Merge remote-tracking branch 'refs/remotes/origin/master' into vs-9914655

2025-06-19 12:23:37 +00:00 · 2017-03-06 06:54:19 -08:00
parent c94f63e7ed 19d49a3712
commit 42cf01b956
22 changed files with 622 additions and 167 deletions
--- a/browsers/edge/available-policies.md
+++ b/browsers/edge/available-policies.md
@ -16,6 +16,9 @@ localizationpriority: high
 - Windows 10, Windows Insider Program 
 - Windows 10 Mobile, Windows Insider Program
 > [!IMPORTANT]
 > Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 Microsoft Edge works with Group Policy and Microsoft Intune to help you manage your organization's computer settings. Group Policy objects (GPO's) can include registry-based Administrative Template policy settings, security settings, software deployment information, scripts, folder redirection, and preferences.
 By using Group Policy and Intune, you can set up a policy setting once, and then copy that setting onto many computers. For example, you can set up multiple security settings in a GPO that's linked to a domain, and then apply all of those settings to every computer in the domain.
--- a/smb/cloud-mode-business-setup.md
+++ b/smb/cloud-mode-business-setup.md
@ -3,8 +3,13 @@ title: Deploy and manage a full cloud IT solution for your business
 description: Learn how to set up a cloud infrastructure for your business, acquire devices and apps, and configure and deploy policies to your devices.
 keywords: smb, full cloud IT solution, small to medium business, deploy, setup, manage, Windows, Intune, Office 365
 ms.prod: w10
 ms.technology: smb-windows
 ms.topic: hero-article
 ms.author: celested
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.lang: EN 
 ms.loc: US 
 ms.pagetype: smb
 author: CelesteDG
 ---
@ -46,6 +51,7 @@ See <a href="https://support.office.com/en-us/article/Set-up-Office-365-for-busi
 To set up your Office 365 business tenant, see <a href="https://support.office.com/en-us/article/Get-started-with-Office-365-for-Business-d6466f0d-5d13-464a-adcb-00906ae87029" target="_blank">Get Started with Office 365 for business</a>.
 If this is the first time you're setting this up, and you'd like to see how it's done, you can follow these steps to get started:
 1. Go to the <a href="https://business.microsoft.com/en-us/products/office-365" target="_blank">Office 365</a> page in the <a href="http://business.microsoft.com" target="_blank">Microsoft Business site</a>. Select **Try now** to use the Office 365 Business Premium Trial or select **Buy now** to sign up for Office 365 Business Premium. In this walkthrough, we'll select **Try now**.
  **Figure 1** - Try or buy Office 365
@ -54,7 +60,9 @@ If this is the first time you're setting this up, and you'd like to see how it's
 2. Fill out the sign up form and provide information about you and your company.
 3. Create a user ID and password to use to sign into your account.
  This step creates an onmicrosoft.com email address. You can use this email address to sign in to the various admin centers. Save your sign-in info so you can use it to sign into <a href="https://portal.office.com" target="_blank">https://portal.office.com</a> (the admin portal).
 4. Select **Create my account** and then enter the phone number you used in step 2 to verify your identity. You'll be asked to enter your verification code.
 5. Select **You're ready to go...** which will take you to the Office 365 portal.
@ -65,6 +73,7 @@ If this is the first time you're setting this up, and you'd like to see how it's
  ![Office 365 portal](images/office365_portal.png)
 6. Select the **Admin** tile to go to the Office 365 admin center.
 7. In the admin center, click **Next** to see the highlights and welcome info for the admin center. When you're done, click **Go to setup** to complete the Office 365 setup.
@ -74,18 +83,20 @@ If this is the first time you're setting this up, and you'd like to see how it's
  ![Office 365 admin center](images/office365_admin_portal.png)
 8. Go back to the <a href="https://portal.office.com/adminportal/home#/homepage" target="_blank">Office 365 admin center</a> to add or buy a domain.
  1. Select the **Domains** option.
    **Figure 4** - Option to add or buy a domain
-    ![Add or buy a domain in O365 admin center](images/office365_buy_domain.png)
+    ![Add or buy a domain in Office 365 admin center](images/office365_buy_domain.png)
  2.  In the **Home > Domains** page, you will see the Microsoft-provided domain, such as *fabrikamdesign.onmicrosoft.com*.
    **Figure 5** - Microsoft-provided domain
-    ![Microsoft provided domain](images/office365_ms_provided_domain.png)
+    ![Microsoft-provided domain](images/office365_ms_provided_domain.png)
    - If you already have a domain, select **+ Add domain** to add your existing domain. If you select this option, you'll be required to verify that you own the domain. Follow the steps in the wizard to verify your domain.
    - If you don't already own a domain, select **+ Buy domain**. If you're using a trial plan, you'll be required to upgrade your trial plan in order to buy a domain. Choose the subscription plan to use for your business and provide the details to complete your order.
@ -94,7 +105,7 @@ If this is the first time you're setting this up, and you'd like to see how it's
    **Figure 6** - Domains
-    ![Verify your domains in O365 admin center](images/office365_additional_domain.png)
+    ![Verify your domains in Office 365 admin center](images/office365_additional_domain.png)
 ### 1.2 Add users and assign product licenses
 Once you've set up Office and added your domain, it's time to add users so they have access to Office 365. People in your organization need an account before they can sign in and access Office 365. The easiest way to add users is to add them one at a time in the Office 365 admin center.
--- a/smb/index.md
+++ b/smb/index.md
@ -1,10 +1,15 @@
 ---
 title: Windows 10 for small to midsize businesses
-description: Learn how to use Windows 10 for your small to midsize business.
+description: Microsoft products and devices to transform and grow your businessLearn how to use Windows 10 for your small to midsize business.
 keywords: Windows 10, SMB, small business, midsize business, business
 ms.prod: w10
 ms.technology: smb-windows
 ms.topic: article
 ms.author: celested
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.lang: EN 
 ms.loc: US 
 ms.pagetype: smb
 author: CelesteDG
 ---
--- a/windows/deploy/TOC.md
+++ b/windows/deploy/TOC.md
@ -51,6 +51,7 @@
 ## [Upgrade to Windows 10 with the Microsoft Deployment Toolkit](upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md)
 ## [Upgrade to Windows 10 with System Center Configuration Manager](upgrade-to-windows-10-with-system-center-configuraton-manager.md)
 ## [Resolve Windows 10 upgrade errors](resolve-windows-10-upgrade-errors.md)
 ## [Convert MBR partition to GPT](mbr-to-gpt.md)
 ## [Configure a PXE server to load Windows PE](configure-a-pxe-server-to-load-windows-pe.md)
 ## [Windows 10 upgrade paths](windows-10-upgrade-paths.md)
 ## [Windows 10 edition upgrade](windows-10-edition-upgrades.md)
--- a/windows/deploy/change-history-for-deploy-windows-10.md
+++ b/windows/deploy/change-history-for-deploy-windows-10.md
@ -11,6 +11,11 @@ author: greg-lindsay
 # Change history for Deploy Windows 10
 This topic lists new and updated topics in the [Deploy Windows 10](index.md) documentation for [Windows 10 and Windows 10 Mobile](../index.md).
