items 26 to 56 reviewed

windows/client-management/mdm/devicemanageability-csp.md

@@ -1,6 +1,6 @@
 ---
 title: DeviceManageability CSP
-description: The DeviceManageability configuration service provider (CSP) is used retrieve the general information about MDM configuration capabilities on the device. This CSP was added in Windows 10, version 1607.
+description: The DeviceManageability configuration service provider (CSP) is used retrieve general information about MDM configuration capabilities on the device. 
 ms.assetid: FE563221-D5B5-4EFD-9B60-44FE4066B0D2
 ms.reviewer: 
 manager: dansimp

windows/client-management/mdm/dmclient-csp.md

@@ -1,6 +1,6 @@
 ---
 title: DMClient CSP
-description: The DMClient configuration service provider is used to specify additional enterprise-specific mobile device management configuration settings for identifying the device in the enterprise domain, security mitigation for certificate renewal, and server-triggered enterprise unenrollment.
+description: Understand how the DMClient configuration service provider works. It is used to specify enterprise-specific mobile device management configuration settings.
 ms.assetid: a5cf35d9-ced0-4087-a247-225f102f2544
 ms.reviewer: 
 manager: dansimp

windows/client-management/mdm/eap-configuration.md

@@ -1,6 +1,6 @@
 ---
 title: EAP configuration
-description: The topic provides a step-by-step guide for creating an Extensible Authentication Protocol (EAP) configuration XML for the VPN profile and information about EAP certificate filtering in Windows 10.
+description: Learn how to create an Extensible Authentication Protocol (EAP) configuration XML for a VPN profile, plus info about EAP certificate filtering in Windows 10.
 ms.assetid: DD3F2292-4B4C-4430-A57F-922FED2A8FAE
 ms.reviewer: 
 manager: dansimp

windows/client-management/mdm/implement-server-side-mobile-application-management.md

@@ -1,6 +1,6 @@
 ---
 title: Provide server-side support for mobile app management on Windows
-description: The Windows version of mobile application management (MAM) is a lightweight solution for managing company data access and security on personal devices. MAM support is built into Windows on top of Windows Information Protection (WIP).
+description: The Windows version of mobile application management (MAM) is a lightweight solution for managing company data access and security on personal devices.
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10

windows/deployment/deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md

@@ -1,6 +1,6 @@
 ---
 title: Create a task sequence with Configuration Manager (Windows 10)
-description: In this topic, you will learn how to create a Microsoft System Center 2012 R2 Configuration Manager task sequence with Microsoft Deployment Toolkit (MDT) integration using the MDT wizard.
+description: Create a Microsoft System Center 2012 R2 Configuration Manager task sequence with Microsoft Deployment Toolkit (MDT) integration using the MDT wizard.
 ms.assetid: 0b069bec-5be8-47c6-bf64-7a630f41ac98
 ms.reviewer: 
 manager: laurawi

