @@ Note: The compatibility update KB runs under the computer’s system account and
|---------------------------------------------------------|-----------|
| `https://v10.vortex-win.data.microsoft.com/collect/v1` | Connected User Experience and Telemetry component endpoint. User computers send data to Microsoft through this endpoint. |
| `https://settings-win.data.microsoft.com/settings` | Enables the compatibility update KB to send data to Microsoft. |
-| `http://go.microsoft.com/fwlink/?LinkID=544713`
`https://compatexchange1.trafficmanager.net/CompatibilityExchangeService.svc/extended` | This service provides driver information about whether there will be a driver available post-upgrade for the hardware on the system. |
+| `https://go.microsoft.com/fwlink/?LinkID=544713`
`https://compatexchange1.trafficmanager.net/CompatibilityExchangeService.svc/extended` | This service provides driver information about whether there will be a driver available post-upgrade for the hardware on the system. |
| `https://vortex.data.microsoft.com/health/keepalive`
`https://settings.data.microsoft.com/qos`
`https://compatexchange1.trafficmanager.net/CompatibilityExchangeService.svc` | These endpoints are used to validate that user computers are sharing data with Microsoft. |
## Deploy the compatibility update and related KBs
@@ -131,7 +131,7 @@ The Upgrade Analytics deployment script does the following:
To run the Upgrade Analytics deployment script:
-1. Download the [Upgrade Analytics deployment script](http://go.microsoft.com/fwlink/?LinkID=822966&clcid=0x409) and extract UpgradeAnalytics.zip. The files in the Diagnostics folder are necessary only if you plan to run the script in troubleshooting mode.
+1. Download the [Upgrade Analytics deployment script](https://go.microsoft.com/fwlink/?LinkID=822966&clcid=0x409) and extract UpgradeAnalytics.zip. The files in the Diagnostics folder are necessary only if you plan to run the script in troubleshooting mode.
2. Edit the following parameters in RunConfig.bat:
diff --git a/windows/deploy/upgrade-analytics-requirements.md b/windows/deploy/upgrade-analytics-requirements.md
index 1d48d9a363..3d55cd49a6 100644
--- a/windows/deploy/upgrade-analytics-requirements.md
+++ b/windows/deploy/upgrade-analytics-requirements.md
@@ -37,7 +37,7 @@ Important: You can use either a Microsoft Account or a Work or School account to
After you’ve signed in to Operations Management Suite and added the Upgrade Analytics solution to your workspace, you’ll need to complete the following tasks to allow user computer data to be shared with and assessed by Upgrade Analytics.
-See [Windows 7, Windows 8, and Windows 8.1 appraiser telemetry events and fields](http://go.microsoft.com/fwlink/?LinkID=822965) for more information about what user computer data Upgrade Analytics collects and assesses. See [Configure Windows telemetry in your organization](https://technet.microsoft.com/itpro/windows/manage/configure-windows-telemetry-in-your-organization) for more information about how Microsoft uses Windows telemetry data.
+See [Windows 7, Windows 8, and Windows 8.1 appraiser telemetry events and fields](https://go.microsoft.com/fwlink/?LinkID=822965) for more information about what user computer data Upgrade Analytics collects and assesses. See [Configure Windows telemetry in your organization](https://technet.microsoft.com/itpro/windows/manage/configure-windows-telemetry-in-your-organization) for more information about how Microsoft uses Windows telemetry data.
**Whitelist telemetry endpoints.** To enable telemetry data to be sent to Microsoft, you’ll need to whitelist the following Microsoft telemetry endpoints on your proxy server or firewall. You may need to get approval from your security group to do this.
@@ -49,7 +49,7 @@ See [Windows 7, Windows 8, and Windows 8.1 appraiser telemetry events and fields
`https://settings.data.microsoft.com/qos`
-`http://go.microsoft.com/fwlink/?LinkID=544713`
+`https://go.microsoft.com/fwlink/?LinkID=544713`
`https://compatexchange1.trafficmanager.net/CompatibilityExchangeService.svc/extended`
diff --git a/windows/deploy/upgrade-to-windows-10-with-system-center-configuraton-manager.md b/windows/deploy/upgrade-to-windows-10-with-system-center-configuraton-manager.md
index 0f66363610..2a854e9a3b 100644
--- a/windows/deploy/upgrade-to-windows-10-with-system-center-configuraton-manager.md
+++ b/windows/deploy/upgrade-to-windows-10-with-system-center-configuraton-manager.md
@@ -34,9 +34,9 @@ System Center 2012 R2 Configuration Manager SP1 adds support to manage and dep
## Create the task sequence
-To help with this process, the Configuration Manager team has published [a blog](http://go.microsoft.com/fwlink/p/?LinkId=620179) that provides a sample task sequence, as well as the [original blog that includes the instructions for setting up the task sequence](http://go.microsoft.com/fwlink/p/?LinkId=620180). To summarize, here are the tasks you need to perform:
+To help with this process, the Configuration Manager team has published [a blog](https://go.microsoft.com/fwlink/p/?LinkId=620179) that provides a sample task sequence, as well as the [original blog that includes the instructions for setting up the task sequence](https://go.microsoft.com/fwlink/p/?LinkId=620180). To summarize, here are the tasks you need to perform:
-1. Download the [Windows10Upgrade1506.zip](http://go.microsoft.com/fwlink/p/?LinkId=620182) file that contains the sample task sequence and related scripts. Extract the contents onto a network share.
+1. Download the [Windows10Upgrade1506.zip](https://go.microsoft.com/fwlink/p/?LinkId=620182) file that contains the sample task sequence and related scripts. Extract the contents onto a network share.
2. Copy the Windows 10 Enterprise RTM x64 media into the extracted but empty **Windows vNext Upgrade Media** folder.
3. Using the Configuration Manager Console, right-click the **Task Sequences** node, and then choose **Import Task Sequence**. Select the **Windows-vNextUpgradeExport.zip** file that you extracted in Step 1.
4. Distribute the two created packages (one contains the Windows 10 Enterprise x64 media, the other contains the related scripts) to the Configuration Manager distribution point.
@@ -111,7 +111,7 @@ After the task sequence finishes, the computer will be fully upgraded to Windows
With the next release of System Center Configuration Manager (currently planned for Q4 of 2015), new built-in functionality will be provided to make it even easier to upgrade existing Windows 7, Windows 8, and Windows 8.1 PCs to Windows 10.
**Note**
-For more details about the next version of Configuration Manager, see the [Configuration Manager Team blog](http://go.microsoft.com/fwlink/p/?LinkId=620205). An [evaluation version is currently available](http://go.microsoft.com/fwlink/p/?LinkId=620206) for you to try. The instructions below are specific to the Technical Preview 2 release and may change after the next version of Configuration Manager is released.
+For more details about the next version of Configuration Manager, see the [Configuration Manager Team blog](https://go.microsoft.com/fwlink/p/?LinkId=620205). An [evaluation version is currently available](https://go.microsoft.com/fwlink/p/?LinkId=620206) for you to try. The instructions below are specific to the Technical Preview 2 release and may change after the next version of Configuration Manager is released.
@@ -199,7 +199,7 @@ After the task sequence completes, the computer will be fully upgraded to Window
[Windows 10 deployment scenarios](windows-10-deployment-scenarios.md)
-[Configuration Manager Team blog](http://go.microsoft.com/fwlink/p/?LinkId=620109)
+[Configuration Manager Team blog](https://go.microsoft.com/fwlink/p/?LinkId=620109)
diff --git a/windows/deploy/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md b/windows/deploy/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md
index 18dfaf7fdf..feaabb3fa4 100644
--- a/windows/deploy/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md
+++ b/windows/deploy/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md
@@ -100,5 +100,5 @@ After the task sequence completes, the computer will be fully upgraded to Window
[Windows 10 deployment scenarios](windows-10-deployment-scenarios.md)
-[Microsoft Deployment Toolkit downloads and resources](http://go.microsoft.com/fwlink/p/?LinkId=618117)
+[Microsoft Deployment Toolkit downloads and resources](https://go.microsoft.com/fwlink/p/?LinkId=618117)
\ No newline at end of file
diff --git a/windows/deploy/use-orchestrator-runbooks-with-mdt-2013.md b/windows/deploy/use-orchestrator-runbooks-with-mdt-2013.md
index 64e70ced04..da3cbd9940 100644
--- a/windows/deploy/use-orchestrator-runbooks-with-mdt-2013.md
+++ b/windows/deploy/use-orchestrator-runbooks-with-mdt-2013.md
@@ -16,7 +16,7 @@ This topic will show you how to integrate Microsoft System Center 2012 R2 Orches
MDT can integrate with System Center 2012 R2 Orchestrator, which is a component that ties the Microsoft System Center products together, as well as other products from both Microsoft and third-party vendors. The difference between using Orchestrator and "normal" web services, is that with Orchestrator you have a rich drag-and-drop style interface when building the solution, and little or no coding is required.
**Note**
-If you are licensed to use Orchestrator, we highly recommend that you start using it. To find out more about licensing options for System Center 2012 R2 and Orchestrator, visit the [System Center 2012 R2](http://go.microsoft.com/fwlink/p/?LinkId=619553) website.
+If you are licensed to use Orchestrator, we highly recommend that you start using it. To find out more about licensing options for System Center 2012 R2 and Orchestrator, visit the [System Center 2012 R2](https://go.microsoft.com/fwlink/p/?LinkId=619553) website.
## Orchestrator terminology
@@ -30,7 +30,7 @@ Before diving into the core details, here is a quick course in Orchestrator term
- **Integration packs.** These provide additional workflow activities you can import to integrate with other products or solutions, like the rest of Active Directory, other System Center 2012 R2 products, or Microsoft Exchange Server, to name a few.
**Note**
-To find and download additional integration packs, see [Integration Packs for System Center 2012 - Orchestrator](http://go.microsoft.com/fwlink/p/?LinkId=619554).
+To find and download additional integration packs, see [Integration Packs for System Center 2012 - Orchestrator](https://go.microsoft.com/fwlink/p/?LinkId=619554).
## Create a sample runbook
@@ -135,7 +135,7 @@ Figure 31. The ready-made task sequence.
Since this task sequence just starts a runbook, you can test this on the PC0001 client that you used for the MDT simulation environment.
**Note**
-Make sure the account you are using has permissions to run runbooks on the Orchestrator server. For more information about runbook permissions, see [Runbook Permissions](http://go.microsoft.com/fwlink/p/?LinkId=619555).
+Make sure the account you are using has permissions to run runbooks on the Orchestrator server. For more information about runbook permissions, see [Runbook Permissions](https://go.microsoft.com/fwlink/p/?LinkId=619555).
1. On PC0001, log on as **CONTOSO\\MDT\_BA**.
2. Using an elevated command prompt (run as Administrator), type the following command:
diff --git a/windows/deploy/use-the-volume-activation-management-tool-client.md b/windows/deploy/use-the-volume-activation-management-tool-client.md
index 7efe6a23a3..e6b415238b 100644
--- a/windows/deploy/use-the-volume-activation-management-tool-client.md
+++ b/windows/deploy/use-the-volume-activation-management-tool-client.md
@@ -23,14 +23,14 @@ localizationpriority: high
- Windows Server 2008 R2
**Looking for retail activation?**
-- [Get Help Activating Microsoft Windows](http://go.microsoft.com/fwlink/p/?LinkId=618644)
+- [Get Help Activating Microsoft Windows](https://go.microsoft.com/fwlink/p/?LinkId=618644)
The Volume Activation Management Tool (VAMT) provides several useful features, including the ability to perform VAMT proxy activation and to track and monitor several types of product keys.
By using the VAMT, you can automate and centrally manage the volume, retail, and MAK activation process for Windows, Office, and select other Microsoft products. The VAMT can manage volume activation by using MAKs or KMS. It is a standard Microsoft Management Console snap-in, and it can be
installed on any computer running Windows 10, Windows 8.1, Windows 8, Windows 7, Windows Server 2012 R2, Windows Server 2012, or Windows Server 2008 R2.
-The VAMT is distributed as part of the Windows Assessment and Deployment Kit (Windows ADK), which is a free download available from Microsoft Download Center. For more information, see [Windows Assessment and Deployment Kit (Windows ADK) for Windows 10](http://go.microsoft.com/fwlink/p/?LinkId=526740).
+The VAMT is distributed as part of the Windows Assessment and Deployment Kit (Windows ADK), which is a free download available from Microsoft Download Center. For more information, see [Windows Assessment and Deployment Kit (Windows ADK) for Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=526740).
In Windows Server 2012 R2, you can install the VAMT directly from Server Manager without downloading the Windows ADK by selecting the Volume Activation Services role or the Remote Server Administration Tools/Role Administration Tools/Volume Activation Tools feature.
@@ -65,8 +65,8 @@ The VAMT stores information in a Microsoft SQL Server database for performance
- **Managing activation data**. The VAMT stores activation data in a SQL Server database. The tool can export this data in XML format to other VAMT hosts or to an archive.
For more information, see:
-- [Volume Activation Management Tool (VAMT) Overview](http://go.microsoft.com/fwlink/p/?LinkId=618266)
-- [VAMT Step-by-Step Scenarios](http://go.microsoft.com/fwlink/p/?LinkId=618267)
+- [Volume Activation Management Tool (VAMT) Overview](https://go.microsoft.com/fwlink/p/?LinkId=618266)
+- [VAMT Step-by-Step Scenarios](https://go.microsoft.com/fwlink/p/?LinkId=618267)
## See also
- [Volume Activation for Windows 10](volume-activation-windows-10.md)
diff --git a/windows/deploy/use-vamt-in-windows-powershell.md b/windows/deploy/use-vamt-in-windows-powershell.md
index 01de72d0a6..3d285f1e56 100644
--- a/windows/deploy/use-vamt-in-windows-powershell.md
+++ b/windows/deploy/use-vamt-in-windows-powershell.md
@@ -13,7 +13,7 @@ author: jdeckerMS
The Volume Activation Management Tool (VAMT) PowerShell cmdlets can be used to perform the same functions as the Vamt.exe command-line tool.
**To install PowerShell 3.0**
-- VAMT PowerShell cmdlets require Windows PowerShell, which is included in Windows 10, Windows 8 and Windows Server® 2012. You can download PowerShell for Windows 7 or other operating systems from the [Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkId=218356).
+- VAMT PowerShell cmdlets require Windows PowerShell, which is included in Windows 10, Windows 8 and Windows Server® 2012. You can download PowerShell for Windows 7 or other operating systems from the [Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=218356).
**To install the Windows Assessment and Deployment Kit**
- In addition to PowerShell, you must import the VAMT PowerShell module. The module is included in the VAMT 3.0 folder after you install the Windows Assessment and Deployment Kit (Windows ADK).
**To prepare the VAMT PowerShell environment**
@@ -48,7 +48,7 @@ get-help get-VamtProduct -all
```
**Warning**
-The update-help cmdlet is not supported for VAMT PowerShell cmdlets. To view online help for VAMT cmdlets, you can use the -online option with the get-help cmdlet. For more information, see [Volume Activation Management Tool (VAMT) Cmdlets in Windows PowerShell](http://go.microsoft.com/fwlink/p/?LinkId=242278).
+The update-help cmdlet is not supported for VAMT PowerShell cmdlets. To view online help for VAMT cmdlets, you can use the -online option with the get-help cmdlet. For more information, see [Volume Activation Management Tool (VAMT) Cmdlets in Windows PowerShell](https://go.microsoft.com/fwlink/p/?LinkId=242278).
**To view VAMT PowerShell Help sections**
diff --git a/windows/deploy/use-web-services-in-mdt-2013.md b/windows/deploy/use-web-services-in-mdt-2013.md
index 1d8755df14..2f6f9bf239 100644
--- a/windows/deploy/use-web-services-in-mdt-2013.md
+++ b/windows/deploy/use-web-services-in-mdt-2013.md
@@ -17,7 +17,7 @@ Using a web service in MDT is straightforward, but it does require that you have
## Create a sample web service
-In these steps we assume you have installed Microsoft Visual Studio Express 2013 for Web on PC0001 (the Windows 10 client) and downloaded the [MDT Sample Web Service](http://go.microsoft.com/fwlink/p/?LinkId=619363) from the Microsoft Download Center and extracted it to C:\\Projects.
+In these steps we assume you have installed Microsoft Visual Studio Express 2013 for Web on PC0001 (the Windows 10 client) and downloaded the [MDT Sample Web Service](https://go.microsoft.com/fwlink/p/?LinkId=619363) from the Microsoft Download Center and extracted it to C:\\Projects.
1. On PC0001, using Visual Studio Express 2013 for Web, open the C:\\Projects\\MDTSample\\ MDTSample.sln solution file.
2. On the ribbon bar, verify that Release is selected.
3. In the **Debug** menu, select the **Build MDTSample** action.
diff --git a/windows/deploy/usmt-best-practices.md b/windows/deploy/usmt-best-practices.md
index 8da6b08353..6e06f8c3d9 100644
--- a/windows/deploy/usmt-best-practices.md
+++ b/windows/deploy/usmt-best-practices.md
@@ -42,7 +42,7 @@ This topic discusses general and security-related best practices when using User
- **Chkdsk.exe**
- We recommend that you run Chkdsk.exe before running the ScanState and LoadState tools. Chkdsk.exe creates a status report for a hard disk drive and lists and corrects common errors. For more information about the Chkdsk.exe tool, see [Chkdsk](http://go.microsoft.com/fwlink/p/?LinkId=140244).
+ We recommend that you run Chkdsk.exe before running the ScanState and LoadState tools. Chkdsk.exe creates a status report for a hard disk drive and lists and corrects common errors. For more information about the Chkdsk.exe tool, see [Chkdsk](https://go.microsoft.com/fwlink/p/?LinkId=140244).
- **Migrate in groups**
@@ -55,7 +55,7 @@ As the authorized administrator, it is your responsibility to protect the privac
- **Encrypting File System (EFS)**
- Take extreme caution when migrating encrypted files, because the end user does not need to be logged on to capture the user state. By default, USMT fails if an encrypted file is found. For more information about EFS best practices, see this article in the [Microsoft Knowledge Base](http://go.microsoft.com/fwlink/p/?linkid=163). For specific instructions about EFS best practices, see [Migrate EFS Files and Certificates](usmt-migrate-efs-files-and-certificates.md).
+ Take extreme caution when migrating encrypted files, because the end user does not need to be logged on to capture the user state. By default, USMT fails if an encrypted file is found. For more information about EFS best practices, see this article in the [Microsoft Knowledge Base](https://go.microsoft.com/fwlink/p/?linkid=163). For specific instructions about EFS best practices, see [Migrate EFS Files and Certificates](usmt-migrate-efs-files-and-certificates.md).
**Important**
If you migrate an encrypted file without also migrating the certificate, end users will not be able to access the file after the migration.
@@ -72,7 +72,7 @@ As the authorized administrator, it is your responsibility to protect the privac
- **Maintain security of the file server and the deployment server**
- We recommend that you manage the security of the file and deployment servers. It is important to make sure that the file server where you save the store is secure. You must also secure the deployment server, to ensure that the user data that is in the log files is not exposed. We also recommend that you only transmit data over a secure Internet connection, such as a virtual private network. For more information about network security, see [Microsoft Security Compliance Manager](http://go.microsoft.com/fwlink/p/?LinkId=215657).
+ We recommend that you manage the security of the file and deployment servers. It is important to make sure that the file server where you save the store is secure. You must also secure the deployment server, to ensure that the user data that is in the log files is not exposed. We also recommend that you only transmit data over a secure Internet connection, such as a virtual private network. For more information about network security, see [Microsoft Security Compliance Manager](https://go.microsoft.com/fwlink/p/?LinkId=215657).
- **Password Migration**
diff --git a/windows/deploy/usmt-common-issues.md b/windows/deploy/usmt-common-issues.md
index 88980d6d7b..118d52b056 100644
--- a/windows/deploy/usmt-common-issues.md
+++ b/windows/deploy/usmt-common-issues.md
@@ -165,7 +165,7 @@ The following sections describe common XML file problems. Expand the section to
### I am having problems with a custom .xml file that I authored, and I cannot verify that the syntax is correct.
-**Resolution:** You can load the XML schema (MigXML.xsd), included with USMT, into your XML authoring tool. For examples, see the [Visual Studio Development Center](http://go.microsoft.com/fwlink/p/?LinkId=74513). Then, load your .xml file in the authoring tool to see if there is a syntax error. In addition, see [USMT XML Reference](usmt-xml-reference.md) for more information about using the XML elements.
+**Resolution:** You can load the XML schema (MigXML.xsd), included with USMT, into your XML authoring tool. For examples, see the [Visual Studio Development Center](https://go.microsoft.com/fwlink/p/?LinkId=74513). Then, load your .xml file in the authoring tool to see if there is a syntax error. In addition, see [USMT XML Reference](usmt-xml-reference.md) for more information about using the XML elements.
### I am using a MigXML helper function, but the migration isn’t working the way I expected it to. How do I troubleshoot this issue?
@@ -251,7 +251,7 @@ Scanstate /ui:S1-5-21-124525095-708259637-1543119021*
The wild card (\*) at the end of the SID will migrate the *SID*\_Classes key as well.
-You can also use patterns for SIDs that identify generic users or groups. For example, you can use the */ue:\*-500* option to exclude the local administrator accounts. For more information about Windows SIDs, see [this Microsoft Web site](http://go.microsoft.com/fwlink/p/?LinkId=190277).
+You can also use patterns for SIDs that identify generic users or groups. For example, you can use the */ue:\*-500* option to exclude the local administrator accounts. For more information about Windows SIDs, see [this Microsoft Web site](https://go.microsoft.com/fwlink/p/?LinkId=190277).
### My script to wipe the disk fails after running the ScanState tool on a 64-bit system.
diff --git a/windows/deploy/usmt-hard-link-migration-store.md b/windows/deploy/usmt-hard-link-migration-store.md
index e65487a0bd..699fe76632 100644
--- a/windows/deploy/usmt-hard-link-migration-store.md
+++ b/windows/deploy/usmt-hard-link-migration-store.md
@@ -67,7 +67,7 @@ A hard link can only be created for a file on the same volume. If you copy a har
-For more information about hard links, please see [Hard Links and Junctions](http://go.microsoft.com/fwlink/p/?LinkId=132934)
+For more information about hard links, please see [Hard Links and Junctions](https://go.microsoft.com/fwlink/p/?LinkId=132934)
In most aspects, a hard-link migration store is identical to an uncompressed migration store. It is located where specified by the Scanstate command-line tool and you can view the contents of the store by using Windows® Explorer. Once created, it can be deleted or copied to another location without changing user state. Restoring a hard-link migration store is similar to restoring any other migration store; however, as with creating the store, the same hard-link functionality is used to keep files in-place.
diff --git a/windows/deploy/usmt-overview.md b/windows/deploy/usmt-overview.md
index 928044a3cf..9f6a18384a 100644
--- a/windows/deploy/usmt-overview.md
+++ b/windows/deploy/usmt-overview.md
@@ -35,7 +35,7 @@ USMT provides the following benefits to businesses that are deploying Windows op
- Increases employee satisfaction with the migration experience.
## Limitations
-USMT is intended for administrators who are performing large-scale automated deployments. If you are only migrating the user states of a few computers, you can use [Windows Easy Transfer](http://go.microsoft.com/fwlink/p/?LinkId=140248).
+USMT is intended for administrators who are performing large-scale automated deployments. If you are only migrating the user states of a few computers, you can use [Windows Easy Transfer](https://go.microsoft.com/fwlink/p/?LinkId=140248).
There are some scenarios in which the use of USMT is not recommended. These include:
diff --git a/windows/deploy/usmt-resources.md b/windows/deploy/usmt-resources.md
index cc268ff816..e77c799af7 100644
--- a/windows/deploy/usmt-resources.md
+++ b/windows/deploy/usmt-resources.md
@@ -22,13 +22,13 @@ author: greg-lindsay
For more information about how to use the schema with your XML authoring environment, see the environment’s documentation.
-- [Ask the Directory Services Team blog](http://go.microsoft.com/fwlink/p/?LinkId=226365)
+- [Ask the Directory Services Team blog](https://go.microsoft.com/fwlink/p/?LinkId=226365)
- Forums:
- - [Microsoft Deployment Toolkit](http://go.microsoft.com/fwlink/p/?LinkId=226386)
+ - [Microsoft Deployment Toolkit](https://go.microsoft.com/fwlink/p/?LinkId=226386)
- - [Configuration Manager Operating System Deployment](http://go.microsoft.com/fwlink/p/?LinkId=226388)
+ - [Configuration Manager Operating System Deployment](https://go.microsoft.com/fwlink/p/?LinkId=226388)
## Related topics
diff --git a/windows/deploy/usmt-return-codes.md b/windows/deploy/usmt-return-codes.md
index 365b49b5c7..001654314d 100644
--- a/windows/deploy/usmt-return-codes.md
+++ b/windows/deploy/usmt-return-codes.md
@@ -48,7 +48,7 @@ As a best practice, we recommend that you set verbosity level to 5, **/v***:5*,
Error messages provide more detailed information about the migration problem than the associated return code. For example, the **ScanState**, **LoadState**, or **USMTUtils** tool might return a code of "11” (for “USMT\_INVALID\_PARAMETERS") and a related error message that reads "/key and /keyfile both specified". The error message is displayed at the command prompt and is identified in the **ScanState**, **LoadState**, or **USMTUtils** log files to help you determine why the return code was received.
-You can obtain more information about any listed Windows application programming interface (API) system error codes by typing **net helpmsg** on the command line and, then typing the error code number. For more information about System Error Codes, see [this Microsoft Web site](http://go.microsoft.com/fwlink/p/?LinkId=147060).
+You can obtain more information about any listed Windows application programming interface (API) system error codes by typing **net helpmsg** on the command line and, then typing the error code number. For more information about System Error Codes, see [this Microsoft Web site](https://go.microsoft.com/fwlink/p/?LinkId=147060).
## Troubleshooting Return Codes and Error Messages
diff --git a/windows/deploy/usmt-technical-reference.md b/windows/deploy/usmt-technical-reference.md
index 6414a4386a..c3d796217c 100644
--- a/windows/deploy/usmt-technical-reference.md
+++ b/windows/deploy/usmt-technical-reference.md
@@ -11,7 +11,7 @@ author: greg-lindsay
# User State Migration Tool (USMT) Technical Reference
The User State Migration Tool (USMT) is included with the Windows Assessment and Deployment Kit (Windows ADK) for Windows 10. USMT provides a highly customizable user-profile migration experience for IT professionals.
-Download the Windows ADK [from this website](http://go.microsoft.com/fwlink/p/?LinkID=526803).
+Download the Windows ADK [from this website](https://go.microsoft.com/fwlink/p/?LinkID=526803).
**USMT support for Microsoft Office**
>USMT in the Windows ADK for Windows 10, version 1511 (10.1.10586.0) supports migration of user settings for installations of Microsoft Office 2003, 2007, 2010, and 2013.
@@ -31,7 +31,7 @@ USMT also includes a set of three modifiable .xml files:
Additionally, you can create custom .xml files to support your migration needs. You can also create a Config.xml file to specify files or settings to exclude from the migration.
-USMT tools can be used on several versions of Windows operating systems, for more information, see [USMT Requirements](usmt-requirements.md). For more information about previous releases of the USMT tools, see [User State Migration Tool (USMT) 4.0 User’s Guide](http://go.microsoft.com/fwlink/p/?LinkId=246564).
+USMT tools can be used on several versions of Windows operating systems, for more information, see [USMT Requirements](usmt-requirements.md). For more information about previous releases of the USMT tools, see [User State Migration Tool (USMT) 4.0 User’s Guide](https://go.microsoft.com/fwlink/p/?LinkId=246564).
## In This Section
|Topic |Description|
diff --git a/windows/deploy/usmt-test-your-migration.md b/windows/deploy/usmt-test-your-migration.md
index e460f17de8..39297b3207 100644
--- a/windows/deploy/usmt-test-your-migration.md
+++ b/windows/deploy/usmt-test-your-migration.md
@@ -24,7 +24,7 @@ Running the ScanState and LoadState tools with the **/v***:5* option creates a d
-After you have determined that the pilot migration successfully migrated the specified files and settings, you are ready to add USMT to the server that is running Microsoft® System Center Configuration Manager (SCCM), or a non-Microsoft management technology. For more information, see [Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=140246).
+After you have determined that the pilot migration successfully migrated the specified files and settings, you are ready to add USMT to the server that is running Microsoft® System Center Configuration Manager (SCCM), or a non-Microsoft management technology. For more information, see [Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=140246).
**Note**
For testing purposes, you can create an uncompressed store using the **/hardlink /nocompress** option. When compression is disabled, the ScanState tool saves the files and settings to a hidden folder named "File" at *StorePath*\\USMT. You can use the uncompressed store to view what USMT has stored or to troubleshoot a problem, or you can run an antivirus utility against the files. Additionally, you can also use the **/listfiles** command-line option and the diagnostic log to list the files that were gathered and to troubleshoot problems with your migration.
diff --git a/windows/deploy/usmt-xml-elements-library.md b/windows/deploy/usmt-xml-elements-library.md
index f4f412fc2a..4257b3e9d6 100644
--- a/windows/deploy/usmt-xml-elements-library.md
+++ b/windows/deploy/usmt-xml-elements-library.md
@@ -3056,7 +3056,7 @@ Syntax:
urlid |
Yes |
-UrlID is a string identifier that uniquely identifies this .xml file. This parameter must be a no-colon-name as defined by the XML Namespaces specification. Each migration .xml file must have a unique urlid. If two migration .xml files have the same urlid, the second .xml file that is specified on the command line will not be processed. For more information about XML Namespaces, see [Use XML Namespaces](http://go.microsoft.com/fwlink/p/?LinkId=220938). |
+UrlID is a string identifier that uniquely identifies this .xml file. This parameter must be a no-colon-name as defined by the XML Namespaces specification. Each migration .xml file must have a unique urlid. If two migration .xml files have the same urlid, the second .xml file that is specified on the command line will not be processed. For more information about XML Namespaces, see [Use XML Namespaces](https://go.microsoft.com/fwlink/p/?LinkId=220938). |
Name |
@@ -3945,7 +3945,7 @@ The following scripts have no return value. You can use the following errors wit
```
-- **StartService (ServiceName, OptionalParam1, OptionalParam2,…).** Starts the service identified by *ServiceName. ServiceName* is the subkey in HKLM\\System\\CurrentControlSet\\Services that holds the data for the given service. The optional parameters, if any, will be passed to the StartService API. For more information, see [this Microsoft Web site](http://go.microsoft.com/fwlink/p/?LinkId=267898).
+- **StartService (ServiceName, OptionalParam1, OptionalParam2,…).** Starts the service identified by *ServiceName. ServiceName* is the subkey in HKLM\\System\\CurrentControlSet\\Services that holds the data for the given service. The optional parameters, if any, will be passed to the StartService API. For more information, see [this Microsoft Web site](https://go.microsoft.com/fwlink/p/?LinkId=267898).
- **StopService (ServiceName)**. Stops the service that is identified by *ServiceName. ServiceName* is the subkey in HKLM\\System\\CurrentControlSet\\Services that holds the data for the given service.
diff --git a/windows/deploy/vamt-known-issues.md b/windows/deploy/vamt-known-issues.md
index 4aa2185e8f..2e9ac12d08 100644
--- a/windows/deploy/vamt-known-issues.md
+++ b/windows/deploy/vamt-known-issues.md
@@ -13,7 +13,7 @@ author: jdeckerMS
The following list contains the current known issues with the Volume Activation Management Tool (VAMT) 3.0.
- The VAMT Windows Management Infrastructure (WMI) remote operations may take longer to execute if the target computer is in a sleep or standby state.
-- Recovery of Non-Genuine computers is a two-step process. VAMT can be used to install a new product key and activate the computer. However, the computer itself must visit the [Windows Genuine Advantage](http://go.microsoft.com/fwlink/p/?linkid=182914) Web site to revalidate the computer's Genuine status. Upon successfully completing this step, the computer will be restored to full functionality. For more information on recovering Non-Genuine Windows computers, go to [Windows Volume Activation](http://go.microsoft.com/fwlink/p/?linkid=184668).
+- Recovery of Non-Genuine computers is a two-step process. VAMT can be used to install a new product key and activate the computer. However, the computer itself must visit the [Windows Genuine Advantage](https://go.microsoft.com/fwlink/p/?linkid=182914) Web site to revalidate the computer's Genuine status. Upon successfully completing this step, the computer will be restored to full functionality. For more information on recovering Non-Genuine Windows computers, go to [Windows Volume Activation](https://go.microsoft.com/fwlink/p/?linkid=184668).
- When opening a Computer Information List (.cil file) saved in a previous version of VAMT, the edition information is not shown for each product in the center pane. Users must update the product status again to obtain the edition information.
- The remaining activation count can only be retrieved for MAKs.
diff --git a/windows/deploy/vamt-requirements.md b/windows/deploy/vamt-requirements.md
index 06a8615669..99379424ef 100644
--- a/windows/deploy/vamt-requirements.md
+++ b/windows/deploy/vamt-requirements.md
@@ -19,7 +19,7 @@ The Volume Activation Management Tool (VAMT) can be used to perform activations
|Product key type |Where to obtain |
|-----------------|----------------|
-|- Multiple Activation Key (MAK)
- Key Management Service (KMS) host key (CSVLK)
- KMS client setup keys (GVLK)
|Volume licensing keys can only be obtained with a signed contract from Microsoft. For more info, see the [Microsoft Volume Licensing portal](http://go.microsoft.com/fwlink/p/?LinkId=227282). |
+|- Multiple Activation Key (MAK)
- Key Management Service (KMS) host key (CSVLK)
- KMS client setup keys (GVLK)
|Volume licensing keys can only be obtained with a signed contract from Microsoft. For more info, see the [Microsoft Volume Licensing portal](https://go.microsoft.com/fwlink/p/?LinkId=227282). |
|Retail product keys |Obtained at time of product purchase. |
## System Requirements
@@ -36,7 +36,7 @@ The following table lists the system requirements for the VAMT host computer.
|Network |Connectivity to remote computers via Windows® Management Instrumentation (TCP/IP) and Microsoft® Activation Web Service on the Internet via HTTPS |
|Operating System |Windows 7, Windows 8, Windows 8.1, Windows 10, Windows Server 2008 R2, or Windows Server 2012. |
|Additional Requirements |- Connection to a SQL Server database. For more info, see [Install VAMT](install-vamt.md).
- PowerShell 3.0: For Windows 8, Windows 8.1, Windows 10, and Windows Server® 2012, PowerShell is included in the installation. For previous versions of Windows and
-Windows Server, you must download PowerShell 3.0. To download PowerShell, go to [Download Windows PowerShell 3.0](http://go.microsoft.com/fwlink/p/?LinkId=218356).
- If installing on Windows Server 2008 R2, you must also install .NET Framework 3.51.
|
+Windows Server, you must download PowerShell 3.0. To download PowerShell, go to [Download Windows PowerShell 3.0](https://go.microsoft.com/fwlink/p/?LinkId=218356).- If installing on Windows Server 2008 R2, you must also install .NET Framework 3.51.
|
## Related topics
- [Install and Configure VAMT](install-configure-vamt.md)
diff --git a/windows/deploy/volume-activation-windows-10.md b/windows/deploy/volume-activation-windows-10.md
index 594cb846f4..2ed015e7ba 100644
--- a/windows/deploy/volume-activation-windows-10.md
+++ b/windows/deploy/volume-activation-windows-10.md
@@ -23,10 +23,10 @@ localizationpriority: high
- Windows Server 2008 R2
**Looking for volume licensing information?**
-- [Download the Volume Licensing Reference Guide for Windows 10 Desktop Operating System](http://go.microsoft.com/fwlink/p/?LinkId=620104)
+- [Download the Volume Licensing Reference Guide for Windows 10 Desktop Operating System](https://go.microsoft.com/fwlink/p/?LinkId=620104)
**Looking for retail activation?**
-- [Get Help Activating Microsoft Windows](http://go.microsoft.com/fwlink/p/?LinkId=618644)
+- [Get Help Activating Microsoft Windows](https://go.microsoft.com/fwlink/p/?LinkId=618644)
This guide is designed to help organizations that are planning to use volume activation to deploy and activate Windows 10, including organizations that have used volume activation for earlier versions of Windows.