 ## March 2017
 | New or changed topic | Description |
 |----------------------|-------------|
 | [Convert MBR partition to GPT](mbr-to-gpt.md) | New | 
 ## February 2017
 | New or changed topic | Description |
 |----------------------|-------------|
--- a/windows/deploy/images/mbr2gpt-volume.PNG
+++ b/windows/deploy/images/mbr2gpt-volume.PNG
--- a/windows/deploy/images/mbr2gpt-workflow.png
+++ b/windows/deploy/images/mbr2gpt-workflow.png
--- a/windows/deploy/index.md
+++ b/windows/deploy/index.md
@ -24,6 +24,7 @@ Learn about deploying Windows 10 for IT professionals.
 |[Upgrade to Windows 10 with the Microsoft Deployment Toolkit](upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md) |The simplest path to upgrade PCs that are currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a Microsoft Deployment Toolkit (MDT) 2013 Update 2 task sequence to completely automate the process. |
 |[Upgrade to Windows 10 with System Center Configuration Manager](upgrade-to-windows-10-with-system-center-configuraton-manager.md) |The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a System Center Configuration Manager task sequence to completely automate the process. |
 |[Resolve Windows 10 upgrade errors](resolve-windows-10-upgrade-errors.md) |This topic provides a brief introduction to Windows 10 installation processes, and provides resolution procedures that IT administrators can use to resolve issues with Windows 10 upgrade. |
 |[Convert MBR partition to GPT](mbr-to-gpt.md) |This topic provides detailed instructions for using the MBR2GPT partition conversion tool. |
 |[Configure a PXE server to load Windows PE](configure-a-pxe-server-to-load-windows-pe.md) |This guide describes how to configure a PXE server to load Windows PE by booting a client computer from the network. |
 |[Windows 10 edition upgrade](windows-10-edition-upgrades.md) |With Windows 10, you can quickly upgrade from one edition of Windows 10 to another, provided the upgrade path is supported. |
 | [Provisioning packages for Windows 10](provisioning-packages.md) | Learn how to use the Windows Imaging and Configuration Designer (ICD) and provisioning packages to easily configure multiple devices. |
--- a/windows/deploy/mbr-to-gpt.md
+++ b/windows/deploy/mbr-to-gpt.md
@ -0,0 +1,384 @@
 ---
 title: MBR2GPT
 description: How to use the MBR2GPT tool to convert MBR partitions to GPT
 keywords: deploy, troubleshoot, windows, 10, upgrade, partition, mbr, gpt
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: deploy
 author: greg-lindsay
 localizationpriority: high
 ---
 # MBR2GPT.EXE
 **Applies to**
 -   Windows 10
 ## Summary
 **MBR2GPT.EXE** converts a disk from Master Boot Record (MBR) to GUID Partition Table (GPT) partition style without modifying or deleting data on the disk. The tool is designed to be run from a Windows Preinstallation Environment (Windows PE) command prompt, but can also be run from the full Windows 10 operating system (OS).
 You can use MBR2GPT to perform the following:
 - \[Within the Windows PE environment\]: Convert any attached MBR-formatted disk to GPT, including the system disk.
 - \[From within the currently running OS\]: Convert any attached MBR-formatted disk to GPT, including the system disk.
 >MBR2GPT is available in Windows 10 version 1703, also known as Windows 10 Creator's Update, and later versions. 
 >The tool is available in both the full OS environment and Windows PE. 
 You can use MBR2GPT to convert an MBR disk with BitLocker-encrypted volumes as long as protection has been suspended. To resume BitLocker after conversion, you will need to delete the existing protectors and recreate them.
 The MBR2GPT tool can convert operating system disks that have earlier versions of Windows installed, such as Windows 10 versions 1507, 1511, and 1607. However, you must run the tool while booted into Windows 10 version 1703 or later, and perform an offline conversion.
 >[!IMPORTANT]
 >After the disk has been converted to GPT partition style, the firmware must be reconfigured to boot in UEFI mode. <BR>Make sure that your device supports UEFI before attempting to convert the disk.
 ## Syntax
 <table style="font-family:consolas;font-size:12px" >
 <TR><TD>MBR2GPT /validate|convert [/disk:\<diskNumber\>] [/logs:\<logDirectory\>] [/map:\<source\>=\<destination\>] [/allowFullOS]
 </TABLE>
 ### Options
 | Option | Description |
 |----|-------------|
 |/validate| Instructs MBR2GPT.exe to perform only the disk validation steps and report whether the disk is eligible for conversion. |
 |/convert| Instructs MBR2GPT.exe to perform the disk validation and to proceed with the conversion if all validation tests pass. |
 |/disk:\<diskNumber\>| Specifies the disk number of the disk to be converted to GPT. If not specified, the system disk is used. The mechanism used is the same as that used by the diskpart.exe tool **SELECT DISK SYSTEM** command.|
 |/logs:\<logDirectory\>| Specifies the directory where MBR2GPT.exe logs should be written. If not specified, **%windir%** is used. If specified, the directory must already exist, it will not be automatically created or overwritten.|
 |/map:\<source\>=\<destination\>| Specifies additional partition type mappings between MBR and GPT. The MBR partition number is specified in decimal notation, not hexidecimal. The GPT GUID can contain brackets, for example: **/map:42={af9b60a0-1431-4f62-bc68-3311714a69ad}**. Multiple /map options can be specified if multiple mappings are required. |
 |/allowFullOS| By default, MBR2GPT.exe is blocked unless it is run from Windows PE. This option overrides this block and enables disk conversion while running in the full Windows environment.|
 ## Examples
 ### Validation example
 In the following example, disk 0 is validated for conversion. Errors and warnings are logged to the default location, **%windir%**.