windows/deployment/deploy-windows-mdt/use-orchestrator-runbooks-with-mdt.md

@@ -1,177 +1,178 @@
----
+---
-title: Use Orchestrator runbooks with MDT (Windows 10)
+title: Use Orchestrator runbooks with MDT (Windows 10)
-description: This topic will show you how to integrate Microsoft System Center 2012 R2 Orchestrator with MDT to replace the existing web services that are used in deployment solutions.
+description: Learn how to integrate Microsoft System Center 2012 R2 Orchestrator with MDT to replace the existing web services that are used in deployment solutions.
-ms.assetid: 68302780-1f6f-4a9c-9407-b14371fdce3f
+ms.assetid: 68302780-1f6f-4a9c-9407-b14371fdce3f
-ms.reviewer: 
+ms.reviewer: 
-manager: laurawi
+manager: laurawi
-ms.author: greglin
+ms.author: greglin
-keywords: web services, database
+keywords: web services, database
-ms.prod: w10
+ms.prod: w10
-ms.mktglfcycl: deploy
+ms.mktglfcycl: deploy
-ms.localizationpriority: medium
+ms.localizationpriority: medium
-ms.sitesec: library
+ms.sitesec: library
-ms.pagetype: mdt
+ms.pagetype: mdt
-audience: itpro
author: greg-lindsay
+audience: itpro
-ms.topic: article
+author: greg-lindsay
----
+ms.topic: article
-
+---
-# Use Orchestrator runbooks with MDT
+
-
+# Use Orchestrator runbooks with MDT
-This topic will show you how to integrate Microsoft System Center 2012 R2 Orchestrator with MDT to replace the existing web services that are used in deployment solutions.
+
-MDT can integrate with System Center 2012 R2 Orchestrator, which is a component that ties the Microsoft System Center products together, as well as other products from both Microsoft and third-party vendors. The difference between using Orchestrator and "normal" web services, is that with Orchestrator you have a rich drag-and-drop style interface when building the solution, and little or no coding is required.
+This topic will show you how to integrate Microsoft System Center 2012 R2 Orchestrator with MDT to replace the existing web services that are used in deployment solutions.
-
+MDT can integrate with System Center 2012 R2 Orchestrator, which is a component that ties the Microsoft System Center products together, as well as other products from both Microsoft and third-party vendors. The difference between using Orchestrator and "normal" web services, is that with Orchestrator you have a rich drag-and-drop style interface when building the solution, and little or no coding is required.
-**Note**  
+
-If you are licensed to use Orchestrator, we highly recommend that you start using it. To find out more about licensing options for System Center 2012 R2 and Orchestrator, visit the [System Center 2012 R2](https://go.microsoft.com/fwlink/p/?LinkId=619553) website.
+**Note**  
- 
+If you are licensed to use Orchestrator, we highly recommend that you start using it. To find out more about licensing options for System Center 2012 R2 and Orchestrator, visit the [System Center 2012 R2](https://go.microsoft.com/fwlink/p/?LinkId=619553) website.
-## <a href="" id="sec01"></a>Orchestrator terminology
+ 
-
+## <a href="" id="sec01"></a>Orchestrator terminology
-Before diving into the core details, here is a quick course in Orchestrator terminology:
+
--   **Orchestrator Server.** This is a server that executes runbooks.
+Before diving into the core details, here is a quick course in Orchestrator terminology:
--   **Runbooks.** A runbook is similar to a task sequence; it is a series of instructions based on conditions. Runbooks consist of workflow activities; an activity could be Copy File, Get User from Active Directory, or even Write to Database.
+-   **Orchestrator Server.** This is a server that executes runbooks.
--   **Orchestrator Designer.** This is where you build the runbooks. In brief, you do that by creating an empty runbook, dragging in the activities you need, and then connecting them in a workflow with conditions and subscriptions.
+-   **Runbooks.** A runbook is similar to a task sequence; it is a series of instructions based on conditions. Runbooks consist of workflow activities; an activity could be Copy File, Get User from Active Directory, or even Write to Database.
--   **Subscriptions.** These are variables that come from an earlier activity in the runbook. So if you first execute an activity in which you type in a computer name, you can then subscribe to that value in the next activity. All these variables are accumulated during the execution of the runbook.
+-   **Orchestrator Designer.** This is where you build the runbooks. In brief, you do that by creating an empty runbook, dragging in the activities you need, and then connecting them in a workflow with conditions and subscriptions.
--   **Orchestrator Console.** This is the Microsoft Silverlight-based web page you can use interactively to execute runbooks. The console listens to TCP port 81 by default.