*Volume activation* is the process that Microsoft volume licensing customers use to automate and manage the activation of Windows operating systems, Microsoft Office, and other Microsoft products across large organizations. Volume licensing is available to customers who purchase software under various volume programs (such as Open and Select) and to participants in programs such as the Microsoft Partner Program and MSDN Subscriptions.
@@ -38,9 +38,9 @@ This guide provides information and step-by-step guidance to help you choose a v
Because most organizations will not immediately switch all computers to Windows 10, practical volume activation strategies must also take in to account how to work with the Windows 8, Windows 7, Windows Server 2012, and Windows Server 2008 R2Windows Server 2008 R2 operating systems. This guide
discusses how the new volume activation tools can support earlier operating systems, but it does not discuss the tools that are provided with earlier operating system versions.
-Volume activation—and the need for activation itself—is not new, and this guide does not review all of its concepts and history. You can find additional background in the appendices of this guide. For more information, see [Volume Activation Overview](http://go.microsoft.com/fwlink/p/?LinkId=618209) in the TechNet Library.
+Volume activation—and the need for activation itself—is not new, and this guide does not review all of its concepts and history. You can find additional background in the appendices of this guide. For more information, see [Volume Activation Overview](https://go.microsoft.com/fwlink/p/?LinkId=618209) in the TechNet Library.
-If you would like additional information about planning a volume activation deployment specifically for Windows 7 and Windows Server 2008 R2, please see the [Volume Activation Planning Guide for Windows 7](http://go.microsoft.com/fwlink/p/?LinkId=618210).
+If you would like additional information about planning a volume activation deployment specifically for Windows 7 and Windows Server 2008 R2, please see the [Volume Activation Planning Guide for Windows 7](https://go.microsoft.com/fwlink/p/?LinkId=618210).
To successfully plan and implement a volume activation strategy, you must:
- Learn about and understand product activation.
diff --git a/windows/deploy/windows-10-deployment-scenarios.md b/windows/deploy/windows-10-deployment-scenarios.md
index e76d648bb0..d3b797865f 100644
--- a/windows/deploy/windows-10-deployment-scenarios.md
+++ b/windows/deploy/windows-10-deployment-scenarios.md
@@ -59,7 +59,7 @@ There are two primary dynamic provisioning scenarios:
- **Azure Active Directory (Azure AD) Join with automatic mobile device management (MDM) enrollment.** In this scenario, the organization member just needs to provide their work or school user ID and password; the device can then be automatically joined to Azure Active Directory and enrolled in a mobile device management (MDM) solution with no additional user interaction. Once done, the MDM solution can finish configuring the device as needed.
-- **Provisioning package configuration.** Using the [Windows Imaging and Configuration Designer (ICD)](http://go.microsoft.com/fwlink/p/?LinkId=619358), IT administrators can create a self-contained package that contains all of the configuration, settings, and apps that need to be applied to a machine. These packages can then be deployed to new PCs through a variety of means, typically by IT professionals. For more information, see [Configure devices without MDM](../manage/configure-devices-without-mdm.md).
+- **Provisioning package configuration.** Using the [Windows Imaging and Configuration Designer (ICD)](https://go.microsoft.com/fwlink/p/?LinkId=619358), IT administrators can create a self-contained package that contains all of the configuration, settings, and apps that need to be applied to a machine. These packages can then be deployed to new PCs through a variety of means, typically by IT professionals. For more information, see [Configure devices without MDM](../manage/configure-devices-without-mdm.md).
Either way, these scenarios can be used to enable “choose your own device” (CYOD) programs where the organization’s users can pick their own PC and not be restricted to a small list of approved or certified models (programs that are difficult to implement using traditional deployment scenarios).
@@ -126,8 +126,8 @@ The deployment process for the replace scenario is as follows:
## Related topics
- [Upgrade to Windows 10 with the Microsoft Deployment Toolkit](upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md)
- [Upgrade to Windows 10 with System Center Configuration Manager](upgrade-to-windows-10-with-system-center-configuraton-manager.md)
-- [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=620230)
+- [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=620230)
- [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md)
-- [Windows setup technical reference](http://go.microsoft.com/fwlink/p/?LinkId=619357)
-- [Windows Imaging and Configuration Designer](http://go.microsoft.com/fwlink/p/?LinkId=619358)
-- [UEFI firmware](http://go.microsoft.com/fwlink/p/?LinkId=619359)
\ No newline at end of file
+- [Windows setup technical reference](https://go.microsoft.com/fwlink/p/?LinkId=619357)
+- [Windows Imaging and Configuration Designer](https://go.microsoft.com/fwlink/p/?LinkId=619358)
+- [UEFI firmware](https://go.microsoft.com/fwlink/p/?LinkId=619359)
\ No newline at end of file
diff --git a/windows/deploy/windows-10-edition-upgrades.md b/windows/deploy/windows-10-edition-upgrades.md
index ab1e629231..5ef0592258 100644
--- a/windows/deploy/windows-10-edition-upgrades.md
+++ b/windows/deploy/windows-10-edition-upgrades.md
@@ -15,7 +15,7 @@ author: greg-lindsay
- Windows 10
- Windows 10 Mobile
-With Windows 10, you can quickly upgrade from one edition of Windows 10 to another, provided the upgrade path is supported. For information on what edition of Windows 10 is right for you, see [Compare Windows 10 Editions](http://go.microsoft.com/fwlink/p/?LinkID=690882). For a comprehensive list of all possible upgrade paths to Windows 10, see [Windows 10 upgrade paths](windows-10-upgrade-paths.md).
+With Windows 10, you can quickly upgrade from one edition of Windows 10 to another, provided the upgrade path is supported. For information on what edition of Windows 10 is right for you, see [Compare Windows 10 Editions](https://go.microsoft.com/fwlink/p/?LinkID=690882). For a comprehensive list of all possible upgrade paths to Windows 10, see [Windows 10 upgrade paths](windows-10-upgrade-paths.md).
The following table shows the methods and paths available to change the edition of Windows 10 that is running on your computer. **Note**: The reboot requirement for upgrading from Pro to Enterprise was removed in version 1607.
@@ -35,18 +35,18 @@ X = unsupported
>**Note**: Each desktop edition in the table also has an N and KN edition. These editions have had media-related functionality removed. Devices with N or KN editions installed can be upgraded to corresponding N or KN editions using the same methods.
## Upgrade using mobile device management (MDM)
-- To upgrade desktop editions of Windows 10 using MDM, you'll need to enter the product key for the upgraded edition in the **UpgradeEditionWithProductKey** policy setting of the **WindowsLicensing** CSP. For more info, see [WindowsLicensing CSP](http://go.microsoft.com/fwlink/p/?LinkID=690907).
+- To upgrade desktop editions of Windows 10 using MDM, you'll need to enter the product key for the upgraded edition in the **UpgradeEditionWithProductKey** policy setting of the **WindowsLicensing** CSP. For more info, see [WindowsLicensing CSP](https://go.microsoft.com/fwlink/p/?LinkID=690907).
-- To upgrade mobile editions of Windows 10 using MDM, you'll need to enter the product key for the upgraded edition in the **UpgradeEditionWithLicense** policy setting of the **WindowsLicensing** CSP. For more info, see [WindowsLicensing CSP](http://go.microsoft.com/fwlink/p/?LinkID=690907).
+- To upgrade mobile editions of Windows 10 using MDM, you'll need to enter the product key for the upgraded edition in the **UpgradeEditionWithLicense** policy setting of the **WindowsLicensing** CSP. For more info, see [WindowsLicensing CSP](https://go.microsoft.com/fwlink/p/?LinkID=690907).
## Upgrade using a provisioning package
-The Windows Imaging and Configuration Designer (ICD) tool is included in the Windows Assessment and Deployment Kit (ADK) for Windows 10. [Install the ADK.](http://go.microsoft.com/fwlink/p/?LinkId=526740)
+The Windows Imaging and Configuration Designer (ICD) tool is included in the Windows Assessment and Deployment Kit (ADK) for Windows 10. [Install the ADK.](https://go.microsoft.com/fwlink/p/?LinkId=526740)
- To use Windows ICD to create a provisioning package for upgrading desktop editions of Windows 10, go to **Runtime settings > EditionUpgrade > UpgradeEditionWithProductKey** in the **Available customizations** panel in Windows ICD and enter the product key for the upgraded edition.
- To use Windows ICD to create a provisioning package for upgrading mobile editions of Windows 10, go to **Runtime settings > EditionUpgrade > UpgradeEditionWithLicense** in the **Available customizations** panel in Windows ICD and enter the product key for the upgraded edition.
-For more info on creating and applying a provisioning package using Windows ICD, see [Build and apply a provisioning package](http://go.microsoft.com/fwlink/p/?LinkID=533700).
+For more info on creating and applying a provisioning package using Windows ICD, see [Build and apply a provisioning package](https://go.microsoft.com/fwlink/p/?LinkID=533700).
## Upgrade using a command-line tool
You can run the changepk.exe command-line tool to upgrade devices to a supported edition of Windows 10:
diff --git a/windows/deploy/windows-adk-scenarios-for-it-pros.md b/windows/deploy/windows-adk-scenarios-for-it-pros.md
index 456d2786a0..19c048877c 100644
--- a/windows/deploy/windows-adk-scenarios-for-it-pros.md
+++ b/windows/deploy/windows-adk-scenarios-for-it-pros.md
@@ -11,7 +11,7 @@ author: greg-lindsay
# Windows ADK for Windows 10 scenarios for IT Pros
-The [Windows Assessment and Deployment Kit](http://go.microsoft.com/fwlink/p/?LinkId=526803) (Windows ADK) contains tools that can be used by IT Pros to deploy Windows. For an overview of what's new in the Windows ADK for Windows 10, see [What's new in kits and tools](http://msdn.microsoft.com/library/windows/hardware/dn927348.aspx).
+The [Windows Assessment and Deployment Kit](https://go.microsoft.com/fwlink/p/?LinkId=526803) (Windows ADK) contains tools that can be used by IT Pros to deploy Windows. For an overview of what's new in the Windows ADK for Windows 10, see [What's new in kits and tools](http://msdn.microsoft.com/library/windows/hardware/dn927348.aspx).
In previous releases of Windows, the Windows ADK docs were published on both TechNet and the MSDN Hardware Dev Center. Starting with the Windows 10 release, Windows ADK documentation is available on the MSDN Hardware Dev Center. For the Windows 10 ADK reference content, see [Desktop manufacturing](http://msdn.microsoft.com/library/windows/hardware/dn938361.aspx).
diff --git a/windows/deploy/windows-deployment-scenarios-and-tools.md b/windows/deploy/windows-deployment-scenarios-and-tools.md
index a970f1b56f..1a431a3040 100644
--- a/windows/deploy/windows-deployment-scenarios-and-tools.md
+++ b/windows/deploy/windows-deployment-scenarios-and-tools.md
@@ -21,7 +21,7 @@ In this topic, you also learn about different types of reference images that you
## Windows Assessment and Deployment Kit
-Windows ADK contains core assessment and deployment tools and technologies, including Deployment Image Servicing and Management (DISM), Windows Imaging and Configuration Designer (Windows ICD), Windows System Image Manager (Windows SIM), User State Migration Tool (USMT), Volume Activation Management Tool (VAMT), Windows Preinstallation Environment (Windows PE), Windows Assessment Services, Windows Performance Toolkit (WPT), Application Compatibility Toolkit (ACT), and Microsoft SQL Server 2012 Express. For more details, see [Windows ADK for Windows 10](http://go.microsoft.com/fwlink/p/?LinkId=526803 ) or [Windows ADK for Windows 10 scenarios for IT Pros](windows-adk-scenarios-for-it-pros.md).
+Windows ADK contains core assessment and deployment tools and technologies, including Deployment Image Servicing and Management (DISM), Windows Imaging and Configuration Designer (Windows ICD), Windows System Image Manager (Windows SIM), User State Migration Tool (USMT), Volume Activation Management Tool (VAMT), Windows Preinstallation Environment (Windows PE), Windows Assessment Services, Windows Performance Toolkit (WPT), Application Compatibility Toolkit (ACT), and Microsoft SQL Server 2012 Express. For more details, see [Windows ADK for Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=526803 ) or [Windows ADK for Windows 10 scenarios for IT Pros](windows-adk-scenarios-for-it-pros.md).
@@ -48,7 +48,7 @@ Enable-WindowsOptionalFeature -Online -FeatureName NetFx3 -All
Figure 2. Using DISM functions in PowerShell.
-For more information on DISM, see [DISM technical reference](http://go.microsoft.com/fwlink/p/?LinkId=619161).
+For more information on DISM, see [DISM technical reference](https://go.microsoft.com/fwlink/p/?LinkId=619161).
### User State Migration Tool (USMT)
@@ -96,7 +96,7 @@ By default USMT migrates many settings, most of which are related to the user pr
- Application settings
-These are the settings migrated by the default MigUser.xml and MigApp.xml templates. For more details on what USMT migrates, see [What does USMT migrate?](http://go.microsoft.com/fwlink/p/?LinkId=619227) For more information on the USMT overall, see the [USMT technical reference](http://go.microsoft.com/fwlink/p/?LinkId=619228).
+These are the settings migrated by the default MigUser.xml and MigApp.xml templates. For more details on what USMT migrates, see [What does USMT migrate?](https://go.microsoft.com/fwlink/p/?LinkId=619227) For more information on the USMT overall, see the [USMT technical reference](https://go.microsoft.com/fwlink/p/?LinkId=619228).
### Windows Imaging and Configuration Designer
@@ -106,7 +106,7 @@ Windows Imaging and Configuration Designer (Windows ICD) is a tool designed to a
Figure 4. Windows Imaging and Configuration Designer.
-For more information, see [Windows Imaging and Configuration Designer](http://go.microsoft.com/fwlink/p/?LinkID=525483).
+For more information, see [Windows Imaging and Configuration Designer](https://go.microsoft.com/fwlink/p/?LinkID=525483).
### Windows System Image Manager (Windows SIM)
@@ -116,7 +116,7 @@ Windows SIM is an authoring tool for Unattend.xml files. When using MDT and/or C
Figure 5. Windows answer file opened in Windows SIM.
-For more information, see [Windows System Image Manager Technical Reference]( http://go.microsoft.com/fwlink/p/?LinkId=619906).
+For more information, see [Windows System Image Manager Technical Reference]( https://go.microsoft.com/fwlink/p/?LinkId=619906).
### Volume Activation Management Tool (VAMT)
@@ -132,7 +132,7 @@ VAMT also can be used to create reports, switch from MAK to KMS, manage Active D
Get-VamtProduct
```
-For more information on the VAMT, see [VAMT technical reference](http://go.microsoft.com/fwlink/p/?LinkId=619230).
+For more information on the VAMT, see [VAMT technical reference](https://go.microsoft.com/fwlink/p/?LinkId=619230).
### Windows Preinstallation Environment (Windows PE)
@@ -144,7 +144,7 @@ The key thing to know about Windows PE is that, like the operating system, it ne
Figure 7. A machine booted with the Windows ADK default Windows PE boot image.
-For more details on Windows PE, see [Windows PE (WinPE)](http://go.microsoft.com/fwlink/p/?LinkId=619233).
+For more details on Windows PE, see [Windows PE (WinPE)](https://go.microsoft.com/fwlink/p/?LinkId=619233).
## Windows Recovery Environment
@@ -155,7 +155,7 @@ Windows Recovery Environment (Windows RE) is a diagnostics and recovery toolset
Figure 8. A Windows 10 client booted into Windows RE, showing Advanced options.
-For more information on Windows RE, see [Windows Recovery Environment](http://go.microsoft.com/fwlink/p/?LinkId=619236).
+For more information on Windows RE, see [Windows Recovery Environment](https://go.microsoft.com/fwlink/p/?LinkId=619236).
## Windows Deployment Services
@@ -166,7 +166,7 @@ Windows Deployment Services (WDS) has been updated and improved in several ways
Figure 9. Windows Deployment Services using multicast to deploy three machines.
-In Windows Server 2012 R2, [Windows Deployment Services](http://go.microsoft.com/fwlink/p/?LinkId=619245) can be configured for stand-alone mode or for Active Directory integration. In most scenarios, the Active Directory integration mode is the best option. WDS also has the capability to manage drivers; however, driver management through MDT and Configuration Manager is more suitable for deployment due to the flexibility offered by both solutions, so you will use them instead. In WDS, it is possible to pre-stage devices in Active Directory, but here, too, Configuration Manager has that capability built in, and MDT has the ability to use a SQL Server database for pre-staging. In most scenarios, those solutions are better than the built-in pre-staging function as they allow greater control and management.
+In Windows Server 2012 R2, [Windows Deployment Services](https://go.microsoft.com/fwlink/p/?LinkId=619245) can be configured for stand-alone mode or for Active Directory integration. In most scenarios, the Active Directory integration mode is the best option. WDS also has the capability to manage drivers; however, driver management through MDT and Configuration Manager is more suitable for deployment due to the flexibility offered by both solutions, so you will use them instead. In WDS, it is possible to pre-stage devices in Active Directory, but here, too, Configuration Manager has that capability built in, and MDT has the ability to use a SQL Server database for pre-staging. In most scenarios, those solutions are better than the built-in pre-staging function as they allow greater control and management.
### Trivial File Transfer Protocol (TFTP) configuration
@@ -200,12 +200,12 @@ Lite Touch and Zero Touch are marketing names for the two solutions that MDT 201
Figure 11. The Deployment Workbench in MDT 2013, showing a task sequence.
-For more information on MDT 2013 Update 1, see the [Microsoft Deployment Toolkit](http://go.microsoft.com/fwlink/p/?LinkId=618117) resource center.
+For more information on MDT 2013 Update 1, see the [Microsoft Deployment Toolkit](https://go.microsoft.com/fwlink/p/?LinkId=618117) resource center.
## Microsoft Security Compliance Manager 2013
-[Microsoft SCM](http://go.microsoft.com/fwlink/p/?LinkId=619246) is a free utility used to create baseline security settings for the Windows client and server environment. The baselines can be exported and then deployed via Group Policy, local policies, MDT, or Configuration Manager. The current version of Security Compliance Manager includes baselines for Windows 8.1 and several earlier versions of Windows, Windows Server, and Internet Explorer.
+[Microsoft SCM](https://go.microsoft.com/fwlink/p/?LinkId=619246) is a free utility used to create baseline security settings for the Windows client and server environment. The baselines can be exported and then deployed via Group Policy, local policies, MDT, or Configuration Manager. The current version of Security Compliance Manager includes baselines for Windows 8.1 and several earlier versions of Windows, Windows Server, and Internet Explorer.
@@ -228,7 +228,7 @@ The following components are included in the MDOP suite:
- **Microsoft BitLocker Administration and Monitoring (MBAM).** MBAM is an administrator interface used to manage BitLocker drive encryption. It allows you to configure your enterprise with the correct BitLocker encryption policy options, as well as monitor compliance with these policies.
-For more information on the benefits of an MDOP subscription, see [Microsoft Desktop Optimization Pack](http://go.microsoft.com/fwlink/p/?LinkId=619247).
+For more information on the benefits of an MDOP subscription, see [Microsoft Desktop Optimization Pack](https://go.microsoft.com/fwlink/p/?LinkId=619247).
## Internet Explorer Administration Kit 11
@@ -239,7 +239,7 @@ There has been a version of IEAK for every version of Internet Explorer since 3.
Figure 13. The User Experience selection screen in IEAK 11.
-To download IEAK 11, see the [Internet Explorer Administration Kit (IEAK) Information and Downloads](http://go.microsoft.com/fwlink/p/?LinkId=619248) page.
+To download IEAK 11, see the [Internet Explorer Administration Kit (IEAK) Information and Downloads](https://go.microsoft.com/fwlink/p/?LinkId=619248) page.
## Windows Server Update Services
@@ -250,7 +250,7 @@ WSUS is a server role in Windows Server 2012 R2 that enables you to maintain a l
Figure 14. The Windows Server Update Services console.
-For more information on WSUS, see the [Windows Server Update Services Overview](http://go.microsoft.com/fwlink/p/?LinkId=619249).
+For more information on WSUS, see the [Windows Server Update Services Overview](https://go.microsoft.com/fwlink/p/?LinkId=619249).
## Unified Extensible Firmware Interface
@@ -323,7 +323,7 @@ There are many things that affect operating system deployment as soon as you run
- UEFI does not support cross-platform booting; therefore, you need to have the correct boot media (32- or 64-bit).
-For more information on UEFI, see the [UEFI firmware](http://go.microsoft.com/fwlink/p/?LinkId=619251) overview and related resources.
+For more information on UEFI, see the [UEFI firmware](https://go.microsoft.com/fwlink/p/?LinkId=619251) overview and related resources.
## Related topics
diff --git a/windows/deploy/windows-upgrade-and-migration-considerations.md b/windows/deploy/windows-upgrade-and-migration-considerations.md
index fc4c69a980..910efb0f39 100644
--- a/windows/deploy/windows-upgrade-and-migration-considerations.md
+++ b/windows/deploy/windows-upgrade-and-migration-considerations.md
@@ -17,7 +17,7 @@ You can upgrade from an earlier version of Windows, which means you can install
## Migrate files and settings
Migration tools are available to transfer settings from one computer that is running Windows to another. These tools transfer only the program settings, not the programs themselves.
-For more information about application compatibility, see the [Application Compatibility Toolkit (ACT)](http://go.microsoft.com/fwlink/p/?LinkId=131349).
+For more information about application compatibility, see the [Application Compatibility Toolkit (ACT)](https://go.microsoft.com/fwlink/p/?LinkId=131349).
The User State Migration Tool (USMT) 10.0 is an application intended for administrators who are performing large-scale automated deployments. For deployment to a small number of computers or for individually customized deployments, you can use Windows Easy Transfer.
@@ -33,7 +33,7 @@ You can use USMT to automate migration during large deployments of the Windows o
Whether you are upgrading or migrating to a new version of Windows, you must be aware of the following issues and considerations:
### Application compatibility
-For more information about application compatibility in Windows, see the [Application Compatibility Toolkit (ACT)](http://go.microsoft.com/fwlink/p/?LinkId=131349).
+For more information about application compatibility in Windows, see the [Application Compatibility Toolkit (ACT)](https://go.microsoft.com/fwlink/p/?LinkId=131349).
### Multilingual Windows image upgrades
When performing multilingual Windows upgrades, cross-language upgrades are not supported by USMT. If you are upgrading or migrating an operating system with multiple language packs installed, you can upgrade or migrate only to the system default user interface (UI) language. For example, if English is the default but you have a Spanish language pack installed, you can upgrade or migrate only to English.
diff --git a/windows/index.md b/windows/index.md
index ec5ecb7a39..d5e7f92b8a 100644
--- a/windows/index.md
+++ b/windows/index.md
@@ -27,7 +27,7 @@ This library provides the core content that IT pros need to evaluate, plan, depl
## Related topics
-[Windows 10 TechCenter](http://go.microsoft.com/fwlink/?LinkId=620009)
+[Windows 10 TechCenter](https://go.microsoft.com/fwlink/?LinkId=620009)
diff --git a/windows/keep-secure/add-apps-to-protected-list-using-custom-uri.md b/windows/keep-secure/add-apps-to-protected-list-using-custom-uri.md
index f6ed6747d4..3565476277 100644
--- a/windows/keep-secure/add-apps-to-protected-list-using-custom-uri.md
+++ b/windows/keep-secure/add-apps-to-protected-list-using-custom-uri.md
@@ -1,5 +1,5 @@
---
-title: Add apps to your Windows Information Protection (WIP) policy by using Microsoft Intune and custom URI functionality (Windows 10)
+title: Add apps to your Windows Information Protection (WIP) policy by using Microsoft Intune custom URI functionality (Windows 10)
description: Add apps to your Windows Information Protection (WIP) allowed app list, by using the Microsoft Intune custom URI functionality and AppLocker.
ms.assetid: b50db35d-a2a9-4b78-a95d-a1b066e66880
keywords: WIP, Enterprise Data Protection, protected apps, protected app list
@@ -17,7 +17,7 @@ localizationpriority: high
- Windows 10, version 1607
- Windows 10 Mobile
-You can add apps to your Windows Information Protection (WIP) protected app list using the Microsoft Intune custom URI functionality and AppLocker. For more info about how to create a custom URI using Intune, [Windows 10 custom policy settings in Microsoft Intune](http://go.microsoft.com/fwlink/p/?LinkID=691330).
+You can add apps to your Windows Information Protection (WIP) protected app list using the Microsoft Intune custom URI functionality and AppLocker. For more info about how to create a custom URI using Intune, [Windows 10 custom policy settings in Microsoft Intune](https://go.microsoft.com/fwlink/p/?LinkID=691330).
>**Important**
Results can be unpredictable if you configure your policy using both the UI and the Custom URI method together. We recommend using a single method for each policy.
diff --git a/windows/keep-secure/advanced-security-auditing-faq.md b/windows/keep-secure/advanced-security-auditing-faq.md
index aba6ac5414..9ccd526c9d 100644
--- a/windows/keep-secure/advanced-security-auditing-faq.md
+++ b/windows/keep-secure/advanced-security-auditing-faq.md
@@ -170,8 +170,8 @@ In addition, there are a number of computer management products, such as the Aud
Users who examine the security event log for the first time can be a bit overwhelmed by the number of audit events that are stored there (which can quickly number in the thousands) and by the structured information that is included for each audit event. Additional information about these events, and the settings used to generate them, can be obtained from the following resources:
- [Windows 8 and Windows Server 2012 Security Event Details](http://www.microsoft.com/download/details.aspx?id=35753)
-- [Security Audit Events for Windows 7 and Windows Server 2008 R2](http://go.microsoft.com/fwlink/p/?linkid=157780)
-- [Security Audit Events for Windows Server 2008 and Windows Vista](http://go.microsoft.com/fwlink/p/?linkid=121868)
+- [Security Audit Events for Windows 7 and Windows Server 2008 R2](https://go.microsoft.com/fwlink/p/?linkid=157780)
+- [Security Audit Events for Windows Server 2008 and Windows Vista](https://go.microsoft.com/fwlink/p/?linkid=121868)
- [Advanced security audit policy settings](advanced-security-audit-policy-settings.md)
## Where can I find more detailed information?
@@ -180,7 +180,7 @@ To learn more about security audit policies, see the following resources:
- [Planning and deploying advanced security audit policies](planning-and-deploying-advanced-security-audit-policies.md)
- [Security Monitoring and Attack Detection Planning Guide](http://social.technet.microsoft.com/wiki/contents/articles/325.advanced-security-auditing-in-windows-7-and-windows-server-2008-r2.aspx)
-- [Security Audit Events for Windows 7 and Windows Server 2008 R2](http://go.microsoft.com/fwlink/p/?linkid=157780)
-- [Security Audit Events for Windows Server 2008 and Windows Vista](http://go.microsoft.com/fwlink/p/?LinkId=121868)
+- [Security Audit Events for Windows 7 and Windows Server 2008 R2](https://go.microsoft.com/fwlink/p/?linkid=157780)
+- [Security Audit Events for Windows Server 2008 and Windows Vista](https://go.microsoft.com/fwlink/p/?LinkId=121868)
diff --git a/windows/keep-secure/applocker-functions.md b/windows/keep-secure/applocker-functions.md
index eaad056c7a..cd1534c55b 100644
--- a/windows/keep-secure/applocker-functions.md
+++ b/windows/keep-secure/applocker-functions.md
@@ -20,14 +20,14 @@ This topic for the IT professional lists the functions and security levels for t
The following list includes the SRP functions beginning with Windows Server 2003 and AppLocker functions beginning with Windows Server 2008 R2 and links to current documentation on MSDN:
-- [SaferGetPolicyInformation Function](http://go.microsoft.com/fwlink/p/?LinkId=159781)
-- [SaferCreateLevel Function](http://go.microsoft.com/fwlink/p/?LinkId=159782)
-- [SaferCloseLevel Function](http://go.microsoft.com/fwlink/p/?LinkId=159783)
-- [SaferIdentifyLevel Function](http://go.microsoft.com/fwlink/p/?LinkId=159784)
-- [SaferComputeTokenFromLevel Function](http://go.microsoft.com/fwlink/p/?LinkId=159785)
-- [SaferGetLevelInformation Function](http://go.microsoft.com/fwlink/p/?LinkId=159787)
-- [SaferRecordEventLogEntry Function](http://go.microsoft.com/fwlink/p/?LinkId=159789)
-- [SaferiIsExecutableFileType Function](http://go.microsoft.com/fwlink/p/?LinkId=159790)
+- [SaferGetPolicyInformation Function](https://go.microsoft.com/fwlink/p/?LinkId=159781)
+- [SaferCreateLevel Function](https://go.microsoft.com/fwlink/p/?LinkId=159782)
+- [SaferCloseLevel Function](https://go.microsoft.com/fwlink/p/?LinkId=159783)
+- [SaferIdentifyLevel Function](https://go.microsoft.com/fwlink/p/?LinkId=159784)
+- [SaferComputeTokenFromLevel Function](https://go.microsoft.com/fwlink/p/?LinkId=159785)
+- [SaferGetLevelInformation Function](https://go.microsoft.com/fwlink/p/?LinkId=159787)
+- [SaferRecordEventLogEntry Function](https://go.microsoft.com/fwlink/p/?LinkId=159789)
+- [SaferiIsExecutableFileType Function](https://go.microsoft.com/fwlink/p/?LinkId=159790)
## Security level ID
diff --git a/windows/keep-secure/audit-audit-the-use-of-backup-and-restore-privilege.md b/windows/keep-secure/audit-audit-the-use-of-backup-and-restore-privilege.md
index 3bd9ddd1b8..d66a9e0a4e 100644
--- a/windows/keep-secure/audit-audit-the-use-of-backup-and-restore-privilege.md
+++ b/windows/keep-secure/audit-audit-the-use-of-backup-and-restore-privilege.md
@@ -74,7 +74,7 @@ When the backup and restore function is used, it creates a copy of the file syst
### Countermeasure
Enable the **Audit: Audit the use of Backup and Restore privilege** setting. Alternatively, implement automatic log backup by configuring the **AutoBackupLogFiles** registry key. If you enable this option when the [Audit privilege use](basic-audit-privilege-use.md) setting is also enabled, an audit event is generated for every file that is backed up or restored. This information could help you to identify an account that was used to accidentally or maliciously restore data in an unauthorized manner.
-For more information about configuring this key, see Microsoft Knowledge Base article [100879](http://go.microsoft.com/fwlink/p/?LinkId=100879).
+For more information about configuring this key, see Microsoft Knowledge Base article [100879](https://go.microsoft.com/fwlink/p/?LinkId=100879).
### Potential impact
diff --git a/windows/keep-secure/bitlocker-frequently-asked-questions.md b/windows/keep-secure/bitlocker-frequently-asked-questions.md
index 29836430fd..c329ed5d14 100644
--- a/windows/keep-secure/bitlocker-frequently-asked-questions.md
+++ b/windows/keep-secure/bitlocker-frequently-asked-questions.md
@@ -139,7 +139,7 @@ The following table lists what action you need to take before you perform an upg
### Can BitLocker deployment be automated in an enterprise environment?
-Yes, you can automate the deployment and configuration of BitLocker and the TPM using either WMI or Windows PowerShell scripts. How you choose to implement the scripts depends on your environment. You can also use Manage-bde.exe to locally or remotely configure BitLocker. For more info about writing scripts that use the BitLocker WMI providers, see [BitLocker Drive Encryption Provider](http://go.microsoft.com/fwlink/p/?LinkId=80600). For more info about using Windows PowerShell cmdlets with BitLocker Drive Encryption, see [BitLocker Cmdlets in Windows PowerShell](http://technet.microsoft.com/library/jj649829.aspx).
+Yes, you can automate the deployment and configuration of BitLocker and the TPM using either WMI or Windows PowerShell scripts. How you choose to implement the scripts depends on your environment. You can also use Manage-bde.exe to locally or remotely configure BitLocker. For more info about writing scripts that use the BitLocker WMI providers, see [BitLocker Drive Encryption Provider](https://go.microsoft.com/fwlink/p/?LinkId=80600). For more info about using Windows PowerShell cmdlets with BitLocker Drive Encryption, see [BitLocker Cmdlets in Windows PowerShell](http://technet.microsoft.com/library/jj649829.aspx).
### Can BitLocker encrypt more than just the operating system drive?
diff --git a/windows/keep-secure/block-untrusted-fonts-in-enterprise.md b/windows/keep-secure/block-untrusted-fonts-in-enterprise.md
index 975a2a8c12..8343d2c59e 100644
--- a/windows/keep-secure/block-untrusted-fonts-in-enterprise.md
+++ b/windows/keep-secure/block-untrusted-fonts-in-enterprise.md
@@ -12,6 +12,12 @@ localizationpriority: high
---
# Block untrusted fonts in an enterprise
+**Applies to:**
+
+- Windows 10
+
+>Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
+
To help protect your company from attacks which may originate from untrusted or attacker controlled font files, we’ve created the Blocking Untrusted Fonts feature. Using this feature, you can turn on a global setting that stops your employees from loading untrusted fonts processed using the Graphics Device Interface (GDI) onto your network. Untrusted fonts are any font installed outside of the `%windir%/Fonts` directory. Blocking untrusted fonts helps prevent both remote (web-based or email-based) and local EOP attacks that can happen during the font file-parsing process.
## What does this mean for me?
@@ -31,7 +37,7 @@ After you turn this feature on, your employees might experience reduced function
- Sending a print job to a remote printer server that uses this feature and where the spooler process hasn’t been specifically excluded. In this situation, any fonts that aren’t already available in the server’s %windir%/Fonts folder won’t be used.
-- Printing using fonts provided by the installed printer’s graphics .dll file, outside of the %windir%/Fonts folder. For more information, see [Introduction to Printer Graphics DLLs](http://go.microsoft.com/fwlink/p/?LinkId=522302).
+- Printing using fonts provided by the installed printer’s graphics .dll file, outside of the %windir%/Fonts folder. For more information, see [Introduction to Printer Graphics DLLs](https://go.microsoft.com/fwlink/p/?LinkId=522302).
- Using first or third-party apps that use memory-based fonts.
diff --git a/windows/keep-secure/bypass-traverse-checking.md b/windows/keep-secure/bypass-traverse-checking.md
index 60df8885da..5c32eaf5e4 100644
--- a/windows/keep-secure/bypass-traverse-checking.md
+++ b/windows/keep-secure/bypass-traverse-checking.md
@@ -14,6 +14,8 @@ author: brianlic-msft
**Applies to**
- Windows 10
+>Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
+
Describes the best practices, location, values, policy management, and security considerations for the **Bypass traverse checking** security policy setting.