 ```
 X:\>mbr2gpt /validate /disk:0
 MBR2GPT: Attempting to validate disk 0
 MBR2GPT: Retrieving layout of disk
 MBR2GPT: Validating layout, disk sector size is: 512
 MBR2GPT: Validation completed successfully
 ```
 ### Conversion example
 In the following example:
 1. The current disk partition layout is displayed prior to conversion - three partitions are present on the MBR disk (disk 0): a system reserved partition, a Windows partition, and a recovery partition. A DVD-ROM is also present as volume 0.
 2. The OS volume is selected, partitions are listed, and partition details are displayed for the OS partition. The [MBR partition type](https://msdn.microsoft.com/library/windows/desktop/aa363990.aspx) is **07** corresponding to the installable file system (IFS) type. 
 2. The MBR2GPT tool is used to convert disk 0.
 3. The DISKPART tool displays that disk 0 is now using the GPT format.
 4. The new disk layout is displayed - four partitions are present on the GPT disk: three are identical to the previous partitions and one is the new EFI system partition (volume 3).
 5. The OS volume is selected again, and detail displays that it has been converted to the [GPT partition type](https://msdn.microsoft.com/library/windows/desktop/aa365449.aspx) of **ebd0a0a2-b9e5-4433-87c0-68b6b72699c7** corresponding to the **PARTITION_BASIC_DATA_GUID** type. 
 >As noted in the output from the MBR2GPT tool, you must make changes to the computer firmware so that the new EFI system partition will boot properly.
 ```
 DISKPART> list volume
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
  Volume 0     F   CENA_X64FRE  UDF    DVD-ROM     4027 MB  Healthy
  Volume 1     C   System Rese  NTFS   Partition    499 MB  Healthy
  Volume 2     D   Windows      NTFS   Partition     58 GB  Healthy
  Volume 3     E   Recovery     NTFS   Partition    612 MB  Healthy    Hidden
 DISKPART> select volume 2
 Volume 2 is the selected volume.
 DISKPART> list partition
  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary            499 MB  1024 KB
 * Partition 2    Primary             58 GB   500 MB
  Partition 3    Recovery           612 MB    59 GB
 DISKPART> detail partition
 Partition 2
 Type  : 07
 Hidden: No
 Active: No
 Offset in Bytes: 524288000
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
 * Volume 2     D   Windows      NTFS   Partition     58 GB  Healthy
 DISKPART> exit
 Leaving DiskPart...
 X:\>mbr2gpt /convert /disk:0
 MBR2GPT will now attempt to convert disk 0.
 If conversion is successful the disk can only be booted in GPT mode.
 These changes cannot be undone!
 MBR2GPT: Attempting to convert disk 0
 MBR2GPT: Retrieving layout of disk
 MBR2GPT: Validating layout, disk sector size is: 512 bytes
 MBR2GPT: Trying to shrink the system partition
 MBR2GPT: Trying to shrink the OS partition
 MBR2GPT: Creating the EFI system partition
 MBR2GPT: Installing the new boot files
 MBR2GPT: Performing the layout conversion
 MBR2GPT: Migrating default boot entry
 MBR2GPT: Adding recovery boot entry
 MBR2GPT: Fixing drive letter mapping
 MBR2GPT: Conversion completed successfully
 MBR2GPT: Before the new system can boot properly you need to switch the firmware to boot to UEFI mode!
 X:\>diskpart
 Microsoft DiskPart version 10.0.15048.0
 Copyright (C) Microsoft Corporation.
 On computer: MININT-K71F13N
 DISKPART> list disk
  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online           60 GB      0 B        *
 DISKPART> select disk 0
 Disk 0 is now the selected disk.
 DISKPART> list volume
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
  Volume 0     F   CENA_X64FRE  UDF    DVD-ROM     4027 MB  Healthy
  Volume 1     D   Windows      NTFS   Partition     58 GB  Healthy
  Volume 2     C   System Rese  NTFS   Partition    499 MB  Healthy    Hidden
  Volume 3                      FAT32  Partition    100 MB  Healthy    Hidden
  Volume 4     E   Recovery     NTFS   Partition    612 MB  Healthy    Hidden
 DISKPART> select volume 1
 Volume 1 is the selected volume.
 DISKPART> list partition
  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Recovery           499 MB  1024 KB
 * Partition 2    Primary             58 GB   500 MB
  Partition 4    System             100 MB    59 GB
  Partition 3    Recovery           612 MB    59 GB
 DISKPART> detail partition
 Partition 2
 Type    : ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
 Hidden  : No
 Required: No
 Attrib  : 0000000000000000
 Offset in Bytes: 524288000
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
 * Volume 1     D   Windows      NTFS   Partition     58 GB  Healthy
 ```
 ## Specifications
 ### Disk conversion workflow
 The following steps illustrate high-level phases of the MBR-to-GPT conversion process:
 1. Disk validation is performed.
 2. The disk is repartitioned to create an EFI system partition (ESP) if one does not already exist.
 3. UEFI boot files are installed to the ESP.
 4. GPT metatdata and layout information is applied.
 5. The boot configuration data (BCD) store is updated.
 6. Drive letter assignments are restored.
 ### Disk validation
 Before any change to the disk is made, MBR2GPT validates the layout and geometry of the selected disk to ensure that:
 - The disk is currently using MBR
 - There is enough space not occupied by partitions to store the primary and secondary GPTs:
  - 16KB + 2 sectors at the front of the disk
  - 16KB + 1 sector at the end of the disk
 - There are at most 3 primary partitions in the MBR partition table
 - One of the partitions is set as active and is the system partition
 - The BCD store on the system partition contains a default OS entry pointing to an OS partition
 - The volume IDs can retrieved for each volume which has a drive letter assigned
 - All partitions on the disk are of MBR types recognized by Windows or has a mapping specified using the /map command-line option
 If any of these checks fails, the conversion will not proceed and an error will be returned.
 ### Creating an EFI system partition
 For Windows to remain bootable after the conversion, an EFI system partition (ESP) must be in place. MBR2GPT creates the ESP using the following rules:
 1. The existing MBR system partition is reused if it meets these requirements:
  a. It is not also the OS or Windows Recovery Environment partition
  b. It is at least 100MB (or 260MB for 4K sector size disks) in size
  c. It is less than or equal to 1GB in size. This is a safety precaution to ensure it is not a data partition.
  d. If the conversion is being performed from the full OS, the disk being converted is not the system disk.
 2. If the existing MBR system partition cannot be reused, a new ESP is created by shrinking the OS partition. This new partition has a size of 100MB (or 260MB for 4K sector size disks) and is formatted FAT32.
