tags
+
+- Legacy document modes
+
+If you have specific websites and apps that you know have compatibility problems with Microsoft Edge, you can use the Enterprise Mode site list so that the websites automatically open using Internet Explorer 11. Additionally, if you know that your intranet sites aren't going to work correctly with Microsoft Edge, you can set all intranet sites to open using IE11 automatically.
+
+Using Enterprise Mode means that you can continue to use Microsoft Edge as your default browser, while also ensuring that your apps continue working on IE11.
+
+## Relevant group policies
+
+
+1. [Configure the Enterprise Mode Site List](#configure-the-enterprise-mode-site-list)
+
+2. [Send all intranet sites to Internet Explorer 11](#send-all-intranet-sites-to-internet-explorer-11)
+
+3. [Show message when opening sites in Internet Explorer](#show-message-when-opening-sites-in-internet-explorer)
+
+4. [(IE11 policy) Send all sites not included in the Enterprise Mode Site List to Microsoft Edge](#ie11-policy-send-all-sites-not-included-in-the-enterprise-mode-site-list-to-microsoft-edge)
+
+You can find the Microsoft Edge Group Policy settings in the following location of the Group Policy Editor unless otherwise noted in the policy:
+
+ **Computer Configuration\\Administrative Templates\\Windows Components\\Microsoft Edge\\**
+
+## Configuration options
+
+
+
+
+## Configure the Enterprise Mode Site List
+
+[!INCLUDE [configure-enterprise-mode-site-list-include](../includes/configure-enterprise-mode-site-list-include.md)]
+
+
+## Send all intranet sites to Internet Explorer 11
+
+[!INCLUDE [send-all-intranet-sites-ie-include](../includes/send-all-intranet-sites-ie-include.md)]
+
+
+## Show message when opening sites in Internet Explorer
+
+[!INCLUDE [show-message-opening-sites-ie-include](../includes/show-message-opening-sites-ie-include.md)]
+
+
+## (IE11 policy) Send all sites not included in the Enterprise Mode Site List to Microsoft Edge
+
+[!INCLUDE [ie11-send-all-sites-not-in-site-list-include](../includes/ie11-send-all-sites-not-in-site-list-include.md)]
diff --git a/browsers/edge/group-policies/new-tab-page-settings-gp.md b/browsers/edge/group-policies/new-tab-page-settings-gp.md
index 7e0cf5f89e..838228b705 100644
--- a/browsers/edge/group-policies/new-tab-page-settings-gp.md
+++ b/browsers/edge/group-policies/new-tab-page-settings-gp.md
@@ -1,46 +1,47 @@
----
-title: Microsoft Edge - New Tab page group policies
-description: Microsoft Edge loads the default New tab page by default. With the relevant New Tab policies, you can set a URL to load in the New Tab page and prevent users from making changes. You can also load a blank page instead or let the users choose what loads.
-audience: itpro
manager: dansimp
-ms.author: eravena
-author: eavena
-ms.date: 10/02/2018
-ms.reviewer:
-ms.localizationpriority: medium
-ms.prod: edge
-ms.mktglfcycl: explore
-ms.sitesec: library
-ms.topic: reference
----
-
-
-# New Tab page
-
-Microsoft Edge loads the default New tab page by default. With the relevant New Tab policies, you can set a URL to load in the New Tab page and prevent users from making changes. You can also load a blank page instead or let the users choose what loads.
-
->[!NOTE]
->New tab pages do not load while running InPrivate mode.
-
-## Relevant group policies
-
-- [Set New Tab page URL](#set-new-tab-page-url)
-- [Allow web content on New Tab page](#allow-web-content-on-new-tab-page)
-
-You can find the Microsoft Edge Group Policy settings in the following location of the Group Policy Editor unless otherwise noted in the policy:
-
- **Computer Configuration\\Administrative Templates\\Windows Components\\Microsoft Edge\\**
-
-## Configuration options
-
-
-
-
-
-
-
-
-## Set New Tab page URL
-[!INCLUDE [set-new-tab-url-include](../includes/set-new-tab-url-include.md)]
-
-## Allow web content on New Tab page
-[!INCLUDE [allow-web-content-new-tab-page-include](../includes/allow-web-content-new-tab-page-include.md)]
+---
+title: Microsoft Edge - New Tab page group policies
+description: Microsoft Edge loads the default New tab page by default. With the relevant New Tab policies, you can set a URL to load in the New Tab page and prevent users from making changes. You can also load a blank page instead or let the users choose what loads.
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+author: dansimp
+ms.date: 10/02/2018
+ms.reviewer:
+ms.localizationpriority: medium
+ms.prod: edge
+ms.mktglfcycl: explore
+ms.sitesec: library
+ms.topic: reference
+---
+
+
+# New Tab page
+
+Microsoft Edge loads the default New tab page by default. With the relevant New Tab policies, you can set a URL to load in the New Tab page and prevent users from making changes. You can also load a blank page instead or let the users choose what loads.
+
+>[!NOTE]
+>New tab pages do not load while running InPrivate mode.
+
+## Relevant group policies
+
+- [Set New Tab page URL](#set-new-tab-page-url)
+- [Allow web content on New Tab page](#allow-web-content-on-new-tab-page)
+
+You can find the Microsoft Edge Group Policy settings in the following location of the Group Policy Editor unless otherwise noted in the policy:
+
+ **Computer Configuration\\Administrative Templates\\Windows Components\\Microsoft Edge\\**
+
+## Configuration options
+
+
+
+
+
+
+
+
+## Set New Tab page URL
+[!INCLUDE [set-new-tab-url-include](../includes/set-new-tab-url-include.md)]
+
+## Allow web content on New Tab page
+[!INCLUDE [allow-web-content-new-tab-page-include](../includes/allow-web-content-new-tab-page-include.md)]
diff --git a/browsers/edge/group-policies/prelaunch-preload-gp.md b/browsers/edge/group-policies/prelaunch-preload-gp.md
index 7ff02e7924..3f41505fce 100644
--- a/browsers/edge/group-policies/prelaunch-preload-gp.md
+++ b/browsers/edge/group-policies/prelaunch-preload-gp.md
@@ -3,8 +3,8 @@ title: Microsoft Edge - Prelaunch and tab preload group policies
description: Microsoft Edge pre-launches as a background process during Windows startup when the system is idle waiting to be launched by the user. Pre-launching helps the performance of Microsoft Edge and minimizes the amount of time required to start up Microsoft Edge.
audience: itpro
manager: dansimp
-ms.author: eravena
-author: eavena
+ms.author: dansimp
+author: dansimp
ms.prod: edge
ms.reviewer:
ms.localizationpriority: medium
diff --git a/browsers/edge/group-policies/search-engine-customization-gp.md b/browsers/edge/group-policies/search-engine-customization-gp.md
index 6d4876ef46..52cf1ca380 100644
--- a/browsers/edge/group-policies/search-engine-customization-gp.md
+++ b/browsers/edge/group-policies/search-engine-customization-gp.md
@@ -1,10 +1,10 @@
---
title: Microsoft Edge - Search engine customization group policies
-description: Microsoft Edge, by default, uses the search engine specified in App settings, which lets users make changes. You can prevent users from making changes and still use the search engine specified in App settings by disabling the Allow search engine customization policy. You can also use the policy-set search engine specified in the OpenSearch XML file in which you can configure up to five additional search engines and setting any one of them as the default.
+description: Microsoft Edge, by default, uses the search engine specified in App settings, which lets users make changes. You can prevent users from making changes and still use the search engine specified in App settings by disabling the Allow search engine customization policy. You can also use the policy-set search engine specified in the OpenSearch XML file in which you can configure up to five additional search engines and setting any one of them as the default.
audience: itpro
manager: dansimp
-ms.author: eravena
-author: eavena
+ms.author: dansimp
+author: dansimp
ms.prod: edge
ms.reviewer:
ms.localizationpriority: medium
diff --git a/browsers/edge/group-policies/security-privacy-management-gp.md b/browsers/edge/group-policies/security-privacy-management-gp.md
index 67e656daa8..66fc6f99a7 100644
--- a/browsers/edge/group-policies/security-privacy-management-gp.md
+++ b/browsers/edge/group-policies/security-privacy-management-gp.md
@@ -1,74 +1,75 @@
----
-title: Microsoft Edge - Security and privacy group policies
-description: Microsoft Edge helps to defend from increasingly sophisticated and prevalent web-based attacks against Windows. While most websites are safe, some sites have been designed to steal personal information or gain access to your system’s resources.
-audience: itpro
manager: dansimp
-ms.author: eravena
-author: eavena
-ms.date: 10/02/2018
-ms.reviewer:
-ms.localizationpriority: medium
-ms.topic: reference
----
-
-# Security and privacy
-
-Microsoft Edge is designed with improved security in mind, helping to defend people from increasingly sophisticated and prevalent web-based attacks against Windows. Because Microsoft Edge is designed like a Universal Windows app, changing the browser to an app, it fundamentally changes the process model so that both the outer manager process and the different content processes all live within app container sandboxes.
-
-Microsoft Edge runs in 64-bit not just by default, but anytime it’s running on a 64-bit operating system. Because Microsoft Edge doesn’t support legacy ActiveX controls or 3rd-party binary extensions, there’s no longer a reason to run 32-bit processes on a 64-bit system.
-
-The value of running 64-bit all the time is that it strengthens Windows Address Space Layout Randomization (ASLR), randomizing the memory layout of the browser processes, making it much harder for attackers to hit precise memory locations. In turn, 64-bit processes make ASLR much more effective by making the address space exponentially larger and, therefore, more difficult for attackers to find sensitive memory components.
-
-For more details on the security features in Microsoft Edge, see [Help protect against web-based security threats](#help-protect-against-web-based-security-threats) below.
-
-You can find the Microsoft Edge Group Policy settings in the following location of the Group Policy Editor unless otherwise noted in the policy:
-
- **Computer Configuration\\Administrative Templates\\Windows Components\\Microsoft Edge\\**
-
-## Configure cookies
-[!INCLUDE [configure-cookies-include](../includes/configure-cookies-include.md)]
-
-## Configure Password Manager
-[!INCLUDE [configure-password-manager-include](../includes/configure-password-manager-include.md)]
-
-## Configure Windows Defender SmartScreen
-[!INCLUDE [configure-windows-defender-smartscreen-include](../includes/configure-windows-defender-smartscreen-include.md)]
-
-## Prevent bypassing Windows Defender SmartScreen prompts for files
-[!INCLUDE [prevent-bypassing-win-defender-files-include](../includes/prevent-bypassing-win-defender-files-include.md)]
-
-## Prevent bypassing Windows Defender SmartScreen prompts for sites
-[!INCLUDE [prevent-bypassing-win-defender-sites-include](../includes/prevent-bypassing-win-defender-sites-include.md)]
-
-## Prevent certificate error overrides
-[!INCLUDE [prevent-certificate-error-overrides-include](../includes/prevent-certificate-error-overrides-include.md)]
-
-## Prevent using Localhost IP address for WebRTC
-[!INCLUDE [prevent-localhost-address-for-webrtc-include](../includes/prevent-localhost-address-for-webrtc-include.md)]
-
-
-## Help protect against web-based security threats
-
-While most websites are safe, some sites have been intentionally designed to steal sensitive and private information or gain access to your system’s resources. You can help protect against threats by using strong security protocols to ensure against such threats.
-
-Thieves use things like _phishing_ attacks to convince someone to enter personal information, such as a banking password, into a website that looks like a legitimate bank but isn't. Attempts to identify legitimate websites through the HTTPS lock symbol and the EV Cert green bar have met with only limited success since attackers are too good at faking legitimate experiences for many people to notice the difference.
-
-Another method thieves often use _hacking_ to attack a system through malformed content that exploits subtle flaws in the browser or various browser extensions. This exploit lets an attacker run code on a device, taking over a browsing session, and perhaps the entire device.
-
-Microsoft Edge addresses these threats to help make browsing the web a safer experience.
-
-
-| Feature | Description |
-|-----------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| **[Windows Hello](https://blogs.windows.com/bloggingwindows/2015/03/17/making-windows-10-more-personal-and-more-secure-with-windows-hello/)** | Microsoft Edge is the first browser to natively support Windows Hello to authenticate the user and the website with asymmetric cryptography technology, powered by early implementation of the [Web Authentication (formerly FIDO 2.0 Web API) specification](https://w3c.github.io/webauthn/). |
-| **Microsoft SmartScreen** | Defends against phishing by performing reputation checks on sites visited and blocking any sites that are thought to be a phishing site. SmartScreen also helps to defend against installing malicious software, drive-by attacks, or file downloads, even from trusted sites. Drive-by attacks are malicious web-based attacks that compromise your system by targeting security vulnerabilities in commonly used software and may be hosted on trusted sites. |
-| **Certificate Reputation system** | Collects data about certificates in use, detecting new certificates and flagging fraudulent certificates automatically, and sends the data to Microsoft. The systems and tools in place include- Certificate Reputation system: Protects users from fraudulent certificates.
- Bing Webmaster Tools (for developers): Reports fake certificates directly to Microsoft.
|
-| **Microsoft EdgeHTML and modern web standards** | Microsoft Edge uses Microsoft EdgeHTML as the rendering engine. This engine focuses on modern standards letting web developers build and maintain a consistent site across all modern browsers. It also helps to defend against hacking through these security standards features:- Support for the W3C standard for [Content Security Policy (CSP)](https://developer.microsoft.com/microsoft-edge/platform/documentation/dev-guide/security/content-Security-Policy), which can help web developers defend their sites against cross-site scripting attacks.
- Support for the [HTTP Strict Transport Security (HSTS)](https://developer.microsoft.com/microsoft-edge/platform/documentation/dev-guide/security/HSTS/) security feature (IETF-standard compliant). HSTS helps ensure that connections to important sites, such as to your bank, are always secured.
**NOTE:** Both Microsoft Edge and Internet Explorer 11 support HSTS. |
-| **Code integrity and image loading restrictions** | Microsoft Edge content processes support code integrity and image load restrictions, helping to prevent malicious DLLs from loading or injecting into the content processes. Only [properly signed images](https://blogs.windows.com/msedgedev/2015/11/17/microsoft-edge-module-code-integrity/) are allowed to load into Microsoft Edge. Binaries on remote devices (such as UNC or WebDAV) can’t load. |
-| **Memory corruption mitigations** | Memory corruption attacks frequently happen to apps written in C or C++ don’t provide safety or buffer overflow protection. When an attacker provides malformed input to a program, the program’s memory becomes corrupt allowing the attacker to take control of the program. Although attackers have adapted and invented new ways to attack, we’ve responded with memory safety defenses, mitigating the most common forms of attack, including and especially [use-after-free (UAF)](https://cwe.mitre.org/data/definitions/416.html) vulnerabilities. |
-| **Memory Garbage Collector (MemGC) mitigation** | MemGC replaces Memory Protector and helps to protect the browser from UAF vulnerabilities. MemGC frees up memory from the programmer and automating it. Only freeing memory when the automation detects no references left pointing to a given block of memory. |
-| **Control Flow Guard** | Attackers use memory corruption attacks to gain control of the CPU program counter to jump to any code location they want. Control Flow Guard, a Microsoft Visual Studio technology, compiles checks around code that performs indirect jumps based on a pointer. Those jumps get restricted to function entry points with known addresses only making attacker take-overs must more difficult constraining where an attack jumps. |
-| **All web content runs in an app container sandbox** | Microsoft Edge takes the sandbox even farther, running its content processes in containers not just by default, but all of the time. Microsoft Edge doesn’t support 3rd party binary extensions, so there is no reason for it to run outside of the container, making Microsoft Edge more secure. |
-| **Extension model and HTML5 support** | Microsoft Edge does not support binary extensions because they can bring code and data into the browser’s processes without any protection. So if anything goes wrong, the entire browser itself can be compromised or go down. We encourage everyone to use our scripted HTML5-based extension model. For more info about the new extensions, see the [Microsoft Edge Developer Center](https://developer.microsoft.com/microsoft-edge/extensions/). |
-| **Reduced attack surfaces** | Microsoft Edge does not support VBScript, JScript, VML, Browser Helper Objects, Toolbars, ActiveX controls, and [document modes](https://msdn.microsoft.com/library/jj676915.aspx). Many IE browser vulnerabilities only appear in legacy document modes, so removing support reduced attack surface making the browser more secure.
It also means that it’s not as backward compatible. With this reduced backward compatibility, Microsoft Edge automatically falls back to Internet Explorer 11 for any apps that need backward compatibility. This fall back happens when you use the Enterprise Mode Site List. |
-
----
+---
+title: Microsoft Edge - Security and privacy group policies
+description: Microsoft Edge helps to defend from increasingly sophisticated and prevalent web-based attacks against Windows. While most websites are safe, some sites have been designed to steal personal information or gain access to your system’s resources.
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+author: dansimp
+ms.date: 10/02/2018
+ms.reviewer:
+ms.localizationpriority: medium
+ms.topic: reference
+---
+
+# Security and privacy
+
+Microsoft Edge is designed with improved security in mind, helping to defend people from increasingly sophisticated and prevalent web-based attacks against Windows. Because Microsoft Edge is designed like a Universal Windows app, changing the browser to an app, it fundamentally changes the process model so that both the outer manager process and the different content processes all live within app container sandboxes.
+
+Microsoft Edge runs in 64-bit not just by default, but anytime it’s running on a 64-bit operating system. Because Microsoft Edge doesn’t support legacy ActiveX controls or 3rd-party binary extensions, there’s no longer a reason to run 32-bit processes on a 64-bit system.
+
+The value of running 64-bit all the time is that it strengthens Windows Address Space Layout Randomization (ASLR), randomizing the memory layout of the browser processes, making it much harder for attackers to hit precise memory locations. In turn, 64-bit processes make ASLR much more effective by making the address space exponentially larger and, therefore, more difficult for attackers to find sensitive memory components.
+
+For more details on the security features in Microsoft Edge, see [Help protect against web-based security threats](#help-protect-against-web-based-security-threats) below.
+
+You can find the Microsoft Edge Group Policy settings in the following location of the Group Policy Editor unless otherwise noted in the policy:
+
+ **Computer Configuration\\Administrative Templates\\Windows Components\\Microsoft Edge\\**
+
+## Configure cookies
+[!INCLUDE [configure-cookies-include](../includes/configure-cookies-include.md)]
+
+## Configure Password Manager
+[!INCLUDE [configure-password-manager-include](../includes/configure-password-manager-include.md)]
+
+## Configure Windows Defender SmartScreen
+[!INCLUDE [configure-windows-defender-smartscreen-include](../includes/configure-windows-defender-smartscreen-include.md)]
+
+## Prevent bypassing Windows Defender SmartScreen prompts for files
+[!INCLUDE [prevent-bypassing-win-defender-files-include](../includes/prevent-bypassing-win-defender-files-include.md)]
+
+## Prevent bypassing Windows Defender SmartScreen prompts for sites
+[!INCLUDE [prevent-bypassing-win-defender-sites-include](../includes/prevent-bypassing-win-defender-sites-include.md)]
+
+## Prevent certificate error overrides
+[!INCLUDE [prevent-certificate-error-overrides-include](../includes/prevent-certificate-error-overrides-include.md)]
+
+## Prevent using Localhost IP address for WebRTC
+[!INCLUDE [prevent-localhost-address-for-webrtc-include](../includes/prevent-localhost-address-for-webrtc-include.md)]
+
+
+## Help protect against web-based security threats
+
+While most websites are safe, some sites have been intentionally designed to steal sensitive and private information or gain access to your system’s resources. You can help protect against threats by using strong security protocols to ensure against such threats.
+
+Thieves use things like _phishing_ attacks to convince someone to enter personal information, such as a banking password, into a website that looks like a legitimate bank but isn't. Attempts to identify legitimate websites through the HTTPS lock symbol and the EV Cert green bar have met with only limited success since attackers are too good at faking legitimate experiences for many people to notice the difference.
+
+Another method thieves often use _hacking_ to attack a system through malformed content that exploits subtle flaws in the browser or various browser extensions. This exploit lets an attacker run code on a device, taking over a browsing session, and perhaps the entire device.
+
+Microsoft Edge addresses these threats to help make browsing the web a safer experience.
+
+
+| Feature | Description |
+|-----------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| **[Windows Hello](https://blogs.windows.com/bloggingwindows/2015/03/17/making-windows-10-more-personal-and-more-secure-with-windows-hello/)** | Microsoft Edge is the first browser to natively support Windows Hello to authenticate the user and the website with asymmetric cryptography technology, powered by early implementation of the [Web Authentication (formerly FIDO 2.0 Web API) specification](https://w3c.github.io/webauthn/). |
+| **Microsoft SmartScreen** | Defends against phishing by performing reputation checks on sites visited and blocking any sites that are thought to be a phishing site. SmartScreen also helps to defend against installing malicious software, drive-by attacks, or file downloads, even from trusted sites. Drive-by attacks are malicious web-based attacks that compromise your system by targeting security vulnerabilities in commonly used software and may be hosted on trusted sites. |
+| **Certificate Reputation system** | Collects data about certificates in use, detecting new certificates and flagging fraudulent certificates automatically, and sends the data to Microsoft. The systems and tools in place include
- Certificate Reputation system: Protects users from fraudulent certificates.
- Bing Webmaster Tools (for developers): Reports fake certificates directly to Microsoft.
|
+| **Microsoft EdgeHTML and modern web standards** | Microsoft Edge uses Microsoft EdgeHTML as the rendering engine. This engine focuses on modern standards letting web developers build and maintain a consistent site across all modern browsers. It also helps to defend against hacking through these security standards features:- Support for the W3C standard for [Content Security Policy (CSP)](https://developer.microsoft.com/microsoft-edge/platform/documentation/dev-guide/security/content-Security-Policy), which can help web developers defend their sites against cross-site scripting attacks.
- Support for the [HTTP Strict Transport Security (HSTS)](https://developer.microsoft.com/microsoft-edge/platform/documentation/dev-guide/security/HSTS/) security feature (IETF-standard compliant). HSTS helps ensure that connections to important sites, such as to your bank, are always secured.
**NOTE:** Both Microsoft Edge and Internet Explorer 11 support HSTS. |
+| **Code integrity and image loading restrictions** | Microsoft Edge content processes support code integrity and image load restrictions, helping to prevent malicious DLLs from loading or injecting into the content processes. Only [properly signed images](https://blogs.windows.com/msedgedev/2015/11/17/microsoft-edge-module-code-integrity/) are allowed to load into Microsoft Edge. Binaries on remote devices (such as UNC or WebDAV) can’t load. |
+| **Memory corruption mitigations** | Memory corruption attacks frequently happen to apps written in C or C++ don’t provide safety or buffer overflow protection. When an attacker provides malformed input to a program, the program’s memory becomes corrupt allowing the attacker to take control of the program. Although attackers have adapted and invented new ways to attack, we’ve responded with memory safety defenses, mitigating the most common forms of attack, including and especially [use-after-free (UAF)](https://cwe.mitre.org/data/definitions/416.html) vulnerabilities. |
+| **Memory Garbage Collector (MemGC) mitigation** | MemGC replaces Memory Protector and helps to protect the browser from UAF vulnerabilities. MemGC frees up memory from the programmer and automating it. Only freeing memory when the automation detects no references left pointing to a given block of memory. |
+| **Control Flow Guard** | Attackers use memory corruption attacks to gain control of the CPU program counter to jump to any code location they want. Control Flow Guard, a Microsoft Visual Studio technology, compiles checks around code that performs indirect jumps based on a pointer. Those jumps get restricted to function entry points with known addresses only making attacker take-overs must more difficult constraining where an attack jumps. |
+| **All web content runs in an app container sandbox** | Microsoft Edge takes the sandbox even farther, running its content processes in containers not just by default, but all of the time. Microsoft Edge doesn’t support 3rd party binary extensions, so there is no reason for it to run outside of the container, making Microsoft Edge more secure. |
+| **Extension model and HTML5 support** | Microsoft Edge does not support binary extensions because they can bring code and data into the browser’s processes without any protection. So if anything goes wrong, the entire browser itself can be compromised or go down. We encourage everyone to use our scripted HTML5-based extension model. For more info about the new extensions, see the [Microsoft Edge Developer Center](https://developer.microsoft.com/microsoft-edge/extensions/). |
+| **Reduced attack surfaces** | Microsoft Edge does not support VBScript, JScript, VML, Browser Helper Objects, Toolbars, ActiveX controls, and [document modes](https://msdn.microsoft.com/library/jj676915.aspx). Many IE browser vulnerabilities only appear in legacy document modes, so removing support reduced attack surface making the browser more secure.
It also means that it’s not as backward compatible. With this reduced backward compatibility, Microsoft Edge automatically falls back to Internet Explorer 11 for any apps that need backward compatibility. This fall back happens when you use the Enterprise Mode Site List. |
+
+---
diff --git a/browsers/edge/group-policies/start-pages-gp.md b/browsers/edge/group-policies/start-pages-gp.md
index ce15044aad..4b9682362f 100644
--- a/browsers/edge/group-policies/start-pages-gp.md
+++ b/browsers/edge/group-policies/start-pages-gp.md
@@ -1,43 +1,44 @@
----
-title: Microsoft Edge - Start pages group policies
-description: Microsoft Edge loads the pages specified in App settings as the default Start pages. With the relevant Start pages policies, you can configure Microsoft Edge to load either the Start page, New tab page, previously opened pages, or a specific page or pages. You can also configure Microsoft Edge to prevent users from making changes.
-audience: itpro
manager: dansimp
-ms.author: eravena
-author: eavena
-ms.localizationpriority: medium
-ms.date: 10/02/2018
-ms.reviewer:
-ms.prod: edge
-ms.mktglfcycl: explore
-ms.sitesec: library
-ms.topic: reference
----
-
-# Start pages
-
-Microsoft Edge loads the pages specified in App settings as the default Start pages. With the relevant Start pages policies, you can configure Microsoft Edge to load either the Start page, New tab page, previously opened pages, or a specific page or pages. You can also configure Microsoft Edge to prevent users from making changes.
-
-## Relevant group policies
-
-- [Configure Open Microsoft Edge With](#configure-open-microsoft-edge-with)
-- [Configure Start Pages](#configure-start-pages)
-- [Disable Lockdown of Start pages](#disable-lockdown-of-start-pages)
-
-You can find the Microsoft Edge Group Policy settings in the following location of the Group Policy Editor unless otherwise noted in the policy:
-
- **Computer Configuration\\Administrative Templates\\Windows Components\\Microsoft Edge\\**
-
-## Configuration options
-
-
-
-
-## Configure Open Microsoft Edge With
-[!INCLUDE [configure-open-edge-with-include](../includes/configure-open-edge-with-include.md)]
-
-## Configure Start Pages
-[!INCLUDE [configure-start-pages-include](../includes/configure-start-pages-include.md)]
-
-## Disable Lockdown of Start pages
-[!INCLUDE [disable-lockdown-of-start-pages-include](../includes/disable-lockdown-of-start-pages-include.md)]
-
+---
+title: Microsoft Edge - Start pages group policies
+description: Microsoft Edge loads the pages specified in App settings as the default Start pages. With the relevant Start pages policies, you can configure Microsoft Edge to load either the Start page, New tab page, previously opened pages, or a specific page or pages. You can also configure Microsoft Edge to prevent users from making changes.
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+author: dansimp
+ms.localizationpriority: medium
+ms.date: 10/02/2018
+ms.reviewer:
+ms.prod: edge
+ms.mktglfcycl: explore
+ms.sitesec: library
+ms.topic: reference
+---
+
+# Start pages
+
+Microsoft Edge loads the pages specified in App settings as the default Start pages. With the relevant Start pages policies, you can configure Microsoft Edge to load either the Start page, New tab page, previously opened pages, or a specific page or pages. You can also configure Microsoft Edge to prevent users from making changes.
+
+## Relevant group policies
+
+- [Configure Open Microsoft Edge With](#configure-open-microsoft-edge-with)
+- [Configure Start Pages](#configure-start-pages)
+- [Disable Lockdown of Start pages](#disable-lockdown-of-start-pages)
+
+You can find the Microsoft Edge Group Policy settings in the following location of the Group Policy Editor unless otherwise noted in the policy:
+
+ **Computer Configuration\\Administrative Templates\\Windows Components\\Microsoft Edge\\**
+
+## Configuration options
+
+
+
+
+## Configure Open Microsoft Edge With
+[!INCLUDE [configure-open-edge-with-include](../includes/configure-open-edge-with-include.md)]
+
+## Configure Start Pages
+[!INCLUDE [configure-start-pages-include](../includes/configure-start-pages-include.md)]
+
+## Disable Lockdown of Start pages
+[!INCLUDE [disable-lockdown-of-start-pages-include](../includes/disable-lockdown-of-start-pages-include.md)]
+
diff --git a/browsers/edge/group-policies/sync-browser-settings-gp.md b/browsers/edge/group-policies/sync-browser-settings-gp.md
index 86ed0db6fc..fc5a62e81c 100644
--- a/browsers/edge/group-policies/sync-browser-settings-gp.md
+++ b/browsers/edge/group-policies/sync-browser-settings-gp.md
@@ -1,45 +1,46 @@
----
-title: Microsoft Edge - Sync browser settings
-description: By default, the “browser” group syncs automatically between the user’s devices, letting users make changes. The “browser” group uses the Sync your Settings option in Settings to sync information like history and favorites.
-audience: itpro
manager: dansimp
-ms.author: eravena
-author: eavena
-ms.date: 10/02/2018
-ms.reviewer:
-ms.localizationpriority: medium
-ms.topic: reference
----
-
-# Sync browser settings
-
-
-By default, the “browser” group syncs automatically between the user’s devices, letting users make changes. The “browser” group uses the Sync your Settings option in Settings to sync information like history and favorites. You can configure Microsoft Edge to prevent the “browser” group from syncing and prevent users from turning on the _Sync your Settings_ toggle in Settings. If you want syncing turned off by default but not disabled, select the _Allow users to turn “browser” syncing_ option in the Do not sync browser policy.
-
-
-## Relevant policies
-- [Do not sync browser settings](#do-not-sync-browser-settings)
-- [Prevent users from turning on browser syncing](#prevent-users-from-turning-on-browser-syncing)
-
-You can find the Microsoft Edge Group Policy settings in the following location of the Group Policy Editor unless otherwise noted in the policy:
-
- **Computer Configuration\\Administrative Templates\\Windows Components\\Microsoft Edge\\**
-
-## Configuration options
-
-
-
-
-
-
-### Verify the configuration
-To verify the settings:
-1. In the upper-right corner of Microsoft Edge, click **More** \(**...**\).
-2. Click **Settings**.
-3. Under Account, see if the setting is toggled on or off.
-
-
-## Do not sync browser settings
-[!INCLUDE [do-not-sync-browser-settings-include](../includes/do-not-sync-browser-settings-include.md)]
-
-## Prevent users from turning on browser syncing
-[!INCLUDE [prevent-users-to-turn-on-browser-syncing-include](../includes/prevent-users-to-turn-on-browser-syncing-include.md)]
+---
+title: Microsoft Edge - Sync browser settings
+description: By default, the “browser” group syncs automatically between the user’s devices, letting users make changes. The “browser” group uses the Sync your Settings option in Settings to sync information like history and favorites.
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+author: dansimp
+ms.date: 10/02/2018
+ms.reviewer:
+ms.localizationpriority: medium
+ms.topic: reference
+---
+
+# Sync browser settings
+
+
+By default, the “browser” group syncs automatically between the user’s devices, letting users make changes. The “browser” group uses the Sync your Settings option in Settings to sync information like history and favorites. You can configure Microsoft Edge to prevent the “browser” group from syncing and prevent users from turning on the _Sync your Settings_ toggle in Settings. If you want syncing turned off by default but not disabled, select the _Allow users to turn “browser” syncing_ option in the Do not sync browser policy.
+
+
+## Relevant policies
+- [Do not sync browser settings](#do-not-sync-browser-settings)
+- [Prevent users from turning on browser syncing](#prevent-users-from-turning-on-browser-syncing)
+
+You can find the Microsoft Edge Group Policy settings in the following location of the Group Policy Editor unless otherwise noted in the policy:
+
+ **Computer Configuration\\Administrative Templates\\Windows Components\\Microsoft Edge\\**
+
+## Configuration options
+
+
+
+
+
+
+### Verify the configuration
+To verify the settings:
+1. In the upper-right corner of Microsoft Edge, click **More** \(**...**\).
+2. Click **Settings**.
+3. Under Account, see if the setting is toggled on or off.
+
+
+## Do not sync browser settings
+[!INCLUDE [do-not-sync-browser-settings-include](../includes/do-not-sync-browser-settings-include.md)]
+
+## Prevent users from turning on browser syncing
+[!INCLUDE [prevent-users-to-turn-on-browser-syncing-include](../includes/prevent-users-to-turn-on-browser-syncing-include.md)]
diff --git a/browsers/edge/group-policies/telemetry-management-gp.md b/browsers/edge/group-policies/telemetry-management-gp.md
index 3de0998564..a14fc3aaf6 100644
--- a/browsers/edge/group-policies/telemetry-management-gp.md
+++ b/browsers/edge/group-policies/telemetry-management-gp.md
@@ -1,31 +1,32 @@
----
-title: Microsoft Edge - Telemetry and data collection group policies
-description: Microsoft Edge gathers diagnostic data, intranet history, internet history, tracking information of sites visited, and Live Tile metadata. You can configure Microsoft Edge to collect all or none of this information.
-audience: itpro
manager: dansimp
-ms.author: eravena
-author: eavena
-ms.date: 10/02/2018
-ms.reviewer:
-ms.localizationpriority: medium
-ms.topic: reference
----
-
-# Telemetry and data collection
-
-Microsoft Edge gathers diagnostic data, intranet history, internet history, tracking information of sites visited, and Live Tile metadata. You can configure Microsoft Edge to collect all or none of this information.
-
-You can find the Microsoft Edge Group Policy settings in the following location of the Group Policy Editor unless otherwise noted in the policy:
-
- **Computer Configuration\\Administrative Templates\\Windows Components\\Microsoft Edge\\**
-
-## Allow extended telemetry for the Books tab
-[!INCLUDE [allow-ext-telemetry-books-tab-include.md](../includes/allow-ext-telemetry-books-tab-include.md)]
-
-## Configure collection of browsing data for Microsoft 365 Analytics
-[!INCLUDE [configure-browser-telemetry-for-m365-analytics-include](../includes/configure-browser-telemetry-for-m365-analytics-include.md)]
-
-## Configure Do Not Track
-[!INCLUDE [configure-do-not-track-include.md](../includes/configure-do-not-track-include.md)]
-
-## Prevent Microsoft Edge from gathering Live Tile information when pinning a site to Start
-[!INCLUDE [prevent-live-tile-pinning-start-include](../includes/prevent-live-tile-pinning-start-include.md)]
+---
+title: Microsoft Edge - Telemetry and data collection group policies
+description: Microsoft Edge gathers diagnostic data, intranet history, internet history, tracking information of sites visited, and Live Tile metadata. You can configure Microsoft Edge to collect all or none of this information.
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+author: dansimp
+ms.date: 10/02/2018
+ms.reviewer:
+ms.localizationpriority: medium
+ms.topic: reference
+---
+
+# Telemetry and data collection
+
+Microsoft Edge gathers diagnostic data, intranet history, internet history, tracking information of sites visited, and Live Tile metadata. You can configure Microsoft Edge to collect all or none of this information.
+
+You can find the Microsoft Edge Group Policy settings in the following location of the Group Policy Editor unless otherwise noted in the policy:
+
+ **Computer Configuration\\Administrative Templates\\Windows Components\\Microsoft Edge\\**
+
+## Allow extended telemetry for the Books tab
+[!INCLUDE [allow-ext-telemetry-books-tab-include.md](../includes/allow-ext-telemetry-books-tab-include.md)]
+
+## Configure collection of browsing data for Microsoft 365 Analytics
+[!INCLUDE [configure-browser-telemetry-for-m365-analytics-include](../includes/configure-browser-telemetry-for-m365-analytics-include.md)]
+
+## Configure Do Not Track
+[!INCLUDE [configure-do-not-track-include.md](../includes/configure-do-not-track-include.md)]
+
+## Prevent Microsoft Edge from gathering Live Tile information when pinning a site to Start
+[!INCLUDE [prevent-live-tile-pinning-start-include](../includes/prevent-live-tile-pinning-start-include.md)]
diff --git a/browsers/edge/img-microsoft-edge-infographic-lg.md b/browsers/edge/img-microsoft-edge-infographic-lg.md
index 2a2ca7e399..9b329c580b 100644
--- a/browsers/edge/img-microsoft-edge-infographic-lg.md
+++ b/browsers/edge/img-microsoft-edge-infographic-lg.md
@@ -1,15 +1,16 @@
----
-description: A full-sized view of the Microsoft Edge infographic.
-title: Full-sized view of the Microsoft Edge infographic
-ms.date: 11/10/2016
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: eravena
-author: eavena
----
-
-Return to: [Browser: Microsoft Edge and Internet Explorer 11](enterprise-guidance-using-microsoft-edge-and-ie11.md)
-Download image: [Total Economic Impact of Microsoft Edge: Infographic](https://www.microsoft.com/en-us/download/details.aspx?id=53892)
-
-
-
+---
+description: A full-sized view of the Microsoft Edge infographic.
+title: Full-sized view of the Microsoft Edge infographic
+ms.date: 11/10/2016
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+author: dansimp
+---
+
+Return to: [Browser: Microsoft Edge and Internet Explorer 11](enterprise-guidance-using-microsoft-edge-and-ie11.md)
+Download image: [Total Economic Impact of Microsoft Edge: Infographic](https://www.microsoft.com/download/details.aspx?id=53892)
+
+
+
diff --git a/browsers/edge/managing-group-policy-admx-files.md b/browsers/edge/managing-group-policy-admx-files.md
index f749992d29..8b93e0ebc2 100644
--- a/browsers/edge/managing-group-policy-admx-files.md
+++ b/browsers/edge/managing-group-policy-admx-files.md
@@ -1,26 +1,27 @@
----
-title: Managing group policy ADMX files
-description: Learn how to centrally administer and incorporate ADMX files when editing the administrative template policy settings inside a local or domain-based Group Policy object.
-ms.assetid:
-ms.reviewer:
-audience: itpro
manager: dansimp
-author: eavena
-ms.author: eravena
-ms.prod: edge
-ms.sitesec: library
-ms.localizationpriority: medium
-ms.date: 10/19/2018
----
-
-# Managing group policy ADMX files
-
->Applies to: Microsoft Edge on Windows 10
-
-ADMX files, which are registry-based policy settings provide an XML-based structure for defining the display of the Administrative Template policy settings in the Group Policy Object Editor. The ADMX files replace ADM files, which used a different markup language.
-
->[!NOTE]
->The administrative tools you use—Group Policy Object Editor and Group Policy Management Console—remain mostly unchanged. In the majority of situations, you won’t notice the presence of ADMX files during your day-to-day Group Policy administration tasks.
-
-Unlike ADM files, ADMX files are not stored in individual GPOs by default; however, this behavior supports less common scenarios. For domain-based enterprises, you can create a central store location of ADMX files accessible by anyone with permission to create or edit GPOs. Group Policy tools continue to recognize other earlier ADM files you have in your existing environment. The Group Policy Object Editor automatically reads and displays Administrative Template policy settings from both the ADMX and ADM files.
-
-Some situations require a better understanding of how ADMX files are structured and the location of the files. In this article, we show you how ADMX files are incorporated when editing Administrative Template policy settings in a local or domain-based Group Policy object (GPO).
+---
+title: Managing group policy ADMX files
+description: Learn how to centrally administer and incorporate ADMX files when editing the administrative template policy settings inside a local or domain-based Group Policy object.
+ms.assetid:
+ms.reviewer:
+audience: itpro
+manager: dansimp
+author: dansimp
+ms.author: dansimp
+ms.prod: edge
+ms.sitesec: library
+ms.localizationpriority: medium
+ms.date: 10/19/2018
+---
+
+# Managing group policy ADMX files
+
+>Applies to: Microsoft Edge on Windows 10
+
+ADMX files, which are registry-based policy settings provide an XML-based structure for defining the display of the Administrative Template policy settings in the Group Policy Object Editor. The ADMX files replace ADM files, which used a different markup language.
+
+>[!NOTE]
+>The administrative tools you use—Group Policy Object Editor and Group Policy Management Console—remain mostly unchanged. In the majority of situations, you won’t notice the presence of ADMX files during your day-to-day Group Policy administration tasks.
+
+Unlike ADM files, ADMX files are not stored in individual GPOs by default; however, this behavior supports less common scenarios. For domain-based enterprises, you can create a central store location of ADMX files accessible by anyone with permission to create or edit GPOs. Group Policy tools continue to recognize other earlier ADM files you have in your existing environment. The Group Policy Object Editor automatically reads and displays Administrative Template policy settings from both the ADMX and ADM files.
+
+Some situations require a better understanding of how ADMX files are structured and the location of the files. In this article, we show you how ADMX files are incorporated when editing Administrative Template policy settings in a local or domain-based Group Policy object (GPO).
diff --git a/browsers/edge/microsoft-edge-faq.md b/browsers/edge/microsoft-edge-faq.md
index e73d7bb1a6..4e520db1e3 100644
--- a/browsers/edge/microsoft-edge-faq.md
+++ b/browsers/edge/microsoft-edge-faq.md
@@ -1,54 +1,55 @@
----
-title: Microsoft Edge - Frequently Asked Questions (FAQs) for IT Pros
-ms.reviewer:
-audience: itpro
manager: dansimp
-description: Answers to frequently asked questions about Microsoft Edge features, integration, support, and potential problems.
-author: msdmaguire
-ms.author: dmaguire
-ms.prod: edge
-ms.topic: article
-ms.mktglfcycl: general
-ms.sitesec: library
-ms.localizationpriority: medium
----
-
-# Frequently Asked Questions (FAQs) for IT Pros
-
->Applies to: Microsoft Edge on Windows 10 and Windows 10 Mobile
-
-## How can I get the next major version of Microsoft Edge, based on Chromium?
-In December 2018, Microsoft [announced](https://blogs.windows.com/windowsexperience/2018/12/06/microsoft-edge-making-the-web-better-through-more-open-source-collaboration/#8jv53blDvL6TIKuS.97) our intention to adopt the Chromium open source project in the development of Microsoft Edge on the desktop, to create better web compatibility for our customers and less fragmentation of the web for all web developers. You can get more information at the [Microsoft Edge Insiders site](https://www.microsoftedgeinsider.com/).
-
-## What’s the difference between Microsoft Edge and Internet Explorer 11? How do I know which one to use?
-Microsoft Edge is the default browser for all Windows 10 devices. It’s built to be highly compatible with the modern web. For some enterprise web apps and a small set of sites that were built to work with older technologies like ActiveX, [you can use Enterprise Mode](emie-to-improve-compatibility.md) to automatically send users to Internet Explorer 11.
-
-For more information on how Internet Explorer and Microsoft Edge work together to support your legacy web apps, while still defaulting to the higher security and modern experiences enabled by Microsoft Edge, see [Legacy apps in the enterprise](https://blogs.windows.com/msedgedev/2017/04/07/legacy-web-apps-enterprise/#RAbtRvJSYFaKu2BI.97).
-
-## Does Microsoft Edge work with Enterprise Mode?
-[Enterprise Mode](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/enterprise-mode-overview-for-ie11) helps you run many legacy web applications with better backward compatibility. You can configure both Microsoft Edge and Internet Explorer to use the same Enterprise Mode Site List, switching seamlessly between browsers to support both modern and legacy web apps.
-
-## How do I customize Microsoft Edge and related settings for my organization?
-You can use Group Policy or Microsoft Intune to manage settings related to Microsoft Edge, such as security settings, folder redirection, and preferences. See [Group Policy and Mobile Device Management (MDM) settings for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/group-policies/) for a list of policies currently available for Microsoft Edge and configuration information. Note that the preview release of Chromium-based Microsoft Edge might not include management policies or other enterprise functionality; our focus during the preview is modern browser fundamentals.
-
-## Is Adobe Flash supported in Microsoft Edge?
-Adobe Flash is currently supported as a built-in feature of Microsoft Edge on PCs running Windows 10. In July 2017, Adobe announced that Flash support will end after 2020. With this change to Adobe support, we’ve started to phase Flash out of Microsoft Edge by adding the [Configure the Adobe Flash Click-to-Run setting group policy](https://docs.microsoft.com/microsoft-edge/deploy/available-policies#configure-the-adobe-flash-click-to-run-setting) - this lets you control which websites can run Adobe Flash content.
-
-To learn more about Microsoft’s plan for phasing Flash out of Microsoft Edge and Internet Explorer, see [The End of an Era — Next Steps for Adobe Flash](https://blogs.windows.com/msedgedev/2017/07/25/flash-on-windows-timeline/#3Bcc3QjRw0l7XsZ4.97) (blog article).
-
-## Does Microsoft Edge support ActiveX controls or BHOs like Silverlight or Java?
-No. Microsoft Edge doesn’t support ActiveX controls and BHOs like Silverlight or Java. If you’re running web apps that use ActiveX controls, x-ua-compatible headers, or legacy document modes, you need to keep running them in IE11. IE11 offers additional security, manageability, performance, backward compatibility, and standards support.
-
-## How often will Microsoft Edge be updated?
-In Windows 10, we’re delivering Windows as a service, updated on a cadence driven by quality and the availability of new features. Microsoft Edge security updates are released every two to four weeks, while bigger feature updates are included in the Windows 10 releases on a semi-annual cadence.
-
-## How can I provide feedback on Microsoft Edge?
-Microsoft Edge is an evergreen browser - we’ll continue to evolve both the web platform and the user interface with regular updates. To send feedback on user experience, or on broken or malicious sites, use the **Send Feedback** option under the ellipses icon (**...**) in the Microsoft Edge toolbar.
-
-## Will Internet Explorer 11 continue to receive updates?
-We’re committed to keeping Internet Explorer a supported, reliable, and safe browser. Internet Explorer is still a component of Windows and follows the support lifecycle of the OS on which it’s installed. For details, see [Lifecycle FAQ - Internet Explorer](https://support.microsoft.com/help/17454/). While we continue to support and update Internet Explorer, the latest features and platform updates will only be available in Microsoft Edge.
-
-## How do I find out what version of Microsoft Edge I have?
-In the upper right corner of Microsoft Edge, click the ellipses icon (**...**), and then click **Settings**. Look in the **About Microsoft Edge** section to find your version.
-
-## What is Microsoft EdgeHTML?
-Microsoft EdgeHTML is the web rendering engine that powers the current Microsoft Edge web browser and Windows 10 web app platform. (As opposed to *Microsoft Edge, based on Chromium*.)
+---
+title: Microsoft Edge - Frequently Asked Questions (FAQs) for IT Pros
+ms.reviewer:
+audience: itpro
+manager: dansimp
+description: Answers to frequently asked questions about Microsoft Edge features, integration, support, and potential problems.
+author: dansimp
+ms.author: dansimp
+ms.prod: edge
+ms.topic: article
+ms.mktglfcycl: general
+ms.sitesec: library
+ms.localizationpriority: medium
+---
+
+# Frequently Asked Questions (FAQs) for IT Pros
+
+>Applies to: Microsoft Edge on Windows 10 and Windows 10 Mobile
+
+## How can I get the next major version of Microsoft Edge, based on Chromium?
+In December 2018, Microsoft [announced](https://blogs.windows.com/windowsexperience/2018/12/06/microsoft-edge-making-the-web-better-through-more-open-source-collaboration/#8jv53blDvL6TIKuS.97) our intention to adopt the Chromium open source project in the development of Microsoft Edge on the desktop, to create better web compatibility for our customers and less fragmentation of the web for all web developers. You can get more information at the [Microsoft Edge Insiders site](https://www.microsoftedgeinsider.com/).
+
+## What’s the difference between Microsoft Edge and Internet Explorer 11? How do I know which one to use?
+Microsoft Edge is the default browser for all Windows 10 devices. It’s built to be highly compatible with the modern web. For some enterprise web apps and a small set of sites that were built to work with older technologies like ActiveX, [you can use Enterprise Mode](emie-to-improve-compatibility.md) to automatically send users to Internet Explorer 11.
+
+For more information on how Internet Explorer and Microsoft Edge work together to support your legacy web apps, while still defaulting to the higher security and modern experiences enabled by Microsoft Edge, see [Legacy apps in the enterprise](https://blogs.windows.com/msedgedev/2017/04/07/legacy-web-apps-enterprise/#RAbtRvJSYFaKu2BI.97).
+
+## Does Microsoft Edge work with Enterprise Mode?
+[Enterprise Mode](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/enterprise-mode-overview-for-ie11) helps you run many legacy web applications with better backward compatibility. You can configure both Microsoft Edge and Internet Explorer to use the same Enterprise Mode Site List, switching seamlessly between browsers to support both modern and legacy web apps.
+
+## How do I customize Microsoft Edge and related settings for my organization?
+You can use Group Policy or Microsoft Intune to manage settings related to Microsoft Edge, such as security settings, folder redirection, and preferences. See [Group Policy and Mobile Device Management (MDM) settings for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/group-policies/) for a list of policies currently available for Microsoft Edge and configuration information. Note that the preview release of Chromium-based Microsoft Edge might not include management policies or other enterprise functionality; our focus during the preview is modern browser fundamentals.
+
+## Is Adobe Flash supported in Microsoft Edge?
+Adobe Flash is currently supported as a built-in feature of Microsoft Edge on PCs running Windows 10. In July 2017, Adobe announced that Flash support will end after 2020. With this change to Adobe support, we’ve started to phase Flash out of Microsoft Edge by adding the [Configure the Adobe Flash Click-to-Run setting group policy](https://docs.microsoft.com/microsoft-edge/deploy/available-policies#configure-the-adobe-flash-click-to-run-setting) - this lets you control which websites can run Adobe Flash content.
+
+To learn more about Microsoft’s plan for phasing Flash out of Microsoft Edge and Internet Explorer, see [The End of an Era — Next Steps for Adobe Flash](https://blogs.windows.com/msedgedev/2017/07/25/flash-on-windows-timeline/#3Bcc3QjRw0l7XsZ4.97) (blog article).
+
+## Does Microsoft Edge support ActiveX controls or BHOs like Silverlight or Java?
+No. Microsoft Edge doesn’t support ActiveX controls and BHOs like Silverlight or Java. If you’re running web apps that use ActiveX controls, x-ua-compatible headers, or legacy document modes, you need to keep running them in IE11. IE11 offers additional security, manageability, performance, backward compatibility, and standards support.
+
+## How often will Microsoft Edge be updated?
+In Windows 10, we’re delivering Windows as a service, updated on a cadence driven by quality and the availability of new features. Microsoft Edge security updates are released every two to four weeks, while bigger feature updates are included in the Windows 10 releases on a semi-annual cadence.
+
+## How can I provide feedback on Microsoft Edge?
+Microsoft Edge is an evergreen browser - we’ll continue to evolve both the web platform and the user interface with regular updates. To send feedback on user experience, or on broken or malicious sites, use the **Send Feedback** option under the ellipses icon (**...**) in the Microsoft Edge toolbar.
+
+## Will Internet Explorer 11 continue to receive updates?
+We’re committed to keeping Internet Explorer a supported, reliable, and safe browser. Internet Explorer is still a component of Windows and follows the support lifecycle of the OS on which it’s installed. For details, see [Lifecycle FAQ - Internet Explorer](https://support.microsoft.com/help/17454/). While we continue to support and update Internet Explorer, the latest features and platform updates will only be available in Microsoft Edge.
+
+## How do I find out what version of Microsoft Edge I have?
+In the upper right corner of Microsoft Edge, click the ellipses icon (**...**), and then click **Settings**. Look in the **About Microsoft Edge** section to find your version.
+
+## What is Microsoft EdgeHTML?
+Microsoft EdgeHTML is the web rendering engine that powers the current Microsoft Edge web browser and Windows 10 web app platform. (As opposed to *Microsoft Edge, based on Chromium*.)
diff --git a/browsers/edge/microsoft-edge-forrester.md b/browsers/edge/microsoft-edge-forrester.md
index 2407ccef53..23c3505440 100644
--- a/browsers/edge/microsoft-edge-forrester.md
+++ b/browsers/edge/microsoft-edge-forrester.md
@@ -1,36 +1,37 @@
----
-title: Forrester Total Economic Impact - Microsoft Edge
-ms.reviewer:
-audience: itpro
manager: dansimp
-description: Review the results of the Microsoft Edge study carried out by Forrester Research
-ms.prod: edge
-ms.topic: article
-author: msdmaguire
-ms.author: dmaguire
-ms.localizationpriority: high
----
-# Measuring the impact of Microsoft Edge - Total Economic Impact (TEI) of Microsoft Edge
-
-Forrester Research measures the return on investment (ROI) of Microsoft Edge in its latest TEI report and survey. Browse and download these free resources to learn about the impact Microsoft Edge can have in your organization, including significant cost savings in reduced browser help desk tickets and improved browser security, to increased speed, performance, and user productivity.
-
-## Forrester report video summary
-View a brief overview of the Forrester TEI case study that Microsoft commissioned to examine the value your organization can achieve by utilizing Microsoft Edge:
-
-> ![VIDEO ]
-
-## Forrester Study report
-
-Forrester interviewed several customers with more than six months of experience using Microsoft Edge – all customers reported improvements in browser security, increased user productivity, and efficiencies gained in supporting the software.
-
-[Download the full report](https://www.microsoft.com/download/details.aspx?id=55847)
-
-## Forrester Study report infographic
-Get a graphical summary of the TEI of Microsoft Edge Forrester Study report and highlights of the three-year financial impact of Microsoft Edge.
-
-[Download the report infographic](https://www.microsoft.com/download/details.aspx?id=55956)
-
-## Forrester survey infographic
-
-Forrester surveyed 168 customers using Microsoft Edge form the US, Germany, UK, and Japan, ranging in size from 500 to over 100,000 employees. This document is an abridged version of this survey commissioned by Microsoft and delivery by Forrester consulting.
-
-[Download the survey infographic](https://www.microsoft.com/download/details.aspx?id=53892)
+---
+title: Forrester Total Economic Impact - Microsoft Edge
+ms.reviewer:
+audience: itpro
+manager: dansimp
+description: Review the results of the Microsoft Edge study carried out by Forrester Research
+ms.prod: edge
+ms.topic: article
+author: dansimp
+ms.author: dansimp
+ms.localizationpriority: high
+---
+# Measuring the impact of Microsoft Edge - Total Economic Impact (TEI) of Microsoft Edge
+
+Forrester Research measures the return on investment (ROI) of Microsoft Edge in its latest TEI report and survey. Browse and download these free resources to learn about the impact Microsoft Edge can have in your organization, including significant cost savings in reduced browser help desk tickets and improved browser security, to increased speed, performance, and user productivity.
+
+## Forrester report video summary
+View a brief overview of the Forrester TEI case study that Microsoft commissioned to examine the value your organization can achieve by utilizing Microsoft Edge:
+
+> ![VIDEO ]
+
+## Forrester Study report
+
+Forrester interviewed several customers with more than six months of experience using Microsoft Edge – all customers reported improvements in browser security, increased user productivity, and efficiencies gained in supporting the software.
+
+[Download the full report](https://www.microsoft.com/download/details.aspx?id=55847)
+
+## Forrester Study report infographic
+Get a graphical summary of the TEI of Microsoft Edge Forrester Study report and highlights of the three-year financial impact of Microsoft Edge.
+
+[Download the report infographic](https://www.microsoft.com/download/details.aspx?id=55956)
+
+## Forrester survey infographic
+
+Forrester surveyed 168 customers using Microsoft Edge form the US, Germany, UK, and Japan, ranging in size from 500 to over 100,000 employees. This document is an abridged version of this survey commissioned by Microsoft and delivery by Forrester consulting.
+
+[Download the survey infographic](https://www.microsoft.com/download/details.aspx?id=53892)
diff --git a/browsers/edge/microsoft-edge-kiosk-mode-deploy.md b/browsers/edge/microsoft-edge-kiosk-mode-deploy.md
index 9781a1de92..b8899ba2b6 100644
--- a/browsers/edge/microsoft-edge-kiosk-mode-deploy.md
+++ b/browsers/edge/microsoft-edge-kiosk-mode-deploy.md
@@ -5,13 +5,13 @@ ms.assetid:
ms.reviewer:
audience: itpro
manager: dansimp
-author: eavena
-ms.author: eravena
+author: dansimp
+ms.author: dansimp
ms.prod: edge
ms.sitesec: library
ms.topic: article
ms.localizationpriority: medium
-ms.date: 10/29/2018
+ms.date: 10/29/2018
---
# Deploy Microsoft Edge kiosk mode
diff --git a/browsers/edge/shortdesc/allow-a-shared-books-folder-shortdesc.md b/browsers/edge/shortdesc/allow-a-shared-books-folder-shortdesc.md
index 6ca44ca392..ecfa4c5ca0 100644
--- a/browsers/edge/shortdesc/allow-a-shared-books-folder-shortdesc.md
+++ b/browsers/edge/shortdesc/allow-a-shared-books-folder-shortdesc.md
@@ -1,11 +1,12 @@
----
-author: eavena
-ms.author: eravena
-ms.date: 10/02/2018
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.prod: edge
-ms.topic: include
----
-
-Microsoft Edge does not use a shared folder by default but downloads book files to a per-user folder for each user. With this policy, you can configure Microsoft Edge to store books from the Books Library to a default, shared folder in Windows, which decreases the amount of storage used by book files. When you enable this policy, Microsoft Edge downloads books to a shared folder after user action to download the book to their device, which allows them to remove downloaded books at any time. For this policy to work correctly, you must also enable the **Allow a Windows app to share application data between users** group policy. Also, the users must be signed in with a school or work account.
+---
+author: dansimp
+ms.author: dansimp
+ms.date: 10/02/2018
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.prod: edge
+ms.topic: include
+---
+
+Microsoft Edge does not use a shared folder by default but downloads book files to a per-user folder for each user. With this policy, you can configure Microsoft Edge to store books from the Books Library to a default, shared folder in Windows, which decreases the amount of storage used by book files. When you enable this policy, Microsoft Edge downloads books to a shared folder after user action to download the book to their device, which allows them to remove downloaded books at any time. For this policy to work correctly, you must also enable the **Allow a Windows app to share application data between users** group policy. Also, the users must be signed in with a school or work account.
diff --git a/browsers/edge/shortdesc/allow-address-bar-drop-down-shortdesc.md b/browsers/edge/shortdesc/allow-address-bar-drop-down-shortdesc.md
index 4b4897683a..116864a49f 100644
--- a/browsers/edge/shortdesc/allow-address-bar-drop-down-shortdesc.md
+++ b/browsers/edge/shortdesc/allow-address-bar-drop-down-shortdesc.md
@@ -1,11 +1,12 @@
----
-author: eavena
-ms.author: eravena
-ms.date: 10/02/2018
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.prod: edge
-ms.topic: include
----
-
-Microsoft Edge shows the Address bar drop-down list and makes it available by default, which takes precedence over the Configure search suggestions in Address bar policy. We recommend disabling this policy if you want to minimize network connections from Microsoft Edge to Microsoft service, which hides the functionality of the Address bar drop-down list. When you disable this policy, Microsoft Edge also disables the _Show search and site suggestions as I type_ toggle in Settings.
+---
+author: dansimp
+ms.author: dansimp
+ms.date: 10/02/2018
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.prod: edge
+ms.topic: include
+---
+
+Microsoft Edge shows the Address bar drop-down list and makes it available by default, which takes precedence over the Configure search suggestions in Address bar policy. We recommend disabling this policy if you want to minimize network connections from Microsoft Edge to Microsoft service, which hides the functionality of the Address bar drop-down list. When you disable this policy, Microsoft Edge also disables the _Show search and site suggestions as I type_ toggle in Settings.
diff --git a/browsers/edge/shortdesc/allow-adobe-flash-shortdesc.md b/browsers/edge/shortdesc/allow-adobe-flash-shortdesc.md
index bd2d105ef2..dca6cf6233 100644
--- a/browsers/edge/shortdesc/allow-adobe-flash-shortdesc.md
+++ b/browsers/edge/shortdesc/allow-adobe-flash-shortdesc.md
@@ -1,11 +1,12 @@
----
-author: eavena
-ms.author: eravena
-ms.date: 10/02/2018
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.prod: edge
-ms.topic: include
----
-
-Adobe Flash is integrated with Microsoft Edge and runs Adobe Flash content by default. With this policy, you can configure Microsoft Edge to prevent Adobe Flash content from running.
+---
+author: dansimp
+ms.author: dansimp
+ms.date: 10/02/2018
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.prod: edge
+ms.topic: include
+---
+
+Adobe Flash is integrated with Microsoft Edge and runs Adobe Flash content by default. With this policy, you can configure Microsoft Edge to prevent Adobe Flash content from running.
diff --git a/browsers/edge/shortdesc/allow-clearing-browsing-data-on-exit-shortdesc.md b/browsers/edge/shortdesc/allow-clearing-browsing-data-on-exit-shortdesc.md
index 373cac8619..af3d4fefef 100644
--- a/browsers/edge/shortdesc/allow-clearing-browsing-data-on-exit-shortdesc.md
+++ b/browsers/edge/shortdesc/allow-clearing-browsing-data-on-exit-shortdesc.md
@@ -1,11 +1,12 @@
----
-author: eavena
-ms.author: eravena
-ms.date: 10/02/2018
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.prod: edge
-ms.topic: include
----
-
-Microsoft Edge does not clear the browsing data on exit by default, but users can configure the _Clear browsing data_ option in Settings. Browsing data includes information you entered in forms, passwords, and even the websites visited. With this policy, you can configure Microsoft Edge to clear the browsing data automatically each time Microsoft Edge closes.
+---
+author: dansimp
+ms.author: dansimp
+ms.date: 10/02/2018
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.prod: edge
+ms.topic: include
+---
+
+Microsoft Edge does not clear the browsing data on exit by default, but users can configure the _Clear browsing data_ option in Settings. Browsing data includes information you entered in forms, passwords, and even the websites visited. With this policy, you can configure Microsoft Edge to clear the browsing data automatically each time Microsoft Edge closes.
diff --git a/browsers/edge/shortdesc/allow-configuration-updates-for-books-library-shortdesc.md b/browsers/edge/shortdesc/allow-configuration-updates-for-books-library-shortdesc.md
index 4775e4ba3e..40a927c882 100644
--- a/browsers/edge/shortdesc/allow-configuration-updates-for-books-library-shortdesc.md
+++ b/browsers/edge/shortdesc/allow-configuration-updates-for-books-library-shortdesc.md
@@ -1,11 +1,12 @@
----
-author: eavena
-ms.author: eravena
-ms.date: 10/02/2018
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.prod: edge
-ms.topic: include
----
-
-Microsoft Edge automatically updates the configuration data for the Books library. Disabling this policy prevents Microsoft Edge from updating the configuration data. If Microsoft receives feedback about the amount of data about the Books library, the data comes as a JSON file.
+---
+author: dansimp
+ms.author: dansimp
+ms.date: 10/02/2018
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.prod: edge
+ms.topic: include
+---
+
+Microsoft Edge automatically updates the configuration data for the Books library. Disabling this policy prevents Microsoft Edge from updating the configuration data. If Microsoft receives feedback about the amount of data about the Books library, the data comes as a JSON file.
diff --git a/browsers/edge/shortdesc/allow-cortana-shortdesc.md b/browsers/edge/shortdesc/allow-cortana-shortdesc.md
index 5975b2b148..fbfa0f13b0 100644
--- a/browsers/edge/shortdesc/allow-cortana-shortdesc.md
+++ b/browsers/edge/shortdesc/allow-cortana-shortdesc.md
@@ -1,11 +1,12 @@
----
-author: eavena
-ms.author: eravena
-ms.date: 10/02/2018
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.prod: edge
-ms.topic: include
----
-
-Since Microsoft Edge is integration with Cortana, Microsoft Edge allows users to use Cortana voice assistant by default. With this policy, you can configure Microsoft Edge to prevent users from using Cortana but can still search to find items on their device.
+---
+author: dansimp
+ms.author: dansimp
+ms.date: 10/02/2018
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.prod: edge
+ms.topic: include
+---
+
+Since Microsoft Edge is integration with Cortana, Microsoft Edge allows users to use Cortana voice assistant by default. With this policy, you can configure Microsoft Edge to prevent users from using Cortana but can still search to find items on their device.
diff --git a/browsers/edge/shortdesc/allow-developer-tools-shortdesc.md b/browsers/edge/shortdesc/allow-developer-tools-shortdesc.md
index 4084a7dfde..9d134d4a38 100644
--- a/browsers/edge/shortdesc/allow-developer-tools-shortdesc.md
+++ b/browsers/edge/shortdesc/allow-developer-tools-shortdesc.md
@@ -1,11 +1,12 @@
----
-author: eavena
-ms.author: eravena
-ms.date: 10/02/2018
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.prod: edge
-ms.topic: include
----
-
-Microsoft Edge allows users to use the F12 developer tools to build and debug web pages by default. With this policy, you can configure Microsoft Edge to prevent users from using the F12 developer tools.
+---
+author: dansimp
+ms.author: dansimp
+ms.date: 10/02/2018
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.prod: edge
+ms.topic: include
+---
+
+Microsoft Edge allows users to use the F12 developer tools to build and debug web pages by default. With this policy, you can configure Microsoft Edge to prevent users from using the F12 developer tools.
diff --git a/browsers/edge/troubleshooting-microsoft-edge.md b/browsers/edge/troubleshooting-microsoft-edge.md
index ba351d8b48..3c50d4d50e 100644
--- a/browsers/edge/troubleshooting-microsoft-edge.md
+++ b/browsers/edge/troubleshooting-microsoft-edge.md
@@ -1,37 +1,38 @@
----
-title: Troubleshoot Microsoft Edge
-description:
-ms.assetid:
-ms.reviewer:
-audience: itpro
manager: dansimp
-author: eavena
-ms.author: eravena
-ms.prod: edge
-ms.sitesec: library
-title: Deploy Microsoft Edge kiosk mode
-ms.localizationpriority: medium
-ms.date: 10/15/2018
----
-
-# Troubleshoot Microsoft Edge
-
-
-## Microsoft Edge and IPv6
-We are aware of the known issue with Microsoft Edge and all UWP-based apps, such as Store, Mail, Feedback Hub, and so on. It only happens if you have disabled IPv6 (not recommended), so a temporary workaround is to enable it.
-
-## Microsoft Edge hijacks .PDF and .HTM files
-
-
-
-## Citrix Receiver in Microsoft Edge kiosk mode
-If you want to deliver applications to users via Citrix through Microsoft Edge, you must create the kiosk user account and then log into the account to install Citrix Receiver BEFORE setting up assigned access.
-
-1. Create the kiosk user account.
-2. Log into the account.
-3. Install Citrix Receiver.
-4. Set up assigned access.
-
-
-## Missing SettingSync.admx and SettingSync.adml files
-
-Make sure to [download](https://www.microsoft.com/en-us/download/windows.aspx) the latest templates to C:\windows\policydefinitions\.
+---
+title: Troubleshoot Microsoft Edge
+description:
+ms.assetid:
+ms.reviewer:
+audience: itpro
+manager: dansimp
+author: dansimp
+ms.author: dansimp
+ms.prod: edge
+ms.sitesec: library
+title: Deploy Microsoft Edge kiosk mode
+ms.localizationpriority: medium
+ms.date: 10/15/2018
+---
+
+# Troubleshoot Microsoft Edge
+
+
+## Microsoft Edge and IPv6
+We are aware of the known issue with Microsoft Edge and all UWP-based apps, such as Store, Mail, Feedback Hub, and so on. It only happens if you have disabled IPv6 (not recommended), so a temporary workaround is to enable it.
+
+## Microsoft Edge hijacks .PDF and .HTM files
+
+
+
+## Citrix Receiver in Microsoft Edge kiosk mode
+If you want to deliver applications to users via Citrix through Microsoft Edge, you must create the kiosk user account and then log into the account to install Citrix Receiver BEFORE setting up assigned access.
+
+1. Create the kiosk user account.
+2. Log into the account.
+3. Install Citrix Receiver.
+4. Set up assigned access.
+
+
+## Missing SettingSync.admx and SettingSync.adml files
+
+Make sure to [download](https://www.microsoft.com/download/windows.aspx) the latest templates to C:\windows\policydefinitions\.
diff --git a/browsers/edge/use-powershell-to manage-group-policy.md b/browsers/edge/use-powershell-to manage-group-policy.md
index 4427c17e84..58a6b06b27 100644
--- a/browsers/edge/use-powershell-to manage-group-policy.md
+++ b/browsers/edge/use-powershell-to manage-group-policy.md
@@ -1,29 +1,30 @@
----
-title: Use Windows PowerShell to manage group policy
-description:
-ms.prod: edge
-ms.mktglfcycl: explore
-ms.sitesec: library
-ms.pagetype: security
-title: Security enhancements for Microsoft Edge (Microsoft Edge for IT Pros)
-ms.localizationpriority: medium
-ms.date: 10/02/2018
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: eravena
-author: eavena
----
-
-# Use Windows PowerShell to manage group policy
-
-Windows PowerShell supports group policy automation of the same tasks you perform in Group Policy Management Console (GPMC) for domain-based group policy objects (GPOs):
-
-- Maintain GPOs (GPO creation, removal, backup, and import)
-- Associate GPOs with Active Directory service containers (group policy link creation, update, and removal)
-- Set permissions on GPOs
-- Modify inheritance flags on Active Directory organization units (OUs) and domains
-- Configure registry-based policy settings and group policy preferences registry settings (update, retrieval, and removal)
-- Create starter GPOs
-
-
-
+---
+title: Use Windows PowerShell to manage group policy
+description:
+ms.prod: edge
+ms.mktglfcycl: explore
+ms.sitesec: library
+ms.pagetype: security
+title: Security enhancements for Microsoft Edge (Microsoft Edge for IT Pros)
+ms.localizationpriority: medium
+ms.date: 10/02/2018
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+author: dansimp
+---
+
+# Use Windows PowerShell to manage group policy
+
+Windows PowerShell supports group policy automation of the same tasks you perform in Group Policy Management Console (GPMC) for domain-based group policy objects (GPOs):
+
+- Maintain GPOs (GPO creation, removal, backup, and import)
+- Associate GPOs with Active Directory service containers (group policy link creation, update, and removal)
+- Set permissions on GPOs
+- Modify inheritance flags on Active Directory organization units (OUs) and domains
+- Configure registry-based policy settings and group policy preferences registry settings (update, retrieval, and removal)
+- Create starter GPOs
+
+
+
diff --git a/browsers/edge/web-app-compat-toolkit.md b/browsers/edge/web-app-compat-toolkit.md
index b502df7292..8ec157e607 100644
--- a/browsers/edge/web-app-compat-toolkit.md
+++ b/browsers/edge/web-app-compat-toolkit.md
@@ -1,57 +1,58 @@
----
-title: Web Application Compatibility lab kit
-ms.reviewer:
-audience: itpro
manager: dansimp
-description: Learn how to use the web application compatibility toolkit for Microsoft Edge.
-ms.prod: edge
-ms.topic: article
-ms.manager: elizapo
-author: eavena
-ms.author: eravena
-ms.localizationpriority: high
----
-
-# Web Application Compatibility lab kit
-
->Updated: October, 2017
-
-Upgrading web applications to modern standards is the best long-term solution to ensure compatibility with today’s web browsers, but using backward compatibility can save time and money. Internet Explorer 11 has features that can ease your browser and operating system upgrades, reducing web application testing and remediation costs. On Windows 10, you can standardize on Microsoft Edge for faster, safer browsing and fall back to Internet Explorer 11 just for sites that need backward compatibility.
-
-The Web Application Compatibility Lab Kit is a primer for the features and techniques used to provide web application compatibility during a typical enterprise migration to Microsoft Edge. It walks you through how to configure and set up Enterprise Mode, leverage Enterprise Site Discovery, test web apps using the F12 developer tools, and manage the Enterprise Mode Site List.
-
-The Web Application Compatibility Lab Kit includes:
-
-- A pre-configured Windows 7 and Windows 10 virtual lab environment with:
- - Windows 7 Enterprise Evaluation
- - Windows 10 Enterprise Evaluation (version 1607)
- - Enterprise Mode Site List Manager
- - Enterprise Site Discovery Toolkit
-- A "lite" lab option to run the lab on your own Windows 7 or Windows 10 operating system
-- A step-by-step lab guide
-- A web application compatibility overview video
-- A white paper and IT Showcase studies
-
-Depending on your environment, your web apps may "just work” using the methods described below. Visit [Microsoft Edge Dev](https://developer.microsoft.com/microsoft-edge/) for tools and guidance for web developers.
-
-There are two versions of the lab kit available:
-
-- Full version (8 GB) - includes a complete virtual lab environment
-- Lite version (400 MB) - includes guidance for running the Lab Kit on your own Windows 7 or Windows 10 operating system
-
-The Web Application Compatibility Lab Kit is also available in the following languages:
-
-- Chinese (Simplified)
-- Chinese (Traditional)
-- French
-- German
-- Italian
-- Japanese
-- Korean
-- Portuguese (Brazil)
-- Russian
-- Spanish
-
-[DOWNLOAD THE LAB KIT](https://www.microsoft.com/evalcenter/evaluate-windows-10-web-application-compatibility-lab)
-
->[!TIP]
->Please use a broad bandwidth to download this content to enhance your downloading experience. Lab environment requires 8 GB of available memory and 100 GB of free disk space.
+---
+title: Web Application Compatibility lab kit
+ms.reviewer:
+audience: itpro
+manager: dansimp
+description: Learn how to use the web application compatibility toolkit for Microsoft Edge.
+ms.prod: edge
+ms.topic: article
+ms.manager: dansimp
+author: dansimp
+ms.author: dansimp
+ms.localizationpriority: high
+---
+
+# Web Application Compatibility lab kit
+
+>Updated: October, 2017
+
+Upgrading web applications to modern standards is the best long-term solution to ensure compatibility with today’s web browsers, but using backward compatibility can save time and money. Internet Explorer 11 has features that can ease your browser and operating system upgrades, reducing web application testing and remediation costs. On Windows 10, you can standardize on Microsoft Edge for faster, safer browsing and fall back to Internet Explorer 11 just for sites that need backward compatibility.
+
+The Web Application Compatibility Lab Kit is a primer for the features and techniques used to provide web application compatibility during a typical enterprise migration to Microsoft Edge. It walks you through how to configure and set up Enterprise Mode, leverage Enterprise Site Discovery, test web apps using the F12 developer tools, and manage the Enterprise Mode Site List.
+
+The Web Application Compatibility Lab Kit includes:
+
+- A pre-configured Windows 7 and Windows 10 virtual lab environment with:
+ - Windows 7 Enterprise Evaluation
+ - Windows 10 Enterprise Evaluation (version 1607)
+ - Enterprise Mode Site List Manager
+ - Enterprise Site Discovery Toolkit
+- A "lite" lab option to run the lab on your own Windows 7 or Windows 10 operating system
+- A step-by-step lab guide
+- A web application compatibility overview video
+- A white paper and IT Showcase studies
+
+Depending on your environment, your web apps may "just work” using the methods described below. Visit [Microsoft Edge Dev](https://developer.microsoft.com/microsoft-edge/) for tools and guidance for web developers.
+
+There are two versions of the lab kit available:
+
+- Full version (8 GB) - includes a complete virtual lab environment
+- Lite version (400 MB) - includes guidance for running the Lab Kit on your own Windows 7 or Windows 10 operating system
+
+The Web Application Compatibility Lab Kit is also available in the following languages:
+
+- Chinese (Simplified)
+- Chinese (Traditional)
+- French
+- German
+- Italian
+- Japanese
+- Korean
+- Portuguese (Brazil)
+- Russian
+- Spanish
+
+[DOWNLOAD THE LAB KIT](https://www.microsoft.com/evalcenter/evaluate-windows-10-web-application-compatibility-lab)
+
+>[!TIP]
+>Please use a broad bandwidth to download this content to enhance your downloading experience. Lab environment requires 8 GB of available memory and 100 GB of free disk space.
diff --git a/browsers/enterprise-mode/add-employees-enterprise-mode-portal.md b/browsers/enterprise-mode/add-employees-enterprise-mode-portal.md
index 6b9f2add8d..08d914e629 100644
--- a/browsers/enterprise-mode/add-employees-enterprise-mode-portal.md
+++ b/browsers/enterprise-mode/add-employees-enterprise-mode-portal.md
@@ -3,14 +3,14 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Details about how to add employees to the Enterprise Mode Site List Portal.
-author: eavena
+author: dansimp
ms.prod: ie11
title: Add employees to the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
---
# Add employees to the Enterprise Mode Site List Portal
diff --git a/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md b/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md
index 5b336bc92e..39adf2816d 100644
--- a/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md
+++ b/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: You can add multiple sites to your Enterprise Mode site list by creating a custom text (TXT) or Extensible Markup Language (XML) file of problematic sites and then adding it in the Bulk add from file area of the Enterprise Mode Site List Manager.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: 20aF07c4-051a-451f-9c46-5a052d9Ae27c
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1) (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md b/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md
index 7561149048..b4da3f64f5 100644
--- a/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md
+++ b/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Add multiple sites to your Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2).
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: da659ff5-70d5-4852-995e-4df67c4871dd
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2) (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 10/24/2017
diff --git a/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md b/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md
index ccb69e9415..55b2dcd28a 100644
--- a/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md
+++ b/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Enterprise Mode is a compatibility mode that runs on Internet Explorer 11, letting websites render using a modified browser configuration that's designed to emulate either Windows Internet Explorer 7 or Windows Internet Explorer 8, avoiding the common compatibility problems associated with web apps written and tested on older versions of Internet Explorer.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: 042e44e8-568d-4717-8fd3-69dd198bbf26
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Add sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.1) (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md b/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md
index d07284e3b6..c1a7aee9b8 100644
--- a/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md
+++ b/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Enterprise Mode is a compatibility mode that runs on Internet Explorer 11, letting websites render using a modified browser configuration that''s designed to emulate either Windows Internet Explorer 8 or Windows Internet Explorer 7, avoiding the common compatibility problems associated with web apps written and tested on older versions of Internet Explorer.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: 513e8f3b-fedf-4d57-8d81-1ea4fdf1ac0b
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Add sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.2) (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/administrative-templates-and-ie11.md b/browsers/enterprise-mode/administrative-templates-and-ie11.md
index 48dceffb10..d92810ceb5 100644
--- a/browsers/enterprise-mode/administrative-templates-and-ie11.md
+++ b/browsers/enterprise-mode/administrative-templates-and-ie11.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: security
description: Administrative templates and Internet Explorer 11
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: 2b390786-f786-41cc-bddc-c55c8a4c5af3
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Administrative templates and Internet Explorer 11 (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/approve-change-request-enterprise-mode-portal.md b/browsers/enterprise-mode/approve-change-request-enterprise-mode-portal.md
index 16c6da5049..fd58f63df5 100644
--- a/browsers/enterprise-mode/approve-change-request-enterprise-mode-portal.md
+++ b/browsers/enterprise-mode/approve-change-request-enterprise-mode-portal.md
@@ -3,14 +3,14 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Details about how Approvers can approve open change requests in the Enterprise Mode Site List Portal.
-author: eavena
+author: dansimp
ms.prod: ie11
title: Approve a change request using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
---
# Approve a change request using the Enterprise Mode Site List Portal
diff --git a/browsers/enterprise-mode/check-for-new-enterprise-mode-site-list-xml-file.md b/browsers/enterprise-mode/check-for-new-enterprise-mode-site-list-xml-file.md
index ad4f6bbe08..7696eedaca 100644
--- a/browsers/enterprise-mode/check-for-new-enterprise-mode-site-list-xml-file.md
+++ b/browsers/enterprise-mode/check-for-new-enterprise-mode-site-list-xml-file.md
@@ -8,8 +8,8 @@ ms.prod: ie11
ms.mktglfcycl: deploy
ms.pagetype: appcompat
ms.sitesec: library
-author: eavena
-ms.author: eravena
+author: dansimp
+ms.author: dansimp
ms.date: 08/14/2017
ms.localizationpriority: low
---
diff --git a/browsers/enterprise-mode/collect-data-using-enterprise-site-discovery.md b/browsers/enterprise-mode/collect-data-using-enterprise-site-discovery.md
index 15560fccc7..64c7c36696 100644
--- a/browsers/enterprise-mode/collect-data-using-enterprise-site-discovery.md
+++ b/browsers/enterprise-mode/collect-data-using-enterprise-site-discovery.md
@@ -2,12 +2,12 @@
ms.localizationpriority: low
ms.mktglfcycl: deploy
description: Use Internet Explorer to collect data on computers running Windows Internet Explorer 8 through Internet Explorer 11 on Windows 10, Windows 8.1, or Windows 7.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: a145e80f-eb62-4116-82c4-3cc35fd064b6
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Collect data using Enterprise Site Discovery
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/configure-settings-enterprise-mode-portal.md b/browsers/enterprise-mode/configure-settings-enterprise-mode-portal.md
index 070ab271f9..807cc8d2c8 100644
--- a/browsers/enterprise-mode/configure-settings-enterprise-mode-portal.md
+++ b/browsers/enterprise-mode/configure-settings-enterprise-mode-portal.md
@@ -3,14 +3,14 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Details about how the Administrator can use the Settings page to set up Groups and roles, the Enterprise Mode Site List Portal environment, and the freeze dates for production changes.
-author: eavena
+author: dansimp
ms.prod: ie11
title: Use the Settings page to finish setting up the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
---
# Use the Settings page to finish setting up the Enterprise Mode Site List Portal
diff --git a/browsers/enterprise-mode/create-change-request-enterprise-mode-portal.md b/browsers/enterprise-mode/create-change-request-enterprise-mode-portal.md
index 99f9640e54..cbfc5f11b5 100644
--- a/browsers/enterprise-mode/create-change-request-enterprise-mode-portal.md
+++ b/browsers/enterprise-mode/create-change-request-enterprise-mode-portal.md
@@ -3,14 +3,14 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Details about how to create a change request within the Enterprise Mode Site List Portal.
-author: eavena
+author: dansimp
ms.prod: ie11
title: Create a change request using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
---
# Create a change request using the Enterprise Mode Site List Portal
diff --git a/browsers/enterprise-mode/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md b/browsers/enterprise-mode/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
index 90cef488cc..ad225f2556 100644
--- a/browsers/enterprise-mode/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
+++ b/browsers/enterprise-mode/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
description: Delete a single site from your global Enterprise Mode site list.
ms.pagetype: appcompat
ms.mktglfcycl: deploy
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: 41413459-b57f-48da-aedb-4cbec1e2981a
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Delete sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md b/browsers/enterprise-mode/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md
index 8a17c64622..403690d64f 100644
--- a/browsers/enterprise-mode/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md
+++ b/browsers/enterprise-mode/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: You can use Internet Explorer 11 and the Enterprise Mode Site List Manager to change whether page rendering should use Enterprise Mode or the default Internet Explorer browser configuration. You can also add, remove, or delete associated comments.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: 76aa9a85-6190-4c3a-bc25-0f914de228ea
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Edit the Enterprise Mode site list using the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/enterprise-mode-overview-for-ie11.md b/browsers/enterprise-mode/enterprise-mode-overview-for-ie11.md
index 9d297faa8d..ae103d5802 100644
--- a/browsers/enterprise-mode/enterprise-mode-overview-for-ie11.md
+++ b/browsers/enterprise-mode/enterprise-mode-overview-for-ie11.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Use the topics in this section to learn how to set up and use Enterprise Mode, Enterprise Mode Site List Manager, and the Enterprise Mode Site List Portal for your company.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: d52ba8ba-b3c7-4314-ba14-0610e1d8456e
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Enterprise Mode for Internet Explorer 11 (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/enterprise-mode-schema-version-1-guidance.md b/browsers/enterprise-mode/enterprise-mode-schema-version-1-guidance.md
index 503be19c75..634fd7cd91 100644
--- a/browsers/enterprise-mode/enterprise-mode-schema-version-1-guidance.md
+++ b/browsers/enterprise-mode/enterprise-mode-schema-version-1-guidance.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Use the Enterprise Mode Site List Manager to create and update your Enterprise Mode site list for devices running Windows 7 or Windows 8.1 Update.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: 17c61547-82e3-48f2-908d-137a71938823
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Enterprise Mode schema v.1 guidance (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/enterprise-mode-schema-version-2-guidance.md b/browsers/enterprise-mode/enterprise-mode-schema-version-2-guidance.md
index 135d5914f0..70694a3df2 100644
--- a/browsers/enterprise-mode/enterprise-mode-schema-version-2-guidance.md
+++ b/browsers/enterprise-mode/enterprise-mode-schema-version-2-guidance.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Use the Enterprise Mode Site List Manager to create and update your Enterprise Mode site list for devices running Windows 10.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: 909ca359-5654-4df9-b9fb-921232fc05f5
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Enterprise Mode schema v.2 guidance (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 12/04/2017
diff --git a/browsers/enterprise-mode/enterprise-mode.md b/browsers/enterprise-mode/enterprise-mode.md
index 9e9f2933fe..30d32a8d1a 100644
--- a/browsers/enterprise-mode/enterprise-mode.md
+++ b/browsers/enterprise-mode/enterprise-mode.md
@@ -3,8 +3,8 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: security
description: Use this section to learn about how to turn on Enterprise Mode.
-author: eavena
-ms.author: eravena
+author: dansimp
+ms.author: dansimp
ms.prod: edge
ms.assetid:
ms.reviewer:
diff --git a/browsers/enterprise-mode/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md b/browsers/enterprise-mode/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md
index fe2074f29f..4f4cbb32bb 100644
--- a/browsers/enterprise-mode/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md
+++ b/browsers/enterprise-mode/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: After you create your Enterprise Mode site list in the Enterprise Mode Site List Manager, you can export the contents to an Enterprise Mode (.EMIE) file.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: 9ee7c13d-6fca-4446-bc22-d23a0213a95d
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Export your Enterprise Mode site list from the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md b/browsers/enterprise-mode/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
index a0d0943e07..a1d5a8a76b 100644
--- a/browsers/enterprise-mode/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
+++ b/browsers/enterprise-mode/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Instructions about how to clear all of the sites from your global Enterprise Mode site list.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: 90f38a6c-e0e2-4c93-9a9e-c425eca99e97
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Remove all sites from your Enterprise Mode site list using the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/remove-sites-from-a-local-compatibililty-view-list.md b/browsers/enterprise-mode/remove-sites-from-a-local-compatibililty-view-list.md
index 91bb223310..91ff0fab17 100644
--- a/browsers/enterprise-mode/remove-sites-from-a-local-compatibililty-view-list.md
+++ b/browsers/enterprise-mode/remove-sites-from-a-local-compatibililty-view-list.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Instructions about how to remove sites from a local compatibility view list.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: f6ecaa75-ebcb-4f8d-8721-4cd6e73c0ac9
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Remove sites from a local compatibility view list (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/remove-sites-from-a-local-enterprise-mode-site-list.md b/browsers/enterprise-mode/remove-sites-from-a-local-enterprise-mode-site-list.md
index 5a278479ec..4e7e10efde 100644
--- a/browsers/enterprise-mode/remove-sites-from-a-local-enterprise-mode-site-list.md
+++ b/browsers/enterprise-mode/remove-sites-from-a-local-enterprise-mode-site-list.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Instructions about how to remove sites from a local Enterprise Mode site list.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: c7d6dd0b-e264-42bb-8c9d-ac2f837018d2
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Remove sites from a local Enterprise Mode site list (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md b/browsers/enterprise-mode/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md
index 5019258eca..2cb578171f 100644
--- a/browsers/enterprise-mode/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md
+++ b/browsers/enterprise-mode/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: You can save your current Enterprise Mode compatibility site list as an XML file, for distribution and use by your managed systems.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: 254a986b-494f-4316-92c1-b089ee8b3e0a
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Save your site list to XML in the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/schedule-production-change-enterprise-mode-portal.md b/browsers/enterprise-mode/schedule-production-change-enterprise-mode-portal.md
index 455ae58820..c946663dda 100644
--- a/browsers/enterprise-mode/schedule-production-change-enterprise-mode-portal.md
+++ b/browsers/enterprise-mode/schedule-production-change-enterprise-mode-portal.md
@@ -3,14 +3,14 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Details about how Administrators can schedule approved change requests for production in the Enterprise Mode Site List Portal.
-author: eavena
+author: dansimp
ms.prod: ie11
title: Schedule approved change requests for production using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
---
# Schedule approved change requests for production using the Enterprise Mode Site List Portal
diff --git a/browsers/enterprise-mode/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md b/browsers/enterprise-mode/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
index cebf4c013d..bf7e73664e 100644
--- a/browsers/enterprise-mode/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
+++ b/browsers/enterprise-mode/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Search to see if a specific site already appears in your global Enterprise Mode site list.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: e399aeaf-6c3b-4cad-93c9-813df6ad47f9
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Search your Enterprise Mode site list in the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/set-up-enterprise-mode-logging-and-data-collection.md b/browsers/enterprise-mode/set-up-enterprise-mode-logging-and-data-collection.md
index 1be38336f5..47322f0c03 100644
--- a/browsers/enterprise-mode/set-up-enterprise-mode-logging-and-data-collection.md
+++ b/browsers/enterprise-mode/set-up-enterprise-mode-logging-and-data-collection.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Set up and turn on Enterprise Mode logging and data collection in your organization.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: 2e98a280-f677-422f-ba2e-f670362afcde
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Set up Enterprise Mode logging and data collection (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/set-up-enterprise-mode-portal.md b/browsers/enterprise-mode/set-up-enterprise-mode-portal.md
index c69c8bd895..21efc17c35 100644
--- a/browsers/enterprise-mode/set-up-enterprise-mode-portal.md
+++ b/browsers/enterprise-mode/set-up-enterprise-mode-portal.md
@@ -3,14 +3,14 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Details about how to set up the Enterprise Mode Site List Portal for your organization.
-author: eavena
+author: dansimp
ms.prod: ie11
title: Set up the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
---
# Set up the Enterprise Mode Site List Portal
diff --git a/browsers/enterprise-mode/turn-off-enterprise-mode.md b/browsers/enterprise-mode/turn-off-enterprise-mode.md
index ce1f04eaa1..d34ccca8ce 100644
--- a/browsers/enterprise-mode/turn-off-enterprise-mode.md
+++ b/browsers/enterprise-mode/turn-off-enterprise-mode.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: How to turn Enterprise Mode off temporarily while testing websites and how to turn it off completely if you no longer want to to use it.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: 5027c163-71e0-49b8-9dc0-f0a7310c7ae3
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Turn off Enterprise Mode (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/turn-on-local-control-and-logging-for-enterprise-mode.md b/browsers/enterprise-mode/turn-on-local-control-and-logging-for-enterprise-mode.md
index a8e5413241..b34f9be63f 100644
--- a/browsers/enterprise-mode/turn-on-local-control-and-logging-for-enterprise-mode.md
+++ b/browsers/enterprise-mode/turn-on-local-control-and-logging-for-enterprise-mode.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Turn on local user control and logging for Enterprise Mode.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: 6622ecce-24b1-497e-894a-e1fd5a8a66d1
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Turn on local control and logging for Enterprise Mode (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/use-the-enterprise-mode-portal.md b/browsers/enterprise-mode/use-the-enterprise-mode-portal.md
index 2b3d7225f2..010448c58d 100644
--- a/browsers/enterprise-mode/use-the-enterprise-mode-portal.md
+++ b/browsers/enterprise-mode/use-the-enterprise-mode-portal.md
@@ -9,8 +9,8 @@ ms.sitesec: library
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: eravena
-author: eavena
+ms.author: dansimp
+author: dansimp
---
# Use the Enterprise Mode Site List Portal
diff --git a/browsers/enterprise-mode/use-the-enterprise-mode-site-list-manager.md b/browsers/enterprise-mode/use-the-enterprise-mode-site-list-manager.md
index bcef67f64d..f68c42ca3c 100644
--- a/browsers/enterprise-mode/use-the-enterprise-mode-site-list-manager.md
+++ b/browsers/enterprise-mode/use-the-enterprise-mode-site-list-manager.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Use the topics in this section to learn about how to use the Enterprise Mode Site List Manager.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: f4dbed4c-08ff-40b1-ab3f-60d3b6e8ec9b
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Use the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 12/04/2017
diff --git a/browsers/enterprise-mode/using-enterprise-mode.md b/browsers/enterprise-mode/using-enterprise-mode.md
index 79575fbf26..c6f3e6048e 100644
--- a/browsers/enterprise-mode/using-enterprise-mode.md
+++ b/browsers/enterprise-mode/using-enterprise-mode.md
@@ -3,12 +3,12 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: security
description: Use this section to learn about how to turn on and use IE7 Enterprise Mode or IE8 Enterprise Mode.
-author: eavena
+author: dansimp
ms.prod: ie11
ms.assetid: 238ead3d-8920-429a-ac23-02f089c4384a
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
title: Using IE7 Enterprise Mode or IE8 Enterprise Mode (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/enterprise-mode/verify-changes-preprod-enterprise-mode-portal.md b/browsers/enterprise-mode/verify-changes-preprod-enterprise-mode-portal.md
index e003e6bc01..a72f720a3f 100644
--- a/browsers/enterprise-mode/verify-changes-preprod-enterprise-mode-portal.md
+++ b/browsers/enterprise-mode/verify-changes-preprod-enterprise-mode-portal.md
@@ -3,14 +3,14 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Details about how to make sure your change request info is accurate within the pre-production environment of the Enterprise Mode Site List Portal.
-author: eavena
+author: dansimp
ms.prod: ie11
title: Verify your changes using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
---
# Verify your changes using the Enterprise Mode Site List Portal
diff --git a/browsers/enterprise-mode/verify-changes-production-enterprise-mode-portal.md b/browsers/enterprise-mode/verify-changes-production-enterprise-mode-portal.md
index 5751efc6ef..8387697841 100644
--- a/browsers/enterprise-mode/verify-changes-production-enterprise-mode-portal.md
+++ b/browsers/enterprise-mode/verify-changes-production-enterprise-mode-portal.md
@@ -3,14 +3,14 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Details about how the Requester makes sure that the change request update is accurate within the production environment using the Enterprise Mode Site List Portal.
-author: eavena
+author: dansimp
ms.prod: ie11
title: Verify the change request update in the production environment using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
---
# Verify the change request update in the production environment using the Enterprise Mode Site List Portal
diff --git a/browsers/enterprise-mode/view-apps-enterprise-mode-site-list.md b/browsers/enterprise-mode/view-apps-enterprise-mode-site-list.md
index f81d244053..6ae2c865ea 100644
--- a/browsers/enterprise-mode/view-apps-enterprise-mode-site-list.md
+++ b/browsers/enterprise-mode/view-apps-enterprise-mode-site-list.md
@@ -3,14 +3,14 @@ ms.localizationpriority: low
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Details about how to view the active Enterprise Mode Site List from the Enterprise Mode Site List Portal.
-author: eavena
+author: dansimp
ms.prod: ie11
title: View the apps included in the active Enterprise Mode Site List from the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: eravena
+ms.author: dansimp
---
# View the apps included in the active Enterprise Mode Site List from the Enterprise Mode Site List Portal
diff --git a/browsers/includes/helpful-topics-include.md b/browsers/includes/helpful-topics-include.md
index 9d4ab636ca..0a0f72e971 100644
--- a/browsers/includes/helpful-topics-include.md
+++ b/browsers/includes/helpful-topics-include.md
@@ -24,7 +24,7 @@ ms.topic: include
- [Web Application Compatibility Lab Kit](https://technet.microsoft.com/microsoft-edge/mt612809.aspx)
-- [Microsoft Services Support](https://www.microsoft.com/en-us/microsoftservices/support.aspx)
+- [Microsoft Services Support](https://www.microsoft.com/microsoftservices/support.aspx)
- [Find a Microsoft partner on Pinpoint](https://partnercenter.microsoft.com/pcv/search)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/choose-how-to-install-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/choose-how-to-install-ie11.md
index a430073e9d..563f38160c 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/choose-how-to-install-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/choose-how-to-install-ie11.md
@@ -25,7 +25,7 @@ Before you install Internet Explorer 11, you should:
- **Choose how you'll deploy your installation package.** Your deployment method should be based on whether you're installing to computers already running Windows, or if you're deploying IE11 as part of a Windows installation.
- - **Existing computers running Windows.** Use System Center R2 2012 System Center 2012 R2 Configuration Manager, System Center Essentials 2010, Windows Server Updates Services (WSUS), or Microsoft Intune to deploy IE11. For more information about how to use these systems, see [System Center 2012 R2 Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkID=276664), [System Center Essentials 2010](https://go.microsoft.com/fwlink/p/?LinkId=395200), [Windows Server Update Services](https://go.microsoft.com/fwlink/p/?LinkID=276790), and [Microsoft Intune Overview](https://www.microsoft.com/en-us/cloud-platform/microsoft-intune).
+ - **Existing computers running Windows.** Use System Center R2 2012 System Center 2012 R2 Configuration Manager, System Center Essentials 2010, Windows Server Updates Services (WSUS), or Microsoft Intune to deploy IE11. For more information about how to use these systems, see [System Center 2012 R2 Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkID=276664), [System Center Essentials 2010](https://go.microsoft.com/fwlink/p/?LinkId=395200), [Windows Server Update Services](https://go.microsoft.com/fwlink/p/?LinkID=276790), and [Microsoft Intune Overview](https://www.microsoft.com/cloud-platform/microsoft-intune).
- **As part of a Windows deployment.** Update your Windows images to include IE11, and then add the update to your MDT deployment share or to your Windows image. For instructions about how to create and use Windows images, see [Create and Manage a Windows Image Using DISM](https://go.microsoft.com/fwlink/p/?LinkId=299408). For general information about deploying IE, see [Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?LinkId=331148), [Windows ADK Overview](https://go.microsoft.com/fwlink/p/?LinkId=276669).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/configure-settings-enterprise-mode-portal.md b/browsers/internet-explorer/ie11-deploy-guide/configure-settings-enterprise-mode-portal.md
index 502c425b80..d01fccf729 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/configure-settings-enterprise-mode-portal.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/configure-settings-enterprise-mode-portal.md
@@ -1,97 +1,98 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Details about how the Administrator can use the Settings page to set up Groups and roles, the Enterprise Mode Site List Portal environment, and the freeze dates for production changes.
-author: lomayor
-ms.prod: ie11
-title: Use the Settings page to finish setting up the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
----
-
-# Use the Settings page to finish setting up the Enterprise Mode Site List Portal
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-The **Settings** page lets anyone with Administrator rights set up groups and roles, set up the Enterprise Mode Site List Portal environment, and choose the freeze dates for production changes.
-
-## Use the Environment settings area
-This area lets you specify the location of your production and pre-production environments, where to store your attachments, your settings location, and the website domain for email notifications.
-
-**To add location info**
-1. Open the Enterprise Mode Site List Portal and click the **Settings** icon in the upper-right area of the page.
-
- The **Settings** page appears.
-
-2. In the **Environment settings** area of the page, provide the info for your **Pre-production environment**, your **Production environment**, your **Attachments location**, your **Settings location**, and your **Website domain for email notifications**.
-
-3. Click **Credentials** to add the appropriate domain, user name, and password for each location, and then click **OK**.
-
-## Use the Group and role settings area
-After you set up your email credentials, you'll be able to add or edit your Group info, along with picking which roles must be Approvers for the group.
-
-**To add a new group and determine the required change request Approvers**
-1. Open the Enterprise Mode Site List Portal and click the **Settings** icon in the upper-right area of the page.
-
- The **Settings** page appears.
-
-2. In the **Group and role settings** area of the page, click **Group details**.
-
- The **Add or edit group names** box appears.
-
-3. Click the **Add group** tab, and then add the following info:
-
- - **New group name.** Type name of your new group.
-
- - **Group head email.** Type the email address for the primary contact for the group.
-
- - **Group head name.** This box automatically fills, based on the email address.
-
- - **Active.** Click the check box to make the group active in the system. If you want to keep the group in the system, but you want to prevent access, clear this check box.
-
-4. Click **Save**.
-
-
-**To set a group's required Approvers**
-1. In the **Group and role settings** area of the page, choose the group name you want to update with Approvers from the **Group name** box.
-
-2. In the **Required approvers** area, choose which roles are required to approve a change request for the group. You can choose one or many roles.
-
- - **App Manager.** All employees in the selected group must get change request approval by someone assigned this role.
-
- You can change the name of this role by clicking the pencil icon and providing a new name in the **Edit role name** box.
-
- - **Group Head.** All employees in the selected group must get change request approval by someone assigned this role.
-
- You can change the name of this role by clicking the pencil icon and providing a new name in the **Edit role name** box.
-
- - **Administrator.** All employees in the selected group must get change request approval by someone assigned this role.
-
-## Use the Freeze production changes area
-This optional area lets you specify a period when your employees must stop adding changes to the current Enterprise Mode Site List. This must include both a start and an end date.
-
-**To add the start and end dates**
-1. Open the Enterprise Mode Site List Portal and click the **Settings** icon in the upper-right area of the page.
-
- The **Settings** page appears.
-
-2. In the **Freeze production changes** area of the page, use the calendars to provide the **Freeze start date** and the **Freeze end date**. Your employees can't add apps to the production Enterprise Mode Site List during this span of time.
-
-3. Click **Save**.
-
-## Related topics
-- [Enterprise Mode Site List Portal source code](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal)
-
-- [Enterprise Mode and the Enterprise Mode Site List](what-is-enterprise-mode.md)
-
-- [Use the Enterprise Mode Site List Manager tool or page](use-the-enterprise-mode-site-list-manager.md)
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Details about how the Administrator can use the Settings page to set up Groups and roles, the Enterprise Mode Site List Portal environment, and the freeze dates for production changes.
+author: dansimp
+ms.prod: ie11
+title: Use the Settings page to finish setting up the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+---
+
+# Use the Settings page to finish setting up the Enterprise Mode Site List Portal
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+The **Settings** page lets anyone with Administrator rights set up groups and roles, set up the Enterprise Mode Site List Portal environment, and choose the freeze dates for production changes.
+
+## Use the Environment settings area
+This area lets you specify the location of your production and pre-production environments, where to store your attachments, your settings location, and the website domain for email notifications.
+
+**To add location info**
+1. Open the Enterprise Mode Site List Portal and click the **Settings** icon in the upper-right area of the page.
+
+ The **Settings** page appears.
+
+2. In the **Environment settings** area of the page, provide the info for your **Pre-production environment**, your **Production environment**, your **Attachments location**, your **Settings location**, and your **Website domain for email notifications**.
+
+3. Click **Credentials** to add the appropriate domain, user name, and password for each location, and then click **OK**.
+
+## Use the Group and role settings area
+After you set up your email credentials, you'll be able to add or edit your Group info, along with picking which roles must be Approvers for the group.
+
+**To add a new group and determine the required change request Approvers**
+1. Open the Enterprise Mode Site List Portal and click the **Settings** icon in the upper-right area of the page.
+
+ The **Settings** page appears.
+
+2. In the **Group and role settings** area of the page, click **Group details**.
+
+ The **Add or edit group names** box appears.
+
+3. Click the **Add group** tab, and then add the following info:
+
+ - **New group name.** Type name of your new group.
+
+ - **Group head email.** Type the email address for the primary contact for the group.
+
+ - **Group head name.** This box automatically fills, based on the email address.
+
+ - **Active.** Click the check box to make the group active in the system. If you want to keep the group in the system, but you want to prevent access, clear this check box.
+
+4. Click **Save**.
+
+
+**To set a group's required Approvers**
+1. In the **Group and role settings** area of the page, choose the group name you want to update with Approvers from the **Group name** box.
+
+2. In the **Required approvers** area, choose which roles are required to approve a change request for the group. You can choose one or many roles.
+
+ - **App Manager.** All employees in the selected group must get change request approval by someone assigned this role.
+
+ You can change the name of this role by clicking the pencil icon and providing a new name in the **Edit role name** box.
+
+ - **Group Head.** All employees in the selected group must get change request approval by someone assigned this role.
+
+ You can change the name of this role by clicking the pencil icon and providing a new name in the **Edit role name** box.
+
+ - **Administrator.** All employees in the selected group must get change request approval by someone assigned this role.
+
+## Use the Freeze production changes area
+This optional area lets you specify a period when your employees must stop adding changes to the current Enterprise Mode Site List. This must include both a start and an end date.
+
+**To add the start and end dates**
+1. Open the Enterprise Mode Site List Portal and click the **Settings** icon in the upper-right area of the page.
+
+ The **Settings** page appears.
+
+2. In the **Freeze production changes** area of the page, use the calendars to provide the **Freeze start date** and the **Freeze end date**. Your employees can't add apps to the production Enterprise Mode Site List during this span of time.
+
+3. Click **Save**.
+
+## Related topics
+- [Enterprise Mode Site List Portal source code](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal)
+
+- [Enterprise Mode and the Enterprise Mode Site List](what-is-enterprise-mode.md)
+
+- [Use the Enterprise Mode Site List Manager tool or page](use-the-enterprise-mode-site-list-manager.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/create-change-request-enterprise-mode-portal.md b/browsers/internet-explorer/ie11-deploy-guide/create-change-request-enterprise-mode-portal.md
index 24e93d73e5..d15192b9d3 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/create-change-request-enterprise-mode-portal.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/create-change-request-enterprise-mode-portal.md
@@ -1,73 +1,74 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Details about how to create a change request within the Enterprise Mode Site List Portal.
-author: lomayor
-ms.prod: ie11
-title: Create a change request using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
----
-
-# Create a change request using the Enterprise Mode Site List Portal
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Employees assigned to the Requester role can create a change request. A change request is used to tell the Approvers and the Administrator that a website needs to be added or removed from the Enterprise Mode Site List. The employee can navigate to each stage of the process by using the workflow links provided at the top of each page of the portal.
-
->[!Important]
->Each Requester must have access to a test machine with Administrator rights, letting him or her get to the pre-production environment to make sure that the requested change is correct.
-
-**To create a new change request**
-1. The Requester (an employee that has been assigned the Requester role) signs into the Enterprise Mode Site List Portal, and clicks **Create new request**.
-
- The **Create new request** page appears.
-
-2. Fill out the required fields, based on the group and the app, including:
-
- - **Group name.** Select the name of your group from the dropdown box.
-
- - **App name.** Type the name of the app you want to add, delete, or update in the Enterprise Mode Site List.
-
- - **Search all apps.** If you can't remember the name of your app, you can click **Search all apps** and search the list.
-
- - **Add new app.** If your app isn't listed, you can click **Add new app** to add it to the list.
-
- - **Requested by.** Automatically filled in with your name.
-
- - **Description.** Add descriptive info about the app.
-
- - **Requested change.** Select whether you want to **Add to EMIE**, **Delete from EMIE**, or **Update to EMIE**.
-
- - **Reason for request.** Select the best reason for why you want to update, delete, or add the app.
-
- - **Business impact (optional).** An optional area where you can provide info about the business impact of this app and the change.
-
- - **App location (URL).** The full URL location to the app, starting with https:// or https://.
-
- - **App best viewed in.** Select the best browser experience for the app. This can be Internet Explorer 5 through Internet Explorer 11 or one of the IE7Enterprise or IE8Enterprise modes.
-
- - **Is an x-ua tag used?** Select **Yes** or **No** whether an x-ua-compatible tag is used by the app. For more info about x-ua-compatible tags, see the topics in [Defining document compatibility](https://msdn.microsoft.com/library/cc288325(v=vs.85).aspx).
-
-4. Click **Save and continue** to save the request and get the app info sent to the pre-production environment site list for testing.
-
- A message appears that the request was successful, including a **Request ID** number, saying that the change is being made to the pre-production environment site list.
-
-5. The Requester gets an email with a batch script, that when run, configures their test machine for the pre-production environment, along with the necessary steps to make sure the changed info is correct.
-
- - **If the change is correct.** The Requester asks the approvers to approve the change request by selecting **Successful** and clicking **Send for approval**.
-
- - **If the change is incorrect.** The Requester can rollback the change in pre-production or ask for help from the Administrator.
-
-## Next steps
-After the change request is created, the Requester must make sure the suggested changes work in the pre-production environment. For these steps, see the [Verify your changes using the Enterprise Mode Site List Portal](verify-changes-preprod-enterprise-mode-portal.md) topic.
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Details about how to create a change request within the Enterprise Mode Site List Portal.
+author: dansimp
+ms.prod: ie11
+title: Create a change request using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+---
+
+# Create a change request using the Enterprise Mode Site List Portal
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Employees assigned to the Requester role can create a change request. A change request is used to tell the Approvers and the Administrator that a website needs to be added or removed from the Enterprise Mode Site List. The employee can navigate to each stage of the process by using the workflow links provided at the top of each page of the portal.
+
+>[!Important]
+>Each Requester must have access to a test machine with Administrator rights, letting him or her get to the pre-production environment to make sure that the requested change is correct.
+
+**To create a new change request**
+1. The Requester (an employee that has been assigned the Requester role) signs into the Enterprise Mode Site List Portal, and clicks **Create new request**.
+
+ The **Create new request** page appears.
+
+2. Fill out the required fields, based on the group and the app, including:
+
+ - **Group name.** Select the name of your group from the dropdown box.
+
+ - **App name.** Type the name of the app you want to add, delete, or update in the Enterprise Mode Site List.
+
+ - **Search all apps.** If you can't remember the name of your app, you can click **Search all apps** and search the list.
+
+ - **Add new app.** If your app isn't listed, you can click **Add new app** to add it to the list.
+
+ - **Requested by.** Automatically filled in with your name.
+
+ - **Description.** Add descriptive info about the app.
+
+ - **Requested change.** Select whether you want to **Add to EMIE**, **Delete from EMIE**, or **Update to EMIE**.
+
+ - **Reason for request.** Select the best reason for why you want to update, delete, or add the app.
+
+ - **Business impact (optional).** An optional area where you can provide info about the business impact of this app and the change.
+
+ - **App location (URL).** The full URL location to the app, starting with https:// or https://.
+
+ - **App best viewed in.** Select the best browser experience for the app. This can be Internet Explorer 5 through Internet Explorer 11 or one of the IE7Enterprise or IE8Enterprise modes.
+
+ - **Is an x-ua tag used?** Select **Yes** or **No** whether an x-ua-compatible tag is used by the app. For more info about x-ua-compatible tags, see the topics in [Defining document compatibility](https://msdn.microsoft.com/library/cc288325(v=vs.85).aspx).
+
+4. Click **Save and continue** to save the request and get the app info sent to the pre-production environment site list for testing.
+
+ A message appears that the request was successful, including a **Request ID** number, saying that the change is being made to the pre-production environment site list.
+
+5. The Requester gets an email with a batch script, that when run, configures their test machine for the pre-production environment, along with the necessary steps to make sure the changed info is correct.
+
+ - **If the change is correct.** The Requester asks the approvers to approve the change request by selecting **Successful** and clicking **Send for approval**.
+
+ - **If the change is incorrect.** The Requester can rollback the change in pre-production or ask for help from the Administrator.
+
+## Next steps
+After the change request is created, the Requester must make sure the suggested changes work in the pre-production environment. For these steps, see the [Verify your changes using the Enterprise Mode Site List Portal](verify-changes-preprod-enterprise-mode-portal.md) topic.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/create-install-packages-for-multiple-operating-systems-or-languages.md b/browsers/internet-explorer/ie11-deploy-guide/create-install-packages-for-multiple-operating-systems-or-languages.md
index c69b357557..6c260e93aa 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/create-install-packages-for-multiple-operating-systems-or-languages.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/create-install-packages-for-multiple-operating-systems-or-languages.md
@@ -1,43 +1,44 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Create packages for multiple operating systems or languages
-author: lomayor
-ms.prod: ie11
-ms.assetid: 44051f9d-63a7-43bf-a427-d0a0a1c717da
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Create packages for multiple operating systems or languages (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Create packages for multiple operating systems or languages
-You'll create multiple versions of your custom browser package if:
-
-- You support more than 1 version of Windows®.
-
-- You support more than 1 language.
-
-- You have custom installation packages with only minor differences. Like, having a different phone number.
-
- **To create a new package**
-
-1. Create an installation package using the Internet Explorer Customization Wizard 11, as described in the [Internet Explorer Administration Kit 11 (IEAK 11) Customization Wizard options](../ie11-ieak/ieak11-wizard-custom-options.md) topic.
-
-2. Go to your **CIE/Custom** folder and rename the `Install.ins`file. For example, if you need a version for employees in Texas, rename the file to Texas.ins.
-
-3. Run the wizard again, using the Custom folder as the destination directory.
-**Important**
-Except for the **Title bar** text, **Favorites**, **Links bar**, **Home page**, and **Search bar**, keep all of your wizard settings the same for all of your build computers.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Create packages for multiple operating systems or languages
+author: dansimp
+ms.prod: ie11
+ms.assetid: 44051f9d-63a7-43bf-a427-d0a0a1c717da
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Create packages for multiple operating systems or languages (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Create packages for multiple operating systems or languages
+You'll create multiple versions of your custom browser package if:
+
+- You support more than 1 version of Windows®.
+
+- You support more than 1 language.
+
+- You have custom installation packages with only minor differences. Like, having a different phone number.
+
+ **To create a new package**
+
+1. Create an installation package using the Internet Explorer Customization Wizard 11, as described in the [Internet Explorer Administration Kit 11 (IEAK 11) Customization Wizard options](../ie11-ieak/ieak11-wizard-custom-options.md) topic.
+
+2. Go to your **CIE/Custom** folder and rename the `Install.ins`file. For example, if you need a version for employees in Texas, rename the file to Texas.ins.
+
+3. Run the wizard again, using the Custom folder as the destination directory.
+**Important**
+Except for the **Title bar** text, **Favorites**, **Links bar**, **Home page**, and **Search bar**, keep all of your wizard settings the same for all of your build computers.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/customize-ie11-install-packages.md b/browsers/internet-explorer/ie11-deploy-guide/customize-ie11-install-packages.md
index d5ebc1d49f..fc43585ae7 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/customize-ie11-install-packages.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/customize-ie11-install-packages.md
@@ -1,44 +1,45 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Customize Internet Explorer 11 installation packages
-author: lomayor
-ms.prod: ie11
-ms.assetid: 10a14a09-673b-4f8b-8d12-64036135e7fd
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Customize Internet Explorer 11 installation packages (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Customize Internet Explorer 11 installation packages
-You can customize Internet Explorer 11 to support various browser behaviors, multiple operating system versions and languages, and Setup information (.inf) files.
-
-|Topic |Description |
-|------------------------------------------------------------------------|----------------------------------------------------|
-|[Using IEAK 11 to create packages](using-ieak11-to-create-install-packages.md) |How to use the Internet Explorer Administration Kit 11 (IEAK 11) and the IE Customization Wizard 11 to set up, configure, deploy, and maintain IE11. |
-|[Create packages for multiple operating systems or languages](create-install-packages-for-multiple-operating-systems-or-languages.md) |How to create multiple versions of your custom installation package, to support multiple operating systems or languages. |
-|[Using .INF files to create packages](using-inf-files-to-create-install-packages.md) |How to use the Microsoft® Windows Setup Engine to automate setup tasks and customize your component installations. |
-
-
-
-In addition, you can configure IE before, during, or after deployment, using these tools:
-
-- **IE Administration Kit 11 (IEAK 11)**. Creates customized installation packages that can be deployed through your software distribution system. For more information about the IEAK 11, see [Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](../ie11-ieak/index.md).
-
-- **Group Policy**. Configures and enforces IE11 settings. For more information about settings and configuration options, see [Group policy objects and Internet Explorer 11 (IE11)](group-policy-objects-and-ie11.md).
-
-- **Unattend.xml**. Customizes some of the IE settings during your Windows installation. This option only applies if you're updating a Windows image with IE11.
**Note**
-You'll only see the new IE11 Unattend.xml settings if your Unattend.xml file's associated with a Windows image that includes the IE11 update. For more information about editing and using the Unattend.xml file, see [Unattended Windows Setup Reference](https://go.microsoft.com/fwlink/p/?LinkId=276788). For more information about using the Windows System Image Manager, see [Windows System Image Manager Technical Reference](https://go.microsoft.com/fwlink/p/?LinkId=276789).
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Customize Internet Explorer 11 installation packages
+author: dansimp
+ms.prod: ie11
+ms.assetid: 10a14a09-673b-4f8b-8d12-64036135e7fd
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Customize Internet Explorer 11 installation packages (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Customize Internet Explorer 11 installation packages
+You can customize Internet Explorer 11 to support various browser behaviors, multiple operating system versions and languages, and Setup information (.inf) files.
+
+|Topic |Description |
+|------------------------------------------------------------------------|----------------------------------------------------|
+|[Using IEAK 11 to create packages](using-ieak11-to-create-install-packages.md) |How to use the Internet Explorer Administration Kit 11 (IEAK 11) and the IE Customization Wizard 11 to set up, configure, deploy, and maintain IE11. |
+|[Create packages for multiple operating systems or languages](create-install-packages-for-multiple-operating-systems-or-languages.md) |How to create multiple versions of your custom installation package, to support multiple operating systems or languages. |
+|[Using .INF files to create packages](using-inf-files-to-create-install-packages.md) |How to use the Microsoft® Windows Setup Engine to automate setup tasks and customize your component installations. |
+
+
+
+In addition, you can configure IE before, during, or after deployment, using these tools:
+
+- **IE Administration Kit 11 (IEAK 11)**. Creates customized installation packages that can be deployed through your software distribution system. For more information about the IEAK 11, see [Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](../ie11-ieak/index.md).
+
+- **Group Policy**. Configures and enforces IE11 settings. For more information about settings and configuration options, see [Group policy objects and Internet Explorer 11 (IE11)](group-policy-objects-and-ie11.md).
+
+- **Unattend.xml**. Customizes some of the IE settings during your Windows installation. This option only applies if you're updating a Windows image with IE11.
**Note**
+You'll only see the new IE11 Unattend.xml settings if your Unattend.xml file's associated with a Windows image that includes the IE11 update. For more information about editing and using the Unattend.xml file, see [Unattended Windows Setup Reference](https://go.microsoft.com/fwlink/p/?LinkId=276788). For more information about using the Windows System Image Manager, see [Windows System Image Manager Technical Reference](https://go.microsoft.com/fwlink/p/?LinkId=276789).
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
index 71d871cad1..b2c4c0f80a 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
@@ -1,49 +1,50 @@
----
-ms.localizationpriority: medium
-description: Delete a single site from your global Enterprise Mode site list.
-ms.pagetype: appcompat
-ms.mktglfcycl: deploy
-author: lomayor
-ms.prod: ie11
-ms.assetid: 41413459-b57f-48da-aedb-4cbec1e2981a
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Delete sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Delete sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-
- **To delete a single site from your global Enterprise Mode site list**
-
-- From the Enterprise Mode Site List Manager, pick the site you want to delete, and then click **Delete**.
-The site is permanently removed from your list.
-
-If you delete a site by mistake, you’ll need to manually add it back using the instructions in the following topics, based on operating system.
-
-- [Add sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.2)](add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md)
-
-- [Add sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.1)](add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md)
-
-## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
-- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+description: Delete a single site from your global Enterprise Mode site list.
+ms.pagetype: appcompat
+ms.mktglfcycl: deploy
+author: dansimp
+ms.prod: ie11
+ms.assetid: 41413459-b57f-48da-aedb-4cbec1e2981a
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Delete sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Delete sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+
+ **To delete a single site from your global Enterprise Mode site list**
+
+- From the Enterprise Mode Site List Manager, pick the site you want to delete, and then click **Delete**.
+The site is permanently removed from your list.
+
+If you delete a site by mistake, you’ll need to manually add it back using the instructions in the following topics, based on operating system.
+
+- [Add sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.2)](add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md)
+
+- [Add sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.1)](add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md)
+
+## Related topics
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/deploy-ie11-using-automatic-version-synchronization-avs.md b/browsers/internet-explorer/ie11-deploy-guide/deploy-ie11-using-automatic-version-synchronization-avs.md
index 21baca9a6b..b9089ee16a 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/deploy-ie11-using-automatic-version-synchronization-avs.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/deploy-ie11-using-automatic-version-synchronization-avs.md
@@ -1,35 +1,36 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: You can deploy Internet Explorer 11 to your users' computers by using your custom browser packages and Automatic Version Synchronization (AVS).
-author: lomayor
-ms.prod: ie11
-ms.assetid: f51224bd-3371-4551-821d-1d62310e3384
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Deploy Internet Explorer 11 using Automatic Version Synchronization (AVS) (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-# Deploy Internet Explorer 11 using Automatic Version Synchronization (AVS)
-You can deploy Internet Explorer 11 to your users' computers by using your custom browser packages and Automatic Version Synchronization (AVS).
-
-## What is Automatic Version Synchronization?
-Automatic Version Synchronization (AVS) lets you use the Internet Explorer Administration Kit 11 (IEAK 11) to synchronize the IE11 setup files on a local computer with the latest setup files on the web.
-
-You must synchronize the setup files at least once on the local computer, for each language and operating system combination, before proceeding through the rest of the wizard. If your packages have more than one version of IE, you need to keep the versions in separate component download folders, which can be pointed to from the **File Locations** page of the IEAK 11. For more information about using the AVS feature, see [Use the Automatic Version Synchronization page in the IEAK 11 Wizard](../ie11-ieak/auto-version-sync-ieak11-wizard.md)
-.
-
-## Related topics
-- [Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](../ie11-ieak/index.md)
-- [Customize Internet Explorer 11 installation packages](customize-ie11-install-packages.md)
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: You can deploy Internet Explorer 11 to your users' computers by using your custom browser packages and Automatic Version Synchronization (AVS).
+author: dansimp
+ms.prod: ie11
+ms.assetid: f51224bd-3371-4551-821d-1d62310e3384
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Deploy Internet Explorer 11 using Automatic Version Synchronization (AVS) (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+# Deploy Internet Explorer 11 using Automatic Version Synchronization (AVS)
+You can deploy Internet Explorer 11 to your users' computers by using your custom browser packages and Automatic Version Synchronization (AVS).
+
+## What is Automatic Version Synchronization?
+Automatic Version Synchronization (AVS) lets you use the Internet Explorer Administration Kit 11 (IEAK 11) to synchronize the IE11 setup files on a local computer with the latest setup files on the web.
+
+You must synchronize the setup files at least once on the local computer, for each language and operating system combination, before proceeding through the rest of the wizard. If your packages have more than one version of IE, you need to keep the versions in separate component download folders, which can be pointed to from the **File Locations** page of the IEAK 11. For more information about using the AVS feature, see [Use the Automatic Version Synchronization page in the IEAK 11 Wizard](../ie11-ieak/auto-version-sync-ieak11-wizard.md)
+.
+
+## Related topics
+- [Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](../ie11-ieak/index.md)
+- [Customize Internet Explorer 11 installation packages](customize-ie11-install-packages.md)
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/deploy-ie11-using-software-distribution-tools.md b/browsers/internet-explorer/ie11-deploy-guide/deploy-ie11-using-software-distribution-tools.md
index 1df03c3f05..dc31c3230e 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/deploy-ie11-using-software-distribution-tools.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/deploy-ie11-using-software-distribution-tools.md
@@ -1,33 +1,34 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Deploy Internet Explorer 11 using software distribution tools
-author: lomayor
-ms.prod: ie11
-ms.assetid: fd027775-651a-41e1-8ec3-d32eca876d8a
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Deploy Internet Explorer 11 using software distribution tools (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Deploy Internet Explorer 11 using software distribution tools
-If you already manage software distribution and updates on your network through software distribution tools, you can also use these tools for ongoing deployments of Internet Explorer. Software distribution tools include:
-
-- **System Center R2 2012 System Center 2012 R2 Configuration Manager.** Deploy and install Internet Explorer 11 on your user's computers through a software distribution package. For more information about using this tool, see [System Center R2 2012 Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkID=276664).
-
-- **Windows Server Update Services (WSUS).** Download a single copy of the IE11 updates, caching them to local servers so your users' computers can receive the updates directly from the WSUS servers, instead of through Windows Update. For more information about using this tool, see [Windows Server Update Services](https://go.microsoft.com/fwlink/p/?LinkID=276790).
-
-- **Group Policy Software Installation.** Deploy and install IE11 on your user's computers through a combination of Group Policy and Microsoft Active Directory. For more information about using this tool, see [Group Policy Software Installation overview](https://go.microsoft.com/fwlink/p/?LinkId=296365).
-
-- **Microsoft Deployment Toolkit (MDT).** Add the IE11 update to your deployment share, using MDT to update your previously-deployed Windows image. For more information about using this tool, see [Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?LinkID=331148).
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Deploy Internet Explorer 11 using software distribution tools
+author: dansimp
+ms.prod: ie11
+ms.assetid: fd027775-651a-41e1-8ec3-d32eca876d8a
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Deploy Internet Explorer 11 using software distribution tools (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Deploy Internet Explorer 11 using software distribution tools
+If you already manage software distribution and updates on your network through software distribution tools, you can also use these tools for ongoing deployments of Internet Explorer. Software distribution tools include:
+
+- **System Center R2 2012 System Center 2012 R2 Configuration Manager.** Deploy and install Internet Explorer 11 on your user's computers through a software distribution package. For more information about using this tool, see [System Center R2 2012 Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkID=276664).
+
+- **Windows Server Update Services (WSUS).** Download a single copy of the IE11 updates, caching them to local servers so your users' computers can receive the updates directly from the WSUS servers, instead of through Windows Update. For more information about using this tool, see [Windows Server Update Services](https://go.microsoft.com/fwlink/p/?LinkID=276790).
+
+- **Group Policy Software Installation.** Deploy and install IE11 on your user's computers through a combination of Group Policy and Microsoft Active Directory. For more information about using this tool, see [Group Policy Software Installation overview](https://go.microsoft.com/fwlink/p/?LinkId=296365).
+
+- **Microsoft Deployment Toolkit (MDT).** Add the IE11 update to your deployment share, using MDT to update your previously-deployed Windows image. For more information about using this tool, see [Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?LinkID=331148).
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/deploy-pinned-sites-using-mdt-2013.md b/browsers/internet-explorer/ie11-deploy-guide/deploy-pinned-sites-using-mdt-2013.md
index acb447d590..567b8fbeb8 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/deploy-pinned-sites-using-mdt-2013.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/deploy-pinned-sites-using-mdt-2013.md
@@ -1,121 +1,122 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: You can pin websites to the Windows 8.1 taskbar for quick access using the Microsoft Deployment Toolkit (MDT) 2013.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 24f4dcac-9032-4fe8-bf6d-2d712d61cb0c
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Deploy pinned websites using Microsoft Deployment Toolkit (MDT) 2013 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Deploy pinned websites using Microsoft Deployment Toolkit (MDT) 2013
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-You can pin websites to the Windows 8.1 taskbar for quick access. You pin a website simply by dragging its tab to the taskbar. Some websites can also extend the icon’s Jump List.
-
-The ability to pin websites to the Windows 8.1 taskbar can help make end users in businesses more productive. As an IT professional, for example, you can pin intranet and SharePoint websites to the taskbar to make them immediately available to users. In this article, you learn how to deploy pinned websites by using Lite Touch Installation in the [Microsoft Deployment Toolkit (MDT) 2013](https://go.microsoft.com/fwlink/p/?LinkId=398474).
-
-## Deploying pinned websites in MDT 2013
-This topic requires that you have a complete MDT 2013 deployment share that contains Windows 8.1 which comes with Internet Explorer 11. If you’re deploying to Windows 7 clients and need to learn how to add IE11 to an MDT 2013 deployment share as an update, see [Installing Internet Explorer 11 using Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?LinkId=398475) in the TechNet library.
-
-Deploying pinned websites in MDT 2013 is a 4-step process:
-
-1. Create a .website file for each website that you want to deploy. When you pin a website to the taskbar, Windows 8.1 creates a .website file that describes how the icon should look and feel.
-
-2. Copy the .website files to your deployment share.
-
-3. Copy the .website files to your target computers.
-
-4. Edit the task sequence of your Unattend.xml answer files to pin the websites to the taskbar. In particular, you want to add each .website file to the **TaskbarLinks** item in Unattend.xml during oobeSystem phase. You can add up to six .website files to the **TaskbarLinks** item.
-
-Pinned websites are immediately available to every user who logs on to the computer although the user must click each icon to populate its Jump List.
-
-**Important**
-To follow the examples in this topic, you’ll need to pin the Bing (https://www.bing.com/) and MSN (https://www.msn.com/) websites to the taskbar.
-
-### Step 1: Creating .website files
-The first step is to create a .website file for each website that you want to pin to the Windows 8.1 taskbar during deployment. A .website file is like a shortcut, except it’s a plain text file that describes not only the website’s URL but also how the icon looks.
-
- **To create each .website file**
-
-1. Open the website in IE11.
-
-2. Drag the website’s tab and drop it on the Windows 8.1 taskbar.
-
-3. Go to `%USERPROFILE%\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar` in Windows Explorer, and copy the bing.website and msn.website files to your desktop.
-
-### Step 2: Copying the .website files to the deployment share
-Next, you must enable your deployment share to copy the bing.website and msn.website files to the **Start** menu on each target computer.
-
- **To copy .website files to the deployment share**
-
-1. Open your MDT 2013 deployment share in Windows Explorer.
-
-2. In the `$OEM$` folder, create the path `$1\Users\Public\Public Links`. If the `$OEM$` folder doesn’t exist, create it at the root of your deployment share.
-
-3. Copy the bing.website and msn.website files from your desktop to `$OEM$\$1\Users\Public\Public Links` in your deployment share.
-
-### Step 3: Copying .website files to target computers
-After your operating system is installed on the target computer, you need to copy the .website files over so they can be pinned to the taskbar.
-
- **To copy .website files to target computers**
-
-1. In the **Deployment Workbench** of MDT 2013, open the deployment share containing the task sequence during which you want to deploy pinned websites, and then click **Task Sequences**.
-
-2. In the right pane of the **Deployment Workbench**, right-click your task sequence (create a new one if you don’t have one yet), and click **Properties**.
-
-3. In the **Task Sequence** tab, click the **Postinstall** folder, click **General** from the **Add** button, and then click **Run Command Line**.
-
-4. Rename the newly created item to *Copy Files* and move it up to the top of the **Postinstall** folder.
-
-5. In the **Command Line** box enter the following text, `xcopy "%DEPLOYROOT%\$OEM$\$1" "%OSDisk%\" /yqe`.
-
-6. Click the **Apply** button to save your changes.
-
-### Step 4: Pinning .website files to the Taskbar
-With the .website files ready to copy to the **Public Links** folder on target computers for all users, the last step is to edit the Unattend.xml answer files to pin those .website files to the taskbar. You will need to complete the following steps for each task sequence during which you want to pin these websites to the taskbar.
-
- **To pin .website files to the Taskbar**
-
-1. Open the Windows System Image Manager (Windows SIM).
-
-2. On the **OS Info** tab, click **Edit Unattend.xml** to open the Unattend.xml file.
-
-2. In the **Windows Image** pane, under **Components** and then **Microsoft-Windows-Shell-Setup**, right-click **TaskbarLinks**, and then click **Add Setting to Pass 7 oobeSystem**.
-
-3. In the **TaskbarLinks Properties** pane, add the relative path to the target computer’s (not the deployment share’s) .website files that you created earlier. You can add up to six links to the **TaskbarLinks** item. For example, `%PUBLIC%\Users\Public\Public Links\Bing.website` and `%PUBLIC%\Users\Public\Public Links\MSN.website`
-
-4. On the **File** menu, click **Save Answer File**, and then close Windows SIM.
-
-5. To close the task sequence, click **OK**.
-
-## Updating intranet websites for pinning
-The MDT 2013 deployment share and task sequences are now ready to pin websites to the taskbar during deployment. This pinning feature can include intranet sites important in your organization.
-
-You can make your intranet websites act more like applications by extending them to fully support the Windows 8.1 taskbar. This includes creating custom Jump Lists, thumbnail previews, and notifications. For info about extending your intranet websites, see [Pinned Sites Developer Documentation](https://go.microsoft.com/fwlink/p/?LinkId=398484) on MSDN. For more ideas about what to pin, see [Add-ons](https://go.microsoft.com/fwlink/p/?LinkId=398483) in the Internet Explorer Gallery.
-
-## Related topics
-- [Unattended Windows Setup Reference](https://go.microsoft.com/fwlink/p/?LinkId=276788)
-- [Windows System Image Manager Technical Reference](https://go.microsoft.com/fwlink/p/?LinkId=276789)
-- [Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?LinkId=331148)
-- [Windows ADK Overview](https://go.microsoft.com/fwlink/p/?LinkId=276669)
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: You can pin websites to the Windows 8.1 taskbar for quick access using the Microsoft Deployment Toolkit (MDT) 2013.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 24f4dcac-9032-4fe8-bf6d-2d712d61cb0c
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Deploy pinned websites using Microsoft Deployment Toolkit (MDT) 2013 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Deploy pinned websites using Microsoft Deployment Toolkit (MDT) 2013
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+You can pin websites to the Windows 8.1 taskbar for quick access. You pin a website simply by dragging its tab to the taskbar. Some websites can also extend the icon’s Jump List.
+
+The ability to pin websites to the Windows 8.1 taskbar can help make end users in businesses more productive. As an IT professional, for example, you can pin intranet and SharePoint websites to the taskbar to make them immediately available to users. In this article, you learn how to deploy pinned websites by using Lite Touch Installation in the [Microsoft Deployment Toolkit (MDT) 2013](https://go.microsoft.com/fwlink/p/?LinkId=398474).
+
+## Deploying pinned websites in MDT 2013
+This topic requires that you have a complete MDT 2013 deployment share that contains Windows 8.1 which comes with Internet Explorer 11. If you’re deploying to Windows 7 clients and need to learn how to add IE11 to an MDT 2013 deployment share as an update, see [Installing Internet Explorer 11 using Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?LinkId=398475) in the TechNet library.
+
+Deploying pinned websites in MDT 2013 is a 4-step process:
+
+1. Create a .website file for each website that you want to deploy. When you pin a website to the taskbar, Windows 8.1 creates a .website file that describes how the icon should look and feel.
+
+2. Copy the .website files to your deployment share.
+
+3. Copy the .website files to your target computers.
+
+4. Edit the task sequence of your Unattend.xml answer files to pin the websites to the taskbar. In particular, you want to add each .website file to the **TaskbarLinks** item in Unattend.xml during oobeSystem phase. You can add up to six .website files to the **TaskbarLinks** item.
+
+Pinned websites are immediately available to every user who logs on to the computer although the user must click each icon to populate its Jump List.
+
+**Important**
+To follow the examples in this topic, you’ll need to pin the Bing (https://www.bing.com/) and MSN (https://www.msn.com/) websites to the taskbar.
+
+### Step 1: Creating .website files
+The first step is to create a .website file for each website that you want to pin to the Windows 8.1 taskbar during deployment. A .website file is like a shortcut, except it’s a plain text file that describes not only the website’s URL but also how the icon looks.
+
+ **To create each .website file**
+
+1. Open the website in IE11.
+
+2. Drag the website’s tab and drop it on the Windows 8.1 taskbar.
+
+3. Go to `%USERPROFILE%\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar` in Windows Explorer, and copy the bing.website and msn.website files to your desktop.
+
+### Step 2: Copying the .website files to the deployment share
+Next, you must enable your deployment share to copy the bing.website and msn.website files to the **Start** menu on each target computer.
+
+ **To copy .website files to the deployment share**
+
+1. Open your MDT 2013 deployment share in Windows Explorer.
+
+2. In the `$OEM$` folder, create the path `$1\Users\Public\Public Links`. If the `$OEM$` folder doesn’t exist, create it at the root of your deployment share.
+
+3. Copy the bing.website and msn.website files from your desktop to `$OEM$\$1\Users\Public\Public Links` in your deployment share.
+
+### Step 3: Copying .website files to target computers
+After your operating system is installed on the target computer, you need to copy the .website files over so they can be pinned to the taskbar.
+
+ **To copy .website files to target computers**
+
+1. In the **Deployment Workbench** of MDT 2013, open the deployment share containing the task sequence during which you want to deploy pinned websites, and then click **Task Sequences**.
+
+2. In the right pane of the **Deployment Workbench**, right-click your task sequence (create a new one if you don’t have one yet), and click **Properties**.
+
+3. In the **Task Sequence** tab, click the **Postinstall** folder, click **General** from the **Add** button, and then click **Run Command Line**.
+
+4. Rename the newly created item to *Copy Files* and move it up to the top of the **Postinstall** folder.
+
+5. In the **Command Line** box enter the following text, `xcopy "%DEPLOYROOT%\$OEM$\$1" "%OSDisk%\" /yqe`.
+
+6. Click the **Apply** button to save your changes.
+
+### Step 4: Pinning .website files to the Taskbar
+With the .website files ready to copy to the **Public Links** folder on target computers for all users, the last step is to edit the Unattend.xml answer files to pin those .website files to the taskbar. You will need to complete the following steps for each task sequence during which you want to pin these websites to the taskbar.
+
+ **To pin .website files to the Taskbar**
+
+1. Open the Windows System Image Manager (Windows SIM).
+
+2. On the **OS Info** tab, click **Edit Unattend.xml** to open the Unattend.xml file.
+
+2. In the **Windows Image** pane, under **Components** and then **Microsoft-Windows-Shell-Setup**, right-click **TaskbarLinks**, and then click **Add Setting to Pass 7 oobeSystem**.
+
+3. In the **TaskbarLinks Properties** pane, add the relative path to the target computer’s (not the deployment share’s) .website files that you created earlier. You can add up to six links to the **TaskbarLinks** item. For example, `%PUBLIC%\Users\Public\Public Links\Bing.website` and `%PUBLIC%\Users\Public\Public Links\MSN.website`
+
+4. On the **File** menu, click **Save Answer File**, and then close Windows SIM.
+
+5. To close the task sequence, click **OK**.
+
+## Updating intranet websites for pinning
+The MDT 2013 deployment share and task sequences are now ready to pin websites to the taskbar during deployment. This pinning feature can include intranet sites important in your organization.
+
+You can make your intranet websites act more like applications by extending them to fully support the Windows 8.1 taskbar. This includes creating custom Jump Lists, thumbnail previews, and notifications. For info about extending your intranet websites, see [Pinned Sites Developer Documentation](https://go.microsoft.com/fwlink/p/?LinkId=398484) on MSDN. For more ideas about what to pin, see [Add-ons](https://go.microsoft.com/fwlink/p/?LinkId=398483) in the Internet Explorer Gallery.
+
+## Related topics
+- [Unattended Windows Setup Reference](https://go.microsoft.com/fwlink/p/?LinkId=276788)
+- [Windows System Image Manager Technical Reference](https://go.microsoft.com/fwlink/p/?LinkId=276789)
+- [Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?LinkId=331148)
+- [Windows ADK Overview](https://go.microsoft.com/fwlink/p/?LinkId=276669)
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/deprecated-document-modes.md b/browsers/internet-explorer/ie11-deploy-guide/deprecated-document-modes.md
index d892799770..f0f44c2897 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/deprecated-document-modes.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/deprecated-document-modes.md
@@ -1,61 +1,62 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Windows Internet Explorer 8 introduced document modes as a way to move from the proprietary coding of web features to a more standardized type of coding that could run on multiple browsers and devices.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 00cb1f39-2b20-4d37-9436-62dc03a6320b
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Deprecated document modes and Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-# Deprecated document modes and Internet Explorer 11
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Windows Internet Explorer 8 introduced document modes as a way to move from the proprietary coding of web features to a more standardized type of coding that could run on multiple browsers and devices. Starting with Windows 10, we’re deprecating document modes.
-
-This means that while Internet Explorer 11 will continue to support document modes, Microsoft Edge won’t. And because of that, it also means that if you want to use Microsoft Edge, you’re going to have to update your legacy webpages and apps to support modern features, browsers, and devices.
-
->**Note**
->For specific details about the technologies and APIs that are no longer supported in Microsoft Edge, see [A break from the past, part 2: Saying goodbye to ActiveX, VBScript, attachEvent](https://go.microsoft.com/fwlink/p/?LinkId=615953).
-
-## What is document mode?
-Each release after Internet Explorer 8 has helped with the transition by introducing additional document modes that emulated previously supported versions, while also introducing support for features defined by industry standards. During this time, numerous websites and apps were updated to the latest and greatest industry standards, while many other sites and apps continued to simply rely on document modes to work properly.
-
-Because our goal with Microsoft Edge is to give users the best site and app viewing experience possible, we’ve decided to stop support for document modes. All websites and apps using legacy features and code will need to be updated to rely on the new modern standards and practices.
-
-If you have legacy sites and apps that can’t be updated to modern standards, you can continue to use IE11 and document modes. We recommend that you use the **IE11 Standards document mode** because it represents the highest support available for modern standards. You should also use the HTML5 document type declaration to turn on the latest supported standards while using IE11:``.
-
-## Document modes and IE11
-The compatibility improvements made in IE11 lets older websites just work in the latest standards mode, by default, without requiring emulation of the previous browser behavior. Because older websites are now just working, we’ve decided that Internet Explorer 10 document mode will be the last new document mode. Instead, developers will need to move to using the IE11 document mode going forward.
-
-## Document mode selection flowchart
-This flowchart shows how IE11 works when document modes are used.
-
-
-[Click this link to enlarge image](img-ie11-docmode-lg.md)
-
-## Known Issues with Internet Explorer 8 document mode in Enterprise Mode
-The default document mode for Enterprise Mode is Internet Explorer 8. While this mode provides a strong emulation of that browser, it isn’t an exact match. For example, Windows Internet Explorer 9 fundamentally changed how document modes work with iframes and document modes can’t undo architectural changes. It’s also a known issue that Windows 10 supports GDI font rendering while using Enterprise Mode, but uses natural metrics once outside of Enterprise Mode.
-
-## Related topics
-- [Enterprise Mode for Internet Explorer 11](enterprise-mode-overview-for-ie11.md)
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Windows Internet Explorer 8 introduced document modes as a way to move from the proprietary coding of web features to a more standardized type of coding that could run on multiple browsers and devices.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 00cb1f39-2b20-4d37-9436-62dc03a6320b
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Deprecated document modes and Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+# Deprecated document modes and Internet Explorer 11
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Windows Internet Explorer 8 introduced document modes as a way to move from the proprietary coding of web features to a more standardized type of coding that could run on multiple browsers and devices. Starting with Windows 10, we’re deprecating document modes.
+
+This means that while Internet Explorer 11 will continue to support document modes, Microsoft Edge won’t. And because of that, it also means that if you want to use Microsoft Edge, you’re going to have to update your legacy webpages and apps to support modern features, browsers, and devices.
+
+>**Note**
+>For specific details about the technologies and APIs that are no longer supported in Microsoft Edge, see [A break from the past, part 2: Saying goodbye to ActiveX, VBScript, attachEvent](https://go.microsoft.com/fwlink/p/?LinkId=615953).
+
+## What is document mode?
+Each release after Internet Explorer 8 has helped with the transition by introducing additional document modes that emulated previously supported versions, while also introducing support for features defined by industry standards. During this time, numerous websites and apps were updated to the latest and greatest industry standards, while many other sites and apps continued to simply rely on document modes to work properly.
+
+Because our goal with Microsoft Edge is to give users the best site and app viewing experience possible, we’ve decided to stop support for document modes. All websites and apps using legacy features and code will need to be updated to rely on the new modern standards and practices.
+
+If you have legacy sites and apps that can’t be updated to modern standards, you can continue to use IE11 and document modes. We recommend that you use the **IE11 Standards document mode** because it represents the highest support available for modern standards. You should also use the HTML5 document type declaration to turn on the latest supported standards while using IE11:``.
+
+## Document modes and IE11
+The compatibility improvements made in IE11 lets older websites just work in the latest standards mode, by default, without requiring emulation of the previous browser behavior. Because older websites are now just working, we’ve decided that Internet Explorer 10 document mode will be the last new document mode. Instead, developers will need to move to using the IE11 document mode going forward.
+
+## Document mode selection flowchart
+This flowchart shows how IE11 works when document modes are used.
+
+
+[Click this link to enlarge image](img-ie11-docmode-lg.md)
+
+## Known Issues with Internet Explorer 8 document mode in Enterprise Mode
+The default document mode for Enterprise Mode is Internet Explorer 8. While this mode provides a strong emulation of that browser, it isn’t an exact match. For example, Windows Internet Explorer 9 fundamentally changed how document modes work with iframes and document modes can’t undo architectural changes. It’s also a known issue that Windows 10 supports GDI font rendering while using Enterprise Mode, but uses natural metrics once outside of Enterprise Mode.
+
+## Related topics
+- [Enterprise Mode for Internet Explorer 11](enterprise-mode-overview-for-ie11.md)
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md
index 6f6339d452..8ad5f3e6ad 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md
@@ -1,53 +1,54 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: You can use Internet Explorer 11 and the Enterprise Mode Site List Manager to change whether page rendering should use Enterprise Mode or the default Internet Explorer browser configuration. You can also add, remove, or delete associated comments.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 76aa9a85-6190-4c3a-bc25-0f914de228ea
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Edit the Enterprise Mode site list using the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Edit the Enterprise Mode site list using the Enterprise Mode Site List Manager
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-You can use Internet Explorer 11 and the Enterprise Mode Site List Manager to change whether page rendering should use Enterprise Mode or the default Internet Explorer browser configuration. You can also add, remove, or delete associated comments.
-
-If you need to edit a lot of websites, you probably don’t want to do it one at a time. Instead, you can edit your saved XML or TXT file and add the sites back again. For information about how to do this, depending on your operating system and schema version, see [Add multiple sites to the Enterprise Mode site list using a file and Enterprise Mode Site List Manager (schema v.2)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md) or [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md).
-
- **To change how your page renders**
-
-1. In the Enterprise Mode Site List Manager, double-click the site you want to change.
-
-2. Change the comment or the compatibility mode option.
-
-3. Click **Save** to validate your changes and to add the updated information to your site list.
-If your change passes validation, it’s added to the global site list. If the update doesn’t pass validation, you’ll get an error message explaining the problem. You’ll then be able to either cancel the update or ignore the validation problem and add it to your list anyway. For more information about fixing validation issues, see [Fix validation problems using the Enterprise Mode Site List Manager](fix-validation-problems-using-the-enterprise-mode-site-list-manager.md).
-
-4. On the **File** menu, click **Save to XML**, and save the updated file.
-You can save the file locally or to a network share. However, you must make sure you deploy it to the location specified in your registry key. For more information about the registry key, see [Turn on Enterprise Mode and use a site list](turn-on-enterprise-mode-and-use-a-site-list.md).
-
-## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
-- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: You can use Internet Explorer 11 and the Enterprise Mode Site List Manager to change whether page rendering should use Enterprise Mode or the default Internet Explorer browser configuration. You can also add, remove, or delete associated comments.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 76aa9a85-6190-4c3a-bc25-0f914de228ea
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Edit the Enterprise Mode site list using the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Edit the Enterprise Mode site list using the Enterprise Mode Site List Manager
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+You can use Internet Explorer 11 and the Enterprise Mode Site List Manager to change whether page rendering should use Enterprise Mode or the default Internet Explorer browser configuration. You can also add, remove, or delete associated comments.
+
+If you need to edit a lot of websites, you probably don’t want to do it one at a time. Instead, you can edit your saved XML or TXT file and add the sites back again. For information about how to do this, depending on your operating system and schema version, see [Add multiple sites to the Enterprise Mode site list using a file and Enterprise Mode Site List Manager (schema v.2)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md) or [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md).
+
+ **To change how your page renders**
+
+1. In the Enterprise Mode Site List Manager, double-click the site you want to change.
+
+2. Change the comment or the compatibility mode option.
+
+3. Click **Save** to validate your changes and to add the updated information to your site list.
+If your change passes validation, it’s added to the global site list. If the update doesn’t pass validation, you’ll get an error message explaining the problem. You’ll then be able to either cancel the update or ignore the validation problem and add it to your list anyway. For more information about fixing validation issues, see [Fix validation problems using the Enterprise Mode Site List Manager](fix-validation-problems-using-the-enterprise-mode-site-list-manager.md).
+
+4. On the **File** menu, click **Save to XML**, and save the updated file.
+You can save the file locally or to a network share. However, you must make sure you deploy it to the location specified in your registry key. For more information about the registry key, see [Turn on Enterprise Mode and use a site list](turn-on-enterprise-mode-and-use-a-site-list.md).
+
+## Related topics
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/enable-and-disable-add-ons-using-administrative-templates-and-group-policy.md b/browsers/internet-explorer/ie11-deploy-guide/enable-and-disable-add-ons-using-administrative-templates-and-group-policy.md
index 4e5e30e18a..2ab127eec5 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enable-and-disable-add-ons-using-administrative-templates-and-group-policy.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enable-and-disable-add-ons-using-administrative-templates-and-group-policy.md
@@ -1,110 +1,111 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: Enable and disable add-ons using administrative templates and group policy
-ms.author: lomayor
-author: lomayor
-ms.prod: ie11
-ms.assetid: c6fe1cd3-0bfc-4d23-8016-c9601f674c0b
-ms.reviewer:
-audience: itpro
manager: dansimp
-title: Enable and disable add-ons using administrative templates and group policy (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 4/12/2018
----
-
-
-# Enable and disable add-ons using administrative templates and group policy
-Add-ons let your employees personalize Internet Explorer. You can manage IE add-ons using Group Policy and Group Policy templates.
-
-There are four types of add-ons:
-
-- **Search Providers.** Type a term and see suggestions provided by your search provider.
-
-- **Accelerators.** Highlight text on a web page and then click the blue **Accelerator** icon to email, map, search, translate, or do many other tasks.
-
-- **Web Slices.** Subscribe to parts of a website to get real-time information on the Favorites bar.
-
-- **Toolbars.** Add features (like stock tickers) to your browser.
-
-## Using the Local Group Policy Editor to manage group policy objects
-You can use the Local Group Policy Editor to change how add-ons work in your organization.
-
- **To manage add-ons**
-
-1. In the Local Group Policy Editor, go to `Computer Configuration\Administrative Templates\Windows Components\Internet Explorer`.
-
-2. Change any or all of these settings to match your company’s policy and requirements.
-
- - Turn off add-on performance notifications
-
- - Automatically activate newly installed add-ons
-
- - Do not allow users to enable or disable add-ons
-
-3. Go into the **Internet Control Panel\\Advance Page** folder, where you can change:
-
- - Do not allow resetting IE settings
-
- - Allow third-party browser extensions
-
-4. Go into the **Security Features\\Add-on Management** folder, where you can change:
-
- - Add-on List
-
- - Deny all add-ons unless specifically allowed in the Add-on List
-
- - Turn off Adobe Flash in IE and prevent applications from using IE technology to instantiate Flash objects
-
-5. Close the Local Group Policy Editor when you’re done.
-
-## Using the CLSID and Administrative Templates to manage group policy objects
-Every add-on has a Class ID (CLSID) that you use to enable and disable specific add-ons, using Group Policy and Administrative Templates.
-
- **To manage add-ons**
-
-1. Get the CLSID for the add-on you want to enable or disable:
-
- 1. Open IE, click **Tools**, and then click **Manage Add-ons**.
-
- 2. Double-click the add-on you want to change.
-
- 3. In the More Information dialog, click **Copy** and then click **Close**.
-
- 4. Open Notepad and paste the information for the add-on.
-
- 5. On the Manage Add-ons windows, click **Close**.
-
- 6. On the Internet Options dialog, click **Close** and then close IE.
-
-2. From the copied information, select and copy just the **Class ID** value.
-
- >[!NOTE]
- >You want to copy the curly brackets as well as the CLSID: **{47833539-D0C5-4125-9FA8-0819E2EAAC93}**.
-
-3. Open the Group Policy Management Editor and go to: Computer Configuration\Policies\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management.
-
**-OR-**
-Open the Local Group Policy Editor and go to: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management.
-
-4. Open the **Add-on List** Group Policy Object, select **Enabled**, and then click **Show**.
The Show Contents dialog appears.
-
-6. In **Value Name**, paste the Class ID for your add-on, for example, **{47833539-D0C5-4125-9FA8-0819E2EAAC93}**.
-
-6. In **Value**, enter one of the following:
-
- - **0**. The add-on is disabled and your employees can’t change it.
-
- - **1**. The add-on is enabled and your employees can’t change it.
-
- - **2**. The add-on is enabled and your employees can change it.
-
-7. Close the Show Contents dialog.
-
-7. In the Group Policy editor, go to: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer.
-
-8. Double-click **Automatically activate/enable newly installed add-ons** and select **Enabled**.
Enabling turns off the message prompting you to Enable or Don't enable the add-on.
-
-7. Click **OK** twice to close the Group Policy editor.
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: Enable and disable add-ons using administrative templates and group policy
+ms.author: dansimp
+author: dansimp
+ms.prod: ie11
+ms.assetid: c6fe1cd3-0bfc-4d23-8016-c9601f674c0b
+ms.reviewer:
+audience: itpro
+manager: dansimp
+title: Enable and disable add-ons using administrative templates and group policy (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 4/12/2018
+---
+
+
+# Enable and disable add-ons using administrative templates and group policy
+Add-ons let your employees personalize Internet Explorer. You can manage IE add-ons using Group Policy and Group Policy templates.
+
+There are four types of add-ons:
+
+- **Search Providers.** Type a term and see suggestions provided by your search provider.
+
+- **Accelerators.** Highlight text on a web page and then click the blue **Accelerator** icon to email, map, search, translate, or do many other tasks.
+
+- **Web Slices.** Subscribe to parts of a website to get real-time information on the Favorites bar.
+
+- **Toolbars.** Add features (like stock tickers) to your browser.
+
+## Using the Local Group Policy Editor to manage group policy objects
+You can use the Local Group Policy Editor to change how add-ons work in your organization.
+
+ **To manage add-ons**
+
+1. In the Local Group Policy Editor, go to `Computer Configuration\Administrative Templates\Windows Components\Internet Explorer`.
+
+2. Change any or all of these settings to match your company’s policy and requirements.
+
+ - Turn off add-on performance notifications
+
+ - Automatically activate newly installed add-ons
+
+ - Do not allow users to enable or disable add-ons
+
+3. Go into the **Internet Control Panel\\Advance Page** folder, where you can change:
+
+ - Do not allow resetting IE settings
+
+ - Allow third-party browser extensions
+
+4. Go into the **Security Features\\Add-on Management** folder, where you can change:
+
+ - Add-on List
+
+ - Deny all add-ons unless specifically allowed in the Add-on List
+
+ - Turn off Adobe Flash in IE and prevent applications from using IE technology to instantiate Flash objects
+
+5. Close the Local Group Policy Editor when you’re done.
+
+## Using the CLSID and Administrative Templates to manage group policy objects
+Every add-on has a Class ID (CLSID) that you use to enable and disable specific add-ons, using Group Policy and Administrative Templates.
+
+ **To manage add-ons**
+
+1. Get the CLSID for the add-on you want to enable or disable:
+
+ 1. Open IE, click **Tools**, and then click **Manage Add-ons**.
+
+ 2. Double-click the add-on you want to change.
+
+ 3. In the More Information dialog, click **Copy** and then click **Close**.
+
+ 4. Open Notepad and paste the information for the add-on.
+
+ 5. On the Manage Add-ons windows, click **Close**.
+
+ 6. On the Internet Options dialog, click **Close** and then close IE.
+
+2. From the copied information, select and copy just the **Class ID** value.
+
+ >[!NOTE]
+ >You want to copy the curly brackets as well as the CLSID: **{47833539-D0C5-4125-9FA8-0819E2EAAC93}**.
+
+3. Open the Group Policy Management Editor and go to: Computer Configuration\Policies\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management.
+
**-OR-**
+Open the Local Group Policy Editor and go to: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management.
+
+4. Open the **Add-on List** Group Policy Object, select **Enabled**, and then click **Show**.
The Show Contents dialog appears.
+
+6. In **Value Name**, paste the Class ID for your add-on, for example, **{47833539-D0C5-4125-9FA8-0819E2EAAC93}**.
+
+6. In **Value**, enter one of the following:
+
+ - **0**. The add-on is disabled and your employees can’t change it.
+
+ - **1**. The add-on is enabled and your employees can’t change it.
+
+ - **2**. The add-on is enabled and your employees can change it.
+
+7. Close the Show Contents dialog.
+
+7. In the Group Policy editor, go to: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer.
+
+8. Double-click **Automatically activate/enable newly installed add-ons** and select **Enabled**.
Enabling turns off the message prompting you to Enable or Don't enable the add-on.
+
+7. Click **OK** twice to close the Group Policy editor.
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/enhanced-protected-mode-problems-with-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/enhanced-protected-mode-problems-with-ie11.md
index d1ac1a3190..d0998607dc 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enhanced-protected-mode-problems-with-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enhanced-protected-mode-problems-with-ie11.md
@@ -1,30 +1,31 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: Enhanced Protected Mode problems with Internet Explorer
-author: lomayor
-ms.prod: ie11
-ms.assetid: 15890ad1-733d-4f7e-a318-10399b389f45
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Enhanced Protected Mode problems with Internet Explorer (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Enhanced Protected Mode problems with Internet Explorer
-Enhanced Protected Mode further restricts Protected Mode to deny potential attackers access to sensitive or personal information. If this feature is turned on, users might start to see errors asking them to turn it off, like **This webpage wants to run "npctrl.dll. If you trust this site, you can disable Enhanced Protected Mode for this site to run the control**. If your users click the **Disable** box, Enhanced Protected Mode is turned off for only the single visit to that specific site. After the user leaves the site, Enhanced Protected Mode is automatically turned back on.
-
-You can use your company’s Group Policy to turn Enhanced Protected Mode on or off for all users. For more information, see the [Group policy objects and Internet Explorer 11 (IE11)](group-policy-objects-and-ie11.md) information in this guide.
-
-For more information about Enhanced Protected Mode, see the [Enhanced Protected Mode](https://go.microsoft.com/fwlink/p/?LinkId=267512) post on IEBlog, and both the [Understanding Enhanced Protected Mode](https://go.microsoft.com/fwlink/p/?LinkId=282662) and the [Enhanced Protected Mode and Local Files](https://go.microsoft.com/fwlink/p/?LinkId=282663) blog posts on IEInternals.
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: Enhanced Protected Mode problems with Internet Explorer
+author: dansimp
+ms.prod: ie11
+ms.assetid: 15890ad1-733d-4f7e-a318-10399b389f45
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Enhanced Protected Mode problems with Internet Explorer (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Enhanced Protected Mode problems with Internet Explorer
+Enhanced Protected Mode further restricts Protected Mode to deny potential attackers access to sensitive or personal information. If this feature is turned on, users might start to see errors asking them to turn it off, like **This webpage wants to run "npctrl.dll. If you trust this site, you can disable Enhanced Protected Mode for this site to run the control**. If your users click the **Disable** box, Enhanced Protected Mode is turned off for only the single visit to that specific site. After the user leaves the site, Enhanced Protected Mode is automatically turned back on.
+
+You can use your company’s Group Policy to turn Enhanced Protected Mode on or off for all users. For more information, see the [Group policy objects and Internet Explorer 11 (IE11)](group-policy-objects-and-ie11.md) information in this guide.
+
+For more information about Enhanced Protected Mode, see the [Enhanced Protected Mode](https://go.microsoft.com/fwlink/p/?LinkId=267512) post on IEBlog, and both the [Understanding Enhanced Protected Mode](https://go.microsoft.com/fwlink/p/?LinkId=282662) and the [Enhanced Protected Mode and Local Files](https://go.microsoft.com/fwlink/p/?LinkId=282663) blog posts on IEInternals.
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-overview-for-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-overview-for-ie11.md
index 2059dff44a..71104a8786 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-overview-for-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-overview-for-ie11.md
@@ -1,55 +1,56 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Use the topics in this section to learn how to set up and use Enterprise Mode, Enterprise Mode Site List Manager, and the Enterprise Mode Site List Portal for your company.
-author: lomayor
-ms.prod: ie11
-ms.assetid: d52ba8ba-b3c7-4314-ba14-0610e1d8456e
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Enterprise Mode for Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Enterprise Mode for Internet Explorer 11
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Use the topics in this section to learn how to set up and use Enterprise Mode and the Enterprise Mode Site List Manager in your company.
-
-## In this section
-
-|Topic |Description |
-|---------------------------------------------------------------|-----------------------------------------------------------------------------------|
-|[Enterprise Mode and the Enterprise Mode Site List](what-is-enterprise-mode.md)|Includes descriptions of the features of Enterprise Mode. |
-|[Set up Enterprise Mode logging and data collection](set-up-enterprise-mode-logging-and-data-collection.md) |Guidance about how to turn on local control of Enterprise Mode and how to use ASP or the GitHub sample to collect data from your local computers. |
-|[Turn on Enterprise Mode and use a site list](turn-on-enterprise-mode-and-use-a-site-list.md) |Guidance about how to turn on Enterprise Mode and set up a site list, using Group Policy or the registry. |
-|[Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md) |Guidance about how to write the XML for your site list, including what not to include, how to use trailing slashes, and info about how to target specific sites. |
-|[Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md) |Guidance about how to write the XML for your site list, including what not to include, how to use trailing slashes, and info about how to target specific sites. |
-|[Check for a new Enterprise Mode site list xml file](check-for-new-enterprise-mode-site-list-xml-file.md) |Guidance about how the Enterprise Mode functionality looks for your updated site list. |
-|[Turn on local control and logging for Enterprise Mode](turn-on-local-control-and-logging-for-enterprise-mode.md) |Guidance about how to turn on local control of Enterprise Mode, using Group Policy or the registry.|
-|[Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md) |Guidance about how to use the Enterprise Mode Site List Manager, including how to add and update sites on your site list. |
-|[Use the Enterprise Mode Site List Portal](use-the-enterprise-mode-portal.md) |Guidance about how to set up and use the Enterprise Mode Site List Manager, including how to add and update sites on your site list. |
-|[Using Enterprise Mode](using-enterprise-mode.md) |Guidance about how to turn on either IE7 Enterprise Mode or IE8 Enterprise Mode. |
-|[Fix web compatibility issues using document modes and the Enterprise Mode Site List](fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md) |Guidance about how to decide and test whether to use document modes or Enterprise Mode to help fix compatibility issues. |
-|[Remove sites from a local Enterprise Mode site list](remove-sites-from-a-local-enterprise-mode-site-list.md) |Guidance about how to remove websites from a device's local Enterprise Mode site list. |
-|[Remove sites from a local compatibility view list](remove-sites-from-a-local-compatibililty-view-list.md) |Guidance about how to remove websites from a device's local compatibility view list. |
-|[Turn off Enterprise Mode](turn-off-enterprise-mode.md) |Guidance about how to stop using your site list and how to turn off local control, using Group Policy or the registry. |
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Use the topics in this section to learn how to set up and use Enterprise Mode, Enterprise Mode Site List Manager, and the Enterprise Mode Site List Portal for your company.
+author: dansimp
+ms.prod: ie11
+ms.assetid: d52ba8ba-b3c7-4314-ba14-0610e1d8456e
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Enterprise Mode for Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Enterprise Mode for Internet Explorer 11
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Use the topics in this section to learn how to set up and use Enterprise Mode and the Enterprise Mode Site List Manager in your company.
+
+## In this section
+
+|Topic |Description |
+|---------------------------------------------------------------|-----------------------------------------------------------------------------------|
+|[Enterprise Mode and the Enterprise Mode Site List](what-is-enterprise-mode.md)|Includes descriptions of the features of Enterprise Mode. |
+|[Set up Enterprise Mode logging and data collection](set-up-enterprise-mode-logging-and-data-collection.md) |Guidance about how to turn on local control of Enterprise Mode and how to use ASP or the GitHub sample to collect data from your local computers. |
+|[Turn on Enterprise Mode and use a site list](turn-on-enterprise-mode-and-use-a-site-list.md) |Guidance about how to turn on Enterprise Mode and set up a site list, using Group Policy or the registry. |
+|[Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md) |Guidance about how to write the XML for your site list, including what not to include, how to use trailing slashes, and info about how to target specific sites. |
+|[Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md) |Guidance about how to write the XML for your site list, including what not to include, how to use trailing slashes, and info about how to target specific sites. |
+|[Check for a new Enterprise Mode site list xml file](check-for-new-enterprise-mode-site-list-xml-file.md) |Guidance about how the Enterprise Mode functionality looks for your updated site list. |
+|[Turn on local control and logging for Enterprise Mode](turn-on-local-control-and-logging-for-enterprise-mode.md) |Guidance about how to turn on local control of Enterprise Mode, using Group Policy or the registry.|
+|[Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md) |Guidance about how to use the Enterprise Mode Site List Manager, including how to add and update sites on your site list. |
+|[Use the Enterprise Mode Site List Portal](use-the-enterprise-mode-portal.md) |Guidance about how to set up and use the Enterprise Mode Site List Manager, including how to add and update sites on your site list. |
+|[Using Enterprise Mode](using-enterprise-mode.md) |Guidance about how to turn on either IE7 Enterprise Mode or IE8 Enterprise Mode. |
+|[Fix web compatibility issues using document modes and the Enterprise Mode Site List](fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md) |Guidance about how to decide and test whether to use document modes or Enterprise Mode to help fix compatibility issues. |
+|[Remove sites from a local Enterprise Mode site list](remove-sites-from-a-local-enterprise-mode-site-list.md) |Guidance about how to remove websites from a device's local Enterprise Mode site list. |
+|[Remove sites from a local compatibility view list](remove-sites-from-a-local-compatibililty-view-list.md) |Guidance about how to remove websites from a device's local compatibility view list. |
+|[Turn off Enterprise Mode](turn-off-enterprise-mode.md) |Guidance about how to stop using your site list and how to turn off local control, using Group Policy or the registry. |
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
index 3e8e129b3d..ff09fe4405 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
@@ -1,236 +1,237 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Use the Enterprise Mode Site List Manager to create and update your Enterprise Mode site list for devices running Windows 7 or Windows 8.1 Update.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 17c61547-82e3-48f2-908d-137a71938823
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Enterprise Mode schema v.1 guidance (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Enterprise Mode schema v.1 guidance
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-
-Use the Enterprise Mode Site List Manager (schema v.1) to create and update your Enterprise Mode site list for devices running the v.1 version of the schema, or the Enterprise Mode Site List Manager (schema v.2) to create and update your Enterprise Mode site list for devices running the v.2 version of the schema. We strongly recommend moving to the new schema, v.2. For more info, see [Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md).
-
-If you don't want to use the Enterprise Mode Site List Manager, you also have the option to update your XML schema using Notepad, or any other XML-editing app.
-
-## Enterprise Mode schema v.1 example
-The following is an example of the Enterprise Mode schema v.1. This schema can run on devices running Windows 7 and Windows 8.1.
-
-**Important**
-Make sure that you don't specify a protocol when adding your URLs. Using a URL like `contoso.com` automatically applies to both https://contoso.com and https://contoso.com.
-
-``` xml
-
-
- www.cpandl.com
- www.woodgrovebank.com
- adatum.com
- contoso.com
- relecloud.com
- /about
-
- fabrikam.com
- /products
-
-
-
- contoso.com
- /travel
-
- fabrikam.com
- /products
-
-
-
-```
-
-### Schema elements
-This table includes the elements used by the Enterprise Mode schema.
-
-
-
-
-
-
-
-| <rules> |
-Root node for the schema.
- Example
-
-<rules version="205">
- <emie>
- <domain>contoso.com</domain>
- </emie>
-</rules> |
-Internet Explorer 11 and Microsoft Edge |
-
-
-| <emie> |
-The parent node for the Enterprise Mode section of the schema. All <domain> entries will have either IE8 Enterprise Mode or IE7 Enterprise Mode applied.
- Example
-
-<rules version="205">
- <emie>
- <domain>contoso.com</domain>
- </emie>
-</rules>
--or-
-For IPv6 ranges: <rules version="205">
- <emie>
- <domain>[10.122.34.99]:8080</domain>
- </emie>
- </rules>
--or-
-For IPv4 ranges: <rules version="205">
- <emie>
- <domain>10.122.34.99:8080</domain>
- </emie>
- </rules> |
-Internet Explorer 11 and Microsoft Edge |
-
-
-| <docMode> |
-The parent node for the document mode section of the section. All <domain> entries will get IE5 - IE11 document modes applied. If there's a <domain> element in the <docMode> section that uses the same value as a <domain> element in the <emie> section, the <emie> element is applied.
- Example
-
-<rules version="205">
- <docMode>
- <domain docMode="7">contoso.com</domain>
- </docMode>
-</rules> |
-Internet Explorer 11 |
-
-
-| <domain> |
-A unique entry added for each site you want to put on the Enterprise Mode site list. The first <domain> element will overrule any additional <domain> elements that use the same value for the section. You can use port numbers for this element.
- Example
-
-<emie>
- <domain>contoso.com:8080</domain>
-</emie> |
-Internet Explorer 11 and Microsoft Edge |
-
-
-| <path> |
-A unique entry added for each path under a domain you want to put on the Enterprise Mode site list. The <path> element is a child of the <domain> element. Additionally, the first <path> element will overrule any additional <path> elements in the schema section.
- Example
-
-<emie>
- <domain exclude="true">fabrikam.com
- <path exclude="false">/products</path>
- </domain>
-</emie>
-Where https://fabrikam.com doesn't use IE8 Enterprise Mode, but https://fabrikam.com/products does. |
-Internet Explorer 11 and Microsoft Edge |
-
-
-
-### Schema attributes
-This table includes the attributes used by the Enterprise Mode schema.
-
-
-
-
-
-
-
-| <version> |
-Specifies the version of the Enterprise Mode Site List. This attribute is supported for the <rules> element. |
-Internet Explorer 11 and Microsoft Edge |
-
-
-| <exclude> |
-Specifies the domain or path excluded from applying the behavior and is supported on the <domain> and <path> elements.
- Example
-
-<emie>
- <domain exclude="false">fabrikam.com
- <path exclude="true">/products</path>
- </domain>
-</emie>
-Where https://fabrikam.com uses IE8 Enterprise Mode, but https://fabrikam.com/products does not. |
-Internet Explorer 11 and Microsoft Edge |
-
-
-| <docMode> |
-Specifies the document mode to apply. This attribute is only supported on <domain> or <path> elements in the <docMode> section.
- Example
-
-<docMode>
- <domain exclude="false">fabrikam.com
- <path docMode="7">/products</path>
- </domain>
-</docMode> |
-Internet Explorer 11 |
-
-
-
-### Using Enterprise Mode and document mode together
-If you want to use both Enterprise Mode and document mode together, you need to be aware that <emie> entries override <docMode> entries for the same domain.
-
-For example, say you want all of the sites in the contoso.com domain to open using IE8 Enterprise Mode, except test.contoso.com, which needs to open in document mode 11. Because Enterprise Mode takes precedence over document mode, if you want test.contoso.com to open using document mode, you'll need to explicitly add it as an exclusion to the <emie> parent node.
-
-```xml
-
-
- contoso.com
- test.contoso.com
-
-
- test.contoso.com
-
-
-```
-
-### What not to include in your schema
-We recommend that you not add any of the following items to your schema because they can make your compatibility list behave in unexpected ways:
-- Don’t use protocols. For example, `https://`, `https://`, or custom protocols. They break parsing.
-- Don’t use wildcards.
-- Don’t use query strings, ampersands break parsing.
-
-## How to use trailing slashes
-You can use trailing slashes at the path-level, but not at the domain-level:
-- **Domain-level.** Don’t add trailing slashes to a domain, it breaks parsing.
-- **Path-level.** Adding a trailing slash to a path means that the path ends at that point. By not adding a trailing slash, the rule applies to all of the sub-paths.
-
-**Example**
-
-``` xml
-contoso.com
- /about/
-
-```
-In this example, `contoso.com/about/careers` will use the default version of Internet Explorer, even though `contoso.com/about/` uses Enterprise Mode.
-
-
-## How to target specific sites
-If you want to target specific sites in your organization.
-
-|Targeted site |Example |Explanation |
-|--------------|--------|------------|
-|You can specify subdomains in the domain tag. |<docMode>
<domain docMode="5">contoso.com</domain>
<domain docMode="9">info.contoso.com</domain>
<docMode> |- contoso.com uses document mode 5.
- info.contoso.com uses document mode 9.
- test.contoso.com also uses document mode 5.
|
-|You can specify exact URLs by listing the full path. |<emie>
<domain exclude="false">bing.com</domain>
<domain exclude="false" forceCompatView="true">contoso.com</domain>
<emie>|- bing.com uses IE8 Enterprise Mode.
- contoso.com uses IE7 Enterprise Mode.
|
-|You can nest paths underneath domains. |<emie>
<domain exclude="true">contoso.com
<path exclude="false">/about</path>
<path exclude="true">
/about/business</path>
</domain>
</emie> |- contoso.com will use the default version of IE.
- contoso.com/about and everything underneath that node will load in Enterprise Mode, except contoso.com/about/business, which will load in the default version of IE.
|
-|You can’t add a path underneath a path. The file will still be parsed, but the sub-path will be ignored. |<emie>
<domain exclude="true">contoso.com
<path>/about
<path exclude="true">/business</path>
</path>
</domain>
</emie> |- contoso.com will use the default version of IE.
- contoso.com/about and everything underneath that node will load in Enterprise Mode, including contoso.com/about/business because the last rule is ignored.
|
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Use the Enterprise Mode Site List Manager to create and update your Enterprise Mode site list for devices running Windows 7 or Windows 8.1 Update.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 17c61547-82e3-48f2-908d-137a71938823
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Enterprise Mode schema v.1 guidance (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Enterprise Mode schema v.1 guidance
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+
+Use the Enterprise Mode Site List Manager (schema v.1) to create and update your Enterprise Mode site list for devices running the v.1 version of the schema, or the Enterprise Mode Site List Manager (schema v.2) to create and update your Enterprise Mode site list for devices running the v.2 version of the schema. We strongly recommend moving to the new schema, v.2. For more info, see [Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md).
+
+If you don't want to use the Enterprise Mode Site List Manager, you also have the option to update your XML schema using Notepad, or any other XML-editing app.
+
+## Enterprise Mode schema v.1 example
+The following is an example of the Enterprise Mode schema v.1. This schema can run on devices running Windows 7 and Windows 8.1.
+
+> [!IMPORTANT]
+> Make sure that you don't specify a protocol when adding your URLs. Using a URL like `contoso.com` automatically applies to both http://contoso.com and https://contoso.com.
+
+```xml
+
+
+ www.cpandl.com
+ www.woodgrovebank.com
+ adatum.com
+ contoso.com
+ relecloud.com
+ /about
+
+ fabrikam.com
+ /products
+
+
+
+ contoso.com
+ /travel
+
+ fabrikam.com
+ /products
+
+
+
+```
+
+### Schema elements
+This table includes the elements used by the Enterprise Mode schema.
+
+
+
+
+
+
+
+| <rules> |
+Root node for the schema.
+ Example
+
+<rules version="205">
+ <emie>
+ <domain>contoso.com</domain>
+ </emie>
+</rules> |
+Internet Explorer 11 and Microsoft Edge |
+
+
+| <emie> |
+The parent node for the Enterprise Mode section of the schema. All <domain> entries will have either IE8 Enterprise Mode or IE7 Enterprise Mode applied.
+ Example
+
+<rules version="205">
+ <emie>
+ <domain>contoso.com</domain>
+ </emie>
+</rules>
+-or-
+For IPv6 ranges: <rules version="205">
+ <emie>
+ <domain>[10.122.34.99]:8080</domain>
+ </emie>
+ </rules>
+-or-
+For IPv4 ranges: <rules version="205">
+ <emie>
+ <domain>10.122.34.99:8080</domain>
+ </emie>
+ </rules> |
+Internet Explorer 11 and Microsoft Edge |
+
+
+| <docMode> |
+The parent node for the document mode section of the section. All <domain> entries will get IE5 - IE11 document modes applied. If there's a <domain> element in the <docMode> section that uses the same value as a <domain> element in the <emie> section, the <emie> element is applied.