## Reference
@@ -78,7 +80,7 @@ The default configuration for the **Bypass traverse checking** setting is to all
### Countermeasure
-Organizations that are extremely concerned about security may want to remove the Everyone group, and perhaps the Users group, from the list of groups that have the **Bypass traverse checking** user right. Taking explicit control over traversal assignments can be an effective way to limit access to sensitive information. Access–based enumeration can also be used. If you use access–based enumeration, users cannot see any folder or file to which they do not have access. For more info about this feature, see [Access-based Enumeration](http://go.microsoft.com/fwlink/p/?LinkId=100745).
+Organizations that are extremely concerned about security may want to remove the Everyone group, and perhaps the Users group, from the list of groups that have the **Bypass traverse checking** user right. Taking explicit control over traversal assignments can be an effective way to limit access to sensitive information. Access–based enumeration can also be used. If you use access–based enumeration, users cannot see any folder or file to which they do not have access. For more info about this feature, see [Access-based Enumeration](https://go.microsoft.com/fwlink/p/?LinkId=100745).
### Potential impact
diff --git a/windows/keep-secure/change-history-for-keep-windows-10-secure.md b/windows/keep-secure/change-history-for-keep-windows-10-secure.md
index db3058b317..4394da8ab8 100644
--- a/windows/keep-secure/change-history-for-keep-windows-10-secure.md
+++ b/windows/keep-secure/change-history-for-keep-windows-10-secure.md
@@ -13,9 +13,11 @@ author: brianlic-msft
This topic lists new and updated topics in the [Keep Windows 10 secure](index.md) documentation for [Windows 10 and Windows 10 Mobile](../index.md).
## August 2016
-- [Testing scenarios for Windows Information Protection (WIP)](testing-scenarios-for-wip.md) |Updated and added additional scenarios for testing. |
-- [Protect your enterprise data using Windows Information Protection (WIP)](protect-enterprise-data-using-wip.md) |Updated to include info from the original What's New and Overview topics. |
-- [Override Process Mitigation Options to help enforce app-related security policies](override-mitigation-options-for-app-related-security-policies.md) |New |
+|New or changed topic | Description |
+|----------------------|-------------|
+|[Override Process Mitigation Options to help enforce app-related security policies](override-mitigation-options-for-app-related-security-policies.md) |New |
+|[Testing scenarios for Windows Information Protection (WIP)](testing-scenarios-for-wip.md) |Updated and added additional scenarios for testing |
+|[Protect your enterprise data using Windows Information Protection (WIP)](protect-enterprise-data-using-wip.md) |Updated to include info from the original What's New and Overview topics |
## RELEASE: Windows 10, version 1607
diff --git a/windows/keep-secure/configure-s-mime.md b/windows/keep-secure/configure-s-mime.md
index 7169036152..bce814e3d6 100644
--- a/windows/keep-secure/configure-s-mime.md
+++ b/windows/keep-secure/configure-s-mime.md
@@ -32,11 +32,11 @@ A digitally signed message reassures the recipient that the message hasn't been
## Prerequisites
-- [S/MIME is enabled for Exchange accounts](http://go.microsoft.com/fwlink/p/?LinkId=718217) (on-premises and Office 365). Users can’t use S/MIME signing and encryption with a personal account such as Outlook.com.
+- [S/MIME is enabled for Exchange accounts](https://go.microsoft.com/fwlink/p/?LinkId=718217) (on-premises and Office 365). Users can’t use S/MIME signing and encryption with a personal account such as Outlook.com.
- Valid Personal Information Exchange (PFX) certificates are installed on the device.
- - [How to Create PFX Certificate Profiles in Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkID=718215)
- - [Enable access to company resources using certificate profiles with Microsoft Intune](http://go.microsoft.com/fwlink/p/?LinkId=718216)
+ - [How to Create PFX Certificate Profiles in Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkID=718215)
+ - [Enable access to company resources using certificate profiles with Microsoft Intune](https://go.microsoft.com/fwlink/p/?LinkId=718216)
- [Install digital certificates on Windows 10 Mobile](installing-digital-certificates-on-windows-10-mobile.md)
## Choose S/MIME settings
diff --git a/windows/keep-secure/create-list-of-applications-deployed-to-each-business-group.md b/windows/keep-secure/create-list-of-applications-deployed-to-each-business-group.md
index c623dd725f..ef423697d1 100644
--- a/windows/keep-secure/create-list-of-applications-deployed-to-each-business-group.md
+++ b/windows/keep-secure/create-list-of-applications-deployed-to-each-business-group.md
@@ -41,10 +41,10 @@ initially. Therefore, you should continue your evaluation until you can verify t
>**Tip:** If you run Application Verifier against a custom application with any AppLocker policies enabled, it might prevent the application from running. You should either disable Application Verifier or AppLocker.
You can create an inventory of Universal Windows apps on a device by using two methods: the **Get-AppxPackage** Windows PowerShell cmdlet or the AppLocker console.
-The following topics in the [AppLocker Step-by-Step Guide](http://go.microsoft.com/fwlink/p/?LinkId=160261) describe how to perform each method:
+The following topics in the [AppLocker Step-by-Step Guide](https://go.microsoft.com/fwlink/p/?LinkId=160261) describe how to perform each method:
-- [Automatically generating executable rules from a reference computer](http://go.microsoft.com/fwlink/p/?LinkId=160264)
-- [Using auditing to track which apps are used](http://go.microsoft.com/fwlink/p/?LinkId=160281)
+- [Automatically generating executable rules from a reference computer](https://go.microsoft.com/fwlink/p/?LinkId=160264)
+- [Using auditing to track which apps are used](https://go.microsoft.com/fwlink/p/?LinkId=160281)
### Prerequisites to completing the inventory
diff --git a/windows/keep-secure/create-wip-policy-using-intune.md b/windows/keep-secure/create-wip-policy-using-intune.md
index 0d428ec0a2..7a107e086c 100644
--- a/windows/keep-secure/create-wip-policy-using-intune.md
+++ b/windows/keep-secure/create-wip-policy-using-intune.md
@@ -74,7 +74,7 @@ For this example, we’re going to add Microsoft OneNote, a store app, to the **
If you don't know the publisher or product name, you can find them for both desktop devices and Windows 10 Mobile phones by following these steps.
**To find the Publisher and Product Name values for Store apps without installing them**
-1. Go to the [Windows Store for Business](http://go.microsoft.com/fwlink/p/?LinkID=722910) website, and find your app. For example, *Microsoft OneNote*.
+1. Go to the [Windows Store for Business](https://go.microsoft.com/fwlink/p/?LinkID=722910) website, and find your app. For example, *Microsoft OneNote*.
>**Note**
If your app is already installed on desktop devices, you can use the AppLocker local security policy MMC snap-in to gather the info for adding the app to the protected apps list. For info about how to do this, see the [Add apps to your Windows Information Protection (WIP) policy by using the Microsoft Intune custom URI functionality](add-apps-to-protected-list-using-custom-uri.md) topic.
@@ -327,7 +327,7 @@ We recommend that you start with **Silent** or **Override** while verifying with
|Mode |Description |
|-----|------------|
|Block |WIP looks for inappropriate data sharing practices and stops the employee from completing the action. This can include sharing info across non-enterprise-protected apps in addition to sharing enterprise data between other people and devices outside of your enterprise.|
-|Override |WIP looks for inappropriate data sharing, warning employees if they do something deemed potentially unsafe. However, this management mode lets the employee override the policy and share the data, logging the action to your audit log, accessible through the [Reporting CSP](http://go.microsoft.com/fwlink/p/?LinkID=746459). |
+|Override |WIP looks for inappropriate data sharing, warning employees if they do something deemed potentially unsafe. However, this management mode lets the employee override the policy and share the data, logging the action to your audit log, accessible through the [Reporting CSP](https://go.microsoft.com/fwlink/p/?LinkID=746459). |
|Silent |WIP runs silently, logging inappropriate data sharing, without blocking anything that would’ve been prompted for employee interaction while in Override mode. Unallowed actions, like apps inappropriately trying to access a network resource or WIP-protected data, are still blocked.|
|Off (not recommended) |WIP is turned off and doesn't help to protect or audit your data.After you turn off WIP, an attempt is made to decrypt any closed WIP-tagged files on the locally attached drives.|
@@ -423,7 +423,7 @@ There are no default locations included with WIP, you must add each of your netw
After you create and deploy your WIP policy to your employees, Windows will begin to encrypt your corporate data on the employees’ local device drive. If somehow the employees’ local encryption keys get lost or revoked, the encrypted data can become unrecoverable. To help avoid this possibility, the DRA certificate lets Windows use an included public key to encrypt the local data, while you maintain the private key that can unencrypt the data.
- For more info about how to find and export your data recovery certificate, see the [Data Recovery and Encrypting File System (EFS)](http://go.microsoft.com/fwlink/p/?LinkId=761462) topic. For more info about creating and verifying your EFS DRA certificate, see the [Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate](create-and-verify-an-efs-dra-certificate.md).
+ For more info about how to find and export your data recovery certificate, see the [Data Recovery and Encrypting File System (EFS)](https://go.microsoft.com/fwlink/p/?LinkId=761462) topic. For more info about creating and verifying your EFS DRA certificate, see the [Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate](create-and-verify-an-efs-dra-certificate.md).
### Choose your optional WIP-related settings
After you've decided where your protected apps can access enterprise data on your network, you’ll be asked to decide if you want to add any optional WIP settings.
diff --git a/windows/keep-secure/create-wip-policy-using-sccm.md b/windows/keep-secure/create-wip-policy-using-sccm.md
index 3fcee10aba..c66c433c22 100644
--- a/windows/keep-secure/create-wip-policy-using-sccm.md
+++ b/windows/keep-secure/create-wip-policy-using-sccm.md
@@ -92,7 +92,7 @@ If you don't know the publisher or product name, you can find them for both desk
**To find the Publisher and Product Name values for Store apps without installing them**
-1. Go to the [Windows Store for Business](http://go.microsoft.com/fwlink/p/?LinkID=722910) website, and find your app. For example, Microsoft OneNote.
+1. Go to the [Windows Store for Business](https://go.microsoft.com/fwlink/p/?LinkID=722910) website, and find your app. For example, Microsoft OneNote.
>**Note**
If your app is already installed on desktop devices, you can use the AppLocker local security policy MMC snap-in to gather the info for adding the app to the protected apps list. For info about how to do this, see the steps in the [Add an AppLocker policy file](#add-an-applocker-policy-file) section.
@@ -347,7 +347,7 @@ We recommend that you start with **Silent** or **Override** while verifying with
|Mode |Description |
|-----|------------|
|Block |WIP looks for inappropriate data sharing practices and stops the employee from completing the action. This can include sharing info across non-enterprise-protected apps in addition to sharing enterprise data between other people and devices outside of your enterprise.|
-|Override |WIP looks for inappropriate data sharing, warning employees if they do something deemed potentially unsafe. However, this management mode lets the employee override the policy and share the data, logging the action to your audit log, accessible through the [Reporting CSP](http://go.microsoft.com/fwlink/p/?LinkID=746459). |
+|Override |WIP looks for inappropriate data sharing, warning employees if they do something deemed potentially unsafe. However, this management mode lets the employee override the policy and share the data, logging the action to your audit log, accessible through the [Reporting CSP](https://go.microsoft.com/fwlink/p/?LinkID=746459). |
|Silent |WIP runs silently, logging inappropriate data sharing, without blocking anything that would’ve been prompted for employee interaction while in Override mode. Unallowed actions, like apps inappropriately trying to access a network resource or WIP-protected data, are still blocked.|
|Off (not recommended) |WIP is turned off and doesn't help to protect or audit your data.
After you turn off WIP, an attempt is made to decrypt any closed WIP-tagged files on the locally attached drives.|
@@ -446,7 +446,7 @@ There are no default locations included with WIP, you must add each of your netw
After you create and deploy your WIP policy to your employees, Windows will begin to encrypt your corporate data on the employees’ local device drive. If somehow the employees’ local encryption keys get lost or revoked, the encrypted data can become unrecoverable. To help avoid this possibility, the DRA certificate lets Windows use an included public key to encrypt the local data, while you maintain the private key that can unencrypt the data.
- For more info about how to find and export your data recovery certificate, see the [Data Recovery and Encrypting File System (EFS)](http://go.microsoft.com/fwlink/p/?LinkId=761462) topic. For more info about creating and verifying your EFS DRA certificate, see the [Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate](create-and-verify-an-efs-dra-certificate.md).
+ For more info about how to find and export your data recovery certificate, see the [Data Recovery and Encrypting File System (EFS)](https://go.microsoft.com/fwlink/p/?LinkId=761462) topic. For more info about creating and verifying your EFS DRA certificate, see the [Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate](create-and-verify-an-efs-dra-certificate.md).
### Choose your optional WIP-related settings
After you've decided where your protected apps can access enterprise data on your network, you’ll be asked to decide if you want to add any optional WIP settings.
@@ -495,11 +495,11 @@ After you've finished configuring your policy, you can review all of your info o
## Deploy the WIP policy
After you’ve created your WIP policy, you'll need to deploy it to your organization's devices. For info about your deployment options, see these topics:
-- [Operations and Maintenance for Compliance Settings in Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=708224)
-- [How to Create Configuration Baselines for Compliance Settings in Configuration Manager]( http://go.microsoft.com/fwlink/p/?LinkId=708225)
-- [How to Deploy Configuration Baselines in Configuration Manager]( http://go.microsoft.com/fwlink/p/?LinkId=708226)
+- [Operations and Maintenance for Compliance Settings in Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=708224)
+- [How to Create Configuration Baselines for Compliance Settings in Configuration Manager]( https://go.microsoft.com/fwlink/p/?LinkId=708225)
+- [How to Deploy Configuration Baselines in Configuration Manager]( https://go.microsoft.com/fwlink/p/?LinkId=708226)
## Related topics
-- [System Center Configuration Manager and Endpoint Protection (Version 1606)](http://go.microsoft.com/fwlink/p/?LinkId=717372)
-- [TechNet documentation for Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=691623)
-- [Manage mobile devices with Configuration Manager and Microsoft Intune](http://go.microsoft.com/fwlink/p/?LinkId=691624)
\ No newline at end of file
+- [System Center Configuration Manager and Endpoint Protection (Version 1606)](https://go.microsoft.com/fwlink/p/?LinkId=717372)
+- [TechNet documentation for Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=691623)
+- [Manage mobile devices with Configuration Manager and Microsoft Intune](https://go.microsoft.com/fwlink/p/?LinkId=691624)
\ No newline at end of file
diff --git a/windows/keep-secure/credential-guard.md b/windows/keep-secure/credential-guard.md
index dda79a977f..16ffd75334 100644
--- a/windows/keep-secure/credential-guard.md
+++ b/windows/keep-secure/credential-guard.md
@@ -15,7 +15,7 @@ author: brianlic-msft
- Windows 10
- Windows Server 2016
-Introduced in Windows 10 Enterprise, Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them. Unauthorized access to these secrets can lead to credential theft attacks, such as Pass-the-Hash or Pass-The-Ticket. Credential Guard prevents these attacks by protecting NTLM password hashes and Kerberos Ticket Granting Tickets.
+Introduced in Windows 10 Enterprise and Windows Server 2016, Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them. Unauthorized access to these secrets can lead to credential theft attacks, such as Pass-the-Hash or Pass-The-Ticket. Credential Guard prevents these attacks by protecting NTLM password hashes and Kerberos Ticket Granting Tickets.
Credential Guard offers the following features and solutions:
@@ -91,7 +91,7 @@ The PC must meet the following hardware and software requirements to use Credent
TPM 2.0 |
-| Windows 10 version 1511 or later |
+Windows 10 version 1511, Windows Server 2016, or later |
TPM 2.0 or TPM 1.2 |
@@ -114,7 +114,7 @@ The PC must meet the following hardware and software requirements to use Credent
Virtual machine |
-For PCs running Windows 10, version 1607, you can run Credential Guard on a Generation 2 virtual machine. |
+For PCs running Windows 10, version 1607 or Windows Server 2016, you can run Credential Guard on a Generation 2 virtual machine. |
@@ -169,7 +169,7 @@ First, you must add the virtualization-based security features. You can do this
> You can also add these features to an online image by using either DISM or Configuration Manager.
-In Windows 10, version 1607, Isolated User Mode is included with Hyper-V and does not need to be installed separately. If you're running a version of Windows 10 that's earlier than Windows 10, version 1607, you can run the following command to install Isolated User Mode:
+In Windows 10, version 1607 and Windows Server 2016, Isolated User Mode is included with Hyper-V and does not need to be installed separately. If you're running a version of Windows 10 that's earlier than Windows 10, version 1607, you can run the following command to install Isolated User Mode:
``` syntax
dism /image: /Enable-Feature /FeatureName:IsolatedUserMode
@@ -281,16 +281,20 @@ DG_Readiness_Tool_v2.0.ps1 -Ready
- Passwords are still weak so we recommend that your organization deploy Credential Guard and move away from passwords and to other authentication methods, such as physical smart cards, virtual smart cards, Microsoft Passport, or Microsoft Passport for Work.
- Some 3rd party Security Support Providers (SSPs and APs) might not be compatible with Credential Guard. Credential Guard does not allow 3rd party SSPs to ask for password hashes from LSA. However, SSPs and APs still get notified of the password when a user logs on and/or changes their password. Any use of undocumented APIs within custom SSPs and APs are not supported. We recommend that custom implementations of SSPs/APs are tested against Credential Guard to ensure that the SSPs and APs do not depend on any undocumented or unsupported behaviors. For example, using the KerbQuerySupplementalCredentialsMessage API is not supported. You should not replace the NTLM or Kerberos SSPs with custom SSPs and APs. For more info, see [Restrictions around Registering and Installing a Security Package](http://msdn.microsoft.com/library/windows/desktop/dn865014.aspx) on MSDN.
- As the depth and breadth of protections provided by Credential Guard are increased, subsequent releases of Windows 10 with Credential Guard running may impact scenarios that were working in the past. For example, Credential Guard may block the use of a particular type of credential or a particular component to prevent malwar efrom taking advantage of vulnerabilities. Therefore, we recommend that scenarios required for operations in an organization are tested before upgrading a device that has Credential Guard running.
-- If you are using Wi-Fi and VPN end points that are based on MS-CHAPv2, they are subject to similar attacks as NTLMv1. We recommend that organizations use certificated-based authentication for Wi-Fi and VPN connections.
+
- Starting with Windows 10, version 1511, domain credentials that are stored with Credential Manager are protected with Credential Guard. Credential Manager allows you to store credentials, such as user names and passwords that you use to log on to websites or other computers on a network. The following considerations apply to the Credential Guard protections for Credential Manager:
- Credentials saved by Remote Desktop Services cannot be used to remotely connect to another machine without supplying the password. Attempts to use saved credentials will fail, displaying the error message "Logon attempt failed".
- Applications that extract derived domain credentials from Credential Manager will no longer be able to use those credentials.
- You cannot restore credentials using the Credential Manager control panel if the credentials were backed up from a PC that has Credential Guard turned on. If you need to back up your credentials, you must do this before you enable Credential Guard. Otherwise, you won't be able to restore those credentials.
- Credential Guard uses hardware security so some features, such as Windows To Go, are not supported.
+### NTLM & CHAP Considerations
+
+When you enable Credential Guard, you can no longer use NTLM v1 authetnication. If you are using Wi-Fi and VPN end points that are based on MS-CHAPv2, they are subject to similar attacks as NTLMv1. We recommend that organizations use certificated-based authentication for Wi-Fi and VPN connections.
+-
### Kerberos Considerations
-When you enable Credential Guard, you can no longer use Kerberos unconstrained delegation. Unconstrained delegation could allow attackers to extract Kerberos keys from the isolated LSA process. You must use constrained or resource-based Kerberos delegation instead.
+When you enable Credential Guard, you can no longer use Kerberos unconstrained delegation or DES encryption. Unconstrained delegation could allow attackers to extract Kerberos keys from the isolated LSA process. You must use constrained or resource-based Kerberos delegation instead.
## Scenarios not protected by Credential Guard
diff --git a/windows/keep-secure/deploy-applocker-policies-by-using-the-enforce-rules-setting.md b/windows/keep-secure/deploy-applocker-policies-by-using-the-enforce-rules-setting.md
index b5ecdf6702..0e2faeb18c 100644
--- a/windows/keep-secure/deploy-applocker-policies-by-using-the-enforce-rules-setting.md
+++ b/windows/keep-secure/deploy-applocker-policies-by-using-the-enforce-rules-setting.md
@@ -35,7 +35,7 @@ Rule enforcement is applied only to a collection of rules, not to individual rul
## Step 3: Update the policy
-You can edit an AppLocker policy by adding, changing, or removing rules. However, you cannot specify a version for the AppLocker policy by importing additional rules. To ensure version control when modifying an AppLocker policy, use Group Policy management software that allows you to create versions of GPOs. An example of this type of software is the [Advanced Group Policy Management](http://go.microsoft.com/fwlink/p/?LinkId=145013) feature from the
+You can edit an AppLocker policy by adding, changing, or removing rules. However, you cannot specify a version for the AppLocker policy by importing additional rules. To ensure version control when modifying an AppLocker policy, use Group Policy management software that allows you to create versions of GPOs. An example of this type of software is the [Advanced Group Policy Management](https://go.microsoft.com/fwlink/p/?LinkId=145013) feature from the
Microsoft Desktop Optimization Pack.
>**Caution:** You should not edit an AppLocker rule collection while it is being enforced in Group Policy. Because AppLocker controls what files are allowed to run, making changes to a live policy can create unexpected behavior.
diff --git a/windows/keep-secure/enlightened-microsoft-apps-and-wip.md b/windows/keep-secure/enlightened-microsoft-apps-and-wip.md
index 99a69f1d26..353acce55b 100644
--- a/windows/keep-secure/enlightened-microsoft-apps-and-wip.md
+++ b/windows/keep-secure/enlightened-microsoft-apps-and-wip.md
@@ -44,7 +44,7 @@ Microsoft has made a concerted effort to enlighten several of our more popular a
- Microsoft Photos
-- Microsoft OneDrive
+
- Groove Music
@@ -70,8 +70,8 @@ You can add any or all of the enlightened Microsoft apps to your allowed apps li
|OneNote |**Publisher:** `CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`
**Product Name:** Microsoft.Office.OneNote
**App Type:** Universal app |
|Outlook Mail and Calendar |**Publisher:** `CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`
**Product Name:** microsoft.windowscommunicationsapps
**App Type:** Universal app |
|Microsoft Photos |**Publisher:** `CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`
**Product Name:** Microsoft.Windows.Photos
**App Type:** Universal app |
-|Microsoft OneDrive |**Publisher:** `CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`
**Product Name:** microsoft.microsoftskydrive
**App Type:** Universal app |
|Groove Music |**Publisher:** `CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`
**Product Name:** Microsoft.ZuneMusic
**App Type:** Universal app |
+|Microsoft OneDrive |**Publisher:** `O=Microsoft Corporation, L=Redmond, S=Washington, C=US`
**Product Name:** onedrive.exe
**App Type:** Desktop app|
|Notepad |**Publisher:** `O=Microsoft Corporation, L=Redmond, S=Washington, C=US`
**Product Name:** notepad.exe
**App Type:** Desktop app |
|Microsoft Paint |**Publisher:** `O=Microsoft Corporation, L=Redmond, S=Washington, C=US`
**Product Name:** mspaint.exe
**App Type:** Desktop app |
|Microsoft Movies & TV |**Publisher:** `CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`
**Product Name:** Microsoft.ZuneVideo
**App Type:** Universal app |
diff --git a/windows/keep-secure/event-4706.md b/windows/keep-secure/event-4706.md
index 936468b4c3..8681185c08 100644
--- a/windows/keep-secure/event-4706.md
+++ b/windows/keep-secure/event-4706.md
@@ -108,7 +108,7 @@ This event is generated only on domain controllers.
|-------|------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| 1 | TRUST\_TYPE\_DOWNLEVEL | The domain controller of the trusted domain is a computer running an operating system earlier than Windows 2000. |
| 2 | TRUST\_TYPE\_UPLEVEL | The domain controller of the trusted domain is a computer running Windows 2000 or later. |
-| 3 | TRUST\_TYPE\_MIT | The trusted domain is running a non-Windows, RFC4120-compliant Kerberos distribution. This type of trust is distinguished in that (1) a [SID](https://msdn.microsoft.com/en-us/library/cc223126.aspx#gt_83f2020d-0804-4840-a5ac-e06439d50f8d) is not required for the [TDO](https://msdn.microsoft.com/en-us/library/cc223126.aspx#gt_f2ceef4e-999b-4276-84cd-2e2829de5fc4), and (2) the default key types include the DES-CBC and DES-CRC encryption types (see [\[RFC4120\]](http://go.microsoft.com/fwlink/?LinkId=90458) section 8.1). |
+| 3 | TRUST\_TYPE\_MIT | The trusted domain is running a non-Windows, RFC4120-compliant Kerberos distribution. This type of trust is distinguished in that (1) a [SID](https://msdn.microsoft.com/en-us/library/cc223126.aspx#gt_83f2020d-0804-4840-a5ac-e06439d50f8d) is not required for the [TDO](https://msdn.microsoft.com/en-us/library/cc223126.aspx#gt_f2ceef4e-999b-4276-84cd-2e2829de5fc4), and (2) the default key types include the DES-CBC and DES-CRC encryption types (see [\[RFC4120\]](https://go.microsoft.com/fwlink/?LinkId=90458) section 8.1). |
| 4 | TRUST\_TYPE\_DCE | The trusted domain is a DCE realm. Historical reference, this value is not used in Windows. |
- **Trust Direction** \[Type = UInt32\]**:** the direction of new trust. The following table contains possible values for this field:
@@ -131,7 +131,7 @@ This event is generated only on domain controllers.
| 0x10 | TRUST\_ATTRIBUTE\_CROSS\_ORGANIZATION | If this bit is set, then the trust is to a domain or forest that is not part of the [organization](https://msdn.microsoft.com/en-us/library/cc223126.aspx#gt_6fae7775-5232-4206-b452-f298546ab54f). The behavior controlled by this bit is explained in [\[MS-KILE\]](https://msdn.microsoft.com/en-us/library/cc233855.aspx) section [3.3.5.7.5](https://msdn.microsoft.com/en-us/library/cc233949.aspx) and [\[MS-APDS\]](https://msdn.microsoft.com/en-us/library/cc223948.aspx) section [3.1.5](https://msdn.microsoft.com/en-us/library/cc223991.aspx).
Only evaluated on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016.
Can only be set if forest and trusted forest are running in a forest functional level of DS\_BEHAVIOR\_WIN2003 or greater. |
| 0x20 | TRUST\_ATTRIBUTE\_WITHIN\_FOREST | If this bit is set, then the trusted domain is within the same forest.
Only evaluated on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016. |
| 0x40 | TRUST\_ATTRIBUTE\_TREAT\_AS\_EXTERNAL | If this bit is set, then a cross-forest trust to a domain is to be treated as an external trust for the purposes of SID Filtering. Cross-forest trusts are more stringently [filtered](https://msdn.microsoft.com/en-us/library/cc223126.aspx#gt_ffbe7b55-8e84-4f41-a18d-fc29191a4cda) than external trusts. This attribute relaxes those cross-forest trusts to be equivalent to external trusts. For more information on how each trust type is filtered, see [\[MS-PAC\]](https://msdn.microsoft.com/en-us/library/cc237917.aspx) section 4.1.2.2.
Only evaluated on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016.
Only evaluated if SID Filtering is used.
Only evaluated on cross-forest trusts having TRUST\_ATTRIBUTE\_FOREST\_TRANSITIVE.
Can only be set if forest and trusted forest are running in a forest functional level of DS\_BEHAVIOR\_WIN2003 or greater. |
-| 0x80 | TRUST\_ATTRIBUTE\_USES\_RC4\_ENCRYPTION | This bit is set on trusts with the [trustType](https://msdn.microsoft.com/en-us/library/cc220955.aspx) set to TRUST\_TYPE\_MIT, which are capable of using RC4 keys. Historically, MIT Kerberos distributions supported only DES and 3DES keys ([\[RFC4120\]](http://go.microsoft.com/fwlink/?LinkId=90458), [\[RFC3961\]](http://go.microsoft.com/fwlink/?LinkId=90450)). MIT 1.4.1 adopted the RC4HMAC encryption type common to Windows 2000 [\[MS-KILE\]](https://msdn.microsoft.com/en-us/library/cc233855.aspx), so trusted domains deploying later versions of the MIT distribution required this bit. For more information, see "Keys and Trusts", section [6.1.6.9.1](https://msdn.microsoft.com/en-us/library/cc223782.aspx).
Only evaluated on TRUST\_TYPE\_MIT |
+| 0x80 | TRUST\_ATTRIBUTE\_USES\_RC4\_ENCRYPTION | This bit is set on trusts with the [trustType](https://msdn.microsoft.com/en-us/library/cc220955.aspx) set to TRUST\_TYPE\_MIT, which are capable of using RC4 keys. Historically, MIT Kerberos distributions supported only DES and 3DES keys ([\[RFC4120\]](https://go.microsoft.com/fwlink/?LinkId=90458), [\[RFC3961\]](https://go.microsoft.com/fwlink/?LinkId=90450)). MIT 1.4.1 adopted the RC4HMAC encryption type common to Windows 2000 [\[MS-KILE\]](https://msdn.microsoft.com/en-us/library/cc233855.aspx), so trusted domains deploying later versions of the MIT distribution required this bit. For more information, see "Keys and Trusts", section [6.1.6.9.1](https://msdn.microsoft.com/en-us/library/cc223782.aspx).
Only evaluated on TRUST\_TYPE\_MIT |
| 0x200 | TRUST\_ATTRIBUTE\_CROSS\_ORGANIZATION\_NO\_TGT\_DELEGATION | If this bit is set, tickets granted under this trust MUST NOT be trusted for delegation. The behavior controlled by this bit is as specified in [\[MS-KILE\]](https://msdn.microsoft.com/en-us/library/cc233855.aspx) section 3.3.5.7.5.
Only supported on Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016. |
| 0x400 | TRUST\_ATTRIBUTE\_PIM\_TRUST | If this bit and the TATE bit are set, then a cross-forest trust to a domain is to be treated as Privileged Identity Management trust for the purposes of SID Filtering. For more information on how each trust type is filtered, see [\[MS-PAC\]](https://msdn.microsoft.com/en-us/library/cc237917.aspx) section 4.1.2.2.
Evaluated only on Windows Server 2016
Evaluated only if SID Filtering is used.
Evaluated only on cross-forest trusts having TRUST\_ATTRIBUTE\_FOREST\_TRANSITIVE.
Can be set only if the forest and the trusted forest are running in a forest functional level of DS\_BEHAVIOR\_WINTHRESHOLD or greater. |
diff --git a/windows/keep-secure/event-4716.md b/windows/keep-secure/event-4716.md
index 65ea86275d..6f8731a019 100644
--- a/windows/keep-secure/event-4716.md
+++ b/windows/keep-secure/event-4716.md
@@ -108,7 +108,7 @@ This event is generated only on domain controllers.
|-------|------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| 1 | TRUST\_TYPE\_DOWNLEVEL | The domain controller of the trusted domain is a computer running an operating system earlier than Windows 2000. |
| 2 | TRUST\_TYPE\_UPLEVEL | The domain controller of the trusted domain is a computer running Windows 2000 or later. |
-| 3 | TRUST\_TYPE\_MIT | The trusted domain is running a non-Windows, RFC4120-compliant Kerberos distribution. This type of trust is distinguished in that (1) a [SID](https://msdn.microsoft.com/en-us/library/cc223126.aspx#gt_83f2020d-0804-4840-a5ac-e06439d50f8d) is not required for the [TDO](https://msdn.microsoft.com/en-us/library/cc223126.aspx#gt_f2ceef4e-999b-4276-84cd-2e2829de5fc4), and (2) the default key types include the DES-CBC and DES-CRC encryption types (see [\[RFC4120\]](http://go.microsoft.com/fwlink/?LinkId=90458) section 8.1). |
+| 3 | TRUST\_TYPE\_MIT | The trusted domain is running a non-Windows, RFC4120-compliant Kerberos distribution. This type of trust is distinguished in that (1) a [SID](https://msdn.microsoft.com/en-us/library/cc223126.aspx#gt_83f2020d-0804-4840-a5ac-e06439d50f8d) is not required for the [TDO](https://msdn.microsoft.com/en-us/library/cc223126.aspx#gt_f2ceef4e-999b-4276-84cd-2e2829de5fc4), and (2) the default key types include the DES-CBC and DES-CRC encryption types (see [\[RFC4120\]](https://go.microsoft.com/fwlink/?LinkId=90458) section 8.1). |
| 4 | TRUST\_TYPE\_DCE | The trusted domain is a DCE realm. Historical reference, this value is not used in Windows. |
- **Trust Direction** \[Type = UInt32\]**:** the direction of new trust. If this attribute was not changed, then it will have “**-**“ value or its old value. The following table contains possible values for this field:
@@ -131,7 +131,7 @@ This event is generated only on domain controllers.
| 0x10 | TRUST\_ATTRIBUTE\_CROSS\_ORGANIZATION | If this bit is set, then the trust is to a domain or forest that is not part of the [organization](https://msdn.microsoft.com/en-us/library/cc223126.aspx#gt_6fae7775-5232-4206-b452-f298546ab54f). The behavior controlled by this bit is explained in [\[MS-KILE\]](https://msdn.microsoft.com/en-us/library/cc233855.aspx) section [3.3.5.7.5](https://msdn.microsoft.com/en-us/library/cc233949.aspx) and [\[MS-APDS\]](https://msdn.microsoft.com/en-us/library/cc223948.aspx) section [3.1.5](https://msdn.microsoft.com/en-us/library/cc223991.aspx).
Only evaluated on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016.
Can only be set if forest and trusted forest are running in a forest functional level of DS\_BEHAVIOR\_WIN2003 or greater. |
| 0x20 | TRUST\_ATTRIBUTE\_WITHIN\_FOREST | If this bit is set, then the trusted domain is within the same forest.
Only evaluated on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016. |
| 0x40 | TRUST\_ATTRIBUTE\_TREAT\_AS\_EXTERNAL | If this bit is set, then a cross-forest trust to a domain is to be treated as an external trust for the purposes of SID Filtering. Cross-forest trusts are more stringently [filtered](https://msdn.microsoft.com/en-us/library/cc223126.aspx#gt_ffbe7b55-8e84-4f41-a18d-fc29191a4cda) than external trusts. This attribute relaxes those cross-forest trusts to be equivalent to external trusts. For more information on how each trust type is filtered, see [\[MS-PAC\]](https://msdn.microsoft.com/en-us/library/cc237917.aspx) section 4.1.2.2.
Only evaluated on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016.
Only evaluated if SID Filtering is used.
Only evaluated on cross-forest trusts having TRUST\_ATTRIBUTE\_FOREST\_TRANSITIVE.
Can only be set if forest and trusted forest are running in a forest functional level of DS\_BEHAVIOR\_WIN2003 or greater. |
-| 0x80 | TRUST\_ATTRIBUTE\_USES\_RC4\_ENCRYPTION | This bit is set on trusts with the [trustType](https://msdn.microsoft.com/en-us/library/cc220955.aspx) set to TRUST\_TYPE\_MIT, which are capable of using RC4 keys. Historically, MIT Kerberos distributions supported only DES and 3DES keys ([\[RFC4120\]](http://go.microsoft.com/fwlink/?LinkId=90458), [\[RFC3961\]](http://go.microsoft.com/fwlink/?LinkId=90450)). MIT 1.4.1 adopted the RC4HMAC encryption type common to Windows 2000 [\[MS-KILE\]](https://msdn.microsoft.com/en-us/library/cc233855.aspx), so trusted domains deploying later versions of the MIT distribution required this bit. For more information, see "Keys and Trusts", section [6.1.6.9.1](https://msdn.microsoft.com/en-us/library/cc223782.aspx).