 If the existing MBR system partition is not reused for the ESP, it is no longer used by the boot process after the conversion. Other partitions are not modified.
 ### Partition type mapping and partition attributes
 Since GPT partitions use a different set of type IDs than MBR partitions, each partition on the converted disk must be assigned a new type ID. The partition type mapping follows these rules:
 1. The ESP is always set to partition type PARTITION_SYSTEM_GUID (c12a7328-f81f-11d2-ba4b-00a0c93ec93b).
 2. If an MBR partition is of a type that matches one of the entries specified in the /map switch, the specified GPT partition type ID is used.
 3. If the MBR partition is of type 0x27, the partition is converted to a GPT partition of type PARTITION_MSFT_RECOVERY_GUID (de94bba4-06d1-4d40-a16a-bfd50179d6ac).
 4. All other MBR partitions recognized by Windows are converted to GPT partitions of type PARTITION_BASIC_DATA_GUID (ebd0a0a2-b9e5-4433-87c0-68b6b72699c7).
 In addition to applying the correct partition types, partitions of type PARTITION_MSFT_RECOVERY_GUID also have the following GPT attributes set:
 - GPT_ATTRIBUTE_PLATFORM_REQUIRED (0x0000000000000001)
 - GPT_BASIC_DATA_ATTRIBUTE_NO_DRIVE_LETTER (0x8000000000000000)
 For more information about partition types, see:
 - [GPT partition types](https://msdn.microsoft.com/library/windows/desktop/aa365449.aspx)
 - [MBR partition types](https://msdn.microsoft.com/library/windows/desktop/aa363990.aspx)
 ###	Persisting drive letter assignments
 The conversion tool will attempt to remap all drive letter assignment information contained in the registry that correspond to the volumes of the converted disk. If a drive letter assignment cannot be restored, an error will be displayed at the console and in the log, so that you can manually perform the correct assignment of the drive letter. **Important**: this code runs after the layout conversion has taken place, so the operation cannot be undone at this stage. 
 The conversion tool will obtain volume unique ID data before and after the layout conversion, organizing this information into a lookup table. It will then iterate through all the entries in **HKLM\SYSTEM\MountedDevices**, and for each entry do the following:
 1. Check if the unique ID corresponds to any of the unique IDs for any of the volumes that are part of the converted disk.
 2. If found, set the value to be the new unique ID, obtained after the layout conversion.
 3. If the new unique ID cannot be set and the value name starts with \DosDevices, issue a console and log warning about the need for manual intervention in properly restoring the drive letter assignment.
 ## Troubleshooting
 The tool will display status information in its output. Both validation and conversion are clear if any errors are encountered. For example, if one or more partitions do not translate properly, this is displayed and the conversion not performed. To view more detail about any errors that are encountered, see the associated [log files](#logs).
 ### Logs
 Four log files are created by the MBR2GPT tool:
 - diagerr.xml
 - diagwrn.xml
 - setupact.log
 - setuperr.log
 These files contain errors and warnings encountered during disk validation and conversion. Information in these files can be helpful in diagnosing problems with the tool. The setupact.log and setuperr.log files will have the most detailed information about disk layouts, processes, and other information pertaining to disk validation and conversion. Note: The setupact*.log files are different than the Windows Setup files that are found in the %Windir%\Panther directory.
 The default location for all these log files in Windows PE is **%windir%**.
 ### Interactive help
 To view a list of options available when using the tool, type **mbr2gpt /?** 
 The following text is displayed:
 ```
 C:\> mbr2gpt /?
 Converts a disk from MBR to GPT partitioning without modifying or deleting data on the disk.
 MBR2GPT.exe /validate|convert [/disk:<diskNumber>] [/logs:<logDirectory>] [/map:<source>=<destination>] [/allowFullOS]
 Where:
 /validate
         - Validates that the selected disk can be converted
           without performing the actual conversion.
 /convert
         - Validates that the selected disk can be converted
           and performs the actual conversion.
 /disk:<diskNumber>
         - Specifies the disk number of the disk to be processed.
           If not specified, the system disk is processed.
 /logs:<logDirectory>
         - Specifies the directory for logging. By default logs
           are created in the %windir% directory.
 /map:<source>=<destination>
         - Specifies the GPT partition type to be used for a
           given MBR partition type not recognized by Windows.
           Multiple /map switches are allowed.
 /allowFullOS
         - Allows the tool to be used from the full Windows
           environment. By default, this tool can only be used
           from the Windows Preinstallation Environment.
 ```
 ### Return codes
 MBR2GPT has the following associated return codes:
 | Return code | Description |
 |----|-------------|
 |0| Conversion completed successfully.|
 |1| Conversion was canceled by the user.|
 |2| Conversion failed due to an internal error.|
 |3| Conversion failed due to an initialization error.|
 |4| Conversion failed due to invalid command-line parameters. |
 |5| Conversion failed due to error reading the geometry and layout of the selected disk.|
 |6| Conversion failed because one or more volumes on the disk is encrypted.|
 |7| Conversion failed because the geometry and layout of the selected disk do not meet requirements.|
 |8| Conversion failed due to error while creating the EFI system partition.|
 |9| Conversion failed due to error installing boot files.|
 |10| Conversion failed due to error while applying GPT layout.|
 |100| Conversion to GPT layout succeeded, but some boot configuration data entries could not be restored.|
 ### Determining the partition type
 You can type the following command at a Windows PowerShell prompt to display the disk number and partition type. Example output is also shown:
 ```
 PS C:\> Get-Disk | ft -Auto
 Number Friendly Name      Serial Number        HealthStatus OperationalStatus Total Size Partition Style
 ------ -------------      -------------        ------------ ----------------- ---------- ---------------
 0      MTFDDAK256MAM-1K1  13050928F47C         Healthy      Online             238.47 GB MBR
 1      ST1000DM003-1ER162 Z4Y3GD8F             Healthy      Online             931.51 GB GPT
 ```
 You can also view the partition type of a disk by opening the Disk Management tool, right-clicking the disk number, clicking **Properties**, and then clicking the **Volumes** tab. See the following example:
 ![Volumes](images/mbr2gpt-volume.PNG)
 If Windows PowerShell and Disk Management are not available, such as when you are using Windows PE, you can determine the partition type at a command prompt with the diskpart tool. To determine the partition style, type **diskpart** and then type **list disk**. See the following example:
 ```
 DISKPART> list disk
  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          238 GB      0 B
  Disk 1    Online          931 GB      0 B        *
 ```
 In this example, Disk 0 is formatted with the MBR partition style, and Disk 1 is formatted using GPT.