+ Example
+
+<rules version="205">
+ <docMode>
+ <domain docMode="7">contoso.com</domain>
+ </docMode>
+</rules> |
+Internet Explorer 11 |
+
+
+| <domain> |
+A unique entry added for each site you want to put on the Enterprise Mode site list. The first <domain> element will overrule any additional <domain> elements that use the same value for the section. You can use port numbers for this element.
+ Example
+
+<emie>
+ <domain>contoso.com:8080</domain>
+</emie> |
+Internet Explorer 11 and Microsoft Edge |
+
+
+| <path> |
+A unique entry added for each path under a domain you want to put on the Enterprise Mode site list. The <path> element is a child of the <domain> element. Additionally, the first <path> element will overrule any additional <path> elements in the schema section.
+ Example
+
+<emie>
+ <domain exclude="true">fabrikam.com
+ <path exclude="false">/products</path>
+ </domain>
+</emie>
+Where https://fabrikam.com doesn't use IE8 Enterprise Mode, but https://fabrikam.com/products does. |
+Internet Explorer 11 and Microsoft Edge |
+
+
+
+### Schema attributes
+This table includes the attributes used by the Enterprise Mode schema.
+
+
+
+
+
+
+
+| <version> |
+Specifies the version of the Enterprise Mode Site List. This attribute is supported for the <rules> element. |
+Internet Explorer 11 and Microsoft Edge |
+
+
+| <exclude> |
+Specifies the domain or path excluded from applying the behavior and is supported on the <domain> and <path> elements.
+ Example
+
+<emie>
+ <domain exclude="false">fabrikam.com
+ <path exclude="true">/products</path>
+ </domain>
+</emie>
+Where https://fabrikam.com uses IE8 Enterprise Mode, but https://fabrikam.com/products does not. |
+Internet Explorer 11 and Microsoft Edge |
+
+
+| <docMode> |
+Specifies the document mode to apply. This attribute is only supported on <domain> or <path> elements in the <docMode> section.
+ Example
+
+<docMode>
+ <domain exclude="false">fabrikam.com
+ <path docMode="7">/products</path>
+ </domain>
+</docMode> |
+Internet Explorer 11 |
+
+
+
+### Using Enterprise Mode and document mode together
+If you want to use both Enterprise Mode and document mode together, you need to be aware that <emie> entries override <docMode> entries for the same domain.
+
+For example, say you want all of the sites in the contoso.com domain to open using IE8 Enterprise Mode, except test.contoso.com, which needs to open in document mode 11. Because Enterprise Mode takes precedence over document mode, if you want test.contoso.com to open using document mode, you'll need to explicitly add it as an exclusion to the <emie> parent node.
+
+```xml
+
+
+ contoso.com
+ test.contoso.com
+
+
+ test.contoso.com
+
+
+```
+
+### What not to include in your schema
+We recommend that you not add any of the following items to your schema because they can make your compatibility list behave in unexpected ways:
+- Don’t use protocols. For example, `http://`, `https://`, or custom protocols. They break parsing.
+- Don’t use wildcards.
+- Don’t use query strings, ampersands break parsing.
+
+## How to use trailing slashes
+You can use trailing slashes at the path-level, but not at the domain-level:
+- **Domain-level.** Don’t add trailing slashes to a domain, it breaks parsing.
+- **Path-level.** Adding a trailing slash to a path means that the path ends at that point. By not adding a trailing slash, the rule applies to all of the sub-paths.
+
+**Example**
+
+```xml
+contoso.com
+ /about/
+
+```
+In this example, `contoso.com/about/careers` will use the default version of Internet Explorer, even though `contoso.com/about/` uses Enterprise Mode.
+
+
+## How to target specific sites
+If you want to target specific sites in your organization.
+
+|Targeted site |Example |Explanation |
+|--------------|--------|------------|
+|You can specify subdomains in the domain tag. |<docMode>
<domain docMode="5">contoso.com</domain>
<domain docMode="9">info.contoso.com</domain>
<docMode> |- contoso.com uses document mode 5.
- info.contoso.com uses document mode 9.
- test.contoso.com also uses document mode 5.
|
+|You can specify exact URLs by listing the full path. |<emie>
<domain exclude="false">bing.com</domain>
<domain exclude="false" forceCompatView="true">contoso.com</domain>
<emie>|- bing.com uses IE8 Enterprise Mode.
- contoso.com uses IE7 Enterprise Mode.
|
+|You can nest paths underneath domains. |<emie>
<domain exclude="true">contoso.com
<path exclude="false">/about</path>
<path exclude="true">
/about/business</path>
</domain>
</emie> |- contoso.com will use the default version of IE.
- contoso.com/about and everything underneath that node will load in Enterprise Mode, except contoso.com/about/business, which will load in the default version of IE.
|
+|You can’t add a path underneath a path. The file will still be parsed, but the sub-path will be ignored. |<emie>
<domain exclude="true">contoso.com
<path>/about
<path exclude="true">/business</path>
</path>
</domain>
</emie> |- contoso.com will use the default version of IE.
- contoso.com/about and everything underneath that node will load in Enterprise Mode, including contoso.com/about/business because the last rule is ignored.
|
diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md
index 17e4e860cf..4bcf595aeb 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md
@@ -3,13 +3,13 @@ ms.localizationpriority: medium
ms.mktglfcycl: deploy
ms.pagetype: appcompat
description: Use the Enterprise Mode Site List Manager to create and update your Enterprise Mode site list for devices running Windows 10.
-author: lomayor
+author: dansimp
ms.prod: ie11
ms.assetid: 909ca359-5654-4df9-b9fb-921232fc05f5
ms.reviewer:
audience: itpro
manager: dansimp
-ms.author: lomayor
+ms.author: dansimp
title: Enterprise Mode schema v.2 guidance (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 12/04/2017
@@ -26,8 +26,8 @@ ms.date: 12/04/2017
Use the Enterprise Mode Site List Manager to create and update your site list for devices running Windows 7, Windows 8.1, and Windows 10, using the version 2.0 (v.2) of the Enterprise Mode schema. If you don't want to use the Enterprise Mode Site List Manager, you also have the option to update your XML schema using Notepad, or any other XML-editing app.
-**Important**
-If you're running Windows 7 or Windows 8.1 and you've been using the version 1.0 (v.1) of the schema, you can continue to do so, but you won't get the benefits that come with the updated schema. For info about the v.1 schema, see [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md).
+> [!IMPORTANT]
+> If you're running Windows 7 or Windows 8.1 and you've been using the version 1.0 (v.1) of the schema, you can continue to do so, but you won't get the benefits that come with the updated schema. For info about the v.1 schema, see [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md).
## Enterprise Mode schema v.2 updates
Because of the schema changes, you can't combine the old version (v.1) with the new version (v.2) of the schema. If you look at your XML file, you can tell which version you're using by:
@@ -41,10 +41,10 @@ You can continue to use the v.1 version of the schema on Windows 10, but you wo
### Enterprise Mode v.2 schema example
The following is an example of the v.2 version of the Enterprise Mode schema.
-**Important**
-Make sure that you don't specify a protocol when adding your URLs. Using a URL like ``, automatically applies to both https://contoso.com and https://contoso.com.
+> [!IMPORTANT]
+> Make sure that you don't specify a protocol when adding your URLs. Using a URL like ``, automatically applies to both http://contoso.com and https://contoso.com.
-``` xml
+```xml
@@ -214,7 +214,7 @@ In this example, if https://contoso.com and https://contoso.com.
+Make sure that you don't specify a protocol. Using <site url="contoso.com"> applies to both http://contoso.com and https://contoso.com.
Example
<site url="contoso.com:8080">
@@ -284,19 +284,15 @@ With:
While the old, replaced attributes aren't supported in the v.2 version of the schema, they'll continue to work in the v.1 version of the schema. If, however, you're using the v.2 version of the schema and these attributes are still there, the v.2 version schema takes precedence. We don’t recommend combining the two schemas, and instead recommend that you move to the v.2 version of the schema to take advantage of the new features.
-**Important**
-Saving your v.1 version of the file using the new Enterprise Mode Site List Manager (schema v.2) automatically updates the XML to the new v.2 version of the schema.
+> [!IMPORTANT]
+> Saving your v.1 version of the file using the new Enterprise Mode Site List Manager (schema v.2) automatically updates the XML to the new v.2 version of the schema.
### What not to include in your schema
We recommend that you not add any of the following items to your schema because they can make your compatibility list behave in unexpected ways:
-- Don’t use protocols. For example, https://, https://, or custom protocols. They break parsing.
+- Don’t use protocols. For example, `http://`, `https://`, or custom protocols. They break parsing.
- Don’t use wildcards.
- Don’t use query strings, ampersands break parsing.
## Related topics
- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-
-
-
-
diff --git a/browsers/internet-explorer/ie11-deploy-guide/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md
index abb8513201..cf235b25aa 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md
@@ -1,49 +1,50 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: After you create your Enterprise Mode site list in the Enterprise Mode Site List Manager, you can export the contents to an Enterprise Mode (.EMIE) file.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 9ee7c13d-6fca-4446-bc22-d23a0213a95d
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Export your Enterprise Mode site list from the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Export your Enterprise Mode site list from the Enterprise Mode Site List Manager
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-After you create your Enterprise Mode site list in the Enterprise Mode Site List Manager, you can export the contents to an Enterprise Mode (.EMIE) file. This file includes all of your URLs, including your compatibility mode selections and should be stored somewhere safe. If your list gets deleted by mistake you can easily import this file and return everything back to when this file was last saved.
-
-**Important**
-This file is not intended for distribution to your managed devices. Instead, it is only for transferring data and comments from one manager to another. For example, if one administrator leaves and passes the existing data to another administrator. Internet Explorer doesn’t read this file.
-
- **To export your compatibility list**
-
-1. On the **File** menu of the Enterprise Mode Site List Manager, click **Export**.
-
-2. Export the file to your selected location. For example, `C:\Users\\Documents\sites.emie`.
-
-## Related topics
-
-- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
-- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: After you create your Enterprise Mode site list in the Enterprise Mode Site List Manager, you can export the contents to an Enterprise Mode (.EMIE) file.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 9ee7c13d-6fca-4446-bc22-d23a0213a95d
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Export your Enterprise Mode site list from the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Export your Enterprise Mode site list from the Enterprise Mode Site List Manager
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+After you create your Enterprise Mode site list in the Enterprise Mode Site List Manager, you can export the contents to an Enterprise Mode (.EMIE) file. This file includes all of your URLs, including your compatibility mode selections and should be stored somewhere safe. If your list gets deleted by mistake you can easily import this file and return everything back to when this file was last saved.
+
+**Important**
+This file is not intended for distribution to your managed devices. Instead, it is only for transferring data and comments from one manager to another. For example, if one administrator leaves and passes the existing data to another administrator. Internet Explorer doesn’t read this file.
+
+ **To export your compatibility list**
+
+1. On the **File** menu of the Enterprise Mode Site List Manager, click **Export**.
+
+2. Export the file to your selected location. For example, `C:\Users\\Documents\sites.emie`.
+
+## Related topics
+
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md b/browsers/internet-explorer/ie11-deploy-guide/fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md
index a48b0e5732..f1d72eb1a1 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md
@@ -1,109 +1,110 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: The Internet Explorer 11 Enterprise Mode site list lets you specify document modes for specific websites, helping you fix compatibility issues without changing a single line of code on the site.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 4b21bb27-aeac-407f-ae58-ab4c6db2baf6
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Fix web compatibility issues using document modes and the Enterprise Mode site list (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Fix web compatibility issues using document modes and the Enterprise Mode site list
-The Internet Explorer 11 Enterprise Mode site list lets you specify document modes for specific websites, helping you fix compatibility issues without changing a single line of code on the site. This addition to the site list is a continuation of our commitment to help you upgrade and stay up-to-date on the latest version of Internet Explorer, while still preserving your investments in existing apps.
-
-## What does this mean for me?
-Enterprises can have critical apps that are coded explicitly for a specific browser version and that might not be in their direct control, making it very difficult and expensive to update to modern standards or newer browser versions. Because you can decide which URLs should open using specific document modes, this update helps ensure better compatibility, faster upgrades, and reduced testing and fixing costs.
-
-## How does this fix work?
-You can continue to use your legacy and orphaned web apps, by specifying a document mode in the centralized Enterprise Mode site list. Then, when IE11 goes to a site on your list, the browser loads the page in the specified document mode just as it would if it were specified through an X-UA-Compatible meta tag on the site. For more information about document modes and X-UA-compatible headers, see [Defining document compatibility](https://go.microsoft.com/fwlink/p/?LinkId=518412).
-
-**Important**
-Enterprise Mode takes precedence over document modes, so sites that are already included in the Enterprise Mode site list won’t be affected by this update and will continue to load in Enterprise Mode, as usual.
-
-### When do I use document modes versus Enterprise Mode?
-While the `` functionality provides great compatibility for you on Windows Internet Explorer 8 or Windows Internet Explorer 7, the new `` capabilities can help you stay up-to-date regardless of which versions of IE are running in your environment. Because of this, we recommend starting your testing process like this:
-
-- If your enterprise primarily uses Internet Explorer 8 or Internet Explorer 7 start testing using Enterprise Mode.
-
-- If your enterprise primarily uses Windows Internet Explorer 9 or Internet Explorer 10, start testing using the various document modes.
-
-Because you might have multiple versions of IE deployed, you might need to use both Enterprise Mode and document modes to effectively move to IE11.
-
-### Test your sites for document mode compatibility
-To see if this fix might help you, run through this process one step at a time, for each of your problematic sites:
-
-1. Go to a site having compatibility problems, press **F12** to open the **F12 Developer Tools**, and go to the **Emulation** tool.
-
- 
-
-2. Starting with the **11 (Default)** option, test your broken scenario.
-If that doesn’t work, continue down to the next lowest document mode, stopping as soon as you find a document mode that fixes your problems. For more information about the Emulation tool, see [Emulate browsers, screen sizes, and GPS locations](https://go.microsoft.com/fwlink/p/?LinkId=518417).
-
-3. If none of the document modes fix your issue, change the **Browser Profile** to **Enterprise**, pick the mode you want to test with starting with **8** (IE8 Enterprise Mode), and then test your broken scenario.
-
-### Add your site to the Enterprise Mode site list
-After you’ve figured out the document mode that fixes your compatibility problems, you can add the site to your Enterprise Mode site list.
-
-**Note**
-There are two versions of the Enterprise Mode site list schema and the Enterprise Mode Site List Manager, based on your operating system. For more info about the schemas, see [Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md) or [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md). For more info about the different site list management tools, see [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md).
-
- **To add your site to the site list**
-
-1. Open the Enterprise Mode Site List Manager, and click **Add**.
-
- 
-
-2. Add the **URL** and pick the document mode from the **Launch in** box. This should be the same document mode you found fixed your problems while testing the site.
-Similar to Enterprise Mode, you can specify a document mode for a particular web path—such as contoso.com/ERP—or at a domain level. In the above, the entire contoso.com domain loads in Enterprise Mode, while microsoft.com is forced to load into IE8 Document Mode and bing.com loads in IE11.
-
-**Note**
-For more information about Enterprise Mode, see [What is Enterprise Mode?](what-is-enterprise-mode.md) For more information about the Enterprise Mode Site List Manager and how to add sites to your site list, see [Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md).
-
-
-### Review your Enterprise Mode site list
-Take a look at your Enterprise Mode site list and make sure everything is the way you want it. The next step will be to turn the list on and start to use it in your company. The Enterprise Mode Site List Manager will look something like:
-
-
-
-And the underlying XML code will look something like:
-
-``` xml
-
-
- bing.com/images
- www.msn.com/news
-
-
-
- timecard
- tar
- msdn.microsoft.com
-
-
-```
-
-### Turn on Enterprise Mode and using your site list
-If you haven’t already turned on Enterprise Mode for your company, you’ll need to do that. You can turn on Enterprise Mode using Group Policy or your registry. For specific instructions and details, see [Turn on Enterprise Mode and use a site list](turn-on-enterprise-mode-and-use-a-site-list.md).
-
-## Turn off default Compatibility View for your intranet sites
-By default, IE11 uses the **Display intranet sites in Compatibility View** setting. However, we’ve heard your feedback and know that you might want to turn this functionality off so you can continue to upgrade your web apps to more modern standards.
-
-To help you move forward, you can now use the Enterprise Mode site list to specify sites or web paths to use the IE7 document mode, which goes down to IE5 “Quirks” mode if the page doesn’t have an explicit `DOCTYPE` tag. Using this document mode effectively helps you provide the Compatibility View functionality for single sites or a group of sites, which after thorough testing, can help you turn off Compatibility View as the default setting for your intranet sites.
-
-## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
-- [Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: The Internet Explorer 11 Enterprise Mode site list lets you specify document modes for specific websites, helping you fix compatibility issues without changing a single line of code on the site.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 4b21bb27-aeac-407f-ae58-ab4c6db2baf6
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Fix web compatibility issues using document modes and the Enterprise Mode site list (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Fix web compatibility issues using document modes and the Enterprise Mode site list
+The Internet Explorer 11 Enterprise Mode site list lets you specify document modes for specific websites, helping you fix compatibility issues without changing a single line of code on the site. This addition to the site list is a continuation of our commitment to help you upgrade and stay up-to-date on the latest version of Internet Explorer, while still preserving your investments in existing apps.
+
+## What does this mean for me?
+Enterprises can have critical apps that are coded explicitly for a specific browser version and that might not be in their direct control, making it very difficult and expensive to update to modern standards or newer browser versions. Because you can decide which URLs should open using specific document modes, this update helps ensure better compatibility, faster upgrades, and reduced testing and fixing costs.
+
+## How does this fix work?
+You can continue to use your legacy and orphaned web apps, by specifying a document mode in the centralized Enterprise Mode site list. Then, when IE11 goes to a site on your list, the browser loads the page in the specified document mode just as it would if it were specified through an X-UA-Compatible meta tag on the site. For more information about document modes and X-UA-compatible headers, see [Defining document compatibility](https://go.microsoft.com/fwlink/p/?LinkId=518412).
+
+**Important**
+Enterprise Mode takes precedence over document modes, so sites that are already included in the Enterprise Mode site list won’t be affected by this update and will continue to load in Enterprise Mode, as usual.
+
+### When do I use document modes versus Enterprise Mode?
+While the `` functionality provides great compatibility for you on Windows Internet Explorer 8 or Windows Internet Explorer 7, the new `` capabilities can help you stay up-to-date regardless of which versions of IE are running in your environment. Because of this, we recommend starting your testing process like this:
+
+- If your enterprise primarily uses Internet Explorer 8 or Internet Explorer 7 start testing using Enterprise Mode.
+
+- If your enterprise primarily uses Windows Internet Explorer 9 or Internet Explorer 10, start testing using the various document modes.
+
+Because you might have multiple versions of IE deployed, you might need to use both Enterprise Mode and document modes to effectively move to IE11.
+
+### Test your sites for document mode compatibility
+To see if this fix might help you, run through this process one step at a time, for each of your problematic sites:
+
+1. Go to a site having compatibility problems, press **F12** to open the **F12 Developer Tools**, and go to the **Emulation** tool.
+
+ 
+
+2. Starting with the **11 (Default)** option, test your broken scenario.
+If that doesn’t work, continue down to the next lowest document mode, stopping as soon as you find a document mode that fixes your problems. For more information about the Emulation tool, see [Emulate browsers, screen sizes, and GPS locations](https://go.microsoft.com/fwlink/p/?LinkId=518417).
+
+3. If none of the document modes fix your issue, change the **Browser Profile** to **Enterprise**, pick the mode you want to test with starting with **8** (IE8 Enterprise Mode), and then test your broken scenario.
+
+### Add your site to the Enterprise Mode site list
+After you’ve figured out the document mode that fixes your compatibility problems, you can add the site to your Enterprise Mode site list.
+
+**Note**
+There are two versions of the Enterprise Mode site list schema and the Enterprise Mode Site List Manager, based on your operating system. For more info about the schemas, see [Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md) or [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md). For more info about the different site list management tools, see [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md).
+
+ **To add your site to the site list**
+
+1. Open the Enterprise Mode Site List Manager, and click **Add**.
+
+ 
+
+2. Add the **URL** and pick the document mode from the **Launch in** box. This should be the same document mode you found fixed your problems while testing the site.
+Similar to Enterprise Mode, you can specify a document mode for a particular web path—such as contoso.com/ERP—or at a domain level. In the above, the entire contoso.com domain loads in Enterprise Mode, while microsoft.com is forced to load into IE8 Document Mode and bing.com loads in IE11.
+
+**Note**
+For more information about Enterprise Mode, see [What is Enterprise Mode?](what-is-enterprise-mode.md) For more information about the Enterprise Mode Site List Manager and how to add sites to your site list, see [Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md).
+
+
+### Review your Enterprise Mode site list
+Take a look at your Enterprise Mode site list and make sure everything is the way you want it. The next step will be to turn the list on and start to use it in your company. The Enterprise Mode Site List Manager will look something like:
+
+
+
+And the underlying XML code will look something like:
+
+``` xml
+
+
+ bing.com/images
+ www.msn.com/news
+
+
+
+ timecard
+ tar
+ msdn.microsoft.com
+
+
+```
+
+### Turn on Enterprise Mode and using your site list
+If you haven’t already turned on Enterprise Mode for your company, you’ll need to do that. You can turn on Enterprise Mode using Group Policy or your registry. For specific instructions and details, see [Turn on Enterprise Mode and use a site list](turn-on-enterprise-mode-and-use-a-site-list.md).
+
+## Turn off default Compatibility View for your intranet sites
+By default, IE11 uses the **Display intranet sites in Compatibility View** setting. However, we’ve heard your feedback and know that you might want to turn this functionality off so you can continue to upgrade your web apps to more modern standards.
+
+To help you move forward, you can now use the Enterprise Mode site list to specify sites or web paths to use the IE7 document mode, which goes down to IE5 “Quirks” mode if the page doesn’t have an explicit `DOCTYPE` tag. Using this document mode effectively helps you provide the Compatibility View functionality for single sites or a group of sites, which after thorough testing, can help you turn off Compatibility View as the default setting for your intranet sites.
+
+## Related topics
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/fix-validation-problems-using-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/fix-validation-problems-using-the-enterprise-mode-site-list-manager.md
index 852ac4ae6c..c3c7ead8ff 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/fix-validation-problems-using-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/fix-validation-problems-using-the-enterprise-mode-site-list-manager.md
@@ -1,48 +1,49 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: When you add multiple sites to your Enterprise Mode site list entries, they’re validated by the Enterprise Mode Site List Manager before they’re entered into your global list.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 9f80e39f-dcf1-4124-8931-131357f31d67
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Fix validation problems using the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Fix validation problems using the Enterprise Mode Site List Manager
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-When you add multiple sites to your Enterprise Mode site list entries, they’re validated by the Enterprise Mode Site List Manager before they’re entered into your global list. If a site doesn’t pass validation, you’ll have a couple of options to address it.
-
-There are typically 3 types of errors you’ll see:
-
-- **Validation**. The site caused a validation error. Typically these occur because of typos, malformed URLs, or access-related issues. You can pick the site, click **Add to list** to ignore the problem and accept the site to your site list, or you can click **OK** to keep the site off of your site list.
-
-- **Duplicate**. The site already exists in the global compatibility list with a different compatibility mode. For example, the site was originally rendered in Enterprise Mode, but this update is for Default IE. You can pick the site, click **Add to list** to ignore the problem and accept the change to your site list, or you can click **OK** to keep your original compatibility mode.
-
-- **Redirection**. This is the least common type of validation error. Typically in this situation, a site redirects from an easy-to-remember URL to a longer URL. Like `\\tar` redirects to `\\timecard`. You can add the short URL or you can add both the short and long versions to your list.
-Another possibility is that redirection happens multiple times, with an intermediary site experiencing compatibility issues. For example, an employee types a short URL that then redirects multiple times, finally ending up on a non-intranet site. In this situation, you might want to add the intermediary URLs to your Enterprise Mode site list, in case there’s logic in one of them that has compatibility issues.
-
-## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
-- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: When you add multiple sites to your Enterprise Mode site list entries, they’re validated by the Enterprise Mode Site List Manager before they’re entered into your global list.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 9f80e39f-dcf1-4124-8931-131357f31d67
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Fix validation problems using the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Fix validation problems using the Enterprise Mode Site List Manager
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+When you add multiple sites to your Enterprise Mode site list entries, they’re validated by the Enterprise Mode Site List Manager before they’re entered into your global list. If a site doesn’t pass validation, you’ll have a couple of options to address it.
+
+There are typically 3 types of errors you’ll see:
+
+- **Validation**. The site caused a validation error. Typically these occur because of typos, malformed URLs, or access-related issues. You can pick the site, click **Add to list** to ignore the problem and accept the site to your site list, or you can click **OK** to keep the site off of your site list.
+
+- **Duplicate**. The site already exists in the global compatibility list with a different compatibility mode. For example, the site was originally rendered in Enterprise Mode, but this update is for Default IE. You can pick the site, click **Add to list** to ignore the problem and accept the change to your site list, or you can click **OK** to keep your original compatibility mode.
+
+- **Redirection**. This is the least common type of validation error. Typically in this situation, a site redirects from an easy-to-remember URL to a longer URL. Like `\\tar` redirects to `\\timecard`. You can add the short URL or you can add both the short and long versions to your list.
+Another possibility is that redirection happens multiple times, with an intermediary site experiencing compatibility issues. For example, an employee types a short URL that then redirects multiple times, finally ending up on a non-intranet site. In this situation, you might want to add the intermediary URLs to your Enterprise Mode site list, in case there’s logic in one of them that has compatibility issues.
+
+## Related topics
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-advanced-group-policy-mgmt-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-advanced-group-policy-mgmt-ie11.md
index 859cf8fbb7..d2fadc609c 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-advanced-group-policy-mgmt-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-advanced-group-policy-mgmt-ie11.md
@@ -1,43 +1,44 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: Overview about Group Policy, Advanced Group Policy Management (AGPM), and Internet Explorer 11
-author: lomayor
-ms.prod: ie11
-ms.assetid: 63a7ef4a-6de2-4d08-aaba-0479131e3406
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Group Policy, Advanced Group Policy Management (AGPM), and Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Group Policy, Advanced Group Policy Management (AGPM), and Internet Explorer 11
-Advanced Group Policy Management (AGPM) is an add-on license that available for the Microsoft Desktop Optimization Pack (MDOP). This license gives you change control and a role assignment-model that helps optimize Group Policy management and reduce the risk of widespread failures.
-
-From AGPM you can:
-
-- **Edit GPOs outside of your production environment.** Your GPOs are stored in an outside archive for editing, reviewing, and approving. Then, when you deploy, AGPM moves the GPOs to your production environment.
-
-- **Assign roles to your employees.** You can assign 3 roles to your employees or groups, including:
-
- - **Reviewer.** Can view and compare GPOs in the archive. This role can't edit or deploy GPOs.
-
- - **Editor.** Can view, compare, check-in and out, and edit GPOs in the archive. This role can also request GPO deployment.
-
- - **Approver.** Can approve GPO creation and deployment to the production environment.
-
-- **Manage your GPO lifecycle with change control features.** You can use the available version-control, history, and auditing features to help you manage your GPOs while moving through your archive, to your editing process, and finally to your GPO deployment.
-
-**Note**
-For more information about AGPM, and to get the license, see [Advanced Group Policy Management 4.0 Documents](https://www.microsoft.com/en-us/download/details.aspx?id=13975).
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: Overview about Group Policy, Advanced Group Policy Management (AGPM), and Internet Explorer 11
+author: dansimp
+ms.prod: ie11
+ms.assetid: 63a7ef4a-6de2-4d08-aaba-0479131e3406
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Group Policy, Advanced Group Policy Management (AGPM), and Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Group Policy, Advanced Group Policy Management (AGPM), and Internet Explorer 11
+Advanced Group Policy Management (AGPM) is an add-on license that available for the Microsoft Desktop Optimization Pack (MDOP). This license gives you change control and a role assignment-model that helps optimize Group Policy management and reduce the risk of widespread failures.
+
+From AGPM you can:
+
+- **Edit GPOs outside of your production environment.** Your GPOs are stored in an outside archive for editing, reviewing, and approving. Then, when you deploy, AGPM moves the GPOs to your production environment.
+
+- **Assign roles to your employees.** You can assign 3 roles to your employees or groups, including:
+
+ - **Reviewer.** Can view and compare GPOs in the archive. This role can't edit or deploy GPOs.
+
+ - **Editor.** Can view, compare, check-in and out, and edit GPOs in the archive. This role can also request GPO deployment.
+
+ - **Approver.** Can approve GPO creation and deployment to the production environment.
+
+- **Manage your GPO lifecycle with change control features.** You can use the available version-control, history, and auditing features to help you manage your GPOs while moving through your archive, to your editing process, and finally to your GPO deployment.
+
+**Note**
+For more information about AGPM, and to get the license, see [Advanced Group Policy Management 4.0 Documents](https://www.microsoft.com/download/details.aspx?id=13975).
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-group-policy-mgmt-console-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-group-policy-mgmt-console-ie11.md
index 3c121b3e5e..df5754f0b6 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-group-policy-mgmt-console-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-group-policy-mgmt-console-ie11.md
@@ -1,48 +1,49 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: Overview about Group Policy, the Group Policy Management Console (GPMC), and Internet Explorer 11
-author: lomayor
-ms.prod: ie11
-ms.assetid: ae3d227d-3da7-46b8-8a61-c71bfeae0c63
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Group Policy, the Group Policy Management Console (GPMC), and Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Group Policy, the Group Policy Management Console (GPMC), and Internet Explorer 11
-A Microsoft Management Console (MMC)-based tool that uses scriptable interfaces to manage Group Policy. The 32-bit and 64-bit versions are included with Windows Server R2 with Service Pack 1 (SP1) and Windows Server 2012 R2.
-
-## Why use the GPMC?
-The GPMC lets you:
-
-- Import, export, copy, paste, backup and restore GPOs.
-
-- Search for existing GPOs.
-
-- Create reports, including providing the Resultant Set of Policy (RSoP) data in HTML reports that you can save and print.
-
-- Use simulated RSoP data to prototype your Group Policy before implementing it in the production environment.
-
-- Obtain RSoP data to view your GPO interactions and to troubleshoot your Group Policy deployment.
-
-- Create migration tables to let you import and copy GPOs across domains and across forests. Migration tables are files that map references to users, groups, computers, and Universal Naming Convention (UNC) paths in the source GPO to new values in the destination GPO.
-
-- Create scriptable interfaces to support all of the operations available within the GPMC. You can't use scripts to edit individual policy settings in a GPO.
-
-For more information about the GPMC, see [Group Policy Management Console](https://go.microsoft.com/fwlink/p/?LinkId=214515) on TechNet.
-
-## Searching for Group Policy settings
-To search for Group Policy settings in the Group Policy Management Console (GPMC), use the [Group Policy Search tool](https://go.microsoft.com/fwlink/p/?LinkId=279857). To find the Group Policy settings, click **Windows Components**, and then click **Internet Explorer**.
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: Overview about Group Policy, the Group Policy Management Console (GPMC), and Internet Explorer 11
+author: dansimp
+ms.prod: ie11
+ms.assetid: ae3d227d-3da7-46b8-8a61-c71bfeae0c63
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Group Policy, the Group Policy Management Console (GPMC), and Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Group Policy, the Group Policy Management Console (GPMC), and Internet Explorer 11
+A Microsoft Management Console (MMC)-based tool that uses scriptable interfaces to manage Group Policy. The 32-bit and 64-bit versions are included with Windows Server R2 with Service Pack 1 (SP1) and Windows Server 2012 R2.
+
+## Why use the GPMC?
+The GPMC lets you:
+
+- Import, export, copy, paste, backup and restore GPOs.
+
+- Search for existing GPOs.
+
+- Create reports, including providing the Resultant Set of Policy (RSoP) data in HTML reports that you can save and print.
+
+- Use simulated RSoP data to prototype your Group Policy before implementing it in the production environment.
+
+- Obtain RSoP data to view your GPO interactions and to troubleshoot your Group Policy deployment.
+
+- Create migration tables to let you import and copy GPOs across domains and across forests. Migration tables are files that map references to users, groups, computers, and Universal Naming Convention (UNC) paths in the source GPO to new values in the destination GPO.
+
+- Create scriptable interfaces to support all of the operations available within the GPMC. You can't use scripts to edit individual policy settings in a GPO.
+
+For more information about the GPMC, see [Group Policy Management Console](https://go.microsoft.com/fwlink/p/?LinkId=214515) on TechNet.
+
+## Searching for Group Policy settings
+To search for Group Policy settings in the Group Policy Management Console (GPMC), use the [Group Policy Search tool](https://go.microsoft.com/fwlink/p/?LinkId=279857). To find the Group Policy settings, click **Windows Components**, and then click **Internet Explorer**.
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-ie11.md
index 574b7f8895..d80c5af350 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-ie11.md
@@ -1,48 +1,49 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: Use the topics in this section to learn about Group Policy and how to use it to manage Internet Explorer.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 50383d3f-9ac9-4a30-8852-354b6eb9434a
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Group Policy and Internet Explorer 11 (IE11) (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Group Policy and Internet Explorer 11 (IE11)
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Use the topics in this section to learn about Group Policy and how to use it to manage Internet Explorer.
-
-## In this section
-
-|Topic |Description |
-|----------------------------------------------------|-----------------------------------------------------------------|
-|[New group policy settings for Internet Explorer 11](new-group-policy-settings-for-ie11.md) |Info about many of the new group policy settings added for Internet Explorer 11. |
-|[Group Policy management tools](group-policy-objects-and-ie11.md) |Guidance about how to use Microsoft Active Directory Domain Services (AD DS) to manage your Group Policy settings. |
-|[ActiveX installation using group policy](activex-installation-using-group-policy.md) |Info about using the ActiveX Installer Service (AXIS) and Group Policy to manage your ActiveX control deployment. |
-|[Group Policy and compatibility with Internet Explorer 11](group-policy-compatibility-with-ie11.md) |Our Group Policy recommendations for security, performance, and compatibility with previous versions of IE, regardless of which Zone the website is in. |
-|[Group policy preferences and Internet Explorer 11](group-policy-preferences-and-ie11.md) |Info about Group Policy preferences, as compared to Group Policy settings. |
-|[Administrative templates and Internet Explorer 11](administrative-templates-and-ie11.md) |Info about Administrative Templates, including where to store them and the related Group Policy settings. |
-|[Enable and disable add\-ons using administrative templates and group policy](enable-and-disable-add-ons-using-administrative-templates-and-group-policy.md) |Guidance about how to use your local Group Policy editor or the CLSID and Administrative Templates to manage your Group Policy objects.
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: Use the topics in this section to learn about Group Policy and how to use it to manage Internet Explorer.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 50383d3f-9ac9-4a30-8852-354b6eb9434a
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Group Policy and Internet Explorer 11 (IE11) (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Group Policy and Internet Explorer 11 (IE11)
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Use the topics in this section to learn about Group Policy and how to use it to manage Internet Explorer.
+
+## In this section
+
+|Topic |Description |
+|----------------------------------------------------|-----------------------------------------------------------------|
+|[New group policy settings for Internet Explorer 11](new-group-policy-settings-for-ie11.md) |Info about many of the new group policy settings added for Internet Explorer 11. |
+|[Group Policy management tools](group-policy-objects-and-ie11.md) |Guidance about how to use Microsoft Active Directory Domain Services (AD DS) to manage your Group Policy settings. |
+|[ActiveX installation using group policy](activex-installation-using-group-policy.md) |Info about using the ActiveX Installer Service (AXIS) and Group Policy to manage your ActiveX control deployment. |
+|[Group Policy and compatibility with Internet Explorer 11](group-policy-compatibility-with-ie11.md) |Our Group Policy recommendations for security, performance, and compatibility with previous versions of IE, regardless of which Zone the website is in. |
+|[Group policy preferences and Internet Explorer 11](group-policy-preferences-and-ie11.md) |Info about Group Policy preferences, as compared to Group Policy settings. |
+|[Administrative templates and Internet Explorer 11](administrative-templates-and-ie11.md) |Info about Administrative Templates, including where to store them and the related Group Policy settings. |
+|[Enable and disable add\-ons using administrative templates and group policy](enable-and-disable-add-ons-using-administrative-templates-and-group-policy.md) |Guidance about how to use your local Group Policy editor or the CLSID and Administrative Templates to manage your Group Policy objects.
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-local-group-policy-editor-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-local-group-policy-editor-ie11.md
index 36176c7bde..4ca3868ed5 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-local-group-policy-editor-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-and-local-group-policy-editor-ie11.md
@@ -1,36 +1,37 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: Group Policy, the Local Group Policy Editor, and Internet Explorer 11
-author: lomayor
-ms.prod: ie11
-ms.assetid: 6fc30e91-efac-4ba5-9ee2-fa77dcd36467
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Group Policy, the Local Group Policy Editor, and Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Group Policy, the Local Group Policy Editor, and Internet Explorer 11
-A Microsoft Management Console (MMC)-based tool that manages both computer and user-related configurations for an individual computer policy. This tool is included with Windows® 7 Service Pack 1 (SP1) and Windows 8.1.
-
-Here's a list of the policy settings you can use, based on the configuration type. For more info, see [Local Group Policy Editor](https://go.microsoft.com/fwlink/p/?LinkId=294912).
-
-|Computer configuration |User configuration |
-|-----------------------|-------------------|
-|Windows settings:- Name Resolution policy
- Scripts (Startup/Shutdown)
- Deployed printers
- Security settings
- Policy-based Quality of Service (QoS)
|Windows settings:- Scripts (Startup/Shutdown)
- Deployed printers
- Security settings
- Policy-based Quality of Service (QoS)
|
-|Administrative templates:- Control Panel
- Network
- Printers
- Server
- System
- Windows components
- All settings
|Administrative templates:- Control Panel
- Desktop
- Network
- Shared folders
- Start menu and taskbar
- System
- Windows components
- All settings
|
-
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: Group Policy, the Local Group Policy Editor, and Internet Explorer 11
+author: dansimp
+ms.prod: ie11
+ms.assetid: 6fc30e91-efac-4ba5-9ee2-fa77dcd36467
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Group Policy, the Local Group Policy Editor, and Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Group Policy, the Local Group Policy Editor, and Internet Explorer 11
+A Microsoft Management Console (MMC)-based tool that manages both computer and user-related configurations for an individual computer policy. This tool is included with Windows® 7 Service Pack 1 (SP1) and Windows 8.1.
+
+Here's a list of the policy settings you can use, based on the configuration type. For more info, see [Local Group Policy Editor](https://go.microsoft.com/fwlink/p/?LinkId=294912).
+
+|Computer configuration |User configuration |
+|-----------------------|-------------------|
+|Windows settings:- Name Resolution policy
- Scripts (Startup/Shutdown)
- Deployed printers
- Security settings
- Policy-based Quality of Service (QoS)
|Windows settings:- Scripts (Startup/Shutdown)
- Deployed printers
- Security settings
- Policy-based Quality of Service (QoS)
|
+|Administrative templates:- Control Panel
- Network
- Printers
- Server
- System
- Windows components
- All settings
|Administrative templates:- Control Panel
- Desktop
- Network
- Shared folders
- Start menu and taskbar
- System
- Windows components
- All settings
|
+
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-compatibility-with-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-compatibility-with-ie11.md
index 5e66dc9f4c..8a5b6d7859 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-compatibility-with-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-compatibility-with-ie11.md
@@ -1,38 +1,39 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: Group Policy suggestions for compatibility with Internet Explorer 11
-author: lomayor
-ms.prod: ie11
-ms.assetid: 7482c99f-5d79-4344-9e1c-aea9f0a68e18
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Group Policy and compatibility with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Group Policy and compatibility with Internet Explorer 11
-Internet Explorer 11 has many Group Policy entries that can be configured for keeping your environment managed and safe. This table includes all of our recommendations around security, performance, and compatibility with the previous versions of Internet Explorer, regardless of which Zone the website is in.
-
-|Activity |Location |Setting the policy object |
-|---------------------------------|----------------------------------------------|-------------------------------------------------------------------------|
-|Turn on Compatibility View for all intranet zones |`Administrative Templates\Windows Components\Internet Explorer\Compatibility View` |Double-click **Turn on IE Standards Mode for local intranet** , and then click **Disabled**. |
-|Turn on Compatibility View for selected websites, using Group Policy |`Administrative Templates\Windows Components\Internet Explorer\Compatibility View` |Double-click **Use Policy List of Windows Internet Explorer 7 sites** , and then click **Enabled**.Users will be able to add or remove sites manually to their local Compatibility View list, but they won’t be able to remove the sites you specifically added. |
-|Turn on Quirks mode for selected websites, using Group Policy |`Administrative Templates\Windows Components\Internet Explorer\Compatibility View` |Double-click **Use Policy List of Quirks Mode sites**, and then click **Enabled**. |
-|Ensure your users are using the most up-to-date version of Microsoft’s compatibility list. |`Administrative Templates\Windows Components\Internet Explorer\Compatibility View` |Double-click **Include updated Web site lists from Microsoft**, and then click **Enabled**. |
-|Restrict users from making security zone configuration changes. |`Administrative Templates\ Windows Components\Internet Explorer\Internet Control Panel` |Double-click **Disable the Security Page**, and then click **Enabled**. |
-|Control which security zone settings are applied to specific websites. |`Administrative Templates\ Windows Components\Internet Explorer\Internet Control Panel\Security Page` |Double-click **Site to Zone Assignment List**, click **Enabled**, and then enter your list of websites and their applicable security zones. |
-|Turn off Data Execution Prevention (DEP). |`Administrative Templates\ Windows Components\Internet Explorer\Security Features` |Double-click **Turn off Data Execution Prevention**, and then click **Enabled**. |
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: Group Policy suggestions for compatibility with Internet Explorer 11
+author: dansimp
+ms.prod: ie11
+ms.assetid: 7482c99f-5d79-4344-9e1c-aea9f0a68e18
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Group Policy and compatibility with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Group Policy and compatibility with Internet Explorer 11
+Internet Explorer 11 has many Group Policy entries that can be configured for keeping your environment managed and safe. This table includes all of our recommendations around security, performance, and compatibility with the previous versions of Internet Explorer, regardless of which Zone the website is in.
+
+|Activity |Location |Setting the policy object |
+|---------------------------------|----------------------------------------------|-------------------------------------------------------------------------|
+|Turn on Compatibility View for all intranet zones |`Administrative Templates\Windows Components\Internet Explorer\Compatibility View` |Double-click **Turn on IE Standards Mode for local intranet** , and then click **Disabled**. |
+|Turn on Compatibility View for selected websites, using Group Policy |`Administrative Templates\Windows Components\Internet Explorer\Compatibility View` |Double-click **Use Policy List of Windows Internet Explorer 7 sites** , and then click **Enabled**.Users will be able to add or remove sites manually to their local Compatibility View list, but they won’t be able to remove the sites you specifically added. |
+|Turn on Quirks mode for selected websites, using Group Policy |`Administrative Templates\Windows Components\Internet Explorer\Compatibility View` |Double-click **Use Policy List of Quirks Mode sites**, and then click **Enabled**. |
+|Ensure your users are using the most up-to-date version of Microsoft’s compatibility list. |`Administrative Templates\Windows Components\Internet Explorer\Compatibility View` |Double-click **Include updated Web site lists from Microsoft**, and then click **Enabled**. |
+|Restrict users from making security zone configuration changes. |`Administrative Templates\ Windows Components\Internet Explorer\Internet Control Panel` |Double-click **Disable the Security Page**, and then click **Enabled**. |
+|Control which security zone settings are applied to specific websites. |`Administrative Templates\ Windows Components\Internet Explorer\Internet Control Panel\Security Page` |Double-click **Site to Zone Assignment List**, click **Enabled**, and then enter your list of websites and their applicable security zones. |
+|Turn off Data Execution Prevention (DEP). |`Administrative Templates\ Windows Components\Internet Explorer\Security Features` |Double-click **Turn off Data Execution Prevention**, and then click **Enabled**. |
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-objects-and-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-objects-and-ie11.md
index 494906c975..403471f4c7 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-objects-and-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-objects-and-ie11.md
@@ -1,55 +1,56 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: Overview of the available Group Policy management tools
-author: lomayor
-ms.prod: ie11
-ms.assetid: e33bbfeb-6b80-4e71-8bba-1d0369a87312
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Group Policy management tools (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Group Policy management tools
-Group Policy, based on Microsoft Active Directory Domain Services (AD DS), lets you manage your organization's computer and user settings as part of your Group Policy objects (GPOs), which are added and changed in the Group Policy Management Console (GPMC). GPOs can include registry-based Administrative Template policy settings, security settings, software deployment information, scripts, folder redirection, and preferences. The most effective way to target a specific GPO is to use Windows Management Instrumentation (WMI) filters. Like, creating a WMI filter that applies a GPO only to computers with a specific make and model.
-
-By using Group Policy, you can set up a policy setting once, and then copy that setting onto many computers. For example, you can set up multiple Internet Explorer 11 security settings in a GPO that's linked to a domain, and then apply all of those settings to every computer in the domain.
-
-**Note**
-For more information about Group Policy, see the [Group Policy TechCenter](https://go.microsoft.com/fwlink/p/?LinkId=214514). This site provides links to the latest technical documentation, videos, and downloads for Group Policy.
-
-## Managing settings with GPOs
-After deploying IE11 to your organization, you can continue to manage the browser settings by using Active Directory Domain Services (AD DS) together with the following Group Policy-related setting management groups:
-
-- [Administrative templates and Internet Explorer 11](administrative-templates-and-ie11.md). Used to manage registry-based policies and options.
-
-- [Group policy preferences and Internet Explorer 11](group-policy-preferences-and-ie11.md). Used to set up and manage options that can be changed by the user after installation.
-
-**Note**
-Whenever possible, we recommend that you manage IE11 using Administrative Templates, because these settings are always written to secure policy branches in the registry. In addition, we recommend that you deploy using standard user accounts instead of letting your users log on to their computers as administrators. This helps to prevent your users from making unwanted changes to their systems or overriding Group Policy settings.
-
-
-Users won't be able to use the IE11 user interface or the registry to change any managed settings on their computers. However, they will be able to change many of the preferences associated with the settings you set up using the Internet Explorer Administration Kit 11 (IEAK 11).
-
-## Which GPO tool should I use?
-You can use any of these tools to create, manage, view, and troubleshoot Group Policy objects (GPOs). For information about each, see:
-
-- [Group Policy, the Group Policy Management Console (GPMC), and Internet Explorer 11](group-policy-and-group-policy-mgmt-console-ie11.md). Provides a single location to manage all GPOs, WMI filters, and Group Policy–related permissions across multiple forests in an organization.
-
-- [Group Policy, the Local Group Policy Editor, and Internet Explorer 11](group-policy-and-local-group-policy-editor-ie11.md). Provides a user interface that lets you edit settings within individual GPOs.
-
-- [Group Policy, Advanced Group Policy Management (AGPM), and Internet Explorer 11](group-policy-and-advanced-group-policy-mgmt-ie11.md). An add-on license for the Microsoft Desktop Optimization Pack (MDOP) that helps to extend Group Policy for Software Assurance customers.
-
-- [Group Policy, Windows Powershell, and Internet Explorer 11](group-policy-windows-powershell-ie11.md). A command-line shell and scripting language that helps automate Windows and application administration on a single computer locally, or across many computers remotely.
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: Overview of the available Group Policy management tools
+author: dansimp
+ms.prod: ie11
+ms.assetid: e33bbfeb-6b80-4e71-8bba-1d0369a87312
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Group Policy management tools (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Group Policy management tools
+Group Policy, based on Microsoft Active Directory Domain Services (AD DS), lets you manage your organization's computer and user settings as part of your Group Policy objects (GPOs), which are added and changed in the Group Policy Management Console (GPMC). GPOs can include registry-based Administrative Template policy settings, security settings, software deployment information, scripts, folder redirection, and preferences. The most effective way to target a specific GPO is to use Windows Management Instrumentation (WMI) filters. Like, creating a WMI filter that applies a GPO only to computers with a specific make and model.
+
+By using Group Policy, you can set up a policy setting once, and then copy that setting onto many computers. For example, you can set up multiple Internet Explorer 11 security settings in a GPO that's linked to a domain, and then apply all of those settings to every computer in the domain.
+
+**Note**
+For more information about Group Policy, see the [Group Policy TechCenter](https://go.microsoft.com/fwlink/p/?LinkId=214514). This site provides links to the latest technical documentation, videos, and downloads for Group Policy.
+
+## Managing settings with GPOs
+After deploying IE11 to your organization, you can continue to manage the browser settings by using Active Directory Domain Services (AD DS) together with the following Group Policy-related setting management groups:
+
+- [Administrative templates and Internet Explorer 11](administrative-templates-and-ie11.md). Used to manage registry-based policies and options.
+
+- [Group policy preferences and Internet Explorer 11](group-policy-preferences-and-ie11.md). Used to set up and manage options that can be changed by the user after installation.
+
+**Note**
+Whenever possible, we recommend that you manage IE11 using Administrative Templates, because these settings are always written to secure policy branches in the registry. In addition, we recommend that you deploy using standard user accounts instead of letting your users log on to their computers as administrators. This helps to prevent your users from making unwanted changes to their systems or overriding Group Policy settings.
+
+
+Users won't be able to use the IE11 user interface or the registry to change any managed settings on their computers. However, they will be able to change many of the preferences associated with the settings you set up using the Internet Explorer Administration Kit 11 (IEAK 11).
+
+## Which GPO tool should I use?
+You can use any of these tools to create, manage, view, and troubleshoot Group Policy objects (GPOs). For information about each, see:
+
+- [Group Policy, the Group Policy Management Console (GPMC), and Internet Explorer 11](group-policy-and-group-policy-mgmt-console-ie11.md). Provides a single location to manage all GPOs, WMI filters, and Group Policy–related permissions across multiple forests in an organization.
+
+- [Group Policy, the Local Group Policy Editor, and Internet Explorer 11](group-policy-and-local-group-policy-editor-ie11.md). Provides a user interface that lets you edit settings within individual GPOs.
+
+- [Group Policy, Advanced Group Policy Management (AGPM), and Internet Explorer 11](group-policy-and-advanced-group-policy-mgmt-ie11.md). An add-on license for the Microsoft Desktop Optimization Pack (MDOP) that helps to extend Group Policy for Software Assurance customers.
+
+- [Group Policy, Windows Powershell, and Internet Explorer 11](group-policy-windows-powershell-ie11.md). A command-line shell and scripting language that helps automate Windows and application administration on a single computer locally, or across many computers remotely.
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-preferences-and-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-preferences-and-ie11.md
index 473be60b15..ae5c5f783e 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-preferences-and-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-preferences-and-ie11.md
@@ -1,38 +1,39 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: Info about Group Policy preferences versus Group Policy settings
-author: lomayor
-ms.prod: ie11
-ms.assetid: f2264c97-7f09-4f28-bb5c-58ab80dcc6ee
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Group policy preferences and Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Group policy preferences and Internet Explorer 11
-Group Policy preferences are less strict than Group Policy settings, based on:
-
-| |Group Policy preferences |Group Policy settings |
-|-----|-------------------------|----------------------|
-|Enforcement |- Not enforced
- Has the user interface turned on
- Can only be refreshed or applied once
|- Enforced
- Has the user interface turned off
- Can be refreshed multiple times
|
-|Flexibility |Lets you create preference items for registry settings, files, and folders. |- Requires app support
- Needs you to create Administrative Templates for new policy settings
- Won't let you create policy settings to manage files and folders
|
-|Local Group Policy |Not available |Available
-|Awareness |Supports apps that aren't Group Policy-aware |Requires apps to be Group Policy-aware |
-|Storage |- Overwrites the original settings
- Removing the preference doesn't restore the original setting
|- Doesn't overwrite the original settings
- Stored in the Policy branches of the registry
- Removing the setting restores the original setting
|
-|Targeting and filtering |- Targeting is specific, with a user interface for each type of targeting item
- Supports targeting at the individual preference item level
|- Filtering is based on Windows Management Instrumentation (WMI), and requires writing WMI queries
- Supports filtering at the Group Policy Object (GPO) level
|
-
-
-For more information about Group Policy preferences, see the [Group Policy Settings Reference for Windows and Windows Server](https://go.microsoft.com/fwlink/p/?LinkId=279876).
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: Info about Group Policy preferences versus Group Policy settings
+author: dansimp
+ms.prod: ie11
+ms.assetid: f2264c97-7f09-4f28-bb5c-58ab80dcc6ee
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Group policy preferences and Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Group policy preferences and Internet Explorer 11
+Group Policy preferences are less strict than Group Policy settings, based on:
+
+| |Group Policy preferences |Group Policy settings |
+|-----|-------------------------|----------------------|
+|Enforcement |- Not enforced
- Has the user interface turned on
- Can only be refreshed or applied once
|- Enforced
- Has the user interface turned off
- Can be refreshed multiple times
|
+|Flexibility |Lets you create preference items for registry settings, files, and folders. |- Requires app support
- Needs you to create Administrative Templates for new policy settings
- Won't let you create policy settings to manage files and folders
|
+|Local Group Policy |Not available |Available
+|Awareness |Supports apps that aren't Group Policy-aware |Requires apps to be Group Policy-aware |
+|Storage |- Overwrites the original settings
- Removing the preference doesn't restore the original setting
|- Doesn't overwrite the original settings
- Stored in the Policy branches of the registry
- Removing the setting restores the original setting
|
+|Targeting and filtering |- Targeting is specific, with a user interface for each type of targeting item
- Supports targeting at the individual preference item level
|- Filtering is based on Windows Management Instrumentation (WMI), and requires writing WMI queries
- Supports filtering at the Group Policy Object (GPO) level
|
+
+
+For more information about Group Policy preferences, see the [Group Policy Settings Reference for Windows and Windows Server](https://go.microsoft.com/fwlink/p/?LinkId=279876).
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-problems-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-problems-ie11.md
index 65ae07a3ce..008e2624c0 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-problems-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-problems-ie11.md
@@ -1,29 +1,30 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: Links to troubleshooting topics and log files that can help address Group Policy problems with Internet Explorer 11.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 0da0d9a9-200c-46c4-96be-630e82de017b
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Group Policy problems with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Group Policy problems with Internet Explorer 11
-If you're having problems with Group Policy and Internet Explorer 11, or if you're looking for high-level information about the concepts and techniques used to troubleshoot Group Policy, as well as links to detailed reference topics, procedures, and troubleshooting scenario guides, see [Group Policy Analysis and Troubleshooting Overview](https://go.microsoft.com/fwlink/p/?LinkId=279872).
-
-## Group Policy Object-related Log Files
-You can use the Event Viewer to review Group Policy-related messages in the **Windows Logs**, **System** file. All of the Group Policy-related events are shown with a source of **GroupPolicy**. For more information about the Event Viewer, see [What information appears in event logs? (Event Viewer)](https://go.microsoft.com/fwlink/p/?LinkId=294917).
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: Links to troubleshooting topics and log files that can help address Group Policy problems with Internet Explorer 11.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 0da0d9a9-200c-46c4-96be-630e82de017b
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Group Policy problems with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Group Policy problems with Internet Explorer 11
+If you're having problems with Group Policy and Internet Explorer 11, or if you're looking for high-level information about the concepts and techniques used to troubleshoot Group Policy, as well as links to detailed reference topics, procedures, and troubleshooting scenario guides, see [Group Policy Analysis and Troubleshooting Overview](https://go.microsoft.com/fwlink/p/?LinkId=279872).
+
+## Group Policy Object-related Log Files
+You can use the Event Viewer to review Group Policy-related messages in the **Windows Logs**, **System** file. All of the Group Policy-related events are shown with a source of **GroupPolicy**. For more information about the Event Viewer, see [What information appears in event logs? (Event Viewer)](https://go.microsoft.com/fwlink/p/?LinkId=294917).
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-shortcut-extensions-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-shortcut-extensions-ie11.md
index 7c53292112..1f0caf9bc3 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-shortcut-extensions-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-shortcut-extensions-ie11.md
@@ -1,49 +1,50 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: Instructions about how to create and configure shortcut preference extensions to file system objects, URLs, and shell objects.
-author: lomayor
-ms.prod: ie11
-ms.assetid: c6fbf990-13e4-4be7-9f08-5bdd43179b3b
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Group Policy, Shortcut Extensions, and Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Group Policy, Shortcut Extensions, and Internet Explorer 11
-Group Policy includes the Shortcuts preference extension, which lets you configure shortcuts to:
-
-- **File system objects.** Traditional shortcuts that link to apps, files, folders, drives, shares, or computers. For example, linking a shortcut to an app from the **Start** screen.
-
-- **URLs.** Shortcuts to webpages or FTP sites. For example, a link to your intranet site from your employee's **Favorites** folder.
-
-- **Shell objects.** Shortcuts to objects that appear in the shell namespace, such as printers, desktop items, Control Panel items, the Recycle Bin, and so on.
-
-## How do I configure shortcuts?
-You can create and configure shortcuts for any domain-based Group Policy Object (GPO) in the Group Policy Management Console (GPMC).
-
- **To create a new Shortcut preference item**
-
-1. Open GPMC, right-click the Group Policy object that needs the new shortcut extension, and click **Edit**.
-
-2. From **Computer Configuration** or **User Configuration**, go to **Preferences**, and then go to **Windows Settings**.
-
-3. Right-click **Shortcuts**, click **New**, and then choose **Shortcut**.
-
-4. Choose what the shortcut should do, including **Create**, **Delete**, **Replace**, or **Update**.
-
-5. Type the required shortcut settings and your comments into the **Description** box, and click **OK**.
-
-For more information about shortcut extensions, including step-by-step guidance, see [Shortcuts Extension](https://go.microsoft.com/fwlink/p/?LinkId=214525) and [Configure a Shortcut Item](https://go.microsoft.com/fwlink/p/?LinkId=301837).
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: Instructions about how to create and configure shortcut preference extensions to file system objects, URLs, and shell objects.
+author: dansimp
+ms.prod: ie11
+ms.assetid: c6fbf990-13e4-4be7-9f08-5bdd43179b3b
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Group Policy, Shortcut Extensions, and Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Group Policy, Shortcut Extensions, and Internet Explorer 11
+Group Policy includes the Shortcuts preference extension, which lets you configure shortcuts to:
+
+- **File system objects.** Traditional shortcuts that link to apps, files, folders, drives, shares, or computers. For example, linking a shortcut to an app from the **Start** screen.
+
+- **URLs.** Shortcuts to webpages or FTP sites. For example, a link to your intranet site from your employee's **Favorites** folder.
+
+- **Shell objects.** Shortcuts to objects that appear in the shell namespace, such as printers, desktop items, Control Panel items, the Recycle Bin, and so on.
+
+## How do I configure shortcuts?
+You can create and configure shortcuts for any domain-based Group Policy Object (GPO) in the Group Policy Management Console (GPMC).
+
+ **To create a new Shortcut preference item**
+
+1. Open GPMC, right-click the Group Policy object that needs the new shortcut extension, and click **Edit**.
+
+2. From **Computer Configuration** or **User Configuration**, go to **Preferences**, and then go to **Windows Settings**.
+
+3. Right-click **Shortcuts**, click **New**, and then choose **Shortcut**.
+
+4. Choose what the shortcut should do, including **Create**, **Delete**, **Replace**, or **Update**.
+
+5. Type the required shortcut settings and your comments into the **Description** box, and click **OK**.
+
+For more information about shortcut extensions, including step-by-step guidance, see [Shortcuts Extension](https://go.microsoft.com/fwlink/p/?LinkId=214525) and [Configure a Shortcut Item](https://go.microsoft.com/fwlink/p/?LinkId=301837).
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/group-policy-windows-powershell-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/group-policy-windows-powershell-ie11.md
index dcea0b00e6..2de349942d 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/group-policy-windows-powershell-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/group-policy-windows-powershell-ie11.md
@@ -1,38 +1,39 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: Overview about how Group Policy works with Windows Powershell and Internet Explorer 11
-author: lomayor
-ms.prod: ie11
-ms.assetid: e3607cde-a498-4e04-9daa-b331412967fc
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Group Policy, Windows Powershell, and Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Group Policy, Windows Powershell, and Internet Explorer 11
-Your domain-joined Group Policy Objects (GPOs) can use any of Group Policy-related “cmdlets” that run within Windows PowerShell.
-
-Each cmdlet is a single-function command-line tool that can:
-
-- Create, edit, remove, back up, and import GPOs.
-
-- Create, update, and remove Group Policy links.
-
-- Set inheritance flags and permissions on organizational units (OU) and domains.
-
-- Configure registry-based policy settings and registry settings for Group Policy preferences.
-
-For more info about PowerShell and Group Policy management, see [Use Windows PowerShell to Manage Group Policy](https://go.microsoft.com/fwlink/p/?LinkId=276828).
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: Overview about how Group Policy works with Windows Powershell and Internet Explorer 11
+author: dansimp
+ms.prod: ie11
+ms.assetid: e3607cde-a498-4e04-9daa-b331412967fc
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Group Policy, Windows Powershell, and Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Group Policy, Windows Powershell, and Internet Explorer 11
+Your domain-joined Group Policy Objects (GPOs) can use any of Group Policy-related “cmdlets” that run within Windows PowerShell.
+
+Each cmdlet is a single-function command-line tool that can:
+
+- Create, edit, remove, back up, and import GPOs.
+
+- Create, update, and remove Group Policy links.
+
+- Set inheritance flags and permissions on organizational units (OU) and domains.
+
+- Configure registry-based policy settings and registry settings for Group Policy preferences.
+
+For more info about PowerShell and Group Policy management, see [Use Windows PowerShell to Manage Group Policy](https://go.microsoft.com/fwlink/p/?LinkId=276828).
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/ie11-delivery-through-automatic-updates.md b/browsers/internet-explorer/ie11-deploy-guide/ie11-delivery-through-automatic-updates.md
index 4e3fdb4baa..b4149169e2 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/ie11-delivery-through-automatic-updates.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/ie11-delivery-through-automatic-updates.md
@@ -1,142 +1,143 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: support
-ms.pagetype: security
-description:
-author: lomayor
-ms.author: lomayor
-ms.manager: elizapo
-ms.prod: ie11
-ms.assetid:
-ms.reviewer:
-audience: itpro
manager: dansimp
-title: Internet Explorer 11 delivery through automatic updates
-ms.sitesec: library
-ms.date: 05/22/2018
----
-
-# Internet Explorer 11 delivery through automatic updates
-Internet Explorer 11 makes browsing the web faster, easier, safer, and more reliable than ever. To help customers become more secure and up-to-date, Microsoft will distribute Internet Explorer 11 through Automatic Updates and the Windows Update and Microsoft Update sites. Internet Explorer 11 will be available for users of the 32-bit and 64-bit versions of Windows 7 Service Pack 1 (SP1), and 64-bit version of Windows Server 2008 R2 SP1. This article provides an overview of the delivery process and options available for IT administrators to control how and when Internet Explorer 11 is deployed to their organization through Automatic Updates.
-
-- [Automatic updates delivery process](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/ie11-delivery-through-automatic-updates#automatic-updates-delivery-process)
-
-- [Internet Explorer 11 automatic upgrades](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/ie11-delivery-through-automatic-updates#internet-explorer-11-automatic-upgrades)
-
-- [Options for blocking automatic delivery](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/ie11-delivery-through-automatic-updates#options-for-blocking-automatic-delivery)
-
-- [Availability of Internet Explorer 11](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/ie11-delivery-through-automatic-updates#availability-of-internet-explorer-11)
-
-- [Prevent automatic installation of Internet Explorer 11 with WSUS](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/ie11-delivery-through-automatic-updates#prevent-automatic-installation-of-internet-explorer-11-with-wsus)
-
-## Automatic updates delivery process
-
-Internet Explorer 11 only downloads and installs if it’s available for delivery through Automatic Updates; and Automatic Updates only offer Internet Explorer 11
-to users with local administrator accounts. User’s without local administrator accounts won’t be prompted to install the update and will continue using their
-current version of Internet Explorer.
-
-Internet Explorer 11 replaces Internet Explorer 8, Internet Explorer 9, or Internet Explorer 10. If you decide you don’t want Internet Explorer 11, and you’re running Windows 7 SP1 or Windows Server 2008 R2 with SP1, you can uninstall it from the **View installed updates** section of the **Uninstall an update** page of the Control Panel.
-
->[!Note]
->If a user installs Internet Explorer 11 and then removes it, it won’t be re-offered to that computer through Automatic Updates. Instead, the user will have to manually re-install the app.
-
-## Internet Explorer 11 automatic upgrades
-
-Internet Explorer 11 is offered through Automatic Updates and Windows Update as an Important update. Users running Windows 7 SP1, who have chosen to download and install updates automatically through Windows Update, are automatically upgraded to Internet Explorer 11.
-
-Users who were automatically upgraded to Internet Explorer 11 can decide to uninstall Internet Explorer 11. However, Internet Explorer 11 will still appear as an optional update through Windows Update.
-
-## Options for blocking automatic delivery
-
-If you use Automatic Updates in your company, but want to stop your users from automatically getting Internet Explorer 11, do one of the following:
-
-- **Download and use the Internet Explorer 11 Blocker Toolkit.** Includes a Group Policy template and a script that permanently blocks Internet Explorer 11 from being offered by Windows Update or Microsoft Update as a high-priority update. You can download this kit from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=40722).
-
- >[!Note]
- >The toolkit won't stop users with local administrator accounts from manually installing Internet Explorer 11. Using this toolkit also prevents your users from receiving automatic upgrades from Internet Explorer 8, Internet Explorer 9, or Internet Explorer 10 to Internet Explorer 11. For more information, see the [Internet Explorer 11 Blocker Toolkit frequently asked questions](../ie11-faq/faq-ie11-blocker-toolkit.md).
-
-- **Use an update management solution to control update deployment.**
- If you already use an update management solution, like [Windows Server Update Services (WSUS)](https://docs.microsoft.com/windows-server/administration/windows-server-update-services/get-started/windows-server-update-services-wsus) or the more advanced [System Center 2012 Configuration Manager](https://go.microsoft.com/fwlink/?LinkID=276664), you should use that instead of the Internet Explorer Blocker Toolkit.
-
- >[!Note]
- >If you use WSUS to manage updates, and Update Rollups are configured for automatic installation, Internet Explorer will automatically install throughout your company. This scenario is discussed in detail in the Knowledge Base article [here](https://support.microsoft.com/kb/946202).
-
-Additional information on Internet Explorer 11, including a Readiness Toolkit, technical overview, in-depth feature summary, and Internet Explorer 11 download is available on the [Internet Explorer 11 page of the Microsoft Edge IT Center](https://technet.microsoft.com/microsoft-edge/dn262703.aspx).
-
-## Availability of Internet Explorer 11
-
-Automatic Updates will start to distribute Internet Explorer 11 shortly after the final release of the product and will distribute it through the System Center Configuration Manager, Microsoft Systems Management Server, and WSUS.
-
-## Prevent automatic installation of Internet Explorer 11 with WSUS
-
-Internet Explorer 11 will be released to WSUS as an Update Rollup package. Therefore, if you’ve configured WSUS to “auto-approve” Update Rollup packages, it’ll be automatically approved and installed. To stop Internet Explorer 11 from being automatically approved for installation, you need to:
-
-1. Click **Start**, click **Administrative Tools**, and then click **Microsoft
- Windows Server Update Services 3.0**.
-
-2. Expand *ComputerName*, and then click **Options**.
-
-3. Click **Automatic Approvals**.
-
-4. Click the rule that automatically approves an update that is classified as
- Update Rollup, and then click **Edit.**
-
- >[!Note]
- >If you don’t see a rule like this, you most likely haven’t configured WSUS to automatically approve Update Rollups for installation. In this situation, you don’t have to do anything else.
-
-5. Click the **Update Rollups** property under the **Step 2: Edit the properties (click an underlined value)** section.
-
- >[!Note]
- >The properties for this rule will resemble the following:- When an update is in Update Rollups
- Approve the update for all computers
-
-6. Clear the **Update Rollup** check box, and then click **OK**.
-
-7. Click **OK** to close the **Automatic Approvals** dialog box.After the new Internet Explorer 11 package is available for download, you should manually synchronize the new package to your WSUS server, so that when you re-enable auto-approval it won’t be automatically installed.
-
-8. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.
-
-9. Expand *ComputerName*, and then click **Synchronizations**.
-
-10. Click **Synchronize Now**.
-
-11. Expand *ComputerName*, expand **Updates**, and then click **All Updates**.
-
-12. Choose **Unapproved** in the **Approval**drop down box.
-
-13. Check to make sure that Microsoft Internet Explorer 11 is listed as an unapproved update.
-
- >[!Note]
- >There may be multiple updates, depending on the imported language and operating system updates.
-
-**Optional**
-
-If you need to reset your Update Rollups packages to auto-approve, do this:
-
-1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.
-
-2. Expand *ComputerName*, and then click **Options**.
-
-3. Click **Automatic Approvals**.
-
-4. Click the rule that automatically approves updates of different classifications, and then click **Edit**.
-
-5. Click the **Update Rollups** property under the **Step 2: Edit the properties (click an underlined value)** section.
-
-6. Check the **Update Rollups** check box, and then click **OK**.
-
-7. Click **OK** to close the **Automatic Approvals** dialog box.
-
->[!Note]
->Because auto-approval rules are only evaluated when an update is first imported into WSUS, turning this rule back on after the Internet Explorer 11 update has been imported and synchronized to the server won’t cause this update to be auto-approved.
-
-
-## Additional resources
-
-- [Automatic delivery process](what-is-the-internet-explorer-11-blocker-toolkit.md#automatic-delivery-process)
-
-- [Internet Explorer 11 Blocker Toolkit download](https://www.microsoft.com/download/details.aspx?id=40722)
-
-- [Internet Explorer 11 FAQ for IT pros](https://docs.microsoft.com/internet-explorer/ie11-faq/faq-for-it-pros-ie11)
-
-- [Internet Explorer 11 delivery through automatic updates](https://technet.microsoft.com/microsoft-edge/dn449235)
-
-- [Internet Explorer 11 deployment guide](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/index)
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: support
+ms.pagetype: security
+description:
+author: dansimp
+ms.author: dansimp
+ms.manager: dansimp
+ms.prod: ie11
+ms.assetid:
+ms.reviewer:
+audience: itpro
+manager: dansimp
+title: Internet Explorer 11 delivery through automatic updates
+ms.sitesec: library
+ms.date: 05/22/2018
+---
+
+# Internet Explorer 11 delivery through automatic updates
+Internet Explorer 11 makes browsing the web faster, easier, safer, and more reliable than ever. To help customers become more secure and up-to-date, Microsoft will distribute Internet Explorer 11 through Automatic Updates and the Windows Update and Microsoft Update sites. Internet Explorer 11 will be available for users of the 32-bit and 64-bit versions of Windows 7 Service Pack 1 (SP1), and 64-bit version of Windows Server 2008 R2 SP1. This article provides an overview of the delivery process and options available for IT administrators to control how and when Internet Explorer 11 is deployed to their organization through Automatic Updates.
+
+- [Automatic updates delivery process](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/ie11-delivery-through-automatic-updates#automatic-updates-delivery-process)
+
+- [Internet Explorer 11 automatic upgrades](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/ie11-delivery-through-automatic-updates#internet-explorer-11-automatic-upgrades)
+
+- [Options for blocking automatic delivery](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/ie11-delivery-through-automatic-updates#options-for-blocking-automatic-delivery)
+
+- [Availability of Internet Explorer 11](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/ie11-delivery-through-automatic-updates#availability-of-internet-explorer-11)
+
+- [Prevent automatic installation of Internet Explorer 11 with WSUS](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/ie11-delivery-through-automatic-updates#prevent-automatic-installation-of-internet-explorer-11-with-wsus)
+
+## Automatic updates delivery process
+
+Internet Explorer 11 only downloads and installs if it’s available for delivery through Automatic Updates; and Automatic Updates only offer Internet Explorer 11
+to users with local administrator accounts. User’s without local administrator accounts won’t be prompted to install the update and will continue using their
+current version of Internet Explorer.
+
+Internet Explorer 11 replaces Internet Explorer 8, Internet Explorer 9, or Internet Explorer 10. If you decide you don’t want Internet Explorer 11, and you’re running Windows 7 SP1 or Windows Server 2008 R2 with SP1, you can uninstall it from the **View installed updates** section of the **Uninstall an update** page of the Control Panel.
+
+>[!Note]
+>If a user installs Internet Explorer 11 and then removes it, it won’t be re-offered to that computer through Automatic Updates. Instead, the user will have to manually re-install the app.
+
+## Internet Explorer 11 automatic upgrades
+
+Internet Explorer 11 is offered through Automatic Updates and Windows Update as an Important update. Users running Windows 7 SP1, who have chosen to download and install updates automatically through Windows Update, are automatically upgraded to Internet Explorer 11.
+
+Users who were automatically upgraded to Internet Explorer 11 can decide to uninstall Internet Explorer 11. However, Internet Explorer 11 will still appear as an optional update through Windows Update.
+
+## Options for blocking automatic delivery
+
+If you use Automatic Updates in your company, but want to stop your users from automatically getting Internet Explorer 11, do one of the following:
+
+- **Download and use the Internet Explorer 11 Blocker Toolkit.** Includes a Group Policy template and a script that permanently blocks Internet Explorer 11 from being offered by Windows Update or Microsoft Update as a high-priority update. You can download this kit from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=40722).
+
+ >[!Note]
+ >The toolkit won't stop users with local administrator accounts from manually installing Internet Explorer 11. Using this toolkit also prevents your users from receiving automatic upgrades from Internet Explorer 8, Internet Explorer 9, or Internet Explorer 10 to Internet Explorer 11. For more information, see the [Internet Explorer 11 Blocker Toolkit frequently asked questions](../ie11-faq/faq-ie11-blocker-toolkit.md).
+
+- **Use an update management solution to control update deployment.**
+ If you already use an update management solution, like [Windows Server Update Services (WSUS)](https://docs.microsoft.com/windows-server/administration/windows-server-update-services/get-started/windows-server-update-services-wsus) or the more advanced [System Center 2012 Configuration Manager](https://go.microsoft.com/fwlink/?LinkID=276664), you should use that instead of the Internet Explorer Blocker Toolkit.
+
+ >[!Note]
+ >If you use WSUS to manage updates, and Update Rollups are configured for automatic installation, Internet Explorer will automatically install throughout your company. This scenario is discussed in detail in the Knowledge Base article [here](https://support.microsoft.com/kb/946202).
+
+Additional information on Internet Explorer 11, including a Readiness Toolkit, technical overview, in-depth feature summary, and Internet Explorer 11 download is available on the [Internet Explorer 11 page of the Microsoft Edge IT Center](https://technet.microsoft.com/microsoft-edge/dn262703.aspx).
+
+## Availability of Internet Explorer 11
+
+Automatic Updates will start to distribute Internet Explorer 11 shortly after the final release of the product and will distribute it through the System Center Configuration Manager, Microsoft Systems Management Server, and WSUS.
+
+## Prevent automatic installation of Internet Explorer 11 with WSUS
+
+Internet Explorer 11 will be released to WSUS as an Update Rollup package. Therefore, if you’ve configured WSUS to “auto-approve” Update Rollup packages, it’ll be automatically approved and installed. To stop Internet Explorer 11 from being automatically approved for installation, you need to:
+
+1. Click **Start**, click **Administrative Tools**, and then click **Microsoft
+ Windows Server Update Services 3.0**.
+
+2. Expand *ComputerName*, and then click **Options**.
+
+3. Click **Automatic Approvals**.
+
+4. Click the rule that automatically approves an update that is classified as
+ Update Rollup, and then click **Edit.**
+
+ >[!Note]
+ >If you don’t see a rule like this, you most likely haven’t configured WSUS to automatically approve Update Rollups for installation. In this situation, you don’t have to do anything else.
+
+5. Click the **Update Rollups** property under the **Step 2: Edit the properties (click an underlined value)** section.
+
+ >[!Note]
+ >The properties for this rule will resemble the following:
- When an update is in Update Rollups
- Approve the update for all computers
+
+6. Clear the **Update Rollup** check box, and then click **OK**.
+
+7. Click **OK** to close the **Automatic Approvals** dialog box.After the new Internet Explorer 11 package is available for download, you should manually synchronize the new package to your WSUS server, so that when you re-enable auto-approval it won’t be automatically installed.
+
+8. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.
+
+9. Expand *ComputerName*, and then click **Synchronizations**.
+
+10. Click **Synchronize Now**.
+
+11. Expand *ComputerName*, expand **Updates**, and then click **All Updates**.
+
+12. Choose **Unapproved** in the **Approval**drop down box.
+
+13. Check to make sure that Microsoft Internet Explorer 11 is listed as an unapproved update.
+
+ >[!Note]
+ >There may be multiple updates, depending on the imported language and operating system updates.
+
+**Optional**
+
+If you need to reset your Update Rollups packages to auto-approve, do this:
+
+1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.
+
+2. Expand *ComputerName*, and then click **Options**.
+
+3. Click **Automatic Approvals**.
+
+4. Click the rule that automatically approves updates of different classifications, and then click **Edit**.
+
+5. Click the **Update Rollups** property under the **Step 2: Edit the properties (click an underlined value)** section.
+
+6. Check the **Update Rollups** check box, and then click **OK**.
+
+7. Click **OK** to close the **Automatic Approvals** dialog box.
+
+>[!Note]
+>Because auto-approval rules are only evaluated when an update is first imported into WSUS, turning this rule back on after the Internet Explorer 11 update has been imported and synchronized to the server won’t cause this update to be auto-approved.
+
+
+## Additional resources
+
+- [Automatic delivery process](what-is-the-internet-explorer-11-blocker-toolkit.md#automatic-delivery-process)
+
+- [Internet Explorer 11 Blocker Toolkit download](https://www.microsoft.com/download/details.aspx?id=40722)
+
+- [Internet Explorer 11 FAQ for IT pros](https://docs.microsoft.com/internet-explorer/ie11-faq/faq-for-it-pros-ie11)
+
+- [Internet Explorer 11 delivery through automatic updates](https://technet.microsoft.com/microsoft-edge/dn449235)
+
+- [Internet Explorer 11 deployment guide](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/index)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/img-ie11-docmode-lg.md b/browsers/internet-explorer/ie11-deploy-guide/img-ie11-docmode-lg.md
index 48331957e3..5097f83564 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/img-ie11-docmode-lg.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/img-ie11-docmode-lg.md
@@ -1,16 +1,17 @@
----
-description: A full-sized view of how document modes are chosen in IE11.
-title: Full-sized flowchart detailing how document modes are chosen in IE11
-author: lomayor
-ms.date: 04/19/2017
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
----
-
-Return to: [Deprecated document modes and Internet Explorer 11](deprecated-document-modes.md)
-
-
- 
-
-
+---
+description: A full-sized view of how document modes are chosen in IE11.
+title: Full-sized flowchart detailing how document modes are chosen in IE11
+author: dansimp
+ms.date: 04/19/2017
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+---
+
+Return to: [Deprecated document modes and Internet Explorer 11](deprecated-document-modes.md)
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/import-into-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/import-into-the-enterprise-mode-site-list-manager.md
index add9fe0016..5ab9dd5e58 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/import-into-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/import-into-the-enterprise-mode-site-list-manager.md
@@ -1,50 +1,51 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: If you need to replace your entire site list because of errors, or simply because it’s out of date, you can import your exported Enterprise Mode site list using the Enterprise Mode Site List Manager.
-author: lomayor
-ms.prod: ie11
-ms.assetid: cacd5d68-700b-4a96-b4c9-ca2c40c1ac5f
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Import your Enterprise Mode site list to the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Import your Enterprise Mode site list to the Enterprise Mode Site List Manager
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-If you need to replace your entire site list because of errors, or simply because it’s out of date, you can import your exported Enterprise Mode site list using the Enterprise Mode Site List Manager.
-
-**Important**
-Importing your file overwrites everything that’s currently in the tool, so make sure it’s what you really mean to do.
-
- **To import your compatibility list**
-
-1. On the **File** menu of the Enterprise Mode Site List Manager, click **Import**.
-
-2. Go to your exported .EMIE file (for example, `C:\users\\documents\sites.emie`), and then click **Open**.
-
-3. Review the alert message about all of your entries being overwritten. If you still want to import the file, click **Yes**.
-
-## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
-- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: If you need to replace your entire site list because of errors, or simply because it’s out of date, you can import your exported Enterprise Mode site list using the Enterprise Mode Site List Manager.
+author: dansimp
+ms.prod: ie11
+ms.assetid: cacd5d68-700b-4a96-b4c9-ca2c40c1ac5f
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Import your Enterprise Mode site list to the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Import your Enterprise Mode site list to the Enterprise Mode Site List Manager
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+If you need to replace your entire site list because of errors, or simply because it’s out of date, you can import your exported Enterprise Mode site list using the Enterprise Mode Site List Manager.
+
+**Important**
+Importing your file overwrites everything that’s currently in the tool, so make sure it’s what you really mean to do.
+
+ **To import your compatibility list**
+
+1. On the **File** menu of the Enterprise Mode Site List Manager, click **Import**.
+
+2. Go to your exported .EMIE file (for example, `C:\users\\documents\sites.emie`), and then click **Open**.
+
+3. Review the alert message about all of your entries being overwritten. If you still want to import the file, click **Yes**.
+
+## Related topics
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/index.md b/browsers/internet-explorer/ie11-deploy-guide/index.md
index 6d5935a29b..74f09e116d 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/index.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/index.md
@@ -1,13 +1,14 @@
---
ms.mktglfcycl: deploy
description: Use this guide to learn about the several options and processes you'll need to consider while you're planning for, deploying, and customizing Internet Explorer 11 for your employee's devices.
-author: shortpatti
+author: dansimp
+ms.author: dansimp
ms.prod: ie11
ms.assetid: bddc2d97-c38d-45c5-9588-1f5bbff2e9c3
title: Internet Explorer 11 (IE11) - Deployment Guide for IT Pros (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.localizationpriority: medium
-ms.date: 07/27/2017
+manager: dansimp
---
diff --git a/browsers/internet-explorer/ie11-deploy-guide/install-and-deploy-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/install-and-deploy-ie11.md
index f5e959c3c4..e9fcf44f0e 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/install-and-deploy-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/install-and-deploy-ie11.md
@@ -1,44 +1,45 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Use the topics in this section to learn how to customize your Internet Explorer installation package, how to choose the right method for installation, and how to deploy IE into your environment.
-author: lomayor
-ms.prod: ie11
-ms.assetid: caca18c1-d5c4-4404-84f8-d02bc562915f
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Install and Deploy Internet Explorer 11 (IE11) (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Install and Deploy Internet Explorer 11 (IE11)
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1 Update
-- Windows 7 with Service Pack 1 (SP1)
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Use the topics in this section to learn how to customize your Internet Explorer installation package, how to choose the right method for installation, and how to deploy IE into your environment. You can also find more info about your virtualization options for legacy apps.
-
-## In this section
-
-|Topic |Description |
-|------|------------|
-|[Customize Internet Explorer 11 installation packages](customize-ie11-install-packages.md) |Guidance about how to use .INF files or the IE Administration Kit 11 (IEAK 11) to create custom packages and about how to create those packages for multiple operating systems. |
-|[Choose how to install Internet Explorer 11 (IE11)](choose-how-to-install-ie11.md) |Guidance for the different ways you can install IE, including using System Center 2012 R2 Configuration Manager, Windows Server Update Services (WSUS), Microsoft Intune, your network, the operating system deployment system, or third-party tools. |
-|[Choose how to deploy Internet Explorer 11 (IE11)](choose-how-to-deploy-ie11.md) |Guidance about how to deploy your custom version of IE using Automatic Version Synchronization (AVS) or using your software distribution tools. |
-|[Virtualization and compatibility with Internet Explorer 11](virtualization-and-compatibility-with-ie11.md) |Info about the Microsoft-supported options for virtualizing web apps. |
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Use the topics in this section to learn how to customize your Internet Explorer installation package, how to choose the right method for installation, and how to deploy IE into your environment.
+author: dansimp
+ms.prod: ie11
+ms.assetid: caca18c1-d5c4-4404-84f8-d02bc562915f
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Install and Deploy Internet Explorer 11 (IE11) (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Install and Deploy Internet Explorer 11 (IE11)
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1 Update
+- Windows 7 with Service Pack 1 (SP1)
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Use the topics in this section to learn how to customize your Internet Explorer installation package, how to choose the right method for installation, and how to deploy IE into your environment. You can also find more info about your virtualization options for legacy apps.
+
+## In this section
+
+|Topic |Description |
+|------|------------|
+|[Customize Internet Explorer 11 installation packages](customize-ie11-install-packages.md) |Guidance about how to use .INF files or the IE Administration Kit 11 (IEAK 11) to create custom packages and about how to create those packages for multiple operating systems. |
+|[Choose how to install Internet Explorer 11 (IE11)](choose-how-to-install-ie11.md) |Guidance for the different ways you can install IE, including using System Center 2012 R2 Configuration Manager, Windows Server Update Services (WSUS), Microsoft Intune, your network, the operating system deployment system, or third-party tools. |
+|[Choose how to deploy Internet Explorer 11 (IE11)](choose-how-to-deploy-ie11.md) |Guidance about how to deploy your custom version of IE using Automatic Version Synchronization (AVS) or using your software distribution tools. |
+|[Virtualization and compatibility with Internet Explorer 11](virtualization-and-compatibility-with-ie11.md) |Info about the Microsoft-supported options for virtualizing web apps. |
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-microsoft-intune.md b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-microsoft-intune.md
index 25226f2ad0..7dd92ecc08 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-microsoft-intune.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-microsoft-intune.md
@@ -2,12 +2,12 @@
ms.localizationpriority: medium
ms.mktglfcycl: deploy
description: How to add and deploy the Internet Explorer 11 update using Microsoft Intune.
-author: lomayor
+author: dansimp
ms.prod: ie11
ms.assetid: b2dfc08c-78af-4c22-8867-7be3b92b1616
ms.reviewer:
manager: dansimp
-ms.author: lomayor
+ms.author: dansimp
title: Install Internet Explorer 11 (IE11) using Microsoft Intune (Internet Explorer 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-operating-system-deployment-systems.md b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-operating-system-deployment-systems.md
index 5046293535..5dade69199 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-operating-system-deployment-systems.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-operating-system-deployment-systems.md
@@ -1,59 +1,60 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to install the Internet Explorer 11 update using Microsoft Deployment Toolkit (MDT) and your Windows images.
-author: lomayor
-ms.prod: ie11
-ms.assetid: e16f9144-170c-4964-a62d-0d1a16f4cd1f
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Install Internet Explorer 11 (IE11) using Microsoft Deployment Toolkit (MDT) and your Windows images (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Install Internet Explorer 11 (IE11) using Microsoft Deployment Toolkit (MDT) and your Windows images
-
-You can install Internet Explorer 11 (IE11) using Microsoft Deployment Toolkit (MDT) and your Windows images.
-
-You'll need to extract the .cab file for each supported operating system and platform combination and the .msu file for each prerequisite update. Download the IE11 update and prerequisites here:
-
-- [Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=279697)
-
-- [Microsoft Update Catalog](https://go.microsoft.com/fwlink/p/?LinkId=214287)
-
-After you install the .msu file updates, you'll need to add them to your MDT deployment. You'll also need to extract the IE11 .cab update file from the IE11 installation package, using the `/x` command-line option. For example, `IE11-Windows6.1-x64-en-us.exe /x:c:\ie11cab`.
-
-## Installing IE11 using Microsoft Deployment Toolkit (MDT)
-
-MDT adds IE11 to your Windows images, regardless whether you are creating or deploying a customized or non-customized image. MDT also lets you perform offline servicing during the System Center 2012 R2 Configuration Manager task sequence, letting you add IE11 before starting Windows. For info, see [Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?linkid=331148).
-
- **To add IE11 to a MDT deployment share**
-
-1. Right-click **Packages** from each **Deployment Shares** location, and then click **Import OS Packages**.
-
-2. Go to the **Specify Directory** page, search for your folder with your update files (.cab and .msu) for import, and click **Next**.
-
-3. Go to the **Summary** page and click **Next**.
-MDT starts importing your update files.
**Note**
Ignore any warnings that say, "Skipping invalid CAB file". This shows up because the **Import OS Packages** wizard skips the IE11\_Support.cab file, which isn't an actual update file.
-
-4. After the import finishes, click **Finish**.
-
-### Offline servicing with MDT
-
-You can add the IE11 update while you're performing offline servicing, or slipstreaming, of your Windows images. This method lets you deploy IE11 without needing any additional installation after you've deployed Windows.
-
-These articles have step-by-step details about adding packages to your Windows images:
-
-- For Windows 8.1, see [Add or Remove Packages Offline Using DISM](https://go.microsoft.com/fwlink/p/?LinkId=276791).
-
-- For Windows 7 SP1, see [Add or Remove Packages Offline](https://go.microsoft.com/fwlink/p/?LinkId=214490).
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to install the Internet Explorer 11 update using Microsoft Deployment Toolkit (MDT) and your Windows images.
+author: dansimp
+ms.prod: ie11
+ms.assetid: e16f9144-170c-4964-a62d-0d1a16f4cd1f
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Install Internet Explorer 11 (IE11) using Microsoft Deployment Toolkit (MDT) and your Windows images (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Install Internet Explorer 11 (IE11) using Microsoft Deployment Toolkit (MDT) and your Windows images
+
+You can install Internet Explorer 11 (IE11) using Microsoft Deployment Toolkit (MDT) and your Windows images.
+
+You'll need to extract the .cab file for each supported operating system and platform combination and the .msu file for each prerequisite update. Download the IE11 update and prerequisites here:
+
+- [Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=279697)
+
+- [Microsoft Update Catalog](https://go.microsoft.com/fwlink/p/?LinkId=214287)
+
+After you install the .msu file updates, you'll need to add them to your MDT deployment. You'll also need to extract the IE11 .cab update file from the IE11 installation package, using the `/x` command-line option. For example, `IE11-Windows6.1-x64-en-us.exe /x:c:\ie11cab`.
+
+## Installing IE11 using Microsoft Deployment Toolkit (MDT)
+
+MDT adds IE11 to your Windows images, regardless whether you are creating or deploying a customized or non-customized image. MDT also lets you perform offline servicing during the System Center 2012 R2 Configuration Manager task sequence, letting you add IE11 before starting Windows. For info, see [Microsoft Deployment Toolkit (MDT)](https://go.microsoft.com/fwlink/p/?linkid=331148).
+
+ **To add IE11 to a MDT deployment share**
+
+1. Right-click **Packages** from each **Deployment Shares** location, and then click **Import OS Packages**.
+
+2. Go to the **Specify Directory** page, search for your folder with your update files (.cab and .msu) for import, and click **Next**.
+
+3. Go to the **Summary** page and click **Next**.
+MDT starts importing your update files.
**Note**
Ignore any warnings that say, "Skipping invalid CAB file". This shows up because the **Import OS Packages** wizard skips the IE11\_Support.cab file, which isn't an actual update file.
+
+4. After the import finishes, click **Finish**.
+
+### Offline servicing with MDT
+
+You can add the IE11 update while you're performing offline servicing, or slipstreaming, of your Windows images. This method lets you deploy IE11 without needing any additional installation after you've deployed Windows.
+
+These articles have step-by-step details about adding packages to your Windows images:
+
+- For Windows 8.1, see [Add or Remove Packages Offline Using DISM](https://go.microsoft.com/fwlink/p/?LinkId=276791).
+
+- For Windows 7 SP1, see [Add or Remove Packages Offline](https://go.microsoft.com/fwlink/p/?LinkId=214490).
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-system-center-configuration-manager.md b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-system-center-configuration-manager.md
index 4d91b89af4..2b40174159 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-system-center-configuration-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-system-center-configuration-manager.md
@@ -1,38 +1,39 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: How to install the Internet Explorer 11 update using System Center 2012 R2 Configuration Manager
-author: lomayor
-ms.prod: ie11
-ms.assetid: 9ede9722-29b3-4cb7-956d-ffa91e7bedbd
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Install Internet Explorer 11 (IE11) using System Center 2012 R2 Configuration Manager (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Install Internet Explorer 11 (IE11) using System Center 2012 R2 Configuration Manager
-You can install Internet Explorer 11 (IE11) by using [System Center R2 2012 Configuration Manager](https://go.microsoft.com/fwlink/p/?linkid=276664). Complete these steps for each operating system and platform combination.
-
- **To install IE11**
-
-1. Download and approve the [System requirements and language support for Internet Explorer 11 (IE11)](system-requirements-and-language-support-for-ie11.md).
-
-2. Create a software distribution package that includes the IE11 installation package.
-
-3. Create a program that includes the command-line needed to run the IE11 installation package. To run the package silently, without restarting and without checking the Internet for updates, use:`ie11_package.exe /quiet /norestart /update-no`.
-
-4. Move the installation package to your distribution points, and then advertise the package.
-
-You can also use System Center Essentials 2010 to deploy IE11 installation packages. For info, see [System Center Essentials 2010](https://go.microsoft.com/fwlink/p/?linkid=395200) and the [System Center Essentials 2010 Operations Guide](https://go.microsoft.com/fwlink/p/?LinkId=214266).
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: How to install the Internet Explorer 11 update using System Center 2012 R2 Configuration Manager
+author: dansimp
+ms.prod: ie11
+ms.assetid: 9ede9722-29b3-4cb7-956d-ffa91e7bedbd
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Install Internet Explorer 11 (IE11) using System Center 2012 R2 Configuration Manager (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Install Internet Explorer 11 (IE11) using System Center 2012 R2 Configuration Manager
+You can install Internet Explorer 11 (IE11) by using [System Center R2 2012 Configuration Manager](https://go.microsoft.com/fwlink/p/?linkid=276664). Complete these steps for each operating system and platform combination.
+
+ **To install IE11**
+
+1. Download and approve the [System requirements and language support for Internet Explorer 11 (IE11)](system-requirements-and-language-support-for-ie11.md).
+
+2. Create a software distribution package that includes the IE11 installation package.
+
+3. Create a program that includes the command-line needed to run the IE11 installation package. To run the package silently, without restarting and without checking the Internet for updates, use:`ie11_package.exe /quiet /norestart /update-no`.
+
+4. Move the installation package to your distribution points, and then advertise the package.
+
+You can also use System Center Essentials 2010 to deploy IE11 installation packages. For info, see [System Center Essentials 2010](https://go.microsoft.com/fwlink/p/?linkid=395200) and the [System Center Essentials 2010 Operations Guide](https://go.microsoft.com/fwlink/p/?LinkId=214266).
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-the-network.md b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-the-network.md
index 2dfe51cdf9..9da3cd91fa 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-the-network.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-the-network.md
@@ -1,42 +1,43 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to install the Internet Explorer 11 update using your network
-author: lomayor
-ms.prod: ie11
-ms.assetid: 85f6429d-947a-4031-8f93-e26110a35828
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Install Internet Explorer 11 (IE11) using your network (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Install Internet Explorer 11 (IE11) using your network
-You can install Internet Explorer 11 (IE11) over your network by putting your custom IE11 installation package in a shared network folder and letting your employees run the Setup program on their own computers. You can create the network folder structure manually, or you can run Internet Explorer Administration Kit 11 (IEAK 11).
-
-**Note**
If you support multiple architectures and operating systems, create a subfolder for each combination. If you support multiple languages, create a subfolder for each localized installation file.
-
- **To manually create the folder structure**
-
-- Copy your custom IE11 installation file into a folder on your network, making sure it's available to your employees.
-
- **To create the folder structure using IEAK 11**
-
-- Run the Internet Explorer Customization Wizard 11 in IEAK 11, using the **Full Installation Package** option.
- The wizard automatically puts your custom installation files in your `\\Flat` folder. Where the `` is the location of your other build files.
-
-**Note**
Use the localized versions of the IE Customization Wizard 11 to create localized IE11 installation packages.
-
-## Related topics
-- [Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](../ie11-ieak/index.md)
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to install the Internet Explorer 11 update using your network
+author: dansimp
+ms.prod: ie11
+ms.assetid: 85f6429d-947a-4031-8f93-e26110a35828
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Install Internet Explorer 11 (IE11) using your network (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Install Internet Explorer 11 (IE11) using your network
+You can install Internet Explorer 11 (IE11) over your network by putting your custom IE11 installation package in a shared network folder and letting your employees run the Setup program on their own computers. You can create the network folder structure manually, or you can run Internet Explorer Administration Kit 11 (IEAK 11).
+
+**Note**
If you support multiple architectures and operating systems, create a subfolder for each combination. If you support multiple languages, create a subfolder for each localized installation file.
+
+ **To manually create the folder structure**
+
+- Copy your custom IE11 installation file into a folder on your network, making sure it's available to your employees.
+
+ **To create the folder structure using IEAK 11**
+
+- Run the Internet Explorer Customization Wizard 11 in IEAK 11, using the **Full Installation Package** option.
+ The wizard automatically puts your custom installation files in your `\\Flat` folder. Where the `` is the location of your other build files.
+
+**Note**
Use the localized versions of the IE Customization Wizard 11 to create localized IE11 installation packages.
+
+## Related topics
+- [Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](../ie11-ieak/index.md)
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-third-party-tools.md b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-third-party-tools.md
index 063f5c2aa2..5d230773e3 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-third-party-tools.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-third-party-tools.md
@@ -1,50 +1,51 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to install the Internet Explorer 11 update using third-party tools and command-line options.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 30190c66-49f7-4ca4-8b57-a47656aa0c7e
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Install Internet Explorer 11 (IE11) using third-party tools (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Install Internet Explorer 11 (IE11) using third-party tools
-You can install Internet Explorer 11 (IE11) using third-party electronic software distribution (ESD) systems and these command-line options:
-
-## Setup Modes
-
-|Command-line options |Description |
-|---------------------|------------------------------------------------------|
-|`/passive` |Installs without customer involvement. |
-|`/quiet` |Installs without customer involvement and without showing the UI. |
-
-## Setup Options
-
-|Command-line options |Description |
-|---------------------|------------------------------------------------------|
-|`/update-no` |Installs without checking for updates.**Important**
If you don't use this option, you'll need an Internet connection to finish your installation. |
-|`/no-default` |Installs without making IE11 the default web browser. |
-|`/closeprograms` |Automatically closes running programs. |
-
-
-## Restart Options
-
-|Command-line options |Description |
-|---------------------|------------------------------------------------------|
-|`/norestart` |Installs without restarting the computer. |
-|`/forcerestart` |Installs and restarts after installation. |
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to install the Internet Explorer 11 update using third-party tools and command-line options.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 30190c66-49f7-4ca4-8b57-a47656aa0c7e
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Install Internet Explorer 11 (IE11) using third-party tools (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Install Internet Explorer 11 (IE11) using third-party tools
+You can install Internet Explorer 11 (IE11) using third-party electronic software distribution (ESD) systems and these command-line options:
+
+## Setup Modes
+
+|Command-line options |Description |
+|---------------------|------------------------------------------------------|
+|`/passive` |Installs without customer involvement. |
+|`/quiet` |Installs without customer involvement and without showing the UI. |
+
+## Setup Options
+
+|Command-line options |Description |
+|---------------------|------------------------------------------------------|
+|`/update-no` |Installs without checking for updates.
**Important**
If you don't use this option, you'll need an Internet connection to finish your installation. |
+|`/no-default` |Installs without making IE11 the default web browser. |
+|`/closeprograms` |Automatically closes running programs. |
+
+
+## Restart Options
+
+|Command-line options |Description |
+|---------------------|------------------------------------------------------|
+|`/norestart` |Installs without restarting the computer. |
+|`/forcerestart` |Installs and restarts after installation. |
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-windows-server-update-services-wsus.md b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-windows-server-update-services-wsus.md
index aba6187431..62bfab42b9 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-windows-server-update-services-wsus.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-windows-server-update-services-wsus.md
@@ -1,52 +1,53 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to install the Internet Explorer 11 update using Windows Server Update Services (WSUS)'
-author: lomayor
-ms.prod: ie11
-ms.assetid: 6cbd6797-c670-4236-8423-e0919478f2ce
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Install Internet Explorer 11 (IE11) using Windows Server Update Services (WSUS) (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Install Internet Explorer 11 (IE11) using Windows Server Update Services (WSUS)
-Windows Server Update Services (WSUS) lets you download a single copy of the Microsoft product update and cache it on your local WSUS servers. You can then configure your computers to get the update from your local servers instead of Windows Update. For more information about WSUS, see [Windows Server Update Services](https://go.microsoft.com/fwlink/p/?LinkID=276790).
-
- **To import from Windows Update to WSUS**
-
-1. Open your WSUS admin site. For example, `https:///WSUSAdmin/`.
- Where `` is the name of your WSUS server.
-
-2. Choose the top server node or the **Updates** node, and then click **Import Updates**.
-
-3. To get the updates, install the Microsoft Update Catalog ActiveX control.
-
-4. Search for Internet Explorer 11 and add its contents to your basket.
-
-5. After you're done browsing, go to your basket and click **Import**.
-
- You can also download the updates without importing them by unchecking the **Import directly into Windows Server Update Services** box.
-
- **To approve Internet Explorer in WSUS for installation**
-
-6. Open your WSUS admin site and check the **Review synchronization settings** box from the **To Do** list.
-
-7. Click **Synchronize now** to sync your WSUS server with Windows Update, and then click **Updates** from the navigation bar.
-
-8. Enter **Internet Explorer 11** into the **Search Contains** box, and then click **Apply**.
-
-9. Choose the right version of IE11 for your operating system, and click **Approve for installation**.
-
-10. Click each computer group you want to set up for the WSUS server, picking the right approval level, and then click **OK**.
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to install the Internet Explorer 11 update using Windows Server Update Services (WSUS)'
+author: dansimp
+ms.prod: ie11
+ms.assetid: 6cbd6797-c670-4236-8423-e0919478f2ce
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Install Internet Explorer 11 (IE11) using Windows Server Update Services (WSUS) (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Install Internet Explorer 11 (IE11) using Windows Server Update Services (WSUS)
+Windows Server Update Services (WSUS) lets you download a single copy of the Microsoft product update and cache it on your local WSUS servers. You can then configure your computers to get the update from your local servers instead of Windows Update. For more information about WSUS, see [Windows Server Update Services](https://go.microsoft.com/fwlink/p/?LinkID=276790).
+
+ **To import from Windows Update to WSUS**
+
+1. Open your WSUS admin site. For example, `https:///WSUSAdmin/`.
+ Where `` is the name of your WSUS server.
+
+2. Choose the top server node or the **Updates** node, and then click **Import Updates**.
+
+3. To get the updates, install the Microsoft Update Catalog ActiveX control.
+
+4. Search for Internet Explorer 11 and add its contents to your basket.
+
+5. After you're done browsing, go to your basket and click **Import**.
+
+ You can also download the updates without importing them by unchecking the **Import directly into Windows Server Update Services** box.
+
+ **To approve Internet Explorer in WSUS for installation**
+
+6. Open your WSUS admin site and check the **Review synchronization settings** box from the **To Do** list.
+
+7. Click **Synchronize now** to sync your WSUS server with Windows Update, and then click **Updates** from the navigation bar.
+
+8. Enter **Internet Explorer 11** into the **Search Contains** box, and then click **Apply**.
+
+9. Choose the right version of IE11 for your operating system, and click **Approve for installation**.
+
+10. Click each computer group you want to set up for the WSUS server, picking the right approval level, and then click **OK**.
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/install-problems-with-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/install-problems-with-ie11.md
index 29b3b5ca55..3ebe727aeb 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/install-problems-with-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/install-problems-with-ie11.md
@@ -1,61 +1,62 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to fix potential installation problems with Internet Explorer 11
-author: lomayor
-ms.prod: ie11
-ms.assetid: 3ae77745-86ac-40a9-a37d-eebbf37661a3
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Install problems with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Install problems with Internet Explorer 11
-Most Internet Explorer 11 installations are straightforward and work the way they should. But it's possible that you might have problems.
-
-If you do, you can:
-
-- Check that you meet the minimum operating system requirements and have the prerequisites installed.
-
-- Check that there are no other updates or restarts waiting.
-
-- Temporarily turn off your antispyware and antivirus software.
-
-- Try another IE11 installer. For example from [Windows Update](https://go.microsoft.com/fwlink/p/?LinkId=302315) or from the [Download Internet Explorer 11](https://go.microsoft.com/fwlink/p/?linkid=327753) website.
-
-- Review the `IE11_main.log` file in the `\Windows` folder. This log file has information about each installation and is appended for each subsequent installation.
-
-- Make sure you use the same download server URLs that you entered during the Setup process.
-
-## Internet Explorer didn't finish installing
-If Internet Explorer doesn't finish installing, it might mean that Windows Update wasn't able to install an associated update, that you have a previous, unsupported version of IE installed, or that there's a problem with your copy of IE. We recommend you try this:
-
- **To fix this issue**
-
-1. Uninstall IE:
-
- 1. In the Control Panel, open the **Programs and Features** box, scroll down to IE11, and then click **Uninstall**.
-
- 2. After the uninstall finishes, restart your computer.
-
-2. Run [Windows Update](https://go.microsoft.com/fwlink/p/?LinkId=302315), clicking **Check for updates**.
-
-3. Check the list for IE11. If it's included in the list of updates for download, exclude it before you update your computer.
-If you get an error during the Windows Update process, see [Fix the problem with Microsoft Windows Update that is not working](https://go.microsoft.com/fwlink/p/?LinkId=302316).
-
-4. Restart your computer, making sure all of your the updates are finished.
-
-5. Try to reinstall IE11 from either Windows Update (if you saw it in Step 3) or from the [Download Internet Explorer 11](https://go.microsoft.com/fwlink/p/?linkid=327753) website.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to fix potential installation problems with Internet Explorer 11
+author: dansimp
+ms.prod: ie11
+ms.assetid: 3ae77745-86ac-40a9-a37d-eebbf37661a3
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Install problems with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Install problems with Internet Explorer 11
+Most Internet Explorer 11 installations are straightforward and work the way they should. But it's possible that you might have problems.
+
+If you do, you can:
+
+- Check that you meet the minimum operating system requirements and have the prerequisites installed.
+
+- Check that there are no other updates or restarts waiting.
+
+- Temporarily turn off your antispyware and antivirus software.
+
+- Try another IE11 installer. For example from [Windows Update](https://go.microsoft.com/fwlink/p/?LinkId=302315) or from the [Download Internet Explorer 11](https://go.microsoft.com/fwlink/p/?linkid=327753) website.
+
+- Review the `IE11_main.log` file in the `\Windows` folder. This log file has information about each installation and is appended for each subsequent installation.
+
+- Make sure you use the same download server URLs that you entered during the Setup process.
+
+## Internet Explorer didn't finish installing
+If Internet Explorer doesn't finish installing, it might mean that Windows Update wasn't able to install an associated update, that you have a previous, unsupported version of IE installed, or that there's a problem with your copy of IE. We recommend you try this:
+
+ **To fix this issue**
+
+1. Uninstall IE:
+
+ 1. In the Control Panel, open the **Programs and Features** box, scroll down to IE11, and then click **Uninstall**.
+
+ 2. After the uninstall finishes, restart your computer.
+
+2. Run [Windows Update](https://go.microsoft.com/fwlink/p/?LinkId=302315), clicking **Check for updates**.
+
+3. Check the list for IE11. If it's included in the list of updates for download, exclude it before you update your computer.
+If you get an error during the Windows Update process, see [Fix the problem with Microsoft Windows Update that is not working](https://go.microsoft.com/fwlink/p/?LinkId=302316).
+
+4. Restart your computer, making sure all of your the updates are finished.
+
+5. Try to reinstall IE11 from either Windows Update (if you saw it in Step 3) or from the [Download Internet Explorer 11](https://go.microsoft.com/fwlink/p/?linkid=327753) website.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/intranet-problems-and-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/intranet-problems-and-ie11.md
index cf102f1c8f..16331ab49c 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/intranet-problems-and-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/intranet-problems-and-ie11.md
@@ -1,42 +1,43 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to fix intranet search problems with Internet Explorer 11
-author: lomayor
-ms.prod: ie11
-ms.assetid: 3ee71d93-d9d2-48e1-899e-07932c73faa6
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Fix intranet search problems with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Fix intranet search problems with Internet Explorer 11
-After upgrading to Internet Explorer 11, you might experience search issues while using your intranet site.
-
-## Why is my intranet redirecting me to search results?
-IE11 works differently with search, based on whether your organization is domain-joined.
-
-- **Domain-joined computers.** A single word entry is treated as a search term. However, IE11 also checks for available intranet sites and offers matches through the **Notification bar**. If you select **Yes** from the **Notification bar** to navigate to the intranet site, IE11 associates that word with the site so that the next time you type in the intranet site name, inline auto-complete will resolve to the intranet site address.
-
-- **Non-domain-joined computers.** A single word entry is treated as an intranet site. However, if the term doesn't resolve to a site, IE11 then treats the entry as a search term and opens your default search provider.
-
-To explicitly go to an intranet site, regardless of the environment, users can type either a trailing slash like `contoso/` or the `https://` prefix. Either of these will cause IE11 to treat the entry as an intranet search. You can also change the default behavior so that IE11 treats your single word entry in the address bar as an intranet site, regardless of your environment.
-
- **To enable single-word intranet search**
-
-1. Open Internet Explorer for the desktop, click the **Tools** menu, and then click **Internet Options**.
-
-2. Click **Advanced**, check the **Go to an intranet site for a single word entry in the Address bar** box, and then click **OK**.
-
-If you'd like your entire organization to have single word entries default to an intranet site, you can turn on the **Go to an intranet site for a single word entry in the Address bar** Group Policy. With this policy turned on, a search for `contoso` automatically resolves to `https://contoso`.
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to fix intranet search problems with Internet Explorer 11
+author: dansimp
+ms.prod: ie11
+ms.assetid: 3ee71d93-d9d2-48e1-899e-07932c73faa6
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Fix intranet search problems with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Fix intranet search problems with Internet Explorer 11
+After upgrading to Internet Explorer 11, you might experience search issues while using your intranet site.
+
+## Why is my intranet redirecting me to search results?
+IE11 works differently with search, based on whether your organization is domain-joined.
+
+- **Domain-joined computers.** A single word entry is treated as a search term. However, IE11 also checks for available intranet sites and offers matches through the **Notification bar**. If you select **Yes** from the **Notification bar** to navigate to the intranet site, IE11 associates that word with the site so that the next time you type in the intranet site name, inline auto-complete will resolve to the intranet site address.
+
+- **Non-domain-joined computers.** A single word entry is treated as an intranet site. However, if the term doesn't resolve to a site, IE11 then treats the entry as a search term and opens your default search provider.
+
+To explicitly go to an intranet site, regardless of the environment, users can type either a trailing slash like `contoso/` or the `https://` prefix. Either of these will cause IE11 to treat the entry as an intranet search. You can also change the default behavior so that IE11 treats your single word entry in the address bar as an intranet site, regardless of your environment.
+
+ **To enable single-word intranet search**
+
+1. Open Internet Explorer for the desktop, click the **Tools** menu, and then click **Internet Options**.
+
+2. Click **Advanced**, check the **Go to an intranet site for a single word entry in the Address bar** box, and then click **OK**.
+
+If you'd like your entire organization to have single word entries default to an intranet site, you can turn on the **Go to an intranet site for a single word entry in the Address bar** Group Policy. With this policy turned on, a search for `contoso` automatically resolves to `https://contoso`.
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/manage-ie11-overview.md b/browsers/internet-explorer/ie11-deploy-guide/manage-ie11-overview.md
index a464bbc679..2270749c81 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/manage-ie11-overview.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/manage-ie11-overview.md
@@ -1,42 +1,43 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Use the topics in this section to learn about how to auto detect your settings, auto configure your configuration settings, and auto configure your proxy configuration settings for Internet Explorer.
-author: lomayor
-ms.prod: ie11
-ms.assetid: eb3cce62-fc7b-41e3-97b6-2916b85bcf55
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Manage Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Manage Internet Explorer 11
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Use the topics in this section to learn about how to auto detect your settings, auto configure your configuration settings, and auto configure your proxy configuration settings for Internet Explorer.
-
-## In this section
-
-|Topic |Description |
-|------|------------|
-|[Auto detect settings Internet Explorer 11](auto-detect-settings-for-ie11.md) |Guidance about how to update your automatic detection of DHCP and DNS servers. |
-|[Auto configuration settings for Internet Explorer 11](auto-configuration-settings-for-ie11.md) |Guidance about how to add, update and lock your auto configuration settings. |
-|[Auto proxy configuration settings for Internet Explorer 11](auto-proxy-configuration-settings-for-ie11.md) |Guidance about how to add, update, and lock your auto-proxy settings. |
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Use the topics in this section to learn about how to auto detect your settings, auto configure your configuration settings, and auto configure your proxy configuration settings for Internet Explorer.
+author: dansimp
+ms.prod: ie11
+ms.assetid: eb3cce62-fc7b-41e3-97b6-2916b85bcf55
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Manage Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Manage Internet Explorer 11
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Use the topics in this section to learn about how to auto detect your settings, auto configure your configuration settings, and auto configure your proxy configuration settings for Internet Explorer.
+
+## In this section
+
+|Topic |Description |
+|------|------------|
+|[Auto detect settings Internet Explorer 11](auto-detect-settings-for-ie11.md) |Guidance about how to update your automatic detection of DHCP and DNS servers. |
+|[Auto configuration settings for Internet Explorer 11](auto-configuration-settings-for-ie11.md) |Guidance about how to add, update and lock your auto configuration settings. |
+|[Auto proxy configuration settings for Internet Explorer 11](auto-proxy-configuration-settings-for-ie11.md) |Guidance about how to add, update, and lock your auto-proxy settings. |
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/missing-internet-explorer-maintenance-settings-for-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/missing-internet-explorer-maintenance-settings-for-ie11.md
index 6c19898cf3..c0087953b7 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/missing-internet-explorer-maintenance-settings-for-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/missing-internet-explorer-maintenance-settings-for-ie11.md
@@ -1,98 +1,99 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: support
-description: IEM-configured settings have been deprecated for Internet Explorer 10 and newer. Use this topic to learn where to go to fix the affected settings through Group Policy Preferences, Administrative Templates (.admx), or the IEAK.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 89084e01-4e3f-46a6-b90e-48ee58d6821c
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Missing Internet Explorer Maintenance settings for Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Missing Internet Explorer Maintenance settings for Internet Explorer 11
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-The Internet Explorer Maintenance (IEM) settings have been deprecated in favor of Group Policy Preferences, Administrative Templates (.admx), and the IE Administration Kit 11 (IEAK 11).
-
-Because of this change, your IEM-configured settings will no longer work on computers running Internet Explorer 10 or newer. To fix this, you need to update the affected settings using Group Policy Preferences, Administrative Templates (.admx), or IE Administration Kit 11 (IEAK 11).
-
-Because Group Policy Preferences and IEAK 11 run using asynchronous processes, you should choose to use only one of the tools within each group of settings. For example, using only IEAK 11 in the **Security** settings or Group Policy Preferences within the **Internet Zone** settings. Also, it's important to remember that policy is enforced and can't be changed by the user, while preferences are configured, but can be changed by the user.
-
-For more information about all of the new options and Group Policy, see:
-
-- [Group policy preferences and Internet Explorer 11](group-policy-preferences-and-ie11.md)
-
-- [Administrative templates and Internet Explorer 11](administrative-templates-and-ie11.md)
-
-- [Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](../ie11-ieak/index.md)
-
-- [Group Policy Settings Reference for Windows and Windows Server](https://go.microsoft.com/fwlink/p/?LinkId=279876)
-
-- [Group Policy ADMX Syntax Reference Guide](https://go.microsoft.com/fwlink/p/?LinkId=276830)
-
-- [Enable and Disable Settings in a Preference Item](https://go.microsoft.com/fwlink/p/?LinkId=282671)
-
-## IEM replacements
-The IEM settings have replacements you can use in either Group Policy Preferences or IEAK 11.
-
-### Browser user interface replacements
-
-|IEM setting |Description |Replacement tool |
-|------------|------------|-----------------|
-|Browser title |Lets you customize the text that shows up in the title bar of the browser.|On the **Browser User Interface** page of IEAK 11, click **Customize Title Bars**, and then type the text that appears on the title bar of the **Title Bar Text** box.
Your text is appended to the text," Microsoft Internet Explorer provided by". |
-|Browser toolbar customizations (background and buttons) |Lets you customize the buttons on the browser toolbar.
- **Buttons.** Customizes the buttons on the Internet Explorer 11 toolbar.
- **Background.** No longer available.
|On the **Browser User Interface** page of IEAK 11, click **Add**, type your new toolbar caption, action, and icon, and if the button should appear by default, and then click **OK**. You can also edit, remove, or delete an existing toolbar button from this page. |
-|Custom logo and animated bitmaps |Lets you replace the static and animated logos in the upper-right corner of the IE window with customized logos. |This setting isn't available anymore. |
-
-
-### Connection replacements
-
-|IEM setting |Description |Replacement tool |
-|------------|------------|-----------------|
-|Connection settings|Lets you import your connection settings from a previously set up computer. These settings define how your employees interact with the connection settings on the **System Polices and Restrictions** page. You can also remove old dial-up connections settings from your employee's computers.|In the **Internet Settings Group Policy Preferences** dialog box, click the **Connections** tab, and set up your proxy settings.-OR-
On the **Connection Settings** page of IEAK 11, change your connection settings, including importing your current connection settings and deleting existing dial-up connection settings (as needed). |
-|Automatic browser configuration |Lets you update your employee's computer after you've deployed IE11, by specifying a URL to an .ins file, an auto-proxy URL, or both. You can decide when the update occurs, in minutes. Typing zero, or not putting in any number, means that automatic configuration only happens after the browser is started and used to go to a page. |In the **Internet Settings Group Policy Preferences** dialog box, click the **Automatic Configuration** tab, and then add your URL.
On the **Automatic Configuration** page of IEAK 11, modify the configuration settings, including providing the URL to an .ins file or an auto-proxy site. |
-|Proxy settings |Lets you specify your proxy servers. |In the **Internet Settings Group Policy Preferences** dialog box, click the **Connections** tab, click **LAN Settings**, and then choose whether to turn on automatic detection of your configuration settings and if you want to use proxy servers.
-OR-
On the **Proxy Settings** page of IEAK 11, turn on your proxy settings, adding your proxy server addresses and exceptions. |
-|User Agent string |Lets the browser provide identification to visited servers. This string is often used to keep Internet traffic statistics. |This setting isn't available anymore. |
-
-### URLs replacements
-
-|IEM setting |Description |Replacement tool |
-|------------|------------|-----------------|
-|Favorites and links |Lets you use custom URLs for the **Favorites** and **Links** folders. You can also specify the folder order, disable IE Suggested Sites, and import an existing folder structure. |On the **Favorites, Favorites Bar and Feeds** page of IEAK 11, add your custom URLs to the **Favorites**, **Favorites Bar**, or **RSS Feeds** folders, or create new folders.
You can also edit, test, or remove your URLs, sort the list order, or disable IE Suggested Sites. |
-|Important URLs |Lets you add custom **Home** pages that can open different tabs. You can also add a **Support** page that shows up when an employee clicks online Help.|In the **Internet Settings Group Policy Preferences** dialog box, click the **General** tab, and add your custom **Home** page.
On the **Important URLs - Home page and Support** page of IEAK 11, add the custom URLs to your **Home** and **Support** pages.
You can also click to retain the previous home page information when the user upgrades to a newer version of IE. |
-
-### Security Zones and Content Ratings
-
-|IEM setting |Description |Replacement tool |
-|------------|------------|-----------------|
-|Security zones |Lets you change your security settings, by zone |In the **Internet Settings Group Policy Preferences** dialog box, click the **Security** tab, and update your security settings, based on zone.
-OR-
On the **Security and Privacy Settings** page of IEAK 11, choose your **Security Zones and Privacy** setting, changing it, as necessary. |
-|Content ratings |Lets you change your content ratings so your employees can't view sites with risky content. |On the **Security and Privacy Settings** page of IEAK 11, choose your **Content Ratings** setting, changing it, as necessary. |
-|Authenticode settings |Lets you pick your trustworthy software publishers and stop your employees from adding new, untrusted publishers while browsing. |These settings aren't available anymore. |
-
-### Programs
-
-|IEM setting |Description |Replacement tool |
-|------------|------------|-----------------|
-|Programs |Lets you import your default program settings, which specify the programs Windows uses for each Internet service. |In the **Internet Settings Group Policy Preferences** dialog box, click the **Programs** tab, and choose how to open IE11 links.
-OR-
On the **Programs** page of IEAK 11, choose whether to customize or import your program settings. |
-
-#### Advanced IEM settings
-The Advanced IEM settings, including Corporate and Internet settings, were also deprecated. However, they also have replacements you can use in either Group Policy Preferences or IEAK 11.
-
-**Note**
Advanced IEM Settings were shown under **Programs** and only available when running in **Preference** mode.
-
-|IEM setting |Description |Replacement tool |
-|------------|------------|-----------------|
-|Corporate settings |Specifies the location of the file with the settings you use to make IE work best in your organization. |On the Additional Settings page of IEAK 11, expand Corporate Settings, and then customize how your organization handles temporary Internet files, code downloads, menu items, and toolbar buttons. |
-|Internet settings |Specifies the location of the file that includes your default IE settings. |In the Internet Settings Group Policy Preferences dialog box, click the Advanced tab, and then update your Internet-related settings, as required
-OR-
On the Additional Settings page of IEAK 11, expand Internet Settings, and then customize your default values in the Internet Options dialog box. |
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: support
+description: IEM-configured settings have been deprecated for Internet Explorer 10 and newer. Use this topic to learn where to go to fix the affected settings through Group Policy Preferences, Administrative Templates (.admx), or the IEAK.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 89084e01-4e3f-46a6-b90e-48ee58d6821c
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Missing Internet Explorer Maintenance settings for Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Missing Internet Explorer Maintenance settings for Internet Explorer 11
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+The Internet Explorer Maintenance (IEM) settings have been deprecated in favor of Group Policy Preferences, Administrative Templates (.admx), and the IE Administration Kit 11 (IEAK 11).
+
+Because of this change, your IEM-configured settings will no longer work on computers running Internet Explorer 10 or newer. To fix this, you need to update the affected settings using Group Policy Preferences, Administrative Templates (.admx), or IE Administration Kit 11 (IEAK 11).
+
+Because Group Policy Preferences and IEAK 11 run using asynchronous processes, you should choose to use only one of the tools within each group of settings. For example, using only IEAK 11 in the **Security** settings or Group Policy Preferences within the **Internet Zone** settings. Also, it's important to remember that policy is enforced and can't be changed by the user, while preferences are configured, but can be changed by the user.
+
+For more information about all of the new options and Group Policy, see:
+
+- [Group policy preferences and Internet Explorer 11](group-policy-preferences-and-ie11.md)
+
+- [Administrative templates and Internet Explorer 11](administrative-templates-and-ie11.md)
+
+- [Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](../ie11-ieak/index.md)
+
+- [Group Policy Settings Reference for Windows and Windows Server](https://go.microsoft.com/fwlink/p/?LinkId=279876)
+
+- [Group Policy ADMX Syntax Reference Guide](https://go.microsoft.com/fwlink/p/?LinkId=276830)
+
+- [Enable and Disable Settings in a Preference Item](https://go.microsoft.com/fwlink/p/?LinkId=282671)
+
+## IEM replacements
+The IEM settings have replacements you can use in either Group Policy Preferences or IEAK 11.
+
+### Browser user interface replacements
+
+|IEM setting |Description |Replacement tool |
+|------------|------------|-----------------|
+|Browser title |Lets you customize the text that shows up in the title bar of the browser.|On the **Browser User Interface** page of IEAK 11, click **Customize Title Bars**, and then type the text that appears on the title bar of the **Title Bar Text** box.
Your text is appended to the text," Microsoft Internet Explorer provided by". |
+|Browser toolbar customizations (background and buttons) |Lets you customize the buttons on the browser toolbar.
- **Buttons.** Customizes the buttons on the Internet Explorer 11 toolbar.
- **Background.** No longer available.
|On the **Browser User Interface** page of IEAK 11, click **Add**, type your new toolbar caption, action, and icon, and if the button should appear by default, and then click **OK**. You can also edit, remove, or delete an existing toolbar button from this page. |
+|Custom logo and animated bitmaps |Lets you replace the static and animated logos in the upper-right corner of the IE window with customized logos. |This setting isn't available anymore. |
+
+
+### Connection replacements
+
+|IEM setting |Description |Replacement tool |
+|------------|------------|-----------------|
+|Connection settings|Lets you import your connection settings from a previously set up computer. These settings define how your employees interact with the connection settings on the **System Polices and Restrictions** page. You can also remove old dial-up connections settings from your employee's computers.|In the **Internet Settings Group Policy Preferences** dialog box, click the **Connections** tab, and set up your proxy settings.-OR-
On the **Connection Settings** page of IEAK 11, change your connection settings, including importing your current connection settings and deleting existing dial-up connection settings (as needed). |
+|Automatic browser configuration |Lets you update your employee's computer after you've deployed IE11, by specifying a URL to an .ins file, an auto-proxy URL, or both. You can decide when the update occurs, in minutes. Typing zero, or not putting in any number, means that automatic configuration only happens after the browser is started and used to go to a page. |In the **Internet Settings Group Policy Preferences** dialog box, click the **Automatic Configuration** tab, and then add your URL.
On the **Automatic Configuration** page of IEAK 11, modify the configuration settings, including providing the URL to an .ins file or an auto-proxy site. |
+|Proxy settings |Lets you specify your proxy servers. |In the **Internet Settings Group Policy Preferences** dialog box, click the **Connections** tab, click **LAN Settings**, and then choose whether to turn on automatic detection of your configuration settings and if you want to use proxy servers.
-OR-
On the **Proxy Settings** page of IEAK 11, turn on your proxy settings, adding your proxy server addresses and exceptions. |
+|User Agent string |Lets the browser provide identification to visited servers. This string is often used to keep Internet traffic statistics. |This setting isn't available anymore. |
+
+### URLs replacements
+
+|IEM setting |Description |Replacement tool |
+|------------|------------|-----------------|
+|Favorites and links |Lets you use custom URLs for the **Favorites** and **Links** folders. You can also specify the folder order, disable IE Suggested Sites, and import an existing folder structure. |On the **Favorites, Favorites Bar and Feeds** page of IEAK 11, add your custom URLs to the **Favorites**, **Favorites Bar**, or **RSS Feeds** folders, or create new folders.
You can also edit, test, or remove your URLs, sort the list order, or disable IE Suggested Sites. |
+|Important URLs |Lets you add custom **Home** pages that can open different tabs. You can also add a **Support** page that shows up when an employee clicks online Help.|In the **Internet Settings Group Policy Preferences** dialog box, click the **General** tab, and add your custom **Home** page.
On the **Important URLs - Home page and Support** page of IEAK 11, add the custom URLs to your **Home** and **Support** pages.
You can also click to retain the previous home page information when the user upgrades to a newer version of IE. |
+
+### Security Zones and Content Ratings
+
+|IEM setting |Description |Replacement tool |
+|------------|------------|-----------------|
+|Security zones |Lets you change your security settings, by zone |In the **Internet Settings Group Policy Preferences** dialog box, click the **Security** tab, and update your security settings, based on zone.
-OR-
On the **Security and Privacy Settings** page of IEAK 11, choose your **Security Zones and Privacy** setting, changing it, as necessary. |
+|Content ratings |Lets you change your content ratings so your employees can't view sites with risky content. |On the **Security and Privacy Settings** page of IEAK 11, choose your **Content Ratings** setting, changing it, as necessary. |
+|Authenticode settings |Lets you pick your trustworthy software publishers and stop your employees from adding new, untrusted publishers while browsing. |These settings aren't available anymore. |
+
+### Programs
+
+|IEM setting |Description |Replacement tool |
+|------------|------------|-----------------|
+|Programs |Lets you import your default program settings, which specify the programs Windows uses for each Internet service. |In the **Internet Settings Group Policy Preferences** dialog box, click the **Programs** tab, and choose how to open IE11 links.
-OR-
On the **Programs** page of IEAK 11, choose whether to customize or import your program settings. |
+
+#### Advanced IEM settings
+The Advanced IEM settings, including Corporate and Internet settings, were also deprecated. However, they also have replacements you can use in either Group Policy Preferences or IEAK 11.
+
+**Note**
Advanced IEM Settings were shown under **Programs** and only available when running in **Preference** mode.
+
+|IEM setting |Description |Replacement tool |
+|------------|------------|-----------------|
+|Corporate settings |Specifies the location of the file with the settings you use to make IE work best in your organization. |On the Additional Settings page of IEAK 11, expand Corporate Settings, and then customize how your organization handles temporary Internet files, code downloads, menu items, and toolbar buttons. |
+|Internet settings |Specifies the location of the file that includes your default IE settings. |In the Internet Settings Group Policy Preferences dialog box, click the Advanced tab, and then update your Internet-related settings, as required
-OR-
On the Additional Settings page of IEAK 11, expand Internet Settings, and then customize your default values in the Internet Options dialog box. |
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/missing-the-compatibility-view-button.md b/browsers/internet-explorer/ie11-deploy-guide/missing-the-compatibility-view-button.md
index ea68f25a40..fbc40cbf73 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/missing-the-compatibility-view-button.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/missing-the-compatibility-view-button.md
@@ -1,53 +1,54 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: support
-description: Internet Explorer 11 uses the latest standards mode, which simplifies web page compatibility for users by removing the **Compatibility View** button and reducing the number of compatibility options in the F12 developer tools for developers.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 501c96c9-9f03-4913-9f4b-f67bd9edbb61
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Missing the Compatibility View Button (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Missing the Compatibility View Button
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Compatibility View was introduced in Windows Internet Explorer 8 to help existing content continue to work with Windows Internet Explorer 7, while developers updated their content to support modern interoperable web standards. Since then, the Internet Explorer web platform, and the web itself, have changed so that most public web content looks for standards-based features instead of IE 7-compatible behavior.
-
-Thanks to these changes, using Internet Explorer 11 in the latest standards mode is more compatible with the web than ever before. As a result, IE11 simplifies web page compatibility for users by removing the **Compatibility View** button and reducing the number of compatibility options in the F12 developer tools for developers.
-
-## What happened to the Compatibility View button?
-In previous versions of IE, the **Compatibility View** button would attempt to fix a broken standards-based website, by getting the page to appear like it did in Internet Explorer 7. Today however, more standards-based websites are broken by attempting to appear like they did in Internet Explorer 7. So instead of implementing and using Compatibility View, developers are updating their server configuration to add X-UA-Compatible meta tags, which forces the content to the “edge”, making the **Compatibility View** button disappear. In support of these changes, the Compatibility View button has been completely removed for IE11.
-
-## What if I still need Compatibility View?
-There might be extenuating circumstances in your company, which require you to continue to use Compatibility View. In this situation, this process should be viewed strictly as a workaround. You should work with the website vendor to make sure that the affected pages are updated to match the latest web standards. The functionality described here is currently deprecated and will be removed at a time in the future.
-
-**Important**
This functionality is only available in Internet Explorer for the desktop.
-
- **To change your Compatibility View settings**
-
-1. Open Internet Explorer for the desktop, click **Tools**, and then click **Compatibility View settings**.
-
-2. In the **Compatibility View Settings** box, add the problematic website URL, and then click **Add**.
-Compatibility View is turned on for this single website, for this specific computer.
-
-3. Decide if you want your intranet sites displayed using Compatibility View, decide whether to use Microsoft compatibility lists, and then click **Close**.
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: support
+description: Internet Explorer 11 uses the latest standards mode, which simplifies web page compatibility for users by removing the **Compatibility View** button and reducing the number of compatibility options in the F12 developer tools for developers.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 501c96c9-9f03-4913-9f4b-f67bd9edbb61
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Missing the Compatibility View Button (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Missing the Compatibility View Button
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Compatibility View was introduced in Windows Internet Explorer 8 to help existing content continue to work with Windows Internet Explorer 7, while developers updated their content to support modern interoperable web standards. Since then, the Internet Explorer web platform, and the web itself, have changed so that most public web content looks for standards-based features instead of IE 7-compatible behavior.
+
+Thanks to these changes, using Internet Explorer 11 in the latest standards mode is more compatible with the web than ever before. As a result, IE11 simplifies web page compatibility for users by removing the **Compatibility View** button and reducing the number of compatibility options in the F12 developer tools for developers.
+
+## What happened to the Compatibility View button?
+In previous versions of IE, the **Compatibility View** button would attempt to fix a broken standards-based website, by getting the page to appear like it did in Internet Explorer 7. Today however, more standards-based websites are broken by attempting to appear like they did in Internet Explorer 7. So instead of implementing and using Compatibility View, developers are updating their server configuration to add X-UA-Compatible meta tags, which forces the content to the “edge”, making the **Compatibility View** button disappear. In support of these changes, the Compatibility View button has been completely removed for IE11.
+
+## What if I still need Compatibility View?
+There might be extenuating circumstances in your company, which require you to continue to use Compatibility View. In this situation, this process should be viewed strictly as a workaround. You should work with the website vendor to make sure that the affected pages are updated to match the latest web standards. The functionality described here is currently deprecated and will be removed at a time in the future.
+
+**Important**
This functionality is only available in Internet Explorer for the desktop.
+
+ **To change your Compatibility View settings**
+
+1. Open Internet Explorer for the desktop, click **Tools**, and then click **Compatibility View settings**.
+
+2. In the **Compatibility View Settings** box, add the problematic website URL, and then click **Add**.
+Compatibility View is turned on for this single website, for this specific computer.
+
+3. Decide if you want your intranet sites displayed using Compatibility View, decide whether to use Microsoft compatibility lists, and then click **Close**.
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/net-framework-problems-with-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/net-framework-problems-with-ie11.md
index df476d43ad..3e564954a6 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/net-framework-problems-with-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/net-framework-problems-with-ie11.md
@@ -1,33 +1,34 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: support
-description: How to turn managed browser hosting controls back on in Internet Explorer 11.
-author: lomayor
-ms.prod: ie11
-ms.assetid: b0b7f60f-9099-45ab-84f4-4ac64d7bcb43
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: .NET Framework problems with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# .NET Framework problems with Internet Explorer 11
-If you’re having problems launching your legacy apps while running Internet Explorer 11, it’s most likely because Internet Explorer no longer starts apps that use managed browser hosting controls, like in .NET Framework 1.1 and 2.0.
-
- **To turn managed browser hosting controls back on**
-
-1. **For x86 systems or for 64-bit processes on x64 systems:** Go to the `HKLM\SOFTWARE\MICROSOFT\.NETFramework` registry key and change the **EnableIEHosting** value to **1**.
-
-2. **For 32-bit processes on x64 systems:** Go to the `HKLM\SOFTWARE\Wow6432Node\MICROSOFT\.NETFramework` registry key and change the **EnableIEHosting** value to **1**.
-
-For more information, see the [Web Applications](https://go.microsoft.com/fwlink/p/?LinkId=308903) section of the Application Compatibility in the .NET Framework 4.5 page.
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: support
+description: How to turn managed browser hosting controls back on in Internet Explorer 11.
+author: dansimp
+ms.prod: ie11
+ms.assetid: b0b7f60f-9099-45ab-84f4-4ac64d7bcb43
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: .NET Framework problems with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# .NET Framework problems with Internet Explorer 11
+If you’re having problems launching your legacy apps while running Internet Explorer 11, it’s most likely because Internet Explorer no longer starts apps that use managed browser hosting controls, like in .NET Framework 1.1 and 2.0.
+
+ **To turn managed browser hosting controls back on**
+
+1. **For x86 systems or for 64-bit processes on x64 systems:** Go to the `HKLM\SOFTWARE\MICROSOFT\.NETFramework` registry key and change the **EnableIEHosting** value to **1**.
+
+2. **For 32-bit processes on x64 systems:** Go to the `HKLM\SOFTWARE\Wow6432Node\MICROSOFT\.NETFramework` registry key and change the **EnableIEHosting** value to **1**.
+
+For more information, see the [Web Applications](https://go.microsoft.com/fwlink/p/?LinkId=308903) section of the Application Compatibility in the .NET Framework 4.5 page.
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md
index c1cd3ac8b3..bf70df22fd 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md
@@ -1,74 +1,75 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: New group policy settings for Internet Explorer 11
-author: lomayor
-ms.prod: ie11
-ms.assetid: 669cc1a6-e2cb-403f-aa31-c1de52a615d1
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: New group policy settings for Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# New group policy settings for Internet Explorer 11
-Internet Explorer 11 gives you some new Group Policy settings to help you manage your company's web browser configurations, including:
-
-
-| Policy | Category Path | Supported on | Explanation |
-|-----------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Allow IE to use the HTTP2 network protocol | Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | IE11 on Windows 10 | This policy setting determines whether IE uses the HTTP2 network protocol. HTTP2 works with HTTP requests to optimize the latency of network requests through compression, multiplexing, and prioritization.
If you enable this policy setting, IE uses the HTTP2 network protocol.
If you disable this policy setting, IE won't use the HTTP2 network protocol.
If you don't configure this policy setting, users can turn this behavior on or off, using the **Internet Explorer Advanced Internet Options** settings. The default is on. |
-| Allow IE to use the SPDY/3 network protocol | Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | IE11 on Windows 10 | This policy setting determines whether Internet Explorer uses the SPDY/3 network protocol. SPDY/3 works with HTTP requests to optimize the latency of network requests through compression, multiplexing and prioritization.
If you enable this policy setting, Internet Explorer uses the SPDY/3 network protocol.
If you disable this policy setting, Internet Explorer won't use the SPDY/3 network protocol.
If you don't configure this policy setting, users can turn this behavior on or off, on the **Advanced\* tab of the \*\*Internet Options** dialog box. The default is on.
**Note**
We've replaced the SPDY/3 protocol with the HTTP2 protocol in Windows 10. You can configure the HTTP2 protocol by using the **Allow IE to use the HTTP2 network protocol** setting. |
-| Allow Microsoft services to provide enhanced suggestions as the user types in the Address bar | Administrative Templates\Windows Components\Internet Explorer | IE11 on Windows 10 | This policy setting allows IE to provide enhanced suggestions as the user types in the Address bar. To provide enhanced suggestions, the user’s keystrokes are sent to Microsoft through Microsoft services.
If you enable this policy setting, users receive enhanced suggestions while typing in the Address bar. In addition, users won’t be able to change the **Suggestions** setting on the **Settings** charm.
If you disable this policy setting, users won’t receive enhanced suggestions while typing in the Address bar. In addition, users won’t be able to change the **Suggestions** setting on the **Settings** charm.
If you don’t configure this policy setting, users can change the **Suggestions** setting on the **Settings** charm. |
-| Allow only approved domains to use the TDC ActiveX control |
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone
| IE11 in Windows 10 | This policy setting determines whether users can run the Tabular Data Control (TDC) ActiveX control, based on security zone. By default, the TDC ActiveX Control is disabled in the **Internet** and **Restricted Sites** security zones.If you enable this policy setting, users won’t be able to run the TDC ActiveX control from all sites in the specified zone.
If you disable this policy setting, users can run the TDC Active X control from all sites in the specified zone. |
-| Allow SSL3 Fallback | Administrative Templates\Windows Components\Internet Explorer\Security Features | Internet Explorer 11 on Windows 10 | This policy setting allows you to stop websites from falling back to using Secure Socket Layer (SSL) 3.0 or lower, if Transport Layer Security (TLS) 1.0 or higher, fails. This setting doesn’t affect which security protocols are enabled.
If you enable this policy setting and a website fails while using the TLS 1.0 or higher security protocols, Internet Explorer will try to fallback and use SSL 3.0 or lower security protocols.
If you disable or don’t configure this setting, Internet Explorer uses the default system protocols.
**Important:**
By default, SSL 3.0 is disabled. If you choose to enable SSL 3.0, we recommend that you disable or don't configure this setting to help mitigate potential man-in-the-middle attacks. |
-| Allow VBScript to run in Internet Explorer |
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Internet Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Intranet Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Local Machine Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Locked-Down Internet Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Locked-Down Intranet Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Locked-Down Local Machine Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Locked-Down Restricted Sites Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Locked-Down Trusted Sites Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Restricted Sites Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Trusted Sites Zone
| Internet Explorer 11 | This policy setting lets you decide whether VBScript can run on pages in specific Internet Explorer zones.If you enable this policy setting (default), you must also pick one of the following options from the Options box:
- Enable. VBScript runs on pages in specific zones, without any interaction.
- Prompt. Employees are prompted whether to allow VBScript to run in the zone.
- Disable. VBScript is prevented from running in the zone.
If you disable or don’t configure this policy setting, VBScript runs without any interaction in the specified zone. |
-| Always send Do Not Track header | Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | At least Internet Explorer 10 | This policy setting allows you to configure how IE sends the Do Not Track (DNT) header.
If you enable this policy setting, IE sends a `DNT:1` header with all HTTP and HTTPS requests. The `DNT:1` header signals to the servers not to track the user.
**In Internet Explorer 9 and 10:**
If you disable this policy setting, IE only sends the Do Not Track header if a Tracking Protection List is enabled or inPrivate Browsing mode is used.
**In at least IE11:**
If you disable this policy setting, IE only sends the Do Not Track header if inPrivate Browsing mode is used.
If you don't configure the policy setting, users can select the **Always send Do Not Track header** option on the **Advanced\* tab of the \*\*Internet Options** dialog box. By selecting this option, IE sends a `DNT:1` header with all HTTP and HTTPS requests; unless the user grants a site-specific exception, in which case IE sends a `DNT:0` header. By default, this option is enabled. |
-| Don't run antimalware programs against ActiveX controls
(Internet, Restricted Zones) |
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone
| IE11 on Windows 10 | This policy setting determines whether IE runs antimalware programs against ActiveX controls, to check if they're safe to load on pages.If you enable this policy setting, IE won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control.
If you disable this policy setting, IE always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control.
If you don't configure this policy setting, IE always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using the Internet Explorer's **Security** settings. |
-| Don't run antimalware programs against ActiveX controls
(Intranet, Trusted, Local Machine Zones) |
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone
| IE11 on Windows 10 | This policy setting determines whether IE runs antimalware programs against ActiveX controls, to check if they're safe to load on pages.If you enable this policy setting, IE won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control.
If you disable this policy setting, IE always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control.
If you don't configure this policy setting, IE won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using Internet Explorer's **Security** settings. |
-| Hide the button (next to the New Tab button) that opens Microsoft Edge | User Configuration\Administrative Templates\Windows Components/Internet Explorer\Internet Settings\Advanced Settings\Browsing\ | IE11 on Windows 10, version 1703 | This policy setting lets you decide whether employees can see the open Microsoft Edge button, which appears next to the New Tab button.
If you enable this policy setting, the button to open Microsoft Edge from Internet Explorer will be hidden.
If you disable this policy setting, the button to open Microsoft Edge from Internet Explorer appears.
If you don't configure this policy setting, the button to open Microsoft Edge from Internet Explorer can be configured by your employees. |
-| Let users turn on and use Enterprise Mode from the **Tools** menu | Administrative Templates\Windows Components\Internet Explorer | IE11 on Windows 10 | This policy setting lets you decide whether users can turn on Enterprise Mode for websites with compatibility issues. Optionally, this policy also lets you specify where to get reports (through post messages) about the websites for which users turn on Enterprise Mode using the **Tools** menu.
If you enable this policy setting, users can see and use the **Enterprise Mode** option from the **Tools** menu. If you enable this setting, but don’t specify a report location, Enterprise Mode will still be available to your users, but you won’t get any reports.
If you disable or don’t configure this policy setting, the menu option won’t appear and users won’t be able to turn on Enterprise Mode locally. |
-| Limit Site Discovery output by Domain | Administrative Templates\Windows Components\Internet Explorer | At least Internet Explorer 8 | This policy setting allows you to control which domains are included in the discovery function of the Internet Explorer Site Discovery Toolkit.
If you enable this policy setting, the Internet Explorer Site Discovery Toolkit collects data from all sites in your specified domains, configured by adding one domain per line to the included text box.
If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit collects data from all sites in all domains.
**Note:**
You can use this setting in conjunction with the other settings that control the Internet Explorer Site Discovery Toolkit. |
-| Limit Site Discovery output by Zone | Administrative Templates\Windows Components\Internet Explorer | At least Internet Explorer 8 | This policy setting allows you to control which zones are included in the discovery function of the Internet Explorer Site Discovery Toolkit.
If you enable this policy setting, the Internet Explorer Site Discovery Toolkit collects data from all specified security zones.
If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit collects data from all sites in all security zones.
To specify which zones can collect data, you must include a binary number that represents your selected zones, based on this order:
- 0 – Restricted Sites zone
- 0 – Internet zone
- 0 – Trusted Sites zone
- 0 – Local Intranet zone
- 0 – Local Machine zone
**Example 1:** Include only the Local Intranet zone (binary representation: 00010), based on:
- 0 – Restricted Sites zone
- 0 – Internet zone
- 0 – Trusted Sites zone
- 1 – Local Intranet zone
- 0 – Local Machine zone
**Example 2:** Include only the Restricted Sites, Trusted Sites, and Local Intranet zones (binary representation: 10110), based on:
- 1 – Restricted Sites zone
- 0 – Internet zone
- 1 – Trusted Sites zone
- 1 – Local Intranet zone
- 1 – Local Machine zone
**Note:**
You can use this setting in conjunction with the other settings that control the Internet Explorer Site Discovery Toolkit. |
-| Prevent deleting ActiveX Filtering, Tracking Protection and Do Not Track data | Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History | At least Windows Internet Explorer 9 | **In Internet Explorer 9 and Internet Explorer 10:**
This policy setting prevents users from deleting ActiveX Filtering and Tracking Protection data, which includes the list of websites for which the user has chosen to disable ActiveX Filtering or Tracking Protection. In addition, Tracking Protection data is also collected if users turn on the **Personalized Tracking Protection List**, which blocks third-party items while the user is browsing.
**In IE11:**
This policy setting prevents users from deleting ActiveX Filtering, Tracking Protection data, and Do Not Track exceptions, stored in the **Delete Browsing History** dialog box, for visited websites.
If you enable this policy setting, ActiveX Filtering, Tracking Protection and Do Not Track data is preserved when the user clicks **Delete**.
If you disable this policy setting, ActiveX Filtering, Tracking Protection and Do Not Track data is deleted when the user clicks **Delete**.
If you don’t configure this policy setting, users can turn this feature on and off, determining whether to delete ActiveX Filtering, Tracking Protection, and Do Not Track data when clicking **Delete**. |
-| Send all sites not included in the Enterprise Mode Site List to Microsoft Edge | Administrative Templates\Windows Components\Internet Explorer | IE11 on Windows 10, version 1607 | This policy setting lets you decide whether to open all sites that aren’t specified to open in IE11 by the Enterprise Mode site list, to open in Microsoft Edge.
If you enable this policy setting, you must also enable the Administrative Templates\Windows Components\Internet Explorer\Use the Enterprise Mode IE website list policy setting and you must include at least one site in the Enterprise Mode site list.
If you disable or don't configure this policy setting, all sites will open based on the currently active browser.
**Note:**
If you’ve also enabled the Administrative Templates\Windows Components\Microsoft Edge\Send all intranet sites to Internet Explorer 11 policy setting, then all intranet sites will continue to open in Internet Explorer 11. |
-| Show message when opening sites in Microsoft Edge using Enterprise Mode | Administrative Templates\Windows Components\Internet Explorer | IE11 on Windows 10, version 1607 | This policy setting lets you decide whether employees see an additional page in Internet Explorer 11, stating that a site has been opened using Microsoft Edge with Enterprise Mode.
If you enable this policy setting, employees see an additional page in Internet Explorer 11, stating that a site has been opened using Microsoft Edge with Enterprise Mode.
If you disable or don't configure this policy setting, the default app behavior occurs and no additional page appears. |
-| Turn off automatic download of the ActiveX VersionList | Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management | At least Windows Internet Explorer 8 | This policy setting allows you to decide whether Internet Explorer automatically downloads updated versions of Microsoft's VersionList.XML file. This file tells Internet Explorer whether to stop specific ActiveX controls from loading.
If you enable this policy setting, Internet Explorer stops automatically downloading updated versions of the VersionList.XML file.
If you disable or don’t configure this setting, Internet Explorer continues to download updated versions of the VersionList.XML file.
**Important:**
Stopping this file from updating breaks the out-of-date ActiveX control blocking feature, potentially compromising the security of the device. For more info, see the Out-of-Date ActiveX Control Blocking () topic. |
-| Turn off loading websites and content in the background to optimize performance | Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | IE11 on Windows 10 | This policy setting determines whether Internet Explorer preemptively loads websites and content in the background, speeding up performance such that when the user clicks a hyperlink, the background page seamlessly switches into view.If you enable this policy setting, IE doesn't load any websites or content in the background.
If you disable this policy setting, IE preemptively loads websites and content in the background.
If you don’t configure this policy setting, users can turn this behavior on or off, using IE settings. This feature is turned on by default. |
-| Turn off phone number detection | Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Browsing | IE11 on Windows 10 | This policy setting determines whether phone numbers are recognized and turned into hyperlinks, which can be used to invoke the default phone application on the system.
If you enable this policy setting, phone number detection is turned off. Users won’t be able to modify this setting.
If you disable this policy setting, phone number detection is turned on. Users won’t be able to modify this setting.
If you don't configure this policy setting, users can turn this behavior on or off, using IE settings. The default is on. |
-| Turn off sending URL path as UTF-8 | User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\URL Encoding | At least Windows Internet Explorer 7 | This policy setting determines whether to let IE send the path portion of a URL using the UTF-8 standard. This standard defines characters so they're readable in any language and lets you exchange Internet addresses (URLs) with characters included in any language.
If you enable this policy setting, UTF-8 is not allowed. Users won't be able to change this setting.
If you disable this policy setting, UTF-8 is allowed. Users won't be able to change this setting.
If you don't configure this policy setting, users can turn this behavior on or off. |
-| Turn off sending UTF-8 query strings for URLs | Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | IE11 on Windows 10 | This policy setting determines whether IE uses 8-bit Unicode Transformation Format (UTF-8) to encode query strings in URLs before sending them to servers or to proxy servers.
If you enable this policy setting, you must specify when to use UTF-8 to encode query strings:
- **0.** Never encode query strings.
- **1.** Only encode query strings for URLs that aren't in the Intranet zone.
- **2.** Only encode query strings for URLs that are in the Intranet zone.
- **3.** Always encode query strings.
If you disable or don't configure this policy setting, users can turn this behavior on or off, using IE Advanced Options settings. The default is to encode all query strings in UTF-8. |
-| Turn off the ability to launch report site problems using a menu option | Administrative Templates\Windows Components\Internet Explorer\Browser menus | Internet Explorer 11 | This policy setting allows you to manage whether users can start the **eport Site Problems** dialog box from the **Internet Explorer** settings area or from the **Tools** menu.
If you enable this policy setting, users won’t be able to start the **Report Site Problems** dialog box from the Internet Explorer settings or the Tools menu.
If you disable or don’t configure this policy setting, users will be able to start the **Report Site Problems** dialog box from the **Internet Explorer** settings area or from the **Tools** menu. |
-| Turn off the flip ahead with page prediction feature | Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | At least Internet Explorer 10 on Windows 8 | This policy setting determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website.
If you enable this policy setting, flip ahead with page prediction is turned off and the next webpage isn’t loaded into the background.
If you disable this policy setting, flip ahead with page prediction is turned on and the next webpage is loaded into the background.
If you don’t configure this setting, users can turn this behavior on or off, using the **Settings** charm.
**Note**
Microsoft collects your browsing history to improve how flip ahead with page prediction works. This feature isn’t available for Internet Explorer for the desktop. |
-| Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows | Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | IE11 on Windows 10 | This policy setting determines whether IE11 uses 64-bit processes (for greater security) or 32-bit processes (for greater compatibility) when running in Enhanced Protected Mode on 64-bit versions of Windows.
If you enable this policy setting, IE11 will use 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows.
If you disable this policy setting, IE11 will use 32-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows.
If you don't configure this policy setting, users can turn this feature on or off using IE settings. This feature is turned off by default.
**Important**
When using 64-bit processes, some ActiveX controls and toolbars might not be available. |
-| Turn on Site Discovery WMI output | Administrative Templates\Windows Components\Internet Explorer | At least Internet Explorer 8 | This policy setting allows you to manage the WMI output functionality of the Internet Explorer Site Discovery Toolkit.
If you enable this policy setting, the Internet Explorer Site Discovery Toolkit will log its collected data to an WMI class, which can be aggregated by using a client-management solution, such as System Center Configuration Manager.
If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit won’t log its collected data to an WMI class.
**Note:**
Enabling or disabling this setting won’t impact any other output methods available to the Internet Explorer Site Discovery Toolkit. |
-| Turn on Site Discovery XML output | Administrative Templates\Windows Components\Internet Explorer | At least Internet Explorer 8 | This policy setting allows you to manage the XML output functionality of the Internet Explorer Site Discovery Toolkit.
If you enable this policy setting, the Internet Explorer Site Discovery Toolkit will log its collected data to an XML file, stored in your specified location.
If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit won’t log its collected data to an XML file.
**Note:**
Enabling or disabling this setting won’t impact any other output methods available to the Internet Explorer Site Discovery Toolkit. |
-| Use the Enterprise Mode IE website list | Administrative Templates\Windows Components\Internet Explorer | IE11 on Windows 10, version 1511 | This policy setting lets you specify where to find the list of websites you want opened using Enterprise Mode, instead of Standard mode, because of compatibility issues. Users can’t edit this list.
If you enable this policy setting, Internet Explorer downloads the Enterprise Mode website list from the `HKEY_CURRENT_USER or HKEY_LOCAL_MACHINE`\Software\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode hive, opening all included websites using Enterprise Mode. We recommend storing and downloading your list from a secure web server `(https://)`, to help protect against data tampering.
If you disable or don’t configure this policy setting, Internet Explorer opens all websites using **Standard** mode. |
-
-## Removed Group Policy settings
-IE11 no longer supports these Group Policy settings:
-
-- Turn on Internet Explorer 7 Standards Mode
-
-- Turn off Compatibility View button
-
-- Turn off Quick Tabs functionality
-
-- Turn off the quick pick menu
-
-- Use large icons for command buttons
-
-## Viewing your policy settings
-After you've finished updating and deploying your Group Policy, you can use the Resultant Set of Policy (RSoP) snap-in to view your settings.
-
-**To use the RSoP snap-in**
-
-1. Open and run the Resultant Set of Policy (RSoP) wizard, specifying the information you want to see.
-
-2. Open your wizard results in the Group Policy Management Console (GPMC).
-For complete instructions about how to add, open, and use RSoP, see [Use the RSoP Snap-in](https://go.microsoft.com/fwlink/p/?LinkId=395201)
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: New group policy settings for Internet Explorer 11
+author: dansimp
+ms.prod: ie11
+ms.assetid: 669cc1a6-e2cb-403f-aa31-c1de52a615d1
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: New group policy settings for Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# New group policy settings for Internet Explorer 11
+Internet Explorer 11 gives you some new Group Policy settings to help you manage your company's web browser configurations, including:
+
+
+| Policy | Category Path | Supported on | Explanation |
+|-----------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Allow IE to use the HTTP2 network protocol | Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | IE11 on Windows 10 | This policy setting determines whether IE uses the HTTP2 network protocol. HTTP2 works with HTTP requests to optimize the latency of network requests through compression, multiplexing, and prioritization.
If you enable this policy setting, IE uses the HTTP2 network protocol.
If you disable this policy setting, IE won't use the HTTP2 network protocol.
If you don't configure this policy setting, users can turn this behavior on or off, using the **Internet Explorer Advanced Internet Options** settings. The default is on. |
+| Allow IE to use the SPDY/3 network protocol | Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | IE11 on Windows 10 | This policy setting determines whether Internet Explorer uses the SPDY/3 network protocol. SPDY/3 works with HTTP requests to optimize the latency of network requests through compression, multiplexing and prioritization.
If you enable this policy setting, Internet Explorer uses the SPDY/3 network protocol.
If you disable this policy setting, Internet Explorer won't use the SPDY/3 network protocol.
If you don't configure this policy setting, users can turn this behavior on or off, on the **Advanced\* tab of the \*\*Internet Options** dialog box. The default is on.
**Note**
We've replaced the SPDY/3 protocol with the HTTP2 protocol in Windows 10. You can configure the HTTP2 protocol by using the **Allow IE to use the HTTP2 network protocol** setting. |
+| Allow Microsoft services to provide enhanced suggestions as the user types in the Address bar | Administrative Templates\Windows Components\Internet Explorer | IE11 on Windows 10 | This policy setting allows IE to provide enhanced suggestions as the user types in the Address bar. To provide enhanced suggestions, the user’s keystrokes are sent to Microsoft through Microsoft services.
If you enable this policy setting, users receive enhanced suggestions while typing in the Address bar. In addition, users won’t be able to change the **Suggestions** setting on the **Settings** charm.
If you disable this policy setting, users won’t receive enhanced suggestions while typing in the Address bar. In addition, users won’t be able to change the **Suggestions** setting on the **Settings** charm.
If you don’t configure this policy setting, users can change the **Suggestions** setting on the **Settings** charm. |
+| Allow only approved domains to use the TDC ActiveX control |
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone
| IE11 in Windows 10 | This policy setting determines whether users can run the Tabular Data Control (TDC) ActiveX control, based on security zone. By default, the TDC ActiveX Control is disabled in the **Internet** and **Restricted Sites** security zones.If you enable this policy setting, users won’t be able to run the TDC ActiveX control from all sites in the specified zone.
If you disable this policy setting, users can run the TDC Active X control from all sites in the specified zone. |
+| Allow SSL3 Fallback | Administrative Templates\Windows Components\Internet Explorer\Security Features | Internet Explorer 11 on Windows 10 | This policy setting allows you to stop websites from falling back to using Secure Socket Layer (SSL) 3.0 or lower, if Transport Layer Security (TLS) 1.0 or higher, fails. This setting doesn’t affect which security protocols are enabled.
If you enable this policy setting and a website fails while using the TLS 1.0 or higher security protocols, Internet Explorer will try to fallback and use SSL 3.0 or lower security protocols.
If you disable or don’t configure this setting, Internet Explorer uses the default system protocols.
**Important:**
By default, SSL 3.0 is disabled. If you choose to enable SSL 3.0, we recommend that you disable or don't configure this setting to help mitigate potential man-in-the-middle attacks. |
+| Allow VBScript to run in Internet Explorer |
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Internet Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Intranet Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Local Machine Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Locked-Down Internet Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Locked-Down Intranet Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Locked-Down Local Machine Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Locked-Down Restricted Sites Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Locked-Down Trusted Sites Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Restricted Sites Zone
- Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Trusted Sites Zone
| Internet Explorer 11 | This policy setting lets you decide whether VBScript can run on pages in specific Internet Explorer zones.If you enable this policy setting (default), you must also pick one of the following options from the Options box:
- Enable. VBScript runs on pages in specific zones, without any interaction.
- Prompt. Employees are prompted whether to allow VBScript to run in the zone.
- Disable. VBScript is prevented from running in the zone.
If you disable or don’t configure this policy setting, VBScript runs without any interaction in the specified zone. |
+| Always send Do Not Track header | Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | At least Internet Explorer 10 | This policy setting allows you to configure how IE sends the Do Not Track (DNT) header.
If you enable this policy setting, IE sends a `DNT:1` header with all HTTP and HTTPS requests. The `DNT:1` header signals to the servers not to track the user.
**In Internet Explorer 9 and 10:**
If you disable this policy setting, IE only sends the Do Not Track header if a Tracking Protection List is enabled or inPrivate Browsing mode is used.
**In at least IE11:**
If you disable this policy setting, IE only sends the Do Not Track header if inPrivate Browsing mode is used.
If you don't configure the policy setting, users can select the **Always send Do Not Track header** option on the **Advanced\* tab of the \*\*Internet Options** dialog box. By selecting this option, IE sends a `DNT:1` header with all HTTP and HTTPS requests; unless the user grants a site-specific exception, in which case IE sends a `DNT:0` header. By default, this option is enabled. |
+| Don't run antimalware programs against ActiveX controls
(Internet, Restricted Zones) |
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone
| IE11 on Windows 10 | This policy setting determines whether IE runs antimalware programs against ActiveX controls, to check if they're safe to load on pages.If you enable this policy setting, IE won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control.
If you disable this policy setting, IE always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control.
If you don't configure this policy setting, IE always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using the Internet Explorer's **Security** settings. |
+| Don't run antimalware programs against ActiveX controls
(Intranet, Trusted, Local Machine Zones) |
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone
- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone
| IE11 on Windows 10 | This policy setting determines whether IE runs antimalware programs against ActiveX controls, to check if they're safe to load on pages.If you enable this policy setting, IE won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control.
If you disable this policy setting, IE always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control.
If you don't configure this policy setting, IE won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using Internet Explorer's **Security** settings. |
+| Hide the button (next to the New Tab button) that opens Microsoft Edge | User Configuration\Administrative Templates\Windows Components/Internet Explorer\Internet Settings\Advanced Settings\Browsing\ | IE11 on Windows 10, version 1703 | This policy setting lets you decide whether employees can see the open Microsoft Edge button, which appears next to the New Tab button.
If you enable this policy setting, the button to open Microsoft Edge from Internet Explorer will be hidden.
If you disable this policy setting, the button to open Microsoft Edge from Internet Explorer appears.
If you don't configure this policy setting, the button to open Microsoft Edge from Internet Explorer can be configured by your employees. |
+| Let users turn on and use Enterprise Mode from the **Tools** menu | Administrative Templates\Windows Components\Internet Explorer | IE11 on Windows 10 | This policy setting lets you decide whether users can turn on Enterprise Mode for websites with compatibility issues. Optionally, this policy also lets you specify where to get reports (through post messages) about the websites for which users turn on Enterprise Mode using the **Tools** menu.
If you enable this policy setting, users can see and use the **Enterprise Mode** option from the **Tools** menu. If you enable this setting, but don’t specify a report location, Enterprise Mode will still be available to your users, but you won’t get any reports.
If you disable or don’t configure this policy setting, the menu option won’t appear and users won’t be able to turn on Enterprise Mode locally. |
+| Limit Site Discovery output by Domain | Administrative Templates\Windows Components\Internet Explorer | At least Internet Explorer 8 | This policy setting allows you to control which domains are included in the discovery function of the Internet Explorer Site Discovery Toolkit.
If you enable this policy setting, the Internet Explorer Site Discovery Toolkit collects data from all sites in your specified domains, configured by adding one domain per line to the included text box.
If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit collects data from all sites in all domains.
**Note:**
You can use this setting in conjunction with the other settings that control the Internet Explorer Site Discovery Toolkit. |
+| Limit Site Discovery output by Zone | Administrative Templates\Windows Components\Internet Explorer | At least Internet Explorer 8 | This policy setting allows you to control which zones are included in the discovery function of the Internet Explorer Site Discovery Toolkit.
If you enable this policy setting, the Internet Explorer Site Discovery Toolkit collects data from all specified security zones.
If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit collects data from all sites in all security zones.
To specify which zones can collect data, you must include a binary number that represents your selected zones, based on this order:
- 0 – Restricted Sites zone
- 0 – Internet zone
- 0 – Trusted Sites zone
- 0 – Local Intranet zone
- 0 – Local Machine zone
**Example 1:** Include only the Local Intranet zone (binary representation: 00010), based on:
- 0 – Restricted Sites zone
- 0 – Internet zone
- 0 – Trusted Sites zone
- 1 – Local Intranet zone
- 0 – Local Machine zone
**Example 2:** Include only the Restricted Sites, Trusted Sites, and Local Intranet zones (binary representation: 10110), based on:
- 1 – Restricted Sites zone
- 0 – Internet zone
- 1 – Trusted Sites zone
- 1 – Local Intranet zone
- 1 – Local Machine zone
**Note:**
You can use this setting in conjunction with the other settings that control the Internet Explorer Site Discovery Toolkit. |
+| Prevent deleting ActiveX Filtering, Tracking Protection and Do Not Track data | Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History | At least Windows Internet Explorer 9 | **In Internet Explorer 9 and Internet Explorer 10:**
This policy setting prevents users from deleting ActiveX Filtering and Tracking Protection data, which includes the list of websites for which the user has chosen to disable ActiveX Filtering or Tracking Protection. In addition, Tracking Protection data is also collected if users turn on the **Personalized Tracking Protection List**, which blocks third-party items while the user is browsing.
**In IE11:**
This policy setting prevents users from deleting ActiveX Filtering, Tracking Protection data, and Do Not Track exceptions, stored in the **Delete Browsing History** dialog box, for visited websites.
If you enable this policy setting, ActiveX Filtering, Tracking Protection and Do Not Track data is preserved when the user clicks **Delete**.
If you disable this policy setting, ActiveX Filtering, Tracking Protection and Do Not Track data is deleted when the user clicks **Delete**.
If you don’t configure this policy setting, users can turn this feature on and off, determining whether to delete ActiveX Filtering, Tracking Protection, and Do Not Track data when clicking **Delete**. |
+| Send all sites not included in the Enterprise Mode Site List to Microsoft Edge | Administrative Templates\Windows Components\Internet Explorer | IE11 on Windows 10, version 1607 | This policy setting lets you decide whether to open all sites that aren’t specified to open in IE11 by the Enterprise Mode site list, to open in Microsoft Edge.
If you enable this policy setting, you must also enable the Administrative Templates\Windows Components\Internet Explorer\Use the Enterprise Mode IE website list policy setting and you must include at least one site in the Enterprise Mode site list.
If you disable or don't configure this policy setting, all sites will open based on the currently active browser.
**Note:**
If you’ve also enabled the Administrative Templates\Windows Components\Microsoft Edge\Send all intranet sites to Internet Explorer 11 policy setting, then all intranet sites will continue to open in Internet Explorer 11. |
+| Show message when opening sites in Microsoft Edge using Enterprise Mode | Administrative Templates\Windows Components\Internet Explorer | IE11 on Windows 10, version 1607 | This policy setting lets you decide whether employees see an additional page in Internet Explorer 11, stating that a site has been opened using Microsoft Edge with Enterprise Mode.
If you enable this policy setting, employees see an additional page in Internet Explorer 11, stating that a site has been opened using Microsoft Edge with Enterprise Mode.
If you disable or don't configure this policy setting, the default app behavior occurs and no additional page appears. |
+| Turn off automatic download of the ActiveX VersionList | Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management | At least Windows Internet Explorer 8 | This policy setting allows you to decide whether Internet Explorer automatically downloads updated versions of Microsoft's VersionList.XML file. This file tells Internet Explorer whether to stop specific ActiveX controls from loading.
If you enable this policy setting, Internet Explorer stops automatically downloading updated versions of the VersionList.XML file.
If you disable or don’t configure this setting, Internet Explorer continues to download updated versions of the VersionList.XML file.
**Important:**
Stopping this file from updating breaks the out-of-date ActiveX control blocking feature, potentially compromising the security of the device. For more info, see the Out-of-Date ActiveX Control Blocking () topic. |
+| Turn off loading websites and content in the background to optimize performance | Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | IE11 on Windows 10 | This policy setting determines whether Internet Explorer preemptively loads websites and content in the background, speeding up performance such that when the user clicks a hyperlink, the background page seamlessly switches into view.If you enable this policy setting, IE doesn't load any websites or content in the background.
If you disable this policy setting, IE preemptively loads websites and content in the background.
If you don’t configure this policy setting, users can turn this behavior on or off, using IE settings. This feature is turned on by default. |
+| Turn off phone number detection | Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Browsing | IE11 on Windows 10 | This policy setting determines whether phone numbers are recognized and turned into hyperlinks, which can be used to invoke the default phone application on the system.
If you enable this policy setting, phone number detection is turned off. Users won’t be able to modify this setting.
If you disable this policy setting, phone number detection is turned on. Users won’t be able to modify this setting.
If you don't configure this policy setting, users can turn this behavior on or off, using IE settings. The default is on. |
+| Turn off sending URL path as UTF-8 | User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\URL Encoding | At least Windows Internet Explorer 7 | This policy setting determines whether to let IE send the path portion of a URL using the UTF-8 standard. This standard defines characters so they're readable in any language and lets you exchange Internet addresses (URLs) with characters included in any language.
If you enable this policy setting, UTF-8 is not allowed. Users won't be able to change this setting.
If you disable this policy setting, UTF-8 is allowed. Users won't be able to change this setting.
If you don't configure this policy setting, users can turn this behavior on or off. |
+| Turn off sending UTF-8 query strings for URLs | Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | IE11 on Windows 10 | This policy setting determines whether IE uses 8-bit Unicode Transformation Format (UTF-8) to encode query strings in URLs before sending them to servers or to proxy servers.
If you enable this policy setting, you must specify when to use UTF-8 to encode query strings:
- **0.** Never encode query strings.
- **1.** Only encode query strings for URLs that aren't in the Intranet zone.
- **2.** Only encode query strings for URLs that are in the Intranet zone.
- **3.** Always encode query strings.
If you disable or don't configure this policy setting, users can turn this behavior on or off, using IE Advanced Options settings. The default is to encode all query strings in UTF-8. |
+| Turn off the ability to launch report site problems using a menu option | Administrative Templates\Windows Components\Internet Explorer\Browser menus | Internet Explorer 11 | This policy setting allows you to manage whether users can start the **eport Site Problems** dialog box from the **Internet Explorer** settings area or from the **Tools** menu.
If you enable this policy setting, users won’t be able to start the **Report Site Problems** dialog box from the Internet Explorer settings or the Tools menu.
If you disable or don’t configure this policy setting, users will be able to start the **Report Site Problems** dialog box from the **Internet Explorer** settings area or from the **Tools** menu. |
+| Turn off the flip ahead with page prediction feature | Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | At least Internet Explorer 10 on Windows 8 | This policy setting determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website.
If you enable this policy setting, flip ahead with page prediction is turned off and the next webpage isn’t loaded into the background.
If you disable this policy setting, flip ahead with page prediction is turned on and the next webpage is loaded into the background.
If you don’t configure this setting, users can turn this behavior on or off, using the **Settings** charm.
**Note**
Microsoft collects your browsing history to improve how flip ahead with page prediction works. This feature isn’t available for Internet Explorer for the desktop. |
+| Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows | Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page | IE11 on Windows 10 | This policy setting determines whether IE11 uses 64-bit processes (for greater security) or 32-bit processes (for greater compatibility) when running in Enhanced Protected Mode on 64-bit versions of Windows.
If you enable this policy setting, IE11 will use 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows.
If you disable this policy setting, IE11 will use 32-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows.
If you don't configure this policy setting, users can turn this feature on or off using IE settings. This feature is turned off by default.
**Important**
When using 64-bit processes, some ActiveX controls and toolbars might not be available. |
+| Turn on Site Discovery WMI output | Administrative Templates\Windows Components\Internet Explorer | At least Internet Explorer 8 | This policy setting allows you to manage the WMI output functionality of the Internet Explorer Site Discovery Toolkit.
If you enable this policy setting, the Internet Explorer Site Discovery Toolkit will log its collected data to an WMI class, which can be aggregated by using a client-management solution, such as System Center Configuration Manager.
If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit won’t log its collected data to an WMI class.
**Note:**
Enabling or disabling this setting won’t impact any other output methods available to the Internet Explorer Site Discovery Toolkit. |
+| Turn on Site Discovery XML output | Administrative Templates\Windows Components\Internet Explorer | At least Internet Explorer 8 | This policy setting allows you to manage the XML output functionality of the Internet Explorer Site Discovery Toolkit.
If you enable this policy setting, the Internet Explorer Site Discovery Toolkit will log its collected data to an XML file, stored in your specified location.
If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit won’t log its collected data to an XML file.
**Note:**
Enabling or disabling this setting won’t impact any other output methods available to the Internet Explorer Site Discovery Toolkit. |
+| Use the Enterprise Mode IE website list | Administrative Templates\Windows Components\Internet Explorer | IE11 on Windows 10, version 1511 | This policy setting lets you specify where to find the list of websites you want opened using Enterprise Mode, instead of Standard mode, because of compatibility issues. Users can’t edit this list.
If you enable this policy setting, Internet Explorer downloads the Enterprise Mode website list from the `HKEY_CURRENT_USER or HKEY_LOCAL_MACHINE`\Software\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode hive, opening all included websites using Enterprise Mode. We recommend storing and downloading your list from a secure web server `(https://)`, to help protect against data tampering.
If you disable or don’t configure this policy setting, Internet Explorer opens all websites using **Standard** mode. |
+
+## Removed Group Policy settings
+IE11 no longer supports these Group Policy settings:
+
+- Turn on Internet Explorer 7 Standards Mode
+
+- Turn off Compatibility View button
+
+- Turn off Quick Tabs functionality
+
+- Turn off the quick pick menu
+
+- Use large icons for command buttons
+
+## Viewing your policy settings
+After you've finished updating and deploying your Group Policy, you can use the Resultant Set of Policy (RSoP) snap-in to view your settings.
+
+**To use the RSoP snap-in**
+
+1. Open and run the Resultant Set of Policy (RSoP) wizard, specifying the information you want to see.
+
+2. Open your wizard results in the Group Policy Management Console (GPMC).
+For complete instructions about how to add, open, and use RSoP, see [Use the RSoP Snap-in](https://go.microsoft.com/fwlink/p/?LinkId=395201)
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/out-of-date-activex-control-blocking.md b/browsers/internet-explorer/ie11-deploy-guide/out-of-date-activex-control-blocking.md
index 32665259c3..5591606f32 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/out-of-date-activex-control-blocking.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/out-of-date-activex-control-blocking.md
@@ -1,205 +1,206 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: Use out-of-date ActiveX control blocking to help you know when IE prevents a webpage from loading outdated ActiveX controls and to update the outdated control, so that it’s safer to use.
-author: lomayor
-ms.author: lomayor
-ms.prod: ie11
-ms.assetid: e61866bb-1ff1-4a8d-96f2-61d3534e8199
-ms.reviewer:
-audience: itpro
manager: dansimp
-title: Out-of-date ActiveX control blocking (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 05/10/2018
----
-
-
-# Out-of-date ActiveX control blocking
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-- Windows Vista SP2
-
-ActiveX controls are small apps that let websites provide content, like videos, games, and let you interact with content like toolbars. Unfortunately, because many ActiveX controls aren’t automatically updated, they can become outdated as new versions are released. It’s very important that you keep your ActiveX controls up-to-date because malicious software (or malware) can target security flaws in outdated controls, damaging your computer by collecting info from it, installing unwanted software, or by letting someone else control it remotely. To help avoid this situation, Internet Explorer includes a new security feature, called *out-of-date ActiveX control blocking*.
-
-Out-of-date ActiveX control blocking lets you:
-
-- Know when IE prevents a webpage from loading common, but outdated ActiveX controls.
-
-- Interact with other parts of the webpage that aren’t affected by the outdated control.
-
-- Update the outdated control, so that it’s up-to-date and safer to use.
-
-The out-of-date ActiveX control blocking feature works with all [Security Zones](https://go.microsoft.com/fwlink/p/?LinkId=403863), except the Local Intranet Zone and the Trusted Sites Zone.
-
-It also works with these operating system and IE combinations:
-
-|Windows operating system |IE version |
-|----------------------------------------|---------------------------------|
-|Windows 10 |All supported versions of IE.