+-   **Subscriptions.** These are variables that come from an earlier activity in the runbook. So if you first execute an activity in which you type in a computer name, you can then subscribe to that value in the next activity. All these variables are accumulated during the execution of the runbook.
--   **Orchestrator web services.** These are the web services you use in the Microsoft Deployment Toolkit to execute runbooks during deployment. The web services listen to TCP port 82 by default.
+-   **Orchestrator Console.** This is the Microsoft Silverlight-based web page you can use interactively to execute runbooks. The console listens to TCP port 81 by default.
--   **Integration packs.** These provide additional workflow activities you can import to integrate with other products or solutions, like the rest of Active Directory, other System Center 2012 R2 products, or Microsoft Exchange Server, to name a few.
+-   **Orchestrator web services.** These are the web services you use in the Microsoft Deployment Toolkit to execute runbooks during deployment. The web services listen to TCP port 82 by default.
-
+-   **Integration packs.** These provide additional workflow activities you can import to integrate with other products or solutions, like the rest of Active Directory, other System Center 2012 R2 products, or Microsoft Exchange Server, to name a few.
-**Note**  
+
-To find and download additional integration packs, see [Integration Packs for System Center 2012 - Orchestrator](https://go.microsoft.com/fwlink/p/?LinkId=619554).
+**Note**  
- 
+To find and download additional integration packs, see [Integration Packs for System Center 2012 - Orchestrator](https://go.microsoft.com/fwlink/p/?LinkId=619554).
-## <a href="" id="sec02"></a>Create a sample runbook
+ 
-
+## <a href="" id="sec02"></a>Create a sample runbook
-This section assumes you have Orchestrator 2012 R2 installed on a server named OR01. In this section, you create a sample runbook, which is used to log some of the MDT deployment information into a text file on OR01.
+
-
+This section assumes you have Orchestrator 2012 R2 installed on a server named OR01. In this section, you create a sample runbook, which is used to log some of the MDT deployment information into a text file on OR01.
-1. On OR01, using File Explorer, create the **E:\\Logfile** folder, and grant Users modify permissions (NTFS).
+
-2. In the **E:\\Logfile** folder, create the DeployLog.txt file.
+1. On OR01, using File Explorer, create the **E:\\Logfile** folder, and grant Users modify permissions (NTFS).
-   **Note**  
+2. In the **E:\\Logfile** folder, create the DeployLog.txt file.
-   Make sure File Explorer is configured to show known file extensions so the file is not named DeployLog.txt.txt.
+   **Note**  
-     
+   Make sure File Explorer is configured to show known file extensions so the file is not named DeployLog.txt.txt.
-   ![figure 23](../images/mdt-09-fig23.png)
+     
-
+   ![figure 23](../images/mdt-09-fig23.png)
-   Figure 23. The DeployLog.txt file.
+
-
+   Figure 23. The DeployLog.txt file.
-3. Using System Center 2012 R2 Orchestrator Runbook Designer, in the **Runbooks** node, create the **1.0 MDT** folder.
+
-
+3. Using System Center 2012 R2 Orchestrator Runbook Designer, in the **Runbooks** node, create the **1.0 MDT** folder.
-   ![figure 24](../images/mdt-09-fig24.png)
+
-
+   ![figure 24](../images/mdt-09-fig24.png)
-   Figure 24. Folder created in the Runbooks node.
+
-
+   Figure 24. Folder created in the Runbooks node.
-4. In the **Runbooks** node, right-click the **1.0 MDT** folder, and select **New / Runbook**.
+
-5. On the ribbon bar, click **Check Out**.
+4. In the **Runbooks** node, right-click the **1.0 MDT** folder, and select **New / Runbook**.
-6. Right-click the **New Runbook** label, select **Rename**, and assign the name **MDT Sample**.
+5. On the ribbon bar, click **Check Out**.
-7. Add (using a drag-and-drop operation) the following items from the **Activities** list to the middle pane:
+6. Right-click the **New Runbook** label, select **Rename**, and assign the name **MDT Sample**.
-   1.  Runbook Control / Initialize Data
+7. Add (using a drag-and-drop operation) the following items from the **Activities** list to the middle pane:
-   2.  Text File Management / Append Line
+   1.  Runbook Control / Initialize Data
-8. Connect **Initialize Data** to **Append Line**.
+   2.  Text File Management / Append Line
-
+8. Connect **Initialize Data** to **Append Line**.
-   ![figure 25](../images/mdt-09-fig25.png)
+
-
+   ![figure 25](../images/mdt-09-fig25.png)
-   Figure 25. Activities added and connected.
+
-
+   Figure 25. Activities added and connected.
-9. Right-click the **Initialize Data** activity, and select **Properties**
+
-10. On **the Initialize Data Properties** page, click **Add**, change **Parameter 1** to **OSDComputerName**, and then click **Finish**.
+9. Right-click the **Initialize Data** activity, and select **Properties**