Only evaluated on TRUST\_TYPE\_MIT |
+| 0x80 | TRUST\_ATTRIBUTE\_USES\_RC4\_ENCRYPTION | This bit is set on trusts with the [trustType](https://msdn.microsoft.com/en-us/library/cc220955.aspx) set to TRUST\_TYPE\_MIT, which are capable of using RC4 keys. Historically, MIT Kerberos distributions supported only DES and 3DES keys ([\[RFC4120\]](https://go.microsoft.com/fwlink/?LinkId=90458), [\[RFC3961\]](https://go.microsoft.com/fwlink/?LinkId=90450)). MIT 1.4.1 adopted the RC4HMAC encryption type common to Windows 2000 [\[MS-KILE\]](https://msdn.microsoft.com/en-us/library/cc233855.aspx), so trusted domains deploying later versions of the MIT distribution required this bit. For more information, see "Keys and Trusts", section [6.1.6.9.1](https://msdn.microsoft.com/en-us/library/cc223782.aspx).
Only evaluated on TRUST\_TYPE\_MIT |
| 0x200 | TRUST\_ATTRIBUTE\_CROSS\_ORGANIZATION\_NO\_TGT\_DELEGATION | If this bit is set, tickets granted under this trust MUST NOT be trusted for delegation. The behavior controlled by this bit is as specified in [\[MS-KILE\]](https://msdn.microsoft.com/en-us/library/cc233855.aspx) section 3.3.5.7.5.
Only supported on Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016. |
| 0x400 | TRUST\_ATTRIBUTE\_PIM\_TRUST | If this bit and the TATE bit are set, then a cross-forest trust to a domain is to be treated as Privileged Identity Management trust for the purposes of SID Filtering. For more information on how each trust type is filtered, see [\[MS-PAC\]](https://msdn.microsoft.com/en-us/library/cc237917.aspx) section 4.1.2.2.
Evaluated only on Windows Server 2016
Evaluated only if SID Filtering is used.
Evaluated only on cross-forest trusts having TRUST\_ATTRIBUTE\_FOREST\_TRANSITIVE.
Can be set only if the forest and the trusted forest are running in a forest functional level of DS\_BEHAVIOR\_WINTHRESHOLD or greater. |
diff --git a/windows/keep-secure/event-4826.md b/windows/keep-secure/event-4826.md
index 989ba1f6e1..c8213b2290 100644
--- a/windows/keep-secure/event-4826.md
+++ b/windows/keep-secure/event-4826.md
@@ -118,7 +118,7 @@ This event is always logged regardless of the "Audit Other Policy Change Events"
- **HyperVisor Load Options** \[Type = UnicodeString\]**:** shows hypervisor **loadoptions**. See more information here: .
-- **HyperVisor Launch Type** \[Type = UnicodeString\]**:** shows the hypervisor launch options (**Off** or **Auto**). If you are setting up a debugger to debug Hyper-V on a target computer, set this option to **Auto** on the target computer. For more information, see [Attaching to a Target Computer Running Hyper-V](https://msdn.microsoft.com/en-us/library/windows/hardware/ff538138(v=vs.85).aspx). Information about [Hyper-V](http://go.microsoft.com/fwlink/p/?linkid=271817) technology is available on Microsoft TechNet web site.
+- **HyperVisor Launch Type** \[Type = UnicodeString\]**:** shows the hypervisor launch options (**Off** or **Auto**). If you are setting up a debugger to debug Hyper-V on a target computer, set this option to **Auto** on the target computer. For more information, see [Attaching to a Target Computer Running Hyper-V](https://msdn.microsoft.com/en-us/library/windows/hardware/ff538138(v=vs.85).aspx). Information about [Hyper-V](https://go.microsoft.com/fwlink/p/?linkid=271817) technology is available on Microsoft TechNet web site.
- **HyperVisor Debugging** \[Type = UnicodeString\]**:** shows whether the hypervisor debugger is enabled or not (**Yes** or **No**). For information about hypervisor debugging, see [Attaching to a Target Computer Running Hyper-V](https://msdn.microsoft.com/en-us/library/windows/hardware/ff538138(v=vs.85).aspx).
diff --git a/windows/keep-secure/gathering-information-about-your-devices.md b/windows/keep-secure/gathering-information-about-your-devices.md
index 7f4692a95a..3643e51814 100644
--- a/windows/keep-secure/gathering-information-about-your-devices.md
+++ b/windows/keep-secure/gathering-information-about-your-devices.md
@@ -45,7 +45,7 @@ Using an automated auditing network management system provides valuable informat
The biggest difference between manual discovery methods and automated methods is time.
-You can use Windows PowerShell to create a script file that can collect the system configuration information. For more information, see [Windows PowerShell Scripting](http://go.microsoft.com/fwlink/?linkid=110413).
+You can use Windows PowerShell to create a script file that can collect the system configuration information. For more information, see [Windows PowerShell Scripting](https://go.microsoft.com/fwlink/?linkid=110413).
Whether you use an automatic, manual, or hybrid option to gather the information, one of the biggest issues that can cause problems to the design is capturing the changes between the original inventory scan and the point at which the implementation is ready to start. After the first scan has been completed, make support staff aware that all additional changes must be recorded and the updates noted in the inventory.
diff --git a/windows/keep-secure/gathering-other-relevant-information.md b/windows/keep-secure/gathering-other-relevant-information.md
index 83ee00960a..85e9be98dc 100644
--- a/windows/keep-secure/gathering-other-relevant-information.md
+++ b/windows/keep-secure/gathering-other-relevant-information.md
@@ -52,7 +52,7 @@ In some cases, IPsec-secured traffic might have to pass through a router, perime
In the case of a filtering router or a firewall, you must configure these devices to allow IPsec traffic to be forwarded. Configure the firewall to allow IPsec traffic on UDP source and destination port 500 (IKE), UDP source and destination port 4500 (IPsec NAT-T), and IP Protocol 50 (ESP). You might also have to configure the firewall to allow IPsec traffic on IP protocol 51 (AH) to allow troubleshooting by IPsec administrators and to allow the IPsec traffic to be inspected.
-For more info, see [How to Enable IPsec Traffic Through a Firewall](http://go.microsoft.com/fwlink/?LinkId=45085).
+For more info, see [How to Enable IPsec Traffic Through a Firewall](https://go.microsoft.com/fwlink/?LinkId=45085).
## Network load balancing and server clusters
diff --git a/windows/keep-secure/guidance-and-best-practices-wip.md b/windows/keep-secure/guidance-and-best-practices-wip.md
index ae142779a5..b64a82a6e0 100644
--- a/windows/keep-secure/guidance-and-best-practices-wip.md
+++ b/windows/keep-secure/guidance-and-best-practices-wip.md
@@ -23,6 +23,6 @@ This section includes info about the enlightened Microsoft apps, including how t
|Topic |Description |
|------|------------|
|[Windows Information Protection (WIP) overview](wip-enterprise-overview.md) |High-level overview info about why to use WIP, the enterprise scenarios, and how to turn it off. |
-|[Mandatory settings for Windows Information Protection (WIP)](mandatory-settings-for-wip.md) |A list of all of the tasks and settings that are required for the operating system to turn on Windows Information Protection (WIP), formerly known as Windows Information Protection (WIP), in your enterprise. |
+|[Mandatory settings for Windows Information Protection (WIP)](mandatory-settings-for-wip.md) |A list of all of the tasks and settings that are required for the operating system to turn on Windows Information Protection (WIP), formerly known as enterprise data protection (EDP), in your enterprise. |
|[Enlightened apps for use with Windows Information Protection (WIP)](enlightened-microsoft-apps-and-wip.md) |Learn the difference between enlightened and unenlightened apps, and then review the list of enlightened apps provided by Microsoft along with the text you will need to use to add them to your allowed apps list. |
|[Testing scenarios for Windows Information Protection (WIP)](testing-scenarios-for-wip.md) |We've come up with a list of suggested testing scenarios that you can use to test WIP in your company. |
\ No newline at end of file
diff --git a/windows/keep-secure/images/security-fig2-vbsarchitecture-redo.png b/windows/keep-secure/images/security-fig2-vbsarchitecture-redo.png
new file mode 100644
index 0000000000..6bcddd364a
Binary files /dev/null and b/windows/keep-secure/images/security-fig2-vbsarchitecture-redo.png differ
diff --git a/windows/keep-secure/implement-microsoft-passport-in-your-organization.md b/windows/keep-secure/implement-microsoft-passport-in-your-organization.md
index 81fc6fa6e2..23ecf47c6e 100644
--- a/windows/keep-secure/implement-microsoft-passport-in-your-organization.md
+++ b/windows/keep-secure/implement-microsoft-passport-in-your-organization.md
@@ -143,7 +143,11 @@ The following table lists the Group Policy settings that you can configure for H
## MDM policy settings for Windows Hello for Business
-The following table lists the MDM policy settings that you can configure for Windows Hello for Business use in your workplace. These MDM policy settings use the [PassportForWork configuration service provider (CSP)](http://go.microsoft.com/fwlink/p/?LinkId=692070).
+The following table lists the MDM policy settings that you can configure for Windows Hello for Business use in your workplace. These MDM policy settings use the [PassportForWork configuration service provider (CSP)](https://go.microsoft.com/fwlink/p/?LinkId=692070).
+
+>[!IMPORTANT]
+>Starting in Windows 10, version 1607, all devices only have one PIN associated with Windows Hello for Business. This means that any PIN on a device will be subject to the policies specified in the PassportForWork CSP. The values specified take precedence over any complexity rules set via Exchange ActiveSync (EAS) or the DeviceLock CSP.
+
| Policy |
@@ -319,7 +323,7 @@ You’ll need this software to set Windows Hello for Business policies in your e
- Azure AD subscription
-- [Azure AD Connect](http://go.microsoft.com/fwlink/p/?LinkId=616792)
+- [Azure AD Connect](https://go.microsoft.com/fwlink/p/?LinkId=616792)
- A few Windows Server 2016 domain controllers on-site
- A management solution, such as Configuration Manager, Group Policy, or MDM
- Active Directory Certificate Services (AD CS) without Network Device Enrollment Service (NDES)
@@ -340,7 +344,7 @@ You’ll need this software to set Windows Hello for Business policies in your e
|
- Azure AD subscription
-- [Azure AD Connect](http://go.microsoft.com/fwlink/p/?LinkId=616792)
+- [Azure AD Connect](https://go.microsoft.com/fwlink/p/?LinkId=616792)
- AD CS with NDES
- Configuration Manager for domain-joined certificate enrollment, or InTune for non-domain-joined devices, or a non-Microsoft MDM service that supports Passport for Work
|
@@ -357,7 +361,7 @@ Azure AD provides the ability to register devices with your enterprise and to pr
Windows Hello can be managed on personal devices that your employees use for work purposes using MDM. On personal devices, users can create a personal Windows Hello PIN for unlocking the device and used this PIN for access to work resources.
-The PIN is managed using the same Windows Hello for Business policies that you can use to manage Windows Hello for Business on organization-owned devices. The PIN can also be managed using DeviceLock policy. DeviceLock policy can be used to control length, complexity, history, and expiration requirements and can be configured using the [Policy configuration service provider](http://go.microsoft.com/fwlink/p/?LinkID=623244).
+The PIN is managed using the same Windows Hello for Business policies that you can use to manage Windows Hello for Business on organization-owned devices. The PIN can also be managed using DeviceLock policy. DeviceLock policy can be used to control length, complexity, history, and expiration requirements and can be configured using the [Policy configuration service provider](https://go.microsoft.com/fwlink/p/?LinkID=623244).
## Related topics
diff --git a/windows/keep-secure/installing-digital-certificates-on-windows-10-mobile.md b/windows/keep-secure/installing-digital-certificates-on-windows-10-mobile.md
index 575bf12fee..11d5fe781d 100644
--- a/windows/keep-secure/installing-digital-certificates-on-windows-10-mobile.md
+++ b/windows/keep-secure/installing-digital-certificates-on-windows-10-mobile.md
@@ -25,7 +25,7 @@ Certificates in Windows 10 Mobile are primarily used for the following purposes
**Warning**
-In Windows 10, Version 1607, if you have multiple certificates provisioned on the device and the Wi-Fi profile provisioned does not have a strict filtering criteria, you may see connection failures when connecting to Wi-Fi. [Learn more about this known issue in Version 1607](http://go.microsoft.com/fwlink/p/?LinkId=786764)
+In Windows 10, Version 1607, if you have multiple certificates provisioned on the device and the Wi-Fi profile provisioned does not have a strict filtering criteria, you may see connection failures when connecting to Wi-Fi. [Learn more about this known issue in Version 1607](https://go.microsoft.com/fwlink/p/?LinkId=786764)
## Install certificates using Microsoft Edge
@@ -38,7 +38,7 @@ The Windows 10 Mobile certificate installer supports .cer, .p7b, .pem, and .pfx
## Install certificates using mobile device management (MDM)
Windows 10 Mobile supports root, CA, and client certificate to be configured via MDM. Using MDM, an administrator can directly add, delete, or query root and CA certificates, and configure the device to enroll a client certificate with a certificate enrollment server that supports Simple Certificate Enrollment Protocol (SCEP). SCEP enrolled client certificates are used by Wi-Fi, VPN, email, and browser for certificate-based client authentication. An MDM server can also query and delete SCEP enrolled client certificate (including user installed certificates), or trigger a new enrollment request before the current certificate is expired.
-> **Warning:** Do not use SCEP for encryption certificates for S/MIME. You must use a PFX certificate profile to support S/MIME on Windows 10 Mobile. For instructions on creating a PFX certificate profile in Microsoft Intune, see [Enable access to company resources using certificate profiles with Microsoft Intune](http://go.microsoft.com/fwlink/p/?LinkID=718216).
+> **Warning:** Do not use SCEP for encryption certificates for S/MIME. You must use a PFX certificate profile to support S/MIME on Windows 10 Mobile. For instructions on creating a PFX certificate profile in Microsoft Intune, see [Enable access to company resources using certificate profiles with Microsoft Intune](https://go.microsoft.com/fwlink/p/?LinkID=718216).
**Process of installing certificates using MDM**
diff --git a/windows/keep-secure/manage-identity-verification-using-microsoft-passport.md b/windows/keep-secure/manage-identity-verification-using-microsoft-passport.md
index 30bcc08dfa..71b7ad88c9 100644
--- a/windows/keep-secure/manage-identity-verification-using-microsoft-passport.md
+++ b/windows/keep-secure/manage-identity-verification-using-microsoft-passport.md
@@ -24,14 +24,14 @@ In Windows 10, Windows Hello for Business replaces passwords with strong two-fa
Hello addresses the following problems with passwords:
- Passwords can be difficult to remember, and users often reuse passwords on multiple sites.
- Server breaches can expose symmetric network credentials.
-- Passwords can be subject to [replay attacks](http://go.microsoft.com/fwlink/p/?LinkId=615673).
-- Users can inadvertently expose their passwords due to [phishing attacks](http://go.microsoft.com/fwlink/p/?LinkId=615674).
+- Passwords can be subject to [replay attacks](https://go.microsoft.com/fwlink/p/?LinkId=615673).
+- Users can inadvertently expose their passwords due to [phishing attacks](https://go.microsoft.com/fwlink/p/?LinkId=615674).
Hello lets users authenticate to:
- a Microsoft account.
- an Active Directory account.
- a Microsoft Azure Active Directory (Azure AD) account.
-- Identity Provider Services or Relying Party Services that support [Fast ID Online (FIDO) v2.0](http://go.microsoft.com/fwlink/p/?LinkId=533889) authentication
+- Identity Provider Services or Relying Party Services that support [Fast ID Online (FIDO) v2.0](https://go.microsoft.com/fwlink/p/?LinkId=533889) authentication
After an initial two-step verification of the user during enrollment, Hello is set up on the user's device and the user is asked to set a gesture, which can be a biometric, such as a fingerprint, or a PIN. The user provides the gesture to verify their identity. Windows then uses Hello to authenticate users and help them to access protected resources and services.
@@ -91,21 +91,21 @@ When identity providers such as Active Directory or Azure AD enroll a certificat
## Learn more
-[Introduction to Windows Hello](http://go.microsoft.com/fwlink/p/?LinkId=786649), video presentation on Microsoft Virtual Academy
+[Introduction to Windows Hello](https://go.microsoft.com/fwlink/p/?LinkId=786649), video presentation on Microsoft Virtual Academy
-[What's new in Active Directory Domain Services (AD DS) in Windows Server Technical Preview](http://go.microsoft.com/fwlink/p/?LinkId=708533)
+[What's new in Active Directory Domain Services (AD DS) in Windows Server Technical Preview](https://go.microsoft.com/fwlink/p/?LinkId=708533)
-[Windows Hello face authentication](http://go.microsoft.com/fwlink/p/?LinkId=626024)
+[Windows Hello face authentication](https://go.microsoft.com/fwlink/p/?LinkId=626024)
-[Biometrics hardware guidelines](http://go.microsoft.com/fwlink/p/?LinkId=626995)
+[Biometrics hardware guidelines](https://go.microsoft.com/fwlink/p/?LinkId=626995)
-[Windows 10: Disrupting the Revolution of Cyber-Threats with Revolutionary Security!](http://go.microsoft.com/fwlink/p/?LinkId=533890)
+[Windows 10: Disrupting the Revolution of Cyber-Threats with Revolutionary Security!](https://go.microsoft.com/fwlink/p/?LinkId=533890)
-[Windows 10: The End Game for Passwords and Credential Theft?](http://go.microsoft.com/fwlink/p/?LinkId=533891)
+[Windows 10: The End Game for Passwords and Credential Theft?](https://go.microsoft.com/fwlink/p/?LinkId=533891)
-[Authenticating identities without passwords through Microsoft Passport](http://go.microsoft.com/fwlink/p/?LinkId=616778)
+[Authenticating identities without passwords through Microsoft Passport](https://go.microsoft.com/fwlink/p/?LinkId=616778)
-[Microsoft Passport guide](http://go.microsoft.com/fwlink/p/?LinkId=691928)
+[Microsoft Passport guide](https://go.microsoft.com/fwlink/p/?LinkId=691928)
## Related topics
diff --git a/windows/keep-secure/manage-tpm-commands.md b/windows/keep-secure/manage-tpm-commands.md
index 0620207ec5..c4b6611da4 100644
--- a/windows/keep-secure/manage-tpm-commands.md
+++ b/windows/keep-secure/manage-tpm-commands.md
@@ -40,7 +40,7 @@ The following procedures describe how to manage the TPM command lists. You must
5. Click **Enabled**, and then click **Show**.
6. For each command that you want to block, click **Add**, enter the command number, and then click **OK**.
- >**Note:** For a list of commands, see the [Trusted Platform Module (TPM) Specifications](http://go.microsoft.com/fwlink/p/?linkid=139770).
+ >**Note:** For a list of commands, see the [Trusted Platform Module (TPM) Specifications](https://go.microsoft.com/fwlink/p/?linkid=139770).
7. After you have added numbers for each command that you want to block, click **OK** twice.
8. Close the Local Group Policy Editor.
diff --git a/windows/keep-secure/microsoft-passport-errors-during-pin-creation.md b/windows/keep-secure/microsoft-passport-errors-during-pin-creation.md
index 8f3d731281..3e4fbfbedf 100644
--- a/windows/keep-secure/microsoft-passport-errors-during-pin-creation.md
+++ b/windows/keep-secure/microsoft-passport-errors-during-pin-creation.md
@@ -31,8 +31,8 @@ When a user encounters an error when creating the work PIN, advise the user to t
1. Try to create the PIN again. Some errors are transient and resolve themselves.
2. Sign out, sign in, and try to create the PIN again.
3. Reboot the device and then try to create the PIN again.
-4. Unjoin the device from Azure Active Directory (Azure AD), rejoin, and then try to create the PIN again. To unjoin a desktop PC, go to **Settings** > **System** > **About** and select **Disconnect from organization**. To unjoin a device running Windows 10 Mobile, you must [reset the device](http://go.microsoft.com/fwlink/p/?LinkId=715697).
-5. On mobile devices, if you are unable to setup a PIN after multiple attempts, reset your device and start over. For help on how to reset your phone go to [Reset my phone](http://go.microsoft.com/fwlink/p/?LinkId=715697).
+4. Unjoin the device from Azure Active Directory (Azure AD), rejoin, and then try to create the PIN again. To unjoin a desktop PC, go to **Settings** > **System** > **About** and select **Disconnect from organization**. To unjoin a device running Windows 10 Mobile, you must [reset the device](https://go.microsoft.com/fwlink/p/?LinkId=715697).
+5. On mobile devices, if you are unable to setup a PIN after multiple attempts, reset your device and start over. For help on how to reset your phone go to [Reset my phone](https://go.microsoft.com/fwlink/p/?LinkId=715697).
If the error occurs again, check the error code against the following table to see if there is another mitigation for that error. When no mitigation is listed in the table, contact Microsoft Support for assistance.
@@ -84,7 +84,7 @@ If the error occurs again, check the error code against the following table to s
| 0x80090031 |
NTE_AUTHENTICATION_IGNORED |
-Reboot the device. If the error occurs again after rebooting, [reset the TPM]( http://go.microsoft.com/fwlink/p/?LinkId=619969) or run [Clear-TPM](http://go.microsoft.com/fwlink/p/?LinkId=629650) |
+Reboot the device. If the error occurs again after rebooting, [reset the TPM]( https://go.microsoft.com/fwlink/p/?LinkId=619969) or run [Clear-TPM](https://go.microsoft.com/fwlink/p/?LinkId=629650) |
| 0x80090035 |
@@ -99,7 +99,7 @@ If the error occurs again, check the error code against the following table to s
| 0x801C000E |
Registration quota reached |
-Unjoin some other device that is currently joined using the same account or [increase the maximum number of devices per user](http://go.microsoft.com/fwlink/p/?LinkId=626933). |
+Unjoin some other device that is currently joined using the same account or [increase the maximum number of devices per user](https://go.microsoft.com/fwlink/p/?LinkId=626933). |
| 0x801C000F |
diff --git a/windows/keep-secure/microsoft-passport-guide.md b/windows/keep-secure/microsoft-passport-guide.md
index 6ac1ebfb73..d4bd6e4d33 100644
--- a/windows/keep-secure/microsoft-passport-guide.md
+++ b/windows/keep-secure/microsoft-passport-guide.md
@@ -45,7 +45,7 @@ Most security is a tradeoff between convenience and security: the more secure a
**Password complexity**
-If the major risk to passwords is that an attacker might guess them through brute-force analysis, it might seem reasonable to require users to include a broader character set in their passwords or make them longer, but as a practical matter, password length and complexity requirements have two negative side effects. First, they encourage password reuse. Estimates by [Herley, Florêncio, and van Oorschot](http://go.microsoft.com/fwlink/p/?LinkId=627392) calculate that the stronger a password is, the more likely it is to be reused. Because users put more effort into the creation and memorization of strong passwords, they are much more likely to use the same credential across multiple systems. Second, adding length or character set complexity to passwords does not necessarily make them more difficult to guess. For example, P@ssw0rd1 is nine characters long and includes uppercase and lowercase letters, numbers, and special characters, but it’s easily guessed by many of the common password-cracking tools now available on the Internet. These tools can attack passwords by using a pre-computed dictionary of common passwords, or they can start with a base word such as password, and then apply common character substitutions. A completely random eight-character password might therefore actually take longer to guess than P@ssw0rd123.
+If the major risk to passwords is that an attacker might guess them through brute-force analysis, it might seem reasonable to require users to include a broader character set in their passwords or make them longer, but as a practical matter, password length and complexity requirements have two negative side effects. First, they encourage password reuse. Estimates by [Herley, Florêncio, and van Oorschot](https://go.microsoft.com/fwlink/p/?LinkId=627392) calculate that the stronger a password is, the more likely it is to be reused. Because users put more effort into the creation and memorization of strong passwords, they are much more likely to use the same credential across multiple systems. Second, adding length or character set complexity to passwords does not necessarily make them more difficult to guess. For example, P@ssw0rd1 is nine characters long and includes uppercase and lowercase letters, numbers, and special characters, but it’s easily guessed by many of the common password-cracking tools now available on the Internet. These tools can attack passwords by using a pre-computed dictionary of common passwords, or they can start with a base word such as password, and then apply common character substitutions. A completely random eight-character password might therefore actually take longer to guess than P@ssw0rd123.
**Password expiration**
@@ -109,7 +109,7 @@ Microsoft Passport offers flexibility in the datacenter, too. To deploy it, in s
**It’s standardized**
-Both software vendors and enterprise customers have come to realize that proprietary identity and authentication systems are a dead end. The future lies with open, interoperable systems that allow secure authentication across a variety of devices, LOBs, and external applications and websites. To this end, a group of industry players formed the Fast IDentity Online Alliance (FIDO), a nonprofit organization intended to address the lack of interoperability among strong authentication devices as well as the problems users face when they have to create and remember multiple user names and passwords. The FIDO Alliance plans to change the nature of authentication by developing specifications that define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to securely authenticate users of online services. This new standard for security devices and browser plug ins will allow any website or cloud application to interface with a broad variety of existing and future FIDO-enabled devices that the user has for online security. For more information, see the [FIDO Alliance website](http://go.microsoft.com/fwlink/p/?LinkId=627393).
+Both software vendors and enterprise customers have come to realize that proprietary identity and authentication systems are a dead end. The future lies with open, interoperable systems that allow secure authentication across a variety of devices, LOBs, and external applications and websites. To this end, a group of industry players formed the Fast IDentity Online Alliance (FIDO), a nonprofit organization intended to address the lack of interoperability among strong authentication devices as well as the problems users face when they have to create and remember multiple user names and passwords. The FIDO Alliance plans to change the nature of authentication by developing specifications that define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to securely authenticate users of online services. This new standard for security devices and browser plug ins will allow any website or cloud application to interface with a broad variety of existing and future FIDO-enabled devices that the user has for online security. For more information, see the [FIDO Alliance website](https://go.microsoft.com/fwlink/p/?LinkId=627393).
In 2013, Microsoft joined the FIDO Alliance. FIDO standards enable a universal framework that a global ecosystem delivers for a consistent and greatly improved user experience of strong passwordless authentication. The FIDO 1.0 specifications, published in December 2014, provide for two types of authentications: passwordless (known as the Universal Authentication Framework \[UAF\]) and 2nd Factor (U2F). The FIDO Alliance is working on a set of 2.0 proposals to combine the best parts of the U2F and UAF FIDO 1.0 standards. Microsoft is actively contributing to the proposals, and Windows 10 is a reference implementation of these concepts. In addition to supporting those protocols, the Windows implementation covers other aspects of the end-to-end experience that the specification does not cover, including user interface to, storage of, and protection for users’ device keys and the tokens issued after authentication; supporting administrator policies; and providing deployment tools. Microsoft expects to continue working with the FIDO Alliance as the FIDO 2.0 specification moves forward. Interoperability of FIDO products is a hallmark of FIDO authentication. Microsoft believes that bringing a FIDO solution to market will help solve a critical need for enterprises and consumers alike.
@@ -181,7 +181,7 @@ Containers can contain several types of key material:
- *Secure/Multipurpose Internet Mail Extensions (S/MIME) keys and certificates*, which a certification authority (CA) generates. The keys associated with the user’s S/MIME certificate can be stored in a Microsoft Passport container so they’re available to the user whenever the container is unlocked.
- The *IDP key*. These keys can be either symmetric or asymmetric, depending on which IDP you use. A single container may contain zero or more IDP keys, with some restrictions (for example, the enterprise container can contain zero or one IDP keys). IDP keys are stored in the container as illustrated in Figure 3. For certificate-based Microsoft Passport for Work, when the container is unlocked, applications that require access to the IDP key or key pair can request access. IDP keys are used to sign or encrypt authentication requests or tokens sent from this machine to the IDP. IDP keys are typically long lived but could have a shorter lifetime than the authentication key.
Microsoft accounts, Active Directory accounts, and Azure AD accounts all require the use of asymmetric key pairs. The device generates public and private keys, registers the public key with the IDP (which stores it for later verification), and securely stores the private key. For enterprises, the IDP keys can be generated in two ways:
-- The IDP key pair can be associated with an enterprise CA through the Windows Network Device Enrollment Service (NDES), described more fully in [Network Device Enrollment Service Guidance](http://go.microsoft.com/fwlink/p/?LinkId=733947). In this case, Microsoft Passport requests a new certificate with the same key as the certificate from the existing PKI. This option lets organizations that have an existing PKI continue to use it where appropriate. Given that many applications, such as popular virtual private network systems, require the use of certificates, when you deploy Microsoft Passport in this mode, it allows a faster transition away from user passwords while still preserving certificate-based functionality. This option also allows the enterprise to store additional certificates in the protected container.
+- The IDP key pair can be associated with an enterprise CA through the Windows Network Device Enrollment Service (NDES), described more fully in [Network Device Enrollment Service Guidance](https://go.microsoft.com/fwlink/p/?LinkId=733947). In this case, Microsoft Passport requests a new certificate with the same key as the certificate from the existing PKI. This option lets organizations that have an existing PKI continue to use it where appropriate. Given that many applications, such as popular virtual private network systems, require the use of certificates, when you deploy Microsoft Passport in this mode, it allows a faster transition away from user passwords while still preserving certificate-based functionality. This option also allows the enterprise to store additional certificates in the protected container.
- The IDP can generate the IDP key pair directly, which allows quick, lower-overhead deployment of Microsoft Passport in environments that don’t have or need a PKI.
**How keys are protected**
@@ -243,7 +243,7 @@ The major benefit of this approach is that it provides uniform protection for al
The downside to this approach is its complexity. Smaller organizations may find that managing the rollout of a new operating system across all devices is beyond the scope of their experience and capability. For these organizations, users can self-upgrade, and new users may end up with Windows 10 because they get new devices when they join. Larger organizations, especially those that are highly decentralized or have operations across many physical sites, may have more deployment knowledge and resources but face the challenge of coordinating rollout efforts across a larger user base and footprint.
-For more information about desktop deployment of Windows 10, visit the [Windows 10 TechCenter](http://go.microsoft.com/fwlink/p/?LinkId=626581).
+For more information about desktop deployment of Windows 10, visit the [Windows 10 TechCenter](https://go.microsoft.com/fwlink/p/?LinkId=626581).
One key aspect of this deployment strategy is how to get Windows 10 in users’ hands. Because different organizations have wildly differing strategies to refresh hardware and software, there’s no one-size-fits-all strategy. For example, some organizations pursue a coordinated strategy that puts new desktop operating systems in users’ hands every 2–3 years on existing hardware, supplementing with new hardware only where and when required. Others tend to replace hardware and deploy whatever version of the Windows client operating system ships on the purchased devices. In both cases, there are typically separate deployment cycles for servers and server operating systems, and the desktop and server cycles may or may not be coordinated.
@@ -307,7 +307,7 @@ Table 1. Deployment requirements for Microsoft Passport
Azure AD subscription |
- Azure AD subscription
-- [Azure AD Connect](http://go.microsoft.com/fwlink/p/?LinkId=616792)
+- [Azure AD Connect](https://go.microsoft.com/fwlink/p/?LinkId=616792)
- A few Windows Server 2016 Technical Preview domain controllers on-site
- A management solution, such as Configuration Manager, Group Policy, or MDM
- Active Directory Certificate Services (AD CS) without Network Device Enrollment Service (NDES)
@@ -322,7 +322,7 @@ Table 1. Deployment requirements for Microsoft Passport
Intune |
- Azure AD subscription
-- [Azure AD Connect](http://go.microsoft.com/fwlink/p/?LinkId=616792)
+- [Azure AD Connect](https://go.microsoft.com/fwlink/p/?LinkId=616792)
- AD CS with NDES
- Configuration Manager (current branch) or Configuration Manager 2016 Technical Preview for domain-joined certificate enrollment, or InTune for non-domain-joined devices, or a non-Microsoft MDM service that supports Passport for Work
|
@@ -337,7 +337,7 @@ Note that the current release of Windows 10 supports the Azure AD–only (RTM)
**Select policy settings**
-Another key aspect of Microsoft Passport for Work deployment involves the choice of which policy settings to apply to the enterprise. There are two parts to this choice: which policies you deploy to manage Microsoft Passport itself and which policies you deploy to control device management and registration. A complete guide to selecting effective policies is beyond the scope of this guide, but one example reference that may be useful is [Mobile device management capabilities in Microsoft Intune](http://go.microsoft.com/fwlink/p/?LinkId=733877).
+Another key aspect of Microsoft Passport for Work deployment involves the choice of which policy settings to apply to the enterprise. There are two parts to this choice: which policies you deploy to manage Microsoft Passport itself and which policies you deploy to control device management and registration. A complete guide to selecting effective policies is beyond the scope of this guide, but one example reference that may be useful is [Mobile device management capabilities in Microsoft Intune](https://go.microsoft.com/fwlink/p/?LinkId=733877).
## Implement Microsoft Passport
@@ -366,7 +366,7 @@ As of the initial release of Windows 10, you can control the following settings
- You can define the complexity and length of the PIN that users generate at registration.
- You can control whether Windows Hello use is enabled in your organization.
-These settings can be implemented through GPOs or through configuration service providers (CSPs) in MDM systems, so you have a familiar and flexible set of tools you can use to apply them to exactly the users you want. (For details about the Microsoft Passport for Work CSP, see [PassportForWork CSP)](http://go.microsoft.com/fwlink/p/?LinkId=733876).
+These settings can be implemented through GPOs or through configuration service providers (CSPs) in MDM systems, so you have a familiar and flexible set of tools you can use to apply them to exactly the users you want. (For details about the Microsoft Passport for Work CSP, see [PassportForWork CSP)](https://go.microsoft.com/fwlink/p/?LinkId=733876).
## Roadmap
diff --git a/windows/keep-secure/optimize-applocker-performance.md b/windows/keep-secure/optimize-applocker-performance.md
index ff8f099f2d..5282b92618 100644
--- a/windows/keep-secure/optimize-applocker-performance.md
+++ b/windows/keep-secure/optimize-applocker-performance.md
@@ -20,7 +20,7 @@ This topic for IT professionals describes how to optimize AppLocker policy enfor
AppLocker policies can be implemented by organization unit (OU) using Group Policy. If so, your Group Policy infrastructure should be optimized and retested for performance when AppLocker policies are added to existing Group Policy Objects (GPOs) or new GPOs are created, as you do with adding any policies to your GPOs.
-For more info, see the [Optimizing Group Policy Performance](http://go.microsoft.com/fwlink/p/?LinkId=163238) article in TechNet Magazine.
+For more info, see the [Optimizing Group Policy Performance](https://go.microsoft.com/fwlink/p/?LinkId=163238) article in TechNet Magazine.
### AppLocker rule limitations
diff --git a/windows/keep-secure/plan-for-applocker-policy-management.md b/windows/keep-secure/plan-for-applocker-policy-management.md
index 96d65e5c32..ba66c70d42 100644
--- a/windows/keep-secure/plan-for-applocker-policy-management.md
+++ b/windows/keep-secure/plan-for-applocker-policy-management.md
@@ -64,13 +64,13 @@ AppLocker event log is located in the following path: **Applications and Service
2. **MSI and Script**. Contains events for all files affected by the Windows Installer and script rule collections (.msi, .msp, .ps1, .bat, .cmd, .vbs, and .js).
3. **Packaged app-Deployment** or **Packaged app-Execution**, contains events for all Universal Windows apps affected by the packaged app and packed app installer rule collection (.appx).