Microsoft Edge doesn't support ActiveX controls. |
-|Windows 8.1 and Windows 8.1 Update |All supported versions of IE |
-|Windows 7 SP1 |All supported versions of IE |
-|Windows Server 2012 |All supported versions of IE |
-|Windows Server 2008 R2 SP1 |All supported versions of IE |
-|Windows Server 2008 SP2 |Windows Internet Explorer 9 only |
-|Windows Vista SP2 |Windows Internet Explorer 9 only |
-
-For more info about this new feature, see the [Internet Explorer begins blocking out-of-date ActiveX controls](https://go.microsoft.com/fwlink/p/?LinkId=507691) blog. To see the complete list of out-of-date Active controls blocked by this feature, see [Blocked out-of-date ActiveX controls](blocked-out-of-date-activex-controls.md).
-
-
-## What does the out-of-date ActiveX control blocking notification look like?
-When IE blocks an outdated ActiveX control, you’ll see a notification bar similar to this, depending on your version of IE:
-
-**Internet Explorer 9 through Internet Explorer 11**
-
-
-
-**Windows Internet Explorer 8**
-
-
-
-Out-of-date ActiveX control blocking also gives you a security warning that tells you if a webpage tries to launch specific outdated apps, outside of IE:
-
-
-
-
-## How do I fix an outdated ActiveX control or app?
-From the notification about the outdated ActiveX control, you can go to the control’s website to download its latest version.
-
- **To get the updated ActiveX control**
-
-1. From the notification bar, tap or click **Update**.
-IE opens the ActiveX control’s website.
-
-2. Download the latest version of the control.
-
-**Security Note:**
If you don’t fully trust a site, you shouldn’t allow it to load an outdated ActiveX control. However, although we don’t recommend it, you can view the missing webpage content by tapping or clicking **Run this time**. This option runs the ActiveX control without updating or fixing the problem. The next time you visit a webpage running the same outdated ActiveX control, you’ll get the notification again.
-
- **To get the updated app**
-
-1. From the security warning, tap or click **Update** link.
-IE opens the app’s website.
-
-2. Download the latest version of the app.
-
-**Security Note:**
If you don’t fully trust a site, you shouldn’t allow it to launch an outdated app. However, although we don’t recommend it, you can let the webpage launch the app by tapping or clicking **Allow**. This option opens the app without updating or fixing the problem. The next time you visit a webpage running the same outdated app, you’ll get the notification again.
-
-## How does IE decide which ActiveX controls to block?
-IE uses Microsoft’s versionlist.xml or versionlistWin7.xml file to determine whether an ActiveX control should be stopped from loading. These files are updated with newly-discovered out-of-date ActiveX controls, which IE automatically downloads to your local copy of the file.
-
-You can see your copy of the file here `%LOCALAPPDATA%\Microsoft\Internet Explorer\VersionManager\versionlist.xml` or you can view Microsoft’s version, based on your operating system and version of IE, here:
-- [Internet Explorer 11 on Windows 7 SP1 or Windows Server 2008 R2](https://go.microsoft.com/fwlink/p/?LinkId=798230)
-- [All other configurations](https://go.microsoft.com/fwlink/p/?LinkId=403864)
-
-**Security Note:**
Although we strongly recommend against it, if you don’t want your computer to automatically download the updated version list from Microsoft, run the following command from a command prompt:
-
-```
-reg add "HKCU\Software\Microsoft\Internet Explorer\VersionManager" /v DownloadVersionList /t REG_DWORD /d 0 /f
-```
-Turning off this automatic download breaks the out-of-date ActiveX control blocking feature by not letting the version list update with newly outdated controls, potentially compromising the security of your computer. Use this configuration option at your own risk.
-
-## Out-of-date ActiveX control blocking on managed devices
-Out-of-date ActiveX control blocking includes four new Group Policy settings that you can use to manage your web browser configuration, based on your domain controller. You can download the administrative templates, including the new settings, from the [Administrative templates (.admx) for Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=746579) page or the [Administrative Templates (.admx) for Windows 8.1 and Windows Server 2012 R2](https://go.microsoft.com/fwlink/p/?LinkId=746580) page, depending on your operating system.
-
-### Group Policy settings
-Here’s a list of the new Group Policy info, including the settings, location, requirements, and Help text strings. All of these settings can be set in either the Computer Configuration or User Configuration scope, but Computer Configuration takes precedence over User Configuration.
-
-**Important**
-Out-of-date ActiveX control blocking is turned off in the Local Intranet Zone and the Trusted Sites Zone; therefore, intranet websites and line-of-business apps will continue to use out-of-date ActiveX controls without disruption.
-
-|Setting |Category path |Supported on |Help text |
-|--------|--------------|-------------|----------|
-|Turn on ActiveX control logging in IE |`Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management` |Internet Explorer 8 through IE11 |This setting determines whether IE saves log information for ActiveX controls.
If you enable this setting, IE logs ActiveX control information (including the source URI that loaded the control and whether it was blocked) to a local file.
If you disable or don't configure this setting, IE won't log ActiveX control information.
Note that you can turn this setting on or off regardless of the **Turn off blocking of outdated ActiveX controls for IE** or **Turn off blocking of outdated ActiveX controls for IE on specific domains** settings. |
-|Remove the **Run this time** button for outdated ActiveX controls in IE |`Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management`|Internet Explorer 8 through IE11 |This setting allows you stop users from seeing the **Run this time** button and from running specific outdated ActiveX controls in IE.
If you enable this setting, users won't see the **Run this time** button on the warning message that appears when IE blocks an outdated ActiveX control.
If you disable or don't configure this setting, users will see the **Run this time** button on the warning message that appears when IE blocks an outdated ActiveX control. Clicking this button lets the user run the outdated ActiveX control once. |
-|Turn off blocking of outdated ActiveX controls for IE on specific domains |`Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management` |Internet Explorer 8 through IE11 |This setting allows you to manage a list of domains on which IE will stop blocking outdated ActiveX controls. Outdated ActiveX controls are never blocked in the Intranet Zone.
If you enable this setting, you can enter a custom list of domains for which outdated ActiveX controls won't be blocked in IE. Each domain entry must be formatted like one of the following:
- **"domainname.TLD".** For example, if you want to include `*.contoso.com/*`, use "contoso.com".
- **"hostname".** For example, if you want to include `https://example`, use "example".
- **"file:///path/filename.htm"**. For example, use `file:///C:/Users/contoso/Desktop/index.htm`.
If you disable or don't configure this setting, the list is deleted and IE continues to block specific outdated ActiveX controls on all domains in the Internet Zone. |
-|Turn off blocking of outdated ActiveX controls for IE |`Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management` |Internet Explorer 8 through IE11 |This setting determines whether IE blocks specific outdated ActiveX controls. Outdated ActiveX controls are never blocked in the Intranet Zone.
If you enable this setting, IE stops blocking outdated ActiveX controls.
If you disable or don't configure this setting, IE continues to block specific outdated ActiveX controls. |
-|Remove the **Update** button in the out-of-date ActiveX control blocking notification for IE |This functionality is only available through the registry |Internet Explorer 8 through IE11 |This setting determines whether the out-of-date ActiveX control blocking notification shows the **Update** button. This button points users to update specific out-of-date ActiveX controls in IE. |
-
-
-If you don't want to use Group Policy, you can also turn these settings on or off using the registry. You can update the registry manually.
-
-|Setting |Registry setting |
-|-------------------------|----------------------------------------------------------------|
-|Turn on ActiveX control logging in IE |`reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext" /v AuditModeEnabled /t REG_DWORD /d 1 /f`
Where:
- **0 or not configured.** Logs ActiveX control information (including the source URI that loaded the control and whether it was blocked) to a local file.
- **1.** Logs ActiveX control information.
|
-|Remove **Run this time** button for outdated ActiveX controls in IE |`reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext" /v RunThisTimeEnabled /t REG_DWORD /d 0 /f`Where:
- **0.** Removes the **Run this time** button.
- **1 or not configured.** Leaves the **Run this time** button.
|
-|Turn off blocking of outdated ActiveX controls for IE on specific domains |reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\Domain" /v contoso.com /t REG_SZ /fWhere:
- **contoso.com.** A single domain on which outdated ActiveX controls won't be blocked in IE. Use a new `reg add` command for each domain you wish to add to the **Allow** list.
|
-|Turn off blocking of outdated ActiveX controls for IE |`reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext" /v VersionCheckEnabled /t REG_DWORD /d 0 /f`Where:
- **0.** Stops blocking outdated ActiveX controls.
- **1 or not configured.** Continues to block specific outdated ActiveX controls.
|
-|Remove the **Update** button in the out-of-date ActiveX control blocking notification for IE |`reg add "HKCU\Software\Microsoft\Internet Explorer\VersionManager" /v UpdateEnabled /t REG_DWORD /d 0 /f`Where:
- **0.** Removes the **Update** button
- **1 or not configured.** Leaves the **Update** button.
-
-## Inventory your ActiveX controls
-You can inventory the ActiveX controls being used in your company, by turning on the **Turn on ActiveX control logging in IE** setting:
-
-- **Windows 10:** Through a comma-separated values (.csv) file or through a local Windows Management Instrumentation (WMI) class.
-
-- **All other versions of Microsoft Windows:** Through a .csv file only.
-
-
-### Inventory your ActiveX controls by using a .CSV file
-If you decide to inventory the ActiveX controls being used in your company by turning on the **Turn on ActiveX control logging in IE** setting, IE logs the ActiveX control information to the `%LOCALAPPDATA%\Microsoft\Internet Explorer\AuditMode\VersionAuditLog.csv` file.
-
-Here’s a detailed example and description of what’s included in the VersionAuditLog.csv file.
-
-|Source URI |File path |Product version |File version |Allowed/Blocked |Reason |EPM-compatible |
-|-----------|----------|----------------|-------------|----------------|-------|---------------|
-|`https://contoso.com/test1.html` |C:\Windows\System32\Macromed\Flash\Flash.ocx |14.0.0.125 |14.0.0.125 |Allowed |Not in blocklist |EPM-compatible |
-|`https://contoso.com/test2.html` |C:\Program Files\Java\jre6\bin\jp2iexp.dll |6.0.410.2 |6.0.410.2 |Blocked |Out of date |Not EPM-compatible |
-
-**Where:**
-- **Source URI.** The URL of the page that loaded the ActiveX control.
-
-- **File path.** The location of the binary that implements the ActiveX control.
-
-- **Product version.** The product version of the binary that implements the ActiveX control.
-
-- **File version.** The file version of the binary that implements the ActiveX control.
-
-- **Allowed/Blocked** Whether IE blocked the ActiveX control.
-
-- **Enhanced Protected Mode (EPM)-compatible.** Whether the loaded ActiveX control is compatible with [Enhanced Protected Mode](https://go.microsoft.com/fwlink/p/?LinkId=403865).**Note**
Enhanced Protected Mode isn’t supported on Internet Explorer 9 or earlier versions of IE. Therefore, if you’re using Internet Explorer 8 or Internet Explorer 9, all ActiveX controls will always be marked as not EPM-compatible.
-
-- **Reason.** The ActiveX control can be blocked or allowed for any of these reasons:
-
-|Reason |Corresponds to |Description |
-|-------------------------|---------------|-------------------------------------------------|
-|Version not in blocklist |Allowed |The version of the loaded ActiveX control is explicitly allowed by the IE version list. |
-|Trusted domain |Allowed |The ActiveX control was loaded on a domain listed in the **Turn off blocking of outdated ActiveX controls for IE on specific domains** setting. |
-|File doesn’t exist |Allowed |The loaded ActiveX control is missing required binaries to run correctly. |
-|Out-of-date |Blocked |The loaded ActiveX control is explicitly blocked by the IE version list because it is out-of-date. |
-|Not in blocklist |Allowed |The loaded ActiveX control isn’t in the IE version list. |
-|Managed by policy |Allowed |The loaded ActiveX control is managed by a Group Policy setting that isn’t listed here, and will be managed in accordance with that Group Policy setting. |
-|Trusted Site Zone or intranet |Allowed |The ActiveX control was loaded in the Trusted Sites Zone or the Local Intranet Zone. |
-|Hardblocked |Blocked |The loaded ActiveX control is blocked in IE because it contains known security vulnerabilities. |
-|Unknown |Allowed or blocked |None of the above apply. |
-
-### Inventory your ActiveX controls by using a local WMI class
-For Windows 10 you also have the option to log your inventory info to a local WMI class. Info logged to this class includes all of info you get from the .csv file, plus the CLSID of the loaded ActiveX control or the name of any apps started from an ActiveX control.
-
-#### Before you begin
-Before you can use WMI to inventory your ActiveX controls, you need to [download the configuration package (.zip file)](https://go.microsoft.com/fwlink/p/?LinkId=616971), which includes:
-
-- **ConfigureWMILogging.ps1**. A Windows PowerShell script.
-
-- **ActiveXWMILogging.mof**. A managed object file.
-
-Before running the PowerShell script, you must copy both the .ps1 and .mof file to the same directory location, on the client computer.
-
- **To configure IE to use WMI logging**
-
-1. Open your Group Policy editor and turn on the `Administrative Templates\Windows Components\Internet Explorer\Turn on ActiveX control logging in IE` setting.
-
-2. On the client device, start PowerShell in elevated mode (using admin privileges) and run `ConfigureWMILogging.ps1` by by-passing the PowerShell execution policy, using this command:
- ```
- powershell –ExecutionPolicy Bypass .\ConfigureWMILogging.ps1
- ```
- For more info, see [about_Execution_Policies](https://go.microsoft.com/fwlink/p/?linkid=517460).
-
-3. **Optional:** Set up your domain firewall for WMI data. For more info, see [Collect data using Enterprise Site Discovery](collect-data-using-enterprise-site-discovery.md).
-
-The inventory info appears in the WMI class, `IEAXControlBlockingAuditInfo`, located in the WMI namespace, *root\\cimv2\\IETelemetry*. To collect the inventory info from your client computers, we recommend using System Center 2012 R2 Configuration Manager or any agent that can access the WMI data. For more info, see [Collect data using Enterprise Site Discovery](collect-data-using-enterprise-site-discovery.md).
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: Use out-of-date ActiveX control blocking to help you know when IE prevents a webpage from loading outdated ActiveX controls and to update the outdated control, so that it’s safer to use.
+author: dansimp
+ms.author: dansimp
+ms.prod: ie11
+ms.assetid: e61866bb-1ff1-4a8d-96f2-61d3534e8199
+ms.reviewer:
+audience: itpro
+manager: dansimp
+title: Out-of-date ActiveX control blocking (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 05/10/2018
+---
+
+
+# Out-of-date ActiveX control blocking
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+- Windows Vista SP2
+
+ActiveX controls are small apps that let websites provide content, like videos, games, and let you interact with content like toolbars. Unfortunately, because many ActiveX controls aren’t automatically updated, they can become outdated as new versions are released. It’s very important that you keep your ActiveX controls up-to-date because malicious software (or malware) can target security flaws in outdated controls, damaging your computer by collecting info from it, installing unwanted software, or by letting someone else control it remotely. To help avoid this situation, Internet Explorer includes a new security feature, called *out-of-date ActiveX control blocking*.
+
+Out-of-date ActiveX control blocking lets you:
+
+- Know when IE prevents a webpage from loading common, but outdated ActiveX controls.
+
+- Interact with other parts of the webpage that aren’t affected by the outdated control.
+
+- Update the outdated control, so that it’s up-to-date and safer to use.
+
+The out-of-date ActiveX control blocking feature works with all [Security Zones](https://go.microsoft.com/fwlink/p/?LinkId=403863), except the Local Intranet Zone and the Trusted Sites Zone.
+
+It also works with these operating system and IE combinations:
+
+|Windows operating system |IE version |
+|----------------------------------------|---------------------------------|
+|Windows 10 |All supported versions of IE.
Microsoft Edge doesn't support ActiveX controls. |
+|Windows 8.1 and Windows 8.1 Update |All supported versions of IE |
+|Windows 7 SP1 |All supported versions of IE |
+|Windows Server 2012 |All supported versions of IE |
+|Windows Server 2008 R2 SP1 |All supported versions of IE |
+|Windows Server 2008 SP2 |Windows Internet Explorer 9 only |
+|Windows Vista SP2 |Windows Internet Explorer 9 only |
+
+For more info about this new feature, see the [Internet Explorer begins blocking out-of-date ActiveX controls](https://go.microsoft.com/fwlink/p/?LinkId=507691) blog. To see the complete list of out-of-date Active controls blocked by this feature, see [Blocked out-of-date ActiveX controls](blocked-out-of-date-activex-controls.md).
+
+
+## What does the out-of-date ActiveX control blocking notification look like?
+When IE blocks an outdated ActiveX control, you’ll see a notification bar similar to this, depending on your version of IE:
+
+**Internet Explorer 9 through Internet Explorer 11**
+
+
+
+**Windows Internet Explorer 8**
+
+
+
+Out-of-date ActiveX control blocking also gives you a security warning that tells you if a webpage tries to launch specific outdated apps, outside of IE:
+
+
+
+
+## How do I fix an outdated ActiveX control or app?
+From the notification about the outdated ActiveX control, you can go to the control’s website to download its latest version.
+
+ **To get the updated ActiveX control**
+
+1. From the notification bar, tap or click **Update**.
+IE opens the ActiveX control’s website.
+
+2. Download the latest version of the control.
+
+**Security Note:**
If you don’t fully trust a site, you shouldn’t allow it to load an outdated ActiveX control. However, although we don’t recommend it, you can view the missing webpage content by tapping or clicking **Run this time**. This option runs the ActiveX control without updating or fixing the problem. The next time you visit a webpage running the same outdated ActiveX control, you’ll get the notification again.
+
+ **To get the updated app**
+
+1. From the security warning, tap or click **Update** link.
+IE opens the app’s website.
+
+2. Download the latest version of the app.
+
+**Security Note:**
If you don’t fully trust a site, you shouldn’t allow it to launch an outdated app. However, although we don’t recommend it, you can let the webpage launch the app by tapping or clicking **Allow**. This option opens the app without updating or fixing the problem. The next time you visit a webpage running the same outdated app, you’ll get the notification again.
+
+## How does IE decide which ActiveX controls to block?
+IE uses Microsoft’s versionlist.xml or versionlistWin7.xml file to determine whether an ActiveX control should be stopped from loading. These files are updated with newly-discovered out-of-date ActiveX controls, which IE automatically downloads to your local copy of the file.
+
+You can see your copy of the file here `%LOCALAPPDATA%\Microsoft\Internet Explorer\VersionManager\versionlist.xml` or you can view Microsoft’s version, based on your operating system and version of IE, here:
+- [Internet Explorer 11 on Windows 7 SP1 or Windows Server 2008 R2](https://go.microsoft.com/fwlink/p/?LinkId=798230)
+- [All other configurations](https://go.microsoft.com/fwlink/p/?LinkId=403864)
+
+**Security Note:**
Although we strongly recommend against it, if you don’t want your computer to automatically download the updated version list from Microsoft, run the following command from a command prompt:
+
+```
+reg add "HKCU\Software\Microsoft\Internet Explorer\VersionManager" /v DownloadVersionList /t REG_DWORD /d 0 /f
+```
+Turning off this automatic download breaks the out-of-date ActiveX control blocking feature by not letting the version list update with newly outdated controls, potentially compromising the security of your computer. Use this configuration option at your own risk.
+
+## Out-of-date ActiveX control blocking on managed devices
+Out-of-date ActiveX control blocking includes four new Group Policy settings that you can use to manage your web browser configuration, based on your domain controller. You can download the administrative templates, including the new settings, from the [Administrative templates (.admx) for Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=746579) page or the [Administrative Templates (.admx) for Windows 8.1 and Windows Server 2012 R2](https://go.microsoft.com/fwlink/p/?LinkId=746580) page, depending on your operating system.
+
+### Group Policy settings
+Here’s a list of the new Group Policy info, including the settings, location, requirements, and Help text strings. All of these settings can be set in either the Computer Configuration or User Configuration scope, but Computer Configuration takes precedence over User Configuration.
+
+**Important**
+Out-of-date ActiveX control blocking is turned off in the Local Intranet Zone and the Trusted Sites Zone; therefore, intranet websites and line-of-business apps will continue to use out-of-date ActiveX controls without disruption.
+
+|Setting |Category path |Supported on |Help text |
+|--------|--------------|-------------|----------|
+|Turn on ActiveX control logging in IE |`Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management` |Internet Explorer 8 through IE11 |This setting determines whether IE saves log information for ActiveX controls.
If you enable this setting, IE logs ActiveX control information (including the source URI that loaded the control and whether it was blocked) to a local file.
If you disable or don't configure this setting, IE won't log ActiveX control information.
Note that you can turn this setting on or off regardless of the **Turn off blocking of outdated ActiveX controls for IE** or **Turn off blocking of outdated ActiveX controls for IE on specific domains** settings. |
+|Remove the **Run this time** button for outdated ActiveX controls in IE |`Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management`|Internet Explorer 8 through IE11 |This setting allows you stop users from seeing the **Run this time** button and from running specific outdated ActiveX controls in IE.
If you enable this setting, users won't see the **Run this time** button on the warning message that appears when IE blocks an outdated ActiveX control.
If you disable or don't configure this setting, users will see the **Run this time** button on the warning message that appears when IE blocks an outdated ActiveX control. Clicking this button lets the user run the outdated ActiveX control once. |
+|Turn off blocking of outdated ActiveX controls for IE on specific domains |`Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management` |Internet Explorer 8 through IE11 |This setting allows you to manage a list of domains on which IE will stop blocking outdated ActiveX controls. Outdated ActiveX controls are never blocked in the Intranet Zone.
If you enable this setting, you can enter a custom list of domains for which outdated ActiveX controls won't be blocked in IE. Each domain entry must be formatted like one of the following:
- **"domainname.TLD".** For example, if you want to include `*.contoso.com/*`, use "contoso.com".
- **"hostname".** For example, if you want to include `https://example`, use "example".
- **"file:///path/filename.htm"**. For example, use `file:///C:/Users/contoso/Desktop/index.htm`.
If you disable or don't configure this setting, the list is deleted and IE continues to block specific outdated ActiveX controls on all domains in the Internet Zone. |
+|Turn off blocking of outdated ActiveX controls for IE |`Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management` |Internet Explorer 8 through IE11 |This setting determines whether IE blocks specific outdated ActiveX controls. Outdated ActiveX controls are never blocked in the Intranet Zone.
If you enable this setting, IE stops blocking outdated ActiveX controls.
If you disable or don't configure this setting, IE continues to block specific outdated ActiveX controls. |
+|Remove the **Update** button in the out-of-date ActiveX control blocking notification for IE |This functionality is only available through the registry |Internet Explorer 8 through IE11 |This setting determines whether the out-of-date ActiveX control blocking notification shows the **Update** button. This button points users to update specific out-of-date ActiveX controls in IE. |
+
+
+If you don't want to use Group Policy, you can also turn these settings on or off using the registry. You can update the registry manually.
+
+|Setting |Registry setting |
+|-------------------------|----------------------------------------------------------------|
+|Turn on ActiveX control logging in IE |`reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext" /v AuditModeEnabled /t REG_DWORD /d 1 /f`
Where:
- **0 or not configured.** Logs ActiveX control information (including the source URI that loaded the control and whether it was blocked) to a local file.
- **1.** Logs ActiveX control information.
|
+|Remove **Run this time** button for outdated ActiveX controls in IE |`reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext" /v RunThisTimeEnabled /t REG_DWORD /d 0 /f`Where:
- **0.** Removes the **Run this time** button.
- **1 or not configured.** Leaves the **Run this time** button.
|
+|Turn off blocking of outdated ActiveX controls for IE on specific domains |reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\Domain" /v contoso.com /t REG_SZ /fWhere:
- **contoso.com.** A single domain on which outdated ActiveX controls won't be blocked in IE. Use a new `reg add` command for each domain you wish to add to the **Allow** list.
|
+|Turn off blocking of outdated ActiveX controls for IE |`reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext" /v VersionCheckEnabled /t REG_DWORD /d 0 /f`Where:
- **0.** Stops blocking outdated ActiveX controls.
- **1 or not configured.** Continues to block specific outdated ActiveX controls.
|
+|Remove the **Update** button in the out-of-date ActiveX control blocking notification for IE |`reg add "HKCU\Software\Microsoft\Internet Explorer\VersionManager" /v UpdateEnabled /t REG_DWORD /d 0 /f`Where:
- **0.** Removes the **Update** button
- **1 or not configured.** Leaves the **Update** button.
+
+## Inventory your ActiveX controls
+You can inventory the ActiveX controls being used in your company, by turning on the **Turn on ActiveX control logging in IE** setting:
+
+- **Windows 10:** Through a comma-separated values (.csv) file or through a local Windows Management Instrumentation (WMI) class.
+
+- **All other versions of Microsoft Windows:** Through a .csv file only.
+
+
+### Inventory your ActiveX controls by using a .CSV file
+If you decide to inventory the ActiveX controls being used in your company by turning on the **Turn on ActiveX control logging in IE** setting, IE logs the ActiveX control information to the `%LOCALAPPDATA%\Microsoft\Internet Explorer\AuditMode\VersionAuditLog.csv` file.
+
+Here’s a detailed example and description of what’s included in the VersionAuditLog.csv file.
+
+|Source URI |File path |Product version |File version |Allowed/Blocked |Reason |EPM-compatible |
+|-----------|----------|----------------|-------------|----------------|-------|---------------|
+|`https://contoso.com/test1.html` |C:\Windows\System32\Macromed\Flash\Flash.ocx |14.0.0.125 |14.0.0.125 |Allowed |Not in blocklist |EPM-compatible |
+|`https://contoso.com/test2.html` |C:\Program Files\Java\jre6\bin\jp2iexp.dll |6.0.410.2 |6.0.410.2 |Blocked |Out of date |Not EPM-compatible |
+
+**Where:**
+- **Source URI.** The URL of the page that loaded the ActiveX control.
+
+- **File path.** The location of the binary that implements the ActiveX control.
+
+- **Product version.** The product version of the binary that implements the ActiveX control.
+
+- **File version.** The file version of the binary that implements the ActiveX control.
+
+- **Allowed/Blocked** Whether IE blocked the ActiveX control.
+
+- **Enhanced Protected Mode (EPM)-compatible.** Whether the loaded ActiveX control is compatible with [Enhanced Protected Mode](https://go.microsoft.com/fwlink/p/?LinkId=403865).**Note**
Enhanced Protected Mode isn’t supported on Internet Explorer 9 or earlier versions of IE. Therefore, if you’re using Internet Explorer 8 or Internet Explorer 9, all ActiveX controls will always be marked as not EPM-compatible.
+
+- **Reason.** The ActiveX control can be blocked or allowed for any of these reasons:
+
+|Reason |Corresponds to |Description |
+|-------------------------|---------------|-------------------------------------------------|
+|Version not in blocklist |Allowed |The version of the loaded ActiveX control is explicitly allowed by the IE version list. |
+|Trusted domain |Allowed |The ActiveX control was loaded on a domain listed in the **Turn off blocking of outdated ActiveX controls for IE on specific domains** setting. |
+|File doesn’t exist |Allowed |The loaded ActiveX control is missing required binaries to run correctly. |
+|Out-of-date |Blocked |The loaded ActiveX control is explicitly blocked by the IE version list because it is out-of-date. |
+|Not in blocklist |Allowed |The loaded ActiveX control isn’t in the IE version list. |
+|Managed by policy |Allowed |The loaded ActiveX control is managed by a Group Policy setting that isn’t listed here, and will be managed in accordance with that Group Policy setting. |
+|Trusted Site Zone or intranet |Allowed |The ActiveX control was loaded in the Trusted Sites Zone or the Local Intranet Zone. |
+|Hardblocked |Blocked |The loaded ActiveX control is blocked in IE because it contains known security vulnerabilities. |
+|Unknown |Allowed or blocked |None of the above apply. |
+
+### Inventory your ActiveX controls by using a local WMI class
+For Windows 10 you also have the option to log your inventory info to a local WMI class. Info logged to this class includes all of info you get from the .csv file, plus the CLSID of the loaded ActiveX control or the name of any apps started from an ActiveX control.
+
+#### Before you begin
+Before you can use WMI to inventory your ActiveX controls, you need to [download the configuration package (.zip file)](https://go.microsoft.com/fwlink/p/?LinkId=616971), which includes:
+
+- **ConfigureWMILogging.ps1**. A Windows PowerShell script.
+
+- **ActiveXWMILogging.mof**. A managed object file.
+
+Before running the PowerShell script, you must copy both the .ps1 and .mof file to the same directory location, on the client computer.
+
+ **To configure IE to use WMI logging**
+
+1. Open your Group Policy editor and turn on the `Administrative Templates\Windows Components\Internet Explorer\Turn on ActiveX control logging in IE` setting.
+
+2. On the client device, start PowerShell in elevated mode (using admin privileges) and run `ConfigureWMILogging.ps1` by by-passing the PowerShell execution policy, using this command:
+ ```
+ powershell –ExecutionPolicy Bypass .\ConfigureWMILogging.ps1
+ ```
+ For more info, see [about_Execution_Policies](https://go.microsoft.com/fwlink/p/?linkid=517460).
+
+3. **Optional:** Set up your domain firewall for WMI data. For more info, see [Collect data using Enterprise Site Discovery](collect-data-using-enterprise-site-discovery.md).
+
+The inventory info appears in the WMI class, `IEAXControlBlockingAuditInfo`, located in the WMI namespace, *root\\cimv2\\IETelemetry*. To collect the inventory info from your client computers, we recommend using System Center 2012 R2 Configuration Manager or any agent that can access the WMI data. For more info, see [Collect data using Enterprise Site Discovery](collect-data-using-enterprise-site-discovery.md).
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/problems-after-installing-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/problems-after-installing-ie11.md
index 7b0af11274..80a59c9305 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/problems-after-installing-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/problems-after-installing-ie11.md
@@ -1,73 +1,74 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: support
-description: Possible solutions to the problems you might encounter after installing IE11, such as crashing or seeming slow, getting into an unusable state, or problems with adaptive streaming and DRM playback.
-author: lomayor
-ms.prod: ie11
-ms.assetid: c4b75ad3-9c4a-4dd2-9fed-69f776f542e6
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Problems after installing Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 10/16/2017
----
-
-
-# Problems after installing Internet Explorer 11
-After you install Internet Explorer 11 in your organization, you might run into the following issues. By following these suggestions, you should be able to fix them.
-
-## Internet Explorer is in an unusable state
-If IE11 gets into an unusable state on an employee's computer, you can use the **Reset Internet Explorer Settings (RIES)** feature to restore the default settings for many of the browser features, including:
-
-- Search scopes
-
-- Appearance settings
-
-- Toolbars
-
-- ActiveX® controls (resets to the opt-in state, unless they're pre-approved)
-
-- Branding settings created with IEAK 11
-
-RIES does not:
-
-- Clear the Favorites list, RSS feeds, or Web slices.
-
-- Reset connection or proxy settings.
-
-- Affect the applied Administrative Template Group Policy settings.
-
-RIES turns off all custom toolbars, browser extensions, and customizations installed with IE11. If you change your mind, you can turn each of the customizations back on through the **Manage Add-ons** dialog box. For more information about resetting IE settings, see [How to Reset Internet Explorer Settings](https://go.microsoft.com/fwlink/p/?LinkId=214528).
-
-## IE is crashing or seems slow
-If you notice that CPU usage is running higher than normal, or that IE is frequently crashing or slowing down, you should check your browser add-ons and video card. By default, IE11 uses graphics processing unit (GPU) rendering mode. However, some outdated video cards and video drivers don't support GPU hardware acceleration. If IE11 determines that your current video card or video driver doesn't support GPU hardware acceleration, it'll use Software Rendering mode.
-
- **To check your browser add-ons**
-
-1. Start IE11 in **No Add-ons mode** by running the **Run** command from the **Start** menu, and then typing `iexplore.exe -extoff` into the box.
-
-2. Check if IE still crashes.
- If the browser doesn't crash, open Internet Explorer for the desktop, click the **Tools** menu, and click **Manage Add-ons**.
-
-3. Click **Toolbars and Extensions**, click each toolbar or extension, clicking **Disable** to turn off all of the browser extensions and toolbars.
-
-4. Restart IE11. Go back to the **Manage Add-Ons** window and turn on each item, one-by-one.
- After you turn each item back on, see if IE crashes or slows down. Doing it this way will help you identify the add-on that's causing IE to crash. After you've figured out which add-on was causing the problem, turn it off until you have an update from the manufacturer.
-
- **To check for Software Rendering mode**
-
-5. Open Internet Explorer for the desktop, click the **Tools** menu, and then click **Internet Options**.
-
-6. On the **Advanced** tab, go to the **Accelerated graphics** section, and then turn on Software Rendering mode by choosing the **Use software rendering instead of GPU rendering** box.
- If the **Use software rendering instead of GPU rendering** option is greyed out, it means that your current video card or video driver doesn't support GPU hardware acceleration. For more information, see [Windows 10 Support](https://go.microsoft.com/fwlink/?LinkId=746588).
-
-## Adaptive streaming and DRM playback don’t work with Windows Server 2012 R2
-IE11 in Windows Server 2012 R2 doesn’t include media features like adaptive streaming or Digital Rights Management (DRM) playback. To add these features, you’ll need to download and install the Media Feature Pack from the [Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=320789), as well as an app that uses PlayReady DRM from the Microsoft Store, such as the Xbox Music app or Xbox Video app. The app must be installed to specifically turn on DRM features, while all other media features are installed with the Media Feature Pack.
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: support
+description: Possible solutions to the problems you might encounter after installing IE11, such as crashing or seeming slow, getting into an unusable state, or problems with adaptive streaming and DRM playback.
+author: dansimp
+ms.prod: ie11
+ms.assetid: c4b75ad3-9c4a-4dd2-9fed-69f776f542e6
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Problems after installing Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 10/16/2017
+---
+
+
+# Problems after installing Internet Explorer 11
+After you install Internet Explorer 11 in your organization, you might run into the following issues. By following these suggestions, you should be able to fix them.
+
+## Internet Explorer is in an unusable state
+If IE11 gets into an unusable state on an employee's computer, you can use the **Reset Internet Explorer Settings (RIES)** feature to restore the default settings for many of the browser features, including:
+
+- Search scopes
+
+- Appearance settings
+
+- Toolbars
+
+- ActiveX® controls (resets to the opt-in state, unless they're pre-approved)
+
+- Branding settings created with IEAK 11
+
+RIES does not:
+
+- Clear the Favorites list, RSS feeds, or Web slices.
+
+- Reset connection or proxy settings.
+
+- Affect the applied Administrative Template Group Policy settings.
+
+RIES turns off all custom toolbars, browser extensions, and customizations installed with IE11. If you change your mind, you can turn each of the customizations back on through the **Manage Add-ons** dialog box. For more information about resetting IE settings, see [How to Reset Internet Explorer Settings](https://go.microsoft.com/fwlink/p/?LinkId=214528).
+
+## IE is crashing or seems slow
+If you notice that CPU usage is running higher than normal, or that IE is frequently crashing or slowing down, you should check your browser add-ons and video card. By default, IE11 uses graphics processing unit (GPU) rendering mode. However, some outdated video cards and video drivers don't support GPU hardware acceleration. If IE11 determines that your current video card or video driver doesn't support GPU hardware acceleration, it'll use Software Rendering mode.
+
+ **To check your browser add-ons**
+
+1. Start IE11 in **No Add-ons mode** by running the **Run** command from the **Start** menu, and then typing `iexplore.exe -extoff` into the box.
+
+2. Check if IE still crashes.
+ If the browser doesn't crash, open Internet Explorer for the desktop, click the **Tools** menu, and click **Manage Add-ons**.
+
+3. Click **Toolbars and Extensions**, click each toolbar or extension, clicking **Disable** to turn off all of the browser extensions and toolbars.
+
+4. Restart IE11. Go back to the **Manage Add-Ons** window and turn on each item, one-by-one.
+ After you turn each item back on, see if IE crashes or slows down. Doing it this way will help you identify the add-on that's causing IE to crash. After you've figured out which add-on was causing the problem, turn it off until you have an update from the manufacturer.
+
+ **To check for Software Rendering mode**
+
+5. Open Internet Explorer for the desktop, click the **Tools** menu, and then click **Internet Options**.
+
+6. On the **Advanced** tab, go to the **Accelerated graphics** section, and then turn on Software Rendering mode by choosing the **Use software rendering instead of GPU rendering** box.
+ If the **Use software rendering instead of GPU rendering** option is greyed out, it means that your current video card or video driver doesn't support GPU hardware acceleration. For more information, see [Windows 10 Support](https://go.microsoft.com/fwlink/?LinkId=746588).
+
+## Adaptive streaming and DRM playback don’t work with Windows Server 2012 R2
+IE11 in Windows Server 2012 R2 doesn’t include media features like adaptive streaming or Digital Rights Management (DRM) playback. To add these features, you’ll need to download and install the Media Feature Pack from the [Microsoft Download Center](https://go.microsoft.com/fwlink/p/?LinkId=320789), as well as an app that uses PlayReady DRM from the Microsoft Store, such as the Xbox Music app or Xbox Video app. The app must be installed to specifically turn on DRM features, while all other media features are installed with the Media Feature Pack.
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
index f77ef953c0..df8a2b1707 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
@@ -1,48 +1,49 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Instructions about how to clear all of the sites from your global Enterprise Mode site list.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 90f38a6c-e0e2-4c93-9a9e-c425eca99e97
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Remove all sites from your Enterprise Mode site list using the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Remove all sites from your Enterprise Mode site list using the Enterprise Mode Site List Manager
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-You can clear all of the sites from your global Enterprise Mode site list.
-
-**Important**
-This is a permanent removal and erases everything. However, if you determine it was a mistake, and you saved an XML copy of your list, you can add the file again by following the steps in the [Add multiple sites to the Enterprise Mode site list using a file and Enterprise Mode Site List Manager (schema v.2)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md) or [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md), depending on your operating system.
-
- **To clear your compatibility list**
-
-1. On the **File** menu of the Enterprise Mode Site List Manager, click **Clear list**.
-
-2. Click **Yes** in the warning message.
Your sites are all cleared from your list.
-
-## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
-- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Instructions about how to clear all of the sites from your global Enterprise Mode site list.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 90f38a6c-e0e2-4c93-9a9e-c425eca99e97
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Remove all sites from your Enterprise Mode site list using the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Remove all sites from your Enterprise Mode site list using the Enterprise Mode Site List Manager
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+You can clear all of the sites from your global Enterprise Mode site list.
+
+**Important**
+This is a permanent removal and erases everything. However, if you determine it was a mistake, and you saved an XML copy of your list, you can add the file again by following the steps in the [Add multiple sites to the Enterprise Mode site list using a file and Enterprise Mode Site List Manager (schema v.2)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md) or [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md), depending on your operating system.
+
+ **To clear your compatibility list**
+
+1. On the **File** menu of the Enterprise Mode Site List Manager, click **Clear list**.
+
+2. Click **Yes** in the warning message.
Your sites are all cleared from your list.
+
+## Related topics
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/remove-sites-from-a-local-compatibililty-view-list.md b/browsers/internet-explorer/ie11-deploy-guide/remove-sites-from-a-local-compatibililty-view-list.md
index b682c46207..4995a12e9a 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/remove-sites-from-a-local-compatibililty-view-list.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/remove-sites-from-a-local-compatibililty-view-list.md
@@ -1,42 +1,43 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Instructions about how to remove sites from a local compatibility view list.
-author: lomayor
-ms.prod: ie11
-ms.assetid: f6ecaa75-ebcb-4f8d-8721-4cd6e73c0ac9
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Remove sites from a local compatibility view list (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Remove sites from a local compatibility view list
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Remove websites that were added to a local compatibility view list by mistake or because they no longer have compatibility problems.
-
- **To remove sites from a local compatibility view list**
-
-1. Open Internet Explorer 11, click **Tools**, and then click **Compatibility View Settings**.
-
-2. Pick the site to remove, and then click **Remove**.
-Sites can only be removed one at a time. If one is removed by mistake, it can be added back using this same box and the **Add** section.
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Instructions about how to remove sites from a local compatibility view list.
+author: dansimp
+ms.prod: ie11
+ms.assetid: f6ecaa75-ebcb-4f8d-8721-4cd6e73c0ac9
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Remove sites from a local compatibility view list (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Remove sites from a local compatibility view list
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Remove websites that were added to a local compatibility view list by mistake or because they no longer have compatibility problems.
+
+ **To remove sites from a local compatibility view list**
+
+1. Open Internet Explorer 11, click **Tools**, and then click **Compatibility View Settings**.
+
+2. Pick the site to remove, and then click **Remove**.
+Sites can only be removed one at a time. If one is removed by mistake, it can be added back using this same box and the **Add** section.
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/remove-sites-from-a-local-enterprise-mode-site-list.md b/browsers/internet-explorer/ie11-deploy-guide/remove-sites-from-a-local-enterprise-mode-site-list.md
index 6cfccfd925..c9b859509b 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/remove-sites-from-a-local-enterprise-mode-site-list.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/remove-sites-from-a-local-enterprise-mode-site-list.md
@@ -1,58 +1,59 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Instructions about how to remove sites from a local Enterprise Mode site list.
-author: lomayor
-ms.prod: ie11
-ms.assetid: c7d6dd0b-e264-42bb-8c9d-ac2f837018d2
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Remove sites from a local Enterprise Mode site list (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Remove sites from a local Enterprise Mode site list
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Remove websites that were added to a local Enterprise Mode site list by mistake or because the sites no longer have compatibility problems.
-
-**Note**
The changes described in this topic only impact sites added to a local Enterprise Mode site list and not the list of sites deployed to all employees by an administrator. Employees can't delete sites added to the list by an administrator.
-
- **To remove single sites from a local Enterprise Mode site list**
-
-1. Open Internet Explorer 11 and go to the site you want to remove.
-
-2. Click **Tools**, and then click **Enterprise Mode**.
-The checkmark disappears from next to Enterprise Mode and the site is removed from the list.
-
-**Note**
If the site is removed by mistake, it can be added back by clicking **Enterprise Mode** again.
-
- **To remove all sites from a local Enterprise Mode site list**
-
-1. Open IE11, click **Tools**, and then click **Internet options**.
-
-2. Click the **Delete** button from the **Browsing history** area.
-
-3. Click the box next to **Cookies and website data**, and then click **Delete**.
-
-**Note**
This removes all of the sites from a local Enterprise Mode site list.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Instructions about how to remove sites from a local Enterprise Mode site list.
+author: dansimp
+ms.prod: ie11
+ms.assetid: c7d6dd0b-e264-42bb-8c9d-ac2f837018d2
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Remove sites from a local Enterprise Mode site list (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Remove sites from a local Enterprise Mode site list
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Remove websites that were added to a local Enterprise Mode site list by mistake or because the sites no longer have compatibility problems.
+
+**Note**
The changes described in this topic only impact sites added to a local Enterprise Mode site list and not the list of sites deployed to all employees by an administrator. Employees can't delete sites added to the list by an administrator.
+
+ **To remove single sites from a local Enterprise Mode site list**
+
+1. Open Internet Explorer 11 and go to the site you want to remove.
+
+2. Click **Tools**, and then click **Enterprise Mode**.
+The checkmark disappears from next to Enterprise Mode and the site is removed from the list.
+
+**Note**
If the site is removed by mistake, it can be added back by clicking **Enterprise Mode** again.
+
+ **To remove all sites from a local Enterprise Mode site list**
+
+1. Open IE11, click **Tools**, and then click **Internet options**.
+
+2. Click the **Delete** button from the **Browsing history** area.
+
+3. Click the box next to **Cookies and website data**, and then click **Delete**.
+
+**Note**
This removes all of the sites from a local Enterprise Mode site list.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md
index 48ead2d656..28b18117e1 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md
@@ -1,46 +1,47 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: You can save your current Enterprise Mode compatibility site list as an XML file, for distribution and use by your managed systems.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 254a986b-494f-4316-92c1-b089ee8b3e0a
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Save your site list to XML in the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Save your site list to XML in the Enterprise Mode Site List Manager
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-You can save your current Enterprise Mode compatibility site list as an XML file, for distribution and use by your managed systems.
-
- **To save your list as XML**
-
-1. On the **File** menu of the Enterprise Mode Site List Manager, click **Save to XML**.
-
-2. Save the file to the location you specified in your Enterprise Mode registry key, set up when you turned on Enterprise Mode for use in your company. For information about the Enterprise Mode registry key, see [Turn on local control and logging for Enterprise Mode](turn-on-local-control-and-logging-for-enterprise-mode.md).
-The first time a user starts Internet Explorer 11 on a managed device; Internet Explorer will look for a new version of the site list at the specified location. If the browser finds an updated site list, IE downloads the new XML site list and uses it.
-
-## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
-- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: You can save your current Enterprise Mode compatibility site list as an XML file, for distribution and use by your managed systems.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 254a986b-494f-4316-92c1-b089ee8b3e0a
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Save your site list to XML in the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Save your site list to XML in the Enterprise Mode Site List Manager
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+You can save your current Enterprise Mode compatibility site list as an XML file, for distribution and use by your managed systems.
+
+ **To save your list as XML**
+
+1. On the **File** menu of the Enterprise Mode Site List Manager, click **Save to XML**.
+
+2. Save the file to the location you specified in your Enterprise Mode registry key, set up when you turned on Enterprise Mode for use in your company. For information about the Enterprise Mode registry key, see [Turn on local control and logging for Enterprise Mode](turn-on-local-control-and-logging-for-enterprise-mode.md).
+The first time a user starts Internet Explorer 11 on a managed device; Internet Explorer will look for a new version of the site list at the specified location. If the browser finds an updated site list, IE downloads the new XML site list and uses it.
+
+## Related topics
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/schedule-production-change-enterprise-mode-portal.md b/browsers/internet-explorer/ie11-deploy-guide/schedule-production-change-enterprise-mode-portal.md
index b2a83dc360..4565b9f0c1 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/schedule-production-change-enterprise-mode-portal.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/schedule-production-change-enterprise-mode-portal.md
@@ -1,53 +1,54 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Details about how Administrators can schedule approved change requests for production in the Enterprise Mode Site List Portal.
-author: lomayor
-ms.prod: ie11
-title: Schedule approved change requests for production using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
----
-
-# Schedule approved change requests for production using the Enterprise Mode Site List Portal
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-After a change request is approved, the original Requester can schedule the change for the production environment. The change can be immediate or set for a future time.
-
-**To schedule an immediate change**
-1. The Requester logs onto the Enterprise Mode Site List Portal and clicks **In Progress** from the left pane.
-
-2. The Requester clicks the **Approved** status for the change request.
-
- The **Schedule changes** page appears.
-
-3. The Requester clicks **Now**, and then clicks **Save**.
-
- The update is scheduled to immediately update the production environment, and an email is sent to the Requester. After the update finishes, the Requester is asked to verify the changes.
-
-
-**To schedule the change for a different day or time**
-1. The Requester logs onto the Enterprise Mode Site List Portal and clicks **In Progress** from the left pane.
-
-2. The Requester clicks the **Approved** status for the change request.
-
- The **Schedule changes** page appears.
-
-3. The Requester clicks **Schedule**, sets the **Preferred day**, **Preferred start time**, and the **Preferred end time**, and then clicks **Save**.
-
- The update is scheduled to update the production environment on that day and time and an email is sent to the Requester. After the update finishes, the Requester will be asked to verify the changes.
-
-
-## Next steps
-After the update to the production environment completes, the Requester must again test the change. If the testing succeeds, the Requester can sign off on the change request. If the testing fails, the Requester can contact the Administrator group for more help. For the production environment testing steps, see the [Verify the change request update in the production environment using the Enterprise Mode Site List Portal](verify-changes-production-enterprise-mode-portal.md) topic.
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Details about how Administrators can schedule approved change requests for production in the Enterprise Mode Site List Portal.
+author: dansimp
+ms.prod: ie11
+title: Schedule approved change requests for production using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+ms.reviewer:
+audience: itprom
+manager: dansimp
+ms.author: dansimp
+---
+
+# Schedule approved change requests for production using the Enterprise Mode Site List Portal
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+After a change request is approved, the original Requester can schedule the change for the production environment. The change can be immediate or set for a future time.
+
+**To schedule an immediate change**
+1. The Requester logs onto the Enterprise Mode Site List Portal and clicks **In Progress** from the left pane.
+
+2. The Requester clicks the **Approved** status for the change request.
+
+ The **Schedule changes** page appears.
+
+3. The Requester clicks **Now**, and then clicks **Save**.
+
+ The update is scheduled to immediately update the production environment, and an email is sent to the Requester. After the update finishes, the Requester is asked to verify the changes.
+
+
+**To schedule the change for a different day or time**
+1. The Requester logs onto the Enterprise Mode Site List Portal and clicks **In Progress** from the left pane.
+
+2. The Requester clicks the **Approved** status for the change request.
+
+ The **Schedule changes** page appears.
+
+3. The Requester clicks **Schedule**, sets the **Preferred day**, **Preferred start time**, and the **Preferred end time**, and then clicks **Save**.
+
+ The update is scheduled to update the production environment on that day and time and an email is sent to the Requester. After the update finishes, the Requester will be asked to verify the changes.
+
+
+## Next steps
+After the update to the production environment completes, the Requester must again test the change. If the testing succeeds, the Requester can sign off on the change request. If the testing fails, the Requester can contact the Administrator group for more help. For the production environment testing steps, see the [Verify the change request update in the production environment using the Enterprise Mode Site List Portal](verify-changes-production-enterprise-mode-portal.md) topic.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
index 985b416947..bc468576ed 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md
@@ -1,44 +1,45 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Search to see if a specific site already appears in your global Enterprise Mode site list.
-author: lomayor
-ms.prod: ie11
-ms.assetid: e399aeaf-6c3b-4cad-93c9-813df6ad47f9
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Search your Enterprise Mode site list in the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Search your Enterprise Mode site list in the Enterprise Mode Site List Manager
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-You can search to see if a specific site already appears in your global Enterprise Mode site list so you don’t try to add it again.
-
- **To search your compatibility list**
-
-- From the Enterprise Mode Site List Manager, type part of the URL into the **Search** box.
- The search query searches all of the text. For example, entering *“micro”* will return results like, www.microsoft.com, microsoft.com, and microsoft.com/images. Wildcard characters aren’t supported.
-
-## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
-- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Search to see if a specific site already appears in your global Enterprise Mode site list.
+author: dansimp
+ms.prod: ie11
+ms.assetid: e399aeaf-6c3b-4cad-93c9-813df6ad47f9
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Search your Enterprise Mode site list in the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Search your Enterprise Mode site list in the Enterprise Mode Site List Manager
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+You can search to see if a specific site already appears in your global Enterprise Mode site list so you don’t try to add it again.
+
+ **To search your compatibility list**
+
+- From the Enterprise Mode Site List Manager, type part of the URL into the **Search** box.
+ The search query searches all of the text. For example, entering *“micro”* will return results like, www.microsoft.com, microsoft.com, and microsoft.com/images. Wildcard characters aren’t supported.
+
+## Related topics
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/set-the-default-browser-using-group-policy.md b/browsers/internet-explorer/ie11-deploy-guide/set-the-default-browser-using-group-policy.md
index 829f920161..b6c1af8258 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/set-the-default-browser-using-group-policy.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/set-the-default-browser-using-group-policy.md
@@ -1,38 +1,39 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: Use the Group Policy setting, Set a default associations configuration file, to set the default browser for your company devices running Windows 10.
-author: lomayor
-ms.prod: ie11
-ms.assetid: f486c9db-0dc9-4cd6-8a0b-8cb872b1d361
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Set the default browser using Group Policy (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Set the default browser using Group Policy
-You can use the Group Policy setting, **Set a default associations configuration file**, to set the default browser for your company devices running Windows 10.
-
- **To set the default browser as Internet Explorer 11**
-
-1. Open your Group Policy editor and go to the **Computer Configuration\Administrative Templates\\Windows Components\\File Explorer\\Set a default associations configuration file** setting.
-Turning this setting on also requires you to create and store a default associations configuration file, locally or on a network share. For more information about creating this file, see [Export or Import Default Application Associations]( https://go.microsoft.com/fwlink/p/?LinkId=618268).
-
- 
-
-2. Click **Enabled**, and then in the **Options** area, type the location to your default associations configuration file.
-If this setting is turned on and your employee's device is domain-joined, this file is processed and default associations are applied at logon. If this setting isn't configured or is turned off, or if your employee's device isn't domain-joined, no default associations are applied at logon.
-
-Your employees can change this setting by changing the Internet Explorer default value from the **Set Default Programs** area of the Control Panel.
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: Use the Group Policy setting, Set a default associations configuration file, to set the default browser for your company devices running Windows 10.
+author: dansimp
+ms.prod: ie11
+ms.assetid: f486c9db-0dc9-4cd6-8a0b-8cb872b1d361
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Set the default browser using Group Policy (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Set the default browser using Group Policy
+You can use the Group Policy setting, **Set a default associations configuration file**, to set the default browser for your company devices running Windows 10.
+
+ **To set the default browser as Internet Explorer 11**
+
+1. Open your Group Policy editor and go to the **Computer Configuration\Administrative Templates\\Windows Components\\File Explorer\\Set a default associations configuration file** setting.
+Turning this setting on also requires you to create and store a default associations configuration file, locally or on a network share. For more information about creating this file, see [Export or Import Default Application Associations]( https://go.microsoft.com/fwlink/p/?LinkId=618268).
+
+ 
+
+2. Click **Enabled**, and then in the **Options** area, type the location to your default associations configuration file.
+If this setting is turned on and your employee's device is domain-joined, this file is processed and default associations are applied at logon. If this setting isn't configured or is turned off, or if your employee's device isn't domain-joined, no default associations are applied at logon.
+
+Your employees can change this setting by changing the Internet Explorer default value from the **Set Default Programs** area of the Control Panel.
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-logging-and-data-collection.md b/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-logging-and-data-collection.md
index ea77e11d87..fd55a40ebd 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-logging-and-data-collection.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-logging-and-data-collection.md
@@ -1,160 +1,161 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Set up and turn on Enterprise Mode logging and data collection in your organization.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 2e98a280-f677-422f-ba2e-f670362afcde
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Set up Enterprise Mode logging and data collection (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Set up Enterprise Mode logging and data collection
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Using Group Policy, you can turn on Enterprise Mode for Internet Explorer and then you can turn on local user control using the **Let users turn on and use Enterprise Mode from the Tools menu** setting, located in the `Administrative Templates\Windows Components\Internet Explorer` category path. After you turn this setting on, your users can turn on Enterprise Mode locally, from the IE **Tools** menu.
-
-
-
-The **Let users turn on and use Enterprise Mode from the Tools menu** setting also lets you decide where to send the user reports (as a URL). We recommend creating a custom HTTP port 81 to let your incoming user information go to a dedicated site. A dedicated site is important so you can quickly pick out the Enterprise Mode traffic from your other website traffic.
-
-
-
-Getting these reports lets you find out about sites that aren’t working right, so you can add them to your Enterprise Mode site list, without having to locate them all yourself. For more information about creating and using a site list, see the [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md) or the [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md) topic, based on your operating system.
-
-## Using ASP to collect your data
-When you turn logging on, you need a valid URL that points to a server that can be listened to for updates to a user’s registry key. This means you need to set up an endpoint server for the incoming POST messages, which are sent every time the user turns Enterprise Mode on or off from the **Tools** menu.
-
- **To set up an endpoint server**
-
-1. Configure an IIS server to work with your Enterprise Mode data collection process. If you’re unsure how to set up IIS, see the [IIS installation webpage](https://go.microsoft.com/fwlink/p/?LinkId=507609).
-
-2. Open Internet Information Services (IIS) and turn on the ASP components from the **Add Roles and Features Wizard**, **Server Roles** page.
- This lets you create an ASP form that accepts the incoming POST messages.
-
-3. Open the Internet Information Services (IIS) Manager, click **Bindings**, highlight **Port 81**, click **Edit**, and then change the website information to point to Port 81 so it matches your custom-created port.
-
- 
-
-4. Open the **Logging** feature, pick **W3C** for the format, and click **Select Fields** to open the **W3C Logging Fields** box.
-
- 
-
-5. Change the WC3 logging fields to include only the **Date**, **Client IP**, **User Name**, and **URI Query** standard fields, and then click **OK**.
- Using only these fields keeps the log file simple, giving you the date, client IP address, and the website URI information for any site changed by your users.
-
-6. Apply these changes to your default website and close the IIS Manager.
-
-7. Put your EmIE.asp file into the root of the web server, using this command:
-
- ```
- <% @ LANGUAGE=javascript %>
- <%
- Response.AppendToLog(" ;" + Request.Form("URL") + " ;" + Request.Form("EnterpriseMode"));
- %>
- ```
- This code logs your POST fields to your IIS log file, where you can review all of the collected data.
-
-
-### IIS log file information
-This is what your log files will look like after you set everything up and at least one of your users has turned on Enterprise Mode locally from the **Tools** menu. You can see the URL of the problematic website and client IP address of the user that turned on Enterprise Mode.
-
-
-
-
-## Using the GitHub sample to collect your data
-Microsoft has created the [EMIE-Data-Collection_Sample](https://go.microsoft.com/fwlink/p/?LinkId=507401) that shows how to collect your Enterprise Mode reports. This sample only shows how to collect data, it doesn’t show how to aggregate the data into your Enterprise Mode site list.
-This sample starts with you turning on Enterprise Mode and logging (either through Group Policy, or by manually setting the EnterpriseMode registry key) so that your users can use Enterprise Mode locally. For the steps to do this, go to [Turn on local control and logging for Enterprise Mode](turn-on-local-control-and-logging-for-enterprise-mode.md).
-
-**Note**
If you decide to manually change the registry key, you can change the **Enable** setting to `[deployment url]/api/records/`, which automatically sends your reports to this page.
-
-### Setting up, collecting, and viewing reports
-For logging, you’re going to need a valid URL that points to a server that can be listened to for updates to a user’s registry key. This means you need to set up an endpoint server for the incoming POST messages, which are sent every time the user turns Enterprise Mode on or off from the **Tools** menu. These POST messages go into your database, aggregating the report data by URL, giving you the total number of reports where users turned on Enterprise Mode, the total number of reports where users turned off Enterprise Mode, and the date of the last report.
-
- **To set up the sample**
-
-1. Set up a server to collect your Enterprise Mode information from your users.
-
-2. Go to the Internet Explorer/[EMIE-Data_Collection_Sample](https://go.microsoft.com/fwlink/p/?LinkId=507401) page on GitHub and tap or click the **Download ZIP** button to download the complete project.
-
-3. Open Microsoft Visual Studio 2013 with Update 2, and then open the PhoneHomeSample.sln file.
-
-4. On the **Build** menu, tap or click **Build Solution**.
- The required packages are automatically downloaded and included in the solution.
-
- **To set up your endpoint server**
-
-5. Right-click on the name, PhoneHomeSample, and click **Publish**.
-
- 
-
-6. In the **Publish Web** wizard, pick the publishing target and options that work for your organization.
-
- **Important**
- Make sure you have a database associated with your publishing target. Otherwise, your reports won’t be collected and you’ll have problems deploying the website.
-
- 
-
- After you finish the publishing process, you need to test to make sure the app deployed successfully.
-
- **To test, deploy, and use the app**
-
-7. Open a registry editor on the computer where you deployed the app, go to the `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode` key, and change the **Enable** string to:
-
- ``` "Enable"="https:///api/records/"
- ```
- Where `` points to your deployment URL.
-
-8. After you’re sure your deployment works, you can deploy it to your users using one of the following:
-
- - Turn on the **Let users turn on and use Enterprise Mode from the Tools menu** Group Policy setting, putting your `` information into the **Options** box.
-
- - Deploy the registry key in Step 3 using System Center or other management software.
-
-9. Get your users to visit websites, turning Enterprise Mode on or off locally, as necessary.
-
- **To view the report results**
-
-- Go to `https:///List` to see the report results.
-If you’re already on the webpage, you’ll need to refresh the page to see the results.
-
- 
-
-
-### Troubleshooting publishing errors
-If you have errors while you’re publishing your project, you should try to update your packages.
-
- **To update your packages**
-
-1. From the **Tools** menu of Microsoft Visual Studio, click **NuGet Package Manager**, and click **Manage NuGet Packages for Solution**.
-
- 
-
-2. Click **Updates** on the left side of the tool, and click the **Update All** button.
-You may need to do some additional package cleanup to remove older package versions.
-
-## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
-- [What is Enterprise Mode?](what-is-enterprise-mode.md)
-- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-- [Turn on Enterprise Mode and use a site list](turn-on-enterprise-mode-and-use-a-site-list.md)
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Set up and turn on Enterprise Mode logging and data collection in your organization.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 2e98a280-f677-422f-ba2e-f670362afcde
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Set up Enterprise Mode logging and data collection (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Set up Enterprise Mode logging and data collection
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Using Group Policy, you can turn on Enterprise Mode for Internet Explorer and then you can turn on local user control using the **Let users turn on and use Enterprise Mode from the Tools menu** setting, located in the `Administrative Templates\Windows Components\Internet Explorer` category path. After you turn this setting on, your users can turn on Enterprise Mode locally, from the IE **Tools** menu.
+
+
+
+The **Let users turn on and use Enterprise Mode from the Tools menu** setting also lets you decide where to send the user reports (as a URL). We recommend creating a custom HTTP port 81 to let your incoming user information go to a dedicated site. A dedicated site is important so you can quickly pick out the Enterprise Mode traffic from your other website traffic.
+
+
+
+Getting these reports lets you find out about sites that aren’t working right, so you can add them to your Enterprise Mode site list, without having to locate them all yourself. For more information about creating and using a site list, see the [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md) or the [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md) topic, based on your operating system.
+
+## Using ASP to collect your data
+When you turn logging on, you need a valid URL that points to a server that can be listened to for updates to a user’s registry key. This means you need to set up an endpoint server for the incoming POST messages, which are sent every time the user turns Enterprise Mode on or off from the **Tools** menu.
+
+ **To set up an endpoint server**
+
+1. Configure an IIS server to work with your Enterprise Mode data collection process. If you’re unsure how to set up IIS, see the [IIS installation webpage](https://go.microsoft.com/fwlink/p/?LinkId=507609).
+
+2. Open Internet Information Services (IIS) and turn on the ASP components from the **Add Roles and Features Wizard**, **Server Roles** page.
+ This lets you create an ASP form that accepts the incoming POST messages.
+
+3. Open the Internet Information Services (IIS) Manager, click **Bindings**, highlight **Port 81**, click **Edit**, and then change the website information to point to Port 81 so it matches your custom-created port.
+
+ 
+
+4. Open the **Logging** feature, pick **W3C** for the format, and click **Select Fields** to open the **W3C Logging Fields** box.
+
+ 
+
+5. Change the WC3 logging fields to include only the **Date**, **Client IP**, **User Name**, and **URI Query** standard fields, and then click **OK**.
+ Using only these fields keeps the log file simple, giving you the date, client IP address, and the website URI information for any site changed by your users.
+
+6. Apply these changes to your default website and close the IIS Manager.
+
+7. Put your EmIE.asp file into the root of the web server, using this command:
+
+ ```
+ <% @ LANGUAGE=javascript %>
+ <%
+ Response.AppendToLog(" ;" + Request.Form("URL") + " ;" + Request.Form("EnterpriseMode"));
+ %>
+ ```
+ This code logs your POST fields to your IIS log file, where you can review all of the collected data.
+
+
+### IIS log file information
+This is what your log files will look like after you set everything up and at least one of your users has turned on Enterprise Mode locally from the **Tools** menu. You can see the URL of the problematic website and client IP address of the user that turned on Enterprise Mode.
+
+
+
+
+## Using the GitHub sample to collect your data
+Microsoft has created the [EMIE-Data-Collection_Sample](https://go.microsoft.com/fwlink/p/?LinkId=507401) that shows how to collect your Enterprise Mode reports. This sample only shows how to collect data, it doesn’t show how to aggregate the data into your Enterprise Mode site list.
+This sample starts with you turning on Enterprise Mode and logging (either through Group Policy, or by manually setting the EnterpriseMode registry key) so that your users can use Enterprise Mode locally. For the steps to do this, go to [Turn on local control and logging for Enterprise Mode](turn-on-local-control-and-logging-for-enterprise-mode.md).
+
+**Note**
If you decide to manually change the registry key, you can change the **Enable** setting to `[deployment url]/api/records/`, which automatically sends your reports to this page.
+
+### Setting up, collecting, and viewing reports
+For logging, you’re going to need a valid URL that points to a server that can be listened to for updates to a user’s registry key. This means you need to set up an endpoint server for the incoming POST messages, which are sent every time the user turns Enterprise Mode on or off from the **Tools** menu. These POST messages go into your database, aggregating the report data by URL, giving you the total number of reports where users turned on Enterprise Mode, the total number of reports where users turned off Enterprise Mode, and the date of the last report.
+
+ **To set up the sample**
+
+1. Set up a server to collect your Enterprise Mode information from your users.
+
+2. Go to the Internet Explorer/[EMIE-Data_Collection_Sample](https://go.microsoft.com/fwlink/p/?LinkId=507401) page on GitHub and tap or click the **Download ZIP** button to download the complete project.
+
+3. Open Microsoft Visual Studio 2013 with Update 2, and then open the PhoneHomeSample.sln file.
+
+4. On the **Build** menu, tap or click **Build Solution**.
+ The required packages are automatically downloaded and included in the solution.
+
+ **To set up your endpoint server**
+
+5. Right-click on the name, PhoneHomeSample, and click **Publish**.
+
+ 
+
+6. In the **Publish Web** wizard, pick the publishing target and options that work for your organization.
+
+ **Important**
+ Make sure you have a database associated with your publishing target. Otherwise, your reports won’t be collected and you’ll have problems deploying the website.
+
+ 
+
+ After you finish the publishing process, you need to test to make sure the app deployed successfully.
+
+ **To test, deploy, and use the app**
+
+7. Open a registry editor on the computer where you deployed the app, go to the `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode` key, and change the **Enable** string to:
+
+ ``` "Enable"="https:///api/records/"
+ ```
+ Where `` points to your deployment URL.
+
+8. After you’re sure your deployment works, you can deploy it to your users using one of the following:
+
+ - Turn on the **Let users turn on and use Enterprise Mode from the Tools menu** Group Policy setting, putting your `` information into the **Options** box.
+
+ - Deploy the registry key in Step 3 using System Center or other management software.
+
+9. Get your users to visit websites, turning Enterprise Mode on or off locally, as necessary.
+
+ **To view the report results**
+
+- Go to `https:///List` to see the report results.
+If you’re already on the webpage, you’ll need to refresh the page to see the results.
+
+ 
+
+
+### Troubleshooting publishing errors
+If you have errors while you’re publishing your project, you should try to update your packages.
+
+ **To update your packages**
+
+1. From the **Tools** menu of Microsoft Visual Studio, click **NuGet Package Manager**, and click **Manage NuGet Packages for Solution**.
+
+ 
+
+2. Click **Updates** on the left side of the tool, and click the **Update All** button.
+You may need to do some additional package cleanup to remove older package versions.
+
+## Related topics
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [What is Enterprise Mode?](what-is-enterprise-mode.md)
+- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
+- [Turn on Enterprise Mode and use a site list](turn-on-enterprise-mode-and-use-a-site-list.md)
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-portal.md b/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-portal.md
index 469464c98f..e63d79527c 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-portal.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-portal.md
@@ -1,227 +1,228 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Details about how to set up the Enterprise Mode Site List Portal for your organization.
-author: lomayor
-ms.prod: ie11
-title: Set up the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
----
-
-# Set up the Enterprise Mode Site List Portal
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-The Enterprise Mode Site List Portal is an open-source web tool on GitHub that allows you to manage your Enterprise Mode Site List, hosted by the app, with multiple users. The portal is designed to use IIS and a SQL Server backend, leveraging Active Directory (AD) for employee management. Updates to your site list are made by submitting new change requests, which are then approved by a designated group of people, put into a pre-production environment for testing, and then deployed immediately, or scheduled for deployment later.
-
-Before you can begin using the Enterprise Mode Site List Portal, you must set up your environment.
-
-## Step 1 - Copy the deployment folder to the web server
-You must download the deployment folder (**EMIEWebPortal/**), which includes all of the source code for the website, from the [Enterprise Mode Site List Portal](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal) site to your web server.
-
-**To download the source code**
-1. Download the deployment folder from the [Enterprise Mode Site List Portal](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal) source code to your web server.
-
-2. Install the Node.js® package manager, [npm](https://www.npmjs.com/).
-
- >[!Note]
- >You need to install the npm package manager to replace all the third-party libraries we removed to make the Enterprise Mode Site List Portal open-source.
-
-3. Open File Explorer and then open the **EMIEWebPortal/** folder.
-
-4. Press and hold **Shift**, right-click the window, then click **Open PowerShell window here**.
-
-5. Type _npm i_ into the command prompt, then press **Enter**.
-
- Installs the npm package manager and bulk adds all the third-party libraries back into your codebase.
-
-6. Go back up a directory, open the solution file **EMIEWebPortal.sln** in Visual Studio, open **Web.config** from **EMIEWebPortal/** folder, and replace MSIT-LOB-COMPAT with your server name hosting your database, replace LOBMerged with your database name, and build the entire solution.
-
- >[!Note]
- >Step 3 of this topic provides the steps to create your database.
-
-7. Copy the contents of the **EMIEWebPortal/** folder to a dedicated folder on your file system. For example, _D:\EMIEWebApp_. In a later step, you'll designate this folder as your website in the IIS Manager.
-
-## Step 2 - Create the Application Pool and website, by using IIS
-Create a new Application Pool and the website, by using the IIS Manager.
-
-**To create a new Application Pool**
-1. In IIS Manager, expand your local computer in the **Connections** pane, right-click **Application Pools**, then click **Add Application Pool**.
-
- The **Add Application Pool** box appears.
-
-2. In the **Add Application Pool** box, enter the following info:
-
- - **Name.** Type the name of your new application pool. For example, _EMIEWebAppPool_.
-
- - **.NET CLR version.** Pick the version of .NET CLR used by your application pool from the drop-down box. It must be version 4.0 or higher.
-
- - **Managed pipeline mode.** Pick **Integrated** from the drop-down box. IIS uses the integrated IIS and ASP.NET request-processing pipeline for managed content.
-
-3. Click **OK**.
-
-4. Select your new application pool from the **Application Pool** pane, click **Advanced Settings** from the **Edit Application Pool** area of the **Actions** pane.
-
- The **Advanced Settings** box appears.
-
-5. Make sure your **Identity** value is **ApplicationPoolIdentity**, click **OK**, and then close the box.
-
-6. Open File Explorer and go to your deployment directory, created in Step 1. For example, _D:\EMIEWebApp_.
-
-7. Right-click on the directory, click **Properties**, and then click the **Security** tab.
-
-8. Add your new application pool to the list (for example, _IIS AppPool\EMIEWebAppPool_) with **Full control access**, making sure the location searches the local computer.
-
-9. Add **Everyone** to the list with **Read & execute access**.
-
-**To create the website**
-1. In IIS Manager, expand your local computer in the **Connections** pane, right-click **Sites**, then click **Add Website**.
-
- The **Add Website** box appears.
-
-2. In the **Add Website** box, type the name of your website into the **Site name** box. For example, _EMIEWebApp_, and then click **Select**.
-
- The **Select Application Pool** box appears.
-
-4. Pick the name of the application pool created earlier in this step, and then click **OK**. For example, _EMIEWebAppPool_.
-
-5. In the **Physical path** box, browse to your folder that contains your deployment directory. For example, _D:\EMIEWebApp_.
-
-6. Set up your **Binding**, including your **Binding Type**, **IP address**, and **Port**, as appropriate for your organization.
-
-7. Clear the **Start Website immediately** check box, and then click **OK**.
-
-8. In IIS Manager, expand your local computer, and then double-click your new website. For example, _EMIEWebApp_.
-
- The **<website_name> Home** pane appears.
-
-9. Double-click the **Authentication** icon, right-click on **Windows Authentication**, and then click **Enable**.
-
- >[!Note]
- >You must also make sure that **Anonymous Authentication** is marked as **Enabled**.
-
-## Step 3 - Create and prep your database
-Create a SQL Server database and run our custom query to create the Enterprise Mode Site List tables.
-
-**To create and prep your database**
-1. Start SQL Server Management Studio.
-
-2. Open **Object Explorer** and then connect to an instance of the SQL Server Database Engine.
-
-3. Expand the instance, right-click on **Databases**, and then click **New Database**.
-
-4. Type a database name. For example, _EMIEDatabase_.
-
-5. Leave all default values for the database files, and then click **OK**.
-
-6. Open the **DatabaseScripts/Create DB Tables/1_CreateEMIETables.sql** query file, located in the deployment directory.
-
-7. Replace the database name placeholder with the database name you created earlier. For example, _EMIEDatabase_.
-
-8. Run the query.
-
-## Step 4 - Map your Application Pool to a SQL Server role
-Map your ApplicationPoolIdentity to your database, adding the db_owner role.
-
-**To map your ApplicationPoolIdentity to a SQL Server role**
-1. Start SQL Server Management Studio and connect to your database.
-
-2. Expand the database instance and then open the server-level **Security** folder.
-
- > [!IMPORTANT]
- > Make sure you open the **Security** folder at the server level and not for the database.
-
-3. Right-click **Logins**, and then click **New Login**.
-
- The **Login-New** dialog box appears.
-
-4. Type the following into the **Login name** box, based on your server instance type:
-
- - **Local SQL Server instance.** If you have a local SQL Server instance, where IIS and SQL Server are on the same server, type the name of your Application Pool. For example, _IIS AppPool\EMIEWebAppPool_.
-
- - **Remote SQL Server instance.** If you have a remote SQL Server instance, where IIS and SQL Server are on different servers, type `Domain\ServerName$`.
-
- > [!IMPORTANT]
- > Don't click **Search** in the **Login name** box. Login name searches will resolve to a ServerName\AppPool Name account and SQL Server Management Studio won't be able to resolve the account's virtual Security ID (SID).
-
-5. Click **User Mapping** from the **Select a page** pane, click the checkbox for your database (for example, _EMIEDatabase_) from the **Users mapped to this login** pane, and then click **db_owner** from the list of available roles in the **Database role membership** pane.
-
-6. Click **OK**.
-
-## Step 5 - Restart the Application Pool and website
-Using the IIS Manager, you must restart both your Application Pool and your website.
-
-**To restart your Application Pool and website**
-1. In IIS Manager, expand your local computer in the **Connections** pane, select your website, then click **Restart** from the **Manage Website** pane.
-
-2. In the **Connections** pane, select your Application Pool, and then click **Recycle** from the **Application Pool Tasks** pane.
-
-## Step 6 - Registering as an administrator
-After you've created your database and website, you'll need to register yourself (or another employee) as an administrator for the Enterprise Mode Site List Portal.
-
-**To register as an administrator**
-1. Open Microsoft Edge and type your website URL into the Address bar. For example, https://emieportal:8085.
-
-2. Click **Register now**.
-
-3. Type your name or alias into the **Email** box, making sure it matches the info in the drop-down box.
-
-4. Click **Administrator** from the **Role** box, and then click **Save**.
-
-5. Append your website URL with `/#/EMIEAdminConsole` in the Address bar to go to your administrator console. For example, https://emieportal:8085/#/EMIEAdminConsole.
-
- A dialog box appears, prompting you for the system user name and password. The default user name is EMIEAdmin and the default password is Admin123. We strongly recommend that you change the password by using the **Change password** link as soon as you're done with your first visit.
-
-6. Select your name from the available list, and then click **Activate**.
-
-7. Go to the Enterprise Mode Site List Portal Home page and sign in.
-
-## Step 7 - Configure the SMTP server and port for email notification
-After you've set up the portal, you need to configure your SMTP server and port for email notifications from the system.
-
-**To set up your SMTP server and port for emails**
-1. Open Visual Studio, and then open the web.config file from your deployment directory.
-
-2. Update the SMTP server and port info with your info, using this format:
-
- ```
-
-
- ```
-3. Open the **Settings** page in the Enterprise Mode Site List Portal, and then update the email account and password info.
-
-## Step 8 - Register the scheduler service
-Register the EMIEScheduler tool and service for production site list changes.
-
-**To register the scheduler service**
-
-1. Open File Explorer and go to EMIEWebPortal.SchedulerService\EMIEWebPortal.SchedulerService in your deployment directory, and then copy the **App_Data**, **bin**, and **Logs** folders to a separate folder. For example, C:\EMIEService\.
-
- >[!Important]
- >If you can't find the **bin** and **Logs** folders, you probably haven't built the Visual Studio solution. Building the solution creates the folders and files.
-
-2. In Visual Studio start the Developer Command Prompt as an administrator, and then change the directory to the location of the InstallUtil.exe file. For example, _C:\Windows\Microsoft.NET\Framework\v4.0.30319_.
-
-3. Run the command, `InstallUtil ""`. For example, _InstallUtil "C:\EMIEService\bin\Debug\EMIEWebPortal.SchedulerService.exe"._
-
- You'll be asked for your user name and password for the service.
-
-4. Open the **Run** command, type `Services.msc`, and then start the EMIEScheduler service.
-
-## Related topics
-- [Enterprise Mode Site List Portal source code](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal)
-
-- [Enterprise Mode and the Enterprise Mode Site List](what-is-enterprise-mode.md)
-
-- [Use the Enterprise Mode Site List Manager tool or page](use-the-enterprise-mode-site-list-manager.md)
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Details about how to set up the Enterprise Mode Site List Portal for your organization.
+author: dansimp
+ms.prod: ie11
+title: Set up the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+---
+
+# Set up the Enterprise Mode Site List Portal
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+The Enterprise Mode Site List Portal is an open-source web tool on GitHub that allows you to manage your Enterprise Mode Site List, hosted by the app, with multiple users. The portal is designed to use IIS and a SQL Server backend, leveraging Active Directory (AD) for employee management. Updates to your site list are made by submitting new change requests, which are then approved by a designated group of people, put into a pre-production environment for testing, and then deployed immediately, or scheduled for deployment later.
+
+Before you can begin using the Enterprise Mode Site List Portal, you must set up your environment.
+
+## Step 1 - Copy the deployment folder to the web server
+You must download the deployment folder (**EMIEWebPortal/**), which includes all of the source code for the website, from the [Enterprise Mode Site List Portal](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal) site to your web server.
+
+**To download the source code**
+1. Download the deployment folder from the [Enterprise Mode Site List Portal](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal) source code to your web server.
+
+2. Install the Node.js® package manager, [npm](https://www.npmjs.com/).
+
+ >[!Note]
+ >You need to install the npm package manager to replace all the third-party libraries we removed to make the Enterprise Mode Site List Portal open-source.
+
+3. Open File Explorer and then open the **EMIEWebPortal/** folder.
+
+4. Press and hold **Shift**, right-click the window, then click **Open PowerShell window here**.
+
+5. Type _npm i_ into the command prompt, then press **Enter**.
+
+ Installs the npm package manager and bulk adds all the third-party libraries back into your codebase.
+
+6. Go back up a directory, open the solution file **EMIEWebPortal.sln** in Visual Studio, open **Web.config** from **EMIEWebPortal/** folder, and replace MSIT-LOB-COMPAT with your server name hosting your database, replace LOBMerged with your database name, and build the entire solution.
+
+ >[!Note]
+ >Step 3 of this topic provides the steps to create your database.
+
+7. Copy the contents of the **EMIEWebPortal/** folder to a dedicated folder on your file system. For example, _D:\EMIEWebApp_. In a later step, you'll designate this folder as your website in the IIS Manager.
+
+## Step 2 - Create the Application Pool and website, by using IIS
+Create a new Application Pool and the website, by using the IIS Manager.
+
+**To create a new Application Pool**
+1. In IIS Manager, expand your local computer in the **Connections** pane, right-click **Application Pools**, then click **Add Application Pool**.
+
+ The **Add Application Pool** box appears.
+
+2. In the **Add Application Pool** box, enter the following info:
+
+ - **Name.** Type the name of your new application pool. For example, _EMIEWebAppPool_.
+
+ - **.NET CLR version.** Pick the version of .NET CLR used by your application pool from the drop-down box. It must be version 4.0 or higher.
+
+ - **Managed pipeline mode.** Pick **Integrated** from the drop-down box. IIS uses the integrated IIS and ASP.NET request-processing pipeline for managed content.
+
+3. Click **OK**.
+
+4. Select your new application pool from the **Application Pool** pane, click **Advanced Settings** from the **Edit Application Pool** area of the **Actions** pane.
+
+ The **Advanced Settings** box appears.
+
+5. Make sure your **Identity** value is **ApplicationPoolIdentity**, click **OK**, and then close the box.
+
+6. Open File Explorer and go to your deployment directory, created in Step 1. For example, _D:\EMIEWebApp_.
+
+7. Right-click on the directory, click **Properties**, and then click the **Security** tab.
+
+8. Add your new application pool to the list (for example, _IIS AppPool\EMIEWebAppPool_) with **Full control access**, making sure the location searches the local computer.
+
+9. Add **Everyone** to the list with **Read & execute access**.
+
+**To create the website**
+1. In IIS Manager, expand your local computer in the **Connections** pane, right-click **Sites**, then click **Add Website**.
+
+ The **Add Website** box appears.
+
+2. In the **Add Website** box, type the name of your website into the **Site name** box. For example, _EMIEWebApp_, and then click **Select**.
+
+ The **Select Application Pool** box appears.
+
+4. Pick the name of the application pool created earlier in this step, and then click **OK**. For example, _EMIEWebAppPool_.
+
+5. In the **Physical path** box, browse to your folder that contains your deployment directory. For example, _D:\EMIEWebApp_.
+
+6. Set up your **Binding**, including your **Binding Type**, **IP address**, and **Port**, as appropriate for your organization.
+
+7. Clear the **Start Website immediately** check box, and then click **OK**.
+
+8. In IIS Manager, expand your local computer, and then double-click your new website. For example, _EMIEWebApp_.
+
+ The **<website_name> Home** pane appears.
+
+9. Double-click the **Authentication** icon, right-click on **Windows Authentication**, and then click **Enable**.
+
+ >[!Note]
+ >You must also make sure that **Anonymous Authentication** is marked as **Enabled**.
+
+## Step 3 - Create and prep your database
+Create a SQL Server database and run our custom query to create the Enterprise Mode Site List tables.
+
+**To create and prep your database**
+1. Start SQL Server Management Studio.
+
+2. Open **Object Explorer** and then connect to an instance of the SQL Server Database Engine.
+
+3. Expand the instance, right-click on **Databases**, and then click **New Database**.
+
+4. Type a database name. For example, _EMIEDatabase_.
+
+5. Leave all default values for the database files, and then click **OK**.
+
+6. Open the **DatabaseScripts/Create DB Tables/1_CreateEMIETables.sql** query file, located in the deployment directory.
+
+7. Replace the database name placeholder with the database name you created earlier. For example, _EMIEDatabase_.
+
+8. Run the query.
+
+## Step 4 - Map your Application Pool to a SQL Server role
+Map your ApplicationPoolIdentity to your database, adding the db_owner role.
+
+**To map your ApplicationPoolIdentity to a SQL Server role**
+1. Start SQL Server Management Studio and connect to your database.
+
+2. Expand the database instance and then open the server-level **Security** folder.
+
+ > [!IMPORTANT]
+ > Make sure you open the **Security** folder at the server level and not for the database.
+
+3. Right-click **Logins**, and then click **New Login**.
+
+ The **Login-New** dialog box appears.
+
+4. Type the following into the **Login name** box, based on your server instance type:
+
+ - **Local SQL Server instance.** If you have a local SQL Server instance, where IIS and SQL Server are on the same server, type the name of your Application Pool. For example, _IIS AppPool\EMIEWebAppPool_.
+
+ - **Remote SQL Server instance.** If you have a remote SQL Server instance, where IIS and SQL Server are on different servers, type `Domain\ServerName$`.
+
+ > [!IMPORTANT]
+ > Don't click **Search** in the **Login name** box. Login name searches will resolve to a ServerName\AppPool Name account and SQL Server Management Studio won't be able to resolve the account's virtual Security ID (SID).
+
+5. Click **User Mapping** from the **Select a page** pane, click the checkbox for your database (for example, _EMIEDatabase_) from the **Users mapped to this login** pane, and then click **db_owner** from the list of available roles in the **Database role membership** pane.
+
+6. Click **OK**.
+
+## Step 5 - Restart the Application Pool and website
+Using the IIS Manager, you must restart both your Application Pool and your website.
+
+**To restart your Application Pool and website**
+1. In IIS Manager, expand your local computer in the **Connections** pane, select your website, then click **Restart** from the **Manage Website** pane.
+
+2. In the **Connections** pane, select your Application Pool, and then click **Recycle** from the **Application Pool Tasks** pane.
+
+## Step 6 - Registering as an administrator
+After you've created your database and website, you'll need to register yourself (or another employee) as an administrator for the Enterprise Mode Site List Portal.
+
+**To register as an administrator**
+1. Open Microsoft Edge and type your website URL into the Address bar. For example, https://emieportal:8085.
+
+2. Click **Register now**.
+
+3. Type your name or alias into the **Email** box, making sure it matches the info in the drop-down box.
+
+4. Click **Administrator** from the **Role** box, and then click **Save**.
+
+5. Append your website URL with `/#/EMIEAdminConsole` in the Address bar to go to your administrator console. For example, https://emieportal:8085/#/EMIEAdminConsole.
+
+ A dialog box appears, prompting you for the system user name and password. The default user name is EMIEAdmin and the default password is Admin123. We strongly recommend that you change the password by using the **Change password** link as soon as you're done with your first visit.
+
+6. Select your name from the available list, and then click **Activate**.
+
+7. Go to the Enterprise Mode Site List Portal Home page and sign in.
+
+## Step 7 - Configure the SMTP server and port for email notification
+After you've set up the portal, you need to configure your SMTP server and port for email notifications from the system.
+
+**To set up your SMTP server and port for emails**
+1. Open Visual Studio, and then open the web.config file from your deployment directory.
+
+2. Update the SMTP server and port info with your info, using this format:
+
+ ```
+
+
+ ```
+3. Open the **Settings** page in the Enterprise Mode Site List Portal, and then update the email account and password info.
+
+## Step 8 - Register the scheduler service
+Register the EMIEScheduler tool and service for production site list changes.
+
+**To register the scheduler service**
+
+1. Open File Explorer and go to EMIEWebPortal.SchedulerService\EMIEWebPortal.SchedulerService in your deployment directory, and then copy the **App_Data**, **bin**, and **Logs** folders to a separate folder. For example, C:\EMIEService\.
+
+ >[!Important]
+ >If you can't find the **bin** and **Logs** folders, you probably haven't built the Visual Studio solution. Building the solution creates the folders and files.
+
+2. In Visual Studio start the Developer Command Prompt as an administrator, and then change the directory to the location of the InstallUtil.exe file. For example, _C:\Windows\Microsoft.NET\Framework\v4.0.30319_.
+
+3. Run the command, `InstallUtil ""`. For example, _InstallUtil "C:\EMIEService\bin\Debug\EMIEWebPortal.SchedulerService.exe"._
+
+ You'll be asked for your user name and password for the service.
+
+4. Open the **Run** command, type `Services.msc`, and then start the EMIEScheduler service.
+
+## Related topics
+- [Enterprise Mode Site List Portal source code](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal)
+
+- [Enterprise Mode and the Enterprise Mode Site List](what-is-enterprise-mode.md)
+
+- [Use the Enterprise Mode Site List Manager tool or page](use-the-enterprise-mode-site-list-manager.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/setup-problems-with-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/setup-problems-with-ie11.md
index 2e0ad0a745..7dd3e837c0 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/setup-problems-with-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/setup-problems-with-ie11.md
@@ -1,66 +1,67 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: support
-ms.pagetype: appcompat
-description: Reviewing log files to learn more about potential setup problems with Internet Explorer 11.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 2cd79988-17d1-4317-bee9-b3ae2dd110a0
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Setup problems with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Setup problems with Internet Explorer 11
-Installing Internet Explorer creates the following log files, which are stored in the Windows installation folder (typically, the C:\\Windows folder):
-
-- `IE11_main.log`
-
-- `IE11_NR_Setup.log`
-
-- `IE11_uninst.log`
-
-- `cbs*.log`
-
-- `WU_ IE11_LangPacks.log`
-
-These log files continuously record the entire process from the moment the IE setup program starts running until the last .cab file is downloaded, including error codes. The possible error codes are:
-
-|Error code |Description |
-|-----------|-------------------------------------------|
-|0 |Success |
-|1460 |Timeout |
-|3010 |Success, reboot required |
-|40001 |USER_ERROR_CANNOT_OPEN_LOG_FILE |
-|40003 |USER_ERROR_CANNOT_INITIALIZE_APPLICATION |
-|40004 |USER_ERROR_OLD_OS_VERSION |
-|40005 |USER_ERROR_WRONG_PLATFORM |
-|40006 |USER_ERROR_BAD_SPVERSION |
-|40007 |USER_ERROR_MISSING_REQUIRED_PREREQUISITE |
-|40008 |USER_ERROR_IE_GREATERVERSION_INSTALLED |
-|40010 |USER_ERROR_BAD_LANGUAGE |
-|40012 |USER_ERROR_CRYPTO_VALIDATION_FAILED |
-|40013 |USER_ERROR_ALREADY_INSTALLED |
-|40015 |USER_ERROR_WRONG_OS |
-|40016 |USER_ERROR_EXTRACTION_FAILED |
-|40019 |USER_ERROR_WINDOWS_PRERELEASE_NOT_SUPPORTED |
-|40021 |USER_ERROR_UNSUPPORTED_VIDEO_HARDWARE |
-|40022 |USER_ERROR_UNSUPPORTED_VIDEO_DRIVER |
-|40023 |USER_ERROR_PREREQUISITE_INSTALL_FAILED |
-|40024 |USER_ERROR_NEUTRAL_CAB_DOWNLOAD_FAILED |
-|40025 |USER_ERROR_NEUTRAL_CAB_INSTALL_FAILED |
-|41001 |USER_ERROR_UNKNOWN |
-|50005 |USER_SUCCESS_USER_CANCELLED |
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: support
+ms.pagetype: appcompat
+description: Reviewing log files to learn more about potential setup problems with Internet Explorer 11.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 2cd79988-17d1-4317-bee9-b3ae2dd110a0
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Setup problems with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Setup problems with Internet Explorer 11
+Installing Internet Explorer creates the following log files, which are stored in the Windows installation folder (typically, the C:\\Windows folder):
+
+- `IE11_main.log`
+
+- `IE11_NR_Setup.log`
+
+- `IE11_uninst.log`
+
+- `cbs*.log`
+
+- `WU_ IE11_LangPacks.log`
+
+These log files continuously record the entire process from the moment the IE setup program starts running until the last .cab file is downloaded, including error codes. The possible error codes are:
+
+|Error code |Description |
+|-----------|-------------------------------------------|
+|0 |Success |
+|1460 |Timeout |
+|3010 |Success, reboot required |
+|40001 |USER_ERROR_CANNOT_OPEN_LOG_FILE |
+|40003 |USER_ERROR_CANNOT_INITIALIZE_APPLICATION |
+|40004 |USER_ERROR_OLD_OS_VERSION |
+|40005 |USER_ERROR_WRONG_PLATFORM |
+|40006 |USER_ERROR_BAD_SPVERSION |
+|40007 |USER_ERROR_MISSING_REQUIRED_PREREQUISITE |
+|40008 |USER_ERROR_IE_GREATERVERSION_INSTALLED |
+|40010 |USER_ERROR_BAD_LANGUAGE |
+|40012 |USER_ERROR_CRYPTO_VALIDATION_FAILED |
+|40013 |USER_ERROR_ALREADY_INSTALLED |
+|40015 |USER_ERROR_WRONG_OS |
+|40016 |USER_ERROR_EXTRACTION_FAILED |
+|40019 |USER_ERROR_WINDOWS_PRERELEASE_NOT_SUPPORTED |
+|40021 |USER_ERROR_UNSUPPORTED_VIDEO_HARDWARE |
+|40022 |USER_ERROR_UNSUPPORTED_VIDEO_DRIVER |
+|40023 |USER_ERROR_PREREQUISITE_INSTALL_FAILED |
+|40024 |USER_ERROR_NEUTRAL_CAB_DOWNLOAD_FAILED |
+|40025 |USER_ERROR_NEUTRAL_CAB_INSTALL_FAILED |
+|41001 |USER_ERROR_UNKNOWN |
+|50005 |USER_SUCCESS_USER_CANCELLED |
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/system-requirements-and-language-support-for-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/system-requirements-and-language-support-for-ie11.md
index 66bf4edda5..a8953ad3f4 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/system-requirements-and-language-support-for-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/system-requirements-and-language-support-for-ie11.md
@@ -1,61 +1,62 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Lists the minimum system requirements and supported languages for Internet Explorer 11.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 27185e3d-c486-4e4a-9c51-5cb317c0006d
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: System requirements and language support for Internet Explorer 11 (IE11) (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# System requirements and language support for Internet Explorer 11 (IE11)
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1 Update
-- Windows 7 with Service Pack 1 (SP1)
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Internet Explorer 11 is available for a number of systems and languages. This topic provides info about the minimum system requirements and language support.
-
-## Minimum system requirements for IE11
-IE11 is pre-installed on Windows 8.1, Windows 10, and Windows Server 2012 R2 and is listed here for reference. For more info about IE11 on Windows 10, see [Browser: Microsoft Edge and Internet Explorer 11](https://technet.microsoft.com/library/mt156988.aspx).
-
-**Important**
-IE11 isn't supported on Windows 8 or Windows Server 2012.
-
-Some of the components in this table might also need additional system resources. Check the component's documentation for more information.
-
-
-| Item | Minimum requirements |
-|--------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Computer/processor | 1 gigahertz (GHz) 32-bit (x86) or 64-bit (x64) |
-| Operating system | - Windows 10 (32-bit or 64-bit)
- Windows 8.1 Update (32-bit or 64-bit)
- Windows 7 with SP1 (32-bit or 64-bit)
- Windows Server 2012 R2
- Windows Server 2008 R2 with SP1 (64-bit only)
|
-| Memory | - Windows 10 (32-bit)-1 GB
- Windows 10 (64-bit)-2 GB
- Windows 8.1 Update (32-bit)-1 GB
- Windows 8.1 Update (64-bit)-2 GB
- Windows 7 with SP1 (32-bit or 64-bit)-512 MB
- Windows Server 2012 R2-512 MB
- Windows Server 2008 R2 with SP1 (64-bit only)-512 MB
|
-| Hard drive space | - Windows 10 (32-bit)-16 GB
- Windows 10 (64-bit)-20 GB
- Windows 8.1 Update (32-bit)-16 GB
- Windows 8.1 Update (64-bit)-20 GB
- Windows 7 with SP1 (32-bit)-70 MB
- Windows 7 with SP1 (64-bit)-120 MB
- Windows Server 2012 R2-32 GB
- Windows Server 2008 R2 with SP1 (64-bit only)-200 MB
|
-| Drive | CD-ROM drive (if installing from a CD-ROM) |
-| Display | Super VGA (800 x 600) or higher-resolution monitor with 256 colors |
-| Peripherals | Internet connection and a compatible pointing device |
-
-## Support for .NET Framework
-You might experience start up issues where IE11 fails to launch an application that uses managed browser hosting controls with your legacy apps. This is because, starting with Internet Explorer 10, the browser started blocking legacy apps from using the .NET Framework 1.1 and 2.0. To fix this problem, see [.NET Framework problems with Internet Explorer 11](net-framework-problems-with-ie11.md).
-
-## Support for multiple languages
-IE11 is available in 108 languages for Windows 8.1 and Windows 10 and in 97 languages for Windows 7 with SP1. For the list of languages and download links, see [Available language packs based on operating system](https://go.microsoft.com/fwlink/p/?LinkId=281818).
-
-Computers running localized versions of Windows should run the same version of IE11. For example, if your employees use the Spanish edition of Windows, you should deploy the Spanish version of IE11. On the other hand, if your employees use multiple localized versions of Windows, like Spanish, French, and Catalan, you should install IE11 in one of the languages, and then install language packs for the others.
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Lists the minimum system requirements and supported languages for Internet Explorer 11.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 27185e3d-c486-4e4a-9c51-5cb317c0006d
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: System requirements and language support for Internet Explorer 11 (IE11) (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# System requirements and language support for Internet Explorer 11 (IE11)
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1 Update
+- Windows 7 with Service Pack 1 (SP1)
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Internet Explorer 11 is available for a number of systems and languages. This topic provides info about the minimum system requirements and language support.
+
+## Minimum system requirements for IE11
+IE11 is pre-installed on Windows 8.1, Windows 10, and Windows Server 2012 R2 and is listed here for reference. For more info about IE11 on Windows 10, see [Browser: Microsoft Edge and Internet Explorer 11](https://technet.microsoft.com/library/mt156988.aspx).
+
+**Important**
+IE11 isn't supported on Windows 8 or Windows Server 2012.
+
+Some of the components in this table might also need additional system resources. Check the component's documentation for more information.
+
+
+| Item | Minimum requirements |
+|--------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Computer/processor | 1 gigahertz (GHz) 32-bit (x86) or 64-bit (x64) |
+| Operating system | - Windows 10 (32-bit or 64-bit)
- Windows 8.1 Update (32-bit or 64-bit)
- Windows 7 with SP1 (32-bit or 64-bit)
- Windows Server 2012 R2
- Windows Server 2008 R2 with SP1 (64-bit only)
|
+| Memory | - Windows 10 (32-bit)-1 GB
- Windows 10 (64-bit)-2 GB
- Windows 8.1 Update (32-bit)-1 GB
- Windows 8.1 Update (64-bit)-2 GB
- Windows 7 with SP1 (32-bit or 64-bit)-512 MB
- Windows Server 2012 R2-512 MB
- Windows Server 2008 R2 with SP1 (64-bit only)-512 MB
|
+| Hard drive space | - Windows 10 (32-bit)-16 GB
- Windows 10 (64-bit)-20 GB
- Windows 8.1 Update (32-bit)-16 GB
- Windows 8.1 Update (64-bit)-20 GB
- Windows 7 with SP1 (32-bit)-70 MB
- Windows 7 with SP1 (64-bit)-120 MB
- Windows Server 2012 R2-32 GB
- Windows Server 2008 R2 with SP1 (64-bit only)-200 MB
|
+| Drive | CD-ROM drive (if installing from a CD-ROM) |
+| Display | Super VGA (800 x 600) or higher-resolution monitor with 256 colors |
+| Peripherals | Internet connection and a compatible pointing device |
+
+## Support for .NET Framework
+You might experience start up issues where IE11 fails to launch an application that uses managed browser hosting controls with your legacy apps. This is because, starting with Internet Explorer 10, the browser started blocking legacy apps from using the .NET Framework 1.1 and 2.0. To fix this problem, see [.NET Framework problems with Internet Explorer 11](net-framework-problems-with-ie11.md).
+
+## Support for multiple languages
+IE11 is available in 108 languages for Windows 8.1 and Windows 10 and in 97 languages for Windows 7 with SP1. For the list of languages and download links, see [Available language packs based on operating system](https://go.microsoft.com/fwlink/p/?LinkId=281818).
+
+Computers running localized versions of Windows should run the same version of IE11. For example, if your employees use the Spanish edition of Windows, you should deploy the Spanish version of IE11. On the other hand, if your employees use multiple localized versions of Windows, like Spanish, French, and Catalan, you should install IE11 in one of the languages, and then install language packs for the others.
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/tips-and-tricks-to-manage-ie-compatibility.md b/browsers/internet-explorer/ie11-deploy-guide/tips-and-tricks-to-manage-ie-compatibility.md
index 00029e6c5b..c5a68132d8 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/tips-and-tricks-to-manage-ie-compatibility.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/tips-and-tricks-to-manage-ie-compatibility.md
@@ -1,135 +1,136 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Find out how to achieve better backward compatibility for your legacy web applications with the Enterprise Mode Site List.
-author: lomayor
-ms.author: lomayor
-ms.prod: ie11
-ms.assetid:
-ms.reviewer:
-audience: itpro
manager: dansimp
-title: Tips and tricks to manage Internet Explorer compatibility
-ms.sitesec: library
-ms.date: 05/10/2018
----
-
-# Tips and tricks to manage Internet Explorer compatibility
-
-Find out how to achieve better backward compatibility for your legacy web applications with the Enterprise Mode Site List.
-
-Jump to:
-- [Tips for IT professionals](#tips-for-it-professionals)
-- [Tips for web developers](#tips-for-web-developers)
-
-[Enterprise Mode for Internet Explorer 11](enterprise-mode-overview-for-ie11.md) can be very effective in providing backward compatibility for older web apps. The Enterprise Mode Site List includes the ability to put any web app in any document mode, include IE8 and IE7 Enterprise Modes, without changing a single line of code on the website.
-
-
-
-Sites in the \ section can be rendered in any document mode, as shown in blue above. Some sites designed for older versions of Internet Explorer may require better backward compatibility, and these can leverage the \ section of the Enterprise Mode Site List. IE8 Enterprise Mode provides higher-fidelity emulation for Internet Explorer 8 by using, among other improvements, the original Internet Explorer 8 user agent string. IE7 Enterprise Mode further improves emulation by adding Compatibility View.
-
-Compatibility View, first introduced with Internet Explorer 8, is basically a switch. If a webpage has no DOCTYPE, that page will be rendered in Internet Explorer 5 mode. If there is a DOCTYPE, the page will be rendered in Internet Explorer 7 mode. You can effectively get Compatibility View by specifying Internet Explorer 7 in the \ section, as this falls back to Internet Explorer 5 automatically if there's no DOCTYPE, or you can use IE7 Enterprise Mode for even better emulation.
-
-## Tips for IT professionals
-
-### Inventory your sites
-
-Upgrading to a new browser can be a time-consuming and potentially costly venture. To help reduce these costs, you can download the [Enterprise Site Discovery Toolkit](https://www.microsoft.com/download/details.aspx?id=44570), which can help you prioritize which sites you should be testing based on their usage in your enterprise. For example, if the data shows that no one is visiting a particular legacy web app, you may not need to test or fix it. The toolkit is supported on Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11. The toolkit also gives you information about which document mode a page runs in your current browser so you can better understand how to fix that site if it breaks in a newer version of the browser.
-
-Once you know which sites to test and fix, the following remediation methods may help fix your compatibility issues in Internet Explorer 11 and Windows 10.
-
-### If you're on Internet Explorer 8 and upgrading to Internet Explorer 11:
-
-Use the Enterprise Mode Site List to add sites to the Internet Explorer 5, Internet Explorer 7, and Internet Explorer 8 documents modes, as well as IE8 Enterprise Mode and IE7 Enterprise Mode.
-
-- Sites with the *x-ua-compatible* meta tag or HTTP header set to "IE=edge" may break in Internet Explorer 11 and need to be set to Internet Explorer 8 mode. This is because "edge" in Internet Explorer 8 meant Internet Explorer 8 mode, but "edge" in Internet Explorer 11 means Internet Explorer 11 mode.
-
-- Sites without a DOCTYPE in zones other than Intranet will default to QME (or "interoperable quirks") rather than Internet Explorer 5 Quirks and may need to be set to Internet Explorer 5 mode.
-
-- Some sites may need to be added to both Enterprise Mode and Compatibility View to work. You can do this by adding the site to IE7 Enterprise Mode.
-
-### If you're on Internet Explorer 9 and upgrading to Internet Explorer 11:
-
-Use the Enterprise Mode Site List to add sites to the Internet Explorer 5, Internet Explorer 7, and Internet Explorer 9 document modes.
-
-- Sites with the *x-ua-compatible* meta tag or HTTP header set to "IE=edge" may break in Internet Explorer 11 and need to be set to Internet Explorer 9 mode. This is because "edge" in Internet Explorer 9 meant Internet Explorer 9 mode, but "edge" in Internet Explorer 11 means Internet Explorer 11 mode.
-
-- Sites without a DOCTYPE in zones other than Intranet will default to Interoperable Quirks rather than Internet Explorer 5 Quirks and may need to be set to Internet Explorer 5 mode.
-
-- If your sites worked in Internet Explorer 9, you won't need IE8 Enterprise Mode or IE7 Enterprise Mode.
-
-### If you're on Internet Explorer 10 and upgrading to Internet Explorer 11:
-
-Use the Enterprise Mode Site List to add sites to the Internet Explorer 5, Internet Explorer 7, and Internet Explorer 10 modes.
-
-- Sites with the *x-ua-compatible* meta tag or HTTP header set to "IE=edge" may break in Internet Explorer 11 and need to be set to Internet Explorer 10 mode. This is because "edge" in Internet Explorer 10 meant Internet Explorer 10 mode, but "edge" in Internet Explorer 11 means Internet Explorer 11 mode.
-
-- If your sites worked in Internet Explorer 10, you won't need IE8 Enterprise Mode or IE7 Enterprise Mode.
-
-### If you're on Internet Explorer 11 and upgrading to Windows 10:
-
-You're all set! You shouldn’t need to make any changes.
-
-## Tips for web developers
-
-If your website worked in an older version of Internet Explorer, but no longer works in Internet Explorer 11, you may need to update the site. Here are the set of steps you should take to find the appropriate remediation strategy.
-
-### Try document modes
-
-To see if the site works in the Internet Explorer 5, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, or Internet Explorer 11 document modes:
-
-- Open the site in Internet Explorer 11, load the F12 tools by pressing the **F12** key or by selecting **F12 Developer Tools** from the **Tools** menu, and select the **Emulation** tab.
-
- 
-
-- Run the site in each document mode until you find the mode in which the site works.
-
- >[!NOTE]
- >You will need to make sure the User agent string dropdown matches the same browser version as the Document mode dropdown. For example, if you were testing to see if the site works in Internet Explorer 10, you should update the Document mode dropdown to 10 and the User agent string dropdown to Internet Explorer 10.
-
-- If you find a mode in which your site works, you will need to add the site domain, sub-domain, or URL to the Enterprise Mode Site List for the document mode in which the site works, or ask the IT administrator to do so. You can add the *x-ua-compatible* meta tag or HTTP header as well.
-
-### Try IE8 Enterprise Mode
-
-If a document mode didn't fix your site, try IE8 Enterprise Mode, which benefits sites written for Internet Explorer 5, Internet Explorer 7, and Internet Explorer 8 document modes.
-
-- Enable the **Let users turn on and use Enterprise Mode from the Tools menu** policy locally on your machine. To do this:
-
- - Search for and run **gpedit.msc**
-
- - Navigate to **Computer Configuration** \> **Administrative Template** \> **Windows Components** \> **Internet Explorer**.
-
- - Enable the **Let users turn on and use Enterprise Mode from the Tools menu** Group Policy setting.
-
- After making this change, run **gpupdate.exe /force** to make sure the setting is applied locally. You should also make sure to disable this setting once you're done testing. Alternately, you can use a regkey; see [Turn on local control and logging for Enterprise Mode](turn-on-local-control-and-logging-for-enterprise-mode.md) for more information.
-
-- Restart Internet Explorer 11 and open the site you're testing, then go to **Emulation** tab in the **F12 Developer Tools** and select **Enterprise** from the **Browser profile** dropdown. If the site works, inform the IT administrator that the site needs to be added to the IE8 Enterprise Mode section.
-
-### Try IE7 Enterprise Mode
-
-If IE8 Enterprise Mode doesn't work, IE7 Enterprise Mode will give you the Compatibility View behavior that shipped with Internet Explorer 8 with Enterprise Mode. To try this approach:
-
-- Go to the **Tools** menu, select **Compatibility View Settings**, and add the site to the list.
-
-- Go to **Emulation** tab in the **F12 Developer Tools** and select **Enterprise** from the **Browser profile** dropdown.
-
-If the site works, inform the IT administrator that the site needs to be added to the IE7 Enterprise Mode section.\
-
->[!NOTE]
->Adding the same Web path to the Enterprise Mode and sections of the Enterprise Mode Site List will not work, but we will address this in a future update.
-
-### Update the site for modern web standards
-
-We recommend that enterprise customers focus their new development on established, modern web standards for better performance and interoperability across devices, and avoid developing sites in older Internet Explorer document modes. We often hear that, due to fact that the Intranet zone defaults to Compatibility View, web developers inadvertently create new sites in the Internet Explorer 7 or Internet Explorer 5 modes in the Intranet zone, depending on whether or not they used a DOCTYPE. As you move your web apps to modern standards, you can enable the **Turn on Internet Explorer Standards Mode for local intranet** Group Policy setting and add those sites that need Internet Explorer 5 or Internet Explorer 7 modes to the Site List. Of course, it is always a good idea to test the app to ensure that these settings work for your environment.
-
-## Related resources
-
-- [Document modes](https://msdn.microsoft.com/library/dn384051(v=vs.85).aspx)
-- [What is Enterprise Mode?](what-is-enterprise-mode.md)
-- [Turn on Enterprise Mode and use a site list](turn-on-enterprise-mode-and-use-a-site-list.md)
-- [Enterprise Site Discovery Toolkit](https://www.microsoft.com/en-us/download/details.aspx?id=44570)
-- [Collect data using Enterprise Site Discovery](collect-data-using-enterprise-site-discovery.md)
-- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
-- [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md)
-- [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md)
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Find out how to achieve better backward compatibility for your legacy web applications with the Enterprise Mode Site List.
+author: dansimp
+ms.author: dansimp
+ms.prod: ie11
+ms.assetid:
+ms.reviewer:
+audience: itpro
+manager: dansimp
+title: Tips and tricks to manage Internet Explorer compatibility
+ms.sitesec: library
+ms.date: 05/10/2018
+---
+
+# Tips and tricks to manage Internet Explorer compatibility
+
+Find out how to achieve better backward compatibility for your legacy web applications with the Enterprise Mode Site List.
+
+Jump to:
+- [Tips for IT professionals](#tips-for-it-professionals)
+- [Tips for web developers](#tips-for-web-developers)
+
+[Enterprise Mode for Internet Explorer 11](enterprise-mode-overview-for-ie11.md) can be very effective in providing backward compatibility for older web apps. The Enterprise Mode Site List includes the ability to put any web app in any document mode, include IE8 and IE7 Enterprise Modes, without changing a single line of code on the website.
+
+
+
+Sites in the \ section can be rendered in any document mode, as shown in blue above. Some sites designed for older versions of Internet Explorer may require better backward compatibility, and these can leverage the \ section of the Enterprise Mode Site List. IE8 Enterprise Mode provides higher-fidelity emulation for Internet Explorer 8 by using, among other improvements, the original Internet Explorer 8 user agent string. IE7 Enterprise Mode further improves emulation by adding Compatibility View.
+
+Compatibility View, first introduced with Internet Explorer 8, is basically a switch. If a webpage has no DOCTYPE, that page will be rendered in Internet Explorer 5 mode. If there is a DOCTYPE, the page will be rendered in Internet Explorer 7 mode. You can effectively get Compatibility View by specifying Internet Explorer 7 in the \ section, as this falls back to Internet Explorer 5 automatically if there's no DOCTYPE, or you can use IE7 Enterprise Mode for even better emulation.
+
+## Tips for IT professionals
+
+### Inventory your sites
+
+Upgrading to a new browser can be a time-consuming and potentially costly venture. To help reduce these costs, you can download the [Enterprise Site Discovery Toolkit](https://www.microsoft.com/download/details.aspx?id=44570), which can help you prioritize which sites you should be testing based on their usage in your enterprise. For example, if the data shows that no one is visiting a particular legacy web app, you may not need to test or fix it. The toolkit is supported on Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11. The toolkit also gives you information about which document mode a page runs in your current browser so you can better understand how to fix that site if it breaks in a newer version of the browser.
+
+Once you know which sites to test and fix, the following remediation methods may help fix your compatibility issues in Internet Explorer 11 and Windows 10.
+
+### If you're on Internet Explorer 8 and upgrading to Internet Explorer 11:
+
+Use the Enterprise Mode Site List to add sites to the Internet Explorer 5, Internet Explorer 7, and Internet Explorer 8 documents modes, as well as IE8 Enterprise Mode and IE7 Enterprise Mode.
+
+- Sites with the *x-ua-compatible* meta tag or HTTP header set to "IE=edge" may break in Internet Explorer 11 and need to be set to Internet Explorer 8 mode. This is because "edge" in Internet Explorer 8 meant Internet Explorer 8 mode, but "edge" in Internet Explorer 11 means Internet Explorer 11 mode.
+
+- Sites without a DOCTYPE in zones other than Intranet will default to QME (or "interoperable quirks") rather than Internet Explorer 5 Quirks and may need to be set to Internet Explorer 5 mode.
+
+- Some sites may need to be added to both Enterprise Mode and Compatibility View to work. You can do this by adding the site to IE7 Enterprise Mode.
+
+### If you're on Internet Explorer 9 and upgrading to Internet Explorer 11:
+
+Use the Enterprise Mode Site List to add sites to the Internet Explorer 5, Internet Explorer 7, and Internet Explorer 9 document modes.
+
+- Sites with the *x-ua-compatible* meta tag or HTTP header set to "IE=edge" may break in Internet Explorer 11 and need to be set to Internet Explorer 9 mode. This is because "edge" in Internet Explorer 9 meant Internet Explorer 9 mode, but "edge" in Internet Explorer 11 means Internet Explorer 11 mode.
+
+- Sites without a DOCTYPE in zones other than Intranet will default to Interoperable Quirks rather than Internet Explorer 5 Quirks and may need to be set to Internet Explorer 5 mode.
+
+- If your sites worked in Internet Explorer 9, you won't need IE8 Enterprise Mode or IE7 Enterprise Mode.
+
+### If you're on Internet Explorer 10 and upgrading to Internet Explorer 11:
+
+Use the Enterprise Mode Site List to add sites to the Internet Explorer 5, Internet Explorer 7, and Internet Explorer 10 modes.
+
+- Sites with the *x-ua-compatible* meta tag or HTTP header set to "IE=edge" may break in Internet Explorer 11 and need to be set to Internet Explorer 10 mode. This is because "edge" in Internet Explorer 10 meant Internet Explorer 10 mode, but "edge" in Internet Explorer 11 means Internet Explorer 11 mode.
+
+- If your sites worked in Internet Explorer 10, you won't need IE8 Enterprise Mode or IE7 Enterprise Mode.
+
+### If you're on Internet Explorer 11 and upgrading to Windows 10:
+
+You're all set! You shouldn’t need to make any changes.
+
+## Tips for web developers
+
+If your website worked in an older version of Internet Explorer, but no longer works in Internet Explorer 11, you may need to update the site. Here are the set of steps you should take to find the appropriate remediation strategy.
+
+### Try document modes
+
+To see if the site works in the Internet Explorer 5, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, or Internet Explorer 11 document modes:
+
+- Open the site in Internet Explorer 11, load the F12 tools by pressing the **F12** key or by selecting **F12 Developer Tools** from the **Tools** menu, and select the **Emulation** tab.
+
+ 
+
+- Run the site in each document mode until you find the mode in which the site works.
+
+ >[!NOTE]
+ >You will need to make sure the User agent string dropdown matches the same browser version as the Document mode dropdown. For example, if you were testing to see if the site works in Internet Explorer 10, you should update the Document mode dropdown to 10 and the User agent string dropdown to Internet Explorer 10.
+
+- If you find a mode in which your site works, you will need to add the site domain, sub-domain, or URL to the Enterprise Mode Site List for the document mode in which the site works, or ask the IT administrator to do so. You can add the *x-ua-compatible* meta tag or HTTP header as well.
+
+### Try IE8 Enterprise Mode
+
+If a document mode didn't fix your site, try IE8 Enterprise Mode, which benefits sites written for Internet Explorer 5, Internet Explorer 7, and Internet Explorer 8 document modes.
+
+- Enable the **Let users turn on and use Enterprise Mode from the Tools menu** policy locally on your machine. To do this:
+
+ - Search for and run **gpedit.msc**
+
+ - Navigate to **Computer Configuration** \> **Administrative Template** \> **Windows Components** \> **Internet Explorer**.
+
+ - Enable the **Let users turn on and use Enterprise Mode from the Tools menu** Group Policy setting.
+
+ After making this change, run **gpupdate.exe /force** to make sure the setting is applied locally. You should also make sure to disable this setting once you're done testing. Alternately, you can use a regkey; see [Turn on local control and logging for Enterprise Mode](turn-on-local-control-and-logging-for-enterprise-mode.md) for more information.
+
+- Restart Internet Explorer 11 and open the site you're testing, then go to **Emulation** tab in the **F12 Developer Tools** and select **Enterprise** from the **Browser profile** dropdown. If the site works, inform the IT administrator that the site needs to be added to the IE8 Enterprise Mode section.
+
+### Try IE7 Enterprise Mode
+
+If IE8 Enterprise Mode doesn't work, IE7 Enterprise Mode will give you the Compatibility View behavior that shipped with Internet Explorer 8 with Enterprise Mode. To try this approach:
+
+- Go to the **Tools** menu, select **Compatibility View Settings**, and add the site to the list.
+
+- Go to **Emulation** tab in the **F12 Developer Tools** and select **Enterprise** from the **Browser profile** dropdown.
+
+If the site works, inform the IT administrator that the site needs to be added to the IE7 Enterprise Mode section.\
+
+>[!NOTE]
+>Adding the same Web path to the Enterprise Mode and sections of the Enterprise Mode Site List will not work, but we will address this in a future update.
+
+### Update the site for modern web standards
+
+We recommend that enterprise customers focus their new development on established, modern web standards for better performance and interoperability across devices, and avoid developing sites in older Internet Explorer document modes. We often hear that, due to fact that the Intranet zone defaults to Compatibility View, web developers inadvertently create new sites in the Internet Explorer 7 or Internet Explorer 5 modes in the Intranet zone, depending on whether or not they used a DOCTYPE. As you move your web apps to modern standards, you can enable the **Turn on Internet Explorer Standards Mode for local intranet** Group Policy setting and add those sites that need Internet Explorer 5 or Internet Explorer 7 modes to the Site List. Of course, it is always a good idea to test the app to ensure that these settings work for your environment.
+
+## Related resources
+
+- [Document modes](https://msdn.microsoft.com/library/dn384051(v=vs.85).aspx)
+- [What is Enterprise Mode?](what-is-enterprise-mode.md)
+- [Turn on Enterprise Mode and use a site list](turn-on-enterprise-mode-and-use-a-site-list.md)
+- [Enterprise Site Discovery Toolkit](https://www.microsoft.com/download/details.aspx?id=44570)
+- [Collect data using Enterprise Site Discovery](collect-data-using-enterprise-site-discovery.md)
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md)
+- [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/troubleshoot-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/troubleshoot-ie11.md
index 55e4491ac7..39d999c947 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/troubleshoot-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/troubleshoot-ie11.md
@@ -1,52 +1,53 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: support
-description: Use the topics in this section to learn how to troubleshoot several of the more common problems experienced with Internet Explorer.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 0361c1a6-3faa-42b2-a588-92439eebeeab
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Troubleshoot Internet Explorer 11 (IE11) (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Troubleshoot Internet Explorer 11 (IE11)
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Use the topics in this section to learn how to troubleshoot several of the more common problems experienced with Internet Explorer.
-
-## In this section
-
-|Topic |Description |
-|-------|--------------|
-|[Setup problems with Internet Explorer 11](setup-problems-with-ie11.md) |Guidance about how to find and understand the error log files created when setup runs. |
-|[Install problems with Internet Explorer 11](install-problems-with-ie11.md) |Guidance about how to address potential problems when IE doesn’t finish installing. |
-|[Problems after installing Internet Explorer 11](problems-after-installing-ie11.md) |Guidance about how to troubleshoot and help fix instability problems, where IE crashes or seems slow or where Digital Rights Management (DRM) playback doesn’t work. |
-|[Auto configuration and auto proxy problems with Internet Explorer 11](auto-configuration-and-auto-proxy-problems-with-ie11.md) |Guidance about how to troubleshoot and help fix problems where branding changes aren’t distributed or where you’re experiencing proxy server setup problems. |
-|[User interface problems with Internet Explorer 11](user-interface-problems-with-ie11.md) |Guidance about changes to the IE Customization Wizard, security zones, Favorites, Command, and Status bars, and the search box. |
-|[Group Policy problems with Internet Explorer 11](group-policy-problems-ie11.md) |Guidance about how to find the Group Policy Object-related log files for troubleshooting. |
-|[.NET Framework problems with Internet Explorer 11](net-framework-problems-with-ie11.md) |Guidance about how to turn managed browser hosting controls back on. |
-|[Enhanced Protected Mode problems with Internet Explorer](enhanced-protected-mode-problems-with-ie11.md) |Guidance about how to turn off Enhanced Protected Mode to address compatibility issues. |
-|[Fix font rendering problems by turning off natural metrics](turn-off-natural-metrics.md) |Guidance about how to turn off natural metrics to address font rendering problems. |
-|[Intranet problems with Internet Explorer 11](intranet-problems-and-ie11.md) |Guidance about how to turn on single-word intranet searches in the address bar. |
-|[Browser cache changes and roaming profiles](browser-cache-changes-and-roaming-profiles.md) |Guidance about changes we’ve made to the browser cache to improve the performance, flexibility, reliability, and scalability and how to get the best results while using a roaming profile. |
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: support
+description: Use the topics in this section to learn how to troubleshoot several of the more common problems experienced with Internet Explorer.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 0361c1a6-3faa-42b2-a588-92439eebeeab
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Troubleshoot Internet Explorer 11 (IE11) (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Troubleshoot Internet Explorer 11 (IE11)
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Use the topics in this section to learn how to troubleshoot several of the more common problems experienced with Internet Explorer.
+
+## In this section
+
+|Topic |Description |
+|-------|--------------|
+|[Setup problems with Internet Explorer 11](setup-problems-with-ie11.md) |Guidance about how to find and understand the error log files created when setup runs. |
+|[Install problems with Internet Explorer 11](install-problems-with-ie11.md) |Guidance about how to address potential problems when IE doesn’t finish installing. |
+|[Problems after installing Internet Explorer 11](problems-after-installing-ie11.md) |Guidance about how to troubleshoot and help fix instability problems, where IE crashes or seems slow or where Digital Rights Management (DRM) playback doesn’t work. |
+|[Auto configuration and auto proxy problems with Internet Explorer 11](auto-configuration-and-auto-proxy-problems-with-ie11.md) |Guidance about how to troubleshoot and help fix problems where branding changes aren’t distributed or where you’re experiencing proxy server setup problems. |
+|[User interface problems with Internet Explorer 11](user-interface-problems-with-ie11.md) |Guidance about changes to the IE Customization Wizard, security zones, Favorites, Command, and Status bars, and the search box. |
+|[Group Policy problems with Internet Explorer 11](group-policy-problems-ie11.md) |Guidance about how to find the Group Policy Object-related log files for troubleshooting. |
+|[.NET Framework problems with Internet Explorer 11](net-framework-problems-with-ie11.md) |Guidance about how to turn managed browser hosting controls back on. |
+|[Enhanced Protected Mode problems with Internet Explorer](enhanced-protected-mode-problems-with-ie11.md) |Guidance about how to turn off Enhanced Protected Mode to address compatibility issues. |
+|[Fix font rendering problems by turning off natural metrics](turn-off-natural-metrics.md) |Guidance about how to turn off natural metrics to address font rendering problems. |
+|[Intranet problems with Internet Explorer 11](intranet-problems-and-ie11.md) |Guidance about how to turn on single-word intranet searches in the address bar. |
+|[Browser cache changes and roaming profiles](browser-cache-changes-and-roaming-profiles.md) |Guidance about changes we’ve made to the browser cache to improve the performance, flexibility, reliability, and scalability and how to get the best results while using a roaming profile. |
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/turn-off-enterprise-mode.md b/browsers/internet-explorer/ie11-deploy-guide/turn-off-enterprise-mode.md
index d193f26c68..1df0d6b95e 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/turn-off-enterprise-mode.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/turn-off-enterprise-mode.md
@@ -1,80 +1,81 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: How to turn Enterprise Mode off temporarily while testing websites and how to turn it off completely if you no longer want to to use it.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 5027c163-71e0-49b8-9dc0-f0a7310c7ae3
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Turn off Enterprise Mode (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Turn off Enterprise Mode
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-It’s important that you test the sites you’re adding, or considering removing, from your Enterprise Mode site list. To make this testing easier, you can turn off the site list or the entire Enterprise Mode functionality. For example, you might have an intranet site on your list that you’ve upgraded to be compatible with the new web standards . If you test the site while the site list is active, Internet Explorer 11 will automatically switch to Enterprise Mode. By turning off the site list, you can see what the page actually looks like and decide whether to remove it from your site list.
-
-In addition, if you no longer want your users to be able to turn Enterprise Mode on locally, you can remove Enterprise Mode from the local **Tools** menu.
-
-**Important**
-Turning off both of these features turns off Enterprise Mode for your company. Turning off Enterprise Mode also causes any websites included in your employee’s manual site lists to not appear in Enterprise Mode.
-
- **To turn off the site list using Group Policy**
-
-1. Open your Group Policy editor, like Group Policy Management Console (GPMC).
-
-2. Go to the **Use the Enterprise Mode IE website list** setting, and then click **Disabled**.
- Enterprise Mode will no longer look for the site list, effectively turning off Enterprise Mode. However, if you previously turned on local control for your employees, Enterprise Mode will still be available from the **Tools** menu. You need to turn that part of the functionality off separately.
-
- **To turn off local control using Group Policy**
-
-3. Open your Group Policy editor, like Group Policy Management Console (GPMC).
-
-4. Go to the **Let users turn on and use Enterprise Mode from the Tools menu** setting, and then click **Disable**.
-
-5. Enterprise Mode no longer shows up on the **Tools** menu for your employees. However, if you are still using an Enterprise Mode site list, all of the globally listed sites will still appear in Enterprise Mode. If you want to turn off all of Enterprise Mode, you will need to also turn off the site list functionality.
-
- **To turn off the site list using the registry**
-
-6. Open a registry editor, such as regedit.exe.
-
-7. Go to `HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\EnterpriseMode`, and then delete the **SiteList** value.
- You can also use HKEY_LOCAL_MACHINE, depending whether you want to turn off the Enterprise Mode site list for users or for computers.
-
-8. Close all and restart all instances of Internet Explorer.
- IE11 stops looking at the site list for rendering instructions. However, Enterprise Mode is still available to your users locally (if it was turned on).
-
- **To turn off local control using the registry**
-
-9. Open a registry editor, such as regedit.exe.
-
-10. Go `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode`, and then delete the **Enable** value.
- You can also use HKEY_CURRENT_USER, depending whether you want to turn off Enterprise Mode for users or for computers.
-
-11. Close and restart all instances of IE.
- Enterprise Mode is no longer a user option on the **Tools** menu in IE11. However, IE11 still looks at the site list (if it was turned on).
-
-## Related topics
-- [What is Enterprise Mode?](what-is-enterprise-mode.md)
-- [Turn on Enterprise Mode and use a site list](turn-on-enterprise-mode-and-use-a-site-list.md)
-- [Turn on local control and logging for Enterprise Mode](turn-on-local-control-and-logging-for-enterprise-mode.md)
-- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: How to turn Enterprise Mode off temporarily while testing websites and how to turn it off completely if you no longer want to to use it.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 5027c163-71e0-49b8-9dc0-f0a7310c7ae3
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Turn off Enterprise Mode (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Turn off Enterprise Mode
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+It’s important that you test the sites you’re adding, or considering removing, from your Enterprise Mode site list. To make this testing easier, you can turn off the site list or the entire Enterprise Mode functionality. For example, you might have an intranet site on your list that you’ve upgraded to be compatible with the new web standards . If you test the site while the site list is active, Internet Explorer 11 will automatically switch to Enterprise Mode. By turning off the site list, you can see what the page actually looks like and decide whether to remove it from your site list.
+
+In addition, if you no longer want your users to be able to turn Enterprise Mode on locally, you can remove Enterprise Mode from the local **Tools** menu.
+
+**Important**
+Turning off both of these features turns off Enterprise Mode for your company. Turning off Enterprise Mode also causes any websites included in your employee’s manual site lists to not appear in Enterprise Mode.
+
+ **To turn off the site list using Group Policy**
+
+1. Open your Group Policy editor, like Group Policy Management Console (GPMC).
+
+2. Go to the **Use the Enterprise Mode IE website list** setting, and then click **Disabled**.
+ Enterprise Mode will no longer look for the site list, effectively turning off Enterprise Mode. However, if you previously turned on local control for your employees, Enterprise Mode will still be available from the **Tools** menu. You need to turn that part of the functionality off separately.
+
+ **To turn off local control using Group Policy**
+
+3. Open your Group Policy editor, like Group Policy Management Console (GPMC).
+
+4. Go to the **Let users turn on and use Enterprise Mode from the Tools menu** setting, and then click **Disable**.
+
+5. Enterprise Mode no longer shows up on the **Tools** menu for your employees. However, if you are still using an Enterprise Mode site list, all of the globally listed sites will still appear in Enterprise Mode. If you want to turn off all of Enterprise Mode, you will need to also turn off the site list functionality.
+
+ **To turn off the site list using the registry**
+
+6. Open a registry editor, such as regedit.exe.
+
+7. Go to `HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\EnterpriseMode`, and then delete the **SiteList** value.
+ You can also use HKEY_LOCAL_MACHINE, depending whether you want to turn off the Enterprise Mode site list for users or for computers.
+
+8. Close all and restart all instances of Internet Explorer.
+ IE11 stops looking at the site list for rendering instructions. However, Enterprise Mode is still available to your users locally (if it was turned on).
+
+ **To turn off local control using the registry**
+
+9. Open a registry editor, such as regedit.exe.
+
+10. Go `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode`, and then delete the **Enable** value.
+ You can also use HKEY_CURRENT_USER, depending whether you want to turn off Enterprise Mode for users or for computers.
+
+11. Close and restart all instances of IE.
+ Enterprise Mode is no longer a user option on the **Tools** menu in IE11. However, IE11 still looks at the site list (if it was turned on).
+
+## Related topics
+- [What is Enterprise Mode?](what-is-enterprise-mode.md)
+- [Turn on Enterprise Mode and use a site list](turn-on-enterprise-mode-and-use-a-site-list.md)
+- [Turn on local control and logging for Enterprise Mode](turn-on-local-control-and-logging-for-enterprise-mode.md)
+- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/turn-off-natural-metrics.md b/browsers/internet-explorer/ie11-deploy-guide/turn-off-natural-metrics.md
index 890640ae36..90442b3bbc 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/turn-off-natural-metrics.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/turn-off-natural-metrics.md
@@ -1,37 +1,38 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: support
-description: Turn off natural metrics for Internet Explorer 11
-author: lomayor
-ms.prod: ie11
-ms.assetid: e31a27d7-662e-4106-a3d2-c6b0531961d5
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Fix font rendering problems by turning off natural metrics (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Fix font rendering problems by turning off natural metrics
-By default, Internet Explorer 11 uses “natural metrics”. Natural metrics use inter-pixel spacing that creates more accurately rendered and readable text, avoiding many common font rendering problems with Windows Internet Explorer 9 or older sites.
-
-However, you might find that many intranet sites need you to use Windows Graphics Device Interface (GDI) metrics. To avoid potential compatibility issues, you must turn off natural metrics for those sites.
-
- **To turn off natural metrics**
-
-- Add the following HTTP header to each site: `X-UA-TextLayoutMetrics: gdi`
-
-
-OR-
-
-- Add the following <meta> tag to each site: ``
-
-Turning off natural metrics automatically turns on GDI metrics.
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: support
+description: Turn off natural metrics for Internet Explorer 11
+author: dansimp
+ms.prod: ie11
+ms.assetid: e31a27d7-662e-4106-a3d2-c6b0531961d5
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Fix font rendering problems by turning off natural metrics (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Fix font rendering problems by turning off natural metrics
+By default, Internet Explorer 11 uses “natural metrics”. Natural metrics use inter-pixel spacing that creates more accurately rendered and readable text, avoiding many common font rendering problems with Windows Internet Explorer 9 or older sites.
+
+However, you might find that many intranet sites need you to use Windows Graphics Device Interface (GDI) metrics. To avoid potential compatibility issues, you must turn off natural metrics for those sites.
+
+ **To turn off natural metrics**
+
+- Add the following HTTP header to each site: `X-UA-TextLayoutMetrics: gdi`
+
+
-OR-
+
+- Add the following <meta> tag to each site: ``
+
+Turning off natural metrics automatically turns on GDI metrics.
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/turn-on-enterprise-mode-and-use-a-site-list.md b/browsers/internet-explorer/ie11-deploy-guide/turn-on-enterprise-mode-and-use-a-site-list.md
index 1a6823e2db..29c8de2486 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/turn-on-enterprise-mode-and-use-a-site-list.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/turn-on-enterprise-mode-and-use-a-site-list.md
@@ -1,75 +1,71 @@
----
-title: Turn on Enterprise Mode and use a site list (Internet Explorer 11 for IT Pros)
-description: How to turn on Enterprise Mode and specify a site list.
-ms.assetid: 800e9c5a-57a6-4d61-a38a-4cb972d833e1
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.prod: ie11
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-ms.sitesec: library
-author: lomayor
-ms.author: lomayor
-ms.date: 08/14/2017
-ms.localizationpriority: medium
-
-
-
-
-
----
-
-
-# Turn on Enterprise Mode and use a site list
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Before you can use a site list with Enterprise Mode, you need to turn the functionality on and set up the system for centralized control. By allowing centralized control, you can create one global list of websites that render using Enterprise Mode. Approximately 65 seconds after Internet Explorer 11 starts, it looks for a properly formatted site list. If a new site list if found, with a different version number than the active list, IE11 loads and uses the newer version. After the initial check, IE11 won’t look for an updated list again until you restart the browser.
-
->[!NOTE]
->We recommend that you store and download your website list from a secure web server (https://), to help protect against data tampering. After the list is downloaded, it's stored locally on your employees' computers so if the centralized file location is unavailable, they can still use Enterprise Mode.
-
- **To turn on Enterprise Mode using Group Policy**
-
-1. Open your Group Policy editor and go to the `Administrative Templates\Windows Components\Internet Explorer\Use the Enterprise Mode IE website list` setting.
- Turning this setting on also requires you to create and store a site list. For more information about creating your site list, see the [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md) topics.
-
- 
-
-2. Click **Enabled**, and then in the **Options** area, type the location to your site list.
-
- **To turn on Enterprise Mode using the registry**
-
-3. **For only the local user:** Open a registry editor, like regedit.exe and go to `HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode`.
-
-OR-
- For all users on the device: Open a registry editor, like regedit.exe and go to HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode.
-
-4. Edit the `SiteList` registry key to point to where you want to keep your Enterprise Mode site list file. For example:
-
- 
-
- - **HTTPS location**: `"SiteList"="https://localhost:8080/sites.xml"`
-
- - **Local network:** `"SiteList"="\\network\shares\sites.xml"`
-
- - **Local file:** `"SiteList"="file:///c:\\Users\\\\Documents\\testList.xml"`
-
- All of your managed devices must have access to this location if you want them to be able to access and use Enterprise Mode and your site list. For information about how to create and use an Enterprise Mode site list, see [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md).
-
-## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
-- [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md)
-- [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md)
-
-
-
-
-
-
+---
+title: Turn on Enterprise Mode and use a site list (Internet Explorer 11 for IT Pros)
+description: How to turn on Enterprise Mode and specify a site list.
+ms.assetid: 800e9c5a-57a6-4d61-a38a-4cb972d833e1
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.prod: ie11
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+ms.sitesec: library
+author: dansimp
+ms.author: dansimp
+ms.date: 08/14/2017
+ms.localizationpriority: medium
+---
+
+
+# Turn on Enterprise Mode and use a site list
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Before you can use a site list with Enterprise Mode, you need to turn the functionality on and set up the system for centralized control. By allowing centralized control, you can create one global list of websites that render using Enterprise Mode. Approximately 65 seconds after Internet Explorer 11 starts, it looks for a properly formatted site list. If a new site list if found, with a different version number than the active list, IE11 loads and uses the newer version. After the initial check, IE11 won’t look for an updated list again until you restart the browser.
+
+>[!NOTE]
+>We recommend that you store and download your website list from a secure web server (https://), to help protect against data tampering. After the list is downloaded, it's stored locally on your employees' computers so if the centralized file location is unavailable, they can still use Enterprise Mode.
+
+ **To turn on Enterprise Mode using Group Policy**
+
+1. Open your Group Policy editor and go to the `Administrative Templates\Windows Components\Internet Explorer\Use the Enterprise Mode IE website list` setting.
+ Turning this setting on also requires you to create and store a site list. For more information about creating your site list, see the [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md) topics.
+
+ 
+
+2. Click **Enabled**, and then in the **Options** area, type the location to your site list.
+
+ **To turn on Enterprise Mode using the registry**
+
+3. **For only the local user:** Open a registry editor, like regedit.exe and go to `HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode`.
+
-OR-
+ For all users on the device: Open a registry editor, like regedit.exe and go to HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode.
+
+4. Edit the `SiteList` registry key to point to where you want to keep your Enterprise Mode site list file. For example:
+
+ 
+
+ - **HTTPS location**: `"SiteList"="https://localhost:8080/sites.xml"`
+
+ - **Local network:** `"SiteList"="\\network\shares\sites.xml"`
+
+ - **Local file:** `"SiteList"="file:///c:\\Users\\\\Documents\\testList.xml"`
+
+ All of your managed devices must have access to this location if you want them to be able to access and use Enterprise Mode and your site list. For information about how to create and use an Enterprise Mode site list, see [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md).
+
+## Related topics
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md)
+- [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md)
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/turn-on-local-control-and-logging-for-enterprise-mode.md b/browsers/internet-explorer/ie11-deploy-guide/turn-on-local-control-and-logging-for-enterprise-mode.md
index 2f52fdfba2..1324c12963 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/turn-on-local-control-and-logging-for-enterprise-mode.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/turn-on-local-control-and-logging-for-enterprise-mode.md
@@ -1,64 +1,65 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Turn on local user control and logging for Enterprise Mode.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 6622ecce-24b1-497e-894a-e1fd5a8a66d1
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Turn on local control and logging for Enterprise Mode (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Turn on local control and logging for Enterprise Mode
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-You can turn on local control of Enterprise Mode so that your users can turn Enterprise Mode on from the **Tools** menu. Turning on this feature also adds the **Enterprise** browser profile to the **Emulation** tab of the F12 developer tools.
-
-Besides turning on this feature, you also have the option to provide a URL for Enterprise Mode logging. If you turn logging on, Internet Explorer initiates a simple POST back to the supplied address, including the URL and a specification that **EnterpriseMode** was turned on or off through the **Tools** menu.
-
- **To turn on local control of Enterprise Mode using Group Policy**
-
-1. Open your Group Policy editor and go to the **Administrative Templates\\Windows Components\\Internet Explorer\\Let users turn on and use Enterprise Mode from the Tools menu** setting.
-
- 
-
-2. Click **Enabled**, and then in the **Options** area, type the location for where to receive reports about when your employees use this functionality to turn Enterprise Mode on or off from the **Tools** menu.
-
- **To turn on local control of Enterprise Mode using the registry**
-
-3. Open a registry editor, like regedit.exe and go to `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode`.
-
-4. In the right pane, right-click and click **New**, click **String Value**, and then name the new value **Enable**.
-
-5. Right-click the **Enable** key, click **Modify**, and then type a **Value data** to point to a server that you can listen to for updates.
-
- 
-
-Your **Value data** location can be any of the following types:
-
-- **URL location (like, https://www.emieposturl.com/api/records or https://localhost:13000)**. IE sends a POST message to the URL every time a change is made to Enterprise Mode from the **Tools** menu.**Important**
- The `https://www.emieposturl.com/api/records` example will only work if you’ve downloaded the sample discussed in the [Set up Enterprise Mode logging and data collection](set-up-enterprise-mode-logging-and-data-collection.md) topic. If you don’t have the sample, you won’t have the web API.
-- **Local network location (like, https://emieposturl/)**. IE sends a POST message to your specified local network location every time a change is made to Enterprise Mode from the **Tools** menu.
-- **Empty string**. If you leave the **Value data** box blank; your employees will be able to turn Enterprise Mode on and off from the **Tools** menu, but you won’t collect any logging data.
-
-For information about how to collect the data provided when your employees turn Enterprise Mode on or off from the **Tools** menu, see [Set up Enterprise Mode logging and data collection](set-up-enterprise-mode-logging-and-data-collection.md).
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Turn on local user control and logging for Enterprise Mode.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 6622ecce-24b1-497e-894a-e1fd5a8a66d1
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Turn on local control and logging for Enterprise Mode (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Turn on local control and logging for Enterprise Mode
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+You can turn on local control of Enterprise Mode so that your users can turn Enterprise Mode on from the **Tools** menu. Turning on this feature also adds the **Enterprise** browser profile to the **Emulation** tab of the F12 developer tools.
+
+Besides turning on this feature, you also have the option to provide a URL for Enterprise Mode logging. If you turn logging on, Internet Explorer initiates a simple POST back to the supplied address, including the URL and a specification that **EnterpriseMode** was turned on or off through the **Tools** menu.
+
+ **To turn on local control of Enterprise Mode using Group Policy**
+
+1. Open your Group Policy editor and go to the **Administrative Templates\\Windows Components\\Internet Explorer\\Let users turn on and use Enterprise Mode from the Tools menu** setting.
+
+ 
+
+2. Click **Enabled**, and then in the **Options** area, type the location for where to receive reports about when your employees use this functionality to turn Enterprise Mode on or off from the **Tools** menu.
+
+ **To turn on local control of Enterprise Mode using the registry**
+
+3. Open a registry editor, like regedit.exe and go to `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode`.
+
+4. In the right pane, right-click and click **New**, click **String Value**, and then name the new value **Enable**.
+
+5. Right-click the **Enable** key, click **Modify**, and then type a **Value data** to point to a server that you can listen to for updates.
+
+ 
+
+Your **Value data** location can be any of the following types:
+
+- **URL location (like, https://www.emieposturl.com/api/records or https://localhost:13000)**. IE sends a POST message to the URL every time a change is made to Enterprise Mode from the **Tools** menu.
**Important**
+ The `https://www.emieposturl.com/api/records` example will only work if you’ve downloaded the sample discussed in the [Set up Enterprise Mode logging and data collection](set-up-enterprise-mode-logging-and-data-collection.md) topic. If you don’t have the sample, you won’t have the web API.
+- **Local network location (like, https://emieposturl/)**. IE sends a POST message to your specified local network location every time a change is made to Enterprise Mode from the **Tools** menu.
+- **Empty string**. If you leave the **Value data** box blank; your employees will be able to turn Enterprise Mode on and off from the **Tools** menu, but you won’t collect any logging data.
+
+For information about how to collect the data provided when your employees turn Enterprise Mode on or off from the **Tools** menu, see [Set up Enterprise Mode logging and data collection](set-up-enterprise-mode-logging-and-data-collection.md).
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/updated-features-and-tools-with-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/updated-features-and-tools-with-ie11.md
index a4121ee693..446375289c 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/updated-features-and-tools-with-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/updated-features-and-tools-with-ie11.md
@@ -1,50 +1,51 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: High-level info about some of the new and updated features for Internet Explorer 11.
-author: lomayor
-ms.prod: ie11
-ms.assetid: f53c6f04-7c60-40e7-9fc5-312220f08156
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: List of updated features and tools - Internet Explorer 11 (IE11) (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# List of updated features and tools - Internet Explorer 11 (IE11)
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1 Update
-- Windows 7 with Service Pack 1 (SP1)
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Internet Explorer 11 includes several new features and tools. This topic includes high-level info about the each of them.
-
-## Updated features and tools
-- **Updated web standards.** WebGL, Canvas 2D L2 extensions, fullscreen API, encrypted media extensions, media source extensions, CSS flexible box layout module, mutation observers, like DOM4 and 5.3.
-
-- **Enhanced Protected Mode.** Extends Protected Mode to further restrict the ability of an attacker to access sensitive or personal information in personal and corporate environments. This feature is turned off by default. For more info, see [Enhanced Protected Mode problems with Internet Explorer](enhanced-protected-mode-problems-with-ie11.md).
-
-- **Enterprise Mode.** Enterprise Mode, a compatibility mode that runs on IE11 on Windows 8.1 Update and Windows 7 devices, lets websites render using a modified browser configuration that’s designed to emulate Windows Internet Explorer 8, avoiding the common compatibility problems associated with web apps written and tested on older versions of Internet Explorer. For more info, see [What is Enterprise Mode?](what-is-enterprise-mode.md)
-
-- **Out-of-date ActiveX control blocking**. Helps to keep your ActiveX controls up-to-date, because malicious software (or malware) can target security flaws in outdated controls, damaging your computer by collecting info from it, installing unwanted software, or by letting someone else control it remotely. For more info, see [Out-of-date ActiveX control blocking](out-of-date-activex-control-blocking.md).
-
-- **Do Not Track (DNT) exceptions.** IE11 lets websites ask whether to track users as they browse a website. If the user approves the request, IE records an exception to the "Do Not Track" rule and sends headers to the website that allow tracking. By respecting these headers and requesting exceptions to the default privacy settings, website owners can develop a trusted relationship with their users about privacy. For more info, see [Internet Explorer 11 - FAQ for IT Pros](../ie11-faq/faq-for-it-pros-ie11.md).
-
-- **IE Administration Kit (IEAK).** Lets you create custom, branded versions of IE11. For more info and to download the tool, see [Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](../ie11-ieak/index.md).
-
-- **Unattend Settings.** Lets you update the Unattend.xml file, to customize the home page, favorites, search providers, feeds, Accelerators, Web Slices, and settings for top result searches. For more info, see the [Unattend Settings: Microsoft-Windows-IE-InternetExplorer](https://go.microsoft.com/fwlink/p/?LinkId=263709).
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: High-level info about some of the new and updated features for Internet Explorer 11.
+author: dansimp
+ms.prod: ie11
+ms.assetid: f53c6f04-7c60-40e7-9fc5-312220f08156
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: List of updated features and tools - Internet Explorer 11 (IE11) (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# List of updated features and tools - Internet Explorer 11 (IE11)
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1 Update
+- Windows 7 with Service Pack 1 (SP1)
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Internet Explorer 11 includes several new features and tools. This topic includes high-level info about the each of them.
+
+## Updated features and tools
+- **Updated web standards.** WebGL, Canvas 2D L2 extensions, fullscreen API, encrypted media extensions, media source extensions, CSS flexible box layout module, mutation observers, like DOM4 and 5.3.
+
+- **Enhanced Protected Mode.** Extends Protected Mode to further restrict the ability of an attacker to access sensitive or personal information in personal and corporate environments. This feature is turned off by default. For more info, see [Enhanced Protected Mode problems with Internet Explorer](enhanced-protected-mode-problems-with-ie11.md).
+
+- **Enterprise Mode.** Enterprise Mode, a compatibility mode that runs on IE11 on Windows 8.1 Update and Windows 7 devices, lets websites render using a modified browser configuration that’s designed to emulate Windows Internet Explorer 8, avoiding the common compatibility problems associated with web apps written and tested on older versions of Internet Explorer. For more info, see [What is Enterprise Mode?](what-is-enterprise-mode.md)
+
+- **Out-of-date ActiveX control blocking**. Helps to keep your ActiveX controls up-to-date, because malicious software (or malware) can target security flaws in outdated controls, damaging your computer by collecting info from it, installing unwanted software, or by letting someone else control it remotely. For more info, see [Out-of-date ActiveX control blocking](out-of-date-activex-control-blocking.md).
+
+- **Do Not Track (DNT) exceptions.** IE11 lets websites ask whether to track users as they browse a website. If the user approves the request, IE records an exception to the "Do Not Track" rule and sends headers to the website that allow tracking. By respecting these headers and requesting exceptions to the default privacy settings, website owners can develop a trusted relationship with their users about privacy. For more info, see [Internet Explorer 11 - FAQ for IT Pros](../ie11-faq/faq-for-it-pros-ie11.md).
+
+- **IE Administration Kit (IEAK).** Lets you create custom, branded versions of IE11. For more info and to download the tool, see [Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](../ie11-ieak/index.md).
+
+- **Unattend Settings.** Lets you update the Unattend.xml file, to customize the home page, favorites, search providers, feeds, Accelerators, Web Slices, and settings for top result searches. For more info, see the [Unattend Settings: Microsoft-Windows-IE-InternetExplorer](https://go.microsoft.com/fwlink/p/?LinkId=263709).
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/use-the-enterprise-mode-portal.md b/browsers/internet-explorer/ie11-deploy-guide/use-the-enterprise-mode-portal.md
index ad67aa915b..c26e39ddcc 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/use-the-enterprise-mode-portal.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/use-the-enterprise-mode-portal.md
@@ -1,84 +1,85 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Use the topics in this section to learn about how to use the Enterprise Mode Site List Portal.
-ms.prod: ie11
-title: Use the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-author: lomayor
----
-
-# Use the Enterprise Mode Site List Portal
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Enterprise Mode is a compatibility mode that runs on Internet Explorer 11, letting websites render using a modified browser configuration that’s designed to emulate either Windows Internet Explorer 8 or Windows Internet Explorer 7, avoiding the common compatibility problems associated with web apps written and tested on older versions of Internet Explorer.
-
-The Enterprise Mode Site List Portal is an open-source web tool on GitHub that allows you to manage your Enterprise Mode Site List, hosted by the app, with multiple users. The portal is designed to use IIS and a SQL Server backend, leveraging Active Directory (AD) for employee management. Updates to your site list are made by submitting new change requests, which are then approved by a designated group of people, put into a pre-production environment for testing, and then deployed immediately, or scheduled for deployment later.
-
-You can use IE11 and the Enterprise Mode Site List Portal to manage your Enterprise Mode Site List, hosted by the app, with multiple users.
-
-## Minimum system requirements for portal and test machines
-Some of the components in this table might also need additional system resources. Check the component's documentation for more information.
-
-|Item |Description |
-|-----|------------|
-|Operating system |Windows 7 or later |
-|Memory |16 GB RAM |
-|Hard drive space |At least 8 GB of free space, formatted using the NTFS file system for better security |
-|Active Directory (AD) |Devices must be domain-joined |
-|SQL Server |Microsoft SQL Server Enterprise Edition 2012 or later |
-|Visual Studio |Visual Studio 2015 or later |
-|Node.js® package manager |npm Developer version or higher |
-|Additional server infrastructure |Internet Information Service (IIS) 6.0 or later |
-
-## Role assignments and available actions
-Admins can assign roles to employees for the Enterprise Mode Site List Portal, allowing the employees to perform specific actions, as described in this table.
-
-|Role assignment |Available actions |
-|----------------|------------------|
-|Requester |
- Create a change request
- Validate changes in the pre-production environment
- Rollback pre-production and production changes in case of failure
- Send approval requests
- View own requests
- Sign off and close own requests
|
-|Approver
(includes the App Manager and Group Head roles) |- All of the Requester actions, plus:
- Approve requests
|
-|Administrator |- All of the Requester and Approver actions, plus:
- Add employees to the portal
- Assign employee roles
- Approve registrations to the portal
- Configure portal settings (for example, determine the freeze schedule, determine the pre-production and production XML paths, and determine the attachment upload location)
- Use the standalone Enterprise Mode Site List Manager page
- View reports
|
-
-## Enterprise Mode Site List Portal workflow by employee role
-The following workflow describes how to use the Enterprise Mode Site List Portal.
-
-1. [The Requester submits a change request for an app](create-change-request-enterprise-mode-portal.md)
-
-2. [The Requester tests the change request info, verifying its accuracy](verify-changes-preprod-enterprise-mode-portal.md)
-
-3. [The Approver(s) group accepts the change request](approve-change-request-enterprise-mode-portal.md)
-
-4. [The Requester schedules the change for the production environment](schedule-production-change-enterprise-mode-portal.md)
-
-5. [The change is verified against the production site list and signed off](verify-changes-production-enterprise-mode-portal.md)
-
-
-## Related topics
-- [Set up the Enterprise Mode Site List Portal](set-up-enterprise-mode-portal.md)
-
-- [Workflow-based processes for employees using the Enterprise Mode Site List Portal](workflow-processes-enterprise-mode-portal.md)
-
-- [How to use the Enterprise Mode Site List Manager tool or page](use-the-enterprise-mode-site-list-manager.md)
-
-- [Enterprise Mode Site List Portal source code](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal)
-
-- [Enterprise Mode and the Enterprise Mode Site List](what-is-enterprise-mode.md)
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Use the topics in this section to learn about how to use the Enterprise Mode Site List Portal.
+ms.prod: ie11
+title: Use the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+ms.reviewer: dansimp
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+author: dansimp
+---
+
+# Use the Enterprise Mode Site List Portal
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Enterprise Mode is a compatibility mode that runs on Internet Explorer 11, letting websites render using a modified browser configuration that’s designed to emulate either Windows Internet Explorer 8 or Windows Internet Explorer 7, avoiding the common compatibility problems associated with web apps written and tested on older versions of Internet Explorer.
+
+The Enterprise Mode Site List Portal is an open-source web tool on GitHub that allows you to manage your Enterprise Mode Site List, hosted by the app, with multiple users. The portal is designed to use IIS and a SQL Server backend, leveraging Active Directory (AD) for employee management. Updates to your site list are made by submitting new change requests, which are then approved by a designated group of people, put into a pre-production environment for testing, and then deployed immediately, or scheduled for deployment later.
+
+You can use IE11 and the Enterprise Mode Site List Portal to manage your Enterprise Mode Site List, hosted by the app, with multiple users.
+
+## Minimum system requirements for portal and test machines
+Some of the components in this table might also need additional system resources. Check the component's documentation for more information.
+
+|Item |Description |
+|-----|------------|
+|Operating system |Windows 7 or later |
+|Memory |16 GB RAM |
+|Hard drive space |At least 8 GB of free space, formatted using the NTFS file system for better security |
+|Active Directory (AD) |Devices must be domain-joined |
+|SQL Server |Microsoft SQL Server Enterprise Edition 2012 or later |
+|Visual Studio |Visual Studio 2015 or later |
+|Node.js® package manager |npm Developer version or higher |
+|Additional server infrastructure |Internet Information Service (IIS) 6.0 or later |
+
+## Role assignments and available actions
+Admins can assign roles to employees for the Enterprise Mode Site List Portal, allowing the employees to perform specific actions, as described in this table.
+
+|Role assignment |Available actions |
+|----------------|------------------|
+|Requester |- Create a change request
- Validate changes in the pre-production environment
- Rollback pre-production and production changes in case of failure
- Send approval requests
- View own requests
- Sign off and close own requests
|
+|Approver
(includes the App Manager and Group Head roles) |- All of the Requester actions, plus:
- Approve requests
|
+|Administrator |- All of the Requester and Approver actions, plus:
- Add employees to the portal
- Assign employee roles
- Approve registrations to the portal
- Configure portal settings (for example, determine the freeze schedule, determine the pre-production and production XML paths, and determine the attachment upload location)
- Use the standalone Enterprise Mode Site List Manager page
- View reports
|
+
+## Enterprise Mode Site List Portal workflow by employee role
+The following workflow describes how to use the Enterprise Mode Site List Portal.
+
+1. [The Requester submits a change request for an app](create-change-request-enterprise-mode-portal.md)
+
+2. [The Requester tests the change request info, verifying its accuracy](verify-changes-preprod-enterprise-mode-portal.md)
+
+3. [The Approver(s) group accepts the change request](approve-change-request-enterprise-mode-portal.md)
+
+4. [The Requester schedules the change for the production environment](schedule-production-change-enterprise-mode-portal.md)
+
+5. [The change is verified against the production site list and signed off](verify-changes-production-enterprise-mode-portal.md)
+
+
+## Related topics
+- [Set up the Enterprise Mode Site List Portal](set-up-enterprise-mode-portal.md)
+
+- [Workflow-based processes for employees using the Enterprise Mode Site List Portal](workflow-processes-enterprise-mode-portal.md)
+
+- [How to use the Enterprise Mode Site List Manager tool or page](use-the-enterprise-mode-site-list-manager.md)
+
+- [Enterprise Mode Site List Portal source code](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal)
+
+- [Enterprise Mode and the Enterprise Mode Site List](what-is-enterprise-mode.md)
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/use-the-enterprise-mode-site-list-manager.md b/browsers/internet-explorer/ie11-deploy-guide/use-the-enterprise-mode-site-list-manager.md
index 34f58b78f4..58ffc300ce 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/use-the-enterprise-mode-site-list-manager.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/use-the-enterprise-mode-site-list-manager.md
@@ -1,70 +1,71 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Use the topics in this section to learn about how to use the Enterprise Mode Site List Manager.
-author: lomayor
-ms.prod: ie11
-ms.assetid: f4dbed4c-08ff-40b1-ab3f-60d3b6e8ec9b
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 12/04/2017
----
-
-
-# Use the Enterprise Mode Site List Manager
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Enterprise Mode is a compatibility mode that runs on Internet Explorer 11, letting websites render using a modified browser configuration that’s designed to emulate either Windows Internet Explorer 8 or Windows Internet Explorer 7, avoiding the common compatibility problems associated with web apps written and tested on older versions of Internet Explorer.
-
-You can use IE11 and the Enterprise Mode Site List Manager to add individual website domains and domain paths and to specify whether the site renders using Enterprise Mode or the default mode.
-
-## Enterprise Mode Site List Manager versions
-There are currently two versions of the Enterprise Site List Manager, both based on your schema and operating system. Download the [Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853) or the [Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378) tool, based on your operating system.
-
-|Schema version |Operating system |Enterprise Site List Manager version |
-|-----------------|---------------|------------------------------------|
-|Enterprise Mode schema, version 2 (v.2) |Windows 10
-OR-
Windows 8.1
-OR-
Windows 7|Uses the Enterprise Mode Site List Manager (schema v.2) and the v.2 version of the schema. If you import a v.1 version schema into the Enterprise Mode Site List Manager (schema v.2), the XML is saved into the v.2 version of the schema.
For more info about the v.2 version of the schema, see [Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md).|
-|Enterprise Mode schema, version 1 (v.1) |Windows 10
-OR-
Windows 8.1
-OR-
Windows 7|Uses the Enterprise Mode Site List Manager (schema v.1) and the v.1 version of the schema.
For more info about the v.1 version of the schema, see [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md)|
-
-## Using the Enterprise Mode Site List Manager
-The following topics give you more information about the things that you can do with the Enterprise Mode Site List Manager.
-
-|Topic |Description |
-|------|------------|
-|[Add sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.2)](add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md) |How to add websites to your site list using the Enterprise Mode Site List Manager (schema v.2). |
-|[Add sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.1)](add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md) |How to add websites to your site list using the Enterprise Mode Site List Manager (schema v.1). |
-|[Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md) |How to add several websites to your site list at the same time, using a text or XML file and the Enterprise Mode Site List Manager (schema v.2). |
-|[Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md) |How to add several websites to your site list at the same time, using a text or XML file and the WEnterprise Mode Site List Manager (schema v.1). |
-|[Edit the Enterprise Mode site list using the Enterprise Mode Site List Manager](edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md) |How to edit the compatibility mode for specific websites.This topic applies to both versions of the Enterprise Mode Site List Manager. |
-|[Fix validation problems using the Enterprise Mode Site List Manager](fix-validation-problems-using-the-enterprise-mode-site-list-manager.md) |How to fix common site list validation errors.
This topic applies to both versions of the Enterprise Mode Site List Manager. |
-|[Search your Enterprise Mode site list in the Enterprise Mode Site List Manager](search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md) |How to look to see if a site is already in your global Enterprise Mode site list.
This topic applies to both versions of the Enterprise Mode Site List Manager. |
-|[Save your site list to XML in the Enterprise Mode Site List Manager](save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md) |How to save a site list as XML, so you can deploy and use it with your managed systems.
This topic applies to both versions of the Enterprise Mode Site List Manager. |
-|[Export your Enterprise Mode site list from the Enterprise Mode Site List Manager](export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md) |How to export your site list so you can transfer your data and contents to someone else.
This topic applies to both versions of the Enterprise Mode Site List Manager. |
-|[Import your Enterprise Mode site list to the Enterprise Mode Site List Manager](import-into-the-enterprise-mode-site-list-manager.md) |How to import your site list to replace a corrupted or out-of-date list.
This topic applies to both versions of the Enterprise Mode Site List Manager. |
-|[Delete sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager](delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md) |How to delete a website from your site list.
This topic applies to both versions of the Enterprise Mode Site List Manager. |
-|[Remove all sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager](remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md) |How to delete all of the websites in a site list.
This topic applies to both versions of the Enterprise Mode Site List Manager. |
-
-## Related topics
-
-
-- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
-- [Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md)
-- [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md)
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Use the topics in this section to learn about how to use the Enterprise Mode Site List Manager.
+author: dansimp
+ms.prod: ie11
+ms.assetid: f4dbed4c-08ff-40b1-ab3f-60d3b6e8ec9b
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 12/04/2017
+---
+
+
+# Use the Enterprise Mode Site List Manager
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Enterprise Mode is a compatibility mode that runs on Internet Explorer 11, letting websites render using a modified browser configuration that’s designed to emulate either Windows Internet Explorer 8 or Windows Internet Explorer 7, avoiding the common compatibility problems associated with web apps written and tested on older versions of Internet Explorer.
+
+You can use IE11 and the Enterprise Mode Site List Manager to add individual website domains and domain paths and to specify whether the site renders using Enterprise Mode or the default mode.
+
+## Enterprise Mode Site List Manager versions
+There are currently two versions of the Enterprise Site List Manager, both based on your schema and operating system. Download the [Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853) or the [Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378) tool, based on your operating system.
+
+|Schema version |Operating system |Enterprise Site List Manager version |
+|-----------------|---------------|------------------------------------|
+|Enterprise Mode schema, version 2 (v.2) |Windows 10
-OR-
Windows 8.1
-OR-
Windows 7|Uses the Enterprise Mode Site List Manager (schema v.2) and the v.2 version of the schema. If you import a v.1 version schema into the Enterprise Mode Site List Manager (schema v.2), the XML is saved into the v.2 version of the schema.
For more info about the v.2 version of the schema, see [Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md).|
+|Enterprise Mode schema, version 1 (v.1) |Windows 10
-OR-
Windows 8.1
-OR-
Windows 7|Uses the Enterprise Mode Site List Manager (schema v.1) and the v.1 version of the schema.
For more info about the v.1 version of the schema, see [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md)|
+
+## Using the Enterprise Mode Site List Manager
+The following topics give you more information about the things that you can do with the Enterprise Mode Site List Manager.
+
+|Topic |Description |
+|------|------------|
+|[Add sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.2)](add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md) |How to add websites to your site list using the Enterprise Mode Site List Manager (schema v.2). |
+|[Add sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.1)](add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md) |How to add websites to your site list using the Enterprise Mode Site List Manager (schema v.1). |
+|[Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md) |How to add several websites to your site list at the same time, using a text or XML file and the Enterprise Mode Site List Manager (schema v.2). |
+|[Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md) |How to add several websites to your site list at the same time, using a text or XML file and the WEnterprise Mode Site List Manager (schema v.1). |
+|[Edit the Enterprise Mode site list using the Enterprise Mode Site List Manager](edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md) |How to edit the compatibility mode for specific websites.
This topic applies to both versions of the Enterprise Mode Site List Manager. |
+|[Fix validation problems using the Enterprise Mode Site List Manager](fix-validation-problems-using-the-enterprise-mode-site-list-manager.md) |How to fix common site list validation errors.
This topic applies to both versions of the Enterprise Mode Site List Manager. |
+|[Search your Enterprise Mode site list in the Enterprise Mode Site List Manager](search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md) |How to look to see if a site is already in your global Enterprise Mode site list.
This topic applies to both versions of the Enterprise Mode Site List Manager. |
+|[Save your site list to XML in the Enterprise Mode Site List Manager](save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md) |How to save a site list as XML, so you can deploy and use it with your managed systems.
This topic applies to both versions of the Enterprise Mode Site List Manager. |
+|[Export your Enterprise Mode site list from the Enterprise Mode Site List Manager](export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md) |How to export your site list so you can transfer your data and contents to someone else.
This topic applies to both versions of the Enterprise Mode Site List Manager. |
+|[Import your Enterprise Mode site list to the Enterprise Mode Site List Manager](import-into-the-enterprise-mode-site-list-manager.md) |How to import your site list to replace a corrupted or out-of-date list.
This topic applies to both versions of the Enterprise Mode Site List Manager. |
+|[Delete sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager](delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md) |How to delete a website from your site list.
This topic applies to both versions of the Enterprise Mode Site List Manager. |
+|[Remove all sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager](remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md) |How to delete all of the websites in a site list.
This topic applies to both versions of the Enterprise Mode Site List Manager. |
+
+## Related topics
+
+
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md)
+- [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md)
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/user-interface-problems-with-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/user-interface-problems-with-ie11.md
index 992abebb63..3a1f3b4596 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/user-interface-problems-with-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/user-interface-problems-with-ie11.md
@@ -1,58 +1,59 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: support
-description: Info about where features went in the IEAK11, where the Favorites, Command, and Status bars went, and where the search bar went.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 7324faff-ccb6-4e14-ad91-af12dbca575e
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: User interface problems with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# User interface problems with Internet Explorer 11
-Some of the features in both Internet Explorer 11 and IEAK 11 have moved around. Here are some of the more common changes.
-
-## Where did features go in the Internet Explorer Customization Wizard 11?
-Various installation or set up choices can prevent you from seeing certain pages in the Internet Explorer Customization Wizard 11. If, after going through the entire Wizard you still haven't found the screen you were looking for, try:
-
-- Making sure you picked the right version of IEAK 11 during installation. Most administrators should pick the **Internal** version, which has more screens and options available.
-
-- Making sure you picked all of the features you wanted from the **Feature Selection** page of the IE Customization Wizard 11. If you don't pick a feature, the associated page won't appear.
-
-## Where are the security zone settings?
-You can see your security zone settings by opening Internet Explorer for the desktop, clicking **Internet Options** from the **Tools** menu, and then clicking **Security**.
-
-## Where did the Favorites, Command, and Status bars go?
-For IE11, the UI has been changed to provide just the controls needed to support essential functionality, hiding anything considered non-essential, such as the **Favorites Bar**, **Command Bar**, **Menu Bar**, and **Status Bar**. This is intended to help focus users on the content of the page, rather than the browser itself. However, if you want these bars to appear, you can turn them back on using Group Policy settings.
-
- **To turn the toolbars back on**
-
-- Right click in the IE toolbar heading and choose to turn on the **Command bar**, **Favorites bar**, and **Status bar** from the menu.
-
-OR-
- In IE, press ALT+V to show the View menu, press T to enter the Toolbars menu, and then press:
-
- - **C** to turn on the **Command Bar**
-
- - **F** to turn on the **Favorites Bar**
-
- - **S** to turn on the **Status Bar**
-
-## Where did the search box go?
-IE11 uses the **One Box** feature, which lets users type search terms directly into the **Address bar**. Any text entered into the **Address bar** that doesn't appear to be a URL is automatically sent to the currently selected search provider.
-
->[!NOTE]
->Depending on how you've set up your intranet search, the text entry might resolve to an intranet site. For more information about this, see [Intranet problems with Internet Explorer 11](intranet-problems-and-ie11.md).
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: support
+description: Info about where features went in the IEAK11, where the Favorites, Command, and Status bars went, and where the search bar went.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 7324faff-ccb6-4e14-ad91-af12dbca575e
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: User interface problems with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# User interface problems with Internet Explorer 11
+Some of the features in both Internet Explorer 11 and IEAK 11 have moved around. Here are some of the more common changes.
+
+## Where did features go in the Internet Explorer Customization Wizard 11?
+Various installation or set up choices can prevent you from seeing certain pages in the Internet Explorer Customization Wizard 11. If, after going through the entire Wizard you still haven't found the screen you were looking for, try:
+
+- Making sure you picked the right version of IEAK 11 during installation. Most administrators should pick the **Internal** version, which has more screens and options available.
+
+- Making sure you picked all of the features you wanted from the **Feature Selection** page of the IE Customization Wizard 11. If you don't pick a feature, the associated page won't appear.
+
+## Where are the security zone settings?
+You can see your security zone settings by opening Internet Explorer for the desktop, clicking **Internet Options** from the **Tools** menu, and then clicking **Security**.
+
+## Where did the Favorites, Command, and Status bars go?
+For IE11, the UI has been changed to provide just the controls needed to support essential functionality, hiding anything considered non-essential, such as the **Favorites Bar**, **Command Bar**, **Menu Bar**, and **Status Bar**. This is intended to help focus users on the content of the page, rather than the browser itself. However, if you want these bars to appear, you can turn them back on using Group Policy settings.
+
+ **To turn the toolbars back on**
+
+- Right click in the IE toolbar heading and choose to turn on the **Command bar**, **Favorites bar**, and **Status bar** from the menu.
+
-OR-
+ In IE, press ALT+V to show the View menu, press T to enter the Toolbars menu, and then press:
+
+ - **C** to turn on the **Command Bar**
+
+ - **F** to turn on the **Favorites Bar**
+
+ - **S** to turn on the **Status Bar**
+
+## Where did the search box go?
+IE11 uses the **One Box** feature, which lets users type search terms directly into the **Address bar**. Any text entered into the **Address bar** that doesn't appear to be a URL is automatically sent to the currently selected search provider.
+
+>[!NOTE]
+>Depending on how you've set up your intranet search, the text entry might resolve to an intranet site. For more information about this, see [Intranet problems with Internet Explorer 11](intranet-problems-and-ie11.md).
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/using-enterprise-mode.md b/browsers/internet-explorer/ie11-deploy-guide/using-enterprise-mode.md
index 2368c10f34..6bff79cc82 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/using-enterprise-mode.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/using-enterprise-mode.md
@@ -1,60 +1,61 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: security
-description: Use this section to learn about how to turn on and use IE7 Enterprise Mode or IE8 Enterprise Mode.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 238ead3d-8920-429a-ac23-02f089c4384a
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Using IE7 Enterprise Mode or IE8 Enterprise Mode (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Using IE7 Enterprise Mode or IE8 Enterprise Mode
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Enterprise Mode gives you a way for your legacy websites and apps to run using emulated versions of Windows Internet Explorer 7 or Windows Internet Explorer 8, while your new sites and apps run using Internet Explorer 11, including modern standards and features.
-
-Although it’s called IE7 Enterprise Mode, it actually turns on Enterprise Mode along with Internet Explorer 7 or Microsoft Internet Explorer 5 Compatibility View. Compatibility View chooses which document mode to use based on whether there’s a `DOCTYPE` tag in your code:
-
-- **DOCTYPE tag found.** Webpages render using the Internet Explorer 7 document mode.
-- **No DOCTYPE tag found.** Webpages render using the Internet Explorer 5 document mode.
-
-**Important**
-Because we’ve added the IE7 Enterprise Mode option, we’ve had to rename the original functionality of Enterprise Mode to be IE8 Enterprise Mode. We’ve also replaced Edge Mode with IE11 Document Mode, so you can explicitly use IE11 on Windows 10.
-
-## Turning on and using IE7 Enterprise Mode or IE8 Enterprise Mode
-For instructions about how to add IE7 Enterprise Mode or IE8 Enterprise Mode to your webpages and apps, see:
-
-- [Add single sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.2)](add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md)
-
-- [Add single sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.1)](add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md)
-
-- [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md)
-
-- [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md)
-
-For instructions and more info about how to fix your compatibility issues using Enterprise Mode, see [Fix web compatibility issues using document modes and the Enterprise Mode site list](fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md).
-
-## Related topics
-- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
-- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
-- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: security
+description: Use this section to learn about how to turn on and use IE7 Enterprise Mode or IE8 Enterprise Mode.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 238ead3d-8920-429a-ac23-02f089c4384a
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Using IE7 Enterprise Mode or IE8 Enterprise Mode (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Using IE7 Enterprise Mode or IE8 Enterprise Mode
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Enterprise Mode gives you a way for your legacy websites and apps to run using emulated versions of Windows Internet Explorer 7 or Windows Internet Explorer 8, while your new sites and apps run using Internet Explorer 11, including modern standards and features.
+
+Although it’s called IE7 Enterprise Mode, it actually turns on Enterprise Mode along with Internet Explorer 7 or Microsoft Internet Explorer 5 Compatibility View. Compatibility View chooses which document mode to use based on whether there’s a `DOCTYPE` tag in your code:
+
+- **DOCTYPE tag found.** Webpages render using the Internet Explorer 7 document mode.
+- **No DOCTYPE tag found.** Webpages render using the Internet Explorer 5 document mode.
+
+**Important**
+Because we’ve added the IE7 Enterprise Mode option, we’ve had to rename the original functionality of Enterprise Mode to be IE8 Enterprise Mode. We’ve also replaced Edge Mode with IE11 Document Mode, so you can explicitly use IE11 on Windows 10.
+
+## Turning on and using IE7 Enterprise Mode or IE8 Enterprise Mode
+For instructions about how to add IE7 Enterprise Mode or IE8 Enterprise Mode to your webpages and apps, see:
+
+- [Add single sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.2)](add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md)
+
+- [Add single sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.1)](add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md)
+
+- [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md)
+
+- [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md)
+
+For instructions and more info about how to fix your compatibility issues using Enterprise Mode, see [Fix web compatibility issues using document modes and the Enterprise Mode site list](fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md).
+
+## Related topics
+- [Download the Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853)
+- [Download the Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378)
+- [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/using-ieak11-to-create-install-packages.md b/browsers/internet-explorer/ie11-deploy-guide/using-ieak11-to-create-install-packages.md
index d744070926..710c69e3cb 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/using-ieak11-to-create-install-packages.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/using-ieak11-to-create-install-packages.md
@@ -1,66 +1,67 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use IEAK 11 while planning, customizing, and building the custom installation package.
-author: lomayor
-ms.prod: ie11
-ms.assetid: af93742f-f955-44ab-bfa2-7bf0c99045d3
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Using Internet Explorer Administration Kit 11 (IEAK 11) to create packages (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Using Internet Explorer Administration Kit 11 (IEAK 11) to create packages
-Internet Explorer Administration Kit 11 (IEAK 11) helps you set up, deploy, and maintain Internet Explorer 11.
-
-**Note**
IEAK 11 works in network environments, with or without Microsoft Active Directory.
-
-
-
-## Plan, Customize, and Build with the IEAK 11
-Consider these activities while planning, customizing, and building the custom installation package.
-
-### Plan
-Before you begin, you should:
-
-- **Check the operating system requirements.** Check that the requirements for the computer you're building your installation package from, and the computers you're installing IE11 to, all meet the system requirements for IEAK 11 and IE11. For Internet Explorer requirements, see [System requirements and language support for Internet Explorer 11 (IE11)](system-requirements-and-language-support-for-ie11.md). For IEAK 11 requirements, see [Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](../ie11-ieak/index.md).
-
-- **Decide on your distribution method.** Decide how to distribute your custom installation package: Windows Update, System Center System Center 2012 R2 Configuration Manager, or your network.
-
-- **Gather URLs and branding and custom graphics.** Collect the URLs for your company's own **Home**, **Search**, and **Support** pages, plus any custom branding and graphic files for the browser toolbar button and the **Favorites** list icons.
-
-- **Identify trusted network servers.** Decide which servers your employees should use to install the custom IE package. These servers need to be listed as trusted sites.
-
-- **Set up automatic detection and configuration settings.** Decide whether to automatically customize IE11 the first time it's started.
-
-- **Identify custom components for uninstallation.** Decide whether to include any custom uninstallation programs. Uninstallation programs let your employees remove your custom components through **Uninstall or change a program** in the Control Panel.
-
-- **Identify ActiveX controls.** Decide if you'll use ActiveX controls in your company. If you already use ActiveX, you should get an inventory of your active controls.
-
-### Customize and build
-After installing IE11 and the IEAK 11, you should:
-
-- **Prepare your build computer.** Create your build environment on the computer you're using to build the custom package.