 ## Related topics
 [Using MBR2GPT with Configuration Manager OSD](https://miketerrill.net/tag/mbr2gpt/)
 <BR>[Windows 10 Enterprise system requirements](https://technet.microsoft.com/en-us/windows/dn798752.aspx)
 <BR>[Windows 10 Specifications](https://www.microsoft.com/en-us/windows/Windows-10-specifications)
 <BR>[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro)
--- a/windows/keep-secure/code/example.ps1
+++ b/windows/keep-secure/code/example.ps1
@ -0,0 +1,52 @@
 $tenantId = '{Your Tenant ID}'
 $clientId = '{Your Client ID}'
 $clientSecret = '{Your Client Secret}'
 $authUrl = "https://login.windows.net/{0}/oauth2/token" -f $tenantId
 $tokenPayload = @{
    "resource"='https://graph.windows.net'
    "client_id" = $clientId
    "client_secret" = $clientSecret
    "grant_type"='client_credentials'}
 $response = Invoke-RestMethod $authUrl -Method Post -Body $tokenPayload
 $token = $response.access_token
 $headers = @{
    "Content-Type"="application/json"
    "Accept"="application/json"
    "Authorization"="Bearer {0}" -f $token }
 $apiBaseUrl = "https://ti.securitycenter.windows.com/V1.0/"
 $alertDefinitions =
    (Invoke-RestMethod ("{0}AlertDefinitions" -f $apiBaseUrl) -Method Get -Headers $headers).value
 $alertDefinitionPayload = @{
    "Name"= "The Alert's Name"
    "Severity"= "Low"
    "InternalDescription"= "An internal description of the Alert"
    "Title"= "The Title"
    "UxDescription"= "Description of the alerts"
    "RecommendedAction"= "The alert's recommended action"
    "Category"= "Trojan"
    "Enabled"= "true"}
 $alertDefinition =
    Invoke-RestMethod ("{0}AlertDefinitions" -f $apiBaseUrl) `
        -Method Post -Headers $headers -Body ($alertDefinitionPayload | ConvertTo-Json)
 $alertDefinitionId = $alertDefinition.Id
 $iocPayload = @{
    "Type"="Sha1"
    "Value"="dead1111eeaabbccddeeaabbccddee11ffffffff"
    "DetectionFunction"="Equals"
    "Enabled"="true"
    "AlertDefinition@odata.bind"="AlertDefinitions({0})" -f $alertDefinitionId }
 $ioc =
    Invoke-RestMethod ("{0}IndicatorsOfCompromise" -f $apiBaseUrl) `
         -Method Post -Headers $headers -Body ($iocPayload | ConvertTo-Json)
--- a/windows/keep-secure/code/example.py
+++ b/windows/keep-secure/code/example.py
@ -0,0 +1,53 @@
 import json
 import requests
 from pprint import pprint
 tenant_id="{your tenant ID}"
 client_id="{your client ID}"
 client_secret="{your client secret}"
 auth_url = "https://login.windows.net/{0}/oauth2/token".format(tenant_id)
 payload = {"resource": "https://graph.windows.net",
           "client_id": client_id,
           "client_secret": client_secret,
           "grant_type": "client_credentials"}
 response = requests.post(auth_url, payload)
 token = json.loads(response.text)["access_token"]
 with requests.Session() as session:
    session.headers = {
        'Authorization': 'Bearer {}'.format(token),
        'Content-Type': 'application/json',
        'Accept': 'application/json'}
    response = session.get("https://ti.securitycenter.windows.com/V1.0/AlertDefinitions")
    pprint(json.loads(response.text))
    alert_definition = {"Name": "The alert's name",
                        "Severity": "Low",
                        "InternalDescription": "An internal description of the alert",
                        "Title": "The Title",
                        "UxDescription": "Description of the alerts",
                        "RecommendedAction": "The alert's recommended action",
                        "Category": "Trojan",
                        "Enabled": True}
    response = session.post(
        "https://ti.securitycenter.windows.com/V1.0/AlertDefinitions",
        json=alert_definition)
    alert_definition_id = json.loads(response.text)["Id"]
    ioc = {'Type': "Sha1",
           'Value': "dead1111eeaabbccddeeaabbccddee11ffffffff",
           'DetectionFunction': "Equals",
           'Enabled': True,
           "AlertDefinition@odata.bind": "AlertDefinitions({0})".format(alert_definition_id)}
    response = session.post(
        "https://ti.securitycenter.windows.com/V1.0/IndicatorsOfCompromise",
        json=ioc)
    pprint(json.loads(response.text))
--- a/windows/keep-secure/custom-ti-api-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/custom-ti-api-windows-defender-advanced-threat-protection.md
@ -347,11 +347,13 @@ These parameters are compatible with the [OData V4 query language](http://docs.o
 ## Code examples
 The following articles provide detailed code examples that demonstrate how to use the custom threat intelligence API in several programming languages:
- PowerShell code examples
+- [PowerShell code examples](powershell-example-code-windows-defender-advanced-threat-protection.md)
- Python code examples
+- [Python code examples](python-example-code-windows-defender-advanced-threat-protection.md)
 ## Related topics
- [Understand threat intelligence](threat-indicator-concepts-windows-defender-advanced-threat-protection.md)
+- [Understand threat intelligence concepts](threat-indicator-concepts-windows-defender-advanced-threat-protection.md)
 - [Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md)
 - [PowerShell code examples](powershell-example-code-windows-defender-advanced-threat-protection.md)
 - [Python code examples](python-example-code-windows-defender-advanced-threat-protection.md)
 - [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md)
--- a/windows/keep-secure/enable-custom-ti-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/enable-custom-ti-windows-defender-advanced-threat-protection.md
@ -40,6 +40,8 @@ Before you can create custom threat intelligence (TI) using REST API, you'll nee
 You’ll need to use the access token in the Authorization header when doing REST API calls.