-Collecting these events in a central location can help you maintain your AppLocker policy and troubleshoot rule configuration problems. Event collection technologies such as those available in Windows allow administrators to subscribe to specific event channels and have the events from source computers aggregated into a forwarded event log on a Windows Server operating system collector. For more info about setting up an event subscription, see [Configure Computers to Collect and Forward Events](http://go.microsoft.com/fwlink/p/?LinkId=145012).
+Collecting these events in a central location can help you maintain your AppLocker policy and troubleshoot rule configuration problems. Event collection technologies such as those available in Windows allow administrators to subscribe to specific event channels and have the events from source computers aggregated into a forwarded event log on a Windows Server operating system collector. For more info about setting up an event subscription, see [Configure Computers to Collect and Forward Events](https://go.microsoft.com/fwlink/p/?LinkId=145012).
### Policy maintenance
As new apps are deployed or existing apps are updated by the software publisher, you will need to make revisions to your rule collections to ensure that the policy is current.
-You can edit an AppLocker policy by adding, changing, or removing rules. However, you cannot specify a version for the policy by importing additional rules. To ensure version control when modifying an AppLocker policy, use Group Policy management software that allows you to create versions of Group Policy Objects (GPOs). An example of this type of software is the Advanced Group Policy Management feature from the Microsoft Desktop Optimization Pack. For more info about Advanced Group Policy Management, see [Advanced Group Policy Management Overview](http://go.microsoft.com/fwlink/p/?LinkId=145013) (http://go.microsoft.com/fwlink/p/?LinkId=145013).
+You can edit an AppLocker policy by adding, changing, or removing rules. However, you cannot specify a version for the policy by importing additional rules. To ensure version control when modifying an AppLocker policy, use Group Policy management software that allows you to create versions of Group Policy Objects (GPOs). An example of this type of software is the Advanced Group Policy Management feature from the Microsoft Desktop Optimization Pack. For more info about Advanced Group Policy Management, see [Advanced Group Policy Management Overview](https://go.microsoft.com/fwlink/p/?LinkId=145013) (https://go.microsoft.com/fwlink/p/?LinkId=145013).
>**Caution:** You should not edit an AppLocker rule collection while it is being enforced in Group Policy. Because AppLocker controls what files are allowed to run, making changes to a live policy can create unexpected behavior.
@@ -100,7 +100,7 @@ A file could be blocked for three reasons:
- There may be an existing rule that was created for the file that is too restrictive.
- A deny rule, which cannot be overridden, is explicitly blocking the file.
-Before editing the rule collection, first determine what rule is preventing the file from running. You can troubleshoot the problem by using the **Test-AppLockerPolicy** Windows PowerShell cmdlet. For more info about troubleshooting an AppLocker policy, see [Testing and Updating an AppLocker Policy](http://go.microsoft.com/fwlink/p/?LinkId=160269) (http://go.microsoft.com/fwlink/p/?LinkId=160269).
+Before editing the rule collection, first determine what rule is preventing the file from running. You can troubleshoot the problem by using the **Test-AppLockerPolicy** Windows PowerShell cmdlet. For more info about troubleshooting an AppLocker policy, see [Testing and Updating an AppLocker Policy](https://go.microsoft.com/fwlink/p/?LinkId=160269) (https://go.microsoft.com/fwlink/p/?LinkId=160269).
## Next steps
diff --git a/windows/keep-secure/planning-and-deploying-advanced-security-audit-policies.md b/windows/keep-secure/planning-and-deploying-advanced-security-audit-policies.md
index 1fa912d181..77613b4101 100644
--- a/windows/keep-secure/planning-and-deploying-advanced-security-audit-policies.md
+++ b/windows/keep-secure/planning-and-deploying-advanced-security-audit-policies.md
@@ -99,7 +99,7 @@ In addition to your domain model, you should also find out whether your organiza
>**Important:** Including auditing within your organization's security plan also makes it possible to budget your resources on the areas where auditing can achieve the most positive results.
-For additional details about how to complete each of these steps and how to prepare a detailed threat model, download the [IT Infrastructure Threat Modeling Guide](http://go.microsoft.com/fwlink/p/?LinkId=163432).
+For additional details about how to complete each of these steps and how to prepare a detailed threat model, download the [IT Infrastructure Threat Modeling Guide](https://go.microsoft.com/fwlink/p/?LinkId=163432).
### Data and resources
@@ -144,7 +144,7 @@ Security and auditing requirements and audit event volume can vary considerably
- If the computers are servers, desktop computers, or portable computers.
- The important applications the computers run, such as Exchange Server, SQL Server, or Forefront Identity Manager.
- >**Note:** If the server applications (including Exchange Server and SQL Server) have audit settings. For more information about auditing in Exchange Server, see the [Exchange 2010 Security Guide](http://go.microsoft.com/fwlink/p/?linkid=128052). For more information about auditing in SQL Server 2008, see [Auditing (Database Engine)](http://go.microsoft.com/fwlink/p/?LinkId=163434). For SQL Server 2012, see [SQL Server Audit (Database Engine)](http://technet.microsoft.com/library/cc280386.aspx).
+ >**Note:** If the server applications (including Exchange Server and SQL Server) have audit settings. For more information about auditing in Exchange Server, see the [Exchange 2010 Security Guide](https://go.microsoft.com/fwlink/p/?linkid=128052). For more information about auditing in SQL Server 2008, see [Auditing (Database Engine)](https://go.microsoft.com/fwlink/p/?LinkId=163434). For SQL Server 2012, see [SQL Server Audit (Database Engine)](http://technet.microsoft.com/library/cc280386.aspx).
- The operating system versions.
@@ -260,7 +260,7 @@ In the majority of cases, these attempts will be legitimate and a network needs
>**Note:** There is no failure event for logoff activity because failed logoffs (such as when a system abruptly shuts down) do not generate an audit record. Logoff events are not 100 percent reliable. For example, the computer can be turned off without a proper logoff and shutdown, and a logoff event is not generated.
-- Logon/Logoff\\[Audit Special Logon](audit-special-logon.md). A special logon has administrator-equivalent rights and can be used to elevate a process to a higher level. It is recommended to track these types of logons. For more information about this feature, see [article 947223](http://go.microsoft.com/fwlink/p/?linkid=120183) in the Microsoft Knowledge Base.
+- Logon/Logoff\\[Audit Special Logon](audit-special-logon.md). A special logon has administrator-equivalent rights and can be used to elevate a process to a higher level. It is recommended to track these types of logons. For more information about this feature, see [article 947223](https://go.microsoft.com/fwlink/p/?linkid=120183) in the Microsoft Knowledge Base.
- Object Access\\[Audit Certification Services](audit-certification-services.md). This policy setting allows you to track and monitor a wide variety of activities on a computer that hosts Active Directory Certificate Services (AD CS) role services to ensure that only authorized users are performing or attempting to perform these tasks, and that only authorized or desired tasks are being performed.
- Object Access\\[Audit File System](audit-file-system.md) and Object Access\\[Audit File Share](audit-file-share.md). These policy settings are described in the previous section.
- Object Access\\[Audit Handle Manipulation](audit-handle-manipulation.md). This policy setting and its role in providing "reason for access" audit data is described in the previous section.
@@ -336,7 +336,7 @@ Configuration\\Administrative Templates\\Windows Components\\Event Log Service\\
- **Retain old events**. This policy setting controls event log behavior when the log file reaches its maximum size. When this policy setting is enabled and a log file reaches its maximum size, new events are not written to the log and are lost. When this policy setting is disabled and a log file reaches its maximum size, new events overwrite old events.
- **Backup log automatically when full**. This policy setting controls event log behavior when the log file reaches its maximum size and takes effect only if the **Retain old events** policy setting is enabled. If you enable these policy settings, the event log file is automatically closed and renamed when it is full. A new file is then started. If you disable or do not configure this policy setting and the **Retain old events** policy setting is enabled, new events are discarded and the old events are retained.
-In addition, a growing number of organizations are being required to store archived log files for a number of years. You should consult with regulatory compliance officers in your organization to determine whether such guidelines apply to your organization. For more information, see the [IT Compliance Management Guide](http://go.microsoft.com/fwlink/p/?LinkId=163435).
+In addition, a growing number of organizations are being required to store archived log files for a number of years. You should consult with regulatory compliance officers in your organization to determine whether such guidelines apply to your organization. For more information, see the [IT Compliance Management Guide](https://go.microsoft.com/fwlink/p/?LinkId=163435).
## Deploying the security audit policy
diff --git a/windows/keep-secure/prepare-your-organization-for-bitlocker-planning-and-policies.md b/windows/keep-secure/prepare-your-organization-for-bitlocker-planning-and-policies.md
index c30af5a4c1..31c04c1c61 100644
--- a/windows/keep-secure/prepare-your-organization-for-bitlocker-planning-and-policies.md
+++ b/windows/keep-secure/prepare-your-organization-for-bitlocker-planning-and-policies.md
@@ -120,7 +120,7 @@ For a TPM to be usable by BitLocker, it must contain an endorsement key, which i
An endorsement key can be created at various points in the TPM’s lifecycle, but needs to be created only once for the lifetime of the TPM. If an endorsement key does not exist for the TPM, it must be created before TPM ownership can be taken.
-For more information about the TPM and the TCG, see the Trusted Computing Group: Trusted Platform Module (TPM) Specifications ().
+For more information about the TPM and the TCG, see the Trusted Computing Group: Trusted Platform Module (TPM) Specifications ().
## Non-TPM hardware configurations
diff --git a/windows/keep-secure/protect-enterprise-data-using-wip.md b/windows/keep-secure/protect-enterprise-data-using-wip.md
index 235a704411..b6d01bc4cc 100644
--- a/windows/keep-secure/protect-enterprise-data-using-wip.md
+++ b/windows/keep-secure/protect-enterprise-data-using-wip.md
@@ -16,11 +16,12 @@ localizationpriority: high
- Windows 10, version 1607
- Windows 10 Mobile
+
>Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
With the increase of employee-owned devices in the enterprise, there’s also an increasing risk of accidental data leak through apps and services, like email, social media, and the public cloud, which are outside of the enterprise’s control. For example, when an employee sends the latest engineering pictures from their personal email account, copies and pastes product info into a tweet, or saves an in-progress sales report to their public cloud storage.
-Windows Information Protection (WIP) helps to protect against this potential data leakage without otherwise interfering with the employee experience. WIP also helps to protect enterprise apps and data against accidental data leak on enterprise-owned devices and personal devices that employees bring to work without requiring changes to your environment or other apps. Finally, another data protection technology, Azure Rights Management also works alongside WIP to extend data protection for data that leaves the device, such as when email attachments are sent from an enterprise aware version of a rights management mail client.
+Windows Information Protection (WIP), previously known as enterprise data protection (EDP), helps to protect against this potential data leakage without otherwise interfering with the employee experience. WIP also helps to protect enterprise apps and data against accidental data leak on enterprise-owned devices and personal devices that employees bring to work without requiring changes to your environment or other apps. Finally, another data protection technology, Azure Rights Management also works alongside WIP to extend data protection for data that leaves the device, such as when email attachments are sent from an enterprise aware version of a rights management mail client.
## Prerequisites
You’ll need this software to run WIP in your enterprise:
@@ -64,7 +65,35 @@ WIP provides:
- Use of audit reports for tracking issues and remedial actions.
-- Integration with your existing management system (Microsoft Intune, System Center Configuration Manager 2016, or your current mobile device management (MDM) system) to configure, deploy, and manage WIP for your company.
+- Integration with your existing management system (Microsoft Intune, System Center Configuration Manager, or your current mobile device management (MDM) system) to configure, deploy, and manage WIP for your company.
+
+## Why use WIP?
+WIP gives you a new way to manage data policy enforcement for apps and documents, along with the ability to remove access to enterprise data from both enterprise and personal devices (after enrollment in an enterprise management solution, like Intune).
+
+- **Change the way you think about data policy enforcement.** As an enterprise admin, you need to maintain compliance in your data policy and data access. WIP helps make sure that your enterprise data is protected on both corporate and employee-owned devices, even when the employee isn’t using the device. When employees create content on an enterprise-protected device, they can choose to save it as a work document. If it's a work document, it becomes locally-maintained as enterprise data.
+
+- **Manage your enterprise documents, apps, and encryption modes.**
+
+ - **Copying or downloading enterprise data.** When an employee or an app downloads content from a location like SharePoint, a network share, or an enterprise web location, while using a WIP-protected device, WIP encrypts the data on the device.
+
+ - **Using allowed apps.** Managed apps (apps that you've included on the Allowed Apps list in your WIP policy) are allowed to access your enterprise data and will interact differently when used with unallowed, non-enterprise aware, or personal-only apps. For example, if WIP management is set to **Block**, your employees can copy and paste from one protected app to another allowed app, but not to personal apps. Imagine an HR person wants to copy a job description from an allowed app to the internal career website, an enterprise-protected location, but goofs and tries to paste into a personal app instead. The paste action fails and a notification pops up, saying that the app couldn’t paste because of a policy restriction. The HR person then correctly pastes to the career website without a problem.
+
+ - **Managed apps and restrictions.** With WIP you can control which apps can access and use your enterprise data. After adding an app to your allowed apps list, the app is trusted with enterprise data. All apps not on this list are blocked from accessing your enterprise data, depending on your WIP management-mode.
+
+ You don’t have to modify line-of-business apps that never touch personal data to list them as allowed apps; just include them in the allowed apps list.
+
+ - **Deciding your level of data access.** WIP lets you block, allow overrides, or audit employees' data sharing actions. Blocking the action stops it immediately. Allowing overrides lets the employee know there's a risk, but lets him or her continue to share the data while recording and auditing the action. Silent just logs the action without blocking anything that the employee could've overridden while using that setting; collecting info that can help you to see patterns of inappropriate sharing so you can take educative action or find apps that should be added to your allowed apps list.
+
+ - **Data encryption at rest.** WIP helps protect enterprise data on local files and on removable media.
+
+ Apps such as Microsoft Word work with WIP to help continue your data protection across local files and removable media. These apps are being referred to as, enterprise aware. For example, if an employee opens WIP-encrypted content from Word, edits the content, and then tries to save the edited version with a different name, Word automatically applies WIP to the new document.
+
+ - **Helping prevent accidental data disclosure to public spaces.** WIP helps protect your enterprise data from being accidentally shared to public spaces, such as public cloud storage. For example, if Dropbox™ isn’t on your allowed apps list, employees won’t be able to sync encrypted files to their personal cloud storage. Instead, if the employee stores the content to an app on your allowed apps list, like Microsoft OneDrive for Business, the encrypted files can sync freely to the business cloud, while maintaining the encryption locally.
+
+ - **Helping prevent accidental data disclosure to removable media.** WIP helps prevent enterprise data from leaking when it's copied or transferred to removable media. For example, if an employee puts enterprise data on a Universal Serial Bus (USB) drive that also has personal data, the enterprise data remains encrypted while the personal data doesn’t.
+
+- **Remove access to enterprise data from enterprise-protected devices.** WIP gives admins the ability to revoke enterprise data from one or many MDM-enrolled devices, while leaving personal data alone. This is a benefit when an employee leaves your company, or in the case of a stolen device. After determining that the data access needs to be removed, you can use Microsoft Intune to unenroll the device so when it connects to the network, the user's encryption key for the device is revoked and the enterprise data becomes unreadable.
+ > **Note**
System Center Configuration Manager also allows you to revoke enterprise data. However, it does it by performing a factory reset of the device.
## How WIP works
WIP helps address your everyday challenges in the enterprise. Including:
@@ -97,38 +126,10 @@ You can set your WIP policy to use 1 of 4 protection and management modes:
|Mode|Description|
|----|-----------|
|Block |WIP looks for inappropriate data sharing practices and stops the employee from completing the action. This can include sharing enterprise data to non-enterprise-protected apps in addition to sharing enterprise data between apps or attempting to share outside of your organization’s network.|
-|Override |WIP looks for inappropriate data sharing, warning employees if they do something deemed potentially unsafe. However, this management mode lets the employee override the policy and share the data, logging the action to your audit log, accessible through the [Reporting CSP](http://go.microsoft.com/fwlink/p/?LinkID=746459). |
+|Override |WIP looks for inappropriate data sharing, warning employees if they do something deemed potentially unsafe. However, this management mode lets the employee override the policy and share the data, logging the action to your audit log, accessible through the [Reporting CSP](https://go.microsoft.com/fwlink/p/?LinkID=746459). |
|Silent |WIP runs silently, logging inappropriate data sharing, without blocking anything that would’ve been prompted for employee interaction while in Override mode. Unallowed actions, like apps inappropriately trying to access a network resource or WIP-protected data, are still blocked.|
|Off |WIP is turned off and doesn't help to protect or audit your data.After you turn off WIP, an attempt is made to decrypt any closed WIP-tagged files on the locally attached drives.
**Note**
For more info about setting your WIP-protection modes, see either [Create a Windows Information Protection (WIP) policy using Intune](create-wip-policy-using-intune.md) or [Create and deploy a Windows Information Protection (WIP) policy using Configuration Manager](create-wip-policy-using-sccm.md), depending on your management solution. |
-## Why use WIP?
-WIP gives you a new way to manage data policy enforcement for apps and documents, along with the ability to remove access to enterprise data from both enterprise and personal devices (after enrollment in an enterprise management solution, like Intune).
-
-- **Change the way you think about data policy enforcement.** As an enterprise admin, you need to maintain compliance in your data policy and data access. WIP helps make sure that your enterprise data is protected on both corporate and employee-owned devices, even when the employee isn’t using the device. When employees create content on an enterprise-protected device, they can choose to save it as a work document. If it's a work document, it becomes locally-maintained as enterprise data.
-
-- **Manage your enterprise documents, apps, and encryption modes.**
-
- - **Copying or downloading enterprise data.** When an employee or an app downloads content from a location like SharePoint, a network share, or an enterprise web location, while using a WIP-protected device, WIP encrypts the data on the device.
-
- - **Using allowed apps.** Managed apps (apps that you've included on the Allowed Apps list in your WIP policy) are allowed to access your enterprise data and will interact differently when used with unallowed, non-enterprise aware, or personal-only apps. For example, if WIP management is set to **Block**, your employees can copy and paste from one protected app to another allowed app, but not to personal apps. Imagine an HR person wants to copy a job description from an allowed app to the internal career website, an enterprise-protected location, but goofs and tries to paste into a personal app instead. The paste action fails and a notification pops up, saying that the app couldn’t paste because of a policy restriction. The HR person then correctly pastes to the career website without a problem.
-
- - **Managed apps and restrictions.** With WIP you can control which apps can access and use your enterprise data. After adding an app to your allowed apps list, the app is trusted with enterprise data. All apps not on this list are blocked from accessing your enterprise data, depending on your WIP management-mode.
-
- You don’t have to modify line-of-business apps that never touch personal data to list them as allowed apps; just include them in the allowed apps list.
-
- - **Deciding your level of data access.** WIP lets you block, allow overrides, or audit employees' data sharing actions. Blocking the action stops it immediately. Allowing overrides let the employee know there's a risk, but lets him or her continue to share the data while recording and auditing the action. Silent just logs the action without blocking anything that the employee could've overridden while using that setting; collecting info that can help you to see patterns of inappropriate sharing so you can take educative action or find apps that should be added to your allowed apps list.
-
- - **Data encryption at rest.** WIP helps protect enterprise data on local files and on removable media.
-
- Apps such as Microsoft Word work with WIP to help continue your data protection across local files and removable media. These apps are being referred to as, enterprise aware. For example, if an employee opens WIP-encrypted content from Word, edits the content, and then tries to save the edited version with a different name, Word automatically applies WIP to the new document.
-
- - **Helping prevent accidental data disclosure to public spaces.** WIP helps protect your enterprise data from being accidentally shared to public spaces, such as public cloud storage. For example, if Dropbox™ isn’t on your allowed apps list, employees won’t be able to sync encrypted files to their personal cloud storage. Instead, if the employee stores the content to an app on your allowed apps list, like Microsoft OneDrive for Business, the encrypted files can sync freely to the business cloud, while maintaining the encryption locally.
-
- - **Helping prevent accidental data disclosure to removable media.** WIP helps prevent enterprise data from leaking when it's copied or transferred to removable media. For example, if an employee puts enterprise data on a Universal Serial Bus (USB) drive that also has personal data, the enterprise data remains encrypted while the personal data doesn’t.
-
-- **Remove access to enterprise data from enterprise-protected devices.** WIP gives admins the ability to revoke enterprise data from one or many MDM-enrolled devices, while leaving personal data alone. This is a benefit when an employee leaves your company, or in the case of a stolen device. After determining that the data access needs to be removed, you can use Microsoft Intune to unenroll the device so when it connects to the network, the user's encryption key for the device is revoked and the enterprise data becomes unreadable.
- > **Note**
System Center Configuration Manager also allows you to revoke enterprise data. However, it does it by performing a factory reset of the device.
-
## Turn off WIP
You can turn off all Windows Information Protection and restrictions, reverting to where you were pre-WIP, with no data loss. However, turning off WIP isn't recommended. If you choose to turn it off, you can always turn it back on, but WIP won't retain your decryption and policies info.
diff --git a/windows/keep-secure/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md b/windows/keep-secure/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
index d74bdf6189..0ebb719b2e 100644
--- a/windows/keep-secure/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
+++ b/windows/keep-secure/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
@@ -123,7 +123,7 @@ Windows 10 supports features to help prevent sophisticated low-level malware li
- The first TPM specification, version 1.2, was published in February 2005 by the TCG and standardized under ISO / IEC 11889 standard.
- The latest TPM specification, referred to as TPM 2.0, was released in April 2014 and has been approved by the ISO/IEC Joint Technical Committee (JTC) as ISO/IEC 11889:2015.
- Windows 10 uses the TPM for cryptographic calculations as part of health attestation and to protect the keys for BitLocker, Microsoft Passport, virtual smart cards, and other public key certificates. For more information, see [TPM requirements in Windows 10](http://go.microsoft.com/fwlink/p/?LinkId=733948).
+ Windows 10 uses the TPM for cryptographic calculations as part of health attestation and to protect the keys for BitLocker, Microsoft Passport, virtual smart cards, and other public key certificates. For more information, see [TPM requirements in Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=733948).
Windows 10 recognizes versions 1.2 and 2.0 TPM specifications produced by the TCG. For the most recent and modern security features, Windows 10 supports only TPM 2.0. TPM 2.0 is required for device health attestation.
@@ -183,7 +183,7 @@ Windows 10 supports features to help prevent sophisticated low-level malware li
HVCI uses virtualization-based security to isolate Code Integrity, the only way kernel memory can become executable is through a Code Integrity verification. This means that kernel memory pages can never be Writable and Executable (W+X) and executable code cannot be directly modified.
- >**Note:** Device Guard devices that run Kernel Mode Code Integrity with virtualization-based security must have compatible drivers. For additional information, please read the [Driver compatibility with Device Guard in Windows 10](http://go.microsoft.com/fwlink/p/?LinkId=691612) blog post.
+ >**Note:** Device Guard devices that run Kernel Mode Code Integrity with virtualization-based security must have compatible drivers. For additional information, please read the [Driver compatibility with Device Guard in Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=691612) blog post.
The Device Guard Code Integrity feature lets organizations control what code is trusted to run into the Windows kernel and what applications are approved to run in user mode. It’s configurable by using a policy.
Device Guard Code Integrity policy is a binary file that Microsoft recommends you sign. The signing of the Code Integrity policy aids in the protection against a malicious user with Administrator privileges trying to modify or remove the current Code Integrity policy.
@@ -198,7 +198,7 @@ Windows 10 supports features to help prevent sophisticated low-level malware li
Windows 10 takes measurements of the UEFI firmware and each of the Windows and antimalware components are made as they load during the boot process. Additionally, they are taken and measured sequentially, not all at once. When these measurements are complete, their values are digitally signed and stored securely in the TPM and cannot be changed unless the system is reset.
- For more information, see [Secured Boot and Measured Boot: Hardening Early Boot Components Against Malware](http://go.microsoft.com/fwlink/p/?LinkId=733950).
+ For more information, see [Secured Boot and Measured Boot: Hardening Early Boot Components Against Malware](https://go.microsoft.com/fwlink/p/?LinkId=733950).
During each subsequent boot, the same components are measured, which allows comparison of the measurements against an expected baseline. For additional security, the values measured by the TPM can be signed and transmitted to a remote server, which can then perform the comparison. This process, called *remote device health attestation*, allows the server to verify health status of the Windows device.
@@ -245,7 +245,7 @@ The trust decision to execute code is performed by using Hyper-V Code Integrity,
Hyper-V Code Integrity is a feature that validates the integrity of a driver or system file each time it is loaded into memory. Code integrity detects whether an unsigned driver or system file is being loaded into the kernel, or whether a system file has been modified by malicious software that is being run by a user account with Administrator privileges. On x64-based versions of Windows 10 kernel-mode drivers must be digitally signed.
->**Note:** Independently of activation of Device Guard Policy, [Windows 10 by default raises the bar for what runs in the kernel](http://go.microsoft.com/fwlink/p/?LinkId=691613). Windows 10 drivers must be signed by Microsoft, and more specifically, by the WHQL (Windows Hardware Quality Labs) portal. Additionally, starting in October 2015, the WHQL portal will only accept driver submissions, including both kernel and user mode driver submissions, that have a valid Extended Validation (“EV”) Code Signing Certificate.
+>**Note:** Independently of activation of Device Guard Policy, [Windows 10 by default raises the bar for what runs in the kernel](https://go.microsoft.com/fwlink/p/?LinkId=691613). Windows 10 drivers must be signed by Microsoft, and more specifically, by the WHQL (Windows Hardware Quality Labs) portal. Additionally, starting in October 2015, the WHQL portal will only accept driver submissions, including both kernel and user mode driver submissions, that have a valid Extended Validation (“EV”) Code Signing Certificate.
With Device Guard in Windows 10, organizations are now able to define their own Code Integrity policy for use on x64 systems running Windows 10 Enterprise. Organizations have the ability to configure the policy that determines what is trusted to run. These include drivers and system files, as well as traditional desktop applications and scripts. The system is then locked down to only run applications that the organization trusts.
@@ -325,7 +325,7 @@ For more information on device health attestation, see the [Detect an unhealthy
### Hardware requirements
-The following table details the hardware requirements for both virtualization-based security services and the health attestation feature. For more information, see [Minimum hardware requirements](http://go.microsoft.com/fwlink/p/?LinkId=733951).
+The following table details the hardware requirements for both virtualization-based security services and the health attestation feature. For more information, see [Minimum hardware requirements](https://go.microsoft.com/fwlink/p/?LinkId=733951).
@@ -475,7 +475,7 @@ The TPM has an embedded unique cryptographic key called the endorsement key. The
The endorsement key public key is generally used for sending securely sensitive parameters, such as when taking possession of the TPM that contains the defining hash of the owner password. The EK private key is used when creating secondary keys like AIKs.
-The endorsement key acts as an identity card for the TPM. For more information, see [Understand the TPM endorsement key](http://go.microsoft.com/fwlink/p/?LinkId=733952).
+The endorsement key acts as an identity card for the TPM. For more information, see [Understand the TPM endorsement key](https://go.microsoft.com/fwlink/p/?LinkId=733952).
The endorsement key is often accompanied by one or two digital certificates:
@@ -573,7 +573,7 @@ The Health Attestation Service provides the following information to an MDM solu
- Safe Mode boot, DEP enablement, test signing enablement
- Device TPM has been provisioned with a trusted endorsement certificate
-For completeness of the measurements, see [Health Attestation CSP](http://go.microsoft.com/fwlink/p/?LinkId=733949).
+For completeness of the measurements, see [Health Attestation CSP](https://go.microsoft.com/fwlink/p/?LinkId=733949).
The following table presents some key items that can be reported back to MDM depending on the type of Windows 10-based device.
@@ -662,7 +662,7 @@ Today’s access control technology, in most cases, focuses on ensuring that the
The remote device health attestation process uses measured boot data to verify the health status of the device. The health of the device is then available for an MDM solution like Intune.
->**Note:** For the latest information on Intune and Windows 10 features support, see the [Microsoft Intune blog](http://go.microsoft.com/fwlink/p/?LinkId=691614) and [What's new in Microsoft Intune](http://go.microsoft.com/fwlink/p/?LinkId=733956).
+>**Note:** For the latest information on Intune and Windows 10 features support, see the [Microsoft Intune blog](https://go.microsoft.com/fwlink/p/?LinkId=691614) and [What's new in Microsoft Intune](https://go.microsoft.com/fwlink/p/?LinkId=733956).
The figure below shows how the Health Attestation Service is expected to work with Microsoft’s cloud-based Intune MDM service.
@@ -679,9 +679,9 @@ Windows 10 has an MDM client that ships as part of the operating system. This e
### Third-party MDM server support
-Third-party MDM servers can manage Windows 10 by using the MDM protocol. The built-in management client is able to communicate with a compatible server that supports the OMA-DM protocol to perform enterprise management tasks. For additional information, see [Azure Active Directory integration with MDM](http://go.microsoft.com/fwlink/p/?LinkId=733954).
+Third-party MDM servers can manage Windows 10 by using the MDM protocol. The built-in management client is able to communicate with a compatible server that supports the OMA-DM protocol to perform enterprise management tasks. For additional information, see [Azure Active Directory integration with MDM](https://go.microsoft.com/fwlink/p/?LinkId=733954).
->**Note:** MDM servers do not need to create or download a client to manage Windows 10. For more information, see [Mobile device management](http://go.microsoft.com/fwlink/p/?LinkId=733955).
+>**Note:** MDM servers do not need to create or download a client to manage Windows 10. For more information, see [Mobile device management](https://go.microsoft.com/fwlink/p/?LinkId=733955).
The third-party MDM server will have the same consistent first-party user experience for enrollment, which also provides simplicity for Windows 10 users.
@@ -689,7 +689,7 @@ The third-party MDM server will have the same consistent first-party user experi
This management infrastructure makes it possible for IT pros to use MDM-capable products like Intune, to manage health attestation, Device Guard, or Windows Defender on Windows 10-based devices, including BYODs that aren’t domain joined. IT pros will be able to manage and configure all of the actions and settings they are familiar with customizing by using Intune with Intune Endpoint Protection on down-level operating systems. Admins that currently only manage domain joined devices through Group Policy will find it easy to transition to managing Windows 10-based devices by using MDM because many of the settings and actions are shared across both mechanisms.
-For more information on how to manage Windows 10 security and system settings with an MDM solution, see [Custom URI settings for Windows 10 devices](http://go.microsoft.com/fwlink/p/?LinkId=733953).
+For more information on how to manage Windows 10 security and system settings with an MDM solution, see [Custom URI settings for Windows 10 devices](https://go.microsoft.com/fwlink/p/?LinkId=733953).
### Conditional access control
@@ -710,7 +710,7 @@ When a user requests access to an Office 365 service from a supported device pla
When a user enrolls, the device is registered with Azure AD, and enrolled with a compatible MDM solution like Intune.
->**Note** Microsoft is working with third-party MDM ISVs to support automated MDM enrollment and policy based access checks. Steps to turn on auto-MDM enrollment with Azure AD and Intune are explained in the [Windows 10, Azure AD And Microsoft Intune: Automatic MDM Enrollment Powered By The Cloud!](http://go.microsoft.com/fwlink/p/?LinkId=691615) blog post.
+>**Note** Microsoft is working with third-party MDM ISVs to support automated MDM enrollment and policy based access checks. Steps to turn on auto-MDM enrollment with Azure AD and Intune are explained in the [Windows 10, Azure AD And Microsoft Intune: Automatic MDM Enrollment Powered By The Cloud!](https://go.microsoft.com/fwlink/p/?LinkId=691615) blog post.
When a user enrolls a device successfully, the device becomes trusted. Azure AD provides single-sign-on to access company applications and enforces conditional access policy to grant access to a service not only the first time the user requests access, but every time the user requests to renew access.
@@ -732,7 +732,7 @@ To get to a compliant state, the Windows 10-based device needs to:
- Register with Azure AD.
- Be compliant with the device policies set by the MDM solution.
->**Note:** At the present time, conditional access policies are selectively enforced on users on iOS and Android devices. For more information, see the [Azure AD, Microsoft Intune and Windows 10 – Using the cloud to modernize enterprise mobility!](http://go.microsoft.com/fwlink/p/?LinkId=691616) blog post.
+>**Note:** At the present time, conditional access policies are selectively enforced on users on iOS and Android devices. For more information, see the [Azure AD, Microsoft Intune and Windows 10 – Using the cloud to modernize enterprise mobility!](https://go.microsoft.com/fwlink/p/?LinkId=691616) blog post.
### Cloud and on-premises apps conditional access control
@@ -740,13 +740,13 @@ Conditional access control is a powerful policy evaluation engine built into Azu
IT pros can configure conditional access control policies for cloud SaaS applications secured by Azure AD and even on-premises applications. Access rules in Azure AD leverage the conditional access engine to check device health and compliance state reported by a compatible MDM solution like Intune in order to determine whether to allow access.
-For more information about conditional access, see [Azure Conditional Access Preview for SaaS Apps.](http://go.microsoft.com/fwlink/p/?LinkId=524807)
+For more information about conditional access, see [Azure Conditional Access Preview for SaaS Apps.](https://go.microsoft.com/fwlink/p/?LinkId=524807)
->**Note:** Conditional access control is an Azure AD Premium feature that's also available with EMS. If you don't have an Azure AD Premium subscription, you can get a trial from the [Microsoft Azure](http://go.microsoft.com/fwlink/p/?LinkId=691617) site.
+>**Note:** Conditional access control is an Azure AD Premium feature that's also available with EMS. If you don't have an Azure AD Premium subscription, you can get a trial from the [Microsoft Azure](https://go.microsoft.com/fwlink/p/?LinkId=691617) site.
For on-premises applications there are two options to enable conditional access control based on a device's compliance state:
-- For on-premises applications that are published through the Azure AD Application Proxy, you can configure conditional access control policies as you would for cloud applications. For more details, see the [Azure AD Conditional Access preview updated: Now supports On-Premises and Custom LOB apps](http://go.microsoft.com/fwlink/p/?LinkId=691618) blog post.
+- For on-premises applications that are published through the Azure AD Application Proxy, you can configure conditional access control policies as you would for cloud applications. For more details, see the [Azure AD Conditional Access preview updated: Now supports On-Premises and Custom LOB apps](https://go.microsoft.com/fwlink/p/?LinkId=691618) blog post.
- Additionally, Azure AD Connect will sync device compliance information from Azure AD to on-premises AD. ADFS on Windows Server 2016 will support conditional access control based on a device's compliance state. IT pros will configure conditional access control policies in ADFS that use the device's compliance state reported by a compatible MDM solution to secure on-premises applications.
@@ -768,7 +768,7 @@ The following process describes how Azure AD conditional access works:
13. If the device is compliant and the user is authorized, an access token is generated.
14. User can access the corporate managed asset.
-For more information about Azure AD join, see the [Azure AD & Windows 10: Better Together for Work or School](http://go.microsoft.com/fwlink/p/?LinkId=691619) white paper.
+For more information about Azure AD join, see the [Azure AD & Windows 10: Better Together for Work or School](https://go.microsoft.com/fwlink/p/?LinkId=691619) white paper.
Conditional access control is a topic that many organizations and IT pros may not know as well as they should. The different attributes that describe a user, a device, compliance, and context of access are very powerful when used with a conditional access engine. Conditional access control is an essential step that helps organizations secure their environment.