-
-- **Create your branding and custom graphics.** If you don't have any, create custom branding and graphic files for the browser toolbar button and icons in your **Favorites** list.
-
-- **Specify your servers as trusted sites.** Identify your installation servers as trusted sites, in the **Trusted sites zone** of the **Internet Options** box.
-
-- **Turn on automatic detection and configuration settings (Optional).** Set up your network so that IE is automatically customized the first time it's started.
-
-- **Set up custom components for uninstallation.** Create the custom .inf file you'll use to register your custom uninstallation programs.
-
-- **Set up ActiveX controls.** Add any new ActiveX controls to the Axaa.adm file, using a text editor.
-
-- **Create a custom browser package.** Create your custom installation package, using IE Customization Wizard 11. For more information about using the wizard, see [Internet Explorer Administration Kit 11 (IEAK 11) Customization Wizard options](../ie11-ieak/ieak11-wizard-custom-options.md).
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use IEAK 11 while planning, customizing, and building the custom installation package.
+author: dansimp
+ms.prod: ie11
+ms.assetid: af93742f-f955-44ab-bfa2-7bf0c99045d3
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Using Internet Explorer Administration Kit 11 (IEAK 11) to create packages (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Using Internet Explorer Administration Kit 11 (IEAK 11) to create packages
+Internet Explorer Administration Kit 11 (IEAK 11) helps you set up, deploy, and maintain Internet Explorer 11.
+
+**Note**
IEAK 11 works in network environments, with or without Microsoft Active Directory.
+
+
+
+## Plan, Customize, and Build with the IEAK 11
+Consider these activities while planning, customizing, and building the custom installation package.
+
+### Plan
+Before you begin, you should:
+
+- **Check the operating system requirements.** Check that the requirements for the computer you're building your installation package from, and the computers you're installing IE11 to, all meet the system requirements for IEAK 11 and IE11. For Internet Explorer requirements, see [System requirements and language support for Internet Explorer 11 (IE11)](system-requirements-and-language-support-for-ie11.md). For IEAK 11 requirements, see [Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](../ie11-ieak/index.md).
+
+- **Decide on your distribution method.** Decide how to distribute your custom installation package: Windows Update, System Center System Center 2012 R2 Configuration Manager, or your network.
+
+- **Gather URLs and branding and custom graphics.** Collect the URLs for your company's own **Home**, **Search**, and **Support** pages, plus any custom branding and graphic files for the browser toolbar button and the **Favorites** list icons.
+
+- **Identify trusted network servers.** Decide which servers your employees should use to install the custom IE package. These servers need to be listed as trusted sites.
+
+- **Set up automatic detection and configuration settings.** Decide whether to automatically customize IE11 the first time it's started.
+
+- **Identify custom components for uninstallation.** Decide whether to include any custom uninstallation programs. Uninstallation programs let your employees remove your custom components through **Uninstall or change a program** in the Control Panel.
+
+- **Identify ActiveX controls.** Decide if you'll use ActiveX controls in your company. If you already use ActiveX, you should get an inventory of your active controls.
+
+### Customize and build
+After installing IE11 and the IEAK 11, you should:
+
+- **Prepare your build computer.** Create your build environment on the computer you're using to build the custom package.
+
+- **Create your branding and custom graphics.** If you don't have any, create custom branding and graphic files for the browser toolbar button and icons in your **Favorites** list.
+
+- **Specify your servers as trusted sites.** Identify your installation servers as trusted sites, in the **Trusted sites zone** of the **Internet Options** box.
+
+- **Turn on automatic detection and configuration settings (Optional).** Set up your network so that IE is automatically customized the first time it's started.
+
+- **Set up custom components for uninstallation.** Create the custom .inf file you'll use to register your custom uninstallation programs.
+
+- **Set up ActiveX controls.** Add any new ActiveX controls to the Axaa.adm file, using a text editor.
+
+- **Create a custom browser package.** Create your custom installation package, using IE Customization Wizard 11. For more information about using the wizard, see [Internet Explorer Administration Kit 11 (IEAK 11) Customization Wizard options](../ie11-ieak/ieak11-wizard-custom-options.md).
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/using-inf-files-to-create-install-packages.md b/browsers/internet-explorer/ie11-deploy-guide/using-inf-files-to-create-install-packages.md
index a49bf820ae..1f7b62dfa5 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/using-inf-files-to-create-install-packages.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/using-inf-files-to-create-install-packages.md
@@ -1,45 +1,46 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use Setup Information (.inf) files to create installation packages.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 04fa2ba8-8d84-4af6-ab99-77e4f1961b0e
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Using Setup Information (.inf) files to create packages (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Using Setup Information (.inf) files to create install packages
-IEAK 11 uses Setup information (.inf) files to provide uninstallation instructions. Uninstallation instructions let your employees remove components, like files, registry entries, or shortcuts, through the **Uninstall or change a program** box. For details about .inf files, see [INF File Sections and Directives](https://go.microsoft.com/fwlink/p/?LinkId=327959).
-
- **To add uninstallation instructions to the .inf files**
-
-- Open the Registry Editor (regedit.exe) and add these registry keys:
- ```
- HKLM,SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\app-name,"DisplayName",,"description"
- HKLM,SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\app-name,"UninstallString",,"command-line"
- ```
- Where **"description"** is the name that shows up in the **Uninstall or change a program** box and **"command-line"** is the command that runs after the component is picked.
-
Note
- Make sure your script removes the uninstallation registry key, too. Otherwise, the component name will continue to show up in the Uninstall or change a program.
-
-## Limitations
-.Inf files have limitations:
-
-- You can't delete directories.
-
-- You can't use **RenFiles** to move a file to a different location, it only lets you rename a file in its existing location. For detailed information, see [INF RenFiles Directive](https://go.microsoft.com/fwlink/p/?LinkId=298508).
-
-- You can't use **CopyFiles** to copy a file to another place on your hard drive, it can only copy files from the source disk to the destination directory. For information, see [INF CopyFiles Directive](https://go.microsoft.com/fwlink/p/?LinkId=298510).
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use Setup Information (.inf) files to create installation packages.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 04fa2ba8-8d84-4af6-ab99-77e4f1961b0e
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Using Setup Information (.inf) files to create packages (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Using Setup Information (.inf) files to create install packages
+IEAK 11 uses Setup information (.inf) files to provide uninstallation instructions. Uninstallation instructions let your employees remove components, like files, registry entries, or shortcuts, through the **Uninstall or change a program** box. For details about .inf files, see [INF File Sections and Directives](https://go.microsoft.com/fwlink/p/?LinkId=327959).
+
+ **To add uninstallation instructions to the .inf files**
+
+- Open the Registry Editor (regedit.exe) and add these registry keys:
+ ```
+ HKLM,SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\app-name,"DisplayName",,"description"
+ HKLM,SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\app-name,"UninstallString",,"command-line"
+ ```
+ Where **"description"** is the name that shows up in the **Uninstall or change a program** box and **"command-line"** is the command that runs after the component is picked.
+
Note
+ Make sure your script removes the uninstallation registry key, too. Otherwise, the component name will continue to show up in the Uninstall or change a program.
+
+## Limitations
+.Inf files have limitations:
+
+- You can't delete directories.
+
+- You can't use **RenFiles** to move a file to a different location, it only lets you rename a file in its existing location. For detailed information, see [INF RenFiles Directive](https://go.microsoft.com/fwlink/p/?LinkId=298508).
+
+- You can't use **CopyFiles** to copy a file to another place on your hard drive, it can only copy files from the source disk to the destination directory. For information, see [INF CopyFiles Directive](https://go.microsoft.com/fwlink/p/?LinkId=298510).
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/verify-changes-preprod-enterprise-mode-portal.md b/browsers/internet-explorer/ie11-deploy-guide/verify-changes-preprod-enterprise-mode-portal.md
index 5c7c0a3d23..8a161b2ffb 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/verify-changes-preprod-enterprise-mode-portal.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/verify-changes-preprod-enterprise-mode-portal.md
@@ -1,70 +1,71 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Details about how to make sure your change request info is accurate within the pre-production environment of the Enterprise Mode Site List Portal.
-author: lomayor
-ms.prod: ie11
-title: Verify your changes using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
----
-
-# Verify your changes using the Enterprise Mode Site List Portal
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
->[!Important]
->This step requires that each Requester have access to a test machine with Administrator rights, letting him or her get to the pre-production environment to make sure that the requested change is correct.
-
-The Requester successfully submits a change request to the Enterprise Mode Site List Portal and then gets an email, including:
-
-- **EMIE_RegKey**. A batch file that when run, sets the registry key to point to the local pre-production Enterprise Mode Site List.
-
-- **Test steps**. The suggested steps about how to test the change request details to make sure they're accurate in the pre-production environment.
-
-- **EMIE_Reset**. A batch file that when run, reverts the changes made to the pre-production registry.
-
-## Verify and send the change request to Approvers
-The Requester tests the changes and then goes back into the Enterprise Mode Site List Portal, **Pre-production verification** page to verify whether the testing was successful.
-
-**To verify changes and send to the Approver(s)**
-1. On the **Pre-production verification** page, the Requester clicks **Successful** and optionally includes any attachments (only .jpeg, .png, .jpg and .txt files are allowed) to support the change request and testing results.
-
-2. The Requester reviews the pre-defined Approver(s), and then clicks **Send for approval**.
-
- The Requester, the Approver group, and the Administrator group all get an email, stating that the change request is waiting for approval.
-
-
-**To rollback your pre-production changes**
-1. On the **Pre-production verification** page, the Requester clicks **Failed** and optionally includes any attachments (only .jpeg, .png, .jpg and .txt files are allowed) to support the change request and testing results.
-
-2. Add a description about the issue into the **Issue description** box, and then click **Send failure details**.
-
- The change request and issue info are sent to the Administrators.
-
-3. The Requester clicks **Roll back** to roll back the changes in the pre-production environment.
-
- After the Requester rolls back the changes, the request can be updated and re-submitted.
-
-
-## View rolled back change requests
-The original Requester and the Administrator(s) group can view the rolled back change requests.
-
-**To view the rolled back change request**
-
-- In the Enterprise Mode Site List Portal, click **Rolled back** from the left pane.
-
- All rolled back change requests appear, with role assignment determining which ones are visible.
-
-## Next steps
-If the change request is certified as successful, the Requester must next send it to the Approvers for approval. For the Approver-related steps, see the [Approve a change request using the Enterprise Mode Site List Portal](approve-change-request-enterprise-mode-portal.md) topic.
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Details about how to make sure your change request info is accurate within the pre-production environment of the Enterprise Mode Site List Portal.
+author: dansimp
+ms.prod: ie11
+title: Verify your changes using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+---
+
+# Verify your changes using the Enterprise Mode Site List Portal
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+>[!Important]
+>This step requires that each Requester have access to a test machine with Administrator rights, letting him or her get to the pre-production environment to make sure that the requested change is correct.
+
+The Requester successfully submits a change request to the Enterprise Mode Site List Portal and then gets an email, including:
+
+- **EMIE_RegKey**. A batch file that when run, sets the registry key to point to the local pre-production Enterprise Mode Site List.
+
+- **Test steps**. The suggested steps about how to test the change request details to make sure they're accurate in the pre-production environment.
+
+- **EMIE_Reset**. A batch file that when run, reverts the changes made to the pre-production registry.
+
+## Verify and send the change request to Approvers
+The Requester tests the changes and then goes back into the Enterprise Mode Site List Portal, **Pre-production verification** page to verify whether the testing was successful.
+
+**To verify changes and send to the Approver(s)**
+1. On the **Pre-production verification** page, the Requester clicks **Successful** and optionally includes any attachments (only .jpeg, .png, .jpg and .txt files are allowed) to support the change request and testing results.
+
+2. The Requester reviews the pre-defined Approver(s), and then clicks **Send for approval**.
+
+ The Requester, the Approver group, and the Administrator group all get an email, stating that the change request is waiting for approval.
+
+
+**To rollback your pre-production changes**
+1. On the **Pre-production verification** page, the Requester clicks **Failed** and optionally includes any attachments (only .jpeg, .png, .jpg and .txt files are allowed) to support the change request and testing results.
+
+2. Add a description about the issue into the **Issue description** box, and then click **Send failure details**.
+
+ The change request and issue info are sent to the Administrators.
+
+3. The Requester clicks **Roll back** to roll back the changes in the pre-production environment.
+
+ After the Requester rolls back the changes, the request can be updated and re-submitted.
+
+
+## View rolled back change requests
+The original Requester and the Administrator(s) group can view the rolled back change requests.
+
+**To view the rolled back change request**
+
+- In the Enterprise Mode Site List Portal, click **Rolled back** from the left pane.
+
+ All rolled back change requests appear, with role assignment determining which ones are visible.
+
+## Next steps
+If the change request is certified as successful, the Requester must next send it to the Approvers for approval. For the Approver-related steps, see the [Approve a change request using the Enterprise Mode Site List Portal](approve-change-request-enterprise-mode-portal.md) topic.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/verify-changes-production-enterprise-mode-portal.md b/browsers/internet-explorer/ie11-deploy-guide/verify-changes-production-enterprise-mode-portal.md
index 5678e10583..42db6c85c5 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/verify-changes-production-enterprise-mode-portal.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/verify-changes-production-enterprise-mode-portal.md
@@ -1,45 +1,46 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Details about how the Requester makes sure that the change request update is accurate within the production environment using the Enterprise Mode Site List Portal.
-author: lomayor
-ms.prod: ie11
-title: Verify the change request update in the production environment using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
----
-
-# Verify the change request update in the production environment using the Enterprise Mode Site List Portal
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-## Verify and sign off on the update in the production environment
-The Requester tests the changes in the production environment and then goes back into the Enterprise Mode Site List Portal, **Production verification** page to verify whether the testing was successful.
-
-**To verify the changes and sign off**
-- On the **Production verification** page, the Requester clicks **Successful**, optionally includes any attachments (only .jpeg, .png, .jpg and .txt files are allowed) to support the testing results, optionally includes a description of the change, and then clicks **Sign off**.
-
- The Requester, Approver group, and Administrator group all get an email, stating that the change request has been signed off.
-
-
-**To rollback production changes**
-1. On the **Production verification** page, the Requester clicks **Failed** and optionally includes any attachments (only .jpeg, .png, .jpg and .txt files are allowed) to support the testing results.
-
-2. Add a description about the issue into the **Change description** box, and then click **Send failure details**.
-
- The info is sent to the Administrators.
-
-3. The Requester clicks **Roll back** to roll back the changes in the production environment.
-
- After the Requester rolls back the changes, the request is automatically handled in the production and pre-production environment site lists.
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Details about how the Requester makes sure that the change request update is accurate within the production environment using the Enterprise Mode Site List Portal.
+author: dansimp
+ms.prod: ie11
+title: Verify the change request update in the production environment using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+---
+
+# Verify the change request update in the production environment using the Enterprise Mode Site List Portal
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+## Verify and sign off on the update in the production environment
+The Requester tests the changes in the production environment and then goes back into the Enterprise Mode Site List Portal, **Production verification** page to verify whether the testing was successful.
+
+**To verify the changes and sign off**
+- On the **Production verification** page, the Requester clicks **Successful**, optionally includes any attachments (only .jpeg, .png, .jpg and .txt files are allowed) to support the testing results, optionally includes a description of the change, and then clicks **Sign off**.
+
+ The Requester, Approver group, and Administrator group all get an email, stating that the change request has been signed off.
+
+
+**To rollback production changes**
+1. On the **Production verification** page, the Requester clicks **Failed** and optionally includes any attachments (only .jpeg, .png, .jpg and .txt files are allowed) to support the testing results.
+
+2. Add a description about the issue into the **Change description** box, and then click **Send failure details**.
+
+ The info is sent to the Administrators.
+
+3. The Requester clicks **Roll back** to roll back the changes in the production environment.
+
+ After the Requester rolls back the changes, the request is automatically handled in the production and pre-production environment site lists.
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/view-apps-enterprise-mode-site-list.md b/browsers/internet-explorer/ie11-deploy-guide/view-apps-enterprise-mode-site-list.md
index 3c60851368..2be252275c 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/view-apps-enterprise-mode-site-list.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/view-apps-enterprise-mode-site-list.md
@@ -1,41 +1,42 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Details about how to view the active Enterprise Mode Site List from the Enterprise Mode Site List Portal.
-author: lomayor
-ms.prod: ie11
-title: View the apps included in the active Enterprise Mode Site List from the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
----
-
-# View the apps included in the active Enterprise Mode Site List from the Enterprise Mode Site List Portal
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Any employee with access to the Enterprise Mode Site List Portal can view the apps included in the current Enterprise Mode Site List.
-
-**To view the active Enterprise Mode Site List**
-1. Open the Enterprise Mode Site List Portal and click the **Production sites list** icon in the upper-right area of the page.
-
- The **Production sites list** page appears, with each app showing its URL, the compatibility mode to use, and the assigned browser to open the site.
-
-2. Click any URL to view the actual site, using the compatibility mode and opening in the correct browser.
-
-
-**To export the active Enterprise Mode Site List**
-1. On the **Production sites list** page, click **Export**.
-
-2. Save the ProductionSiteList.xlsx file.
-
- The Excel file includes all apps in the current Enterprise Mode Site List, including URL, compatibility mode, and assigned browser.
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Details about how to view the active Enterprise Mode Site List from the Enterprise Mode Site List Portal.
+author: dansimp
+ms.prod: ie11
+title: View the apps included in the active Enterprise Mode Site List from the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+---
+
+# View the apps included in the active Enterprise Mode Site List from the Enterprise Mode Site List Portal
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Any employee with access to the Enterprise Mode Site List Portal can view the apps included in the current Enterprise Mode Site List.
+
+**To view the active Enterprise Mode Site List**
+1. Open the Enterprise Mode Site List Portal and click the **Production sites list** icon in the upper-right area of the page.
+
+ The **Production sites list** page appears, with each app showing its URL, the compatibility mode to use, and the assigned browser to open the site.
+
+2. Click any URL to view the actual site, using the compatibility mode and opening in the correct browser.
+
+
+**To export the active Enterprise Mode Site List**
+1. On the **Production sites list** page, click **Export**.
+
+2. Save the ProductionSiteList.xlsx file.
+
+ The Excel file includes all apps in the current Enterprise Mode Site List, including URL, compatibility mode, and assigned browser.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/view-enterprise-mode-reports-for-portal.md b/browsers/internet-explorer/ie11-deploy-guide/view-enterprise-mode-reports-for-portal.md
index 30db2d2faa..20ad5ac557 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/view-enterprise-mode-reports-for-portal.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/view-enterprise-mode-reports-for-portal.md
@@ -1,53 +1,54 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Details about how an Administrator can view the available Enterprise Mode reports from the Enterprise Mode Site List Portal.
-author: lomayor
-ms.prod: ie11
-title: View the available Enterprise Mode reports from the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
----
-
-# View the available Enterprise Mode reports from the Enterprise Mode Site List Portal
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Administrators can view the Microsoft-provided Enterprise Mode reports from the Enterprise Mode Site List Portal.
-
-**To view the reports**
-1. Open the Enterprise Mode Site List Portal and click the **Enterprise Mode reports** icon in the upper-right area of the page.
-
- The **Enterprise Mode reports** page appears, with each app showing its URL, the compatibility mode to use, and the assigned browser to open the site.
-
-2. Use the calendars to provide the **From date** and **To date**, determining the span of time the report covers.
-
-3. Click **Apply**.
-
- The reports all change to reflect the appropriate timeframe and group, including:
-
- - **Total number of websites in the site list.** A box at the top of the reports page that tells you the total number of websites included in the Enterprise Mode Sit List.
-
- - **All websites by docmode.** Shows how many change requests exist, based on the different doc modes included in the **App best viewed in** field.
-
- - **All websites by browser.** Shows how many apps require which browser, including **IE11**, **MSEdge**, or **None**.
-
- - **All requests by status.** Shows how many change requests exist, based on each status.
-
- - **All requests by change type.** Shows how many change requests exist, based on the **Requested change** field.
-
- - **Request status by group.** Shows how many change requests exist, based on both group and status.
-
- - **Reasons for request.** Shows how many change request reasons exist, based on the **Reason for request** field.
-
- - **Requested changes by app name.** Shows what specific apps were **Added to site list**, **Deleted from site list**, or **Updated from site list**.
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Details about how an Administrator can view the available Enterprise Mode reports from the Enterprise Mode Site List Portal.
+author: dansimp
+ms.prod: ie11
+title: View the available Enterprise Mode reports from the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+---
+
+# View the available Enterprise Mode reports from the Enterprise Mode Site List Portal
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Administrators can view the Microsoft-provided Enterprise Mode reports from the Enterprise Mode Site List Portal.
+
+**To view the reports**
+1. Open the Enterprise Mode Site List Portal and click the **Enterprise Mode reports** icon in the upper-right area of the page.
+
+ The **Enterprise Mode reports** page appears, with each app showing its URL, the compatibility mode to use, and the assigned browser to open the site.
+
+2. Use the calendars to provide the **From date** and **To date**, determining the span of time the report covers.
+
+3. Click **Apply**.
+
+ The reports all change to reflect the appropriate timeframe and group, including:
+
+ - **Total number of websites in the site list.** A box at the top of the reports page that tells you the total number of websites included in the Enterprise Mode Sit List.
+
+ - **All websites by docmode.** Shows how many change requests exist, based on the different doc modes included in the **App best viewed in** field.
+
+ - **All websites by browser.** Shows how many apps require which browser, including **IE11**, **MSEdge**, or **None**.
+
+ - **All requests by status.** Shows how many change requests exist, based on each status.
+
+ - **All requests by change type.** Shows how many change requests exist, based on the **Requested change** field.
+
+ - **Request status by group.** Shows how many change requests exist, based on both group and status.
+
+ - **Reasons for request.** Shows how many change request reasons exist, based on the **Reason for request** field.
+
+ - **Requested changes by app name.** Shows what specific apps were **Added to site list**, **Deleted from site list**, or **Updated from site list**.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/virtualization-and-compatibility-with-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/virtualization-and-compatibility-with-ie11.md
index e83c91bf67..e5de6fffdd 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/virtualization-and-compatibility-with-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/virtualization-and-compatibility-with-ie11.md
@@ -1,36 +1,37 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: virtualization
-description: Virtualization and compatibility with Internet Explorer 11
-author: lomayor
-ms.prod: ie11
-ms.assetid: b0388c04-2584-4b6d-a7a8-4e0476773a80
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Virtualization and compatibility with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Virtualization and compatibility with Internet Explorer 11
-If your company is considering upgrading to the latest version of Internet Explorer, but is hesitant because of a large number of web apps that need to be tested and moved, we recommend that you consider virtualization. Virtualization lets you set up a virtual environment where you can run earlier versions of IE.
-
-**Important**
-We strongly suggest that while you're using virtualization, you also update your web apps so they run natively in the newer version of IE. For more information about how to update your code, see the [Internet Explorer 11 Compatibility Cookbook (Windows)](https://go.microsoft.com/fwlink/p/?LinkId=279707) to learn about the developer features that have been changed or deprecated since Internet Explorer 10.
-
-The Microsoft-supported options for virtualizing web apps are:
-
-- **Microsoft Enterprise Desktop Virtualization (MED-V).** Uses Microsoft Virtual PC to provide an enterprise solution for desktop virtualization. With MED-V, you can easily create, deliver, and manage corporate Virtual PC images on any Windows®-based desktop. For more information, see [MED-V](https://go.microsoft.com/fwlink/p/?LinkId=271653).
-
-- **Client Hyper-V.** Uses the same virtualization technology previously available in Windows Server, but now installed for Windows 8.1. For more information, see [Client Hyper-V](https://go.microsoft.com/fwlink/p/?LinkId=271654).
-For more information about virtualization options, see [Microsoft Desktop Virtualization](https://go.microsoft.com/fwlink/p/?LinkId=271662).
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: virtualization
+description: Virtualization and compatibility with Internet Explorer 11
+author: dansimp
+ms.prod: ie11
+ms.assetid: b0388c04-2584-4b6d-a7a8-4e0476773a80
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Virtualization and compatibility with Internet Explorer 11 (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Virtualization and compatibility with Internet Explorer 11
+If your company is considering upgrading to the latest version of Internet Explorer, but is hesitant because of a large number of web apps that need to be tested and moved, we recommend that you consider virtualization. Virtualization lets you set up a virtual environment where you can run earlier versions of IE.
+
+**Important**
+We strongly suggest that while you're using virtualization, you also update your web apps so they run natively in the newer version of IE. For more information about how to update your code, see the [Internet Explorer 11 Compatibility Cookbook (Windows)](https://go.microsoft.com/fwlink/p/?LinkId=279707) to learn about the developer features that have been changed or deprecated since Internet Explorer 10.
+
+The Microsoft-supported options for virtualizing web apps are:
+
+- **Microsoft Enterprise Desktop Virtualization (MED-V).** Uses Microsoft Virtual PC to provide an enterprise solution for desktop virtualization. With MED-V, you can easily create, deliver, and manage corporate Virtual PC images on any Windows®-based desktop. For more information, see [MED-V](https://go.microsoft.com/fwlink/p/?LinkId=271653).
+
+- **Client Hyper-V.** Uses the same virtualization technology previously available in Windows Server, but now installed for Windows 8.1. For more information, see [Client Hyper-V](https://go.microsoft.com/fwlink/p/?LinkId=271654).
+For more information about virtualization options, see [Microsoft Desktop Virtualization](https://go.microsoft.com/fwlink/p/?LinkId=271662).
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-deploy-guide/what-is-enterprise-mode.md b/browsers/internet-explorer/ie11-deploy-guide/what-is-enterprise-mode.md
index 0212685d25..269b2bec06 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/what-is-enterprise-mode.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/what-is-enterprise-mode.md
@@ -1,168 +1,169 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Info about the features included in Enterprise Mode with Internet Explorer 11.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 3c77e9f3-eb21-46d9-b5aa-f9b2341cfefa
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Enterprise Mode and the Enterprise Mode Site List (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 10/25/2018
----
-
-
-# Enterprise Mode and the Enterprise Mode Site List
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Internet Explorer and Microsoft Edge can work together to support your legacy web apps, while still defaulting to the higher bar for security and modern experiences enabled by Microsoft Edge. Working with multiple browsers can be difficult, particularly if you have a substantial number of internal sites. To help manage this dual-browser experience, we are introducing a new web tool specifically targeted towards larger organizations: the [Enterprise Mode Site List Portal](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal).
-
-## Available dual-browser experiences
-If you have specific websites and apps that you know have compatibility problems with Microsoft Edge, you can use the Enterprise Mode site list so that the websites automatically open using Internet Explorer 11. Additionally, if you know that your intranet sites aren't going to work correctly with Microsoft Edge, you can set all intranet sites to open using IE11 automatically.
-
-Using Enterprise Mode means that you can continue to use Microsoft Edge as your default browser, while also ensuring that your apps continue working on IE11.
-
->[!TIP]
-> If you are running an earlier version of Internet Explorer, we recommend upgrading to IE11, so that any legacy apps continue to work correctly.
-
-For Windows 10 and Windows 10 Mobile, Microsoft Edge is the default browser experience. However, Microsoft Edge lets you continue to use IE11 for sites that are on your corporate intranet or included on your Enterprise Mode Site List.
-
-
-## What is Enterprise Mode?
-Enterprise Mode, a compatibility mode that runs on Internet Explorer 11 on Windows 10, Windows 8.1, and Windows 7 devices, lets websites render using a modified browser configuration that’s designed to emulate either Windows Internet Explorer 7 or Windows Internet Explorer 8. Running in this mode helps to avoid many of the common compatibility problems associated with web apps written and tested on older versions of Internet Explorer.
-
-Many customers identify web app compatibility as a significant cost to upgrading because web apps need to be tested and upgraded before adopting a new browser. The improved compatibility provided by Enterprise Mode can help give customers confidence to upgrade to IE11, letting customers benefit from modern web standards, increased performance, improved security, and better reliability.
-
-### Enterprise Mode features
-Enterprise Mode includes the following features:
-
-- **Improved web app and website compatibility.** Through improved emulation, Enterprise Mode lets many legacy web apps run unmodified on IE11, supporting several site patterns that aren’t currently supported by existing document modes.
-
-- **Tool-based management for website lists.** Use the Enterprise Mode Site List Manager to add website domains and domain paths and to specify whether a site renders using Enterprise Mode.
-Download the [Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853) or the [Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378), based on your operating system and schema.
-
-- **Centralized control.** You can specify the websites or web apps to interpret using Enterprise Mode, through an XML file on a website or stored locally. Domains and paths within those domains can be treated differently, allowing granular control. Use Group Policy to let users turn Enterprise Mode on or off from the Tools menu and to decide whether the Enterprise browser profile appears on the Emulation tab of the F12 developer tools.
-
- >[!Important]
- >All centrally-made decisions override any locally-made choices.
-
-- **Integrated browsing.** When Enterprise Mode is set up, users can browse the web normally, letting the browser change modes automatically to accommodate Enterprise Mode sites.
-
-- **Data gathering.** You can configure Enterprise Mode to collect local override data, posting back to a named server. This lets you "crowd source" compatibility testing from key users; gathering their findings to add to your central site list.
-
-## Enterprise Mode and the Enterprise Mode Site List XML file
-The Enterprise Mode Site List is an XML document that specifies a list of sites, their compat mode, and their intended browser. Using [Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853), you can automatically start a webpage using a specific browser. In the case of IE11, the webpage can also be launched in a specific compat mode, so it always renders correctly. Your employees can easily view this site list by typing _about:compat_ in either Microsoft Edge or IE11.
-
-Starting with Windows 10, version 1511 (also known as the Anniversary Update), you can also [restrict IE11 to only the legacy web apps that need it](https://blogs.windows.com/msedgedev/2016/05/19/edge14-ie11-better-together/), automatically sending sites not included in the Enterprise Mode Site List to Microsoft Edge.
-
-### Site list xml file
-This is a view of the [raw EMIE v2 schema.xml file](https://gist.github.com/kypflug/9e9961de771d2fcbd86b#file-emie-v2-schema-xml). There are equivalent Enterprise Mode Site List policies for both [Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/emie-to-improve-compatibility) and [Internet Explorer 11](turn-on-enterprise-mode-and-use-a-site-list.md). The Microsoft Edge list is used to determine which sites should open in IE11; while the IE11 list is used to determine the compat mode for a site, and which sites should open in Microsoft Edge. We recommend using one list for both browsers, where each policy points to the same XML file location.
-
-```xml
-
-
-
- EnterpriseSiteListManager
- 10586
- 20150728.135021
-
-
-
- IE8Enterprise
- IE11
-
-
- default
- IE11
-
-
- IE7Enterprise
- IE11
-
-
-
-
- IE8Enterprise"
- IE11
-
-
- IE7
- IE11
-
-
- IE7
- IE11
-
-
-
-```
-
-## Enterprise Mode Site List Manager and the Enterprise Mode Site List Portal tools
-You can build and manage your Enterprise Mode Site List is by using any generic text editor. However, we’ve also provided a couple tools that can make that process even easier.
-
-### Enterprise Mode Site List Manager
-This tool helps you create error-free XML documents with simple n+1 versioning and URL verification. We recommend using this tool if your site list is relatively small. For more info about this tool, see the Use the [Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md) topics.
-
-There are 2 versions of this tool, both supported on Windows 7, Windows 8.1, and Windows 10:
-
-- [Enterprise Mode Site List Manager (schema v.1)](https://www.microsoft.com/download/details.aspx?id=42501). This is an older version of the schema that you must use if you want to create and update your Enterprise Mode Site List for devices running the v.1 version of the schema.
-
- We strongly recommend moving to the new schema, v.2. For more info, see [Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md).
-
-- [Enterprise Mode Site List Manager (schema v.2)](https://www.microsoft.com/download/details.aspx?id=49974). The updated version of the schema, including new functionality. You can use this version of the schema to create and update your Enterprise Mode Site List for devices running the v.2 version of the schema.
-
- If you open a v.1 version of your Enterprise Mode Site List using this version, it will update the schema to v.2, automatically. For more info, see [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md).
-
-If your list is too large to add individual sites, or if you have more than one person managing the site list, we recommend using the Enterprise Site List Portal.
-
-### Enterprise Mode Site List Portal
-The [Enterprise Mode Site List Portal](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal) is an open-source web tool on GitHub that allows you to manage your Enterprise Mode Site List, hosted by the app, with multiple users. The portal is designed to use IIS and a SQL Server backend, leveraging Active Directory (AD) for employee management.
-
-In addition to all the functionality of the Enterprise Mode Site List Manager tool, the Enterprise Mode Site List Portal helps you:
-
-- Manage site lists from any device supporting Windows 7 or greater.
-
-- Submit change requests.
-
-- Operate offline through an on-premise solution.
-
-- Provide role-based governance.
-
-- Test configuration settings before releasing to a live environment.
-
-Updates to your site list are made by submitting new change requests, which are then approved by a designated group of people, put into a pre-production environment for testing, and then deployed immediately, or scheduled for deployment later.
-
-Because the tool is open-source, the source code is readily available for examination and experimentation. We encourage you to [fork the code, submit pull requests, and send us your feedback](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal)! For more info about the Enterprise Mode Site List Portal, see the [Use the Enterprise Mode Site List Portal](use-the-enterprise-mode-portal.md) topics.
-
-## Related topics
-
-- [Enterprise Mode Site List Portal source code](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal)
-
-- [Technical guidance, tools, and resources on Enterprise browsing](https://technet.microsoft.com/ie)
-
-- [Enterprise Mode Site List Manager (schema v.1)](https://www.microsoft.com/download/details.aspx?id=42501)
-
-- [Enterprise Mode Site List Manager (schema v.2)](https://www.microsoft.com/download/details.aspx?id=49974)
-
-- [Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-
-- [Collect data using Enterprise Site Discovery](collect-data-using-enterprise-site-discovery.md)
-
-- [Web Application Compatibility Lab Kit](https://technet.microsoft.com/microsoft-edge/mt612809.aspx)
-
-- [Microsoft Services Support](https://www.microsoft.com/en-us/microsoftservices/support.aspx)
-
-- [Find a Microsoft partner on Pinpoint](https://partnercenter.microsoft.com/pcv/search)
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Info about the features included in Enterprise Mode with Internet Explorer 11.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 3c77e9f3-eb21-46d9-b5aa-f9b2341cfefa
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Enterprise Mode and the Enterprise Mode Site List (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 10/25/2018
+---
+
+
+# Enterprise Mode and the Enterprise Mode Site List
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Internet Explorer and Microsoft Edge can work together to support your legacy web apps, while still defaulting to the higher bar for security and modern experiences enabled by Microsoft Edge. Working with multiple browsers can be difficult, particularly if you have a substantial number of internal sites. To help manage this dual-browser experience, we are introducing a new web tool specifically targeted towards larger organizations: the [Enterprise Mode Site List Portal](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal).
+
+## Available dual-browser experiences
+If you have specific websites and apps that you know have compatibility problems with Microsoft Edge, you can use the Enterprise Mode site list so that the websites automatically open using Internet Explorer 11. Additionally, if you know that your intranet sites aren't going to work correctly with Microsoft Edge, you can set all intranet sites to open using IE11 automatically.
+
+Using Enterprise Mode means that you can continue to use Microsoft Edge as your default browser, while also ensuring that your apps continue working on IE11.
+
+>[!TIP]
+> If you are running an earlier version of Internet Explorer, we recommend upgrading to IE11, so that any legacy apps continue to work correctly.
+
+For Windows 10 and Windows 10 Mobile, Microsoft Edge is the default browser experience. However, Microsoft Edge lets you continue to use IE11 for sites that are on your corporate intranet or included on your Enterprise Mode Site List.
+
+
+## What is Enterprise Mode?
+Enterprise Mode, a compatibility mode that runs on Internet Explorer 11 on Windows 10, Windows 8.1, and Windows 7 devices, lets websites render using a modified browser configuration that’s designed to emulate either Windows Internet Explorer 7 or Windows Internet Explorer 8. Running in this mode helps to avoid many of the common compatibility problems associated with web apps written and tested on older versions of Internet Explorer.
+
+Many customers identify web app compatibility as a significant cost to upgrading because web apps need to be tested and upgraded before adopting a new browser. The improved compatibility provided by Enterprise Mode can help give customers confidence to upgrade to IE11, letting customers benefit from modern web standards, increased performance, improved security, and better reliability.
+
+### Enterprise Mode features
+Enterprise Mode includes the following features:
+
+- **Improved web app and website compatibility.** Through improved emulation, Enterprise Mode lets many legacy web apps run unmodified on IE11, supporting several site patterns that aren’t currently supported by existing document modes.
+
+- **Tool-based management for website lists.** Use the Enterprise Mode Site List Manager to add website domains and domain paths and to specify whether a site renders using Enterprise Mode.
+Download the [Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853) or the [Enterprise Mode Site List Manager (schema v.1)](https://go.microsoft.com/fwlink/p/?LinkID=394378), based on your operating system and schema.
+
+- **Centralized control.** You can specify the websites or web apps to interpret using Enterprise Mode, through an XML file on a website or stored locally. Domains and paths within those domains can be treated differently, allowing granular control. Use Group Policy to let users turn Enterprise Mode on or off from the Tools menu and to decide whether the Enterprise browser profile appears on the Emulation tab of the F12 developer tools.
+
+ >[!Important]
+ >All centrally-made decisions override any locally-made choices.
+
+- **Integrated browsing.** When Enterprise Mode is set up, users can browse the web normally, letting the browser change modes automatically to accommodate Enterprise Mode sites.
+
+- **Data gathering.** You can configure Enterprise Mode to collect local override data, posting back to a named server. This lets you "crowd source" compatibility testing from key users; gathering their findings to add to your central site list.
+
+## Enterprise Mode and the Enterprise Mode Site List XML file
+The Enterprise Mode Site List is an XML document that specifies a list of sites, their compat mode, and their intended browser. Using [Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853), you can automatically start a webpage using a specific browser. In the case of IE11, the webpage can also be launched in a specific compat mode, so it always renders correctly. Your employees can easily view this site list by typing _about:compat_ in either Microsoft Edge or IE11.
+
+Starting with Windows 10, version 1511 (also known as the Anniversary Update), you can also [restrict IE11 to only the legacy web apps that need it](https://blogs.windows.com/msedgedev/2016/05/19/edge14-ie11-better-together/), automatically sending sites not included in the Enterprise Mode Site List to Microsoft Edge.
+
+### Site list xml file
+This is a view of the [raw EMIE v2 schema.xml file](https://gist.github.com/kypflug/9e9961de771d2fcbd86b#file-emie-v2-schema-xml). There are equivalent Enterprise Mode Site List policies for both [Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/emie-to-improve-compatibility) and [Internet Explorer 11](turn-on-enterprise-mode-and-use-a-site-list.md). The Microsoft Edge list is used to determine which sites should open in IE11; while the IE11 list is used to determine the compat mode for a site, and which sites should open in Microsoft Edge. We recommend using one list for both browsers, where each policy points to the same XML file location.
+
+```xml
+
+
+
+ EnterpriseSiteListManager
+ 10586
+ 20150728.135021
+
+
+
+ IE8Enterprise
+ IE11
+
+
+ default
+ IE11
+
+
+ IE7Enterprise
+ IE11
+
+
+
+
+ IE8Enterprise"
+ IE11
+
+
+ IE7
+ IE11
+
+
+ IE7
+ IE11
+
+
+
+```
+
+## Enterprise Mode Site List Manager and the Enterprise Mode Site List Portal tools
+You can build and manage your Enterprise Mode Site List is by using any generic text editor. However, we’ve also provided a couple tools that can make that process even easier.
+
+### Enterprise Mode Site List Manager
+This tool helps you create error-free XML documents with simple n+1 versioning and URL verification. We recommend using this tool if your site list is relatively small. For more info about this tool, see the Use the [Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md) topics.
+
+There are 2 versions of this tool, both supported on Windows 7, Windows 8.1, and Windows 10:
+
+- [Enterprise Mode Site List Manager (schema v.1)](https://www.microsoft.com/download/details.aspx?id=42501). This is an older version of the schema that you must use if you want to create and update your Enterprise Mode Site List for devices running the v.1 version of the schema.
+
+ We strongly recommend moving to the new schema, v.2. For more info, see [Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md).
+
+- [Enterprise Mode Site List Manager (schema v.2)](https://www.microsoft.com/download/details.aspx?id=49974). The updated version of the schema, including new functionality. You can use this version of the schema to create and update your Enterprise Mode Site List for devices running the v.2 version of the schema.
+
+ If you open a v.1 version of your Enterprise Mode Site List using this version, it will update the schema to v.2, automatically. For more info, see [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md).
+
+If your list is too large to add individual sites, or if you have more than one person managing the site list, we recommend using the Enterprise Site List Portal.
+
+### Enterprise Mode Site List Portal
+The [Enterprise Mode Site List Portal](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal) is an open-source web tool on GitHub that allows you to manage your Enterprise Mode Site List, hosted by the app, with multiple users. The portal is designed to use IIS and a SQL Server backend, leveraging Active Directory (AD) for employee management.
+
+In addition to all the functionality of the Enterprise Mode Site List Manager tool, the Enterprise Mode Site List Portal helps you:
+
+- Manage site lists from any device supporting Windows 7 or greater.
+
+- Submit change requests.
+
+- Operate offline through an on-premise solution.
+
+- Provide role-based governance.
+
+- Test configuration settings before releasing to a live environment.
+
+Updates to your site list are made by submitting new change requests, which are then approved by a designated group of people, put into a pre-production environment for testing, and then deployed immediately, or scheduled for deployment later.
+
+Because the tool is open-source, the source code is readily available for examination and experimentation. We encourage you to [fork the code, submit pull requests, and send us your feedback](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal)! For more info about the Enterprise Mode Site List Portal, see the [Use the Enterprise Mode Site List Portal](use-the-enterprise-mode-portal.md) topics.
+
+## Related topics
+
+- [Enterprise Mode Site List Portal source code](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal)
+
+- [Technical guidance, tools, and resources on Enterprise browsing](https://technet.microsoft.com/ie)
+
+- [Enterprise Mode Site List Manager (schema v.1)](https://www.microsoft.com/download/details.aspx?id=42501)
+
+- [Enterprise Mode Site List Manager (schema v.2)](https://www.microsoft.com/download/details.aspx?id=49974)
+
+- [Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
+
+- [Collect data using Enterprise Site Discovery](collect-data-using-enterprise-site-discovery.md)
+
+- [Web Application Compatibility Lab Kit](https://technet.microsoft.com/microsoft-edge/mt612809.aspx)
+
+- [Microsoft Services Support](https://www.microsoft.com/microsoftservices/support.aspx)
+
+- [Find a Microsoft partner on Pinpoint](https://partnercenter.microsoft.com/pcv/search)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/what-is-the-internet-explorer-11-blocker-toolkit.md b/browsers/internet-explorer/ie11-deploy-guide/what-is-the-internet-explorer-11-blocker-toolkit.md
index 2343973365..98f659748d 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/what-is-the-internet-explorer-11-blocker-toolkit.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/what-is-the-internet-explorer-11-blocker-toolkit.md
@@ -1,152 +1,153 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: support
-ms.pagetype: security
-description: How to download and use the Internet Explorer 11 Blocker Toolkit to turn off the automatic delivery of IE11 through the Automatic Updates feature of Windows Update.
-author: lomayor
-ms.author: lomayor
-ms.manager: elizapo
-ms.prod: ie11
-ms.assetid: fafeaaee-171c-4450-99f7-5cc7f8d7ba91
-ms.reviewer:
-audience: itpro
manager: dansimp
-title: What is the Internet Explorer 11 Blocker Toolkit? (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 05/10/2018
----
-
-
-# What is the Internet Explorer 11 Blocker Toolkit?
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-The Internet Explorer 11 Blocker Toolkit lets you turn off the automatic delivery of IE11 through the **Automatic Updates** feature of Windows Update.
-
->[!IMPORTANT]
->The IE11 Blocker Toolkit does not stop users from manually installing IE11 from the [Microsoft Download Center](https://go.microsoft.com/fwlink/p/?linkid=327753). Also, even if you have installed previous versions of the toolkit before, like for Internet Explorer 10, you still need to install this version to prevent the installation of IE11.
-
-## Install the toolkit
-
-1. Download the IE11 Blocker Toolkit from [Toolkit to Disable Automatic Delivery of Internet Explorer 11](https://go.microsoft.com/fwlink/p/?LinkId=327745).
-
-2. Accept the license agreement and store the included four files on your local computer.
-
-3. Start an elevated Command Prompt by going to **Start**>**All Programs**>**Accessories**> right-clicking on **Command Prompt**, and then choosing **Run as Administrator**.
-
-4. In the Command Prompt, change to the location where you put the 4 files.
-
-5. In the Command Prompt, type `ie11_blocker.cmd /B` and press Enter.
-Wait for the message, **Blocking deployment of IE11 on the local machine. The operation completed successfully.**
-
-6. Close the Command Prompt.
-
-For answers to frequently asked questions, see [Internet Explorer 11 Blocker Toolkit: Frequently Asked Questions](https://go.microsoft.com/fwlink/p/?LinkId=314063).
-
-## Automatic updates
-Internet Explorer 11 makes browsing the web faster, easier, safer, and more reliable than ever. To help customers become more secure and up-to-date, Microsoft will distribute Internet Explorer 11 through Automatic Updates and the Windows Update and Microsoft Update sites. Internet Explorer 11 will be available for users of the 32-bit and 64-bit versions of Windows 7 Service Pack 1 (SP1), and 64-bit version of Windows Server 2008 R2 SP1. This article provides an overview of the delivery process and options available for IT administrators to control how and when Internet Explorer 11 is deployed to their organization through Automatic Updates.
-
-### Automatic delivery process
-Internet Explorer 11 only downloads and installs if it’s available for delivery through Automatic Updates; and Automatic Updates only offer Internet Explorer 11 to users with local administrator accounts. User’s without local administrator accounts won’t be prompted to install the update and will continue using their current version of Internet Explorer.
-
-Internet Explorer 11 replaces Internet Explorer 8, Internet Explorer 9, or Internet Explorer 10. If you decide you don’t want Internet Explorer 11, and you’re running Windows 7 SP1 or Windows Server 2008 R2 with SP1, you can uninstall it from the **View installed updates** section of the **Uninstall an update** page of the Control Panel.
-
-### Internet Explorer 11 automatic upgrades
-
-Internet Explorer 11 is offered through Automatic Updates and Windows Update as an Important update. Users running Windows 7 SP1, who have chosen to download and install updates automatically through Windows Update, are automatically upgraded to Internet Explorer 11.
-
-Users who were automatically upgraded to Internet Explorer 11 can decide to uninstall Internet Explorer 11. However, Internet Explorer 11 will still appear as an optional update through Windows Update.
-
-### Options for blocking automatic delivery
-
-If you use Automatic Updates in your company, but want to stop your users from automatically getting Internet Explorer 11, do one of the following:
-
-- **Download and use the Internet Explorer 11 Blocker Toolkit.** Includes a Group Policy template and a script that permanently blocks Internet Explorer 11 from being offered by Windows Update or Microsoft Update as a high-priority update. You can download this kit from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=40722).
-
- >[!NOTE]
- >The toolkit won't stop users with local administrator accounts from manually installing Internet Explorer 11. Using this toolkit also prevents your users from receiving automatic upgrades from Internet Explorer 8, Internet Explorer 9, or Internet Explorer 10 to Internet Explorer 11. For more information, see the [Internet Explorer 11 Blocker Toolkit frequently asked questions](https://docs.microsoft.com/internet-explorer/ie11-faq/faq-for-it-pros-ie11).
-
-- **Use an update management solution to control update deployment.** If you already use an update management solution, like [Windows Server Update Services (WSUS)](https://docs.microsoft.com/windows-server/administration/windows-server-update-services/get-started/windows-server-update-services-wsus) or the more advanced [System Center 2012 Configuration Manager](https://go.microsoft.com/fwlink/?LinkID=276664), you should use that instead of the Internet Explorer Blocker Toolkit.
-
->[!NOTE]
->If you use WSUS to manage updates, and Update Rollups are configured for automatic installation, Internet Explorer will automatically install throughout your company.
-
-
-### Prevent automatic installation of Internet Explorer 11 with WSUS
-
-Internet Explorer 11 will be released to WSUS as an Update Rollup package. Therefore, if you’ve configured WSUS to “auto-approve” Update Rollup packages, it’ll be automatically approved and installed. To stop Internet Explorer 11 from being automatically approved for installation, you need to:
-
-1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.
-
-2. Expand *ComputerName*, and then click **Options**.
-
-3. Click **Automatic Approvals**.
-
-4. Click the rule that automatically approves an update that is classified as Update Rollup, and then click **Edit.**
-
- >[!NOTE]
- >If you don’t see a rule like this, you most likely haven’t configured WSUS to automatically approve Update Rollups for installation. In this situation, you don’t have to do anything else.
-
-5. Click the **Update Rollups** property under the **Step 2: Edit the properties (click an underlined value)** section.
-
- >[!NOTE]
- >The properties for this rule will resemble the following:
- When an update is in Update Rollups
- Approve the update for all computers
-
-6. Clear the **Update Rollup** check box, and then click **OK**.
-
-7. Click **OK** to close the **Automatic Approvals** dialog box.
-
-After the new Internet Explorer 11 package is available for download, you should manually synchronize the new package to your WSUS server, so that when you re-enable auto-approval it won’t be automatically installed.
-
-1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.
-
-2. Expand *ComputerName*, and then click **Synchronizations**.
-
-3. Click **Synchronize Now**.
-
-4. Expand *ComputerName*, expand **Updates**, and then click **All Updates**.
-
-5. Choose **Unapproved** in the **Approval**drop down box.
-
-6. Check to make sure that Microsoft Internet Explorer 11 is listed as an unapproved update.
-
->[!NOTE]
->There may be multiple updates, depending on the imported language and operating system updates.
-
-### Optional - Reset update rollups packages to auto-approve
-
-1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.
-
-2. Expand *ComputerName*, and then click **Options**.
-
-3. Click **Automatic Approvals**.
-
-4. Click the rule that automatically approves updates of different classifications, and then click **Edit**.
-
-5. Click the **Update Rollups** property under the **Step 2: Edit the properties (click an underlined value)** section.
-
-6. Check the **Update Rollups** check box, and then click **OK**.
-
-7. Click **OK** to close the **Automatic Approvals** dialog box.
-
->[!NOTE]
->Because auto-approval rules are only evaluated when an update is first imported into WSUS, turning this rule back on after the Internet Explorer 11 update has been imported and synchronized to the server won’t cause this update to be auto-approved.
-
-
-
-## Additional resources
-
-- [Internet Explorer 11 Blocker Toolkit download](https://www.microsoft.com/download/details.aspx?id=40722)
-
-- [Internet Explorer 11 Blocker Toolkit - Frequently Asked Questions](../ie11-faq/faq-ie11-blocker-toolkit.md)
-
-- [Internet Explorer 11 FAQ for IT pros](https://docs.microsoft.com/internet-explorer/ie11-faq/faq-for-it-pros-ie11)
-
-- [Internet Explorer 11 delivery through automatic updates](ie11-delivery-through-automatic-updates.md)
-
-- [Internet Explorer 11 deployment guide](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/index)
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: support
+ms.pagetype: security
+description: How to download and use the Internet Explorer 11 Blocker Toolkit to turn off the automatic delivery of IE11 through the Automatic Updates feature of Windows Update.
+author: dansimp
+ms.author: dansimp
+ms.manager: elizapo
+ms.prod: ie11
+ms.assetid: fafeaaee-171c-4450-99f7-5cc7f8d7ba91
+ms.reviewer:
+audience: itpro
+manager: dansimp
+title: What is the Internet Explorer 11 Blocker Toolkit? (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 05/10/2018
+---
+
+
+# What is the Internet Explorer 11 Blocker Toolkit?
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+The Internet Explorer 11 Blocker Toolkit lets you turn off the automatic delivery of IE11 through the **Automatic Updates** feature of Windows Update.
+
+>[!IMPORTANT]
+>The IE11 Blocker Toolkit does not stop users from manually installing IE11 from the [Microsoft Download Center](https://go.microsoft.com/fwlink/p/?linkid=327753). Also, even if you have installed previous versions of the toolkit before, like for Internet Explorer 10, you still need to install this version to prevent the installation of IE11.
+
+## Install the toolkit
+
+1. Download the IE11 Blocker Toolkit from [Toolkit to Disable Automatic Delivery of Internet Explorer 11](https://go.microsoft.com/fwlink/p/?LinkId=327745).
+
+2. Accept the license agreement and store the included four files on your local computer.
+
+3. Start an elevated Command Prompt by going to **Start**>**All Programs**>**Accessories**> right-clicking on **Command Prompt**, and then choosing **Run as Administrator**.
+
+4. In the Command Prompt, change to the location where you put the 4 files.
+
+5. In the Command Prompt, type `ie11_blocker.cmd /B` and press Enter.
+Wait for the message, **Blocking deployment of IE11 on the local machine. The operation completed successfully.**
+
+6. Close the Command Prompt.
+
+For answers to frequently asked questions, see [Internet Explorer 11 Blocker Toolkit: Frequently Asked Questions](https://go.microsoft.com/fwlink/p/?LinkId=314063).
+
+## Automatic updates
+Internet Explorer 11 makes browsing the web faster, easier, safer, and more reliable than ever. To help customers become more secure and up-to-date, Microsoft will distribute Internet Explorer 11 through Automatic Updates and the Windows Update and Microsoft Update sites. Internet Explorer 11 will be available for users of the 32-bit and 64-bit versions of Windows 7 Service Pack 1 (SP1), and 64-bit version of Windows Server 2008 R2 SP1. This article provides an overview of the delivery process and options available for IT administrators to control how and when Internet Explorer 11 is deployed to their organization through Automatic Updates.
+
+### Automatic delivery process
+Internet Explorer 11 only downloads and installs if it’s available for delivery through Automatic Updates; and Automatic Updates only offer Internet Explorer 11 to users with local administrator accounts. User’s without local administrator accounts won’t be prompted to install the update and will continue using their current version of Internet Explorer.
+
+Internet Explorer 11 replaces Internet Explorer 8, Internet Explorer 9, or Internet Explorer 10. If you decide you don’t want Internet Explorer 11, and you’re running Windows 7 SP1 or Windows Server 2008 R2 with SP1, you can uninstall it from the **View installed updates** section of the **Uninstall an update** page of the Control Panel.
+
+### Internet Explorer 11 automatic upgrades
+
+Internet Explorer 11 is offered through Automatic Updates and Windows Update as an Important update. Users running Windows 7 SP1, who have chosen to download and install updates automatically through Windows Update, are automatically upgraded to Internet Explorer 11.
+
+Users who were automatically upgraded to Internet Explorer 11 can decide to uninstall Internet Explorer 11. However, Internet Explorer 11 will still appear as an optional update through Windows Update.
+
+### Options for blocking automatic delivery
+
+If you use Automatic Updates in your company, but want to stop your users from automatically getting Internet Explorer 11, do one of the following:
+
+- **Download and use the Internet Explorer 11 Blocker Toolkit.** Includes a Group Policy template and a script that permanently blocks Internet Explorer 11 from being offered by Windows Update or Microsoft Update as a high-priority update. You can download this kit from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=40722).
+
+ >[!NOTE]
+ >The toolkit won't stop users with local administrator accounts from manually installing Internet Explorer 11. Using this toolkit also prevents your users from receiving automatic upgrades from Internet Explorer 8, Internet Explorer 9, or Internet Explorer 10 to Internet Explorer 11. For more information, see the [Internet Explorer 11 Blocker Toolkit frequently asked questions](https://docs.microsoft.com/internet-explorer/ie11-faq/faq-for-it-pros-ie11).
+
+- **Use an update management solution to control update deployment.** If you already use an update management solution, like [Windows Server Update Services (WSUS)](https://docs.microsoft.com/windows-server/administration/windows-server-update-services/get-started/windows-server-update-services-wsus) or the more advanced [System Center 2012 Configuration Manager](https://go.microsoft.com/fwlink/?LinkID=276664), you should use that instead of the Internet Explorer Blocker Toolkit.
+
+>[!NOTE]
+>If you use WSUS to manage updates, and Update Rollups are configured for automatic installation, Internet Explorer will automatically install throughout your company.
+
+
+### Prevent automatic installation of Internet Explorer 11 with WSUS
+
+Internet Explorer 11 will be released to WSUS as an Update Rollup package. Therefore, if you’ve configured WSUS to “auto-approve” Update Rollup packages, it’ll be automatically approved and installed. To stop Internet Explorer 11 from being automatically approved for installation, you need to:
+
+1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.
+
+2. Expand *ComputerName*, and then click **Options**.
+
+3. Click **Automatic Approvals**.
+
+4. Click the rule that automatically approves an update that is classified as Update Rollup, and then click **Edit.**
+
+ >[!NOTE]
+ >If you don’t see a rule like this, you most likely haven’t configured WSUS to automatically approve Update Rollups for installation. In this situation, you don’t have to do anything else.
+
+5. Click the **Update Rollups** property under the **Step 2: Edit the properties (click an underlined value)** section.
+
+ >[!NOTE]
+ >The properties for this rule will resemble the following:
- When an update is in Update Rollups
- Approve the update for all computers
+
+6. Clear the **Update Rollup** check box, and then click **OK**.
+
+7. Click **OK** to close the **Automatic Approvals** dialog box.
+
+After the new Internet Explorer 11 package is available for download, you should manually synchronize the new package to your WSUS server, so that when you re-enable auto-approval it won’t be automatically installed.
+
+1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.
+
+2. Expand *ComputerName*, and then click **Synchronizations**.
+
+3. Click **Synchronize Now**.
+
+4. Expand *ComputerName*, expand **Updates**, and then click **All Updates**.
+
+5. Choose **Unapproved** in the **Approval**drop down box.
+
+6. Check to make sure that Microsoft Internet Explorer 11 is listed as an unapproved update.
+
+>[!NOTE]
+>There may be multiple updates, depending on the imported language and operating system updates.
+
+### Optional - Reset update rollups packages to auto-approve
+
+1. Click **Start**, click **Administrative Tools**, and then click **Microsoft Windows Server Update Services 3.0**.
+
+2. Expand *ComputerName*, and then click **Options**.
+
+3. Click **Automatic Approvals**.
+
+4. Click the rule that automatically approves updates of different classifications, and then click **Edit**.
+
+5. Click the **Update Rollups** property under the **Step 2: Edit the properties (click an underlined value)** section.
+
+6. Check the **Update Rollups** check box, and then click **OK**.
+
+7. Click **OK** to close the **Automatic Approvals** dialog box.
+
+>[!NOTE]
+>Because auto-approval rules are only evaluated when an update is first imported into WSUS, turning this rule back on after the Internet Explorer 11 update has been imported and synchronized to the server won’t cause this update to be auto-approved.
+
+
+
+## Additional resources
+
+- [Internet Explorer 11 Blocker Toolkit download](https://www.microsoft.com/download/details.aspx?id=40722)
+
+- [Internet Explorer 11 Blocker Toolkit - Frequently Asked Questions](../ie11-faq/faq-ie11-blocker-toolkit.md)
+
+- [Internet Explorer 11 FAQ for IT pros](https://docs.microsoft.com/internet-explorer/ie11-faq/faq-for-it-pros-ie11)
+
+- [Internet Explorer 11 delivery through automatic updates](ie11-delivery-through-automatic-updates.md)
+
+- [Internet Explorer 11 deployment guide](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/index)
diff --git a/browsers/internet-explorer/ie11-deploy-guide/workflow-processes-enterprise-mode-portal.md b/browsers/internet-explorer/ie11-deploy-guide/workflow-processes-enterprise-mode-portal.md
index e9ee67796d..de71b3a8ff 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/workflow-processes-enterprise-mode-portal.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/workflow-processes-enterprise-mode-portal.md
@@ -1,46 +1,47 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: Use the topics in this section to learn how to perform all of the workflow-related processes in the Enterprise Mode Site List Portal.
-author: lomayor
-ms.prod: ie11
-title: Workflow-based processes for employees using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
----
-
-
-# Workflow-based processes for employees using the Enterprise Mode Site List Portal
-
-**Applies to:**
-
-- Windows 10
-- Windows 8.1
-- Windows 7
-- Windows Server 2012 R2
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-Use the topics in this section to learn how to perform the available Enterprise Mode Site List Portal processes, based on workflow.
-
-## In this section
-|Topic |Description |
-|---------------------------------------------------------------|-----------------------------------------------------------------------------------|
-|[Create a change request using the Enterprise Mode Site List Portal](create-change-request-enterprise-mode-portal.md)|Details about how the Requester creates a change request in the Enterprise Mode Site List Portal.|
-|[Verify your changes using the Enterprise Mode Site List Portal](verify-changes-preprod-enterprise-mode-portal.md)|Details about how the Requester tests a change request in the pre-production environment of the Enterprise Mode Site List Portal.|
-|[Approve a change request using the Enterprise Mode Site List Portal](approve-change-request-enterprise-mode-portal.md)|Details about how the Approver(s) approve a change request in the Enterprise Mode Site List Portal.|
-|[Schedule approved change requests for production using the Enterprise Mode Site List Portal](schedule-production-change-enterprise-mode-portal.md)|Details about how the Requester schedules the approved change request update in the Enterprise Mode Site List Portal.|
-|[Verify the change request update in the production environment using the Enterprise Mode Site List Portal](verify-changes-production-enterprise-mode-portal.md)|Details about how the Requester tests an update in the production environment of the Enterprise Mode Site List Portal.|
-|[View the apps currently on the Enterprise Mode Site List](view-apps-enterprise-mode-site-list.md)|Details about how anyone with access to the portal can review the apps already on the active Enterprise Mode Site List.|
-|[View the available Enterprise Mode reports from the Enterprise Mode Site List Portal](view-enterprise-mode-reports-for-portal.md) |Details about how the Administrator can view the view the Microsoft-provided Enterprise Mode reports from the Enterprise Mode Site List Portal. |
-
-
-## Related topics
-- [Set up the Enterprise Mode Site List Portal](set-up-enterprise-mode-portal.md)
-
-- [Enterprise Mode Site List Portal source code](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal)
-
-- [Enterprise Mode and the Enterprise Mode Site List](what-is-enterprise-mode.md)
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: Use the topics in this section to learn how to perform all of the workflow-related processes in the Enterprise Mode Site List Portal.
+author: dansimp
+ms.prod: ie11
+title: Workflow-based processes for employees using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+---
+
+
+# Workflow-based processes for employees using the Enterprise Mode Site List Portal
+
+**Applies to:**
+
+- Windows 10
+- Windows 8.1
+- Windows 7
+- Windows Server 2012 R2
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+Use the topics in this section to learn how to perform the available Enterprise Mode Site List Portal processes, based on workflow.
+
+## In this section
+|Topic |Description |
+|---------------------------------------------------------------|-----------------------------------------------------------------------------------|
+|[Create a change request using the Enterprise Mode Site List Portal](create-change-request-enterprise-mode-portal.md)|Details about how the Requester creates a change request in the Enterprise Mode Site List Portal.|
+|[Verify your changes using the Enterprise Mode Site List Portal](verify-changes-preprod-enterprise-mode-portal.md)|Details about how the Requester tests a change request in the pre-production environment of the Enterprise Mode Site List Portal.|
+|[Approve a change request using the Enterprise Mode Site List Portal](approve-change-request-enterprise-mode-portal.md)|Details about how the Approver(s) approve a change request in the Enterprise Mode Site List Portal.|
+|[Schedule approved change requests for production using the Enterprise Mode Site List Portal](schedule-production-change-enterprise-mode-portal.md)|Details about how the Requester schedules the approved change request update in the Enterprise Mode Site List Portal.|
+|[Verify the change request update in the production environment using the Enterprise Mode Site List Portal](verify-changes-production-enterprise-mode-portal.md)|Details about how the Requester tests an update in the production environment of the Enterprise Mode Site List Portal.|
+|[View the apps currently on the Enterprise Mode Site List](view-apps-enterprise-mode-site-list.md)|Details about how anyone with access to the portal can review the apps already on the active Enterprise Mode Site List.|
+|[View the available Enterprise Mode reports from the Enterprise Mode Site List Portal](view-enterprise-mode-reports-for-portal.md) |Details about how the Administrator can view the view the Microsoft-provided Enterprise Mode reports from the Enterprise Mode Site List Portal. |
+
+
+## Related topics
+- [Set up the Enterprise Mode Site List Portal](set-up-enterprise-mode-portal.md)
+
+- [Enterprise Mode Site List Portal source code](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal)
+
+- [Enterprise Mode and the Enterprise Mode Site List](what-is-enterprise-mode.md)
diff --git a/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.md b/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.md
index 9230c868d0..8917b1de22 100644
--- a/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.md
+++ b/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.md
@@ -1,203 +1,204 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: explore
-description: Frequently asked questions about Internet Explorer 11 for IT Pros
-author: lomayor
-ms.prod: ie11
-ms.assetid: 140e7d33-584a-44da-8c68-6c1d568e1de3
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Internet Explorer 11 - FAQ for IT Pros (Internet Explorer 11 for IT Pros)
-ms.sitesec: library
-ms.date: 10/16/2017
----
-
-
-# Internet Explorer 11 - FAQ for IT Pros
-Answering frequently asked questions about Internet Explorer 11 (IE11) features, operating system support, integration with the Windows operating system, Group Policy, and general configuration.
-
-## Frequently Asked Questions
-
-**Q: What operating system does IE11 run on?**
-
-- Windows 10
-
-- Windows 8.1
-
-- Windows Server 2012 R2
-
-- Windows 7 with Service Pack 1 (SP1)
-
-- Windows Server 2008 R2 with Service Pack 1 (SP1)
-
-
-**Q: How do I install IE11 on Windows 10, Windows 8.1, or Windows Server 2012 R2?**
-IE11 is preinstalled with Windows 8.1 and Windows Server 2012 R2. No additional action is required.
-
-**Q: How do I install IE11 on Windows 7 with SP1 or Windows Server 2008 R2 with SP1?**
-You can install IE11 on computers running either Windows 7 with SP1 or Windows Server 2008 R2 with SP1. To download IE11, see the IE11 [home page](https://go.microsoft.com/fwlink/p/?LinkId=290956).
-
-**Q: How does IE11 integrate with Windows 8.1?**
-IE11 is the default handler for the HTTP and HTTPS protocols and the default browser for Windows 8.1. There are two experiences in Windows 8.1: Internet Explorer and Internet Explorer for the desktop. IE is the default browser for touch-first, immersive experiences. Internet Explorer for the desktop provides a more traditional window and tab management experience. The underlying platform of IE11 is fully interoperable across both IE and the familiar Internet Explorer for the desktop, letting developers write the same markup for both experiences.
-
-**Q: What are the new or improved security features?**
-IE11 offers improvements to Enhanced Protected Mode, password manager, and other security features. IE11 also turns on Transport Layer Security (TLS) 1.2 by default.
-
-**Q: How is Microsoft supporting modern web standards, such as WebGL?**
-Microsoft is committed to providing an interoperable web by supporting modern web standards. Doing this lets developers use the same markup across web browsers, helping to reduce development and support costs.
-Supported web standards include:
-
-- Web Graphics Library (WebGL)
-
-- Canvas 2D L2 extensions, including image smoothing using the nearest neighbor, dashed lines, and fill rules
-
-- Fullscreen API
-
-- Encrypted media extensions
-
-- Media source extensions
-
-- CSS flexible box layout module
-
-- And mutation observers like DOM4 and 5.3
-
-For more information about specific changes and additions, see the [IE11 guide for developers](https://go.microsoft.com/fwlink/p/?LinkId=313188).
-
-**Q: What test tools exist to test for potential application compatibility issues?**
-The Compat Inspector tool supports Windows Internet Explorer 9 through IE11. For more information, see [Compat Inspector User Guide](https://go.microsoft.com/fwlink/p/?LinkId=313189). In addition, you can use the new [F12 Developer Tools](https://go.microsoft.com/fwlink/p/?LinkId=313190) that are included with IE11, or the [modern.ie](https://go.microsoft.com/fwlink/p/?linkid=308902) website for Microsoft Edge.
-
-**Q: Why am I having problems launching my legacy apps with Internet Explorer 11**?
-It’s most likely because IE no longer starts apps that use managed browser hosting controls, like in the .NET Framework 1.1 and 2.0. You can get IE11 to use managed browser hosting controls again, by:
-
-- **For x86 systems or for 32-bit processes on x64 systems:** Go to the `HKLM\SOFTWARE\MICROSOFT\.NETFramework` registry key and change the **EnableIEHosting** value to **1**.
-
-- **For x64 systems or for 64-bit processes on x64 systems:** Go to the `HKLM\SOFTWARE\Wow6432Node\.NETFramework` registry key and change the **EnableIEHosting** value to **1**.
-
-For more information, see the [Web Applications](https://go.microsoft.com/fwlink/p/?LinkId=308903) section of the Application Compatibility in the .NET Framework 4.5 page.
-
-**Q: Is there a compatibility list for IE?**
-Yes. You can review the XML-based [compatibility version list](https://go.microsoft.com/fwlink/p/?LinkId=403864).
-
-**Q: What is Enterprise Mode?**
-Enterprise Mode is a compatibility mode designed for Enterprises. This mode lets websites render using a modified browser configuration that’s designed to avoid the common compatibility problems associated with web apps written and tested on older versions of IE, like Windows Internet Explorer 7 or Windows Internet Explorer 8.
-For more information, see [Turn on Enterprise Mode and use a site list](../ie11-deploy-guide/turn-on-enterprise-mode-and-use-a-site-list.md).
-
-**Q: What is the Enterprise Mode Site List Manager tool?**
-Enterprise Mode Site List Manager tool gives you a way to add websites to your Enterprise Mode site list, without having to manually code XML.
-For more information, see all of the topics in [Use the Enterprise Mode Site List Manager](../ie11-deploy-guide/use-the-enterprise-mode-site-list-manager.md).
-
-**Q: Are browser plug-ins supported in IE11?**
-The immersive version of IE11 provides an add-on–free experience, so browser plugins won't load and dependent content won't be displayed. This doesn't apply to Internet Explorer for the desktop. For more information, see [Browsing Without Plug-ins](https://go.microsoft.com/fwlink/p/?LinkId=242587). However, Internet Explorer for the desktop and IE11 on Windows 7 with SP1 do support browser plugins, including ActiveX controls such as Adobe Flash and Microsoft Silverlight.
-
-**Q: Is Adobe Flash supported on IE11?**
-Adobe Flash is included as a platform feature and is available out of the box for Windows 8.1, running on both IE and Internet Explorer for the desktop. Users can turn this feature on or off using the **Manage Add-ons** dialog box, while administrators can turn this feature on or off using the Group Policy setting, **Turn off Adobe Flash in IE and prevent applications from using IE technology to instantiate Flash objects**.
-**Important**
-The preinstalled version of Adobe Flash isn't supported on IE11 running on either Windows 7 with SP1 or Windows Server 2008 R2 with SP1. However, you can still download and install the separate Adobe Flash plug-in.
-
-**Q: Can I replace IE11 on Windows 8.1 with an earlier version?**
-No. Windows 8.1 doesn't support any of the previous versions of IE.
-
-**Q: Are there any new Group Policy settings in IE11?**
-IE11 includes all of the previous Group Policy settings you've used to manage and control web browser configuration since Internet Explorer 9. It also includes the following new Group Policy settings, supporting new features:
-
-- Turn off Page Prediction
-
-- Turn on the swiping motion for Internet Explorer for the desktop
-
-- Allow Microsoft services to provide more relevant and personalized search results
-
-- Turn off phone number detection
-
-- Allow IE to use the SPDY/3 network protocol
-
-- Let users turn on and use Enterprise Mode from the **Tools** menu
-
-- Use the Enterprise Mode IE website list
-
-For more information, see [New group policy settings for IE11](../ie11-deploy-guide/new-group-policy-settings-for-ie11.md).
-
-
-**Q: Where can I get more information about IE11 for IT pros?**
-Visit the [Springboard Series for Microsoft Browsers](https://go.microsoft.com/fwlink/p/?LinkId=313191) webpage on TechNet.
-
-
-
-**Q: Can I customize settings for IE on Windows 8.1?**
-Settings can be customized in the following ways:
-
-- IE11 **Settings** charm.
-
-- IE11-related Group Policy settings.
-
-- IEAK 11 for settings shared by both IE and Internet Explorer for the desktop.
-
-**Q: Can I make Internet Explorer for the desktop my default browsing experience?**
-Group Policy settings can be set to open either IE or Internet Explorer for the desktop as the default browser experience. Individual users can configure their own settings in the **Programs** tab of **Internet Options**. The following table shows the settings and results:
-
-|Setting |Result |
-|--------|-------|
-|Let IE decide |Links open in the same type of experience from where they're launched. For example, clicking a link from a Microsoft Store app, opens IE. However, clicking a link from a desktop app, opens Internet Explorer for the desktop. |
-|Always in IE11 |Links always open in IE. |
-|Always in Internet Explorer for the desktop |Links always open in Internet Explorer for the desktop. |
-
-
-**Q. Can IEAK 11 build custom Internet Explorer 11 packages in languages other than the language of the in-use IEAK 11 version?**
-Yes. You can use IEAK 11 to build custom Internet Explorer 11 packages in any of the supported 24 languages. You'll select the language for the custom package on the Language Selection page of the customization wizard.
-
-IEAK 11 is available in 24 languages but can build customized Internet Explorer 11 packages in all languages of the supported operating systems. Select a language below and download IEAK 11 from the download center:
-
-| | | |
-|---------|---------|---------|
-|[English](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/en-us/ieak.msi) |[French](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/fr-fr/ieak.msi) |[Norwegian (Bokmål)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/nb-no/ieak.msi) |
-|[Arabic](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ar-sa/ieak.msi) |[Chinese (Simplified)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/zh-cn/ieak.msi) |[Chinese(Traditional)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/zh-tw/ieak.msi) |
-|[Czech](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/cs-cz/ieak.msi) |[Danish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/da-dk/ieak.msi) |[Dutch](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/nl-nl/ieak.msi) |
-|[Finnish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/fi-fi/ieak.msi) |[German](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/de-de/ieak.msi) |[Greek](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/el-gr/ieak.msi) |
-|[Hebrew](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/he-il/ieak.msi) |[Hungarian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/hu-hu/ieak.msi) |[Italian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/it-it/ieak.msi) |
-|[Japanese](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ja-jp/ieak.msi) |[Korean](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ko-kr/ieak.msi) |[Polish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pl-pl/ieak.msi) |
-|[Portuguese (Brazil)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pt-br/ieak.msi) |[Portuguese (Portugal)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pt-pt/ieak.msi) |[Russian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ru-ru/ieak.msi) |
-|[Spanish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/es-es/ieak.msi) |[Swedish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/sv-se/ieak.msi) |[Turkish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/tr-tr/ieak.msi) |
-
-
-
-
-**Q. What are the different modes available for the Internet Explorer Customization Wizard?**
-The IEAK Customization Wizard displays pages based on your licensing mode selection, either **Internal** or **External**. For more information on IEAK Customization Wizard modes, see [Determine the licensing version and features to use in IEAK 11](../ie11-ieak/licensing-version-and-features-ieak11.md).
-
-The following table displays which pages are available in IEAK 11, based on the licensing mode:
-
-| **Wizard Pages** | **External** | **Internal** |
-|-------------------------------------------|--------------|--------------|
-| Welcome to the IEAK | Yes | Yes |
-| File Locations | Yes | Yes |
-| Platform Selection | Yes | Yes |
-| Language Selection | Yes | Yes |
-| Package Type Selection | Yes | Yes |
-| Feature Selection | Yes | Yes |
-| Automatic Version Synchronization | Yes | Yes |
-| Custom Components | Yes | Yes |
-| Corporate Install | No | Yes |
-| User Experience | No | Yes |
-| Browser User Interface | Yes | Yes |
-| Search Providers | Yes | Yes |
-| Important URLs - Home page and Support | Yes | Yes |
-| Accelerators | Yes | Yes |
-| Favorites, Favorites Bar, and Feeds | Yes | Yes |
-| Browsing Options | No | Yes |
-| First Run Wizard and Welcome Page Options | Yes | Yes |
-| Compatibility View | Yes | Yes |
-| Connection Manager | Yes | Yes |
-| Connection Settings | Yes | Yes |
-| Automatic Configuration | No | Yes |
-| Proxy Settings | Yes | Yes |
-| Security and Privacy Settings | No | Yes |
-| Add a Root Certificate | Yes | No |
-| Programs | Yes | Yes |
-| Additional Settings | No | Yes |
-| Wizard Complete | Yes | Yes |
-
-
-## Related topics
-- [Microsoft Edge - Deployment Guide for IT Pros](https://go.microsoft.com/fwlink/p/?LinkId=760643)
-- [Internet Explorer 11 (IE11) - Deployment Guide for IT Pros](../ie11-deploy-guide/index.md)
-- [Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide](../ie11-ieak/index.md)
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: explore
+description: Frequently asked questions about Internet Explorer 11 for IT Pros
+author: dansimp
+ms.prod: ie11
+ms.assetid: 140e7d33-584a-44da-8c68-6c1d568e1de3
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Internet Explorer 11 - FAQ for IT Pros (Internet Explorer 11 for IT Pros)
+ms.sitesec: library
+ms.date: 10/16/2017
+---
+
+
+# Internet Explorer 11 - FAQ for IT Pros
+Answering frequently asked questions about Internet Explorer 11 (IE11) features, operating system support, integration with the Windows operating system, Group Policy, and general configuration.
+
+## Frequently Asked Questions
+
+**Q: What operating system does IE11 run on?**
+
+- Windows 10
+
+- Windows 8.1
+
+- Windows Server 2012 R2
+
+- Windows 7 with Service Pack 1 (SP1)
+
+- Windows Server 2008 R2 with Service Pack 1 (SP1)
+
+
+**Q: How do I install IE11 on Windows 10, Windows 8.1, or Windows Server 2012 R2?**
+IE11 is preinstalled with Windows 8.1 and Windows Server 2012 R2. No additional action is required.
+
+**Q: How do I install IE11 on Windows 7 with SP1 or Windows Server 2008 R2 with SP1?**
+You can install IE11 on computers running either Windows 7 with SP1 or Windows Server 2008 R2 with SP1. To download IE11, see the IE11 [home page](https://go.microsoft.com/fwlink/p/?LinkId=290956).
+
+**Q: How does IE11 integrate with Windows 8.1?**
+IE11 is the default handler for the HTTP and HTTPS protocols and the default browser for Windows 8.1. There are two experiences in Windows 8.1: Internet Explorer and Internet Explorer for the desktop. IE is the default browser for touch-first, immersive experiences. Internet Explorer for the desktop provides a more traditional window and tab management experience. The underlying platform of IE11 is fully interoperable across both IE and the familiar Internet Explorer for the desktop, letting developers write the same markup for both experiences.
+
+**Q: What are the new or improved security features?**
+IE11 offers improvements to Enhanced Protected Mode, password manager, and other security features. IE11 also turns on Transport Layer Security (TLS) 1.2 by default.
+
+**Q: How is Microsoft supporting modern web standards, such as WebGL?**
+Microsoft is committed to providing an interoperable web by supporting modern web standards. Doing this lets developers use the same markup across web browsers, helping to reduce development and support costs.
+Supported web standards include:
+
+- Web Graphics Library (WebGL)
+
+- Canvas 2D L2 extensions, including image smoothing using the nearest neighbor, dashed lines, and fill rules
+
+- Fullscreen API
+
+- Encrypted media extensions
+
+- Media source extensions
+
+- CSS flexible box layout module
+
+- And mutation observers like DOM4 and 5.3
+
+For more information about specific changes and additions, see the [IE11 guide for developers](https://go.microsoft.com/fwlink/p/?LinkId=313188).
+
+**Q: What test tools exist to test for potential application compatibility issues?**
+The Compat Inspector tool supports Windows Internet Explorer 9 through IE11. For more information, see [Compat Inspector User Guide](https://go.microsoft.com/fwlink/p/?LinkId=313189). In addition, you can use the new [F12 Developer Tools](https://go.microsoft.com/fwlink/p/?LinkId=313190) that are included with IE11, or the [modern.ie](https://go.microsoft.com/fwlink/p/?linkid=308902) website for Microsoft Edge.
+
+**Q: Why am I having problems launching my legacy apps with Internet Explorer 11**?
+It’s most likely because IE no longer starts apps that use managed browser hosting controls, like in the .NET Framework 1.1 and 2.0. You can get IE11 to use managed browser hosting controls again, by:
+
+- **For x86 systems or for 32-bit processes on x64 systems:** Go to the `HKLM\SOFTWARE\MICROSOFT\.NETFramework` registry key and change the **EnableIEHosting** value to **1**.
+
+- **For x64 systems or for 64-bit processes on x64 systems:** Go to the `HKLM\SOFTWARE\Wow6432Node\.NETFramework` registry key and change the **EnableIEHosting** value to **1**.
+
+For more information, see the [Web Applications](https://go.microsoft.com/fwlink/p/?LinkId=308903) section of the Application Compatibility in the .NET Framework 4.5 page.
+
+**Q: Is there a compatibility list for IE?**
+Yes. You can review the XML-based [compatibility version list](https://go.microsoft.com/fwlink/p/?LinkId=403864).
+
+**Q: What is Enterprise Mode?**
+Enterprise Mode is a compatibility mode designed for Enterprises. This mode lets websites render using a modified browser configuration that’s designed to avoid the common compatibility problems associated with web apps written and tested on older versions of IE, like Windows Internet Explorer 7 or Windows Internet Explorer 8.
+For more information, see [Turn on Enterprise Mode and use a site list](../ie11-deploy-guide/turn-on-enterprise-mode-and-use-a-site-list.md).
+
+**Q: What is the Enterprise Mode Site List Manager tool?**
+Enterprise Mode Site List Manager tool gives you a way to add websites to your Enterprise Mode site list, without having to manually code XML.
+For more information, see all of the topics in [Use the Enterprise Mode Site List Manager](../ie11-deploy-guide/use-the-enterprise-mode-site-list-manager.md).
+
+**Q: Are browser plug-ins supported in IE11?**
+The immersive version of IE11 provides an add-on–free experience, so browser plugins won't load and dependent content won't be displayed. This doesn't apply to Internet Explorer for the desktop. For more information, see [Browsing Without Plug-ins](https://go.microsoft.com/fwlink/p/?LinkId=242587). However, Internet Explorer for the desktop and IE11 on Windows 7 with SP1 do support browser plugins, including ActiveX controls such as Adobe Flash and Microsoft Silverlight.
+
+**Q: Is Adobe Flash supported on IE11?**
+Adobe Flash is included as a platform feature and is available out of the box for Windows 8.1, running on both IE and Internet Explorer for the desktop. Users can turn this feature on or off using the **Manage Add-ons** dialog box, while administrators can turn this feature on or off using the Group Policy setting, **Turn off Adobe Flash in IE and prevent applications from using IE technology to instantiate Flash objects**.
+**Important**
+The preinstalled version of Adobe Flash isn't supported on IE11 running on either Windows 7 with SP1 or Windows Server 2008 R2 with SP1. However, you can still download and install the separate Adobe Flash plug-in.
+
+**Q: Can I replace IE11 on Windows 8.1 with an earlier version?**
+No. Windows 8.1 doesn't support any of the previous versions of IE.
+
+**Q: Are there any new Group Policy settings in IE11?**
+IE11 includes all of the previous Group Policy settings you've used to manage and control web browser configuration since Internet Explorer 9. It also includes the following new Group Policy settings, supporting new features:
+
+- Turn off Page Prediction
+
+- Turn on the swiping motion for Internet Explorer for the desktop
+
+- Allow Microsoft services to provide more relevant and personalized search results
+
+- Turn off phone number detection
+
+- Allow IE to use the SPDY/3 network protocol
+
+- Let users turn on and use Enterprise Mode from the **Tools** menu
+
+- Use the Enterprise Mode IE website list
+
+For more information, see [New group policy settings for IE11](../ie11-deploy-guide/new-group-policy-settings-for-ie11.md).
+
+
+**Q: Where can I get more information about IE11 for IT pros?**
+Visit the [Springboard Series for Microsoft Browsers](https://go.microsoft.com/fwlink/p/?LinkId=313191) webpage on TechNet.
+
+
+
+**Q: Can I customize settings for IE on Windows 8.1?**
+Settings can be customized in the following ways:
+
+- IE11 **Settings** charm.
+
+- IE11-related Group Policy settings.
+
+- IEAK 11 for settings shared by both IE and Internet Explorer for the desktop.
+
+**Q: Can I make Internet Explorer for the desktop my default browsing experience?**
+Group Policy settings can be set to open either IE or Internet Explorer for the desktop as the default browser experience. Individual users can configure their own settings in the **Programs** tab of **Internet Options**. The following table shows the settings and results:
+
+|Setting |Result |
+|--------|-------|
+|Let IE decide |Links open in the same type of experience from where they're launched. For example, clicking a link from a Microsoft Store app, opens IE. However, clicking a link from a desktop app, opens Internet Explorer for the desktop. |
+|Always in IE11 |Links always open in IE. |
+|Always in Internet Explorer for the desktop |Links always open in Internet Explorer for the desktop. |
+
+
+**Q. Can IEAK 11 build custom Internet Explorer 11 packages in languages other than the language of the in-use IEAK 11 version?**
+Yes. You can use IEAK 11 to build custom Internet Explorer 11 packages in any of the supported 24 languages. You'll select the language for the custom package on the Language Selection page of the customization wizard.
+
+IEAK 11 is available in 24 languages but can build customized Internet Explorer 11 packages in all languages of the supported operating systems. Select a language below and download IEAK 11 from the download center:
+
+| | | |
+|---------|---------|---------|
+|[English](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/en-us/ieak.msi) |[French](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/fr-fr/ieak.msi) |[Norwegian (Bokmål)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/nb-no/ieak.msi) |
+|[Arabic](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ar-sa/ieak.msi) |[Chinese (Simplified)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/zh-cn/ieak.msi) |[Chinese(Traditional)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/zh-tw/ieak.msi) |
+|[Czech](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/cs-cz/ieak.msi) |[Danish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/da-dk/ieak.msi) |[Dutch](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/nl-nl/ieak.msi) |
+|[Finnish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/fi-fi/ieak.msi) |[German](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/de-de/ieak.msi) |[Greek](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/el-gr/ieak.msi) |
+|[Hebrew](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/he-il/ieak.msi) |[Hungarian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/hu-hu/ieak.msi) |[Italian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/it-it/ieak.msi) |
+|[Japanese](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ja-jp/ieak.msi) |[Korean](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ko-kr/ieak.msi) |[Polish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pl-pl/ieak.msi) |
+|[Portuguese (Brazil)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pt-br/ieak.msi) |[Portuguese (Portugal)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pt-pt/ieak.msi) |[Russian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ru-ru/ieak.msi) |
+|[Spanish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/es-es/ieak.msi) |[Swedish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/sv-se/ieak.msi) |[Turkish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/tr-tr/ieak.msi) |
+
+
+
+
+**Q. What are the different modes available for the Internet Explorer Customization Wizard?**
+The IEAK Customization Wizard displays pages based on your licensing mode selection, either **Internal** or **External**. For more information on IEAK Customization Wizard modes, see [Determine the licensing version and features to use in IEAK 11](../ie11-ieak/licensing-version-and-features-ieak11.md).
+
+The following table displays which pages are available in IEAK 11, based on the licensing mode:
+
+| **Wizard Pages** | **External** | **Internal** |
+|-------------------------------------------|--------------|--------------|
+| Welcome to the IEAK | Yes | Yes |
+| File Locations | Yes | Yes |
+| Platform Selection | Yes | Yes |
+| Language Selection | Yes | Yes |
+| Package Type Selection | Yes | Yes |
+| Feature Selection | Yes | Yes |
+| Automatic Version Synchronization | Yes | Yes |
+| Custom Components | Yes | Yes |
+| Corporate Install | No | Yes |
+| User Experience | No | Yes |
+| Browser User Interface | Yes | Yes |
+| Search Providers | Yes | Yes |
+| Important URLs - Home page and Support | Yes | Yes |
+| Accelerators | Yes | Yes |
+| Favorites, Favorites Bar, and Feeds | Yes | Yes |
+| Browsing Options | No | Yes |
+| First Run Wizard and Welcome Page Options | Yes | Yes |
+| Compatibility View | Yes | Yes |
+| Connection Manager | Yes | Yes |
+| Connection Settings | Yes | Yes |
+| Automatic Configuration | No | Yes |
+| Proxy Settings | Yes | Yes |
+| Security and Privacy Settings | No | Yes |
+| Add a Root Certificate | Yes | No |
+| Programs | Yes | Yes |
+| Additional Settings | No | Yes |
+| Wizard Complete | Yes | Yes |
+
+
+## Related topics
+- [Microsoft Edge - Deployment Guide for IT Pros](https://go.microsoft.com/fwlink/p/?LinkId=760643)
+- [Internet Explorer 11 (IE11) - Deployment Guide for IT Pros](../ie11-deploy-guide/index.md)
+- [Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide](../ie11-ieak/index.md)
diff --git a/browsers/internet-explorer/ie11-faq/faq-ie11-blocker-toolkit.md b/browsers/internet-explorer/ie11-faq/faq-ie11-blocker-toolkit.md
index 392e7cc26e..a4cb639bc5 100644
--- a/browsers/internet-explorer/ie11-faq/faq-ie11-blocker-toolkit.md
+++ b/browsers/internet-explorer/ie11-faq/faq-ie11-blocker-toolkit.md
@@ -1,120 +1,121 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: explore
-description: Get answers to commonly asked questions about the Internet Explorer 11 Blocker Toolkit.
-author: lomayor
-ms.author: lomayor
-ms.prod: ie11
-ms.assetid:
-ms.reviewer:
-audience: itpro
manager: dansimp
-title: Internet Explorer 11 Blocker Toolkit - Frequently Asked Questions
-ms.sitesec: library
-ms.date: 05/10/2018
----
-
-# Internet Explorer 11 Blocker Toolkit - Frequently Asked Questions
-
-Get answers to commonly asked questions about the Internet Explorer 11 Blocker Toolkit.
-
->[!Important]
->If you administer your company’s environment using an update management solution, such as Windows Server Update Services (WSUS) or System Center 2012 Configuration Manager, you don’t need to use the Internet Explorer 11 Blocker Toolkit. Update management solutions let you completely manage your Windows Updates and Microsoft Updates, including your Internet Explorer 11 deployment.
-
-- [Automatic updates delivery process](#automatic-updates-delivery-process)
-
-- [How the Internet Explorer 11 Blocker Toolkit works](#how-the-internet-explorer-11-blocker-toolkit-works)
-
-- [Internet Explorer 11 Blocker Toolkit and other update services](#internet-explorer-11-blocker-toolkit-and-other-update-services)
-
-## Automatic Updates delivery process
-
-
-**Q. Which users will receive Internet Explorer 11 as an important update?**
-A. Users running either Windows 7 with Service Pack 1 (SP1) or the 64-bit version of Windows Server 2008 R2 with Service Pack 1 (SP1) will receive Internet Explorer 11 as an important update, if Automatic Updates are turned on. Windows Update is manually run. Automatic Updates will automatically download and install the Internet Explorer 11 files if it’s turned on. For more information about how Internet Explorer works with Automatic Updates and information about other deployment blocking options, see [Internet Explorer 11 Delivery through automatic updates](../ie11-deploy-guide/ie11-delivery-through-automatic-updates.md).
-
-**Q. When is the Blocker Toolkit available?**
-A. The Blocker Toolkit is currently available from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=40722).
-
-**Q. What tools can I use to manage Windows Updates and Microsoft Updates in my company?**
-A. We encourage anyone who wants full control over their company’s deployment of Windows Updates and Microsoft Updates, to use [Windows Server Update Services (WSUS)](https://docs.microsoft.com/windows-server/administration/windows-server-update-services/get-started/windows-server-update-services-wsus), a free tool for users of Windows Server. You can also use the more advanced configuration management tool, [System Center 2012 Configuration Manager](https://technet.microsoft.com/library/gg682041.aspx).
-
-**Q. How long does the blocker mechanism work?**
-A. The Internet Explorer 11 Blocker Toolkit uses a registry key value to permanently turn off the automatic delivery of Internet Explorer 11. This behavior lasts as long as the registry key value isn’t removed or changed.
-
-**Q. Why should I use the Internet Explorer 11 Blocker Toolkit to stop delivery of Internet Explorer 11? Why can’t I just disable all of Automatic Updates?**
-A. Automatic Updates provide you with ongoing critical security and reliability updates. Turning this feature off can leave your computers more vulnerable. Instead, we suggest that you use an update management solution, such as WSUS, to fully control your environment while leaving this feature running, managing how and when the updates get to your user’s computers.
-
-The Internet Explorer 11 Blocker Toolkit safely allows Internet Explorer 11 to download and install in companies that can’t use WSUS, Configuration Manager, or
-other update management solution.
-
-**Q. Why don’t we just block URL access to Windows Update or Microsoft Update?**
-A. Blocking the Windows Update or Microsoft Update URLs also stops delivery of critical security and reliability updates for all of the supported versions of the Windows operating system; leaving your computers more vulnerable.
-
-## How the Internet Explorer 11 Blocker Toolkit works
-
-**Q. How should I test the Internet Explorer 11 Blocker Toolkit in my company?**
-A. Because the toolkit only sets a registry key to turn on and off the delivery of Internet Explorer 11, there should be no additional impact or side effects to your environment. No additional testing should be necessary.
-
-**Q. What’s the registry key used to block delivery of Internet Explorer 11?**
-A. HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Setup\\11.0
-
-**Q. What’s the registry key name and values?**
-The registry key name is **DoNotAllowIE11**, where:
-
-- A value of **1** turns off the automatic delivery of Internet Explorer 11 using Automatic Updates and turns off the Express install option.
-
-- Not providing a registry key, or using a value of anything other than **1**, lets the user install Internet Explorer 11 through Automatic Updates or a
- manual update.
-
-**Q. Does the Internet Explorer 11 Blocker Toolkit stop users from manually installing Internet Explorer 11?**
-A. No. The Internet Explorer 11 Blocker Toolkit only stops computers from automatically installing Internet Explorer 11 through Automatic Updates. Users can still download and install Internet Explorer 11 from the Microsoft Download Center or from external media.
-
-**Q. Does the Internet Explorer 11 Blocker Toolkit stop users from automatically upgrading to Internet Explorer 11?**
-A. Yes. The Internet Explorer 11 Blocker Toolkit also prevents Automatic Updates from automatically upgrading a computer from Internet Explorer 8, Internet Explorer 9, or Internet Explorer 10 to Internet Explorer 11.
-
-**Q. How does the provided script work?**
-A. The script accepts one of two command line options:
-
-- **Block:** Creates the registry key that stops Internet Explorer 11 from installing through Automatic Updates.
-
-- **Unblock:** Removes the registry key that stops Internet Explorer 11 from installing through Automatic Updates.
-
-**Q. What’s the ADM template file used for?**
-A. The Administrative Template (.adm file) lets you import the new Group Policy environment and use Group Policy Objects to centrally manage all of the computers in your company.
-
-**Q. Is the tool localized?**
-A. No. The tool isn’t localized, it’s only available in English (en-us). However, it does work, without any modifications, on any language edition of the supported operating systems.
-
-## Internet Explorer 11 Blocker Toolkit and other update services
-
-**Q: Is there a version of the Internet Explorer Blocker Toolkit that will prevent automatic installation of IE11?**
-Yes. The IE11 Blocker Toolkit is available for download. For more information, see [Toolkit to Disable Automatic Delivery of IE11](https://go.microsoft.com/fwlink/p/?LinkId=328195) on the Microsoft Download Center.
-
-**Q. Does the Internet Explorer 11 blocking mechanism also block delivery of Internet Explorer 11 through update management solutions, like WSUS?**
-A. No. You can still deploy Internet Explorer 11 using one of the upgrade management solutions, even if the blocking mechanism is activated. The Internet Explorer 11 Blocker Toolkit is only intended for companies that don’t use upgrade management solutions.
-
-**Q. If WSUS is set to 'auto-approve' Update Rollup packages (this is not the default configuration), how do I stop Internet Explorer 11 from automatically installing throughout my company?**
-A. You only need to change your settings if:
-
-- You use WSUS to manage updates and allow auto-approvals for Update Rollup installation.
-
- -and-
-
-- You have computers running either Windows 7 SP1 or Windows Server 2008 R2 (SP1) with Internet Explorer 8, Internet Explorer 9, or Internet Explorer 10 installed.
-
- -and-
-
-- You don’t want to upgrade your older versions of Internet Explorer to Internet Explorer 11 right now.
-
-If these scenarios apply to your company, see [Internet Explorer 11 delivery through automatic updates](../ie11-deploy-guide/ie11-delivery-through-automatic-updates.md) for more information on how to prevent automatic installation.
-
-
-## Additional resources
-
-- [Internet Explorer 11 Blocker Toolkit download](https://www.microsoft.com/download/details.aspx?id=40722)
-
-- [Internet Explorer 11 FAQ for IT pros](https://docs.microsoft.com/internet-explorer/ie11-faq/faq-for-it-pros-ie11)
-
-- [Internet Explorer 11 delivery through automatic updates](../ie11-deploy-guide/ie11-delivery-through-automatic-updates.md)
-
-- [Internet Explorer 11 deployment guide](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/index)
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: explore
+description: Get answers to commonly asked questions about the Internet Explorer 11 Blocker Toolkit.
+author: dansimp
+ms.author: dansimp
+ms.prod: ie11
+ms.assetid:
+ms.reviewer:
+audience: itpro
+manager: dansimp
+title: Internet Explorer 11 Blocker Toolkit - Frequently Asked Questions
+ms.sitesec: library
+ms.date: 05/10/2018
+---
+
+# Internet Explorer 11 Blocker Toolkit - Frequently Asked Questions
+
+Get answers to commonly asked questions about the Internet Explorer 11 Blocker Toolkit.
+
+>[!Important]
+>If you administer your company’s environment using an update management solution, such as Windows Server Update Services (WSUS) or System Center 2012 Configuration Manager, you don’t need to use the Internet Explorer 11 Blocker Toolkit. Update management solutions let you completely manage your Windows Updates and Microsoft Updates, including your Internet Explorer 11 deployment.
+
+- [Automatic updates delivery process](#automatic-updates-delivery-process)
+
+- [How the Internet Explorer 11 Blocker Toolkit works](#how-the-internet-explorer-11-blocker-toolkit-works)
+
+- [Internet Explorer 11 Blocker Toolkit and other update services](#internet-explorer-11-blocker-toolkit-and-other-update-services)
+
+## Automatic Updates delivery process
+
+
+**Q. Which users will receive Internet Explorer 11 as an important update?**
+A. Users running either Windows 7 with Service Pack 1 (SP1) or the 64-bit version of Windows Server 2008 R2 with Service Pack 1 (SP1) will receive Internet Explorer 11 as an important update, if Automatic Updates are turned on. Windows Update is manually run. Automatic Updates will automatically download and install the Internet Explorer 11 files if it’s turned on. For more information about how Internet Explorer works with Automatic Updates and information about other deployment blocking options, see [Internet Explorer 11 Delivery through automatic updates](../ie11-deploy-guide/ie11-delivery-through-automatic-updates.md).
+
+**Q. When is the Blocker Toolkit available?**
+A. The Blocker Toolkit is currently available from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=40722).
+
+**Q. What tools can I use to manage Windows Updates and Microsoft Updates in my company?**
+A. We encourage anyone who wants full control over their company’s deployment of Windows Updates and Microsoft Updates, to use [Windows Server Update Services (WSUS)](https://docs.microsoft.com/windows-server/administration/windows-server-update-services/get-started/windows-server-update-services-wsus), a free tool for users of Windows Server. You can also use the more advanced configuration management tool, [System Center 2012 Configuration Manager](https://technet.microsoft.com/library/gg682041.aspx).
+
+**Q. How long does the blocker mechanism work?**
+A. The Internet Explorer 11 Blocker Toolkit uses a registry key value to permanently turn off the automatic delivery of Internet Explorer 11. This behavior lasts as long as the registry key value isn’t removed or changed.
+
+**Q. Why should I use the Internet Explorer 11 Blocker Toolkit to stop delivery of Internet Explorer 11? Why can’t I just disable all of Automatic Updates?**
+A. Automatic Updates provide you with ongoing critical security and reliability updates. Turning this feature off can leave your computers more vulnerable. Instead, we suggest that you use an update management solution, such as WSUS, to fully control your environment while leaving this feature running, managing how and when the updates get to your user’s computers.
+
+The Internet Explorer 11 Blocker Toolkit safely allows Internet Explorer 11 to download and install in companies that can’t use WSUS, Configuration Manager, or
+other update management solution.
+
+**Q. Why don’t we just block URL access to Windows Update or Microsoft Update?**
+A. Blocking the Windows Update or Microsoft Update URLs also stops delivery of critical security and reliability updates for all of the supported versions of the Windows operating system; leaving your computers more vulnerable.
+
+## How the Internet Explorer 11 Blocker Toolkit works
+
+**Q. How should I test the Internet Explorer 11 Blocker Toolkit in my company?**
+A. Because the toolkit only sets a registry key to turn on and off the delivery of Internet Explorer 11, there should be no additional impact or side effects to your environment. No additional testing should be necessary.
+
+**Q. What’s the registry key used to block delivery of Internet Explorer 11?**
+A. HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Setup\\11.0
+
+**Q. What’s the registry key name and values?**
+The registry key name is **DoNotAllowIE11**, where:
+
+- A value of **1** turns off the automatic delivery of Internet Explorer 11 using Automatic Updates and turns off the Express install option.
+
+- Not providing a registry key, or using a value of anything other than **1**, lets the user install Internet Explorer 11 through Automatic Updates or a
+ manual update.
+
+**Q. Does the Internet Explorer 11 Blocker Toolkit stop users from manually installing Internet Explorer 11?**
+A. No. The Internet Explorer 11 Blocker Toolkit only stops computers from automatically installing Internet Explorer 11 through Automatic Updates. Users can still download and install Internet Explorer 11 from the Microsoft Download Center or from external media.
+
+**Q. Does the Internet Explorer 11 Blocker Toolkit stop users from automatically upgrading to Internet Explorer 11?**
+A. Yes. The Internet Explorer 11 Blocker Toolkit also prevents Automatic Updates from automatically upgrading a computer from Internet Explorer 8, Internet Explorer 9, or Internet Explorer 10 to Internet Explorer 11.
+
+**Q. How does the provided script work?**
+A. The script accepts one of two command line options:
+
+- **Block:** Creates the registry key that stops Internet Explorer 11 from installing through Automatic Updates.
+
+- **Unblock:** Removes the registry key that stops Internet Explorer 11 from installing through Automatic Updates.
+
+**Q. What’s the ADM template file used for?**
+A. The Administrative Template (.adm file) lets you import the new Group Policy environment and use Group Policy Objects to centrally manage all of the computers in your company.
+
+**Q. Is the tool localized?**
+A. No. The tool isn’t localized, it’s only available in English (en-us). However, it does work, without any modifications, on any language edition of the supported operating systems.
+
+## Internet Explorer 11 Blocker Toolkit and other update services
+
+**Q: Is there a version of the Internet Explorer Blocker Toolkit that will prevent automatic installation of IE11?**
+Yes. The IE11 Blocker Toolkit is available for download. For more information, see [Toolkit to Disable Automatic Delivery of IE11](https://go.microsoft.com/fwlink/p/?LinkId=328195) on the Microsoft Download Center.
+
+**Q. Does the Internet Explorer 11 blocking mechanism also block delivery of Internet Explorer 11 through update management solutions, like WSUS?**
+A. No. You can still deploy Internet Explorer 11 using one of the upgrade management solutions, even if the blocking mechanism is activated. The Internet Explorer 11 Blocker Toolkit is only intended for companies that don’t use upgrade management solutions.
+
+**Q. If WSUS is set to 'auto-approve' Update Rollup packages (this is not the default configuration), how do I stop Internet Explorer 11 from automatically installing throughout my company?**
+A. You only need to change your settings if:
+
+- You use WSUS to manage updates and allow auto-approvals for Update Rollup installation.
+
+ -and-
+
+- You have computers running either Windows 7 SP1 or Windows Server 2008 R2 (SP1) with Internet Explorer 8, Internet Explorer 9, or Internet Explorer 10 installed.
+
+ -and-
+
+- You don’t want to upgrade your older versions of Internet Explorer to Internet Explorer 11 right now.
+
+If these scenarios apply to your company, see [Internet Explorer 11 delivery through automatic updates](../ie11-deploy-guide/ie11-delivery-through-automatic-updates.md) for more information on how to prevent automatic installation.
+
+
+## Additional resources
+
+- [Internet Explorer 11 Blocker Toolkit download](https://www.microsoft.com/download/details.aspx?id=40722)
+
+- [Internet Explorer 11 FAQ for IT pros](https://docs.microsoft.com/internet-explorer/ie11-faq/faq-for-it-pros-ie11)
+
+- [Internet Explorer 11 delivery through automatic updates](../ie11-deploy-guide/ie11-delivery-through-automatic-updates.md)
+
+- [Internet Explorer 11 deployment guide](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/index)
diff --git a/browsers/internet-explorer/ie11-faq/faq-ieak11.md b/browsers/internet-explorer/ie11-faq/faq-ieak11.md
index 3af0ec2d32..8064c74737 100644
--- a/browsers/internet-explorer/ie11-faq/faq-ieak11.md
+++ b/browsers/internet-explorer/ie11-faq/faq-ieak11.md
@@ -1,120 +1,121 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: support
-ms.pagetype: security
-description: Internet Explorer Administration Kit (IEAK) helps corporations, Internet service providers (ISPs), Internet content providers (ICPs), and independent software vendors (ISVs) to deploy and manage web-based solutions.
-author: lomayor
-ms.author: lomayor
-ms.manager: elizapo
-ms.prod: ie11
-ms.assetid:
-ms.reviewer:
-audience: itpro
manager: dansimp
-title: IEAK 11 - Frequently Asked Questions
-ms.sitesec: library
-ms.date: 05/10/2018
----
-
-# IEAK 11 - Frequently Asked Questions
-
-Get answers to commonly asked questions about the Internet Explorer Administration Kit 11 (IEAK 11), and find links to additional material you might find helpful.
-
-**What is IEAK 11?**
-
-IEAK 11 enables you to customize, brand, and distribute customized Internet Explorer 11 browser packages across an organization. Download the kit from the [Internet Explorer Administration Kit (IEAK) information and downloads](../ie11-ieak/ieak-information-and-downloads.md).
-
-**What are the supported operating systems?**
-
-You can customize and install IEAK 11 on the following supported operating systems:
-
-- Windows 8
-
-- Windows Server 2012
-
-- Windows 7 Service Pack 1 (SP1)
-
-- Windows Server 2008 R2 Service Pack 1 (SP1)
-
->[!Note]
->IEAK 11 does not support building custom packages for Windows RT.
-
-
-**What can I customize with IEAK 11?**
-
-The IEAK 11 enables you to customize branding and settings for Internet Explorer 11. For PCs running Windows 7, the custom package also includes the Internet Explorer executable.
-
->[!Note]
->Internet Explorer 11 is preinstalled on PCs running Windows 8. Therefore, the executable is not included in the customized package.
-
-**Can IEAK 11 build custom Internet Explorer 11 packages in languages other than the language of the in-use IEAK 11 version?**
-Yes. You can use IEAK 11 to build custom Internet Explorer 11 packages in any of the supported 24 languages. You'll select the language for the custom package on the Language Selection page of the customization wizard.
-
->[!Note]
->IEAK 11 is available in 24 languages but can build customized Internet Explorer 11 packages in all languages of the supported operating systems. To download IEAK 11, see [Internet Explorer Administration Kit (IEAK) information and downloads](../ie11-ieak/ieak-information-and-downloads.md).
-
-**Q: Is there a version of the Internet Explorer Administration Kit (IEAK) supporting IE11?**
-Yes. The Internet Explorer Administration Kit 11 (IEAK 11) is available for download. IEAK 11 lets you create custom versions of IE11 for use in your organization. For more information, see the following resources:
-
-- [Internet Explorer Administration Kit Information and Downloads](https://go.microsoft.com/fwlink/p/?LinkId=214250) on the Internet Explorer TechCenter.
-
-- [Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide](../ie11-ieak/index.md)
-
-**What are the different modes available for the Internet Explorer Customization Wizard?**
-The IEAK Customization Wizard displays pages based on your licensing mode selection, either **Internal** or **External**. For more information on IEAK Customization Wizard modes, see [What IEAK can do for you](../ie11-ieak/what-ieak-can-do-for-you.md).
-
-The following table displays which pages are available in IEAK 11, based on the licensing mode:
-
-| **Wizard Pages** | **External** | **Internal** |
-|-------------------------------------------|--------------|--------------|
-| Welcome to the IEAK | Yes | Yes |
-| File Locations | Yes | Yes |
-| Platform Selection | Yes | Yes |
-| Language Selection | Yes | Yes |
-| Package Type Selection | Yes | Yes |
-| Feature Selection | Yes | Yes |
-| Automatic Version Synchronization | Yes | Yes |
-| Custom Components | Yes | Yes |
-| Corporate Install | No | Yes |
-| User Experience | No | Yes |
-| Browser User Interface | Yes | Yes |
-| Search Providers | Yes | Yes |
-| Important URLs - Home page and Support | Yes | Yes |
-| Accelerators | Yes | Yes |
-| Favorites, Favorites Bar, and Feeds | Yes | Yes |
-| Browsing Options | No | Yes |
-| First Run Wizard and Welcome Page Options | Yes | Yes |
-| Compatibility View | Yes | Yes |
-| Connection Manager | Yes | Yes |
-| Connection Settings | Yes | Yes |
-| Automatic Configuration | No | Yes |
-| Proxy Settings | Yes | Yes |
-| Security and Privacy Settings | No | Yes |
-| Add a Root Certificate | Yes | No |
-| Programs | Yes | Yes |
-| Additional Settings | No | Yes |
-| Wizard Complete | Yes | Yes |
-
-
-**Q. Can IEAK 11 build custom Internet Explorer 11 packages in languages other than the language of the in-use IEAK 11 version?**
-Yes. You can use IEAK 11 to build custom Internet Explorer 11 packages in any of the supported 24 languages. You'll select the language for the custom package on the Language Selection page of the customization wizard.
-
-IEAK 11 is available in 24 languages but can build customized Internet Explorer 11 packages in all languages of the supported operating systems. Select a language below and download IEAK 11 from the download center:
-
-| | | |
-|---------|---------|---------|
-|[English](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/en-us/ieak.msi) |[French](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/fr-fr/ieak.msi) |[Norwegian (Bokmål)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/nb-no/ieak.msi) |
-|[Arabic](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ar-sa/ieak.msi) |[Chinese (Simplified)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/zh-cn/ieak.msi) |[Chinese(Traditional)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/zh-tw/ieak.msi) |
-|[Czech](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/cs-cz/ieak.msi) |[Danish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/da-dk/ieak.msi) |[Dutch](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/nl-nl/ieak.msi) |
-|[Finnish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/fi-fi/ieak.msi) |[German](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/de-de/ieak.msi) |[Greek](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/el-gr/ieak.msi) |
-|[Hebrew](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/he-il/ieak.msi) |[Hungarian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/hu-hu/ieak.msi) |[Italian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/it-it/ieak.msi) |
-|[Japanese](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ja-jp/ieak.msi) |[Korean](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ko-kr/ieak.msi) |[Polish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pl-pl/ieak.msi) |
-|[Portuguese (Brazil)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pt-br/ieak.msi) |[Portuguese (Portugal)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pt-pt/ieak.msi) |[Russian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ru-ru/ieak.msi) |
-|[Spanish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/es-es/ieak.msi) |[Swedish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/sv-se/ieak.msi) |[Turkish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/tr-tr/ieak.msi) |
-
-
-## Additional resources
-
-[Download IEAK 11](https://technet.microsoft.com/microsoft-edge/bb219517)
-[IEAK 11 overview](https://technet.microsoft.com/microsoft-edge/dn532244)
-[IEAK 11 product documentation](https://docs.microsoft.com/internet-explorer/ie11-ieak/index)
-[IEAK 11 licensing guidelines](../ie11-ieak/licensing-version-and-features-ieak11.md)
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: support
+ms.pagetype: security
+description: Internet Explorer Administration Kit (IEAK) helps corporations, Internet service providers (ISPs), Internet content providers (ICPs), and independent software vendors (ISVs) to deploy and manage web-based solutions.
+author: dansimp
+ms.author: dansimp
+ms.manager: elizapo
+ms.prod: ie11
+ms.assetid:
+ms.reviewer:
+audience: itpro
+manager: dansimp
+title: IEAK 11 - Frequently Asked Questions
+ms.sitesec: library
+ms.date: 05/10/2018
+---
+
+# IEAK 11 - Frequently Asked Questions
+
+Get answers to commonly asked questions about the Internet Explorer Administration Kit 11 (IEAK 11), and find links to additional material you might find helpful.
+
+**What is IEAK 11?**
+
+IEAK 11 enables you to customize, brand, and distribute customized Internet Explorer 11 browser packages across an organization. Download the kit from the [Internet Explorer Administration Kit (IEAK) information and downloads](../ie11-ieak/ieak-information-and-downloads.md).
+
+**What are the supported operating systems?**
+
+You can customize and install IEAK 11 on the following supported operating systems:
+
+- Windows 8
+
+- Windows Server 2012
+
+- Windows 7 Service Pack 1 (SP1)
+
+- Windows Server 2008 R2 Service Pack 1 (SP1)
+
+>[!Note]
+>IEAK 11 does not support building custom packages for Windows RT.
+
+
+**What can I customize with IEAK 11?**
+
+The IEAK 11 enables you to customize branding and settings for Internet Explorer 11. For PCs running Windows 7, the custom package also includes the Internet Explorer executable.
+
+>[!Note]
+>Internet Explorer 11 is preinstalled on PCs running Windows 8. Therefore, the executable is not included in the customized package.
+
+**Can IEAK 11 build custom Internet Explorer 11 packages in languages other than the language of the in-use IEAK 11 version?**
+Yes. You can use IEAK 11 to build custom Internet Explorer 11 packages in any of the supported 24 languages. You'll select the language for the custom package on the Language Selection page of the customization wizard.
+
+>[!Note]
+>IEAK 11 is available in 24 languages but can build customized Internet Explorer 11 packages in all languages of the supported operating systems. To download IEAK 11, see [Internet Explorer Administration Kit (IEAK) information and downloads](../ie11-ieak/ieak-information-and-downloads.md).
+
+**Q: Is there a version of the Internet Explorer Administration Kit (IEAK) supporting IE11?**
+Yes. The Internet Explorer Administration Kit 11 (IEAK 11) is available for download. IEAK 11 lets you create custom versions of IE11 for use in your organization. For more information, see the following resources:
+
+- [Internet Explorer Administration Kit Information and Downloads](https://go.microsoft.com/fwlink/p/?LinkId=214250) on the Internet Explorer TechCenter.
+
+- [Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide](../ie11-ieak/index.md)
+
+**What are the different modes available for the Internet Explorer Customization Wizard?**
+The IEAK Customization Wizard displays pages based on your licensing mode selection, either **Internal** or **External**. For more information on IEAK Customization Wizard modes, see [What IEAK can do for you](../ie11-ieak/what-ieak-can-do-for-you.md).
+
+The following table displays which pages are available in IEAK 11, based on the licensing mode:
+
+| **Wizard Pages** | **External** | **Internal** |
+|-------------------------------------------|--------------|--------------|
+| Welcome to the IEAK | Yes | Yes |
+| File Locations | Yes | Yes |
+| Platform Selection | Yes | Yes |
+| Language Selection | Yes | Yes |
+| Package Type Selection | Yes | Yes |
+| Feature Selection | Yes | Yes |
+| Automatic Version Synchronization | Yes | Yes |
+| Custom Components | Yes | Yes |
+| Corporate Install | No | Yes |
+| User Experience | No | Yes |
+| Browser User Interface | Yes | Yes |
+| Search Providers | Yes | Yes |
+| Important URLs - Home page and Support | Yes | Yes |
+| Accelerators | Yes | Yes |
+| Favorites, Favorites Bar, and Feeds | Yes | Yes |
+| Browsing Options | No | Yes |
+| First Run Wizard and Welcome Page Options | Yes | Yes |
+| Compatibility View | Yes | Yes |
+| Connection Manager | Yes | Yes |
+| Connection Settings | Yes | Yes |
+| Automatic Configuration | No | Yes |
+| Proxy Settings | Yes | Yes |
+| Security and Privacy Settings | No | Yes |
+| Add a Root Certificate | Yes | No |
+| Programs | Yes | Yes |
+| Additional Settings | No | Yes |
+| Wizard Complete | Yes | Yes |
+
+
+**Q. Can IEAK 11 build custom Internet Explorer 11 packages in languages other than the language of the in-use IEAK 11 version?**
+Yes. You can use IEAK 11 to build custom Internet Explorer 11 packages in any of the supported 24 languages. You'll select the language for the custom package on the Language Selection page of the customization wizard.
+
+IEAK 11 is available in 24 languages but can build customized Internet Explorer 11 packages in all languages of the supported operating systems. Select a language below and download IEAK 11 from the download center:
+
+| | | |
+|---------|---------|---------|
+|[English](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/en-us/ieak.msi) |[French](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/fr-fr/ieak.msi) |[Norwegian (Bokmål)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/nb-no/ieak.msi) |
+|[Arabic](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ar-sa/ieak.msi) |[Chinese (Simplified)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/zh-cn/ieak.msi) |[Chinese(Traditional)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/zh-tw/ieak.msi) |
+|[Czech](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/cs-cz/ieak.msi) |[Danish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/da-dk/ieak.msi) |[Dutch](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/nl-nl/ieak.msi) |
+|[Finnish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/fi-fi/ieak.msi) |[German](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/de-de/ieak.msi) |[Greek](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/el-gr/ieak.msi) |
+|[Hebrew](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/he-il/ieak.msi) |[Hungarian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/hu-hu/ieak.msi) |[Italian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/it-it/ieak.msi) |
+|[Japanese](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ja-jp/ieak.msi) |[Korean](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ko-kr/ieak.msi) |[Polish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pl-pl/ieak.msi) |
+|[Portuguese (Brazil)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pt-br/ieak.msi) |[Portuguese (Portugal)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pt-pt/ieak.msi) |[Russian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ru-ru/ieak.msi) |
+|[Spanish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/es-es/ieak.msi) |[Swedish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/sv-se/ieak.msi) |[Turkish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/tr-tr/ieak.msi) |
+
+
+## Additional resources
+
+[Download IEAK 11](https://technet.microsoft.com/microsoft-edge/bb219517)
+[IEAK 11 overview](https://technet.microsoft.com/microsoft-edge/dn532244)
+[IEAK 11 product documentation](https://docs.microsoft.com/internet-explorer/ie11-ieak/index)
+[IEAK 11 licensing guidelines](../ie11-ieak/licensing-version-and-features-ieak11.md)
diff --git a/browsers/internet-explorer/ie11-ieak/accelerators-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/accelerators-ieak11-wizard.md
index 2927489c83..b211933353 100644
--- a/browsers/internet-explorer/ie11-ieak/accelerators-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/accelerators-ieak11-wizard.md
@@ -1,45 +1,46 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Accelerators page in the IEAK 11 Customization Wizard to add accelerators to employee devices.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 208305ad-1bcd-42f3-aca3-0ad1dda7048b
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Accelerators page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Accelerators page in the IEAK 11 Wizard
-The **Accelerators** page of the Internet Explorer Administration Kit (IEAK 11) Customization Wizard lets you add accelerators to your employee computers. Accelerators are contextual menu options that can quickly get to a web service from any webpage. For example, an accelerator can look up a highlighted word in the dictionary or a selected location on a map.
-
-**Note**
-The customizations you make on this page apply only to Internet Explorer for the desktop.
-
- **To use the Accelerators page**
-
-1. Click **Import** to automatically import your existing accelerators from your current version of IE into this list.
-
-2. Click **Add** to add more accelerators.
-The **Add Accelerator** box appears.
-
-3. Use the **Browse** button to go to your custom accelerator XML file.
-
-4. Check the **Set this Accelerator as the default for the category** box if you want this accelerator to be the default value that shows up for the category.
-
-5. Click **Edit** to change your accelerator information, click **Set Default** to make an accelerator the default value for a category, or **Remove** to delete an accelerator.
-
-6. Click **Next** to go to the [Favorites, Favorites Bar, and Feeds](favorites-favoritesbar-and-feeds-ieak11-wizard.md) page or **Back** to go to the [Important URLs - Home Page and Support](important-urls-home-page-and-support-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Accelerators page in the IEAK 11 Customization Wizard to add accelerators to employee devices.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 208305ad-1bcd-42f3-aca3-0ad1dda7048b
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Accelerators page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Accelerators page in the IEAK 11 Wizard
+The **Accelerators** page of the Internet Explorer Administration Kit (IEAK 11) Customization Wizard lets you add accelerators to your employee computers. Accelerators are contextual menu options that can quickly get to a web service from any webpage. For example, an accelerator can look up a highlighted word in the dictionary or a selected location on a map.
+
+**Note**
+The customizations you make on this page apply only to Internet Explorer for the desktop.
+
+ **To use the Accelerators page**
+
+1. Click **Import** to automatically import your existing accelerators from your current version of IE into this list.
+
+2. Click **Add** to add more accelerators.
+The **Add Accelerator** box appears.
+
+3. Use the **Browse** button to go to your custom accelerator XML file.
+
+4. Check the **Set this Accelerator as the default for the category** box if you want this accelerator to be the default value that shows up for the category.
+
+5. Click **Edit** to change your accelerator information, click **Set Default** to make an accelerator the default value for a category, or **Remove** to delete an accelerator.
+
+6. Click **Next** to go to the [Favorites, Favorites Bar, and Feeds](favorites-favoritesbar-and-feeds-ieak11-wizard.md) page or **Back** to go to the [Important URLs - Home Page and Support](important-urls-home-page-and-support-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/add-and-approve-activex-controls-ieak11.md b/browsers/internet-explorer/ie11-ieak/add-and-approve-activex-controls-ieak11.md
index a0d56ae1d9..7e89dab65d 100644
--- a/browsers/internet-explorer/ie11-ieak/add-and-approve-activex-controls-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/add-and-approve-activex-controls-ieak11.md
@@ -1,52 +1,53 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use IEAK 11 to add and approve ActiveX controls for your organization.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 33040bd1-f0e4-4541-9fbb-16e0c76752ab
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Add and approve ActiveX controls using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Add and approve ActiveX controls using IEAK 11
-There are two main approaches to how you can control the use of ActiveX controls in your company. For more info about ActiveX controls, including how to manage the controls using Group Policy, see [Group Policy and ActiveX installation](../ie11-deploy-guide/activex-installation-using-group-policy.md) in the [Internet Explorer 11 (IE11) - Deployment Guide for IT Pros](../ie11-deploy-guide/index.md).
-
-**Note**
-ActiveX controls are supported in Internet Explorer for the desktop for Windows 7 and Windows 8.1. They are not supported on the immersive version of Internet Explorer for Windows 8.1.
-
-## Scenario 1: Limited Internet-only use of ActiveX controls
-While you might not care about your employees using ActiveX controls while on your intranet sites, you probably do want to limit ActiveX usage while your employee is on the Internet. By specifying and pre-approving a set of generic controls for use on the Internet, you’re able to let your employees use the Internet, but you can still limit your company’s exposure to potentially hazardous, non-approved ActiveX controls.
-
-For example, your employees need to access an important Internet site, such as for a business partner or service provider, but there are ActiveX controls on their page. To make sure the site is accessible and functions the way it should, you can visit the site to review the controls, adding them as new entries to your `\Windows\Downloaded Program Files` folder. Then, as part of your browser package, you can enable and approve these ActiveX controls to run on this specific site; while all additional controls are blocked.
-
-**To add and approve ActiveX controls**
-
-1. In IE, click **Tools**, and then **Internet Options**.
-
-2. On the **Security** tab, click the zone that needs to change, and click **Custom Level**.
-
-3. Go to **Run ActiveX controls and plug-ins**, and then click **Administrator approved**.
-
-4. Repeat the last two steps until you have configured all the zones you want.
-
-5. When you run the IEAK 11 Customization Wizard to create a custom package, you'll use the [Additional Settings](additional-settings-ieak11-wizard.md) page, clicking each folder to expand its contents. Then select the check boxes for the controls you want to approve.
-
-## Scenario 2: Restricted use of ActiveX controls
-You can get a higher degree of management over ActiveX controls by listing each of them out and then allowing the browser to use only that set of controls. The biggest challenge to using this method is the extra effort you need to put into figuring out all of the controls, and then actually listing them out. Because of that, we only recommend this approach if your complete set of controls is relatively small.
-
-After you decide which controls you want to allow, you can specify them as approved by zone, using the process described in the first scenario.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use IEAK 11 to add and approve ActiveX controls for your organization.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 33040bd1-f0e4-4541-9fbb-16e0c76752ab
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Add and approve ActiveX controls using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Add and approve ActiveX controls using IEAK 11
+There are two main approaches to how you can control the use of ActiveX controls in your company. For more info about ActiveX controls, including how to manage the controls using Group Policy, see [Group Policy and ActiveX installation](../ie11-deploy-guide/activex-installation-using-group-policy.md) in the [Internet Explorer 11 (IE11) - Deployment Guide for IT Pros](../ie11-deploy-guide/index.md).
+
+**Note**
+ActiveX controls are supported in Internet Explorer for the desktop for Windows 7 and Windows 8.1. They are not supported on the immersive version of Internet Explorer for Windows 8.1.
+
+## Scenario 1: Limited Internet-only use of ActiveX controls
+While you might not care about your employees using ActiveX controls while on your intranet sites, you probably do want to limit ActiveX usage while your employee is on the Internet. By specifying and pre-approving a set of generic controls for use on the Internet, you’re able to let your employees use the Internet, but you can still limit your company’s exposure to potentially hazardous, non-approved ActiveX controls.
+
+For example, your employees need to access an important Internet site, such as for a business partner or service provider, but there are ActiveX controls on their page. To make sure the site is accessible and functions the way it should, you can visit the site to review the controls, adding them as new entries to your `\Windows\Downloaded Program Files` folder. Then, as part of your browser package, you can enable and approve these ActiveX controls to run on this specific site; while all additional controls are blocked.
+
+**To add and approve ActiveX controls**
+
+1. In IE, click **Tools**, and then **Internet Options**.
+
+2. On the **Security** tab, click the zone that needs to change, and click **Custom Level**.
+
+3. Go to **Run ActiveX controls and plug-ins**, and then click **Administrator approved**.
+
+4. Repeat the last two steps until you have configured all the zones you want.
+
+5. When you run the IEAK 11 Customization Wizard to create a custom package, you'll use the [Additional Settings](additional-settings-ieak11-wizard.md) page, clicking each folder to expand its contents. Then select the check boxes for the controls you want to approve.
+
+## Scenario 2: Restricted use of ActiveX controls
+You can get a higher degree of management over ActiveX controls by listing each of them out and then allowing the browser to use only that set of controls. The biggest challenge to using this method is the extra effort you need to put into figuring out all of the controls, and then actually listing them out. Because of that, we only recommend this approach if your complete set of controls is relatively small.
+
+After you decide which controls you want to allow, you can specify them as approved by zone, using the process described in the first scenario.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/add-root-certificate-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/add-root-certificate-ieak11-wizard.md
index 72e79f106f..eae4f678e5 100644
--- a/browsers/internet-explorer/ie11-ieak/add-root-certificate-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/add-root-certificate-ieak11-wizard.md
@@ -1,29 +1,30 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: We’re sorry. While we continue to recommend that you digitally sign your package, we’ve removed all of the functionality that allowed you to add a root certificate using the Internet Explorer Customization Wizard 11. The wizard page itself will be removed in a future version of the IEAK.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 7ae4e747-49d2-4551-8790-46a61b5fe838
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Add a Root Certificate page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Add a Root Certificate page in the IEAK 11 Wizard
-We’re sorry. While we continue to recommend that you digitally sign your package, we’ve removed all of the functionality that allowed you to add a root certificate using the Internet Explorer Customization Wizard 11. The wizard page itself will be removed in a future version of the IEAK.
-
-Click **Next** to go to the [Programs](programs-ieak11-wizard.md) page or **Back** to go to the [Security and Privacy Settings](security-and-privacy-settings-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: We’re sorry. While we continue to recommend that you digitally sign your package, we’ve removed all of the functionality that allowed you to add a root certificate using the Internet Explorer Customization Wizard 11. The wizard page itself will be removed in a future version of the IEAK.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 7ae4e747-49d2-4551-8790-46a61b5fe838
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Add a Root Certificate page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Add a Root Certificate page in the IEAK 11 Wizard
+We’re sorry. While we continue to recommend that you digitally sign your package, we’ve removed all of the functionality that allowed you to add a root certificate using the Internet Explorer Customization Wizard 11. The wizard page itself will be removed in a future version of the IEAK.
+
+Click **Next** to go to the [Programs](programs-ieak11-wizard.md) page or **Back** to go to the [Security and Privacy Settings](security-and-privacy-settings-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/additional-settings-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/additional-settings-ieak11-wizard.md
index 2a15fe18e9..60be35bc0d 100644
--- a/browsers/internet-explorer/ie11-ieak/additional-settings-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/additional-settings-ieak11-wizard.md
@@ -1,41 +1,42 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Additional Settings page in IEAK 11 Customization Wizard for additional settings that relate to your employee’s desktop, operating system, and security.
-author: lomayor
-ms.prod: ie11
-ms.assetid: c90054af-7b7f-4b00-b55b-5e5569f65f25
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Additional Settings page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Additional Settings page in the IEAK 11 Wizard
-The **Additional Settings** page of the Internet Explorer Administration Kit (IEAK 11) Customization Wizard lets you pick additional custom, corporate, and Internet settings that relate to your employee’s desktop, operating system, and security. If you don’t change a setting, it’ll be ignored.
-
-The additional settings appear in administration (.adm) files that are stored in your `:\Program Files\Windows IEAK 11\policies` folder. You can also create your own .adm files with options that can be configured using the wizard. Any edits you make to your own .adm file are stored as .ins files, which are used to build the .inf files for your custom install package.
-
-You can store your user settings in a central location so your employees that log on from computer to computer can use them. For example if you have an employee that requires low security using a computer that’s typically operated by someone that needs more restrictive permissions.
-
-You’ll only see this page if you are running the **Internal** version of the IE Customization Wizard 11.
-
-**To use the Additional Settings page**
-
-1. Double-click **Custom Settings**, **Corporate Settings**, or **Internet Settings**, and review the included policy or restriction settings.
-
-2. Pick the setting you want to change, and then update its details.
-
-3. Click **Next** to go to the [Wizard Complete-Next Steps](wizard-complete-ieak11-wizard.md) page or **Back** to go to the [Programs](programs-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Additional Settings page in IEAK 11 Customization Wizard for additional settings that relate to your employee’s desktop, operating system, and security.
+author: dansimp
+ms.prod: ie11
+ms.assetid: c90054af-7b7f-4b00-b55b-5e5569f65f25
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Additional Settings page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Additional Settings page in the IEAK 11 Wizard
+The **Additional Settings** page of the Internet Explorer Administration Kit (IEAK 11) Customization Wizard lets you pick additional custom, corporate, and Internet settings that relate to your employee’s desktop, operating system, and security. If you don’t change a setting, it’ll be ignored.
+
+The additional settings appear in administration (.adm) files that are stored in your `:\Program Files\Windows IEAK 11\policies` folder. You can also create your own .adm files with options that can be configured using the wizard. Any edits you make to your own .adm file are stored as .ins files, which are used to build the .inf files for your custom install package.
+
+You can store your user settings in a central location so your employees that log on from computer to computer can use them. For example if you have an employee that requires low security using a computer that’s typically operated by someone that needs more restrictive permissions.
+
+You’ll only see this page if you are running the **Internal** version of the IE Customization Wizard 11.
+
+**To use the Additional Settings page**
+
+1. Double-click **Custom Settings**, **Corporate Settings**, or **Internet Settings**, and review the included policy or restriction settings.
+
+2. Pick the setting you want to change, and then update its details.
+
+3. Click **Next** to go to the [Wizard Complete-Next Steps](wizard-complete-ieak11-wizard.md) page or **Back** to go to the [Programs](programs-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/auto-config-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/auto-config-ieak11-wizard.md
index 5c77b9bc67..d3883b39ca 100644
--- a/browsers/internet-explorer/ie11-ieak/auto-config-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/auto-config-ieak11-wizard.md
@@ -1,59 +1,60 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Automatic Configuration page in the IEAK 11 Customization Wizard to add URLs to auto-configure IE.
-author: lomayor
-ms.prod: ie11
-ms.assetid: de5b1dbf-6e4d-4f86-ae08-932f14e606b0
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Automatic Configuration page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Automatic Configuration page in the IEAK 11 Wizard
-The **Automatic Configuration** page of the Internet Explorer Administration Kit (IEAK 11) Customization Wizard lets you provide URLs to the files that’ll automatically configure Internet Explorer 11 for a group of employees or devices.
-
-**Note**
-This page only appears if you’re using the **Internal** version of the wizard.
-
-You can set your proxy settings using Internet setting (.ins) files. You can also configure and maintain your advanced proxy settings using JScript (.js), JavaScript (.jvs), or proxy auto-configuration (.pac) script files. When you provide an auto-proxy script, IE dynamically determines whether to connect directly to a host or to use a proxy server.
-
-You can use the Domain Name System (DNS) and the Dynamic Host Configuration Protocol (DHCP) naming systems to detect and change a browser’s settings automatically when the employee first starts IE on the network. For more info, see [Set up auto detection for DHCP or DNS servers using IEAK 11](auto-detection-dhcp-or-dns-servers-ieak11.md), or refer to the product documentation for your DNS and DHCP software packages.
-
-**To check the existing settings on your employee’s devices**
-
-1. Open IE, click **Tools**, click **Internet Options**, and then click the **Connections** tab.
-
-2. Click **LAN Settings** and make sure that the **Use automatic configuration script** box is selected, confirming the path and name of the file in the **Address** box.
-
-**To use the Automatic Configuration page**
-
-1. Check the **Automatically detect configuration settings** box to automatically detect browser settings.
-
-2. Check the **Enable Automatic Configuration** box if you plan to automatically change your IE settings after deployment, using configuration files. You can then:
-
- - Type the length of time (in minutes) for how often settings are to be applied in your company. Putting zero (**0**), or nothing, in this box will cause automatic configuration to only happen when the computer’s restarted.
-
- - Type the location to your .ins file. You can edit this file directly to make any necessary changes.
-
- The updates will take effect the next time your employee starts IE, or during your next scheduled update.
-
- - Type the location to your automatic proxy script file.
-
- **Note**
- If you specify URLs for both auto-config and auto-proxy, the auto-proxy URL will be incorporated into the .ins file. The correct form for the URL is `https://share/test.ins`.
-
-3. Click **Next** to go to the [Proxy Settings](proxy-settings-ieak11-wizard.md) page or **Back** to go to the [Connection Settings](connection-settings-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Automatic Configuration page in the IEAK 11 Customization Wizard to add URLs to auto-configure IE.
+author: dansimp
+ms.prod: ie11
+ms.assetid: de5b1dbf-6e4d-4f86-ae08-932f14e606b0
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Automatic Configuration page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Automatic Configuration page in the IEAK 11 Wizard
+The **Automatic Configuration** page of the Internet Explorer Administration Kit (IEAK 11) Customization Wizard lets you provide URLs to the files that’ll automatically configure Internet Explorer 11 for a group of employees or devices.
+
+**Note**
+This page only appears if you’re using the **Internal** version of the wizard.
+
+You can set your proxy settings using Internet setting (.ins) files. You can also configure and maintain your advanced proxy settings using JScript (.js), JavaScript (.jvs), or proxy auto-configuration (.pac) script files. When you provide an auto-proxy script, IE dynamically determines whether to connect directly to a host or to use a proxy server.
+
+You can use the Domain Name System (DNS) and the Dynamic Host Configuration Protocol (DHCP) naming systems to detect and change a browser’s settings automatically when the employee first starts IE on the network. For more info, see [Set up auto detection for DHCP or DNS servers using IEAK 11](auto-detection-dhcp-or-dns-servers-ieak11.md), or refer to the product documentation for your DNS and DHCP software packages.
+
+**To check the existing settings on your employee’s devices**
+
+1. Open IE, click **Tools**, click **Internet Options**, and then click the **Connections** tab.
+
+2. Click **LAN Settings** and make sure that the **Use automatic configuration script** box is selected, confirming the path and name of the file in the **Address** box.
+
+**To use the Automatic Configuration page**
+
+1. Check the **Automatically detect configuration settings** box to automatically detect browser settings.
+
+2. Check the **Enable Automatic Configuration** box if you plan to automatically change your IE settings after deployment, using configuration files. You can then:
+
+ - Type the length of time (in minutes) for how often settings are to be applied in your company. Putting zero (**0**), or nothing, in this box will cause automatic configuration to only happen when the computer’s restarted.
+
+ - Type the location to your .ins file. You can edit this file directly to make any necessary changes.
+
+ The updates will take effect the next time your employee starts IE, or during your next scheduled update.
+
+ - Type the location to your automatic proxy script file.
+
+ **Note**
+ If you specify URLs for both auto-config and auto-proxy, the auto-proxy URL will be incorporated into the .ins file. The correct form for the URL is `https://share/test.ins`.
+
+3. Click **Next** to go to the [Proxy Settings](proxy-settings-ieak11-wizard.md) page or **Back** to go to the [Connection Settings](connection-settings-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md b/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md
index e858e5228b..1a46247c5c 100644
--- a/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md
@@ -1,62 +1,63 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to set up automatic detection for DHCP or DNS servers using IEAK 11 in your organization.
-author: lomayor
-ms.prod: ie11
-ms.assetid: c6bfe7c4-f452-406f-b47e-b7f0d8c44ae1
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Set up auto detection for DHCP or DNS servers using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Set up auto detection for DHCP or DNS servers using IEAK 11
-Set up your network to automatically detect and customize Internet Explorer 11 when it’s first started. Automatic detection is supported on both Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS), letting your servers detect and set up your employee’s browser settings from a central location, using a configuration URL (.ins file) or a JavaScript proxy configuration file (.js, .jvs, or .pac).
-
-Before you can set up your environment to use automatic detection, you need to turn the feature on.
-
-**To turn on the automatic detection feature**
-
-- Open Internet Explorer Administration Kit 11 (IEAK 11), run the IE Customization Wizard 11 and on the **Automatic Configuration** page, check **Automatically detect configuration settings**. For more information, see [Use the Automatic Configuration page in the IEAK 11 Wizard](auto-config-ieak11-wizard.md).
-
-## Automatic detection on DHCP and DNS servers
-Automatic detection works even if the browser wasn't originally set up or installed by the administrator.
-
-- **Using DHCP servers:** For local area network (LAN)-based users. This server type lets you specify your global and subnet TCP/IP parameters centrally, defining your users' parameters by using reserved addresses. By doing it this way, a computer can move between subnets, automatically reconfiguring for TCP/IP when it starts.
- Note
- Your DHCP servers must support the DHCPINFORM message, to obtain the DHCP options.
-
-- **Using DNS servers:** For users on dial-up connections. This server type uses a set of protocols and services on a TCP/IP network, which lets users search for other computers by using hierarchical, user-friendly names (hosts), instead of numeric IP addresses. To use this, you have to set up either the host record or the CNAME alias record in the DNS database file.
-
Note
- DHCP has a higher priority than DNS for automatic configuration. If DHCP provides the URL to a .pac, .jvs, .js, or .ins configuration file, the process stops and the DNS lookup doesn't happen.
-
-**To set up automatic detection for DHCP servers**
-
-- Open the [DHCP Administrative Tool](https://go.microsoft.com/fwlink/p/?LinkId=302212), create a new option type, using the code number 252, and then associate it with the URL to your configuration file. For detailed instructions about how to do this, see [Create an option 252 entry in DHCP](https://go.microsoft.com/fwlink/p/?LinkId=294649).
-
- **Examples:**
- `https://www.microsoft.com/webproxy.pac`
- `https://marketing/config.ins`
- `https://123.4.567.8/account.pac`
- For more detailed info about how to set up your DHCP server, see your server documentation.
-
-**To set up automatic detection for DNS servers**
-
-1. In your DNS database file, the file that’s used to associate your host (computer) names to static IP addresses in a zone, you need to create a host record named, **WPAD**. This record contains entries for all of the hosts that require static mappings, such as workstations, name servers, and mail servers. It also has the IP address to the web server storing your automatic configuration (.js, .jvs, .pac, or .ins) file.
The syntax is:
- ` IN A `
- `corserv IN A 192.55.200.143`
- `nameserver2 IN A 192.55.200.2`
- `mailserver1 IN A 192.55.200.51`
- -OR-
- Create a canonical name (CNAME) alias record, named WPAD. This record lets you use more than one name to point to a single host, letting you host both an FTP server and a web server on the same computer. It also includes the resolved name (not the IP address) of the server storing your automatic configuration (.pac) file.
- Note
For more info about creating a WPAD entry, see Creating a WPAD entry in DNS.
-
-2. After the database file propagates to the server, the DNS name, `wpad..com` resolves to the server name that includes your automatic configuration file.
-
-**Note**
-IE11 creates a default URL template based on the host name,**wpad**. For example, `https://wpad..com/wpad.dat`. Because of this, you need to set up a file or redirection point in your web server **WPAD** record, named **wpad.dat**. The **wpad.dat** record delivers the contents of your automatic configuration file.
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to set up automatic detection for DHCP or DNS servers using IEAK 11 in your organization.
+author: dansimp
+ms.prod: ie11
+ms.assetid: c6bfe7c4-f452-406f-b47e-b7f0d8c44ae1
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Set up auto detection for DHCP or DNS servers using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Set up auto detection for DHCP or DNS servers using IEAK 11
+Set up your network to automatically detect and customize Internet Explorer 11 when it’s first started. Automatic detection is supported on both Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS), letting your servers detect and set up your employee’s browser settings from a central location, using a configuration URL (.ins file) or a JavaScript proxy configuration file (.js, .jvs, or .pac).
+
+Before you can set up your environment to use automatic detection, you need to turn the feature on.
+
+**To turn on the automatic detection feature**
+
+- Open Internet Explorer Administration Kit 11 (IEAK 11), run the IE Customization Wizard 11 and on the **Automatic Configuration** page, check **Automatically detect configuration settings**. For more information, see [Use the Automatic Configuration page in the IEAK 11 Wizard](auto-config-ieak11-wizard.md).
+
+## Automatic detection on DHCP and DNS servers
+Automatic detection works even if the browser wasn't originally set up or installed by the administrator.
+
+- **Using DHCP servers:** For local area network (LAN)-based users. This server type lets you specify your global and subnet TCP/IP parameters centrally, defining your users' parameters by using reserved addresses. By doing it this way, a computer can move between subnets, automatically reconfiguring for TCP/IP when it starts.
+ Note
+ Your DHCP servers must support the DHCPINFORM message, to obtain the DHCP options.
+
+- **Using DNS servers:** For users on dial-up connections. This server type uses a set of protocols and services on a TCP/IP network, which lets users search for other computers by using hierarchical, user-friendly names (hosts), instead of numeric IP addresses. To use this, you have to set up either the host record or the CNAME alias record in the DNS database file.
+
Note
+ DHCP has a higher priority than DNS for automatic configuration. If DHCP provides the URL to a .pac, .jvs, .js, or .ins configuration file, the process stops and the DNS lookup doesn't happen.
+
+**To set up automatic detection for DHCP servers**
+
+- Open the [DHCP Administrative Tool](https://go.microsoft.com/fwlink/p/?LinkId=302212), create a new option type, using the code number 252, and then associate it with the URL to your configuration file. For detailed instructions about how to do this, see [Create an option 252 entry in DHCP](https://go.microsoft.com/fwlink/p/?LinkId=294649).
+
+ **Examples:**
+ `https://www.microsoft.com/webproxy.pac`
+ `https://marketing/config.ins`
+ `https://123.4.567.8/account.pac`
+ For more detailed info about how to set up your DHCP server, see your server documentation.
+
+**To set up automatic detection for DNS servers**
+
+1. In your DNS database file, the file that’s used to associate your host (computer) names to static IP addresses in a zone, you need to create a host record named, **WPAD**. This record contains entries for all of the hosts that require static mappings, such as workstations, name servers, and mail servers. It also has the IP address to the web server storing your automatic configuration (.js, .jvs, .pac, or .ins) file.
The syntax is:
+ ` IN A `
+ `corserv IN A 192.55.200.143`
+ `nameserver2 IN A 192.55.200.2`
+ `mailserver1 IN A 192.55.200.51`
+ -OR-
+ Create a canonical name (CNAME) alias record, named WPAD. This record lets you use more than one name to point to a single host, letting you host both an FTP server and a web server on the same computer. It also includes the resolved name (not the IP address) of the server storing your automatic configuration (.pac) file.
+ Note
For more info about creating a WPAD entry, see Creating a WPAD entry in DNS.
+
+2. After the database file propagates to the server, the DNS name, `wpad..com` resolves to the server name that includes your automatic configuration file.
+
+**Note**
+IE11 creates a default URL template based on the host name,**wpad**. For example, `https://wpad..com/wpad.dat`. Because of this, you need to set up a file or redirection point in your web server **WPAD** record, named **wpad.dat**. The **wpad.dat** record delivers the contents of your automatic configuration file.
+
diff --git a/browsers/internet-explorer/ie11-ieak/auto-version-sync-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/auto-version-sync-ieak11-wizard.md
index 9a3f704cf0..c317a46e0e 100644
--- a/browsers/internet-explorer/ie11-ieak/auto-version-sync-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/auto-version-sync-ieak11-wizard.md
@@ -1,48 +1,49 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Automatic Version Synchronization page in the IEAK 11 Customization Wizard to download the IE11 Setup file each time you run the Wizard.
-author: lomayor
-ms.prod: ie11
-ms.assetid: bfc7685f-843b-49c3-8b9b-07e69705840c
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Automatic Version Synchronization page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Automatic Version Synchronization page in the IEAK 11 Wizard
-The **Automatic Version Synchronization** page of the Internet Explorer Customization Wizard 11 runs the synchronization process every time you run the wizard, downloading the Internet Explorer 11 Setup file to your computer. The Setup file includes the required full and express packages.
-
-**Important**
-You must run the **Automatic Version Synchronization** page once for each operating system and language combination of IE.
-
-The **Automatic Version Synchronization** page tells you:
-
-- **Version available on your machine**. The version of IE11 that’s running on the computer that’s also running the IE Customization Wizard 11.
-
-- **Latest version available on web**. The most recently released version of the IE Customization Wizard 11. To get this value, the wizard compares the version of IE on your computer to the latest version of IE on the **Downloads** site. If the versions are different, you’ll be asked to update your version of IE.
-
-- **Disk space required**. The amount of space on your hard drive needed to update the browser.
-
-- **Disk space available**. The amount of hard drive space available on the computer that’s running the IE Customization Wizard 11.
-
-
-**To use the Automatic Version Synchronization page**
-
-1. Click **Synchronize**.
-You might receive a security warning before downloading your Setup file, asking if you want to continue. Click **Run** to continue.
-
-2. Click **Next** to go to the [Custom Components](custom-components-ieak11-wizard.md) page or **Back** to go to the [Feature Selection](feature-selection-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Automatic Version Synchronization page in the IEAK 11 Customization Wizard to download the IE11 Setup file each time you run the Wizard.
+author: dansimp
+ms.prod: ie11
+ms.assetid: bfc7685f-843b-49c3-8b9b-07e69705840c
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Automatic Version Synchronization page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Automatic Version Synchronization page in the IEAK 11 Wizard
+The **Automatic Version Synchronization** page of the Internet Explorer Customization Wizard 11 runs the synchronization process every time you run the wizard, downloading the Internet Explorer 11 Setup file to your computer. The Setup file includes the required full and express packages.
+
+**Important**
+You must run the **Automatic Version Synchronization** page once for each operating system and language combination of IE.
+
+The **Automatic Version Synchronization** page tells you:
+
+- **Version available on your machine**. The version of IE11 that’s running on the computer that’s also running the IE Customization Wizard 11.
+
+- **Latest version available on web**. The most recently released version of the IE Customization Wizard 11. To get this value, the wizard compares the version of IE on your computer to the latest version of IE on the **Downloads** site. If the versions are different, you’ll be asked to update your version of IE.
+
+- **Disk space required**. The amount of space on your hard drive needed to update the browser.
+
+- **Disk space available**. The amount of hard drive space available on the computer that’s running the IE Customization Wizard 11.
+
+
+**To use the Automatic Version Synchronization page**
+
+1. Click **Synchronize**.
+You might receive a security warning before downloading your Setup file, asking if you want to continue. Click **Run** to continue.
+
+2. Click **Next** to go to the [Custom Components](custom-components-ieak11-wizard.md) page or **Back** to go to the [Feature Selection](feature-selection-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/before-you-create-custom-pkgs-ieak11.md b/browsers/internet-explorer/ie11-ieak/before-you-create-custom-pkgs-ieak11.md
index 9bea8f5c1c..3508c186af 100644
--- a/browsers/internet-explorer/ie11-ieak/before-you-create-custom-pkgs-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/before-you-create-custom-pkgs-ieak11.md
@@ -1,39 +1,40 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: plan
-description: A list of steps to follow before you start to create your custom browser installation packages.
-author: lomayor
-ms.author: lomayor
-ms.manager: elizapo
-ms.prod: ie11
-ms.assetid: 6ed182b0-46cb-4865-9563-70825be9a5e4
-ms.reviewer:
-audience: itpro
manager: dansimp
-title: Before you start using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 04/24/2018
----
-
-
-# Before you start using IEAK 11
-
-Before you run IEAK 11 and the Customization Wizard, make sure you have met the following requirements:
-
-- Have you determined which licensing version of the Internet Explorer Administration Kit 11 to install? For info, see [Determine the licensing version and features to use in IEAK 11](licensing-version-and-features-ieak11.md).
-
-- Do you meet the necessary hardware and software requirements? See [Hardware and software requirements for IEAK 11](hardware-and-software-reqs-ieak11.md).
-
-- Have you gotten all of the URLs needed to customize your **Home**, **Search**, and **Support** pages? See [Use the Important URLs - Home Page and Support page in the IEAK 11 Wizard](important-urls-home-page-and-support-ieak11-wizard.md).
-
-- Have you reviewed the security features to determine how to set up and manage them? See [Security features and IEAK 11](security-and-ieak11.md).
-
-- Have you created a test lab, where you can run the test version of your browser package to make sure it runs properly?
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: plan
+description: A list of steps to follow before you start to create your custom browser installation packages.
+author: dansimp
+ms.author: dansimp
+ms.manager: elizapo
+ms.prod: ie11
+ms.assetid: 6ed182b0-46cb-4865-9563-70825be9a5e4
+ms.reviewer:
+audience: itpro
+manager: dansimp
+title: Before you start using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 04/24/2018
+---
+
+
+# Before you start using IEAK 11
+
+Before you run IEAK 11 and the Customization Wizard, make sure you have met the following requirements:
+
+- Have you determined which licensing version of the Internet Explorer Administration Kit 11 to install? For info, see [Determine the licensing version and features to use in IEAK 11](licensing-version-and-features-ieak11.md).
+
+- Do you meet the necessary hardware and software requirements? See [Hardware and software requirements for IEAK 11](hardware-and-software-reqs-ieak11.md).
+
+- Have you gotten all of the URLs needed to customize your **Home**, **Search**, and **Support** pages? See [Use the Important URLs - Home Page and Support page in the IEAK 11 Wizard](important-urls-home-page-and-support-ieak11-wizard.md).
+
+- Have you reviewed the security features to determine how to set up and manage them? See [Security features and IEAK 11](security-and-ieak11.md).
+
+- Have you created a test lab, where you can run the test version of your browser package to make sure it runs properly?
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/branding-ins-file-setting.md b/browsers/internet-explorer/ie11-ieak/branding-ins-file-setting.md
index 7f9c6d989e..5c9c189f24 100644
--- a/browsers/internet-explorer/ie11-ieak/branding-ins-file-setting.md
+++ b/browsers/internet-explorer/ie11-ieak/branding-ins-file-setting.md
@@ -1,54 +1,55 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Use the \[Branding\] .INS file setting to set up your custom branding and setup info in your browser install package.
-author: lomayor
-ms.prod: ie11
-ms.assetid: cde600c6-29cf-4bd3-afd1-21563d2642df
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Branding .INS file to create custom branding and setup info (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Branding .INS file to create custom branding and setup info
-Info about the custom branding and setup information in your browser package.
-
-|Name |Value | Description |
-|-----------|--------------------------------|--------------------------------------------------------------|
-|Add on URL | `` |The add-on URL for the product updates command in the browser.|
-|BrowserDefault|- **0.** Locks down Internet Explorer as the default browser.
- **1.** Preserves the existing default browser.
- **2.** Lets the employee decide the default browser.
| Determines the default browser behavior. |
-|CMBitmapName | `` | The file name for the Connection Manager custom bitmap. |
-|CMBitmapPath | `` | The full file path to the Connection Manager custom bitmap file. |
-|CMProfileName| `` | The name of the Connection Manager profile. |
-|CMProfilePath| `` | The full file path to the Connection Manager profile. |
-|CMUseCustom | - **0.** Don’t use a custom Connection Manager profile.
- **1.** Use a custom Connection Manager profile.
| Determines whether to use a custom Connection Manager profile. |
-|CompanyName |`` |The name of the company with a valid IEAK 11 license, building this .ins file. |
-|EncodeFavs |- **0.** Don’t encode the section.
- **1.** Encode the section.
|Determines whether to encode the **[Favorites]** section for versions of IE earlier than 5.0. |
-|FavoritesDelete |*hexadecimal:* `0x89` |Lets you remove all existing Favorites and Quick Links. |
-|FavoritesOnTop |- **0.** Don’t put the new item at the top of the **Favorites** menu.
- **1.** Put the new item at the top of the **Favorites** menu.
|Determines whether to put new favorite items at the top of the menu. |
-|IE4 Welcome Msg |- **0.** Don’t go to a **Welcome** page the first time the browser is opened.
- **1.** Go to a **Welcome** page the first time the browser is opened.
|Determines whether a **Welcome** page appears. |
-|Language ID |`` |Code value for the language used. |
-|Language Locale |`` |The locale of the version of IE being customized, as denoted by a four-letter string — for example, EN-us for English. |
-|NoIELite |- **0.** Don’t optimize the Active Setup Wizard.
- **1.** Optimize the Active Setup Wizard for download, using existing files, as possible.
|Determines whether to optimize the Active Setup Wizard for download. |
-|SilentInstall |- **0.** Run Windows Update Setup interactively.
- **1.** Run Windows Update Setup non-interactively, but show progress and error messages to the employee.
|Determines whether Windows Update Setup runs interactively on the employee’s computer.**Note**
This only appears for the **Internal** version of the IEAK 11. |
-|StealthInstall |
- **0.** Run Windows Update Setup showing progress and error messages to the employee.
- **1.** Run Windows Update Setup without showing error messages to the employee.
|Determines whether Windows Update Setup shows error messages and dialog boxes.**Note**
This only appears for the **Internal** version of the IEAK 11. |
-|Toolbar Bitmap |`` |Full path to the icon bitmap that appears on the browser toolbar. |
-|Type |- **1.** Internal version. For use on a corporate intranet or network.
- **2.** External version. For use by ISPs, ICPs, or Developers.
|The version of IEAK 11 being used. |
-|User Agent |`` |String to be appended to the default User Agent string. |
-|Version |`` |Version number of the browser. For example, `6,0,0,1`. |
-|WebIntegrated |- **0.** Don’t include the 4.x integrated shell in your custom package.
- **1.** Include the 4.x integrated shell in your custom package.
|Determines whether the IE 4.x integrated shell is included in this package. |
-|Win32DownloadSite |`` |URL from where your employees will download the IEsetup.exe file. |
-|Window_Title |`` |Customized window title for IE. |
-|Window_Title_CN |`` |Company name to be appended to the window title. |
-|WizardVersion |`` |Version of the IEAK that created the .ins file. For example, `6.00.0707.2800`. |
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Use the \[Branding\] .INS file setting to set up your custom branding and setup info in your browser install package.
+author: dansimp
+ms.prod: ie11
+ms.assetid: cde600c6-29cf-4bd3-afd1-21563d2642df
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Branding .INS file to create custom branding and setup info (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Branding .INS file to create custom branding and setup info
+Info about the custom branding and setup information in your browser package.
+
+|Name |Value | Description |
+|-----------|--------------------------------|--------------------------------------------------------------|
+|Add on URL | `` |The add-on URL for the product updates command in the browser.|
+|BrowserDefault|- **0.** Locks down Internet Explorer as the default browser.
- **1.** Preserves the existing default browser.
- **2.** Lets the employee decide the default browser.
| Determines the default browser behavior. |
+|CMBitmapName | `` | The file name for the Connection Manager custom bitmap. |
+|CMBitmapPath | `` | The full file path to the Connection Manager custom bitmap file. |
+|CMProfileName| `` | The name of the Connection Manager profile. |
+|CMProfilePath| `` | The full file path to the Connection Manager profile. |
+|CMUseCustom | - **0.** Don’t use a custom Connection Manager profile.
- **1.** Use a custom Connection Manager profile.
| Determines whether to use a custom Connection Manager profile. |
+|CompanyName |`` |The name of the company with a valid IEAK 11 license, building this .ins file. |
+|EncodeFavs |- **0.** Don’t encode the section.
- **1.** Encode the section.
|Determines whether to encode the **[Favorites]** section for versions of IE earlier than 5.0. |
+|FavoritesDelete |*hexadecimal:* `0x89` |Lets you remove all existing Favorites and Quick Links. |
+|FavoritesOnTop |- **0.** Don’t put the new item at the top of the **Favorites** menu.
- **1.** Put the new item at the top of the **Favorites** menu.
|Determines whether to put new favorite items at the top of the menu. |
+|IE4 Welcome Msg |- **0.** Don’t go to a **Welcome** page the first time the browser is opened.
- **1.** Go to a **Welcome** page the first time the browser is opened.
|Determines whether a **Welcome** page appears. |
+|Language ID |`` |Code value for the language used. |
+|Language Locale |`` |The locale of the version of IE being customized, as denoted by a four-letter string — for example, EN-us for English. |
+|NoIELite |- **0.** Don’t optimize the Active Setup Wizard.
- **1.** Optimize the Active Setup Wizard for download, using existing files, as possible.
|Determines whether to optimize the Active Setup Wizard for download. |
+|SilentInstall |- **0.** Run Windows Update Setup interactively.
- **1.** Run Windows Update Setup non-interactively, but show progress and error messages to the employee.
|Determines whether Windows Update Setup runs interactively on the employee’s computer.**Note**
This only appears for the **Internal** version of the IEAK 11. |
+|StealthInstall |
- **0.** Run Windows Update Setup showing progress and error messages to the employee.
- **1.** Run Windows Update Setup without showing error messages to the employee.
|Determines whether Windows Update Setup shows error messages and dialog boxes.**Note**
This only appears for the **Internal** version of the IEAK 11. |
+|Toolbar Bitmap |`` |Full path to the icon bitmap that appears on the browser toolbar. |
+|Type |- **1.** Internal version. For use on a corporate intranet or network.
- **2.** External version. For use by ISPs, ICPs, or Developers.
|The version of IEAK 11 being used. |
+|User Agent |`` |String to be appended to the default User Agent string. |
+|Version |`` |Version number of the browser. For example, `6,0,0,1`. |
+|WebIntegrated |- **0.** Don’t include the 4.x integrated shell in your custom package.
- **1.** Include the 4.x integrated shell in your custom package.
|Determines whether the IE 4.x integrated shell is included in this package. |
+|Win32DownloadSite |`` |URL from where your employees will download the IEsetup.exe file. |
+|Window_Title |`` |Customized window title for IE. |
+|Window_Title_CN |`` |Company name to be appended to the window title. |
+|WizardVersion |`` |Version of the IEAK that created the .ins file. For example, `6.00.0707.2800`. |
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/browser-ui-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/browser-ui-ieak11-wizard.md
index ab8937ec4a..c1f3999a3a 100644
--- a/browsers/internet-explorer/ie11-ieak/browser-ui-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/browser-ui-ieak11-wizard.md
@@ -1,56 +1,57 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Browser User Interface page in the IEAK 11 Customization Wizard to change the toolbar buttons and the title bar.
-author: lomayor
-ms.prod: ie11
-ms.assetid: c4a18dcd-2e9c-4b5b-bcc5-9b9361a79f0d
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Browser User Interface page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Browser User Interface page in the IEAK 11 Wizard
-The **Browser User Interface** page of the Internet Explorer Customization Wizard 11 lets you change the toolbar buttons and the title bar text in IE.
-
-**Note**
The customizations you make on this page apply only to Internet Explorer for the desktop.
-
- **To use the Browser User Interface page**
-
-1. Check the **Customize Title Bars** box so you can add your custom text to the **Title Bar Text** box.
-The text shows up in the title bar as **IE provided by** <*your_custom_text*>.
-
-2. Check the **Delete existing toolbar buttons, if present** box so you can delete all of the toolbar buttons in your employee’s browser, except for the standard buttons installed with IE (which can’t be removed).
-
-**Note**
Only Administrators can use this option.
-
-3. Click **Add** to add new toolbar buttons.
- The **Browser Toolbar Button Information** box appears.
-
-4. In the **Toolbar caption** box, type the text that shows up when an employee hovers over your custom button. We recommend no more than 10 characters.
-
-5. In the **Toolbar action** box, browse to your script or executable file that runs when an employee clicks your custom button.
-
-6. In the **Toolbar icon** box, browse to the icon file that represents your button while active. This icon must be 20x20 pixels.
-
-7. Check the **This button should be shown on the toolbar by default** box so your custom button shows by default.
- This box should be cleared if you want to offer a custom set of buttons, but want your employees to choose whether or not to use them. In this situation, your buttons will show up in the **Customize Toolbars** dialog box, under **Available toolbar buttons**. Your employees can get to this dialog box in IE by clicking **Tools** from the **Command Bar**, clicking **Toolbars**, and then clicking **Customize**.
-
-8. Click **OK.**
-
-9. Click **Edit** to change your custom toolbar button or **Remove** to delete the button. The removed button will disappear from your employee’s computer after you apply the updated customization. Only custom toolbar buttons can be removed.
-
-10. Click **Next** to go to the [Search Providers](search-providers-ieak11-wizard.md) page or **Back** to go to the [User Experience](user-experience-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Browser User Interface page in the IEAK 11 Customization Wizard to change the toolbar buttons and the title bar.
+author: dansimp
+ms.prod: ie11
+ms.assetid: c4a18dcd-2e9c-4b5b-bcc5-9b9361a79f0d
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Browser User Interface page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Browser User Interface page in the IEAK 11 Wizard
+The **Browser User Interface** page of the Internet Explorer Customization Wizard 11 lets you change the toolbar buttons and the title bar text in IE.
+
+**Note**
The customizations you make on this page apply only to Internet Explorer for the desktop.
+
+ **To use the Browser User Interface page**
+
+1. Check the **Customize Title Bars** box so you can add your custom text to the **Title Bar Text** box.
+The text shows up in the title bar as **IE provided by** <*your_custom_text*>.
+
+2. Check the **Delete existing toolbar buttons, if present** box so you can delete all of the toolbar buttons in your employee’s browser, except for the standard buttons installed with IE (which can’t be removed).
+
+**Note**
Only Administrators can use this option.
+
+3. Click **Add** to add new toolbar buttons.
+ The **Browser Toolbar Button Information** box appears.
+
+4. In the **Toolbar caption** box, type the text that shows up when an employee hovers over your custom button. We recommend no more than 10 characters.
+
+5. In the **Toolbar action** box, browse to your script or executable file that runs when an employee clicks your custom button.
+
+6. In the **Toolbar icon** box, browse to the icon file that represents your button while active. This icon must be 20x20 pixels.
+
+7. Check the **This button should be shown on the toolbar by default** box so your custom button shows by default.
+ This box should be cleared if you want to offer a custom set of buttons, but want your employees to choose whether or not to use them. In this situation, your buttons will show up in the **Customize Toolbars** dialog box, under **Available toolbar buttons**. Your employees can get to this dialog box in IE by clicking **Tools** from the **Command Bar**, clicking **Toolbars**, and then clicking **Customize**.
+
+8. Click **OK.**
+
+9. Click **Edit** to change your custom toolbar button or **Remove** to delete the button. The removed button will disappear from your employee’s computer after you apply the updated customization. Only custom toolbar buttons can be removed.
+
+10. Click **Next** to go to the [Search Providers](search-providers-ieak11-wizard.md) page or **Back** to go to the [User Experience](user-experience-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/browsertoolbars-ins-file-setting.md b/browsers/internet-explorer/ie11-ieak/browsertoolbars-ins-file-setting.md
index 56922b0838..b2b123ff69 100644
--- a/browsers/internet-explorer/ie11-ieak/browsertoolbars-ins-file-setting.md
+++ b/browsers/internet-explorer/ie11-ieak/browsertoolbars-ins-file-setting.md
@@ -1,39 +1,40 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: plan
-description: Use the \[BrowserToolbars\] .INS file setting to customize your Internet Explorer toolbar and buttons.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 83af0558-9df3-4c2e-9350-44f7788efa6d
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the BrowserToolbars .INS file to customize the Internet Explorer toolbar and buttons (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the BrowserToolbars .INS file to customize the Internet Explorer toolbar and buttons
-Info about how to customize the Internet Explorer toolbar.
-
-|Name |Value |Description |
-|-----------|---------------------------|-------------|
-|Action0 |`` |Path and file name for the executable (.exe) file that's associated with your custom toolbar button. |
-|Caption0 |`` |Text that appears as the caption for your custom toolbar button. |
-|DeleteButtons |- **0.** Don’t delete the existing custom toolbar buttons.
- **1.** Delete the existing custom toolbar buttons.
|Determines whether to delete the existing custom toolbar buttons. |
-|HotIcon0 |`` |An icon (.ico) file that appears highlighted on the button when the pointer is moved over it. |
-|Icon0 |`` |An icon (.ico) file that appears dimmed on the button when the pointer isn’t moved over it. |
-|Show0 |- **0.** Don’t show the button by default.
- **1.** Show the button by default.
|Determines whether to show the new button on the toolbar by default. |
-|ToolTipText0 |`` |Tooltip text for the custom toolbar button. |
-
-
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: plan
+description: Use the \[BrowserToolbars\] .INS file setting to customize your Internet Explorer toolbar and buttons.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 83af0558-9df3-4c2e-9350-44f7788efa6d
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the BrowserToolbars .INS file to customize the Internet Explorer toolbar and buttons (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the BrowserToolbars .INS file to customize the Internet Explorer toolbar and buttons
+Info about how to customize the Internet Explorer toolbar.
+
+|Name |Value |Description |
+|-----------|---------------------------|-------------|
+|Action0 |`` |Path and file name for the executable (.exe) file that's associated with your custom toolbar button. |
+|Caption0 |`` |Text that appears as the caption for your custom toolbar button. |
+|DeleteButtons |- **0.** Don’t delete the existing custom toolbar buttons.
- **1.** Delete the existing custom toolbar buttons.
|Determines whether to delete the existing custom toolbar buttons. |
+|HotIcon0 |`` |An icon (.ico) file that appears highlighted on the button when the pointer is moved over it. |
+|Icon0 |`` |An icon (.ico) file that appears dimmed on the button when the pointer isn’t moved over it. |
+|Show0 |- **0.** Don’t show the button by default.
- **1.** Show the button by default.
|Determines whether to show the new button on the toolbar by default. |
+|ToolTipText0 |`` |Tooltip text for the custom toolbar button. |
+
+
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/browsing-options-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/browsing-options-ieak11-wizard.md
index d96bb1744c..a39adaff3e 100644
--- a/browsers/internet-explorer/ie11-ieak/browsing-options-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/browsing-options-ieak11-wizard.md
@@ -2,13 +2,13 @@
ms.localizationpriority: medium
ms.mktglfcycl: deploy
description: How to use the Browsing Options page in the IEAK 11 Customization Wizard to manage items in the Favorites, Favorites Bar, and Feeds section.
-author: lomayor
+author: dansimp
ms.prod: ie11
ms.assetid: d6bd71ba-5df3-4b8c-8bb5-dcbc50fd974e
ms.reviewer:
audience: itpro
manager: dansimp
-ms.author: lomayor
+ms.author: dansimp
title: Use the Browsing Options page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/internet-explorer/ie11-ieak/cabsigning-ins-file-setting.md b/browsers/internet-explorer/ie11-ieak/cabsigning-ins-file-setting.md
index 0d0a0bde19..e5bf7ebb40 100644
--- a/browsers/internet-explorer/ie11-ieak/cabsigning-ins-file-setting.md
+++ b/browsers/internet-explorer/ie11-ieak/cabsigning-ins-file-setting.md
@@ -1,26 +1,27 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Use the \[CabSigning\] .INS file setting to customize the digital signature info for your apps.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 098707e9-d712-4297-ac68-7d910ca8f43b
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the CabSigning .INS file to customize the digital signature info for your apps (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the CabSigning .INS file to customize the digital signature info for your apps
-Info about how to customize the digital signature info for your apps.
-
-|Name |Value |Description |
-|-----------|---------------------------|-------------|
-|InfoURL |`` |URL that appears on the **Certificate** dialog box. |
-|Name |`` |Company name associated with the certificate. |
-|pvkFile |`` |File path to the privacy key file. |
-|spcFile |`` |File path to the certificate file.|
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Use the \[CabSigning\] .INS file setting to customize the digital signature info for your apps.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 098707e9-d712-4297-ac68-7d910ca8f43b
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the CabSigning .INS file to customize the digital signature info for your apps (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the CabSigning .INS file to customize the digital signature info for your apps
+Info about how to customize the digital signature info for your apps.
+
+|Name |Value |Description |
+|-----------|---------------------------|-------------|
+|InfoURL |`` |URL that appears on the **Certificate** dialog box. |
+|Name |`` |Company name associated with the certificate. |
+|pvkFile |`` |File path to the privacy key file. |
+|spcFile |`` |File path to the certificate file.|
+
diff --git a/browsers/internet-explorer/ie11-ieak/compat-view-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/compat-view-ieak11-wizard.md
index 7e05be2556..cda9702eb4 100644
--- a/browsers/internet-explorer/ie11-ieak/compat-view-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/compat-view-ieak11-wizard.md
@@ -1,22 +1,23 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-ms.pagetype: appcompat
-description: We’re sorry. We’ve removed all of the functionality included on the **Compatibility View** page of the Internet Explorer Customization Wizard 11.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 51d8f80e-93a5-41e4-9478-b8321458bc30
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Compatibility View page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Compatibility View page in the IEAK 11 Wizard
-We’re sorry. We’ve changed the way Compatibility View works in Internet Explorer 11 and have removed all of the functionality included on the **Compatibility View** page of the Internet Explorer Customization Wizard 11. For more info about the changes we’ve made to the Compatibility View functionality, see [Missing the Compatibility View Button](../ie11-deploy-guide/missing-the-compatibility-view-button.md).
-
-Click **Next** to go to the [Programs](programs-ieak11-wizard.md) page or **Back** to go to the [Security and Privacy Settings](security-and-privacy-settings-ieak11-wizard.md) page.
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+ms.pagetype: appcompat
+description: We’re sorry. We’ve removed all of the functionality included on the **Compatibility View** page of the Internet Explorer Customization Wizard 11.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 51d8f80e-93a5-41e4-9478-b8321458bc30
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Compatibility View page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Compatibility View page in the IEAK 11 Wizard
+We’re sorry. We’ve changed the way Compatibility View works in Internet Explorer 11 and have removed all of the functionality included on the **Compatibility View** page of the Internet Explorer Customization Wizard 11. For more info about the changes we’ve made to the Compatibility View functionality, see [Missing the Compatibility View Button](../ie11-deploy-guide/missing-the-compatibility-view-button.md).
+
+Click **Next** to go to the [Programs](programs-ieak11-wizard.md) page or **Back** to go to the [Security and Privacy Settings](security-and-privacy-settings-ieak11-wizard.md) page.
+
diff --git a/browsers/internet-explorer/ie11-ieak/connection-mgr-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/connection-mgr-ieak11-wizard.md
index 3fbf4b4276..aaec7b0fa2 100644
--- a/browsers/internet-explorer/ie11-ieak/connection-mgr-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/connection-mgr-ieak11-wizard.md
@@ -1,21 +1,22 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: We’re sorry. We’ve removed all of the functionality included on the **Connection Manager** page of the Internet Explorer Customization Wizard 11.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 1edaa7db-cf6b-4f94-b65f-0feff3d4081a
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Connection Manager page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Connection Manager page in the IEAK 11 Wizard
-We're sorry. We've removed all of the functionality included on the Connection Manager page of the Internet Explorer Customization Wizard 11.
-
-Click **Next** to go to the [Connection Settings](connection-settings-ieak11-wizard.md) page or **Back** to go to the [Compatibility View](compat-view-ieak11-wizard.md) page.
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: We’re sorry. We’ve removed all of the functionality included on the **Connection Manager** page of the Internet Explorer Customization Wizard 11.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 1edaa7db-cf6b-4f94-b65f-0feff3d4081a
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Connection Manager page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Connection Manager page in the IEAK 11 Wizard
+We're sorry. We've removed all of the functionality included on the Connection Manager page of the Internet Explorer Customization Wizard 11.
+
+Click **Next** to go to the [Connection Settings](connection-settings-ieak11-wizard.md) page or **Back** to go to the [Compatibility View](compat-view-ieak11-wizard.md) page.
+
diff --git a/browsers/internet-explorer/ie11-ieak/connection-settings-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/connection-settings-ieak11-wizard.md
index 1d7f645f31..66beabdbca 100644
--- a/browsers/internet-explorer/ie11-ieak/connection-settings-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/connection-settings-ieak11-wizard.md
@@ -1,41 +1,42 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Connection Settings page in IEAK 11 Customization Wizard to import and preset connection settings on your employee’s computers.
-author: lomayor
-ms.prod: ie11
-ms.assetid: dc93ebf7-37dc-47c7-adc3-067d07de8b78
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Connection Settings page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Connection Settings page in the IEAK 11 Wizard
-The **Connection Settings** page of the Internet Explorer Administration Kit (IEAK 11) Customization Wizard lets you import the connection settings from your computer, to preset the connection settings on your employee’s computers.
-
-**Note**
Using the options on the **Additional Settings** page of the wizard, you can let your employees change their connection settings. For more information see the [Additional Settings](additional-settings-ieak11-wizard.md) page. You can also customize additional connection settings using the **Automatic Configuration** page in the wizard. For more information see the [Automatic Configuration](auto-config-ieak11-wizard.md) page.
-
-**To view your current connection settings**
-
-1. Open IE, click the **Tools** menu, click **Internet Options**, and then click the **Connections** tab.
-
-2. Click **Settings** to view your dial-up settings and click **LAN Settings** to view your network settings.
-
-**To use the Connection Settings page**
-
-1. Decide if you want to customize your connection settings. You can pick:
-
- - **Do not customize Connection Settings.** Pick this option if you don’t want to preset your employee’s connection settings.
-
- - **Import the current Connection Settings from this machine.** Pick this option to import your connection settings from your computer and use them as the preset for your employee’s connection settings.
-
- **Note**
If you want to change any of your settings later, you can click **Modify Settings** to open the **Internet Properties** box, click the **Connection Settings** tab, and make your changes.
-
-2. Check the **Delete existing Dial-up Connection Settings** box to clear any existing settings on your employee’s computers.