 ## Related topics
- [Understand threat intelligence](threat-indicator-concepts-windows-defender-advanced-threat-protection.md)
+- [Understand threat intelligence concepts](threat-indicator-concepts-windows-defender-advanced-threat-protection.md)
- [Create custom threat intelligence](custom-ti-api-windows-defender-advanced-threat-protection.md)
+- [Create custom threat intelligence alerts](custom-ti-api-windows-defender-advanced-threat-protection.md)
 - [PowerShell code examples](powershell-example-code-windows-defender-advanced-threat-protection.md)
 - [Python code examples](python-example-code-windows-defender-advanced-threat-protection.md)
 - [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md)
--- a/windows/keep-secure/fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md
@ -50,10 +50,10 @@ This status indicates that there's limited communication between the machine and
 The following suggested actions can help fix issues related to a misconfigured machine with impaired communication:
- [Ensure the endpoint has Internet connection](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md#ensure-the-endpoint-has-an-internet-connection)
+- [Ensure the endpoint has Internet connection](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md#ensure-the-endpoint-has-an-internet-connection)</br>
  The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Windows Defender ATP service.
- Verify client connectivity to Windows Defender ATP service URLs</br>
+- [Verify client connectivity to Windows Defender ATP service URLs](configure-proxy-internet-windows-defender-advanced-threat-protection.md#verify-client-connectivity-to-windows-defender-atp-service-urls)</br>
  Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Windows Defender ATP service URLs.
 If you took corrective actions and the machine status is still misconfigured, [open a support ticket](http://go.microsoft.com/fwlink/?LinkID=761093&clcid=0x409).
@ -62,16 +62,16 @@ If you took corrective actions and the machine status is still misconfigured, [o
 A misconfigured machine with status ‘No sensor data’ has communication with the service but can only report partial sensor data.
 Follow theses actions to correct known issues related to a misconfigured machine with status ‘Impaired communication’:
- [Ensure the endpoint has Internet connection](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md#ensure-the-endpoint-has-an-internet-connection)
+- [Ensure the endpoint has Internet connection](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md#ensure-the-endpoint-has-an-internet-connection)</br>
  The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Windows Defender ATP service.
- Verify client connectivity to Windows Defender ATP service URLs</br>
+- [Verify client connectivity to Windows Defender ATP service URLs](configure-proxy-internet-windows-defender-advanced-threat-protection.md#verify-client-connectivity-to-windows-defender-atp-service-urls)</br>
  Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Windows Defender ATP service URLs.
- [Ensure the telemetry and diagnostics service is enabled](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md#ensure-the-telemetry-and-diagnostics-service-is-enabled)
+- [Ensure the telemetry and diagnostics service is enabled](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md#ensure-the-telemetry-and-diagnostics-service-is-enabled)</br>
 If the endpoints aren't reporting correctly, you might need to check that the Windows 10 telemetry and diagnostics service is set to automatically start and is running on the endpoint.
- [Ensure that Windows Defender is not disabled by policy](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md#ensure-that-windows-defender-is-not-disabled-by-a-policy)
+- [Ensure that Windows Defender is not disabled by policy](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md#ensure-that-windows-defender-is-not-disabled-by-a-policy)</br>
 If your endpoints are running a third-party antimalware client, the Windows Defender ATP agent needs the Windows Defender Early Launch Antimalware (ELAM) driver to be enabled.
 If you took corrective actions and the machine status is still misconfigured, [open a support ticket](http://go.microsoft.com/fwlink/?LinkID=761093&clcid=0x409).
--- a/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md
@ -40,7 +40,7 @@ When you investigate a specific machine, you'll see:
 ![Image of machine details page](images/atp-machine-details-view.png)
-The machine details, total logged on users and machine reporting sections display various attributes about the machine. You’ll see details such as machine name, health status, actions you can take on the machine. For more information on how to take action on a machine, see [Take response action on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md).
+The machine details, total logged on users and machine reporting sections display various attributes about the machine. You’ll see details such as machine name, health state, actions you can take on the machine. For more information on how to take action on a machine, see [Take response action on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md).
 You'll also see other information such as domain, operating system (OS), total logged on users and who frequently and less frequently logged on, IP address, and how long it's been reporting sensor data to the Windows Defender ATP service.
--- a/windows/keep-secure/powershell-example-code-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/powershell-example-code-windows-defender-advanced-threat-protection.md
@ -26,88 +26,54 @@ localizationpriority: high
 This article provides PowerShell code examples for using the custom threat intelligence API.
 These code examples demonstrate the following tasks:
- [Obtain an Azure AD access token](#obtain-an-azure-ad-access-token)
+- [Obtain an Azure AD access token](#token)
- [Create headers](#create-headers)
+- [Create headers](#headers)
- [Create calls to the custom threat intelligence API](#create-calls-to-the-custom-threat-intelligence-api)
+- [Create calls to the custom threat intelligence API](#calls)
- [Create a new alert definition](#create-a-new-alert-definition)
+- [Create a new alert definition](#alert-definition)
- [Create a new indicator of compromise](#create-a-new-indicator-of-compromise)
+- [Create a new indicator of compromise](#ioc)
-## Obtain an Azure AD access token
+<span id="token" />
 ## Step 1: Obtain an Azure AD access token
 The following example demonstrates how to obtain an Azure AD access token that you can use to call methods in the custom threat intelligence API. After you obtain a token, you have 60 minutes to use this token in calls to the custom threat intelligence API before the token expires. After the token expires, you can generate a new token.
-Replace the *tenant\_id*, *client_id*, and *client_secret* values with the ones you got from **Preferences settings** page in the portal:
+Replace the *tenantid*, *clientid*, and *clientSecret* values with the ones you got from **Preferences settings** page in the portal:
-```
+[!code[CustomTIAPI](./code/example.ps1#L1-L14)]
-$tenantId = '{Your Tenant ID}
+<span id="header" />
-$clientId = '{Your Client ID}'
+## Step 2: Create headers used for the requests with the API
-$clientSecret = '{Your Client Secret}'
+Use the following code to create the headers used for the requests with the API:
-$authUrl = "https://login.windows.net/{0}/oauth2/token" -f $tenantId
+[!code[CustomTIAPI](./code/example.ps1#L16-L19)]
-$tokenPayload = @{
+<span id="calls" />
-    "resource"='https://graph.windows.net'
+## Step 3: Create calls to the custom threat intelligence API
-    "client_id" = $clientId
+After creating the headers, you can now create calls to the API. The following example demonstrates how you can view all the alert definition entities:
    "client_secret" = $clientSecret
    "grant_type"='client_credentials'}
-$response = Invoke-RestMethod $authUrl -Method Post -Body $tokenPayload
+[!code[CustomTIAPI](./code/example.ps1#L21-L24)]
 $token = $response.access_token
-```
+The response is empty on initial use of the API.
-## Create headers
+<span id="alert-definition" />
-The following example demonstrates how to create headers used for the requests with the API.
+## Step 4: Create a new alert definition
 The following example demonstrates how you to create a new alert definition.