@@ -822,4 +822,4 @@ Health attestation is a key feature of Windows 10 that includes client and clou
- [Protect derived domain credentials with Credential Guard](credential-guard.md)
- [Device Guard deployment guide](device-guard-deployment-guide.md)
-- [Trusted Platform Module technology overview](http://go.microsoft.com/fwlink/p/?LinkId=733957)
+- [Trusted Platform Module technology overview](https://go.microsoft.com/fwlink/p/?LinkId=733957)
diff --git a/windows/keep-secure/securing-end-to-end-ipsec-connections-by-using-ikev2.md b/windows/keep-secure/securing-end-to-end-ipsec-connections-by-using-ikev2.md
index e3cd578183..c6875dfdd6 100644
--- a/windows/keep-secure/securing-end-to-end-ipsec-connections-by-using-ikev2.md
+++ b/windows/keep-secure/securing-end-to-end-ipsec-connections-by-using-ikev2.md
@@ -40,7 +40,7 @@ You can use IKEv2 as a virtual private network (VPN) tunneling protocol that sup
- [Troubleshooting](#troubleshooting)
->**Note:** This topic includes sample Windows PowerShell cmdlets. For more info, see [How to Run a Windows PowerShell Cmdlet](http://go.microsoft.com/fwlink/p/?linkid=230693).
+>**Note:** This topic includes sample Windows PowerShell cmdlets. For more info, see [How to Run a Windows PowerShell Cmdlet](https://go.microsoft.com/fwlink/p/?linkid=230693).
## Prerequisites
diff --git a/windows/keep-secure/switch-pcr-banks-on-tpm-2-0-devices.md b/windows/keep-secure/switch-pcr-banks-on-tpm-2-0-devices.md
index b6b9fd71e5..b60489c882 100644
--- a/windows/keep-secure/switch-pcr-banks-on-tpm-2-0-devices.md
+++ b/windows/keep-secure/switch-pcr-banks-on-tpm-2-0-devices.md
@@ -21,7 +21,7 @@ PCR\[N\] = HASHalg( PCR\[N\] || ArgumentOfExtend )
The existing value is concatenated with the argument of the TPM Extend operation. The resulting concatenation is then used as input to the associated hashing algorithm, which computes a digest of the input. This computed digest becomes the new value of the PCR.
-The [TCG PC Client Specific Platform TPM Profile for TPM 2.0](http://go.microsoft.com/fwlink/p/?LinkId=746577) defines the inclusion of at least one PCR bank with 24 registers. The only way to reset the first 16 PCRs is to reset the TPM itself. This restriction helps ensure that the value of those PCRs can only be modified via the TPM Extend operation.
+The [TCG PC Client Specific Platform TPM Profile for TPM 2.0](https://go.microsoft.com/fwlink/p/?LinkId=746577) defines the inclusion of at least one PCR bank with 24 registers. The only way to reset the first 16 PCRs is to reset the TPM itself. This restriction helps ensure that the value of those PCRs can only be modified via the TPM Extend operation.
Some TPM PCRs are used as checksums of log events. The log events are extended in the TPM as the events occur. Later, an auditor can validate the logs by computing the expected PCR values from the log and comparing them to the PCR values of the TPM. Since the first 16 TPM PCRs cannot be modified arbitrarily, a match between an expected PCR value in that range and the actual TPM PCR value provides assurance of an unmodified log.
diff --git a/windows/keep-secure/tpm-fundamentals.md b/windows/keep-secure/tpm-fundamentals.md
index 6969c89924..92a6fe9b1d 100644
--- a/windows/keep-secure/tpm-fundamentals.md
+++ b/windows/keep-secure/tpm-fundamentals.md
@@ -195,5 +195,5 @@ You can fix this by clearing the TPM.
- [Trusted Platform Module Services Group Policy Settings](trusted-platform-module-services-group-policy-settings.md)
- [TPM Cmdlets in Windows PowerShell](http://technet.microsoft.com/library/jj603116.aspx)
- [Schema Extensions for Windows Server 2008 R2 to support AD DS backup of TPM information from Windows 8 clients](ad-ds-schema-extensions-to-support-tpm-backup.md)
-- [TPM WMI providers](http://go.microsoft.com/fwlink/p/?LinkId=93478)
+- [TPM WMI providers](https://go.microsoft.com/fwlink/p/?LinkId=93478)
- [Prepare your organization for BitLocker: Planning and Policies - TPM configurations](http://technet.microsoft.com/library/jj592683.aspx)
diff --git a/windows/keep-secure/troubleshoot-windows-defender-in-windows-10.md b/windows/keep-secure/troubleshoot-windows-defender-in-windows-10.md
index 3b12429458..df382bc1fe 100644
--- a/windows/keep-secure/troubleshoot-windows-defender-in-windows-10.md
+++ b/windows/keep-secure/troubleshoot-windows-defender-in-windows-10.md
@@ -317,8 +317,8 @@ Description of the error.
To troubleshoot this event:
- Run the scan again.
-- If it fails in the same way, go to the Microsoft Support site, enter the error number in the Search box to look for the error code.
-- Contact Microsoft Technical Support.
+
- If it fails in the same way, go to the Microsoft Support site, enter the error number in the Search box to look for the error code.
+- Contact Microsoft Technical Support.
@@ -1291,8 +1291,8 @@ Description of the error.
If this event persists:
- Run the scan again.
-- If it fails in the same way, go to the Microsoft Support site, enter the error number in the Search box to look for the error code.
-- Contact Microsoft Technical Support.
+
- If it fails in the same way, go to the Microsoft Support site, enter the error number in the Search box to look for the error code.
+- Contact Microsoft Technical Support.
@@ -1505,13 +1505,13 @@ Description of the error.
- Update the definitions. Either:
- Click the Update definitions button on the Update tab in Windows Defender.
Or,
-- Download the latest definitions from the Microsoft Malware Protection Center.
-
Note: The size of the definitions file downloaded from the Microsoft Malware Protection Center can exceed 60 MB and should not be used as a long-term solution for updating definitions.
+ - Download the latest definitions from the Microsoft Malware Protection Center.
+
Note: The size of the definitions file downloaded from the Microsoft Malware Protection Center can exceed 60 MB and should not be used as a long-term solution for updating definitions.
- Review the entries in the %Windir%\WindowsUpdate.log file for more information about this error.
-- Contact Microsoft Technical Support.
+
- Contact Microsoft Technical Support.
@@ -1608,12 +1608,12 @@ Description of the error.
- Update the definitions. Either:
- Click the Update definitions button on the Update tab in Windows Defender.
Or,
-- Download the latest definitions from the Microsoft Malware Protection Center.
-
Note: The size of the definitions file downloaded from the Microsoft Malware Protection Center can exceed 60 MB and should not be used as a long-term solution for updating definitions.
+ - Download the latest definitions from the Microsoft Malware Protection Center.
+
Note: The size of the definitions file downloaded from the Microsoft Malware Protection Center can exceed 60 MB and should not be used as a long-term solution for updating definitions.
-- Contact Microsoft Technical Support.
+
- Contact Microsoft Technical Support.
@@ -1664,10 +1664,10 @@ Description of the error.
To troubleshoot this event:
- Restart the computer and try again.
-- Download the latest definitions from the Microsoft Malware Protection Center.
-
Note: The size of the definitions file downloaded from the Microsoft Malware Protection Center can exceed 60 MB and should not be used as a long-term solution for updating definitions.
+ - Download the latest definitions from the Microsoft Malware Protection Center.
+
Note: The size of the definitions file downloaded from the Microsoft Malware Protection Center can exceed 60 MB and should not be used as a long-term solution for updating definitions.
-- Contact Microsoft Technical Support.
+
- Contact Microsoft Technical Support.
@@ -2323,7 +2323,7 @@ Description of the error.
User action:
- The real-time protection feature has restarted. If this event happens again, contact Microsoft Technical Support.
+The real-time protection feature has restarted. If this event happens again, contact Microsoft Technical Support.
|
@@ -2499,7 +2499,7 @@ or Hang
-- If it fails in the same way, look up the error code by accessing the Microsoft Support Site and entering the error number in the Search box, and contact Microsoft Technical Support.
+- If it fails in the same way, look up the error code by accessing the Microsoft Support Site and entering the error number in the Search box, and contact Microsoft Technical Support.
@@ -2513,8 +2513,8 @@ or Hang
To troubleshoot this event:
- Run the scan again.
-- If it fails in the same way, go to the Microsoft Support site, enter the error number in the Search box to look for the error code.
-- Contact Microsoft Technical Support.
+
- If it fails in the same way, go to the Microsoft Support site, enter the error number in the Search box to look for the error code.
+- Contact Microsoft Technical Support.
@@ -2754,8 +2754,8 @@ Use the information in these tables to help troubleshoot Windows Defender error
- Update the definitions. Either:
- Click the Update definitions button on the Update tab in Windows Defender.
Or,
-- Download the latest definitions from the Microsoft Malware Protection Center.
-
Note: The size of the definitions file downloaded from the Microsoft Malware Protection Center can exceed 60 MB and should not be used as a long-term solution for updating definitions.
+ - Download the latest definitions from the Microsoft Malware Protection Center.
+
Note: The size of the definitions file downloaded from the Microsoft Malware Protection Center can exceed 60 MB and should not be used as a long-term solution for updating definitions.
@@ -2997,8 +2997,8 @@ article.
- Update the definitions. Either:
- Click the Update definitions button on the Update tab in Windows Defender.
Or,
-- Download the latest definitions from the Microsoft Malware Protection Center.
-
Note: The size of the definitions file downloaded from the Microsoft Malware Protection Center can exceed 60 MB and should not be used as a long-term solution for updating definitions.
+ - Download the latest definitions from the Microsoft Malware Protection Center.
+
Note: The size of the definitions file downloaded from the Microsoft Malware Protection Center can exceed 60 MB and should not be used as a long-term solution for updating definitions.
diff --git a/windows/keep-secure/verify-that-network-traffic-is-authenticated.md b/windows/keep-secure/verify-that-network-traffic-is-authenticated.md
index 03fcc34124..88ab773159 100644
--- a/windows/keep-secure/verify-that-network-traffic-is-authenticated.md
+++ b/windows/keep-secure/verify-that-network-traffic-is-authenticated.md
@@ -25,7 +25,7 @@ In these procedures, you confirm that the rules you deployed are working correct
- **Encryption zone.** Similar to the main isolation zone, after you confirm that the network traffic to zone members is properly authenticated and encrypted, you must convert your zone rules from request mode to require mode.
->**Note:** In addition to the steps shown in this procedure, you can also use network traffic capture tools such as Microsoft Network Monitor, which can be downloaded from . Network Monitor and similar tools allow you to capture, parse, and display the network packets received by the network adapter on your device. Current versions of these tools include full support for IPsec. They can identify encrypted network packets, but they cannot decrypt them.
+>**Note:** In addition to the steps shown in this procedure, you can also use network traffic capture tools such as Microsoft Network Monitor, which can be downloaded from . Network Monitor and similar tools allow you to capture, parse, and display the network packets received by the network adapter on your device. Current versions of these tools include full support for IPsec. They can identify encrypted network packets, but they cannot decrypt them.
diff --git a/windows/keep-secure/vpn-profile-options.md b/windows/keep-secure/vpn-profile-options.md
index 8564ae357c..90c8e2aa2d 100644
--- a/windows/keep-secure/vpn-profile-options.md
+++ b/windows/keep-secure/vpn-profile-options.md
@@ -62,6 +62,6 @@ A VPN profile configured with LockDown secures the device to only allow network
## Learn more
- [Learn how to configure VPN connections in Microsoft Intune](https://docs.microsoft.com/intune/deploy-use/vpn-connections-in-microsoft-intune)
-- [VPNv2 configuration service provider (CSP) reference](http://go.microsoft.com/fwlink/p/?LinkId=617588)
-- [How to Create VPN Profiles in Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=618028)
+- [VPNv2 configuration service provider (CSP) reference](https://go.microsoft.com/fwlink/p/?LinkId=617588)
+- [How to Create VPN Profiles in Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=618028)
diff --git a/windows/keep-secure/why-a-pin-is-better-than-a-password.md b/windows/keep-secure/why-a-pin-is-better-than-a-password.md
index f1321ab0de..4fb387f147 100644
--- a/windows/keep-secure/why-a-pin-is-better-than-a-password.md
+++ b/windows/keep-secure/why-a-pin-is-better-than-a-password.md
@@ -30,7 +30,7 @@ Even you can't use that PIN anywhere except on that specific device. If you want
A password is transmitted to the server -- it can be intercepted in transmission or stolen from a server. A PIN is local to the device -- it isn't transmitted anywhere and it isn't stored on the server.
When the PIN is created, it establishes a trusted relationship with the identity provider and creates an asymmetric key pair that is used for authentication. When you enter your PIN, it unlocks the authentication key and uses the key to sign the request that is sent to the authenticating server.
-> **Note:** For details on how Hello uses asymetric key pairs for authentication, see [Microsoft Passport guide](http://go.microsoft.com/fwlink/p/?LinkId=691928).
+> **Note:** For details on how Hello uses asymetric key pairs for authentication, see [Microsoft Passport guide](https://go.microsoft.com/fwlink/p/?LinkId=691928).
## PIN is backed by hardware
diff --git a/windows/keep-secure/windows-10-security-guide.md b/windows/keep-secure/windows-10-security-guide.md
index 87cd7086c5..5ad7eddc7a 100644
--- a/windows/keep-secure/windows-10-security-guide.md
+++ b/windows/keep-secure/windows-10-security-guide.md
@@ -18,14 +18,14 @@ author: challum
This guide provides a detailed description of the most important security improvements in the Windows 10 operating system, with links to more detailed articles about many of its security features. Wherever possible, specific recommendations are provided to help you implement and configure Windows 10 security features.
-## Introduction
+#### Introduction
Windows 10 is designed to protect against known and emerging security threats across the spectrum of attack vectors. Three broad categories of security work went into Windows 10:
- [**Identity and access control**](#identity) features have been greatly expanded to both simplify and enhance the security of user authentication. These features include Windows Hello and Microsoft Passport, which better protect user identities through easy-to-deploy and easy-to-use multifactor authentication (MFA). Another new feature is Credential Guard, which uses virtualization-based security (VBS) to help protect the Windows authentication subsystems and users’ credentials.
- [**Information protection**](#information) that guards information at rest, in use, and in transit. In addition to BitLocker and BitLocker To Go for protection of data at rest, Windows 10 includes file-level encryption with Enterprise Data Protection that performs data separation and containment and, when combined with Rights Management services, can keep data encrypted when it leaves the corporate network. Windows 10 can also help keep data secure by using virtual private networks (VPNs) and Internet Protocol Security.
- [**Malware resistance**](#malware) includes architectural changes that can isolate critical system and security components from threats. Several new features in Windows 10 help reduce the threat of malware, including VBS, Device Guard, Microsoft Edge, and an entirely new version of Windows Defender. In addition, the many antimalware features from the Windows 8.1 operating system— including AppContainers for application sandboxing and numerous boot-protection features, such as Trusted Boot—have been carried forward and improved in Windows 10.
-## Identity and access control
+## Identity and access control
Traditionally, access control is a process that has three components:
- **Identification** - when a user asserts a unique identity to the computer system for the purpose of gaining access to a resource, such as a file or a printer. In some definitions, the user is called the subject and the resource is the object.
@@ -74,14 +74,14 @@ Table 1. Windows 10 solutions to typical access control challenges
The sections that follow describe these challenges and solutions in more detail.
-**Microsoft Passport**
+### Microsoft Passport
Microsoft Passport provides strong two-factor authentication (2FA), fully integrated into Windows, and replaces passwords with the combination of an enrolled device and either a PIN or Windows Hello. Microsoft Passport is conceptually similar to smart cards but more flexible. Authentication is performed by using an asymmetric key pair instead of a string comparison (for example, password), and the user’s key material can be secured by using hardware.
Unlike smart cards, Microsoft Passport does not require the extra infrastructure components required for smart card deployment. In particular, you do not need public key infrastructure (PKI). If you already use PKI – for example, in secure email or VPN authentication – you can use the existing infrastructure with Microsoft Passport. Microsoft Passport combines the major advantages of smart card technology – deployment flexibility for virtual smart cards and robust security for physical smart cards – without any of their drawbacks.
Microsoft Passport offers three significant advantages over the current state of Windows authentication: It’s more flexible, it’s based on industry standards, and it effectively mitigates risks. The sections that follow look at each of these advantages in more detail.
-**It’s flexible**
+#### It’s flexible
Microsoft Passport offers unprecedented flexibility. Although the format and use of passwords and smart cards is fixed, Microsoft Passport gives both administrators and users options to manage authentication. First and foremost, Microsoft Passport works with biometric sensors and PINs. Next, you can use your PC or even your phone as one of the factors to authenticate on your PC. Finally, your user credentials can come from your PKI infrastructure, or Windows can create the credential itself.
@@ -89,21 +89,19 @@ Microsoft Passport gives you options beyond long, complex passwords. Instead of
With Microsoft Passport, you gain flexibility in the data center, too. To deploy it, you must add Windows Server 2016 domain controllers to your Active Directory environment, but you do not have to replace or remove your existing Active Directory servers: Microsoft Passport builds on and adds to your existing infrastructure. You can either add on premises servers or use Microsoft Azure Active Directory to deploy Microsoft Passport to your network. The choice of which users to enable for Microsoft Passport use is completely up to you – you choose which items to protect and which authentication factors you want to support. This flexibility makes it easy to use Microsoft Passport to supplement existing smart card or token deployments by adding 2FA to users who do not currently have it, or to deploy Microsoft Passport in scenarios that call for extra protection for sensitive resources or systems.
-**It’s standardized**
+#### It’s standardized
Both software vendors and enterprise customers have come to realize that proprietary identity and authentication systems are a dead end: The future lies with open, interoperable systems that allow secure authentication across a variety of devices, line of business (LOB) apps, and external applications and websites. To this end, a group of industry players formed FIDO, the Fast IDentity Online Alliance. The FIDO Alliance is a nonprofit organization intended to address the lack of interoperability among strong authentication devices, as well as the problems users face when they need to create and remember multiple user names and passwords. The FIDO Alliance plans to change the nature of authentication by developing specifications that define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to securely authenticate users of online services. This new standard for security devices and browser plug ins will allow any website or cloud application to interface with a broad variety of existing and future FIDO-enabled devices that the user has for online security.
-In 2014, Microsoft joined the board of the [FIDO Alliance](http://go.microsoft.com/fwlink/p/?LinkId=626934). FIDO standards enable a universal framework that a global ecosystem delivers for a consistent and greatly improved user experience of strong password-less authentication. The FIDO 1.0 specifications, published in December 2014, provide for two types of authentications: password-less (known as UAF) and second factor (U2F). The FIDO Alliance is working on a set of 2.0 proposals that incorporate the best ideas from its U2F and UAF FIDO 1.0 standards, and of course, on new ideas. Microsoft has contributed Microsoft Passport technology to the FIDO 2.0 specification workgroup for review and feedback and continues to work with the FIDO Alliance as the FIDO 2.0 specification moves forward. Interoperability of FIDO products is a hallmark of FIDO authentication. Microsoft believes that bringing a FIDO solution to market will help solve a critical need for enterprises and consumers alike.
+In 2014, Microsoft joined the board of the [FIDO Alliance](https://go.microsoft.com/fwlink/p/?LinkId=626934). FIDO standards enable a universal framework that a global ecosystem delivers for a consistent and greatly improved user experience of strong password-less authentication. The FIDO 1.0 specifications, published in December 2014, provide for two types of authentications: password-less (known as UAF) and second factor (U2F). The FIDO Alliance is working on a set of 2.0 proposals that incorporate the best ideas from its U2F and UAF FIDO 1.0 standards, and of course, on new ideas. Microsoft has contributed Microsoft Passport technology to the FIDO 2.0 specification workgroup for review and feedback and continues to work with the FIDO Alliance as the FIDO 2.0 specification moves forward. Interoperability of FIDO products is a hallmark of FIDO authentication. Microsoft believes that bringing a FIDO solution to market will help solve a critical need for enterprises and consumers alike.
-**It’s effective**
+#### It’s effective
Microsoft Passport effectively mitigates two major security risks. First, it eliminates the use of passwords for logon and so reduces the risk that a nefarious attacker will steal and reuse the user’s credentials. User key material is generated and available within the Trusted Platform Module (TPM) of the user device, which protects it from attackers who want to capture the key material and reuse it. Second, because Microsoft Passport uses asymmetrical key pairs, users credentials can’t be stolen in cases where the identity provider or websites the user accesses have been compromised.
To compromise a Microsoft Passport credential that TPM protects, an attacker must have access to the physical device, and then must find a way to spoof the user’s biometrics or guess his or her PIN—and all of this must be done before TPM anti-hammer capabilities lock the device. This sets the bar magnitudes of order higher than password phishing attacks.
-###
-
-**Windows Hello**
+### Windows Hello
Windows Hello is the name given to the new biometric sign-in option for Microsoft Passport. Because biometric authentication is built directly into the operating system, Windows Hello allows users to unlock their devices by using their face or fingerprint. From here, authentication to the devices and resources is enabled through a combination of the user’s unique biometric identifier and the device itself.
@@ -117,7 +115,7 @@ Windows Hello supports two biometric sensor options that are suitable for enterp
Windows Hello offers several major benefits. First, it addresses the problems of credential theft and sharing, because an attacker must obtain the device and impersonate the user’s biometric identity, which is more difficult than stealing a password or PIN. Second, the use of biometrics gives users an authenticator that’s always with them – there’s nothing to forget, lose, or leave behind. Instead of worrying about memorizing long, complex passwords, users can take advantage of a convenient, secure method for logging in to all their Windows devices. Finally, there’s nothing additional to deploy or manage. Because Windows Hello support is built directly into the operating system,
there are no additional drivers to deploy.
-**Brute-force attack resistance**
+### Brute-force attack resistance
A brute-force attack is the process used to break into a device simply by guessing a user’s password, PIN, or even his or her biometric identity over and over until the attacker gets it right. Over the last several versions of Windows, Microsoft has added features that dramatically reduce the chances that such an attack would succeed.
@@ -126,7 +124,7 @@ Windows 8.1 and Windows 10 support an even more powerful – but optional –
If you’re interested in learning how to configure brute-force protection, use a test Windows 10 PC on which BitLocker protection is enabled for the system drive, and then print the BitLocker recovery key to ensure that you have it available. Then, open the Local Group Policy Editor by running **gpedit.msc**, and go to Computer Configuration\\Windows Settings\\Security Settings\\Security Options. Open the policy **Interactive Login: Machine Account Lockout Threshold**, and set the value to **5**, as shown in Figure 1.
-
+
Figure 1. Set the number of invalid access attempts prior to lockout
@@ -188,92 +186,105 @@ Table 2. Data Protection in Windows 10 and Windows 7
-
+
The sections that follow describe these improvements in more detail.
-**Prepare for drive and file encryption**
+### Prepare for drive and file encryption
The best type of security measures are transparent to the user during implementation and use. Every time there is a possible delay or difficulty because of a security feature, there is strong likelihood that users will try to bypass security. This situation is especially true for data protection, and that’s a scenario that organizations need to avoid.
Whether you’re planning to encrypt entire volumes, removable devices, or individual files, Windows 10 meets your needs by providing streamlined, usable solutions. In fact, you can take several steps in advance to prepare for data encryption and make the deployment quick and smooth.
-**TPM pre-provisioning**
+#### TPM pre-provisioning
In Windows 7, preparing the TPM for use offered a couple of challenges:
-- You can turn on the TPM in the BIOS, which requires someone to either go into the BIOS settings to turn it on or to install a driver to turn it on from within Windows.
-- When you enable the TPM, it may require one or more restarts.
+
+* You can turn on the TPM in the BIOS, which requires someone to either go into the BIOS settings to turn it on or to install a driver to turn it on from within Windows.
+* When you enable the TPM, it may require one or more restarts.
+
Basically, it was a big hassle. If IT staff were provisioning new PCs, they could handle all of this, but if you wanted to add BitLocker to devices that were already in users’ hands, those users would have struggled with the technical challenges and would either call IT for support or simply leave BitLocker disabled.
+
Microsoft includes instrumentation in Windows 10 that enables the operating system to fully manage the TPM. There is no need to go into the BIOS, and all scenarios that required a restart have been eliminated.
-**Deploy hard drive encryption**
+### Deploy hard drive encryption
BitLocker is capable of encrypting entire hard drives, including both system and data drives. BitLocker pre-provisioning can drastically reduce the time required to provision new PCs with BitLocker enabled. With Windows 10, administrators can turn on BitLocker and the TPM from within the Windows Preinstallation Environment before they install Windows or as part of an automated deployment task sequence without any user interaction. Combined with Used Disk Space Only encryption and a mostly empty drive (because Windows is not yet installed), it takes only a few seconds to enable BitLocker.
With earlier versions of Windows, administrators had to enable BitLocker after Windows had been installed. Although this process could be automated, BitLocker would need to encrypt the entire drive, a process that could take anywhere from several hours to more than a day depending on drive size and performance, which significantly delayed deployment. Microsoft has improved this process through multiple features in Windows 10.
-**Device encryption**
+#### Device encryption
Beginning in Windows 8.1, Windows automatically enables BitLocker device encryption on devices that support InstantGo. With Windows 10, Microsoft offers device encryption support on a much broader range of devices, including those that are InstantGo. Microsoft expects that most devices in the future will pass the testing requirements, which makes device encryption pervasive across modern Windows devices. Device encryption further protects the system by transparently implementing device-wide data encryption.
Unlike a standard BitLocker implementation, device encryption is enabled automatically so that the device is always protected. The following list outlines how this happens:
-- When a clean installation of Windows 10 is completed and the out-of-box experience is finished, the computer is prepared for first use. As part of this preparation, device encryption is initialized on the operating system drive and fixed data drives on the computer with a clear key (this is the equivalent of standard BitLocker suspended state).
-- If the device is not domain joined, a Microsoft account that has been granted administrative privileges on the device is required. When the administrator uses a Microsoft account to sign in, the clear key is removed, a recovery key is uploaded to the online Microsoft account, and a TPM protector is created. Should a device require the recovery key, the user will be guided to use an alternate device and navigate to a recovery key access URL to retrieve the recovery key by using his or her Microsoft account credentials.
-- If the user uses a domain account to sign in, the clear key is not removed until the user joins the device to a domain and the recovery key is successfully backed up to Active Directory Domain Services (AD DS). You must enable the **Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption\\Operating System Drives** Group Policy setting, and select the **Do not enable BitLocker until recovery information is stored in AD DS for operating system drives** option. With this configuration, the recovery password is created automatically when the computer joins the domain, and then the recovery key is backed up to AD DS, the TPM protector is created, and the clear key is removed.
-- Similar to signing in with a domain account, the clear key is removed when the user logs on to an Azure AD account on the device. As described in the bullet point above, the recovery password is created automatically when the user authenticates to Azure AD. Then, the recovery key is backed up to Azure AD, the TPM protector is created, and the clear key is removed.
+
+* When a clean installation of Windows 10 is completed and the out-of-box experience is finished, the computer is prepared for first use. As part of this preparation, device encryption is initialized on the operating system drive and fixed data drives on the computer with a clear key (this is the equivalent of standard BitLocker suspended state).
+* If the device is not domain joined, a Microsoft account that has been granted administrative privileges on the device is required. When the administrator uses a Microsoft account to sign in, the clear key is removed, a recovery key is uploaded to the online Microsoft account, and a TPM protector is created. Should a device require the recovery key, the user will be guided to use an alternate device and navigate to a recovery key access URL to retrieve the recovery key by using his or her Microsoft account credentials.
+* If the user uses a domain account to sign in, the clear key is not removed until the user joins the device to a domain and the recovery key is successfully backed up to Active Directory Domain Services (AD DS). You must enable the **Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption\\Operating System Drives** Group Policy setting, and select the **Do not enable BitLocker until recovery information is stored in AD DS for operating system drives** option. With this configuration, the recovery password is created automatically when the computer joins the domain, and then the recovery key is backed up to AD DS, the TPM protector is created, and the clear key is removed.
+* Similar to signing in with a domain account, the clear key is removed when the user logs on to an Azure AD account on the device. As described in the bullet point above, the recovery password is created automatically when the user authenticates to Azure AD. Then, the recovery key is backed up to Azure AD, the TPM protector is created, and the clear key is removed.
+
Microsoft recommends that device encryption be enabled on any systems that support it, but the automatic device encryption process can be prevented by changing the following registry setting:
-- **Subkey**: HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\BitLocker
-- **Value**: PreventDeviceEncryption equal to True (1)
-- **Type**: REG\_DWORD
+- **Subkey**: HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\BitLocker
+- **Value**: PreventDeviceEncryption equal to True (1)
+- **Type**: REG\_DWORD
+
Administrators can manage domain-joined devices that have device encryption enabled through Microsoft BitLocker Administration and Monitoring (MBAM). In this case, device encryption automatically makes additional BitLocker options available. No conversion or encryption is required, and MBAM can manage the full BitLocker policy set if any configuration changes are required.
-**Used Disk Space Only encryption**
+#### Used Disk Space Only encryption
BitLocker in earlier Windows versions could take a long time to encrypt a drive, because it encrypted every byte on the volume (including parts that did not have data). That is still the most secure way to encrypt a drive, especially if a drive has previously contained confidential data that has since been moved or deleted, in which case traces of the confidential data could remain on portions of the drive marked as unused.
But why encrypt a new drive when you can simply encrypt the data as it is being written? To reduce encryption time, BitLocker in Windows 10 lets users choose to encrypt just their data. Depending on the amount of data on the drive, this option can reduce encryption time by more than 99 percent.
Exercise caution when encrypting only used space on an existing volume on which confidential data may have already been stored in an unencrypted state, however, because those sectors can be recovered through disk-recovery tools until they are overwritten by new encrypted data. In contrast, encrypting only used space on a brand-new volume can significantly decrease deployment time without the security risk because all new data will be encrypted as it is written to the disk.
-**Encrypted hard drive support**
+#### Encrypted hard drive support
SEDs have been available for years, but Microsoft couldn’t support their use with some earlier versions of Windows because the drives lacked important key management features. Microsoft worked with storage vendors to improve the hardware capabilities, and now BitLocker supports the next generation of SEDs, which are called encrypted hard drives.
Encrypted hard drives provide onboard cryptographic capabilities to encrypt data on drives, which improves both drive and system performance by offloading cryptographic calculations from the PC’s processor to the drive itself and rapidly encrypting the drive by using dedicated, purpose-built hardware. If you plan to use whole-drive encryption with Windows 10, Microsoft recommends that you investigate hard drive manufacturers and models to determine whether any of their encrypted hard drives meet your security and budget requirements.
-For more information about encrypted hard drives, see [Encrypted Hard Drive](http://go.microsoft.com/fwlink/p/?LinkId=733880).
+For more information about encrypted hard drives, see [Encrypted Hard Drive](https://go.microsoft.com/fwlink/p/?LinkId=733880).
-**Preboot information protection**
+### Preboot information protection
An effective information protection implementation, like most security controls, considers usability as well as security. Users typically prefer a simple security experience. In fact, the more transparent a security solution becomes, the more likely users are to conform to it.
It is crucial that organizations protect information on their PCs regardless of the state of the computer or the intent of users. This protection should not be cumbersome to users. One undesirable and previously commonplace situation is when the user is prompted for input during preboot, and then again during Windows logon. Challenging users for input more than once should be avoided.
Windows 10 can enable a true SSO experience from the preboot environment on modern devices and in some cases even on older devices when robust information protection configurations are in place. The TPM in isolation is able to securely protect the BitLocker encryption key while it is at rest, and it can securely unlock the operating system drive. When the key is in use and thus in memory, a combination of hardware and Windows capabilities can secure the key and prevent unauthorized access through cold-boot attacks. Although other countermeasures like PIN-based unlock are available, they are not as user-friendly; depending on the devices’ configuration they may not offer additional security when it comes to key protection. For more information about how to configure BitLocker for SSO, see [BitLocker Countermeasures](bitlocker-countermeasures.md).
-**Manage passwords and PINs**
+### Manage passwords and PINs
When BitLocker is enabled on a system drive and the PC has a TPM, you can choose to require that users type a PIN before BitLocker will unlock the drive. Such a PIN requirement can prevent an attacker who has physical access to a PC from even getting to the Windows logon, which makes it virtually impossible for the attacker to access or modify user data and system files.
+
Requiring a PIN at startup is a useful security feature because it acts as a second authentication factor (a second “something you know”). This configuration comes with some costs, however. One of the most significant is the need to change the PIN regularly. In enterprises that used BitLocker with Windows 7 and the Windows Vista operating system, users had to contact systems administrators to update their BitLocker PIN or password. This requirement not only increased management costs but made users less willing to change their BitLocker PIN or password on a regular basis.
Windows 10 users can update their BitLocker PINs and passwords themselves, without administrator credentials. Not only will this feature reduce support costs, but it could improve security, too, because it encourages users to change their PINs and passwords more often. In addition, InstantGo devices do not require a PIN for startup: They are designed to start infrequently and have other mitigations in place that further reduce the attack surface of the system.
For more information about how startup security works and the countermeasures that Windows 10 provides, see [Protect BitLocker from pre-boot attacks](protect-bitlocker-from-pre-boot-attacks.md).
-**Configure Network Unlock**
+### Configure Network Unlock
Some organizations have location-specific data security requirements. This is most common in environments where high-value data is stored on PCs. The network environment may provide crucial data protection and enforce mandatory authentication; therefore, policy states that those PCs should not leave the building or be disconnected from the corporate network. Safeguards like physical security locks and geofencing may help enforce this policy as reactive controls. Beyond these, a proactive security control that grants data access only when the PC is connected to the corporate network is necessary.
Network Unlock enables BitLocker-protected PCs to start automatically when connected to a wired corporate network on which Windows Deployment Services runs. Anytime the PC is not connected to the corporate network, a user must type a PIN to unlock the drive (if PIN-based unlock is enabled).
Network Unlock requires the following infrastructure:
-- Client PCs that have Unified Extensible Firmware Interface (UEFI) firmware version 2.3.1 or later, which supports Dynamic Host Configuration Protocol (DHCP)
-- A server running Windows Server 2012 with the Windows Deployment Services role
-- A server with the DHCP server role installed
-For more information about how to configure Network Unlock, see [BitLocker: How to enable Network Unlock](http://go.microsoft.com/fwlink/p/?LinkId=733905).
-**Microsoft BitLocker Administration and Monitoring**
-Part of the Microsoft Desktop Optimization Pack, MBAM makes it easier to manage and support BitLocker and BitLocker To Go. MBAM 2.5 with Service Pack 1, the latest version, has the following key features:
-- Enables administrators to automate the process of encrypting volumes on client computers across the enterprise.
-- Enables security officers to quickly determine the compliance state of individual computers or even of the enterprise itself.
-- Provides centralized reporting and hardware management with Microsoft System Center Configuration Manager.
-- Reduces the workload on the help desk to assist end users with BitLocker recovery requests.
-- Enables end users to recover encrypted devices independently by using the Self-Service Portal.
-- Enables security officers to easily audit access to recovery key information.
-- Empowers Windows Enterprise users to continue working anywhere with the assurance that their corporate data is protected.
-- Enforces the BitLocker encryption policy options that you set for your enterprise.
-- Integrates with existing management tools, such as System Center Configuration Manager.
-- Offers an IT-customizable recovery user experience.
-- Supports Windows 10.
-For more information about MBAM, including how to obtain it, see [Microsoft BitLocker Administration and Monitoring](http://go.microsoft.com/fwlink/p/?LinkId=626935) on the MDOP TechCenter.