-
-3. Click **Next** to go to the [Automatic Configuration](auto-config-ieak11-wizard.md) page or **Back** to go to the [Connection Manager](connection-mgr-ieak11-wizard.md) page.
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Connection Settings page in IEAK 11 Customization Wizard to import and preset connection settings on your employee’s computers.
+author: dansimp
+ms.prod: ie11
+ms.assetid: dc93ebf7-37dc-47c7-adc3-067d07de8b78
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Connection Settings page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Connection Settings page in the IEAK 11 Wizard
+The **Connection Settings** page of the Internet Explorer Administration Kit (IEAK 11) Customization Wizard lets you import the connection settings from your computer, to preset the connection settings on your employee’s computers.
+
+**Note**
Using the options on the **Additional Settings** page of the wizard, you can let your employees change their connection settings. For more information see the [Additional Settings](additional-settings-ieak11-wizard.md) page. You can also customize additional connection settings using the **Automatic Configuration** page in the wizard. For more information see the [Automatic Configuration](auto-config-ieak11-wizard.md) page.
+
+**To view your current connection settings**
+
+1. Open IE, click the **Tools** menu, click **Internet Options**, and then click the **Connections** tab.
+
+2. Click **Settings** to view your dial-up settings and click **LAN Settings** to view your network settings.
+
+**To use the Connection Settings page**
+
+1. Decide if you want to customize your connection settings. You can pick:
+
+ - **Do not customize Connection Settings.** Pick this option if you don’t want to preset your employee’s connection settings.
+
+ - **Import the current Connection Settings from this machine.** Pick this option to import your connection settings from your computer and use them as the preset for your employee’s connection settings.
+
+ **Note**
If you want to change any of your settings later, you can click **Modify Settings** to open the **Internet Properties** box, click the **Connection Settings** tab, and make your changes.
+
+2. Check the **Delete existing Dial-up Connection Settings** box to clear any existing settings on your employee’s computers.
+
+3. Click **Next** to go to the [Automatic Configuration](auto-config-ieak11-wizard.md) page or **Back** to go to the [Connection Manager](connection-mgr-ieak11-wizard.md) page.
+
diff --git a/browsers/internet-explorer/ie11-ieak/connectionsettings-ins-file-setting.md b/browsers/internet-explorer/ie11-ieak/connectionsettings-ins-file-setting.md
index 2f510429c0..779e024e57 100644
--- a/browsers/internet-explorer/ie11-ieak/connectionsettings-ins-file-setting.md
+++ b/browsers/internet-explorer/ie11-ieak/connectionsettings-ins-file-setting.md
@@ -1,26 +1,27 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: plan
-description: Use the \[ConnectionSettings\] .INS file setting to specify the network connection settings needed to install your custom package.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 41410300-6ddd-43b2-b9e2-0108a2221355
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the ConnectionSettings .INS file to review the network connections for install (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the ConnectionSettings .INS file to review the network connections for install
-Info about the network connection settings used to install your custom package. This section creates a common configuration on all of your employee’s computers.
-
-|Name |Value |Description |
-|-----------|---------------------------|-------------|
-|ConnectName0 |`` |Name for the connection. |
-|ConnectName1 |`` |Secondary name for the connection. |
-|DeleteConnectionSettings | |Determines whether to remove the existing connection settings during installation of your custom package. |
-|Option |- **0.** Don’t let employees import connection settings.
- **1.** Let employees import connection settings.
|Determines whether an employee can import connection settings into the Internet Explorer Customization Wizard. |
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: plan
+description: Use the \[ConnectionSettings\] .INS file setting to specify the network connection settings needed to install your custom package.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 41410300-6ddd-43b2-b9e2-0108a2221355
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the ConnectionSettings .INS file to review the network connections for install (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the ConnectionSettings .INS file to review the network connections for install
+Info about the network connection settings used to install your custom package. This section creates a common configuration on all of your employee’s computers.
+
+|Name |Value |Description |
+|-----------|---------------------------|-------------|
+|ConnectName0 |`` |Name for the connection. |
+|ConnectName1 |`` |Secondary name for the connection. |
+|DeleteConnectionSettings | |Determines whether to remove the existing connection settings during installation of your custom package. |
+|Option |- **0.** Don’t let employees import connection settings.
- **1.** Let employees import connection settings.
|Determines whether an employee can import connection settings into the Internet Explorer Customization Wizard. |
+
diff --git a/browsers/internet-explorer/ie11-ieak/create-build-folder-structure-ieak11.md b/browsers/internet-explorer/ie11-ieak/create-build-folder-structure-ieak11.md
index 5dab4acabf..91f26adf5b 100644
--- a/browsers/internet-explorer/ie11-ieak/create-build-folder-structure-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/create-build-folder-structure-ieak11.md
@@ -1,24 +1,25 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: plan
-description: How to create your folder structure on the computer that you’ll use to build your custom browser package.
-author: lomayor
-ms.prod: ie11
-ms.assetid: e0d05a4c-099f-4f79-a069-4aa1c28a1080
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Create the build computer folder structure using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Create the build computer folder structure using IEAK 11
-Create your build environment on the computer that you’ll use to build your custom browser package. Your license agreement determines your folder structure and which version of Internet Explorer Administration Kit 11 (IEAK 11) you’ll use: **Internal** or **External**.
-
-|Name |Version |Description |
-|-----------------|----------------------|---------------------------------------------------------|
-|`\` |Internal and External |The main, placeholder folder used for all files built by IEAK or that you referenced in your custom package.|
-|`\\Dist` |Internal only |Destination directory for your files. You’ll only need this folder if you’re creating your browser package on a network drive. |
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: plan
+description: How to create your folder structure on the computer that you’ll use to build your custom browser package.
+author: dansimp
+ms.prod: ie11
+ms.assetid: e0d05a4c-099f-4f79-a069-4aa1c28a1080
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Create the build computer folder structure using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Create the build computer folder structure using IEAK 11
+Create your build environment on the computer that you’ll use to build your custom browser package. Your license agreement determines your folder structure and which version of Internet Explorer Administration Kit 11 (IEAK 11) you’ll use: **Internal** or **External**.
+
+|Name |Version |Description |
+|-----------------|----------------------|---------------------------------------------------------|
+|`\` |Internal and External |The main, placeholder folder used for all files built by IEAK or that you referenced in your custom package.|
+|`\\Dist` |Internal only |Destination directory for your files. You’ll only need this folder if you’re creating your browser package on a network drive. |
+
diff --git a/browsers/internet-explorer/ie11-ieak/create-manage-deploy-custom-pkgs-ieak11.md b/browsers/internet-explorer/ie11-ieak/create-manage-deploy-custom-pkgs-ieak11.md
index ee5455e665..3e8043c959 100644
--- a/browsers/internet-explorer/ie11-ieak/create-manage-deploy-custom-pkgs-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/create-manage-deploy-custom-pkgs-ieak11.md
@@ -1,27 +1,28 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: plan
-description: Review this list of tasks and references before you create and deploy your Internet Explorer 11 custom install packages.
-author: lomayor
-ms.prod: ie11
-ms.assetid: fe71c603-bf07-41e1-a477-ade5b28c9fb3
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Tasks and references to consider before creating and deploying custom packages using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Tasks and references to consider before creating and deploying custom packages using IEAK 11
-Review this list of tasks and references to help you use the Internet Explorer Administration Kit 11 (IEAK 11) to set up, deploy, and manage Internet Explorer 11 in your company.
-
-|Task |References |
-|----------------------------------------|--------------------------------------------------------------|
-|Review concepts and requirements, including info about the version and features you'll use. |- [Hardware and software requirements for IEAK 11](hardware-and-software-reqs-ieak11.md)
- [Determine the licensing version and features to use in IEAK 11](licensing-version-and-features-ieak11.md)
- [Before you start using IEAK 11](before-you-create-custom-pkgs-ieak11.md)
|
-|Prep your environment and get all of the info you'll need for running IEAK 11 |- [Create the build computer folder structure using IEAK 11](create-build-folder-structure-ieak11.md)
- [Customize the Toolbar button and Favorites List icons using IEAK 11](guidelines-toolbar-and-favorites-list-ieak11.md)
- [Before you install your package over your network using IEAK 11](prep-network-install-with-ieak11.md)
- [Set up auto detection for DHCP or DNS servers using IEAK 11](auto-detection-dhcp-or-dns-servers-ieak11.md)
- [Register an uninstall app for custom components using IEAK 11](register-uninstall-app-ieak11.md)
- [Add and approve ActiveX controls using the IEAK 11](add-and-approve-activex-controls-ieak11.md)
- [Internet Explorer Administration Kit 11 (IEAK 11) Customization Wizard options](ieak11-wizard-custom-options.md)
- [Security features and IEAK 11](security-and-ieak11.md)
|
-|Run the Internet Explorer Administration Kit 11 (IEAK 11) Customization Wizard |- [Use the File Locations page in the IEAK 11 Wizard](file-locations-ieak11-wizard.md)
- [Use the Platform Selection page in the IEAK 11 Wizard](platform-selection-ieak11-wizard.md)
- [Use the Language Selection page in the IEAK 11 Wizard](language-selection-ieak11-wizard.md)
- [Use the Package Type Selection page in the IEAK 11 Wizard](pkg-type-selection-ieak11-wizard.md)
- [Use the Feature Selection page in the IEAK 11 Wizard](feature-selection-ieak11-wizard.md)
- [Use the Automatic Version Synchronization page in the IEAK 11 Wizard](auto-version-sync-ieak11-wizard.md)
- [Use the Custom Components page in the IEAK 11 Wizard](custom-components-ieak11-wizard.md)
- [Use the Internal Install page in the IEAK 11 Wizard](internal-install-ieak11-wizard.md)
- [Use the User Experience page in the IEAK 11 Wizard](user-experience-ieak11-wizard.md)
- [Use the Browser User Interface page in the IEAK 11 Wizard](browser-ui-ieak11-wizard.md)
- [Use the Search Providers page in the IEAK 11 Wizard](search-providers-ieak11-wizard.md)
- [Use the Important URLs - Home Page and Support page in the IEAK 11 Wizard](important-urls-home-page-and-support-ieak11-wizard.md)
- [Use the Accelerators page in the IEAK 11 Wizard](accelerators-ieak11-wizard.md)
- [Use the Favorites, Favorites Bar, and Feeds page in the IEAK 11 Wizard](favorites-favoritesbar-and-feeds-ieak11-wizard.md)
- [Use the Browsing Options page in the IEAK 11 Wizard](browsing-options-ieak11-wizard.md)
- [Use the First Run Wizard and Welcome Page Options page in the IEAK 11 Wizard](first-run-and-welcome-page-ieak11-wizard.md)
- [Use the Compatibility View page in the IEAK 11 Wizard](compat-view-ieak11-wizard.md)
- [Use the Connection Manager page in the IEAK 11 Wizard](connection-mgr-ieak11-wizard.md)
- [Use the Connection Settings page in the IEAK 11 Wizard](connection-settings-ieak11-wizard.md)
- [Use the Automatic Configuration page in the IEAK 11 Wizard](auto-config-ieak11-wizard.md)
- [Use the Proxy Settings page in the IEAK 11 Wizard](proxy-settings-ieak11-wizard.md)
- [Use the Security and Privacy Settings page in the IEAK 11 Wizard](security-and-privacy-settings-ieak11-wizard.md)
- [Use the Add a Root Certificate page in the IEAK 11 Wizard](add-root-certificate-ieak11-wizard.md)
- [Use the Programs page in the IEAK 11 Wizard](programs-ieak11-wizard.md)
- [Use the Additional Settings page in the IEAK 11 Wizard](additional-settings-ieak11-wizard.md)
- [Use the Wizard Complete - Next Steps page in the IEAK 11 Wizard](wizard-complete-ieak11-wizard.md)
|
-|Review your policy settings and create multiple versions of your install package. |- [Create multiple versions of your custom package using IEAK 11](create-multiple-browser-packages-ieak11.md)
- [Use the RSoP snap-in to review policy settings](rsop-snapin-for-policy-settings-ieak11.md)
**Note**
For deployment instructions, additional troubleshooting, and post-installation management, see the [Internet Explorer 11 (IE11) - Deployment Guide for IT Pros](../ie11-deploy-guide/index.md)
|
-|Review the general IEAK Customization Wizard 11 information, which applies throughout the process. |- [Troubleshoot custom package and IEAK 11 problems](troubleshooting-custom-browser-pkg-ieak11.md)
- [File types used or created by IEAK 11](file-types-ieak11.md)
- [Customize Automatic Search using IEAK 11](customize-automatic-search-for-ie.md)
- [Use the uninstallation .INF files to uninstall custom components](create-uninstall-inf-files-for-custom-components.md)
- [Using Internet Settings (.INS) files with IEAK 11](using-internet-settings-ins-files.md)
- [Use proxy auto-configuration (.pac) files with IEAK 11](proxy-auto-config-examples.md)
- [IExpress Wizard for Windows Server 2008 R2 with SP1](iexpress-wizard-for-win-server.md)
|
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: plan
+description: Review this list of tasks and references before you create and deploy your Internet Explorer 11 custom install packages.
+author: dansimp
+ms.prod: ie11
+ms.assetid: fe71c603-bf07-41e1-a477-ade5b28c9fb3
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Tasks and references to consider before creating and deploying custom packages using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Tasks and references to consider before creating and deploying custom packages using IEAK 11
+Review this list of tasks and references to help you use the Internet Explorer Administration Kit 11 (IEAK 11) to set up, deploy, and manage Internet Explorer 11 in your company.
+
+|Task |References |
+|----------------------------------------|--------------------------------------------------------------|
+|Review concepts and requirements, including info about the version and features you'll use. |- [Hardware and software requirements for IEAK 11](hardware-and-software-reqs-ieak11.md)
- [Determine the licensing version and features to use in IEAK 11](licensing-version-and-features-ieak11.md)
- [Before you start using IEAK 11](before-you-create-custom-pkgs-ieak11.md)
|
+|Prep your environment and get all of the info you'll need for running IEAK 11 |- [Create the build computer folder structure using IEAK 11](create-build-folder-structure-ieak11.md)
- [Customize the Toolbar button and Favorites List icons using IEAK 11](guidelines-toolbar-and-favorites-list-ieak11.md)
- [Before you install your package over your network using IEAK 11](prep-network-install-with-ieak11.md)
- [Set up auto detection for DHCP or DNS servers using IEAK 11](auto-detection-dhcp-or-dns-servers-ieak11.md)
- [Register an uninstall app for custom components using IEAK 11](register-uninstall-app-ieak11.md)
- [Add and approve ActiveX controls using the IEAK 11](add-and-approve-activex-controls-ieak11.md)
- [Internet Explorer Administration Kit 11 (IEAK 11) Customization Wizard options](ieak11-wizard-custom-options.md)
- [Security features and IEAK 11](security-and-ieak11.md)
|
+|Run the Internet Explorer Administration Kit 11 (IEAK 11) Customization Wizard |- [Use the File Locations page in the IEAK 11 Wizard](file-locations-ieak11-wizard.md)
- [Use the Platform Selection page in the IEAK 11 Wizard](platform-selection-ieak11-wizard.md)
- [Use the Language Selection page in the IEAK 11 Wizard](language-selection-ieak11-wizard.md)
- [Use the Package Type Selection page in the IEAK 11 Wizard](pkg-type-selection-ieak11-wizard.md)
- [Use the Feature Selection page in the IEAK 11 Wizard](feature-selection-ieak11-wizard.md)
- [Use the Automatic Version Synchronization page in the IEAK 11 Wizard](auto-version-sync-ieak11-wizard.md)
- [Use the Custom Components page in the IEAK 11 Wizard](custom-components-ieak11-wizard.md)
- [Use the Internal Install page in the IEAK 11 Wizard](internal-install-ieak11-wizard.md)
- [Use the User Experience page in the IEAK 11 Wizard](user-experience-ieak11-wizard.md)
- [Use the Browser User Interface page in the IEAK 11 Wizard](browser-ui-ieak11-wizard.md)
- [Use the Search Providers page in the IEAK 11 Wizard](search-providers-ieak11-wizard.md)
- [Use the Important URLs - Home Page and Support page in the IEAK 11 Wizard](important-urls-home-page-and-support-ieak11-wizard.md)
- [Use the Accelerators page in the IEAK 11 Wizard](accelerators-ieak11-wizard.md)
- [Use the Favorites, Favorites Bar, and Feeds page in the IEAK 11 Wizard](favorites-favoritesbar-and-feeds-ieak11-wizard.md)
- [Use the Browsing Options page in the IEAK 11 Wizard](browsing-options-ieak11-wizard.md)
- [Use the First Run Wizard and Welcome Page Options page in the IEAK 11 Wizard](first-run-and-welcome-page-ieak11-wizard.md)
- [Use the Compatibility View page in the IEAK 11 Wizard](compat-view-ieak11-wizard.md)
- [Use the Connection Manager page in the IEAK 11 Wizard](connection-mgr-ieak11-wizard.md)
- [Use the Connection Settings page in the IEAK 11 Wizard](connection-settings-ieak11-wizard.md)
- [Use the Automatic Configuration page in the IEAK 11 Wizard](auto-config-ieak11-wizard.md)
- [Use the Proxy Settings page in the IEAK 11 Wizard](proxy-settings-ieak11-wizard.md)
- [Use the Security and Privacy Settings page in the IEAK 11 Wizard](security-and-privacy-settings-ieak11-wizard.md)
- [Use the Add a Root Certificate page in the IEAK 11 Wizard](add-root-certificate-ieak11-wizard.md)
- [Use the Programs page in the IEAK 11 Wizard](programs-ieak11-wizard.md)
- [Use the Additional Settings page in the IEAK 11 Wizard](additional-settings-ieak11-wizard.md)
- [Use the Wizard Complete - Next Steps page in the IEAK 11 Wizard](wizard-complete-ieak11-wizard.md)
|
+|Review your policy settings and create multiple versions of your install package. |- [Create multiple versions of your custom package using IEAK 11](create-multiple-browser-packages-ieak11.md)
- [Use the RSoP snap-in to review policy settings](rsop-snapin-for-policy-settings-ieak11.md)
**Note**
For deployment instructions, additional troubleshooting, and post-installation management, see the [Internet Explorer 11 (IE11) - Deployment Guide for IT Pros](../ie11-deploy-guide/index.md)
|
+|Review the general IEAK Customization Wizard 11 information, which applies throughout the process. |- [Troubleshoot custom package and IEAK 11 problems](troubleshooting-custom-browser-pkg-ieak11.md)
- [File types used or created by IEAK 11](file-types-ieak11.md)
- [Customize Automatic Search using IEAK 11](customize-automatic-search-for-ie.md)
- [Use the uninstallation .INF files to uninstall custom components](create-uninstall-inf-files-for-custom-components.md)
- [Using Internet Settings (.INS) files with IEAK 11](using-internet-settings-ins-files.md)
- [Use proxy auto-configuration (.pac) files with IEAK 11](proxy-auto-config-examples.md)
- [IExpress Wizard for Windows Server 2008 R2 with SP1](iexpress-wizard-for-win-server.md)
|
+
diff --git a/browsers/internet-explorer/ie11-ieak/create-multiple-browser-packages-ieak11.md b/browsers/internet-explorer/ie11-ieak/create-multiple-browser-packages-ieak11.md
index 896d25732d..6196fabf79 100644
--- a/browsers/internet-explorer/ie11-ieak/create-multiple-browser-packages-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/create-multiple-browser-packages-ieak11.md
@@ -1,38 +1,39 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Steps to create multiple versions of your custom browser if you support more than 1 version of Windows, more than 1 language, or have different features in each package.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 4c5f3503-8c69-4691-ae97-1523091ab333
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Create multiple versions of your custom package using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Create multiple versions of your custom package using IEAK 11
-You'll need to create multiple versions of your custom browser package if:
-
-- You support more than 1 version of the Windows operating system.
-
-- You support more than 1 language.
-
-- You have custom installation packages with only minor differences. For example, having a different phone number or a different set of URLs in the **Favorites** folder.
-
-The Internet Explorer Customization Wizard 11 stores your original settings in the Install.ins file and will show them each time you re-open the wizard. For more info about .ins files, see [Using Internet Settings (.INS) files with IEAK 11](using-internet-settings-ins-files.md).
-
-**To create multiple versions of your browser package**
-
-1. Use the Internet Explorer Customization Wizard 11 to create a custom browser package. For more info about how to run the wizard, start with the [Use the File Locations page in the IEAK 11 Wizard](file-locations-ieak11-wizard.md) topic.
-
-2. Go to the Cie\Custom folder and rename the Install.ins file to a name that reflects the version. Like, if you need a version for your employees in Texas, you could name the file Texas.ins.
-
-3. Run the wizard again, choosing the newly renamed folder as the destination directory for your output files.
-**Important**
Except for the **Title bar** text, **Favorites**, **Links bar**, **Home** page, and **Search bar**, we recommend that you keep all of your wizard settings the same for all of your build computers.
-
-4. Repeat this process until you’ve created a package for each version of your custom installation package.
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Steps to create multiple versions of your custom browser if you support more than 1 version of Windows, more than 1 language, or have different features in each package.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 4c5f3503-8c69-4691-ae97-1523091ab333
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Create multiple versions of your custom package using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Create multiple versions of your custom package using IEAK 11
+You'll need to create multiple versions of your custom browser package if:
+
+- You support more than 1 version of the Windows operating system.
+
+- You support more than 1 language.
+
+- You have custom installation packages with only minor differences. For example, having a different phone number or a different set of URLs in the **Favorites** folder.
+
+The Internet Explorer Customization Wizard 11 stores your original settings in the Install.ins file and will show them each time you re-open the wizard. For more info about .ins files, see [Using Internet Settings (.INS) files with IEAK 11](using-internet-settings-ins-files.md).
+
+**To create multiple versions of your browser package**
+
+1. Use the Internet Explorer Customization Wizard 11 to create a custom browser package. For more info about how to run the wizard, start with the [Use the File Locations page in the IEAK 11 Wizard](file-locations-ieak11-wizard.md) topic.
+
+2. Go to the Cie\Custom folder and rename the Install.ins file to a name that reflects the version. Like, if you need a version for your employees in Texas, you could name the file Texas.ins.
+
+3. Run the wizard again, choosing the newly renamed folder as the destination directory for your output files.
+**Important**
Except for the **Title bar** text, **Favorites**, **Links bar**, **Home** page, and **Search bar**, we recommend that you keep all of your wizard settings the same for all of your build computers.
+
+4. Repeat this process until you’ve created a package for each version of your custom installation package.
+
diff --git a/browsers/internet-explorer/ie11-ieak/create-uninstall-inf-files-for-custom-components.md b/browsers/internet-explorer/ie11-ieak/create-uninstall-inf-files-for-custom-components.md
index a74479dce6..3cf498605c 100644
--- a/browsers/internet-explorer/ie11-ieak/create-uninstall-inf-files-for-custom-components.md
+++ b/browsers/internet-explorer/ie11-ieak/create-uninstall-inf-files-for-custom-components.md
@@ -1,29 +1,30 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Use Setup information (.inf) files to uninstall custom components from your custom browser packages.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 8257aa41-58de-4339-81dd-9f2ffcc10a08
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use Setup information (.inf) files to uninstall custom components (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use uninstallation .INF files to uninstall custom components
-The Internet Explorer Administration Kit 11 (IEAK 11) uses Setup information (.inf) files to provide installation instructions for your custom browser packages. You can also use this file to uninstall your custom components by removing the files, registry entries, and shortcuts, and adding your custom component to the list of programs that can be uninstalled from **Uninstall or change a program**.
-
-**To uninstall your custom components**
-
-1. Open the Registry Editor and add a new key and value to:
`HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\app-name,"DisplayName",,"description"`
-Where *description* is the string that’s shown in the **Uninstall or change a program** box.
-
-2. Add another new key and value to:
`HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\app-name,"UninstallString”",,"command-line"`
-Where *command-line* is the command that’s run when the component is picked from the **Uninstall or change a program** box.
-
-Your uninstall script must also remove your key from under the **Uninstall** registry key, so that your component no longer appears in the **Uninstall or change a program** after uninstallation. You can also run just a section of an .inf file by using the Setupx.dll InstallHinfSection entry point. To make this work, your installation script must copy the .inf file to the Windows\Inf folder for your custom component.
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Use Setup information (.inf) files to uninstall custom components from your custom browser packages.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 8257aa41-58de-4339-81dd-9f2ffcc10a08
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use Setup information (.inf) files to uninstall custom components (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use uninstallation .INF files to uninstall custom components
+The Internet Explorer Administration Kit 11 (IEAK 11) uses Setup information (.inf) files to provide installation instructions for your custom browser packages. You can also use this file to uninstall your custom components by removing the files, registry entries, and shortcuts, and adding your custom component to the list of programs that can be uninstalled from **Uninstall or change a program**.
+
+**To uninstall your custom components**
+
+1. Open the Registry Editor and add a new key and value to:
`HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\app-name,"DisplayName",,"description"`
+Where *description* is the string that’s shown in the **Uninstall or change a program** box.
+
+2. Add another new key and value to:
`HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\app-name,"UninstallString”",,"command-line"`
+Where *command-line* is the command that’s run when the component is picked from the **Uninstall or change a program** box.
+
+Your uninstall script must also remove your key from under the **Uninstall** registry key, so that your component no longer appears in the **Uninstall or change a program** after uninstallation. You can also run just a section of an .inf file by using the Setupx.dll InstallHinfSection entry point. To make this work, your installation script must copy the .inf file to the Windows\Inf folder for your custom component.
+
diff --git a/browsers/internet-explorer/ie11-ieak/custom-components-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/custom-components-ieak11-wizard.md
index faf527ba94..571b73d327 100644
--- a/browsers/internet-explorer/ie11-ieak/custom-components-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/custom-components-ieak11-wizard.md
@@ -1,60 +1,61 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Custom Components page in the IEAK 11 Customization Wizard to add additional components for your employees to install with IE.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 38a2b90f-c324-4dc8-ad30-8cd3e3e901d7
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Custom Components page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Custom Components page in the IEAK 11 Wizard
-The **Custom Components** page of the Internet Explorer Customization Wizard 11 lets you add up to 10 additional components that your employees can install at the same time they install IE. These components can be created by Microsoft or your organization as either compressed cabinet (.cab) or self-extracting executable (.exe) files. If you’re using Microsoft components, make sure you have the latest version and software patches from the [Microsoft Support](https://go.microsoft.com/fwlink/p/?LinkId=258658) site. To include Microsoft Update components, you must bundle the associated files into a custom component.
-
-**Important**
You should sign any custom code that’s being downloaded over the Internet. The default settings of Internet Explorer 11 will automatically reject any unsigned code. For more info about digitally signing custom components, see [Security features and IEAK 11](security-and-ieak11.md).
-
-**To use the Custom Component page**
-
-1. Click **Add**.
-The **Add a Custom Component** box appears.
-
-2. Type in the name of your component and then browse to the location of your file (either .cab or .exe).
-
-3. Pick when to install the component. This can be before IE, after IE, or after the computer restarts.
-**Important**
You should install your component before IE if you need to run a batch file to configure your employee settings. You should install your component after IE if you plan to install software updates.
-
-4. Check the **Only install if IE is installed successfully** box if your component should only install if IE installs successfully. For example, if you’re installing a security update that requires IE.
-
-5. If your component is a .cab file, you must provide the extraction command into the **Command** box.
-
-6. If your component has its own globally unique identifier (GUID), replace the value in the **GUID** box. Otherwise, keep the automatically generated GUID.
-
-7. Describe your component using up to 511 characters in the **Description** box.
-
-8. Type any command-line options that need to run while installing your component into the **Parameters** box. For example, if you want your component to install silently, without prompts. For more info about using options, see [IExpress command-line options](iexpress-command-line-options.md).
-
-9. Type the value that Microsoft Update Setup uses to check that the component installed successfully into the **Uninstall Key** box. This check is done by comparing your value to the value in the `HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ApplicationName` key.
-
-10. Type a numeric serial number for your component into the **Version** box, using this format: *xxxx*, *xxxxxx*, *xxxx*, *xxxx*.
-
-11. Click **Add**.
-The boxes clear and you can add another component. Click **Cancel** to go back to the **Custom Components** page.
-
-12. Click **Edit** to change your custom component information, **Verify** to make sure the component is digitally signed, or **Remove** to delete the component from your custom installation package.
-
-13. Click **Next** to go to the [Internal Install](internal-install-ieak11-wizard.md) page or **Back** to go to the [Automatic Version Synchronization](auto-version-sync-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Custom Components page in the IEAK 11 Customization Wizard to add additional components for your employees to install with IE.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 38a2b90f-c324-4dc8-ad30-8cd3e3e901d7
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Custom Components page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Custom Components page in the IEAK 11 Wizard
+The **Custom Components** page of the Internet Explorer Customization Wizard 11 lets you add up to 10 additional components that your employees can install at the same time they install IE. These components can be created by Microsoft or your organization as either compressed cabinet (.cab) or self-extracting executable (.exe) files. If you’re using Microsoft components, make sure you have the latest version and software patches from the [Microsoft Support](https://go.microsoft.com/fwlink/p/?LinkId=258658) site. To include Microsoft Update components, you must bundle the associated files into a custom component.
+
+**Important**
You should sign any custom code that’s being downloaded over the Internet. The default settings of Internet Explorer 11 will automatically reject any unsigned code. For more info about digitally signing custom components, see [Security features and IEAK 11](security-and-ieak11.md).
+
+**To use the Custom Component page**
+
+1. Click **Add**.
+The **Add a Custom Component** box appears.
+
+2. Type in the name of your component and then browse to the location of your file (either .cab or .exe).
+
+3. Pick when to install the component. This can be before IE, after IE, or after the computer restarts.
+**Important**
You should install your component before IE if you need to run a batch file to configure your employee settings. You should install your component after IE if you plan to install software updates.
+
+4. Check the **Only install if IE is installed successfully** box if your component should only install if IE installs successfully. For example, if you’re installing a security update that requires IE.
+
+5. If your component is a .cab file, you must provide the extraction command into the **Command** box.
+
+6. If your component has its own globally unique identifier (GUID), replace the value in the **GUID** box. Otherwise, keep the automatically generated GUID.
+
+7. Describe your component using up to 511 characters in the **Description** box.
+
+8. Type any command-line options that need to run while installing your component into the **Parameters** box. For example, if you want your component to install silently, without prompts. For more info about using options, see [IExpress command-line options](iexpress-command-line-options.md).
+
+9. Type the value that Microsoft Update Setup uses to check that the component installed successfully into the **Uninstall Key** box. This check is done by comparing your value to the value in the `HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ApplicationName` key.
+
+10. Type a numeric serial number for your component into the **Version** box, using this format: *xxxx*, *xxxxxx*, *xxxx*, *xxxx*.
+
+11. Click **Add**.
+The boxes clear and you can add another component. Click **Cancel** to go back to the **Custom Components** page.
+
+12. Click **Edit** to change your custom component information, **Verify** to make sure the component is digitally signed, or **Remove** to delete the component from your custom installation package.
+
+13. Click **Next** to go to the [Internal Install](internal-install-ieak11-wizard.md) page or **Back** to go to the [Automatic Version Synchronization](auto-version-sync-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/custombranding-ins-file-setting.md b/browsers/internet-explorer/ie11-ieak/custombranding-ins-file-setting.md
index b40640dffa..e7469fa864 100644
--- a/browsers/internet-explorer/ie11-ieak/custombranding-ins-file-setting.md
+++ b/browsers/internet-explorer/ie11-ieak/custombranding-ins-file-setting.md
@@ -1,24 +1,25 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: plan
-description: Use the \[CustomBranding\] .INS file setting to specify the location of your branding cabinet (.cab) file.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 9c74e239-65c5-4aa5-812f-e0ed80c5c2b0
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the CustomBranding .INS file to create custom branding and setup info (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the CustomBranding .INS file to create custom branding and setup info
-Provide the URL to your branding cabinet (.cab) file.
-
-
-| Name | Value | Description |
-|----------|------------------|------------------------------------------------------------------------------------------------------------------------|
-| Branding | `` | The location of your branding cabinet (.cab) file. For example, https://www.<your_server>.net/cabs/branding.cab. |
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: plan
+description: Use the \[CustomBranding\] .INS file setting to specify the location of your branding cabinet (.cab) file.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 9c74e239-65c5-4aa5-812f-e0ed80c5c2b0
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the CustomBranding .INS file to create custom branding and setup info (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the CustomBranding .INS file to create custom branding and setup info
+Provide the URL to your branding cabinet (.cab) file.
+
+
+| Name | Value | Description |
+|----------|------------------|------------------------------------------------------------------------------------------------------------------------|
+| Branding | `` | The location of your branding cabinet (.cab) file. For example, https://www.<your_server>.net/cabs/branding.cab. |
+
diff --git a/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md b/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md
index 5f3eac4aaa..3c0af97192 100644
--- a/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md
+++ b/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md
@@ -1,103 +1,104 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: manage
-description: Customize Automatic Search in Internet Explorer so that your employees can type a single word into the Address box to search for frequently used pages.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 694e2f92-5e08-49dc-b83f-677d61fa918a
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Customize Automatic Search using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Customize Automatic Search for Internet Explorer using IEAK 11
-Internet Explorer lets websites advertise any search provider that uses the open search standard described at the A9 website ( [OpenSearch 1.1 Draft 5](https://go.microsoft.com/fwlink/p/?LinkId=208582)). When IE detects new search providers, the **Search** box becomes active and adds the new providers to the drop-down list of providers.
-
-Using the **Administrative Templates** section of Group Policy, you can prevent the search box from appearing, you can add a list of acceptable search providers, or you can restrict your employee’s ability to add or remove search providers.
-
-## Automatic Search Configuration
-You can customize Automatic Search so that your employees can type a single word into the **Address** box to search for frequently used pages. For example, you can let a commonly used webpage about invoices appear if an employee types *invoice* into the **Address** box, even if the URL doesn’t include the term. If a website can’t be associated with the term, or if there are multiple matches, a webpage appears showing the top search results.
-
-**To set up Automatic Search**
-
-1. Create a script (.asp) file that conditionally looks for search terms, and post it to an intranet server here: https://ieautosearch/response.asp?MT=%1&srch=%2.
- For info about the acceptable values for the *%1* and *%2* parameters, see the [Automatic Search parameters](#automatic-search-parameters). For an example of the script file, see the [Sample Automatic Search script](#sample-automatic-search-script).
- **Important**
If you aren’t using IIS in your company, you’ll need to remap this URL to your script file’s location.
-
-2. On the **Additional Settings** page of the IEAK 11, click **Internet Settings**, and then click **Advanced Settings**.
-
-3. Go to the section labeled **Searching** and type *intranet* into the **Search Provider Keyword** box.
-
-**To redirect to a different site than the one provided by the search results**
-
-- In the **Advanced Settings** section, go to the section labeled **Searching** and change the **When searching from the address bar** setting to **Just go to the most likely site**.
-
-**To disable Automatic Search**
-
-- In the **Advanced Settings** section, go to the section labeled **Searching** and change the **When searching from the address bar** setting to **Do not search from the address bar**.
-
-### Automatic Search parameters
-You must replace the Automatic Search script file parameters, *%1* and *%2* so they’re part of the actual URL.
-
-|Parameter |Value |
-|----------|--------------------------------------------------------|
-|1% |The text string typed by an employee into the **Address** bar. |
-|2% |The type of search chosen by an employee. This can include:
- **3.** Display the results and go to the most likely site.
- **2.** Go to the most likely site.
- **1.** Display the results in the main window.
- **0.** Don't search from the **Address** box.
|
-
-### Sample Automatic Search script
-This is a VBScript-based sample of an .asp Automatic Search script.
-
-```
-<%@ Language=VBScript %>
-<%
-' search holds the words typed in the Address bar
-' by the user, without the "go" or
-' "find" or any delimiters like
-' "+" for spaces.
-' If the user typed
-' "Apple pie," search = "Apple pie."
-' If the user typed
-' "find Apple pie," search = "Apple pie."
-
-search = Request.QueryString("MT")
-search = UCase(search)
-searchOption = Request.QueryString("srch")
-
-' This is a simple if/then/else
-' to redirect the browser to the site
-' of your choice based on what the
-' user typed.
-' Example: expense report is an intranet page
-' about filling out an expense report
-
-if (search = "NEW HIRE") then
-Response.Redirect("https://admin/hr/newhireforms.htm")
-elseif (search = "LIBRARY CATALOG") then
-Response.Redirect("https://library/catalog")
-elseif (search = "EXPENSE REPORT") then
-Response.Redirect("https://expense")
-elseif (search = "LUNCH MENU") then
-Response.Redirect("https://cafe/menu/")
-else
-
-' If there is not a match, use the
-' default IE autosearch server
-Response.Redirect("https://auto.search.msn.com/response.asp?MT="
-+ search + "&srch=" + searchOption +
-"&prov=&utf8")
-end if
-%>
-```
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: manage
+description: Customize Automatic Search in Internet Explorer so that your employees can type a single word into the Address box to search for frequently used pages.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 694e2f92-5e08-49dc-b83f-677d61fa918a
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Customize Automatic Search using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Customize Automatic Search for Internet Explorer using IEAK 11
+Internet Explorer lets websites advertise any search provider that uses the open search standard described at the A9 website ( [OpenSearch 1.1 Draft 5](https://go.microsoft.com/fwlink/p/?LinkId=208582)). When IE detects new search providers, the **Search** box becomes active and adds the new providers to the drop-down list of providers.
+
+Using the **Administrative Templates** section of Group Policy, you can prevent the search box from appearing, you can add a list of acceptable search providers, or you can restrict your employee’s ability to add or remove search providers.
+
+## Automatic Search Configuration
+You can customize Automatic Search so that your employees can type a single word into the **Address** box to search for frequently used pages. For example, you can let a commonly used webpage about invoices appear if an employee types *invoice* into the **Address** box, even if the URL doesn’t include the term. If a website can’t be associated with the term, or if there are multiple matches, a webpage appears showing the top search results.
+
+**To set up Automatic Search**
+
+1. Create a script (.asp) file that conditionally looks for search terms, and post it to an intranet server here: https://ieautosearch/response.asp?MT=%1&srch=%2.
+ For info about the acceptable values for the *%1* and *%2* parameters, see the [Automatic Search parameters](#automatic-search-parameters). For an example of the script file, see the [Sample Automatic Search script](#sample-automatic-search-script).
+ **Important**
If you aren’t using IIS in your company, you’ll need to remap this URL to your script file’s location.
+
+2. On the **Additional Settings** page of the IEAK 11, click **Internet Settings**, and then click **Advanced Settings**.
+
+3. Go to the section labeled **Searching** and type *intranet* into the **Search Provider Keyword** box.
+
+**To redirect to a different site than the one provided by the search results**
+
+- In the **Advanced Settings** section, go to the section labeled **Searching** and change the **When searching from the address bar** setting to **Just go to the most likely site**.
+
+**To disable Automatic Search**
+
+- In the **Advanced Settings** section, go to the section labeled **Searching** and change the **When searching from the address bar** setting to **Do not search from the address bar**.
+
+### Automatic Search parameters
+You must replace the Automatic Search script file parameters, *%1* and *%2* so they’re part of the actual URL.
+
+|Parameter |Value |
+|----------|--------------------------------------------------------|
+|1% |The text string typed by an employee into the **Address** bar. |
+|2% |The type of search chosen by an employee. This can include:
- **3.** Display the results and go to the most likely site.
- **2.** Go to the most likely site.
- **1.** Display the results in the main window.
- **0.** Don't search from the **Address** box.
|
+
+### Sample Automatic Search script
+This is a VBScript-based sample of an .asp Automatic Search script.
+
+```
+<%@ Language=VBScript %>
+<%
+' search holds the words typed in the Address bar
+' by the user, without the "go" or
+' "find" or any delimiters like
+' "+" for spaces.
+' If the user typed
+' "Apple pie," search = "Apple pie."
+' If the user typed
+' "find Apple pie," search = "Apple pie."
+
+search = Request.QueryString("MT")
+search = UCase(search)
+searchOption = Request.QueryString("srch")
+
+' This is a simple if/then/else
+' to redirect the browser to the site
+' of your choice based on what the
+' user typed.
+' Example: expense report is an intranet page
+' about filling out an expense report
+
+if (search = "NEW HIRE") then
+Response.Redirect("https://admin/hr/newhireforms.htm")
+elseif (search = "LIBRARY CATALOG") then
+Response.Redirect("https://library/catalog")
+elseif (search = "EXPENSE REPORT") then
+Response.Redirect("https://expense")
+elseif (search = "LUNCH MENU") then
+Response.Redirect("https://cafe/menu/")
+else
+
+' If there is not a match, use the
+' default IE autosearch server
+Response.Redirect("https://auto.search.msn.com/response.asp?MT="
++ search + "&srch=" + searchOption +
+"&prov=&utf8")
+end if
+%>
+```
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/extreginf-ins-file-setting.md b/browsers/internet-explorer/ie11-ieak/extreginf-ins-file-setting.md
index d3bee115a5..06e8d6c3f3 100644
--- a/browsers/internet-explorer/ie11-ieak/extreginf-ins-file-setting.md
+++ b/browsers/internet-explorer/ie11-ieak/extreginf-ins-file-setting.md
@@ -1,28 +1,29 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Use the \[ExtRegInf\] .INS file setting to specify your Setup information (.inf) files and the installation mode for your custom components.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 53148422-d784-44dc-811d-ef814b86a4c6
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the ExtRegInf .INS file to specify your installation files and mode (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the ExtRegInf .INS file to specify installation files and mode
-Info about how to specify your Setup information (.inf) files and the installation mode for your custom components.
-
-|Name |Value |Description |
-|-----------|---------|------------------------------------------------------------------------------------------------------------------|
-|Chat |*string* |The name of the .inf file and the install mode for components. For example, *,chat.inf,DefaultInstall. |
-|Conf |*string* |The name of the .inf file and the install mode for components. For example, *,conf.inf,DefaultInstall. |
-|Inetres |*string* |The name of the .inf file and the install mode for components. For example, *,inetres.inf,DefaultInstall. |
-|Inetset |*string* |The name of the .inf file and the install mode for components. For example, *,inetset.inf,DefaultInstall. |
-|Subs |*string* |The name of the .inf file and the install mode for components. For example, *,subs.inf,DefaultInstall. |
-|ConnectionSettings |*string* |The name of the .inf file and the install mode for components. For example, *,connect.inf,DefaultInstall. |
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Use the \[ExtRegInf\] .INS file setting to specify your Setup information (.inf) files and the installation mode for your custom components.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 53148422-d784-44dc-811d-ef814b86a4c6
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the ExtRegInf .INS file to specify your installation files and mode (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the ExtRegInf .INS file to specify installation files and mode
+Info about how to specify your Setup information (.inf) files and the installation mode for your custom components.
+
+|Name |Value |Description |
+|-----------|---------|------------------------------------------------------------------------------------------------------------------|
+|Chat |*string* |The name of the .inf file and the install mode for components. For example, *,chat.inf,DefaultInstall. |
+|Conf |*string* |The name of the .inf file and the install mode for components. For example, *,conf.inf,DefaultInstall. |
+|Inetres |*string* |The name of the .inf file and the install mode for components. For example, *,inetres.inf,DefaultInstall. |
+|Inetset |*string* |The name of the .inf file and the install mode for components. For example, *,inetset.inf,DefaultInstall. |
+|Subs |*string* |The name of the .inf file and the install mode for components. For example, *,subs.inf,DefaultInstall. |
+|ConnectionSettings |*string* |The name of the .inf file and the install mode for components. For example, *,connect.inf,DefaultInstall. |
+
diff --git a/browsers/internet-explorer/ie11-ieak/favorites-favoritesbar-and-feeds-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/favorites-favoritesbar-and-feeds-ieak11-wizard.md
index e077a6fbed..47bf04d6e2 100644
--- a/browsers/internet-explorer/ie11-ieak/favorites-favoritesbar-and-feeds-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/favorites-favoritesbar-and-feeds-ieak11-wizard.md
@@ -1,109 +1,110 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Favorites, Favorites Bar, and Feeds page in IEAK 11 Customization Wizard to add links, web slices, and feeds to your custom browser package.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 84afa831-5642-4b8f-b7df-212a53ec8fc7
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Favorites, Favorites Bar, and Feeds page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Favorites, Favorites Bar, and Feeds page in the IEAK 11 Wizard
-The **Favorites, Favorites Bar, and Feeds** page of the Internet Explorer Administration Kit (IEAK 11) Customization Wizard lets you add:
-
-- **Links.** Used so your employees can quickly connect with your important websites. These links can appear in the **Links** folder or on the **Favorites Bar**.
-
-- **Web Slices.** Used so your employees can subscribe to a section of a webpage, tracking information as it changes, such as for weather reports, stock prices, or the progress of an auction item.
-
-- **Feeds.** Used so your employees can quickly access your recommended RSS feeds. While you can’t import a folder of RSS feeds, you can add new links.
-
-Although we provide default items in the **Favorites, Favorites Bar, and Feeds** area, you can remove any of the items, add more items, or add new folders and links as part of your custom package. The customizations you make on this page only apply to Internet Explorer for the desktop.
-
-**To work with Favorites**
-
-1. To import your existing folder of links, pick **Favorites**, and then click **Import**.
-
-2. Go to your existing link folder, most likely in the `\Users\\Favorites` folder, and then click **OK**.
-The links are imported and added to the **Favorites, Favorites Bar, and Feeds** page, beneath the **Favorites** folder.
-
-3. To add a new favorite link, pick **Favorites**, and then click **Add URL**.
-The **Details** box appears.
-
-4. Type the new link name in the **Name** box.
-
-5. Type the new URL in the **URL** box.
-
-6. Optionally, you can add a 16x16 pixel icon to your link by adding the location in the **Icon** box.
-
-7. Click **OK**.
-
-8. To add a new **Favorites** folder, pick **Favorites**, and then click **Add Folder**.
-The **Details** box appears.
-
-9. Type the folder name into the **Name** box, and then click **OK**.
-
-10. Click **Edit** to change any of your new information, **Test URL** to test each of your links to make sure they go to the right place, or **Remove** to delete a **Favorites** item.
-
-11. If you have multiple **Favorites** links, you can update their order in the list. Check the **Add to the top of the list** box, click the link you want to move, and then click **Move Up** or **Move Down**.
-
-12. Check the **Disable IE Suggested Sites** box to disable the Suggested Sites feature. By turning this on, your employees won’t receive suggested sites based on the sites that they visit.
-
-13. Continue with the next procedures in this topic to add additional **Favorites Bar** or **RSS Feeds** links, or you can click **Next** to go to the [Browsing Options](browsing-options-ieak11-wizard.md) page or **Back** to go to the [Accelerators](accelerators-ieak11-wizard.md) page.
-
-**To work with the Favorites Bar**
-
-1. To import your existing folder of links, pick **Favorites Bar**, and then click **Import**.
-
-2. Go to your existing link folder, most likely in the `\Users\\Favorites\Favorites Bar` folder, and then click **OK**.
-The links are imported and added to the **Favorites, Favorites Bar, and Feeds** page, beneath the **Favorites Bar** folder.
-
-3. To add a new link to the **Favorites Bar**, pick **Favorites Bar**, and then click **Add URL**.
-The **Details** box appears.
-
-4. Type the new quick link name in the **Name** box.
-
-5. Type the new URL in the **URL** box.
-
-6. Optionally, you can add a 16x16 pixel icon to your link by adding the location in the **Icon** box.
-
-7. Pick whether your link is a simple **Link**, a **Feed**, or a **Web Slice**, and then click **OK**.
-
-8. Click **Edit** to change any of your new information, **Test URL** to test each of your links to make sure they go to the right place, or **Remove** to delete a **Favorites Bar** item.
-
-9. If you have multiple **Favorites Bar** links, you can update their order in the list. Check the **Add to the top of the list** box, click the link you want to move, and then click **Move Up** or **Move Down**.
-
-10. Check the **Disable IE Suggested Sites** box to disable the Suggested Sites feature. By turning this on, your employees won’t receive suggested sites based on the sites that they visit.
-
-11. Continue with the next procedures in this topic to add additional **Favorites** or **RSS Feeds** links, or you can click **Next** to go to the [Browsing Options](browsing-options-ieak11-wizard.md) page or **Back** to go to the [Accelerators](accelerators-ieak11-wizard.md) page.
-
-**To work with RSS Feeds**
-
-1. To add a new link to the **RSS Feeds**, pick **Favorites Bar**, and then click **Add URL**.
-The **Details** box appears.
-
-2. Type the new link name in the **Name** box.
-
-3. Type the new URL in the **URL** box, and then click **OK**.
-
-4. Click **Edit** to change any of your new information, **Test URL** to test each of your links to make sure they go to the right place, or **Remove** to delete a **RSS Feeds** item.
-
-5. If you have multiple **RSS Feeds** links, you can update their order in the list. Check the **Add to the top of the list** box, click the link you want to move, and then click **Move Up** or **Move Down**.
-
-6. Check the **Disable IE Suggested Sites** box to disable the Suggested Sites feature. By turning this on, your employees won’t receive suggested sites based on the sites that they visit.
-
-7. Continue with the next procedures in this topic to add additional **Favorites** or **Favorites Bar** links, or you can click **Next** to go to the [Browsing Options](browsing-options-ieak11-wizard.md) page or **Back** to go to the [Accelerators](accelerators-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Favorites, Favorites Bar, and Feeds page in IEAK 11 Customization Wizard to add links, web slices, and feeds to your custom browser package.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 84afa831-5642-4b8f-b7df-212a53ec8fc7
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Favorites, Favorites Bar, and Feeds page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Favorites, Favorites Bar, and Feeds page in the IEAK 11 Wizard
+The **Favorites, Favorites Bar, and Feeds** page of the Internet Explorer Administration Kit (IEAK 11) Customization Wizard lets you add:
+
+- **Links.** Used so your employees can quickly connect with your important websites. These links can appear in the **Links** folder or on the **Favorites Bar**.
+
+- **Web Slices.** Used so your employees can subscribe to a section of a webpage, tracking information as it changes, such as for weather reports, stock prices, or the progress of an auction item.
+
+- **Feeds.** Used so your employees can quickly access your recommended RSS feeds. While you can’t import a folder of RSS feeds, you can add new links.
+
+Although we provide default items in the **Favorites, Favorites Bar, and Feeds** area, you can remove any of the items, add more items, or add new folders and links as part of your custom package. The customizations you make on this page only apply to Internet Explorer for the desktop.
+
+**To work with Favorites**
+
+1. To import your existing folder of links, pick **Favorites**, and then click **Import**.
+
+2. Go to your existing link folder, most likely in the `\Users\\Favorites` folder, and then click **OK**.
+The links are imported and added to the **Favorites, Favorites Bar, and Feeds** page, beneath the **Favorites** folder.
+
+3. To add a new favorite link, pick **Favorites**, and then click **Add URL**.
+The **Details** box appears.
+
+4. Type the new link name in the **Name** box.
+
+5. Type the new URL in the **URL** box.
+
+6. Optionally, you can add a 16x16 pixel icon to your link by adding the location in the **Icon** box.
+
+7. Click **OK**.
+
+8. To add a new **Favorites** folder, pick **Favorites**, and then click **Add Folder**.
+The **Details** box appears.
+
+9. Type the folder name into the **Name** box, and then click **OK**.
+
+10. Click **Edit** to change any of your new information, **Test URL** to test each of your links to make sure they go to the right place, or **Remove** to delete a **Favorites** item.
+
+11. If you have multiple **Favorites** links, you can update their order in the list. Check the **Add to the top of the list** box, click the link you want to move, and then click **Move Up** or **Move Down**.
+
+12. Check the **Disable IE Suggested Sites** box to disable the Suggested Sites feature. By turning this on, your employees won’t receive suggested sites based on the sites that they visit.
+
+13. Continue with the next procedures in this topic to add additional **Favorites Bar** or **RSS Feeds** links, or you can click **Next** to go to the [Browsing Options](browsing-options-ieak11-wizard.md) page or **Back** to go to the [Accelerators](accelerators-ieak11-wizard.md) page.
+
+**To work with the Favorites Bar**
+
+1. To import your existing folder of links, pick **Favorites Bar**, and then click **Import**.
+
+2. Go to your existing link folder, most likely in the `\Users\\Favorites\Favorites Bar` folder, and then click **OK**.
+The links are imported and added to the **Favorites, Favorites Bar, and Feeds** page, beneath the **Favorites Bar** folder.
+
+3. To add a new link to the **Favorites Bar**, pick **Favorites Bar**, and then click **Add URL**.
+The **Details** box appears.
+
+4. Type the new quick link name in the **Name** box.
+
+5. Type the new URL in the **URL** box.
+
+6. Optionally, you can add a 16x16 pixel icon to your link by adding the location in the **Icon** box.
+
+7. Pick whether your link is a simple **Link**, a **Feed**, or a **Web Slice**, and then click **OK**.
+
+8. Click **Edit** to change any of your new information, **Test URL** to test each of your links to make sure they go to the right place, or **Remove** to delete a **Favorites Bar** item.
+
+9. If you have multiple **Favorites Bar** links, you can update their order in the list. Check the **Add to the top of the list** box, click the link you want to move, and then click **Move Up** or **Move Down**.
+
+10. Check the **Disable IE Suggested Sites** box to disable the Suggested Sites feature. By turning this on, your employees won’t receive suggested sites based on the sites that they visit.
+
+11. Continue with the next procedures in this topic to add additional **Favorites** or **RSS Feeds** links, or you can click **Next** to go to the [Browsing Options](browsing-options-ieak11-wizard.md) page or **Back** to go to the [Accelerators](accelerators-ieak11-wizard.md) page.
+
+**To work with RSS Feeds**
+
+1. To add a new link to the **RSS Feeds**, pick **Favorites Bar**, and then click **Add URL**.
+The **Details** box appears.
+
+2. Type the new link name in the **Name** box.
+
+3. Type the new URL in the **URL** box, and then click **OK**.
+
+4. Click **Edit** to change any of your new information, **Test URL** to test each of your links to make sure they go to the right place, or **Remove** to delete a **RSS Feeds** item.
+
+5. If you have multiple **RSS Feeds** links, you can update their order in the list. Check the **Add to the top of the list** box, click the link you want to move, and then click **Move Up** or **Move Down**.
+
+6. Check the **Disable IE Suggested Sites** box to disable the Suggested Sites feature. By turning this on, your employees won’t receive suggested sites based on the sites that they visit.
+
+7. Continue with the next procedures in this topic to add additional **Favorites** or **Favorites Bar** links, or you can click **Next** to go to the [Browsing Options](browsing-options-ieak11-wizard.md) page or **Back** to go to the [Accelerators](accelerators-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/favoritesex-ins-file-setting.md b/browsers/internet-explorer/ie11-ieak/favoritesex-ins-file-setting.md
index cd9cbf7a91..694b8d994d 100644
--- a/browsers/internet-explorer/ie11-ieak/favoritesex-ins-file-setting.md
+++ b/browsers/internet-explorer/ie11-ieak/favoritesex-ins-file-setting.md
@@ -1,26 +1,27 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Use the \[FavoritesEx\] .INS file setting to specify your Favorites icon file, whether Favorites is available offline, and your Favorites URLs.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 55de376a-d442-478e-8978-3b064407b631
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the FavoritesEx .INS file for your Favorites icon and URLs (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the FavoritesEx .INS file for your Favorites icon and URLs
-Info about where you store your **Favorites** icon file, whether your **Favorites** are available offline, and the URLs for each **Favorites** site.
-
-|Name |Value |Description |
-|----------------|-----------------------|--------------------------------------------------------------------------|
-|IconFile1 |`` |An icon (.ico file) that represents the **Favorites** item you’re adding. |
-|Offline1 |- **0.** Makes the **Favorites** item unavailable for offline browsing.
- **1.** Makes the **Favorites** item available for offline browsing.
|Determines if the **Favorites** item is available for offline browsing. |
-|Title1 |`` |Title for the **Favorites** item. |
-|Url1 |`` |URL to the **Favorites** item. |
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Use the \[FavoritesEx\] .INS file setting to specify your Favorites icon file, whether Favorites is available offline, and your Favorites URLs.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 55de376a-d442-478e-8978-3b064407b631
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the FavoritesEx .INS file for your Favorites icon and URLs (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the FavoritesEx .INS file for your Favorites icon and URLs
+Info about where you store your **Favorites** icon file, whether your **Favorites** are available offline, and the URLs for each **Favorites** site.
+
+|Name |Value |Description |
+|----------------|-----------------------|--------------------------------------------------------------------------|
+|IconFile1 |`` |An icon (.ico file) that represents the **Favorites** item you’re adding. |
+|Offline1 |- **0.** Makes the **Favorites** item unavailable for offline browsing.
- **1.** Makes the **Favorites** item available for offline browsing.
|Determines if the **Favorites** item is available for offline browsing. |
+|Title1 |`` |Title for the **Favorites** item. |
+|Url1 |`` |URL to the **Favorites** item. |
+
diff --git a/browsers/internet-explorer/ie11-ieak/feature-selection-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/feature-selection-ieak11-wizard.md
index 78294cd509..b27bc3273a 100644
--- a/browsers/internet-explorer/ie11-ieak/feature-selection-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/feature-selection-ieak11-wizard.md
@@ -1,64 +1,64 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Feature Selection page in the IEAK 11 Customization Wizard to choose which parts of the setup processes and Internet Explorer 11 to change for your company.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 9cb8324e-d73b-41ba-ade9-3acc796e21d8
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Feature Selection page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Feature Selection page in the IEAK 11 Wizard
-The **Feature Selection** page of the Internet Explorer Customization Wizard 11 lets you choose which parts of the setup processes and Internet Explorer 11 to change for your company, including:
-
-- **Setup Customizations.** Lets you add custom components, decide which components to install, provide your download site information, and modify the Setup title bar and graphics.
-
-- **Internal Install.** Lets you decide to install the latest updates, run the malicious Software Removal Tool, and set IE11 as the default browser.
-
-- **Connection Manager.** Lets you import your Connection Manager Profiles, created by the Connection Manager Administration Kit (CMAK).
-
-- **Browser User Interface.** Lets you change the toolbar buttons, the title bar, and the general look of the browser.
-
-- **Search Providers.** Lets you add, remove, and pick a new default search provider for IE11.
-
-- **Important URLs – Home Page and Support.** Lets you choose multiple **Home** pages that open in different tabs in IE. You can also use this page to change the **Welcome** and **Online Support** pages.
-
-- **Accelerators.** Lets you import, add, edit, or remove Accelerators, the contextual services that give you quick access to external services from any webpage.
-
-- **Favorites, Favorites Bar, and Feeds.** Lets you pick which favorites, web slices, and feeds are installed with your custom installation package.
-
-- **Browsing Options.** Lets you pick how you delete items in the Favorites, Favorites Bar, and Feeds folders, and whether to add the Microsoft default items.
-
-- **Compatibility View.** Lets you decide whether IE renders content using compatibility mode or standards mode.
-
-- **Connections Customization.** Lets you set up and deploy custom connections.
-
-- **Security Zones and Content Ratings.** Lets you control what your employees can view and what’s downloaded to their computer.
-
-- **Programs.** Lets you pick the default program that’s used automatically by email, HTML, newsgroups, Internet calls, calendars, and contact lists.
-
-- **Additional Settings.** Lets you pre-set and lockdown specific functionality on your employee’s computer.
-
-**Note**
Your choices on this page determine what wizard pages appear.
-
-**To use the Feature Selection page**
-
-1. Check the box next to each feature you want to include in your custom installation package.
-You can also click **Select All** to add, or **Clear All** to remove, all of the features.
-
-2. Click **Next** to go to the [Automatic Version Synchronization](auto-version-sync-ieak11-wizard.md) page or **Back** to go to the [Package Type Selection](pkg-type-selection-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Feature Selection page in the IEAK 11 Customization Wizard to choose which parts of the setup processes and Internet Explorer 11 to change for your company.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 9cb8324e-d73b-41ba-ade9-3acc796e21d8
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Feature Selection page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+---
+
+
+# Use the Feature Selection page in the IEAK 11 Wizard
+The **Feature Selection** page of the Internet Explorer Customization Wizard 11 lets you choose which parts of the setup processes and Internet Explorer 11 to change for your company, including:
+
+- **Setup Customizations.** Lets you add custom components, decide which components to install, provide your download site information, and modify the Setup title bar and graphics.
+
+- **Internal Install.** Lets you decide to install the latest updates, run the malicious Software Removal Tool, and set IE11 as the default browser.
+
+- **Connection Manager.** Lets you import your Connection Manager Profiles, created by the Connection Manager Administration Kit (CMAK).
+
+- **Browser User Interface.** Lets you change the toolbar buttons, the title bar, and the general look of the browser.
+
+- **Search Providers.** Lets you add, remove, and pick a new default search provider for IE11.
+
+- **Important URLs – Home Page and Support.** Lets you choose multiple **Home** pages that open in different tabs in IE. You can also use this page to change the **Welcome** and **Online Support** pages.
+
+- **Accelerators.** Lets you import, add, edit, or remove Accelerators, the contextual services that give you quick access to external services from any webpage.
+
+- **Favorites, Favorites Bar, and Feeds.** Lets you pick which favorites, web slices, and feeds are installed with your custom installation package.
+
+- **Browsing Options.** Lets you pick how you delete items in the Favorites, Favorites Bar, and Feeds folders, and whether to add the Microsoft default items.
+
+- **Compatibility View.** Lets you decide whether IE renders content using compatibility mode or standards mode.
+
+- **Connections Customization.** Lets you set up and deploy custom connections.
+
+- **Security Zones and Content Ratings.** Lets you control what your employees can view and what’s downloaded to their computer.
+
+- **Programs.** Lets you pick the default program that’s used automatically by email, HTML, newsgroups, Internet calls, calendars, and contact lists.
+
+- **Additional Settings.** Lets you pre-set and lockdown specific functionality on your employee’s computer.
+
+**Note**
Your choices on this page determine what wizard pages appear.
+
+**To use the Feature Selection page**
+
+1. Check the box next to each feature you want to include in your custom installation package.
+You can also click **Select All** to add, or **Clear All** to remove, all of the features.
+
+2. Click **Next** to go to the [Automatic Version Synchronization](auto-version-sync-ieak11-wizard.md) page or **Back** to go to the [Package Type Selection](pkg-type-selection-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/file-locations-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/file-locations-ieak11-wizard.md
index 2fa0b58cc8..f3224c2055 100644
--- a/browsers/internet-explorer/ie11-ieak/file-locations-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/file-locations-ieak11-wizard.md
@@ -1,55 +1,56 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the File Locations page in the IEAK 11 Customization Wizard to change the location of your install package and IE11 folders.
-author: lomayor
-ms.prod: ie11
-ms.assetid: bd0620e1-0e07-4560-95ac-11888c2c389e
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the File Locations page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the File Locations page in the IEAK 11 Wizard
-The **File Locations** page of the Internet Explorer Customization Wizard 11 lets you change the location of your folders, including:
-
-- Where you’ll create and store your custom installation package.
-
-- Where you’ll download and store Internet Explorer 11.
-
-**Important**
-You can create a custom installation package on your hard drive and move it to an Internet or intranet server, or you can create it directly on a server. If you create the package on a web server that’s running from your hard drive, use the path to the web server as the destination folder location. Whatever location you choose, it must be protected by appropriate access control lists (ACLs). If the location is not protected, the custom package may be tampered with.
-
-**To use the File Locations page**
-
-1. Browse to the location where you’ll store your finished custom IE installation package and the related subfolders.
-**Note**
Subfolders are created for each language version, based on operating system and media type. For example, if your destination folder is `C:\Inetpub\Wwwroot\Cie\Dist`, then the English-language version is created as `C:\Inetpub\Wwwroot\Cie\Dist\Flat\Win32\En` subfolders.
-
-2. Click **Advanced Options**.
-The **Advanced Options** box opens and lets you change how the wizard downloads and gets files, and how it imports settings from your .ins file.
-
-3. Check the box letting IE Customization Wizard 11 look for the latest components, using Automatic Version Synchronization.
-This option lets the wizard connect to the IE **Downloads** page to look for updated versions of IE since you last ran the wizard.
-**Important**
-You must run Automatic Version Synchronization at least once to check for updated components.
-
-4. Browse to your .ins file location, and then click **Open**.
-By importing settings from an .ins file, you can re-use existing configurations. This saves you time if your packages have the same or similar settings.
-
-5. Browse to your component download folder.
-Automatic Version Synchronization automatically checks the component download folder to see if you have the latest version of IE. To keep this folder up-to-date, you shouldn’t change its location. However, if you want to keep both a previous version of IE and the latest version, we recommend you download the components to a different location.
-
-6. Click **OK** to close the **Advanced Options** box, and then click **Next** to go to the [Platform Selection](platform-selection-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the File Locations page in the IEAK 11 Customization Wizard to change the location of your install package and IE11 folders.
+author: dansimp
+ms.prod: ie11
+ms.assetid: bd0620e1-0e07-4560-95ac-11888c2c389e
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the File Locations page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the File Locations page in the IEAK 11 Wizard
+The **File Locations** page of the Internet Explorer Customization Wizard 11 lets you change the location of your folders, including:
+
+- Where you’ll create and store your custom installation package.
+
+- Where you’ll download and store Internet Explorer 11.
+
+**Important**
+You can create a custom installation package on your hard drive and move it to an Internet or intranet server, or you can create it directly on a server. If you create the package on a web server that’s running from your hard drive, use the path to the web server as the destination folder location. Whatever location you choose, it must be protected by appropriate access control lists (ACLs). If the location is not protected, the custom package may be tampered with.
+
+**To use the File Locations page**
+
+1. Browse to the location where you’ll store your finished custom IE installation package and the related subfolders.
+**Note**
Subfolders are created for each language version, based on operating system and media type. For example, if your destination folder is `C:\Inetpub\Wwwroot\Cie\Dist`, then the English-language version is created as `C:\Inetpub\Wwwroot\Cie\Dist\Flat\Win32\En` subfolders.
+
+2. Click **Advanced Options**.
+The **Advanced Options** box opens and lets you change how the wizard downloads and gets files, and how it imports settings from your .ins file.
+
+3. Check the box letting IE Customization Wizard 11 look for the latest components, using Automatic Version Synchronization.
+This option lets the wizard connect to the IE **Downloads** page to look for updated versions of IE since you last ran the wizard.
+**Important**
+You must run Automatic Version Synchronization at least once to check for updated components.
+
+4. Browse to your .ins file location, and then click **Open**.
+By importing settings from an .ins file, you can re-use existing configurations. This saves you time if your packages have the same or similar settings.
+
+5. Browse to your component download folder.
+Automatic Version Synchronization automatically checks the component download folder to see if you have the latest version of IE. To keep this folder up-to-date, you shouldn’t change its location. However, if you want to keep both a previous version of IE and the latest version, we recommend you download the components to a different location.
+
+6. Click **OK** to close the **Advanced Options** box, and then click **Next** to go to the [Platform Selection](platform-selection-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/file-types-ieak11.md b/browsers/internet-explorer/ie11-ieak/file-types-ieak11.md
index 5dd8eff9da..38703f9131 100644
--- a/browsers/internet-explorer/ie11-ieak/file-types-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/file-types-ieak11.md
@@ -1,37 +1,38 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: plan
-description: Review the file types that are created and used by tools in the Internet Explorer Administration Kit 11 (IEAK 11).
-author: lomayor
-ms.prod: ie11
-ms.assetid: e5735074-3e9b-4a00-b1a7-b8fd8baca327
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: File types used or created by IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# File types used or created by IEAK 11
-A list of the file types used or created by tools in IEAK 11:
-
-|File type |Description |
-|----------|-------------------------|
-|.adm | An admin file (located at `:\Program Files\Windows IEAK 11\policies`), used by Group Policy to define the system policies and restrictions for Windows. You can use the IEAK 11 to change these settings. |
-|.bat |An ASCII text file that contains a sequence of operating system commands, including the parameters and operators supported by the batch command language. When you run the batch file from a command prompt, the computer processes each command sequentially. |
-|.bmp, .gif, .jpeg, and .jpg |Image files you can use to customize your toolbar button and favorites list icons. For info, see the [Customize the Toolbar button and Favorites List icons using IEAK 11](guidelines-toolbar-and-favorites-list-ieak11.md) page. |
-|.cab |A compressed cabinet (.cab) file, created by the Internet Explorer Customization Wizard 11 to store your custom component files. We highly recommend that your .cab files be signed for security purposes. For more info, see the [Security features and IEAK 11](security-and-ieak11.md) page. |
-|.cif |A component info file (IESetup.cif), identifying the new or updated components you're going to install with Internet Explorer. Each component file has an associated *ComponentID* that's used by Windows Update Setup to determine whether a new component or an update exists. |
-|.cmp |Connection profile files that are created by the Connection Manager Administration Kit (CMAK). |
-|.cms |Service provider files, created by the CMAK tool to specify the configuration of the phone book and many of the other functions of your service profiles. |
-|.exe |Executable files that control the setup process, by installing the .cab files that install the custom browser package on your employee's devices. |
-|.inf |Setup information files that provide installation instructions for your custom browser packages. For more info, see the [Use the uninstallation .INF files to uninstall custom components](create-uninstall-inf-files-for-custom-components.md) page. |
-|.ins |Internet Settings files that specify how to configure your custom browser and its components. You can create multiple versions of your custom package by customizing copies of this file. For more info, see the [Using Internet Settings (.INS) files with IEAK 11](using-internet-settings-ins-files.md) page. |
-|.pac |Proxy auto-configuration script files that determine whether to connect directly to a host or to use a proxy server. For more info, see the [Use the Automatic Configuration page in the IEAK 11 Wizard](auto-config-ieak11-wizard.md) page. |
-|.js and .jvs |JScript and JavaScript files that let you configure and maintain your advanced proxy settings. For more info, see the [Use the Automatic Configuration page in the IEAK 11 Wizard](auto-config-ieak11-wizard.md) page. |
-|.pvk |A file format used by some certification authorities to store the private key of the digital certificate. The public part of the digital certificate is stored in an SPC file, while the private part is stored in the PVK file. For more info, see the **Understanding certificates** section of the [Security features and IEAK 11](security-and-ieak11.md) page. |
-|.sed |Connection profile files, created by the CMAK tool, including the instructions for building the self-extracting executable (.exe) file for your service profiles.**Important**
You must never edit a .sed file. |
-|.spc |The software publishing certificate file, which includes:
- The name and other identifying information of the owner of the certificate.
- The public key associated with the certificate.
- The serial number.
- The length of time the certificate is valid.
- The digital signature of the certification authority that issued the certificate.
|
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: plan
+description: Review the file types that are created and used by tools in the Internet Explorer Administration Kit 11 (IEAK 11).
+author: dansimp
+ms.prod: ie11
+ms.assetid: e5735074-3e9b-4a00-b1a7-b8fd8baca327
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: File types used or created by IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# File types used or created by IEAK 11
+A list of the file types used or created by tools in IEAK 11:
+
+|File type |Description |
+|----------|-------------------------|
+|.adm | An admin file (located at `:\Program Files\Windows IEAK 11\policies`), used by Group Policy to define the system policies and restrictions for Windows. You can use the IEAK 11 to change these settings. |
+|.bat |An ASCII text file that contains a sequence of operating system commands, including the parameters and operators supported by the batch command language. When you run the batch file from a command prompt, the computer processes each command sequentially. |
+|.bmp, .gif, .jpeg, and .jpg |Image files you can use to customize your toolbar button and favorites list icons. For info, see the [Customize the Toolbar button and Favorites List icons using IEAK 11](guidelines-toolbar-and-favorites-list-ieak11.md) page. |
+|.cab |A compressed cabinet (.cab) file, created by the Internet Explorer Customization Wizard 11 to store your custom component files. We highly recommend that your .cab files be signed for security purposes. For more info, see the [Security features and IEAK 11](security-and-ieak11.md) page. |
+|.cif |A component info file (IESetup.cif), identifying the new or updated components you're going to install with Internet Explorer. Each component file has an associated *ComponentID* that's used by Windows Update Setup to determine whether a new component or an update exists. |
+|.cmp |Connection profile files that are created by the Connection Manager Administration Kit (CMAK). |
+|.cms |Service provider files, created by the CMAK tool to specify the configuration of the phone book and many of the other functions of your service profiles. |
+|.exe |Executable files that control the setup process, by installing the .cab files that install the custom browser package on your employee's devices. |
+|.inf |Setup information files that provide installation instructions for your custom browser packages. For more info, see the [Use the uninstallation .INF files to uninstall custom components](create-uninstall-inf-files-for-custom-components.md) page. |
+|.ins |Internet Settings files that specify how to configure your custom browser and its components. You can create multiple versions of your custom package by customizing copies of this file. For more info, see the [Using Internet Settings (.INS) files with IEAK 11](using-internet-settings-ins-files.md) page. |
+|.pac |Proxy auto-configuration script files that determine whether to connect directly to a host or to use a proxy server. For more info, see the [Use the Automatic Configuration page in the IEAK 11 Wizard](auto-config-ieak11-wizard.md) page. |
+|.js and .jvs |JScript and JavaScript files that let you configure and maintain your advanced proxy settings. For more info, see the [Use the Automatic Configuration page in the IEAK 11 Wizard](auto-config-ieak11-wizard.md) page. |
+|.pvk |A file format used by some certification authorities to store the private key of the digital certificate. The public part of the digital certificate is stored in an SPC file, while the private part is stored in the PVK file. For more info, see the **Understanding certificates** section of the [Security features and IEAK 11](security-and-ieak11.md) page. |
+|.sed |Connection profile files, created by the CMAK tool, including the instructions for building the self-extracting executable (.exe) file for your service profiles.**Important**
You must never edit a .sed file. |
+|.spc |The software publishing certificate file, which includes:
- The name and other identifying information of the owner of the certificate.
- The public key associated with the certificate.
- The serial number.
- The length of time the certificate is valid.
- The digital signature of the certification authority that issued the certificate.
|
+
diff --git a/browsers/internet-explorer/ie11-ieak/first-run-and-welcome-page-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/first-run-and-welcome-page-ieak11-wizard.md
index 68b255a273..507450938d 100644
--- a/browsers/internet-explorer/ie11-ieak/first-run-and-welcome-page-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/first-run-and-welcome-page-ieak11-wizard.md
@@ -1,44 +1,45 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the First Run Wizard and Welcome Page Options page in the IEAK 11 Customization Wizard to set what your employee’s see the first time they log on to IE, based on their operating system.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 85f856a6-b707-48a9-ba99-3a6e898276a9
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the First Run Wizard and Welcome Page Options page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the First Run Wizard and Welcome Page Options page in the IEAK 11 Wizard
-The **First Run Wizard and Welcome Page Options** page of the Internet Explorer Customization Wizard 11 lets you decide what your employee’s see the first time they log on to IE, based on their operating system.
-
-- **Windows 8.1 Update and newer.** No longer includes a **Welcome** page, so if you pick the **Use Internet Explorer 11 Welcome Page** or the **Use a custom Welcome page** option, IEAK creates an initial **Home** page that loads before all other **Home** pages, as the first tab. This only applies to the Internet Explorer for the desktop.
-
-- **Windows 7 SP1.** You can disable the first run page for Windows 7 SP1 and then pick a custom **Welcome** page to show instead. If you don’t customize the settings on this page, your employees will see the default IE **Welcome** page.
-
-**To use the First Run Wizard and Welcome Page Options page**
-
-1. Check the **Use IE11 First Run wizard (recommended)** box to use the default First Run wizard in IE.
-Clearing this box lets you use the IE11 **Welcome** page or your custom **Welcome** page.
-
-2. If you cleared the First Run wizard box, you can decide which **Welcome** page to use:
-
- - **Use IE11 Welcome Page.** Check this box if you want to use the default IE11 **Welcome** page.
-
- - **Use a custom Welcome Page.** Check this box if you want to use a custom **Welcome** page. If you choose this option, you need to add the URL to your custom page.
-
-3. Click **Next** to go to the [Compatibility View](compat-view-ieak11-wizard.md) page or **Back** to go to the [Browsing Options](browsing-options-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the First Run Wizard and Welcome Page Options page in the IEAK 11 Customization Wizard to set what your employee’s see the first time they log on to IE, based on their operating system.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 85f856a6-b707-48a9-ba99-3a6e898276a9
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the First Run Wizard and Welcome Page Options page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the First Run Wizard and Welcome Page Options page in the IEAK 11 Wizard
+The **First Run Wizard and Welcome Page Options** page of the Internet Explorer Customization Wizard 11 lets you decide what your employee’s see the first time they log on to IE, based on their operating system.
+
+- **Windows 8.1 Update and newer.** No longer includes a **Welcome** page, so if you pick the **Use Internet Explorer 11 Welcome Page** or the **Use a custom Welcome page** option, IEAK creates an initial **Home** page that loads before all other **Home** pages, as the first tab. This only applies to the Internet Explorer for the desktop.
+
+- **Windows 7 SP1.** You can disable the first run page for Windows 7 SP1 and then pick a custom **Welcome** page to show instead. If you don’t customize the settings on this page, your employees will see the default IE **Welcome** page.
+
+**To use the First Run Wizard and Welcome Page Options page**
+
+1. Check the **Use IE11 First Run wizard (recommended)** box to use the default First Run wizard in IE.
+Clearing this box lets you use the IE11 **Welcome** page or your custom **Welcome** page.
+
+2. If you cleared the First Run wizard box, you can decide which **Welcome** page to use:
+
+ - **Use IE11 Welcome Page.** Check this box if you want to use the default IE11 **Welcome** page.
+
+ - **Use a custom Welcome Page.** Check this box if you want to use a custom **Welcome** page. If you choose this option, you need to add the URL to your custom page.
+
+3. Click **Next** to go to the [Compatibility View](compat-view-ieak11-wizard.md) page or **Back** to go to the [Browsing Options](browsing-options-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/guidelines-toolbar-and-favorites-list-ieak11.md b/browsers/internet-explorer/ie11-ieak/guidelines-toolbar-and-favorites-list-ieak11.md
index d811730cee..0864538448 100644
--- a/browsers/internet-explorer/ie11-ieak/guidelines-toolbar-and-favorites-list-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/guidelines-toolbar-and-favorites-list-ieak11.md
@@ -1,28 +1,29 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: plan
-description: Customization guidelines for your Internet Explorer toolbar button and Favorites List icons.
-author: lomayor
-ms.prod: ie11
-ms.assetid: bddc8f23-9ac1-449d-ad71-f77f43ae3b5c
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Customize the toolbar button and Favorites List icons using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Customize the Toolbar button and Favorites List icons using IEAK 11
-Use these customization guidelines to change the browser toolbar button and the **Favorites List** icons, using your own branding and graphics.
-
-**Important**
Check your license agreement to make sure this customization is available.
-
-|Graphic |Type and description |
-|-----------------------|----------------------------------------------------------------------|
-|Browser toolbar button |2 icon (.ico) files with color images for active and inactive states. |
-|Favorites List icons |1 icon (.ico) file for each new URL. |
-
-Your icons must use the .ico file extension, no other image file extension works.
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: plan
+description: Customization guidelines for your Internet Explorer toolbar button and Favorites List icons.
+author: dansimp
+ms.prod: ie11
+ms.assetid: bddc8f23-9ac1-449d-ad71-f77f43ae3b5c
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Customize the toolbar button and Favorites List icons using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Customize the Toolbar button and Favorites List icons using IEAK 11
+Use these customization guidelines to change the browser toolbar button and the **Favorites List** icons, using your own branding and graphics.
+
+**Important**
Check your license agreement to make sure this customization is available.
+
+|Graphic |Type and description |
+|-----------------------|----------------------------------------------------------------------|
+|Browser toolbar button |2 icon (.ico) files with color images for active and inactive states. |
+|Favorites List icons |1 icon (.ico) file for each new URL. |
+
+Your icons must use the .ico file extension, no other image file extension works.
+
diff --git a/browsers/internet-explorer/ie11-ieak/hardware-and-software-reqs-ieak11.md b/browsers/internet-explorer/ie11-ieak/hardware-and-software-reqs-ieak11.md
index 59cb1d693e..0ba0f580a8 100644
--- a/browsers/internet-explorer/ie11-ieak/hardware-and-software-reqs-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/hardware-and-software-reqs-ieak11.md
@@ -1,52 +1,53 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: plan
-description: List of supported hardware and software requirements for Internet Explorer 11 and the Internet Explorer Administration Kit 11.
-author: lomayor
-ms.prod: ie11
-ms.assetid: c50b86dc-7184-43d1-8daf-e750eb88dabb
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Hardware and software requirements for Internet Explorer 11 and the IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Hardware and software requirements for Internet Explorer 11 and the IEAK 11
-Before you can use the Internet Explorer Administration Kit 11 and the Internet Explorer Customization Wizard 11, you must first install Internet Explorer 11. For more info about installing IE11, see the [Determine the licensing version and features to use in IEAK 11](licensing-version-and-features-ieak11.md) page.
-
-## Hardware requirements
-Before you start the Internet Explorer Customization Wizard 11, you must check to see how much disk space you have on the drive you're going to use to build the IE11 install package. This drive can be on the same device as the one running the wizard; it just needs to have a secure destination folder.
-
-Before you start to create your install package, you must meet all of the [Internet Explorer 11 requirements](../ie11-deploy-guide/system-requirements-and-language-support-for-ie11.md), plus:
-
-- Up to 100 megabytes (MB) of disk space, depending on how many components you include in the installation package.
-
-- An additional 100 MB of disk space for each custom installation package built. Different media types are considered separate packages.
-
-## Software requirements
-The device you're going to use to build your install packages must be running Internet Explorer 11, on one of these operating systems:
-
-- Windows 10
However, you must use the Windows 8.1 target platform and only the "Configuration-only package" is available.
-
-- Windows 8.1
-
-- Windows Server 2012 R2
-
-- Windows® 7 Service Pack 1 (SP1)
-
-- Windows Server 2008 R2 (SP1)
-
-**Important**
-The device you're going to use to run IEAK 11 must be running the same version of the operating system as the device where you'll build your install packages.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: plan
+description: List of supported hardware and software requirements for Internet Explorer 11 and the Internet Explorer Administration Kit 11.
+author: dansimp
+ms.prod: ie11
+ms.assetid: c50b86dc-7184-43d1-8daf-e750eb88dabb
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Hardware and software requirements for Internet Explorer 11 and the IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Hardware and software requirements for Internet Explorer 11 and the IEAK 11
+Before you can use the Internet Explorer Administration Kit 11 and the Internet Explorer Customization Wizard 11, you must first install Internet Explorer 11. For more info about installing IE11, see the [Determine the licensing version and features to use in IEAK 11](licensing-version-and-features-ieak11.md) page.
+
+## Hardware requirements
+Before you start the Internet Explorer Customization Wizard 11, you must check to see how much disk space you have on the drive you're going to use to build the IE11 install package. This drive can be on the same device as the one running the wizard; it just needs to have a secure destination folder.
+
+Before you start to create your install package, you must meet all of the [Internet Explorer 11 requirements](../ie11-deploy-guide/system-requirements-and-language-support-for-ie11.md), plus:
+
+- Up to 100 megabytes (MB) of disk space, depending on how many components you include in the installation package.
+
+- An additional 100 MB of disk space for each custom installation package built. Different media types are considered separate packages.
+
+## Software requirements
+The device you're going to use to build your install packages must be running Internet Explorer 11, on one of these operating systems:
+
+- Windows 10
However, you must use the Windows 8.1 target platform and only the "Configuration-only package" is available.
+
+- Windows 8.1
+
+- Windows Server 2012 R2
+
+- Windows® 7 Service Pack 1 (SP1)
+
+- Windows Server 2008 R2 (SP1)
+
+**Important**
+The device you're going to use to run IEAK 11 must be running the same version of the operating system as the device where you'll build your install packages.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/hidecustom-ins-file-setting.md b/browsers/internet-explorer/ie11-ieak/hidecustom-ins-file-setting.md
index 26d3c2806d..7d50512355 100644
--- a/browsers/internet-explorer/ie11-ieak/hidecustom-ins-file-setting.md
+++ b/browsers/internet-explorer/ie11-ieak/hidecustom-ins-file-setting.md
@@ -1,32 +1,33 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Use the \[HideCustom\] .INS file setting to decide whether to hide the GUID for each custom component.
-author: lomayor
-ms.prod: ie11
-ms.assetid: e673f7b1-c3aa-4072-92b0-20c6dc3d9277
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the HideCustom .INS file to hide the GUID for each custom component (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the HideCustom .INS file to hide the GUID for each custom component
-Info about whether to hide the globally unique identifier (GUID) for each of your custom components.
-
-|Name |Value |Description |
-|------|-------------------------------------------------------------------------------------|-----------------------------------------------|
-|GUID |
- **0.** Component isn't hidden.
- **1.** Component is hidden.
|Determines whether this is a hidden component. |
-
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Use the \[HideCustom\] .INS file setting to decide whether to hide the GUID for each custom component.
+author: dansimp
+ms.prod: ie11
+ms.assetid: e673f7b1-c3aa-4072-92b0-20c6dc3d9277
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the HideCustom .INS file to hide the GUID for each custom component (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the HideCustom .INS file to hide the GUID for each custom component
+Info about whether to hide the globally unique identifier (GUID) for each of your custom components.
+
+|Name |Value |Description |
+|------|-------------------------------------------------------------------------------------|-----------------------------------------------|
+|GUID |- **0.** Component isn't hidden.
- **1.** Component is hidden.
|Determines whether this is a hidden component. |
+
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/ie-setup-command-line-options-and-return-codes.md b/browsers/internet-explorer/ie11-ieak/ie-setup-command-line-options-and-return-codes.md
index 66973a3a25..51dc959759 100644
--- a/browsers/internet-explorer/ie11-ieak/ie-setup-command-line-options-and-return-codes.md
+++ b/browsers/internet-explorer/ie11-ieak/ie-setup-command-line-options-and-return-codes.md
@@ -1,68 +1,69 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Reference about the command-line options and return codes for Internet Explorer Setup.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 40c23024-cb5d-4902-ad1b-6e8a189a699f
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Internet Explorer Setup command-line options and return codes (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Internet Explorer Setup command-line options and return codes
-You can use command-line options along with a tool like IExpress to package your custom version of Internet Explorer and to perform a batch installation across your organization.
-
-## IE Setup command-line options
-These command-line options work with IE Setup:
-
-`[/help] [/passive | /quiet] [/update-no] [/no-default] [/nobackup] [/ieak-full: | /ieak-branding: ] [/norestart | /forcerestart] [/log: `
-
-|Parameter (Setup modes) |Description |
-|------------------------|-------------------------------------------------------------------------------------------------|
-|`/passive` |Runs the install without requiring input from the employee, showing progress and error messages. |
-|`/quiet` |Identical to `/passive`, but doesn't show any of the progress or error messages to the employee. |
-
-
-|Parameter (Setup options) |Description |
-|--------------------------|-------------------------------------------------------------------------------------------------|
-|`/update-no` |Doesn't look for Internet Explorer updates. |
-|`/no-default` |Doesn't make Internet Explorer the default browser. |
-|`/no-backup` |Doesn't back up the files necessary to uninstall IE. |
-|`/ieak-full` |Reserved for use by the IEAK 11. |
-|`/ieak-branding` |Reserved for use by the IEAK 11. |
-
-
-|Parameter (Restart options) |Description |
-|----------------------------|--------------------------------------------|
-|`/norestart` |Doesn't restart after installation. |
-|`/forcerestart` |Restarts after installation. |
-
-
-|Parameter (miscellaneous options) |Description |
-|----------------------------------|--------------------------------------------|
-|`/help` |Provides help info. Can't be used with any other option. |
-|`/log ` |Creates a log file about the installation process, at the specified location. |
-
-
-## Windows Setup return and status codes
-Windows Setup needs to tell you whether IE successfully installed. However, because IE11wzd.exe is packaged inside your IE11setup.exe file, the return codes can’t be sent directly back to you. Instead, Setup needs to return the information (both success and failure) to the `HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\InstallInfo` registry branch.
-
-|Subkey |Data type |Value |
-|---------|----------|---------------------------------------|
-|Complete |String |0 = Success |
-|Complete |String |0x80100003 = Files are missing for the requested installation. |
-|Complete |String |0x80100001 = Setup partially succeeded. One or more components weren’t downloaded or installed. Check the **FailedComponents** subkey for the list of components. |
-|Complete |String |0x80100002 = Setup partially succeeded, but the employee cancelled Setup. One or more components weren’t downloaded or installed. Check the **FailedComponents** subkey for the list of components. |
-|FailedComponents |MultiSZ |``Null``Component1 |
-|InstallStatus |Binary |0 = Install completed successfully. |
-|InstallStatus |Binary |1 = Suspend Setup.
The employee cancelled Setup and is then asked to confirm:- 2 = No, don’t cancel. Resume Setup.
- 3 = Yes, cancel confirmed. Quit Setup as soon as possible.
**Important**
If the cancellation is confirmed, Setup will quit as soon as all of the in-progress tasks are done, like copying or extracting files. |
-
-## Related topics
-- [IExpress Wizard for Windows Server 2008 R2 with SP1](iexpress-wizard-for-win-server.md)
-- [Express Wizard command-line options](iexpress-command-line-options.md)
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Reference about the command-line options and return codes for Internet Explorer Setup.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 40c23024-cb5d-4902-ad1b-6e8a189a699f
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Internet Explorer Setup command-line options and return codes (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Internet Explorer Setup command-line options and return codes
+You can use command-line options along with a tool like IExpress to package your custom version of Internet Explorer and to perform a batch installation across your organization.
+
+## IE Setup command-line options
+These command-line options work with IE Setup:
+
+`[/help] [/passive | /quiet] [/update-no] [/no-default] [/nobackup] [/ieak-full: | /ieak-branding: ] [/norestart | /forcerestart] [/log: `
+
+|Parameter (Setup modes) |Description |
+|------------------------|-------------------------------------------------------------------------------------------------|
+|`/passive` |Runs the install without requiring input from the employee, showing progress and error messages. |
+|`/quiet` |Identical to `/passive`, but doesn't show any of the progress or error messages to the employee. |
+
+
+|Parameter (Setup options) |Description |
+|--------------------------|-------------------------------------------------------------------------------------------------|
+|`/update-no` |Doesn't look for Internet Explorer updates. |
+|`/no-default` |Doesn't make Internet Explorer the default browser. |
+|`/no-backup` |Doesn't back up the files necessary to uninstall IE. |
+|`/ieak-full` |Reserved for use by the IEAK 11. |
+|`/ieak-branding` |Reserved for use by the IEAK 11. |
+
+
+|Parameter (Restart options) |Description |
+|----------------------------|--------------------------------------------|
+|`/norestart` |Doesn't restart after installation. |
+|`/forcerestart` |Restarts after installation. |
+
+
+|Parameter (miscellaneous options) |Description |
+|----------------------------------|--------------------------------------------|
+|`/help` |Provides help info. Can't be used with any other option. |
+|`/log ` |Creates a log file about the installation process, at the specified location. |
+
+
+## Windows Setup return and status codes
+Windows Setup needs to tell you whether IE successfully installed. However, because IE11wzd.exe is packaged inside your IE11setup.exe file, the return codes can’t be sent directly back to you. Instead, Setup needs to return the information (both success and failure) to the `HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\InstallInfo` registry branch.
+
+|Subkey |Data type |Value |
+|---------|----------|---------------------------------------|
+|Complete |String |0 = Success |
+|Complete |String |0x80100003 = Files are missing for the requested installation. |
+|Complete |String |0x80100001 = Setup partially succeeded. One or more components weren’t downloaded or installed. Check the **FailedComponents** subkey for the list of components. |
+|Complete |String |0x80100002 = Setup partially succeeded, but the employee cancelled Setup. One or more components weren’t downloaded or installed. Check the **FailedComponents** subkey for the list of components. |
+|FailedComponents |MultiSZ |``Null``Component1 |
+|InstallStatus |Binary |0 = Install completed successfully. |
+|InstallStatus |Binary |1 = Suspend Setup.
The employee cancelled Setup and is then asked to confirm:- 2 = No, don’t cancel. Resume Setup.
- 3 = Yes, cancel confirmed. Quit Setup as soon as possible.
**Important**
If the cancellation is confirmed, Setup will quit as soon as all of the in-progress tasks are done, like copying or extracting files. |
+
+## Related topics
+- [IExpress Wizard for Windows Server 2008 R2 with SP1](iexpress-wizard-for-win-server.md)
+- [Express Wizard command-line options](iexpress-command-line-options.md)
+
diff --git a/browsers/internet-explorer/ie11-ieak/ieak-information-and-downloads.md b/browsers/internet-explorer/ie11-ieak/ieak-information-and-downloads.md
index 956404de2f..b8c3d25c24 100644
--- a/browsers/internet-explorer/ie11-ieak/ieak-information-and-downloads.md
+++ b/browsers/internet-explorer/ie11-ieak/ieak-information-and-downloads.md
@@ -1,51 +1,52 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: support
-ms.pagetype: security
-description: The Internet Explorer Administration Kit (IEAK) simplifies the creation, deployment, and management of customized Internet Explorer packages. Use the IEAK to configure the out-of-box Internet Explorer experience or to manage user settings after Internet Explorer deployment.
-author: lomayor
-ms.author: lomayor
-ms.manager: dougkim
-ms.prod: ie11
-ms.assetid:
-ms.reviewer:
-audience: itpro
manager: dansimp
-title: Internet Explorer Administration Kit (IEAK) information and downloads
-ms.sitesec: library
-ms.date: 05/10/2018
----
-
-# Internet Explorer Administration Kit (IEAK) information and downloads
-
->Applies to: Windows 10
-
-The Internet Explorer Administration Kit (IEAK) simplifies the creation, deployment, and management of customized Internet Explorer packages. You can use the IEAK to configure the out-of-box Internet Explorer experience or to manage user settings after Internet Explorer deployment. To find more information on the IEAK, see [What IEAK can do for you](what-ieak-can-do-for-you.md).
-
-
-## Internet Explorer Administration Kit 11 (IEAK 11)
-
-[IEAK 11 documentation](index.md)
-
-[IEAK 11 licensing guidelines](licensing-version-and-features-ieak11.md)
-
-[IEAK 11 - Frequently Asked Questions](../ie11-faq/faq-ieak11.md)
-
-[Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide](before-you-create-custom-pkgs-ieak11.md)
-
-## Download IEAK
-
-To download, choose to **Open** the download or **Save** it to your hard drive first.
-
-
-| | | |
-|---------|---------|---------|
-|[English](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/en-us/ieak.msi) |[French](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/fr-fr/ieak.msi) |[Norwegian (Bokmål)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/nb-no/ieak.msi) |
-|[Arabic](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ar-sa/ieak.msi) |[German](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/de-de/ieak.msi) |[Polish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pl-pl/ieak.msi) |
-|[Chinese (Simplified)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/zh-cn/ieak.msi) |[Greek](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/el-gr/ieak.msi) |[Portuguese (Brazil)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pt-br/ieak.msi) |
-|[Chinese (Traditional)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/zh-tw/ieak.msi) |[Hebrew](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/he-il/ieak.msi) |[Portuguese (Portugal)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pt-pt/ieak.msi) |
-|[Czech](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/cs-cz/ieak.msi) |[Hungarian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/hu-hu/ieak.msi) |[Russian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ru-ru/ieak.msi) |
-|[Danish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/da-dk/ieak.msi) |[Italian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/it-it/ieak.msi) |[Spanish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/es-es/ieak.msi) |
-|[Dutch](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/nl-nl/ieak.msi) |[Japanese](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ja-jp/ieak.msi) |[Swedish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/sv-se/ieak.msi) |
-|[Finnish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/fi-fi/ieak.msi) |[Korean](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ko-kr/ieak.msi) |[Turkish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/tr-tr/ieak.msi) |
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: support
+ms.pagetype: security
+description: The Internet Explorer Administration Kit (IEAK) simplifies the creation, deployment, and management of customized Internet Explorer packages. Use the IEAK to configure the out-of-box Internet Explorer experience or to manage user settings after Internet Explorer deployment.
+author: dansimp
+ms.author: dansimp
+ms.manager: dougkim
+ms.prod: ie11
+ms.assetid:
+ms.reviewer:
+audience: itpro
+manager: dansimp
+title: Internet Explorer Administration Kit (IEAK) information and downloads
+ms.sitesec: library
+ms.date: 05/10/2018
+---
+
+# Internet Explorer Administration Kit (IEAK) information and downloads
+
+>Applies to: Windows 10
+
+The Internet Explorer Administration Kit (IEAK) simplifies the creation, deployment, and management of customized Internet Explorer packages. You can use the IEAK to configure the out-of-box Internet Explorer experience or to manage user settings after Internet Explorer deployment. To find more information on the IEAK, see [What IEAK can do for you](what-ieak-can-do-for-you.md).
+
+
+## Internet Explorer Administration Kit 11 (IEAK 11)
+
+[IEAK 11 documentation](index.md)
+
+[IEAK 11 licensing guidelines](licensing-version-and-features-ieak11.md)
+
+[IEAK 11 - Frequently Asked Questions](../ie11-faq/faq-ieak11.md)
+
+[Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide](before-you-create-custom-pkgs-ieak11.md)
+
+## Download IEAK
+
+To download, choose to **Open** the download or **Save** it to your hard drive first.
+
+
+| | | |
+|---------|---------|---------|
+|[English](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/en-us/ieak.msi) |[French](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/fr-fr/ieak.msi) |[Norwegian (Bokmål)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/nb-no/ieak.msi) |
+|[Arabic](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ar-sa/ieak.msi) |[German](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/de-de/ieak.msi) |[Polish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pl-pl/ieak.msi) |
+|[Chinese (Simplified)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/zh-cn/ieak.msi) |[Greek](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/el-gr/ieak.msi) |[Portuguese (Brazil)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pt-br/ieak.msi) |
+|[Chinese (Traditional)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/zh-tw/ieak.msi) |[Hebrew](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/he-il/ieak.msi) |[Portuguese (Portugal)](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/pt-pt/ieak.msi) |
+|[Czech](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/cs-cz/ieak.msi) |[Hungarian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/hu-hu/ieak.msi) |[Russian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ru-ru/ieak.msi) |
+|[Danish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/da-dk/ieak.msi) |[Italian](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/it-it/ieak.msi) |[Spanish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/es-es/ieak.msi) |
+|[Dutch](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/nl-nl/ieak.msi) |[Japanese](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ja-jp/ieak.msi) |[Swedish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/sv-se/ieak.msi) |
+|[Finnish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/fi-fi/ieak.msi) |[Korean](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/ko-kr/ieak.msi) |[Turkish](https://download.microsoft.com/download/A/B/1/AB1954BF-8B20-4F01-808A-FE5EE5269F08/MSI/tr-tr/ieak.msi) |
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/ieak11-wizard-custom-options.md b/browsers/internet-explorer/ie11-ieak/ieak11-wizard-custom-options.md
index 8890f6d65b..f27ec8b5b9 100644
--- a/browsers/internet-explorer/ie11-ieak/ieak11-wizard-custom-options.md
+++ b/browsers/internet-explorer/ie11-ieak/ieak11-wizard-custom-options.md
@@ -1,44 +1,45 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: plan
-description: Review the options available to help you customize your browser install packages for deployment to your employee's devices.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 4b804da3-c3ac-4b60-ab1c-99536ff6e31b
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Internet Explorer Administration Kit 11 (IEAK 11) Customization Wizard options (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Internet Explorer Administration Kit 11 (IEAK 11) Customization Wizard options
-Use the Internet Explorer Administration Kit 11 (IEAK 11) and the Internet Explorer Customization Wizard 11 to customize your browser install packages for deployment to your employee's devices.
-
-## IE Customization Wizard 11 options
-IEAK 11 lets you customize a lot of Internet Explorer 11, including the IE and Internet Explorer for the desktop experiences. For more info about the experiences, see [Internet Explorer 11 (IE11) - Deployment Guide for IT Pros](../ie11-deploy-guide/index.md). For info about which pages appear in the **Internal** or **External** version of IE Customization Wizard 11, see [Determine the licensing version and features to use in IEAK 11](licensing-version-and-features-ieak11.md).
-
-|Internet Explorer Customization Wizard 11 page |Browser experience |Description |
-|-----------------------------------------------|------------------------------------|-----------------------------|
-|[Custom Components](custom-components-ieak11-wizard.md) |Internet Explorer for the desktop |Add up to 10 additional components that your employees can install at the same time they install IE. |
-|[Internal install](internal-install-ieak11-wizard.md) |Internet Explorer for the desktop |Choose to set IE11 as the default browser.
**Note**
This only applies to IE11 on Windows 7 SP1 |
-|[User Experience](user-experience-ieak11-wizard.md) |Internet Explorer for the desktop |Control the installation and restart experience for your employees.
This only applies to IE11 on Windows 7 SP1 |
-|[Browser user interface](browser-ui-ieak11-wizard.md) |Internet Explorer for the desktop |Customize your title bars and toolbar buttons. |
-|[Search Providers](search-providers-ieak11-wizard.md) |Both |Import and add Search providers. |
-|[Important URLs – Home page and Support](important-urls-home-page-and-support-ieak11-wizard.md) |The **Support** page is supported by both experiences. The **Home** page is only supported on Internet Explorer for the desktop. |Add URLs for your **Home** and **Support** pages. |
-|[Accelerators](accelerators-ieak11-wizard.md) |Internet Explorer for the desktop |Import and add default accelerators. |
-|[Favorites, Favorites Bar and Feeds](favorites-favoritesbar-and-feeds-ieak11-wizard.md) |Internet Explorer for the desktop |Import and add items to the **Favorites** folder, the **Favorites Bar**, and the **Feeds** folder.
**Note**
You can turn off the entire **Suggested Sites** feature from this page. |
-|[Browsing Options](browsing-options-ieak11-wizard.md) |Doesn't apply. The choices that you make on this page affect only the items shown on the **Favorites, Favorites Bar, and Feeds** page. |Choose how to manage items in the **Favorites** folder, the **Favorites Bar**, and the **Feeds** folder. You can also turn off the Microsoft-default Favorites, Web slices, links, feeds, and accelerators. |
-|[First Run Wizard and Welcome Page Options](first-run-and-welcome-page-ieak11-wizard.md) |Internet Explorer for the desktop |Decide if the First Run wizard appears the first time an employee starts IE. You can also use the IE11 **Welcome** page, or link to a custom **Welcome** page. |
-|[Compatibility View](compat-view-ieak11-wizard.md) |No longer supported |This functionality has been removed for IE11. For more information, see [Missing the Compatibility View Button](../ie11-deploy-guide/missing-the-compatibility-view-button.md). |
-|[Connection Manager](connection-mgr-ieak11-wizard.md) |No longer supported |This functionality has been removed for IE11. |
-|[Connection Settings](connection-settings-ieak11-wizard.md) |Both |Choose whether to customize your connection settings. You can also choose to delete old dial-up connection settings. |
-|[Automatic Configuration](auto-config-ieak11-wizard.md) |Both |Choose whether to automatically detect configuration settings and whether to turn on and customize automatic configuration. |
-|[Proxy Settings](proxy-settings-ieak11-wizard.md) |Both |Turn on and set up your proxy servers.
**Note**
We don't support Gopher Server anymore. |
-|[Add a Root Certification](add-root-certificate-ieak11-wizard.md) |No longer supported |This functionality has been removed for IE11. |
-|[Security and Privacy Settings](security-and-privacy-settings-ieak11-wizard.md) |The **Security Zones and Privacy** settings are supported by both experiences. The **Content Ratings** are only supported on Internet Explorer for the desktop. |Decide if you want to:
- Customize your security zones and privacy settings
-OR-
- Import your current security zones and privacy settings
-AND-
- Customize your content ratings settings
-OR-
- Import your current content ratings settings
|
-|[Programs](programs-ieak11-wizard.md) |Internet Explorer for the desktop |Decide your default programs or import your current settings. |
-|[Additional Settings](additional-settings-ieak11-wizard.md) |Both |Decide how to set up multiple IE settings that appear in the **Internet Options** box. |
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: plan
+description: Review the options available to help you customize your browser install packages for deployment to your employee's devices.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 4b804da3-c3ac-4b60-ab1c-99536ff6e31b
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Internet Explorer Administration Kit 11 (IEAK 11) Customization Wizard options (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Internet Explorer Administration Kit 11 (IEAK 11) Customization Wizard options
+Use the Internet Explorer Administration Kit 11 (IEAK 11) and the Internet Explorer Customization Wizard 11 to customize your browser install packages for deployment to your employee's devices.
+
+## IE Customization Wizard 11 options
+IEAK 11 lets you customize a lot of Internet Explorer 11, including the IE and Internet Explorer for the desktop experiences. For more info about the experiences, see [Internet Explorer 11 (IE11) - Deployment Guide for IT Pros](../ie11-deploy-guide/index.md). For info about which pages appear in the **Internal** or **External** version of IE Customization Wizard 11, see [Determine the licensing version and features to use in IEAK 11](licensing-version-and-features-ieak11.md).
+
+|Internet Explorer Customization Wizard 11 page |Browser experience |Description |
+|-----------------------------------------------|------------------------------------|-----------------------------|
+|[Custom Components](custom-components-ieak11-wizard.md) |Internet Explorer for the desktop |Add up to 10 additional components that your employees can install at the same time they install IE. |
+|[Internal install](internal-install-ieak11-wizard.md) |Internet Explorer for the desktop |Choose to set IE11 as the default browser.**Note**
This only applies to IE11 on Windows 7 SP1 |
+|[User Experience](user-experience-ieak11-wizard.md) |Internet Explorer for the desktop |Control the installation and restart experience for your employees.
This only applies to IE11 on Windows 7 SP1 |
+|[Browser user interface](browser-ui-ieak11-wizard.md) |Internet Explorer for the desktop |Customize your title bars and toolbar buttons. |
+|[Search Providers](search-providers-ieak11-wizard.md) |Both |Import and add Search providers. |
+|[Important URLs – Home page and Support](important-urls-home-page-and-support-ieak11-wizard.md) |The **Support** page is supported by both experiences. The **Home** page is only supported on Internet Explorer for the desktop. |Add URLs for your **Home** and **Support** pages. |
+|[Accelerators](accelerators-ieak11-wizard.md) |Internet Explorer for the desktop |Import and add default accelerators. |
+|[Favorites, Favorites Bar and Feeds](favorites-favoritesbar-and-feeds-ieak11-wizard.md) |Internet Explorer for the desktop |Import and add items to the **Favorites** folder, the **Favorites Bar**, and the **Feeds** folder.
**Note**
You can turn off the entire **Suggested Sites** feature from this page. |
+|[Browsing Options](browsing-options-ieak11-wizard.md) |Doesn't apply. The choices that you make on this page affect only the items shown on the **Favorites, Favorites Bar, and Feeds** page. |Choose how to manage items in the **Favorites** folder, the **Favorites Bar**, and the **Feeds** folder. You can also turn off the Microsoft-default Favorites, Web slices, links, feeds, and accelerators. |
+|[First Run Wizard and Welcome Page Options](first-run-and-welcome-page-ieak11-wizard.md) |Internet Explorer for the desktop |Decide if the First Run wizard appears the first time an employee starts IE. You can also use the IE11 **Welcome** page, or link to a custom **Welcome** page. |
+|[Compatibility View](compat-view-ieak11-wizard.md) |No longer supported |This functionality has been removed for IE11. For more information, see [Missing the Compatibility View Button](../ie11-deploy-guide/missing-the-compatibility-view-button.md). |
+|[Connection Manager](connection-mgr-ieak11-wizard.md) |No longer supported |This functionality has been removed for IE11. |
+|[Connection Settings](connection-settings-ieak11-wizard.md) |Both |Choose whether to customize your connection settings. You can also choose to delete old dial-up connection settings. |
+|[Automatic Configuration](auto-config-ieak11-wizard.md) |Both |Choose whether to automatically detect configuration settings and whether to turn on and customize automatic configuration. |
+|[Proxy Settings](proxy-settings-ieak11-wizard.md) |Both |Turn on and set up your proxy servers.
**Note**
We don't support Gopher Server anymore. |
+|[Add a Root Certification](add-root-certificate-ieak11-wizard.md) |No longer supported |This functionality has been removed for IE11. |
+|[Security and Privacy Settings](security-and-privacy-settings-ieak11-wizard.md) |The **Security Zones and Privacy** settings are supported by both experiences. The **Content Ratings** are only supported on Internet Explorer for the desktop. |Decide if you want to:
- Customize your security zones and privacy settings
-OR-
- Import your current security zones and privacy settings
-AND-
- Customize your content ratings settings
-OR-
- Import your current content ratings settings
|
+|[Programs](programs-ieak11-wizard.md) |Internet Explorer for the desktop |Decide your default programs or import your current settings. |
+|[Additional Settings](additional-settings-ieak11-wizard.md) |Both |Decide how to set up multiple IE settings that appear in the **Internet Options** box. |
+
diff --git a/browsers/internet-explorer/ie11-ieak/iexpress-command-line-options.md b/browsers/internet-explorer/ie11-ieak/iexpress-command-line-options.md
index d36ca26c63..88e151583a 100644
--- a/browsers/internet-explorer/ie11-ieak/iexpress-command-line-options.md
+++ b/browsers/internet-explorer/ie11-ieak/iexpress-command-line-options.md
@@ -1,43 +1,44 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Reference about the command-line options for the IExpress Wizard.
-author: lomayor
-ms.prod: ie11
-ms.assetid: aa16d738-1067-403c-88b3-bada12cf9752
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: IExpress Wizard command-line options (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-**Applies to:**
-- Windows Server 2008 R2 with SP1
-
-# IExpress Wizard command-line options
-Use command-line options with the IExpress Wizard (IExpress.exe) to control your Internet Explorer custom browser package extraction process.
-
-These command-line options work with IExpress:
-`Ie11setup /c:"ie11wzd "`
-
-|Parameter |Action |
-|----------|--------------------------------------------------------------------------------------------|
-|`/q` |Specifies quiet mode, hiding all of the prompts, while files are being extracted. This option won’t suppress prompts during Setup. |
-|`/q:u` |Specifies user-quiet mode, letting some of the progress and error messages appear to the employee. |
-|`/q:a` |Specifies administrator-quiet mode, hiding all of the progress and error messages from the employee. |
-|`/t:` |Specifies where to store your extracted files. |
-|`/c:` |Extracts all of the files without installing them. If `t:/` isn’t used, you’ll be prompted for a storage folder. |
-|`/c:` |Specifies the UNC path and name of the Setup .inf or .exe file. |
-|`/r:n` |Never restarts the computer after installation. |
-|`/r:a` |Always restarts the computer after installation. |
-|`/r:s` |Restarts the computer after installation without prompting the employee. |
-
-For more information, see [Command-line switches for IExpress software update packages](https://go.microsoft.com/fwlink/p/?LinkId=317973).
-
-## Related topics
-- [IExpress Wizard for Windows Server 2008 R2 with SP1](iexpress-wizard-for-win-server.md)
-- [Internet Explorer Setup command-line options and return codes](ie-setup-command-line-options-and-return-codes.md)
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Reference about the command-line options for the IExpress Wizard.
+author: dansimp
+ms.prod: ie11
+ms.assetid: aa16d738-1067-403c-88b3-bada12cf9752
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: IExpress Wizard command-line options (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+**Applies to:**
+- Windows Server 2008 R2 with SP1
+
+# IExpress Wizard command-line options
+Use command-line options with the IExpress Wizard (IExpress.exe) to control your Internet Explorer custom browser package extraction process.
+
+These command-line options work with IExpress:
+`Ie11setup /c:"ie11wzd "`
+
+|Parameter |Action |
+|----------|--------------------------------------------------------------------------------------------|
+|`/q` |Specifies quiet mode, hiding all of the prompts, while files are being extracted. This option won’t suppress prompts during Setup. |
+|`/q:u` |Specifies user-quiet mode, letting some of the progress and error messages appear to the employee. |
+|`/q:a` |Specifies administrator-quiet mode, hiding all of the progress and error messages from the employee. |
+|`/t:` |Specifies where to store your extracted files. |
+|`/c:` |Extracts all of the files without installing them. If `t:/` isn’t used, you’ll be prompted for a storage folder. |
+|`/c:` |Specifies the UNC path and name of the Setup .inf or .exe file. |
+|`/r:n` |Never restarts the computer after installation. |
+|`/r:a` |Always restarts the computer after installation. |
+|`/r:s` |Restarts the computer after installation without prompting the employee. |
+
+For more information, see [Command-line switches for IExpress software update packages](https://go.microsoft.com/fwlink/p/?LinkId=317973).
+
+## Related topics
+- [IExpress Wizard for Windows Server 2008 R2 with SP1](iexpress-wizard-for-win-server.md)
+- [Internet Explorer Setup command-line options and return codes](ie-setup-command-line-options-and-return-codes.md)
+
diff --git a/browsers/internet-explorer/ie11-ieak/iexpress-wizard-for-win-server.md b/browsers/internet-explorer/ie11-ieak/iexpress-wizard-for-win-server.md
index ced5d1a708..35dc9f9cc5 100644
--- a/browsers/internet-explorer/ie11-ieak/iexpress-wizard-for-win-server.md
+++ b/browsers/internet-explorer/ie11-ieak/iexpress-wizard-for-win-server.md
@@ -1,72 +1,73 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Use the IExpress Wizard on Windows Server 2008 R2 with SP1 to create self-extracting files to run your custom Internet Explorer Setup program.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 5100886d-ec88-4c1c-8cd7-be00da874c57
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: IExpress Wizard for Windows Server 2008 R2 with SP1 (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# IExpress Wizard for Windows Server 2008 R2 with SP1
-Use the IExpress Wizard and its associated command-line options to create self-extracting files that automatically run your custom Internet Explorer Setup (.inf or .exe file) program that’s contained inside.
-
-## IExpress Wizard location
-The IExpress Wizard (Iexpress.exe) is included as part of Windows Server 2008 R2 with Service Pack 1 (SP1), in the `:\Windows\System32` folder. The wizard uses a self-extraction directive (.sed) file to store your package’s information. When you run the wizard, you have the option to start with an existing .sed file or to create a new one.
-
-## IExpress Wizard features
-The IExpress Wizard:
-
-- Performs silent, unattended installations of your custom IE packages.
-
-- Supports upgrading IE without removing previous installations.
-
-- Supports repeated updating or performing clean installations of the same IE build.
-
-## IExpress Wizard settings
-The IExpress Wizard lets you:
-
-- Decide whether the self-installing package is for administrators or for general employees.
-
-- Set multiple ways to run the installation command, such as in normal or silent mode.
-
-- Determine whether the IExpress dynamic-link libraries (.dll files) are updated on an employee’s computer.
-
-- Determine the compatibility of the installation package, based on the operating system version range, the browser version range, or any application version range.
-
-- Update and add files to the IExpress package, using the UPDFILE tool, without having to rebuild the package.
-
-- Replace Runonce with RunOnceEx (if the newer version of Iernonce.dll exists); giving you control over the job run order and status display.
-
-- Let corporate administrators set up support for roaming employees.
-
-- Let Internet Content Providers (ICPs) and Internet Service Providers (ISPs) generate packages for preconfigured desktops with custom, current content.
-
-- Save disk space by cleaning up the hard drive when running in Setup, uninstallation, and maintenance modes.
-
-- Provide support for multiple download sites.
-
-- Provide support for internal and external development, customization, expandability, and enhanced debugging.
-
-- Provide support for the extended character set, beyond single-byte characters (SBCS).
-
-- Provide support for using the .inf file format to download Internet components. For more information, see [Use the uninstallation .INF files to uninstall custom components](create-uninstall-inf-files-for-custom-components.md).
-
-## Related topics
-- [IExpress command-line options](iexpress-command-line-options.md)
-- [Internet Explorer Setup command-line options and return codes](ie-setup-command-line-options-and-return-codes.md)
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Use the IExpress Wizard on Windows Server 2008 R2 with SP1 to create self-extracting files to run your custom Internet Explorer Setup program.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 5100886d-ec88-4c1c-8cd7-be00da874c57
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: IExpress Wizard for Windows Server 2008 R2 with SP1 (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# IExpress Wizard for Windows Server 2008 R2 with SP1
+Use the IExpress Wizard and its associated command-line options to create self-extracting files that automatically run your custom Internet Explorer Setup (.inf or .exe file) program that’s contained inside.
+
+## IExpress Wizard location
+The IExpress Wizard (Iexpress.exe) is included as part of Windows Server 2008 R2 with Service Pack 1 (SP1), in the `:\Windows\System32` folder. The wizard uses a self-extraction directive (.sed) file to store your package’s information. When you run the wizard, you have the option to start with an existing .sed file or to create a new one.
+
+## IExpress Wizard features
+The IExpress Wizard:
+
+- Performs silent, unattended installations of your custom IE packages.
+
+- Supports upgrading IE without removing previous installations.
+
+- Supports repeated updating or performing clean installations of the same IE build.
+
+## IExpress Wizard settings
+The IExpress Wizard lets you:
+
+- Decide whether the self-installing package is for administrators or for general employees.
+
+- Set multiple ways to run the installation command, such as in normal or silent mode.
+
+- Determine whether the IExpress dynamic-link libraries (.dll files) are updated on an employee’s computer.
+
+- Determine the compatibility of the installation package, based on the operating system version range, the browser version range, or any application version range.
+
+- Update and add files to the IExpress package, using the UPDFILE tool, without having to rebuild the package.
+
+- Replace Runonce with RunOnceEx (if the newer version of Iernonce.dll exists); giving you control over the job run order and status display.
+
+- Let corporate administrators set up support for roaming employees.
+
+- Let Internet Content Providers (ICPs) and Internet Service Providers (ISPs) generate packages for preconfigured desktops with custom, current content.
+
+- Save disk space by cleaning up the hard drive when running in Setup, uninstallation, and maintenance modes.
+
+- Provide support for multiple download sites.
+
+- Provide support for internal and external development, customization, expandability, and enhanced debugging.
+
+- Provide support for the extended character set, beyond single-byte characters (SBCS).
+
+- Provide support for using the .inf file format to download Internet components. For more information, see [Use the uninstallation .INF files to uninstall custom components](create-uninstall-inf-files-for-custom-components.md).
+
+## Related topics
+- [IExpress command-line options](iexpress-command-line-options.md)
+- [Internet Explorer Setup command-line options and return codes](ie-setup-command-line-options-and-return-codes.md)
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/important-urls-home-page-and-support-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/important-urls-home-page-and-support-ieak11-wizard.md
index 6e1ac8e67a..022767b179 100644
--- a/browsers/internet-explorer/ie11-ieak/important-urls-home-page-and-support-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/important-urls-home-page-and-support-ieak11-wizard.md
@@ -1,39 +1,40 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Important URLs - Home Page and Support page in the IEAK 11 Customization Wizard to choose one or more **Home** pages and an online support page for your customized version of IE.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 19e34879-ba9d-41bf-806a-3b9b9b752fc1
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Important URLs - Home Page and Support page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Important URLs - Home Page and Support page in the IEAK 11 Wizard
-The **Important URLS – Home Page and Support** page of the Internet Explorer Customization Wizard 11 lets you choose one or more **Home** pages and an online support page for your customized version of IE.
-
-**To use the Important URLS – Home Page and Support page**
-
-1. In the **Add a homepage URL** box, type the URL to the page your employees go to when they click the **Home** button, and then click **Add**.
-If you add multiple **Home** pages, each page appears on a separate tab in the browser. If you don’t add a custom **Home** page, IE uses https://www.msn.com by default. If you want to delete an existing page, click the URL and then click **Remove**.
-
-2. Check the **Retain previous Home Page (Upgrade)** box if you have employees with previous versions of IE, who need to keep their **Home** page settings when the browser is updated.
-
-3. Check the **Online support page URL** box to type in the URL to your own support page. Customizing the support page is only supported in Internet Explorer for the desktop.
-
-4. Click **Next** to go to the [Accelerators](accelerators-ieak11-wizard.md) page or **Back** to go to the [Search Providers](search-providers-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Important URLs - Home Page and Support page in the IEAK 11 Customization Wizard to choose one or more **Home** pages and an online support page for your customized version of IE.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 19e34879-ba9d-41bf-806a-3b9b9b752fc1
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Important URLs - Home Page and Support page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Important URLs - Home Page and Support page in the IEAK 11 Wizard
+The **Important URLS – Home Page and Support** page of the Internet Explorer Customization Wizard 11 lets you choose one or more **Home** pages and an online support page for your customized version of IE.
+
+**To use the Important URLS – Home Page and Support page**
+
+1. In the **Add a homepage URL** box, type the URL to the page your employees go to when they click the **Home** button, and then click **Add**.
+If you add multiple **Home** pages, each page appears on a separate tab in the browser. If you don’t add a custom **Home** page, IE uses https://www.msn.com by default. If you want to delete an existing page, click the URL and then click **Remove**.
+
+2. Check the **Retain previous Home Page (Upgrade)** box if you have employees with previous versions of IE, who need to keep their **Home** page settings when the browser is updated.
+
+3. Check the **Online support page URL** box to type in the URL to your own support page. Customizing the support page is only supported in Internet Explorer for the desktop.
+
+4. Click **Next** to go to the [Accelerators](accelerators-ieak11-wizard.md) page or **Back** to go to the [Search Providers](search-providers-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/index.md b/browsers/internet-explorer/ie11-ieak/index.md
index ea51efa9dc..3187f8b507 100644
--- a/browsers/internet-explorer/ie11-ieak/index.md
+++ b/browsers/internet-explorer/ie11-ieak/index.md
@@ -1,13 +1,14 @@
---
ms.mktglfcycl: plan
description: IEAK 11 - Internet Explorer Administration Kit 11 Users Guide
-author: shortpatti
+author: dansimp
+ms.author: dansimp
ms.prod: ie11
ms.assetid: 847bd7b4-d5dd-4e10-87b5-4d7d3a99bbac
title: Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide (Internet Explorer Administration Kit 11 for IT Pros)
ms.sitesec: library
ms.localizationpriority: medium
-ms.date: 07/27/2017
+manager: dansimp
---
diff --git a/browsers/internet-explorer/ie11-ieak/internal-install-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/internal-install-ieak11-wizard.md
index 59969fe56f..15db2bc20f 100644
--- a/browsers/internet-explorer/ie11-ieak/internal-install-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/internal-install-ieak11-wizard.md
@@ -1,39 +1,40 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Internal Install page in the IEAK 11 Customization Wizard to customize Setup for the default browser and the latest browser updates.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 33d078e3-75b8-455b-9126-f0d272ed676f
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Internal Install page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Internal Install page in the IEAK 11 Wizard
-The **Internal Install** page of the Internet Explorer Customization Wizard 11 lets you customize Setup for the default browser and the latest browser updates, based on your company’s guidelines.
-
-**Note**
The customizations made on this page only apply to Internet Explorer for the desktop on Windows 7.
-
-**To use the Internal Install page**
-
-1. Pick either:
-
- - **Allow user to choose.** Lets your employees pick their own default browser.
-OR-
-
- - **Do not set IE as the default browser.** Won’t set IE as the default browser. However, your employees can still make IE the default.
-
-2. Click **Next** to go to the [User Experience](user-experience-ieak11-wizard.md) page or **Back** to go to the [Custom Components](custom-components-ieak11-wizard.md).
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Internal Install page in the IEAK 11 Customization Wizard to customize Setup for the default browser and the latest browser updates.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 33d078e3-75b8-455b-9126-f0d272ed676f
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Internal Install page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Internal Install page in the IEAK 11 Wizard
+The **Internal Install** page of the Internet Explorer Customization Wizard 11 lets you customize Setup for the default browser and the latest browser updates, based on your company’s guidelines.
+
+**Note**
The customizations made on this page only apply to Internet Explorer for the desktop on Windows 7.
+
+**To use the Internal Install page**
+
+1. Pick either:
+
+ - **Allow user to choose.** Lets your employees pick their own default browser.
-OR-
+
+ - **Do not set IE as the default browser.** Won’t set IE as the default browser. However, your employees can still make IE the default.
+
+2. Click **Next** to go to the [User Experience](user-experience-ieak11-wizard.md) page or **Back** to go to the [Custom Components](custom-components-ieak11-wizard.md).
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/isp-security-ins-file-setting.md b/browsers/internet-explorer/ie11-ieak/isp-security-ins-file-setting.md
index 58fd70a9aa..b625916fd1 100644
--- a/browsers/internet-explorer/ie11-ieak/isp-security-ins-file-setting.md
+++ b/browsers/internet-explorer/ie11-ieak/isp-security-ins-file-setting.md
@@ -1,23 +1,24 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Use the \[ISP_Security\] .INS file setting to add the root certificate for your custom Internet Explorer package.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 4eca2de5-7071-45a2-9c99-75115be00d06
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the ISP_Security .INS file to add your root certificate (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the ISP_Security .INS file to add your root certificate
-Info about where you store the root certificate you’re adding to your custom package.
-
-|Name |Value |Description |
-|---------------|-----------------------|------------------------------------------------------------------------------------------|
-|RootCertPath |`` |Location and name of the root certificate you want to add to your custom install package. |
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Use the \[ISP_Security\] .INS file setting to add the root certificate for your custom Internet Explorer package.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 4eca2de5-7071-45a2-9c99-75115be00d06
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the ISP_Security .INS file to add your root certificate (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the ISP_Security .INS file to add your root certificate
+Info about where you store the root certificate you’re adding to your custom package.
+
+|Name |Value |Description |
+|---------------|-----------------------|------------------------------------------------------------------------------------------|
+|RootCertPath |`` |Location and name of the root certificate you want to add to your custom install package. |
+
diff --git a/browsers/internet-explorer/ie11-ieak/language-selection-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/language-selection-ieak11-wizard.md
index a266fcba98..b2f66781b7 100644
--- a/browsers/internet-explorer/ie11-ieak/language-selection-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/language-selection-ieak11-wizard.md
@@ -1,37 +1,38 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Language Selection page in the IEAK 11 Customization Wizard to choose the language for your IEAK 11 custom package.
-author: lomayor
-ms.prod: ie11
-ms.assetid: f9d4ab57-9b1d-4cbc-9398-63f4938df1f6
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Language Selection page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Language Selection page in the IEAK 11 Wizard
-The **Language Selection** page of the Internet Explorer Customization Wizard 11 lets you choose the language for your Internet Explorer Administration Kit 11 (IEAK 11) custom package. You can create custom Internet Explorer 11 packages in any of the languages your operating system version is available in.
-
-**Important**
Make sure that the language of your IEAK 11 installation matches the language of your custom IE11 package. If the languages don’t match, IEAK 11 won’t work properly.
-
-**To use the Language Selection page**
-
-1. Pick the language you want your custom IE11 installation package to use.
-You can support as many languages as you want, but each localized version must be in its own install package.
-**Note**
To keep your settings across multiple versions of the package, you can pick the same destination folder for all versions. The different language versions are then saved in separate subfolders within that destination folder. Like, for an English version, `C:\Cie\Build1\Flat\Win32_WIN8\en-US\` and for a German version, `C:\Cie\Build1\Flat\Win32_WIN8\de-DE\`.
-
-2. Click **Next** to go to the [Package Type Selection](pkg-type-selection-ieak11-wizard.md) page or **Back** to go to the [Platform Selection](platform-selection-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Language Selection page in the IEAK 11 Customization Wizard to choose the language for your IEAK 11 custom package.
+author: dansimp
+ms.prod: ie11
+ms.assetid: f9d4ab57-9b1d-4cbc-9398-63f4938df1f6
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Language Selection page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Language Selection page in the IEAK 11 Wizard
+The **Language Selection** page of the Internet Explorer Customization Wizard 11 lets you choose the language for your Internet Explorer Administration Kit 11 (IEAK 11) custom package. You can create custom Internet Explorer 11 packages in any of the languages your operating system version is available in.
+
+**Important**
Make sure that the language of your IEAK 11 installation matches the language of your custom IE11 package. If the languages don’t match, IEAK 11 won’t work properly.
+
+**To use the Language Selection page**
+
+1. Pick the language you want your custom IE11 installation package to use.
+You can support as many languages as you want, but each localized version must be in its own install package.
+**Note**
To keep your settings across multiple versions of the package, you can pick the same destination folder for all versions. The different language versions are then saved in separate subfolders within that destination folder. Like, for an English version, `C:\Cie\Build1\Flat\Win32_WIN8\en-US\` and for a German version, `C:\Cie\Build1\Flat\Win32_WIN8\de-DE\`.
+
+2. Click **Next** to go to the [Package Type Selection](pkg-type-selection-ieak11-wizard.md) page or **Back** to go to the [Platform Selection](platform-selection-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/licensing-version-and-features-ieak11.md b/browsers/internet-explorer/ie11-ieak/licensing-version-and-features-ieak11.md
index 7a6e3d009f..296dec1688 100644
--- a/browsers/internet-explorer/ie11-ieak/licensing-version-and-features-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/licensing-version-and-features-ieak11.md
@@ -2,8 +2,8 @@
ms.localizationpriority: medium
ms.mktglfcycl: plan
description: Learn about the version of the IEAK 11 you should run, based on your license agreement.
-author: lomayor
-ms.author: lomayor
+author: dansimp
+ms.author: dansimp
ms.prod: ie11
ms.assetid: 69d25451-08af-4db0-9daa-44ab272acc15
ms.reviewer:
diff --git a/browsers/internet-explorer/ie11-ieak/media-ins-file-setting.md b/browsers/internet-explorer/ie11-ieak/media-ins-file-setting.md
index 2aa91f6753..a441fe7be2 100644
--- a/browsers/internet-explorer/ie11-ieak/media-ins-file-setting.md
+++ b/browsers/internet-explorer/ie11-ieak/media-ins-file-setting.md
@@ -1,23 +1,24 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Use the \[Media\] .INS file setting to specify the types of media on which your custom install package is available.
-author: lomayor
-ms.prod: ie11
-ms.assetid: c57bae60-d520-49a9-a77d-da43f7ebe5b8
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Media .INS file to specify your install media (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Media .INS file to specify your install media
-The types of media on which your custom install package is available.
-
-|Name |Value |Description |
-|-----|------|-----------------|
-|Build_LAN |
- **0.** Don’t create the LAN-based installation package.
- **1.** Create the LAN-based installation package.
|Determines whether you want to create a LAN-based installation package. |
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Use the \[Media\] .INS file setting to specify the types of media on which your custom install package is available.
+author: dansimp
+ms.prod: ie11
+ms.assetid: c57bae60-d520-49a9-a77d-da43f7ebe5b8
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Media .INS file to specify your install media (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Media .INS file to specify your install media
+The types of media on which your custom install package is available.
+
+|Name |Value |Description |
+|-----|------|-----------------|
+|Build_LAN |- **0.** Don’t create the LAN-based installation package.
- **1.** Create the LAN-based installation package.
|Determines whether you want to create a LAN-based installation package. |
+
diff --git a/browsers/internet-explorer/ie11-ieak/pkg-type-selection-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/pkg-type-selection-ieak11-wizard.md
index 6cd52f789f..ce2517bf60 100644
--- a/browsers/internet-explorer/ie11-ieak/pkg-type-selection-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/pkg-type-selection-ieak11-wizard.md
@@ -1,39 +1,40 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Package Type Selection page in the IEAK 11 Customization Wizard to pick the media type you’ll use to distribute your custom package.
-author: lomayor
-ms.prod: ie11
-ms.assetid: dd91f788-d05e-4f45-9fd5-d951abf04f2c
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Package Type Selection page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Package Type Selection page in the IEAK 11 Wizard
-The **Package Type Selection** page of the Internet Explorer Customization Wizard 11 lets you pick which type of media you’ll use to distribute your custom installation package. You can pick more than one type, if you need it.
-
-**Important**
You can't create a full installation package for deployment to Windows 10 computers. That option only works for computers running Windows 7 or Windows 8.1.
-
-**To use the File Locations page**
-
-1. Check the **Full Installation Package** box if you’re going to build your package on, or move your package to, a local area network (LAN). This media package includes the Internet Explorer 11 installation files, and is named **IE11-Setup-Full.exe**, in the `\\FLAT\\` folder.-OR-
-
-2. Check the **Configuration-only package** box if you want to update an existing installation of IE11. This media package is named **IE11- Setup-Branding.exe**, in the `\\BrndOnly\\` folder.
-You can distribute this file on any media format or server. It customizes the IE11 features without re-installing IE.
-**Important**
You can’t include custom components in a configuration-only package.
-
-3. Click **Next** to go to the [Feature Selection](feature-selection-ieak11-wizard.md) page or **Back** to go to the [Language Selection](language-selection-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Package Type Selection page in the IEAK 11 Customization Wizard to pick the media type you’ll use to distribute your custom package.
+author: dansimp
+ms.prod: ie11
+ms.assetid: dd91f788-d05e-4f45-9fd5-d951abf04f2c
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Package Type Selection page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Package Type Selection page in the IEAK 11 Wizard
+The **Package Type Selection** page of the Internet Explorer Customization Wizard 11 lets you pick which type of media you’ll use to distribute your custom installation package. You can pick more than one type, if you need it.
+
+**Important**
You can't create a full installation package for deployment to Windows 10 computers. That option only works for computers running Windows 7 or Windows 8.1.
+
+**To use the File Locations page**
+
+1. Check the **Full Installation Package** box if you’re going to build your package on, or move your package to, a local area network (LAN). This media package includes the Internet Explorer 11 installation files, and is named **IE11-Setup-Full.exe**, in the `\\FLAT\\` folder.-OR-
+
+2. Check the **Configuration-only package** box if you want to update an existing installation of IE11. This media package is named **IE11- Setup-Branding.exe**, in the `\\BrndOnly\\` folder.
+You can distribute this file on any media format or server. It customizes the IE11 features without re-installing IE.
+**Important**
You can’t include custom components in a configuration-only package.
+
+3. Click **Next** to go to the [Feature Selection](feature-selection-ieak11-wizard.md) page or **Back** to go to the [Language Selection](language-selection-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/platform-selection-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/platform-selection-ieak11-wizard.md
index a3c0045275..342ac46d58 100644
--- a/browsers/internet-explorer/ie11-ieak/platform-selection-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/platform-selection-ieak11-wizard.md
@@ -2,12 +2,12 @@
ms.localizationpriority: medium
ms.mktglfcycl: deploy
description: How to use the Platform Selection page in the IEAK 11 Customization Wizard to pick the specs for your employee devices that will get the install package.
-author: lomayor
+author: dansimp
ms.prod: ie11
ms.assetid: 9cbf5abd-86f7-42b6-9810-0b606bbe8218
ms.reviewer:
manager: dansimp
-ms.author: lomayor
+ms.author: dansimp
title: Use the Platform Selection page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/internet-explorer/ie11-ieak/prep-network-install-with-ieak11.md b/browsers/internet-explorer/ie11-ieak/prep-network-install-with-ieak11.md
index 56252cfd10..809110fc8b 100644
--- a/browsers/internet-explorer/ie11-ieak/prep-network-install-with-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/prep-network-install-with-ieak11.md
@@ -1,35 +1,36 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: plan
-description: Learn about what you need to do before you deploy your custom browser package using IEAK 11 over your network.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 2c66d22a-4a94-47cc-82ab-7274abe1dfd6
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Before you install your package over your network using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Before you install your package over your network using IEAK 11
-Employees can install the custom browser package using a network server. However, you must either lower the intranet security level or make the server a trusted site.
-
-**To lower your intranet security**
-
-1. In Internet Explorer 11, click **Tools**, **Internet Options**, and then the **Security** tab.
-
-2. Click **Local intranet**, and then **Sites**.
-
-3. Uncheck **Automatically detect intranet network**, uncheck **Include all network paths (UNC)**, and then click **OK**.
-
-**To make your server a trusted site**
-
-1. From the **Security** tab, click **Trusted sites**, and then **Sites**.
-
-2. Type the location of the server with the downloadable custom browser package, and then click **Add**.
-
-3. Repeat this step for every server that will include the custom browser package for download.
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: plan
+description: Learn about what you need to do before you deploy your custom browser package using IEAK 11 over your network.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 2c66d22a-4a94-47cc-82ab-7274abe1dfd6
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Before you install your package over your network using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Before you install your package over your network using IEAK 11
+Employees can install the custom browser package using a network server. However, you must either lower the intranet security level or make the server a trusted site.
+
+**To lower your intranet security**
+
+1. In Internet Explorer 11, click **Tools**, **Internet Options**, and then the **Security** tab.
+
+2. Click **Local intranet**, and then **Sites**.
+
+3. Uncheck **Automatically detect intranet network**, uncheck **Include all network paths (UNC)**, and then click **OK**.
+
+**To make your server a trusted site**
+
+1. From the **Security** tab, click **Trusted sites**, and then **Sites**.
+
+2. Type the location of the server with the downloadable custom browser package, and then click **Add**.
+
+3. Repeat this step for every server that will include the custom browser package for download.
+
diff --git a/browsers/internet-explorer/ie11-ieak/programs-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/programs-ieak11-wizard.md
index 8b0ff1ece4..8b46cc1615 100644
--- a/browsers/internet-explorer/ie11-ieak/programs-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/programs-ieak11-wizard.md
@@ -2,12 +2,12 @@
ms.localizationpriority: medium
ms.mktglfcycl: deploy
description: How to use the Programs page in the IEAK 11 Customization Wizard to pick the default programs to use for Internet services.
-author: lomayor
+author: dansimp
ms.prod: ie11
ms.assetid: f715668f-a50d-4db0-b578-e6526fbfa1fc
ms.reviewer:
manager: dansimp
-ms.author: lomayor
+ms.author: dansimp
title: Use the Programs page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
ms.sitesec: library
ms.date: 07/27/2017
diff --git a/browsers/internet-explorer/ie11-ieak/proxy-auto-config-examples.md b/browsers/internet-explorer/ie11-ieak/proxy-auto-config-examples.md
index 347e753856..06213a78ae 100644
--- a/browsers/internet-explorer/ie11-ieak/proxy-auto-config-examples.md
+++ b/browsers/internet-explorer/ie11-ieak/proxy-auto-config-examples.md
@@ -1,181 +1,182 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Learn about how to use a proxy auto-configuration (.pac) file to specify an automatic proxy URL.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 6c94708d-71bd-44bd-a445-7e6763b374ae
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use proxy auto-configuration (.pac) files with IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use proxy auto-configuration (.pac) files with IEAK 11
-These are various ways you can use a proxy auto-configuration (.pac) file to specify an automatic proxy URL. We've included some examples here to help guide you, but you'll need to change the proxy names, port numbers, and IP addresses to match your organization's info.
-
-Included examples:
-- [Example 1: Connect directly if the host is local](#example-1-connect-directly-if-the-host-is-local)
-- [Example 2: Connect directly if the host is inside the firewall](#example-2-connect-directly-if-the-host-is-inside-the-firewall)
-- [Example 3: Connect directly if the host name is resolvable](#example-3-connect-directly-if-the-host-name-is-resolvable)
-- [Example 4: Connect directly if the host is in specified subnet](#example-4-connect-directly-if-the-host-is-in-specified-subnet)
-- [Example 5: Determine the connection type based on the host domain](#example-5-determine-the-connection-type-based-on-the-host-domain)
-- [Example 6: Determine the connection type based on the protocol](#example-6-determine-the-connection-type-based-on-the-protocol)
-- [Example 7: Determine the proxy server based on the host name matching the IP address](#example-7-determine-the-proxy-server-based-on-the-host-name-matching-the-ip-address)
-- [Example 8: Connect using a proxy server if the host IP address matches the specified IP address](#example-8-connect-using-a-proxy-server-if-the-host-ip-address-matches-the-specified-ip-address)
-- [Example 9: Connect using a proxy server if there are periods in the host name](#example-9-connect-using-a-proxy-server-if-there-are-periods-in-the-host-name)
-- [Example 10: Connect using a proxy server based on specific days of the week](#example-10-connect-using-a-proxy-server-based-on-specific-days-of-the-week)
-
-
-## Example 1: Connect directly if the host is local
-In this example, if the host is local, it can connect directly. However, if the server isn't local, it must connect through a proxy server. Specifically, the `isPlainHostName` function looks to see if there are any periods (.) in the host name. If the function finds periods, it means the host isn’t local and it returns false. Otherwise, the function returns true.
-
-``` javascript
-function FindProxyForURL(url, host)
- {
- if (isPlainHostName(host))
- return "DIRECT";
- else
- return "PROXY proxy:80";
- }
-```
-## Example 2: Connect directly if the host is inside the firewall
-In this example, if the host is inside the firewall, it can connect directly. However, if the server is outside the firewall, it must connect through a proxy server. Specifically, the `localHostOrDomainIs` function only runs for URLs in the local domain. If the host domain name matches the provided domain information, the `dnsDomainIs` function returns true.
-
-``` javascript
-function FindProxyForURL(url, host)
- {
- if ((isPlainHostName(host) ||
- dnsDomainIs(host, ".company.com")) &&
- !localHostOrDomainIs(host, "www.company.com") &&
- !localHostOrDoaminIs(host, "home.company.com"))
- return "DIRECT";
- else
- return "PROXY proxy:80";
-}
-```
-## Example 3: Connect directly if the host name is resolvable
-In this example, if the host name can be resolved, it can connect directly. However, if the name can’t be resolved, the server must connect through a proxy server. Specifically, this function requests the DNS server to resolve the host name it's passed. If the name can be resolved, a direct connection is made. If it can't, the connection is made using a proxy. This is particularly useful when an internal DNS server is used to resolve all internal host names.
-
-**Important**
The `isResolvable` function queries a Domain Name System (DNS) server. References to Object Model objects, properties, or methods cause the proxy auto-configuration file to fail silently. For example, the references `window.open(...)`, `alert(...)`, and `password(...)` all cause the proxy auto-configuration file to fail.
-
-``` javascript
-function FindProxyForURL(url, host)
- {
- if (isResolvable(host))
- return "DIRECT";
- else
- return "PROXY proxy:80";
- }
-```
-
-## Example 4: Connect directly if the host is in specified subnet
-In this example, if the host is in a specified subnet, it can connect directly. However, if the server is outside of the specified subnet, it must connect through a proxy server. Specifically, the `isInNet` (host, pattern, mask) function returns true if the host IP address matches the specified pattern. The mask indicates which part of the IP address to match (255=match, 0=ignore).
-
-**Important**
The `isInNet` function queries a DNS server. References to Object Model objects, properties, or methods cause the proxy auto-configuration file to fail silently. For example, the references `window.open(...)`, `alert(...)`, and `password(...)` all cause the proxy auto-configuration file to fail.
-
-``` javascript
-function FindProxyForURL(url, host)
- {
- if (isInNet(host, "999.99.9.9", "255.0.255.0"))
- return "DIRECT";
- else
- return "PROXY proxy:80";
- }
-```
-## Example 5: Determine the connection type based on the host domain
-In this example, if the host is local, the server can connect directly. However, if the host isn’t local, this function determines which proxy to use based on the host domain. Specifically, the `shExpMatch(str, shexp)` function returns true if `str` matches the `shexp` using shell expression patterns. This is particularly useful when the host domain name is one of the criteria for proxy selection.
-
-``` javascript
-function FindProxyForURL(url, host)
- {
- if (isPlainHostName(host))
- return "DIRECT";
- else if (shExpMatch(host, "*.com"))
- return "PROXY comproxy:80";
- else if (shExpMatch(host, "*.edu"))
- return "PROXY eduproxy:80";
- else
- return "PROXY proxy";
- }
-```
-## Example 6: Determine the connection type based on the protocol
-In this example, the in-use protocol is extracted from the server and used to make a proxy selection. If no protocol match occurs, the server is directly connected. Specifically the `substring` function extracts the specified number of characters from a string. This is particularly useful when protocol is one of the criteria for proxy selection.
-
-``` javascript
-function FindProxyForURL(url, host)
- {
- if (url.substring(0, 5) == "http:") {
- return "PROXY proxy:80";
- }
- else if (url.substring(0, 4) == "ftp:") {
- return "PROXY fproxy:80";
- }
- else if (url.substring(0, 6) == "https:") {
- return "PROXY secproxy:8080";
- }
- else {
- return "DIRECT";
- }
- }
-```
-## Example 7: Determine the proxy server based on the host name matching the IP address
-In this example, the proxy server is selected by translating the host name into an IP address and then comparing the address to a specified string.
-
-**Important**
The `dnsResolve` function queries a DNS server. References to Object Model objects, properties, or methods cause the proxy auto-configuration file to fail silently. For example, the references `window.open(...)`, `alert(...)`, and `password(...)` all cause the proxy auto-configuration file to fail.
-
-``` javascript
-function FindProxyForURL(url, host)
- {
- if (dnsResolve(host) == "999.99.99.999") { // = https://secproxy
- return "PROXY secproxy:8080";
- }
- else {
- return "PROXY proxy:80";
- }
- }
-```
-## Example 8: Connect using a proxy server if the host IP address matches the specified IP address
-In this example, the proxy server is selected by explicitly getting the IP address and then comparing it to a specified string. If no protocol match occurs, the server makes a direct connection. Specifically, the `myIpAddress` function returns the IP address (in integer-period format) for the host that the browser is running on.
-
-``` javascript
-function FindProxyForURL(url, host)
- {
- if (myIpAddress() == "999.99.999.99") {
- return "PROXY proxy:80";
- }
- else {
- return "DIRECT";
- }
- }
-```
-## Example 9: Connect using a proxy server if there are periods in the host name
-In this example, the function looks to see if there are periods (.) in the host name. If there are any periods, the connection occurs using a proxy server. If there are no periods, a direct connection occurs. Specifically, the `dnsDomainLevels` function returns an integer equal to the number of periods in the host name.
-
-**Note**
This is another way to determine connection types based on host name characteristics.
-
-``` javascript
-function FindProxyForURL(url, host)
- {
- if (dnsDomainLevels(host) > 0) { // if the number of periods in host > 0
- return "PROXY proxy:80";
- }
- return "DIRECT";
- }
-```
-## Example 10: Connect using a proxy server based on specific days of the week
-In this example, the function decides whether to connect to a proxy server, based on the days of the week. Connecting on days that don’t fall between the specified date parameters let the server make a direct connection. Specifically the `weekdayRange(day1 [,day2] [,GMT] )` function returns whether the current system time falls within the range specified by the parameters `day1`, `day2`, and `GMT`. Only the first parameter is required. The GMT parameter presumes time values are in Greenwich Mean Time rather than the local time zone. This function is particularly useful for situations where you want to use a proxy server for heavy traffic times, but allow a direct connection when traffic is light.
-
-``` javascript
-function FindProxyForURL(url, host)
- {
- if(weekdayRange("WED", "SAT", "GMT"))
- return "PROXY proxy:80";
- else
- return "DIRECT";
- }
-```
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Learn about how to use a proxy auto-configuration (.pac) file to specify an automatic proxy URL.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 6c94708d-71bd-44bd-a445-7e6763b374ae
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use proxy auto-configuration (.pac) files with IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use proxy auto-configuration (.pac) files with IEAK 11
+These are various ways you can use a proxy auto-configuration (.pac) file to specify an automatic proxy URL. We've included some examples here to help guide you, but you'll need to change the proxy names, port numbers, and IP addresses to match your organization's info.
+
+Included examples:
+- [Example 1: Connect directly if the host is local](#example-1-connect-directly-if-the-host-is-local)
+- [Example 2: Connect directly if the host is inside the firewall](#example-2-connect-directly-if-the-host-is-inside-the-firewall)
+- [Example 3: Connect directly if the host name is resolvable](#example-3-connect-directly-if-the-host-name-is-resolvable)
+- [Example 4: Connect directly if the host is in specified subnet](#example-4-connect-directly-if-the-host-is-in-specified-subnet)
+- [Example 5: Determine the connection type based on the host domain](#example-5-determine-the-connection-type-based-on-the-host-domain)
+- [Example 6: Determine the connection type based on the protocol](#example-6-determine-the-connection-type-based-on-the-protocol)
+- [Example 7: Determine the proxy server based on the host name matching the IP address](#example-7-determine-the-proxy-server-based-on-the-host-name-matching-the-ip-address)
+- [Example 8: Connect using a proxy server if the host IP address matches the specified IP address](#example-8-connect-using-a-proxy-server-if-the-host-ip-address-matches-the-specified-ip-address)
+- [Example 9: Connect using a proxy server if there are periods in the host name](#example-9-connect-using-a-proxy-server-if-there-are-periods-in-the-host-name)
+- [Example 10: Connect using a proxy server based on specific days of the week](#example-10-connect-using-a-proxy-server-based-on-specific-days-of-the-week)
+
+
+## Example 1: Connect directly if the host is local
+In this example, if the host is local, it can connect directly. However, if the server isn't local, it must connect through a proxy server. Specifically, the `isPlainHostName` function looks to see if there are any periods (.) in the host name. If the function finds periods, it means the host isn’t local and it returns false. Otherwise, the function returns true.
+
+``` javascript
+function FindProxyForURL(url, host)
+ {
+ if (isPlainHostName(host))
+ return "DIRECT";
+ else
+ return "PROXY proxy:80";
+ }
+```
+## Example 2: Connect directly if the host is inside the firewall
+In this example, if the host is inside the firewall, it can connect directly. However, if the server is outside the firewall, it must connect through a proxy server. Specifically, the `localHostOrDomainIs` function only runs for URLs in the local domain. If the host domain name matches the provided domain information, the `dnsDomainIs` function returns true.
+
+``` javascript
+function FindProxyForURL(url, host)
+ {
+ if ((isPlainHostName(host) ||
+ dnsDomainIs(host, ".company.com")) &&
+ !localHostOrDomainIs(host, "www.company.com") &&
+ !localHostOrDoaminIs(host, "home.company.com"))
+ return "DIRECT";
+ else
+ return "PROXY proxy:80";
+}
+```
+## Example 3: Connect directly if the host name is resolvable
+In this example, if the host name can be resolved, it can connect directly. However, if the name can’t be resolved, the server must connect through a proxy server. Specifically, this function requests the DNS server to resolve the host name it's passed. If the name can be resolved, a direct connection is made. If it can't, the connection is made using a proxy. This is particularly useful when an internal DNS server is used to resolve all internal host names.
+
+**Important**
The `isResolvable` function queries a Domain Name System (DNS) server. References to Object Model objects, properties, or methods cause the proxy auto-configuration file to fail silently. For example, the references `window.open(...)`, `alert(...)`, and `password(...)` all cause the proxy auto-configuration file to fail.
+
+``` javascript
+function FindProxyForURL(url, host)
+ {
+ if (isResolvable(host))
+ return "DIRECT";
+ else
+ return "PROXY proxy:80";
+ }
+```
+
+## Example 4: Connect directly if the host is in specified subnet
+In this example, if the host is in a specified subnet, it can connect directly. However, if the server is outside of the specified subnet, it must connect through a proxy server. Specifically, the `isInNet` (host, pattern, mask) function returns true if the host IP address matches the specified pattern. The mask indicates which part of the IP address to match (255=match, 0=ignore).
+
+**Important**
The `isInNet` function queries a DNS server. References to Object Model objects, properties, or methods cause the proxy auto-configuration file to fail silently. For example, the references `window.open(...)`, `alert(...)`, and `password(...)` all cause the proxy auto-configuration file to fail.
+
+``` javascript
+function FindProxyForURL(url, host)
+ {
+ if (isInNet(host, "999.99.9.9", "255.0.255.0"))
+ return "DIRECT";
+ else
+ return "PROXY proxy:80";
+ }
+```
+## Example 5: Determine the connection type based on the host domain
+In this example, if the host is local, the server can connect directly. However, if the host isn’t local, this function determines which proxy to use based on the host domain. Specifically, the `shExpMatch(str, shexp)` function returns true if `str` matches the `shexp` using shell expression patterns. This is particularly useful when the host domain name is one of the criteria for proxy selection.
+
+``` javascript
+function FindProxyForURL(url, host)
+ {
+ if (isPlainHostName(host))
+ return "DIRECT";
+ else if (shExpMatch(host, "*.com"))
+ return "PROXY comproxy:80";
+ else if (shExpMatch(host, "*.edu"))
+ return "PROXY eduproxy:80";
+ else
+ return "PROXY proxy";
+ }
+```
+## Example 6: Determine the connection type based on the protocol
+In this example, the in-use protocol is extracted from the server and used to make a proxy selection. If no protocol match occurs, the server is directly connected. Specifically the `substring` function extracts the specified number of characters from a string. This is particularly useful when protocol is one of the criteria for proxy selection.
+
+``` javascript
+function FindProxyForURL(url, host)
+ {
+ if (url.substring(0, 5) == "http:") {
+ return "PROXY proxy:80";
+ }
+ else if (url.substring(0, 4) == "ftp:") {
+ return "PROXY fproxy:80";
+ }
+ else if (url.substring(0, 6) == "https:") {
+ return "PROXY secproxy:8080";
+ }
+ else {
+ return "DIRECT";
+ }
+ }
+```
+## Example 7: Determine the proxy server based on the host name matching the IP address
+In this example, the proxy server is selected by translating the host name into an IP address and then comparing the address to a specified string.
+
+**Important**
The `dnsResolve` function queries a DNS server. References to Object Model objects, properties, or methods cause the proxy auto-configuration file to fail silently. For example, the references `window.open(...)`, `alert(...)`, and `password(...)` all cause the proxy auto-configuration file to fail.
+
+``` javascript
+function FindProxyForURL(url, host)
+ {
+ if (dnsResolve(host) == "999.99.99.999") { // = https://secproxy
+ return "PROXY secproxy:8080";
+ }
+ else {
+ return "PROXY proxy:80";
+ }
+ }
+```
+## Example 8: Connect using a proxy server if the host IP address matches the specified IP address
+In this example, the proxy server is selected by explicitly getting the IP address and then comparing it to a specified string. If no protocol match occurs, the server makes a direct connection. Specifically, the `myIpAddress` function returns the IP address (in integer-period format) for the host that the browser is running on.
+
+``` javascript
+function FindProxyForURL(url, host)
+ {
+ if (myIpAddress() == "999.99.999.99") {
+ return "PROXY proxy:80";
+ }
+ else {
+ return "DIRECT";
+ }
+ }
+```
+## Example 9: Connect using a proxy server if there are periods in the host name
+In this example, the function looks to see if there are periods (.) in the host name. If there are any periods, the connection occurs using a proxy server. If there are no periods, a direct connection occurs. Specifically, the `dnsDomainLevels` function returns an integer equal to the number of periods in the host name.
+
+**Note**
This is another way to determine connection types based on host name characteristics.
+
+``` javascript
+function FindProxyForURL(url, host)
+ {
+ if (dnsDomainLevels(host) > 0) { // if the number of periods in host > 0
+ return "PROXY proxy:80";
+ }
+ return "DIRECT";
+ }
+```
+## Example 10: Connect using a proxy server based on specific days of the week
+In this example, the function decides whether to connect to a proxy server, based on the days of the week. Connecting on days that don’t fall between the specified date parameters let the server make a direct connection. Specifically the `weekdayRange(day1 [,day2] [,GMT] )` function returns whether the current system time falls within the range specified by the parameters `day1`, `day2`, and `GMT`. Only the first parameter is required. The GMT parameter presumes time values are in Greenwich Mean Time rather than the local time zone. This function is particularly useful for situations where you want to use a proxy server for heavy traffic times, but allow a direct connection when traffic is light.
+
+``` javascript
+function FindProxyForURL(url, host)
+ {
+ if(weekdayRange("WED", "SAT", "GMT"))
+ return "PROXY proxy:80";
+ else
+ return "DIRECT";
+ }
+```
+
diff --git a/browsers/internet-explorer/ie11-ieak/proxy-ins-file-setting.md b/browsers/internet-explorer/ie11-ieak/proxy-ins-file-setting.md
index 5b10604a11..80e2e5d2c0 100644
--- a/browsers/internet-explorer/ie11-ieak/proxy-ins-file-setting.md
+++ b/browsers/internet-explorer/ie11-ieak/proxy-ins-file-setting.md
@@ -1,30 +1,31 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Use the \[Proxy\] .INS file setting to define whether to use a proxy server.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 30b03c2f-e3e5-48d2-9007-e3fd632f3c18
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Proxy .INS file to specify a proxy server (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Proxy .INS file to specify a proxy server
-Info about whether to use a proxy server. If yes, this also includes the host names for the proxy server.
-
-|Name |Value |Description |
-|-----|------|------------|
-|FTP_Proxy_Server |`` |The host name for the FTP proxy server. |
-|Gopher_Proxy_Server |`` |We no longer support Gopher Server. |
-|HTTP_Proxy_Server |`` |The host name for the HTTP proxy server. |
-|Proxy_Enable |- **0.** Don’t use a proxy server.
- **1.** Use a proxy server.
|Determines whether to use a proxy server. |
-|Proxy_Override |`` |The host name for the proxy server. For example, ``. |
-|Secure_Proxy_Server |`` |The host name for the secure proxy server. |
-|Socks_Proxy_Server |`` |The host name for the SOCKS proxy server. |
-|Use_Same_Proxy |- **0.** Don’t use the same proxy server for all services.
- **1.** Use the same proxy server for all services.
|Determines whether to use a single proxy server for all services. |
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Use the \[Proxy\] .INS file setting to define whether to use a proxy server.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 30b03c2f-e3e5-48d2-9007-e3fd632f3c18
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Proxy .INS file to specify a proxy server (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Proxy .INS file to specify a proxy server
+Info about whether to use a proxy server. If yes, this also includes the host names for the proxy server.
+
+|Name |Value |Description |
+|-----|------|------------|
+|FTP_Proxy_Server |`` |The host name for the FTP proxy server. |
+|Gopher_Proxy_Server |`` |We no longer support Gopher Server. |
+|HTTP_Proxy_Server |`` |The host name for the HTTP proxy server. |
+|Proxy_Enable |- **0.** Don’t use a proxy server.
- **1.** Use a proxy server.
|Determines whether to use a proxy server. |
+|Proxy_Override |`` |The host name for the proxy server. For example, ``. |
+|Secure_Proxy_Server |`` |The host name for the secure proxy server. |
+|Socks_Proxy_Server |`` |The host name for the SOCKS proxy server. |
+|Use_Same_Proxy |- **0.** Don’t use the same proxy server for all services.
- **1.** Use the same proxy server for all services.
|Determines whether to use a single proxy server for all services. |
+
diff --git a/browsers/internet-explorer/ie11-ieak/proxy-settings-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/proxy-settings-ieak11-wizard.md
index 8ee40e8323..a99dc70ae0 100644
--- a/browsers/internet-explorer/ie11-ieak/proxy-settings-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/proxy-settings-ieak11-wizard.md
@@ -1,55 +1,56 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Proxy Settings page in the IEAK 11 Customization Wizard to pick the proxy servers used to connect to required services.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 1fa1eee3-e97d-41fa-a48c-4a6e0dc8b544
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Proxy Settings page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Proxy Settings page in the IEAK 11 Wizard
-The **Proxy Settings** page of the Internet Explorer Customization Wizard 11 lets you pick the proxy servers used by your employees to connect for services required by the custom install package.
-
-Using a proxy server lets you limit access to the Internet. You can also use the **Additional Settings** page of the wizard to further restrict your employees from changing the proxy settings.
-
-**To use the Proxy Settings page**
-
-1. Check the **Enable proxy settings** box if you want to use proxy servers for any of your services.
-
-2. Type the address of the proxy server you want to use for your services into the **Address of proxy** box. In most cases, a single proxy server is used for all of your services.
-Proxy locations that don’t begin with a protocol (like, https:// or ftp://) are assumed to be a CERN-type HTTP proxy. For example, the entry *proxy* is treated the same as the entry `https://proxy`.
-
-3. Type the port for each service. The default value is *80*.
-
-4. Check the **Use the same proxy server for all addresses** box to use the same proxy server settings for all of your services.
-
-5. Type any services that shouldn’t use a proxy server into the **Do not use proxy server for addresses beginning with** box.
-When filling out your exceptions, keep in mind:
-
- - Proxy bypass entries can begin with a protocol type, such as https://, https://, or ftp://. However, if a protocol type is used, the exception entry applies only to requests for that protocol.
-
- - Protocol values are not case sensitive and you can use a wildcard character (*) in place of zero or more characters.
-
- - You must use a semicolon between your entries.
-
- - This list is limited to **2064** characters.
-
-6. Check the **Do not use proxy server for local (intranet) addresses** to bypass your proxy servers for all addresses on your intranet.
-
-7. Click **Next** to go to the [Security and Privacy Settings](security-and-privacy-settings-ieak11-wizard.md) page or **Back** to go to the [Automatic Configuration](auto-config-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Proxy Settings page in the IEAK 11 Customization Wizard to pick the proxy servers used to connect to required services.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 1fa1eee3-e97d-41fa-a48c-4a6e0dc8b544
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Proxy Settings page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Proxy Settings page in the IEAK 11 Wizard
+The **Proxy Settings** page of the Internet Explorer Customization Wizard 11 lets you pick the proxy servers used by your employees to connect for services required by the custom install package.
+
+Using a proxy server lets you limit access to the Internet. You can also use the **Additional Settings** page of the wizard to further restrict your employees from changing the proxy settings.
+
+**To use the Proxy Settings page**
+
+1. Check the **Enable proxy settings** box if you want to use proxy servers for any of your services.
+
+2. Type the address of the proxy server you want to use for your services into the **Address of proxy** box. In most cases, a single proxy server is used for all of your services.
+Proxy locations that don’t begin with a protocol (like, https:// or ftp://) are assumed to be a CERN-type HTTP proxy. For example, the entry *proxy* is treated the same as the entry `https://proxy`.
+
+3. Type the port for each service. The default value is *80*.
+
+4. Check the **Use the same proxy server for all addresses** box to use the same proxy server settings for all of your services.
+
+5. Type any services that shouldn’t use a proxy server into the **Do not use proxy server for addresses beginning with** box.
+When filling out your exceptions, keep in mind:
+
+ - Proxy bypass entries can begin with a protocol type, such as https://, https://, or ftp://. However, if a protocol type is used, the exception entry applies only to requests for that protocol.
+
+ - Protocol values are not case sensitive and you can use a wildcard character (*) in place of zero or more characters.
+
+ - You must use a semicolon between your entries.
+
+ - This list is limited to **2064** characters.
+
+6. Check the **Do not use proxy server for local (intranet) addresses** to bypass your proxy servers for all addresses on your intranet.
+
+7. Click **Next** to go to the [Security and Privacy Settings](security-and-privacy-settings-ieak11-wizard.md) page or **Back** to go to the [Automatic Configuration](auto-config-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/register-uninstall-app-ieak11.md b/browsers/internet-explorer/ie11-ieak/register-uninstall-app-ieak11.md
index 0a26a051db..c6fb131002 100644
--- a/browsers/internet-explorer/ie11-ieak/register-uninstall-app-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/register-uninstall-app-ieak11.md
@@ -1,28 +1,29 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Learn how to register an uninstall app for your custom components, using IEAK 11.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 4da1d408-af4a-4c89-a491-d6f005fd5005
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Register an uninstall app for custom components using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
-ms.date: 07/27/2017
----
-
-
-# Register an uninstall app for custom components using IEAK 11
-Register the uninstall apps for any custom components you’ve included in your Internet Explorer 11 package. Registering these apps lets your employees remove the components later, using **Uninstall or change a program** in the Control Panel.
-
-## Register your uninstallation program
-While you’re running your custom component setup process, your app can add information to the subkeys in the `HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ApplicationName` registry key, registering your uninstallation program.
-
-**Note**
IE11 also uses this registry key to verify that the component installed successfully during setup.
-
-|Subkey |Data type |Value |
-|-------|----------|-----------|
-|DisplayName |*string* |Friendly name for your uninstall app. This name must match your **Uninstall Key** in the **Add a Custom Component** page of the Internet Explorer Customization Wizard 11. For more info, see the [Custom Components](custom-components-ieak11-wizard.md) page. |
-|UninstallString |*string* |Full command-line text, including the path, to uninstall your component. You must not use a batch file or a sub-process. |
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Learn how to register an uninstall app for your custom components, using IEAK 11.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 4da1d408-af4a-4c89-a491-d6f005fd5005
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Register an uninstall app for custom components using IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
+ms.date: 07/27/2017
+---
+
+
+# Register an uninstall app for custom components using IEAK 11
+Register the uninstall apps for any custom components you’ve included in your Internet Explorer 11 package. Registering these apps lets your employees remove the components later, using **Uninstall or change a program** in the Control Panel.
+
+## Register your uninstallation program
+While you’re running your custom component setup process, your app can add information to the subkeys in the `HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ApplicationName` registry key, registering your uninstallation program.
+
+**Note**
IE11 also uses this registry key to verify that the component installed successfully during setup.
+
+|Subkey |Data type |Value |
+|-------|----------|-----------|
+|DisplayName |*string* |Friendly name for your uninstall app. This name must match your **Uninstall Key** in the **Add a Custom Component** page of the Internet Explorer Customization Wizard 11. For more info, see the [Custom Components](custom-components-ieak11-wizard.md) page. |
+|UninstallString |*string* |Full command-line text, including the path, to uninstall your component. You must not use a batch file or a sub-process. |
+
diff --git a/browsers/internet-explorer/ie11-ieak/rsop-snapin-for-policy-settings-ieak11.md b/browsers/internet-explorer/ie11-ieak/rsop-snapin-for-policy-settings-ieak11.md
index db2bad72cd..8bf7232c7c 100644
--- a/browsers/internet-explorer/ie11-ieak/rsop-snapin-for-policy-settings-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/rsop-snapin-for-policy-settings-ieak11.md
@@ -1,46 +1,47 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: manage
-description: Learn how to use the Resultant Set of Policy (RSoP) snap-in to view your policy settings.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 0f21b320-e879-4a06-8589-aae6fc264666
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the RSoP snap-in to review policy settings (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Using the Resultant Set of Policy (RSoP) snap-in to review policy settings
-After you’ve deployed your custom Internet Explorer package to your employees, you can use the Resultant Set of Policy (RSoP) snap-in to view your created policy settings. The RSoP snap-in is a two-step process. First, you run the RSoP wizard to determine what information should be viewed. Second, you open the specific items in the console window to view the settings. For complete instructions about how to use RSoP, see [Resultant Set of Policy](https://go.microsoft.com/fwlink/p/?LinkId=259479).
-
-**To add the RSoP snap-in**
-
-1. On the **Start** screen, type *MMC*.
-The Microsoft Management Console opens.
-
-2. Click **File**, and then click **Add/Remove Snap-in**.
-
-3. In the **Available snap-ins** window, go down to the **Resultant Set of Policy** snap-in option, click **Add**, and then click **OK**.
-You’re now ready to use the RSoP snap-in from the console.
-
-**To use the RSoP snap-in**
-
-1. Right-click **Resultant Set of Policy** and then click **Generate RSoP Data**.
-You’ll only need to go through the resulting RSoP Wizard first time you run the snap-in.
-
-2. Click **Next** on the **Welcome** screen.
-
-3. Under **Computer Configuration**, click **Administrative Templates**, click **Windows Components**, click **IE**, and then click the feature you want to review the policy settings for.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: manage
+description: Learn how to use the Resultant Set of Policy (RSoP) snap-in to view your policy settings.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 0f21b320-e879-4a06-8589-aae6fc264666
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the RSoP snap-in to review policy settings (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Using the Resultant Set of Policy (RSoP) snap-in to review policy settings
+After you’ve deployed your custom Internet Explorer package to your employees, you can use the Resultant Set of Policy (RSoP) snap-in to view your created policy settings. The RSoP snap-in is a two-step process. First, you run the RSoP wizard to determine what information should be viewed. Second, you open the specific items in the console window to view the settings. For complete instructions about how to use RSoP, see [Resultant Set of Policy](https://go.microsoft.com/fwlink/p/?LinkId=259479).
+
+**To add the RSoP snap-in**
+
+1. On the **Start** screen, type *MMC*.
+The Microsoft Management Console opens.
+
+2. Click **File**, and then click **Add/Remove Snap-in**.
+
+3. In the **Available snap-ins** window, go down to the **Resultant Set of Policy** snap-in option, click **Add**, and then click **OK**.
+You’re now ready to use the RSoP snap-in from the console.
+
+**To use the RSoP snap-in**
+
+1. Right-click **Resultant Set of Policy** and then click **Generate RSoP Data**.
+You’ll only need to go through the resulting RSoP Wizard first time you run the snap-in.
+
+2. Click **Next** on the **Welcome** screen.
+
+3. Under **Computer Configuration**, click **Administrative Templates**, click **Windows Components**, click **IE**, and then click the feature you want to review the policy settings for.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/search-providers-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/search-providers-ieak11-wizard.md
index 2f2c8052cf..f66425a743 100644
--- a/browsers/internet-explorer/ie11-ieak/search-providers-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/search-providers-ieak11-wizard.md
@@ -1,56 +1,57 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Search Providers page in the IEAK 11 Customization Wizard to add additional providers and set the default.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 48cfaba5-f4c0-493c-b656-445311b7bc52
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Search Providers page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Search Providers page in the IEAK 11 Wizard
-The **Search Providers** page of the Internet Explorer Customization Wizard 11 lets you add a default search provider (typically, Bing®) and additional providers to your custom version of IE.
-
-**Note**
The Internet Explorer Customization Wizard 11 offers improved and extended search settings. However, you can still optionally include support for Search Suggestions and Favicons, as well as Accelerator previews by using an .ins file from a previous version of IEAK.
-
-**To use the Search Providers page**
-
-1. Click **Import** to automatically import your existing search providers from your current version of IE into this list.
-
-2. Click **Add** to add more providers.
-The **Search Provider** box appears.
-
-3. In the **Display Name** box, type the text that appears in the **Search Options** menu for the search provider.
-
-4. In the **URL** box, type the full URL to the search provider, including the https:// prefix.
-
-5. In the **Favicon URL** box, type the full URL to any icon to associate with your provider.
-
-6. In the **Suggestions URL (XML)** box, type the associated search suggestions in XML format.
-
-7. In the **Suggestions URL (JSON)** box, type the associated search suggestions in JavaScript Object Notation format.
-
-8. In the **Accelerator Preview URL** box, type the associated Accelerator preview URL for each provider, if it’s necessary.
-
-9. Check the **Display Search Suggestions for this provider** box to turn on search suggestions for the provider, and then click **OK**.
-
-10. Check the **Search Guide URL Customization** box if you’re going to add your search providers to a custom webpage for your employees. Then, type the URL to the custom webpage in the text box.
-
-11. Click **Edit** to change your search provider information, click **Set Default** to make a search provider the default for your employees, or **Remove** to delete a search provider.
-
-12. Click **Next** to go to the [Important URLs - Home Page and Support](important-urls-home-page-and-support-ieak11-wizard.md) page or **Back** to go to the [Browser User Interface](browser-ui-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Search Providers page in the IEAK 11 Customization Wizard to add additional providers and set the default.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 48cfaba5-f4c0-493c-b656-445311b7bc52
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Search Providers page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Search Providers page in the IEAK 11 Wizard
+The **Search Providers** page of the Internet Explorer Customization Wizard 11 lets you add a default search provider (typically, Bing®) and additional providers to your custom version of IE.
+
+**Note**
The Internet Explorer Customization Wizard 11 offers improved and extended search settings. However, you can still optionally include support for Search Suggestions and Favicons, as well as Accelerator previews by using an .ins file from a previous version of IEAK.
+
+**To use the Search Providers page**
+
+1. Click **Import** to automatically import your existing search providers from your current version of IE into this list.
+
+2. Click **Add** to add more providers.
+The **Search Provider** box appears.
+
+3. In the **Display Name** box, type the text that appears in the **Search Options** menu for the search provider.
+
+4. In the **URL** box, type the full URL to the search provider, including the https:// prefix.
+
+5. In the **Favicon URL** box, type the full URL to any icon to associate with your provider.
+
+6. In the **Suggestions URL (XML)** box, type the associated search suggestions in XML format.
+
+7. In the **Suggestions URL (JSON)** box, type the associated search suggestions in JavaScript Object Notation format.
+
+8. In the **Accelerator Preview URL** box, type the associated Accelerator preview URL for each provider, if it’s necessary.
+
+9. Check the **Display Search Suggestions for this provider** box to turn on search suggestions for the provider, and then click **OK**.
+
+10. Check the **Search Guide URL Customization** box if you’re going to add your search providers to a custom webpage for your employees. Then, type the URL to the custom webpage in the text box.
+
+11. Click **Edit** to change your search provider information, click **Set Default** to make a search provider the default for your employees, or **Remove** to delete a search provider.
+
+12. Click **Next** to go to the [Important URLs - Home Page and Support](important-urls-home-page-and-support-ieak11-wizard.md) page or **Back** to go to the [Browser User Interface](browser-ui-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/security-and-ieak11.md b/browsers/internet-explorer/ie11-ieak/security-and-ieak11.md
index 9db3006a23..71d99f8b9f 100644
--- a/browsers/internet-explorer/ie11-ieak/security-and-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/security-and-ieak11.md
@@ -1,65 +1,66 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: plan
-description: Learn about the security features available in Internet Explorer 11 and IEAK 11.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 5b64c9cb-f8da-411a-88e4-fa69dea473e2
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Security features and IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Security features and IEAK 11
-Use Internet Explorer in conjunction with your new and existing security measures, to make sure the computers in your company aren’t compromised while on the Internet.
-
-## Enhanced Protection Mode
-Extends Protected Mode to further restrict the ability of an attacker to access sensitive or personal information in personal and corporate environments, including:
-
-- Restricting access to higher-level processes in the AppContainer.
-
-- Improving security against memory safety exploits in 64-bit tab processes.
-
-This feature is turned off by default. For more info, see [Enhanced Protected Mode problems with Internet Explorer](../ie11-deploy-guide/enhanced-protected-mode-problems-with-ie11.md).
-
-## Certificates and Digital Signatures
-Web browsers have security features that help protect users from downloading harmful programs. Depending on the security level and the platform that you are using, the user may be prevented from, or warned against, downloading programs that are not digitally signed. Digital signatures show users where programs come from, verify that the programs have not been altered, and ensure that users do not receive unnecessary warnings when installing the custom browser.
-
-Because of this, the custom .cab files created by the Internet Explorer Customization Wizard should be signed, unless you pre-configure the Local intranet zone with a Low security setting. Any custom components you distribute with your browser package for these platforms should also be signed.
-
-### Understanding digital certificates
-To sign your package and custom programs digitally, you must first obtain a digital certificate. You can obtain a certificate from a certification authority or a privately-controlled certificate server. For more info about obtaining certificates or setting up a certificate server, see the following:
-
-- Microsoft-trusted certification authorities ([Windows root certificate program requirements](https://go.microsoft.com/fwlink/p/?LinkId=759697)).
-
-- Certificates overview documentation ([Certificates](https://go.microsoft.com/fwlink/p/?LinkId=759698)).
-
-- Microsoft Active Directory Certificate Services ( [Active Directory Certificate Services](https://go.microsoft.com/fwlink/p/?LinkId=259521)).
-
-- Enterprise public key infrastructure (PKI) snap-in documentation ([Enterprise PKI](https://go.microsoft.com/fwlink/p/?LinkId=259526)).
-
-After you get a certificate, you should note the public and private keys, which are a matched set of keys that are created by the software publisher for encryption and decryption. They are generated on your device at the time the certificate is requested, and your private key is never sent to the certification authority or any other party.
-
-### Understanding code signing
-Code signing varies, depening on how you plan to distribute your custom install package.
-
-- **If you plan to distribute custom packages over the Internet**, you must sign all custom components and the CMAK profile package (if used). Before you start the Internet Explorer Customization Wizard, make sure that both are signed. Typically, their respective manufacturers will have signed them. Otherwise, you can sign these using the Sign Tool (SignTool.exe) ( [SignTool.exe (Sign Tool)](https://go.microsoft.com/fwlink/p/?LinkId=71298)) or use the File Signing Tool (Signcode.exe) ([Signcode.exe (File Signing Tool)](https://go.microsoft.com/fwlink/p/?LinkId=71299)). You should read the documentation included with these tools for more info about all of the signing options.