-```
+[!code[CustomTIAPI](./code/example.ps1#L26-L39)]
 $headers = @{}
 $headers.Add("Content-Type", "application/json")
 $headers.Add("Accept", "application/json")
 $headers.Add("Authorization", "Bearer {0}" -f $token)
-```
+<span id="ioc" />
 ## Step 5: Create a new indicator of compromise
 You can now use the alert ID obtained from creating a new alert definition to create a new indicator of compromise.
-## Create calls to the custom threat intelligence API
+[!code[CustomTIAPI](./code/example.ps1#L43-L53)]
 The following example demonstrates how to view all alert definition entities by creating a call to the API.
-```
+## Complete code
-$apiBaseUrl = "https://ti.securitycenter.windows.com/V1.0/"
+You can use the complete code to create calls to the API.
 $alertDefinitions =
    (Invoke-RestMethod ("{0}AlertDefinitions" -f $apiBaseUrl) -Method Get -Headers $headers).value
 ```
-If this is the first time to use the API, the response is empty.
+[!code[CustomTIAPI](./code/example.ps1#L1-L53)]
-## Create a new alert definition
+## Related topics
-The following example shows how to create a new alert definition.
+- [Understand threat intelligence concepts](threat-indicator-concepts-windows-defender-advanced-threat-protection.md)
-
+- [Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md)
-```
+- [Create custom threat intelligence alerts](custom-ti-api-windows-defender-advanced-threat-protection.md)
-$alertDefinitionPayload = @{
+- [Python code examples](python-example-code-windows-defender-advanced-threat-protection.md)
-    "Name"= "The Alert's Name"
+- [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md)
    "Severity"= "Low"
    "InternalDescription"= "An internal description of the Alert"
    "Title"= "The Title"
    "UxDescription"= "Description of the alerts"
    "RecommendedAction"= "The alert's recommended action"
    "Category"= "Trojan"
    "Enabled"= "true"}
 $alertDefinition =
    Invoke-RestMethod ("{0}AlertDefinitions" -f $apiBaseUrl) -Method Post -Headers $headers -Body ($alertDefinitionPayload | ConvertTo-Json)
 ```
 ## Create a new indicator of compromise
 The following example shows how to use the alert ID obtained from creating a new alert definition to create a new indicator of compromise.
 ```
 $iocPayload = @{
    "Type"="Sha1"
    "Value"="dead1111eeaabbccddeeaabbccddee11ffffffff"
    "DetectionFunction"="Equals"
    "Enabled"="true"
    "AlertDefinition@odata.bind"="AlertDefinitions({0})" -f $alertDefinitionId }
 $ioc = Invoke-RestMethod ("{0}IndicatorsOfCompromise" -f $apiBaseUrl) -Method Post -Headers $headers -Body ($iocPayload | ConvertTo-Json)
 ```
--- a/windows/keep-secure/preview-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/preview-windows-defender-advanced-threat-protection.md
@ -34,18 +34,18 @@ For more information, see [Turn on the preview experience](preview-settings-wind
 ## Preview features
 The following features are included in the preview release:
- [Take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md) - Take action on machine related alerts to quickly respond to detected attacks by isolating machines or collecting an investigation package.
+- [Take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md) - Quickly respond to detected attacks by isolating machines or collecting an investigation package.
  - [Isolate machines from the network](respond-machine-alerts-windows-defender-advanced-threat-protection.md#isolate-machines-from-the-network)
  - [Undo machine isolation](respond-machine-alerts-windows-defender-advanced-threat-protection.md#undo-machine-isolation)
  - [Collect investigation package](respond-machine-alerts-windows-defender-advanced-threat-protection.md#collect-investigation-package-from-machines)
- [Take response actions on a file](respond-file-alerts-windows-defender-advanced-threat-protection.md) - Take action on file related alerts to quickly respond to detected attacks by stopping and quarantining files or blocking a file.
+- [Take response actions on a file](respond-file-alerts-windows-defender-advanced-threat-protection.md) - Quickly respond to detected attacks by stopping and quarantining files or blocking a file.
  - [Stop and quarantine files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#stop-and-quarantine-files-in-your-network)
  - [Remove file from quarantine](respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-quarantine)
  - [Block files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#block-files-in-your-network)
- [Check sensor status](check-sensor-status-windows-defender-advanced-threat-protection.md) - Check an endpoint's ability to provide sensor data and communicate with the Windows Defender ATP service and fix sensor issues if you identify problematic machines.
+- [Check sensor health state](check-sensor-status-windows-defender-advanced-threat-protection.md) - Check an endpoint's ability to provide sensor data and communicate with the Windows Defender ATP service and fix known issues.
  - [Fix unhealthy sensors](fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md)
 >[!NOTE]
-> All response features require machines to be on the latest Windows 10 Insider Preview build and above.
+> All response actions require machines to be on the latest Windows 10 Insider Preview build.
--- a/windows/keep-secure/python-example-code-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/python-example-code-windows-defender-advanced-threat-protection.md
@ -27,95 +27,55 @@ localizationpriority: high
 You must [install](http://docs.python-requests.org/en/master/user/install/#install) the "[requests](http://docs.python-requests.org/en/master/)" python library.
 These code examples demonstrate the following tasks:
- [Obtain an Azure AD access token](#obtain-an-azure-ad-access-token)
+- [Obtain an Azure AD access token](#token)
- [Create request session object](#create-a-request's-session-object)
+- [Create request session object](#session-object)
- [Create calls to the custom threat intelligence API](#create-calls-to-the-custom-threat-intelligence-api)
+- [Create calls to the custom threat intelligence API](#calls)
- [Create a new alert definition](#create-a-new-alert-definition)
+- [Create a new alert definition](#alert-definition)
- [Create a new indicator of compromise](#create-a-new-indicator-of-compromise)
+- [Create a new indicator of compromise](#ioc)
-## Obtain an Azure AD access token
+<span id="token" />
 ## Step 1: Obtain an Azure AD access token
 The following example demonstrates how to obtain an Azure AD access token that you can use to call methods in the custom threat intelligence API. After you obtain a token, you have 60 minutes to use this token in calls to the custom threat intelligence API before the token expires. After the token expires, you can generate a new token.