+* Client PCs that have Unified Extensible Firmware Interface (UEFI) firmware version 2.3.1 or later, which supports Dynamic Host Configuration Protocol (DHCP)
+* A server running Windows Server 2012 with the Windows Deployment Services role
+* A server with the DHCP server role installed
+
+For more information about how to configure Network Unlock, see [BitLocker: How to enable Network Unlock](https://go.microsoft.com/fwlink/p/?LinkId=733905).
+
+### Microsoft BitLocker Administration and Monitoring
+
+>>>>>>> refs/remotes/origin/master
+Part of the Microsoft Desktop Optimization Pack, MBAM makes it easier to manage and support BitLocker and BitLocker To Go. MBAM 2.5 with Service Pack 1, the latest version, has the following key features:
+
+* Enables administrators to automate the process of encrypting volumes on client computers across the enterprise.
+* Enables security officers to quickly determine the compliance state of individual computers or even of the enterprise itself.
+* Provides centralized reporting and hardware management with Microsoft System Center Configuration Manager.
+* Reduces the workload on the help desk to assist end users with BitLocker recovery requests.
+* Enables end users to recover encrypted devices independently by using the Self-Service Portal.
+* Enables security officers to easily audit access to recovery key information.
+* Empowers Windows Enterprise users to continue working anywhere with the assurance that their corporate data is protected.
+* Enforces the BitLocker encryption policy options that you set for your enterprise.
+* Integrates with existing management tools, such as System Center Configuration Manager.
+* Offers an IT-customizable recovery user experience.
+* Supports Windows 10.
+
+For more information about MBAM, including how to obtain it, see [Microsoft BitLocker Administration and Monitoring](https://go.microsoft.com/fwlink/p/?LinkId=626935) on the MDOP TechCenter.
## Malware resistance
@@ -340,19 +351,21 @@ In Windows 10 and Windows Server 2016, client connections to the Active Director
This change reduces the likelihood of man-in-the-middle attacks.
- **What works differently?**
If SMB signing and mutual authentication are unavailable, a Windows 10 or Windows Server 2016 computer won’t process domain-based Group Policy and scripts.
-> **Note:** The registry values for these settings aren’t present by default, but the hardening rules still apply until overridden by Group Policy or other registry values.
+>[!NOTE]
+>The registry values for these settings aren’t present by default, but the hardening rules still apply until overridden by Group Policy or other registry values.
-For more information on these security improvements, (also referred to as UNC hardening), see [Microsoft Knowledge Base article 3000483](http://go.microsoft.com/fwlink/p/?LinkId=789216) and [MS15-011 & MS15-014: Hardening Group Policy](http://go.microsoft.com/fwlink/p/?LinkId=789215).
+For more information on these security improvements, (also referred to as UNC hardening), see [Microsoft Knowledge Base article 3000483](https://go.microsoft.com/fwlink/p/?LinkId=789216) and [MS15-011 & MS15-014: Hardening Group Policy](https://go.microsoft.com/fwlink/p/?LinkId=789215).
-**Secure hardware**
+#### Secure hardware
Although Windows 10 is designed to run on almost any hardware capable of running Windows 8, Windows 7, or Windows Vista, taking full advantage of Windows 10 security requires advancements in hardware-based security, including UEFI with Secure Boot, CPU virtualization features (for example, Intel VT-x), CPU memory-protection features (for example, Intel VT-d), TPM, and biometric sensors.
-**UEFI with Secure Boot**
+#### UEFI with Secure Boot
When a PC starts, it begins the process of loading the operating system by locating the bootloader on the PC’s hard drive. Without safeguards in place, the PC may simply hand control over to the bootloader without even determining whether it is a trusted operating system or malware.
UEFI is a standards-based solution that offers a modern-day replacement for the BIOS. In fact, it provides the same functionality as BIOS while adding security features and other advanced capabilities. Like BIOS, UEFI initializes devices, but UEFI components with the Secure Boot feature (version 2.3.1 or later) also ensure that only trusted firmware in Option ROMs, UEFI apps, and operating system bootloaders can start on the device.
+
UEFI can run internal integrity checks that verify the firmware’s digital signature before running it. Because only the PC’s hardware manufacturer has access to the digital certificate required to create a valid firmware signature, UEFI has protection from firmware bootkits. Thus, UEFI is the first link in the chain of trust.
UEFI with Secure Boot became a hardware requirement starting with Windows 8 devices. If a PC supports UEFI, it must be enabled by default. It is possible to disable the Secure Boot feature on many devices, but Microsoft strongly discourages doing so because it dramatically reduces the security of the startup process.
@@ -360,32 +373,36 @@ UEFI with Secure Boot became a hardware requirement starting with Windows 8 dev
When a PC with UEFI and Secure Boot starts, the UEFI firmware verifies the bootloader’s digital signature to verify that it has not been modified after it was digitally signed. The firmware also verifies that a trusted authority issued the bootloader’s digital signature. This check helps to ensure that the system starts only after checking that the bootloader is both trusted and unmodified since signing.
All Windows 8 certified PCs must meet several requirements related to Secure Boot:
-- They must have Secure Boot enabled by default.
-- They must trust Microsoft’s certification authority (CA) and thus any bootloader Microsoft has signed.
-- They must allow the user to add signatures and hashes to the UEFI database.
-- They must allow the user to completely disable Secure Boot (although administrators can restrict this).
+
+* They must have Secure Boot enabled by default.
+* They must trust Microsoft’s certification authority (CA) and thus any bootloader Microsoft has signed.
+* They must allow the user to add signatures and hashes to the UEFI database.
+* They must allow the user to completely disable Secure Boot (although administrators can restrict this).
This behavior doesn’t limit the choice of operating system. In fact, users typically have three options for running non-Microsoft operating systems:
-- **Use an operating system with a Microsoft-signed bootloader.** Microsoft offers a service to sign non-Microsoft bootloaders so that they can be used on the device. In this case, a signature from the Microsoft third-party UEFI
-CA is used to sign the non-Microsoft bootloader, and the signature itself is added to the UEFI database. Several non-Microsoft operating systems, including several varieties of Linux, have had their bootloaders signed by Microsoft so that they can take advantage of the Secure Boot capability. For more information about the Microsoft third-party UEFI signing policy, read [Microsoft UEFI CA Signing policy updates](http://go.microsoft.com/fwlink/p/?LinkId=626936) and [Pre-submission testing for UEFI submissions](http://go.microsoft.com/fwlink/p/?LinkId=626937).
- **Note**
- PCs configured to use Device Guard boot only a secured version of Windows and do not permit a third-party bootloader. For more information, see the [Device Guard](#device-guard) section of this document.
-
-- **Configure UEFI to trust a non–Microsoft-signed bootloader or hashes.** Some Certified For Windows 8 or later PCs allow users to add noncertified bootloaders through a signature or hashes sent to the UEFI database, which allows them to run any operating system without Microsoft signing it.
-- **Turn off Secure Boot.**Windows 8 certified PCs allow users to turn off Secure Boot so they can run unsigned operating systems. In this mode, the behavior is identical to PCs that have BIOS: The PC simply runs the bootloader without any verification. Microsoft strongly recommends that Secure Boot remain enabled whenever the device starts so that it can help prevent bootkit infections.
+- **Use an operating system with a Microsoft-signed bootloader.** Microsoft offers a service to sign non-Microsoft bootloaders so that they can be used on the device. In this case, a signature from the Microsoft third-party UEFI
+CA is used to sign the non-Microsoft bootloader, and the signature itself is added to the UEFI database. Several non-Microsoft operating systems, including several varieties of Linux, have had their bootloaders signed by Microsoft so that they can take advantage of the Secure Boot capability. For more information about the Microsoft third-party UEFI signing policy, read [Microsoft UEFI CA Signing policy updates](https://go.microsoft.com/fwlink/p/?LinkId=626936) and [Pre-submission testing for UEFI submissions](https://go.microsoft.com/fwlink/p/?LinkId=626937).
- **Note**
- With Windows 10, original equipment manufacturers (OEMs) have the ability to ship built-to-order PCs that lock down UEFI Secure Boot so that it cannot be disabled and allows only the operating system of the customer’s choice to start on the device.
+ >[!NOTE]
+ >PCs configured to use Device Guard boot only a secured version of Windows and do not permit a third-party bootloader. For more information, see the [Device Guard](#device-guard) section of this document.
-Windows, apps, and even malware cannot change the UEFI configuration. Instead, users must be physically present to manually boot a PC into a UEFI shell, and then change UEFI firmware settings. For more information about UEFI Secure Boot, read [Protecting the pre-OS environment with UEFI](http://go.microsoft.com/fwlink/p/?LinkId=626938).
-**Virtualization-based security**
+- **Configure UEFI to trust a non–Microsoft-signed bootloader or hashes.** Some Certified For Windows 8 or later PCs allow users to add noncertified bootloaders through a signature or hashes sent to the UEFI database, which allows them to run any operating system without Microsoft signing it.
+- **Turn off Secure Boot.**Windows 8 certified PCs allow users to turn off Secure Boot so they can run unsigned operating systems. In this mode, the behavior is identical to PCs that have BIOS: The PC simply runs the bootloader without any verification. Microsoft strongly recommends that Secure Boot remain enabled whenever the device starts so that it can help prevent bootkit infections.
+
+>[!NOTE]
+>With Windows 10, original equipment manufacturers (OEMs) have the ability to ship built-to-order PCs that lock down UEFI Secure Boot so that it cannot be disabled and allows only the operating system of the customer’s choice to start on the device.
+
+Windows, apps, and even malware cannot change the UEFI configuration. Instead, users must be physically present to manually boot a PC into a UEFI shell, and then change UEFI firmware settings. For more information about UEFI Secure Boot, read [Protecting the pre-OS environment with UEFI](https://go.microsoft.com/fwlink/p/?LinkId=626938).
+
+#### Virtualization-based security
One of the most powerful changes to Windows 10 is virtual-based security. Virtual-based security (VBS) takes advantage of advances in PC virtualization to change the game when it comes to protecting system components from compromise. VBS is able to isolate some of the most sensitive security components of Windows 10. These security components aren’t just isolated through application programming interface (API) restrictions or a middle-layer: They actually run in a different virtual environment and are isolated from the Windows 10 operating system itself.
VBS and the isolation it provides is accomplished through the novel use of the Hyper V hypervisor. In this case, instead of running other operating systems on top of the hypervisor as virtual guests, the hypervisor supports running the VBS environment in parallel with Windows and enforces a tightly limited set of interactions and access between the environments.
Think of the VBS environment as a miniature operating system: It has its own kernel and processes. Unlike Windows, however, the VBS environment runs a micro-kernel and only two processes called trustlets:
+
- **Local Security Authority (LSA)** enforces Windows authentication and authorization policies. LSA is a well-known security component that has been part of Windows since 1993. Sensitive portions of LSA are isolated within the VBS environment and are protected by a new feature called Credential Guard.
- **Hypervisor-enforced code integrity** verifies the integrity of kernel-mode code prior to execution. This is a part of the [Device Guard](#device-guard) feature described later in this document.
VBS provides two major improvements in Windows 10 security: a new trust boundary between key Windows system components and a secure execution environment within which they run. A trust boundary between key Windows system components is enabled though the VBS environment’s use of platform virtualization to isolate the VBS environment from the Windows operating system. Running the VBS environment and Windows operating system as guests on top of Hyper-V and the processor’s virtualization extensions inherently prevents the guests from interacting with each other outside the limited and highly structured communication channels between the trustlets within the VBS environment and Windows operating system.
@@ -394,23 +411,25 @@ VBS acts as a secure execution environment because the architecture inherently p
The VBS architecture is illustrated in Figure 2.
-
+
Figure 2. The VBS architecture
Note that VBS requires a system that includes:
-- Windows 10 Enterprise Edition
-- A-64-bit processor
-- UEFI with Secure Boot
-- Second-Level Address Translation (SLAT) technologies (for example, Intel Extended Page Tables \[EPT\], AMD Rapid Virtualization Indexing \[RVI\])
-- Virtualization extensions (for example, Intel VT-x, AMD RVI)
-- I/O memory management unit (IOMMU) chipset virtualization (Intel VT-d or AMD-Vi)
-- TPM 2.0
-**Trusted Platform Module**
+* Windows 10 Enterprise Edition
+* A 64-bit processor
+* UEFI with Secure Boot
+* Second-Level Address Translation (SLAT) technologies (for example, Intel Extended Page Tables \[EPT\], AMD Rapid Virtualization Indexing \[RVI\])
+* Virtualization extensions (for example, Intel VT-x, AMD RVI)
+* I/O memory management unit (IOMMU) chipset virtualization (Intel VT-d or AMD-Vi)
+* TPM 2.0
+
+#### Trusted Platform Module
A TPM is a tamper-resistant cryptographic module designed to enhance the security and privacy of computing platforms. The TPM is incorporated as a component in a trusted computing platform like a personal computer, tablet, or phone. The computing platform is specially designed to work with the TPM to support privacy and security scenarios that cannot be achieved through software alone. A proper implementation of a TPM as part of a trusted computing platform provides a hardware root of trust, meaning that the hardware behaves in a trusted way. For example, a key created in a TPM with the property that it can never be exported from the TPM really means the key cannot leave the TPM. The close integration of a TPM with a platform increases the transparency of the boot process and supports device health scenarios by enabling reliable report of the software used to start a platform.
The functionality a TPM provides includes:
+
- **Cryptographic key management.** Create, store, and permit the use of keys in defined ways.
- **Safeguarding and reporting integrity measurements.** Software used to boot the platform can be recorded in the TPM and used to establish trust in the software running on the platform.
- **Prove a TPM is really a TPM.** The TPM’s capabilities are so central to protecting privacy and security that a TPM needs to be able to differentiate itself from malware that masquerades as a TPM.
@@ -418,95 +437,112 @@ The functionality a TPM provides includes:
Microsoft combined this small list of TPM benefits with Windows 10 and other hardware security technologies to provide practical security and privacy benefits.
Among other functions, Windows 10 uses the TPM to protect the encryption keys for BitLocker volumes, virtual smart cards, certificates, and the many other keys that the TPM is used to generate. Windows 10 also uses the TPM to securely record and protect integrity-related measurements of select hardware and Windows boot components for the [Measured Boot](#measure-boot) feature described later in this document. In this scenario, Measured Boot measures each component, from firmware up through the drivers, and then stores those measurements in the PC’s TPM. From there, you can test the measurement log remotely so that a separate system verifies the boot state of the Windows 10 PC.
+
Windows 10 supports TPM implementations that comply with either the 1.2 or 2.0 standards. Several improvements have been made in the TPM 2.0 standard, the most notable of which is cryptographic agility. TPM 1.2 is restricted to a fixed set of encryption and hash algorithms. At the time the TPM 1.2 standard was created in the early 2000s, these algorithms were considered cryptographically strong. Since that time, advances in cryptographic algorithms and cryptanalysis attacks have increased expectations for stronger cryptography. TPM 2.0 supports additional algorithms that offer stronger cryptographic protection as well as the ability to plug in algorithms that may be preferred in certain geographies or industries. It also opens the possibility for inclusion of future algorithms without changing the TPM component itself.
TPM is usually assumed to be implanted in hardware on a motherboard as a discrete module, but TPM can also be effective when implemented in firmware. Windows 10 supports both discrete and firmware TPM that complies with the 2.0 standard (1.2 can only be discrete). Windows does not differentiate between discrete and firmware-based solutions because they must meet the same requirements; therefore, any Windows feature that can take advantage of TPM can use either implementation.
-**Note**
-Microsoft will not initially require new Windows 10 PCs to include TPM support. Microsoft will require systems to include a TPM 2.0 beginning one year from the launch of Windows 10, however, to give manufacturers enough time to incorporate this critical functionality and to give IT pros enough time to determine which benefits they will leverage.
+>[!NOTE]
+>Microsoft will not initially require new Windows 10 PCs to include TPM support. Microsoft will require systems to include a TPM 2.0 beginning one year from the launch of Windows 10, however, to give manufacturers enough time to incorporate this critical functionality and to give IT pros enough time to determine which benefits they will leverage.
Several Windows 10 security features require TPM:
-- Virtual smart cards
-- Measured Boot
-- Health attestation (requires TPM 2.0 or later)
-- InstantGo (requires TPM 2.0 or later)
+* Virtual smart cards
+* Measured Boot
+* Health attestation (requires TPM 2.0 or later)
+* InstantGo (requires TPM 2.0 or later)
Other Windows 10 security features like BitLocker may take advantage of TPM if it is available but do not require it to work. An example of this is Microsoft Passport.
All of these features are covered in this document.
-**Biometrics**
+#### Biometrics
You read in the [Windows Hello](#windows-hello) section of this document that Windows 10 has built-in support for biometric hardware. Windows has included some amount of built-in biometric support since the Windows XP operating system, so what’s different about this in Windows 10?
+
Windows 10 makes biometrics a core security feature. Biometrics is fully integrated into the Windows 10 security components, not just tacked on as an extra part of a larger scheme. This is a big change. Earlier biometric implementations were largely front-end methods to simplify authentication. Under the hood, biometrics was used to access a password, which was then used for authentication behind the scenes. Biometrics may have provided convenience but not necessarily enterprise-grade authentication.
+
Microsoft has evangelized the importance of enterprise-grade biometric sensors to the OEMs that create Windows PCs and peripherals. Many OEMs already ship systems that have integrated fingerprint sensors and are transitioning from swipe-based to touch-based sensors. Facial-recognition sensors were already available when Windows 10 launched and are becoming more commonplace as integrated system components.
+
In the future, Microsoft expects OEMs to produce even more enterprise-grade biometric sensors and to continue to integrate them into systems as well as provide separate peripherals. As a result, biometrics will become a commonplace authentication method as part of an MFA system.
-**Secure Windows startup**
+#### Secure Windows startup
UEFI Secure Boot uses hardware technologies to help protect users from bootkits. Secure Boot can validate the integrity of the devices, firmware, and bootloader. After the bootloader launches, users must rely on the operating system to protect the integrity of the remainder of the system.
-**Trusted Boot**
+#### Trusted Boot
When UEFI Secure Boot verifies that the bootloader is trusted and starts Windows, the Windows Trusted Boot feature protects the rest of the startup process by verifying that all Windows startup components are trustworthy (for example, signed by a trusted source) and have integrity. The bootloader verifies the digital signature of the Windows kernel before loading it. The Windows kernel, in turn, verifies every other component of the Windows startup process, including the boot drivers, startup files, and ELAM component.
+
If a file has been modified (for example, if malware has tampered with it or it has been corrupted), Trusted Boot will detect the problem and automatically repair the corrupted component. When repaired, Windows will start normally after only a brief delay.
-**Early Launch Antimalware**
+#### Early Launch Antimalware
Malware that targeted previous versions of Windows often attempted to start before the antimalware solution. To do this, some types of malware would update or replace a non-Microsoft–related driver that starts during the Windows startup process. The malicious driver would then use its system access privileges to modify critical parts of the system and disguise its presence so it could not be detected when the antimalware solution later started.
+
Early Launch Antimalware (ELAM) is part of the Trusted Boot feature set and is designed to enable the antimalware solution to start before all non-Microsoft drivers and apps. ELAM checks the integrity of non-Microsoft drivers to determine whether the drivers are trustworthy. Because Windows needs to start as fast as possible, ELAM cannot be a complicated process of checking the driver files against known malware signatures; doing so would delay startup too much. Instead, ELAM has the simple task of examining every boot driver and determining whether it is on the list of trusted drivers. If malware modifies a boot-related driver, ELAM will detect the change, and Windows will prevent the driver from starting, thus blocking driver-based rootkits. ELAM also allows the registered antimalware provider to scan drivers that are loaded after the boot process is complete.
+
The design is simple but effective. ELAM is a component of a full-featured antimalware solution, and it helps prevent malicious drivers and apps from starting before the rest of the antimalware solution starts later during the boot process. Indeed, ELAM runs only for a few seconds each time a PC starts. Windows Defender in Windows 10 supports ELAM, as does Microsoft System Center 2012 Endpoint Protection and several non-Microsoft antimalware apps.
+
If you want to learn how to configure ELAM, you can use Group Policy settings to configure how ELAM responds to potentially malicious boot drivers. In the Group Policy Management Editor, go to Computer Configuration\\Administrative Templates\\System\\Early Launch Antimalware, and enable the **Boot-Start Driver Initialization Policy** setting. Now, you can select which driver classifications ELAM loads. When you select the **Good Only** setting, it provides the highest level of security, but test it thoroughly to ensure that it does not prevent users with healthy PCs from starting.
-###
-
-**Measured Boot**
+#### Measured Boot
The biggest challenge with rootkits and bootkits in earlier versions of Windows is that they can frequently be undetectable to the client. Because they often start before Windows defenses and the antimalware solution and they have system-level privileges, rootkits and bootkits can completely disguise themselves while continuing to access system resources. Although UEFI Secure Boot and Trusted Boot can prevent most rootkits and bootkits, intruders could still potentially exploit a few attack vectors (for example, if UEFI with Secure Boot is disabled or if the signature used to sign a boot component, such as a non-Microsoft driver, has been compromised and is used to sign a malicious one).
+
Windows 10 implements the Measured Boot feature, which uses the TPM hardware component built into newer PCs to record a series of measurements for critical startup-related components, including firmware, Windows boot components, drivers, and even the ELAM driver. Because Measured Boot leverages the hardware-based security capabilities of TPM, which isolates and protects the measurement data from malware attacks, the log data is well protected against even sophisticated attacks.
Measured Boot focuses on acquiring the measurement data and protecting it from tampering. It must be coupled with a service that can analyze the data to determine device health and provide a more complete security service. The next section introduces just such a service.
-**Verify device compliance for conditional access to corporate resources**
+#### Verify device compliance for conditional access to corporate resources
Measured Boot itself does not prevent malware from loading during the startup process – that is the job of Secure Boot, Device Guard, and ELAM. Instead, Measured Boot provides a TPM-protected audit log that allows a trusted remote health attestation service to evaluate the PC’s startup components, state, and overall configuration. If the health attestation service detects that the PC loaded an untrustworthy component and is therefore out of compliance, the service can block the PC’s access to specific network resources or the entire network. You can even couple a health attestation service with a management system to facilitate conditional access capabilities that can initiate the quarantine and remediation processes to fix an infected PC and return it to a compliant state.
-
+
Figure 3. Health Attestation in Windows 10
Figure 3 illustrates the following process for device compliance verification and conditional access implementation:
1. The PC uses the TPM to record measurements of the bootloader, boot drivers, and ELAM driver. The TPM prevents anyone from tampering with these measurements, so even if malware is successfully loaded, it will not be able to modify the measurements. These measurements are signed with an Attestation Identity Key (AIK) that is stored in the TPM. Because the TPM hardware has signed the measurements, malware cannot modify them without being detected.
+
2. Health Attestation is not enabled by default and requires an enrollment with a mobile device management (MDM) server in order to enable it. If it is enabled, the health attestation client will contact a remote server, called a health attestation server. Microsoft provides a cloud-based Windows Health Attestation service that can help evaluate the health of a device. The health attestation client sends the signed measurements, the device’s TPM boot log, and an AIK certificate (if present), which lets the health attestation server verify that the key used to sign the measurements was issued to a trusted TPM.
+
3. The health attestation server analyzes the measurements and boot log and creates a statement of device health. This statement is encrypted to help ensure the confidentiality of the data.
+
4. A management system, such as an MDM server, can request that an enrolled device present a statement of device health. Windows 10 supports both Microsoft and non-Microsoft MDM server requests for device health. To prevent theft of device health statements and reuse from other devices, an MDM server sends the enrolled device a “number used only once” (nonce) request along with this request for the device health statement.
+
5. The enrolled device digitally signs the nonce with its AIK (which is stored in the TPM) and sends the MDM server the encrypted statement of device health, the digitally signed nonce, and a signed boot counter, which asserts that the device has not been restarted since it obtained the statement of health.
+
6. The MDM server can send the same data to the health attestation server. The server decrypts the statement of health, asserts that the boot counter in the statement matches the boot counter that was sent to the MDM server, and compiles a list of health attributes.
+
7. The health attestation server sends this list of health attributes back to the MDM server. The MDM server now enforces access and compliance policies if configured to do so.
+
For a list of data points that the health attestation server verifies, along with a description of the data, see the [HealthAttestation CSP article on MSDN](http://go.microsoft.com/fwlink/p/?LinkId=626940).
+
The management system’s implementation determines which attributes within the statement of device health are evaluated when assessing a device’s health. Broadly speaking, the management server receives information about how the device booted, what kind of policy is enforced on the device, and how data on the device is secured. Depending on the implementation, the management server may add checks that go beyond what the statement of device health provides—for example, Windows patch level and other device attributes.
+
Based on these data points, the management server can determine whether the client is healthy and grant it access to either a limited quarantine network or to the full network. Individual network resources, such as servers, can also grant or deny access based on whether the remote attestation client were able to retrieve a valid health certification from the remote attestation server.
+
Because this solution can detect and prevent low-level malware that may be extremely difficult to detect any other way, Microsoft recommends that you consider the implementation of a management system, like Microsoft Intune, or any management solutions that take advantage of the Windows 10 cloud-based Health Attestation Server feature to detect and block devices that have been infected with advanced malware from network resources.
-## Secure the Windows core
+### Secure the Windows core
Applications built for Windows are designed to be secure and free of defects, but the reality is that as long as human beings are writing code, vulnerabilities will continue to crop up. When identified, malicious users and software may attempt to exploit vulnerabilities by manipulating data in memory in the hope that they can bootstrap a successful exploit.
+
To mitigate these risks, Windows 10 includes core improvements to make it more difficult for malware to perform buffer overflow, heap spraying, and other low-level attacks and even which code is allowed to run on the PC. In addition, these improvements dramatically reduce the likelihood that newly discovered vulnerabilities result in a successful exploit. It takes detailed knowledge of operating system architecture and malware exploit techniques to fully appreciate the impact of these improvements, but the sections that follow explain them at a high level.
-###
-
-**Device Guard**
+#### Device Guard
Today’s security threat landscape is more aggressive than ever before. Modern malicious attacks are focused on revenue generation, intellectual property theft, and targeted system degradation resulting in financial loss. Many of these nefarious attackers are sponsored by nation states that have ulterior motives and large cyber-terrorism budgets. These threats can enter a company through something as simple as an email and can permanently damage the organization’s reputation for securing employee and customer data and intellectual property, not to mention having a significant financial impact. The Windows 10 operating system introduces several new security features that help mitigate a large percentage of today’s known threats.
It is estimated that more than 300,000 new malware variants are discovered daily. Unfortunately, companies currently use an ancient method to discover this infectious software and prevent its use. In fact, current PCs trust everything that runs until antimalware signatures determine whether a threat exists; then, the antimalware software attempts to clean the PC, often after the malicious software’s effect has already occurred. This signature-based system focuses on reacting to an infection and then ensuring that that particular infection does not happen again. In this model, the system that drives malware detection relies on the discovery of malicious software; only then can a signature be provided to the client to remediate it, which implies that a computer has often already been infected. The time between detection of the malware and a client being issued a signature could mean the difference between losing data and staying safe.
In addition to antimalware solutions, “app control” or “whitelisting” technologies are available, including AppLocker. These perform single-instance or blanket allow or deny rules for running applications. In Windows 10, these types of solutions are most effective when deployed alongside the Windows 10 Device Guard feature.
+
Device Guard breaks the current model of detection first-block later and allows only trusted applications to run, period. This methodology is consistent with the successful prevention strategy for mobile phone security. With Device Guard, Microsoft has changed how the Windows operating system handles untrusted applications, which makes its defenses difficult for malware to penetrate. This new prevention versus detection model will provide Windows clients with the necessary security for modern threats and, when implemented, mitigates many of today’s threats from day one.
-**Device Guard overview**
+#### Device Guard overview
Device Guard is a feature set that consists of both hardware and software system integrity hardening features. These features revolutionize the Windows operating system’s security by taking advantage of new VBS options to protect the system core and the processes and drivers running in kernel mode—the trust-nothing model you see in mobile device operating systems. A key feature used with Device Guard is *configurable code integrity*, which allows your organization to choose exactly which software from trusted software publishers is allowed to run code on your client machines—exactly what has made mobile phone security on some platforms, such as Windows Mobile, so successful. Trusted applications are those signed directly (in other words, binaries) or indirectly by using a signed file that lists the hash values for application binaries that are considered trustworthy. In addition, Device Guard offers organizations a way to sign existing LOB applications so that they can trust their own code without the requirement that the application be rebuilt or packaged. Also, this same method of signing can provide organizations a way to trust non-Microsoft applications, including those that may not have been signed directly. Device Guard with configurable code integrity, Credential Guard, and AppLocker present the most complete security defense that any Microsoft product has ever been able to offer a Windows client.
@@ -526,7 +562,7 @@ To deliver this additional security, Device Guard has the following hardware and
Along with these new features, some components of Device Guard are existing tools or technologies that have been included in this strategic security offering to provide customers with the most secure Windows operating system possible. Device Guard is intended as a set of client security features to be used in conjunction with the other threat-resistance features available in the Windows operating system, some of which are mentioned in this guide.
-**Configurable code integrity**
+#### Configurable code integrity
The Windows operating system consists of two operating modes: user mode and kernel mode. The base of the operating system runs within the kernel mode, which is where the Windows operating system directly interfaces with hardware resources. User mode is primarily responsible for running applications and brokering information to and from the kernel mode for hardware resource requests. For example, when an application running in user mode needs additional memory, the user mode process must request the resources from the kernel, not directly from RAM.
@@ -534,33 +570,32 @@ Code integrity is the component of the Windows operating system that verifies th
Historically, most malware has been unsigned. Simply by deploying code integrity policies, organizations will immediately protect themselves against unsigned malware, which is estimated to be responsible for the vast majority of current attacks. By using code integrity policies, an enterprise can also select exactly which binaries are allowed to run in both user mode and kernel mode based on the signer, binary hash, or both. When completely enforced, it makes user mode in Windows function like some mobile platforms, trusting and running only specific applications or specific signatures. This feature alone fundamentally changes security in an enterprise. This additional security is *not* limited to Windows apps and does *not* require an application rewrite to be compatible with your existing and possibly unsigned applications. You can run configurable code integrity independent of Device Guard, thus making it available to devices that don’t meet Device Guard hardware requirements.
-**Hardware security features and VBS**
+#### Hardware security features and VBS
The core functionality and protection of Device Guard starts at the hardware level. Devices that have processors equipped with SLAT technologies and virtualization extensions, such as Intel VT x and AMD V, will be able to take advantage of a VBS environment that dramatically enhances Windows security by isolating critical Windows services from the operating system itself. This isolation is necessary, because you must assume that the operating system kernel will be compromised, and you need assurance that some processes will remain secure.
-Device Guard leverages VBS to isolate its Hypervisor Code Integrity (HVCI) service, which enables Device Guard to help protect kernel mode processes and drivers from vulnerability exploits and zero days. HVCI uses the processor’s IOMMU functionality to force all software running in kernel mode to safely allocate memory. This means that after memory has been allocated, its state must be changed from writable to read only or execute only. By forcing memory into these states, it helps ensure that attacks are unable to inject malicious code into kernel mode processes and drivers through techniques such as buffer overruns or heap spraying. In the end, the VBS environment protects the Device Guard HVCI service from tampering even if the operating system’s kernel has been fully compromised, and HVCI protects kernel mode processes and drivers so that a compromise of this magnitude can’t happen in the first place.
+Device Guard leverages VBS to isolate its Hypervisor Code Integrity (HVCI) service, which enables Device Guard to help protect kernel mode processes and drivers from vulnerability exploits and zero days. HVCI uses the processor’s IOMMU functionality to force all software running in kernel mode to safely allocate memory. This means that after memory has been allocated, its state must be changed from writable to read only or execute only. By forcing memory into these states, it helps ensure that attacks are unable to inject malicious code into kernel mode processes and drivers through techniques such as buffer overruns or heap spraying. In the end, the VBS environment protects the Device Guard HVCI service from tampering even if the operating system’s kernel has been fully compromised, and HVCI protects kernel mode processes and drivers so that a compromise of this magnitude can't happen in the first place.
+
Another Windows 10 feature that employs VBS is Credential Guard. Credential Guard protects credentials by running the Windows authentication service known as LSA, and then storing the user’s derived credentials (for example, NTLM hashes; Kerberos tickets) within the same VBS environment that Device Guard uses to protect its HVCI service. By isolating the LSA service and the user’s derived credentials from both user mode and kernel mode, an attacker that has compromised the operating system core will still be unable to tamper with authentication or access derived credential data. Credential Guard prevents pass-the-hash and ticket types of attacks, which are central to the success of nearly every major network breach you’ve read about, which makes Credential Guard one of the most impactful and important features to deploy within your environment. For more information about how Credential Guard complements Device Guard, see the [Device Guard with Credential Guard](#dgwithcg) section.
-**Device Guard with AppLocker**
+#### Device Guard with AppLocker
Although AppLocker is not considered a new Device Guard feature, you can use it to complement configurable code integrity functionality when enforced code integrity cannot be fully implemented or its functionality does not cover every desired scenario. There are many scenarios in which you could use code integrity policies alongside AppLocker rules. As a best practice, enforce code integrity policies at the most restrictive level possible for your organization, and then use AppLocker to fine-tune the restrictions to an even lower level.
-**Note**
-One example in which Device Guard functionality needs AppLocker supplementation is when your organization would like to limit which universal applications from the Windows Store users can install on a device. Microsoft has already validated universal applications from the Windows Store as trustworthy to run, but an organization may not want to allow specific universal applications to run in its environment. You could use an AppLocker rule to enforce such a stance.
+>[!NOTE]
+>One example in which Device Guard functionality needs AppLocker supplementation is when your organization would like to limit which universal applications from the Windows Store users can install on a device. Microsoft has already validated universal applications from the Windows Store as trustworthy to run, but an organization may not want to allow specific universal applications to run in its environment. You could use an AppLocker rule to enforce such a stance.
In another example, you could enable a configurable code integrity policy to allow users to run all the apps from a specific publisher. To do so, you would add the publisher’s signature to the policy. If your organization decides that only specific apps from that publisher should be allowed to run, you would add the signature for the publisher to the configurable code integrity policy, and then use AppLocker to determine which specific apps can run.
AppLocker and Device Guard can run side-by-side in your organization, which offers the best of both security features at the same time and provides the most comprehensive security to as many devices as possible. In addition to these features, Microsoft recommends that you continue to maintain an enterprise antivirus solution for a well-rounded enterprise security portfolio.
-###
-
-**Device Guard with Credential Guard**
+#### Device Guard with Credential Guard
Although Credential Guard isn’t a feature within Device Guard, many organizations will likely deploy Credential Guard alongside Device Guard for additional protection against derived credential theft. Similar to virtualization-based protection of kernel mode through the Device Guard HVCI service, Credential Guard leverages hypervisor technology to protect the Windows authentication service (the LSA) and users’ derived credentials. This mitigation is targeted at preventing the use of pass-the-hash and pass-the-ticket techniques.
Because Credential Guard uses VBS, it is decisive in its ability to prevent pass-the-hash and pass-the-ticket attacks from occurring on Windows 10 devices. Microsoft recognizes, however, that most organizations will have a blend of Windows versions running in their environments. Mitigations for devices not capable of running Credential Guard on both the client side and the server side are available to help with this scenario. Microsoft will be releasing details to TechNet regarding these additional mitigations in the near future.