-
+10. On **the Initialize Data Properties** page, click **Add**, change **Parameter 1** to **OSDComputerName**, and then click **Finish**.
-    ![figure 26](../images/mdt-09-fig26.png)
+
-
+    ![figure 26](../images/mdt-09-fig26.png)
-    Figure 26. The Initialize Data Properties window.
+
-
+    Figure 26. The Initialize Data Properties window.
-11. Right-click the **Append Line** activity, and select **Properties**.
+
-12. On the **Append Line Properties** page, in the **File** text box, type **E:\\Logfile\\DeployLog.txt**.
+11. Right-click the **Append Line** activity, and select **Properties**.
-13. In the **File** encoding drop-down list, select **ASCII**.
+12. On the **Append Line Properties** page, in the **File** text box, type **E:\\Logfile\\DeployLog.txt**.
-14. In the **Append** area, right-click inside the **Text** text box and select **Expand**.
+13. In the **File** encoding drop-down list, select **ASCII**.
-
+14. In the **Append** area, right-click inside the **Text** text box and select **Expand**.
-    ![figure 27](../images/mdt-09-fig27.png)
+
-
+    ![figure 27](../images/mdt-09-fig27.png)
-    Figure 27. Expanding the Text area.
+
-
+    Figure 27. Expanding the Text area.
-15. In the blank text box, right-click and select **Subscribe / Published Data**.
+
-
+15. In the blank text box, right-click and select **Subscribe / Published Data**.
-    ![figure 28](../images/mdt-09-fig28.png)
+
-
+    ![figure 28](../images/mdt-09-fig28.png)
-    Figure 28. Subscribing to data.
+
-
+    Figure 28. Subscribing to data.
-16. In the **Published Data** window, select the **OSDComputerName** item, and click **OK**.
+
-17. After the **{OSDComputerName from "Initialize Data"}** text, type in **has been deployed at** and, once again, right-click and select **Subscribe / Published Data**.
+16. In the **Published Data** window, select the **OSDComputerName** item, and click **OK**.
-18. In the **Published Data** window, select the **Show common Published Data** check box, select the **Activity end time** item, and click **OK**.
+17. After the **{OSDComputerName from "Initialize Data"}** text, type in **has been deployed at** and, once again, right-click and select **Subscribe / Published Data**.
-
+18. In the **Published Data** window, select the **Show common Published Data** check box, select the **Activity end time** item, and click **OK**.
-    ![figure 29](../images/mdt-09-fig29.png)
+
-
+    ![figure 29](../images/mdt-09-fig29.png)
-    Figure 29. The expanded text box after all subscriptions have been added.
+
-
+    Figure 29. The expanded text box after all subscriptions have been added.
-19. On the **Append Line Properties** page, click **Finish**.
+
-    ## <a href="" id="sec03"></a>Test the demo MDT runbook
+19. On the **Append Line Properties** page, click **Finish**.
-    After the runbook is created, you are ready to test it.
+    ## <a href="" id="sec03"></a>Test the demo MDT runbook
-20. On the ribbon bar, click **Runbook Tester**.
+    After the runbook is created, you are ready to test it.
-21. Click **Run**, and in the **Initialize Data Parameters** dialog box, use the following setting and then click **OK**:
+20. On the ribbon bar, click **Runbook Tester**.
-    -   OSDComputerName: PC0010
+21. Click **Run**, and in the **Initialize Data Parameters** dialog box, use the following setting and then click **OK**:
-22. Verify that all activities are green (for additional information, see each target).
+    -   OSDComputerName: PC0010
-23. Close the **Runbook Tester**.
+22. Verify that all activities are green (for additional information, see each target).
-24. On the ribbon bar, click **Check In**.
+23. Close the **Runbook Tester**.
-
+24. On the ribbon bar, click **Check In**.
-![figure 30](../images/mdt-09-fig30.png)
+
-
+![figure 30](../images/mdt-09-fig30.png)
-Figure 30. All tests completed.
+
-
+Figure 30. All tests completed.
-## Use the MDT demo runbook from MDT
+
-
+## Use the MDT demo runbook from MDT
-1.  On MDT01, using the Deployment Workbench, in the MDT Production deployment share, select the **Task Sequences** node, and create a folder named **Orchestrator**.
+
-2.  Right-click the **Orchestrator** node, and select **New Task Sequence**. Use the following settings for the New Task Sequence Wizard:
+1.  On MDT01, using the Deployment Workbench, in the MDT Production deployment share, select the **Task Sequences** node, and create a folder named **Orchestrator**.
-    1.  Task sequence ID: OR001
+2.  Right-click the **Orchestrator** node, and select **New Task Sequence**. Use the following settings for the New Task Sequence Wizard:
-    2.  Task sequence name: Orchestrator Sample
+    1.  Task sequence ID: OR001
-    3.  Task sequence comments: &lt;blank&gt;
+    2.  Task sequence name: Orchestrator Sample
-    4.  Template: Custom Task Sequence