 Replace the *tenant\_id*, *client_id*, and *client_secret* values with the ones you got from **Preferences settings** page in the portal:
-```
+[!code[CustomTIAPI](./code/example.py#L1-L17)]
 import json
 import requests
 from pprint import pprint
 tenant_id="{your tenant ID}"
 client_id="{your client ID"
 client_secret="{your client secret}"
 full_auth_url = r"https://login.windows.net/{0}/oauth2/token".format(tenant_id)
 payload = {"resource": "https://graph.windows.net",
           "client_id": client_id,
           "client_secret": client_secret,
           "grant_type": "client_credentials"}
-response = requests.post(full_auth_url, payload)
+<span id="session-object" />
-token = json.loads(response.text)["access_token"]
+## Step 2: Create request session object
 ```
 ## Create request session object
 Add HTTP headers to the session object, including the Authorization header with the token that was obtained.
-```
+[!code[CustomTIAPI](./code/example.py#L19-L23)]
 with requests.Session() as session:
    session.headers = {
        'Authorization': 'Bearer {}'.format(token),
        'Content-Type': 'application/json',
        'Accept': 'application/json'}
 ```
-## Create calls to the custom threat intelligence API
+<span id="calls" />
-The following example shows how to view all of the alert definition entities by creating a call to the API.
+## Step 3: Create calls to the custom threat intelligence API
 After adding HTTP headers to the session object, you can now create calls to the API. The following example demonstrates how you can view all the alert definition entities:
->[!NOTE]
+[!code[CustomTIAPI](./code/example.py#L25-L26)]
 > All code is still within the ```with``` statement with the same indention level.
-```json
+The response is empty on initial use of the API.
-response = session.get("https://ti.securitycenter.windows.com/V1.0/AlertDefinitions")
+<span id="alert-definition" />
-pprint(json.loads(response.text))
+## Step 4: Create a new alert definition
-```
+The following example demonstrates how you to create a new alert definition.
-If this is the first time to use the API, the response is empty.
+[!code[CustomTIAPI](./code/example.py#L28-L39)]
-## Create a new alert definition
+<span id="ioc" />
-The following example shows how to create a new alert definition.
+## Step 5: Create a new indicator of compromise
 You can now use the alert ID obtained from creating a new alert definition to create a new indicator of compromise.
-```
+[!code[CustomTIAPI](./code/example.py#L41-L51)]
-alert_definition = {"Name": "The Alert's Name",
+## Complete code
-                    "Severity": "Low",
+You can use the complete code to create calls to the API.
                    "InternalDescription": "An internal description of the Alert",
                    "Title": "The Title",
                    "UxDescription": "Description of the alerts",
                    "RecommendedAction": "The alert's recommended action",
                    "Category": "Trojan",
                    "Enabled": True}
-response = session.post(
+[!code[CustomTIAPI](./code/example.py#L1-L51)]
    "https://ti.securitycenter.windows.com/V1.0/AlertDefinitions",
    json=alert_definition)
 ```
-## Create a new indicator of compromise
+## Related topics
-The following example shows how to use the alert ID obtained from creating a new alert definition to create a new indicator of compromise.
+- [Understand threat intelligence](threat-indicator-concepts-windows-defender-advanced-threat-protection.md)
-
+- [Create custom threat intelligence alerts](custom-ti-api-windows-defender-advanced-threat-protection.md)
-```
+- [Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md)
-alert_definition_id = json.loads(response.text)["Id"]
+- [PowerShell code examples](powershell-example-code-windows-defender-advanced-threat-protection.md)
-    ioc = {'Type': "Sha1",
+- [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md)
           'Value': "dead1111eeaabbccddeeaabbccddee11ffffffff",
           'DetectionFunction': "Equals",
           'Enabled': True,
           "AlertDefinition@odata.bind": "AlertDefinitions({0})".format(alert_definition_id)}
    response = session.post(
        "https://ti.securitycenter.windows.com/V1.0/IndicatorsOfCompromise",
        json=ioc)
 ```
--- a/windows/keep-secure/respond-file-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/respond-file-alerts-windows-defender-advanced-threat-protection.md
@ -23,7 +23,7 @@ localizationpriority: high
 <span style="color:#ED1C24;">[Some information relates to pre–released product, which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]</span>
-You can take action on file related alerts to quickly respond to detected attacks by stopping and quarantining files or blocking a file. After taking action on files, you can check activity details on the Action center.
+Quickly respond to detected attacks by stopping and quarantining files or blocking a file. After taking action on files, you can check activity details on the Action center.
 >[!NOTE]
 > These response actions are only available for machines on Windows 10, version  1703.
--- a/windows/keep-secure/respond-machine-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/respond-machine-alerts-windows-defender-advanced-threat-protection.md
@ -23,7 +23,7 @@ localizationpriority: high
 <span style="color:#ED1C24;">[Some information relates to pre-released product, which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]</span>
-You can take action on machine related alerts to quickly respond to detected attacks by isolating machines or collecting an investigation package. After taking action on machines, you can check activity details on the Action center.
+Quickly respond to detected attacks by isolating machines or collecting an investigation package. After taking action on machines, you can check activity details on the Action center.
 >[!NOTE]
 > These response actions are only available for machines on Windows 10, version  1703.
--- a/windows/keep-secure/threat-indicator-concepts-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/threat-indicator-concepts-windows-defender-advanced-threat-protection.md
@ -11,7 +11,7 @@ author: mjcaparas
 localizationpriority: high
 ---
-# Understand threat indicators
+# Understand threat intelligence concepts
 **Applies to:**
@ -49,5 +49,7 @@ IOCs have a many-to-one relationship with alert definitions such that an alert d
 ## Related topic
 - [Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md)
- [Create custom threat indicators using REST API](custom-ti-api-windows-defender-advanced-threat-protection.md)
+- [Create custom threat intelligence alerts](custom-ti-api-windows-defender-advanced-threat-protection.md)
 - [PowerShell code examples](powershell-example-code-windows-defender-advanced-threat-protection.md)
 - [Python code examples](python-example-code-windows-defender-advanced-threat-protection.md)
 - [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md)
--- a/windows/keep-secure/troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md
@ -44,3 +44,11 @@ If your client secret expires or if you've misplaced the copy provided when you
 6. Click **Save**. The key value is displayed.
 7. Copy the value and save it in a safe place.
 ## Related topics
 - [Understand threat intelligence](threat-indicator-concepts-windows-defender-advanced-threat-protection.md)
 - [Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md)
 - [Create custom threat intelligence](custom-ti-api-windows-defender-advanced-threat-protection.md)
 - [PowerShell code examples](powershell-example-code-windows-defender-advanced-threat-protection.md)
 - [Python code examples](python-example-code-windows-defender-advanced-threat-protection.md)