-**Unified manageability through Device Guard**
+#### Unified manageability through Device Guard
You can easily manage Device Guard features through the familiar enterprise and client-management tools that IT pros use every day. Use the following management tools to enable and manage Device Guard:
- **Group Policy.**Windows 10 provides an administrative template that you can use to configure and deploy the configurable code integrity policies for your organization. This template also allows you to specify which hardware-based security features you would like to enable and deploy. You can manage these settings with your existing Group Policy objects, which makes it simple to implement Device Guard features. In addition to the code integrity and hardware-based security features, Group Policy can help you manage your catalog files.
@@ -569,19 +604,19 @@ You can easily manage Device Guard features through the familiar enterprise and
- **Windows PowerShell.** You use Windows PowerShell primarily to create and service code integrity policies. These policies represent the most impactful component of Device Guard.
These options provide the same experience you’re used to for management of your existing enterprise management solutions.
-**Address Space Layout Randomization**
+#### Address Space Layout Randomization
One of the most common techniques used to gain access to a system is to find a vulnerability in a privileged process that is already running, guess or find a location in memory where important system code and data have been placed, and then overwrite that information with a malicious payload. In the early days of operating systems, any malware that could write directly to the system memory could do such a thing; the malware would simply overwrite system memory in well-known and predictable locations.
Address Space Layout Randomization (ASLR) makes that type of attack much more difficult because it randomizes how and where important data is stored in memory. With ASLR, it is more difficult for malware to find the specific location it needs to attack. Figure 4 illustrates how ASLR works by showing how the locations of different critical Windows components can change in memory between restarts.
-
+
Figure 4. ASLR at work
Although the ASLR implementation in Windows 7 was effective, it wasn’t applied holistically across the operating system, and the level of entropy (cryptographic randomization) wasn’t always at the highest possible level. To decrease the likelihood that sophisticated attacks such as heap spraying could succeed in the Windows 8 operating system, Microsoft applied ASLR holistically across the system and increased the level of entropy many times.
The ASLR implementation in Windows 8 and Windows 10 is greatly improved over Windows 7, especially with 64-bit system and application processes that can take advantage of a vastly increased memory space, which makes it even more difficult for malware to predict where Windows 10 stores vital data. When used on systems that have TPMs, ASLR memory randomization will be increasingly unique across devices, which makes it even more difficult for a successful exploit that works on one system to work reliably on another.
-**Data Execution Prevention**
+#### Data Execution Prevention
Malware depends on its ability to put a malicious payload into memory with the hope that it will be executed later, and ASLR will make that much more difficult. Wouldn’t it be great if you could prevent malware from running if it wrote to an area that has been allocated solely for the storage of information?
@@ -598,11 +633,11 @@ If you want to see which apps use DEP, complete these steps:
You can now see which processes have DEP enabled. Figure 5 shows the processes running on a Windows 10 PC with a single process that does not support DEP.
-
+
Figure 5. Processes on which DEP has been enabled in Windows 10
-**Windows Heap**
+#### Windows Heap
The *heap* is a location in memory that Windows uses to store dynamic application data. Windows 10 continues to improve on earlier Windows heap designs by further mitigating the risk of heap exploits that could be used as part of an attack.
@@ -613,17 +648,19 @@ Windows 10 has several important improvements to the security of the heap over
Windows 10 resolves known heap attacks that could be used to compromise a PC running previous versions of Windows.
-**Memory reservations**
+#### Memory reservations
The lowest 64 KB of process memory is reserved for the system. Apps are no longer allowed to allocate that portion of the memory, which makes it more difficult for malware to overwrite critical system data structures in memory.
-**Control Flow Guard**
+#### Control Flow Guard
When applications are loaded into memory, they are allocated space based on the size of the code, requested memory, and other factors. When an application begins to execute code, it calls additional code located in other memory addresses. The relationships between the code locations are well known—they are written in the code itself—but previous to Windows 10, the flow between these locations was not enforced, which gives attackers the opportunity to change the flow to meet their needs. In other words, an application exploit takes advantage of this behavior by running code that the application may not typically run.
+
This kind of threat is mitigated in Windows 10 through the Control Flow Guard (CFG) feature. When a trusted application that was compiled to use CFG calls code, CFG verifies that the code location called is trusted for execution. If the location is not trusted, the application is immediately terminated as a potential security risk.
+
An administrator cannot configure CFG; rather, an application developer can take advantage of CFG by configuring it when the application is compiled. Administrators should consider asking application developers and software vendors to deliver trustworthy Windows applications compiled with CFG enabled. Of course, browsers are a key entry point for attacks; thus Microsoft Edge, IE, and other Windows features take full advantage of CFG.
-**Protected Processes**
+#### Protected Processes
Benjamin Franklin once said that "an ounce of prevention is worth a pound of cure." His wisdom directly applies to PC security. Most security controls are designed to prevent the initial infection point. The reasoning is that if malware cannot infect the system, the system is immune to malware.
@@ -633,12 +670,12 @@ The key security scenario is to assume that malware is running on a system but l
With Protected Processes, Windows 10 prevents untrusted processes from interacting or tampering with those that have been specially signed. Protected Processes defines levels of trust for processes. Less trusted processes are prevented from interacting with and therefore attacking more trusted processes. Windows 10 uses Protected Processes more broadly across the operating system, and for the first time, you can put antimalware solutions into the protected process space, which helps make the system and antimalware solutions less susceptible to tampering by malware that does manage to get on the system.
-## Secure the Windows desktop
+### Secure the Windows desktop
Windows 10 includes critical improvements to the Windows core and the desktop environment, where attacks and malware most frequently enter. The desktop environment is now more resistant to malware thanks to significant improvements to Windows Defender and SmartScreen Filters. Internet browsing is a safer experience because of Microsoft Edge, a completely new browser. The Windows Store reduces the likelihood that malware will infect devices by ensuring that all applications that enter the Windows Store ecosystem have been thoroughly reviewed before being made available. Universal Windows apps are inherently more secure than typical applications because they are sandboxed. Sandboxing restricts the application’s risk of being compromised or tampered with in a way that would put the system, data, and other applications at risk.
The sections that follow describe Windows 10 improvements to application security in more detail.
-**Microsoft Edge and Internet Explorer 11**
+### Microsoft Edge and Internet Explorer 11
Browser security is a critical component of any security strategy, and for good reason: The browser is the user’s interface to the Internet, an environment that is quite literally overwhelmed with malicious sites and content waiting to attack. Most users cannot perform at least part of their job without a browser, and many users are completely reliant on one. This reality has made the browser the number one pathway from which malicious hackers initiate their attacks.
@@ -653,45 +690,49 @@ Microsoft includes an entirely new browser, Microsoft Edge, in Windows 10. Micr
In addition to Microsoft Edge, Microsoft includes IE11 in Windows 10 primarily for backwards-compatibility with websites and binary extensions that do not work with Microsoft Edge. It should not be configured as the primary browser but rather as an optional or automatic switchover, as shown in Figure 6.
-
+
Figure 6. Configure Windows 10 to switch from Microsoft Edge to IE11 for backwards-compatibility.
Microsoft’s recommendation is to use Microsoft Edge as the primary web browser because it provides compatibility with the modern web and the best possible security. For sites that require IE11 compatibility, including those that require binary extensions and plug ins, enable Enterprise mode and use the Enterprise Mode Site List to define which sites have the dependency. When configured, when users use Microsoft Edge and it identifies a site that requires IE11, they will automatically be switched to IE11.
-**The SmartScreen Filter**
+### The SmartScreen Filter
Recent versions of Windows have many effective techniques to prevent malware from installing itself without the user’s knowledge. To work around those restrictions, malware attacks often use social engineering techniques to trick users into running software. For example, malware known as a Trojan horse pretends to be something useful, such as a utility, but carries an additional, malicious payload.
+
Starting with Windows Internet Explorer 8, the SmartScreen Filter has helped protect users from both malicious applications and nefarious websites by using the SmartScreen Filter’s application and URL reputation services. The SmartScreen Filter in Internet Explorer would check URLs and newly downloaded apps against an online reputation service that Microsoft maintained. If the app or URL were not known to be safe, SmartScreen Filter would warn the user or even prevent the app or URL from loading, depending on how systems administrators had configured Group Policy settings.
+
For Windows 10, Microsoft further developed the SmartScreen Filter by integrating its app reputation abilities into the operating system itself, which allows the filter to protect users regardless of the web browser they are using or the path that the app uses to arrive on the device (for example, email, USB flash drive). The first time a user runs an app that originates from the Internet, even if the user copied it from another PC, the SmartScreen Filter checks the reputation of the application by using digital signatures and other factors against a service that Microsoft maintains. If the app lacks a reputation or is known to be malicious, the SmartScreen Filter warns the user or blocks execution entirely, depending on how the administrator has configured Group Policy (see Figure 7).
-
+
Figure 7. The SmartScreen Filter at work in Windows 10
By default, users have the option to bypass SmartScreen Filter protection so that it will not prevent a user from running a legitimate app. You can use Control Panel or Group Policy settings to disable the SmartScreen Filter or to completely prevent users from running apps that the SmartScreen Filter does not recognize. The Control Panel settings are shown in Figure 8.
-
+
Figure 8. The Windows SmartScreen configuration options in Control Panel
-If you want to try the SmartScreen Filter, use Windows 7 to download this simulated (but not dangerous) malware file:[freevideo.exe](http://go.microsoft.com/fwlink/p/?LinkId=626943). Save it to your computer, and then run it from Windows Explorer. As shown in Figure 9, Windows runs the app without much warning. In Windows 7, you might receive a warning message about the app not having a certificate, but you can easily bypass it.
+If you want to try the SmartScreen Filter, use Windows 7 to download this simulated (but not dangerous) malware file:[freevideo.exe](https://go.microsoft.com/fwlink/p/?LinkId=626943). Save it to your computer, and then run it from Windows Explorer. As shown in Figure 9, Windows runs the app without much warning. In Windows 7, you might receive a warning message about the app not having a certificate, but you can easily bypass it.
-
+
Figure 9. Windows 7 allows the app to run
Now, repeat the test on a computer running Windows 10 by copying the file to a Windows 10 PC or by downloading the file again and saving it to your local computer. Run the file directly from File Explorer, and the SmartScreen Filter will warn you before it allows it to run. Microsoft’s data shows that for a vast majority of users, that extra warning is enough to save them from a malware infection.
-**Universal Windows apps**
+### Universal Windows apps
The good news is that the download and use of Universal Windows apps or even Windows Classic applications (Win32) from the Windows Store will dramatically reduce the likelihood that you encounter malware on your PC because all apps go through a careful screening process before being made available in the store. Apps that organizations build and distribute through sideloading processes will need to be reviewed internally to ensure that they meet organizational security requirements.
Regardless of how users acquire Universal Windows apps, they can use them with increased confidence. Unlike Windows Classic applications, which can run with elevated privileges and have potentially sweeping access to the system and data, Universal Windows apps run in an AppContainer sandbox with limited privileges and capabilities. For example, Universal Windows apps have no system-level access, have tightly controlled interactions with other apps, and have no access to data unless the user explicitly grants the application permission.
+
In addition, all Universal Windows apps follow the security principle of least privilege. Apps receive only the minimum privileges they need to perform their legitimate tasks, so even if an attacker exploits an app, the damage the exploit can do is severely limited and should be contained within the sandbox. The Windows Store displays the exact capabilities the app requires (for example, access to the camera), along with the app’s age rating and publisher.
+
In the end, the Windows Store app distribution process and the app sandboxing capabilities of Windows 10 will dramatically reduce the likelihood that users encounter malicious apps on the system.
-**Windows Defender**
+### Windows Defender
Antimalware software, also generically called virus scanners, antivirus, and a host of other names, has been around for a long time. Microsoft shipped its first program in this category, Microsoft Anti-Virus, in 1993 for MS DOS 6.0. At the time, the approach of running a standalone MS DOS program to locate and remove viruses was sufficient.
@@ -720,9 +761,9 @@ Figure 10. Windows Defender opt-in settings in Windows 10
Of course, system administrators have centralized control of all Windows Defender settings through Group Policy. The Windows Defender configuration settings are shown under Computer Configuration/Windows Components/Windows Defender, as shown in Figure 11.
-
+
-Figure 11. Windows Defender settings in Group Policy– the sample submission options are listed under MAPS
+Figure 11. Windows Defender settings in Group Policy – the sample submission options are listed under MAPS
**Tamper proofing** is the safeguarding of Windows Defender itself against malware attacks. Malware creators assume that antimalware software is implemented on most PCs. Many malware creators choose to overcome that obstacle by designing malware that modifies the antimalware software in some way, such as disabling real-time scanning or by hiding specific processes. Some malware goes as far as completely disabling the antimalware software while making it appear fully functional to the user.
@@ -730,11 +771,12 @@ Windows Defender is designed to resist tampering; it uses several security techn
**Empowerment of IT security professionals** means that Windows Defender gives IT pros the tools and configuration options necessary to make it an enterprise-class antimalware solution. It has numerous enterprise-level features
that put it on par with the top products in this category:
-- Integration with centralized management software, including Microsoft Intune, System Center Configuration Manager, and Microsoft System Center Operations Manager. Unlike Windows 8.1, no additional client is necessary, because Windows Defender is now integrated into Windows and only a management layer needs to be added.
-- Windows Defender supports the Open Mobile Alliance Device Management standard for centralized management by many non-Microsoft device management solutions.
-- It includes integrated classic command-line and Windows PowerShell cmdlet support.
-- Support for Windows Management Instrumentation reporting and application management is built in.
-- Full integration with Group Policy offers complete IT configuration management.
+
+* Integration with centralized management software, including Microsoft Intune, System Center Configuration Manager, and Microsoft System Center Operations Manager. Unlike Windows 8.1, no additional client is necessary, because Windows Defender is now integrated into Windows and only a management layer needs to be added.
+* Windows Defender supports the Open Mobile Alliance Device Management standard for centralized management by many non-Microsoft device management solutions.
+* It includes integrated classic command-line and Windows PowerShell cmdlet support.
+* Support for Windows Management Instrumentation reporting and application management is built in.
+* Full integration with Group Policy offers complete IT configuration management.
In addition, Windows Defender now integrates the Windows Defender Offline Tool, which formerly required the creation of a bootable, standalone version of Windows Defender into the Windows Recovery Environment. This simplifies the process of remediating low-level malware infections, which may prove difficult to detect and remove with the antimalware solution running on the Windows desktop. You can update signatures for this environment automatically from within the Windows Defender Offline experience.
@@ -747,16 +789,16 @@ Another security threat that customers face particularly in consumer and bring y
Whenever non-Microsoft real-time protection is in an inoperable state (for example, disabled, expired) for 24 hours, Windows Defender automatically turns on to ensure that the device is protected. Windows attempts to help the user remediate the issue with the non-Microsoft antimalware solution by notifying him or her as early as 5 days before the software expires. If the solution expires, Windows enables Windows Defender and continues to remind the user to renew the non-Microsoft solution. When the user updates or reactivates the solution, Windows Defender is automatically disabled. In the end, the goal is to make sure that an operable antimalware solution is running at all times.
-## Conclusion
+#### Conclusion
Windows 10 is the culmination of many years of effort from Microsoft, and its impact from a security perspective will be significant. Many of us still remember the years of Windows XP, when the attacks on the Windows operating system, applications, and data increased in volume and matured into serious threats. With the existing platforms and security solutions that you’ve likely deployed, you’re better defended than ever. But as attackers have become more advanced, there is no doubt that they have exceeded your ability to defend your organization and users. Evidence of this fact can be found in the news virtually every day as yet another major organization falls victim. Microsoft specifically designed Windows 10 to address these modern threats and tactics from the most advanced adversaries. It can truly change the game for your organization, and it can restore your advantage against those would like to make you their next victim.
## Related topics
-[Windows 10 Specifications](http://go.microsoft.com/fwlink/p/?LinkId=625077 )
+[Windows 10 Specifications](https://go.microsoft.com/fwlink/p/?LinkId=625077 )
-[HealthAttestation CSP](http://go.microsoft.com/fwlink/p/?LinkId=626940 )
+[HealthAttestation CSP](https://go.microsoft.com/fwlink/p/?LinkId=626940 )
-[Making Windows 10 More Personal and More Secure with Windows Hello](http://go.microsoft.com/fwlink/p/?LinkId=626945)
+[Making Windows 10 More Personal and More Secure with Windows Hello](https://go.microsoft.com/fwlink/p/?LinkId=626945)
[Protect BitLocker from pre-boot attacks](protect-bitlocker-from-pre-boot-attacks.md)
diff --git a/windows/keep-secure/windows-defender-advanced-threat-protection.md b/windows/keep-secure/windows-defender-advanced-threat-protection.md
index bf62da150c..01fccfad1a 100644
--- a/windows/keep-secure/windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/windows-defender-advanced-threat-protection.md
@@ -15,7 +15,7 @@ localizationpriority: high
**Applies to:**
-- Windows 10 Enterprise, let's change back
+- Windows 10 Enterprise
- Windows 10 Enterprise for Education
- Windows 10 Pro
- Windows 10 Pro Education
diff --git a/windows/keep-secure/windows-firewall-with-advanced-security-administration-with-windows-powershell.md b/windows/keep-secure/windows-firewall-with-advanced-security-administration-with-windows-powershell.md
index c70e57a4b1..9b54a7e5a7 100644
--- a/windows/keep-secure/windows-firewall-with-advanced-security-administration-with-windows-powershell.md
+++ b/windows/keep-secure/windows-firewall-with-advanced-security-administration-with-windows-powershell.md
@@ -624,37 +624,37 @@ New-NetFirewallRule –DisplayName “Inbound Secure Bypass Rule" –Direction I
For more information about Windows PowerShell concepts, see the following topics.
-- [Windows PowerShell Getting Started Guide](http://go.microsoft.com/fwlink/p/?linkid=113440)
+- [Windows PowerShell Getting Started Guide](https://go.microsoft.com/fwlink/p/?linkid=113440)
-- [Windows PowerShell User Guide](http://go.microsoft.com/fwlink/p/?linkid=113441)
+- [Windows PowerShell User Guide](https://go.microsoft.com/fwlink/p/?linkid=113441)
-- [Windows PowerShell About Help Topics](http://go.microsoft.com/fwlink/p/?linkid=113206)
+- [Windows PowerShell About Help Topics](https://go.microsoft.com/fwlink/p/?linkid=113206)
-- [about\_Functions](http://go.microsoft.com/fwlink/p/?linkid=113231)
+- [about\_Functions](https://go.microsoft.com/fwlink/p/?linkid=113231)
-- [about\_Functions\_Advanced](http://go.microsoft.com/fwlink/p/?linkid=144511)
+- [about\_Functions\_Advanced](https://go.microsoft.com/fwlink/p/?linkid=144511)
-- [about\_Execution\_Policies](http://go.microsoft.com/fwlink/p/?linkid=135170)
+- [about\_Execution\_Policies](https://go.microsoft.com/fwlink/p/?linkid=135170)
-- [about\_Foreach](http://go.microsoft.com/fwlink/p/?linkid=113229)
+- [about\_Foreach](https://go.microsoft.com/fwlink/p/?linkid=113229)
-- [about\_Objects](http://go.microsoft.com/fwlink/p/?linkid=113241)
+- [about\_Objects](https://go.microsoft.com/fwlink/p/?linkid=113241)
-- [about\_Properties](http://go.microsoft.com/fwlink/p/?linkid=113249)
+- [about\_Properties](https://go.microsoft.com/fwlink/p/?linkid=113249)
-- [about\_While](http://go.microsoft.com/fwlink/p/?linkid=113275)
+- [about\_While](https://go.microsoft.com/fwlink/p/?linkid=113275)
-- [about\_Scripts](http://go.microsoft.com/fwlink/p/?linkid=144310)
+- [about\_Scripts](https://go.microsoft.com/fwlink/p/?linkid=144310)
-- [about\_Signing](http://go.microsoft.com/fwlink/p/?linkid=113268)
+- [about\_Signing](https://go.microsoft.com/fwlink/p/?linkid=113268)
-- [about\_Throw](http://go.microsoft.com/fwlink/p/?linkid=145153)
+- [about\_Throw](https://go.microsoft.com/fwlink/p/?linkid=145153)
-- [about\_PSSessions](http://go.microsoft.com/fwlink/p/?linkid=135181)
+- [about\_PSSessions](https://go.microsoft.com/fwlink/p/?linkid=135181)
-- [about\_Modules](http://go.microsoft.com/fwlink/p/?linkid=144311)
+- [about\_Modules](https://go.microsoft.com/fwlink/p/?linkid=144311)
-- [about\_Command\_Precedence](http://go.microsoft.com/fwlink/p/?linkid=113214)
+- [about\_Command\_Precedence](https://go.microsoft.com/fwlink/p/?linkid=113214)
diff --git a/windows/keep-secure/windows-hello-in-enterprise.md b/windows/keep-secure/windows-hello-in-enterprise.md
index 28fed4cfd5..ca368e846f 100644
--- a/windows/keep-secure/windows-hello-in-enterprise.md
+++ b/windows/keep-secure/windows-hello-in-enterprise.md
@@ -79,7 +79,7 @@ To allow facial recognition, you must have devices with integrated special infra
- [Implement Windows Hello for Business in your organization](implement-microsoft-passport-in-your-organization.md)
- [Microsoft Passport guide](microsoft-passport-guide.md)
- [Prepare people to use Windows Hello for Work](prepare-people-to-use-microsoft-passport.md)
-- [PassportforWork CSP](http://go.microsoft.com/fwlink/p/?LinkId=708219)
+- [PassportforWork CSP](https://go.microsoft.com/fwlink/p/?LinkId=708219)
diff --git a/windows/keep-secure/windows-security-baselines.md b/windows/keep-secure/windows-security-baselines.md
index f0db2dc596..ee48d1325c 100644
--- a/windows/keep-secure/windows-security-baselines.md
+++ b/windows/keep-secure/windows-security-baselines.md
@@ -51,13 +51,13 @@ To help faster deployments and increase the ease of managing Windows, Microsoft
### Windows 10 security baselines
- - [Windows 10, Version 1511 security baseline](http://go.microsoft.com/fwlink/p/?LinkID=799381)
- - [Windows 10, Version 1507 security baseline](http://go.microsoft.com/fwlink/p/?LinkID=799380)
+ - [Windows 10, Version 1511 security baseline](https://go.microsoft.com/fwlink/p/?LinkID=799381)
+ - [Windows 10, Version 1507 security baseline](https://go.microsoft.com/fwlink/p/?LinkID=799380)
### Windows Server security baselines
- - [Windows Server 2012 R2 security baseline](http://go.microsoft.com/fwlink/p/?LinkID=799382)
+ - [Windows Server 2012 R2 security baseline](https://go.microsoft.com/fwlink/p/?LinkID=799382)
## How can I monitor security baseline deployments?
diff --git a/windows/manage/TOC.md b/windows/manage/TOC.md
index 15f4e3b2bf..19a65a7a57 100644
--- a/windows/manage/TOC.md
+++ b/windows/manage/TOC.md
@@ -16,6 +16,7 @@
### [Customize Windows 10 Start and taskbar with Group Policy](customize-windows-10-start-screens-by-using-group-policy.md)
### [Customize Windows 10 Start and taskbar with ICD and provisioning packages](customize-windows-10-start-screens-by-using-provisioning-packages-and-icd.md)
### [Customize Windows 10 Start with mobile device management (MDM)](customize-windows-10-start-screens-by-using-mobile-device-management.md)
+## [Create mandatory user profiles](mandatory-user-profile.md)
## [Lock down Windows 10](lock-down-windows-10.md)
### [Lockdown features from Windows Embedded 8.1 Industry](lockdown-features-windows-10.md)
### [Set up a shared or guest PC with Windows 10](set-up-shared-or-guest-pc.md)
diff --git a/windows/manage/administrative-tools-in-windows-10.md b/windows/manage/administrative-tools-in-windows-10.md
index ba99073d18..0166bbda73 100644
--- a/windows/manage/administrative-tools-in-windows-10.md
+++ b/windows/manage/administrative-tools-in-windows-10.md
@@ -31,23 +31,23 @@ If the content that is linked to a tool in the following list doesn't provide th
-- [Component Services]( http://go.microsoft.com/fwlink/p/?LinkId=708489)
-- [Computer Management](http://go.microsoft.com/fwlink/p/?LinkId=708490)
-- [Defragment and Optimize Drives](http://go.microsoft.com/fwlink/p/?LinkId=708488)
-- [Disk Cleanup](http://go.microsoft.com/fwlink/p/?LinkID=698648)
-- [Event Viewer](http://go.microsoft.com/fwlink/p/?LinkId=708491)
-- [iSCSI Initiator](http://go.microsoft.com/fwlink/p/?LinkId=708492)
-- [Local Security Policy](http://go.microsoft.com/fwlink/p/?LinkId=708493)
-- [ODBC Data Sources]( http://go.microsoft.com/fwlink/p/?LinkId=708494)
-- [Performance Monitor](http://go.microsoft.com/fwlink/p/?LinkId=708495)
-- [Print Management](http://go.microsoft.com/fwlink/p/?LinkId=708496)
-- [Resource Monitor](http://go.microsoft.com/fwlink/p/?LinkId=708497)
-- [Services](http://go.microsoft.com/fwlink/p/?LinkId=708498)
-- [System Configuration](http://go.microsoft.com/fwlink/p/?LinkId=708499)
-- [System Information]( http://go.microsoft.com/fwlink/p/?LinkId=708500)
-- [Task Scheduler](http://go.microsoft.com/fwlink/p/?LinkId=708501)
-- [Windows Firewall with Advanced Security](http://go.microsoft.com/fwlink/p/?LinkId=708503)
-- [Windows Memory Diagnostic]( http://go.microsoft.com/fwlink/p/?LinkId=708507)
+- [Component Services]( https://go.microsoft.com/fwlink/p/?LinkId=708489)
+- [Computer Management](https://go.microsoft.com/fwlink/p/?LinkId=708490)
+- [Defragment and Optimize Drives](https://go.microsoft.com/fwlink/p/?LinkId=708488)
+- [Disk Cleanup](https://go.microsoft.com/fwlink/p/?LinkID=698648)
+- [Event Viewer](https://go.microsoft.com/fwlink/p/?LinkId=708491)
+- [iSCSI Initiator](https://go.microsoft.com/fwlink/p/?LinkId=708492)
+- [Local Security Policy](https://go.microsoft.com/fwlink/p/?LinkId=708493)
+- [ODBC Data Sources]( https://go.microsoft.com/fwlink/p/?LinkId=708494)
+- [Performance Monitor](https://go.microsoft.com/fwlink/p/?LinkId=708495)
+- [Print Management](https://go.microsoft.com/fwlink/p/?LinkId=708496)
+- [Resource Monitor](https://go.microsoft.com/fwlink/p/?LinkId=708497)
+- [Services](https://go.microsoft.com/fwlink/p/?LinkId=708498)
+- [System Configuration](https://go.microsoft.com/fwlink/p/?LinkId=708499)
+- [System Information]( https://go.microsoft.com/fwlink/p/?LinkId=708500)
+- [Task Scheduler](https://go.microsoft.com/fwlink/p/?LinkId=708501)
+- [Windows Firewall with Advanced Security](https://go.microsoft.com/fwlink/p/?LinkId=708503)
+- [Windows Memory Diagnostic]( https://go.microsoft.com/fwlink/p/?LinkId=708507)
diff --git a/windows/manage/app-inventory-management-windows-store-for-business.md b/windows/manage/app-inventory-management-windows-store-for-business.md
index 2472c4a967..ec263eede3 100644
--- a/windows/manage/app-inventory-management-windows-store-for-business.md
+++ b/windows/manage/app-inventory-management-windows-store-for-business.md
@@ -169,7 +169,7 @@ For each app in your inventory, you can view and manage license details. This gi
**To view license details**
-1. Sign in to [Store for Business](http://go.microsoft.com/fwlink/p/?LinkId=691845)
+1. Sign in to [Store for Business](https://go.microsoft.com/fwlink/p/?LinkId=691845)
2. Click **Manage**, and then choose **Inventory**.
diff --git a/windows/manage/application-development-for-windows-as-a-service.md b/windows/manage/application-development-for-windows-as-a-service.md
index 40b757275b..080fccc711 100644
--- a/windows/manage/application-development-for-windows-as-a-service.md
+++ b/windows/manage/application-development-for-windows-as-a-service.md
@@ -47,7 +47,7 @@ The traditional approach for supporting apps has been to release a new app versi
In the Windows as a service model, Microsoft is making a commitment to maintaining the compatibility of the underlying OS. This means Microsoft will make a concerted effort to ensure that there are no breaking changes that impact the app ecosystem negatively. In this scenario, when there is a release of a Windows build, most apps (those with no kernel dependencies) will continue to work.
-In view of this change, Microsoft recommends that our ISV partners decouple their app release and support from specific Windows builds. Our mutual customers are better served by an application lifecycle approach. This means when an application version is released it will be supported for a certain period of time irrespective of however many Windows builds are released in the interim. The ISV makes a commitment to provide support for that specific version of the app as long as it is supported in the lifecycle. Microsoft follows a similar lifecycle approach for Windows that can be referenced [here](http://go.microsoft.com/fwlink/?LinkID=780549).
+In view of this change, Microsoft recommends that our ISV partners decouple their app release and support from specific Windows builds. Our mutual customers are better served by an application lifecycle approach. This means when an application version is released it will be supported for a certain period of time irrespective of however many Windows builds are released in the interim. The ISV makes a commitment to provide support for that specific version of the app as long as it is supported in the lifecycle. Microsoft follows a similar lifecycle approach for Windows that can be referenced [here](https://go.microsoft.com/fwlink/?LinkID=780549).
This approach will reduce the burden of maintaining an app schedule that aligns with Windows releases. ISV partners should be free to release features or updates at their own cadence. We feel that our partners can keep their customer base updated with the latest app updates independent of a Windows release. In addition, our customers do not have to seek an explicit support statement whenever a Windows build is released. Here is an example of a support statement that covers how an app may be supported across different versions of the OS:
@@ -89,7 +89,7 @@ Some apps perform a version check and simply pass a warning to users. However, t
- If the app is dependent on specific API functionality, ensure you target the correct API version.
- Ensure you detect the change via APISet or another public API, and do not use the version as a proxy for some feature or fix. If there are breaking changes and a proper check is not exposed, then that is a bug.
- Ensure the app does NOT check for version in odd ways, such as via the registry, file versions, offsets, kernel mode, drivers, or other means. If the app absolutely needs to check the version, use the GetVersion APIs, which should return the major, minor, and build number.
-- If you are using the [GetVersion](http://go.microsoft.com/fwlink/?LinkID=780555) API, remember that the behavior of this API has changed since Windows 8.1.
+- If you are using the [GetVersion](https://go.microsoft.com/fwlink/?LinkID=780555) API, remember that the behavior of this API has changed since Windows 8.1.
If you own apps such as antimalware or firewall apps, you should work through your usual feedback channels and via the Windows Insider program.
@@ -99,9 +99,9 @@ Your apps should not call undocumented Windows APIs, or take dependency on speci
### Develop Universal Windows Platform (UWP) and Centennial apps
-We encourage all Win32 app ISVs to develop [Universal Windows Platform (UWP)](http://go.microsoft.com/fwlink/?LinkID=780560) and, specifically, [Centennial](http://go.microsoft.com/fwlink/?LinkID=780562) apps moving forward. There are great benefits to developing these app packages rather than using traditional Win32 installers. UWP apps are also supported in the [Windows Store](http://go.microsoft.com/fwlink/?LinkID=780563), so it’s easier for you to update your users to a consistent version automatically, lowering your support costs.
+We encourage all Win32 app ISVs to develop [Universal Windows Platform (UWP)](https://go.microsoft.com/fwlink/?LinkID=780560) and, specifically, [Centennial](https://go.microsoft.com/fwlink/?LinkID=780562) apps moving forward. There are great benefits to developing these app packages rather than using traditional Win32 installers. UWP apps are also supported in the [Windows Store](https://go.microsoft.com/fwlink/?LinkID=780563), so it’s easier for you to update your users to a consistent version automatically, lowering your support costs.
-If your Win32 app types do not work with the Centennial model, we highly recommend that you use the right installer and ensure this is fully tested. An installer is your user or customer’s first experience with your app, so ensure that this works well. All too often, this doesn’t work well or it hasn’t been fully tested for all scenarios. The [Windows App Certification Kit](http://go.microsoft.com/fwlink/?LinkID=780565) can help you test the install and uninstall of your Win32 app and help you identify use of undocumented APIs, as well as other basic performance-related best-practice issues, before your users do.
+If your Win32 app types do not work with the Centennial model, we highly recommend that you use the right installer and ensure this is fully tested. An installer is your user or customer’s first experience with your app, so ensure that this works well. All too often, this doesn’t work well or it hasn’t been fully tested for all scenarios. The [Windows App Certification Kit](https://go.microsoft.com/fwlink/?LinkID=780565) can help you test the install and uninstall of your Win32 app and help you identify use of undocumented APIs, as well as other basic performance-related best-practice issues, before your users do.
**Best practices:**
- Use installers that work for both 32-bit and 64-bit versions of Windows.
@@ -116,7 +116,7 @@ Windows OS flighting refers to the interim builds available to Windows Insiders
If your app is in the Store, you can flight your app via the Store, which means that your app will be available for our Windows Insider population to install. Users can install your app and you can receive preliminary feedback on your app before you release it to the general population. The follow sections outline the steps for testing your apps against Windows flighted builds.
### Step 1: Become a Windows Insider and participate in flighting
-As a [Windows Insider,](http://go.microsoft.com/fwlink/p/?LinkId=521639) you can help shape the future of Windows—your feedback will help us improve features and functionality in the platform. This is a vibrant community where you can connect with other enthusiasts, join forums, trade advice, and learn about upcoming Insider-only events.
+As a [Windows Insider,](https://go.microsoft.com/fwlink/p/?LinkId=521639) you can help shape the future of Windows—your feedback will help us improve features and functionality in the platform. This is a vibrant community where you can connect with other enthusiasts, join forums, trade advice, and learn about upcoming Insider-only events.
Since you’ll have access to preview builds of Windows 10, Windows 10 Mobile, and the latest Windows SDK and Emulator, you’ll have all the tools at your disposal to develop great apps and explore what's new in the Universal Windows Platform and the Windows Store.
@@ -157,7 +157,7 @@ If after investigation, the former is the case, be sure to use the Windows Insid
Let us know how your app is performing against flighted builds. As you discover issues with your app during testing, please log bugs via the partner portal if you have access, or through your Microsoft representative. We encourage this information so that we can build a quality experience for our users together.
### Step 4: Register on Windows 10
-The [Ready for Windows 10](http://go.microsoft.com/fwlink/?LinkID=780580) website is a directory of software that supports Windows 10. It’s intended for IT administrators at companies and organizations worldwide that are considering Windows 10 for their deployments. IT administrators can check the site to see whether software deployed in their enterprise is supported in Windows 10.
+The [Ready for Windows 10](https://go.microsoft.com/fwlink/?LinkID=780580) website is a directory of software that supports Windows 10. It’s intended for IT administrators at companies and organizations worldwide that are considering Windows 10 for their deployments. IT administrators can check the site to see whether software deployed in their enterprise is supported in Windows 10.
## Related topics
[Windows 10 servicing options for updates and upgrades](introduction-to-windows-10-servicing.md)
diff --git a/windows/manage/appv-application-publishing-and-client-interaction.md b/windows/manage/appv-application-publishing-and-client-interaction.md
index 31ace970ff..ca6912ebd6 100644
--- a/windows/manage/appv-application-publishing-and-client-interaction.md
+++ b/windows/manage/appv-application-publishing-and-client-interaction.md
@@ -23,8 +23,8 @@ The Sequencer creates App-V packages and produces a virtualized application. The