+    3.  Task sequence comments: &lt;blank&gt;
-3.  In the **Orchestrator** node, double-click the **Orchestrator Sample** task sequence, and then select the **Task Sequence** tab.
+    4.  Template: Custom Task Sequence
-4.  Remove the default **Application Install** action.
+3.  In the **Orchestrator** node, double-click the **Orchestrator Sample** task sequence, and then select the **Task Sequence** tab.
-5.  Add a **Gather** action and select the **Gather only local data (do not process rules)** option.
+4.  Remove the default **Application Install** action.
-6.  After the **Gather** action, add a **Set Task Sequence Variable** action with the following settings:
+5.  Add a **Gather** action and select the **Gather only local data (do not process rules)** option.
-    1.  Name: Set Task Sequence Variable
+6.  After the **Gather** action, add a **Set Task Sequence Variable** action with the following settings:
-    2.  Task Sequence Variable: OSDComputerName
+    1.  Name: Set Task Sequence Variable
-    3.  Value: %hostname%
+    2.  Task Sequence Variable: OSDComputerName
-7.  After the **Set Task Sequence Variable** action, add a new **Execute Orchestrator Runbook** action with the following settings:
+    3.  Value: %hostname%
-    1.  Orchestrator Server: OR01.contoso.com
+7.  After the **Set Task Sequence Variable** action, add a new **Execute Orchestrator Runbook** action with the following settings:
-    2.  Use Browse to select **1.0 MDT / MDT Sample**.
+    1.  Orchestrator Server: OR01.contoso.com
-8.  Click **OK**.
+    2.  Use Browse to select **1.0 MDT / MDT Sample**.
-
+8.  Click **OK**.
-![figure 31](../images/mdt-09-fig31.png)
+
-
+![figure 31](../images/mdt-09-fig31.png)
-Figure 31. The ready-made task sequence.
+
-
+Figure 31. The ready-made task sequence.
-## Run the orchestrator sample task sequence
+
-
+## Run the orchestrator sample task sequence
-Since this task sequence just starts a runbook, you can test this on the PC0001 client that you used for the MDT simulation environment.
+
-**Note**  
+Since this task sequence just starts a runbook, you can test this on the PC0001 client that you used for the MDT simulation environment.
-Make sure the account you are using has permissions to run runbooks on the Orchestrator server. For more information about runbook permissions, see [Runbook Permissions](https://go.microsoft.com/fwlink/p/?LinkId=619555).
+**Note**  
- 
+Make sure the account you are using has permissions to run runbooks on the Orchestrator server. For more information about runbook permissions, see [Runbook Permissions](https://go.microsoft.com/fwlink/p/?LinkId=619555).
-1.  On PC0001, log on as **CONTOSO\\MDT\_BA**.
+ 
-2.  Using an elevated command prompt (run as Administrator), type the following command:
+1.  On PC0001, log on as **CONTOSO\\MDT\_BA**.
-
+2.  Using an elevated command prompt (run as Administrator), type the following command:
-    ``` syntax
+
-    cscript \\MDT01\MDTProduction$\Scripts\Litetouch.vbs
+    ``` syntax
-    ```
+    cscript \\MDT01\MDTProduction$\Scripts\Litetouch.vbs
-3.  Complete the Windows Deployment Wizard using the following information:
+    ```
-    1.  Task Sequence: Orchestrator Sample
+3.  Complete the Windows Deployment Wizard using the following information:
-    2.  Credentials:
+    1.  Task Sequence: Orchestrator Sample
-        1.  User Name: MDT\_BA
+    2.  Credentials:
-        2.  Password: P@ssw0rd
+        1.  User Name: MDT\_BA
-        3.  Domain: CONTOSO
+        2.  Password: P@ssw0rd
-4.  Wait until the task sequence is completed and then verify that the DeployLog.txt file in the E:\\Logfile folder on OR01 was updated.
+        3.  Domain: CONTOSO
-
+4.  Wait until the task sequence is completed and then verify that the DeployLog.txt file in the E:\\Logfile folder on OR01 was updated.
-![figure 32](../images/mdt-09-fig32.png)
+
-
+![figure 32](../images/mdt-09-fig32.png)
-Figure 32. The ready-made task sequence.
+
-
+Figure 32. The ready-made task sequence.
-## Related topics
+
-
+## Related topics
-[Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md)
+
-
+[Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md)
-[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
+
-
+[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
-[Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md)
+
-
+[Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md)
-[Simulate a Windows10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
+
-
+[Simulate a Windows10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
-[Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
+
-
+[Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
-[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md)
+
-
+[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md)
-[Use web services in MDT](use-web-services-in-mdt.md)
+
+[Use web services in MDT](use-web-services-in-mdt.md)