-In addition, after you run the Internet Explorer Customization Wizard, we highly recommend that you sign the IEAK package and the branding.cab file (if you are using it separately from the package). You can do this also using the tools mentioned above. For more information, download Code-Signing Best Practices ([Code-Signing Best Practices](https://go.microsoft.com/fwlink/p/?LinkId=71300)).
-
-- **If you plan to distribute your custom packages over an intranet**, sign the custom files or preconfigure the Local intranet zone with a Low security setting, because the default security setting does not allow users to download unsigned programs or code.
-
-### Understanding your private key
-Your device creates two keys during the enrollment process of your digital certificate. One is a public key, which is sent to anyone you want to communicate with, and one is a private key, which is stored on your local device and must be kept secret. You use the private key to encrypt your data and the corresponding public key to decrypt it.
-
-You must keep your private key, private. To do this, we recommend:
-
-- **Separate test and release signing.** Set up a parallel code signing infrastructure, using test certificates created by an internal test root certificate authority. This helps to ensure that your certificates aren’t stored on an insecure build system, reducing the likelihood that they will be compromised.
-
-- **Tamper-proof storage.** Save your private keys on secure, tamper-proof hardware devices.
-
-- **Security.** Protect your private keys using physical security measures, such as cameras and card readers.
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: plan
+description: Learn about the security features available in Internet Explorer 11 and IEAK 11.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 5b64c9cb-f8da-411a-88e4-fa69dea473e2
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Security features and IEAK 11 (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Security features and IEAK 11
+Use Internet Explorer in conjunction with your new and existing security measures, to make sure the computers in your company aren’t compromised while on the Internet.
+
+## Enhanced Protection Mode
+Extends Protected Mode to further restrict the ability of an attacker to access sensitive or personal information in personal and corporate environments, including:
+
+- Restricting access to higher-level processes in the AppContainer.
+
+- Improving security against memory safety exploits in 64-bit tab processes.
+
+This feature is turned off by default. For more info, see [Enhanced Protected Mode problems with Internet Explorer](../ie11-deploy-guide/enhanced-protected-mode-problems-with-ie11.md).
+
+## Certificates and Digital Signatures
+Web browsers have security features that help protect users from downloading harmful programs. Depending on the security level and the platform that you are using, the user may be prevented from, or warned against, downloading programs that are not digitally signed. Digital signatures show users where programs come from, verify that the programs have not been altered, and ensure that users do not receive unnecessary warnings when installing the custom browser.
+
+Because of this, the custom .cab files created by the Internet Explorer Customization Wizard should be signed, unless you pre-configure the Local intranet zone with a Low security setting. Any custom components you distribute with your browser package for these platforms should also be signed.
+
+### Understanding digital certificates
+To sign your package and custom programs digitally, you must first obtain a digital certificate. You can obtain a certificate from a certification authority or a privately-controlled certificate server. For more info about obtaining certificates or setting up a certificate server, see the following:
+
+- Microsoft-trusted certification authorities ([Windows root certificate program requirements](https://go.microsoft.com/fwlink/p/?LinkId=759697)).
+
+- Certificates overview documentation ([Certificates](https://go.microsoft.com/fwlink/p/?LinkId=759698)).
+
+- Microsoft Active Directory Certificate Services ( [Active Directory Certificate Services](https://go.microsoft.com/fwlink/p/?LinkId=259521)).
+
+- Enterprise public key infrastructure (PKI) snap-in documentation ([Enterprise PKI](https://go.microsoft.com/fwlink/p/?LinkId=259526)).
+
+After you get a certificate, you should note the public and private keys, which are a matched set of keys that are created by the software publisher for encryption and decryption. They are generated on your device at the time the certificate is requested, and your private key is never sent to the certification authority or any other party.
+
+### Understanding code signing
+Code signing varies, depening on how you plan to distribute your custom install package.
+
+- **If you plan to distribute custom packages over the Internet**, you must sign all custom components and the CMAK profile package (if used). Before you start the Internet Explorer Customization Wizard, make sure that both are signed. Typically, their respective manufacturers will have signed them. Otherwise, you can sign these using the Sign Tool (SignTool.exe) ( [SignTool.exe (Sign Tool)](https://go.microsoft.com/fwlink/p/?LinkId=71298)) or use the File Signing Tool (Signcode.exe) ([Signcode.exe (File Signing Tool)](https://go.microsoft.com/fwlink/p/?LinkId=71299)). You should read the documentation included with these tools for more info about all of the signing options.
+In addition, after you run the Internet Explorer Customization Wizard, we highly recommend that you sign the IEAK package and the branding.cab file (if you are using it separately from the package). You can do this also using the tools mentioned above. For more information, download Code-Signing Best Practices ([Code-Signing Best Practices](https://go.microsoft.com/fwlink/p/?LinkId=71300)).
+
+- **If you plan to distribute your custom packages over an intranet**, sign the custom files or preconfigure the Local intranet zone with a Low security setting, because the default security setting does not allow users to download unsigned programs or code.
+
+### Understanding your private key
+Your device creates two keys during the enrollment process of your digital certificate. One is a public key, which is sent to anyone you want to communicate with, and one is a private key, which is stored on your local device and must be kept secret. You use the private key to encrypt your data and the corresponding public key to decrypt it.
+
+You must keep your private key, private. To do this, we recommend:
+
+- **Separate test and release signing.** Set up a parallel code signing infrastructure, using test certificates created by an internal test root certificate authority. This helps to ensure that your certificates aren’t stored on an insecure build system, reducing the likelihood that they will be compromised.
+
+- **Tamper-proof storage.** Save your private keys on secure, tamper-proof hardware devices.
+
+- **Security.** Protect your private keys using physical security measures, such as cameras and card readers.
+
diff --git a/browsers/internet-explorer/ie11-ieak/security-and-privacy-settings-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/security-and-privacy-settings-ieak11-wizard.md
index 007b61208d..16ffc69435 100644
--- a/browsers/internet-explorer/ie11-ieak/security-and-privacy-settings-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/security-and-privacy-settings-ieak11-wizard.md
@@ -1,43 +1,44 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: How to use the Security and Privacy Settings page in the IEAK 11 Customization Wizard to manage your security zones, privacy settings, and content ratings.
-author: lomayor
-ms.prod: ie11
-ms.assetid: cb7cd1df-6a79-42f6-b3a1-8ae467053f82
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Security and Privacy Settings page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Security and Privacy Settings page in the IEAK 11 Wizard
-The **Security and Privacy Settings** page of the Internet Explorer Customization Wizard 11 lets you manage your security zones, privacy settings, and content ratings. These settings help restrict the types of content your employees can access from the Internet, including any content that might be considered offensive or otherwise inappropriate in a corporate setting.
-
-**To use the Security and Privacy Settings page**
-
-1. Decide if you want to customize your security zones and privacy settings. You can pick:
-
- - **Do not customize security zones and privacy.** Pick this option if you don’t want to customize your security zones and privacy settings.
-
- - **Import the current security zones and privacy.** Pick this option to import your security zone and privacy settings from your computer and use them as the preset for your employee’s settings.
**Note**
To change your settings, click **Modify Settings** to open the **Internet Properties** box, and then click the **Security** and **Privacy** tabs to make your changes.
-
-2. Decide if you want to customize your content ratings. You can pick:
-
- - **Do not customize content ratings.** Pick this option if you don’t want to customize content ratings.
-
- - **Import the current content ratings settings.** Pick this option to import your content rating settings from your computer and use them as the preset for your employee’s settings.
**Note**
Not all Internet content is rated. If you choose to allow users to view unrated sites, some of those sites could contain inappropriate material. To change your settings, click **Modify Settings** to open the **Content Advisor** box, where you can make your changes.
-
-3. Click **Next** to go to the [Add a Root Certificate](add-root-certificate-ieak11-wizard.md) page or **Back** to go to the [Proxy Settings](proxy-settings-ieak11-wizard.md) page.
-
-
-
-
-
-
-
-
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: How to use the Security and Privacy Settings page in the IEAK 11 Customization Wizard to manage your security zones, privacy settings, and content ratings.
+author: dansimp
+ms.prod: ie11
+ms.assetid: cb7cd1df-6a79-42f6-b3a1-8ae467053f82
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Security and Privacy Settings page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Security and Privacy Settings page in the IEAK 11 Wizard
+The **Security and Privacy Settings** page of the Internet Explorer Customization Wizard 11 lets you manage your security zones, privacy settings, and content ratings. These settings help restrict the types of content your employees can access from the Internet, including any content that might be considered offensive or otherwise inappropriate in a corporate setting.
+
+**To use the Security and Privacy Settings page**
+
+1. Decide if you want to customize your security zones and privacy settings. You can pick:
+
+ - **Do not customize security zones and privacy.** Pick this option if you don’t want to customize your security zones and privacy settings.
+
+ - **Import the current security zones and privacy.** Pick this option to import your security zone and privacy settings from your computer and use them as the preset for your employee’s settings.
**Note**
To change your settings, click **Modify Settings** to open the **Internet Properties** box, and then click the **Security** and **Privacy** tabs to make your changes.
+
+2. Decide if you want to customize your content ratings. You can pick:
+
+ - **Do not customize content ratings.** Pick this option if you don’t want to customize content ratings.
+
+ - **Import the current content ratings settings.** Pick this option to import your content rating settings from your computer and use them as the preset for your employee’s settings.
**Note**
Not all Internet content is rated. If you choose to allow users to view unrated sites, some of those sites could contain inappropriate material. To change your settings, click **Modify Settings** to open the **Content Advisor** box, where you can make your changes.
+
+3. Click **Next** to go to the [Add a Root Certificate](add-root-certificate-ieak11-wizard.md) page or **Back** to go to the [Proxy Settings](proxy-settings-ieak11-wizard.md) page.
+
+
+
+
+
+
+
+
+
diff --git a/browsers/internet-explorer/ie11-ieak/security-imports-ins-file-setting.md b/browsers/internet-explorer/ie11-ieak/security-imports-ins-file-setting.md
index 74e61ad2bb..e65b0e2b77 100644
--- a/browsers/internet-explorer/ie11-ieak/security-imports-ins-file-setting.md
+++ b/browsers/internet-explorer/ie11-ieak/security-imports-ins-file-setting.md
@@ -1,27 +1,28 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: deploy
-description: Use the \[Security Imports\] .INS file setting to decide whether to import security info to your custom package.
-author: lomayor
-ms.prod: ie11
-ms.assetid: 19791c44-aaa7-4f37-9faa-85cbdf29f68e
-ms.reviewer:
-audience: itpro
manager: dansimp
-ms.author: lomayor
-title: Use the Security Imports .INS file to import security info (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Use the Security Imports .INS file to import security info
-Info about how to import security information from your local device to your custom package.
-
-|Name |Value |Description |
-|-----|------|------------|
-|ImportAuthCode |
- **0.** Don’t import the existing settings.
- **1.** Import the existing settings.
|Whether to import the existing Authenticode settings. |
-|ImportRatings |- **0.** Don’t import the existing settings.
- **1.** Import the existing settings.
|Whether to import the existing Content Ratings settings. |
-|ImportSecZones |- **0.** Don’t import the existing settings.
- **1.** Import the existing settings.
|Whether to import the existing Security Zone settings. |
-|ImportSiteCert |- **0.** Don’t import the existing authorities.
- **1.** Import the existing authorities.
|Whether to import the existing site certification authorities. |
-|Win16SiteCerts |- **0.** Don’t use the site certificates.
- **1.** Use the site certificates.
|Whether to use site certificates for computers running 16-bit versions of Windows. |
-
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: deploy
+description: Use the \[Security Imports\] .INS file setting to decide whether to import security info to your custom package.
+author: dansimp
+ms.prod: ie11
+ms.assetid: 19791c44-aaa7-4f37-9faa-85cbdf29f68e
+ms.reviewer:
+audience: itpro
+manager: dansimp
+ms.author: dansimp
+title: Use the Security Imports .INS file to import security info (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Use the Security Imports .INS file to import security info
+Info about how to import security information from your local device to your custom package.
+
+|Name |Value |Description |
+|-----|------|------------|
+|ImportAuthCode |- **0.** Don’t import the existing settings.
- **1.** Import the existing settings.
|Whether to import the existing Authenticode settings. |
+|ImportRatings |- **0.** Don’t import the existing settings.
- **1.** Import the existing settings.
|Whether to import the existing Content Ratings settings. |
+|ImportSecZones |- **0.** Don’t import the existing settings.
- **1.** Import the existing settings.
|Whether to import the existing Security Zone settings. |
+|ImportSiteCert |- **0.** Don’t import the existing authorities.
- **1.** Import the existing authorities.
|Whether to import the existing site certification authorities. |
+|Win16SiteCerts |- **0.** Don’t use the site certificates.
- **1.** Use the site certificates.
|Whether to use site certificates for computers running 16-bit versions of Windows. |
+
diff --git a/browsers/internet-explorer/ie11-ieak/troubleshooting-custom-browser-pkg-ieak11.md b/browsers/internet-explorer/ie11-ieak/troubleshooting-custom-browser-pkg-ieak11.md
index 228805f528..7b0db0bbc4 100644
--- a/browsers/internet-explorer/ie11-ieak/troubleshooting-custom-browser-pkg-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/troubleshooting-custom-browser-pkg-ieak11.md
@@ -1,123 +1,124 @@
----
-ms.localizationpriority: medium
-ms.mktglfcycl: support
-description: Info about some of the known issues using the Internet Exporer Customization Wizard and a custom Internet Explorer install package.
-author: lomayor
-ms.author: lomayor
-ms.prod: ie11
-ms.assetid: 9e22cc61-6c63-4cab-bfdf-6fe49db945e4
-ms.reviewer:
-audience: itpro
manager: dansimp
-title: Troubleshoot custom package and IEAK 11 problems (Internet Explorer Administration Kit 11 for IT Pros)
-ms.sitesec: library
-ms.date: 07/27/2017
----
-
-
-# Troubleshoot custom package and IEAK 11 problems
-While the Internet Explorer Customization Wizard has been around for quite a while, there are still some known issues that you might encounter while deploying or managing your custom IE install package.
-
-## I am unable to locate some of the wizard pages
-The most common reasons you will not see certain pages is because:
-
-- **Your licensing agreement with Microsoft.** Your licensing agreement determines whether you install the **Internal** or **External** version of the Internet Explorer Customization Wizard, and there are different features available for each version. For info about which features are available for each version, see [Determine the licensing version and features to use in IEAK 11](licensing-version-and-features-ieak11.md).
-
-- **Your choice of operating system.** Depending on the operating system you picked from the **Platform Selection** page of the wizard, you might not see all of the pages. Some features aren’t available for all operating systems. For more information, see [Use the Platform Selection page in the IEAK 11 Wizard](platform-selection-ieak11-wizard.md).
-
-- **Your choice of features.** Depending on what you selected from the **Feature Selection** page of the wizard, you might not see all of the pages. You need to make sure that the features you want to customize are all checked. For more information, see [Use the Feature Selection page in the IEAK 11 Wizard](feature-selection-ieak11-wizard.md).
-
-## Internet Explorer Setup fails on user's devices
-Various issues can cause problems during Setup, including missing files, trust issues, or URL monikers. You can troubleshoot these issues by reviewing the Setup log file, located at `IE11\_main.log` from the **Windows** folder (typically, `C:\Windows`). The log file covers the entire Setup process from the moment IE11Setup.exe starts until the last .cab file finishes, providing error codes that you can use to help determine the cause of the failure.
-
-### Main.log file codes
-
-|Code |Description |
-|-----|------------|
-|0 |Initializing, making a temporary folder, and checking disk space. |
-|1 |Checking for all dependencies. |
-|2 |Downloading files from the server. |
-|3 |Copying files from download location to the temporary installation folder. |
-|4 |Restarting download and retrying Setup, because of a time-out error or other download error. |
-|5 |Checking trust and checking permissions. |
-|6 |Extracting files. |
-|7 |Running Setup program (an .inf or .exe file). |
-|8 |Installation is finished. |
-|9 |Download finished, and all files are downloaded. |
-
-### Main.log error codes
-
-|Code |Description |
-|-----|------------|
-|80100003 |Files are missing from the download folder during installation. |
-|800bxxxx |An error code starting with 800b is a trust failure. |
-|800Cxxxx |An error code starting with 800C is a Urlmon.dll failure. |
-
-
-## Internet Explorer Setup connection times out
-Internet Explorer Setup can switch servers during the installation process to maintain maximum throughput or to recover from a non-responsive download site (you receive less than 1 byte in 2 minutes). If the connection times out, but Setup is able to connect to the next download site on the list, your download starts over. If however the connection times out and Setup can’t connect to a different server, it’ll ask if you want to stop the installation or try again.
-
-To address connection issues (for example, as a result of server problems) where Setup can’t locate another download site by default, we recommend you overwrite your first download server using this workaround:
-
-``` syntax
-\ie11setup.exe /C:"ie11wzd.exe /S:""\ie11setup.exe"" /L:""https://your_Web_server/your_Web_site/ie11sites.dat"""
-```
-
-Where `` represents the folder location where you stored IE11setup.exe.
-
-## Users cannot uninstall IE
-If you cannot uninstall IE using **Uninstall or change a program** in the Control Panel, it could be because the uninstall information is not on the computer. To fix this issue, you should:
-
-1. Review the uninstall log file, IE11Uninst.log, located in the `C:\Windows` folder. This log file covers the entire uninstallation process, including every file change, every registry change, and any dialog boxes that are shown.
-
-2. Try to manually uninstall IE. Go to the backup folder, `:\Windows\$ie11$`, and run the uninstall file, `Spunist.exe`.
-
-
-## The Internet Explorer Customization Wizard 11 does not work with user names that user double-byte character sets
-The customization wizard does not work with user names that use double-byte character sets, such as Chinese or Japanese. To fix this, set the **TEMP** and **TMP** environmental variables to a path that does not use these characters (for example, C:\temp).
-
-1. Open **System Properties**, click the **Advanced** tab, and then click **Environmental Variables**.
-2. Click Edit, and then modify the **TEMP** and **TMP** environmental variables to a non-user profile directory.
-
-
-## Unicode characters are not supported in IEAK 11 path names
-While Unicode characters, such as Emoji, are supported for organization names and other branding items, you must not use Unicode characters in any paths associated with running the Internet Explorer Customization Wizard 11. This includes paths to your IEAK 11 installation and to the storage location for your custom packages after they're built.
-
-## Internet Explorer branding conflicts when using both Unattend and IEAK 11 to customize Internet Explorer settings
-Using both Unattend settings and an IEAK custom package to modify a user's version of Internet Explorer 11 might cause a user to lose personalized settings during an upgrade. For example, many manufacturers configure Internet Explorer using Unattend settings. If a user purchases a laptop, and then signs up for Internet service, their Internet Service Provider (ISP) might provide a version of Internet Explorer that has been branded (for example, with a custom homepage for that ISP) using Internet Explorer Customization Wizard 11. If that user later upgrades to a new version of Internet Explorer, the Unattend settings from the laptop manufacturer will be reapplied, overwriting any settings that the user configured for themselves (such as their homepage).
-
-
-## IEAK 11 does not correctly apply the Delete all existing items under Favorites, Favorites Bar and Feeds option
-The Internet Explorer Customization Wizard 11 does not correctly apply the **Delete all existing items under Favorites**, **Favorites Bar and Feeds** option, available on the **Browsing Options** page.
-
-Selecting to include this feature in your customized Internet Explorer package enables the deletion of existing items in the **Favorites** and **Favorites Bar** areas, but it doesn't enable deletion in the **Feeds** area. In addition, this setting adds a new favorite, titled “Web Slice Gallery” to the **Favorites Bar**.
-
-## F1 does not activate Help on Automatic Version Synchronization page
-Pressing the **F1** button on the **Automatic Version Synchronization** page of the Internet Explorer Customization Wizard 11 does not display the **Help** page. Clicking the **Help** button enables you to open the Help system and view information about this page.
-
-## Certificate installation does not work on IEAK 11
-IEAK 11 doesn't install certificates added using the Add a Root Certificate page of the Internet Explorer Customization Wizard 11. Administrators can manually install certificates using the Certificates Microsoft Management Console snap-in (Certmgr.msc) or using the command-line tool, Certificate Manager (Certmgr.exe).
-
->[!NOTE]
->This applies only when using the External licensing mode of IEAK 11.
-
-## The Additional Settings page appears in the wrong language when using a localized version of IEAK 11
-When using IEAK 11 in other languages, the settings on the Additional Settings page appear in the language of the target platform, regardless of the IEAK 11 language.
-
->[!NOTE]
->This applies only when using the Internal licensing mode of IEAK 11.
-
-To work around this issue, run the customization wizard following these steps:
-1. On the **Language Selection** page, select the language that matches the language of your installed IEAK 11.
-2. Click **Next**, and then click **Synchronize** on the Automatic Version Synchronization page.
-3. After synchronization is complete, cancel the wizard.
-4. Repeat these steps for each platform on the Platform Selection page.
-
-After performing these steps, you must still do the following each time you synchronize a new language and platform:
-1. Open File Explorer to the Program Files\Windows IEAK 11 or Program Files (x86)\Windows IEAK 11 folder.
-2. Open the **Policies** folder, and then open the appropriate platform folder.
-3. Copy the contents of the matching-language folder into the new language folder.
-
-After completing these steps, the Additional Settings page matches your wizard’s language.
-
-## Unable to access feeds stored in a subfolder
-Adding feeds using the **Favorites**, **Favorites Bar**, and **Feeds** page of the Internet Explorer 11 Customization Wizard requires that the feeds be stored in a single folder. Creating two levels of folders, and creating the feed in the subfolder, causes the feed to fail.
+---
+ms.localizationpriority: medium
+ms.mktglfcycl: support
+description: Info about some of the known issues using the Internet Exporer Customization Wizard and a custom Internet Explorer install package.
+author: dansimp
+ms.author: dansimp
+ms.prod: ie11
+ms.assetid: 9e22cc61-6c63-4cab-bfdf-6fe49db945e4
+ms.reviewer:
+audience: itpro
+manager: dansimp
+title: Troubleshoot custom package and IEAK 11 problems (Internet Explorer Administration Kit 11 for IT Pros)
+ms.sitesec: library
+ms.date: 07/27/2017
+---
+
+
+# Troubleshoot custom package and IEAK 11 problems
+While the Internet Explorer Customization Wizard has been around for quite a while, there are still some known issues that you might encounter while deploying or managing your custom IE install package.
+
+## I am unable to locate some of the wizard pages
+The most common reasons you will not see certain pages is because:
+
+- **Your licensing agreement with Microsoft.** Your licensing agreement determines whether you install the **Internal** or **External** version of the Internet Explorer Customization Wizard, and there are different features available for each version. For info about which features are available for each version, see [Determine the licensing version and features to use in IEAK 11](licensing-version-and-features-ieak11.md).
+
+- **Your choice of operating system.** Depending on the operating system you picked from the **Platform Selection** page of the wizard, you might not see all of the pages. Some features aren’t available for all operating systems. For more information, see [Use the Platform Selection page in the IEAK 11 Wizard](platform-selection-ieak11-wizard.md).
+
+- **Your choice of features.** Depending on what you selected from the **Feature Selection** page of the wizard, you might not see all of the pages. You need to make sure that the features you want to customize are all checked. For more information, see [Use the Feature Selection page in the IEAK 11 Wizard](feature-selection-ieak11-wizard.md).
+
+## Internet Explorer Setup fails on user's devices
+Various issues can cause problems during Setup, including missing files, trust issues, or URL monikers. You can troubleshoot these issues by reviewing the Setup log file, located at `IE11\_main.log` from the **Windows** folder (typically, `C:\Windows`). The log file covers the entire Setup process from the moment IE11Setup.exe starts until the last .cab file finishes, providing error codes that you can use to help determine the cause of the failure.
+
+### Main.log file codes
+
+|Code |Description |
+|-----|------------|
+|0 |Initializing, making a temporary folder, and checking disk space. |
+|1 |Checking for all dependencies. |
+|2 |Downloading files from the server. |
+|3 |Copying files from download location to the temporary installation folder. |
+|4 |Restarting download and retrying Setup, because of a time-out error or other download error. |
+|5 |Checking trust and checking permissions. |
+|6 |Extracting files. |
+|7 |Running Setup program (an .inf or .exe file). |
+|8 |Installation is finished. |
+|9 |Download finished, and all files are downloaded. |
+
+### Main.log error codes
+
+|Code |Description |
+|-----|------------|
+|80100003 |Files are missing from the download folder during installation. |
+|800bxxxx |An error code starting with 800b is a trust failure. |
+|800Cxxxx |An error code starting with 800C is a Urlmon.dll failure. |
+
+
+## Internet Explorer Setup connection times out
+Internet Explorer Setup can switch servers during the installation process to maintain maximum throughput or to recover from a non-responsive download site (you receive less than 1 byte in 2 minutes). If the connection times out, but Setup is able to connect to the next download site on the list, your download starts over. If however the connection times out and Setup can’t connect to a different server, it’ll ask if you want to stop the installation or try again.
+
+To address connection issues (for example, as a result of server problems) where Setup can’t locate another download site by default, we recommend you overwrite your first download server using this workaround:
+
+``` syntax
+\ie11setup.exe /C:"ie11wzd.exe /S:""\ie11setup.exe"" /L:""https://your_Web_server/your_Web_site/ie11sites.dat"""
+```
+
+Where `` represents the folder location where you stored IE11setup.exe.
+
+## Users cannot uninstall IE
+If you cannot uninstall IE using **Uninstall or change a program** in the Control Panel, it could be because the uninstall information is not on the computer. To fix this issue, you should:
+
+1. Review the uninstall log file, IE11Uninst.log, located in the `C:\Windows` folder. This log file covers the entire uninstallation process, including every file change, every registry change, and any dialog boxes that are shown.
+
+2. Try to manually uninstall IE. Go to the backup folder, `:\Windows\$ie11$`, and run the uninstall file, `Spunist.exe`.
+
+
+## The Internet Explorer Customization Wizard 11 does not work with user names that user double-byte character sets
+The customization wizard does not work with user names that use double-byte character sets, such as Chinese or Japanese. To fix this, set the **TEMP** and **TMP** environmental variables to a path that does not use these characters (for example, C:\temp).
+
+1. Open **System Properties**, click the **Advanced** tab, and then click **Environmental Variables**.
+2. Click Edit, and then modify the **TEMP** and **TMP** environmental variables to a non-user profile directory.
+
+
+## Unicode characters are not supported in IEAK 11 path names
+While Unicode characters, such as Emoji, are supported for organization names and other branding items, you must not use Unicode characters in any paths associated with running the Internet Explorer Customization Wizard 11. This includes paths to your IEAK 11 installation and to the storage location for your custom packages after they're built.
+
+## Internet Explorer branding conflicts when using both Unattend and IEAK 11 to customize Internet Explorer settings
+Using both Unattend settings and an IEAK custom package to modify a user's version of Internet Explorer 11 might cause a user to lose personalized settings during an upgrade. For example, many manufacturers configure Internet Explorer using Unattend settings. If a user purchases a laptop, and then signs up for Internet service, their Internet Service Provider (ISP) might provide a version of Internet Explorer that has been branded (for example, with a custom homepage for that ISP) using Internet Explorer Customization Wizard 11. If that user later upgrades to a new version of Internet Explorer, the Unattend settings from the laptop manufacturer will be reapplied, overwriting any settings that the user configured for themselves (such as their homepage).
+
+
+## IEAK 11 does not correctly apply the Delete all existing items under Favorites, Favorites Bar and Feeds option
+The Internet Explorer Customization Wizard 11 does not correctly apply the **Delete all existing items under Favorites**, **Favorites Bar and Feeds** option, available on the **Browsing Options** page.
+
+Selecting to include this feature in your customized Internet Explorer package enables the deletion of existing items in the **Favorites** and **Favorites Bar** areas, but it doesn't enable deletion in the **Feeds** area. In addition, this setting adds a new favorite, titled “Web Slice Gallery” to the **Favorites Bar**.
+
+## F1 does not activate Help on Automatic Version Synchronization page
+Pressing the **F1** button on the **Automatic Version Synchronization** page of the Internet Explorer Customization Wizard 11 does not display the **Help** page. Clicking the **Help** button enables you to open the Help system and view information about this page.
+
+## Certificate installation does not work on IEAK 11
+IEAK 11 doesn't install certificates added using the Add a Root Certificate page of the Internet Explorer Customization Wizard 11. Administrators can manually install certificates using the Certificates Microsoft Management Console snap-in (Certmgr.msc) or using the command-line tool, Certificate Manager (Certmgr.exe).
+
+>[!NOTE]
+>This applies only when using the External licensing mode of IEAK 11.
+
+## The Additional Settings page appears in the wrong language when using a localized version of IEAK 11
+When using IEAK 11 in other languages, the settings on the Additional Settings page appear in the language of the target platform, regardless of the IEAK 11 language.
+
+>[!NOTE]
+>This applies only when using the Internal licensing mode of IEAK 11.
+
+To work around this issue, run the customization wizard following these steps:
+1. On the **Language Selection** page, select the language that matches the language of your installed IEAK 11.
+2. Click **Next**, and then click **Synchronize** on the Automatic Version Synchronization page.
+3. After synchronization is complete, cancel the wizard.
+4. Repeat these steps for each platform on the Platform Selection page.
+
+After performing these steps, you must still do the following each time you synchronize a new language and platform:
+1. Open File Explorer to the Program Files\Windows IEAK 11 or Program Files (x86)\Windows IEAK 11 folder.
+2. Open the **Policies** folder, and then open the appropriate platform folder.
+3. Copy the contents of the matching-language folder into the new language folder.
+
+After completing these steps, the Additional Settings page matches your wizard’s language.
+
+## Unable to access feeds stored in a subfolder
+Adding feeds using the **Favorites**, **Favorites Bar**, and **Feeds** page of the Internet Explorer 11 Customization Wizard requires that the feeds be stored in a single folder. Creating two levels of folders, and creating the feed in the subfolder, causes the feed to fail.
diff --git a/browsers/internet-explorer/index.md b/browsers/internet-explorer/index.md
index ad64db8744..6c3085d888 100644
--- a/browsers/internet-explorer/index.md
+++ b/browsers/internet-explorer/index.md
@@ -1,7 +1,8 @@
---
ms.mktglfcycl: deploy
description: The landing page for IE11 that lets you access the documentation.
-author: shortpatti
+author: dansimp
+ms.author: dansimp
ms.prod: ie11
title: Internet Explorer 11 (IE11) (Internet Explorer 11 for IT Pros)
assetid: be3dc32e-80d9-4d9f-a802-c7db6c50dbe0
diff --git a/devices/hololens/TOC.md b/devices/hololens/TOC.md
index fe85d293be..3f07da3690 100644
--- a/devices/hololens/TOC.md
+++ b/devices/hololens/TOC.md
@@ -1,45 +1,58 @@
# [HoloLens overview](index.md)
# [Hololens status](hololens-status.md)
-# Get started with HoloLens (gen 1)
-## [Start your HoloLens (1st gen) for the first time](hololens-start.md)
-## [Install localized version of HoloLens](hololens-install-localized.md)
+# Get Started with HoloLens 2
+## [HoloLens 2 hardware](hololens2-hardware.md)
+## [Get your HoloLens 2 ready to use](hololens2-setup.md)
+## [Set up your HoloLens 2](hololens2-start.md)
+## [Getting around HoloLens 2](hololens2-basic-usage.md)
+
+# Get started with HoloLens (1st gen)
+## [HoloLens (1st gen) hardware](hololens1-hardware.md)
+## [Get your HoloLens (1st gen) ready to use](hololens1-setup.md)
+## [Set up your HoloLens (1st gen)](hololens1-start.md)
+## [Install localized version of HoloLens (1st gen)](hololens1-install-localized.md)
+## [Getting around HoloLens (1st gen)](hololens1-basic-usage.md)
# Get started with HoloLens in commercial environments
-## [Overview and deployment planning](hololens-requirements.md)
-## [Unlock Windows Holographic for Business features](hololens-upgrade-enterprise.md)
+## [Commercial feature overview](hololens-commercial-features.md)
+## [Deployment planning](hololens-requirements.md)
+## [Unlock Windows Holographic for Business features](hololens1-upgrade-enterprise.md)
## [Configure HoloLens using a provisioning package](hololens-provisioning.md)
## [Enroll HoloLens in MDM](hololens-enroll-mdm.md)
## [Set up ring based updates for HoloLens](hololens-updates.md)
-## [Manage custom enterprise apps](hololens-install-apps.md)
## [Enable Bitlocker device encryption for HoloLens](hololens-encryption.md)
+# User management and access management
+## [Share your HoloLens with multiple people](hololens-multiple-users.md)
+## [Set up HoloLens as a kiosk (single application access)](hololens-kiosk.md)
+## [Set up limited application access](hololens-kiosk.md)
+
# Navigating Windows Holographic
-## [Windows Mixed Reality home](holographic-home.md)
-## [Voice and Cortana](hololens-cortana.md)
+## [Start menu and mixed reality home](holographic-home.md)
+## [Use your voice with HoloLens](hololens-cortana.md)
## [Find and save files](hololens-find-and-save-files.md)
## [Create, share, and view photos and video](holographic-photos-and-video.md)
+# Holographic Applications
+## [Try 3D Viewer](holographic-3d-viewer-beta.md)
+## [Find, install, and uninstall applications](holographic-store-apps.md)
+## [Install and uninstall custom applications](holographic-custom-apps.md)
+
# Accessories and connectivity
## [Connect to Bluetooth and USB-C devices](hololens-connect-devices.md)
-## [Restart or recover the HoloLens (1st gen) clicker](hololens-clicker-restart-recover.md)
+## [Use the HoloLens (1st gen) clicker](hololens1-clicker.md)
## [Connect to a network](hololens-network.md)
## [Use HoloLens offline](hololens-offline.md)
-# Application Management
-## [Share HoloLens with multiple people](hololens-multiple-users.md)
-## [Get apps for HoloLens](hololens-get-apps.md)
-## [Use apps on HoloLens](hololens-use-apps.md)
-## [Use HoloLens offline](hololens-offline.md)
-## [Spaces on HoloLens](hololens-spaces-on-hololens.md)
-## [How HoloLens stores data for spaces](hololens-spaces.md)
+# Hologram optics and placement in space
+## [Tips for viewing clear Holograms](hololens-calibration.md)
+## [Mapping physical spaces with HoloLens](hololens-spaces.md)
# Recovery and troubleshooting
## [Restore HoloLens 2 using Advanced Recovery Companion](hololens-recovery.md)
## [Restart, reset, or recover the HoloLens](hololens-restart-recover.md)
-# User/Access Management
-## [Set up single application access](hololens-kiosk.md)
-
+# [Give us feedback](hololens-feedback.md)
# [Insider preview for Microsoft HoloLens](hololens-insider.md)
# [Change history for Microsoft HoloLens documentation](change-history-hololens.md)
diff --git a/devices/hololens/docfx.json b/devices/hololens/docfx.json
index 7cda17b22f..51b4a3afbb 100644
--- a/devices/hololens/docfx.json
+++ b/devices/hololens/docfx.json
@@ -17,7 +17,8 @@
{
"files": [
"**/*.png",
- "**/*.jpg"
+ "**/*.jpg",
+ "**/*.gif"
],
"exclude": [
"**/obj/**",
diff --git a/devices/hololens/holographic-3d-viewer-beta.md b/devices/hololens/holographic-3d-viewer-beta.md
new file mode 100644
index 0000000000..0aada1fe55
--- /dev/null
+++ b/devices/hololens/holographic-3d-viewer-beta.md
@@ -0,0 +1,201 @@
+---
+title: Using 3D Viewer on HoloLens
+description: Describes the types of files and features that 3D Viewer Beta on HoloLens supports, and how to use and troubleshoot the app.
+ms.prod: hololens
+ms.sitesec: library
+author: Teresa-Motiv
+ms.author: v-tea
+ms.topic: article
+ms.localizationpriority: medium
+ms.date: 9/3/19
+ms.reviewer:
+manager: jarrettr
+appliesto:
+- HoloLens (1st gen)
+---
+
+# Using 3D Viewer on HoloLens
+
+3D Viewer lets you view 3D models on HoloLens. You can open and view *supported* .fbx files from Microsoft Edge, OneDrive, and other apps.
+
+If you're having trouble opening a 3D model in 3D Viewer, or certain features of your 3D model are unsupported, see [Supported content specifications](#supported-content-specifications).
+
+To build or optimize 3D models for use with 3D Viewer, see [Optimizing 3D models for 3D Viewer](#optimizing-3d-models-for-3d-viewer-beta).
+
+There are two ways to open a 3D model on HoloLens. See [Viewing 3D models on HoloLens](#viewing-3d-models-on-hololens) to learn more.
+
+If you're having trouble after reading these topics, see [Troubleshooting](#troubleshooting).
+
+## Supported content specifications
+
+### File format
+
+- FBX format
+- Maximum FBX release 2015.1.0
+
+### File size
+
+- Minimum 5 KB
+- Maximum 500 MB
+
+### Geometry
+
+- Polygonal models only. No subdivision surfaces or NURBs
+- Right-handed coordinate system
+- Shear in transformation matrices is not supported
+
+### Textures
+
+- Texture maps must be embedded in the FBX file
+- Supported image formats
+ - JPEG and PNG images
+ - BMP images (24-bit RGB true-color)
+ - TGA images (24-bit RGB and 32-bit RGBQ true-color)
+- Maximum texture resolution of 2048x2048
+- Maximum of one diffuse map, one normal map, and one reflection cube map per mesh
+- Alpha channel in diffuse textures causes pixels to be discarded if below 50%
+
+### Animation
+
+- Scale/rotation/translation animation on individual objects
+- Skeletal (rigged) animation with skinning
+ - Maximum of 4 influences per vertex
+
+### Materials
+
+- Lambert and Phong materials are supported, with adjustable parameters
+- Supported material properties for Lambert
+ - Main Texture (RGB + Alpha Test)
+ - Diffuse Color (RGB)
+ - Ambient Color (RGB)
+- Supported material properties for Phong
+ - Main Texture (RGB + Alpha Test)
+ - Diffuse Color (RGB)
+ - Ambient Color (RGB)
+ - Specular Color (RGB)
+ - Shininess
+ - Reflectivity
+- Custom materials are not supported
+- Maximum of one material per mesh
+- Maximum of one material layer
+- Maximum of 8 materials per file
+
+### File and model limitations
+
+There are hard limits on the size of files, as well as the number of models, vertices, and meshes that can be open simultaneously in 3D Viewer Beta:
+
+- 500 MB maximum file size per model
+- Vertices: 600,000 combined on all open models
+- Meshes: 1,600 combined on all open models
+- Maximum of 40 models open at one time
+
+## Optimizing 3D models for 3D Viewer Beta
+
+### Special considerations
+
+- Avoid black materials or black areas in texture maps. Holograms are made of light, thus HoloLens renders black (the absence of light) as transparent.
+- Before exporting to FBX from your creation tool, ensure all geometry is visible and unlocked and no layers that contain geometry are turned off or templated. Visibility is not respected.
+- Avoid very large translation offsets between nodes (for example, 100,000 units). This can cause the model to jitter while being moved/scaled/rotated.
+
+### Performance optimization
+
+Keep performance in mind while authoring content and validate in the 3D Viewer Beta app on HoloLens during the authoring process for best results. 3D Viewer Beta renders content real-time and performance is subject to HoloLens hardware capabilities.
+
+There are many variables in a 3D model that can impact performance. 3D Viewer Beta will show a warning on load if there are more than 150,000 vertices or more than 400 meshes. Animations can have an impact on the performance of other open models. There are also hard limits on the total number models, vertices, and meshes that can be open simultaneously in 3D Viewer Beta (see [File and model limitations](#file-and-model-limitations)).
+
+If the 3D model isn't running well due to model complexity, consider:
+
+- Reducing polygon count
+- Reducing number of bones in rigged animation
+- Avoiding self-occlusion
+
+Double-sided rendering is supported in 3D Viewer Beta, although it is turned off by default for performance reasons. This can be turned on via the **Double Sided** button on the **Details** page. For best performance, avoid the need for double-sided rendering in your content.
+
+### Validating your 3D model
+
+Validate your model by opening it in 3D Viewer Beta on HoloLens. Select the **Details** button to view your model's characteristics and warnings of unsupported content (if present).
+
+### Rendering 3D models with true-to-life dimensions
+
+By default, 3D Viewer Beta displays 3D models at a comfortable size and position relative to the user. However, if rendering a 3D model with true-to-life measurements is important (for example, when evaluating furniture models in a room), the content creator can set a flag within the file's metadata to prevent resizing of that model by both the application and the user.
+
+To prevent scaling of the model, add a Boolean custom attribute to any object in the scene named Microsoft_DisableScale and set it to true. 3D Viewer Beta will then respect the FbxSystemUnit information baked into the FBX file. Scale in 3D Viewer Beta is 1 meter per FBX unit.
+
+## Viewing 3D models on HoloLens
+
+### Open an FBX file from Microsoft Edge
+
+FBX files can be opened directly from a website using Microsoft Edge on HoloLens.
+
+1. In Microsoft Edge, navigate to the webpage containing the FBX file you want to view.
+1. Select the file to download it.
+1. When the download is complete, select the **Open** button in Microsoft Edge to open the file in 3D Viewer Beta.
+
+The downloaded file can be accessed and opened again later by using Downloads in Microsoft Edge. To save a 3D model and ensure continued access, download the file on your PC and save it to your OneDrive account. The file can then be opened from the OneDrive app on HoloLens.
+
+> [!NOTE]
+> Some websites with downloadable FBX models provide them in compressed ZIP format. 3D Viewer Beta cannot open ZIP files directly. Instead, use your PC to extract the FBX file and save it to your OneDrive account. The file can then be opened from the OneDrive app on HoloLens.
+
+### Open an FBX file from OneDrive
+
+FBX files can be opened from OneDrive by using the OneDrive app on HoloLens. Be sure you've installed OneDrive using Microsoft Store app on HoloLens and that you've already uploaded the FBX file to OneDrive on your PC.
+
+Once in OneDrive, FBX files can be opened on HoloLens using 3D Viewer Beta in one of two ways:
+
+- Launch OneDrive on HoloLens and select the FBX file to open it in 3D Viewer Beta.
+- Launch 3D Viewer Beta, air tap to show the toolbar, and select **Open File**. OneDrive will launch, allowing you to select an FBX file.
+
+## Troubleshooting
+
+### I see a warning when I open a 3D model
+
+You will see a warning if you attempt to open a 3D model that contains features that are not supported by 3D Viewer Beta, or if the model is too complex and performance may be affected. 3D Viewer Beta will still load the 3D model, but performance or visual fidelity may be compromised.
+
+For more info, see [Supported content specifications](#supported-content-specifications) and [Optimizing 3D models for 3D Viewer Beta](#optimizing-3d-models-for-3d-viewer-beta).
+
+### I see a warning and the 3D model doesn't load
+
+You will see an error message when 3D Viewer Beta cannot load a 3D model due to complexity or file size, or if the FBX file is corrupt or invalid. You will also see an error message if you have reached the limit on the total number of models, vertices, or meshes that can be open simultaneously.
+
+For more info, see [Supported content specifications](#supported-content-specifications) and [File and model limitations](#file-and-model-limitations).
+
+If you feel your model meets the supported content specifications and has not exceeded the file or model limitations, you may send your FBX file to the 3D Viewer Beta team at holoapps@microsoft.com. We are not able to respond personally, but having examples of files that do not load properly will help our team improve on future versions of the app.
+
+### My 3D model loads, but does not appear as expected
+
+If your 3D model does not look as expected in 3D Viewer Beta, air tap to show the toolbar, then select **Details**. Aspects of the file which are not supported by 3D Viewer Beta will be highlighted as warnings.
+
+The most common issue you might see is missing textures, likely because they are not embedded in the FBX file. In this case, the model will appear white. This issue can be addressed in the creation process by exporting from your creation tool to FBX with the embed textures option selected.
+
+For more info, see [Supported content specifications](#supported-content-specifications) and [Optimizing 3D models for 3D Viewer Beta](#optimizing-3d-models-for-3d-viewer-beta).
+
+### I experience performance drops while viewing my 3D model
+
+Performance when loading and viewing a 3D model can be affected by the complexity of the model, number of models open simultaneously, or number of models with active animations.
+
+For more info, see [Optimizing 3D models for 3D Viewer Beta](#optimizing-3d-models-for-3d-viewer-beta) and [File and model limitations](#file-and-model-limitations).
+
+### When I open an FBX file on HoloLens, it doesn't open in 3D Viewer Beta
+
+3D Viewer Beta is automatically associated with the .fbx file extension when it is installed.
+
+If you try to open an FBX file and see a dialog box that directs you to Microsoft Store, you do not currently have an app associated with the .fbx file extension on HoloLens.
+
+Verify that 3D Viewer Beta is installed. If it is not installed, download it from Microsoft Store on HoloLens.
+
+If 3D Viewer Beta is already installed, launch 3D Viewer Beta, then try opening the file again. If the issue persists, uninstall and reinstall 3D Viewer Beta. This will re-associate the .fbx file extension with 3D Viewer Beta.
+
+If attempting to open an FBX file opens an app other than 3D Viewer Beta, that app was likely installed after 3D Viewer Beta and has taken over association with the .fbx file extension. If you prefer 3D Viewer Beta to be associated with the .fbx file extension, uninstall and reinstall 3D Viewer Beta.
+
+### The Open File button in 3D Viewer Beta doesn't launch an app
+
+The **Open File** button will open the app associated with the file picker function on HoloLens. If OneDrive is installed, the **Open File** button should launch OneDrive. However, if there is currently no app associated with the file picker function installed on HoloLens, you will be directed to Microsoft Store.
+
+If the **Open File** button launches an app other than OneDrive, that app was likely installed after OneDrive and has taken over association with the file picker function. If you prefer OneDrive to launch when selecting the **Open File** button in 3D Viewer Beta, uninstall and reinstall OneDrive.
+
+If the **Open File** button is not active, it's possible that you have reached the limit of models that can be open in 3D Viewer Beta at one time. If you have 40 models open in 3D Viewer Beta, you will need to close some before you will be able to open additional models.
+
+## Additional resources
+
+- [Support forums](http://forums.hololens.com/categories/3d-viewer-beta)
+- [Third-party notices](https://www.microsoft.com/{lang-locale}/legal/products)
diff --git a/devices/hololens/holographic-custom-apps.md b/devices/hololens/holographic-custom-apps.md
new file mode 100644
index 0000000000..4936fab2b7
--- /dev/null
+++ b/devices/hololens/holographic-custom-apps.md
@@ -0,0 +1,56 @@
+---
+title: Manage custom apps for HoloLens
+description: Side load custom apps on HoloLens. Learn more about installing, and uninstalling holographic apps.
+ms.assetid: 6bd124c4-731c-4bcc-86c7-23f9b67ff616
+ms.date: 07/01/2019
+manager: v-miegge
+keywords: hololens, sideload, side load, side-load, store, uwp, app, install
+ms.prod: hololens
+ms.sitesec: library
+author: mattzmsft
+ms.author: mazeller
+ms.topic: article
+ms.localizationpriority: medium
+appliesto:
+- HoloLens (1st gen)
+- HoloLens 2
+---
+
+# Install and manage custom applications (non-store)
+
+HoloLens supports many existing applications from the Microsoft Store, as well as new apps built specifically for HoloLens. This article focuses on custom holographic applications.
+
+For more information about store apps, see [Manage apps with the store](holographic-store-apps.md).
+
+## Install custom apps
+
+You can install your own applications on HoloLens either by using the Device Portal or by deploying the apps from Visual Studio.
+
+### Installing an application package with the Device Portal
+
+1. Establish a connection from [Device Portal](https://docs.microsoft.com/windows/mixed-reality/using-the-windows-device-portal) to the target HoloLens.
+1. In the left navigation, navigate to the **Apps** page .
+1. Under **App Package** browse to the .appx file that is associated with your application.
+ > [!IMPORTANT]
+ > Make sure to reference any associated dependency and certificate files.
+
+1. Select **Go**.
+
+ 
+
+### Deploying from Microsoft Visual Studio 2015
+
+1. Open your app's Visual Studio solution (.sln file).
+1. Open the project's **Properties**.
+1. Select the following build configuration: **Master/x86/Remote Machine**.
+1. When you select **Remote Machine**:
+
+ - Make sure the address points to the Wi-Fi IP address of your HoloLens.
+ - Set authentication to **Universal (Unencrypted Protocol)**.
+1. Build your solution.
+1. To deploy the app from your development PC to your HoloLens, select **Remote Machine**. If you already have an existing build on the HoloLens, select **Yes** to install this newer version.
+
+ 
+1. The application will install and auto launch on your HoloLens.
+
+After you've installed an app, you'll find it in the **All apps** list (**Start** > **All apps**).
diff --git a/devices/hololens/holographic-home.md b/devices/hololens/holographic-home.md
index 576866ca2c..9b554c0638 100644
--- a/devices/hololens/holographic-home.md
+++ b/devices/hololens/holographic-home.md
@@ -1,6 +1,6 @@
---
-title: Navigate the Windows Mixed Reality home
-description: Navigate the Windows Mixed Reality home in Windows Holographic.
+title: Start menu and mixed reality home
+description: Navigate the mixed reality home in Windows Holographic.
ms.assetid: 742bc126-7996-4f3a-abb2-cf345dff730c
ms.date: 08/07/2019
keywords: hololens
@@ -9,82 +9,79 @@ ms.sitesec: library
author: scooley
ms.author: scooley
ms.topic: article
-ms.localizationpriority: medium
+ms.localizationpriority: high
+appliesto:
+- HoloLens (1st gen)
+- HoloLens 2
---
-# Navigate the Windows Mixed Reality home
+# Start menu and mixed reality home
-## [Navigating MR Home](https://docs.microsoft.com/en-us/windows/mixed-reality/navigating-the-windows-mixed-reality-home)
+Just like the Windows PC experience starts with the desktop, Windows Holographic starts with mixed reality home. Using the Start menu you can open and place app windows, immersive app launchers, and 3D content in mixed reality home, and their placement in your physical space will be remembered.
## Use the Start menu
-The **Start** menu on HoloLens is where you'll open apps and get to the HoloLens camera.
+The Start menu on HoloLens is where you'll open apps, see important status info, and access tools like the camera.
-Wherever you are in HoloLens, you can always open the **Start** menu by using the [bloom gesture](https://support.microsoft.com/help/12644/hololens-use-gestures) on HoloLens (1st gen) or tapping your wrist on HoloLens 2. Usually, you'll use it once to get to **Start**, but sometimes you might need to use it twice.
+Wherever you are in HoloLens, you can always open the Start menu by using **Start gesture**. On HoloLens (1st gen) the Start gesture is [bloom](https://support.microsoft.com/help/12644/hololens-use-gestures). On HoloLens 2, the [Start gesture](hololens2-basic-usage.md#start-gesture) is to tap the Start icon that appears on your wrist. You can also open the Start menu using your voice by saying "Go to Start".
> [!TIP]
-> When the **Start** menu is open, use the start gesture to hide it again.
+> When the Start menu is open, use the Start gesture to close it, or look at the Start menu and say "Close".
-At the top of the **Start** menu, you'll see status indicators for Wi-Fi, battery, and volume, plus a clock. The tiles are your pinned apps. To talk to Cortana, select her tile, or just say "Hey Cortana" from anywhere on HoloLens. At the bottom you'll find the photo and video icons, which open the camera app.
+At the top of the Start menu, you'll see status indicators for Wi-Fi, battery, volume, and a clock. On HoloLens 2 there is also a listening indicator that shows whether the device is speech enabled and is listening for voice commands. At the bottom you'll find the **Photo** and **Video** buttons which allow you to take photos and video recordings. There is also a **Connect** button that allows you to project what you see to another device using Miracast.
-To see the rest of your apps, select **All apps**. To get back to **Start** from the **All apps** list, select **Pinned apps**.
+### Find apps on Start menu
-## Use apps on HoloLens
+The Start menu has a **Pinned apps** list and an **All apps** list.
-Apps on HoloLens use either 2D view or holographic view. Apps with 2D view look like windows, and apps with holographic view surround you and become the only app you see.
+- The **Pinned apps** list shows apps that have been pinned. You can add and remove apps from the **Pinned apps** list using the context menu that appears when you **select and hold** on an app tile.
-### Open apps
+- The **All apps** list shows all apps that are installed on the device. Select the **All apps** button on the right side of the **Start** menu to get to the list.
-You'll find your apps either pinned to **Start** or in the **All apps** list. To get to the **All apps** list, use the bloom gesture to go to **Start**, then select **All apps**.
-
-On **Start** or in the **All apps** list, select an app. It will open in a good position for viewing.
-
->[!NOTE]
->- Up to three 2D app windows can be active at a time. You can open more, but only three will remain active.
->- Each open app can have one active window at a time, except Microsoft Edge, which can have up to three.
->- If you're having problems with apps, make sure there's enough light in your space, and walk around so HoloLens has a current scan. If you keep having trouble, see [HoloLens and holograms: FAQ](https://support.microsoft.com/help/13456/hololens-and-holograms-faq) for more info.
-
-## Move, resize, and rotate apps
-
-Moving and resizing apps on HoloLens works a bit differently than it does on a PC. Instead of dragging the app, you'll use your gaze, along with a [gesture](https://support.microsoft.com/help/12644/hololens-use-gestures) or the [clicker](hololens-clicker.md). You can also rotate an app window in 3D space.
+On both app lists, use the **Page up** and **Page down** buttons on the right side of the Start menu to page through all the apps in the list. Both app lists will automatically open to the page that was last used during a device session.
> [!TIP]
-> Rearrange apps using your voice—gaze at an app and say "Face me," "Bigger," or "Smaller." Or have Cortana move an app for you: say "Hey Cortana, move <*app name*> here."
+> On HoloLens 2, you can directly scroll the app lists using your index finger. Just touch the list with your finger tip and drag upwards or downwards.
-### Move an app
+### Open apps from Start menu
-Gaze at the app, and then do one of the following.
+To open an app from the Start menu, simply **select** an **app tile**. You can also say the name of an app to open it.
-- Tap and hold to select the app. Move your hand to position the app, and raise your finger to place it.
+When you open an app from the Start menu, one of the following will happen, depending on how the app is designed:
-- Select **Adjust**, tap and hold, and move your hand to position the app. Raise your finger to place it, then select **Done**.
-- Select **Adjust**, click and hold the clicker, and move your hand to position the app. Release the clicker, then select **Done**.
+- An **app window** is placed. The app is then loaded in the window and you can use it like a touch screen.
+- A **3D app launcher** for an immersive app is placed. You need to then **select** the launcher to open the immersive app.
+- An app window is placed which acts as a **launcher** for an immersive app. The immersive app will proceed to launch automatically.
-> [!TIP]
-> If you drop apps when you move them, make sure to keep your hand in the gesture frame by following it with your gaze.
+App windows and app launchers placed in mixed reality home will stay around until you decide to remove them. They give you a convenient shortcut in the world to use those app windows or to launch immersive apps without having to open them again from the Start menu.
-### Resize an app
+> [!NOTE]
+>Like on a phone, system resources is managed automatically on HoloLens. For example, when you open a new immersive app, all other running apps will immediately become inactive. There is no need to remove app windows and launchers in mixed reality home to free up system resources.
-Gaze at the app, and then do one of the following.
+## Using apps on HoloLens
-- Gaze at a corner or edge of an app window, and tap and hold. Move your hand to change the app's size, and raise your finger when you're done.
+Apps on HoloLens can use app window view or immersive view. With app window view the app simply shows its content inside a window. With immersive view an app takes you away from mixed realty home where it can then display its content in the physical environment all around you. Apps can also choose to use both views.
-- Select **Adjust**. Gaze at one of the blue squares at the corners of the app, tap and hold, then move your hand to resize the app. Raise your finger to release it, then select **Done**.
-- Select **Adjust**. Gaze at one of the blue squares at the corners of the app, click and hold the clicker, then move your hand to resize the app. Release the clicker, then select **Done**.
+### Use app windows
-> [!TIP]
-> In Adjust mode, you can move or resize any hologram.
+On HoloLens (1st gen) app windows are placed and used in mixed reality home, where you can [move, resize, and rotate](hololens1-basic-usage.md#move-resize-and-rotate-apps) them as you like. In addition to using app windows with gaze and gesture, you can also use them with Bluetooth connected mouse and keyboard.
-### Rotate an app
+On HoloLens 2, in addition to using app windows in mixed reality home, you can also use one app window at a time inside an immersive app. You can also put an app window into **Follow me** mode where it will stay in front of you as you walk around. When you open an app window while inside an immersive app, it will open in **Follow me** mode automatically. You can [move, resize, and rotate](hololens2-basic-usage.md#move-resize-and-rotate-holograms) app windows directly using your hands in both mixed reality home and inside an immersive app.
-Gaze at the app, and tap and hold with both hands to select it. Rotate the app by keeping one hand steady and moving your other hand around it. When you're done, raise both index fingers.
+> [!NOTE]
+>
+> - Up to three app windows can be active in mixed reality home at a time. You can open more, but only three will remain active.
+> - When an app window is not active, it will show content that looks darkened compared to an active window. Some will simply show the app icon instead of any content. To activate an inactive window simply **select** it.
+> - Each open app can have one active window at a time, except Microsoft Edge, which can have up to three.
-## Close apps
+### Close apps
-To close an app that uses 2D view, gaze at it, then select **Close**.
+To close an app that uses an app window, simply close the app window with the **Close** button on the title bar. You can also look at the window and say "Close".
-To close an app that uses holographic view, use the bloom gesture to leave holographic view, then select **Close**.
+To exit an app that uses immersive view, use the Start gesture to bring up the **Start menu**, then select the **Mixed reality home** button.
-## Pin apps
+If an immersive app is in a broken state and you need to restart it, you can make sure the app is first completely shut down by closing its launcher in mixed reality home, then launching it from the Start menu.
-Keep your favorite apps handy by pinning them to **Start**. In the **All apps** list, gaze at an app to highlight it. Tap and hold until the menu appears, then select **Pin**. To unpin an app, gaze at the app on **Start**, then tap and hold and select **Unpin**.
+## Related info
+
+[Find, Install, and Uninstall applications from the Microsoft Store](holographic-store-apps.md)
diff --git a/devices/hololens/holographic-photos-and-video.md b/devices/hololens/holographic-photos-and-video.md
index 25e8d4a104..a02c1fb445 100644
--- a/devices/hololens/holographic-photos-and-video.md
+++ b/devices/hololens/holographic-photos-and-video.md
@@ -8,12 +8,13 @@ ms.sitesec: library
author: Teresa-Motiv
ms.author: v-tea
ms.topic: article
-ms.localizationpriority: medium
+ms.localizationpriority: high
ms.date: 8/12/19
ms.reviewer:
manager: jarrettr
appliesto:
-- Hololens (1st gen)
+- HoloLens (1st gen)
+- HoloLens 2
---
# Create, share, and view photos and video
@@ -22,21 +23,31 @@ Use your HoloLens to take photos and videos that capture the holograms you've pl
To sync your photos and videos to OneDrive, open the OneDrive app and select **Settings** > **Camera upload**, and then turn on **Camera upload**.
-## Take a photo
+## Take a photo on HoloLens (1st gen)
-Use the [bloom](https://support.microsoft.com/help/12644/hololens-use-gestures) gesture to go to **Start**, then select **Photo**. Use gaze to position the photo frame, then air tap to take the picture. The picture will be saved to your collection in the Photos app.
+Use the open the **Start** menu, and then select the Photos app.
-Want to snap a quick pic? Press the volume up and volume down buttons at the same time. [Where are the buttons?](https://support.microsoft.com/help/12649/hololens-whats-in-the-box)
+Use gaze to position the photo frame, then air tap to take the picture. The picture will be saved to your collection in the Photos app.
-## Take a video
+Want to snap a quick picture? Press the [volume up and volume down buttons](hololens1-hardware.md#hololens-components) at the same time.
+
+## Take a video on HoloLens (1st gen)
Use the bloom gesture to go to **Start**, then select **Video**. Use gaze to position the video frame, then air tap to start recording. To stop recording, use bloom once. The video will be saved to your collection in the Photos app.
-To start recording more quickly, press and hold the volume up and volume down buttons simultaneously until a 3-second countdown begins. To stop recording, tap both buttons.
+To start recording more quickly, press and hold the volume up and volume down buttons simultaneously until a three-second countdown begins. To stop recording, tap both buttons.
> [!TIP]
> You can always have Cortana take a photo or a video for you. Just say "Hey Cortana, take a photo" or "Hey Cortana, take a video." [What else can I say to Cortana?](hololens-cortana.md)
-[Take + share photos and video with Mixed reality capture](https://docs.microsoft.com/en-us/windows/mixed-reality/mixed-reality-capture)
+## Find your photos and videos
-[Find and view your photos](https://docs.microsoft.com/en-us/windows/mixed-reality/see-your-photos)
+To see your photos from OneDrive, select **More** > **Settings**, and then turn on **Show my cloud-only content from OneDrive**. (You'll need to sign in to the Photos app with your Microsoft account, if you haven't already.)
+
+To pin a photo or video in your world, open it, then select **Place in mixed world**. Use tap and hold to move it to where you want it.
+
+## Share photos and videos
+
+To share images to a social network, in the Collection view, tap and hold the photo you want to share, then select **Share**. Select **Share Assistant**, then select the app that you want to share to.
+
+You can also share directly from the camera app right after you take a photo—at the top of the image, select **Share**.
diff --git a/devices/hololens/holographic-store-apps.md b/devices/hololens/holographic-store-apps.md
new file mode 100644
index 0000000000..6d0e0d820a
--- /dev/null
+++ b/devices/hololens/holographic-store-apps.md
@@ -0,0 +1,53 @@
+---
+title: Find, install, and uninstall applications
+description: The Microsoft Store is your source for apps and games that work with HoloLens. Learn more about finding, installing, and uninstalling holographic apps.
+ms.assetid: cbe9aa3a-884f-4a92-bf54-8d4917bc3435
+ms.reviewer: v-miegge
+ms.date: 8/30/2019
+manager: jarrettr
+keywords: hololens, store, uwp, app, install
+ms.prod: hololens
+ms.sitesec: library
+author: mattzmsft
+ms.author: mazeller
+ms.topic: article
+ms.localizationpriority: medium
+appliesto:
+- HoloLens (1st gen)
+- HoloLens 2
+---
+
+# Find, install, and uninstall applications from the Microsoft Store
+
+The Microsoft Store is your go-to source for apps and games that work with HoloLens. When you go to the Store on your HoloLens, any apps you see there will run on it.
+
+Apps on HoloLens use either 2D view or holographic view. Apps that use 2D view look like windows and can be positioned all around you. Apps that use holographic view surround you and become the only app you see.
+
+HoloLens supports many existing applications from the Microsoft Store, as well as new apps built specifically for HoloLens. This article focuses on holographic applications from the Microsoft Store.
+
+To learn more about installing and running custom apps, read [Custom holographic applications](holographic-custom-apps.md).
+
+## Find apps
+
+Open the Microsoft Store from the **Start** menu. Then browse for apps and games. You can use Cortana to search by saying "Hey, Cortana" and then saying your search terms.
+
+## Install apps
+
+To download apps, you'll need to be signed in with a Microsoft account. To buy them, you'll need a payment method associated with the Microsoft account you use on your HoloLens. To set up a payment method, go to [account.microsoft.com](http://account.microsoft.com/) and select **Payment & billing** > **Payment options** > **Add a payment option**.
+
+1. To open the [**Start** menu](holographic-home.md), perform a [bloom](hololens1-basic-usage.md) gesture or tap your wrist.
+2. Select the Store app and then tap to place this tile into your world.
+3. Once the Store app opens, use the search bar to look for any desired application.
+4. Select **Get** or **Install** on the application's page (a purchase may be required).
+
+## Uninstall apps
+
+There are two ways to uninstall applications. You can uninstall applications through the Microsoft Store or Start menu.
+
+### Uninstall from the Start menu
+
+On the **Start** menu or in the **All apps** list, gaze at the app. Tap and hold until the menu appears, then select **Uninstall**.
+
+### Uninstall from the Microsoft Store
+
+Open the Microsoft Store from the **Start** menu, and then browse for the application you'd like to uninstall. On the Store page, each application that you have installed has an **Uninstall** button.
diff --git a/devices/hololens/hololens-calibration.md b/devices/hololens/hololens-calibration.md
new file mode 100644
index 0000000000..1296d0f4bd
--- /dev/null
+++ b/devices/hololens/hololens-calibration.md
@@ -0,0 +1,147 @@
+---
+title: Improve visual quality and comfort
+description: Calibrating your IPD (interpupillary distance) can improve the quality of your visuals. Both HoloLens and Windows Mixed Reality immersive headsets offer ways to customize IPD.
+author: Teresa-Motiv
+ms.author: xerxesb
+ms.date: 9/13/2019
+ms.topic: article
+keywords: calibration, comfort, visuals, quality, ipd
+ms.prod: hololens
+ms.sitesec: library
+author: Teresa-Motiv
+ms.localizationpriority: high
+ms.reviewer:
+manager: jarrettr
+appliesto:
+- HoloLens (1st gen)
+- HoloLens 2
+---
+
+# Improve visual quality and comfort
+
+HoloLens 2 and HoloLens (1st gen) both work better when they're calibrated to your unique eyes.
+
+While both devices need to calibrate for the best hologram viewing experience, they use different calibration technologies and techniques. Jump to [HoloLens 2 calibration](#calibrating-your-hololens-2) or [HoloLens (1st gen) calibration](#calibrating-your-hololens-1st-gen).
+
+## Calibrating your HoloLens 2
+
+HoloLens 2 uses eye-tracking technology to improve your experience seeing and interacting with the virtual environment. Calibrating the HoloLens 2 ensures that it can accurately track your eyes (and the eyes of anyone else who uses the device). After calibration, holograms will appear correctly even as the visor shifts on your head.
+
+HoloLens 2 prompts a user to calibrate the device under the following circumstances:
+
+- The user is using the device for the first time
+- The user previously opted out of the calibration process
+- The calibration process did not succeed the last time the user used the device
+
+
+
+During this process, you'll look at a set of targets (gems). It's fine if you blink or close your eyes during calibration but try not to stare at other objects in the room. This allows HoloLens to learn about your eye position to render your holographic world.
+
+
+
+
+
+
+
+If calibration was successful, you'll see a success screen. If not, read more about diagnosing calibration failures [here](#troubleshooting-hololens-2-calibration).
+
+
+
+### Calibration when sharing a device or session
+
+Multiple users can share a HoloLens 2 device, without a need for each person to go through device setup. When a new user puts the device on their head for th first time, HoloLens 2 automatically prompts the user to calibrate visuals. When a user that has previously calibrated visuals puts the device on their head, the display seamlessly adjusts for quality and a comfortable viewing experience.
+
+### Manually starting the calibration process
+
+1. Use the start gesture to open the [**Start** menu](hololens2-basic-usage.md#start-gesture).
+1. If the Settings app isn't pinned to **Start**, select **All Apps**.
+1. Select **Settings**, and then select **System** > **Calibration** > **Eye Calibration** > **Run eye calibration**.
+
+ 
+
+### Troubleshooting HoloLens 2 calibration
+
+Calibration should work for most people, but there are cases where calibration fails.
+
+Some potential reasons for calibration failure include:
+
+- Getting distracted and not following the calibration targets
+- Dirty or scratched device visor or device visor not positioned properly
+- Dirty or scratched glasses
+- Certain types of contact lenses and glasses (colored contact lenses, some toric contact lenses, IR blocking glasses, some high prescription glasses, sunglasses, or similar)
+- More-pronounced makeup and some eyelash extensions
+- Hair or thick eyeglass frames if they are blocking the device from seeing your eyes
+- Certain eye physiology, eye conditions or eye surgery such as narrow eyes, long eyelashes, amblyopia, nystagmus, some cases of LASIK or other eye surgeries
+
+If calibration is unsuccessful try:
+
+- Cleaning your device visor
+- Cleaning your glasses
+- Pushing your device visor as close to your eyes as possible
+- Moving objects in your visor out of the way (such as hair)
+- Turning on a light in your room or moving out of direct sunlight
+
+If you followed all guidelines and calibration is still failing, please let us know by filing feedback in [Feedback Hub](hololens-feedback.md).
+
+### Calibration data and security
+
+Calibration information is stored locally on the device and is not associated with any account information. There is no record of who has used the device without calibration. This mean new users will get prompted to calibrate visuals when they use the device for the first time, as well as users who opted out of calibration previously or if calibration was unsuccessful.
+
+Calibration information can always be deleted from the device in **Settings** > **Privacy** > **Eye tracker**.
+
+### Disable calibration
+
+You can also disable the calibration prompt by following these steps:
+
+1. Select **Settings** > **System** > **Calibration**.
+1. Turn off **When a new person uses this HoloLens, automatically ask to run eye calibration**.
+
+> [!IMPORTANT]
+> Please understand that this setting may adversely affect hologram rendering quality and comfort.
+
+### HoloLens 2 eye-tracking technology
+
+The device uses its eye-tracking technology to improve display quality, and to ensure that all holograms are positioned accurately and comfortable to view in 3D. Because it uses the eyes as landmarks, the device can adjust itself for every user and tune its visuals as the headset shifts slightly throughout use. All adjustments happen on the fly without a need for manual tuning.
+
+HoloLens applications use eye tracking to track where you are looking in real time. This is the main capability developers can leverage to enable a whole new level of context, human understanding and interactions within the Holographic experience. Developers don’t need to do anything to leverage this capability.
+
+## Calibrating your HoloLens (1st gen)
+
+HoloLens (1st gen) adjusts hologram display according to the your [interpupillary distance](https://en.wikipedia.org/wiki/Interpupillary_distance) (IPD). If the IPD is not accurate, holograms may appear unstable or at an incorrect distance. You can improve the quality of your visuals by calibrating the device to your interpupillary distance (IPD).
+
+When you set up your Hololens (1st gen) device, it prompts to calibrate your visuals after Cortana introduces herself. It's recommended that you complete the calibration step during this setup phase. However you can skip it by waiting until Cortana prompts you and then saying "Skip."
+
+During the calibration process, HoloLens asks you to align your finger with a series of six targets per eye. HoloLens uses this process to set the IPD correctly for your eyes.
+
+
+
+### Manually start the calibration process
+
+If you need to update the calibration or if a new user needs to adjust it, you can manually run the Calibration app at any time. The Calibration app is installed by default. You can access it by using eihter the **Start** menu or the Settings app.
+
+To use the **Start** menu to run the Calibration app, follow these steps:
+
+1. Use the [bloom](hololens1-basic-usage.md) gesture to open the **Start** menu.
+1. To view all apps, select **+**.
+1. Select **Calibration**.
+
+
+
+
+
+To use the Settings app to run the Calibration app, follow these steps:
+
+1. Use the [bloom](hololens1-basic-usage.md) gesture to open the **Start** menu.
+1. If **Settings** isn't pinned to **Start**, select **+** to view all apps.
+1. Select **Settings**.
+1. Select **System** > **Utilities** > **Open Calibration**.
+
+
+
+## Immersive headsets
+
+Some immersive headsets provide the ability to customize the IPD setting. To change the IPD for your headset, open the Settings app and select **Mixed reality** > **Headset display**, and then move the slider control. You’ll see the changes in real time in your headset. If you know your IPD, maybe from a visit to the optometrist, you can enter it directly as well.
+
+You can also adjust this setting on your PC by selecting **Settings** > **Mixed reality** > **Headset display**.
+
+If your headset does not support IPD customization, this setting will be disabled.
diff --git a/devices/hololens/hololens-clicker-restart-recover.md b/devices/hololens/hololens-clicker-restart-recover.md
deleted file mode 100644
index 25e49740c9..0000000000
--- a/devices/hololens/hololens-clicker-restart-recover.md
+++ /dev/null
@@ -1,49 +0,0 @@
----
-title: Restart or recover the HoloLens clicker
-description: Things to try if the HoloLens clicker is unresponsive or isn’t working well.
-ms.assetid: 13406eca-e2c6-4cfc-8ace-426ff8f837f4
-ms.reviewer: jarrettrenshaw
-ms.date: 07/01/2019
-manager: v-miegge
-keywords: hololens
-ms.prod: hololens
-ms.sitesec: library
-author: v-miegge
-ms.author: v-miegge
-ms.topic: article
-ms.localizationpriority: medium
----
-
-# Restart or recover the HoloLens clicker
-
-[Clicker recovery](https://support.microsoft.com/en-us/help/15555)
-
-Here are some things to try if the HoloLens clicker is unresponsive or isn’t working well.
-
-## Restart the clicker
-
-Use the tip of a pen to press and hold the [pairing button](https://support.microsoft.com/en-us/help/12646).
-
-
-
-At the same time, click and hold the clicker for 15 seconds. If the clicker was already paired with your HoloLens, it will stay paired after it restarts.
-
-
-
-If the clicker won't turn on or restart, try charging it using the HoloLens charger. If the battery is very low, it might take a few minutes for the white indicator light to turn on.
-
-## Re-pair the clicker
-
-Go to Settings > Devices and select the clicker. Select Remove, wait a few seconds, then pair the clicker again.
-
-## Recover the clicker
-
-If restarting and re-pairing the clicker don’t fix the problem, the Windows Device Recovery Tool can help you recover it. The recovery process may take some time, and the latest version of the clicker software will be installed. To use the tool, you’ll need a computer running Windows 10 or later with at least 4 GB of free storage space.
-
-To recover the clicker:
-
-1. Download and install the [Windows Device Recovery Tool](https://dev.azure.com/ContentIdea/ContentIdea/_queries/query/8a004dbe-73f8-4a32-94bc-368fc2f2a895/) on your computer.
-1. Connect the clicker to your computer using the Micro USB cable that came with your HoloLens.
-1. Run the Windows Device Recovery Tool and follow the instructions.
-
-If the clicker isn’t automatically detected, select **My device was not detected** and follow the instructions to put your device into recovery mode.
diff --git a/devices/hololens/hololens-clicker.md b/devices/hololens/hololens-clicker.md
deleted file mode 100644
index 8ec7e8077b..0000000000
--- a/devices/hololens/hololens-clicker.md
+++ /dev/null
@@ -1,65 +0,0 @@
----
-title: Use the HoloLens Clicker
-description:
-ms.assetid: 7d4a30fd-cf1d-4c9a-8eb1-1968ccecbe59
-ms.reviewer: jarrettrenshaw
-ms.date: 07/01/2019
-manager: v-miegge
-keywords: hololens
-ms.prod: hololens
-ms.sitesec: library
-author: v-miegge
-ms.author: v-miegge
-ms.topic: article
-ms.localizationpriority: medium
----
-
-# Use the HoloLens Clicker
-
-The clicker was designed specifically for HoloLens and gives you another way to interact with holograms. It comes with HoloLens, in a separate box. Use it in place of hand gestures to select, scroll, move, and resize.
-
-
-
-## Hold the clicker
-
-To put on the clicker, slide the loop over your ring or middle finger with the Micro USB port toward your wrist. Rest your thumb in the indentation.
-
-
-
-## Clicker gestures
-
-Clicker gestures are small wrist rotations, not the larger movements used for HoloLens hand gestures. And HoloLens will recognize your gestures and clicks even if the clicker is outside the [gesture frame](https://support.microsoft.com/help/12644), so you can hold the clicker in the position that's most comfortable for you.
-
-- **Select**. To select a hologram, button, or other element, gaze at it, then click.
-
-- **Click and hold**. Click and hold your thumb down on the button to do some of the same things you would with tap and hold, like move or resize a hologram.
-
-- **Scroll**. On the app bar, select **Scroll Tool**. Click and hold, then rotate the clicker up, down, left, or right. To scroll faster, move your hand farther from the center of the scroll tool.
-
-- **Zoom**. On the app bar, select **Zoom Tool**. Click and hold, then rotate the clicker up to zoom in, or down to zoom out.
-
->[!TIP]
->In Microsoft Edge, gaze at a page and double-click to zoom in or out.
-
-## Pair and charge the clicker
-
-To pair the clicker with your HoloLens, see [Pair Bluetooth devices](https://support.microsoft.com/help/12636).
-
-When the clicker battery is low, the battery indicator will blink amber. Plug the Micro USB cable into a USB power supply to charge the device.
-
-## Indicator lights
-
-Here's what the lights on the clicker mean.
-
-- **Blinking white**. The clicker is in pairing mode.
-
-- **Fast-blinking white**. Pairing was successful.
-
-- **Solid white**. The clicker is charging.
-
-- **Blinking amber**. The battery is low.
-
-- **Solid amber**. The clicker ran into an error and you'll need to restart it. While pressing the pairing button, click and hold for 15 seconds.
-
->[!NOTE]
->If the clicker doesn't respond or won't start, see [Restart or recover the HoloLens clicker](https://support.microsoft.com/help/15555/hololens-restart-or-recover-the-hololens-clicker).
diff --git a/devices/hololens/hololens-commercial-features.md b/devices/hololens/hololens-commercial-features.md
new file mode 100644
index 0000000000..1b3fdcdcd4
--- /dev/null
+++ b/devices/hololens/hololens-commercial-features.md
@@ -0,0 +1,77 @@
+---
+title: Commercial features
+description: The Microsoft HoloLens Commercial Suite includes features that make it easier for businesses to manage HoloLens devices. HoloLens 2 devices are equipped with commercial features by default.
+author: scooley
+ms.author: scooley
+ms.date: 08/26/19
+ms.topic: article
+keywords: HoloLens, commercial, features, mdm, mobile device management, kiosk mode
+ms.prod: hololens
+ms.sitesec: library
+ms.localizationpriority: high
+ms.reviewer:
+manager: jarrettr
+appliesto:
+- HoloLens (1st gen)
+- HoloLens 2
+---
+
+# Commercial features
+
+HoloLens includes features that make it easier for businesses to manage HoloLens devices.
+
+Every HoloLens 2 device has commercial features available.
+
+HoloLens (1st gen) came with two licensing options, the developer license and a commercial license. To unlock HoloLens's commercial capabilities, upgrade from the developer license to a commercial license. To purchase the Microsoft HoloLens Commercial Suite, contact your local Microsoft account manager.
+
+>[!VIDEO https://www.youtube.com/embed/tNd0e2CiAkE]
+
+## Key commercial features
+
+- **Kiosk mode.** You can use HoloLens in demo or showcase experiences by using kiosk mode, to limit which apps can run.
+
+ 
+
+- **Mobile Device Management (MDM) for HoloLens.** Your IT department can manage multiple HoloLens devices simultaneously by using solutions such as Microsoft Intune. You can manage settings, select apps to install, and set security configurations that are tailored to your organization's needs.
+
+ 
+
+- **Windows Update for Business.** Windows Update for Business provides controlled operating system updates to devices and support for the long-term servicing channel.
+- **Data security.** BitLocker data encryption is enabled on HoloLens to provide the same level of security protection as any other Windows device.
+- **Work access.** Anyone in your organization can remotely connect to the corporate network through virtual private network (VPN) on a HoloLens. HoloLens can also access Wi-Fi networks that require credentials.
+- **Microsoft Store for Business.** Your IT department can also set up an enterprise private store, containing only your company’s apps for your specific HoloLens usage. Securely distribute your enterprise software to selected group of enterprise users.
+
+## Feature comparison between editions
+
+|Features |HoloLens Development Edition |HoloLens Commercial Suite |HoloLens 2 |
+|---|:---:|:---:|:---:|
+|Device Encryption (BitLocker) | |✔️ |✔️ |
+|Virtual Private Network (VPN) | |✔️ |✔️ |
+|[Kiosk mode](https://docs.microsoft.com/windows/mixed-reality/using-the-windows-device-portal#kiosk-mode) | |✔️ |✔️ |
+|**Management and deployment** | | | |
+|Mobile Device Management (MDM) | |✔️ |✔️ |
+|Ability to block unenrollment | |✔️ |✔️ |
+|Cert-based corporate Wi-Fi access | |✔️ |✔️ |
+|Microsoft Store (Consumer) |Consumer |Filter by using MDM |Filter by using MDM |
+[Business Store Portal](https://docs.microsoft.com/microsoft-store/working-with-line-of-business-apps) | |✔️ |✔️ |
+|**Security and identity** | | | |
+|Sign in by using Azure Active Directory (AAD) account |✔️ |✔️ |✔️ |
+|Sign in by using Microsoft Account (MSA) |✔️ |✔️ |✔️ |
+|Next Generation Credentials with PIN unlock |✔️ |✔️ |✔️ |
+|[Secure boot](https://docs.microsoft.com/windows-hardware/design/device-experiences/oem-secure-boot) |✔️ |✔️ |✔️ |
+|**Servicing and support** | | | |
+|Automatic system updates as they arrive |✔️ |✔️ |✔️ |
+|[Windows Update for Business](https://docs.microsoft.com/windows/deployment/update/waas-manage-updates-wufb) | |✔️ |✔️ |
+|Long-Term Servicing Channel (LTSC) | |✔️ |✔️ |
+
+## Enabling commercial features
+
+Your organization's IT admin can set up commercial features such as Microsoft Store for Business, kiosk mode, and enterprise Wi-Fi access. The [Microsoft HoloLens](https://docs.microsoft.com/hololens) documentation provides step-by-step instructions for enrolling devices and installing apps from Microsoft Store for Business.
+
+## See also
+
+- [Microsoft HoloLens](https://docs.microsoft.com/hololens)
+- [Kiosk mode](/windows/mixed-reality/using-the-windows-device-portal.md#kiosk-mode)
+- [CSPs supported in HoloLens devices](/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices)
+- [Microsoft Store For Business and line of business applications](https://blogs.technet.microsoft.com/sbucci/2016/04/13/windows-store-for-business-and-line-of-business-applications/)
+- [Working with line-of-business apps](/microsoft-store/working-with-line-of-business-apps)
diff --git a/devices/hololens/hololens-connect-devices.md b/devices/hololens/hololens-connect-devices.md
index c702921e14..6e8f48fa30 100644
--- a/devices/hololens/hololens-connect-devices.md
+++ b/devices/hololens/hololens-connect-devices.md
@@ -8,39 +8,67 @@ author: Teresa-Motiv
ms.author: v-tea
ms.topic: article
ms.localizationpriority: medium
-ms.date: 8/12/19
+ms.date: 9/13/2019
manager: jarrettr
appliesto:
- HoloLens (1st gen)
- HoloLens 2
---
-# Connect devices and accessories
+# Connect to Bluetooth and USB-C devices
## Pair Bluetooth devices
-Pair a Bluetooth mouse and keyboard with HoloLens, then use them to interact with holograms and to type anywhere you'd use the holographic keyboard. Pair the HoloLens [clicker](hololens-clicker.md) for a different way to interact with HoloLens.
+Pair a Bluetooth mouse and keyboard with HoloLens, then use them to interact with holograms and to type anywhere you'd use the holographic keyboard.
+
+Classes of Bluetooth devices supported by HoloLens 2:
+
+- Mouse
+- Keyboard
+- Bluetooth audio output (A2DP) devices
+
+Classes of Bluetooth devices supported by HoloLens (1st gen):
+
+- Mouse
+- Keyboard
+- HoloLens (1st gen) clicker
> [!NOTE]
-> Other types of Bluetooth devices, such as speakers, headsets, smartphones, and game pads, may appear as available in HoloLens settings, but aren't supported. [Learn more](http://go.microsoft.com/fwlink/p/?LinkId=746660).
+> Other types of Bluetooth devices, such as speakers, headsets, smartphones, and game pads, may appear as available in HoloLens settings, but aren't supported on HoloLens (1st gen). [Learn more](http://go.microsoft.com/fwlink/p/?LinkId=746660).
### Pair a Bluetooth keyboard or mouse
-1. Turn on your keyboard or mouse and make it discoverable. The way you make it discoverable depends on the device. Check the device or visit the manufacturer's website to learn how.
+1. Turn on your keyboard or mouse and make it discoverable. The way you make it discoverable depends on the device. To learn how to do this, check the device or visit the manufacturer's website.
-1. Go to **Start**, then select **Settings**.
-1. Select **Devices** and make sure Bluetooth is on. When you see the device name, select **Pair** and follow the instructions.
+1. Use the bloom gesture (HoloLens (1st gen) or the start gesture (HoloLens 2) to go to **Start**, then select **Settings**.
+1. Select **Devices** and make sure that Bluetooth is on. When you see the device name, select **Pair** and follow the instructions.
### Pair the clicker
+> Applies to HoloLens (1st gen) only.
+
1. Use the bloom gesture to go to **Start**, then select **Settings**.
-1. Select **Devices** and make sure Bluetooth is on.
-1. Use the tip of a pen to press and hold the clicker's pairing button until the status light blinks white. Make sure to hold the button down until the light starts blinking. [Where's the pairing button?](hololens-clicker.md)
+1. Select **Devices** and make sure that Bluetooth is on.
+1. Use the tip of a pen to press and hold the clicker's pairing button until the status light blinks white. Make sure to hold the button down until the light starts blinking. [Where's the pairing button?](hololens1-clicker.md)
1. On the pairing screen, select **Clicker** > **Pair**.
## Connect USB-C devices
+> Applies to HoloLens 2 only.
+
+HoloLens 2 lets you connect a wide range of USB-C devices.
+
+HoloLens 2 supports the following devices classes:
+
+- Mass storage devices (such as thumb drives)
+- Ethernet adapters (including ethernet with charging)
+- USB-C to 3.5mm digital audio adapters
+- USB-C digital audio headsets (including headset adapters with charging)
+- Wired mouse
+- Wired keyboard
+- Combination PD hubs (USB A + PD charging)
+
## Connect to Miracast
-> Applies to HoloLens 2 only.
+Use Miracast by opening the **Start** menu and selecting the display icon or saying "Connect" while gazing at the **Start** menu. Choose an available device from the list that appears and complete pairing to begin projection.
diff --git a/devices/hololens/hololens-cortana.md b/devices/hololens/hololens-cortana.md
index 03ad75f637..5ffe60d2e1 100644
--- a/devices/hololens/hololens-cortana.md
+++ b/devices/hololens/hololens-cortana.md
@@ -1,8 +1,8 @@
---
-title: Cortana on HoloLens
+title: Use your voice with HoloLens
description: Cortana can help you do all kinds of things on your HoloLens
ms.assetid: fd96fb0e-6759-4dbe-be1f-58bedad66fed
-ms.date: 08/14/2019
+ms.date: 9/13/2019
keywords: hololens
ms.prod: hololens
ms.sitesec: library
@@ -10,39 +10,67 @@ author: v-miegge
ms.author: v-miegge
ms.topic: article
manager: jarrettr
-ms.localizationpriority: medium
+ms.localizationpriority: high
+appliesto:
+- HoloLens (1st gen)
+- HoloLens 2
---
# Use your voice with HoloLens
-You can use your voice to do many of the same things you do with gestures on HoloLens, like taking a quick photo or opening an app.
+You can use your voice to do almost anything on HoloLens, such as taking a quick photo or opening an app. Many voice commands are built into HoloLens, while others are available through Cortana.
-## Voice commands
-
-Get around HoloLens faster with these basic commands. If you turn Cortana off, "Hey Cortana" voice commands won't be available, but you'll still be able to use the following built-in voice commands.
-
-**Select**. Use this instead of air tap. Gaze at a hologram, then say "Select."
-
-**Go to start**. Say "Go to Start" anytime to bring up the **Start** menu. Or when you're in an immersive app, say "Go to Start" to get to the quick actions menu.
-
-**Move this**. Instead of air tapping and dragging an app, say "Move this" and use gaze to move it.
-
-**Face me**. Gaze at a hologram, and then say "Face me" to turn it your way.
-
-**Bigger/Smaller**. Gaze at a hologram, and then say "Bigger" or "Smaller" to resize it.
-
-Many buttons and other elements on HoloLens also respond to your voice—for example, **Adjust** and **Close** on the app bar. To find out if a button is voice-enabled, rest your gaze on it for a moment. If it is, you'll see a voice tip.
-
-## Dictation mode
-
-Tired of typing? Switch to dictation mode any time the holographic keyboard is active. Select the microphone icon to get started, or say "Start dictating." To stop dictating, select **Done** or say "Stop dictating." To delete what you just dictated, say "Delete that."
+This article teachs you how to control HoloLens and your holographic world with your voice and with Cortana.
> [!NOTE]
-> You need an Internet connection to use dictation mode.
+> Speech is only supported in [some languages](https://support.microsoft.com/help/4039262#Languages). The speech language is based on the Windows display language, not the keyboard language.
+>
+> You can verify the Windows display language by selecting **Settings** > **Time and Language** > **Language**.
+
+## Built-in voice commands
+
+Get around HoloLens faster with these basic commands. In order to use these you need to enable Speech during first run of the device or in **Settings** > **Privacy** > **Speech**. You can always check whether speech is enabled by looking at the status at the top of Start menu.
+
+### General speech commands
+
+Use these commands throughout Windows Mixed Reality to get around faster. Some commands use the gaze cursor, which you bring up by saying “select.”
+
+| Say this | To do this |
+| - | - |
+| "Select" | Say "select" to bring up the gaze cursor. Then, turn your head to position the cursor on the thing you want to select, and say “select” again. |
+|Open the Start menu | "Go to Start" |
+|Close the Start menu | "Close" |
+|Leave an immersive app | Say "Go to Start" to bring up the quick actions menu, then say "Mixed reality home." |
+|Hide and show hand ray | "Hide hand ray" / "Show hand ray" |
+|See available speech commands | "What can I say?" |
+
+### Hologram commands
+
+To use these commands, gaze at a 3D object, hologram, or app window.
+
+| Say this | To do this |
+| - | - |
+| "Bigger" | Make it bigger |
+| "Smaller" | Make it smaller |
+| "Face me" | Turn it to face you |
+| "Move this" | Move it (follow your gaze) |
+| "Close" | Close it |
+| "Follow" / "Stop following" | Make it follow you as you move around |
+
+### See it, say it
+
+Many buttons and other elements on HoloLens also respond to your voice—for example, **Follow me** and **Close** on the app bar, or the **Back** button in Edge. To find out if a button is voice-enabled, rest your **gaze cursor** on it for a moment to see a voice tip.
+
+### Dictation mode
+
+Tired of typing? Switch to dictation mode any time that the holographic keyboard is active. To get started, select the microphone icon or say "Start dictating." To stop dictating, select **Done** or say "Stop dictating." To delete what you just dictated, say "Delete that."
+
+> [!NOTE]
+> To use dictation mode, you have to have an internet connection.
HoloLens dictation uses explicit punctuation, meaning that you say the name of the punctuation you want to use. For instance, you might say "Hey **comma** what are you up to **question mark**."
-Here are the punctuation keywords you can use:
+Here are the punctuation keywords that you can use:
- Period, comma, question mark, exclamation point/exclamation mark
- New line/new paragraph
@@ -55,11 +83,13 @@ Sometimes it's helpful to spell out things like email addresses. For instance, t
## Do more with Cortana
-Cortana can help you do all kinds of things on your HoloLens, from searching the web to shutting down your device. To get her attention, select Cortana on Start or say "Hey Cortana" anytime.
+Cortana can help you do all kinds of things on your HoloLens, from searching the web to shutting down your device. She can give you suggestions, ideas, reminders, alerts, and more. To get her attention, select Cortana on **Start** or say "Hey Cortana" anytime.
-Here are some things you can try saying (remember to say "Hey Cortana" first):
+Here are some things you can try saying (remember to say "Hey Cortana" first).
+
+**Hey, Cortana**...
- What can I say?
- Increase the volume.
@@ -68,21 +98,22 @@ Here are some things you can try saying (remember to say "Hey Cortana" first):
- Restart.
- Go to sleep.
- Mute.
-- Launch ``.
-- Move `` here (gaze at the spot you want the app to move to).
+- Launch <*app name*>.
+- Move <*app name*> here (gaze at the spot that you want the app to move to).
- Go to Start.
- Take a picture.
- Start recording. (Starts recording a video.)
- Stop recording. (Stops recording a video.)
-- Call ``. (Requires Skype.)
+- Call <*contact*>. (Requires Skype.)
- What time is it?
- Show me the latest NBA scores.
- How much battery do I have left?
- Tell me a joke.
->[!NOTE]
->
->- Some Cortana features you're used to from Windows on your PC or phone (for example, reminders and notifications) aren't supported in Microsoft HoloLens Development Edition. Cortana on HoloLens is English-only, and the Cortana experience may vary among regions.
->- Cortana is on the first time you use HoloLens. You can turn her off in Cortana's settings. In the **All apps** list, select **Cortana > Settings**. Then turn off Cortana can give you suggestions, ideas, reminders, alerts, and more.
->- If Cortana isn't responding to "Hey Cortana," go to Cortana's settings and check to make sure she's on.
->- If you turn Cortana off, "Hey Cortana" voice commands won't be available, but you'll still be able to use other commands (such as "Select" and "Place").
+Some Cortana features that you're used to from Windows on your PC or phone (for example, reminders and notifications) aren't supported in Microsoft HoloLens Development Edition. Cortana on HoloLens is English-only, and the Cortana experience may vary from one region to another.
+
+### Turn Cortana off
+
+Cortana is on the first time you use HoloLens when you enable speech. You can turn her off in Cortana's settings. In the **All apps** list, select **Cortana > Settings**. Then turn off Cortana can give you suggestions, ideas, reminders, alerts, and more.
+
+If Cortana isn't responding to "Hey Cortana," check that speech is enabled on Start and go to Cortana's settings and check to make sure she's on.
diff --git a/devices/hololens/hololens-encryption.md b/devices/hololens/hololens-encryption.md
index 838674f0dc..62352e9767 100644
--- a/devices/hololens/hololens-encryption.md
+++ b/devices/hololens/hololens-encryption.md
@@ -11,17 +11,21 @@ ms.localizationpriority: medium
ms.date: 01/26/2019
ms.reviewer:
manager: dansimp
+appliesto:
+- HoloLens (1st gen)
---
# Enable encryption for HoloLens
-You can enable [BitLocker device encryption](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10#bitlocker-device-encryption) to protect files and information stored on the HoloLens. Device encryption helps protect your data by encrypting it using AES-CBC 128 encryption method, which is equivalent to [EncryptionMethodByDriveType method 3](https://docs.microsoft.com/windows/client-management/mdm/bitlocker-csp#encryptionmethodbydrivetype) in the BitLocker configuration service provider (CSP). Only someone with the right encryption key (such as a password) can decrypt it or perform a data recovery.
+HoloLens (1st gen) and HoloLens 2 both support device encryption using BitLocker, however, BitLocker is always enabled on HoloLens 2.
+This article will help you enable and manage BitLocker on HoloLens (1st gen).
+On HoloLens (1st gen) you can enable BitLocker device encryption manually or using mobile device management (MDM). Follow these instructions to enable [BitLocker device encryption](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10#bitlocker-device-encryption) to protect files and information stored on the HoloLens. Device encryption helps protect your data using the AES-CBC 128 encryption method, which is equivalent to [EncryptionMethodByDriveType method 3](https://docs.microsoft.com/windows/client-management/mdm/bitlocker-csp#encryptionmethodbydrivetype) in the BitLocker configuration service provider (CSP). Personnel who have the correct encryption key (such as a password) can decrypt it or perform a data recovery.
## Enable device encryption using MDM
-You can use your mobile device management (MDM) provider to apply a policy that requires device encryption. The policy used is the [Security/RequireDeviceEncryption setting](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-security#security-requiredeviceencryption) in the Policy CSP.
+You can use your Mobile Device Management (MDM) provider to apply a policy that requires device encryption. The policy to use is the [Security/RequireDeviceEncryption setting](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-security#security-requiredeviceencryption) in the Policy CSP.
[See instructions for enabling device encryption using Microsoft Intune.](https://docs.microsoft.com/intune/compliance-policy-create-windows#windows-holographic-for-business)
@@ -39,61 +43,48 @@ Provisioning packages are files created by the Windows Configuration Designer to
### Create a provisioning package that upgrades the Windows Holographic edition and enables encryption
-1. [Create a provisioning package for HoloLens.](hololens-provisioning.md)
-
-2. Go to **Runtime settings** > **Policies** > **Security**, and select **RequireDeviceEncryption**.
+1. [Create a provisioning package for HoloLens.](hololens-provisioning.md)
+1. Go to **Runtime settings** > **Policies** > **Security**, and select **RequireDeviceEncryption**.
-2. Browse to and select the XML license file that was provided when you purchased the Commercial Suite.
+1. Find the XML license file that was provided when you purchased the Commercial Suite.
>[!NOTE]
>You can configure [additional settings in the provisioning package](hololens-provisioning.md).
-3. On the **File** menu, click **Save**.
+1. On the **File** menu, click **Save**.
-4. Read the warning that project files may contain sensitive information, and click **OK**.
+1. Read the warning explaining that project files may contain sensitive information and click **OK**.
>[!IMPORTANT]
- >When you build a provisioning package, you may include sensitive information in the project files and in the provisioning package (.ppkg) file. Although you have the option to encrypt the .ppkg file, project files are not encrypted. You should store the project files in a secure location and delete the project files when they are no longer needed.
-
-3. On the **Export** menu, click **Provisioning package**.
+ >When you build a provisioning package, you may include sensitive information in the project files and provisioning package (.ppkg) file. Although you have the option to encrypt the .ppkg file, project files are not encrypted. You should store the project files in a secure location and delete the project files when no longer needed.
-4. Change **Owner** to **IT Admin**, which will set the precedence of this provisioning package higher than provisioning packages applied to this device from other sources, and then select **Next**.
-
-5. Set a value for **Package Version**.
+1. On the **Export** menu, click **Provisioning package**.
+1. Change **Owner** to **IT Admin**, which will set the precedence of this provisioning package higher than provisioning packages applied to this device from other sources, and then select **Next**.
+1. Set a value for **Package Version**.
>[!TIP]
>You can make changes to existing packages and change the version number to update previously applied packages.
-6. On the **Select security details for the provisioning package**, click **Next**.
-
-7. Click **Next** to specify the output location where you want the provisioning package to go once it's built. By default, Windows ICD uses the project folder as the output location.
+1. On the **Select security details for the provisioning package**, click **Next**.
+1. Click **Next** to specify the output location where you want the provisioning package to go once it's built. By default, Windows ICD uses the project folder as the output location.
Optionally, you can click Browse to change the default output location.
-8. Click **Next**.
-
-9. Click **Build** to start building the package. The project information is displayed in the build page and the progress bar indicates the build status.
-
-10. When the build completes, click **Finish**.
-
+1. Click **Next**.
+1. Click **Build** to start building the package. The project information is displayed in the build page and the progress bar indicates the build status.
+1. When the build completes, click **Finish**.
### Apply the provisioning package to HoloLens
1. Connect the device via USB to a PC and start the device, but do not continue past the **fit** page of the initial setup experience (the first page with the blue box).
-
-2. Briefly press and release the **Volume Down** and **Power** buttons simultaneously.
-
-3. HoloLens will show up as a device in File Explorer on the PC.
-
-4. In File Explorer, drag and drop the provisioning package (.ppkg) onto the device storage.
-
-5. Briefly press and release the **Volume Down** and **Power** buttons simultaneously again while on the **fit** page.
-
-6. The device will ask you if you trust the package and would like to apply it. Confirm that you trust the package.
-
-7. You will see whether the package was applied successfully or not. If it failed, you can fix your package and try again. If it succeeded, proceed with device setup.
+1. Briefly press and release the **Volume Down** and **Power** buttons simultaneously.
+1. HoloLens will show up as a device in File Explorer on the PC.
+1. In File Explorer, drag and drop the provisioning package (.ppkg) onto the device storage.
+1. Briefly press and release the **Volume Down** and **Power** buttons simultaneously again while on the **fit** page.
+1. The device will ask you if you trust the package and would like to apply it. Confirm that you trust the package.
+1. You will see whether the package was applied successfully or not. If it failed, you can fix your package and try again. If it succeeded, proceed with device setup.
>[!NOTE]
>If the device was purchased before August 2016, you will need to sign into the device with a Microsoft account, get the latest OS update, and then reset the OS in order to apply the provisioning package.
@@ -101,7 +92,7 @@ Provisioning packages are files created by the Windows Configuration Designer to
## Verify device encryption
Encryption is silent on HoloLens. To verify the device encryption status:
-
+
- On HoloLens, go to **Settings** > **System** > **About**. **BitLocker** is **enabled** if the device is encrypted.
-
+ 
diff --git a/devices/hololens/hololens-enroll-mdm.md b/devices/hololens/hololens-enroll-mdm.md
index 7f5f3200e8..e4d85a4c61 100644
--- a/devices/hololens/hololens-enroll-mdm.md
+++ b/devices/hololens/hololens-enroll-mdm.md
@@ -20,24 +20,22 @@ You can manage multiple Microsoft HoloLens devices simultaneously using solution
>[!NOTE]
>Mobile device management (MDM), including the VPN, Bitlocker, and kiosk mode features, is only available when you [upgrade to Windows Holographic for Business](hololens-upgrade-enterprise.md).
-
## Requirements
- Your organization will need to have mobile device management (MDM) set up in order to manage HoloLens devices. Your MDM provider can be Microsoft Intune or a 3rd party provider that uses Microsoft MDM APIs.
-## Auto-enrollment in MDM
+ Your organization will need to have Mobile Device Management (MDM) set up in order to manage HoloLens devices. Your MDM provider can be Microsoft Intune or a 3rd party provider that uses Microsoft MDM APIs.
-If your organization uses Azure Active Directory (Azure AD) and an MDM solution that accepts an AAD token for authentication (currently, only supported in Microsoft Intune and AirWatch), your IT admin can configure Azure AD to automatically allow MDM enrollment after the user signs in with their Azure AD account. [Learn how to configure Azure AD enrollment.](https://docs.microsoft.com/intune/deploy-use/set-up-windows-device-management-with-microsoft-intune#azure-active-directory-enrollment)
+## Auto-enrollment in MDM
+
+If your organization uses Azure Active Directory (Azure AD) and an MDM solution that accepts an AAD token for authentication (currently, only supported in Microsoft Intune and AirWatch), your IT admin can configure Azure AD to automatically allow MDM enrollment after the user signs in with their Azure AD account. [Learn how to configure Azure AD enrollment.](https://docs.microsoft.com/intune/deploy-use/set-up-windows-device-management-with-microsoft-intune#azure-active-directory-enrollment)
When auto-enrollment is enabled, no additional manual enrollment is needed. When the user signs in with an Azure AD account, the device is enrolled in MDM after completing the first-run experience.
## Enroll through Settings app
When the device is not enrolled in MDM during the first-run experience, the user can manually enroll the device with the organization's MDM server using the Settings app.
-
+
1. Go to **Settings** > **Accounts** > **Work access**.
-
-2. Select **Enroll into device management** and enter your organizational account. You will be redirected to your organization's sign in page.
-
-4. Upon successful authentication to the MDM server, a success message is shown.
+1. Select **Enroll into device management** and enter your organizational account. You will be redirected to your organization's sign in page.
+1. Upon successful authentication to the MDM server, a success message is shown.
Your device is now enrolled with your MDM server. The device will need to restart to acquire policies, certificates, and apps. The Settings app will now reflect that the device is enrolled in device management.
diff --git a/devices/hololens/hololens-feedback.md b/devices/hololens/hololens-feedback.md
new file mode 100644
index 0000000000..51509d0833
--- /dev/null
+++ b/devices/hololens/hololens-feedback.md
@@ -0,0 +1,83 @@
+---
+title: Give us feedback
+description: Create actionable feedback for HoloLens and Windows Mixed Reality developers by using the Feedback Hub.
+ms.assetid: b9b24c72-ff86-44a9-b30d-dd76c49479a9
+author: mattzmsft
+ms.author: mazeller
+ms.date: 09/13/2019
+ms.prod: hololens
+ms.topic: article
+keywords: feedback, bug, issue, error, troubleshoot, help
+manager: jarrettr
+ms.localizationpriority: medium
+appliesto:
+- HoloLens (1st gen)
+- HoloLens 2
+---
+
+# Give us feedback
+
+Use the Feedback Hub to tell us which features you love, which features you could do without, or when something could be better.
+
+## Feedback for Windows Mixed Reality immersive headset on PC
+
+> [!IMPORTANT]
+> Before you report an issue, make sure that your environment meets the following requirements so that you can successfully upload logs and other information:
+>
+> - Have a minimum of 3GB free disk space available on the main drive of the device.
+> - To upload cabs or other large files, connect to a non-metered network.
+
+1. Make sure that you have the immersive headset connected to your PC, and then on the desktop, select **Feedback Hub**.
+1. In the left pane, select **Feedback**.
+ 
+1. To enter new feedback, select **Add new feedback**.
+ 
+1. To make feedback actionable, in **What kind of feedback is this?** select **Problem**.
+1. In **Summarize your issue**, enter a meaningful title for your feedback.
+1. In **Give us more detail**, provide details and repro steps.
+ 
+
+ As the top category, select **Mixed Reality**. Then select an applicable subcategory, as explained in the following table:
+
+ |Subcategory |Description |
+ |----------|----------|
+ | Apps | Issues about a specific application. |
+ | Developer | Issues about authoring or running an app for Mixed Reality. |
+ | Device | Issues about the head-mounted device (HMD) itself. |
+ | Home experience | Issues about your VR environment and your interactions with the your mixed reality home. |
+ | Input | Issues about input methods, such as motion controllers, speech, gamepad, or mouse and keyboard. |
+ | Set up | Anything that is preventing you from setting up the device. |
+ | All other issues | Anything else. |
+
+1. If possible, add traces or video to your feedback to help us identify and fix the issue more quickly. To do this, follow these steps:
+ 1. To start collecting traces, select **Start capture**. The app starts collecting traces and a video capture of your mixed reality scenario.
+
+ 
+ 1. Do not close the Feedback Hub app, but switch to the scenario that produces the issue. Run through the scenario to produce the circumstances that you have described.
+ 1. After you finish your scenario, go back to the Feedback Hub app and select **Stop capture**. The app stops collecting information, stores the information in a file, and attaches the file to your feedback.
+1. Select **Submit**.
+ 
+ The Thank You page indicates that your feedback has been successfully submitted.
+ 
+
+To easily direct other people (such as co-workers, Microsoft staff, [forum](https://forums.hololens.com/) readers et al) to the issue, go to **Feedback** > **My Feedback**, select the issue, select **Share**. This action provides a shortened URL that you can give to others so that they can upvote or escalate your issue.
+
+## Feedback for HoloLens
+
+1. Use the **bloom** gesture to open the **Start** menu, and then select **Feedback Hub**.
+
+ 
+1. Place the app in your environment and then select the app to launch it.
+1. To see if someone else has given similar feedback, in the Feedback search box, enter a few keywords about the topic.
+
+ 
+1. If you find similar feedback, select it, add any details, then select **Upvote**.
+
+ 
+1. If you don’t find any similar feedback, select **Add new feedback**, select a topic from **Select a category**, and then select a subcategory from **Select a subcategory**.
+
+ 
+1. Enter your feedback.
+1. If you are reporting a reproducible issue, you can select **Reproduce**. Without closing Feedback Hub, reproduce the issue. After you finish, come back to Feedback Hub and select **I’m done**. The app adds a mixed reality capture of your repro and relevant diagnostic logs to your feedback.
+1. Select **Post feedback**, and you’re done.
+
diff --git a/devices/hololens/hololens-find-and-save-files.md b/devices/hololens/hololens-find-and-save-files.md
index e147ac2845..8a9687ea25 100644
--- a/devices/hololens/hololens-find-and-save-files.md
+++ b/devices/hololens/hololens-find-and-save-files.md
@@ -16,7 +16,7 @@ ms.localizationpriority: medium
# Find and save files on HoloLens
-Add content from [Find and save files](https://docs.microsoft.com/en-us/windows/mixed-reality/saving-and-finding-your-files)
+Add content from [Find and save files](https://docs.microsoft.com/windows/mixed-reality/saving-and-finding-your-files)
Files you create on HoloLens, including Office documents, photos, and videos, are saved to your HoloLens. To view and manage them, you can use the File Explorer app on HoloLens or File Explorer on your PC. To sync photos and other files to the cloud, use the OneDrive app on HoloLens.
diff --git a/devices/hololens/hololens-get-apps.md b/devices/hololens/hololens-get-apps.md
deleted file mode 100644
index cd14341075..0000000000
--- a/devices/hololens/hololens-get-apps.md
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: Get apps for HoloLens
-description: The Microsoft Store is your source for apps and games that work with HoloLens.
-ms.assetid: cbe9aa3a-884f-4a92-bf54-8d4917bc3435
-ms.reviewer: jarrettrenshaw
-ms.date: 07/01/2019
-manager: v-miegge
-keywords: hololens
-ms.prod: hololens
-ms.sitesec: library
-author: v-miegge
-ms.author: v-miegge
-ms.topic: article
-ms.localizationpriority: medium
----
-
-# Get apps for HoloLens
-
-The Microsoft Store is your source for apps and games that work with HoloLens. When you go to the Store on your HoloLens, any apps you see there will run on it.
-
-Apps on HoloLens use either 2D view or holographic view. Apps with 2D view look like windows and can be positioned all around you. Apps that use holographic view surround you and become the only app you see.
-
-## Get apps
-
-Open the Microsoft Store from the Start menu. Then browse for apps and games (or use your voice to search), select the microphone on the HoloLens keyboard, and start talking.
-
-To download apps, you'll need to be signed in with a Microsoft account. To buy them, you'll need a payment method associated with the Microsoft account you use on your HoloLens. To set up a payment method, go to [account.microsoft.com](http://account.microsoft.com/) and select **Payment & billing** > **Payment options** > **Add a payment option**.
-
-## Find your apps
-
-Once you've installed an app, you'll find it in the All apps list (Start > All apps ). Keep apps handy by [pinning them to Start](https://support.microsoft.com/help/12638).
-
-App updates are automatic, and they're free.
-
->[!NOTE]
->- To purchase apps in the Store, the billing address for your payment method must match the country or region your HoloLens is set to.
->- Some apps may not be available in all countries and regions.
diff --git a/devices/hololens/hololens-install-apps.md b/devices/hololens/hololens-install-apps.md
deleted file mode 100644
index 7ff737a027..0000000000
--- a/devices/hololens/hololens-install-apps.md
+++ /dev/null
@@ -1,89 +0,0 @@
----
-title: Install apps on HoloLens
-description: The recommended way to install apps on HoloLens is to use Microsoft Store for Business.
-ms.prod: hololens
-ms.mktglfcycl: manage
-ms.sitesec: library
-author: scooley
-ms.author: scooley
-ms.topic: article
-ms.localizationpriority: medium
-ms.date: 10/23/2018
-ms.reviewer:
----
-
-# Install apps on HoloLens
-
-The recommended way to install Universal Windows Platform (UWP) apps on HoloLens is to use Microsoft Store for Business. You can make your own [line-of-business application](https://technet.microsoft.com/itpro/windows/manage/working-with-line-of-business-apps) available through Microsoft Store for Business.
-
-You can also deploy apps using your mobile device management (MDM) provider or use the Windows Device Portal to install apps.
-
-## Use Microsoft Store for Business to deploy apps to HoloLens
-
-Microsoft Store for Business is a private Microsoft Store for your enterprise. People in your organization can open the Store app and select your private Store to install apps that you have made available to them.
-
-
-
-In your Microsoft Store for Business dashboard, you can also download apps to distribute to devices that aren't connected to the Internet, plus add line-of-business (LOB) apps for distribution.
-
-### Requirements
-
-- You need to be a global administrator for your Azure Active Directory (Azure AD) tenant.
-
- >[!TIP]
- >You can create an Azure AD account and tenant as part of the Store for Business sign-up process.
-
-- End users need Azure AD accounts when they access Store for Business content from Windows-based devices.
-
-### Microsoft Store for Business process
-
-1. [Sign up for Microsoft Store for Business.](https://technet.microsoft.com/itpro/windows/manage/sign-up-windows-store-for-business)
-2. [Assign roles and permissions for managing your Store for Business.](https://technet.microsoft.com/itpro/windows/manage/roles-and-permissions-windows-store-for-business)
-3. (Optional) [Configure Microsoft Store for Business to work with your MDM provider.](https://technet.microsoft.com/itpro/windows/manage/configure-mdm-provider-windows-store-for-business)
-3. [Get apps for your Store for Business.](https://technet.microsoft.com/itpro/windows/manage/acquire-apps-windows-store-for-business)
-4. [Distribute apps to your employees.](https://technet.microsoft.com/itpro/windows/manage/distribute-apps-to-your-employees-windows-store-for-business)
-
-### Install apps on HoloLens from Microsoft Store for Business
-
-The method that you use to install an app from your Microsoft Store for Business on HoloLens depends on the distribution method that you choose.
-
-| Distribution method | To install on HoloLens|
-| --- | --- |
-| [Using private store](https://docs.microsoft.com/microsoft-store/distribute-apps-from-your-private-store) | Open the Store app and select the tab for your organization to choose from available apps. |
-| Using MDM | [You can configure MDM to synchronize your Store for Business inventory.](https://technet.microsoft.com/itpro/windows/manage/distribute-apps-with-management-tool) See the **Important** note in [Use MDM to deploy apps to HoloLens.](#use-mdm-to-deploy-apps-to-hololens) |
-
-
-
-## Use MDM to deploy apps to HoloLens
-
->[!IMPORTANT]
->Online-licensed apps cannot be deployed with Microsoft Store for Business on HoloLens via an MDM provider. If attempted, apps will remain in “downloading” state. Instead, you can use your MDM provider to deploy MDM-hosted apps to HoloLens, or deploy offline-licensed apps to HoloLens via Store for Business
-
-
-You can deploy UWP apps to HoloLens using your MDM provider. For Intune instructions, see [Deploy apps in Microsoft Intune](https://docs.microsoft.com/intune/deploy-use/add-apps).
-
-Using Intune, you can also [monitor your app deployment](https://docs.microsoft.com/intune/deploy-use/monitor-apps-in-microsoft-intune).
-
-
-
-## Use the Windows Device Portal to install apps on HoloLens
-
->[!IMPORTANT]
->When you set up HoloLens to use the Device Portal, you must enable **Developer Mode** on the device. **Developer Mode** on a device that has been upgraded to Windows Holographic for Business enables side-loading of apps, which risks the installation of apps that have not been certified by the Microsoft Store. Administrators can block the ability to enable **Developer Mode** using the **ApplicationManagement/AllowDeveloper Unlock** setting in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). [Learn more about Developer Mode.](https://msdn.microsoft.com/windows/uwp/get-started/enable-your-device-for-development#developer-mode)
-
-1. [Set up the HoloLens to use the Windows Device Portal](https://developer.microsoft.com/windows/mixed-reality/using_the_windows_device_portal#setting_up_hololens_to_use_windows_device_portal). The Device Portal is a web server on your HoloLens that you can connect to from a web browser on your PC.
-
-2. On a PC, connect to the HoloLens using [Wi-Fi](https://docs.microsoft.com/windows/mixed-reality/connecting-to-wi-fi-on-hololens) or USB.
-
-3. [Create a user name and password](https://developer.microsoft.com/windows/mixed-reality/Using_the_Windows_Device_Portal.html#creating_a_username_and_password) if this is the first time you connect to the Windows Device Portal, or enter the user name and password that you previously set up.
-
- >[!TIP]
- >If you see a certificate error in the browser, follow [these troubleshooting steps](https://developer.microsoft.com/windows/mixed-reality/Using_the_Windows_Device_Portal.html#security_certificate).
-
-4. In the Windows Device Portal, click **Apps**.
-
- 
-
-5. In **Install app**, select an **app package** from a folder on your computer or network. If the app package requires additional software, such as dependency frameworks, select **I want to specify framework packages**.
-
-6. In **Deploy**, click **Go** to deploy the app package and added dependencies to the connected HoloLens.
diff --git a/devices/hololens/hololens-install-localized.md b/devices/hololens/hololens-install-localized.md
deleted file mode 100644
index 0d3b2aecfb..0000000000
--- a/devices/hololens/hololens-install-localized.md
+++ /dev/null
@@ -1,38 +0,0 @@
----
-title: Install localized versions of HoloLens (HoloLens)
-description: Learn how to install the Chinese or Japanese versions of HoloLens
-ms.prod: hololens
-ms.mktglfcycl: manage
-ms.sitesec: library
-author: dansimp
-ms.author: dansimp
-ms.topic: article
-ms.localizationpriority: medium
-ms.date: 11/13/2018
-ms.reviewer:
-manager: dansimp
----
-
-# Install localized versions of HoloLens
-
-In order to switch to the Chinese or Japanese version of HoloLens, you’ll need to download the build for the language on a PC and then install it on your HoloLens using the Windows Device Recovery Tool (WDRT).
-
->[!IMPORTANT]
->Installing the Chinese or Japanese builds of HoloLens using WDRT will delete existing data, like personal files and settings, from your HoloLens.
-
-
-2. On your PC, download and install [the Windows Device Recovery Tool (WDRT)](https://support.microsoft.com/help/12379).
-3. Download the package for the language you want to your PC: [Simplified Chinese](https://aka.ms/hololensdownload-ch) or [Japanese](https://aka.ms/hololensdownload-jp).
-4. When the download is finished, select **File Explorer > Downloads**. Right-click the zipped folder you just downloaded, and select **Extract all... > Extract** to unzip it.
-5. Connect your HoloLens to your PC using the micro-USB cable it came with. (Even if you've been using other cables to connect your HoloLens, this one works best.)
-6. The tool will automatically detect your HoloLens. Select the Microsoft HoloLens tile.
-7. On the next screen, select **Manual package selection** and choose the installation file contained in the folder you unzipped in step 4. (Look for a file with the extension “.ffu”.)
-8. Select **Install software** and follow the instructions to finish installing.
-9. Once the build is installed, HoloLens setup will start automatically. Put on the device and follow the setup directions.
-
-When you’re done with setup, go to **Settings -> Update & Security -> Windows Insider Program** and check that you’re configured to receive the latest preview builds. The Chinese/Japanese version of HoloLens will be kept up-to-date with the latest preview builds via the Windows Insider Program the same way the English version is.
-
-## Note for language support
-
-- You can’t change the system language between English, Japanese, and Chinese using the Settings app. Flashing a new build is the only supported way to change the device system language.
-- While you can enter Simplified Chinese / Japanese text using the on-screen Pinyin keyboard, typing in Simplified Chinese / Japanese using a Bluetooth hardware keyboard is not supported at this time. However, on Chinese/Japanese HoloLens, you can continue to use a BT keyboard to type in English (the ~ key on a hardware keyboard toggles the keyboard to type in English).
diff --git a/devices/hololens/hololens-multiple-users.md b/devices/hololens/hololens-multiple-users.md
index d4aac40795..70bee8bc2d 100644
--- a/devices/hololens/hololens-multiple-users.md
+++ b/devices/hololens/hololens-multiple-users.md
@@ -1,33 +1,51 @@
---
-title: Share HoloLens with multiple people (HoloLens)
-description: You can configure HoloLens to be shared by multiple Azure Active Directory accounts.
+title: Share your HoloLens with multiple people
+description: You can configure HoloLens to be shared by multiple Azure Active Directory accounts, or by multiple users that use a single account.
ms.prod: hololens
ms.sitesec: library
-author: dansimp
-ms.author: dansimp
+author: scooley
+ms.author: scooley
ms.topic: article
ms.localizationpriority: medium
-ms.date: 04/30/2018
+ms.date: 09/16/2019
ms.reviewer:
manager: dansimp
+appliesto:
+- HoloLens (1st gen)
+- HoloLens 2
---
-# Share HoloLens with multiple people
+# Share your HoloLens with multiple people
+It's common to share one HoloLens with many people or to have many people share a set of HoloLens devices. This article describes the different ways in which you can share a device.
-A HoloLens device can be shared by multiple Azure Active Directory (Azure AD) accounts, each with their own user settings and user data on the device.
+## Share with multiple people, each using their own account
-**Prerequisite**: The HoloLens device must be running Windows 10, version 1803, and be [upgraded to Windows Holographic for Business](hololens-upgrade-enterprise.md).
+When they use their own Azure Active Directory (Azure AD) accounts, multiple users can each keep their own user settings and user data on the device.
-During setup, you must select **My work or school owns it** and sign in with an Azure AD account. After setup, ensure that **Other People** appears in **Settings** > **Accounts**.
+To make sure that multiple people can use their own accounts on your HoloLens, follow these steps to configure it:
-Other people can use the HoloLens device by signing in with their Azure AD account credentials. To switch users, press the power button once to go to standby and then press the power button again to return to the lock screen, or select the user tile on the upper right of the pins panel to sign out the current user.
+1. Make sure the the device is running Windows 10, version 1803 or later.
+ > [!IMPORTANT]
+ > If you are using a HoloLens (1st gen) device, [upgrade the device to Windows Holographic for Business](hololens1-upgrade-enterprise.md).
+1. When you set up the device, select **My work or school owns it** and sign in by using an Azure AD account.
+1. After you finish setup, make sure that the account settings (**Settings** > **Accounts**) includes **Other users**.
->[!NOTE]
->Each subsequent user will need to perform [Calibration](https://developer.microsoft.com/windows/mixed-reality/calibration) in order to set their correct interpupillary distance (PD) for the device while signed in.
+To use HoloLens, each user follows these steps:
-To see users on the device or to remove a user from the device, go to **Settings** > **Accounts** > **Other users**.
-
+1. If another user has been using the device, do one of the following:
+ - Press the power button once to go to standby, and then press the power button again to return to the lock screen
+ - Select the user tile on the upper right of the Pins panel to sign out the current user.
-
+1. Use your Azure AD account credentials to sign in to the device.
+ If this is the first time that you have used the device, you have to [calibrate](hololens-calibration.md) HoloLens to your own eyes.
+To see a list of the device users or to remove a user from the device, go to **Settings** > **Accounts** > **Other users**.
+
+## Share with multiple people, all using the same account
+
+Multiple users can also share a HoloLens device while using a single user account.
+
+**On HoloLens 2**, when a new user puts the device on their head for the first time (while keeping the same account signed in), the device prompts the new user to quickly calibrate and personalize the viewing experience. The device can store the calibration information so that in the future, the device can automatically optimize the quality and comfort of each user's viewing experience. The users do not need to calibrate the device again.
+
+**On HoloLens (1st gen)** users sharing an account will need to ask to recalibrate in the Settings app. Read more about [calibration](hololens-calibration.md).
diff --git a/devices/hololens/hololens-network.md b/devices/hololens/hololens-network.md
index 6f7cb43370..19c9669559 100644
--- a/devices/hololens/hololens-network.md
+++ b/devices/hololens/hololens-network.md
@@ -1,40 +1,93 @@
---
title: Connect to a network
-description: Connect to a wi-fi or ethernet network with HoloLens.
+description: Instructions on how to connect to internet with HoloLens and how to identify the device's IP address.
ms.assetid: 0895606e-96c0-491e-8b1c-52e56b00365d
+author: mattzmsft
+ms.author: mazeller
+keywords: HoloLens, wifi, wireless, internet, ip, ip address
+ms.date: 08/30/19
ms.prod: hololens
ms.sitesec: library
-author: Teresa-Motiv
-ms.author: v-tea
-ms.topic: article
-ms.localizationpriority: medium
-ms.date: 8/12/19
-manager: jarrettr
+ms.localizationpriority: high
ms.reviewer:
+manager: jarrettr
appliesto:
-- Hololens
- HoloLens (1st gen)
- HoloLens 2
---
# Connect to a network
-You'll need to be connected to a network to do most things on your HoloLens. [What can I do offline](hololens-offline.md)?
+To do most things on your HoloLens, you have to be connected to a network. This guide will help you:
+
+- Connect to a network using Wi-Fi or (for HoloLens 2 only) Ethernet over USB-C
+- Disable and re-enable Wi-Fi
+
+Read more about [using HoloLens offline](hololens-offline.md).
## Connecting for the first time
-The first time you use your HoloLens, you'll be guided through connecting to a Wi-Fi network. If you have trouble connecting to Wi-Fi during setup, make sure your network is either open, password protected, or a captive portal network and doesn't require using certificates to connect. After setup, you can connect to other types of Wi-Fi networks.
+The first time you use your HoloLens, you'll be guided through connecting to a Wi-Fi network. If you have trouble connecting to Wi-Fi during setup, make sure that your network is either an open, password-protected network or a captive portal network. Make sure that the network doesn't require you to use a certificate to connect. After setup, you can connect to other types of Wi-Fi networks.
## Connecting to Wi-Fi after setup
-1. Go to **Start**, then select **Settings**.
-
-1. _HoloLens (1st gen) only_ - Use your gaze to position the Settings app, then air tap to place it, or say "Place."
-
+1. Select **Start** > **Settings**.
+ - *HoloLens (1st gen) only*: Use your gaze to position the Settings app, then air tap to place it, or say "Place."
1. Select **Network & Internet** > **Wi-Fi**. If you don't see your network, scroll down the list.
+1. Select a network, then select **Connect**.
+1. If you are prompted for a network password type it and then select **Next**.
-1. Select a network > **Connect**.
+## Connecting to Wi-Fi on HoloLens (1st gen)
-1. Type the network password if asked for one, then select **Next**.
+HoloLens contains a 802.11ac-capable, 2x2 Wi-Fi radio. Connecting HoloLens to a Wi-Fi network is similar to connecting a Windows 10 Desktop or Mobile device to a Wi-Fi network.
-Also see [Connect to Wifi](https://docs.microsoft.com/en-us/windows/mixed-reality/connecting-to-wi-fi-on-hololens)
+
+
+1. Open the **Start** menu.
+1. Select the Settings app from **Start** or from the **All Apps** list on the right of the **Start** menu. The Settings app will be auto-placed in front of you.
+1. Select **Network & Internet**.
+1. Make sure Wi-Fi is turned on.
+1. Select a Wi-Fi network from the list.
+1. If needed, type in the Wi-Fi network password.
+
+You can also confirm you are connected to a Wi-Fi network by checking the Wi-Fi status in the **Start** menu:
+
+1. Open the **Start** menu.
+1. Look at the top left of the **Start** menu for Wi-Fi status. The state of Wi-Fi and the SSID of the connected network will be shown.
+
+## Disabling Wi-Fi on HoloLens (1st gen)
+
+### Using the Settings app on HoloLens
+
+1. Open the **Start** menu.
+1. Select the **Settings** app from **Start** or from the **All Apps** list on the right of the **Start** menu. The **Settings** app will be auto-placed in front of you.
+1. Select **Network & Internet**.
+1. Select the Wi-Fi slider switch to move it to the **Off** position. This will turn off the RF components of the Wi-Fi radio and disable all Wi-Fi functionality on HoloLens.
+
+ > [!WARNING]
+ > When the Wi-Fi radio is disabled, HoloLens will not be able to automatically load your [spaces](hololens-spaces.md).
+
+1. Move the slider switch to the **On** position to turn on the Wi-Fi radio and restore Wi-Fi functionality on Microsoft HoloLens. The selected Wi-Fi radio state (**On** or **Off**) will persist across reboots.
+
+## Identifying the IP Address of your HoloLens on the Wi-Fi network
+
+### By using the Settings app
+
+1. Open the **Start** menu.
+1. Select the **Settings** app from **Start** or from the **All Apps** list on the right of the **Start** menu. The **Settings** app will be auto-placed in front of you.
+1. Select **Network & Internet**.
+1. Scroll down to beneath the list of available Wi-Fi networks and select **Hardware properties**.
+
+ 
+
+ The IP address appears next to **IPv4 address**.
+
+### By using Cortana
+
+Say "Hey Cortana, What's my IP address?" and Cortana will display and read out your IP address.
+
+### By using Windows Device Portal
+
+1. In a web browser on your PC, open the [device portal](/windows/mixed-reality/using-the-windows-device-portal.md#networking).
+1. Navigate to the **Networking** section.
+ This section displays your IP address and other network information. By using this method, you can copy and paste of the IP address on your development PC.
diff --git a/devices/hololens/hololens-offline.md b/devices/hololens/hololens-offline.md
index 7de0cc1381..908a2bbb45 100644
--- a/devices/hololens/hololens-offline.md
+++ b/devices/hololens/hololens-offline.md
@@ -12,15 +12,29 @@ author: v-miegge
ms.author: v-miegge
ms.topic: article
ms.localizationpriority: medium
+appliesto:
+- HoloLens (1st gen)
+- HoloLens 2
---
# Use HoloLens offline
-[Use offline](https://support.microsoft.com/en-us/help/12645)
+HoloLens support a limited set of offline experiences for connectivity conscious customers and for customers who have environmental limits on connectivity.
+## Near-offline setup
-To set up HoloLens, you'll need to connect to a Wi-Fi network—the setup tutorial will show you how.
+HoloLens need a network connection to go through initial device set up. If your corporate network has network restrictions, the following URLs will need to be available:
+
+| Purpose | URL |
+|------|------|
+| IDPS | https://sdx.microsoft.com/frx/idps |
+| [NCSI](https://docs.microsoft.com/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services#bkmk-ncsi) | http://www.msftconnecttest.com/connecttest.txt |
+| AADv9 | https://login.microsoftonline.com/WebApp/CloudDomainJoin/9 |
+| AADv10 | https://login.microsoftonline.com/WebApp/CloudDomainJoin/10 |
+| AAD Pin | https://account.live.com/aadngc?uiflavor=win10&showSuccess=1 |
+| MSA | https://login.live.com/ppsecure/inlineconnect.srf?id=80600 |
+| MSA Pin | https://account.live.com/msangc?fl=enroll |
## HoloLens limitations
-After your HoloLens is set up, you can use it without a Wi-Fi connection, but apps that use Internet connections may have limited capabilities when you use HoloLens offline.
+After your HoloLens is set up, you can use it without a Wi-Fi connection, but apps that use Internet connections will have limited capabilities when you use HoloLens offline.
diff --git a/devices/hololens/hololens-requirements.md b/devices/hololens/hololens-requirements.md
index 6d0b1dcf12..f432f107bd 100644
--- a/devices/hololens/hololens-requirements.md
+++ b/devices/hololens/hololens-requirements.md
@@ -13,44 +13,42 @@ ms.date: 07/15/2019
# Deploy HoloLens in a commercial environment
-TODO - [Commercial features](https://docs.microsoft.com/en-us/windows/mixed-reality/commercial-features)
-
-Deploy and configure HoloLens at scale in a commercial setting.
+You can deploy and configure HoloLens at scale in a commercial setting.
This article includes:
-- infrastructure requirements and recommendations for HoloLens management
-- tools for provisioning HoloLens
-- instructions for remote device management
-- options for application deployment
+- Infrastructure requirements and recommendations for HoloLens management
+- Tools for provisioning HoloLens
+- Instructions for remote device management
+- Options for application deployment
This guide assumes basic familiarity with HoloLens. Follow the [get started guide](./hololens-setup.md) to set up HoloLens for the first time.
## Infrastructure for managing HoloLens
-HoloLens are, at their core, a Windows mobile device integrated with Azure. They work best in commercial environments with wireless network availability (wi-fi) and access to Microsoft services.
+HoloLens is, at its core, a Windows mobile device integrated with Azure. It works best in commercial environments with wireless network availability (wi-fi) and access to Microsoft services.
Critical cloud services include:
- Azure active directory (AAD)
- Windows Update (WU)
-Commercial customers will need enterprise mobility management (EMM) or mobile device management (MDM) infrastructure in order to manage HoloLens devices at scale. This guide uses [Microsoft Intune](https://www.microsoft.com/en-us/enterprise-mobility-security/microsoft-intune) as an example though any provider with full support for Microsoft Policy can support HoloLens. Ask your mobile device management provider if they support HoloLens 2.
+Commercial customers will need enterprise mobility management (EMM) or mobile device management (MDM) infrastructure to manage HoloLens devices at scale. This guide uses [Microsoft Intune](https://www.microsoft.com/enterprise-mobility-security/microsoft-intune) as an example, though any provider with full support for Microsoft Policy can support HoloLens. Ask your mobile device management provider if they support HoloLens 2.
HoloLens does support a limited set of cloud disconnected experiences.
## Initial set up at scale
-The HoloLens out of box experience is great for setting up one or two devices or for experiencing HoloLens for the first time. If you're provisioning many HoloLens devices, however, picking your language and settings manually for each device gets tedious and limits scale.
+The HoloLens out of box experience is great for setting up one or two devices or for experiencing HoloLens for the first time. If you're provisioning many HoloLens devices, however, selecting your language and settings manually for each device gets tedious and limits scale.
This section:
-1. introduces Windows provisioning using provisioning packages
-1. walks through applying a provisioning package during first setup
+- Introduces Windows provisioning using provisioning packages
+- Walks through applying a provisioning package during first setup
### Create and apply a provisioning package
-The best way to configure many new HoloLens devices is with Windows provisioning. Using Windows provisioning, you can specify desired configuration and settings required to enroll the devices into management and then apply that configuration to target devices in minutes.
+The best way to configure many new HoloLens device is with Windows provisioning. You can use it to specify desired configuration and settings required to enroll the devices into management and then apply that configuration to target devices in minutes.
A [provisioning package](https://docs.microsoft.com/windows/configuration/provisioning-packages/provisioning-packages) (.ppkg) is a collection of configuration settings. With Windows 10, you can create provisioning packages that let you quickly and efficiently configure a device.
@@ -58,11 +56,11 @@ A [provisioning package](https://docs.microsoft.com/windows/configuration/provis
- HoloLens Enterprise license XML file
-Some of the HoloLens configurations that you can apply in a provisioning package:
+Some of the HoloLens configurations you can apply in a provisioning package:
- Apply certificates to the device
- Set up a Wi-Fi connection
-- Pre-configure out of box questions like language and locale.
+- Pre-configure out of box questions like language and locale
- (HoloLens 2) bulk enroll in mobile device management
- (HoloLens v1) Apply key to enable Windows Holographic for Business
@@ -70,15 +68,15 @@ Follow [this guide](https://docs.microsoft.com/hololens/hololens-provisioning) t
### Set up user identity and enroll in device management
-The last step setting up HoloLens for management at scale is to enroll devices with mobile device management infrastructure. There are several ways to enroll:
+The last step in setting up HoloLens for management at scale is to enroll devices with mobile device management infrastructure. There are several ways to enroll:
1. Bulk enrollment with a security token in a provisioning package.
Pros: this is the most automated approach
Cons: takes initial server-side setup
-1. Auto-enroll on user sign in
+1. Auto-enroll on user sign in.
Pros: easiest approach
- Cons: users will need to complete set up after the provisioning package has been applied
-1. _not recommended_ - Manually enroll post-setup
+ Cons: users will need to complete set up after the provisioning package has been applied
+1. _not recommended_ - Manually enroll post-setup.
Pros: possible to enroll after set up
Cons: most manual approach and devices aren't centrally manageable until they're manually enrolled.
@@ -94,7 +92,7 @@ This article outlines [policies and capabilities HoloLens supports](https://docs
### Push compliance policy via Intune
-[Compliance policies](https://docs.microsoft.com/intune/device-compliance-get-started) are rules and settings that devices must meet to be compliant in your corporate infrastructure. Use these policies with Conditional Access to block access to company resources for devices that are not-compliant.
+[Compliance policies](https://docs.microsoft.com/intune/device-compliance-get-started) are rules and settings that devices must meet to be compliant in your corporate infrastructure. Use these policies with Conditional Access to block access to company resources for devices that are non-compliant.
For example, you can create a policy that requires Bitlocker be enabled.
@@ -102,28 +100,28 @@ For example, you can create a policy that requires Bitlocker be enabled.
### Manage updates
-Intune includes a feature called update rings for Windows 10 devices, including HoloLens 2 and HoloLens v1 (with Holographic for Business). Update rings include a group of settings that determine how and when updates are installed.
+Intune includes a feature called Update rings for Windows 10 devices, including HoloLens 2 and HoloLens v1 (with Holographic for Business). Update rings include a group of settings that determine how and when updates are installed.
For example, you can create a maintenance window to install updates, or choose to restart after updates are installed. You can also choose to pause updates indefinitely until you're ready to update.
-Read more about [configuring update rings with Intune](https://docs.microsoft.com/en-us/intune/windows-update-for-business-configure).
+Read more about [configuring update rings with Intune](https://docs.microsoft.com/intune/windows-update-for-business-configure).
## Application management
-Manage holoLens applications through:
+Manage HoloLens applications through:
1. Microsoft Store
- The Microsoft Store is the best way to distribute and consume application on HoloLens. There is a great set of core HoloLens applications already available in the store or you can [publish your own](https://docs.microsoft.com/en-us/windows/uwp/publish/).
- All applications in the store are available publicly to everyone, if that isn't acceptable, checkout the Microsoft Store for Business.
+ The Microsoft Store is the best way to distribute and consume applications on HoloLens. There is a great set of core HoloLens applications already available in the store or you can [publish your own](https://docs.microsoft.com/windows/uwp/publish/).
+ All applications in the store are available publicly to everyone, but if it isn't acceptable, checkout the Microsoft Store for Business.
1. [Microsoft Store for Business](https://docs.microsoft.com/microsoft-store/)
- Microsoft Store for Business and Education is a custom store for your corporate environment. It lets you use the Microsoft Store built into Windows 10 and HoloLens to find, acquire, distribute, and manage apps for your organization. It lets you deploy apps that are specific to your commercial environment but not to the world.
+ Microsoft Store for Business and Education is a custom store for your corporate environment. It lets you use the Microsoft Store built into Windows 10 and HoloLens to find, acquire, distribute, and manage apps for your organization. It also lets you deploy apps that are specific to your commercial environment but not to the world.
1. Application deployment and management via Intune or another mobile device management solution
Most mobile device management solutions, including Intune, provide a way to deploy line of business applications directly to a set of enrolled devices. See this article for [Intune app install](https://docs.microsoft.com/intune/apps-deploy).
1. _not recommended_ Device Portal
- Applications can also be installed on HoloLens directly using the Windows Device Portal. This isn't recommended since Developer Mode has to be enabled to use device portal.
+ Applications can also be installed on HoloLens directly using the Windows Device Portal. This isn't recommended since Developer Mode has to be enabled to use the device portal.
Read more about [installing apps on HoloLens](https://docs.microsoft.com/hololens/hololens-install-apps).
@@ -131,7 +129,7 @@ Read more about [installing apps on HoloLens](https://docs.microsoft.com/hololen
Get support through the Microsoft support site.
-[File a support request](https://support.microsoft.com/en-us/supportforbusiness/productselection?sapid=e9391227-fa6d-927b-0fff-f96288631b8f).
+[File a support request](https://support.microsoft.com/supportforbusiness/productselection?sapid=e9391227-fa6d-927b-0fff-f96288631b8f).
## Technical Reference
diff --git a/devices/hololens/hololens-setup.md b/devices/hololens/hololens-setup.md
deleted file mode 100644
index 77bb29070f..0000000000
--- a/devices/hololens/hololens-setup.md
+++ /dev/null
@@ -1,75 +0,0 @@
----
-title: Set up a new HoloLens
-description: This guide walks through first time set up. You'll need a Wi-Fi network and either a Microsoft (MSA) or Azure Active Directory (AAD) account.
-ms.prod: hololens
-ms.sitesec: library
-author: scooley
-ms.author: scooley
-ms.topic: quickstart
-ms.localizationpriority: medium
-ms.date: 07/14/2019
----
-
-# Set up HoloLens for the first time
-
-Follow along to set up a HoloLens for the first time. At the end of this quickstart, you'll be able to use HoloLens and navigate HoloLens settings on-device.
-
-This is a high level unboxing guide to become familiar with HoloLens.
-See [Set up HoloLens in the enterprise](hololens-requirements.md) to configure HoloLens for scale enterprise deployment and ongoing device management.
-
-## Prerequisites
-
-- Internet access.
- - Wi-Fi is the easiest way to do first set up on both HoloLens and HoloLens 2. It can be an open Wi-Fi or password-protected Wi-Fi network; the Wi-Fi network does not need to provide access to enterprise resources or intranet sites.
- - HoloLens 2 can connect to the internet via ethernet and a USB-C adapter.
-- a user account - Microsoft (MSA) or Azure Active Directory (AAD)
-
-## Prepare for first-boot
-
-Become familiar with the HoloLens hardware and prepare to turn your HoloLens on for the first time.
-
-1. Be sure your HoloLens is [charged](https://support.microsoft.com/help/12627)
-1. [Adjust fit](https://support.microsoft.com/help/12632) for a comfortable fit.
-1. [Turn on HoloLens](https://support.microsoft.com/help/12642). You will be guided through a calibration procedure and how to perform [the gestures](https://support.microsoft.com/help/12644/hololens-use-gestures) that you will use to operate HoloLens.
-
-## Set up your HoloLens
-
-Set up your HoloLens and your user account.
-
-1. Connect to the internet (select Wi-Fi).
-1. Sign in to your user account. You'll choose between **My work or school owns it** and **I own it**.
- - When you choose **My work or school owns it**, you sign in with an Azure AD account. If your organization uses Azure AD Premium and has configured automatic MDM enrollment, HoloLens will be enrolled in MDM. If your organization does not use Azure AD Premium, automatic MDM enrollment isn't available, so you will need to [enroll HoloLens in device management manually](hololens-enroll-mdm.md#enroll-through-settings-app).
- 1. Enter your organizational account.
- 2. Accept privacy statement.
- 3. Sign in using your Azure AD credentials. This may redirect to your organization's sign-in page.
- 4. Continue with device setup.
- - When you choose **I own it**, you sign in with a Microsoft account. After setup is complete, you can [enroll HoloLens in device management manually](hololens-enroll-mdm.md#enroll-through-settings-app).
- 1. Enter your Microsoft account.
- 2. Enter your password. If your Microsoft account requires [two-step verification (2FA)](https://blogs.technet.microsoft.com/microsoft_blog/2013/04/17/microsoft-account-gets-more-secure/), complete the verification process.
-1. The device sets your time zone based on information obtained from the Wi-Fi network.
-1. Follow the first-start guides to learn how to interact with holograms, control the HoloLens with your voice, and access the start menu.
-
-Congratulations! Setup is complete and you can begin using HoloLens.
-
-## Explore HoloLens
-
-### Check out on-device settings and desktop
-
-HoloLens doesn't have an on-device command line. With that in mind, the settings section in HoloLens plays an important role in diagnosing problems on-device. Understanding the information available to HoloLens users will pay dividends when troubleshooting or configuring the device.
-
-Open settings by opening the start menu and clicking on the **Settings** in the top bar. You can also ask Cortana to open settings.
-
-Follow [this guide](https://docs.microsoft.com/windows/mixed-reality/navigating-the-windows-mixed-reality-home) to navigate around the HoloLens home.
-
-### Connect bluetooth devices
-
-Connecting a bluetooth keyboard makes typing on HoloLens as efficient as a Windows PC.
-
-[Connect a bluetooth keyboard or clicker](https://support.microsoft.com/en-us/help/12636).
-
-## Next steps
-
-Start planning for HoloLens at scale with HoloLens' enterprise management features.
-
-> [!div class="nextstepaction"]
-> [HoloLens in the enterprise](hololens-requirements.md)
\ No newline at end of file
diff --git a/devices/hololens/hololens-spaces-on-hololens.md b/devices/hololens/hololens-spaces-on-hololens.md
deleted file mode 100644
index 5c04bb7c3e..0000000000
--- a/devices/hololens/hololens-spaces-on-hololens.md
+++ /dev/null
@@ -1,40 +0,0 @@
----
-title: Spaces on HoloLens
-description: HoloLens blends holograms with your world
-ms.assetid: bd55ecd1-697a-4b09-8274-48d1499fcb0b
-ms.reviewer: jarrettrenshaw
-ms.date: 07/01/2019
-manager: v-miegge
-keywords: hololens
-ms.prod: hololens
-ms.sitesec: library
-author: v-miegge
-ms.author: v-miegge
-ms.topic: article
-ms.localizationpriority: medium
----
-
-# Spaces on HoloLens
-
-HoloLens blends holograms with your world, mapping your surroundings to remember where you place your apps and content.
-
->[!NOTE]
->For your HoloLens to work properly, HoloLens Wi-Fi needs to be turned on, though it doesn't have to be connected to a network.
-
-## Tips for setting up your space
-
-HoloLens works best in certain kinds of environments. Choose a room with adequate light and plenty of space. Avoid dark spaces and rooms with a lot of dark, shiny, or translucent surfaces (for instance, mirrors or gauzy curtains).
-
->[!NOTE]
->HoloLens is optimized for indoor use. Use it in a safe place with no tripping hazards. [More on safety](https://support.microsoft.com/help/4023454/safety-information).
-
-## Mapping your space
-
-When HoloLens starts mapping your surroundings, you'll see a mesh graphic spreading over the space.
-
-To help HoloLens learn a space, walk around the space and gaze around you. Air tap in a space to light up the mesh and see what's been mapped.
-
-If your space changes significantly—for example, if a piece of furniture is moved—you might need to walk around the space and gaze around you so HoloLens can relearn it.
-
->[!NOTE]
->If HoloLens is having trouble mapping your space or you're have difficulty placing holograms, see [HoloLens and holograms: FAQ](https://support.microsoft.com/help/13456/hololens-and-holograms-faq).
diff --git a/devices/hololens/hololens-spaces.md b/devices/hololens/hololens-spaces.md
index 3df4ee1cc8..b8f98ea416 100644
--- a/devices/hololens/hololens-spaces.md
+++ b/devices/hololens/hololens-spaces.md
@@ -1,71 +1,114 @@
---
-title: How HoloLens stores data for spaces (HoloLens)
-description:
+title: Mapping physical spaces with HoloLens
+description: HoloLens learns what a space looks like over time. Users can facilitate this process by moving the HoloLens in certain ways through the space.
+ms.assetid: bd55ecd1-697a-4b09-8274-48d1499fcb0b
+author: dorreneb
+ms.author: dobrown
+ms.date: 09/16/2019
+keywords: hololens, Windows Mixed Reality, design, spatial mapping, HoloLens, surface reconstruction, mesh, head tracking, mapping
ms.prod: hololens
ms.sitesec: library
-author: dansimp
-ms.author: dansimp
ms.topic: article
ms.localizationpriority: medium
-ms.date: 11/05/2018
-ms.reviewer:
-manager: dansimp
+appliesto:
+- HoloLens 1 (1st gen)
+- HoloLens 2
---
-# How HoloLens stores data for spaces
+# Mapping physical spaces with HoloLens
-In the Windows 10, version 1803 update for Microsoft HoloLens, the mapping data for [spaces](https://support.microsoft.com/help/13760/hololens-spaces-on-hololens) is stored in a local database.
+HoloLens blends holograms with your physical world. To do that, HoloLens has to learn about the physical world around you and remember where you place holograms within that space.
-The map database is not exposed to a user of the device, even when plugged into a PC or when using the File Explorer app. When BitLocker is enabled, the stored map data is also encrypted with the entire volume.
+Over time, the HoloLens builds up a *spatial map* of the environment that it has seen. HoloLens updates the map as the environment changes. As long as you are logged in and the device is turned on, HoloLens creates and updates your spatial maps. If you hold or wear the device with the cameras pointed at a space, the HoloLens tries to map the area. While the HoloLens learns a space naturally over time, there are ways in which you can help HoloLens map your space more quickly and efficiently.
-Holograms that are anchored within the same map section are considered to be “nearby” in the current space.
+> [!NOTE]
+> If your HoloLens can’t map your space or is out of calibration, HoloLens may enter Limited mode. In Limited mode, you won’t be able to place holograms in your surroundings.
+This article explains how HoloLens maps spaces, how to improve spatial mapping, and how to manage the spatial data that HoloLens collects.
-## Frequently asked questions
+## Choosing and setting up and your space
-**How can I remove map data and known spaces from the HoloLens?**
+Features in your environment can make it difficult for the HoloLens to interpret a space. Light levels, materials in the space, the layout of objects, and more can all affect how HoloLens maps an area.
-There are two options for deleting map data in **Settings > System > Holograms**:
+HoloLens works best in certain kinds of environments. To produce the best spatial map, choose a room that has adequate light and plenty of space. Avoid dark spaces and rooms that have a lot of dark, shiny, or translucent surfaces (for instance, mirrors or gauzy curtains).
-- Select **Remove nearby holograms** to delete nearby holograms, clearing the map data and anchored holograms for the current space. A brand new map section would be created and stored in the database for that location while the device is used there. This option can be used to clear the map data for work without affecting any map data from home, for example.
-- Select **Remove all holograms** to delete all holograms, clearing all locally stored map data and anchored holograms. No holograms will be rediscovered and any holograms need to be newly placed.
+HoloLens is optimized for indoor use. Spatial mapping also works best when Wi-Fi is turned on, although it doesn't have to be connected to a network. HoloLens can obtain Wi-Fi access points even if it is not connected or authenticated. HoloLens functionality does not change whether the access points are internet-connected or intranet/local only.
->[!NOTE]
->When you remove nearby or all holograms, HoloLens immediately starts scanning and mapping the current space.
+Only use HoloLens in safe places with no tripping hazards. [More on safety](https://support.microsoft.com/help/4023454/safety-information).
-**How does Wi-Fi data get used by HoloLens and where is the data stored?**
+## Mapping your space
-As long as Wi-Fi is enabled, map data will be correlated with nearby Wi-Fi access points. There is no difference in behavior if a network is connected or just nearby. Network characteristics are not sent to Microsoft, and all Wi-Fi references are kept local on the HoloLens.
+Now you're ready to start mapping your spare. When HoloLens starts mapping your surroundings, you'll see a mesh graphic spreading over the space. In mixed reality home, you can trigger the map to show by selecting on a mapped surface.
-Wi-Fi characteristics are stored locally to help correlate hologram locations and map sections stored within HoloLens’ database of known spaces. It’s inaccessible to users, and not sent to Microsoft via the cloud or via telemetry.
+Here are guidelines for building a great spatial map.
+### Understand the scenarios for the area
+It is important to spend the most time where you will be using the HoloLens, so that the map is relevant and complete. For example, if a user scenario for HoloLens involves moving from Point A to Point B, walk that path two to three times, looking in all directions as you move.
-**Does HoloLens need to be connected to the internet?**
+### Walk slowly around the space
-No, internet connectivity is not required. Observed Wi-Fi access points are obtained without being connected or authenticated. It does not change functionality if the access points are internet connected or intranet/local only.
+If you walk too quickly around the area, it's likely that the HoloLens will miss mapping areas. Walk slowly around the space, stopping every 5-8 feet to look around at your surroundings.
+Smooth movements also help the HoloLens map more efficiently.
+### Look in all directions
+Looking around as you map the space gives the HoloLens more data on where points are relative to each other.
+If you don't look up, for example, the HoloLens may not know where the ceiling in a room is.
-**Since HoloLens no longer requires you to select a space when Wi-Fi is disabled, how does it find the space automatically?**
+Don't forget to look down at the floor as you map the space.
-If Wi-Fi is disabled, the space search can still happen; HoloLens will need to search more of the map data within the spaces database, and finding holograms can take longer.
+### Cover key areas multiple times
-HoloLens will sense and remember spaces even when Wi-Fi is disabled, by securely storing the sensor data when holograms are placed. Without the Wi-Fi info, the space and holograms may be slower to recognize at a later time, as the HoloLens needs to compare active scans to all hologram anchors and map sections stored on the device in order to locate the correct portion of the map.
+Moving through an area multiple times will help pick up features you may have missed on the first walkthrough. To build an ideal map, try traversing an area two to three times.
-HoloLens will visually compare the current scanning data from the sensors to locally stored map sections in the entire spaces database. It will locate holograms faster if the Wi-Fi characteristics can be found, to narrow down the number of spaces to compare.
+If possible, while repeating these movements, spend time walking through an area in one direction, then turn around and walk back the way you came.
+### Take your time mapping the area
+It can take between 15 and 20 minutes for the HoloLens to fully map and adjust itself to its surroundings. If you have a space in which you plan to use a HoloLens frequently, taking that time up front to map the space can prevent issues later on.
+## Possible errors in the spatial map
-
+Errors in spatial mapping data fall into a few categories:
+- *Holes*: Real-world surfaces are missing from the spatial mapping data.
+- *Hallucinations*: Surfaces exist in the spatial mapping data that do not exist in the real world.
+- *Wormholes*: HoloLens 'loses' part of the spatial map by thinking it is in a different part of the map than it actually is.
+- *Bias*: Surfaces in the spatial mapping data are imperfectly aligned with real-world surfaces, either pushed in or pulled out.
+If you see any of these errors please use the [FeedbackHub](hololens-feedback.md) to send feedback.
+
+## Security and storage for spatial data
+
+Windows 10 version 1803 update for Microsoft HoloLens and later stores mapping data in a local (on-device) database.
+
+HoloLens users cannot directly access the map database, even when the device is plugged into a PC or when using the File Explorer app. When BitLocker is enabled on HoloLens, the stored map data is also encrypted along with the entire volume.
+
+### Remove map data and known spaces from HoloLens
+
+There are two options for deleting map data in **Settings > System > Holograms**:
+
+- To delete nearby holograms, select **Remove nearby holograms**. This command clears the map data and anchored holograms for the current space. If you continue to use the device in the same space, it creates and stores a brand new map section to replace the deleted information.
+
+ > [!NOTE]
+ > "Nearby" holograms are holograms that are anchored within the same map section in the current space.
+
+ For example, you can use this option to clear work-related map data without affecting any home-related map data.
+
+- To delete all holograms, select **Remove all holograms**. This command clears all map data that is stored on the device as well as all anchored holograms. You will need to explicitly place any holograms. You will not be able to rediscover the previously-placed holograms.
+
+> [!NOTE]
+> After you remove nearby or all holograms, HoloLens immediately starts scanning and mapping the current space.
+
+### Wi-Fi data in spatial maps
+
+HoloLens stores Wi-Fi characteristics to help correlate hologram locations and map sections that are stored within the HoloLens database of known spaces. Information about Wi-Fi characteristics is not accessible to users, and not sent to Microsoft using the cloud or using telemetry.
+
+As long as Wi-Fi is enabled, HoloLens correlates map data with nearby Wi-Fi access points. There is no difference in behavior whether a network is connected or just detected nearby. If Wi-Fi is disabled, HoloLens still searches the space. However, HoloLens has to search more of the map data within the spaces database, and may need more time to find holograms. Without the Wi-Fi info, the HoloLens has to compare active scans to all hologram anchors and map sections that are stored on the device in order to locate the correct portion of the map.
## Related topics
-- [Environment considerations for HoloLens](https://docs.microsoft.com/windows/mixed-reality/environment-considerations-for-hololens)
- [Spatial mapping design](https://docs.microsoft.com/windows/mixed-reality/spatial-mapping-design)
-- [HoloLens and holograms: FAQ](https://support.microsoft.com/help/13456/hololens-and-holograms-faq)
diff --git a/devices/hololens/hololens-start.md b/devices/hololens/hololens-start.md
deleted file mode 100644
index d303ee0c44..0000000000
--- a/devices/hololens/hololens-start.md
+++ /dev/null
@@ -1,57 +0,0 @@
----
-title: HoloLens (1st gen) first start
-description: Go through the first start experience for HoloLens (1st gen).
-ms.assetid: 0136188e-1305-43be-906e-151d70292e87
-ms.prod: hololens
-author: Teresa-Motiv
-ms.author: v-tea
-ms.topic: article
-ms.date: 8/12/19
-manager: jarrettr
-ms.topic: article
-ms.localizationpriority: medium
----
-
-# Set up HoloLens for the first time
-
-The first time you turn on your HoloLens, you'll be guided through calibrating your device, setting up your device, and signing in. This section walks through the HoloLens (1st gen) first start experience.
-
-In the next section, you'll learn how to work with HoloLens and interact with holograms. Skip ahead to [Get started with HoloLens (1st gen)](holographic-home.md)
-
-## Before you start
-
-Before you get started, make sure you have the following available:
-
-**A Wi-Fi connection**. You'll need to connect your HoloLens to a Wi-Fi network to set it up. The first time you connect, you'll need an open or password-protected network that doesn't require navigating to a website or using certificates to connect. After setup, you can [use your device offline](hololens-offline.md).
-
-**A Microsoft account**. You'll also need to sign in to HoloLens with a Microsoft account (or with your work account, if your organization owns the device). If you don't have a Microsoft account, go to [account.microsoft.com](http://account.microsoft.com) and set one up for free.
-
-**A safe, well-lit space with no tripping hazards**. [Health and safety info](http://go.microsoft.com/fwlink/p/?LinkId=746661).
-
-**The optional comfort accessories** that came with your HoloLens, to help you get the most comfortable fit. [More on fit and comfort](https://support.microsoft.com/help/12632/hololens-fit-your-hololens).
-
-> [!NOTE]
-> [Cortana](hololens-cortana.md) is already on and ready to guide you the first time you use your HoloLens (though she won't be able to respond to your questions until after you set up your device). You can turn Cortana off at any time in Cortana's settings.
-
-## Set up your HoloLens
-
-Set up your HoloLens and your user account.
-
-1. The first time you use your HoloLens, you'll be guided through connecting to a Wi-Fi network. If you have trouble connecting to Wi-Fi during setup, make sure your network is either open, password protected, or a captive portal network and doesn't require using certificates to connect. After setup, you can connect to other types of Wi-Fi networks.
-1. Sign in to your user account. You'll choose between **My work or school owns it** and **I own it**.
- - When you choose **My work or school owns it**, you sign in by using an Azure AD account. If your organization uses Azure AD Premium and has configured automatic MDM enrollment, HoloLens will be enrolled in MDM. If your organization does not use Azure AD Premium, automatic MDM enrollment isn't available, so you will need to [enroll HoloLens in device management manually](hololens-enroll-mdm.md#enroll-through-settings-app).
- 1. Enter your organizational account information.
- 1. Accept the privacy statement.
- 1. Sign in by using your Azure AD credentials. This may redirect to your organization's sign-in page.
- 1. Continue with device setup.
- - When you choose **I own it**, you sign in by using a Microsoft account. After setup is complete, you can [enroll HoloLens in device management manually](hololens-enroll-mdm.md#enroll-through-settings-app).
- 1. Enter your Microsoft account information.
- 1. Enter your password. If your Microsoft account requires [two-step verification (2FA)](https://blogs.technet.microsoft.com/microsoft_blog/2013/04/17/microsoft-account-gets-more-secure/), complete the verification process.
-1. The device sets your time zone based on information obtained from the Wi-Fi network.
-1. Follow the first-start guides to learn how to interact with holograms, control the HoloLens with your voice, and access the start menu.
-
-Congratulations! Setup is complete and you can begin using HoloLens.
-
-## Next steps
-
-- [Get started with HoloLens (1st gen)](holographic-home.md)
diff --git a/devices/hololens/hololens-status.md b/devices/hololens/hololens-status.md
index 22c5e995db..1d321ed900 100644
--- a/devices/hololens/hololens-status.md
+++ b/devices/hololens/hololens-status.md
@@ -20,17 +20,17 @@ ms.sitesec: library
Area|HoloLens (1st gen)|HoloLens 2
----|:----:|:----:
-[Azure services](https://status.azure.com/en-us/status)|✔️|✔️
-[Store app](https://www.microsoft.com/en-us/store/collections/hlgettingstarted/hololens)|✔️|✔️
-[Apps](https://www.microsoft.com/en-us/hololens/apps)|✔️|✔️
-[MDM](https://docs.microsoft.com/en-us/hololens/hololens-enroll-mdm)|✔️|✔️
+[Azure services](https://status.azure.com/status)|✔️|✔️
+[Store app](https://www.microsoft.com/store/collections/hlgettingstarted/hololens)|✔️|✔️
+[Apps](https://www.microsoft.com/hololens/apps)|✔️|✔️
+[MDM](https://docs.microsoft.com/hololens/hololens-enroll-mdm)|✔️|✔️
## Notes and related topics
[Frequently asked questions about using Skype for HoloLens](https://support.skype.com/en/faq/FA34641/frequently-asked-questions-about-using-skype-for-hololens)
-For more details about the status of the myriad Azure Services that can connect to HoloLens, see [Azure status](https://azure.microsoft.com/en-us/status/).
+For more details about the status of the myriad Azure Services that can connect to HoloLens, see [Azure status](https://azure.microsoft.com/status/).
-For more details about current known issues, see [HoloLens known issues](https://docs.microsoft.com/en-us/windows/mixed-reality/hololens-known-issues).
+For more details about current known issues, see [HoloLens known issues](https://docs.microsoft.com/windows/mixed-reality/hololens-known-issues).
Follow HoloLens on [Twitter](https://twitter.com/HoloLens) and subscribe on [Reddit](https://www.reddit.com/r/HoloLens/).
diff --git a/devices/hololens/hololens-updates.md b/devices/hololens/hololens-updates.md
index 418cfce2d9..2989515858 100644
--- a/devices/hololens/hololens-updates.md
+++ b/devices/hololens/hololens-updates.md
@@ -14,30 +14,28 @@ manager: dansimp
# Manage updates to HoloLens
->**Looking for how to get the latest update? See [Update HoloLens](https://support.microsoft.com/help/12643/hololens-update-hololens).**
-
>[!NOTE]
>HoloLens devices must be [upgraded to Windows Holographic for Business](hololens-upgrade-enterprise.md) to manage updates.
For a complete list of Update policies, see [Policies supported by Windows Holographic for Business](https://docs.microsoft.com/windows/client-management/mdm/policy-configuration-service-provider#a-href-idhololenspoliciesapolicies-supported-by-windows-holographic-for-business).
To configure how and when updates are applied, use the following policies:
+
- [Update/AllowAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowautoupdate)
- [Update/ScheduledInstallDay](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-scheduledinstallday)
- [Update/ScheduledInstallTime](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-scheduledinstalltime)
To turn off the automatic check for updates, set the following policy to value **5** – Turn off Automatic Updates:
+
- [Update/AllowAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowautoupdate)
In Microsoft Intune, you can use **Automatic Update Behavior** to change this policy. (See [Manage software updates in Microsoft Intune](https://docs.microsoft.com/intune/windows-update-for-business-configure))
-For devices on Windows 10, version 1607 only: You can use the following update policies to configure devices to get updates from Windows Server Update Service (WSUS) instead of Windows Update:
-
-- [Update/AllowUpdateService](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowupdateservice)
-- [Update/RequireUpdateApproval](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-requireupdateapproval)
-- [Update/UpdateServiceUrl](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-updateserviceurl)
-
+For devices on Windows 10, version 1607 only: You can use the following update policies to configure devices and get updates from the Windows Server Update Service (WSUS), instead of Windows Update:
+- [Update/AllowUpdateService](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowupdateservice)
+- [Update/RequireUpdateApproval](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-requireupdateapproval)
+- [Update/UpdateServiceUrl](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-updateserviceurl)
## Related topics
diff --git a/devices/hololens/hololens-upgrade-enterprise.md b/devices/hololens/hololens-upgrade-enterprise.md
deleted file mode 100644
index 57bf3d0e04..0000000000
--- a/devices/hololens/hololens-upgrade-enterprise.md
+++ /dev/null
@@ -1,102 +0,0 @@
----
-title: Unlock Windows Holographic for Business features (HoloLens)
-description: HoloLens provides extra features designed for business when you upgrade to Windows Holographic for Business.
-ms.prod: hololens
-ms.sitesec: library
-author: dansimp
-ms.author: dansimp
-ms.topic: article
-ms.localizationpriority: medium
-ms.date: 07/09/2018
-ms.reviewer:
-manager: dansimp
----
-
-# Unlock Windows Holographic for Business features
-
-
-
-Microsoft HoloLens is available in the *Development Edition*, which runs Windows Holographic (an edition of Windows 10 designed for HoloLens), and in the [Commercial Suite](https://docs.microsoft.com/windows/mixed-reality/commercial-features), which provides extra features designed for business.
-
-When you purchase the Commercial Suite, you receive a license that upgrades Windows Holographic to Windows Holographic for Business. This license can be applied to the device either through the organization's [mobile device management (MDM) provider](#edition-upgrade-using-mdm) or a [provisioning package](#edition-upgrade-using-a-provisioning-package).
-
->[!TIP]
->In Windows 10, version 1803, you can tell that the HoloLens has been upgraded to the business edition in **Settings** > **System**.
-
-
-
-## Edition upgrade using MDM
-
-The enterprise license can be applied by any MDM provider that supports the [WindowsLicensing configuration service provider (CSP)](https://msdn.microsoft.com/library/windows/hardware/dn904983.aspx). The latest version of the Microsoft MDM API will support WindowsLicensing CSP.
-
-For step-by-step instructions for upgrading HoloLens using Microsoft Intune, see [Upgrade devices running Windows Holographic to Windows Holographic for Business](https://docs.microsoft.com/intune/holographic-upgrade).
-
- On other MDM providers, the specific steps for setting up and deploying the policy might vary.
-
-
-
-## Edition upgrade using a provisioning package
-
-Provisioning packages are files created by the Windows Configuration Designer tool that apply a specified configuration to a device.
-
-### Create a provisioning package that upgrades the Windows Holographic edition
-
-1. [Create a provisioning package for HoloLens.](hololens-provisioning.md)
-
-2. Go to **Runtime settings** > **EditionUpgrade**, and select **EditionUpgradeWithLicense**.
-
- 
-
-2. Browse to and select the XML license file that was provided when you purchased the Commercial Suite.
-
- >[!NOTE]
- >You can configure [additional settings in the provisioning package](hololens-provisioning.md).
-
-3. On the **File** menu, click **Save**.
-
-4. Read the warning that project files may contain sensitive information, and click **OK**.
-
- >[!IMPORTANT]
- >When you build a provisioning package, you may include sensitive information in the project files and in the provisioning package (.ppkg) file. Although you have the option to encrypt the .ppkg file, project files are not encrypted. You should store the project files in a secure location and delete the project files when they are no longer needed.
-
-3. On the **Export** menu, click **Provisioning package**.
-
-4. Change **Owner** to **IT Admin**, which will set the precedence of this provisioning package higher than provisioning packages applied to this device from other sources, and then select **Next**.
-
-5. Set a value for **Package Version**.
-
- >[!TIP]
- >You can make changes to existing packages and change the version number to update previously applied packages.
-
-6. On the **Select security details for the provisioning package**, click **Next**.
-
-7. Click **Next** to specify the output location where you want the provisioning package to go once it's built. By default, Windows ICD uses the project folder as the output location.
-
- Optionally, you can click **Browse** to change the default output location.
-
-8. Click **Next**.
-
-9. Click **Build** to start building the package. The project information is displayed in the build page and the progress bar indicates the build status.
-
-10. When the build completes, click **Finish**.
-
-
-### Apply the provisioning package to HoloLens
-
-1. Connect the device via USB to a PC and start the device, but do not continue past the **fit** page of the initial setup experience (the first page with the blue box). HoloLens will show up as a device in File Explorer on the PC.
-
- >[!NOTE]
- >If the HoloLens device is running Windows 10, version 1607 or earlier, briefly press and release the **Volume Down** and **Power** buttons simultaneously to open File Explorer.
-
-4. In File Explorer, drag and drop the provisioning package (.ppkg) onto the device storage.
-
-5. Briefly press and release the **Volume Down** and **Power** buttons simultaneously again while on the **fit** page.
-
-6. The device will ask you if you trust the package and would like to apply it. Confirm that you trust the package.
-
-7. You will see whether the package was applied successfully or not. If it failed, you can fix your package and try again. If it succeeded, proceed with device setup.
-
-
-
-
-
diff --git a/devices/hololens/hololens-use-apps.md b/devices/hololens/hololens-use-apps.md
deleted file mode 100644
index e3d0aba0a9..0000000000
--- a/devices/hololens/hololens-use-apps.md
+++ /dev/null
@@ -1,40 +0,0 @@
----
-title: Use apps on HoloLens
-description: Apps on HoloLens use either 2D view or holographic view.
-ms.assetid: 6bd124c4-731c-4bcc-86c7-23f9b67ff616
-ms.reviewer: jarrettrenshaw
-ms.date: 07/01/2019
-manager: v-miegge
-keywords: hololens
-ms.prod: hololens
-ms.sitesec: library
-author: v-miegge
-ms.author: v-miegge
-ms.topic: article
-ms.localizationpriority: medium
----
-
-# Use apps on HoloLens
-
-Apps on HoloLens use either 2D view or holographic view. Apps with 2D view look like windows, and apps with holographic view surround you and become the only app you see.
-
-## Open apps
-
-You'll find your apps either pinned to Start or in the All apps list. To get to the All apps list, use the bloom gesture to go to Start, then select **All apps**.
-
-On Start or in the All apps list, select an app. It will open in a good position for viewing.
-
->[!NOTE]
->- Up to three 2D app windows can be active at a time. You can open more, but only three will remain active.
->- Each open app can have one active window at a time, except Microsoft Edge, which can have up to three.
->- If you're having problems with apps, make sure there's enough light in your space, and walk around so HoloLens has a current scan. If you keep having trouble, see [HoloLens and holograms: FAQ](https://support.microsoft.com/help/13456/hololens-and-holograms-faq) for more info.
-
-## Move, resize, and rotate apps
-
-After opening an app, you can [change its position and size](https://support.microsoft.com/help/12634).
-
-## Close apps
-
-To close an app that uses 2D view, gaze at it, then select **Close**.
-
-To close an app that uses holographic view, use the bloom gesture to leave holographic view, then select **Close**.
diff --git a/devices/hololens/hololens-whats-new.md b/devices/hololens/hololens-whats-new.md
index c250d1c12c..224f3b239d 100644
--- a/devices/hololens/hololens-whats-new.md
+++ b/devices/hololens/hololens-whats-new.md
@@ -16,27 +16,26 @@ manager: dansimp
## Windows 10, version 1809 for Microsoft HoloLens
-### For everyone
-
-Feature | Details
---- | ---
-Quick actions menu | When you're in an app, the Bloom gesture will now open a Quick actions menu to give you quick access to commonly used system features without having to leave the app. See [Set up HoloLens in kiosk mode](hololens-kiosk.md) for information about the Quick actions menu in kiosk mode.
-Stop video capture from the Start or quick actions menu | If you start video capture from the Start menu or quick actions menu, you’ll be able to stop recording from the same place. (Don’t forget, you can always do this with voice commands too.)
-Project to a Miracast-enabled device | Project your HoloLens content to a nearby Surface device or TV/Monitor if using Microsoft Display adapter. On **Start**, select **Connect**, and then select the device you want to project to. **Note:** You can deploy HoloLens to use Miracast projection without enabling developer mode.
-New notifications | View and respond to notification toasts on HoloLens, just like you do on a PC. Gaze to respond to or dismiss them (or if you’re in an immersive experience, use the bloom gesture).
-HoloLens overlays (file picker, keyboard, dialogs, etc.) | You’ll now see overlays such as the keyboard, dialogs, file picker, etc. when using immersive apps.
-Visual feedback overlay UI for volume change | When you use the volume up/down buttons on your HoloLens you’ll see a visual display of the volume level.
-New UI for device boot | A loading indicator was added during the boot process to provide visual feedback that the system is loading. Reboot your device to see the new loading indicator—it’s between the "Hello" message and the Windows boot logo.
-Share UX: Nearby Sharing | Addition of the Windows Nearby Sharing experience, allowing you to share a capture with a nearby Windows device. When you capture a photo or video on HoloLens (or use the share button from an app such as Microsoft Edge), select a nearby Windows device to share with.
-Share from Microsoft Edge | Share button is now available on Microsoft Edge windows on HoloLens. In Microsoft Edge, select **Share**. Use the HoloLens share picker to share web content.
+> **Applies to:** Hololens (1st gen)
+### For everyone
+| Feature | Details |
+|---|---|
+| **Quick actions menu** | When you're in an app, the Bloom gesture will now open a Quick actions menu to give you quick access to commonly used system features without having to leave the app.
See [Set up HoloLens in kiosk mode](hololens-kiosk.md) for information about the Quick actions menu in kiosk mode.
 |
+| **Stop video capture from the Start or quick actions menu** | If you start video capture from the Start menu or quick actions menu, you’ll be able to stop recording from the same place. (Don’t forget, you can always do this with voice commands too.) |
+| **Project to a Miracast-enabled device** | Project your HoloLens content to a nearby Surface device or TV/Monitor if using Microsoft Display adapter. On **Start**, select **Connect**, and then select the device you want to project to. **Note:** You can deploy HoloLens to use Miracast projection without enabling developer mode. |
+| **New notifications** | View and respond to notification toasts on HoloLens, just like you do on a PC. Gaze to respond to or dismiss them (or if you’re in an immersive experience, use the bloom gesture). |
+| **HoloLens overlays**
(file picker, keyboard, dialogs, etc.) | You’ll now see overlays such as the keyboard, dialogs, file picker, etc. when using immersive apps. |
+| **Visual feedback overlay UI for volume change** | When you use the volume up/down buttons on your HoloLens you’ll see a visual display of the volume level. |
+| **New UI for device boot** | A loading indicator was added during the boot process to provide visual feedback that the system is loading. Reboot your device to see the new loading indicator—it’s between the "Hello" message and the Windows boot logo. |
+| **Nearby sharing** | Addition of the Windows Nearby Sharing experience, allowing you to share a capture with a nearby Windows device. When you capture a photo or video on HoloLens (or use the share button from an app such as Microsoft Edge), select a nearby Windows device to share with. |
+| **Share from Microsoft Edge** | Share button is now available on Microsoft Edge windows on HoloLens. In Microsoft Edge, select **Share**. Use the HoloLens share picker to share web content. |
-### For administrators
+### For administrators
-
-| Feature | Details |
-|-----------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Feature | Details |
+|---|----|
| [Enable post-setup provisioning](hololens-provisioning.md) | You can now apply a runtime provisioning package at any time using **Settings**. |
| Assigned access with Azure AD groups | You can now use Azure AD groups for configuration of Windows assigned access to set up single or multi-app kiosk configuration. |
| PIN sign-in on profile switch from sign-in screen | PIN sign-in is now available for **Other User**. |
@@ -54,10 +53,11 @@ Speech Synthesis (TTS) | Speech synthesis feature now supports Chinese, Japanese
[Learn how to install the Chinese and Japanese versions of HoloLens.](hololens-install-localized.md)
-
## Windows 10, version 1803 for Microsoft HoloLens
+> **Applies to:** Hololens (1st gen)
+
Windows 10, version 1803, is the first feature update to Windows Holographic for Business since its release in Windows 10, version 1607. This update introduces the following changes:
- Previously, you could only verify that upgrade license for Commercial Suite had been applied to your HoloLens device by checking to see if VPN was an available option on the device. Now, **Settings** > **System** will display **Windows Holographic for Business** after the upgrade license is applied. [Learn how to unlock Windows Holographic for Business features](hololens-upgrade-enterprise.md).
@@ -85,14 +85,3 @@ Windows 10, version 1803, is the first feature update to Windows Holographic for
- Individual users can sync their corporate email without enrolling their device in mobile device management (MDM). You can use the device with a Microsoft Account, download and install the Mail app, and add an email account directly.
- You can check the MDM sync status for a device in **Settings** > **Accounts** > **Access Work or School** > **Info**. In the **Device sync status** section, you can start a sync, see areas managed by MDM, and create and export an advanced diagnostics report.