windows/deployment/deploy-windows-mdt/use-the-mdt-database-to-stage-windows-10-deployment-information.md

@@ -1,6 +1,6 @@
 ---
 title: Use MDT database to stage Windows 10 deployment info (Windows 10)
-description: This topic is designed to teach you how to use the MDT database to pre-stage information on your Windows 10 deployment in a Microsoft SQL Server 2012 SP1 Express database, rather than include the information in a text file (CustomSettings.ini).
+description: Learn how to use the MDT database to pre-stage information on your Windows 10 deployment in a Microsoft SQL Server 2012 SP1 Express database.
 ms.assetid: 8956ab54-90ba-45d3-a384-4fdec72c4d46
 ms.reviewer: 
 manager: laurawi

windows/deployment/planning/creating-an-apphelp-message-in-compatibility-administrator.md

@@ -1,6 +1,6 @@
 ---
 title: Create AppHelp Message in Compatibility Administrator (Windows 10)
-description: The Compatibility Administrator tool enables you to create an AppHelp text message. This is a blocking or non-blocking message that appears when a user starts an application that you know has major functionality issues on the Windows® operating system.
+description: Create an AppHelp text message with Compatibility Administrator; a message that appears upon starting an app with major issues on the Windows® operating system.
 ms.assetid: 5c6e89f5-1942-4aa4-8439-ccf0ecd02848
 ms.reviewer: 
 manager: laurawi

windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md

@@ -1,6 +1,6 @@
 ---
 title: Perform in-place upgrade to Windows 10 via Configuration Manager
-description: The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. Use a System Center Configuration Manager task sequence to completely automate the process.
+description: In-place upgrades make upgrading Windows 7, Windows 8, and Windows 8.1 to Windows 10 easy -- you can even automate the whole process with a SCCM task sequence.
 ms.assetid: F8DF6191-0DB0-4EF5-A9B1-6A11D5DE4878
 ms.reviewer: 
 manager: laurawi

windows/security/information-protection/bitlocker/bitlocker-key-management-faq.md

@@ -1,6 +1,6 @@
 ---
 title: BitLocker Key Management FAQ (Windows 10)
-description: This topic for the IT professional answers frequently asked questions concerning the requirements to use, upgrade, deploy and administer, and key management policies for BitLocker.
+description: Browse frequently asked questions concerning the requirements to use, upgrade, deploy and administer, and key management policies for BitLocker.
 ms.assetid: c40f87ac-17d3-47b2-afc6-6c641f72ecee
 ms.reviewer: 
 ms.prod: w10

windows/security/information-protection/tpm/tpm-fundamentals.md

@@ -1,6 +1,6 @@
 ---
 title: TPM fundamentals (Windows 10)
-description: This topic for the IT professional provides a description of the components of the Trusted Platform Module (TPM 1.2 and TPM 2.0) and explains how they are used to mitigate dictionary attacks.
+description: Inform yourself about the components of the Trusted Platform Module (TPM 1.2 and TPM 2.0) and how they are used to mitigate dictionary attacks.
 ms.assetid: ac90f5f9-9a15-4e87-b00d-4adcf2ec3000
 ms.reviewer: 
 ms.prod: w10

windows/security/threat-protection/auditing/audit-application-generated.md

@@ -1,6 +1,6 @@
 ---
 title: Audit Application Generated (Windows 10)
-description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Application Generated, which determines whether the operating system generates audit events when applications attempt to use the Windows Auditing application programming interfaces (APIs).
+description: The policy setting, Audit Application Generated, determines if audit events are generated when applications attempt to use the Windows Auditing APIs.
 ms.assetid: 6c58a365-b25b-42b8-98ab-819002e31871
 ms.reviewer: 
 manager: dansimp

windows/security/threat-protection/auditing/audit-central-access-policy-staging.md

@@ -1,6 +1,6 @@
 ---
 title: Audit Central Access Policy Staging (Windows 10)
-description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Central Access Policy Staging, which determines permissions on a Central Access Policy.
+description: The Advanced Security Audit policy setting, Audit Central Access Policy Staging, determines permissions on a Central Access Policy.
 ms.assetid: D9BB11CE-949A-4B48-82BF-30DC5E6FC67D
 ms.reviewer: 
 manager: dansimp

windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md

@@ -1,6 +1,6 @@
 ---
 title: Audit Kerberos Authentication Service (Windows 10)
-description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Kerberos Authentication Service, which determines whether to generate audit events for Kerberos authentication ticket-granting ticket (TGT) requests.
+description: The policy setting Audit Kerberos Authentication Service decides if audit events are generated for Kerberos authentication ticket-granting ticket (TGT) requests
 ms.assetid: 990dd6d9-1a1f-4cce-97ba-5d7e0a7db859
 ms.reviewer: 
 manager: dansimp