-
-
-
-
-
-## Additional resources
-
-- [Reset or recover your HoloLens](https://developer.microsoft.com/windows/mixed-reality/reset_or_recover_your_hololens)
-- [Restart, reset, or recover HoloLens](https://support.microsoft.com/help/13452/hololens-restart-reset-or-recover-hololens)
-- [Manage devices running Windows Holographic with Microsoft Intune](https://docs.microsoft.com/intune/windows-holographic-for-business)
-
diff --git a/devices/hololens/hololens1-basic-usage.md b/devices/hololens/hololens1-basic-usage.md
new file mode 100644
index 0000000000..41dc0c9c89
--- /dev/null
+++ b/devices/hololens/hololens1-basic-usage.md
@@ -0,0 +1,138 @@
+---
+title: Getting around HoloLens (1st gen)
+description: A brief tour of the HoloLens (1st gen) interface
+ms.assetid: 064f7eb0-190e-4643-abeb-ed3b09312042
+ms.date: 9/16/2019
+ms.reviewer: jarrettr
+manager: jarrettr
+keywords: hololens
+ms.prod: hololens
+ms.sitesec: library
+author: v-miegge
+ms.author: v-miegge
+ms.topic: article
+ms.localizationpriority: high
+appliesto:
+- HoloLens (1st gen)
+---
+
+# Getting around HoloLens (1st gen)
+
+Ready to step into the world of holograms? Here's some information to get started.
+
+This guide provides an intro to mixed reality, gestures for interacting with holograms, and an intro to Windows Holographic.
+
+## Discover mixed reality
+
+On HoloLens, holograms blend with your physical environment to look and sound like they're part of your world. Even when holograms are all around you, you can still see your surroundings, move freely, and interact with other people and objects. We call this experience "mixed reality."
+
+The holographic frame positions your holograms where your eyes are most sensitive to detail, and the see-through lenses leave your peripheral vision unobscured. With spatial sound, you can pinpoint a hologram even if it’s behind you. And because HoloLens learns and understands your environment, you can place holograms on and around real objects—and so can your apps and games. So a character in a game might sit down on your sofa, or [space robots could bust out of your walls](https://www.microsoft.com/store/apps/9nblggh5fv3j).
+
+## Use HoloLens with your hands
+
+Getting around HoloLens is a lot like using your smart phone. You can use your hands to manipulate holographic windows, menus, and buttons. Instead of pointing, clicking, or tapping, you'll use your gaze, your [voice](hololens-cortana.md), and gestures to select apps and holograms and to get around HoloLens.
+
+When you know these basic interactions, getting around on HoloLens will be a snap.
+
+We'll walk you through the basics the first time you use your HoloLens. You'll also find a gesture tutorial on your **Start** menu—look for the Learn Gestures app.
+
+### The hand-tracking frame
+
+HoloLens has sensors that can see a few feet to either side of you. When you use your hands, you'll need to keep them inside that frame, or HoloLens won't see them. As you move around, the frame moves with you.
+
+
+
+### Open the Start menu with bloom
+
+To open the **Start** menu:
+
+1. Hold your hand in front of you so it's in the gesture frame.
+1. Bloom: bring all of your fingers together then open your hand.
+ 
+
+### Select holograms with gaze and air tap
+
+To select an app or other hologram, air tap it while looking directly at the hologram you're selecting. To do this, follow these steps:
+
+1. Gaze at the hologram you want to select.
+1. Point your index finger straight up toward the ceiling.
+1. Air tap: lower your finger, then quickly raise it.
+ 
+
+### Select a hologram by using your voice
+
+1. The gaze cursor is a dot that you move around by moving your head. You can use it to target voice commands with precision.
+1. Gaze at the hologram that you want to select.
+1. To select the hologram, say "Select."
+
+## Holograms and apps
+
+Now it's time to put gestures to the test!
+
+You'll find your installed apps in the [Start menu](holographic-home.md) and there are more apps for HoloLens (1st gen) in the Microsoft Store.
+
+Open the **Start** menu and select an app!
+
+Using apps on HoloLens is a little different from on a PC: Some apps use a 2D view and look like other Windows applications. Other apps (immersive apps) use a 3D view and when you launch them, they become the only app you see.
+
+When you place an app window or app launcher, it will stay put until you remove it. You can move or resize these holograms in your mixed reality home at any time.
+
+## Move, resize, and rotate apps
+
+Moving and resizing apps on HoloLens works a bit differently than it does on a PC. Instead of dragging the app, you'll use your gaze, along with a [gesture](https://support.microsoft.com/help/12644/hololens-use-gestures) or the [clicker](hololens-clicker.md). You can also rotate an app window in 3D space.
+
+> [!TIP]
+> Rearrange apps using your voice - gaze at an app and say "Face me," "Bigger," or "Smaller." Or have Cortana move an app for you: say "Hey Cortana, move \**app name\** here."
+
+### Move an app
+
+Gaze at the app (at the title bar of an app window), and then do one of the following.
+
+- Tap and hold to select the app. Move your hand to position the app, and raise your finger to place it.
+- Select **Adjust**, tap and hold, and move your hand to position the app. Raise your finger to place it, then select **Done**.
+- Select **Adjust**, click and hold the clicker, and move your hand to position the app. Release the clicker, then select **Done**.
+
+> [!TIP]
+> If you drop apps when you move them, make sure to keep your hand in the gesture frame by following it with your gaze.
+
+### Resize an app
+
+Gaze at the app, and then do one of the following.
+
+- Gaze at a corner or edge of an app window, and tap and hold. Move your hand to change the app's size, and raise your finger when you're done.
+- Select **Adjust**. Gaze at one of the blue squares at the corners of the app, tap and hold, then move your hand to resize the app. Raise your finger to release it, then select **Done**.
+- Select **Adjust**. Gaze at one of the blue squares at the corners of the app, click and hold the clicker, then move your hand to resize the app. Release the clicker, then select **Done**.
+
+> [!TIP]
+> In Adjust mode, you can move or resize any hologram.
+
+### Rotate an app
+
+Gaze at the app, and tap and hold with both hands to select it. Rotate the app by keeping one hand steady and moving your other hand around it. When you're done, raise both index fingers.
+
+### Scroll content in an app window
+
+Gaze at the content of the app window. Tap and hold and then move your hand slightly upwards or downwards to scroll the content.
+
+## Meet the HoloLens (1st gen) Clicker
+
+The [HoloLens (1st Gen) clicker](hololens1-clicker.md) gives you another way to interact with holograms. [Pair it](hololens-connect-devices.md) with your HoloLens and then use it along with your gaze to select, scroll, and more.
+
+## Next steps
+
+Congratulations! you're ready to use HoloLens (1st gen).
+
+Now you can configure your HoloLens (1st gen) to meet your specific needs.
+
+[Connect bluetooth devices like mouse and keyboard](hololens-connect-devices.md)
+
+[Learn more about Voice and Cortana](hololens-cortana.md)
+
+### Help! I don't see my holograms
+
+If you don’t see holograms that you’ve placed while using HoloLens, here are some things to try:
+
+- Make sure that you’re looking in the right area—remember, holograms stay where you left them!
+- Make sure that you're in a well-lit room without a lot of direct sunlight.
+- Wait. When HoloLens has trouble recognizing your space, previously placed holograms can take up to a minute to reappear.
+- If issue persists, you may want to clear out your Holograms storage data in **Settings** > **System** > **Holograms**, then place holograms in mixed reality home again.
diff --git a/devices/hololens/hololens1-clicker.md b/devices/hololens/hololens1-clicker.md
new file mode 100644
index 0000000000..9e8d26b69d
--- /dev/null
+++ b/devices/hololens/hololens1-clicker.md
@@ -0,0 +1,97 @@
+---
+title: Use the HoloLens clicker
+description: This article outlines how to use the HoloLens clicker, including clicker pairing, charging, and recovery.
+ms.assetid: 7d4a30fd-cf1d-4c9a-8eb1-1968ccecbe59
+ms.date: 09/16/2019
+manager: jarrettr
+keywords: hololens
+ms.prod: hololens
+ms.sitesec: library
+author: v-miegge
+ms.author: v-miegge
+ms.topic: article
+ms.localizationpriority: medium
+appliesto:
+- HoloLens (1st gen)
+---
+
+# Use the HoloLens (1st gen) clicker
+
+The clicker was designed specifically for HoloLens (1st gen) and gives you another way to interact with holograms. It comes with HoloLens (1st gen), in a separate box.
+
+Use it in place of hand gestures to select, scroll, move, and resize apps.
+
+## Clicker hardware and pairing
+
+The HoloLens (1st gen) clicker has a finger loop to make it easier to hold, and an indicator light.
+
+
+
+### Clicker indicator lights
+
+Here's what the lights on the clicker mean.
+
+- **Blinking white**. The clicker is in pairing mode.
+- **Fast-blinking white**. Pairing was successful.
+- **Solid white**. The clicker is charging.
+- **Blinking amber**. The battery is low.
+- **Solid amber**. The clicker ran into an error and you'll need to restart it. While pressing the pairing button, click and hold for 15 seconds.
+
+### Pair the clicker with your HoloLens (1st gen)
+
+1. Use the bloom gesture to go to **Start**, then select **Settings** > **Devices** and verify that Bluetooth is on.
+1. On the clicker, press and hold the pairing button until the status light blinks white.
+1. On the pairing screen, select **Clicker** > **Pair**.
+
+### Charge the clicker
+
+When the clicker battery is low, the battery indicator will blink amber. Plug the Micro USB cable into a USB power supply to charge the device.
+
+## Use the clicker with HoloLens (1st gen)
+
+### Hold the clicker
+
+To put on the clicker, slide the loop over your ring or middle finger so that the Micro USB port faces toward your wrist. Rest your thumb in the indentation.
+
+
+
+### Clicker gestures
+
+Clicker gestures are small wrist rotations, not the larger movements used for HoloLens hand gestures. And HoloLens recognizes your gestures and clicks even if the clicker is outside the [gesture frame](hololens1-basic-usage.md), so you can hold the clicker in the position that's most comfortable for you.
+
+- **Select**. To select a hologram, button, or other element, gaze at it, then click.
+
+- **Click and hold**. Click and hold your thumb down on the button to do some of the same things you would with tap and hold, such as move or resize a hologram.
+
+- **Scroll**. On the app bar, select **Scroll Tool**. Click and hold, then rotate the clicker up, down, left, or right. To scroll faster, move your hand farther from the center of the scroll tool.
+
+- **Zoom**. On the app bar, select **Zoom Tool**. Click and hold, then rotate the clicker up to zoom in, or down to zoom out.
+
+> [!TIP]
+> To zoom in or out when using Microsoft Edge, gaze at a page and double-click.
+
+## Restart or recover the clicker
+
+Here are some things to try if the HoloLens clicker is unresponsive or isn’t working well.
+
+### Restart the clicker
+
+Use the tip of a pen to press and hold the pairing button. At the same time, click and hold the clicker for 15 seconds. If the clicker was already paired with your HoloLens, it will stay paired after it restarts.
+
+If the clicker won't turn on or restart, try charging it by using the HoloLens charger. If the battery is very low, it might take a few minutes for the white indicator light to turn on.
+
+### Re-pair the clicker
+
+Select **Settings** > **Devices** and select the clicker. Select **Remove**, wait a few seconds, then pair the clicker again.
+
+### Recover the clicker
+
+If restarting and re-pairing the clicker don’t fix the problem, the Windows Device Recovery Tool can help you recover it. The recovery process may take some time, and it will install the latest version of the clicker software. To use the tool, you’ll need a computer running Windows 10 or later that has at least 4 GB of free storage space.
+
+To recover the clicker:
+
+1. Download and install the [Windows Device Recovery Tool](https://dev.azure.com/ContentIdea/ContentIdea/_queries/query/8a004dbe-73f8-4a32-94bc-368fc2f2a895/) on your computer.
+1. Connect the clicker to your computer by using the Micro USB cable that came with your HoloLens.
+1. Run the Windows Device Recovery Tool and follow the instructions.
+
+If the clicker isn’t automatically detected, select **My device was not detected** and follow the instructions to put your device into recovery mode.
diff --git a/devices/hololens/hololens1-hardware.md b/devices/hololens/hololens1-hardware.md
new file mode 100644
index 0000000000..aced822bd4
--- /dev/null
+++ b/devices/hololens/hololens1-hardware.md
@@ -0,0 +1,158 @@
+---
+title: HoloLens (1st gen) hardware
+description: An outline of the components that make up Microsoft HoloLens (1st gen), the world's first fully untethered holographic computer running Windows.
+ms.assetid: 527d494e-2ab6-46ca-bd5a-bfc6b43cc833
+ms.date: 09/16/2019
+keywords: hololens
+ms.prod: hololens
+ms.sitesec: library
+author: mattzmsft
+ms.author: mazeller
+ms.topic: article
+manager: jarrettr
+ms.localizationpriority: medium
+appliesto:
+- HoloLens (1st gen)
+---
+
+# HoloLens (1st Gen) hardware
+
+
+
+Microsoft HoloLens (1st gen) is the world's first fully untethered holographic computer. HoloLens redefines personal computing through holographic experiences to empower you in new ways. HoloLens blends cutting-edge optics and sensors to deliver 3D holograms pinned to the real world around you.
+
+## HoloLens components
+
+
+
+Your HoloLens includes the following features:
+
+- **Visor**. Contains the HoloLens sensors and displays. You can rotate the visor up while you are wearing the HoloLens.
+- **Headband**. To put the HoloLens on, use the adjustment wheel to expand the headband. With the HoloLens in place, tighten the adjustment wheel until the headband is comfortable.
+- **Brightness buttons**. When you're wearing the HoloLens, the brightness buttons are on the left side of the device.
+- **Volume buttons**. When you're wearing the HoloLens, the volume buttons are on the right side of the device.
+- **Device arms**. When you pick up, put on, or take off your HoloLens, always grasp or hold it by the device arms.
+
+## In the box
+
+> [!VIDEO https://www.microsoft.com/videoplayer/embed/c7ceb904-9d5f-4194-9e10-e8a949dbad7d]
+
+The HoloLens box contains the following items:
+
+- **Nose pads**. Select a nose pad that fits the shape of your nose and accommodates your eyewear.
+- **Overhead strap**. When you're wearing the HoloLens while you move around, use the overhead strap to help keep the device in place. Additionally, if you're wearing the HoloLens for extended periods, using the overhead strap may make the device more comfortable to wear.
+- **Micro USB cable**. Use the micro-USB cable to connect your HoloLens to the power supply for charging, or use it to connect your HoloLens to your computer.
+- **Power supply**. Plugs into a power outlet.
+- **Microfiber cloth**. Use the cloth to clean your HoloLens visor.
+
+>[!TIP]
+>The [clicker](hololens1-clicker.md) ships with HoloLens (1st Gen), in a separate box.
+
+## Device specifications
+
+### Display
+
+
+
+| | |
+| - | - |
+| Optics | See-through holographic lenses (waveguides) |
+| Holographic resolution | 2 HD 16:9 light engines producing 2.3M total light points |
+| Holographic density | \>2.5k radiants (light points per radian) |
+| Eye-based rendering | Automatic pupillary distance calibration |
+
+### Sensors
+
+
+
+- 1 inertial measurement unit (IMU)
+- 4 environment understanding cameras
+- 1 depth camera
+- 1 2MP photo / HD video camera
+- Mixed reality capture
+- 4 microphones
+- 1 ambient light sensor
+
+### Input, output, and connectivity
+
+- Built-in speakers
+- Audio 3.5mm jack
+- Volume up/down
+- Brightness up/down
+- Power button
+- Battery status LEDs
+- Wi-Fi 802.11ac
+- Micro USB 2.0
+- Bluetooth 4.1 LE
+
+### Power
+
+- Battery Life
+- 2-3 hours of active use
+- Up to 2 weeks of standby time
+- Fully functional when charging
+- Passively cooled (no fans)
+
+### Processors
+
+
+
+- Intel 32-bit architecture with TPM 2.0 support
+- Custom-built Microsoft Holographic Processing Unit (HPU 1.0)
+
+### Memory
+
+- 64 GB Flash
+- 2 GB RAM
+
+### Fit
+
+| | |
+| - | - |
+| Sizing | Single size with adjustable band. Fits over glasses |
+| Weight | 579 grams |
+
+## Device capabilities
+
+Using the following to understand user actions:
+
+- Gaze tracking
+- Gesture input
+- Voice support
+
+Using the following to understand the environment:
+
+- Spatial sound
+
+## Pre-installed software
+
+- Windows 10
+- Windows Store
+- Holograms
+- Microsoft Edge
+- Photos
+- Settings
+- Windows Feedback
+- Calibration
+- Learn Gestures
+
+## Device certifications
+
+### Safety
+
+HoloLens has been tested and found to conform to the basic impact protection requirements of ANSI Z87.1, CSA Z94.3 and EN 166.
+
+## Care and cleaning
+
+Handle your HoloLens carefully. To lift, carry, and adjust your HoloLens, use the device arms—not the overhead strap. To keep the visor free of dust and fingerprints and avoid touching it. Repeated cleaning could damage the visor, so try to keep your device clean.
+
+Don't use any cleaners or solvents on your HoloLens, and don't submerge it in water or apply water directly to it.
+
+To clean the visor, remove any dust using a camel or goat hair lens brush or a bulb-style lens blower. Lightly moisten the microfiber cloth with a small amount of distilled water, then use it to wipe the visor gently in a circular motion.
+
+To clean the rest of the device, including the headband and device arms, use a lint-free cloth moistened with mild soap and water. Let your HoloLens dry completely before using it again.
+
+
+
+> [!div class="nextstepaction"]
+> [Set up and start your HoloLens (1st gen)](hololens1-setup.md)
diff --git a/devices/hololens/hololens1-install-localized.md b/devices/hololens/hololens1-install-localized.md
new file mode 100644
index 0000000000..52e4862bbe
--- /dev/null
+++ b/devices/hololens/hololens1-install-localized.md
@@ -0,0 +1,39 @@
+---
+title: Install localized versions of HoloLens
+description: Learn how to install the Chinese or Japanese versions of HoloLens
+ms.prod: hololens
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: dansimp
+ms.author: dansimp
+ms.topic: article
+ms.localizationpriority: high
+ms.date: 9/16/2019
+ms.reviewer:
+manager: jarrettr
+appliesto:
+- HoloLens (1st gen)
+---
+
+# Install localized versions of HoloLens (1st gen)
+
+In order to switch to the Chinese or Japanese version of HoloLens, you’ll need to use the Windows Device Recovery Tool (WDRT) to download the build for the language on a PC and then install it on your HoloLens.
+
+> [!IMPORTANT]
+> Using WDRT to install the Chinese or Japanese builds of HoloLens deletes existing data, such as personal files and settings, from your HoloLens.
+
+1. On your PC, download and install [the Windows Device Recovery Tool (WDRT)](https://support.microsoft.com/help/12379).
+1. Download the package for the language you want to your PC: [Simplified Chinese](https://aka.ms/hololensdownload-ch) or [Japanese](https://aka.ms/hololensdownload-jp).
+1. When the download finishes, select **File Explorer** > **Downloads**. Right-click the zipped folder that you just downloaded, and select **Extract all** > **Extract** to unzip it.
+1. Connect your HoloLens to your PC using the micro-USB cable that it shipped with. (Even if you've been using other cables to connect your HoloLens, this one works best.)
+1. After the tool automatically detects your HoloLens, select the Microsoft HoloLens tile.
+1. On the next screen, select **Manual package selection** and select the installation file that resides in the folder that you unzipped in step 4. (Look for a file that has the extension “.ffu”.)
+1. Select **Install software** and follow the instructions.
+1. After the build installs, HoloLens setup automatically starts. Put on the device and follow the setup directions.
+
+When you’re done with setup, go to **Settings** > **Update & Security** > **Windows Insider Program**, and check that you’re configured to receive the latest preview builds. Like the English preview builds, the Windows Insider Program keeps the Chinese and Japanese versions of HoloLens up-to-date with the latest preview builds.
+
+> [!NOTE]
+>
+> - You can’t use the Settings app to change the system language between English, Japanese, and Chinese. Flashing a new build is the only supported way to change the device system language.
+> - While you can use the on-screen Pinyin keyboard to enter Simplified Chinese or Japanese text, using a Bluetooth hardware keyboard to type Simplified Chinese or Japanese text is not supported at this time. However, on Chinese or Japanese HoloLens, you can continue to use a Bluetooth keyboard to type in English (to toggle a hardware keyboard to type in English, press the ~ key).
diff --git a/devices/hololens/hololens1-setup.md b/devices/hololens/hololens1-setup.md
new file mode 100644
index 0000000000..4aefbad094
--- /dev/null
+++ b/devices/hololens/hololens1-setup.md
@@ -0,0 +1,102 @@
+---
+title: Prepare a new HoloLens
+description: This guide walks through first time set up.
+ms.prod: hololens
+ms.sitesec: library
+author: JesseMcCulloch
+ms.author: jemccull
+ms.topic: article
+ms.localizationpriority: high
+ms.date: 8/12/19
+ms.reviewer:
+manager: jarrettr
+appliesto:
+- Hololens (1st gen)
+---
+
+# Get your HoloLens (1st gen) ready to use
+
+Follow along to set up a HoloLens (1st gen) for the first time.
+
+## Charge your HoloLens (1st gen)
+
+To charge your HoloLens, connect the power supply to the charging port by using the included Micro USB cable. Then plug the power supply into a power outlet. When the device is charging, the battery indicator will light up in a wave pattern.
+
+
+
+When your HoloLens is on, the battery indicator shows the battery level in increments. When only one of the five lights is on, the battery level is below 20 percent. If the battery level is critically low and you try to turn on the device, one light will blink briefly, then go out.
+
+> [!TIP]
+> To get an estimate of your current battery level, say "Hey Cortana, how much battery do I have left?"
+
+## Adjust fit
+
+> [!VIDEO https://www.microsoft.com/videoplayer/embed/be3cb527-f2f1-4f85-b4f7-a34fbaba980d]
+
+| | |
+|:--- |:--- |
+|1. Rotate the headband up to about 20-30 degrees.||
+|2. Push the headband back. Do not pull it back, or manipulate the band behind the hinge, because over time this can break the band.||
+|3. Turn the adjustment wheel to extend the headband all the way out. ||
+|4. Hold the device by the device arms, and place it on your head. Make sure that the headband sits at the top of your forehead, and then tighten the adjustment wheel.||
+|5. Slide the visor back, and then check the fit of the device. The headband should sit at the top of the forehead, just below your hairline, with the speakers above your ears. The lenses should be centered over your eyes.||
+
+## Turn on your HoloLens
+
+Use the power button to turn HoloLens on and off or to put it in standby mode.
+
+
+
+If your device doesn't respond or won't start, see [Restart, reset, or recover HoloLens](hololens-restart-recover.md).
+
+When your HoloLens is off or in standby, turn it on by pressing the power button for one second. If it doesn't turn on, plug it in and charge it for at least 30 minutes.
+
+> [!TIP]
+> To restart HoloLens, say "Hey Cortana, reboot the device."
+
+### Put HoloLens in standby
+
+To put your HoloLens in standby while it's turned on, press the power button once. The battery indicators blink off. To wake it from standby, press the power button again.
+
+HoloLens automatically goes into standby after 3 minutes of inactivity. When it's in standby, it automatically shuts down after 4 hours, or after the battery level drops by 10 percent.
+
+### Shut down HoloLens
+
+To shut down (turn off) HoloLens, hold the power button down for four seconds. The battery indicators turn off one by one and the device shuts down.
+
+HoloLens automatically shuts down when the battery level drops to one percent, even if it's plugged in. After you've recharged the battery to three percent, you'll be able to turn HoloLens on again.
+
+## Adjust volume and brightness
+
+The brightness and volume buttons are on top of the device arms—volume to your right and brightness to your left.
+
+
+
+## HoloLens indicator lights
+
+
+
+Not sure what the indicator lights on your HoloLens mean? Here's some help.
+
+|When the lights do this |It means |
+| - | - |
+|Scroll from the center outward. |HoloLens is starting up. |
+|Stay lit (all or some). |HoloLens is on and ready to use. Battery life is shown in 20 percent increments. |
+|Scroll, then light up, then scroll. |HoloLens is on and charging. Battery life is shown in 20 percent increments. |
+|Turn off one by one. |HoloLens is shutting down. |
+|Turn off all at once. |HoloLens is going into standby. |
+|All light up, then one blinks briefly, then all turn off. |Battery is critically low. HoloLens needs to charge. |
+|All scroll, then one blinks, then all scroll. |Battery is critically low. HoloLens is charging. |
+
+## Safety and comfort
+
+### Use in safe surroundings
+
+Use your HoloLens in a safe space that’s free of obstructions and tripping hazards. Don’t use it when you need a clear field of view and your full attention, such as while you’re operating a vehicle or doing other potentially hazardous activities.
+
+### Stay comfortable
+
+Keep your first few sessions with HoloLens brief and be sure to take breaks. If you experience discomfort, stop and rest until you feel better. This might include temporary feelings of nausea, motion sickness, dizziness, disorientation, headache, fatigue, eye strain, or dry eyes.
+
+> [!div class="nextstepaction"]
+> [Start and configure your HoloLens (1st gen)](hololens1-start.md)
diff --git a/devices/hololens/hololens1-start.md b/devices/hololens/hololens1-start.md
new file mode 100644
index 0000000000..466fc431b2
--- /dev/null
+++ b/devices/hololens/hololens1-start.md
@@ -0,0 +1,75 @@
+---
+title: Set up HoloLens (1st gen)
+description: This guide walks through first time set up. You'll need a Wi-Fi network and either a Microsoft (MSA) or Azure Active Directory (Azure AD) account.
+ms.assetid: 0136188e-1305-43be-906e-151d70292e87
+ms.prod: hololens
+author: Teresa-Motiv
+ms.author: v-tea
+ms.topic: article
+ms.date: 8/12/19
+manager: jarrettr
+ms.topic: article
+ms.localizationpriority: high
+appliesto:
+- HoloLens (1st gen)
+---
+
+# Set up your HoloLens (1st gen)
+
+The first time you turn on your HoloLens, you'll be guided through calibrating your device, setting up your device, and signing in. This article walks through the HoloLens (1st gen) first start and setup experience.
+
+In the next section, you'll learn how to work with HoloLens and interact with holograms. To skip ahead to that article, see [Get started with HoloLens (1st gen)](hololens1-basic-usage.md).
+
+## Before you start
+
+Before you get started, make sure you have the following available:
+
+**A Wi-Fi connection**. You'll need to connect your HoloLens to a Wi-Fi network to set it up. The first time you connect, you'll need an open or password-protected network that doesn't require navigating to a website or using certificates to connect. [Learn more about the websites that HoloLens uses](hololens-offline.md).
+
+**A Microsoft account or a work account**. You'll also need to use a Microsoft account (or a work account, if your organization owns the device) to sign in to HoloLens. If you don't have a Microsoft account, go to [account.microsoft.com](http://account.microsoft.com) and set one up for free.
+
+**A safe, well-lit space with no tripping hazards**. [Health and safety info](http://go.microsoft.com/fwlink/p/?LinkId=746661).
+
+**The optional comfort accessories** that came with your HoloLens, to help you get the most comfortable fit. [More on fit and comfort](https://support.microsoft.com/help/12632/hololens-fit-your-hololens).
+
+> [!NOTE]
+>
+> - The first time that you use your HoloLens, [Cortana](hololens-cortana.md) is already on and ready to guide you (though she won't be able to respond to your questions until after you set up your device). You can turn Cortana off at any time in Cortana's settings.
+> - In order to switch to the Chinese or Japanese version of HoloLens, you’ll need to download the build for the language on a PC and then install it on your HoloLens. For more information, see [Install localized versions of HoloLens (1st gen)](hololens1-install-localized.md).
+
+## Start your Hololens and set up Windows
+
+The first time you start your HoloLens, your first task is to set up Windows Holographic on your device.
+
+1. Connect to the internet (HoloLens guides you to select Wi-Fi network).
+
+1. Sign in to your user account. Choose between **My work or school owns it** and **I own it**.
+ - When you choose **My work or school owns it**, you sign in by using an Azure AD account. If your organization uses Azure AD Premium and has configured automatic MDM enrollment, HoloLens automatically enrolls in MDM. If your organization does not use Azure AD Premium, automatic MDM enrollment isn't available, so you will need to [manually enroll HoloLens in device management](hololens-enroll-mdm.md#enroll-through-settings-app). To sign in to your device the first time by using a work or school account, follow these steps:
+ 1. Enter your organizational account information.
+ 1. Accept the privacy statement.
+ 1. Sign in by using your Azure AD credentials. This may redirect to your organization's sign-in page.
+ 1. Continue setting up the device.
+ - When you choose **I own it**, you sign in by using a Microsoft account. After setup is complete, you can [manually enroll HoloLens in device management](hololens-enroll-mdm.md#enroll-through-settings-app).
+ 1. Enter your Microsoft account information.
+ 1. Enter your password. If your Microsoft account requires [two-step verification (2FA)](https://blogs.technet.microsoft.com/microsoft_blog/2013/04/17/microsoft-account-gets-more-secure/), complete the verification process.
+
+1. The device sets your time zone based on information that it obtains from the Wi-Fi network.
+
+## Calibration
+
+After Cortana introduces herself, the next setup step is calibration. For the best HoloLens experience, you should complete the calibration process during setup.
+
+HoloLens (1st gen) uses the distance between your pupils (IPD or [interpupillary distance](https://en.wikipedia.org/wiki/Interpupillary_distance)) to make holograms clear and easy to interact with. If the IPD is not correct, holograms may appear to be unstable or at an incorrect distance.
+
+During calibration, HoloLens asks you to align your finger with a series of six targets per eye. HoloLens uses this process to set the correct IPD for your eyes. If the calibration needs to be updated or adjusted for a new user, the new user can run the Calibration app outside of setup.
+
+
+
+*IPD finger-alignment screen at second step*
+
+Congratulations! Setup is complete and you can begin using HoloLens.
+
+## Next steps
+
+> [!div class="nextstepaction"]
+> [Get started with HoloLens (1st gen)](hololens1-basic-usage.md)
diff --git a/devices/hololens/hololens1-upgrade-enterprise.md b/devices/hololens/hololens1-upgrade-enterprise.md
new file mode 100644
index 0000000000..5e535af10d
--- /dev/null
+++ b/devices/hololens/hololens1-upgrade-enterprise.md
@@ -0,0 +1,91 @@
+---
+title: Unlock Windows Holographic for Business features
+description: When you upgrade to Windows Holographic for Business, HoloLens provides extra features that are designed for business.
+ms.prod: hololens
+ms.sitesec: library
+author: dansimp
+ms.author: dansimp
+ms.topic: article
+ms.localizationpriority: medium
+ms.date: 9/16/2019
+ms.reviewer:
+manager: jarrettr
+appliesto:
+- HoloLens (1st gen)
+---
+
+# Unlock Windows Holographic for Business features
+
+Microsoft HoloLens is available in the *Development Edition*, which runs Windows Holographic (an edition of Windows 10 that is designed for HoloLens), and in the [Commercial Suite](hololens-commercial-features.md), which provides extra features designed for business.
+
+When you purchase the Commercial Suite, you receive a license that upgrades Windows Holographic to Windows Holographic for Business. You can apply this license to the device either by using the organization's [mobile device management (MDM) provider](#edition-upgrade-by-using-mdm) or a [provisioning package](#edition-upgrade-by-using-a-provisioning-package).
+
+> [!TIP]
+> In Windows 10, version 1803, you can check that the HoloLens has been upgraded to the business edition by selecting **Settings** > **System**.
+
+## Edition upgrade by using MDM
+
+The enterprise license can be applied by any MDM provider that supports the [WindowsLicensing configuration service provider (CSP)](https://msdn.microsoft.com/library/windows/hardware/dn904983.aspx). The latest version of the Microsoft MDM API will support WindowsLicensing CSP.
+
+For step-by-step instructions for upgrading HoloLens by using Microsoft Intune, see [Upgrade devices running Windows Holographic to Windows Holographic for Business](https://docs.microsoft.com/intune/holographic-upgrade).
+
+ On other MDM providers, the specific steps for setting up and deploying the policy might vary.
+
+## Edition upgrade by using a provisioning package
+
+Provisioning packages are files created by the Windows Configuration Designer tool that apply a specified configuration to a device.
+
+### Create a provisioning package that upgrades the Windows Holographic edition
+
+1. [Create a provisioning package for HoloLens.](hololens-provisioning.md)
+1. Go to **Runtime settings** > **EditionUpgrade**, and select **EditionUpgradeWithLicense**.
+
+ 
+
+1. Find the XML license file that was provided when you purchased the Commercial Suite.
+
+ > [!NOTE]
+ > You can configure [additional settings in the provisioning package](hololens-provisioning.md).
+
+1. On the **File** menu, select **Save**.
+
+1. Read the warning that project files may contain sensitive information and click **OK**.
+
+ > [!IMPORTANT]
+ > When you build a provisioning package, you may include sensitive information in the project files and provisioning package (.ppkg) file. Although you have the option to encrypt the .ppkg file, project files are not encrypted. You should store the project files in a secure location and delete the project files when no longer needed.
+
+1. On the **Export** menu, select **Provisioning package**.
+
+1. Change **Owner** to **IT Admin**, which sets the precedence of this provisioning package to be higher than others applied to this device from different sources, and then select **Next**.
+
+1. Set a value for **Package Version**.
+
+ > [!TIP]
+ > You can make changes to existing packages and change the version number to update previously applied packages.
+
+1. On **Select security details for the provisioning package**, select **Next**.
+
+1. Select **Next** to specify the output location where you want the provisioning package to go once it's built. By default, Windows ICD uses the project folder as the output location.
+
+ Optionally, you can select **Browse** to change the default output location.
+
+1. Select **Next**.
+
+1. Select **Build** to start building the package. The build page displays the project information, and the progress bar indicates the build status.
+
+1. When the build completes, select **Finish**.
+
+### Apply the provisioning package to HoloLens
+
+1. Using the USB cable, connect the device to a PC. Start the device, but do not continue past the **fit** page of the initial setup experience (the first page with the blue box). On the PC, HoloLens shows up as a device in File Explorer.
+
+ > [!NOTE]
+ > If the HoloLens device is running Windows 10, version 1607 or earlier, open File Explorer by briefly pressing and releasing the **Volume Down** and **Power** buttons simultaneously on the device.
+
+1. In File Explorer, drag and drop the provisioning package (.ppkg) onto the device storage.
+
+1. While HoloLens is still on the **fit** page, briefly press and release the **Volume Down** and **Power** buttons simultaneously again.
+
+1. HoloLens asks you if you trust the package and would like to apply it. Confirm that you trust the package.
+
+1. You will see whether the package was applied successfully or not. If it was not applied successfully, you can fix your package and try again. If successful, proceed with device setup.
diff --git a/devices/hololens/hololens2-basic-usage.md b/devices/hololens/hololens2-basic-usage.md
new file mode 100644
index 0000000000..e15003a8f4
--- /dev/null
+++ b/devices/hololens/hololens2-basic-usage.md
@@ -0,0 +1,181 @@
+---
+title: Getting around HoloLens 2
+description: A guide to using HoloLens 2 with your hands
+ms.assetid: 5f791a5c-bdb2-4c5d-bf46-4a198de68f21
+ms.date: 9/17/2019
+keywords: hololens
+ms.prod: hololens
+ms.sitesec: library
+author: scooley
+ms.author: scooley
+ms.topic: article
+ms.localizationpriority: high
+appliesto:
+- HoloLens 2
+---
+
+# Getting around HoloLens 2
+
+Ready to explore the world of holograms?
+
+This guide provides an intro to:
+
+- Interacting with mixed reality
+- Using your hands and voice for interacting with holograms on HoloLens 2
+- Navigating Windows 10 on HoloLens (Windows Holographic)
+
+## Discover mixed reality
+
+On HoloLens, holograms blend the digital world with your physical environment to look and sound like they're part of your world. Even when holograms are all around you, you can always see your surroundings, move freely, and interact with people and objects. We call this experience "mixed reality".
+
+The holographic frame positions your holograms where your eyes are most sensitive to detail and the see-through lenses leave your peripheral vision unobscured. With spatial sound, you can pinpoint a hologram by listening, even if it’s behind you. And, because HoloLens understands your physical environment, you can place holograms on and around real objects such as tables and walls.
+
+Getting around HoloLens is a lot like using your smart phone. You can use your hands to touch and manipulate holographic windows, menus, and buttons.
+
+Once you know these basic interactions, getting around on HoloLens will be a snap.
+
+> [!TIP]
+> If you have a HoloLens near you right now, the **Tips** app provides literal hands-on tutorials for hand interactions on HoloLens.
+> Use the start gesture to go to **Start** or say "Go to Start" and select **Tips**.
+
+## The hand-tracking frame
+
+HoloLens has sensors that can see a few feet to either side of you. When you use your hands, you'll need to keep them inside that frame, or HoloLens won't see them. However, the frame moves with you as you move around.
+
+
+
+## Touch holograms near you
+
+When a hologram is near you, bring your hand close to it and a white ring should appear on the tip of your index finger. This is the **touch cursor** which helps you touch and interact with holograms with precision. To **select** something, simply **tap** it with the touch cursor. **Scroll** content by **swiping** on the surface of the content with your finger, just like you're using a touch screen.
+
+To **grab** a hologram near you, pinch your **thumb** and **index finger** together on the hologram and hold. To let go, release your fingers. Use this **grab gesture** to move, resize, and rotate 3D objects and app windows in mixed reality home.
+
+To bring up a **context menu**, like the ones you'll find on an app tile in the Start menu, **tap and hold** like you do on a touch screen.
+
+## Use hand ray for holograms out of reach
+
+When there are no holograms near your hands, the **touch cursor** will hide automatically and **hand rays** will appear from the palm of your hands. Hand rays allow you to interact with holograms from a distance.
+
+> [!TIP]
+> If you find hand rays distracting, you can hide them by saying “Hide hand rays”. To make them reappear, say "Show hand rays."
+
+### Select using air tap
+
+To select something using **hand ray**, follow these steps:
+
+1. Use a hand ray from your palm to target the item. You don't need to raise your entire arm, you can keep your elbow low and comfortable.
+1. Point your index finger straight up toward the ceiling.
+1. To perform the **air tap** gesture, pinch your thumb and index finger together and then quickly release them.
+
+ 
+
+### Grab using air tap and hold
+
+To grab a hologram or scroll app window content using **hand ray**, start with an **air tap**, but keep your fingers together instead of releasing them.
+
+Use **air tap and hold** to perform the following actions with hand ray:
+
+- **Scroll**. To scroll app window content, air tap and hold on the content and then move your hand ray up and down or side to side.
+- **Grab**. To grab an app window or hologram, target the app title bar or hologram with your hand ray and then air tap and hold.
+- **Open context menus**. To open context menus, air tap and hold with your hand ray.
+
+## Start gesture
+
+The Start gesture opens the **Start menu**. To perform the Start gesture, hold out your hand with your palm facing you. You’ll see a **Start icon** appear over your inner wrist. Tap this icon using your other hand. The Start menu will open **where you’re looking**.
+
+> [!TIP]
+>
+> - You can use the Start gesture as long as your hands are inside the hand-tracking frame. You do not need to be looking down at the Start icon. Keep your elbow low and comfortable, and look in the direction where you want the Start menu to open.
+> - If the Start menu didn't open at the position you want, simply move your head around to reposition it.
+> - If you have trouble reading the smaller text on the Start menu, step closer to it after it opens.
+> - If your hand is slightly off to the side of the frame, you may still be able to view the Start menu by tapping your inner wrist, even if you don't see the icon.
+
+
+
+To **close** the Start menu, do the Start gesture when the Start menu is open. You can also look at the Start menu and say "Close".
+
+### One-handed Start gesture
+
+You can also perform the Start gesture with only one hand. To do this, hold out your hand with your palm facing you and look at the **Start icon** on your inner wrist. **While keeping your eye on the icon**, pinch your thumb and index finger together.
+
+> [!IMPORTANT]
+> For the one-handed Start gesture to work, your eyes must be calibrated on the device so that eye tracking functions correctly. If you do not see orbiting dots around the Start icon when you look at it, your eyes are not calibrated on the device.
+
+
+
+## Start menu, mixed reality home, and apps
+
+Ready to put all these hand interactions to the test?!
+
+You'll find your installed apps in the [Start menu](holographic-home.md) and you can find additional apps for HoloLens in the [Microsoft Store](holographic-store-apps.md).
+
+Just as Windows PC always starts its experience at the desktop, HoloLens always starts in **mixed reality home** when turned on. Using the Start menu, you can open and place app windows, as well as app launchers and 3D content in mixed reality home. Their placements in your physical space will be remembered by HoloLens.
+
+Open the **Start menu**, then select the **Settings** app tile. An app window will open in front of you.
+
+Settings is an example of a HoloLens app that uses a 2D **app window**. It's very similar to a Windows application on PC.
+
+Now you can open the **Start menu** again and select the **Tips** app tile. A 3D **app launcher** for the app will appear in front of you. To open the app, you need to select the **play** button on the launcher.
+
+Tips is an example of an **immersive app**. An immersive app takes you away from mixed reality home when it runs and becomes the only app you see. To exit, you need to bring up the Start menu and select the **mixed reality home** button at the bottom.
+
+[Go here to learn more](holographic-home.md) about Start menu and mixed reality home, including info on how to use and manage apps on HoloLens 2.
+
+## Move, resize, and rotate holograms
+
+In mixed reality home you can move, resize, and rotate app windows and 3D objects using your hands, hand ray and voice commands.
+
+### Moving holograms
+
+Move a hologram or app by following these steps:
+
+1. Grab the hologram by pinching your index finger and thumb on the hologram or face your hand down and then close your fist over it. Grab a 3D hologram anywhere inside its blue bounding box. For an app window, grab its title bar.
+1. Without letting go, move your hand to position the hologram. When moving an app window this way, the app window automatically turns to face you as it moves, making it easier to use at its new position.
+1. Release your fingers to place it.
+
+### Resizing holograms
+
+Grab and use the **resize handles** that appear on the corners of 3D holograms and app windows to resize them.
+
+For an app window, when resized this way the window content correspondingly increases in size and becomes easier to read.
+
+If you want to resize an app window so that **more content** appears in the window, use the resize handles located on the sides and bottom edges of the app window.
+
+There are two ways to resize a hologram that's further away from you. You can either grab two corners of the hologram, or use the resize controls.
+
+### Rotating holograms
+
+For 3D holograms, grab and use the rotate handles that appear on the vertical edges of the bounding box.
+
+For app windows, moving an app window will cause it to automatically rotate and face you.
+
+You can also grab a 3D hologram or app window with **both hands** (or hand ray) at once and then:
+
+- Move your hands closer together or further apart to resize the hologram.
+- Move your hands closer and further away from your body to rotate the hologram.
+
+### Follow me, stop following
+
+Holograms and app windows stay where you placed them in the world. That's not always convenient if you need to move around and you want an application to stay visible. To ask an app to start or stop following you, select **Follow me** in the top right corner of the app window (next to the **Close** button). An app window that is following you will also follow you into, an out of, an immersive app.
+
+## Use HoloLens with your voice
+
+You can use your voice to do most of the same things you do with hands on HoloLens, like taking a quick photo or opening an app.
+
+| To do this | Say this |
+| - | - |
+| Open the Start menu | "Go to Start" |
+| Select | Say "select" to bring up the gaze cursor. Then, turn your head to position the cursor on the thing you want to select, and say “select” again. |
+| See available speech commands | "What can I say?" |
+
+ [See more voice commands and ways to use speech with HoloLens](hololens-cortana.md)
+
+## Next steps
+
+Congratulations! You're ready to use HoloLens 2!
+
+Now you can configure your HoloLens 2 to meet your specific needs. Other things you may want to try include:
+
+- [Connecting bluetooth devices like a mouse and keyboard](hololens-connect-devices.md)
+- [Installing apps from the store](holographic-store-apps.md)
+- [Sharing your HoloLens with other people](hololens-multiple-users.md)
diff --git a/devices/hololens/hololens2-hardware.md b/devices/hololens/hololens2-hardware.md
new file mode 100644
index 0000000000..dd81a50803
--- /dev/null
+++ b/devices/hololens/hololens2-hardware.md
@@ -0,0 +1,144 @@
+---
+title: HoloLens 2 hardware
+description: An outline of the components that make up Microsoft HoloLens 2, the latest evolution of Microsoft's fully untethered holographic computer running Windows 10.
+ms.assetid: 651d0430-bfbc-4685-a4fd-db7c33ce9325
+ms.date: 9/17/2019
+keywords: hololens
+ms.prod: hololens
+ms.sitesec: library
+author: scooley
+ms.author: scooley
+ms.topic: article
+ms.localizationpriority: high
+appliesto:
+- HoloLens 2
+---
+
+# HoloLens 2 hardware
+
+
+
+Microsoft HoloLens 2 is an untethered holographic computer. It refines the holographic computing journey started by HoloLens (1st gen) to provide a more comfortable and immersive experience paired with more options for collaborating in mixed reality.
+
+## HoloLens components
+
+- **Visor**. Contains the HoloLens sensors and displays. You can rotate the visor up while wearing the HoloLens.
+- **Headband**. To put the HoloLens on, use the adjustment wheel to expand the headband. With the HoloLens in place, tighten the adjustment wheel by turning to the right, until the headband is comfortable.
+- **Brightness buttons**. When wearing the HoloLens, the brightness buttons are on the left side of the device.
+- **Volume buttons**. When wearing the HoloLens, the volume buttons are on the right side of the device.
+
+## In the box
+
+- **Brow pad**. You can remove and replace the brow pad, as needed.
+- **Overhead strap**. When you're wearing the HoloLens while moving around, use the overhead strap to help keep the device in place. When wearing the HoloLens for extended periods, the overhead strap may make the device more comfortable to wear.
+- **USB-C cable**. Use the USB-C cable to connect your HoloLens to the power supply for charging, or to connect your HoloLens to your computer.
+- **Power supply**. Plugs into a power outlet.
+- **Microfiber cloth**. Use to clean your HoloLens visor.
+
+## Device specifications
+
+### Display
+
+| | |
+| - | - |
+| Optics | See-through holographic lenses (waveguides) |
+| Holographic resolution | 2k 3:2 light engines |
+| Holographic density | >2.5k radiants (light points per radian) |
+| Eye-based rendering | Display optimization for 3D eye position |
+
+### Sensors
+
+| | |
+| - | - |
+| Head tracking | 4 visible light cameras |
+| Eye tracking | 2 Infrared (IR) cameras |
+| Depth | 1-MP Time-of-Flight depth sensor |
+| Inertial measurement unit (IMU) | Accelerometer, gyroscope, magnetometer |
+| Camera | 8-MP stills, 1080p30 video |
+
+### Audio and speech
+
+| | |
+| - | - |
+| Microphone array | 5 channels |
+| Speakers | Built-in spatial sound |
+
+### Compute and connectivity
+
+| | |
+| - | - |
+| System on chip | Qualcomm Snapdragon 850 Compute Platform [details](https://www.qualcomm.com/products/snapdragon-850-mobile-compute-platform) |
+| Holographic processing unit | Second-generation custom-built holographic processing unit |
+| Memory | 4-GB LPDDR4x system DRAM |
+| Storage | 64-GB UFS 2.1 |
+| WiFi | 802.11ac 2x2 |
+| Bluetooth | 5.0 |
+| USB | USB Type-C |
+
+### Fit
+
+| | |
+| - | - |
+| Sizing | Single size with adjustable band. Fits over eyeglasses |
+| Weight | 566 grams |
+
+## Device capabilities
+
+### Human understanding
+
+| | |
+| - | - |
+| Hand tracking | Two-handed fully articulated model, direct manipulation |
+| Eye tracking | Real-time tracking |
+| Voice | Command and control on-device; Cortana natural language with internet connectivity |
+
+### Environment understanding
+
+| | |
+| - | - |
+| Six Degrees of Freedom (6DoF) tracking | World-scale positional tracking |
+| Spatial mapping | Real-time environment mesh |
+| Mixed reality capture | Mixed hologram and physical environment photos and videos |
+
+## Pre-installed software
+
+- Windows Holographic Operating System
+- Microsoft Edge
+- Dynamics 365 Remote Assist
+- Dynamics 365 Layout
+- Dynamics 365 Guides
+- 3D Viewer
+- OneDrive for Business
+- HoloLens Tips
+- Cortana
+
+## Device certifications
+
+### Safety
+
+HoloLens 2 has been tested and conforms to the basic impact protection requirements of ANSI Z87.1, CSA Z94.3 and EN 166.
+
+## Care and cleaning
+
+Handle your HoloLens carefully. Use the headband to lift and carry the HoloLens 2.
+
+As you would for eyeglasses or protective eye-wear, try to keep the HoloLens visor free of dust and fingerprints. When possible, avoid touching the visor. Repeated cleaning could damage the visor, so keep your device clean!
+
+Don't use any cleaners or solvents on your HoloLens, and don't submerge it in water or apply water directly to it.
+
+To clean the visor, remove any dust by using a camel or goat hair lens brush or a bulb-style lens blower. Lightly moisten the microfiber cloth with a small amount of distilled water, then use it to wipe the visor gently in a circular motion.
+
+Clean the rest of the device, including the headband and device arms, with a lint-free microfiber cloth moistened with mild soap and water. Let your HoloLens dry completely before reuse.
+
+
+
+### Replace the brow pad
+
+The brow pad is magnetically attached to the device. To detach it, pull gently away. To replace it, snap it back into place.
+
+
+
+## Next step
+
+> [!div class="nextstepaction"]
+> [Set up and start your HoloLens 2](hololens2-setup.md)
diff --git a/devices/hololens/hololens2-setup.md b/devices/hololens/hololens2-setup.md
new file mode 100644
index 0000000000..d8ff62b687
--- /dev/null
+++ b/devices/hololens/hololens2-setup.md
@@ -0,0 +1,101 @@
+---
+title: Prepare a new HoloLens 2
+description: This guide walks through first time set up and hardware guide.
+ms.assetid: 02692dcf-aa22-4d1e-bd00-f89f51048e32
+ms.date: 9/17/2019
+keywords: hololens
+ms.prod: hololens
+ms.sitesec: library
+author: scooley
+ms.author: scooley
+ms.topic: article
+ms.localizationpriority: high
+appliesto:
+- HoloLens 2
+---
+
+# Get your HoloLens 2 ready to use
+
+The procedures below will help you set up a HoloLens 2 for the first time.
+
+## Charge your HoloLens
+
+Connect the power supply to the charging port by using the USB-C cable (included). Plug the power supply into a power outlet.
+
+ - When the device is charging, the battery indicator lights up in a wave pattern.
+ - When your HoloLens is on, the battery indicator displays the battery level in increments.
+ - When only one of the five lights is on, the battery level is below 20 percent.
+ - If the battery level is critically low and you try to turn on the device, one light will blink briefly, then go out.
+
+> [!TIP]
+> To get an estimate of your current battery level, say "Hey Cortana, how much battery do I have left?"
+
+## Adjust fit
+
+Place the HoloLens 2 on your head. If you wear eyeglasses, leave them on. The brow pad should sit comfortably on your forehead and the back band should sit in the middle-back of your head.
+
+If necessary, extend the headband by turning the adjustment wheel, and then loosen the overhead strap.
+
+
+
+### Attach and detach the overhead strap
+
+The overhead strap isn't required, but it can make wearing HoloLens 2 more comfortable during long periods of use.
+
+To detach the front of the overhead strap, unhook the strap and slide it through the retractable loop on the brow pad. To reattach it, pull out the loop and slide the strap back through.
+
+To detach the back of the overhead strap, press the button below each connection tab and pull gently. To reattach it, push the connection tabs back into the slots until they click.
+
+
+
+## Turn on the HoloLens 2
+
+To turn on your HoloLens 2, press the Power button. The LED lights below the Power button display the battery level.
+
+### Power button actions for different power transitions
+
+|To do this |Perform this action and watch for these indicator lights |
+| - | - |
+|To turn on |**Single click**  |
+|To sleep |**Single click**  |
+|To wake from sleep |**Single click**  |
+|To turn off |**Press and for hold 5s**  |
+|To force the Hololens to restart if it is unresponsive |**Press and hold for 10s**  |
+
+## HoloLens indicator lights
+
+Not sure what the indicator lights on your HoloLens mean? Here's some help!
+
+### Lights that indicate the state of the device
+
+|When you do this | And then the lights do this | It means |
+| - | - | - |
+|You press the Power button. |All five lights turn on, then change to indicate the battery level. After four seconds, a sound plays. | HoloLens is starting up. |
+|You press the Power button. |All five lights turn on, then change to indicate the battery level. A sound immediately plays. | HoloLens is on, awake, and ready to use. |
+|You press and hold the Power button for five seconds or longer. |All five lights turn on, then fade off one at a time. After the lights turn off, a sound plays and the screen displays "Goodbye." |HoloLens is shutting down. |
+|You press and hold the Power button for less than five seconds. |All five lights turn on, then fade off one at a time. After the lights turn off, a sound plays and the screen displays "Goodbye." |HoloLens is entering sleep. |
+|You press the Power button. |One light flashes five times, then turns off. |The HoloLens battery is critically low. Charge your HoloLens. |
+|You press the Power button. |All five lights flash five times, then turn off. |HoloLens cannot start correctly and is in an error state. |
+
+### Lights that indicate the battery level
+
+| Number of lights | Battery level |
+| - | - |
+|Four solid lights, one light fading in and out |Between 100% and 81% (fully charged) |
+|Three solid lights, one light fading in and out |Between 80% and 61% |
+|Two solid lights, one light fading in and out |Between 60% and 41% |
+|One solid light, one light fading in and out |Between 40% and 21% |
+|One light fading in and out |Between 20% and 5% or lower (critical battery) |
+
+## Safety and comfort
+
+### Use HoloLens in safe surroundings
+
+Use your HoloLens in a safe space, free of obstructions and tripping hazards. Don’t use it when you need a clear field of view or can't commit your full attention, such as while you’re operating a vehicle or doing other potentially hazardous activities.
+
+### Stay comfortable
+
+Keep your first few sessions with HoloLens brief and be sure to take breaks. If you experience discomfort, stop and rest until you feel better. This might include temporary feelings of nausea, motion sickness, dizziness, disorientation, headache, fatigue, eye strain, or dry eyes.
+
+> [!div class="nextstepaction"]
+> [Start and configure your HoloLens 2](hololens2-start.md)
diff --git a/devices/hololens/hololens2-start.md b/devices/hololens/hololens2-start.md
new file mode 100644
index 0000000000..783a6af601
--- /dev/null
+++ b/devices/hololens/hololens2-start.md
@@ -0,0 +1,89 @@
+---
+title: Set up your HoloLens 2
+description: This guide walks through first time set up. You'll need a Wi-Fi network and either a Microsoft (MSA) or Azure Active Directory (AAD) account.
+ms.assetid: 507305f4-e85a-47c5-a055-a3400ae8a10e
+ms.date: 9/17/2019
+keywords: hololens
+ms.prod: hololens
+ms.sitesec: library
+author: scooley
+ms.author: scooley
+ms.topic: article
+ms.localizationpriority: high
+appliesto:
+- HoloLens 2
+---
+
+# Set up your HoloLens 2
+
+The first time you turn on your HoloLens, you'll be guided through setting up your device, signing in with a user account, and calibrating the HoloLens to your eyes. This section walks through the HoloLens 2 initial setup experience.
+
+In the next section, you'll learn how to work with HoloLens and interact with holograms. To skip ahead to that article, see [Get started with HoloLens 2](hololens2-basic-usage.md).
+
+## Before you start
+
+Before you get started, make sure you have the following available:
+
+**A network connection**. You'll need to connect your HoloLens to a network to set it up. With HoloLens 2, you can connect with Wi-Fi or by using ethernet (you'll need a USB-C-to-Ethernet adapter). The first time you connect, you'll need an open or password-protected network that doesn't require navigating to a website or using certificates to connect. [Learn more about the websites that HoloLens uses](hololens-offline.md).
+
+**A Microsoft account**. You'll also need to sign in to HoloLens with a Microsoft account (or with your work account, if your organization owns the device). If you don't have a Microsoft account, go to [account.microsoft.com](http://account.microsoft.com) and set one up for free.
+
+**A safe, well-lit space with no tripping hazards**. [Health and safety info](http://go.microsoft.com/fwlink/p/?LinkId=746661).
+
+**The optional comfort accessories** that came with your HoloLens, to help you get the most comfortable fit. [More on fit and comfort](hololens2-setup.md#adjust-fit).
+
+## Set up Windows
+
+The first time you start your HoloLens 2, your first task is to set up Windows Holographic. When you start your HoloLens, you will hear music and see a Windows logo.
+
+
+
+HoloLens 2 will walk you through the following steps:
+
+1. Select your language.
+ 
+
+1. Select your region.
+ 
+
+1. Calibrate HoloLens to your eyes. If you choose to skip calibration, you'll be prompted the next time you log in.
+
+ To calibrate, you'll look at a set of targets (referred to as gems). It's fine if you blink or close your eyes during calibration, but try not to stare at other objects in the room or physical space. HoloLens uses this process to learn about your eye position so that it can better render your holographic world. After calibration, holograms will appear correctly even as the visor shifts on your head.
+
+ Calibration information is stored locally on the device and is not associated with any account information. For more information, see [Calibration data and security](hololens-calibration.md#calibration-data-and-security).
+
+ 
+
+1. Connect to the internet (select Wi-Fi or your ethernet connection).
+ HoloLens sets your time zone automatically based on information obtained from the Wi-Fi network. After setup finishes, you can change the time zone by using the Settings app.
+
+ 
+
+1. Sign in to your user account. You'll choose between **My work or school owns it** and **I own it**.
+ - When you choose **My work or school owns it**, you sign in with an Azure AD account. If your organization uses Azure AD Premium and has configured automatic MDM enrollment, HoloLens automatically enrolls in MDM. If your organization does not use Azure AD Premium, automatic MDM enrollment isn't available. In that case, you need to [manually enroll HoloLens in device management](hololens-enroll-mdm.md#enroll-through-settings-app).
+ 1. Enter your organizational account information.
+ 1. Accept the privacy statement and the end user license agreement.
+ 1. Sign in by using your Azure AD credentials. This may redirect to your organization's sign-in page.
+ 1. Continue setting up the device.
+ - When you choose **I own it**, you sign in with a Microsoft account. After setup is complete, you can [manually enroll HoloLens in device management](hololens-enroll-mdm.md#enroll-through-settings-app).
+ 1. Enter your Microsoft account information.
+ 2. Enter your password. If your Microsoft account requires [two-step verification (2FA)](https://blogs.technet.microsoft.com/microsoft_blog/2013/04/17/microsoft-account-gets-more-secure/), complete the verification process.
+
+ 
+
+1. Select whether to enable speech on HoloLens 2, and whether to send diagnostic telemetry.
+ 
+
+1. Select your telemetry level. If you can, please enable Full telemetry. This information really helps the HoloLens engineering team.
+ 
+
+1. Learn how to use the start gesture on HoloLens 2.
+ 
+ 
+
+Congratulations! Setup is complete and you're ready to use HoloLens!
+
+## Next steps
+
+> [!div class="nextstepaction"]
+> [Get started with HoloLens 2](hololens2-basic-usage.md)
diff --git a/devices/hololens/images/01-magic-moment.png b/devices/hololens/images/01-magic-moment.png
new file mode 100644
index 0000000000..0d55443b55
Binary files /dev/null and b/devices/hololens/images/01-magic-moment.png differ
diff --git a/devices/hololens/images/02-00-magic-moment.png b/devices/hololens/images/02-00-magic-moment.png
new file mode 100644
index 0000000000..ae76fb70ea
Binary files /dev/null and b/devices/hololens/images/02-00-magic-moment.png differ
diff --git a/devices/hololens/images/02-01-magic-moment-bird-intro.png b/devices/hololens/images/02-01-magic-moment-bird-intro.png
new file mode 100644
index 0000000000..ae76fb70ea
Binary files /dev/null and b/devices/hololens/images/02-01-magic-moment-bird-intro.png differ
diff --git a/devices/hololens/images/02-02-bird-palm.png b/devices/hololens/images/02-02-bird-palm.png
new file mode 100644
index 0000000000..fda1f3dcdd
Binary files /dev/null and b/devices/hololens/images/02-02-bird-palm.png differ
diff --git a/devices/hololens/images/02-03-bird-button.png b/devices/hololens/images/02-03-bird-button.png
new file mode 100644
index 0000000000..749a1ab6fc
Binary files /dev/null and b/devices/hololens/images/02-03-bird-button.png differ
diff --git a/devices/hololens/images/04-language.png b/devices/hololens/images/04-language.png
new file mode 100644
index 0000000000..1106322c29
Binary files /dev/null and b/devices/hololens/images/04-language.png differ
diff --git a/devices/hololens/images/05-region.png b/devices/hololens/images/05-region.png
new file mode 100644
index 0000000000..f350298813
Binary files /dev/null and b/devices/hololens/images/05-region.png differ
diff --git a/devices/hololens/images/06-et-corners.png b/devices/hololens/images/06-et-corners.png
new file mode 100644
index 0000000000..af48472f60
Binary files /dev/null and b/devices/hololens/images/06-et-corners.png differ
diff --git a/devices/hololens/images/07-et-adjust-for-your-eyes.png b/devices/hololens/images/07-et-adjust-for-your-eyes.png
new file mode 100644
index 0000000000..e127ba9a9d
Binary files /dev/null and b/devices/hololens/images/07-et-adjust-for-your-eyes.png differ
diff --git a/devices/hololens/images/07-et-hold-head-still.png b/devices/hololens/images/07-et-hold-head-still.png
new file mode 100644
index 0000000000..a4952767bf
Binary files /dev/null and b/devices/hololens/images/07-et-hold-head-still.png differ
diff --git a/devices/hololens/images/08-et-gems.png b/devices/hololens/images/08-et-gems.png
new file mode 100644
index 0000000000..8eaba193f0
Binary files /dev/null and b/devices/hololens/images/08-et-gems.png differ
diff --git a/devices/hololens/images/09-et-adjusting.png b/devices/hololens/images/09-et-adjusting.png
new file mode 100644
index 0000000000..038dcab588
Binary files /dev/null and b/devices/hololens/images/09-et-adjusting.png differ
diff --git a/devices/hololens/images/10-et-failure1.png b/devices/hololens/images/10-et-failure1.png
new file mode 100644
index 0000000000..249abff7f6
Binary files /dev/null and b/devices/hololens/images/10-et-failure1.png differ
diff --git a/devices/hololens/images/10-et-failure2.png b/devices/hololens/images/10-et-failure2.png
new file mode 100644
index 0000000000..f4b2f34334
Binary files /dev/null and b/devices/hololens/images/10-et-failure2.png differ
diff --git a/devices/hololens/images/10-et-success.png b/devices/hololens/images/10-et-success.png
new file mode 100644
index 0000000000..c74c89056e
Binary files /dev/null and b/devices/hololens/images/10-et-success.png differ
diff --git a/devices/hololens/images/11-network.png b/devices/hololens/images/11-network.png
new file mode 100644
index 0000000000..1fc3884721
Binary files /dev/null and b/devices/hololens/images/11-network.png differ
diff --git a/devices/hololens/images/12-agreement.png b/devices/hololens/images/12-agreement.png
new file mode 100644
index 0000000000..96695c1888
Binary files /dev/null and b/devices/hololens/images/12-agreement.png differ
diff --git a/devices/hololens/images/13-device-owner.png b/devices/hololens/images/13-device-owner.png
new file mode 100644
index 0000000000..fe66cd5386
Binary files /dev/null and b/devices/hololens/images/13-device-owner.png differ
diff --git a/devices/hololens/images/14-sign-in-msa.png b/devices/hololens/images/14-sign-in-msa.png
new file mode 100644
index 0000000000..c0e3aa4d9e
Binary files /dev/null and b/devices/hololens/images/14-sign-in-msa.png differ
diff --git a/devices/hololens/images/15-iris-enrollment.png b/devices/hololens/images/15-iris-enrollment.png
new file mode 100644
index 0000000000..6bda392726
Binary files /dev/null and b/devices/hololens/images/15-iris-enrollment.png differ
diff --git a/devices/hololens/images/16-iris-hold-head-still.png b/devices/hololens/images/16-iris-hold-head-still.png
new file mode 100644
index 0000000000..09205015c0
Binary files /dev/null and b/devices/hololens/images/16-iris-hold-head-still.png differ
diff --git a/devices/hololens/images/17-iris-dots.png b/devices/hololens/images/17-iris-dots.png
new file mode 100644
index 0000000000..2ac6119b89
Binary files /dev/null and b/devices/hololens/images/17-iris-dots.png differ
diff --git a/devices/hololens/images/18-iris-enrollment-done.png b/devices/hololens/images/18-iris-enrollment-done.png
new file mode 100644
index 0000000000..6405ab8581
Binary files /dev/null and b/devices/hololens/images/18-iris-enrollment-done.png differ
diff --git a/devices/hololens/images/19-pin-create.png b/devices/hololens/images/19-pin-create.png
new file mode 100644
index 0000000000..fd0c1ee5e8
Binary files /dev/null and b/devices/hololens/images/19-pin-create.png differ
diff --git a/devices/hololens/images/20-pin-setup.png b/devices/hololens/images/20-pin-setup.png
new file mode 100644
index 0000000000..752fc54e5c
Binary files /dev/null and b/devices/hololens/images/20-pin-setup.png differ
diff --git a/devices/hololens/images/201608-enterprisemanagement-400px.png b/devices/hololens/images/201608-enterprisemanagement-400px.png
new file mode 100644
index 0000000000..11c204f0f6
Binary files /dev/null and b/devices/hololens/images/201608-enterprisemanagement-400px.png differ
diff --git a/devices/hololens/images/201608-kioskmode-400px.png b/devices/hololens/images/201608-kioskmode-400px.png
new file mode 100644
index 0000000000..8d21453b8f
Binary files /dev/null and b/devices/hololens/images/201608-kioskmode-400px.png differ
diff --git a/devices/hololens/images/22-do-more-with-voice.png b/devices/hololens/images/22-do-more-with-voice.png
new file mode 100644
index 0000000000..2bf874c80d
Binary files /dev/null and b/devices/hololens/images/22-do-more-with-voice.png differ
diff --git a/devices/hololens/images/23-do-more-with-voice-learn.png b/devices/hololens/images/23-do-more-with-voice-learn.png
new file mode 100644
index 0000000000..b805befc49
Binary files /dev/null and b/devices/hololens/images/23-do-more-with-voice-learn.png differ
diff --git a/devices/hololens/images/24-telemetry.png b/devices/hololens/images/24-telemetry.png
new file mode 100644
index 0000000000..004d1d5dff
Binary files /dev/null and b/devices/hololens/images/24-telemetry.png differ
diff --git a/devices/hololens/images/25-telemetry-info.png b/devices/hololens/images/25-telemetry-info.png
new file mode 100644
index 0000000000..4c4075a68f
Binary files /dev/null and b/devices/hololens/images/25-telemetry-info.png differ
diff --git a/devices/hololens/images/26-01-startmenu-learning.png b/devices/hololens/images/26-01-startmenu-learning.png
new file mode 100644
index 0000000000..e24da1b854
Binary files /dev/null and b/devices/hololens/images/26-01-startmenu-learning.png differ
diff --git a/devices/hololens/images/26-02-startmenu-learning.png b/devices/hololens/images/26-02-startmenu-learning.png
new file mode 100644
index 0000000000..1a81a79178
Binary files /dev/null and b/devices/hololens/images/26-02-startmenu-learning.png differ
diff --git a/devices/hololens/images/26-03-startmenu-learning.png b/devices/hololens/images/26-03-startmenu-learning.png
new file mode 100644
index 0000000000..55d59d18f5
Binary files /dev/null and b/devices/hololens/images/26-03-startmenu-learning.png differ
diff --git a/devices/hololens/images/26-04-startmenu-learning.png b/devices/hololens/images/26-04-startmenu-learning.png
new file mode 100644
index 0000000000..b7d62f5650
Binary files /dev/null and b/devices/hololens/images/26-04-startmenu-learning.png differ
diff --git a/devices/hololens/images/B-Calibration-4-Gem.png b/devices/hololens/images/B-Calibration-4-Gem.png
new file mode 100644
index 0000000000..fbfd95cb32
Binary files /dev/null and b/devices/hololens/images/B-Calibration-4-Gem.png differ
diff --git a/devices/hololens/images/C-Settings.Calibration.png b/devices/hololens/images/C-Settings.Calibration.png
new file mode 100644
index 0000000000..d27f3d754c
Binary files /dev/null and b/devices/hololens/images/C-Settings.Calibration.png differ
diff --git a/devices/hololens/images/D-CheckThisOut-Prompt.png b/devices/hololens/images/D-CheckThisOut-Prompt.png
new file mode 100644
index 0000000000..a81a75a153
Binary files /dev/null and b/devices/hololens/images/D-CheckThisOut-Prompt.png differ
diff --git a/devices/hololens/images/FitGuideSetep5.png b/devices/hololens/images/FitGuideSetep5.png
new file mode 100644
index 0000000000..9529fe69b0
Binary files /dev/null and b/devices/hololens/images/FitGuideSetep5.png differ
diff --git a/devices/hololens/images/FitGuideStep1.png b/devices/hololens/images/FitGuideStep1.png
new file mode 100644
index 0000000000..846ef9fc0b
Binary files /dev/null and b/devices/hololens/images/FitGuideStep1.png differ
diff --git a/devices/hololens/images/FitGuideStep2.png b/devices/hololens/images/FitGuideStep2.png
new file mode 100644
index 0000000000..6ac59ff43b
Binary files /dev/null and b/devices/hololens/images/FitGuideStep2.png differ
diff --git a/devices/hololens/images/FitGuideStep3.png b/devices/hololens/images/FitGuideStep3.png
new file mode 100644
index 0000000000..e255da8f15
Binary files /dev/null and b/devices/hololens/images/FitGuideStep3.png differ
diff --git a/devices/hololens/images/FitGuideStep4.png b/devices/hololens/images/FitGuideStep4.png
new file mode 100644
index 0000000000..77e99f3d55
Binary files /dev/null and b/devices/hololens/images/FitGuideStep4.png differ
diff --git a/devices/hololens/images/HoloLens2_AppBarFollowing.gif b/devices/hololens/images/HoloLens2_AppBarFollowing.gif
new file mode 100644
index 0000000000..84d7f2589e
Binary files /dev/null and b/devices/hololens/images/HoloLens2_AppBarFollowing.gif differ
diff --git a/devices/hololens/images/HoloLens2_BoundingBox.gif b/devices/hololens/images/HoloLens2_BoundingBox.gif
new file mode 100644
index 0000000000..451bcae997
Binary files /dev/null and b/devices/hololens/images/HoloLens2_BoundingBox.gif differ
diff --git a/devices/hololens/images/HoloLens2_BoundingBox_Rotate.gif b/devices/hololens/images/HoloLens2_BoundingBox_Rotate.gif
new file mode 100644
index 0000000000..43a764a954
Binary files /dev/null and b/devices/hololens/images/HoloLens2_BoundingBox_Rotate.gif differ
diff --git a/devices/hololens/images/HoloLens2_Loader.gif b/devices/hololens/images/HoloLens2_Loader.gif
new file mode 100644
index 0000000000..81d8232494
Binary files /dev/null and b/devices/hololens/images/HoloLens2_Loader.gif differ
diff --git a/devices/hololens/images/HoloLens2_Proximity.gif b/devices/hololens/images/HoloLens2_Proximity.gif
new file mode 100644
index 0000000000..f39f326ea7
Binary files /dev/null and b/devices/hololens/images/HoloLens2_Proximity.gif differ
diff --git a/devices/hololens/images/addnewfeedback-500px.jpg b/devices/hololens/images/addnewfeedback-500px.jpg
new file mode 100644
index 0000000000..8948dd2dae
Binary files /dev/null and b/devices/hololens/images/addnewfeedback-500px.jpg differ
diff --git a/devices/hololens/images/calibration-livecube-200px.png b/devices/hololens/images/calibration-livecube-200px.png
new file mode 100644
index 0000000000..44b0142e40
Binary files /dev/null and b/devices/hololens/images/calibration-livecube-200px.png differ
diff --git a/devices/hololens/images/calibration-settings-500px.jpg b/devices/hololens/images/calibration-settings-500px.jpg
new file mode 100644
index 0000000000..0419f0307f
Binary files /dev/null and b/devices/hololens/images/calibration-settings-500px.jpg differ
diff --git a/devices/hololens/images/calibration-shell.png b/devices/hololens/images/calibration-shell.png
new file mode 100644
index 0000000000..f833452cc5
Binary files /dev/null and b/devices/hololens/images/calibration-shell.png differ
diff --git a/devices/hololens/images/deviceportal-appmanager.jpg b/devices/hololens/images/deviceportal-appmanager.jpg
new file mode 100644
index 0000000000..68576fcfc7
Binary files /dev/null and b/devices/hololens/images/deviceportal-appmanager.jpg differ
diff --git a/devices/hololens/images/displays-400px.jpg b/devices/hololens/images/displays-400px.jpg
new file mode 100644
index 0000000000..0ed5558bdc
Binary files /dev/null and b/devices/hololens/images/displays-400px.jpg differ
diff --git a/devices/hololens/images/feedback1-600px.png b/devices/hololens/images/feedback1-600px.png
new file mode 100644
index 0000000000..ba7cec37da
Binary files /dev/null and b/devices/hololens/images/feedback1-600px.png differ
diff --git a/devices/hololens/images/feedback2-600px.png b/devices/hololens/images/feedback2-600px.png
new file mode 100644
index 0000000000..89d44622a6
Binary files /dev/null and b/devices/hololens/images/feedback2-600px.png differ
diff --git a/devices/hololens/images/feedback3-600px.png b/devices/hololens/images/feedback3-600px.png
new file mode 100644
index 0000000000..0431687b55
Binary files /dev/null and b/devices/hololens/images/feedback3-600px.png differ
diff --git a/devices/hololens/images/feedback4-600px.png b/devices/hololens/images/feedback4-600px.png
new file mode 100644
index 0000000000..35594f2ca8
Binary files /dev/null and b/devices/hololens/images/feedback4-600px.png differ
diff --git a/devices/hololens/images/feedback5-600px.png b/devices/hololens/images/feedback5-600px.png
new file mode 100644
index 0000000000..967987d6ae
Binary files /dev/null and b/devices/hololens/images/feedback5-600px.png differ
diff --git a/devices/hololens/images/feedback6-600px.png b/devices/hololens/images/feedback6-600px.png
new file mode 100644
index 0000000000..431a4da9da
Binary files /dev/null and b/devices/hololens/images/feedback6-600px.png differ
diff --git a/devices/hololens/images/hololens-2-air-tap.gif b/devices/hololens/images/hololens-2-air-tap.gif
new file mode 100644
index 0000000000..9139718cdb
Binary files /dev/null and b/devices/hololens/images/hololens-2-air-tap.gif differ
diff --git a/devices/hololens/images/hololens-2-button-sleep.png b/devices/hololens/images/hololens-2-button-sleep.png
new file mode 100644
index 0000000000..29f75da34f
Binary files /dev/null and b/devices/hololens/images/hololens-2-button-sleep.png differ
diff --git a/devices/hololens/images/hololens-2-button-turn-off.png b/devices/hololens/images/hololens-2-button-turn-off.png
new file mode 100644
index 0000000000..8e3f4a2c72
Binary files /dev/null and b/devices/hololens/images/hololens-2-button-turn-off.png differ
diff --git a/devices/hololens/images/hololens-2-button-turn-on.png b/devices/hololens/images/hololens-2-button-turn-on.png
new file mode 100644
index 0000000000..25ce3fcc58
Binary files /dev/null and b/devices/hololens/images/hololens-2-button-turn-on.png differ
diff --git a/devices/hololens/images/hololens-2-button-wake.png b/devices/hololens/images/hololens-2-button-wake.png
new file mode 100644
index 0000000000..135b1e3a04
Binary files /dev/null and b/devices/hololens/images/hololens-2-button-wake.png differ
diff --git a/devices/hololens/images/hololens-2-gesture-frame.png b/devices/hololens/images/hololens-2-gesture-frame.png
new file mode 100644
index 0000000000..cc1a9f667d
Binary files /dev/null and b/devices/hololens/images/hololens-2-gesture-frame.png differ
diff --git a/devices/hololens/images/hololens-2-screenshot-with-callouts.png b/devices/hololens/images/hololens-2-screenshot-with-callouts.png
new file mode 100644
index 0000000000..769310e749
Binary files /dev/null and b/devices/hololens/images/hololens-2-screenshot-with-callouts.png differ
diff --git a/devices/hololens/images/hololens-2-start-alternative.jpg b/devices/hololens/images/hololens-2-start-alternative.jpg
new file mode 100644
index 0000000000..e5cc5e275e
Binary files /dev/null and b/devices/hololens/images/hololens-2-start-alternative.jpg differ
diff --git a/devices/hololens/images/hololens-2-start-gesture.png b/devices/hololens/images/hololens-2-start-gesture.png
new file mode 100644
index 0000000000..109c6235bb
Binary files /dev/null and b/devices/hololens/images/hololens-2-start-gesture.png differ
diff --git a/devices/hololens/images/hololens-air-tap.gif b/devices/hololens/images/hololens-air-tap.gif
new file mode 100644
index 0000000000..9139718cdb
Binary files /dev/null and b/devices/hololens/images/hololens-air-tap.gif differ
diff --git a/devices/hololens/images/hololens-bloom.gif b/devices/hololens/images/hololens-bloom.gif
new file mode 100644
index 0000000000..db7d8378e5
Binary files /dev/null and b/devices/hololens/images/hololens-bloom.gif differ
diff --git a/devices/hololens/images/hololens-box-contents.png b/devices/hololens/images/hololens-box-contents.png
new file mode 100644
index 0000000000..51b4b5e163
Binary files /dev/null and b/devices/hololens/images/hololens-box-contents.png differ
diff --git a/devices/hololens/images/hololens-buttons.jpg b/devices/hololens/images/hololens-buttons.jpg
new file mode 100644
index 0000000000..868487b0bf
Binary files /dev/null and b/devices/hololens/images/hololens-buttons.jpg differ
diff --git a/devices/hololens/images/hololens-charging.png b/devices/hololens/images/hololens-charging.png
new file mode 100644
index 0000000000..a5dd4d7dcd
Binary files /dev/null and b/devices/hololens/images/hololens-charging.png differ
diff --git a/devices/hololens/images/hololens-cleaning-visor.png b/devices/hololens/images/hololens-cleaning-visor.png
new file mode 100644
index 0000000000..68f990d43b
Binary files /dev/null and b/devices/hololens/images/hololens-cleaning-visor.png differ
diff --git a/devices/hololens/images/hololens-clicker-500px.jpg b/devices/hololens/images/hololens-clicker-500px.jpg
new file mode 100644
index 0000000000..4dd7d954f4
Binary files /dev/null and b/devices/hololens/images/hololens-clicker-500px.jpg differ
diff --git a/devices/hololens/images/hololens-frame.png b/devices/hololens/images/hololens-frame.png
new file mode 100644
index 0000000000..5789f1b8c8
Binary files /dev/null and b/devices/hololens/images/hololens-frame.png differ
diff --git a/devices/hololens/images/hololens-gaze.png b/devices/hololens/images/hololens-gaze.png
new file mode 100644
index 0000000000..d21ffef0b2
Binary files /dev/null and b/devices/hololens/images/hololens-gaze.png differ
diff --git a/devices/hololens/images/hololens-lights.png b/devices/hololens/images/hololens-lights.png
new file mode 100644
index 0000000000..f3a19b84a3
Binary files /dev/null and b/devices/hololens/images/hololens-lights.png differ
diff --git a/devices/hololens/images/hololens-power.png b/devices/hololens/images/hololens-power.png
new file mode 100644
index 0000000000..80c3e7c215
Binary files /dev/null and b/devices/hololens/images/hololens-power.png differ
diff --git a/devices/hololens/images/hololens-vector-white.png b/devices/hololens/images/hololens-vector-white.png
new file mode 100644
index 0000000000..583a307449
Binary files /dev/null and b/devices/hololens/images/hololens-vector-white.png differ
diff --git a/devices/hololens/images/hololens2-exploded-large.png b/devices/hololens/images/hololens2-exploded-large.png
new file mode 100644
index 0000000000..fc639a0f62
Binary files /dev/null and b/devices/hololens/images/hololens2-exploded-large.png differ
diff --git a/devices/hololens/images/hololens2-exploded-medium.png b/devices/hololens/images/hololens2-exploded-medium.png
new file mode 100644
index 0000000000..3e1fbea7de
Binary files /dev/null and b/devices/hololens/images/hololens2-exploded-medium.png differ
diff --git a/devices/hololens/images/hololens2-fit.png b/devices/hololens/images/hololens2-fit.png
new file mode 100644
index 0000000000..dacaf4cbd7
Binary files /dev/null and b/devices/hololens/images/hololens2-fit.png differ
diff --git a/devices/hololens/images/hololens2-headstrap.png b/devices/hololens/images/hololens2-headstrap.png
new file mode 100644
index 0000000000..805637214b
Binary files /dev/null and b/devices/hololens/images/hololens2-headstrap.png differ
diff --git a/devices/hololens/images/hololens2-lift-visor.png b/devices/hololens/images/hololens2-lift-visor.png
new file mode 100644
index 0000000000..4d83f2c730
Binary files /dev/null and b/devices/hololens/images/hololens2-lift-visor.png differ
diff --git a/devices/hololens/images/hololens2-remove-browpad.png b/devices/hololens/images/hololens2-remove-browpad.png
new file mode 100644
index 0000000000..619f14e4fd
Binary files /dev/null and b/devices/hololens/images/hololens2-remove-browpad.png differ
diff --git a/devices/hololens/images/ipd-finger-alignment-300px.jpg b/devices/hololens/images/ipd-finger-alignment-300px.jpg
new file mode 100644
index 0000000000..7a4c929867
Binary files /dev/null and b/devices/hololens/images/ipd-finger-alignment-300px.jpg differ
diff --git a/devices/hololens/images/keyboard.png b/devices/hololens/images/keyboard.png
new file mode 100644
index 0000000000..6962567b83
Binary files /dev/null and b/devices/hololens/images/keyboard.png differ
diff --git a/devices/hololens/images/motherboard-400px.jpg b/devices/hololens/images/motherboard-400px.jpg
new file mode 100644
index 0000000000..5a2a085477
Binary files /dev/null and b/devices/hololens/images/motherboard-400px.jpg differ
diff --git a/devices/hololens/images/searchfeedback-500px.jpg b/devices/hololens/images/searchfeedback-500px.jpg
new file mode 100644
index 0000000000..952e29a6ec
Binary files /dev/null and b/devices/hololens/images/searchfeedback-500px.jpg differ
diff --git a/devices/hololens/images/see-through-400px.jpg b/devices/hololens/images/see-through-400px.jpg
new file mode 100644
index 0000000000..d9fba1c9e0
Binary files /dev/null and b/devices/hololens/images/see-through-400px.jpg differ
diff --git a/devices/hololens/images/sensor-bar-400px.jpg b/devices/hololens/images/sensor-bar-400px.jpg
new file mode 100644
index 0000000000..bf0b8f7f21
Binary files /dev/null and b/devices/hololens/images/sensor-bar-400px.jpg differ
diff --git a/devices/hololens/images/startmenu.jpg b/devices/hololens/images/startmenu.jpg
new file mode 100644
index 0000000000..b685db51ee
Binary files /dev/null and b/devices/hololens/images/startmenu.jpg differ
diff --git a/devices/hololens/images/upvotefeedback-500px.jpg b/devices/hololens/images/upvotefeedback-500px.jpg
new file mode 100644
index 0000000000..f1eda89efa
Binary files /dev/null and b/devices/hololens/images/upvotefeedback-500px.jpg differ
diff --git a/devices/hololens/images/vs2015-remotedeployment.jpg b/devices/hololens/images/vs2015-remotedeployment.jpg
new file mode 100644
index 0000000000..a7d6b43dc3
Binary files /dev/null and b/devices/hololens/images/vs2015-remotedeployment.jpg differ
diff --git a/devices/hololens/images/wifi-hololens-600px.jpg b/devices/hololens/images/wifi-hololens-600px.jpg
new file mode 100644
index 0000000000..eb6930a29f
Binary files /dev/null and b/devices/hololens/images/wifi-hololens-600px.jpg differ
diff --git a/devices/hololens/images/wifi-hololens-hwdetails.jpg b/devices/hololens/images/wifi-hololens-hwdetails.jpg
new file mode 100644
index 0000000000..e4b45047cf
Binary files /dev/null and b/devices/hololens/images/wifi-hololens-hwdetails.jpg differ
diff --git a/devices/hololens/index.md b/devices/hololens/index.md
index 5aee70afdb..c9b0e0575e 100644
--- a/devices/hololens/index.md
+++ b/devices/hololens/index.md
@@ -51,4 +51,4 @@ ms.date: 07/14/2019
* [Documentation for Holographic app development](https://developer.microsoft.com/windows/mixed-reality/development)
* [HoloLens Commercial Suite](https://www.microsoft.com/microsoft-hololens/hololens-commercial)
-* [HoloLens release notes](https://developer.microsoft.com/en-us/windows/mixed-reality/release_notes)
+* [HoloLens release notes](https://developer.microsoft.com/windows/mixed-reality/release_notes)
diff --git a/devices/surface-hub/create-a-device-account-using-office-365.md b/devices/surface-hub/create-a-device-account-using-office-365.md
index 20f13c7d1b..a834e039ee 100644
--- a/devices/surface-hub/create-a-device-account-using-office-365.md
+++ b/devices/surface-hub/create-a-device-account-using-office-365.md
@@ -77,7 +77,7 @@ From here on, you'll need to finish the account creation process using PowerShel
In order to run cmdlets used by these PowerShell scripts, the following must be installed for the admin PowerShell console:
-- [Microsoft Online Services Sign-In Assistant for IT Professionals RTW](https://www.microsoft.com/en-us/download/details.aspx?id=41950)
+- [Microsoft Online Services Sign-In Assistant for IT Professionals RTW](https://www.microsoft.com/download/details.aspx?id=41950)
- [Windows Azure Active Directory Module for Windows PowerShell](https://www.microsoft.com/web/handlers/webpi.ashx/getinstaller/WindowsAzurePowershellGet.3f.3f.3fnew.appids)
- [Skype for Business Online, Windows PowerShell Module](https://www.microsoft.com/download/details.aspx?id=39366)
diff --git a/devices/surface-hub/monitor-surface-hub.md b/devices/surface-hub/monitor-surface-hub.md
index e90e7d8f95..262c565327 100644
--- a/devices/surface-hub/monitor-surface-hub.md
+++ b/devices/surface-hub/monitor-surface-hub.md
@@ -7,8 +7,8 @@ manager: dansimp
keywords: monitor Surface Hub, Microsoft Operations Management Suite, OMS
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 07/27/2017
ms.localizationpriority: medium
diff --git a/devices/surface-hub/on-premises-deployment-surface-hub-device-accounts.md b/devices/surface-hub/on-premises-deployment-surface-hub-device-accounts.md
index 5bea64a216..d3fdb628ab 100644
--- a/devices/surface-hub/on-premises-deployment-surface-hub-device-accounts.md
+++ b/devices/surface-hub/on-premises-deployment-surface-hub-device-accounts.md
@@ -7,8 +7,8 @@ manager: dansimp
keywords: single forest deployment, on prem deployment, device account, Surface Hub
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 08/28/2018
ms.localizationpriority: medium
---
@@ -63,10 +63,12 @@ If you have a single-forest on-premises deployment with Microsoft Exchange 2013
Once you have a compatible policy, then you will need to apply the policy to the device account. However, policies can only be applied to user accounts and not resource mailboxes. You need to convert the mailbox into a user type, apply the policy, and then convert it back into a mailbox—you may need to re-enable it and set the password again too.
```PowerShell
+ $acctUpn = Get-Mailbox -Identity ""
+ $credNewAccount.Password = ConvertTo-SecureString -String -AsPlainText -Force
Set-Mailbox $acctUpn -Type Regular
Set-CASMailbox $acctUpn -ActiveSyncMailboxPolicy $easPolicy
Set-Mailbox $acctUpn -Type Room
- Set-Mailbox $credNewAccount.UserName -RoomMailboxPassword $credNewAccount.Password -EnableRoomMailboxAccount $true
+ Set-Mailbox $acctUpn -RoomMailboxPassword $credNewAccount.Password -EnableRoomMailboxAccount $true
```
4. Various Exchange properties can be set on the device account to improve the meeting experience for people. You can see which properties need to be set in the [Exchange properties](exchange-properties-for-surface-hub-device-accounts.md) section.
diff --git a/devices/surface-hub/on-premises-deployment-surface-hub-multi-forest.md b/devices/surface-hub/on-premises-deployment-surface-hub-multi-forest.md
index e3754d3e15..f643e4cfe6 100644
--- a/devices/surface-hub/on-premises-deployment-surface-hub-multi-forest.md
+++ b/devices/surface-hub/on-premises-deployment-surface-hub-multi-forest.md
@@ -4,8 +4,8 @@ description: This topic explains how you add a device account for your Microsoft
keywords: multi forest deployment, on prem deployment, device account, Surface Hub
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 08/28/2018
ms.reviewer:
manager: dansimp
diff --git a/devices/surface-hub/online-deployment-surface-hub-device-accounts.md b/devices/surface-hub/online-deployment-surface-hub-device-accounts.md
index df1bf821b4..a072d4d7b4 100644
--- a/devices/surface-hub/online-deployment-surface-hub-device-accounts.md
+++ b/devices/surface-hub/online-deployment-surface-hub-device-accounts.md
@@ -7,8 +7,8 @@ manager: dansimp
keywords: device account for Surface Hub, online deployment
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 02/21/2018
ms.localizationpriority: medium
diff --git a/devices/surface-hub/password-management-for-surface-hub-device-accounts.md b/devices/surface-hub/password-management-for-surface-hub-device-accounts.md
index 283520ee40..22e7e1284c 100644
--- a/devices/surface-hub/password-management-for-surface-hub-device-accounts.md
+++ b/devices/surface-hub/password-management-for-surface-hub-device-accounts.md
@@ -7,8 +7,8 @@ manager: dansimp
keywords: password, password management, password rotation, device account
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 07/27/2017
ms.localizationpriority: medium
diff --git a/devices/surface-hub/physically-install-your-surface-hub-device.md b/devices/surface-hub/physically-install-your-surface-hub-device.md
index 32a8f0f5ff..6d06a9ac69 100644
--- a/devices/surface-hub/physically-install-your-surface-hub-device.md
+++ b/devices/surface-hub/physically-install-your-surface-hub-device.md
@@ -7,8 +7,8 @@ manager: dansimp
keywords: Surface Hub, readiness guide, installation location, mounting options
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 07/27/2017
ms.localizationpriority: medium
diff --git a/devices/surface-hub/prepare-your-environment-for-surface-hub.md b/devices/surface-hub/prepare-your-environment-for-surface-hub.md
index d5c4c22cea..a6eb33d8f4 100644
--- a/devices/surface-hub/prepare-your-environment-for-surface-hub.md
+++ b/devices/surface-hub/prepare-your-environment-for-surface-hub.md
@@ -7,8 +7,8 @@ manager: dansimp
keywords: prepare environment, features of Surface Hub, create and test device account, check network availability
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 12/04/2017
ms.localizationpriority: medium
diff --git a/devices/surface-hub/provisioning-packages-for-surface-hub.md b/devices/surface-hub/provisioning-packages-for-surface-hub.md
index 2f47ffd5f8..607c66829e 100644
--- a/devices/surface-hub/provisioning-packages-for-surface-hub.md
+++ b/devices/surface-hub/provisioning-packages-for-surface-hub.md
@@ -1,14 +1,14 @@
---
title: Create provisioning packages (Surface Hub)
-description: For Windows 10, settings that use the registry or a configuration service provider (CSP) can be configured using provisioning packages.
+description: For Windows 10, settings that use the registry or a configuration service provider (CSP) can be configured using provisioning packages.
ms.assetid: 8AA25BD4-8A8F-4B95-9268-504A49BA5345
ms.reviewer:
manager: dansimp
keywords: add certificate, provisioning package
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 03/16/2019
ms.localizationpriority: medium
diff --git a/devices/surface-hub/remote-surface-hub-management.md b/devices/surface-hub/remote-surface-hub-management.md
index 9d435f4650..7a9acbe0fd 100644
--- a/devices/surface-hub/remote-surface-hub-management.md
+++ b/devices/surface-hub/remote-surface-hub-management.md
@@ -4,8 +4,8 @@ description: This section lists topics for managing Surface Hub.
keywords: remote management, MDM, install apps, monitor Surface Hub, Operations Management Suite, OMS
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 07/27/2017
ms.reviewer:
diff --git a/devices/surface-hub/save-bitlocker-key-surface-hub.md b/devices/surface-hub/save-bitlocker-key-surface-hub.md
index acd4207515..6bbfd1532a 100644
--- a/devices/surface-hub/save-bitlocker-key-surface-hub.md
+++ b/devices/surface-hub/save-bitlocker-key-surface-hub.md
@@ -7,8 +7,8 @@ manager: dansimp
keywords: Surface Hub, BitLocker, Bitlocker recovery keys
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 07/08/2019
ms.localizationpriority: medium
diff --git a/devices/surface-hub/set-up-your-surface-hub.md b/devices/surface-hub/set-up-your-surface-hub.md
index d329156bb0..96f42c3df1 100644
--- a/devices/surface-hub/set-up-your-surface-hub.md
+++ b/devices/surface-hub/set-up-your-surface-hub.md
@@ -7,8 +7,8 @@ manager: dansimp
keywords: set up instructions, Surface Hub, setup worksheet, first-run program
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 07/27/2017
ms.localizationpriority: medium
diff --git a/devices/surface-hub/setup-worksheet-surface-hub.md b/devices/surface-hub/setup-worksheet-surface-hub.md
index 46479063ed..6043d88f1d 100644
--- a/devices/surface-hub/setup-worksheet-surface-hub.md
+++ b/devices/surface-hub/setup-worksheet-surface-hub.md
@@ -7,8 +7,8 @@ manager: dansimp
keywords: Setup worksheet, pre-setup, first-time setup
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 06/20/2019
ms.localizationpriority: medium
diff --git a/devices/surface-hub/skype-hybrid-voice.md b/devices/surface-hub/skype-hybrid-voice.md
index c60e7826dc..c805fb9005 100644
--- a/devices/surface-hub/skype-hybrid-voice.md
+++ b/devices/surface-hub/skype-hybrid-voice.md
@@ -1,11 +1,11 @@
---
title: Online or hybrid deployment using Skype Hybrid Voice environment (Surface Hub)
description: This topic explains how to enable Skype for Business Cloud PBX with on premises PSTN connectivity via Cloud Connector Edition or Skype for Business 2015 pool.
-keywords: hybrid deployment, Skype Hybrid Voice
+keywords: hybrid deployment, Skype Hybrid Voice
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 07/27/2017
ms.reviewer:
diff --git a/devices/surface-hub/support-solutions-surface-hub.md b/devices/surface-hub/support-solutions-surface-hub.md
index 81eba249eb..b683f85daf 100644
--- a/devices/surface-hub/support-solutions-surface-hub.md
+++ b/devices/surface-hub/support-solutions-surface-hub.md
@@ -7,8 +7,8 @@ manager: dansimp
keywords: Troubleshoot common problems, setup issues
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 10/24/2017
ms.localizationpriority: medium
diff --git a/devices/surface-hub/surface-hub-2s-account.md b/devices/surface-hub/surface-hub-2s-account.md
index b3e9822a05..1b73cf6980 100644
--- a/devices/surface-hub/surface-hub-2s-account.md
+++ b/devices/surface-hub/surface-hub-2s-account.md
@@ -83,7 +83,7 @@ Set-MsolUserLicense -UserPrincipalName "account@YourDomain.com" -AddLicenses "co
### Install prerequisites
- [Visual C++ 2017 Redistributable](https://aka.ms/vs/15/release/vc_redist.x64.exe)
-- [Skype for Business Online PowerShell Module](https://www.microsoft.com/en-us/download/confirmation.aspx?id=39366)
+- [Skype for Business Online PowerShell Module](https://www.microsoft.com/download/confirmation.aspx?id=39366)
```
Import-Module LyncOnlineConnector
diff --git a/devices/surface-hub/surface-hub-2s-connect.md b/devices/surface-hub/surface-hub-2s-connect.md
index d3a17d2848..312c9d3d2e 100644
--- a/devices/surface-hub/surface-hub-2s-connect.md
+++ b/devices/surface-hub/surface-hub-2s-connect.md
@@ -14,7 +14,7 @@ ms.localizationpriority: Medium
---
# Connect devices to Surface Hub 2S
-Surface Hub 2S lets you connect external devices, mirror the display on Surface Hub 2S to another device, and connect a wide variety of third-party peripherals including video conference cameras, conference phones, and room system devices.
+Surface Hub 2S enables you to connect external devices, mirror the display on Surface Hub 2S to another device, and connect multiple third-party peripherals including video conference cameras, conference phones, and room system devices.
You can display content from your devices to Surface Hub 2S. If the source device is Windows-based, that device can also provide TouchBack and InkBack, which takes video and audio from the connected device and presents them on Surface Hub 2S. If Surface Hub 2S encounters a High-Bandwidth Digital Content Protection (HDCP) signal, such as a Blu-ray DVD player, the source is displayed as a black image.
@@ -23,11 +23,10 @@ You can display content from your devices to Surface Hub 2S. If the source devic
## Recommended wired configurations
-In general, it’s recommended to use native cable connections whenever possible such as USB-C to USB-C or HDMI to HDMI. Other combinations such as MiniDP to HDMI or MiniDP to USB-C will also work.
+In general, it’s recommended to use native cable connections whenever possible such as USB-C to USB-C or HDMI to HDMI. Other combinations such as MiniDP to HDMI or MiniDP to USB-C will also work. Some additional configuration may be required to optimize the video-out experience, as described on this page.
| **Connection** | **Functionality** | **Description**|
| --- | --- | ---|
-| USB-C
(via compute module) | Video-in
Video-out
Audio-in
Audio-out
TouchBack and InkBack | Provides video, audio, and TouchBack/InkBack on a single cable.
**NOTE:** Some configuration is required to optimize the video-out experience. Refer to the section below: [Mirroring Surface Hub 2S display on another device](#). |
| HDMI + USB-C | HDMI-in for audio and video
USB-C for TouchBack and InkBack | USB-C supports TouchBack and InkBack with the HDMI A/V connection.
Use USB-C to USB-A to connect to legacy computers.
**NOTE:** For best results, connect HDMI before connecting a USB-C cable. If the computer you're using for HDMI is not compatible with TouchBack and InkBack, you won't need a USB-C cable. |
| USB-C
(via compute module) | Video-in
Audio-in | Single cable needed for A/V
TouchBack and InkBack not supported
HDCP enabled |
| HDMI (in port) | Video, Audio into Surface Hub 2S | Single cable needed for A/V
TouchBack and InkBack not supported
HDCP enabled |
@@ -68,7 +67,7 @@ You can input video to Surface Hub 2S using USB-C or HDMI, as indicated in the f
## Mirroring Surface Hub 2S display on another device
-You can output video to another display using either USB-C or MiniDP, as indicated in the following table.
+You can output video to another display using MiniDP, as indicated in the following table.
### Surface Hub 2S video-out settings
diff --git a/devices/surface-hub/surface-hub-2s-phone-authenticate.md b/devices/surface-hub/surface-hub-2s-phone-authenticate.md
index ae82ccdf36..53b8395f63 100644
--- a/devices/surface-hub/surface-hub-2s-phone-authenticate.md
+++ b/devices/surface-hub/surface-hub-2s-phone-authenticate.md
@@ -22,7 +22,7 @@ Password-less phone sign-in simplifies signing-in to your meetings and files on
## To set up password-less phone sign-in
-1. Download the [Microsoft Authenticator](https://www.microsoft.com/en-us/account/authenticator) app for iPhone or Android to your phone.
+1. Download the [Microsoft Authenticator](https://www.microsoft.com/account/authenticator) app for iPhone or Android to your phone.
2. From your PC, go to [https://aka.ms/MFASetup](https://aka.ms/MFASetup) , sign in with your account, and select **Next.**
3. In the Additional security verification screen, select Mobile App and Use verification code, and then select **Setup**.
diff --git a/devices/surface-hub/surface-hub-authenticator-app.md b/devices/surface-hub/surface-hub-authenticator-app.md
index 2ffa84dd12..9ad0606641 100644
--- a/devices/surface-hub/surface-hub-authenticator-app.md
+++ b/devices/surface-hub/surface-hub-authenticator-app.md
@@ -3,8 +3,8 @@ title: Sign in to Surface Hub with Microsoft Authenticator
description: Use Microsoft Authenticator on your mobile device to sign in to Surface Hub.
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 08/28/2017
ms.reviewer:
diff --git a/devices/surface-hub/surface-hub-downloads.md b/devices/surface-hub/surface-hub-downloads.md
index 8f92a6b3a0..5e5073588a 100644
--- a/devices/surface-hub/surface-hub-downloads.md
+++ b/devices/surface-hub/surface-hub-downloads.md
@@ -3,8 +3,8 @@ title: Useful downloads for Microsoft Surface Hub
description: Downloads related to the Microsoft Surface Hub.
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 08/22/2017
ms.reviewer:
diff --git a/devices/surface-hub/surface-hub-qos.md b/devices/surface-hub/surface-hub-qos.md
index 589cfcfcdf..105a188ae1 100644
--- a/devices/surface-hub/surface-hub-qos.md
+++ b/devices/surface-hub/surface-hub-qos.md
@@ -1,12 +1,12 @@
---
-title: Implement Quality of Service on Surface Hub
+title: Implement Quality of Service on Surface Hub
ms.reviewer:
manager: dansimp
description: Learn how to configure QoS on Surface Hub.
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.localizationpriority: medium
---
diff --git a/devices/surface-hub/surface-hub-recovery-tool.md b/devices/surface-hub/surface-hub-recovery-tool.md
index f1f6a52a05..75feb89fc2 100644
--- a/devices/surface-hub/surface-hub-recovery-tool.md
+++ b/devices/surface-hub/surface-hub-recovery-tool.md
@@ -7,8 +7,8 @@ manager: dansimp
keywords: manage Surface Hub
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 05/22/2018
ms.localizationpriority: medium
@@ -20,8 +20,8 @@ The [Microsoft Surface Hub Recovery Tool](https://www.microsoft.com/download/det
To re-image the Surface Hub SSD using the Recovery Tool, you'll need to remove the SSD from the Surface Hub, connect the drive to the USB-to-SATA cable, and then connect the cable to the desktop PC on which the Recovery Tool is installed. For more information on how to remove the existing drive from your Surface Hub, see [Surface Hub SSD replacement](surface-hub-ssd-replacement.md).
->[!IMPORTANT]
->Do not let the device go to sleep or interrupt the download of the image file.
+> [!IMPORTANT]
+> Do not let the device go to sleep or interrupt the download of the image file.
If the tool is unsuccessful in reimaging your drive, please contact [Surface Hub Support](https://support.microsoft.com/help/4037644/surface-contact-surface-warranty-and-software-support).
@@ -77,10 +77,7 @@ Install Surface Hub Recovery Tool on the host PC.
5. When the download is complete, the tool instructs you to connect an SSD drive. If the tool is unable to locate the attached drive, there is a good chance that the cable being used is not reporting the name of the SSD to Windows. The imaging tool must find the name of the drive as "LITEON L CH-128V2S USB Device" before it can continue. For more information on how to remove the existing drive from your Surface Hub, see [Surface Hub SSD replacement](surface-hub-ssd-replacement.md).
-
-~~~
-
-~~~
+ 
6. When the drive is recognized, click **Start** to begin the re-imaging process. On the warning that all data on the drive will be erased, click **OK**.
diff --git a/devices/surface-hub/surface-hub-site-readiness-guide.md b/devices/surface-hub/surface-hub-site-readiness-guide.md
index 44e8717278..cf21867432 100644
--- a/devices/surface-hub/surface-hub-site-readiness-guide.md
+++ b/devices/surface-hub/surface-hub-site-readiness-guide.md
@@ -1,12 +1,12 @@
---
-title: Surface Hub Site Readiness Guide
+title: Surface Hub Site Readiness Guide
ms.reviewer:
manager: dansimp
-description: Use this Site Readiness Guide to help plan your Surface Hub installation.
+description: Use this Site Readiness Guide to help plan your Surface Hub installation.
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.localizationpriority: medium
---
diff --git a/devices/surface-hub/surface-hub-ssd-replacement.md b/devices/surface-hub/surface-hub-ssd-replacement.md
index 363f1e6e81..7896a7d634 100644
--- a/devices/surface-hub/surface-hub-ssd-replacement.md
+++ b/devices/surface-hub/surface-hub-ssd-replacement.md
@@ -5,8 +5,8 @@ manager: dansimp
description: Learn how to replace the solid state drive in a Surface Hub.
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.localizationpriority: medium
---
diff --git a/devices/surface-hub/surface-hub-technical-55.md b/devices/surface-hub/surface-hub-technical-55.md
index 353347476f..6abc46e411 100644
--- a/devices/surface-hub/surface-hub-technical-55.md
+++ b/devices/surface-hub/surface-hub-technical-55.md
@@ -1,12 +1,12 @@
---
-title: Technical information for 55" Surface Hub
+title: Technical information for 55" Surface Hub
ms.reviewer:
manager: dansimp
description: Specifications for the 55" Surface Hub
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.localizationpriority: medium
---
diff --git a/devices/surface-hub/surface-hub-technical-84.md b/devices/surface-hub/surface-hub-technical-84.md
index fb52cf8797..0ba7d45aa1 100644
--- a/devices/surface-hub/surface-hub-technical-84.md
+++ b/devices/surface-hub/surface-hub-technical-84.md
@@ -1,12 +1,12 @@
---
-title: Technical information for 84" Surface Hub
+title: Technical information for 84" Surface Hub
ms.reviewer:
manager: dansimp
description: Specifications for the 84" Surface Hub
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.localizationpriority: medium
---
diff --git a/devices/surface-hub/surface-hub-update-history.md b/devices/surface-hub/surface-hub-update-history.md
index 0f70604dac..f88eb20479 100644
--- a/devices/surface-hub/surface-hub-update-history.md
+++ b/devices/surface-hub/surface-hub-update-history.md
@@ -24,6 +24,17 @@ Please refer to the “[Surface Hub Important Information](https://support.micro
## Windows 10 Team Creators Update 1703
+
+August 17, 2019—update for Team edition based on KB4512474* (OS Build 15063.2021)
+
+This update to the Surface Hub includes quality improvements and security fixes. Key updates to Surface Hub, not already outlined in [Windows 10 Update History](https://support.microsoft.com/help/4018124/windows-10-update-history), include:
+
+ * Ensures that Video Out on Hub 2S defaults to "Duplicate" mode.
+
+Please refer to the [Surface Hub Admin guide](https://docs.microsoft.com/surface-hub/) for enabling/disabling device features and services.
+*[KB4503289](https://support.microsoft.com/help/4503289)
+
+
June 18, 2019—update for Team edition based on KB4503289* (OS Build 15063.1897)
@@ -31,6 +42,9 @@ This update to the Surface Hub includes quality improvements and security fixes.
* Addresses an issue with log collection for Microsoft Surface Hub 2S.
* Addresses an issue preventing a user from signing in to a Microsoft Surface Hub device with an Azure Active Directory account. This issue occurs because a previous session did not end successfully.
+* Adds support for TLS 1.2 connections to identity providers and Exchange in device account setup scenarios.
+* Fixes to improve reliability of Hardware Diagnostic App on Hub 2S.
+* Fix to improve consistency of first-run setup experience on Hub 2S.
Please refer to the [Surface Hub Admin guide](https://docs.microsoft.com/surface-hub/) for enabling/disabling device features and services.
*[KB4503289](https://support.microsoft.com/help/4503289)
diff --git a/devices/surface-hub/surface-hub-wifi-direct.md b/devices/surface-hub/surface-hub-wifi-direct.md
index 5d8fad351d..5120dc9b9c 100644
--- a/devices/surface-hub/surface-hub-wifi-direct.md
+++ b/devices/surface-hub/surface-hub-wifi-direct.md
@@ -4,8 +4,8 @@ description: This topic provides guidance on Wi-Fi Direct security risks.
keywords: change history
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 06/20/2019
ms.reviewer:
diff --git a/devices/surface-hub/surfacehub-whats-new-1703.md b/devices/surface-hub/surfacehub-whats-new-1703.md
index 1f9447ff87..0626c4a0d7 100644
--- a/devices/surface-hub/surfacehub-whats-new-1703.md
+++ b/devices/surface-hub/surfacehub-whats-new-1703.md
@@ -1,10 +1,10 @@
---
-title: What's new in Windows 10, version 1703 for Surface Hub
+title: What's new in Windows 10, version 1703 for Surface Hub
description: Windows 10, version 1703 (Creators Update) brings new features to Microsoft Surface Hub.
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 01/18/2018
ms.reviewer:
diff --git a/devices/surface-hub/troubleshoot-surface-hub.md b/devices/surface-hub/troubleshoot-surface-hub.md
index c67203853d..af6809a477 100644
--- a/devices/surface-hub/troubleshoot-surface-hub.md
+++ b/devices/surface-hub/troubleshoot-surface-hub.md
@@ -7,8 +7,8 @@ manager: dansimp
keywords: Troubleshoot common problems, setup issues, Exchange ActiveSync errors
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 03/16/2018
ms.localizationpriority: medium
diff --git a/devices/surface-hub/use-fully-qualified-domain-name-surface-hub.md b/devices/surface-hub/use-fully-qualified-domain-name-surface-hub.md
index 57f4f3faa0..33233a023b 100644
--- a/devices/surface-hub/use-fully-qualified-domain-name-surface-hub.md
+++ b/devices/surface-hub/use-fully-qualified-domain-name-surface-hub.md
@@ -2,8 +2,8 @@
title: Use fully qualified domain name with Surface Hub
description: Troubleshoot common problems, including setup issues, Exchange ActiveSync errors.
keywords: ["Troubleshoot common problems", "setup issues", "Exchange ActiveSync errors"]
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 07/27/2017
ms.reviewer:
diff --git a/devices/surface-hub/use-room-control-system-with-surface-hub.md b/devices/surface-hub/use-room-control-system-with-surface-hub.md
index e18ca0fcd5..cbc437e783 100644
--- a/devices/surface-hub/use-room-control-system-with-surface-hub.md
+++ b/devices/surface-hub/use-room-control-system-with-surface-hub.md
@@ -7,8 +7,8 @@ manager: dansimp
keywords: room control system, Surface Hub
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 07/27/2017
ms.localizationpriority: medium
diff --git a/devices/surface-hub/whiteboard-collaboration.md b/devices/surface-hub/whiteboard-collaboration.md
index e921c71e09..a6e9524cd2 100644
--- a/devices/surface-hub/whiteboard-collaboration.md
+++ b/devices/surface-hub/whiteboard-collaboration.md
@@ -1,10 +1,10 @@
---
-title: Set up and use Microsoft Whiteboard
+title: Set up and use Microsoft Whiteboard
description: Microsoft Whiteboard’s latest update includes the capability for two Surface Hubs to collaborate in real time on the same board.
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 03/18/2019
ms.reviewer:
@@ -12,57 +12,55 @@ manager: dansimp
ms.localizationpriority: medium
---
-# Set up and use Microsoft Whiteboard
+# Set up and use Microsoft Whiteboard
+The Microsoft Whiteboard app includes the capability for Surface Hubs and other devices to collaborate in real time on the same board.
+## Prerequisites
->[!IMPORTANT]
->A new Microsoft Whiteboard app was released on July 12, 2018. The existing Whiteboard app that comes installed on Surface Hub and is pinned to the Welcome screen has been renamed **Microsoft Whiteboard 2016**. Microsoft Whiteboard 2016 will be automatically upgraded by May 21, 2019, and the collaboration service for the legacy app will stop functioning after June 7, 2019. For more details, see [Enable Microsoft Whiteboard on Surface Hub](https://support.office.com/article/enable-microsoft-whiteboard-on-surface-hub-b5df4539-f735-42ff-b22a-0f5e21be7627?ui=en-US&rs=en-US&ad=US).
+To use whiteboard collaboration complete the following actions:
-The Microsoft Whiteboard app includes the capability for two Surface Hubs to collaborate in real time on the same board.
+- Add Whiteboard.ms, whiteboard.microsoft.com, and wbd.ms to your list of allowed sites.
+- Open port: **HTTPS: 443** (normally configured when you first run Surface Hub.)
-By ensuring that your organization meets the prerequisites, users can then ink, collaborate, and ideate together.
+## Office 365 requirements
-
+- Whiteboard collaboration is only supported in the Office 365 commercial environment and requires Office 365 with cloud-based Azure Active Directory (Azure AD).
+- You can only run collaborative sessions among users belonging to the same Office 365 tenant.
+- Office 365 Germany or Office 365 operated by 21Vianet do not support whiteboard collaboration.
-## Prerequisites for Whiteboard to Whiteboard collaboration (Microsoft Whiteboard 2016)
-
-To get Whiteboard to Whiteboard collaboration up and running, you’ll need to make sure your organization meets the following requirements:
-
-- Office 365 with cloud-based Azure Active Directory (Azure AD) for all users
-- OneDrive for Business deployed for all users who intend to collaborate
-- Currently not utilizing Office 365 Germany or Office 365 operated by 21Vianet
-- Surface Hub needs to be updated to Windows 10, version 1607 or newer
-- Port 443 needs to be open since Whiteboard makes standard https requests
-- Whiteboard.ms, whiteboard.microsoft.com, wbd.ms, \*.onenote.com, and your company's SharePoint tenant domain URLs need to be whitelisted for proxies
-
-
->[!NOTE]
->Collaborative sessions can only take place between users within the same tenant, so users outside of your organization won’t be able to join even if they have a Surface Hub.
-
-## Using Whiteboard to Whiteboard collaboration (Microsoft Whiteboard 2016)
+## Collaborating with whiteboards
To start a collaboration session:
1. In the Whiteboard app, tap the **Sign in** button.
2. Sign in with your organization ID.
3. Tap the **Invite** button next to your name at the top of the app.
-4. Tap **Start session**. Whiteboard will generate a link that you can share.
+4. Write or type the names of the colleagues you wish to collaborate with.
- 
-
-5. Copy and paste this link into a Skype chat with another Surface Hub
+On the other device, such as a Surface Hub, when you are signed in, the shared board will now appear in the board gallery.
-When the other Surface Hub receives the link, the recipient can tap on the link, sign in to Whiteboard, and then begin collaborating. You can copy and paste other content, use smart ink features like Ink to Shape, and co-author together.
-
-After you’re done, you can export a copy of the Whiteboard collaboration for yourself through the Share charm and leave the board for others to continue working.
-
->[!TIP]
->When you start a collaboration session, Whiteboard creates a folder named **Whiteboard App Data** in your OneDrive for Business to store your shared whiteboards. After some collaboration sessions, this folder may continue to sync or process changes indefinitely. You can fix this by choosing to not sync the **Whiteboard App Data** folder to your device. Disabling sync for this folder won't limit your ability to use Whiteboard for collaboration sessions.
+### User tips
+- Log in to access your whiteboards. As you work, changes are saved automatically.
+- Name your whiteboards to help organize your content and find it quickly. Select the … to open the menu. Select the **Options** gear icon to access more tools and features of the Whiteboard.
+- Use **Ink to shape** to turn drawing into actual shapes like circles, squares, and triangles.
+- Use **Ink to table** to turn a drawn grid into a table with rows and columns.
+- You can also change the background color and design from solid to grid or dots. Pick the background, then choose the color from the wheel around it.
+- You can export a copy of the Whiteboard collaboration for yourself through the Share charm and leave the board for others to continue working.
+> [!NOTE]
+> If you are using Whiteboard and cannot sign in, you can collaborate by joining a Teams or Skype for Business meeting, and then sharing your screen. After you’re done, tap **Settings** > **Export to email** or save a copy of the board. The SVG export provides higher resolution than PNG and can be opened in a web browser.
+## New features in Whiteboard
+The Microsoft Whiteboard app, updated for Surface Hub on July 1, 2019 includes a host of new features including:
+- **Automatic Saving** - Boards are saved to the cloud automatically when you sign in, and can be found in the board gallery.
+- **Extended collaboration across devices** - You can collaborate using new apps for Windows 10 PC and iOS, and a web version for other devices.
+- **Richer canvas** - In addition to ink and images, Whiteboard now includes sticky notes, text and GIFs, with more objects coming soon.
+- **Intelligence** – In addition to ink to shape and table, Whiteboard now includes ink beautification to improve handwriting and ink grab to convert images to ink.
+- **More color and background options** - Whiteboard now includes more pen colors and thickness options along with additional background colors and designs.
+- **Teams Integration** – You can automatically launch Whiteboard from a Teams meeting and share with participants (currently in preview).
## Related topics
diff --git a/devices/surface-hub/wireless-network-management-for-surface-hub.md b/devices/surface-hub/wireless-network-management-for-surface-hub.md
index 5e17e464a9..0a314fe596 100644
--- a/devices/surface-hub/wireless-network-management-for-surface-hub.md
+++ b/devices/surface-hub/wireless-network-management-for-surface-hub.md
@@ -7,8 +7,8 @@ manager: dansimp
keywords: network connectivity, wired connection
ms.prod: surface-hub
ms.sitesec: library
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.topic: article
ms.date: 07/27/2017
ms.localizationpriority: medium
diff --git a/devices/surface/TOC.md b/devices/surface/TOC.md
index 665c1bd9c4..d402397000 100644
--- a/devices/surface/TOC.md
+++ b/devices/surface/TOC.md
@@ -21,6 +21,7 @@
## Deploy
### [Deploy Surface devices](deploy.md)
+### [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)
### [Surface Deployment Accelerator](microsoft-surface-deployment-accelerator.md)
### [Step by step: Surface Deployment Accelerator](step-by-step-surface-deployment-accelerator.md)
### [Deploy Windows 10 to Surface devices with MDT](deploy-windows-10-to-surface-devices-with-mdt.md)
@@ -30,16 +31,14 @@
### [Surface System SKU reference](surface-system-sku-reference.md)
## Manage
-### [Optimizing wireless connectivity for Surface devices](surface-wireless-connect.md)
+### [Optimize Wi-Fi connectivity for Surface devices](surface-wireless-connect.md)
### [Best practice power settings for Surface devices](maintain-optimal-power-settings-on-Surface-devices.md)
+### [Surface Dock Firmware Update](surface-dock-firmware-update.md)
### [Battery Limit setting](battery-limit.md)
### [Surface Brightness Control](microsoft-surface-brightness-control.md)
### [Surface Asset Tag](assettag.md)
### [Surface firmware and driver updates](update.md)
-### [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)
### [Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md)
-### [Surface Dock Updater](surface-dock-updater.md)
-
## Secure
### [Manage Surface UEFI settings](manage-surface-uefi-settings.md)
diff --git a/devices/surface/assettag.md b/devices/surface/assettag.md
index e0df401dea..7ccc8ed708 100644
--- a/devices/surface/assettag.md
+++ b/devices/surface/assettag.md
@@ -29,7 +29,7 @@ for Surface devices. It works on Surface Pro 3 and all newer Surface devices.
To run Surface Asset Tag:
1. On the Surface device, download **Surface Asset Tag.zip** from the [Microsoft Download
- Center](https://www.microsoft.com/en-us/download/details.aspx?id=46703),
+ Center](https://www.microsoft.com/download/details.aspx?id=46703),
extract the zip file, and save AssetTag.exe in desired folder (in
this example, C:\\assets).
diff --git a/devices/surface/change-history-for-surface.md b/devices/surface/change-history-for-surface.md
index ea290fea58..5e115df5df 100644
--- a/devices/surface/change-history-for-surface.md
+++ b/devices/surface/change-history-for-surface.md
@@ -15,6 +15,13 @@ ms.topic: article
This topic lists new and updated topics in the Surface documentation library.
+## September 2019
+
+| **New or changed topic** | **Description** |
+| ------------------------ | --------------- |
+| [Surface Dock Firmware Update](surface-dock-firmware-update.md)| New document for Microsoft Surface Dock Firmware Update, newly redesigned to automatically update Surface Dock firmware while running in the background on your Surface device.|
+
+
## August 2019
| **New or changed topic** | **Description** |
@@ -89,7 +96,6 @@ New or changed topic | Description
|New or changed topic | Description |
| --- | --- |
-|[Surface Dock Updater](surface-dock-updater.md) | Added version 2.12.136.0 information |
|[Microsoft Surface Data Eraser](microsoft-surface-data-eraser.md) | Added version 3.2.46.0 information |
## January 2018
@@ -107,12 +113,6 @@ New or changed topic | Description
| --- | --- |
|[Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md) | Added Surface Book 2, Surface Laptop, Surface Pro, and Surface Pro with LTE Advanced information |
-## November 2017
-
-|New or changed topic | Description |
-| --- | --- |
-|[Surface Dock Updater](surface-dock-updater.md) | Added version 2.7.136.0 information |
-
## October 2017
New or changed topics | Description
@@ -131,7 +131,6 @@ New or changed topic | Description
| --- | --- |
|[Surface Data Eraser](microsoft-surface-data-eraser.md) | Update compatible devices, added version 3.2.36 information |
|[Surface Deployment Accelerator](microsoft-surface-deployment-accelerator.md) | Added version 2.0.8.0 information |
-|[Surface Dock Updater](surface-dock-updater.md) | Added version 2.1.15.0 information |
## April 2017
diff --git a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
index 4bad708b64..94094f2b60 100644
--- a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
+++ b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
@@ -11,7 +11,7 @@ ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
-ms.date: 08/13/2018
+ms.date: 08/13/2019
ms.author: dansimp
ms.topic: article
---
diff --git a/devices/surface/deploy-windows-10-to-surface-devices-with-mdt.md b/devices/surface/deploy-windows-10-to-surface-devices-with-mdt.md
index ea5592fb85..258912cc3d 100644
--- a/devices/surface/deploy-windows-10-to-surface-devices-with-mdt.md
+++ b/devices/surface/deploy-windows-10-to-surface-devices-with-mdt.md
@@ -55,7 +55,7 @@ Before you can perform a deployment with MDT, you must first supply a set of ope
>[!NOTE]
->The installation media generated from the [Get Windows 10](https://www.microsoft.com/en-us/software-download/windows10/) page differs from physical media or media downloaded from the VLSC, in that it contains an image file in Electronic Software Download (ESD) format rather than in the Windows Imaging (WIM) format. Installation media with an image file in WIM format is required for use with MDT. Installation media from the Get Windows 10 page cannot be used for Windows deployment with MDT.
+>The installation media generated from the [Get Windows 10](https://www.microsoft.com/software-download/windows10/) page differs from physical media or media downloaded from the VLSC, in that it contains an image file in Electronic Software Download (ESD) format rather than in the Windows Imaging (WIM) format. Installation media with an image file in WIM format is required for use with MDT. Installation media from the Get Windows 10 page cannot be used for Windows deployment with MDT.
#### Windows Server
@@ -64,7 +64,7 @@ Although MDT can be installed on a Windows client, to take full advantage of Win
>[!NOTE]
->To evaluate the deployment process for Surface devices or to test the deployment process described in this article with the upcoming release of Windows Server 2016, you can download evaluation and preview versions from the [TechNet Evaluation Center](https://www.microsoft.com/en-us/evalcenter).
+>To evaluate the deployment process for Surface devices or to test the deployment process described in this article with the upcoming release of Windows Server 2016, you can download evaluation and preview versions from the [TechNet Evaluation Center](https://www.microsoft.com/evalcenter).
#### Windows Deployment Services
@@ -82,7 +82,7 @@ Because customizations are performed by MDT at the time of deployment, the goal
>[!NOTE]
->Hyper-V is available not only on Windows Server, but also on Windows clients, including Professional and Enterprise editions of Windows 8, Windows 8.1, and Windows 10. Find out more at [Client Hyper-V on Windows 10](https://msdn.microsoft.com/virtualization/hyperv_on_windows/windows_welcome) and [Client Hyper-V on Windows 8 and Windows 8.1](https://technet.microsoft.com/library/hh857623) in the TechNet Library. Hyper-V is also available as a standalone product, Microsoft Hyper-V Server, at no cost. You can download [Microsoft Hyper-V Server 2012 R2](https://www.microsoft.com/en-us/evalcenter/evaluate-hyper-v-server-2012-r2) or [Microsoft Hyper-V Server 2016 Technical Preview](https://www.microsoft.com/en-us/evalcenter/evaluate-hyper-v-server-technical-preview) from the TechNet Evaluation Center.
+>Hyper-V is available not only on Windows Server, but also on Windows clients, including Professional and Enterprise editions of Windows 8, Windows 8.1, and Windows 10. Find out more at [Client Hyper-V on Windows 10](https://msdn.microsoft.com/virtualization/hyperv_on_windows/windows_welcome) and [Client Hyper-V on Windows 8 and Windows 8.1](https://technet.microsoft.com/library/hh857623) in the TechNet Library. Hyper-V is also available as a standalone product, Microsoft Hyper-V Server, at no cost. You can download [Microsoft Hyper-V Server 2012 R2](https://www.microsoft.com/evalcenter/evaluate-hyper-v-server-2012-r2) or [Microsoft Hyper-V Server 2016 Technical Preview](https://www.microsoft.com/evalcenter/evaluate-hyper-v-server-technical-preview) from the TechNet Evaluation Center.
#### Surface firmware and drivers
diff --git a/devices/surface/get-started.md b/devices/surface/get-started.md
index 07342f0005..2ea4ff4188 100644
--- a/devices/surface/get-started.md
+++ b/devices/surface/get-started.md
@@ -5,6 +5,7 @@ ms.author: robmazz
manager: laurawi
layout: LandingPage
ms.assetid:
+ms.audience: itpro
ms.tgt_pltfrm: na
ms.devlang: na
ms.topic: landing-page
@@ -29,6 +30,7 @@ Harness the power of Surface, Windows, and Office connected together through the
Plan
Autopilot and Surface devices
Surface and SCCM considerations
+ Deploy Surface app with Microsoft Store for Business
@@ -45,7 +47,7 @@ Harness the power of Surface, Windows, and Office connected together through the
@@ -64,16 +66,15 @@ Harness the power of Surface, Windows, and Office connected together through the
-
-
@@ -138,10 +139,10 @@ Harness the power of Surface, Windows, and Office connected together through the
diff --git a/devices/surface/images/regeditDock.png b/devices/surface/images/regeditDock.png
new file mode 100644
index 0000000000..e074712665
Binary files /dev/null and b/devices/surface/images/regeditDock.png differ
diff --git a/devices/surface/index.md b/devices/surface/index.md
index 33fbe6bf0c..8a40146adb 100644
--- a/devices/surface/index.md
+++ b/devices/surface/index.md
@@ -116,6 +116,7 @@ description: Learn about Microsoft Surface and Surface Hub devices.
Learn
Surface training on Microsoft Learn
Microsoft Mechanics Surface videos
+
Surface Hub 2S adoption and training
+
+- Component10CurrentFwVersion updated to **4ac3970**.
+- Component20CurrentFwVersion updated to **4a1d570**.
+
+## Legacy versions
+
+### Version 2.23.139.0
+*Release Date: 10 October 2018*
+
+This version of Surface Dock Updater adds support for the following:
+
+- Add support for Surface Pro 6
+- Add support for Surface Laptop 2
+
+
+### Version 2.22.139.0
+*Release Date: 26 July 2018*
+
+This version of Surface Dock Updater adds support for the following:
+
+- Increase update reliability
+- Add support for Surface Go
+
+### Version 2.12.136.0
+*Release Date: 29 January 2018*
+
+This version of Surface Dock Updater adds support for the following:
+* Update for Surface Dock Main Chipset Firmware
+* Update for Surface Dock DisplayPort Firmware
+* Improved display stability for external displays when used with Surface Book or Surface Book 2
+
+Additionally, installation of this version of Surface Dock Updater on Surface Book devices includes the following:
+* Update for Surface Book Base Firmware
+* Added support for Surface Dock firmware updates with improvements targeted to Surface Book devices
+
+
+### Version 2.9.136.0
+*Release date: November 3, 2017*
+
+This version of Surface Dock Updater adds support for the following:
+
+* Update for Surface Dock DisplayPort Firmware
+* Resolves an issue with audio over passive display port adapters
+
+### Version 2.1.15.0
+*Release date: June 19, 2017*
+
+This version of Surface Dock Updater adds support for the following:
+
+* Surface Laptop
+* Surface Pro
+
+### Version 2.1.6.0
+*Release date: April 7, 2017*
+
+This version of Surface Dock Updater adds support for the following:
+
+* Update for Surface Dock DisplayPort firmware
+* Requires Windows 10
+
+### Version 2.0.22.0
+*Release date: October 21, 2016*
+
+This version of Surface Dock Updater adds support for the following:
+
+* Update for Surface Dock USB firmware
+* Improved reliability of Ethernet, audio, and USB ports
+
+### Version 1.0.8.0
+*Release date: April 26, 2016*
+
+This version of Surface Dock Updater adds support for the following:
+
+* Update for Surface Dock Main Chipset firmware
+* Update for Surface Dock DisplayPort firmware
+
diff --git a/devices/surface/surface-dock-updater.md b/devices/surface/surface-dock-updater.md
deleted file mode 100644
index 89e26f6db0..0000000000
--- a/devices/surface/surface-dock-updater.md
+++ /dev/null
@@ -1,199 +0,0 @@
----
-title: Microsoft Surface Dock Updater (Surface)
-description: This article provides a detailed walkthrough of Microsoft Surface Dock Updater.
-ms.assetid: 1FEFF277-F7D1-4CB4-8898-FDFE8CBE1D5C
-ms.reviewer:
-manager: dansimp
-keywords: install, update, firmware
-ms.localizationpriority: medium
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.pagetype: surface, devices
-ms.sitesec: library
-author: dansimp
-ms.date: 02/23/2018
-ms.author: dansimp
-ms.topic: article
----
-
-# Microsoft Surface Dock Updater
-
-
-This article provides a detailed walkthrough of Microsoft Surface Dock Updater.
-
-The [Microsoft Surface Dock Updater](https://www.microsoft.com/download/details.aspx?id=46703) tool allows you to check the firmware status of a Surface Dock and to manually update the firmware of Surface Dock devices. It is most often used to update Surface Docks prior to deployment of those Surface Docks to end users or as a troubleshooting tool. Microsoft Surface Dock Updater walks you through the process of updating the firmware on one or more Surface Docks, including the required connect and disconnect steps to perform the complete firmware installation.
-
-When you run the Microsoft Surface Dock Updater installer you will be prompted to accept an End User License Agreement (EULA).
-
->[!NOTE]
->Updating Surface Dock firmware requires connectivity to the Surface Dock via the Surface Connect™ port. Installation of the Microsoft Surface Dock Updater is only supported on devices that feature the Surface Connect™ port.
-
->[!NOTE]
->The Surface Dock Updater tool is unable to run on Windows 10 S. To manually update a Surface Dock for use with Surface Laptop and Windows 10 S, connect the Surface Dock to another Surface device with a Windows 10 Pro or Windows 10 Enterprise environment.
-
-## Update a Surface Dock with Microsoft Surface Dock Updater
-
-
-After you install the [Microsoft Surface Dock Updater](https://www.microsoft.com/download/details.aspx?id=46703) tool, you can find Microsoft Surface Dock Updater under **All Apps** in your Start menu. Click **Microsoft Surface Dock Updater** to start the application.
-
-To update a Surface Dock with Microsoft Surface Dock Updater, follow these steps:
-
-1. Click Start to begin the firmware update process. If you do not have a Surface Dock connected, you will be prompted to connect a Surface Dock.
-
-2. Microsoft Surface Dock Updater checks the status of your Surface Dock firmware.
-
- - If the tool determines that the firmware of your Surface Dock is up to date, a **You have the latest firmware for this Surface Dock** message is displayed, as shown in Figure 1.
-
- 
-
- *Figure 1. Your Surface Dock firmware is up to date*
-
- - If Microsoft Surface Dock Updater determines that the firmware of your Surface Dock is not up to date, a **This Surface Dock is not running the latest firmware** message is displayed, as shown in Figure 2.
-
- 
-
- *Figure 2. Your Surface Dock firmware needs to be updated*
-
-3. To begin the firmware update process, click **Update** on the **Surface Dock Firmware** page.
-
-4. Before the firmware update process begins, you will be prompted for confirmation. Click **OK** to proceed or **Cancel** to return to the **Surface Dock Firmware** page displaying the status of your Surface Dock firmware.
-
-5. As the firmware update is uploaded to the Surface Dock, a **Progress** page is displayed, as shown in Figure 3. Do not disconnect the Surface Dock while firmware is being uploaded.
-
- 
-
- *Figure 3. Progress of firmware update upload to Surface Dock*
-
-6. After the firmware update has successfully uploaded to the Surface Dock, you are prompted to disconnect and then reconnect the Surface Dock from the Surface device, as shown in Figure 4. The main chipset firmware update will be applied while the Surface Dock is disconnected.
-
- 
-
- *Figure 4. Disconnect and reconnect Surface Dock when prompted*
-
-7. When the main chipset firmware update is verified, the DisplayPort chipset firmware update will be uploaded to the Surface Dock. Upon completion, a **Success** page is displayed and you will again be prompted to disconnect the Surface Dock, as shown in Figure 5.
-
- 
-
- *Figure 5. Successful upload of Surface Dock firmware*
-
-8. After you disconnect the Surface Dock the DisplayPort firmware update will be installed. This process occurs on the Surface Dock hardware while it is disconnected. The Surface Dock must remain powered for up to 3 minutes after it has been disconnected for the firmware update to successfully install. An **Update in Progress** page is displayed (as shown in Figure 6), with a countdown timer to show the estimated time remaining to complete the firmware update installation.
-
- 
-
- *Figure 6. Countdown timer to complete firmware installation on Surface Dock*
-
-9. If you want to update multiple Surface Docks in one sitting, you can click the **Update another Surface Dock** button to begin the process on the next Surface Dock.
-
- >[!NOTE]
- >The LED in the Ethernet port of the dock will blink while the update is in progress. Please wait until the LED stops blinking before you unplug your Surface Dock from power.
-
-
-
-## Troubleshooting Microsoft Surface Dock Updater
-
-
-If the Surface Dock firmware update process encounters an installation error with either firmware update, the **Encountered an unexpected error** page may be displayed, as shown in Figure 7.
-
-
-
-*Figure 7. Firmware update installation has encountered an error*
-
-Microsoft Surface Dock Updater logs its progress into the Event Log, as shown in Figure 8. If you need to troubleshoot an update through this tool, you will find Surface Dock events recorded with the following event IDs:
-
-| Event ID | Event type |
-|----------|----------------------------------------------------------|
-| 12100 | Up-to-date confirmation |
-| 12101 | Event in the main chipset firmware update process |
-| 12102 | Event in the DisplayPort chipset firmware update process |
-| 12105 | Error |
-
-
-
-
-*Figure 8. Surface Dock Updater events in Event Viewer*
-
-## Changes and updates
-
-Microsoft periodically updates Surface Dock Updater.
-
->[!Note]
->Each update to Surface Dock firmware is included in a new version of Surface Dock Updater. To update a Surface Dock to the latest firmware, you must use the latest version of Surface Dock Updater.
-
-### Version 2.23.139.0
-*Release Date: 10 October 2018*
-
-This version of Surface Dock Updater adds support for the following:
-
-- Add support for Surface Pro 6
-- Add support for Surface Laptop 2
-
-
-### Version 2.22.139.0
-*Release Date: 26 July 2018*
-
-This version of Surface Dock Updater adds support for the following:
-
-- Increase update reliability
-- Add support for Surface Go
-
-### Version 2.12.136.0
-*Release Date: 29 January 2018*
-
-This version of Surface Dock Updater adds support for the following:
-* Update for Surface Dock Main Chipset Firmware
-* Update for Surface Dock DisplayPort Firmware
-* Improved display stability for external displays when used with Surface Book or Surface Book 2
-
-Additionally, installation of this version of Surface Dock Updater on Surface Book devices includes the following:
-* Update for Surface Book Base Firmware
-* Added support for Surface Dock firmware updates with improvements targeted to Surface Book devices
-
->[!Note]
->Before the Surface Dock firmware update applied by Surface Dock Updater v2.12.136.0 will take effect on a Surface Book device, a firmware update for the Surface Book Base is required. If you install Surface Dock Updater v2.12.136.0 on a Surface Book and update an attached Surface Dock from that same device, the firmware of the Surface Book Base will automatically be updated when installing the Surface Dock Updater. However, if you update a Surface Dock using Surface Dock Updater v2.12.136.0 on different device, and then connect that Surface Dock to a Surface Book where Surface Dock Updater v2.12.136.0 has not been installed, the benefits of the updated Surface Dock will not be enabled. To enable the benefits of the updated Surface Dock on a Surface Book device, Surface Book Base firmware must also be updated by installing Surface Dock Updater v2.12.136.0 on the Surface Book device. Surface Book Base firmware update is not required on a Surface Book 2 device.
-
-
-### Version 2.9.136.0
-*Release date: November 3, 2017*
-
-This version of Surface Dock Updater adds support for the following:
-
-* Update for Surface Dock DisplayPort Firmware
-* Resolves an issue with audio over passive display port adapters
-
-### Version 2.1.15.0
-*Release date: June 19, 2017*
-
-This version of Surface Dock Updater adds support for the following:
-
-* Surface Laptop
-* Surface Pro
-
-### Version 2.1.6.0
-*Release date: April 7, 2017*
-
-This version of Surface Dock Updater adds support for the following:
-
-* Update for Surface Dock DisplayPort firmware
-* Requires Windows 10
-
-### Version 2.0.22.0
-*Release date: October 21, 2016*
-
-This version of Surface Dock Updater adds support for the following:
-
-* Update for Surface Dock USB firmware
-* Improved reliability of Ethernet, audio, and USB ports
-
-### Version 1.0.8.0
-*Release date: April 26, 2016*
-
-This version of Surface Dock Updater adds support for the following:
-
-* Update for Surface Dock Main Chipset firmware
-* Update for Surface Dock DisplayPort firmware
-
-
-
-
-
-
diff --git a/devices/surface/surface-enterprise-management-mode.md b/devices/surface/surface-enterprise-management-mode.md
index df65b6c73d..5944375042 100644
--- a/devices/surface/surface-enterprise-management-mode.md
+++ b/devices/surface/surface-enterprise-management-mode.md
@@ -226,7 +226,9 @@ create a reset package using PowerShell to reset SEMM.
## Version History
-
+### Version 2.54.139.0
+* Support to Surface Hub 2S
+* Bug fixes
### Version 2.43.136.0
* Support to enable/disable simulatenous multithreating
diff --git a/devices/surface/surface-wireless-connect.md b/devices/surface/surface-wireless-connect.md
index fe1ff34fe6..cad2a6924f 100644
--- a/devices/surface/surface-wireless-connect.md
+++ b/devices/surface/surface-wireless-connect.md
@@ -1,18 +1,19 @@
---
-title: Optimizing wireless connectivity for Surface devices
-description: This topic provides guidance around recommended wireless connectivity settings for network admins and users.
+title: Optimize Wi-Fi connectivity for Surface devices
+description: This topic describes recommended Wi-Fi settings to ensure Surface devices stay connected in congested network environments and mobile scenarios.
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: dansimp
-ms.localizationpriority: medium
+ms.audience: itpro
+ms.localization_priority: normal
ms.author: dansimp
ms.topic: article
ms.date: 08/15/2019
-ms.reviewer:
+ms.reviewer: tokatz
manager: dansimp
---
-# Optimizing wireless connectivity for Surface devices
+# Optimize Wi-Fi connectivity for Surface devices
## Introduction
@@ -75,7 +76,7 @@ Leave the roaming aggressiveness setting in the default state unless you’re en
1. Go to **Start > Control Panel** > **Network and Internet** > **Network and Sharing Center.**
2. Under **Connections** select **Wi-Fi** and then select **Properties.**
3. Select **Client for Microsoft Networks** and then select **Configure**
-4. Select **Advanced** > **Roaming Aggressiveness** and choose ****your preferred value from the drop-down menu.
+4. Select **Advanced** > **Roaming Aggressiveness** and choose your preferred value from the drop-down menu.
diff --git a/devices/surface/surface.yml b/devices/surface/surface.yml
deleted file mode 100644
index 8287763c1e..0000000000
--- a/devices/surface/surface.yml
+++ /dev/null
@@ -1,61 +0,0 @@
-### YamlMime:YamlDocument
-
-documentType: LandingData
-title: Surface devices
-metadata:
- document_id:
- title: Surface devices
- description: Find tools, step-by-step guides, and other resources to help you plan, deploy, and manage Surface devices in your organization.
- keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories
- ms.localizationpriority: medium
- author: lizap
- ms.author: elizapo
- manager: dougkim
- ms.topic: article
- ms.devlang: na
-
-sections:
-- items:
- - type: markdown
- text: "
- Find tools, step-by-step guides, and other resources to help you plan, deploy, and manage Surface devices in your organization.
- "
-- title: Explore
-- items:
- - type: markdown
- text: "
- Evaluate the Surface device portfolio, review the tools and technologies for management of your Surface devices, and learn about Surface technologies and devices with engineering walkthroughs.
- 
**Surface Pro**
Light enough to take anywhere. Powerful enough to use as a full desktop workstation.
See spec | 
**Surface Book**
Built for extreme performance. Lightning fast access to apps. Up to 16 hours of battery life.
See spec | 
**Surface Studio**
Professional-grade power and performance. Use it upright or draw on it like a drafting table.
See spec |
-
- "
-- title: Plan
-- items:
- - type: markdown
- text: "
- Explore essential concepts for the deployment of Windows 10 to Surface devices.
- 
**Try Windows 10 Enterprise free for 90 days**
Try the latest features. Test your apps, hardware, and deployment strategies.
Get started | 
**Windows 10 upgrade paths**
Upgrade to Windows 10 from a previous version, or from one edition to another.
Explore paths | 
**Prepare for Windows 10 deployment**
Get familiar with current deployment options and best practices.
Review options |
-
- "
-- title: Deploy
-- items:
- - type: markdown
- text: "
- Download deployment tools and get step-by-step guidance on how to upgrade a Surface device or deploy a new image.
- 
**Microsoft Deployment Toolkit (MDT)**
Automate Windows 10 deployment, and more easily manage security and configurations.
Download the toolkit | 
**System Center Configuration Manager**
Use in tandem with MDT to deploy Windows 10 and manage PCs and devices moving forward.
Download an eval | 
**Surface Deployment Accelerator**
Automate the creation and configuration of Windows images for Surface devices.
Download the accelerator |
-
- "
-- title: Manage
-- items:
- - type: markdown
- text: "
- Learn how to more easily manage and secure Surface devices in your organization.
-
- "
-- title: Stay informed
-- items:
- - type: markdown
- text: "
- 
**Surface IT Pro Blog**
Get insight into new Surface products plus tips and tricks for IT professionals.
Learn more | 
**Surface on Microsoft Mechanics**
View technical demos and walkthroughs of Surface devices, features, and functionality.
Get started | 
**Follow us on Twitter**
Keep up with the latest news and see the latest product demonstrations.
Visit Twitter |
-
- "
diff --git a/devices/surface/update.md b/devices/surface/update.md
index d68bf71ed8..121bf7a6e7 100644
--- a/devices/surface/update.md
+++ b/devices/surface/update.md
@@ -23,5 +23,5 @@ Find out how to download and manage the latest firmware and driver updates for y
| --- | --- |
| [Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md)| Explore the available options to manage firmware and driver updates for Surface devices.|
| [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)| Find links to manually deploy firmware and drivers, outside of Windows Update. |
-| [Surface Dock Updater](surface-dock-updater.md)| Get a detailed walkthrough of Microsoft Surface Dock Updater.|
+| [Surface Dock Firmware Update](surface-dock-firmware-update.md)| See how you can update Surface Dock firmware automatically.|
|[Wake On LAN for Surface devices](wake-on-lan-for-surface-devices.md) | See how you can use Wake On LAN to remotely wake up devices to perform management or maintenance tasks, or to enable management solutions automatically. |
diff --git a/devices/surface/upgrade-surface-devices-to-windows-10-with-mdt.md b/devices/surface/upgrade-surface-devices-to-windows-10-with-mdt.md
index fc7cf4147e..fc560e5345 100644
--- a/devices/surface/upgrade-surface-devices-to-windows-10-with-mdt.md
+++ b/devices/surface/upgrade-surface-devices-to-windows-10-with-mdt.md
@@ -52,7 +52,7 @@ You will also need to have available the following resources:
* Windows 10 installation files, such as the installation media downloaded from the [Volume Licensing Service Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx)
>[!NOTE]
- >Installation media for use with MDT must contain a Windows image in Windows Imaging Format (.wim). Installation media produced by the [Get Windows 10](https://www.microsoft.com/en-us/software-download/windows10/) page does not use a .wim file, instead using an Electronic Software Download (.esd) file, which is not compatible with MDT.
+ >Installation media for use with MDT must contain a Windows image in Windows Imaging Format (.wim). Installation media produced by the [Get Windows 10](https://www.microsoft.com/software-download/windows10/) page does not use a .wim file, instead using an Electronic Software Download (.esd) file, which is not compatible with MDT.
* [Surface firmware and drivers](https://technet.microsoft.com/itpro/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices) for Windows 10
* Application installation files for any applications you want to install, such as the Surface app
diff --git a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md
index dff968bbf3..0432c65257 100644
--- a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md
+++ b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md
@@ -44,7 +44,7 @@ Management of SEMM with Configuration Manager requires the installation of Micro
#### Download SEMM scripts for Configuration Manager
-After Microsoft Surface UEFI Manager is installed on the client Surface device, SEMM is deployed and managed with PowerShell scripts. You can download samples of the [SEMM management scripts](https://www.microsoft.com/en-us/download/details.aspx?id=46703) from the Download Center.
+After Microsoft Surface UEFI Manager is installed on the client Surface device, SEMM is deployed and managed with PowerShell scripts. You can download samples of the [SEMM management scripts](https://www.microsoft.com/download/details.aspx?id=46703) from the Download Center.
## Deploy Microsoft Surface UEFI Manager
@@ -378,7 +378,7 @@ The following code fragment, found on lines 380-477, is used to write these regi
### Settings names and IDs
-To configure Surface UEFI settings or permissions for Surface UEFI settings, you must refer to each setting by either its setting name or setting ID. With each new update for Surface UEFI, new settings may be added. The best way to get a complete list of the settings available on a Surface device, along with the settings name and settings IDs, is to use the ShowSettingsOptions.ps1 script from SEMM_Powershell.zip in [Surface Tools for IT Downloads](https://www.microsoft.com/en-us/download/details.aspx?id=46703)
+To configure Surface UEFI settings or permissions for Surface UEFI settings, you must refer to each setting by either its setting name or setting ID. With each new update for Surface UEFI, new settings may be added. The best way to get a complete list of the settings available on a Surface device, along with the settings name and settings IDs, is to use the ShowSettingsOptions.ps1 script from SEMM_Powershell.zip in [Surface Tools for IT Downloads](https://www.microsoft.com/download/details.aspx?id=46703)
The computer where ShowSettingsOptions.ps1 is run must have Microsoft Surface UEFI Manager installed, but the script does not require a Surface device.
diff --git a/devices/surface/windows-autopilot-and-surface-devices.md b/devices/surface/windows-autopilot-and-surface-devices.md
index 8134359845..aee66dbdb7 100644
--- a/devices/surface/windows-autopilot-and-surface-devices.md
+++ b/devices/surface/windows-autopilot-and-surface-devices.md
@@ -19,39 +19,10 @@ Windows Autopilot is a cloud-based deployment technology available in Windows 10
With Surface devices, you can choose to register your devices at the time of purchase when purchasing from a Surface partner enabled for Windows Autopilot. New devices can be shipped directly to your end-users and will be automatically enrolled and configured when the units are unboxed and turned on for the first time. This process can eliminate need to reimage your devices as part of your deployment process, reducing the work required of your deployment staff and opening up new, agile methods for device management and distribution.
-In this article learn how to enroll your Surface devices in Windows Autopilot with a Surface partner and the options and considerations you will need to know along the way. This article focuses specifically on Surface devices, for more information about using Windows Autopilot with other devices, or to read more about Windows Autopilot and its capabilities, see [Overview of Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-10-autopilot) in the Windows Docs Library.
-
-## Prerequisites
-Enrollment of Surface devices in Windows Autopilot with a Surface partner enabled for Windows Autopilot has the following licensing requirements for each enrolled Surface device:
-* **Azure Active Directory Premium** – Required to enroll your devices in your organization and to automatically enroll devices in your organization’s mobile management solution.
-* **Mobile Device Management (such as Microsoft Intune)** – Required to remotely deploy applications, configure, and manage your enrolled devices.
-* **Office 365 ProPlus** – Required to deploy Microsoft Office to your enrolled devices.
-
-These requirements are also met by the following solutions:
-* Microsoft 365 E3 or E5 (includes Azure Active Directory Premium, Microsoft Intune, and Office 365 ProPlus)
-
-Or
-* Enterprise Mobility + Security E3 or E5 (includes Azure Active Directory Premium and Microsoft Intune)
-* Office 365 ProPlus, E3, or E5 (includes Office 365 ProPlus)
-
->[!NOTE]
->Deployment of devices using Windows Autopilot to complete the Out-of-Box Experience (OOBE) is supported without these prerequisites, however will yield deployed devices without applications, configuration, or enrollment in a management solution and is highly discouraged.
+In this article learn how to enroll your Surface devices in Windows Autopilot with a Surface partner and the options and considerations you will need to know along the way. This article focuses specifically on Surface devices, for more information about using Windows Autopilot with other devices, or to read more about Windows Autopilot and its capabilities, see [Overview of Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-10-autopilot) in the Windows Docs Library. For information about licensing and other prerequisites, see [Windows Autopilot requirements](https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot-requirements).
### Windows version considerations
-Support for broad deployments of Surface devices using Windows Autopilot, including enrollment performed by Surface partners at the time of purchase, requires devices manufactured with or otherwise installed with Windows 10 Version 1709 (Fall Creators Update). Windows 10 Version 1709 uses a secure 4096-bit (4k) hash value to uniquely identify devices for Windows Autopilot that is necessary for deployments at scale.
-
-### Surface device support
-Surface devices with support for out-of-box deployment with Windows Autopilot, enrolled during the purchase process with a Surface partner, include the following devices, where the devices ship from the factory with Windows 10 Version 1709:
-
-* Surface Pro (5th gen)
-* Surface Laptop(1st gen)
-* Surface Studio (1st gen)
-* Surface Pro 6
-* Surface Book 2
-* Surface Laptop 2
-* Surface Studio 2
-* Surface Go
-* Surface Go with LTE Advanced
+Support for broad deployments of Surface devices using Windows Autopilot, including enrollment performed by Surface partners at the time of purchase, requires devices manufactured with or otherwise installed with Windows 10 Version 1709 (Fall Creators Update) or later. These versions support a 4000-byte (4k) hash value to uniquely identify devices for Windows Autopilot that is necessary for deployments at scale. All new Surface devices ship with Windows 10 Version 1709 or above.
## Surface partners enabled for Windows Autopilot
Enrolling Surface devices in Windows Autopilot at the time of purchase is a capability provided by select Surface partners that are enabled with the capability to identify individual Surface devices during the purchase process and perform enrollment on an organization’s behalf. Devices enrolled by a Surface partner at time of purchase can be shipped directly to users and configured entirely through the zero-touch process of Windows Autopilot, Azure Active Directory, and Mobile Device Management.
@@ -63,4 +34,3 @@ When you purchase Surface devices from a Surface partner enabled for Windows Aut
- [Insight](https://www.insight.com/en_US/buy/partner/microsoft/surface/windows-autopilot.html)
- [SHI](https://www.shi.com/Surface)
-
diff --git a/education/get-started/change-history-ms-edu-get-started.md b/education/get-started/change-history-ms-edu-get-started.md
index 5273dbe9ce..8524f4cf8b 100644
--- a/education/get-started/change-history-ms-edu-get-started.md
+++ b/education/get-started/change-history-ms-edu-get-started.md
@@ -6,8 +6,8 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: edu
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 07/07/2017
ms.reviewer:
manager: dansimp
diff --git a/education/get-started/configure-microsoft-store-for-education.md b/education/get-started/configure-microsoft-store-for-education.md
index 3047fe8d8d..3aedd8379c 100644
--- a/education/get-started/configure-microsoft-store-for-education.md
+++ b/education/get-started/configure-microsoft-store-for-education.md
@@ -8,8 +8,8 @@ ms.sitesec: library
ms.topic: quickstart
ms.localizationpriority: medium
ms.pagetype: edu
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 08/29/2017
ms.reviewer:
manager: dansimp
diff --git a/education/get-started/enable-microsoft-teams.md b/education/get-started/enable-microsoft-teams.md
index 986a6c4af0..76b967ae75 100644
--- a/education/get-started/enable-microsoft-teams.md
+++ b/education/get-started/enable-microsoft-teams.md
@@ -8,8 +8,8 @@ ms.sitesec: library
ms.topic: quickstart
ms.localizationpriority: medium
ms.pagetype: edu
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 07/28/2017
ms.reviewer:
manager: dansimp
diff --git a/education/get-started/finish-setup-and-other-tasks.md b/education/get-started/finish-setup-and-other-tasks.md
index 8633a400ed..f0bd720e51 100644
--- a/education/get-started/finish-setup-and-other-tasks.md
+++ b/education/get-started/finish-setup-and-other-tasks.md
@@ -8,8 +8,8 @@ ms.sitesec: library
ms.topic: quickstart
ms.localizationpriority: medium
ms.pagetype: edu
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 10/09/2017
ms.reviewer:
manager: dansimp
diff --git a/education/get-started/get-started-with-microsoft-education.md b/education/get-started/get-started-with-microsoft-education.md
index 64cf56759a..e5347813d5 100644
--- a/education/get-started/get-started-with-microsoft-education.md
+++ b/education/get-started/get-started-with-microsoft-education.md
@@ -8,8 +8,8 @@ ms.sitesec: library
ms.topic: article
ms.localizationpriority: medium
ms.pagetype: edu
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 10/09/2017
ms.reviewer:
manager: dansimp
diff --git a/education/get-started/inclusive-classroom-it-admin.md b/education/get-started/inclusive-classroom-it-admin.md
index d8c3f7273d..0cd250e3ff 100644
--- a/education/get-started/inclusive-classroom-it-admin.md
+++ b/education/get-started/inclusive-classroom-it-admin.md
@@ -9,8 +9,8 @@ ms.topic: article
ms.localizationpriority: medium
ms.pagetype: edu
ROBOTS: noindex,nofollow
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 06/12/2018
ms.reviewer:
manager: dansimp
diff --git a/education/get-started/set-up-office365-edu-tenant.md b/education/get-started/set-up-office365-edu-tenant.md
index f0887073f7..64499de75e 100644
--- a/education/get-started/set-up-office365-edu-tenant.md
+++ b/education/get-started/set-up-office365-edu-tenant.md
@@ -8,8 +8,8 @@ ms.sitesec: library
ms.topic: quickstart
ms.localizationpriority: medium
ms.pagetype: edu
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 10/09/2017
ms.reviewer:
manager: dansimp
diff --git a/education/get-started/set-up-windows-10-education-devices.md b/education/get-started/set-up-windows-10-education-devices.md
index 7bd5123140..2bcc88089c 100644
--- a/education/get-started/set-up-windows-10-education-devices.md
+++ b/education/get-started/set-up-windows-10-education-devices.md
@@ -8,8 +8,8 @@ ms.sitesec: library
ms.topic: quickstart
ms.localizationpriority: medium
ms.pagetype: edu
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 10/09/2017
ms.reviewer:
manager: dansimp
diff --git a/education/get-started/set-up-windows-education-devices.md b/education/get-started/set-up-windows-education-devices.md
index cb83590354..a3175b1d1b 100644
--- a/education/get-started/set-up-windows-education-devices.md
+++ b/education/get-started/set-up-windows-education-devices.md
@@ -8,8 +8,8 @@ ms.sitesec: library
ms.topic: quickstart
ms.localizationpriority: medium
ms.pagetype: edu
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 07/28/2017
ms.reviewer:
manager: dansimp
diff --git a/education/get-started/use-intune-for-education.md b/education/get-started/use-intune-for-education.md
index 1e6eac8cf8..e3e3be043a 100644
--- a/education/get-started/use-intune-for-education.md
+++ b/education/get-started/use-intune-for-education.md
@@ -8,8 +8,8 @@ ms.sitesec: library
ms.topic: quickstart
ms.localizationpriority: medium
ms.pagetype: edu
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 08/29/2017
ms.reviewer:
manager: dansimp
diff --git a/education/get-started/use-school-data-sync.md b/education/get-started/use-school-data-sync.md
index 14a34bcda5..6ab9b54cba 100644
--- a/education/get-started/use-school-data-sync.md
+++ b/education/get-started/use-school-data-sync.md
@@ -8,8 +8,8 @@ ms.sitesec: library
ms.topic: quickstart
ms.localizationpriority: medium
ms.pagetype: edu
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 07/10/2017
ms.reviewer:
manager: dansimp
diff --git a/education/index.md b/education/index.md
index 8dfa606f42..c36a33ee36 100644
--- a/education/index.md
+++ b/education/index.md
@@ -1,11 +1,11 @@
----
+---
layout: HubPage
hide_bc: true
title: Microsoft 365 Education documentation and resources | Microsoft Docs
description: Learn about product documentation and resources available for school IT administrators, teachers, students, and education app developers.
-author: CelesteDG
+author: dansimp
ms.topic: hub-page
-ms.author: celested
+ms.author: dansimp
ms.collection: ITAdminEDU
ms.date: 10/30/2017
ms.prod: w10
@@ -26,7 +26,7 @@ ms.prod: w10
-
-
+
diff --git a/education/trial-in-a-box/educator-tib-get-started.md b/education/trial-in-a-box/educator-tib-get-started.md
index f1d88dc8c8..aff8c085b5 100644
--- a/education/trial-in-a-box/educator-tib-get-started.md
+++ b/education/trial-in-a-box/educator-tib-get-started.md
@@ -9,8 +9,8 @@ ms.topic: article
ms.localizationpriority: medium
ms.pagetype: edu
ROBOTS: noindex,nofollow
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 03/18/2018
ms.reviewer:
manager: dansimp
@@ -339,7 +339,7 @@ For more information about checking for updates, and how to optionally turn on a
## Get more info
* Learn more at
microsoft.com/education
* Find out if your school is eligible for a device trial at
aka.ms/EDUTrialInABox
-*
Buy Windows 10 devices
+*
Buy Windows 10 devices
diff --git a/education/trial-in-a-box/index.md b/education/trial-in-a-box/index.md
index c91f1c0264..f21a0ddcf4 100644
--- a/education/trial-in-a-box/index.md
+++ b/education/trial-in-a-box/index.md
@@ -1,6 +1,6 @@
---
title: Microsoft Education Trial in a Box
-description: For IT admins, educators, and students, discover what you can do with Microsoft 365 Education. Try it out with our Trial in a Box program.
+description: For IT admins, educators, and students, discover what you can do with Microsoft 365 Education. Try it out with our Trial in a Box program.
keywords: education, Microsoft 365 Education, trial, full cloud IT solution, school, deploy, setup, IT admin, educator, student, explore, Trial in a Box
ms.prod: w10
ms.mktglfcycl: deploy
@@ -9,8 +9,8 @@ ms.topic: article
ms.localizationpriority: medium
ms.pagetype: edu
ROBOTS: noindex,nofollow
-author: CelesteDG
-ms.author: celested
+author: dansimp
+ms.author: dansimp
ms.date: 12/11/2017
---
diff --git a/education/trial-in-a-box/itadmin-tib-get-started.md b/education/trial-in-a-box/itadmin-tib-get-started.md
index b4cdaad1f4..1965c6abf7 100644
--- a/education/trial-in-a-box/itadmin-tib-get-started.md
+++ b/education/trial-in-a-box/itadmin-tib-get-started.md
@@ -9,8 +9,8 @@ ms.topic: quickstart
ms.localizationpriority: medium
ms.pagetype: edu
ROBOTS: noindex,nofollow
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 03/18/2018
ms.reviewer:
manager: dansimp
@@ -278,4 +278,4 @@ For more information about checking for updates, and how to optionally turn on a
## Get more info
* Learn more at
microsoft.com/education
* Find out if your school is eligible for a device trial at
aka.ms/EDUTrialInABox
-*
Buy Windows 10 devices
+*
Buy Windows 10 devices
diff --git a/education/trial-in-a-box/support-options.md b/education/trial-in-a-box/support-options.md
index b377719a91..9cb32351de 100644
--- a/education/trial-in-a-box/support-options.md
+++ b/education/trial-in-a-box/support-options.md
@@ -1,6 +1,6 @@
---
title: Microsoft Education Trial in a Box Support
-description: Need help or have a question about using Microsoft Education Trial in a Box? Start here.
+description: Need help or have a question about using Microsoft Education Trial in a Box? Start here.
keywords: support, troubleshooting, education, Microsoft 365 Education, full cloud IT solution, school, deploy, setup, manage, Windows 10, Intune for Education, Office 365 for Education, Microsoft Store for Education, Set up School PCs
ms.prod: w10
ms.mktglfcycl: deploy
@@ -9,8 +9,8 @@ ms.topic: article
ms.localizationpriority: medium
ms.pagetype: edu
ROBOTS: noindex,nofollow
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 03/18/2018
ms.reviewer:
manager: dansimp
diff --git a/education/windows/autopilot-reset.md b/education/windows/autopilot-reset.md
index 2c11c122c4..ecc1f3f77c 100644
--- a/education/windows/autopilot-reset.md
+++ b/education/windows/autopilot-reset.md
@@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: edu
ms.localizationpriority: medium
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 06/27/2018
ms.reviewer:
manager: dansimp
diff --git a/education/windows/change-history-edu.md b/education/windows/change-history-edu.md
index b3dd38357b..9302c8fdb4 100644
--- a/education/windows/change-history-edu.md
+++ b/education/windows/change-history-edu.md
@@ -6,8 +6,8 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: edu
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 05/21/2019
ms.reviewer:
manager: dansimp
diff --git a/education/windows/change-to-pro-education.md b/education/windows/change-to-pro-education.md
index da30be64ef..e40ce61ea7 100644
--- a/education/windows/change-to-pro-education.md
+++ b/education/windows/change-to-pro-education.md
@@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: edu
ms.localizationpriority: medium
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 05/21/2019
ms.reviewer:
manager: dansimp
@@ -37,7 +37,7 @@ Before you change to Windows 10 Pro Education, make sure you meet these requirem
- The user making the changes must be a member of the Azure AD global administrator group.
## Compare Windows 10 Pro and Pro Education editions
-You can [compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare) to find out more about the features we support in other editions of Windows 10.
+You can [compare Windows 10 Editions](https://www.microsoft.com/WindowsForBusiness/Compare) to find out more about the features we support in other editions of Windows 10.
For more info about Windows 10 default settings and recommendations for education customers, see [Windows 10 configuration recommendations for education customers](configure-windows-for-education.md).
@@ -314,6 +314,6 @@ For more information about integrating on-premises AD DS domains with Azure AD,
[Deploy Windows 10 in a school](deploy-windows-10-in-a-school.md)
[Deploy Windows 10 in a school district](deploy-windows-10-in-a-school-district.md)
-[Compare Windows 10 editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare)
+[Compare Windows 10 editions](https://www.microsoft.com/WindowsForBusiness/Compare)
[Windows 10 subscription activation](https://docs.microsoft.com/windows/deployment/windows-10-subscription-activation)
diff --git a/education/windows/chromebook-migration-guide.md b/education/windows/chromebook-migration-guide.md
index 9769d7a3bf..051954b11f 100644
--- a/education/windows/chromebook-migration-guide.md
+++ b/education/windows/chromebook-migration-guide.md
@@ -10,8 +10,8 @@ ms.mktglfcycl: plan
ms.sitesec: library
ms.pagetype: edu, devices
ms.localizationpriority: medium
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 10/13/2017
---
diff --git a/education/windows/configure-windows-for-education.md b/education/windows/configure-windows-for-education.md
index 1cb747217a..688b66c92b 100644
--- a/education/windows/configure-windows-for-education.md
+++ b/education/windows/configure-windows-for-education.md
@@ -7,8 +7,8 @@ ms.sitesec: library
ms.prod: w10
ms.pagetype: edu
ms.localizationpriority: medium
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 08/31/2017
ms.reviewer:
manager: dansimp
diff --git a/education/windows/deploy-windows-10-in-a-school-district.md b/education/windows/deploy-windows-10-in-a-school-district.md
index bb621c32d8..43b68e46ad 100644
--- a/education/windows/deploy-windows-10-in-a-school-district.md
+++ b/education/windows/deploy-windows-10-in-a-school-district.md
@@ -7,8 +7,8 @@ ms.mktglfcycl: plan
ms.pagetype: edu
ms.sitesec: library
ms.localizationpriority: medium
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.reviewer:
manager: dansimp
---
@@ -26,7 +26,7 @@ This guide shows you how to deploy the Windows 10 operating system in a school d
Proper preparation is essential for a successful district deployment. To avoid common mistakes, your first step is to plan a typical district configuration. Just as with building a house, you need a blueprint for what your district and individual schools should look like when it’s finished. The second step in preparation is to learn how you will manage the users, apps, and devices in your district. Just as a builder needs to have the right tools to build a house, you need the right set of tools to deploy your district.
->**Note** This guide focuses on Windows 10 deployment and management in a district. For management of other devices and operating systems in education environments, see [Manage BYOD and corporate-owned devices with MDM solutions](https://www.microsoft.com/en-us/cloud-platform/mobile-device-management).
+>**Note** This guide focuses on Windows 10 deployment and management in a district. For management of other devices and operating systems in education environments, see [Manage BYOD and corporate-owned devices with MDM solutions](https://www.microsoft.com/cloud-platform/mobile-device-management).
### Plan a typical district configuration
@@ -115,7 +115,7 @@ The configuration process requires the following devices:
* **Admin device.** This is the device you use for your day-to-day job functions. It’s also the one you use to create and manage the Windows 10 and app deployment process. You install the Windows ADK, MDT, and the System Center Configuration Manager Console on this device.
* **Reference devices.** These are the devices that you will use as a template for the faculty and student devices. You install Windows 10 and Windows desktop apps on these devices, and then capture an image (.wim file) of the devices.
- You will have a reference device for each type of device in your district. For example, if your district has Surface, HP Stream, Dell Inspiron, and Lenovo Yoga devices, then you would have a reference device for each model. For more information about approved Windows 10 devices, see [Explore devices](https://www.microsoft.com/en-us/windows/view-all).
+ You will have a reference device for each type of device in your district. For example, if your district has Surface, HP Stream, Dell Inspiron, and Lenovo Yoga devices, then you would have a reference device for each model. For more information about approved Windows 10 devices, see [Explore devices](https://www.microsoft.com/windows/view-all).
* **Faculty and staff devices.** These are the devices that the teachers, faculty, and staff use for their day-to-day job functions. You use the admin device to deploy (or upgrade) Windows 10 and apps to these devices.
* **Student devices.** The students will use these devices. You will use the admin device deploy (or upgrade) Windows 10 and apps to them.
@@ -550,7 +550,7 @@ In this section, you installed the Windows ADK and MDT on the admin device. You
Office 365 is one of the core components of your classroom environment. You create and manage student identities in Office 365, and students and teachers use the suite as their email, contacts, and calendar system. They also use Office 365 collaboration features such as SharePoint, OneNote, and OneDrive for Business.
-As a first step in deploying your classroom, create an Office 365 Education subscription, and then configure Office 365 for the classroom. For more information about Office 365 Education deployment, see [School deployment of Office 365 Education](https://www.microsoft.com/en-us/education/products/office-365-deployment-resources/default.aspx).
+As a first step in deploying your classroom, create an Office 365 Education subscription, and then configure Office 365 for the classroom. For more information about Office 365 Education deployment, see [School deployment of Office 365 Education](https://www.microsoft.com/education/products/office-365-deployment-resources/default.aspx).
### Select the appropriate Office 365 Education license plan
@@ -991,7 +991,7 @@ Depending on your school’s requirements, you may need any combination of the f
>**Note** Although you can use Windows 10 Home on institution-owned devices, Microsoft recommends that you use Windows 10 Pro or Windows 10 Education, instead. Windows 10 Pro and Windows 10 Education provide support for MDM, policy-based management, and Microsoft Store for Business—features not available in Windows 10 Home. For more information about how to upgrade Windows 10 Home to Windows 10 Pro or Windows 10 Education, see [Windows 10 edition upgrade](https://technet.microsoft.com/itpro/windows/deploy/windows-10-edition-upgrades).
-For more information about the Windows 10 editions, see [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
+For more information about the Windows 10 editions, see [Compare Windows 10 Editions](https://www.microsoft.com/WindowsForBusiness/Compare).
One other consideration is the mix of processor architectures you will support. If you can, support only 64-bit versions of Windows 10. If you have devices that can run only 32-bit versions of Windows 10, you will need to import both 64-bit and 32-bit versions of the Windows 10 editions listed above.
diff --git a/education/windows/deploy-windows-10-in-a-school.md b/education/windows/deploy-windows-10-in-a-school.md
index f1696a220d..3cfeafb6d3 100644
--- a/education/windows/deploy-windows-10-in-a-school.md
+++ b/education/windows/deploy-windows-10-in-a-school.md
@@ -7,8 +7,8 @@ ms.mktglfcycl: plan
ms.pagetype: edu
ms.sitesec: library
ms.localizationpriority: medium
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.reviewer:
manager: dansimp
---
@@ -164,7 +164,7 @@ In this section, you installed the Windows ADK and MDT on the admin device. You
Office 365 is one of the core components of your classroom environment. You create and manage student identities in Office 365, and students and teachers use the suite as their email, contacts, and calendar system. Teachers and students use Office 365 collaboration features such as SharePoint, OneNote, and OneDrive for Business.
-As a first step in deploying your classroom, create an Office 365 Education subscription, and then configure Office 365 for the classroom. For more information about Office 365 Education deployment, see [School deployment of Office 365 Education](https://www.microsoft.com/en-us/education/products/office-365-deployment-resources/default.aspx).
+As a first step in deploying your classroom, create an Office 365 Education subscription, and then configure Office 365 for the classroom. For more information about Office 365 Education deployment, see [School deployment of Office 365 Education](https://www.microsoft.com/education/products/office-365-deployment-resources/default.aspx).
### Select the appropriate Office 365 Education license plan
diff --git a/education/windows/edu-deployment-recommendations.md b/education/windows/edu-deployment-recommendations.md
index cb30050aa8..1f3bcffff3 100644
--- a/education/windows/edu-deployment-recommendations.md
+++ b/education/windows/edu-deployment-recommendations.md
@@ -5,8 +5,8 @@ keywords: Windows 10 deployment, recommendations, privacy settings, school
ms.mktglfcycl: plan
ms.sitesec: library
ms.localizationpriority: medium
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 10/13/2017
ms.reviewer:
manager: dansimp
diff --git a/education/windows/education-scenarios-store-for-business.md b/education/windows/education-scenarios-store-for-business.md
index 5598256e19..3149237ba1 100644
--- a/education/windows/education-scenarios-store-for-business.md
+++ b/education/windows/education-scenarios-store-for-business.md
@@ -6,10 +6,10 @@ ms.prod: w10
ms.mktglfcycl: plan
ms.sitesec: library
ms.localizationpriority: medium
-searchScope:
+searchScope:
- Store
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 03/30/2018
ms.reviewer:
manager: dansimp
diff --git a/education/windows/enable-s-mode-on-surface-go-devices.md b/education/windows/enable-s-mode-on-surface-go-devices.md
index 0862548ea6..0b7fc8c617 100644
--- a/education/windows/enable-s-mode-on-surface-go-devices.md
+++ b/education/windows/enable-s-mode-on-surface-go-devices.md
@@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: edu
ms.localizationpriority: medium
-author: levinec
-ms.author: ellevin
+author: dansimp
+ms.author: dansimp
ms.date: 07/30/2018
ms.reviewer:
manager: dansimp
diff --git a/education/windows/get-minecraft-device-promotion.md b/education/windows/get-minecraft-device-promotion.md
index 4864b6d4a0..bafc4ed6ae 100644
--- a/education/windows/get-minecraft-device-promotion.md
+++ b/education/windows/get-minecraft-device-promotion.md
@@ -6,10 +6,10 @@ ms.prod: w10
ms.mktglfcycl: plan
ms.sitesec: library
ms.localizationpriority: medium
-author: levinec
-searchScope:
+author: dansimp
+searchScope:
- Store
-ms.author: ellevin
+ms.author: dansimp
ms.date: 06/05/2018
ms.reviewer:
manager: dansimp
diff --git a/education/windows/get-minecraft-for-education.md b/education/windows/get-minecraft-for-education.md
index 0908c78b04..7037b5ce14 100644
--- a/education/windows/get-minecraft-for-education.md
+++ b/education/windows/get-minecraft-for-education.md
@@ -6,10 +6,10 @@ ms.prod: w10
ms.mktglfcycl: plan
ms.sitesec: library
ms.localizationpriority: medium
-author: levinec
-searchScope:
+author: dansimp
+searchScope:
- Store
-ms.author: ellevin
+ms.author: dansimp
ms.date: 01/29/2019
ms.reviewer:
manager: dansimp
diff --git a/education/windows/index.md b/education/windows/index.md
index 0f1dedb139..b40b009575 100644
--- a/education/windows/index.md
+++ b/education/windows/index.md
@@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: edu
ms.localizationpriority: medium
-author: CelesteDG
-ms.author: celested
+author: dansimp
+ms.author: dansimp
ms.date: 10/13/2017
---
@@ -19,8 +19,8 @@ ms.date: 10/13/2017
##  Learn
Windows 10 editions for education customers
Windows 10, version 1607 introduces two editions designed for the unique needs of K-12 institutions: Windows 10 Pro Education and Windows 10 Education. These editions provide education-specific default settings for the evolving landscape in K-12 education IT environments.
-
Compare each Windows edition
Find out more about the features and functionality we support in each edition of Windows.
-
Get Windows 10 Education or Windows 10 Pro Education
When you've made your decision, find out how to buy Windows for your school.
+
Compare each Windows edition
Find out more about the features and functionality we support in each edition of Windows.
+
Get Windows 10 Education or Windows 10 Pro Education
When you've made your decision, find out how to buy Windows for your school.
##  Plan
diff --git a/education/windows/s-mode-switch-to-edu.md b/education/windows/s-mode-switch-to-edu.md
index 7c0eaafd0a..4860249e19 100644
--- a/education/windows/s-mode-switch-to-edu.md
+++ b/education/windows/s-mode-switch-to-edu.md
@@ -1,6 +1,6 @@
---
title: Switch to Windows 10 Pro Education in S mode from Windows 10 Pro in S mode
-description: Switching out of Windows 10 Pro in S mode to Windows 10 Pro Education in S mode. The S mode switch documentation describes the requirements and process for Switching to Windows 10 Pro Education in S mode.