windows/security/threat-protection/auditing/audit-network-policy-server.md

@@ -1,6 +1,6 @@
 ---
 title: Audit Network Policy Server (Windows 10)
-description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Network Policy Server, which determines whether the operating system generates audit events for RADIUS (IAS) and Network Access Protection (NAP) activity on user access requests (Grant, Deny, Discard, Quarantine, Lock, and Unlock).
+description: The policy setting, Audit Network Policy Server, determines if audit events are generated for RADIUS (IAS) and NAP activity on user access requests.
 ms.assetid: 43b2aea4-26df-46da-b761-2b30f51a80f7
 ms.reviewer: 
 manager: dansimp

windows/security/threat-protection/auditing/audit-process-termination.md

@@ -1,6 +1,6 @@
 ---
 title: Audit Process Termination (Windows 10)
-description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Process Termination, which determines whether the operating system generates audit events when an attempt is made to end a process.
+description: The Advanced Security Audit policy setting, Audit Process Termination, determines if audit events are generated when an attempt is made to end a process.
 ms.assetid: 65d88e53-14aa-48a4-812b-557cebbf9e50
 ms.reviewer: 
 manager: dansimp

windows/security/threat-protection/auditing/audit-security-group-management.md

@@ -1,6 +1,6 @@
 ---
 title: Audit Security Group Management (Windows 10)
-description: This topic for the IT professional describes the advanced security audit policy setting, Audit Security Group Management, which determines whether the operating system generates audit events when specific security group management tasks are performed.
+description: The policy setting, Audit Security Group Management, determines if audit events are generated when specific security group management tasks are performed.
 ms.assetid: ac2ee101-557b-4c84-b9fa-4fb23331f1aa
 ms.reviewer: 
 manager: dansimp

windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md

@@ -1,6 +1,6 @@
 ---
 title: Audit Sensitive Privilege Use (Windows 10)
-description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Sensitive Privilege Use, which determines whether the operating system generates audit events when sensitive privileges (user rights) are used.
+description: The policy setting, Audit Sensitive Privilege Use, determines if the operating system generates audit events when sensitive privileges (user rights) are used.
 ms.assetid: 915abf50-42d2-45f6-9fd1-e7bd201b193d
 ms.reviewer: 
 manager: dansimp

windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md

@@ -1,6 +1,6 @@
 ---
 title: Monitor central access policies on a file server (Windows 10)
-description: This topic for the IT professional describes how to monitor changes to the central access policies that apply to a file server when using advanced security auditing options to monitor dynamic access control objects.
+description: Learn how to monitor changes to the central access policies that apply to a file server, when using advanced security auditing options.
 ms.assetid: 126b051e-c20d-41f1-b42f-6cff24dcf20c
 ms.reviewer: 
 ms.author: dansimp

windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md

@@ -1,6 +1,6 @@
 ---
 title: Deployment guidelines for Windows Defender Device Guard (Windows 10)
-description: To help you plan a deployment of Microsoft Windows Defender Device Guard, this article describes hardware requirements for Windows Defender Device Guard, outlines deployment approaches, and describes methods for code signing and code integrity policies.
+description: Plan your deployment of Windows Defender Device Guard. Learn about hardware requirements, deployment approaches, code signing and code integrity policies.
 keywords: virtualization, security, malware
 ms.prod: w10
 ms.mktglfcycl: deploy

windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md

@@ -1,6 +1,6 @@
 ---
 title: Access Credential Manager as a trusted caller (Windows 10)
-description: Describes the best practices, location, values, policy management, and security considerations for the Access Credential Manager as a trusted caller security policy setting.
+description: Describes best practices, security considerations and more for the security policy setting, Access Credential Manager as a trusted caller.
 ms.assetid: a51820d2-ca5b-47dd-8e9b-d7008603db88
 ms.reviewer: 
 ms.author: dansimp

windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md

@@ -1,6 +1,6 @@
 ---
 title: Accounts Limit local account use of blank passwords (Windows 10)
-description: Describes the best practices, location, values, and security considerations for the Accounts Limit local account use of blank passwords to console logon only security policy setting.
+description: Learn best practices, security considerations, and more for the policy setting, Accounts Limit local account use of blank passwords to console logon only.
 ms.assetid: a1bfb58b-1ae8-4de9-832b-aa889a6e64bd
 ms.reviewer: 
 ms.author: dansimp

windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md

@@ -1,6 +1,6 @@
 ---
 title: Microsoft network client Send unencrypted password (Windows 10)
-description: Describes the best practices, location, values, policy management and security considerations for the Microsoft network client Send unencrypted password to third-party SMB servers security policy setting.
+description: Learn about best practices and more for the security policy setting, Microsoft network client Send unencrypted password to third-party SMB servers.
 ms.assetid: 97a76b93-afa7-4dd9-bb52-7c9e289b6017
 ms.reviewer: 
 ms.author: dansimp

windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md

@@ -1,6 +1,6 @@
 ---
 title: Network access Do not allow anonymous enumeration (Windows 10)
-description: Describes the best practices, location, values, and security considerations for the Network access Do not allow anonymous enumeration of SAM accounts and shares security policy setting.
+description: Learn about best practices and more for the security policy setting, Network access Do not allow anonymous enumeration of SAM accounts and shares.
 ms.assetid: 3686788d-4cc7-4222-9163-cbc7c3362d73
 ms.reviewer: 
 ms.author: dansimp

windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md

@@ -1,6 +1,6 @@
 ---
 title: Network access Named Pipes that can be accessed anonymously (Windows 10)
-description: Describes the best practices, location, values, policy management and security considerations for the Network access Named Pipes that can be accessed anonymously security policy setting.
+description: Describes best practices, security considerations and more for the security policy setting, Network access Named Pipes that can be accessed anonymously.
 ms.assetid: 8897d2a4-813e-4d2b-8518-fcee71e1cf2c
 ms.reviewer: 
 ms.author: dansimp

windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md

@@ -1,6 +1,6 @@
 ---
 title: Network List Manager policies (Windows 10)
-description: Network List Manager policies are security settings that you can use to configure different aspects of how networks are listed and displayed on one device or on many devices.
+description: Network List Manager policies are security settings that configure different aspects of how networks are listed and displayed on one device or on many devices.
 ms.assetid: bd8109d4-b07c-4beb-a9a6-affae2ba2fda
 ms.reviewer: 
 ms.author: dansimp

windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md

@@ -1,6 +1,6 @@
 ---
 title: Network security Restrict NTLM Outgoing traffic (Windows 10)
-description: Describes the best practices, location, values, management aspects, and security considerations for the Network Security Restrict NTLM Outgoing NTLM traffic to remote servers security policy setting.
+description: Learn about best practices, security considerations and more for the policy setting, Network Security Restrict NTLM Outgoing NTLM traffic to remote servers.
 ms.assetid: 63437a90-764b-4f06-aed8-a4a26cf81bd1
 ms.reviewer: 
 ms.author: dansimp

windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md

@@ -1,6 +1,6 @@
 ---
 title: Only elevate UIAccess app installed in secure location (Windows 10)
-description: Describes the best practices, location, values, policy management and security considerations for the User Account Control Only elevate UIAccess applications that are installed in secure locations security policy setting.
+description: Learn about best practices and more for the policy setting, User Account Control Only elevate UIAccess applications that are installed in secure locations.
 ms.assetid: 4333409e-a5be-4f2f-8808-618f53abd22c
 ms.reviewer: 
 ms.author: dansimp

windows/security/threat-protection/windows-10-mobile-security-guide.md

@@ -1,6 +1,6 @@
 ---
 title: Windows 10 Mobile security guide (Windows 10)
-description: This guide provides a detailed description of the most important security features in the Windows 10 Mobile operating system—identity access and control, data protection, malware resistance, and app platform security.
+description: The most important security features in the Windows 10 Mobile — identity access & control, data protection, malware resistance, and app platform security.
 ms.assetid: D51EF508-699E-4A68-A7CD-91D821A97205
 ms.reviewer: 
 manager: dansimp

windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md

@@ -1,6 +1,6 @@
 ---
 title: Document your AppLocker rules (Windows 10)
-description: This topic describes what rule conditions to associate with each file, how to associate the rule conditions with each file, the source of the rule, and whether the file should be included or excluded.
+description: Learn how to document your Applocker rules with this planning guide. Associate rule conditions with files, permissions, rule source, and implementation.
 ms.assetid: 91a198ce-104a-45ff-b49b-487fb40cd2dd
 ms.reviewer: 
 ms.author: dansimp