+description: Switching out of Windows 10 Pro in S mode to Windows 10 Pro Education in S mode. The S mode switch documentation describes the requirements and process for Switching to Windows 10 Pro Education in S mode.
keywords: Windows 10 S switch, S mode Switch, switch in S mode, Switch S mode, Windows 10 Pro Education in S mode, S mode, system requirements, Overview, Windows 10 Pro in S mode, Education, EDU
ms.mktglfcycl: deploy
ms.localizationpriority: medium
@@ -10,8 +10,8 @@ ms.pagetype: edu
ms.date: 12/03/2018
ms.reviewer:
manager: dansimp
-ms.author: macapara
-author: mjcaparas
+ms.author: dansimp
+author: dansimp
---
# Switch to Windows 10 Pro Education in S mode from Windows 10 Pro in S mode
@@ -71,4 +71,4 @@ Tenant-wide Windows 10 Pro > Pro Education
[FAQs](https://support.microsoft.com/help/4020089/windows-10-in-s-mode-faq)
[Deploy Windows 10 in a school](deploy-windows-10-in-a-school.md)
[Deploy Windows 10 in a school district](deploy-windows-10-in-a-school-district.md)
-[Compare Windows 10 editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare)
+[Compare Windows 10 editions](https://www.microsoft.com/WindowsForBusiness/Compare)
diff --git a/education/windows/school-get-minecraft.md b/education/windows/school-get-minecraft.md
index 00a5baee8a..515bfff44f 100644
--- a/education/windows/school-get-minecraft.md
+++ b/education/windows/school-get-minecraft.md
@@ -6,10 +6,10 @@ ms.prod: w10
ms.mktglfcycl: plan
ms.sitesec: library
ms.localizationpriority: medium
-author: levinec
-searchScope:
+author: dansimp
+searchScope:
- Store
-ms.author: ellevin
+ms.author: dansimp
ms.date: 01/30/2019
ms.reviewer:
manager: dansimp
diff --git a/education/windows/set-up-school-pcs-azure-ad-join.md b/education/windows/set-up-school-pcs-azure-ad-join.md
index 7b8f55bb14..6d62b6bb55 100644
--- a/education/windows/set-up-school-pcs-azure-ad-join.md
+++ b/education/windows/set-up-school-pcs-azure-ad-join.md
@@ -1,14 +1,14 @@
----
-title: Azure AD Join with Set up School PCs app
-description: Describes how Azure AD Join is configured in the Set up School PCs app.
-keywords: shared cart, shared PC, school, set up school pcs
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.sitesec: library
-ms.pagetype: edu
-ms.localizationpriority: medium
-author: levinec
-ms.author: ellevin
+---
+title: Azure AD Join with Set up School PCs app
+description: Describes how Azure AD Join is configured in the Set up School PCs app.
+keywords: shared cart, shared PC, school, set up school pcs
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.sitesec: library
+ms.pagetype: edu
+ms.localizationpriority: medium
+author: dansimp
+ms.author: dansimp
ms.date: 01/11/2019
ms.reviewer:
manager: dansimp
diff --git a/education/windows/set-up-school-pcs-provisioning-package.md b/education/windows/set-up-school-pcs-provisioning-package.md
index 48a2aa9549..12bbf4fc89 100644
--- a/education/windows/set-up-school-pcs-provisioning-package.md
+++ b/education/windows/set-up-school-pcs-provisioning-package.md
@@ -1,15 +1,15 @@
----
-title: What's in Set up School PCs provisioning package
-description: Lists the provisioning package settings that are configured in the Set up School PCs app.
-keywords: shared cart, shared PC, school, set up school pcs
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.sitesec: library
-ms.pagetype: edu
-ms.localizationpriority: medium
-author: mjcaparas
-ms.author: macapara
-ms.date: 10/17/2018
+---
+title: What's in Set up School PCs provisioning package
+description: Lists the provisioning package settings that are configured in the Set up School PCs app.
+keywords: shared cart, shared PC, school, set up school pcs
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.sitesec: library
+ms.pagetype: edu
+ms.localizationpriority: medium
+author: dansimp
+ms.author: dansimp
+ms.date: 10/17/2018
ms.reviewer:
manager: dansimp
---
diff --git a/education/windows/set-up-school-pcs-shared-pc-mode.md b/education/windows/set-up-school-pcs-shared-pc-mode.md
index 50b01da4f3..2ac3eb11d0 100644
--- a/education/windows/set-up-school-pcs-shared-pc-mode.md
+++ b/education/windows/set-up-school-pcs-shared-pc-mode.md
@@ -1,15 +1,15 @@
----
-title: Shared PC mode for school devices
-description: Describes how shared PC mode is set for devices set up with the Set up School PCs app.
-keywords: shared cart, shared PC, school, set up school pcs
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.sitesec: library
-ms.pagetype: edu
-ms.localizationpriority: medium
-author: mjcaparas
-ms.author: macapara
-ms.date: 07/13/2018
+---
+title: Shared PC mode for school devices
+description: Describes how shared PC mode is set for devices set up with the Set up School PCs app.
+keywords: shared cart, shared PC, school, set up school pcs
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.sitesec: library
+ms.pagetype: edu
+ms.localizationpriority: medium
+author: dansimp
+ms.author: dansimp
+ms.date: 07/13/2018
ms.reviewer:
manager: dansimp
---
diff --git a/education/windows/set-up-school-pcs-technical.md b/education/windows/set-up-school-pcs-technical.md
index ab45a9f0a7..67c378fb9f 100644
--- a/education/windows/set-up-school-pcs-technical.md
+++ b/education/windows/set-up-school-pcs-technical.md
@@ -7,8 +7,8 @@ ms.mktglfcycl: plan
ms.sitesec: library
ms.pagetype: edu
ms.localizationpriority: medium
-author: mjcaparas
-ms.author: macapara
+author: dansimp
+ms.author: dansimp
ms.date: 07/11/2018
ms.reviewer:
manager: dansimp
diff --git a/education/windows/set-up-school-pcs-whats-new.md b/education/windows/set-up-school-pcs-whats-new.md
index 546e8c7831..fa888ab81c 100644
--- a/education/windows/set-up-school-pcs-whats-new.md
+++ b/education/windows/set-up-school-pcs-whats-new.md
@@ -1,15 +1,15 @@
----
-title: What's new in the Windows Set up School PCs app
-description: Find out about app updates and new features in Set up School PCs.
-keywords: shared cart, shared PC, school, set up school pcs
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.sitesec: library
-ms.pagetype: edu
-ms.localizationpriority: medium
-author: mjcaparas
-ms.author: macapara
-ms.date: 08/15/2019
+---
+title: What's new in the Windows Set up School PCs app
+description: Find out about app updates and new features in Set up School PCs.
+keywords: shared cart, shared PC, school, set up school pcs
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.sitesec: library
+ms.pagetype: edu
+ms.localizationpriority: medium
+author: dansimp
+ms.author: dansimp
+ms.date: 08/15/2019
ms.reviewer:
manager: dansimp
---
diff --git a/education/windows/set-up-students-pcs-to-join-domain.md b/education/windows/set-up-students-pcs-to-join-domain.md
index 3842e9d435..0ebe308f14 100644
--- a/education/windows/set-up-students-pcs-to-join-domain.md
+++ b/education/windows/set-up-students-pcs-to-join-domain.md
@@ -6,8 +6,8 @@ ms.prod: w10
ms.mktglfcycl: plan
ms.sitesec: library
ms.localizationpriority: medium
-author: mjcaparas
-ms.author: macapara
+author: dansimp
+ms.author: dansimp
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
diff --git a/education/windows/set-up-students-pcs-with-apps.md b/education/windows/set-up-students-pcs-with-apps.md
index 8f09eb0561..c711403393 100644
--- a/education/windows/set-up-students-pcs-with-apps.md
+++ b/education/windows/set-up-students-pcs-with-apps.md
@@ -7,8 +7,8 @@ ms.pagetype: edu
ms.mktglfcycl: plan
ms.sitesec: library
ms.localizationpriority: medium
-author: mjcaparas
-ms.author: macapara
+author: dansimp
+ms.author: dansimp
ms.date: 10/13/2017
ms.reviewer:
manager: dansimp
diff --git a/education/windows/set-up-windows-10.md b/education/windows/set-up-windows-10.md
index 1f8eb4eb0f..b401df97ef 100644
--- a/education/windows/set-up-windows-10.md
+++ b/education/windows/set-up-windows-10.md
@@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: edu
ms.localizationpriority: medium
-author: mjcaparas
-ms.author: macapara
+author: dansimp
+ms.author: dansimp
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
diff --git a/education/windows/take-a-test-app-technical.md b/education/windows/take-a-test-app-technical.md
index 7106de6cfd..9f006e7a88 100644
--- a/education/windows/take-a-test-app-technical.md
+++ b/education/windows/take-a-test-app-technical.md
@@ -7,8 +7,8 @@ ms.mktglfcycl: plan
ms.sitesec: library
ms.pagetype: edu
ms.localizationpriority: medium
-author: mjcaparas
-ms.author: macapara
+author: dansimp
+ms.author: dansimp
ms.date: 11/28/2017
ms.reviewer:
manager: dansimp
diff --git a/education/windows/take-a-test-multiple-pcs.md b/education/windows/take-a-test-multiple-pcs.md
index ac67906e9b..c49e6ea21f 100644
--- a/education/windows/take-a-test-multiple-pcs.md
+++ b/education/windows/take-a-test-multiple-pcs.md
@@ -7,8 +7,8 @@ ms.mktglfcycl: plan
ms.sitesec: library
ms.pagetype: edu
ms.localizationpriority: medium
-author: mjcaparas
-ms.author: macapara
+author: dansimp
+ms.author: dansimp
ms.date: 11/08/2017
ms.reviewer:
manager: dansimp
diff --git a/education/windows/take-a-test-single-pc.md b/education/windows/take-a-test-single-pc.md
index bb20a3760e..41fbb7b7fd 100644
--- a/education/windows/take-a-test-single-pc.md
+++ b/education/windows/take-a-test-single-pc.md
@@ -7,8 +7,8 @@ ms.mktglfcycl: plan
ms.sitesec: library
ms.pagetype: edu
ms.localizationpriority: medium
-author: mjcaparas
-ms.author: macapara
+author: dansimp
+ms.author: dansimp
ms.date: 11/08/2017
ms.reviewer:
manager: dansimp
diff --git a/education/windows/take-tests-in-windows-10.md b/education/windows/take-tests-in-windows-10.md
index cad3303266..4ff027e388 100644
--- a/education/windows/take-tests-in-windows-10.md
+++ b/education/windows/take-tests-in-windows-10.md
@@ -7,8 +7,8 @@ ms.mktglfcycl: plan
ms.sitesec: library
ms.pagetype: edu
ms.localizationpriority: medium
-author: mjcaparas
-ms.author: macapara
+author: dansimp
+ms.author: dansimp
ms.date: 10/16/2017
ms.reviewer:
manager: dansimp
diff --git a/education/windows/teacher-get-minecraft.md b/education/windows/teacher-get-minecraft.md
index 838aa85226..501e3f3249 100644
--- a/education/windows/teacher-get-minecraft.md
+++ b/education/windows/teacher-get-minecraft.md
@@ -6,10 +6,10 @@ ms.prod: w10
ms.mktglfcycl: plan
ms.sitesec: library
ms.localizationpriority: medium
-author: mjcaparas
-searchScope:
+author: dansimp
+searchScope:
- Store
-ms.author: macapara
+ms.author: dansimp
ms.date: 01/05/2018
ms.reviewer:
manager: dansimp
diff --git a/education/windows/test-windows10s-for-edu.md b/education/windows/test-windows10s-for-edu.md
index 8f8f6c6aa2..2b64a32bd1 100644
--- a/education/windows/test-windows10s-for-edu.md
+++ b/education/windows/test-windows10s-for-edu.md
@@ -7,8 +7,8 @@ ms.prod: w10
ms.pagetype: edu
ms.sitesec: library
ms.localizationpriority: medium
-author: mjcaparas
-ms.author: macapara
+author: dansimp
+ms.author: dansimp
ms.date: 07/30/2019
ms.reviewer:
manager: dansimp
@@ -51,7 +51,7 @@ Due to these reasons, we recommend that you use the installation tool and avoid
Before you install Windows 10 in S mode on your existing Windows 10 Pro, Windows 10 Pro Education, Windows 10 Education, or Windows 10 Enterprise device:
* Make sure that you updated your existing device to Windows 10, version 1703 (Creators Update).
- See [Download Windows 10](https://www.microsoft.com/en-us/software-download/windows10) and follow the instructions to update your device to Windows 10, version 1703. You can verify your current version in **Settings > System > About**.
+ See [Download Windows 10](https://www.microsoft.com/software-download/windows10) and follow the instructions to update your device to Windows 10, version 1703. You can verify your current version in **Settings > System > About**.
* Install the latest Windows Update.
@@ -184,7 +184,7 @@ If you see this message, follow these steps to stop receiving the message:
To use an installation media to reinstall Windows 10, follow these steps.
-1. On a working PC, go to the [Microsoft software download website](https://www.microsoft.com/en-us/software-download/windows10).
+1. On a working PC, go to the [Microsoft software download website](https://www.microsoft.com/software-download/windows10).
2. Download the Media Creation Tool and then run it.
3. Select **Create installation media for another PC**.
4. Choose a language, edition, and architecture (64-bit or 32-bit).
diff --git a/education/windows/use-set-up-school-pcs-app.md b/education/windows/use-set-up-school-pcs-app.md
index 1af547f463..3f31119391 100644
--- a/education/windows/use-set-up-school-pcs-app.md
+++ b/education/windows/use-set-up-school-pcs-app.md
@@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: edu
ms.localizationpriority: medium
-author: mjcaparas
-ms.author: macapara
+author: dansimp
+ms.author: dansimp
ms.date: 10/23/2018
ms.reviewer:
manager: dansimp
diff --git a/education/windows/windows-editions-for-education-customers.md b/education/windows/windows-editions-for-education-customers.md
index 52a4aa6bb6..80555a4b90 100644
--- a/education/windows/windows-editions-for-education-customers.md
+++ b/education/windows/windows-editions-for-education-customers.md
@@ -7,8 +7,8 @@ ms.mktglfcycl: plan
ms.sitesec: library
ms.pagetype: edu
ms.localizationpriority: medium
-author: mjcaparas
-ms.author: macapara
+author: dansimp
+ms.author: dansimp
ms.date: 05/21/2019
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/administrative-template-settings.md b/mdop/agpm/administrative-template-settings.md
index 80b6ac71d2..ba47c7e2f0 100644
--- a/mdop/agpm/administrative-template-settings.md
+++ b/mdop/agpm/administrative-template-settings.md
@@ -1,7 +1,7 @@
---
title: Administrative Template Settings
description: Administrative Template Settings
-author: mjcaparas
+author: dansimp
ms.assetid: 1abbf0c1-fd32-46a8-a3ba-c005f066523d
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/administrative-templates-folder-agpm30ops.md b/mdop/agpm/administrative-templates-folder-agpm30ops.md
index 5e0fc9628c..2a83078fab 100644
--- a/mdop/agpm/administrative-templates-folder-agpm30ops.md
+++ b/mdop/agpm/administrative-templates-folder-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Administrative Templates Folder
description: Administrative Templates Folder
-author: mjcaparas
+author: dansimp
ms.assetid: 0cc5b570-b6d3-4841-9646-02521c13519c
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/administrative-templates-folder-agpm40.md b/mdop/agpm/administrative-templates-folder-agpm40.md
index f40c1aca18..ad14b8a812 100644
--- a/mdop/agpm/administrative-templates-folder-agpm40.md
+++ b/mdop/agpm/administrative-templates-folder-agpm40.md
@@ -1,7 +1,7 @@
---
title: Administrative Templates Folder
description: Administrative Templates Folder
-author: mjcaparas
+author: dansimp
ms.assetid: abc41968-4505-4b09-94f2-67ee0e6c9aaf
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/advanced-group-policy-management-40.md b/mdop/agpm/advanced-group-policy-management-40.md
index 0ea0886272..eee54f15cc 100644
--- a/mdop/agpm/advanced-group-policy-management-40.md
+++ b/mdop/agpm/advanced-group-policy-management-40.md
@@ -1,7 +1,7 @@
---
title: Advanced Group Policy Management 4.0
description: Advanced Group Policy Management 4.0
-author: mjcaparas
+author: dansimp
ms.assetid: 9873a1f7-97fc-4546-9538-b4c0308529c0
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/agpm-25-navengl.md b/mdop/agpm/agpm-25-navengl.md
index 6b407bf5e4..f670327ad5 100644
--- a/mdop/agpm/agpm-25-navengl.md
+++ b/mdop/agpm/agpm-25-navengl.md
@@ -1,7 +1,7 @@
---
title: AGPM 2.5
description: AGPM 2.5
-author: mjcaparas
+author: dansimp
ms.assetid: 6db42f2e-88b2-4305-ab6b-d3cd0c5d686c
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/agpm-3-navengl.md b/mdop/agpm/agpm-3-navengl.md
index fd7734162e..c9bd8c14e6 100644
--- a/mdop/agpm/agpm-3-navengl.md
+++ b/mdop/agpm/agpm-3-navengl.md
@@ -1,7 +1,7 @@
---
title: AGPM 3
description: AGPM 3
-author: mjcaparas
+author: dansimp
ms.assetid: b0d0051d-2900-4a0f-8307-552ad26b0e3b
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/agpm-4-navengl.md b/mdop/agpm/agpm-4-navengl.md
index dbf263cc72..b74ee375cb 100644
--- a/mdop/agpm/agpm-4-navengl.md
+++ b/mdop/agpm/agpm-4-navengl.md
@@ -1,7 +1,7 @@
---
title: AGPM 4
description: AGPM 4
-author: mjcaparas
+author: dansimp
ms.assetid: 81693f30-1b8e-4e63-b1ac-e6de1bc30cc0
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/agpm-40-sp1-navengl.md b/mdop/agpm/agpm-40-sp1-navengl.md
index 03a4a2a65d..4dc1d9c084 100644
--- a/mdop/agpm/agpm-40-sp1-navengl.md
+++ b/mdop/agpm/agpm-40-sp1-navengl.md
@@ -1,7 +1,7 @@
---
title: AGPM 4.0 SP1
description: AGPM 4.0 SP1
-author: mjcaparas
+author: dansimp
ms.assetid: 4e55d9e6-635c-4ba6-acbb-ed1d1b580a5b
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/agpm-40-sp2-navengl.md b/mdop/agpm/agpm-40-sp2-navengl.md
index 49ac51fa2d..3722b06033 100644
--- a/mdop/agpm/agpm-40-sp2-navengl.md
+++ b/mdop/agpm/agpm-40-sp2-navengl.md
@@ -1,7 +1,7 @@
---
title: AGPM 4.0 SP2
description: AGPM 4.0 SP2
-author: mjcaparas
+author: dansimp
ms.assetid: 915c9791-ac07-43db-bd53-957b641c700f
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/agpm-40-sp3-navengl.md b/mdop/agpm/agpm-40-sp3-navengl.md
index 336886046c..36960dfbb9 100644
--- a/mdop/agpm/agpm-40-sp3-navengl.md
+++ b/mdop/agpm/agpm-40-sp3-navengl.md
@@ -1,7 +1,7 @@
---
title: AGPM 4.0 SP3
description: AGPM 4.0 SP3
-author: mjcaparas
+author: dansimp
ms.assetid: cd80eea9-601f-4e45-b89e-c3904addee37
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/agpm-server-connection-settings-agpm30ops.md b/mdop/agpm/agpm-server-connection-settings-agpm30ops.md
index 60c6b4b4ab..b1137e1bc4 100644
--- a/mdop/agpm/agpm-server-connection-settings-agpm30ops.md
+++ b/mdop/agpm/agpm-server-connection-settings-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: AGPM Server Connection Settings
description: AGPM Server Connection Settings
-author: mjcaparas
+author: dansimp
ms.assetid: 5f03e397-b868-4c49-9cbf-a5f5d0ddcc39
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/agpm-server-connection-settings-agpm40.md b/mdop/agpm/agpm-server-connection-settings-agpm40.md
index cd4a015986..e804960bbd 100644
--- a/mdop/agpm/agpm-server-connection-settings-agpm40.md
+++ b/mdop/agpm/agpm-server-connection-settings-agpm40.md
@@ -1,7 +1,7 @@
---
title: AGPM Server Connection Settings
description: AGPM Server Connection Settings
-author: mjcaparas
+author: dansimp
ms.assetid: cc67f122-6309-4820-92c2-f6a27d897123
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/agpm-server-connection-settings.md b/mdop/agpm/agpm-server-connection-settings.md
index a303704f78..613bb7281f 100644
--- a/mdop/agpm/agpm-server-connection-settings.md
+++ b/mdop/agpm/agpm-server-connection-settings.md
@@ -1,7 +1,7 @@
---
title: AGPM Server Connection Settings
description: AGPM Server Connection Settings
-author: mjcaparas
+author: dansimp
ms.assetid: faf78e5b-2b0d-4069-9b8c-910add892200
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/agpm-server-tab-agpm30ops.md b/mdop/agpm/agpm-server-tab-agpm30ops.md
index 184530ce23..11f742945d 100644
--- a/mdop/agpm/agpm-server-tab-agpm30ops.md
+++ b/mdop/agpm/agpm-server-tab-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: AGPM Server Tab
description: AGPM Server Tab
-author: mjcaparas
+author: dansimp
ms.assetid: fb3b0265-53ed-4bf6-88a4-c409f5f1bed4
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/agpm-server-tab-agpm40.md b/mdop/agpm/agpm-server-tab-agpm40.md
index 6e0807ad30..e7cc510fdb 100644
--- a/mdop/agpm/agpm-server-tab-agpm40.md
+++ b/mdop/agpm/agpm-server-tab-agpm40.md
@@ -1,7 +1,7 @@
---
title: AGPM Server Tab
description: AGPM Server Tab
-author: mjcaparas
+author: dansimp
ms.assetid: a6689437-233e-4f33-a0d6-f7d432c96c00
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/agpm-server-tab.md b/mdop/agpm/agpm-server-tab.md
index f009fdd1b3..8fa23f34ae 100644
--- a/mdop/agpm/agpm-server-tab.md
+++ b/mdop/agpm/agpm-server-tab.md
@@ -1,7 +1,7 @@
---
title: AGPM Server Tab
description: AGPM Server Tab
-author: mjcaparas
+author: dansimp
ms.assetid: ce4490b7-b564-49af-8962-858ee39e0016
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/approve-or-reject-a-pending-action-agpm30ops.md b/mdop/agpm/approve-or-reject-a-pending-action-agpm30ops.md
index 90d438d2f0..e46c90285d 100644
--- a/mdop/agpm/approve-or-reject-a-pending-action-agpm30ops.md
+++ b/mdop/agpm/approve-or-reject-a-pending-action-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Approve or Reject a Pending Action
description: Approve or Reject a Pending Action
-author: mjcaparas
+author: dansimp
ms.assetid: 6d78989a-b600-4876-9dd9-bc6207ff2ce7
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/approve-or-reject-a-pending-action-agpm40.md b/mdop/agpm/approve-or-reject-a-pending-action-agpm40.md
index cba1a90592..fcea90cd4b 100644
--- a/mdop/agpm/approve-or-reject-a-pending-action-agpm40.md
+++ b/mdop/agpm/approve-or-reject-a-pending-action-agpm40.md
@@ -1,7 +1,7 @@
---
title: Approve or Reject a Pending Action
description: Approve or Reject a Pending Action
-author: mjcaparas
+author: dansimp
ms.assetid: 078ea8b5-9ac5-45fc-9ac1-a1aa629c10b4
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/approve-or-reject-a-pending-action.md b/mdop/agpm/approve-or-reject-a-pending-action.md
index 08603a71fc..b86ec7dc7b 100644
--- a/mdop/agpm/approve-or-reject-a-pending-action.md
+++ b/mdop/agpm/approve-or-reject-a-pending-action.md
@@ -1,7 +1,7 @@
---
title: Approve or Reject a Pending Action
description: Approve or Reject a Pending Action
-author: mjcaparas
+author: dansimp
ms.assetid: 22921a51-50fb-4a47-bec1-4f563f523675
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/back-up-the-archive-agpm40.md b/mdop/agpm/back-up-the-archive-agpm40.md
index e07a0de456..2d6683352f 100644
--- a/mdop/agpm/back-up-the-archive-agpm40.md
+++ b/mdop/agpm/back-up-the-archive-agpm40.md
@@ -1,7 +1,7 @@
---
title: Back Up the Archive
description: Back Up the Archive
-author: mjcaparas
+author: dansimp
ms.assetid: 538d85eb-3596-4c1d-bbd7-26bc28857c28
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/back-up-the-archive.md b/mdop/agpm/back-up-the-archive.md
index a85193dcac..424db72881 100644
--- a/mdop/agpm/back-up-the-archive.md
+++ b/mdop/agpm/back-up-the-archive.md
@@ -1,7 +1,7 @@
---
title: Back Up the Archive
description: Back Up the Archive
-author: mjcaparas
+author: dansimp
ms.assetid: 400176da-3518-4475-ad19-c96cda6ca7ba
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/best-practices-for-version-control-agpm40.md b/mdop/agpm/best-practices-for-version-control-agpm40.md
index 92a272c0d4..f44e46fe21 100644
--- a/mdop/agpm/best-practices-for-version-control-agpm40.md
+++ b/mdop/agpm/best-practices-for-version-control-agpm40.md
@@ -1,7 +1,7 @@
---
title: Best Practices for Version Control
description: Best Practices for Version Control
-author: mjcaparas
+author: dansimp
ms.assetid: 4a2a1ac7-67f3-4ba3-ab07-860d33da0efe
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/best-practices-for-version-control.md b/mdop/agpm/best-practices-for-version-control.md
index 0ec09f3051..74572fe88d 100644
--- a/mdop/agpm/best-practices-for-version-control.md
+++ b/mdop/agpm/best-practices-for-version-control.md
@@ -1,7 +1,7 @@
---
title: Best Practices for Version Control
description: Best Practices for Version Control
-author: mjcaparas
+author: dansimp
ms.assetid: 89067f6a-f7ea-4dad-999d-118284cf6c5a
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/check-in-a-gpo-agpm30ops.md b/mdop/agpm/check-in-a-gpo-agpm30ops.md
index 399b6e1604..785c61aefc 100644
--- a/mdop/agpm/check-in-a-gpo-agpm30ops.md
+++ b/mdop/agpm/check-in-a-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Check In a GPO
description: Check In a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 437397db-c94b-4940-b1a4-05442619ebee
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/check-in-a-gpo-agpm40.md b/mdop/agpm/check-in-a-gpo-agpm40.md
index 1353c657f0..2c44785dfd 100644
--- a/mdop/agpm/check-in-a-gpo-agpm40.md
+++ b/mdop/agpm/check-in-a-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Check In a GPO
description: Check In a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: b838c8a2-eb9e-4e5b-8740-d7701a4294ac
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/check-in-a-gpo-approver.md b/mdop/agpm/check-in-a-gpo-approver.md
index 1b264c6d74..eae694f22d 100644
--- a/mdop/agpm/check-in-a-gpo-approver.md
+++ b/mdop/agpm/check-in-a-gpo-approver.md
@@ -1,7 +1,7 @@
---
title: Check In a GPO
description: Check In a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: e428cfff-651f-4903-bf01-d742714d2fa9
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/checklist-administer-the-agpm-server-and-archive-agpm40.md b/mdop/agpm/checklist-administer-the-agpm-server-and-archive-agpm40.md
index 4b298d6115..84166e43be 100644
--- a/mdop/agpm/checklist-administer-the-agpm-server-and-archive-agpm40.md
+++ b/mdop/agpm/checklist-administer-the-agpm-server-and-archive-agpm40.md
@@ -1,7 +1,7 @@
---
title: Checklist Administer the AGPM Server and Archive
description: Checklist Administer the AGPM Server and Archive
-author: mjcaparas
+author: dansimp
ms.assetid: d9c60203-90c2-48a7-9318-197e0ec5038b
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/checklist-administer-the-agpm-server-and-archive.md b/mdop/agpm/checklist-administer-the-agpm-server-and-archive.md
index 51a6f1f128..918d0e79f3 100644
--- a/mdop/agpm/checklist-administer-the-agpm-server-and-archive.md
+++ b/mdop/agpm/checklist-administer-the-agpm-server-and-archive.md
@@ -1,7 +1,7 @@
---
title: Checklist Administer the AGPM Server and Archive
description: Checklist Administer the AGPM Server and Archive
-author: mjcaparas
+author: dansimp
ms.assetid: 0b2eb536-c3cc-462f-a42f-27a53f57bc55
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/checklist-create-edit-and-deploy-a-gpo-agpm30ops.md b/mdop/agpm/checklist-create-edit-and-deploy-a-gpo-agpm30ops.md
index 25fa7701f1..5d035608be 100644
--- a/mdop/agpm/checklist-create-edit-and-deploy-a-gpo-agpm30ops.md
+++ b/mdop/agpm/checklist-create-edit-and-deploy-a-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Checklist Create, Edit, and Deploy a GPO
description: Checklist Create, Edit, and Deploy a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: a7a17706-304a-4455-9ada-52508ec620f1
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/checklist-create-edit-and-deploy-a-gpo-agpm40.md b/mdop/agpm/checklist-create-edit-and-deploy-a-gpo-agpm40.md
index a95a9654f7..f64e3178eb 100644
--- a/mdop/agpm/checklist-create-edit-and-deploy-a-gpo-agpm40.md
+++ b/mdop/agpm/checklist-create-edit-and-deploy-a-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Checklist Create, Edit, and Deploy a GPO
description: Checklist Create, Edit, and Deploy a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 44631bed-16d2-4b5a-af70-17a73fb5f6af
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/checklist-create-edit-and-deploy-a-gpo.md b/mdop/agpm/checklist-create-edit-and-deploy-a-gpo.md
index fcb032c722..1c05b3d735 100644
--- a/mdop/agpm/checklist-create-edit-and-deploy-a-gpo.md
+++ b/mdop/agpm/checklist-create-edit-and-deploy-a-gpo.md
@@ -1,7 +1,7 @@
---
title: Checklist Create, Edit, and Deploy a GPO
description: Checklist Create, Edit, and Deploy a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 614e2d9a-c18b-4f62-99fd-e17a2ac8559d
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/choosing-which-version-of-agpm-to-install.md b/mdop/agpm/choosing-which-version-of-agpm-to-install.md
index c5b9d72127..9f4c03d4bf 100644
--- a/mdop/agpm/choosing-which-version-of-agpm-to-install.md
+++ b/mdop/agpm/choosing-which-version-of-agpm-to-install.md
@@ -1,7 +1,7 @@
---
title: Choosing Which Version of AGPM to Install
description: Choosing Which Version of AGPM to Install
-author: mjcaparas
+author: dansimp
ms.assetid: 31357d2a-bc23-4e15-93f4-0beda8ab7a7b
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/common-secondary-tab-features.md b/mdop/agpm/common-secondary-tab-features.md
index 7383568174..b723efba3f 100644
--- a/mdop/agpm/common-secondary-tab-features.md
+++ b/mdop/agpm/common-secondary-tab-features.md
@@ -1,7 +1,7 @@
---
title: Common Secondary Tab Features
description: Common Secondary Tab Features
-author: mjcaparas
+author: dansimp
ms.assetid: 44a15c28-944c-49c1-8534-115ce1c362ed
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configure-agpm-server-connections-agpm30ops.md b/mdop/agpm/configure-agpm-server-connections-agpm30ops.md
index 14cb1c8009..74dc22dd7f 100644
--- a/mdop/agpm/configure-agpm-server-connections-agpm30ops.md
+++ b/mdop/agpm/configure-agpm-server-connections-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Configure AGPM Server Connections
description: Configure AGPM Server Connections
-author: mjcaparas
+author: dansimp
ms.assetid: 6062b77b-2fd7-442c-ad1b-6f14419ebd5f
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configure-agpm-server-connections-agpm40.md b/mdop/agpm/configure-agpm-server-connections-agpm40.md
index f830c94dae..b4e7744dc7 100644
--- a/mdop/agpm/configure-agpm-server-connections-agpm40.md
+++ b/mdop/agpm/configure-agpm-server-connections-agpm40.md
@@ -1,7 +1,7 @@
---
title: Configure AGPM Server Connections
description: Configure AGPM Server Connections
-author: mjcaparas
+author: dansimp
ms.assetid: bbbb15e8-35e7-403c-b695-7a6ebeb87839
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configure-an-agpm-server-connection-agpm40.md b/mdop/agpm/configure-an-agpm-server-connection-agpm40.md
index 1d27c35dd9..20fa0ad21e 100644
--- a/mdop/agpm/configure-an-agpm-server-connection-agpm40.md
+++ b/mdop/agpm/configure-an-agpm-server-connection-agpm40.md
@@ -1,7 +1,7 @@
---
title: Configure an AGPM Server Connection
description: Configure an AGPM Server Connection
-author: mjcaparas
+author: dansimp
ms.assetid: 409cbbcf-3b0e-459d-9bd2-75cb7b9430b0
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configure-an-agpm-server-connection-reviewer-agpm30ops.md b/mdop/agpm/configure-an-agpm-server-connection-reviewer-agpm30ops.md
index 4941464778..e8003ab16d 100644
--- a/mdop/agpm/configure-an-agpm-server-connection-reviewer-agpm30ops.md
+++ b/mdop/agpm/configure-an-agpm-server-connection-reviewer-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Configure an AGPM Server Connection
description: Configure an AGPM Server Connection
-author: mjcaparas
+author: dansimp
ms.assetid: ae78dc74-111d-4509-b0a6-e8b8b451c22a
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configure-e-mail-notification-agpm30ops.md b/mdop/agpm/configure-e-mail-notification-agpm30ops.md
index c1e769ec3e..02ef47c3f7 100644
--- a/mdop/agpm/configure-e-mail-notification-agpm30ops.md
+++ b/mdop/agpm/configure-e-mail-notification-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Configure E-Mail Notification
description: Configure E-Mail Notification
-author: mjcaparas
+author: dansimp
ms.assetid: b32ce395-d1b9-4c5b-b765-97cdbf455f9e
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configure-e-mail-notification-agpm40.md b/mdop/agpm/configure-e-mail-notification-agpm40.md
index 10119ff76f..b126a1fc3c 100644
--- a/mdop/agpm/configure-e-mail-notification-agpm40.md
+++ b/mdop/agpm/configure-e-mail-notification-agpm40.md
@@ -1,7 +1,7 @@
---
title: Configure E-Mail Notification
description: Configure E-Mail Notification
-author: mjcaparas
+author: dansimp
ms.assetid: 06f19556-f296-4a80-86a4-4f446c992204
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configure-e-mail-notification.md b/mdop/agpm/configure-e-mail-notification.md
index 865b510ca2..e133904f01 100644
--- a/mdop/agpm/configure-e-mail-notification.md
+++ b/mdop/agpm/configure-e-mail-notification.md
@@ -1,7 +1,7 @@
---
title: Configure E-Mail Notification
description: Configure E-Mail Notification
-author: mjcaparas
+author: dansimp
ms.assetid: 6e152de0-4376-4963-8d1a-3e7f5866d30f
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configure-e-mail-security-for-agpm-agpm30ops.md b/mdop/agpm/configure-e-mail-security-for-agpm-agpm30ops.md
index 4e4802cb36..bc53e8aa80 100644
--- a/mdop/agpm/configure-e-mail-security-for-agpm-agpm30ops.md
+++ b/mdop/agpm/configure-e-mail-security-for-agpm-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Configure E-Mail Security for AGPM
description: Configure E-Mail Security for AGPM
-author: mjcaparas
+author: dansimp
ms.assetid: 4850ed8e-a1c6-43f0-95c5-853aa66a94ae
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configure-e-mail-security-for-agpm-agpm40.md b/mdop/agpm/configure-e-mail-security-for-agpm-agpm40.md
index e4c204dcf0..faab3fd398 100644
--- a/mdop/agpm/configure-e-mail-security-for-agpm-agpm40.md
+++ b/mdop/agpm/configure-e-mail-security-for-agpm-agpm40.md
@@ -1,7 +1,7 @@
---
title: Configure E-Mail Security for AGPM
description: Configure E-Mail Security for AGPM
-author: mjcaparas
+author: dansimp
ms.assetid: b9c48894-0a10-4d03-8027-50ed3b02485a
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configure-logging-and-tracing-agpm30ops.md b/mdop/agpm/configure-logging-and-tracing-agpm30ops.md
index 2fd5e988c9..a47217417b 100644
--- a/mdop/agpm/configure-logging-and-tracing-agpm30ops.md
+++ b/mdop/agpm/configure-logging-and-tracing-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Configure Logging and Tracing
description: Configure Logging and Tracing
-author: mjcaparas
+author: dansimp
ms.assetid: 4f89552f-e949-48b0-9325-23746034eaa4
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configure-logging-and-tracing-agpm40.md b/mdop/agpm/configure-logging-and-tracing-agpm40.md
index 69c630de77..e3906f9cf6 100644
--- a/mdop/agpm/configure-logging-and-tracing-agpm40.md
+++ b/mdop/agpm/configure-logging-and-tracing-agpm40.md
@@ -1,7 +1,7 @@
---
title: Configure Logging and Tracing
description: Configure Logging and Tracing
-author: mjcaparas
+author: dansimp
ms.assetid: 2418cb6a-7189-4080-8fe2-9c8d47dec62c
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configure-logging-and-tracing.md b/mdop/agpm/configure-logging-and-tracing.md
index 5146b45a14..9ee2278316 100644
--- a/mdop/agpm/configure-logging-and-tracing.md
+++ b/mdop/agpm/configure-logging-and-tracing.md
@@ -1,7 +1,7 @@
---
title: Configure Logging and Tracing
description: Configure Logging and Tracing
-author: mjcaparas
+author: dansimp
ms.assetid: 419231f9-e9db-4f91-a7cf-a0a73db25256
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configure-the-agpm-server-connection-reviewer.md b/mdop/agpm/configure-the-agpm-server-connection-reviewer.md
index e4c102ba9e..57d5dc665d 100644
--- a/mdop/agpm/configure-the-agpm-server-connection-reviewer.md
+++ b/mdop/agpm/configure-the-agpm-server-connection-reviewer.md
@@ -1,7 +1,7 @@
---
title: Configure the AGPM Server Connection
description: Configure the AGPM Server Connection
-author: mjcaparas
+author: dansimp
ms.assetid: 74e8f348-a8ed-4d69-a8e0-9c974aaeca2d
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configure-the-agpm-server-connection.md b/mdop/agpm/configure-the-agpm-server-connection.md
index 80bef3aea5..afcbe48f4f 100644
--- a/mdop/agpm/configure-the-agpm-server-connection.md
+++ b/mdop/agpm/configure-the-agpm-server-connection.md
@@ -1,7 +1,7 @@
---
title: Configure the AGPM Server Connection
description: Configure the AGPM Server Connection
-author: mjcaparas
+author: dansimp
ms.assetid: 9a42b5bc-41be-44ef-a6e2-6f56e2cf1996
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configuring-advanced-group-policy-management-agpm40.md b/mdop/agpm/configuring-advanced-group-policy-management-agpm40.md
index fa059fc59e..d75d6e0e98 100644
--- a/mdop/agpm/configuring-advanced-group-policy-management-agpm40.md
+++ b/mdop/agpm/configuring-advanced-group-policy-management-agpm40.md
@@ -1,7 +1,7 @@
---
title: Configuring Advanced Group Policy Management
description: Configuring Advanced Group Policy Management
-author: mjcaparas
+author: dansimp
ms.assetid: 8c978ddf-2789-44e4-9c08-de7b4cd1afa0
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/configuring-advanced-group-policy-management.md b/mdop/agpm/configuring-advanced-group-policy-management.md
index a8b8d92728..207e7d745b 100644
--- a/mdop/agpm/configuring-advanced-group-policy-management.md
+++ b/mdop/agpm/configuring-advanced-group-policy-management.md
@@ -1,7 +1,7 @@
---
title: Configuring Advanced Group Policy Management
description: Configuring Advanced Group Policy Management
-author: mjcaparas
+author: dansimp
ms.assetid: 836f4a49-2c77-4f6b-8727-9df7ef443141
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/contents-tab-agpm30ops.md b/mdop/agpm/contents-tab-agpm30ops.md
index 8ab5fc8894..ca23b55b63 100644
--- a/mdop/agpm/contents-tab-agpm30ops.md
+++ b/mdop/agpm/contents-tab-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Contents Tab
description: Contents Tab
-author: mjcaparas
+author: dansimp
ms.assetid: 6ada6430-cd93-47aa-af6e-d7f5b5620132
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/contents-tab-agpm40.md b/mdop/agpm/contents-tab-agpm40.md
index 6f2c059b3e..d7f2b51096 100644
--- a/mdop/agpm/contents-tab-agpm40.md
+++ b/mdop/agpm/contents-tab-agpm40.md
@@ -1,7 +1,7 @@
---
title: Contents Tab
description: Contents Tab
-author: mjcaparas
+author: dansimp
ms.assetid: cf9d1f17-3c3d-422f-bd6b-3db87be45554
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/contents-tab-features-agpm30ops.md b/mdop/agpm/contents-tab-features-agpm30ops.md
index 217b586426..b0103aeb44 100644
--- a/mdop/agpm/contents-tab-features-agpm30ops.md
+++ b/mdop/agpm/contents-tab-features-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Contents Tab Features
description: Contents Tab Features
-author: mjcaparas
+author: dansimp
ms.assetid: 725f025a-c30a-4d07-add1-4e0ed9a1a5fd
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/contents-tab-features-agpm40.md b/mdop/agpm/contents-tab-features-agpm40.md
index c714922193..6edfb8b2a8 100644
--- a/mdop/agpm/contents-tab-features-agpm40.md
+++ b/mdop/agpm/contents-tab-features-agpm40.md
@@ -1,7 +1,7 @@
---
title: Contents Tab Features
description: Contents Tab Features
-author: mjcaparas
+author: dansimp
ms.assetid: f1f4849d-bf94-47d5-ad81-0eee33abcaca
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/contents-tab.md b/mdop/agpm/contents-tab.md
index 0039020f48..11d7827842 100644
--- a/mdop/agpm/contents-tab.md
+++ b/mdop/agpm/contents-tab.md
@@ -1,7 +1,7 @@
---
title: Contents Tab
description: Contents Tab
-author: mjcaparas
+author: dansimp
ms.assetid: 8a756bc1-3900-4d83-93c4-7ebc4705d956
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/control-a-previously-uncontrolled-gpo.md b/mdop/agpm/control-a-previously-uncontrolled-gpo.md
index 535a5958f2..135e1bfcab 100644
--- a/mdop/agpm/control-a-previously-uncontrolled-gpo.md
+++ b/mdop/agpm/control-a-previously-uncontrolled-gpo.md
@@ -1,7 +1,7 @@
---
title: Control a Previously Uncontrolled GPO
description: Control a Previously Uncontrolled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 452689a9-4e32-4e3b-8208-56353a82bf36
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/control-an-uncontrolled-gpo-agpm30ops.md b/mdop/agpm/control-an-uncontrolled-gpo-agpm30ops.md
index 6b69bcd500..c3ec80fd27 100644
--- a/mdop/agpm/control-an-uncontrolled-gpo-agpm30ops.md
+++ b/mdop/agpm/control-an-uncontrolled-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Control an Uncontrolled GPO
description: Control an Uncontrolled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 603f00f9-1e65-4b2f-902a-e53dafedbd8d
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/control-an-uncontrolled-gpo-agpm40.md b/mdop/agpm/control-an-uncontrolled-gpo-agpm40.md
index fa7fb95245..d475f64bd0 100644
--- a/mdop/agpm/control-an-uncontrolled-gpo-agpm40.md
+++ b/mdop/agpm/control-an-uncontrolled-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Control an Uncontrolled GPO
description: Control an Uncontrolled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: dc81545c-8da5-4b6f-b266-f01a82e27c6b
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/controlled-gpo-commands-agpm30ops.md b/mdop/agpm/controlled-gpo-commands-agpm30ops.md
index a964df04b5..e7f472be8e 100644
--- a/mdop/agpm/controlled-gpo-commands-agpm30ops.md
+++ b/mdop/agpm/controlled-gpo-commands-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Controlled GPO Commands
description: Controlled GPO Commands
-author: mjcaparas
+author: dansimp
ms.assetid: 82db4772-154a-4a8d-99cd-2c69e1738698
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/controlled-gpo-commands-agpm40.md b/mdop/agpm/controlled-gpo-commands-agpm40.md
index 7f1617be1c..82220a3109 100644
--- a/mdop/agpm/controlled-gpo-commands-agpm40.md
+++ b/mdop/agpm/controlled-gpo-commands-agpm40.md
@@ -1,7 +1,7 @@
---
title: Controlled GPO Commands
description: Controlled GPO Commands
-author: mjcaparas
+author: dansimp
ms.assetid: 370d3db9-4efc-4799-983d-e29ba5f32b07
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/controlled-tab.md b/mdop/agpm/controlled-tab.md
index c17aab7903..91f3106011 100644
--- a/mdop/agpm/controlled-tab.md
+++ b/mdop/agpm/controlled-tab.md
@@ -1,7 +1,7 @@
---
title: Controlled Tab
description: Controlled Tab
-author: mjcaparas
+author: dansimp
ms.assetid: 8995a9e1-ace4-40b7-a47b-e1e9924541ba
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/create-a-new-controlled-gpo-agpm30ops.md b/mdop/agpm/create-a-new-controlled-gpo-agpm30ops.md
index ed19062453..d476d76832 100644
--- a/mdop/agpm/create-a-new-controlled-gpo-agpm30ops.md
+++ b/mdop/agpm/create-a-new-controlled-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Create a New Controlled GPO
description: Create a New Controlled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: f89eaae8-7858-4222-ba3f-a93a9d7ea5a3
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/create-a-new-controlled-gpo-agpm40.md b/mdop/agpm/create-a-new-controlled-gpo-agpm40.md
index 89efc3c447..0331289cbd 100644
--- a/mdop/agpm/create-a-new-controlled-gpo-agpm40.md
+++ b/mdop/agpm/create-a-new-controlled-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Create a New Controlled GPO
description: Create a New Controlled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 5ce760f6-9f05-42b4-b787-7835ab8e324e
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/create-a-new-controlled-gpo.md b/mdop/agpm/create-a-new-controlled-gpo.md
index 614627225b..c8beb4c4a2 100644
--- a/mdop/agpm/create-a-new-controlled-gpo.md
+++ b/mdop/agpm/create-a-new-controlled-gpo.md
@@ -1,7 +1,7 @@
---
title: Create a New Controlled GPO
description: Create a New Controlled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: b43ce0f4-4519-4278-83c4-c7d5163ddd11
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/create-a-template-agpm30ops.md b/mdop/agpm/create-a-template-agpm30ops.md
index 406acb5276..4e0a8ecb46 100644
--- a/mdop/agpm/create-a-template-agpm30ops.md
+++ b/mdop/agpm/create-a-template-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Create a Template
description: Create a Template
-author: mjcaparas
+author: dansimp
ms.assetid: 8208f14a-5c18-43a7-8564-118230398cca
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/create-a-template-agpm40.md b/mdop/agpm/create-a-template-agpm40.md
index c8a1e97a01..16e28ce80a 100644
--- a/mdop/agpm/create-a-template-agpm40.md
+++ b/mdop/agpm/create-a-template-agpm40.md
@@ -1,7 +1,7 @@
---
title: Create a Template
description: Create a Template
-author: mjcaparas
+author: dansimp
ms.assetid: b38423af-7d24-437a-98bc-01f1ae891127
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/create-a-template.md b/mdop/agpm/create-a-template.md
index d0db0eb513..16c9a86ee5 100644
--- a/mdop/agpm/create-a-template.md
+++ b/mdop/agpm/create-a-template.md
@@ -1,7 +1,7 @@
---
title: Create a Template
description: Create a Template
-author: mjcaparas
+author: dansimp
ms.assetid: 6992bd55-4a4f-401f-9815-c468bac598ef
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/creating-a-template-and-setting-a-default-template-agpm30ops.md b/mdop/agpm/creating-a-template-and-setting-a-default-template-agpm30ops.md
index d35b5810d4..c54885f7d7 100644
--- a/mdop/agpm/creating-a-template-and-setting-a-default-template-agpm30ops.md
+++ b/mdop/agpm/creating-a-template-and-setting-a-default-template-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Creating a Template and Setting a Default Template
description: Creating a Template and Setting a Default Template
-author: mjcaparas
+author: dansimp
ms.assetid: acce0e0f-7e67-479c-9daa-e678fccd7ced
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/creating-a-template-and-setting-a-default-template-agpm40.md b/mdop/agpm/creating-a-template-and-setting-a-default-template-agpm40.md
index a3981ca8a0..c4b3be7551 100644
--- a/mdop/agpm/creating-a-template-and-setting-a-default-template-agpm40.md
+++ b/mdop/agpm/creating-a-template-and-setting-a-default-template-agpm40.md
@@ -1,7 +1,7 @@
---
title: Creating a Template and Setting a Default Template
description: Creating a Template and Setting a Default Template
-author: mjcaparas
+author: dansimp
ms.assetid: ffa72c2a-64eb-4492-8072-c3a66179b546
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/creating-a-template-and-setting-a-default-template.md b/mdop/agpm/creating-a-template-and-setting-a-default-template.md
index 79e1c3682d..3aeb2a2ac7 100644
--- a/mdop/agpm/creating-a-template-and-setting-a-default-template.md
+++ b/mdop/agpm/creating-a-template-and-setting-a-default-template.md
@@ -1,7 +1,7 @@
---
title: Creating a Template and Setting a Default Template
description: Creating a Template and Setting a Default Template
-author: mjcaparas
+author: dansimp
ms.assetid: 8771b4b5-4dea-4be1-a675-f60cfd3ec5dc
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/creating-controlling-or-importing-a-gpo-agpm30ops.md b/mdop/agpm/creating-controlling-or-importing-a-gpo-agpm30ops.md
index 8e9e92e5ac..2d6c3cc9f1 100644
--- a/mdop/agpm/creating-controlling-or-importing-a-gpo-agpm30ops.md
+++ b/mdop/agpm/creating-controlling-or-importing-a-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Creating, Controlling, or Importing a GPO
description: Creating, Controlling, or Importing a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: ce8b232e-7758-4a6a-9e2f-18967da6cdad
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/creating-controlling-or-importing-a-gpo-approver.md b/mdop/agpm/creating-controlling-or-importing-a-gpo-approver.md
index ba433a553b..5534f1f89a 100644
--- a/mdop/agpm/creating-controlling-or-importing-a-gpo-approver.md
+++ b/mdop/agpm/creating-controlling-or-importing-a-gpo-approver.md
@@ -1,7 +1,7 @@
---
title: Creating, Controlling, or Importing a GPO
description: Creating, Controlling, or Importing a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: f2c8bef5-b654-4864-99d4-9207cfb0a137
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/creating-controlling-or-importing-a-gpo-editor-agpm30ops.md b/mdop/agpm/creating-controlling-or-importing-a-gpo-editor-agpm30ops.md
index 0aee5a400a..d5ac6710c9 100644
--- a/mdop/agpm/creating-controlling-or-importing-a-gpo-editor-agpm30ops.md
+++ b/mdop/agpm/creating-controlling-or-importing-a-gpo-editor-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Creating, Controlling, or Importing a GPO
description: Creating, Controlling, or Importing a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 0cc1b6ee-3335-4d84-9e1c-d1aefabfef51
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/creating-controlling-or-importing-a-gpo-editor.md b/mdop/agpm/creating-controlling-or-importing-a-gpo-editor.md
index 7a228249c6..990725ed87 100644
--- a/mdop/agpm/creating-controlling-or-importing-a-gpo-editor.md
+++ b/mdop/agpm/creating-controlling-or-importing-a-gpo-editor.md
@@ -1,7 +1,7 @@
---
title: Creating, Controlling, or Importing a GPO
description: Creating, Controlling, or Importing a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 5259ce25-f570-4346-9f50-6b051724a998
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/creating-or-controlling-a-gpo-agpm40-app.md b/mdop/agpm/creating-or-controlling-a-gpo-agpm40-app.md
index fc60c82ade..ae19e2af92 100644
--- a/mdop/agpm/creating-or-controlling-a-gpo-agpm40-app.md
+++ b/mdop/agpm/creating-or-controlling-a-gpo-agpm40-app.md
@@ -1,7 +1,7 @@
---
title: Creating or Controlling a GPO
description: Creating or Controlling a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: ca2fa40e-c6e9-4c57-9da1-e5375df4a2fd
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/creating-or-controlling-a-gpo-agpm40-ed.md b/mdop/agpm/creating-or-controlling-a-gpo-agpm40-ed.md
index 119b8134b3..acc64f4c0f 100644
--- a/mdop/agpm/creating-or-controlling-a-gpo-agpm40-ed.md
+++ b/mdop/agpm/creating-or-controlling-a-gpo-agpm40-ed.md
@@ -1,7 +1,7 @@
---
title: Creating or Controlling a GPO
description: Creating or Controlling a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 807f3b3f-ad3d-4851-9772-7f54a065632a
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/delegate-access-to-a-gpo.md b/mdop/agpm/delegate-access-to-a-gpo.md
index d303c1e2f1..42df98f0d2 100644
--- a/mdop/agpm/delegate-access-to-a-gpo.md
+++ b/mdop/agpm/delegate-access-to-a-gpo.md
@@ -1,7 +1,7 @@
---
title: Delegate Access to a GPO
description: Delegate Access to a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: f1d6bb6c-d5bf-4080-a6cb-32774689f804
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/delegate-access-to-an-individual-gpo-in-the-archive-agpm30ops.md b/mdop/agpm/delegate-access-to-an-individual-gpo-in-the-archive-agpm30ops.md
index 3c102e5273..a83688d311 100644
--- a/mdop/agpm/delegate-access-to-an-individual-gpo-in-the-archive-agpm30ops.md
+++ b/mdop/agpm/delegate-access-to-an-individual-gpo-in-the-archive-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Delegate Access to an Individual GPO in the Archive
description: Delegate Access to an Individual GPO in the Archive
-author: mjcaparas
+author: dansimp
ms.assetid: 7b37b188-2b6b-4e52-be97-8ef899e9893b
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/delegate-access-to-an-individual-gpo-in-the-archive-agpm40.md b/mdop/agpm/delegate-access-to-an-individual-gpo-in-the-archive-agpm40.md
index f5124591cc..2f79f15624 100644
--- a/mdop/agpm/delegate-access-to-an-individual-gpo-in-the-archive-agpm40.md
+++ b/mdop/agpm/delegate-access-to-an-individual-gpo-in-the-archive-agpm40.md
@@ -1,7 +1,7 @@
---
title: Delegate Access to an Individual GPO in the Archive
description: Delegate Access to an Individual GPO in the Archive
-author: mjcaparas
+author: dansimp
ms.assetid: 284d2aa2-7c10-4ffa-8978-bbe30867c1c1
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/delegate-access-to-an-individual-gpo.md b/mdop/agpm/delegate-access-to-an-individual-gpo.md
index 48a3a17674..3eca548ecb 100644
--- a/mdop/agpm/delegate-access-to-an-individual-gpo.md
+++ b/mdop/agpm/delegate-access-to-an-individual-gpo.md
@@ -1,7 +1,7 @@
---
title: Delegate Access to an Individual GPO
description: Delegate Access to an Individual GPO
-author: mjcaparas
+author: dansimp
ms.assetid: b2a7d550-14bf-4b41-b6e4-2cc091eedd2d
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/delegate-access-to-the-production-environment-agpm30ops.md b/mdop/agpm/delegate-access-to-the-production-environment-agpm30ops.md
index 5465a92076..83237183a6 100644
--- a/mdop/agpm/delegate-access-to-the-production-environment-agpm30ops.md
+++ b/mdop/agpm/delegate-access-to-the-production-environment-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Delegate Access to the Production Environment
description: Delegate Access to the Production Environment
-author: mjcaparas
+author: dansimp
ms.assetid: c1ebae2e-909b-4e64-b368-b7d3cc67b1eb
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/delegate-access-to-the-production-environment-agpm40.md b/mdop/agpm/delegate-access-to-the-production-environment-agpm40.md
index 499f2dda22..a56dd205f1 100644
--- a/mdop/agpm/delegate-access-to-the-production-environment-agpm40.md
+++ b/mdop/agpm/delegate-access-to-the-production-environment-agpm40.md
@@ -1,7 +1,7 @@
---
title: Delegate Access to the Production Environment
description: Delegate Access to the Production Environment
-author: mjcaparas
+author: dansimp
ms.assetid: 4c670581-8c47-41ea-80eb-02846ff1ec1f
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/delegate-domain-level-access-to-the-archive-agpm30ops.md b/mdop/agpm/delegate-domain-level-access-to-the-archive-agpm30ops.md
index 3d5ef495b1..47b815dc6f 100644
--- a/mdop/agpm/delegate-domain-level-access-to-the-archive-agpm30ops.md
+++ b/mdop/agpm/delegate-domain-level-access-to-the-archive-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Delegate Domain-Level Access to the Archive
description: Delegate Domain-Level Access to the Archive
-author: mjcaparas
+author: dansimp
ms.assetid: d232069e-71d5-4b4d-b22e-bef11de1cfd4
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/delegate-domain-level-access-to-the-archive-agpm40.md b/mdop/agpm/delegate-domain-level-access-to-the-archive-agpm40.md
index f1aa01ad7e..052f1cd78d 100644
--- a/mdop/agpm/delegate-domain-level-access-to-the-archive-agpm40.md
+++ b/mdop/agpm/delegate-domain-level-access-to-the-archive-agpm40.md
@@ -1,7 +1,7 @@
---
title: Delegate Domain-Level Access to the Archive
description: Delegate Domain-Level Access to the Archive
-author: mjcaparas
+author: dansimp
ms.assetid: 11ca1d40-4b5c-496e-8922-d01412717858
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/delegate-domain-level-access.md b/mdop/agpm/delegate-domain-level-access.md
index da327eae2f..8b14fc2952 100644
--- a/mdop/agpm/delegate-domain-level-access.md
+++ b/mdop/agpm/delegate-domain-level-access.md
@@ -1,7 +1,7 @@
---
title: Delegate Domain-Level Access
description: Delegate Domain-Level Access
-author: mjcaparas
+author: dansimp
ms.assetid: 64c8e773-38cc-4991-9ed2-5a801094d06e
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/delegate-management-of-a-controlled-gpo-agpm30ops.md b/mdop/agpm/delegate-management-of-a-controlled-gpo-agpm30ops.md
index 2a17a1e42b..1a909c75dd 100644
--- a/mdop/agpm/delegate-management-of-a-controlled-gpo-agpm30ops.md
+++ b/mdop/agpm/delegate-management-of-a-controlled-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Delegate Management of a Controlled GPO
description: Delegate Management of a Controlled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 509b02e7-ce0b-4919-b58a-c3a33051152e
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/delegate-management-of-a-controlled-gpo-agpm40.md b/mdop/agpm/delegate-management-of-a-controlled-gpo-agpm40.md
index 19b09da4c5..a6e9a29c85 100644
--- a/mdop/agpm/delegate-management-of-a-controlled-gpo-agpm40.md
+++ b/mdop/agpm/delegate-management-of-a-controlled-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Delegate Management of a Controlled GPO
description: Delegate Management of a Controlled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 96b4bfb3-5657-4267-8326-85d7a0db87ce
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/delete-a-controlled-gpo-agpm30ops.md b/mdop/agpm/delete-a-controlled-gpo-agpm30ops.md
index 82004ed62c..0616b6addc 100644
--- a/mdop/agpm/delete-a-controlled-gpo-agpm30ops.md
+++ b/mdop/agpm/delete-a-controlled-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Delete a Controlled GPO
description: Delete a Controlled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: f51c1737-c116-4faf-a6f6-c72303f60a3b
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/delete-a-controlled-gpo-agpm40.md b/mdop/agpm/delete-a-controlled-gpo-agpm40.md
index 4b1f19997b..a57e046369 100644
--- a/mdop/agpm/delete-a-controlled-gpo-agpm40.md
+++ b/mdop/agpm/delete-a-controlled-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Delete a Controlled GPO
description: Delete a Controlled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 2a461018-aa0b-4ae3-b079-efc554ca4a3d
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/delete-a-gpo-approver.md b/mdop/agpm/delete-a-gpo-approver.md
index fee036a028..c5611d8396 100644
--- a/mdop/agpm/delete-a-gpo-approver.md
+++ b/mdop/agpm/delete-a-gpo-approver.md
@@ -1,7 +1,7 @@
---
title: Delete a GPO
description: Delete a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 85fca371-5707-49c1-aa51-813fc3a58dfc
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/delete-a-gpo-editor.md b/mdop/agpm/delete-a-gpo-editor.md
index 5bc745374a..3990f6289a 100644
--- a/mdop/agpm/delete-a-gpo-editor.md
+++ b/mdop/agpm/delete-a-gpo-editor.md
@@ -1,7 +1,7 @@
---
title: Delete a GPO
description: Delete a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 66be3dde-653e-4c25-8cb7-00e7090c8d31
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/deleting-or-restoring-a-gpo-agpm30ops.md b/mdop/agpm/deleting-or-restoring-a-gpo-agpm30ops.md
index d4ebed245e..5542d0c0d0 100644
--- a/mdop/agpm/deleting-or-restoring-a-gpo-agpm30ops.md
+++ b/mdop/agpm/deleting-or-restoring-a-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Deleting or Restoring a GPO
description: Deleting or Restoring a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: ee4a467a-187a-48e3-8f0d-548de0606a56
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/deleting-or-restoring-a-gpo-agpm40.md b/mdop/agpm/deleting-or-restoring-a-gpo-agpm40.md
index e0bc537cc9..f753b56232 100644
--- a/mdop/agpm/deleting-or-restoring-a-gpo-agpm40.md
+++ b/mdop/agpm/deleting-or-restoring-a-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Deleting or Restoring a GPO
description: Deleting or Restoring a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: d4f92f4d-eba7-4e6e-b166-13670864d298
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/deleting-restoring-or-destroying-a-gpo-agpm30ops.md b/mdop/agpm/deleting-restoring-or-destroying-a-gpo-agpm30ops.md
index a27d832f3f..1b8e2fa12c 100644
--- a/mdop/agpm/deleting-restoring-or-destroying-a-gpo-agpm30ops.md
+++ b/mdop/agpm/deleting-restoring-or-destroying-a-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Deleting, Restoring, or Destroying a GPO
description: Deleting, Restoring, or Destroying a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 3e1b862e-007a-4b60-900f-0489069f5c75
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/deleting-restoring-or-destroying-a-gpo-agpm40.md b/mdop/agpm/deleting-restoring-or-destroying-a-gpo-agpm40.md
index e9a7b13f30..b97ab849ad 100644
--- a/mdop/agpm/deleting-restoring-or-destroying-a-gpo-agpm40.md
+++ b/mdop/agpm/deleting-restoring-or-destroying-a-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Deleting, Restoring, or Destroying a GPO
description: Deleting, Restoring, or Destroying a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 3af6c396-61c8-4b32-9fd8-28e9f15e575c
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/deleting-restoring-or-destroying-a-gpo.md b/mdop/agpm/deleting-restoring-or-destroying-a-gpo.md
index 96207fe50f..b68db7b2ea 100644
--- a/mdop/agpm/deleting-restoring-or-destroying-a-gpo.md
+++ b/mdop/agpm/deleting-restoring-or-destroying-a-gpo.md
@@ -1,7 +1,7 @@
---
title: Deleting, Restoring, or Destroying a GPO
description: Deleting, Restoring, or Destroying a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 089c68e7-c1a5-418a-8776-cf23960f10c4
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/deploy-a-gpo-agpm30ops.md b/mdop/agpm/deploy-a-gpo-agpm30ops.md
index 15b54d327d..776112e102 100644
--- a/mdop/agpm/deploy-a-gpo-agpm30ops.md
+++ b/mdop/agpm/deploy-a-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Deploy a GPO
description: Deploy a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 3767b722-db43-40f1-a714-bb8e38bcaa10
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/deploy-a-gpo-agpm40.md b/mdop/agpm/deploy-a-gpo-agpm40.md
index d24c1562ea..dd8273b4fc 100644
--- a/mdop/agpm/deploy-a-gpo-agpm40.md
+++ b/mdop/agpm/deploy-a-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Deploy a GPO
description: Deploy a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: a6febeaa-144b-4c02-99af-d972f0f2b544
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/deploy-a-gpo.md b/mdop/agpm/deploy-a-gpo.md
index 6cccb83b8a..cddc1433c8 100644
--- a/mdop/agpm/deploy-a-gpo.md
+++ b/mdop/agpm/deploy-a-gpo.md
@@ -1,7 +1,7 @@
---
title: Deploy a GPO
description: Deploy a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: a0a3f292-e3ab-46ae-a0fd-d7b2b4ad8883
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/destroy-a-gpo-agpm30ops.md b/mdop/agpm/destroy-a-gpo-agpm30ops.md
index dd853317de..39d4b138ce 100644
--- a/mdop/agpm/destroy-a-gpo-agpm30ops.md
+++ b/mdop/agpm/destroy-a-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Destroy a GPO
description: Destroy a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: bfabd71a-47f3-462e-b86f-5f15762b9e28
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/destroy-a-gpo-agpm40.md b/mdop/agpm/destroy-a-gpo-agpm40.md
index 28f76ae7c9..8fe48c6000 100644
--- a/mdop/agpm/destroy-a-gpo-agpm40.md
+++ b/mdop/agpm/destroy-a-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Destroy a GPO
description: Destroy a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 09bce8c4-f75b-4633-b80b-d894bbec95c9
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/destroy-a-gpo.md b/mdop/agpm/destroy-a-gpo.md
index 4c21c398e6..7ba2a6f165 100644
--- a/mdop/agpm/destroy-a-gpo.md
+++ b/mdop/agpm/destroy-a-gpo.md
@@ -1,7 +1,7 @@
---
title: Destroy a GPO
description: Destroy a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: d74941a3-beef-46cd-a4ca-80a324dcfadf
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/domain-delegation-tab-agpm30ops.md b/mdop/agpm/domain-delegation-tab-agpm30ops.md
index aa5f709f13..e6ce2ce32d 100644
--- a/mdop/agpm/domain-delegation-tab-agpm30ops.md
+++ b/mdop/agpm/domain-delegation-tab-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Domain Delegation Tab
description: Domain Delegation Tab
-author: mjcaparas
+author: dansimp
ms.assetid: 523cdf39-f4b8-4d20-a917-3485756658ce
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/domain-delegation-tab-agpm40.md b/mdop/agpm/domain-delegation-tab-agpm40.md
index 5d2f696910..884dfe968b 100644
--- a/mdop/agpm/domain-delegation-tab-agpm40.md
+++ b/mdop/agpm/domain-delegation-tab-agpm40.md
@@ -1,7 +1,7 @@
---
title: Domain Delegation Tab
description: Domain Delegation Tab
-author: mjcaparas
+author: dansimp
ms.assetid: 5be5841e-92fb-4af6-aa68-0ae50f8d5141
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/domain-delegation-tab.md b/mdop/agpm/domain-delegation-tab.md
index 476c26e436..27847ba556 100644
--- a/mdop/agpm/domain-delegation-tab.md
+++ b/mdop/agpm/domain-delegation-tab.md
@@ -1,7 +1,7 @@
---
title: Domain Delegation Tab
description: Domain Delegation Tab
-author: mjcaparas
+author: dansimp
ms.assetid: 15a9bfff-e25b-4b62-9ebc-521a5f4eae96
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/edit-a-gpo-offline-agpm30ops.md b/mdop/agpm/edit-a-gpo-offline-agpm30ops.md
index 5518d46244..9d85b7de64 100644
--- a/mdop/agpm/edit-a-gpo-offline-agpm30ops.md
+++ b/mdop/agpm/edit-a-gpo-offline-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Edit a GPO Offline
description: Edit a GPO Offline
-author: mjcaparas
+author: dansimp
ms.assetid: 51677d8a-6209-41b5-82ed-4f3be817abc0
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/edit-a-gpo-offline-agpm40.md b/mdop/agpm/edit-a-gpo-offline-agpm40.md
index 4f311a1cc3..86cd27fe82 100644
--- a/mdop/agpm/edit-a-gpo-offline-agpm40.md
+++ b/mdop/agpm/edit-a-gpo-offline-agpm40.md
@@ -1,7 +1,7 @@
---
title: Edit a GPO Offline
description: Edit a GPO Offline
-author: mjcaparas
+author: dansimp
ms.assetid: 9c75eb3c-d4d5-41e0-b65e-8b4464a42cd9
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/edit-a-gpo-offline.md b/mdop/agpm/edit-a-gpo-offline.md
index 6ea16ebc61..f10b9771de 100644
--- a/mdop/agpm/edit-a-gpo-offline.md
+++ b/mdop/agpm/edit-a-gpo-offline.md
@@ -1,7 +1,7 @@
---
title: Edit a GPO Offline
description: Edit a GPO Offline
-author: mjcaparas
+author: dansimp
ms.assetid: 4a148952-9fe9-4ec4-8df1-b25e37c97a54
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/editing-a-gpo-agpm30ops.md b/mdop/agpm/editing-a-gpo-agpm30ops.md
index 36bd0a1166..ff27db8319 100644
--- a/mdop/agpm/editing-a-gpo-agpm30ops.md
+++ b/mdop/agpm/editing-a-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Editing a GPO
description: Editing a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 3024051a-ff33-46d0-9c3e-68ebae7f6b60
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/editing-a-gpo-agpm40.md b/mdop/agpm/editing-a-gpo-agpm40.md
index 77dcc4e9cc..d1f6bbfeae 100644
--- a/mdop/agpm/editing-a-gpo-agpm40.md
+++ b/mdop/agpm/editing-a-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Editing a GPO
description: Editing a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: ef42eefe-7705-46b2-954d-18966335cbbf
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/editing-a-gpo.md b/mdop/agpm/editing-a-gpo.md
index c4bcdd473c..860e142fc9 100644
--- a/mdop/agpm/editing-a-gpo.md
+++ b/mdop/agpm/editing-a-gpo.md
@@ -1,7 +1,7 @@
---
title: Editing a GPO
description: Editing a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: ec77d3bb-8a64-4d8e-9c28-87763de02ec0
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/export-a-gpo-to-a-file.md b/mdop/agpm/export-a-gpo-to-a-file.md
index d75d40eada..6f8016e934 100644
--- a/mdop/agpm/export-a-gpo-to-a-file.md
+++ b/mdop/agpm/export-a-gpo-to-a-file.md
@@ -1,7 +1,7 @@
---
title: Export a GPO to a File
description: Export a GPO to a File
-author: mjcaparas
+author: dansimp
ms.assetid: 0d01b1f7-a6a4-4d0d-9aa7-2d6f1ae93d9d
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/feature-visibility-settings-agpm30ops.md b/mdop/agpm/feature-visibility-settings-agpm30ops.md
index d3049f4b3f..923dbcddcb 100644
--- a/mdop/agpm/feature-visibility-settings-agpm30ops.md
+++ b/mdop/agpm/feature-visibility-settings-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Feature Visibility Settings
description: Feature Visibility Settings
-author: mjcaparas
+author: dansimp
ms.assetid: 6a844478-a6b0-490d-923f-5a6f82467831
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/feature-visibility-settings-agpm40.md b/mdop/agpm/feature-visibility-settings-agpm40.md
index e30c603bc7..ea02966e81 100644
--- a/mdop/agpm/feature-visibility-settings-agpm40.md
+++ b/mdop/agpm/feature-visibility-settings-agpm40.md
@@ -1,7 +1,7 @@
---
title: Feature Visibility Settings
description: Feature Visibility Settings
-author: mjcaparas
+author: dansimp
ms.assetid: d3c0b02a-b943-4001-8b9c-dfac8fe58789
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/feature-visibility-settings.md b/mdop/agpm/feature-visibility-settings.md
index 1cb1b3fc24..4b5bdb06b8 100644
--- a/mdop/agpm/feature-visibility-settings.md
+++ b/mdop/agpm/feature-visibility-settings.md
@@ -1,7 +1,7 @@
---
title: Feature Visibility Settings
description: Feature Visibility Settings
-author: mjcaparas
+author: dansimp
ms.assetid: 9db2ba03-fb75-4f95-9138-ec89b9fc8d01
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/history-window-agpm30ops.md b/mdop/agpm/history-window-agpm30ops.md
index c3295c3095..890e223a94 100644
--- a/mdop/agpm/history-window-agpm30ops.md
+++ b/mdop/agpm/history-window-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: History Window
description: History Window
-author: mjcaparas
+author: dansimp
ms.assetid: 114f50a4-508d-4589-b006-6cd05cffe6b7
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/history-window-agpm40.md b/mdop/agpm/history-window-agpm40.md
index 7603d75dd5..0100174bae 100644
--- a/mdop/agpm/history-window-agpm40.md
+++ b/mdop/agpm/history-window-agpm40.md
@@ -1,7 +1,7 @@
---
title: History Window
description: History Window
-author: mjcaparas
+author: dansimp
ms.assetid: 5bea62e7-d267-40b2-a66d-fb1be7373a1c
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/history-window.md b/mdop/agpm/history-window.md
index 0e5e9a6687..15710eda36 100644
--- a/mdop/agpm/history-window.md
+++ b/mdop/agpm/history-window.md
@@ -1,7 +1,7 @@
---
title: History Window
description: History Window
-author: mjcaparas
+author: dansimp
ms.assetid: f11f9ad9-bffe-4c56-8c46-fe9c0a8e55c1
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/identify-differences-between-gpos-gpo-versions-or-templates-agpm30ops.md b/mdop/agpm/identify-differences-between-gpos-gpo-versions-or-templates-agpm30ops.md
index 370ce5130b..d1630c746f 100644
--- a/mdop/agpm/identify-differences-between-gpos-gpo-versions-or-templates-agpm30ops.md
+++ b/mdop/agpm/identify-differences-between-gpos-gpo-versions-or-templates-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Identify Differences Between GPOs, GPO Versions, or Templates
description: Identify Differences Between GPOs, GPO Versions, or Templates
-author: mjcaparas
+author: dansimp
ms.assetid: e391fa91-3956-4150-9d43-900cfc88d543
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/identify-differences-between-gpos-gpo-versions-or-templates-agpm40.md b/mdop/agpm/identify-differences-between-gpos-gpo-versions-or-templates-agpm40.md
index 57a7719f21..38b81a26ac 100644
--- a/mdop/agpm/identify-differences-between-gpos-gpo-versions-or-templates-agpm40.md
+++ b/mdop/agpm/identify-differences-between-gpos-gpo-versions-or-templates-agpm40.md
@@ -1,7 +1,7 @@
---
title: Identify Differences Between GPOs, GPO Versions, or Templates
description: Identify Differences Between GPOs, GPO Versions, or Templates
-author: mjcaparas
+author: dansimp
ms.assetid: 3f03c368-162b-450f-be6c-2807c3e8d741
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/identify-differences-between-gpos-gpo-versions-or-templates.md b/mdop/agpm/identify-differences-between-gpos-gpo-versions-or-templates.md
index 31a0ed88ed..33485698c3 100644
--- a/mdop/agpm/identify-differences-between-gpos-gpo-versions-or-templates.md
+++ b/mdop/agpm/identify-differences-between-gpos-gpo-versions-or-templates.md
@@ -1,7 +1,7 @@
---
title: Identify Differences Between GPOs, GPO Versions, or Templates
description: Identify Differences Between GPOs, GPO Versions, or Templates
-author: mjcaparas
+author: dansimp
ms.assetid: 6320afc4-af81-47e8-9f4c-463ff99d5a53
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/import-a-gpo-from-a-file-agpmadmin.md b/mdop/agpm/import-a-gpo-from-a-file-agpmadmin.md
index 259967c12d..d4b755d702 100644
--- a/mdop/agpm/import-a-gpo-from-a-file-agpmadmin.md
+++ b/mdop/agpm/import-a-gpo-from-a-file-agpmadmin.md
@@ -1,7 +1,7 @@
---
title: Import a GPO from a File
description: Import a GPO from a File
-author: mjcaparas
+author: dansimp
ms.assetid: 2cbcda72-4de3-47ad-aaf8-4fc7341d5a00
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/import-a-gpo-from-a-file-ed.md b/mdop/agpm/import-a-gpo-from-a-file-ed.md
index 3019b67029..697dafa9de 100644
--- a/mdop/agpm/import-a-gpo-from-a-file-ed.md
+++ b/mdop/agpm/import-a-gpo-from-a-file-ed.md
@@ -1,7 +1,7 @@
---
title: Import a GPO from a File
description: Import a GPO from a File
-author: mjcaparas
+author: dansimp
ms.assetid: 6e901a52-1101-4fed-9f90-3819b573b378
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/import-a-gpo-from-production-agpm30ops.md b/mdop/agpm/import-a-gpo-from-production-agpm30ops.md
index 06214d174c..5cadc7906b 100644
--- a/mdop/agpm/import-a-gpo-from-production-agpm30ops.md
+++ b/mdop/agpm/import-a-gpo-from-production-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Import a GPO from Production
description: Import a GPO from Production
-author: mjcaparas
+author: dansimp
ms.assetid: 35c2a682-ece8-4577-a083-7e3e9facfd13
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/import-a-gpo-from-production-agpm40-app.md b/mdop/agpm/import-a-gpo-from-production-agpm40-app.md
index af00e3582a..ef0343b66b 100644
--- a/mdop/agpm/import-a-gpo-from-production-agpm40-app.md
+++ b/mdop/agpm/import-a-gpo-from-production-agpm40-app.md
@@ -1,7 +1,7 @@
---
title: Import a GPO from Production
description: Import a GPO from Production
-author: mjcaparas
+author: dansimp
ms.assetid: c5b2f40d-1dc7-4dbf-b8b3-4d97ad73e1e5
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/import-a-gpo-from-production-agpm40-ed.md b/mdop/agpm/import-a-gpo-from-production-agpm40-ed.md
index a10d461d9e..521e17cd6f 100644
--- a/mdop/agpm/import-a-gpo-from-production-agpm40-ed.md
+++ b/mdop/agpm/import-a-gpo-from-production-agpm40-ed.md
@@ -1,7 +1,7 @@
---
title: Import a GPO from Production
description: Import a GPO from Production
-author: mjcaparas
+author: dansimp
ms.assetid: ad14203a-2e6a-41d4-a05e-4508c80045fd
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/import-a-gpo-from-production-approver.md b/mdop/agpm/import-a-gpo-from-production-approver.md
index 6895bd2248..b3b6509ac6 100644
--- a/mdop/agpm/import-a-gpo-from-production-approver.md
+++ b/mdop/agpm/import-a-gpo-from-production-approver.md
@@ -1,7 +1,7 @@
---
title: Import a GPO from Production
description: Import a GPO from Production
-author: mjcaparas
+author: dansimp
ms.assetid: 071270fa-1890-40ce-ab89-ce070a54aa59
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/import-a-gpo-from-production-editor-agpm30ops.md b/mdop/agpm/import-a-gpo-from-production-editor-agpm30ops.md
index cc32d29e0f..6233511c16 100644
--- a/mdop/agpm/import-a-gpo-from-production-editor-agpm30ops.md
+++ b/mdop/agpm/import-a-gpo-from-production-editor-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Import a GPO from Production
description: Import a GPO from Production
-author: mjcaparas
+author: dansimp
ms.assetid: ad90f13e-e73c-400f-b86f-c12f2e75d19d
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/import-a-gpo-from-production-editor.md b/mdop/agpm/import-a-gpo-from-production-editor.md
index 3ee29adf06..a67b4eb887 100644
--- a/mdop/agpm/import-a-gpo-from-production-editor.md
+++ b/mdop/agpm/import-a-gpo-from-production-editor.md
@@ -1,7 +1,7 @@
---
title: Import a GPO from Production
description: Import a GPO from Production
-author: mjcaparas
+author: dansimp
ms.assetid: ffa02b2a-2a43-4fc0-a06e-7d4b59022cc3
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/label-the-current-version-of-a-gpo-agpm30ops.md b/mdop/agpm/label-the-current-version-of-a-gpo-agpm30ops.md
index 1aa5500034..2a32a77423 100644
--- a/mdop/agpm/label-the-current-version-of-a-gpo-agpm30ops.md
+++ b/mdop/agpm/label-the-current-version-of-a-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Label the Current Version of a GPO
description: Label the Current Version of a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 3845211a-0bc9-4875-9906-cb758c443825
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/label-the-current-version-of-a-gpo-agpm40.md b/mdop/agpm/label-the-current-version-of-a-gpo-agpm40.md
index 4a8c652822..8e2ca70456 100644
--- a/mdop/agpm/label-the-current-version-of-a-gpo-agpm40.md
+++ b/mdop/agpm/label-the-current-version-of-a-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Label the Current Version of a GPO
description: Label the Current Version of a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: cadc8769-21da-44b0-8122-6cafdb448913
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/label-the-current-version-of-a-gpo.md b/mdop/agpm/label-the-current-version-of-a-gpo.md
index 23520638fb..518cff6f2c 100644
--- a/mdop/agpm/label-the-current-version-of-a-gpo.md
+++ b/mdop/agpm/label-the-current-version-of-a-gpo.md
@@ -1,7 +1,7 @@
---
title: Label the Current Version of a GPO
description: Label the Current Version of a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 5e4e50f8-e4a8-4bda-aac4-1569d5fbd6a7
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/limit-the-gpo-versions-stored-agpm30ops.md b/mdop/agpm/limit-the-gpo-versions-stored-agpm30ops.md
index d119a83fa7..c74a38c572 100644
--- a/mdop/agpm/limit-the-gpo-versions-stored-agpm30ops.md
+++ b/mdop/agpm/limit-the-gpo-versions-stored-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Limit the GPO Versions Stored
description: Limit the GPO Versions Stored
-author: mjcaparas
+author: dansimp
ms.assetid: da14edc5-0c36-4c54-b122-861c86b99eb1
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/limit-the-gpo-versions-stored-agpm40.md b/mdop/agpm/limit-the-gpo-versions-stored-agpm40.md
index 2570da4136..9ca2d0acda 100644
--- a/mdop/agpm/limit-the-gpo-versions-stored-agpm40.md
+++ b/mdop/agpm/limit-the-gpo-versions-stored-agpm40.md
@@ -1,7 +1,7 @@
---
title: Limit the GPO Versions Stored
description: Limit the GPO Versions Stored
-author: mjcaparas
+author: dansimp
ms.assetid: d802c7b6-f303-4b23-aefd-f19f1300b0ff
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/logging-and-tracing-settings-agpm30ops.md b/mdop/agpm/logging-and-tracing-settings-agpm30ops.md
index 327edf7784..adb810c271 100644
--- a/mdop/agpm/logging-and-tracing-settings-agpm30ops.md
+++ b/mdop/agpm/logging-and-tracing-settings-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Logging and Tracing Settings
description: Logging and Tracing Settings
-author: mjcaparas
+author: dansimp
ms.assetid: 858b6fbf-65b4-42fa-95a9-69b04e5734d7
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/logging-and-tracing-settings-agpm40.md b/mdop/agpm/logging-and-tracing-settings-agpm40.md
index 3e42a4a154..2c42860152 100644
--- a/mdop/agpm/logging-and-tracing-settings-agpm40.md
+++ b/mdop/agpm/logging-and-tracing-settings-agpm40.md
@@ -1,7 +1,7 @@
---
title: Logging and Tracing Settings
description: Logging and Tracing Settings
-author: mjcaparas
+author: dansimp
ms.assetid: 66d03306-80d8-4132-bf71-2827157b1fc9
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/logging-and-tracing-settings.md b/mdop/agpm/logging-and-tracing-settings.md
index ec78ccc511..67460cfdb5 100644
--- a/mdop/agpm/logging-and-tracing-settings.md
+++ b/mdop/agpm/logging-and-tracing-settings.md
@@ -1,7 +1,7 @@
---
title: Logging and Tracing Settings
description: Logging and Tracing Settings
-author: mjcaparas
+author: dansimp
ms.assetid: db6b43c7-fdde-4d11-b5ab-a81346e56940
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/managing-the-agpm-service-agpm30ops.md b/mdop/agpm/managing-the-agpm-service-agpm30ops.md
index 9896b4a887..3b9da4b940 100644
--- a/mdop/agpm/managing-the-agpm-service-agpm30ops.md
+++ b/mdop/agpm/managing-the-agpm-service-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Managing the AGPM Service
description: Managing the AGPM Service
-author: mjcaparas
+author: dansimp
ms.assetid: a522b1f1-c57b-43aa-9d75-acc6f9bedbf9
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/managing-the-agpm-service-agpm40.md b/mdop/agpm/managing-the-agpm-service-agpm40.md
index 96280adf4b..76fedcb48b 100644
--- a/mdop/agpm/managing-the-agpm-service-agpm40.md
+++ b/mdop/agpm/managing-the-agpm-service-agpm40.md
@@ -1,7 +1,7 @@
---
title: Managing the AGPM Service
description: Managing the AGPM Service
-author: mjcaparas
+author: dansimp
ms.assetid: 48ca02aa-6acf-403b-afd4-66ae8a953246
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/managing-the-agpm-service.md b/mdop/agpm/managing-the-agpm-service.md
index 174c061105..da8f07c50c 100644
--- a/mdop/agpm/managing-the-agpm-service.md
+++ b/mdop/agpm/managing-the-agpm-service.md
@@ -1,7 +1,7 @@
---
title: Managing the AGPM Service
description: Managing the AGPM Service
-author: mjcaparas
+author: dansimp
ms.assetid: 331f64d2-1236-4711-81b4-1b92f019bfa5
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/managing-the-archive-agpm40.md b/mdop/agpm/managing-the-archive-agpm40.md
index e22bed1a2d..39f7a9a28e 100644
--- a/mdop/agpm/managing-the-archive-agpm40.md
+++ b/mdop/agpm/managing-the-archive-agpm40.md
@@ -1,7 +1,7 @@
---
title: Managing the Archive
description: Managing the Archive
-author: mjcaparas
+author: dansimp
ms.assetid: b11a3d71-74ea-4dd7-b243-6f2880b7af2d
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/managing-the-archive.md b/mdop/agpm/managing-the-archive.md
index ba25337775..6b1a2d21c5 100644
--- a/mdop/agpm/managing-the-archive.md
+++ b/mdop/agpm/managing-the-archive.md
@@ -1,7 +1,7 @@
---
title: Managing the Archive
description: Managing the Archive
-author: mjcaparas
+author: dansimp
ms.assetid: 7c7654e9-ab0e-4531-8ef7-ae77ef391620
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/modify-the-agpm-service-account.md b/mdop/agpm/modify-the-agpm-service-account.md
index 21bd9e501c..780d107283 100644
--- a/mdop/agpm/modify-the-agpm-service-account.md
+++ b/mdop/agpm/modify-the-agpm-service-account.md
@@ -1,7 +1,7 @@
---
title: Modify the AGPM Service Account
description: Modify the AGPM Service Account
-author: mjcaparas
+author: dansimp
ms.assetid: 0d8d8c7b-f299-4fee-8414-406492156942
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/modify-the-agpm-service-agpm30ops.md b/mdop/agpm/modify-the-agpm-service-agpm30ops.md
index ce08a4d000..8834c5eb34 100644
--- a/mdop/agpm/modify-the-agpm-service-agpm30ops.md
+++ b/mdop/agpm/modify-the-agpm-service-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Modify the AGPM Service
description: Modify the AGPM Service
-author: mjcaparas
+author: dansimp
ms.assetid: 3485f85f-59d1-48dc-8748-36826214dcb1
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/modify-the-agpm-service-agpm40.md b/mdop/agpm/modify-the-agpm-service-agpm40.md
index 20ec5c3a65..1fdf5b8ecb 100644
--- a/mdop/agpm/modify-the-agpm-service-agpm40.md
+++ b/mdop/agpm/modify-the-agpm-service-agpm40.md
@@ -1,7 +1,7 @@
---
title: Modify the AGPM Service
description: Modify the AGPM Service
-author: mjcaparas
+author: dansimp
ms.assetid: 3239d088-bb86-4ec4-bc56-dbe8f1c710f5
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/modify-the-archive-path.md b/mdop/agpm/modify-the-archive-path.md
index 0e52f280d7..ea4a9c81c7 100644
--- a/mdop/agpm/modify-the-archive-path.md
+++ b/mdop/agpm/modify-the-archive-path.md
@@ -1,7 +1,7 @@
---
title: Modify the Archive Path
description: Modify the Archive Path
-author: mjcaparas
+author: dansimp
ms.assetid: 6d90daf9-58db-4166-b5b3-e84bb261164a
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/modify-the-port-on-which-the-agpm-service-listens.md b/mdop/agpm/modify-the-port-on-which-the-agpm-service-listens.md
index 6ad27ab0b6..420514276e 100644
--- a/mdop/agpm/modify-the-port-on-which-the-agpm-service-listens.md
+++ b/mdop/agpm/modify-the-port-on-which-the-agpm-service-listens.md
@@ -1,7 +1,7 @@
---
title: Modify the Port on Which the AGPM Service Listens
description: Modify the Port on Which the AGPM Service Listens
-author: mjcaparas
+author: dansimp
ms.assetid: a82c6873-e916-4a04-b263-aa612cd6956b
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/move-the-agpm-server-and-the-archive-agpm40.md b/mdop/agpm/move-the-agpm-server-and-the-archive-agpm40.md
index 027abbaaa7..696cc928a3 100644
--- a/mdop/agpm/move-the-agpm-server-and-the-archive-agpm40.md
+++ b/mdop/agpm/move-the-agpm-server-and-the-archive-agpm40.md
@@ -1,7 +1,7 @@
---
title: Move the AGPM Server and the Archive
description: Move the AGPM Server and the Archive
-author: mjcaparas
+author: dansimp
ms.assetid: 9ec48d3a-c293-45f0-8939-32ccdc062303
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/move-the-agpm-server-and-the-archive.md b/mdop/agpm/move-the-agpm-server-and-the-archive.md
index 93f0d42c02..29baec8da0 100644
--- a/mdop/agpm/move-the-agpm-server-and-the-archive.md
+++ b/mdop/agpm/move-the-agpm-server-and-the-archive.md
@@ -1,7 +1,7 @@
---
title: Move the AGPM Server and the Archive
description: Move the AGPM Server and the Archive
-author: mjcaparas
+author: dansimp
ms.assetid: 13cb83c4-bb42-4e81-8660-5b7540f473d8
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/operations-guide-for-microsoft-advanced-group-policy-management-25.md b/mdop/agpm/operations-guide-for-microsoft-advanced-group-policy-management-25.md
index 464ddc37b5..c0c1b78cb0 100644
--- a/mdop/agpm/operations-guide-for-microsoft-advanced-group-policy-management-25.md
+++ b/mdop/agpm/operations-guide-for-microsoft-advanced-group-policy-management-25.md
@@ -1,7 +1,7 @@
---
title: Operations Guide for Microsoft Advanced Group Policy Management 2.5
description: Operations Guide for Microsoft Advanced Group Policy Management 2.5
-author: mjcaparas
+author: dansimp
ms.assetid: 005f0bb5-789f-42a9-bcaf-7e8c31a8df66
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/operations-guide-for-microsoft-advanced-group-policy-management-30-agpm30ops.md b/mdop/agpm/operations-guide-for-microsoft-advanced-group-policy-management-30-agpm30ops.md
index eaa5a661af..77dfd7402a 100644
--- a/mdop/agpm/operations-guide-for-microsoft-advanced-group-policy-management-30-agpm30ops.md
+++ b/mdop/agpm/operations-guide-for-microsoft-advanced-group-policy-management-30-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Operations Guide for Microsoft Advanced Group Policy Management 3.0
description: Operations Guide for Microsoft Advanced Group Policy Management 3.0
-author: mjcaparas
+author: dansimp
ms.assetid: aaefe6d1-a9e5-43eb-b4d8-85880798cb8b
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/operations-guide-for-microsoft-advanced-group-policy-management-40.md b/mdop/agpm/operations-guide-for-microsoft-advanced-group-policy-management-40.md
index 7243627a33..e6c33c6490 100644
--- a/mdop/agpm/operations-guide-for-microsoft-advanced-group-policy-management-40.md
+++ b/mdop/agpm/operations-guide-for-microsoft-advanced-group-policy-management-40.md
@@ -1,7 +1,7 @@
---
title: Operations Guide for Microsoft Advanced Group Policy Management 4.0
description: Operations Guide for Microsoft Advanced Group Policy Management 4.0
-author: mjcaparas
+author: dansimp
ms.assetid: 0bafeba3-20a9-4360-be5d-03f786df11ee
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/other-enhancements-to-the-gpmc.md b/mdop/agpm/other-enhancements-to-the-gpmc.md
index d68a942bcd..fdf7e3ab2f 100644
--- a/mdop/agpm/other-enhancements-to-the-gpmc.md
+++ b/mdop/agpm/other-enhancements-to-the-gpmc.md
@@ -1,7 +1,7 @@
---
title: Other Enhancements to the GPMC
description: Other Enhancements to the GPMC
-author: mjcaparas
+author: dansimp
ms.assetid: ef344101-17e1-4e06-9dc8-2f20ca796774
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/overview-of-advanced-group-policy-management-agpm30ops.md b/mdop/agpm/overview-of-advanced-group-policy-management-agpm30ops.md
index e14a1f4b10..ae01c964e7 100644
--- a/mdop/agpm/overview-of-advanced-group-policy-management-agpm30ops.md
+++ b/mdop/agpm/overview-of-advanced-group-policy-management-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Overview of Advanced Group Policy Management
description: Overview of Advanced Group Policy Management
-author: mjcaparas
+author: dansimp
ms.assetid: 3a8d1e58-12b9-42bd-898f-6d57514dfbb9
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/overview-of-advanced-group-policy-management-agpm40.md b/mdop/agpm/overview-of-advanced-group-policy-management-agpm40.md
index 4d4f47e6ad..67111dde93 100644
--- a/mdop/agpm/overview-of-advanced-group-policy-management-agpm40.md
+++ b/mdop/agpm/overview-of-advanced-group-policy-management-agpm40.md
@@ -1,7 +1,7 @@
---
title: Overview of Advanced Group Policy Management
description: Overview of Advanced Group Policy Management
-author: mjcaparas
+author: dansimp
ms.assetid: 2c12f3b4-8472-4c5b-b7f8-1c98a80d6b47
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/overview-of-advanced-group-policy-management.md b/mdop/agpm/overview-of-advanced-group-policy-management.md
index 6bbb659ca4..d39125dff8 100644
--- a/mdop/agpm/overview-of-advanced-group-policy-management.md
+++ b/mdop/agpm/overview-of-advanced-group-policy-management.md
@@ -1,7 +1,7 @@
---
title: Overview of Advanced Group Policy Management
description: Overview of Advanced Group Policy Management
-author: mjcaparas
+author: dansimp
ms.assetid: 028de9dd-848b-42bc-a982-65ba5c433772
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/pending-gpo-commands-agpm30ops.md b/mdop/agpm/pending-gpo-commands-agpm30ops.md
index c155fbc2cf..ac209741db 100644
--- a/mdop/agpm/pending-gpo-commands-agpm30ops.md
+++ b/mdop/agpm/pending-gpo-commands-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Pending GPO Commands
description: Pending GPO Commands
-author: mjcaparas
+author: dansimp
ms.assetid: 3868dda0-8a41-4bba-9b0c-9f656f9a3cd5
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/pending-gpo-commands-agpm40.md b/mdop/agpm/pending-gpo-commands-agpm40.md
index 1e6862db89..6355b75c72 100644
--- a/mdop/agpm/pending-gpo-commands-agpm40.md
+++ b/mdop/agpm/pending-gpo-commands-agpm40.md
@@ -1,7 +1,7 @@
---
title: Pending GPO Commands
description: Pending GPO Commands
-author: mjcaparas
+author: dansimp
ms.assetid: b62f49e1-43ab-4c93-8102-96cd97a4adad
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/pending-tab.md b/mdop/agpm/pending-tab.md
index 4ee185771f..651aed92e0 100644
--- a/mdop/agpm/pending-tab.md
+++ b/mdop/agpm/pending-tab.md
@@ -1,7 +1,7 @@
---
title: Pending Tab
description: Pending Tab
-author: mjcaparas
+author: dansimp
ms.assetid: 54a9a977-c0bc-4553-922b-b2e10e162df9
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/performing-agpm-administrator-tasks-agpm30ops.md b/mdop/agpm/performing-agpm-administrator-tasks-agpm30ops.md
index b23cff06c7..cb634d1f12 100644
--- a/mdop/agpm/performing-agpm-administrator-tasks-agpm30ops.md
+++ b/mdop/agpm/performing-agpm-administrator-tasks-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Performing AGPM Administrator Tasks
description: Performing AGPM Administrator Tasks
-author: mjcaparas
+author: dansimp
ms.assetid: 9678b0f4-70a5-411e-a896-afa4dc9ea6c4
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/performing-agpm-administrator-tasks-agpm40.md b/mdop/agpm/performing-agpm-administrator-tasks-agpm40.md
index aa73d0ac46..f8ccba7272 100644
--- a/mdop/agpm/performing-agpm-administrator-tasks-agpm40.md
+++ b/mdop/agpm/performing-agpm-administrator-tasks-agpm40.md
@@ -1,7 +1,7 @@
---
title: Performing AGPM Administrator Tasks
description: Performing AGPM Administrator Tasks
-author: mjcaparas
+author: dansimp
ms.assetid: bc746f39-bdc9-4e2a-bc48-c3c7905de098
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/performing-agpm-administrator-tasks.md b/mdop/agpm/performing-agpm-administrator-tasks.md
index ebc6992639..71b1c9749c 100644
--- a/mdop/agpm/performing-agpm-administrator-tasks.md
+++ b/mdop/agpm/performing-agpm-administrator-tasks.md
@@ -1,7 +1,7 @@
---
title: Performing AGPM Administrator Tasks
description: Performing AGPM Administrator Tasks
-author: mjcaparas
+author: dansimp
ms.assetid: 32e694a7-be64-4943-bce2-2a3a15e5341f
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/performing-approver-tasks-agpm30ops.md b/mdop/agpm/performing-approver-tasks-agpm30ops.md
index 457707ad10..4c519657e9 100644
--- a/mdop/agpm/performing-approver-tasks-agpm30ops.md
+++ b/mdop/agpm/performing-approver-tasks-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Performing Approver Tasks
description: Performing Approver Tasks
-author: mjcaparas
+author: dansimp
ms.assetid: 9f711824-191b-4b4b-a1c6-a3b2116006a4
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/performing-approver-tasks-agpm40.md b/mdop/agpm/performing-approver-tasks-agpm40.md
index 8a19c9ecda..2a949f0a84 100644
--- a/mdop/agpm/performing-approver-tasks-agpm40.md
+++ b/mdop/agpm/performing-approver-tasks-agpm40.md
@@ -1,7 +1,7 @@
---
title: Performing Approver Tasks
description: Performing Approver Tasks
-author: mjcaparas
+author: dansimp
ms.assetid: e0a4b7fe-ce69-4755-9104-c7f523ea6b62
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/performing-approver-tasks.md b/mdop/agpm/performing-approver-tasks.md
index ce05f48885..fd4190ca12 100644
--- a/mdop/agpm/performing-approver-tasks.md
+++ b/mdop/agpm/performing-approver-tasks.md
@@ -1,7 +1,7 @@
---
title: Performing Approver Tasks
description: Performing Approver Tasks
-author: mjcaparas
+author: dansimp
ms.assetid: 6f6310b3-19c1-47c9-8615-964ddd10ce14
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/performing-editor-tasks-agpm30ops.md b/mdop/agpm/performing-editor-tasks-agpm30ops.md
index abc69827c2..e6f638319a 100644
--- a/mdop/agpm/performing-editor-tasks-agpm30ops.md
+++ b/mdop/agpm/performing-editor-tasks-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Performing Editor Tasks
description: Performing Editor Tasks
-author: mjcaparas
+author: dansimp
ms.assetid: d4ac3277-2557-41cf-ac90-5adb6c30687c
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/performing-editor-tasks-agpm40.md b/mdop/agpm/performing-editor-tasks-agpm40.md
index b776479dfc..d359605154 100644
--- a/mdop/agpm/performing-editor-tasks-agpm40.md
+++ b/mdop/agpm/performing-editor-tasks-agpm40.md
@@ -1,7 +1,7 @@
---
title: Performing Editor Tasks
description: Performing Editor Tasks
-author: mjcaparas
+author: dansimp
ms.assetid: 81976a01-2a95-4256-b703-9fb3c884ef34
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/performing-editor-tasks.md b/mdop/agpm/performing-editor-tasks.md
index eeea2a652c..5ba1b63760 100644
--- a/mdop/agpm/performing-editor-tasks.md
+++ b/mdop/agpm/performing-editor-tasks.md
@@ -1,7 +1,7 @@
---
title: Performing Editor Tasks
description: Performing Editor Tasks
-author: mjcaparas
+author: dansimp
ms.assetid: b1e62615-2e02-460e-81d1-4a3fbe59f62d
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/performing-reviewer-tasks-agpm30ops.md b/mdop/agpm/performing-reviewer-tasks-agpm30ops.md
index 94d4b73d01..79dddb832c 100644
--- a/mdop/agpm/performing-reviewer-tasks-agpm30ops.md
+++ b/mdop/agpm/performing-reviewer-tasks-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Performing Reviewer Tasks
description: Performing Reviewer Tasks
-author: mjcaparas
+author: dansimp
ms.assetid: 1faf396d-be0d-49ac-b063-0722fda2e43d
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/performing-reviewer-tasks-agpm40.md b/mdop/agpm/performing-reviewer-tasks-agpm40.md
index 5bf87e09a7..e4dc40829d 100644
--- a/mdop/agpm/performing-reviewer-tasks-agpm40.md
+++ b/mdop/agpm/performing-reviewer-tasks-agpm40.md
@@ -1,7 +1,7 @@
---
title: Performing Reviewer Tasks
description: Performing Reviewer Tasks
-author: mjcaparas
+author: dansimp
ms.assetid: b5f0805c-da55-45a5-a94c-2473af92b54a
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/performing-reviewer-tasks.md b/mdop/agpm/performing-reviewer-tasks.md
index aa542e0ac9..f2ea335680 100644
--- a/mdop/agpm/performing-reviewer-tasks.md
+++ b/mdop/agpm/performing-reviewer-tasks.md
@@ -1,7 +1,7 @@
---
title: Performing Reviewer Tasks
description: Performing Reviewer Tasks
-author: mjcaparas
+author: dansimp
ms.assetid: 4bdd43fa-5c73-4900-8947-b45906f47f60
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/production-delegation-tab-agpm30ops.md b/mdop/agpm/production-delegation-tab-agpm30ops.md
index efa8ccb039..32ef7974df 100644
--- a/mdop/agpm/production-delegation-tab-agpm30ops.md
+++ b/mdop/agpm/production-delegation-tab-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Production Delegation Tab
description: Production Delegation Tab
-author: mjcaparas
+author: dansimp
ms.assetid: 9851637d-d5c1-4d29-8582-e8779500a14e
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/production-delegation-tab-agpm40.md b/mdop/agpm/production-delegation-tab-agpm40.md
index 29e323127c..118c822a7d 100644
--- a/mdop/agpm/production-delegation-tab-agpm40.md
+++ b/mdop/agpm/production-delegation-tab-agpm40.md
@@ -1,7 +1,7 @@
---
title: Production Delegation Tab
description: Production Delegation Tab
-author: mjcaparas
+author: dansimp
ms.assetid: 046bb9bc-769a-4306-bc49-c159a9533552
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/recycle-bin-commands-agpm30ops.md b/mdop/agpm/recycle-bin-commands-agpm30ops.md
index baf41c217c..d3ed4beea9 100644
--- a/mdop/agpm/recycle-bin-commands-agpm30ops.md
+++ b/mdop/agpm/recycle-bin-commands-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Recycle Bin Commands
description: Recycle Bin Commands
-author: mjcaparas
+author: dansimp
ms.assetid: ffe8f020-7aa9-40ad-8019-cc99901a7840
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/recycle-bin-commands-agpm40.md b/mdop/agpm/recycle-bin-commands-agpm40.md
index ddd12cfd22..a1be8b3f88 100644
--- a/mdop/agpm/recycle-bin-commands-agpm40.md
+++ b/mdop/agpm/recycle-bin-commands-agpm40.md
@@ -1,7 +1,7 @@
---
title: Recycle Bin Commands
description: Recycle Bin Commands
-author: mjcaparas
+author: dansimp
ms.assetid: 347a101f-0ba0-4afc-bd59-752cc06bb904
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/recycle-bin-tab.md b/mdop/agpm/recycle-bin-tab.md
index 95d40a6e1d..749191d42c 100644
--- a/mdop/agpm/recycle-bin-tab.md
+++ b/mdop/agpm/recycle-bin-tab.md
@@ -1,7 +1,7 @@
---
title: Recycle Bin Tab
description: Recycle Bin Tab
-author: mjcaparas
+author: dansimp
ms.assetid: 9ce62e98-c03e-4a75-90e0-51be83c6d2db
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp1.md b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp1.md
index f72ca9d61d..26e276ed65 100644
--- a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp1.md
+++ b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp1.md
@@ -1,7 +1,7 @@
---
title: Release Notes for Microsoft Advanced Group Policy Management 4.0 SP1
description: Release Notes for Microsoft Advanced Group Policy Management 4.0 SP1
-author: mjcaparas
+author: dansimp
ms.assetid: 91835bf8-e53c-4202-986e-8d37050d1267
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp2.md b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp2.md
index e5a7a19136..9c609242ce 100644
--- a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp2.md
+++ b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp2.md
@@ -1,7 +1,7 @@
---
title: Release Notes for Microsoft Advanced Group Policy Management 4.0 SP2
description: Release Notes for Microsoft Advanced Group Policy Management 4.0 SP2
-author: mjcaparas
+author: dansimp
ms.assetid: 0593cd11-3308-4942-bf19-8a7bb9447f01
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp3.md b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp3.md
index 2c9d766a6d..cfeb0c897e 100644
--- a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp3.md
+++ b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40-sp3.md
@@ -1,7 +1,7 @@
---
title: Release Notes for Microsoft Advanced Group Policy Management 4.0 SP3
description: Release Notes for Microsoft Advanced Group Policy Management 4.0 SP3
-author: mjcaparas
+author: dansimp
ms.assetid: 955d7674-a8d9-4fc5-b18a-5a1639e38014
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40.md b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40.md
index caa920e145..1230a91148 100644
--- a/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40.md
+++ b/mdop/agpm/release-notes-for-microsoft-advanced-group-policy-management-40.md
@@ -1,7 +1,7 @@
---
title: Release Notes for Microsoft Advanced Group Policy Management 4.0
description: Release Notes for Microsoft Advanced Group Policy Management 4.0
-author: mjcaparas
+author: dansimp
ms.assetid: 44c19e61-c8e8-48aa-a2c2-20396d14d5bb
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/rename-a-gpo-or-template-agpm30ops.md b/mdop/agpm/rename-a-gpo-or-template-agpm30ops.md
index 3aa827f71f..6c457983f8 100644
--- a/mdop/agpm/rename-a-gpo-or-template-agpm30ops.md
+++ b/mdop/agpm/rename-a-gpo-or-template-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Rename a GPO or Template
description: Rename a GPO or Template
-author: mjcaparas
+author: dansimp
ms.assetid: 19d17ddf-8b58-4677-929e-9550fa388b93
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/rename-a-gpo-or-template-agpm40.md b/mdop/agpm/rename-a-gpo-or-template-agpm40.md
index 7befd4f578..a2a1b19820 100644
--- a/mdop/agpm/rename-a-gpo-or-template-agpm40.md
+++ b/mdop/agpm/rename-a-gpo-or-template-agpm40.md
@@ -1,7 +1,7 @@
---
title: Rename a GPO or Template
description: Rename a GPO or Template
-author: mjcaparas
+author: dansimp
ms.assetid: 84293f7a-4ff7-497e-bdbc-cabb70189a03
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/rename-a-gpo-or-template.md b/mdop/agpm/rename-a-gpo-or-template.md
index 3a2a71a243..e437925f07 100644
--- a/mdop/agpm/rename-a-gpo-or-template.md
+++ b/mdop/agpm/rename-a-gpo-or-template.md
@@ -1,7 +1,7 @@
---
title: Rename a GPO or Template
description: Rename a GPO or Template
-author: mjcaparas
+author: dansimp
ms.assetid: 64a1aaf4-f672-48b5-94c6-473bf1076cf3
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/request-control-of-a-previously-uncontrolled-gpo.md b/mdop/agpm/request-control-of-a-previously-uncontrolled-gpo.md
index e58c025f14..c31e31cb35 100644
--- a/mdop/agpm/request-control-of-a-previously-uncontrolled-gpo.md
+++ b/mdop/agpm/request-control-of-a-previously-uncontrolled-gpo.md
@@ -1,7 +1,7 @@
---
title: Request Control of a Previously Uncontrolled GPO
description: Request Control of a Previously Uncontrolled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 00e8725d-5d7f-4eed-a5e6-c3631632cfbd
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/request-control-of-an-uncontrolled-gpo-agpm30ops.md b/mdop/agpm/request-control-of-an-uncontrolled-gpo-agpm30ops.md
index 3d14dbd600..1f12840287 100644
--- a/mdop/agpm/request-control-of-an-uncontrolled-gpo-agpm30ops.md
+++ b/mdop/agpm/request-control-of-an-uncontrolled-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Request Control of an Uncontrolled GPO
description: Request Control of an Uncontrolled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: b668a67a-5a2c-4f6a-8b1c-efa3ca0794d4
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/request-control-of-an-uncontrolled-gpo-agpm40.md b/mdop/agpm/request-control-of-an-uncontrolled-gpo-agpm40.md
index 86d8e3030f..b82b4bae0c 100644
--- a/mdop/agpm/request-control-of-an-uncontrolled-gpo-agpm40.md
+++ b/mdop/agpm/request-control-of-an-uncontrolled-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Request Control of an Uncontrolled GPO
description: Request Control of an Uncontrolled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: a34e0aeb-33a1-4c9f-b187-1d08493a785c
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/request-deletion-of-a-gpo-agpm30ops.md b/mdop/agpm/request-deletion-of-a-gpo-agpm30ops.md
index 7f2ecf3393..4b6b24a531 100644
--- a/mdop/agpm/request-deletion-of-a-gpo-agpm30ops.md
+++ b/mdop/agpm/request-deletion-of-a-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Request Deletion of a GPO
description: Request Deletion of a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 576ece5c-dc6d-4b5e-8628-01c15ae2c9a8
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/request-deletion-of-a-gpo-agpm40.md b/mdop/agpm/request-deletion-of-a-gpo-agpm40.md
index 844b1cad3c..0124dc0a64 100644
--- a/mdop/agpm/request-deletion-of-a-gpo-agpm40.md
+++ b/mdop/agpm/request-deletion-of-a-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Request Deletion of a GPO
description: Request Deletion of a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 2410f7a1-ccca-44cf-ab26-76ad474409e7
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/request-deployment-of-a-gpo-agpm30ops.md b/mdop/agpm/request-deployment-of-a-gpo-agpm30ops.md
index a1fb49a16f..fcb659cd00 100644
--- a/mdop/agpm/request-deployment-of-a-gpo-agpm30ops.md
+++ b/mdop/agpm/request-deployment-of-a-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Request Deployment of a GPO
description: Request Deployment of a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: f44ae0fb-bcf7-477b-b99e-9dd6a55ee597
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/request-deployment-of-a-gpo-agpm40.md b/mdop/agpm/request-deployment-of-a-gpo-agpm40.md
index 334d30d658..5c633c5a9c 100644
--- a/mdop/agpm/request-deployment-of-a-gpo-agpm40.md
+++ b/mdop/agpm/request-deployment-of-a-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Request Deployment of a GPO
description: Request Deployment of a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 5783cfd0-bd93-46b4-8fa0-684bd39aa8fc
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/request-deployment-of-a-gpo.md b/mdop/agpm/request-deployment-of-a-gpo.md
index fd81f52490..7c38b0addd 100644
--- a/mdop/agpm/request-deployment-of-a-gpo.md
+++ b/mdop/agpm/request-deployment-of-a-gpo.md
@@ -1,7 +1,7 @@
---
title: Request Deployment of a GPO
description: Request Deployment of a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 9aa9af29-4754-4f72-b624-bb3e1087cbe1
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/request-restoration-of-a-deleted-gpo-agpm30ops.md b/mdop/agpm/request-restoration-of-a-deleted-gpo-agpm30ops.md
index 5eea73eb07..a5d72f95b9 100644
--- a/mdop/agpm/request-restoration-of-a-deleted-gpo-agpm30ops.md
+++ b/mdop/agpm/request-restoration-of-a-deleted-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Request Restoration of a Deleted GPO
description: Request Restoration of a Deleted GPO
-author: mjcaparas
+author: dansimp
ms.assetid: dcc3baea-8af7-4886-a301-98b6ac5819cd
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/request-restoration-of-a-deleted-gpo-agpm40.md b/mdop/agpm/request-restoration-of-a-deleted-gpo-agpm40.md
index 9a569cc216..6d7272bb13 100644
--- a/mdop/agpm/request-restoration-of-a-deleted-gpo-agpm40.md
+++ b/mdop/agpm/request-restoration-of-a-deleted-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Request Restoration of a Deleted GPO
description: Request Restoration of a Deleted GPO
-author: mjcaparas
+author: dansimp
ms.assetid: bac5ca3b-be47-49b5-bf1b-96280625fda8
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/request-the-creation-of-a-new-controlled-gpo-agpm30ops.md b/mdop/agpm/request-the-creation-of-a-new-controlled-gpo-agpm30ops.md
index 9c7adfcc7c..2ad25d82f2 100644
--- a/mdop/agpm/request-the-creation-of-a-new-controlled-gpo-agpm30ops.md
+++ b/mdop/agpm/request-the-creation-of-a-new-controlled-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Request the Creation of a New Controlled GPO
description: Request the Creation of a New Controlled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 4194c2f3-8116-4a35-be1a-81c84072daec
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/request-the-creation-of-a-new-controlled-gpo-agpm40.md b/mdop/agpm/request-the-creation-of-a-new-controlled-gpo-agpm40.md
index 155d54a519..c191185c64 100644
--- a/mdop/agpm/request-the-creation-of-a-new-controlled-gpo-agpm40.md
+++ b/mdop/agpm/request-the-creation-of-a-new-controlled-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Request the Creation of a New Controlled GPO
description: Request the Creation of a New Controlled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: cb265238-386f-4780-a59a-0c9a4a87d736
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/request-the-creation-of-a-new-controlled-gpo.md b/mdop/agpm/request-the-creation-of-a-new-controlled-gpo.md
index be1818d321..fa93f03e77 100644
--- a/mdop/agpm/request-the-creation-of-a-new-controlled-gpo.md
+++ b/mdop/agpm/request-the-creation-of-a-new-controlled-gpo.md
@@ -1,7 +1,7 @@
---
title: Request the Creation of a New Controlled GPO
description: Request the Creation of a New Controlled GPO
-author: mjcaparas
+author: dansimp
ms.assetid: e1875d81-8553-42ee-8f3a-023d6ced86ca
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/resources-for-agpm.md b/mdop/agpm/resources-for-agpm.md
index 310dda78df..04cbb5788f 100644
--- a/mdop/agpm/resources-for-agpm.md
+++ b/mdop/agpm/resources-for-agpm.md
@@ -1,7 +1,7 @@
---
title: Resources for AGPM
description: Resources for AGPM
-author: mjcaparas
+author: dansimp
ms.assetid: b44b58c0-2810-40d6-9677-f2f64e1add75
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/restore-a-deleted-gpo-agpm30ops.md b/mdop/agpm/restore-a-deleted-gpo-agpm30ops.md
index 5f46d1b370..b213359f0d 100644
--- a/mdop/agpm/restore-a-deleted-gpo-agpm30ops.md
+++ b/mdop/agpm/restore-a-deleted-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Restore a Deleted GPO
description: Restore a Deleted GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 853feb0a-d2d9-4be9-a07e-e113a56a9968
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/restore-a-deleted-gpo-agpm40.md b/mdop/agpm/restore-a-deleted-gpo-agpm40.md
index d68d3dc138..85f0cb5bb3 100644
--- a/mdop/agpm/restore-a-deleted-gpo-agpm40.md
+++ b/mdop/agpm/restore-a-deleted-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Restore a Deleted GPO
description: Restore a Deleted GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 0a131d26-a741-4a51-b612-c0bc7dbba06b
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/restore-a-deleted-gpo.md b/mdop/agpm/restore-a-deleted-gpo.md
index 27a79b4d0e..b88e837db1 100644
--- a/mdop/agpm/restore-a-deleted-gpo.md
+++ b/mdop/agpm/restore-a-deleted-gpo.md
@@ -1,7 +1,7 @@
---
title: Restore a Deleted GPO
description: Restore a Deleted GPO
-author: mjcaparas
+author: dansimp
ms.assetid: e6953296-7b7d-4d1e-ad82-d4a23044cdd7
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/restore-the-archive-from-a-backup-agpm40.md b/mdop/agpm/restore-the-archive-from-a-backup-agpm40.md
index 35d0247a88..40dfa1d821 100644
--- a/mdop/agpm/restore-the-archive-from-a-backup-agpm40.md
+++ b/mdop/agpm/restore-the-archive-from-a-backup-agpm40.md
@@ -1,7 +1,7 @@
---
title: Restore the Archive from a Backup
description: Restore the Archive from a Backup
-author: mjcaparas
+author: dansimp
ms.assetid: b83f6173-a236-4da2-b16e-8df20920d4cc
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/restore-the-archive-from-a-backup.md b/mdop/agpm/restore-the-archive-from-a-backup.md
index 597857d21f..67953e93ac 100644
--- a/mdop/agpm/restore-the-archive-from-a-backup.md
+++ b/mdop/agpm/restore-the-archive-from-a-backup.md
@@ -1,7 +1,7 @@
---
title: Restore the Archive from a Backup
description: Restore the Archive from a Backup
-author: mjcaparas
+author: dansimp
ms.assetid: 49666337-d72c-4e44-99e4-9eb59b2355a9
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/review-gpo-links-agpm30ops.md b/mdop/agpm/review-gpo-links-agpm30ops.md
index f76ec518b9..9871c1b92c 100644
--- a/mdop/agpm/review-gpo-links-agpm30ops.md
+++ b/mdop/agpm/review-gpo-links-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Review GPO Links
description: Review GPO Links
-author: mjcaparas
+author: dansimp
ms.assetid: 5ae95afc-2b89-45cf-916c-efe2d43b2211
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/review-gpo-links-agpm40.md b/mdop/agpm/review-gpo-links-agpm40.md
index 46af2603fc..7485933f68 100644
--- a/mdop/agpm/review-gpo-links-agpm40.md
+++ b/mdop/agpm/review-gpo-links-agpm40.md
@@ -1,7 +1,7 @@
---
title: Review GPO Links
description: Review GPO Links
-author: mjcaparas
+author: dansimp
ms.assetid: 3aaba9da-f0aa-466f-bd1c-49f11d00ea54
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/review-gpo-links.md b/mdop/agpm/review-gpo-links.md
index e0569fce2c..b419911628 100644
--- a/mdop/agpm/review-gpo-links.md
+++ b/mdop/agpm/review-gpo-links.md
@@ -1,7 +1,7 @@
---
title: Review GPO Links
description: Review GPO Links
-author: mjcaparas
+author: dansimp
ms.assetid: 3c472448-f16a-493c-a229-5ca60a470965
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/review-gpo-settings-agpm30ops.md b/mdop/agpm/review-gpo-settings-agpm30ops.md
index 5568f18e0f..6c569b8d1b 100644
--- a/mdop/agpm/review-gpo-settings-agpm30ops.md
+++ b/mdop/agpm/review-gpo-settings-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Review GPO Settings
description: Review GPO Settings
-author: mjcaparas
+author: dansimp
ms.assetid: bed956d0-082e-4fa9-bf1e-572d0d3d02ec
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/review-gpo-settings-agpm40.md b/mdop/agpm/review-gpo-settings-agpm40.md
index 2b24c18e22..77e60f42cc 100644
--- a/mdop/agpm/review-gpo-settings-agpm40.md
+++ b/mdop/agpm/review-gpo-settings-agpm40.md
@@ -1,7 +1,7 @@
---
title: Review GPO Settings
description: Review GPO Settings
-author: mjcaparas
+author: dansimp
ms.assetid: c346bcde-dd6a-4775-aeab-721ca3a361b2
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/review-gpo-settings.md b/mdop/agpm/review-gpo-settings.md
index 406ad65b0c..952c2ac544 100644
--- a/mdop/agpm/review-gpo-settings.md
+++ b/mdop/agpm/review-gpo-settings.md
@@ -1,7 +1,7 @@
---
title: Review GPO Settings
description: Review GPO Settings
-author: mjcaparas
+author: dansimp
ms.assetid: e82570b2-d8ce-4bf0-8ad7-8910409f3041
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/roll-back-to-a-previous-version-of-a-gpo-agpm30ops.md b/mdop/agpm/roll-back-to-a-previous-version-of-a-gpo-agpm30ops.md
index 14901c7456..f9c5735347 100644
--- a/mdop/agpm/roll-back-to-a-previous-version-of-a-gpo-agpm30ops.md
+++ b/mdop/agpm/roll-back-to-a-previous-version-of-a-gpo-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Roll Back to a Previous Version of a GPO
description: Roll Back to a Previous Version of a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 2a98ad8f-32cb-41eb-ab99-0318f2a55d81
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/roll-back-to-a-previous-version-of-a-gpo.md b/mdop/agpm/roll-back-to-a-previous-version-of-a-gpo.md
index 2363f2055b..7068147b6c 100644
--- a/mdop/agpm/roll-back-to-a-previous-version-of-a-gpo.md
+++ b/mdop/agpm/roll-back-to-a-previous-version-of-a-gpo.md
@@ -1,7 +1,7 @@
---
title: Roll Back to a Previous Version of a GPO
description: Roll Back to a Previous Version of a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 028631c0-4cb9-4642-90ad-04cd813051b7
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/roll-back-to-an-earlier-version-of-a-gpo-agpm40.md b/mdop/agpm/roll-back-to-an-earlier-version-of-a-gpo-agpm40.md
index 5a9b000943..3df03b1ccd 100644
--- a/mdop/agpm/roll-back-to-an-earlier-version-of-a-gpo-agpm40.md
+++ b/mdop/agpm/roll-back-to-an-earlier-version-of-a-gpo-agpm40.md
@@ -1,7 +1,7 @@
---
title: Roll Back to an Earlier Version of a GPO
description: Roll Back to an Earlier Version of a GPO
-author: mjcaparas
+author: dansimp
ms.assetid: 06ce9251-95e0-46d0-99c2-b9a0690e5891
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/search-and-filter-the-list-of-gpos.md b/mdop/agpm/search-and-filter-the-list-of-gpos.md
index 51af8002eb..1ad003bf5a 100644
--- a/mdop/agpm/search-and-filter-the-list-of-gpos.md
+++ b/mdop/agpm/search-and-filter-the-list-of-gpos.md
@@ -1,7 +1,7 @@
---
title: Search and Filter the List of GPOs
description: Search and Filter the List of GPOs
-author: mjcaparas
+author: dansimp
ms.assetid: 1bc58a38-033c-4aed-9eb4-c239827f5501
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/set-a-default-template-agpm30ops.md b/mdop/agpm/set-a-default-template-agpm30ops.md
index aab61140e4..05832f8ef0 100644
--- a/mdop/agpm/set-a-default-template-agpm30ops.md
+++ b/mdop/agpm/set-a-default-template-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Set a Default Template
description: Set a Default Template
-author: mjcaparas
+author: dansimp
ms.assetid: 84edbd69-451b-4c10-a898-781d4b75d09c
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/set-a-default-template-agpm40.md b/mdop/agpm/set-a-default-template-agpm40.md
index 68c165be29..4369a82870 100644
--- a/mdop/agpm/set-a-default-template-agpm40.md
+++ b/mdop/agpm/set-a-default-template-agpm40.md
@@ -1,7 +1,7 @@
---
title: Set a Default Template
description: Set a Default Template
-author: mjcaparas
+author: dansimp
ms.assetid: 07208b6b-cb3a-4f6c-9c84-36d4dc1486d8
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/set-a-default-template.md b/mdop/agpm/set-a-default-template.md
index 354b961123..8386ca2b9c 100644
--- a/mdop/agpm/set-a-default-template.md
+++ b/mdop/agpm/set-a-default-template.md
@@ -1,7 +1,7 @@
---
title: Set a Default Template
description: Set a Default Template
-author: mjcaparas
+author: dansimp
ms.assetid: e0acf980-437f-4357-b237-298aaebe490d
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/start-and-stop-the-agpm-service-agpm30ops.md b/mdop/agpm/start-and-stop-the-agpm-service-agpm30ops.md
index bd04d77d92..93d74f5f37 100644
--- a/mdop/agpm/start-and-stop-the-agpm-service-agpm30ops.md
+++ b/mdop/agpm/start-and-stop-the-agpm-service-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Start and Stop the AGPM Service
description: Start and Stop the AGPM Service
-author: mjcaparas
+author: dansimp
ms.assetid: b9d26920-c439-4992-9a78-73e4fba8309d
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/start-and-stop-the-agpm-service-agpm40.md b/mdop/agpm/start-and-stop-the-agpm-service-agpm40.md
index 7d19498e83..533b33af92 100644
--- a/mdop/agpm/start-and-stop-the-agpm-service-agpm40.md
+++ b/mdop/agpm/start-and-stop-the-agpm-service-agpm40.md
@@ -1,7 +1,7 @@
---
title: Start and Stop the AGPM Service
description: Start and Stop the AGPM Service
-author: mjcaparas
+author: dansimp
ms.assetid: dcc9566c-c515-4fbe-b7f5-8ac030141307
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/start-and-stop-the-agpm-service.md b/mdop/agpm/start-and-stop-the-agpm-service.md
index 05cb3f8cc5..3dbf704495 100644
--- a/mdop/agpm/start-and-stop-the-agpm-service.md
+++ b/mdop/agpm/start-and-stop-the-agpm-service.md
@@ -1,7 +1,7 @@
---
title: Start and Stop the AGPM Service
description: Start and Stop the AGPM Service
-author: mjcaparas
+author: dansimp
ms.assetid: 769aa0ce-224a-446f-9958-9518af4ad159
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-25.md b/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-25.md
index b41ee4e572..fbeee131b7 100644
--- a/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-25.md
+++ b/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-25.md
@@ -1,7 +1,7 @@
---
title: Step-by-Step Guide for Microsoft Advanced Group Policy Management 2.5
description: Step-by-Step Guide for Microsoft Advanced Group Policy Management 2.5
-author: mjcaparas
+author: dansimp
ms.assetid: 454298c9-0fab-497a-9808-c0246a4c8db5
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-30.md b/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-30.md
index d593fc9011..63df928e4f 100644
--- a/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-30.md
+++ b/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-30.md
@@ -1,7 +1,7 @@
---
title: Step-by-Step Guide for Microsoft Advanced Group Policy Management 3.0
description: Step-by-Step Guide for Microsoft Advanced Group Policy Management 3.0
-author: mjcaparas
+author: dansimp
ms.assetid: d067f465-d7c8-4f6d-b311-66b9b06874f7
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-40.md b/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-40.md
index 090949bb7e..05228f0a31 100644
--- a/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-40.md
+++ b/mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-40.md
@@ -1,7 +1,7 @@
---
title: Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0
description: Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0
-author: mjcaparas
+author: dansimp
ms.assetid: dc6f9b16-b1d4-48f3-88bb-f29301f0131c
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/technical-overview-of-agpm.md b/mdop/agpm/technical-overview-of-agpm.md
index 9f7a7d14d8..8a6b243011 100644
--- a/mdop/agpm/technical-overview-of-agpm.md
+++ b/mdop/agpm/technical-overview-of-agpm.md
@@ -1,7 +1,7 @@
---
title: Technical Overview of AGPM
description: Technical Overview of AGPM
-author: mjcaparas
+author: dansimp
ms.assetid: 36bc0ab5-f752-474c-8559-721ea95169c2
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/template-commands-agpm30ops.md b/mdop/agpm/template-commands-agpm30ops.md
index d0d078ee41..046c815f0c 100644
--- a/mdop/agpm/template-commands-agpm30ops.md
+++ b/mdop/agpm/template-commands-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Template Commands
description: Template Commands
-author: mjcaparas
+author: dansimp
ms.assetid: 2ec11b3f-0c5c-4788-97bd-bd4bf64ba51a
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/template-commands-agpm40.md b/mdop/agpm/template-commands-agpm40.md
index ab77542a14..d8a5c7af94 100644
--- a/mdop/agpm/template-commands-agpm40.md
+++ b/mdop/agpm/template-commands-agpm40.md
@@ -1,7 +1,7 @@
---
title: Template Commands
description: Template Commands
-author: mjcaparas
+author: dansimp
ms.assetid: 243a9b18-bf3f-44fa-94d7-5c793f7322da
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/templates-tab.md b/mdop/agpm/templates-tab.md
index 6c6a7e617d..ff01b1c77f 100644
--- a/mdop/agpm/templates-tab.md
+++ b/mdop/agpm/templates-tab.md
@@ -1,7 +1,7 @@
---
title: Templates Tab
description: Templates Tab
-author: mjcaparas
+author: dansimp
ms.assetid: 5676e9f9-eb52-49e1-a55d-15c1059af368
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/test-a-gpo-in-a-separate-organizational-unit-agpm40.md b/mdop/agpm/test-a-gpo-in-a-separate-organizational-unit-agpm40.md
index 7eebcfe46c..5770353813 100644
--- a/mdop/agpm/test-a-gpo-in-a-separate-organizational-unit-agpm40.md
+++ b/mdop/agpm/test-a-gpo-in-a-separate-organizational-unit-agpm40.md
@@ -1,7 +1,7 @@
---
title: Test a GPO in a Separate Organizational Unit
description: Test a GPO in a Separate Organizational Unit
-author: mjcaparas
+author: dansimp
ms.assetid: 9a9e6d22-74e6-41d8-ac2f-12a1b76ad5a0
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/troubleshooting-advanced-group-policy-management-agpm30ops.md b/mdop/agpm/troubleshooting-advanced-group-policy-management-agpm30ops.md
index 9cfdbb49f9..85beacad4b 100644
--- a/mdop/agpm/troubleshooting-advanced-group-policy-management-agpm30ops.md
+++ b/mdop/agpm/troubleshooting-advanced-group-policy-management-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Troubleshooting Advanced Group Policy Management
description: Troubleshooting Advanced Group Policy Management
-author: mjcaparas
+author: dansimp
ms.assetid: f7ece97c-e9f8-4b18-8c7a-a615c98d5c60
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/troubleshooting-advanced-group-policy-management.md b/mdop/agpm/troubleshooting-advanced-group-policy-management.md
index 17e6a15981..eef7bb66d5 100644
--- a/mdop/agpm/troubleshooting-advanced-group-policy-management.md
+++ b/mdop/agpm/troubleshooting-advanced-group-policy-management.md
@@ -1,7 +1,7 @@
---
title: Troubleshooting Advanced Group Policy Management
description: Troubleshooting Advanced Group Policy Management
-author: mjcaparas
+author: dansimp
ms.assetid: f58849cf-6c5b-44d8-b356-0ed7a5b24cee
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/troubleshooting-agpm-agpm40.md b/mdop/agpm/troubleshooting-agpm-agpm40.md
index a714041c6c..937da5a8bb 100644
--- a/mdop/agpm/troubleshooting-agpm-agpm40.md
+++ b/mdop/agpm/troubleshooting-agpm-agpm40.md
@@ -1,7 +1,7 @@
---
title: Troubleshooting AGPM
description: Troubleshooting AGPM
-author: mjcaparas
+author: dansimp
ms.assetid: bedcd817-beb2-47bf-aebd-e3923c4fd06f
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/troubleshooting-agpm40-upgrades.md b/mdop/agpm/troubleshooting-agpm40-upgrades.md
index a1b6663214..90e2ca7e1d 100644
--- a/mdop/agpm/troubleshooting-agpm40-upgrades.md
+++ b/mdop/agpm/troubleshooting-agpm40-upgrades.md
@@ -1,7 +1,7 @@
---
title: Troubleshooting AGPM Upgrades
description: Troubleshooting AGPM Upgrades
-author: jedodson
+author: dansimp
ms.assetid: 1abbf0c1-fd32-46a8-a3ba-c005f066523d
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/uncontrolled-gpo-commands-agpm30ops.md b/mdop/agpm/uncontrolled-gpo-commands-agpm30ops.md
index 63d79386b6..c371132ecd 100644
--- a/mdop/agpm/uncontrolled-gpo-commands-agpm30ops.md
+++ b/mdop/agpm/uncontrolled-gpo-commands-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Uncontrolled GPO Commands
description: Uncontrolled GPO Commands
-author: mjcaparas
+author: dansimp
ms.assetid: 94c07b09-cb96-4ff2-b963-b25f103e73e9
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/uncontrolled-gpo-commands-agpm40.md b/mdop/agpm/uncontrolled-gpo-commands-agpm40.md
index 81b96fa77a..4039771a91 100644
--- a/mdop/agpm/uncontrolled-gpo-commands-agpm40.md
+++ b/mdop/agpm/uncontrolled-gpo-commands-agpm40.md
@@ -1,7 +1,7 @@
---
title: Uncontrolled GPO Commands
description: Uncontrolled GPO Commands
-author: mjcaparas
+author: dansimp
ms.assetid: 05a8050f-adc3-465b-8524-bbe95745165c
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/uncontrolled-tab.md b/mdop/agpm/uncontrolled-tab.md
index 92f967b4c2..209267d4d1 100644
--- a/mdop/agpm/uncontrolled-tab.md
+++ b/mdop/agpm/uncontrolled-tab.md
@@ -1,7 +1,7 @@
---
title: Uncontrolled Tab
description: Uncontrolled Tab
-author: mjcaparas
+author: dansimp
ms.assetid: d7e658bf-a72b-4813-bdc8-2fdb7251e742
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/use-a-test-environment-agpm30ops.md b/mdop/agpm/use-a-test-environment-agpm30ops.md
index 02be96d42b..191a0368bf 100644
--- a/mdop/agpm/use-a-test-environment-agpm30ops.md
+++ b/mdop/agpm/use-a-test-environment-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: Use a Test Environment
description: Use a Test Environment
-author: mjcaparas
+author: dansimp
ms.assetid: 86295084-b39e-4040-bb3f-15c3c1e99b1a
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/use-a-test-environment.md b/mdop/agpm/use-a-test-environment.md
index 42f74a29ce..7ceb7db026 100644
--- a/mdop/agpm/use-a-test-environment.md
+++ b/mdop/agpm/use-a-test-environment.md
@@ -1,7 +1,7 @@
---
title: Use a Test Environment
description: Use a Test Environment
-author: mjcaparas
+author: dansimp
ms.assetid: b8d7b3ee-030a-4b5b-8223-4a3276fd47a7
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/user-interface-advanced-group-policy-management-agpm30ops.md b/mdop/agpm/user-interface-advanced-group-policy-management-agpm30ops.md
index 1fc220154a..ec24e0f6b9 100644
--- a/mdop/agpm/user-interface-advanced-group-policy-management-agpm30ops.md
+++ b/mdop/agpm/user-interface-advanced-group-policy-management-agpm30ops.md
@@ -1,7 +1,7 @@
---
title: User Interface Advanced Group Policy Management
description: User Interface Advanced Group Policy Management
-author: mjcaparas
+author: dansimp
ms.assetid: 19aab694-8283-4d97-9425-1845404b461f
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/user-interface-advanced-group-policy-management-agpm40.md b/mdop/agpm/user-interface-advanced-group-policy-management-agpm40.md
index db917b9080..4dea408268 100644
--- a/mdop/agpm/user-interface-advanced-group-policy-management-agpm40.md
+++ b/mdop/agpm/user-interface-advanced-group-policy-management-agpm40.md
@@ -1,7 +1,7 @@
---
title: User Interface Advanced Group Policy Management
description: User Interface Advanced Group Policy Management
-author: mjcaparas
+author: dansimp
ms.assetid: 1bf67f6a-4f24-4020-a8c1-fe440de9caa3
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/user-interface-advanced-group-policy-management.md b/mdop/agpm/user-interface-advanced-group-policy-management.md
index 2ab508b6ad..df9a57c840 100644
--- a/mdop/agpm/user-interface-advanced-group-policy-management.md
+++ b/mdop/agpm/user-interface-advanced-group-policy-management.md
@@ -1,7 +1,7 @@
---
title: User Interface Advanced Group Policy Management
description: User Interface Advanced Group Policy Management
-author: mjcaparas
+author: dansimp
ms.assetid: 73324c99-adca-46dc-b516-ef78b7235f59
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/using-a-test-environment.md b/mdop/agpm/using-a-test-environment.md
index 0b9b47d7e4..e85967ce48 100644
--- a/mdop/agpm/using-a-test-environment.md
+++ b/mdop/agpm/using-a-test-environment.md
@@ -1,7 +1,7 @@
---
title: Using a Test Environment
description: Using a Test Environment
-author: mjcaparas
+author: dansimp
ms.assetid: fc5fcc7c-1ac8-483a-a6bd-2279ae2ee3fb
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/whats-new-in-agpm-30.md b/mdop/agpm/whats-new-in-agpm-30.md
index 5d83cee0ba..65ef1f96ca 100644
--- a/mdop/agpm/whats-new-in-agpm-30.md
+++ b/mdop/agpm/whats-new-in-agpm-30.md
@@ -1,7 +1,7 @@
---
title: What's New in AGPM 3.0
description: What's New in AGPM 3.0
-author: mjcaparas
+author: dansimp
ms.assetid: 0d082b86-63c5-45ce-9529-6e5f37254f9d
ms.reviewer:
manager: dansimp
diff --git a/mdop/agpm/whats-new-in-agpm-40-sp3.md b/mdop/agpm/whats-new-in-agpm-40-sp3.md
index 4e65034c54..dbe0512e16 100644
--- a/mdop/agpm/whats-new-in-agpm-40-sp3.md
+++ b/mdop/agpm/whats-new-in-agpm-40-sp3.md
@@ -30,7 +30,7 @@ AGPM 4.0 SP3 adds support for the Windows 10 and Windows Server 2016 operating
### Support for PowerShell
-AGPM 4.0 SP3 adds support for PowerShell cmdlets. For a list of the cmdlets available in AGPM 4.0 SP3, including descriptions and syntax, see [Microsoft Desktop Optimization Pack Automation with Windows PowerShell](https://technet.microsoft.com/library/dn520245.aspx).
+AGPM 4.0 SP3 adds support for PowerShell cmdlets. For a list of the cmdlets available in AGPM 4.0 SP3, including descriptions and syntax, see [Microsoft Desktop Optimization Pack Automation with Windows PowerShell](https://docs.microsoft.com/powershell/mdop/get-started?view=win-mdop2-ps).
### Customer feedback and hotfix rollup
diff --git a/mdop/appv-v4/about-app-v-package-accelerators--app-v-46-sp1-.md b/mdop/appv-v4/about-app-v-package-accelerators--app-v-46-sp1-.md
index 5d1c399e81..e162df6f9b 100644
--- a/mdop/appv-v4/about-app-v-package-accelerators--app-v-46-sp1-.md
+++ b/mdop/appv-v4/about-app-v-package-accelerators--app-v-46-sp1-.md
@@ -1,7 +1,7 @@
---
title: About App-V Package Accelerators (App-V 4.6 SP1)
description: About App-V Package Accelerators (App-V 4.6 SP1)
-author: manikadhiman
+author: dansimp
ms.assetid: fc2d2375-8f17-4a6d-b374-771cb947cb8c
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-modify-a-virtual-application-package--app-v-46-.md b/mdop/appv-v4/how-to-modify-a-virtual-application-package--app-v-46-.md
index b3286dd1fd..0809dc55d0 100644
--- a/mdop/appv-v4/how-to-modify-a-virtual-application-package--app-v-46-.md
+++ b/mdop/appv-v4/how-to-modify-a-virtual-application-package--app-v-46-.md
@@ -1,7 +1,7 @@
---
title: How to Modify a Virtual Application Package (App-V 4.6)
description: How to Modify a Virtual Application Package (App-V 4.6)
-author: eavena
+author: dansimp
ms.assetid: 346ec470-3822-48a7-95e7-61f46eb38dc2
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-modify-file-mapping-information.md b/mdop/appv-v4/how-to-modify-file-mapping-information.md
index bd04938de3..edbae8f8d9 100644
--- a/mdop/appv-v4/how-to-modify-file-mapping-information.md
+++ b/mdop/appv-v4/how-to-modify-file-mapping-information.md
@@ -1,7 +1,7 @@
---
title: How to Modify File-Mapping Information
description: How to Modify File-Mapping Information
-author: eavena
+author: dansimp
ms.assetid: d3a9d10a-6cc8-4399-9479-b20f729c4dd9
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-modify-private-key-permissions-to-support-management-server-or-streaming-server.md b/mdop/appv-v4/how-to-modify-private-key-permissions-to-support-management-server-or-streaming-server.md
index c6af207c9b..abaea1f0a2 100644
--- a/mdop/appv-v4/how-to-modify-private-key-permissions-to-support-management-server-or-streaming-server.md
+++ b/mdop/appv-v4/how-to-modify-private-key-permissions-to-support-management-server-or-streaming-server.md
@@ -1,7 +1,7 @@
---
title: How to Modify Private Key Permissions to Support Management Server or Streaming Server
description: How to Modify Private Key Permissions to Support Management Server or Streaming Server
-author: eavena
+author: dansimp
ms.assetid: 1ebe86fa-0fbc-4512-aebc-0a5da991cd43
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-modify-the-files-included-in-a-package.md b/mdop/appv-v4/how-to-modify-the-files-included-in-a-package.md
index dabbe47a97..210316d6fe 100644
--- a/mdop/appv-v4/how-to-modify-the-files-included-in-a-package.md
+++ b/mdop/appv-v4/how-to-modify-the-files-included-in-a-package.md
@@ -1,7 +1,7 @@
---
title: How to Modify the Files Included in a Package
description: How to Modify the Files Included in a Package
-author: eavena
+author: dansimp
ms.assetid: e331ac85-1c9c-49be-9d96-5444de38fd56
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-modify-the-location-of-the-log-directory.md b/mdop/appv-v4/how-to-modify-the-location-of-the-log-directory.md
index c3428e4556..0e8236a077 100644
--- a/mdop/appv-v4/how-to-modify-the-location-of-the-log-directory.md
+++ b/mdop/appv-v4/how-to-modify-the-location-of-the-log-directory.md
@@ -1,7 +1,7 @@
---
title: How to Modify the Location of the Log Directory
description: How to Modify the Location of the Log Directory
-author: eavena
+author: dansimp
ms.assetid: 8e222d29-6f58-43bb-9ea7-da9a2ebfa48c
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-modify-the-location-of-the-scratch-directory.md b/mdop/appv-v4/how-to-modify-the-location-of-the-scratch-directory.md
index 09e46293f9..3b1dea1dc4 100644
--- a/mdop/appv-v4/how-to-modify-the-location-of-the-scratch-directory.md
+++ b/mdop/appv-v4/how-to-modify-the-location-of-the-scratch-directory.md
@@ -1,7 +1,7 @@
---
title: How to Modify the Location of the Scratch Directory
description: How to Modify the Location of the Scratch Directory
-author: eavena
+author: dansimp
ms.assetid: 25ebc2fa-d532-4800-9825-9d08306fc2e0
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-modify-the-log-directory-location.md b/mdop/appv-v4/how-to-modify-the-log-directory-location.md
index f02e8c4638..19fda7f044 100644
--- a/mdop/appv-v4/how-to-modify-the-log-directory-location.md
+++ b/mdop/appv-v4/how-to-modify-the-log-directory-location.md
@@ -1,7 +1,7 @@
---
title: How to Modify the Log Directory Location
description: How to Modify the Log Directory Location
-author: eavena
+author: dansimp
ms.assetid: 203c674f-8d46-4d42-9af0-245a2681fc0f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-modify-the-operating-systems-associated-with-an-existing-windows-installer-file.md b/mdop/appv-v4/how-to-modify-the-operating-systems-associated-with-an-existing-windows-installer-file.md
index e331c63e11..2fe4f2b3c2 100644
--- a/mdop/appv-v4/how-to-modify-the-operating-systems-associated-with-an-existing-windows-installer-file.md
+++ b/mdop/appv-v4/how-to-modify-the-operating-systems-associated-with-an-existing-windows-installer-file.md
@@ -1,7 +1,7 @@
---
title: How to Modify the Operating Systems Associated With an Existing Windows Installer File
description: How to Modify the Operating Systems Associated With an Existing Windows Installer File
-author: eavena
+author: dansimp
ms.assetid: 0633f7e2-aebf-4e00-be02-35bc59dec420
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-modify-the-scratch-directory-location.md b/mdop/appv-v4/how-to-modify-the-scratch-directory-location.md
index 325ec1b929..fdcc89e4df 100644
--- a/mdop/appv-v4/how-to-modify-the-scratch-directory-location.md
+++ b/mdop/appv-v4/how-to-modify-the-scratch-directory-location.md
@@ -1,7 +1,7 @@
---
title: How to Modify the Scratch Directory Location
description: How to Modify the Scratch Directory Location
-author: eavena
+author: dansimp
ms.assetid: 61ecb379-85be-4316-8023-a2c1811504e5
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-modify-virtual-registry-key-information.md b/mdop/appv-v4/how-to-modify-virtual-registry-key-information.md
index 4d0979f07c..c7f20c2042 100644
--- a/mdop/appv-v4/how-to-modify-virtual-registry-key-information.md
+++ b/mdop/appv-v4/how-to-modify-virtual-registry-key-information.md
@@ -1,7 +1,7 @@
---
title: How to Modify Virtual Registry Key Information
description: How to Modify Virtual Registry Key Information
-author: eavena
+author: dansimp
ms.assetid: cf2559f2-a8cc-4fc7-916e-8368843c7ebc
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-move-an-application-group.md b/mdop/appv-v4/how-to-move-an-application-group.md
index dc8b8b117a..1995381961 100644
--- a/mdop/appv-v4/how-to-move-an-application-group.md
+++ b/mdop/appv-v4/how-to-move-an-application-group.md
@@ -1,7 +1,7 @@
---
title: How to Move an Application Group
description: How to Move an Application Group
-author: eavena
+author: dansimp
ms.assetid: 7f9f9f2e-f394-4ad3-8615-4237a7dcfb95
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-move-an-application.md b/mdop/appv-v4/how-to-move-an-application.md
index 1ddecfd3b0..d99811eea8 100644
--- a/mdop/appv-v4/how-to-move-an-application.md
+++ b/mdop/appv-v4/how-to-move-an-application.md
@@ -1,7 +1,7 @@
---
title: How to Move an Application
description: How to Move an Application
-author: eavena
+author: dansimp
ms.assetid: 3ebbf30c-b435-4a69-a0ba-2313aaf0017c
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-open-a-sequenced-application-using-the-command-line.md b/mdop/appv-v4/how-to-open-a-sequenced-application-using-the-command-line.md
index 69ea2fdaa3..c060c24575 100644
--- a/mdop/appv-v4/how-to-open-a-sequenced-application-using-the-command-line.md
+++ b/mdop/appv-v4/how-to-open-a-sequenced-application-using-the-command-line.md
@@ -1,7 +1,7 @@
---
title: How to Open a Sequenced Application Using the Command Line
description: How to Open a Sequenced Application Using the Command Line
-author: eavena
+author: dansimp
ms.assetid: dc23ee65-8aea-470e-bb3f-a2f2b06cb241
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-perform-administrative-tasks-in-the-application-virtualization-server-management-console.md b/mdop/appv-v4/how-to-perform-administrative-tasks-in-the-application-virtualization-server-management-console.md
index 7b74cd7b09..9391a45aeb 100644
--- a/mdop/appv-v4/how-to-perform-administrative-tasks-in-the-application-virtualization-server-management-console.md
+++ b/mdop/appv-v4/how-to-perform-administrative-tasks-in-the-application-virtualization-server-management-console.md
@@ -1,7 +1,7 @@
---
title: How to Perform Administrative Tasks in the Application Virtualization Server Management Console
description: How to Perform Administrative Tasks in the Application Virtualization Server Management Console
-author: eavena
+author: dansimp
ms.assetid: b80e39eb-4b2a-4f66-8c85-dd5712efed33
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-perform-general-administrative-tasks-in-the-app-v-client-management-console.md b/mdop/appv-v4/how-to-perform-general-administrative-tasks-in-the-app-v-client-management-console.md
index 78618cb92e..3870ab64ff 100644
--- a/mdop/appv-v4/how-to-perform-general-administrative-tasks-in-the-app-v-client-management-console.md
+++ b/mdop/appv-v4/how-to-perform-general-administrative-tasks-in-the-app-v-client-management-console.md
@@ -1,7 +1,7 @@
---
title: How to Perform General Administrative Tasks in the App-V Client Management Console
description: How to Perform General Administrative Tasks in the App-V Client Management Console
-author: eavena
+author: dansimp
ms.assetid: 22abdb1e-ab35-440d-bf74-d358dd1a6558
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-perform-general-administrative-tasks-in-the-client-management-console.md b/mdop/appv-v4/how-to-perform-general-administrative-tasks-in-the-client-management-console.md
index 129c4c2058..5d4925fc05 100644
--- a/mdop/appv-v4/how-to-perform-general-administrative-tasks-in-the-client-management-console.md
+++ b/mdop/appv-v4/how-to-perform-general-administrative-tasks-in-the-client-management-console.md
@@ -1,7 +1,7 @@
---
title: How to Perform General Administrative Tasks in the Client Management Console
description: How to Perform General Administrative Tasks in the Client Management Console
-author: eavena
+author: dansimp
ms.assetid: 90bb7101-1075-4654-8a5e-ad08374e381f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-print-a-reportserver.md b/mdop/appv-v4/how-to-print-a-reportserver.md
index c3407cc14a..df30ae8d2e 100644
--- a/mdop/appv-v4/how-to-print-a-reportserver.md
+++ b/mdop/appv-v4/how-to-print-a-reportserver.md
@@ -1,7 +1,7 @@
---
title: How to Print a Report
description: How to Print a Report
-author: eavena
+author: dansimp
ms.assetid: 9cb3a2f1-69bf-47b2-b2cf-8afdcd77138f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-publish-a-virtual-application-on-the-client.md b/mdop/appv-v4/how-to-publish-a-virtual-application-on-the-client.md
index 9a3d19e2a1..be85378bb4 100644
--- a/mdop/appv-v4/how-to-publish-a-virtual-application-on-the-client.md
+++ b/mdop/appv-v4/how-to-publish-a-virtual-application-on-the-client.md
@@ -1,7 +1,7 @@
---
title: How to Publish a Virtual Application on the Client
description: How to Publish a Virtual Application on the Client
-author: eavena
+author: dansimp
ms.assetid: 90af843e-b5b3-4a71-a3a1-fa5f4c087f28
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-publish-application-shortcuts.md b/mdop/appv-v4/how-to-publish-application-shortcuts.md
index 25b4335a06..9ba0f5d68e 100644
--- a/mdop/appv-v4/how-to-publish-application-shortcuts.md
+++ b/mdop/appv-v4/how-to-publish-application-shortcuts.md
@@ -1,7 +1,7 @@
---
title: How to Publish Application Shortcuts
description: How to Publish Application Shortcuts
-author: eavena
+author: dansimp
ms.assetid: fc5efe86-1bbe-438b-b7d8-4f9b815cc58e
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-refresh-the-publishing-servers.md b/mdop/appv-v4/how-to-refresh-the-publishing-servers.md
index c1f6550d87..9f7be22717 100644
--- a/mdop/appv-v4/how-to-refresh-the-publishing-servers.md
+++ b/mdop/appv-v4/how-to-refresh-the-publishing-servers.md
@@ -1,7 +1,7 @@
---
title: How to Refresh the Publishing Servers
description: How to Refresh the Publishing Servers
-author: eavena
+author: dansimp
ms.assetid: 92e1d7b0-10ee-4531-9049-1056b44934e2
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-refresh-virtual-applications-from-the-desktop-notification-area.md b/mdop/appv-v4/how-to-refresh-virtual-applications-from-the-desktop-notification-area.md
index 9d197bf99f..ef2d00371a 100644
--- a/mdop/appv-v4/how-to-refresh-virtual-applications-from-the-desktop-notification-area.md
+++ b/mdop/appv-v4/how-to-refresh-virtual-applications-from-the-desktop-notification-area.md
@@ -1,7 +1,7 @@
---
title: How to Refresh Virtual Applications from the Desktop Notification Area
description: How to Refresh Virtual Applications from the Desktop Notification Area
-author: eavena
+author: dansimp
ms.assetid: 801610d9-e89c-48bb-972c-20e37b945a02
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-remove-a-package-by-using-the-command-line.md b/mdop/appv-v4/how-to-remove-a-package-by-using-the-command-line.md
index 09098690cf..88540f333d 100644
--- a/mdop/appv-v4/how-to-remove-a-package-by-using-the-command-line.md
+++ b/mdop/appv-v4/how-to-remove-a-package-by-using-the-command-line.md
@@ -1,7 +1,7 @@
---
title: How to Remove a Package by Using the Command Line
description: How to Remove a Package by Using the Command Line
-author: eavena
+author: dansimp
ms.assetid: 47697ec7-20e5-4258-8865-a0a710d41d5a
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-remove-a-server-group.md b/mdop/appv-v4/how-to-remove-a-server-group.md
index f29d802d3f..008a1a8d1e 100644
--- a/mdop/appv-v4/how-to-remove-a-server-group.md
+++ b/mdop/appv-v4/how-to-remove-a-server-group.md
@@ -1,7 +1,7 @@
---
title: How to Remove a Server Group
description: How to Remove a Server Group
-author: eavena
+author: dansimp
ms.assetid: 3017f4f4-614b-4db4-834c-b6fd9b45f10c
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-remove-a-server.md b/mdop/appv-v4/how-to-remove-a-server.md
index 6bf7d4bcf3..b9d9c56690 100644
--- a/mdop/appv-v4/how-to-remove-a-server.md
+++ b/mdop/appv-v4/how-to-remove-a-server.md
@@ -1,7 +1,7 @@
---
title: How to Remove a Server
description: How to Remove a Server
-author: eavena
+author: dansimp
ms.assetid: afb2a889-733c-4058-9a50-caa2ca10bd58
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-remove-an-application-from-a-license-group.md b/mdop/appv-v4/how-to-remove-an-application-from-a-license-group.md
index b6cf52235b..ef40089f5e 100644
--- a/mdop/appv-v4/how-to-remove-an-application-from-a-license-group.md
+++ b/mdop/appv-v4/how-to-remove-an-application-from-a-license-group.md
@@ -1,7 +1,7 @@
---
title: How to Remove an Application from a License Group
description: How to Remove an Application from a License Group
-author: eavena
+author: dansimp
ms.assetid: 973dfb11-b4d1-4b79-8f6a-aaea3e52b04f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-remove-an-application-group.md b/mdop/appv-v4/how-to-remove-an-application-group.md
index f6be0294c8..f6b2edb65f 100644
--- a/mdop/appv-v4/how-to-remove-an-application-group.md
+++ b/mdop/appv-v4/how-to-remove-an-application-group.md
@@ -1,7 +1,7 @@
---
title: How to Remove an Application Group
description: How to Remove an Application Group
-author: eavena
+author: dansimp
ms.assetid: 3016b373-f5a0-4c82-96e8-e5e7960f0cc4
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-remove-an-application-license-group.md b/mdop/appv-v4/how-to-remove-an-application-license-group.md
index 2ddff90f47..964ff0c24f 100644
--- a/mdop/appv-v4/how-to-remove-an-application-license-group.md
+++ b/mdop/appv-v4/how-to-remove-an-application-license-group.md
@@ -1,7 +1,7 @@
---
title: How to Remove an Application License Group
description: How to Remove an Application License Group
-author: eavena
+author: dansimp
ms.assetid: 35830916-7015-44cd-829b-23599a5029a7
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-remove-the-application-virtualization-system-components.md b/mdop/appv-v4/how-to-remove-the-application-virtualization-system-components.md
index a24a7b50b4..5cc9a8ed29 100644
--- a/mdop/appv-v4/how-to-remove-the-application-virtualization-system-components.md
+++ b/mdop/appv-v4/how-to-remove-the-application-virtualization-system-components.md
@@ -1,7 +1,7 @@
---
title: How to Remove the Application Virtualization System Components
description: How to Remove the Application Virtualization System Components
-author: eavena
+author: dansimp
ms.assetid: 45bb1e43-8708-48b7-9169-e3659f32686f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-rename-an-application-group.md b/mdop/appv-v4/how-to-rename-an-application-group.md
index 572521fe16..6070df5aec 100644
--- a/mdop/appv-v4/how-to-rename-an-application-group.md
+++ b/mdop/appv-v4/how-to-rename-an-application-group.md
@@ -1,7 +1,7 @@
---
title: How to Rename an Application Group
description: How to Rename an Application Group
-author: eavena
+author: dansimp
ms.assetid: 4dfd3336-ea9a-4a56-91e1-7e9d742c7b9a
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-rename-an-application.md b/mdop/appv-v4/how-to-rename-an-application.md
index 4f52a1b300..ca8414d735 100644
--- a/mdop/appv-v4/how-to-rename-an-application.md
+++ b/mdop/appv-v4/how-to-rename-an-application.md
@@ -1,7 +1,7 @@
---
title: How to Rename an Application
description: How to Rename an Application
-author: eavena
+author: dansimp
ms.assetid: 983136b7-66bf-49f6-8dea-8933b622072d
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-repair-an-application.md b/mdop/appv-v4/how-to-repair-an-application.md
index ac189548e4..1ec69efc56 100644
--- a/mdop/appv-v4/how-to-repair-an-application.md
+++ b/mdop/appv-v4/how-to-repair-an-application.md
@@ -1,7 +1,7 @@
---
title: How to Repair an Application
description: How to Repair an Application
-author: eavena
+author: dansimp
ms.assetid: 80b08416-ad86-4ed6-966a-b943e3efb951
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-reset-the-filesystem-cache.md b/mdop/appv-v4/how-to-reset-the-filesystem-cache.md
index c5e745460d..7b8656bf7b 100644
--- a/mdop/appv-v4/how-to-reset-the-filesystem-cache.md
+++ b/mdop/appv-v4/how-to-reset-the-filesystem-cache.md
@@ -1,7 +1,7 @@
---
title: How to Reset the FileSystem Cache
description: How to Reset the FileSystem Cache
-author: eavena
+author: dansimp
ms.assetid: 7777259d-8c21-4c06-9384-9599b69f9828
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-run-a-reportserver.md b/mdop/appv-v4/how-to-run-a-reportserver.md
index 80562c889f..9776829bd2 100644
--- a/mdop/appv-v4/how-to-run-a-reportserver.md
+++ b/mdop/appv-v4/how-to-run-a-reportserver.md
@@ -1,7 +1,7 @@
---
title: How to Run a Report
description: How to Run a Report
-author: eavena
+author: dansimp
ms.assetid: 72a5419b-aa65-4e60-b23e-3751186b7aed
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-sequence-a-new-add-on-or-plug-in-application--app-v-46-sp1-.md b/mdop/appv-v4/how-to-sequence-a-new-add-on-or-plug-in-application--app-v-46-sp1-.md
index acfe510e08..03f65fe5e6 100644
--- a/mdop/appv-v4/how-to-sequence-a-new-add-on-or-plug-in-application--app-v-46-sp1-.md
+++ b/mdop/appv-v4/how-to-sequence-a-new-add-on-or-plug-in-application--app-v-46-sp1-.md
@@ -1,7 +1,7 @@
---
title: How to Sequence a New Add-on or Plug-in Application (App-V 4.6 SP1)
description: How to Sequence a New Add-on or Plug-in Application (App-V 4.6 SP1)
-author: eavena
+author: dansimp
ms.assetid: 2c018215-66e5-4301-8481-159891a6b35b
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-sequence-a-new-application--app-v-46-.md b/mdop/appv-v4/how-to-sequence-a-new-application--app-v-46-.md
index 8ebca67179..887c4f830f 100644
--- a/mdop/appv-v4/how-to-sequence-a-new-application--app-v-46-.md
+++ b/mdop/appv-v4/how-to-sequence-a-new-application--app-v-46-.md
@@ -1,7 +1,7 @@
---
title: How to Sequence a New Application (App-V 4.6)
description: How to Sequence a New Application (App-V 4.6)
-author: eavena
+author: dansimp
ms.assetid: f2c398c6-9200-4be3-b502-e00386fcd150
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-sequence-a-new-application-by-using-the-command-line.md b/mdop/appv-v4/how-to-sequence-a-new-application-by-using-the-command-line.md
index 590210b069..f49dd1afd4 100644
--- a/mdop/appv-v4/how-to-sequence-a-new-application-by-using-the-command-line.md
+++ b/mdop/appv-v4/how-to-sequence-a-new-application-by-using-the-command-line.md
@@ -1,7 +1,7 @@
---
title: How to Sequence a New Application by Using the Command Line
description: How to Sequence a New Application by Using the Command Line
-author: eavena
+author: dansimp
ms.assetid: c3b5c842-6a91-4d0a-9a22-c7b8d1aeb09a
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-sequence-a-new-application-package-using-the-command-line.md b/mdop/appv-v4/how-to-sequence-a-new-application-package-using-the-command-line.md
index 2f8c87b2f6..1d630165c9 100644
--- a/mdop/appv-v4/how-to-sequence-a-new-application-package-using-the-command-line.md
+++ b/mdop/appv-v4/how-to-sequence-a-new-application-package-using-the-command-line.md
@@ -1,7 +1,7 @@
---
title: How to Sequence a New Application Package Using the Command Line
description: How to Sequence a New Application Package Using the Command Line
-author: eavena
+author: dansimp
ms.assetid: de72912b-d9e7-45b5-a601-12528f1a4cac
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-sequence-a-new-application.md b/mdop/appv-v4/how-to-sequence-a-new-application.md
index 93f3d84506..c8207ab688 100644
--- a/mdop/appv-v4/how-to-sequence-a-new-application.md
+++ b/mdop/appv-v4/how-to-sequence-a-new-application.md
@@ -1,7 +1,7 @@
---
title: How to Sequence a New Application
description: How to Sequence a New Application
-author: eavena
+author: dansimp
ms.assetid: e01e98cd-2378-478f-9739-f72c465bf79a
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-sequence-a-new-middleware-application--app-v-46-sp1-.md b/mdop/appv-v4/how-to-sequence-a-new-middleware-application--app-v-46-sp1-.md
index 3ca27b78c7..bfdc11f2aa 100644
--- a/mdop/appv-v4/how-to-sequence-a-new-middleware-application--app-v-46-sp1-.md
+++ b/mdop/appv-v4/how-to-sequence-a-new-middleware-application--app-v-46-sp1-.md
@@ -1,7 +1,7 @@
---
title: How to Sequence a New Middleware Application (App-V 4.6 SP1)
description: How to Sequence a New Middleware Application (App-V 4.6 SP1)
-author: eavena
+author: dansimp
ms.assetid: 304045c2-5e5e-4c91-b59e-a91fdf2500fb
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-sequence-a-new-standard-application--app-v-46-sp1-.md b/mdop/appv-v4/how-to-sequence-a-new-standard-application--app-v-46-sp1-.md
index baf39c7e2c..626781d04d 100644
--- a/mdop/appv-v4/how-to-sequence-a-new-standard-application--app-v-46-sp1-.md
+++ b/mdop/appv-v4/how-to-sequence-a-new-standard-application--app-v-46-sp1-.md
@@ -1,7 +1,7 @@
---
title: How to Sequence a New Standard Application (App-V 4.6 SP1)
description: How to Sequence a New Standard Application (App-V 4.6 SP1)
-author: eavena
+author: dansimp
ms.assetid: c4a2eb33-def8-4535-b93a-3d2de21ce29f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-sequence-an-application.md b/mdop/appv-v4/how-to-sequence-an-application.md
index 119261cce7..0c29bb034a 100644
--- a/mdop/appv-v4/how-to-sequence-an-application.md
+++ b/mdop/appv-v4/how-to-sequence-an-application.md
@@ -1,7 +1,7 @@
---
title: How to Sequence an Application
description: How to Sequence an Application
-author: eavena
+author: dansimp
ms.assetid: bd643dd6-dbf6-4469-bc70-c43ad9c69da9
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-set-up-a-concurrent-license-group.md b/mdop/appv-v4/how-to-set-up-a-concurrent-license-group.md
index ad438383ba..d04fd52b99 100644
--- a/mdop/appv-v4/how-to-set-up-a-concurrent-license-group.md
+++ b/mdop/appv-v4/how-to-set-up-a-concurrent-license-group.md
@@ -1,7 +1,7 @@
---
title: How to Set Up a Concurrent License Group
description: How to Set Up a Concurrent License Group
-author: eavena
+author: dansimp
ms.assetid: 031abcf6-d8ed-49be-bddb-91b2c695d411
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-set-up-a-named-license-group.md b/mdop/appv-v4/how-to-set-up-a-named-license-group.md
index 5779656049..cc23565fe6 100644
--- a/mdop/appv-v4/how-to-set-up-a-named-license-group.md
+++ b/mdop/appv-v4/how-to-set-up-a-named-license-group.md
@@ -1,7 +1,7 @@
---
title: How to Set Up a Named License Group
description: How to Set Up a Named License Group
-author: eavena
+author: dansimp
ms.assetid: 8ef6716c-0cb7-4706-ad3b-ac6f27b2e7ad
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-set-up-an-unlimited-license-group.md b/mdop/appv-v4/how-to-set-up-an-unlimited-license-group.md
index a793a50ed2..5134961bd1 100644
--- a/mdop/appv-v4/how-to-set-up-an-unlimited-license-group.md
+++ b/mdop/appv-v4/how-to-set-up-an-unlimited-license-group.md
@@ -1,7 +1,7 @@
---
title: How to Set Up an Unlimited License Group
description: How to Set Up an Unlimited License Group
-author: eavena
+author: dansimp
ms.assetid: 0c37c7b7-aba9-4c03-9e0e-94c966f874cf
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-set-up-and-enable-or-disable-authentication.md b/mdop/appv-v4/how-to-set-up-and-enable-or-disable-authentication.md
index 45059429b0..153b562d87 100644
--- a/mdop/appv-v4/how-to-set-up-and-enable-or-disable-authentication.md
+++ b/mdop/appv-v4/how-to-set-up-and-enable-or-disable-authentication.md
@@ -1,7 +1,7 @@
---
title: How to Set Up and Enable or Disable Authentication
description: How to Set Up and Enable or Disable Authentication
-author: eavena
+author: dansimp
ms.assetid: 1e43d0c5-a467-4a8b-b656-93f75d7deb82
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-set-up-or-disable-application-licensing.md b/mdop/appv-v4/how-to-set-up-or-disable-application-licensing.md
index 2171c365e1..887f07a118 100644
--- a/mdop/appv-v4/how-to-set-up-or-disable-application-licensing.md
+++ b/mdop/appv-v4/how-to-set-up-or-disable-application-licensing.md
@@ -1,7 +1,7 @@
---
title: How to Set Up or Disable Application Licensing
description: How to Set Up or Disable Application Licensing
-author: eavena
+author: dansimp
ms.assetid: 7c00b531-ec41-4970-b0fc-d84225ce3bb2
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-set-up-or-disable-database-size.md b/mdop/appv-v4/how-to-set-up-or-disable-database-size.md
index 055ff8198c..7c3406d783 100644
--- a/mdop/appv-v4/how-to-set-up-or-disable-database-size.md
+++ b/mdop/appv-v4/how-to-set-up-or-disable-database-size.md
@@ -1,7 +1,7 @@
---
title: How to Set Up or Disable Database Size
description: How to Set Up or Disable Database Size
-author: eavena
+author: dansimp
ms.assetid: 4abaf349-132d-4186-8873-a0e515593b93
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-set-up-or-disable-usage-reporting.md b/mdop/appv-v4/how-to-set-up-or-disable-usage-reporting.md
index 404bc76bd0..3f6ef2f351 100644
--- a/mdop/appv-v4/how-to-set-up-or-disable-usage-reporting.md
+++ b/mdop/appv-v4/how-to-set-up-or-disable-usage-reporting.md
@@ -1,7 +1,7 @@
---
title: How to Set Up or Disable Usage Reporting
description: How to Set Up or Disable Usage Reporting
-author: eavena
+author: dansimp
ms.assetid: 8587003a-128d-4b5d-ac70-5b9eddddd3dc
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-set-up-periodic-publishing-refresh.md b/mdop/appv-v4/how-to-set-up-periodic-publishing-refresh.md
index f069cfa3b6..ca202df73c 100644
--- a/mdop/appv-v4/how-to-set-up-periodic-publishing-refresh.md
+++ b/mdop/appv-v4/how-to-set-up-periodic-publishing-refresh.md
@@ -1,7 +1,7 @@
---
title: How to Set Up Periodic Publishing Refresh
description: How to Set Up Periodic Publishing Refresh
-author: eavena
+author: dansimp
ms.assetid: c358c765-cb88-4881-b4e7-0a2e87304870
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-set-up-publishing-refresh-on-login.md b/mdop/appv-v4/how-to-set-up-publishing-refresh-on-login.md
index a416763534..cea01e5b73 100644
--- a/mdop/appv-v4/how-to-set-up-publishing-refresh-on-login.md
+++ b/mdop/appv-v4/how-to-set-up-publishing-refresh-on-login.md
@@ -1,7 +1,7 @@
---
title: How to Set Up Publishing Refresh on Login
description: How to Set Up Publishing Refresh on Login
-author: eavena
+author: dansimp
ms.assetid: 196448db-7645-4fd5-a854-ef6405b15db4
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-set-up-publishing-servers.md b/mdop/appv-v4/how-to-set-up-publishing-servers.md
index ad41ea0184..4765f6ab56 100644
--- a/mdop/appv-v4/how-to-set-up-publishing-servers.md
+++ b/mdop/appv-v4/how-to-set-up-publishing-servers.md
@@ -1,7 +1,7 @@
---
title: How to Set Up Publishing Servers
description: How to Set Up Publishing Servers
-author: eavena
+author: dansimp
ms.assetid: 2111f079-c202-4c49-b2a6-f4237068b2dc
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-uninstall-the-app-v-client.md b/mdop/appv-v4/how-to-uninstall-the-app-v-client.md
index aa38719ec5..aa1bd12d54 100644
--- a/mdop/appv-v4/how-to-uninstall-the-app-v-client.md
+++ b/mdop/appv-v4/how-to-uninstall-the-app-v-client.md
@@ -1,7 +1,7 @@
---
title: How to Uninstall the App-V Client
description: How to Uninstall the App-V Client
-author: eavena
+author: dansimp
ms.assetid: 07591270-9651-4bb5-a5b3-e0fc009bd9e2
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-upgrade-a-package-using-the-open-package-command.md b/mdop/appv-v4/how-to-upgrade-a-package-using-the-open-package-command.md
index 2285f43d07..4bea07a0e4 100644
--- a/mdop/appv-v4/how-to-upgrade-a-package-using-the-open-package-command.md
+++ b/mdop/appv-v4/how-to-upgrade-a-package-using-the-open-package-command.md
@@ -1,7 +1,7 @@
---
title: How to Upgrade a Package Using the Open Package Command
description: How to Upgrade a Package Using the Open Package Command
-author: eavena
+author: dansimp
ms.assetid: 67c10440-de8a-4547-a34b-f83206d0cc3b
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-upgrade-a-package.md b/mdop/appv-v4/how-to-upgrade-a-package.md
index a2e8150145..f30f2b3781 100644
--- a/mdop/appv-v4/how-to-upgrade-a-package.md
+++ b/mdop/appv-v4/how-to-upgrade-a-package.md
@@ -1,7 +1,7 @@
---
title: How to Upgrade a Package
description: How to Upgrade a Package
-author: eavena
+author: dansimp
ms.assetid: 831c7556-6f6c-4b3a-aefb-26889094dc1a
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-upgrade-a-sequenced-application-package-using-the-command-line.md b/mdop/appv-v4/how-to-upgrade-a-sequenced-application-package-using-the-command-line.md
index 85293d4b7e..09b9ef807e 100644
--- a/mdop/appv-v4/how-to-upgrade-a-sequenced-application-package-using-the-command-line.md
+++ b/mdop/appv-v4/how-to-upgrade-a-sequenced-application-package-using-the-command-line.md
@@ -1,7 +1,7 @@
---
title: How to Upgrade a Sequenced Application Package Using the Command Line
description: How to Upgrade a Sequenced Application Package Using the Command Line
-author: eavena
+author: dansimp
ms.assetid: 682fac46-c71d-4731-831b-81bfd5032764
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-upgrade-a-sequenced-virtual-application-package.md b/mdop/appv-v4/how-to-upgrade-a-sequenced-virtual-application-package.md
index 10086eb8f7..0c229968ed 100644
--- a/mdop/appv-v4/how-to-upgrade-a-sequenced-virtual-application-package.md
+++ b/mdop/appv-v4/how-to-upgrade-a-sequenced-virtual-application-package.md
@@ -1,7 +1,7 @@
---
title: How to Upgrade a Sequenced Virtual Application Package
description: How to Upgrade a Sequenced Virtual Application Package
-author: eavena
+author: dansimp
ms.assetid: ffa989f3-6621-4c59-9599-e3c3b3332f67
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-upgrade-a-virtual-application-by-using-the-command-line.md b/mdop/appv-v4/how-to-upgrade-a-virtual-application-by-using-the-command-line.md
index fcea04d661..4f1adedf14 100644
--- a/mdop/appv-v4/how-to-upgrade-a-virtual-application-by-using-the-command-line.md
+++ b/mdop/appv-v4/how-to-upgrade-a-virtual-application-by-using-the-command-line.md
@@ -1,7 +1,7 @@
---
title: How to Upgrade a Virtual Application by Using the Command Line
description: How to Upgrade a Virtual Application by Using the Command Line
-author: eavena
+author: dansimp
ms.assetid: 83c97767-6ea1-42aa-b411-ccc9fa61cf81
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-upgrade-a-virtual-application-package--app-v-46-.md b/mdop/appv-v4/how-to-upgrade-a-virtual-application-package--app-v-46-.md
index 82e5f8e584..7f4721a9e4 100644
--- a/mdop/appv-v4/how-to-upgrade-a-virtual-application-package--app-v-46-.md
+++ b/mdop/appv-v4/how-to-upgrade-a-virtual-application-package--app-v-46-.md
@@ -1,7 +1,7 @@
---
title: How to Upgrade a Virtual Application Package (App-V 4.6)
description: How to Upgrade a Virtual Application Package (App-V 4.6)
-author: eavena
+author: dansimp
ms.assetid: 3566227e-f3dc-4c32-af1f-e0211588118c
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-upgrade-an-existing-virtual-application.md b/mdop/appv-v4/how-to-upgrade-an-existing-virtual-application.md
index 25e939097f..787c679d5e 100644
--- a/mdop/appv-v4/how-to-upgrade-an-existing-virtual-application.md
+++ b/mdop/appv-v4/how-to-upgrade-an-existing-virtual-application.md
@@ -1,7 +1,7 @@
---
title: How to Upgrade an Existing Virtual Application
description: How to Upgrade an Existing Virtual Application
-author: eavena
+author: dansimp
ms.assetid: ec531576-2423-4c2c-9b9f-da74174a6858
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-upgrade-the-application-virtualization-client.md b/mdop/appv-v4/how-to-upgrade-the-application-virtualization-client.md
index 841dd29209..15ecbedb36 100644
--- a/mdop/appv-v4/how-to-upgrade-the-application-virtualization-client.md
+++ b/mdop/appv-v4/how-to-upgrade-the-application-virtualization-client.md
@@ -1,7 +1,7 @@
---
title: How to Upgrade the Application Virtualization Client
description: How to Upgrade the Application Virtualization Client
-author: eavena
+author: dansimp
ms.assetid: 2a75d8b5-da88-456c-85bb-f5bd3d470f7f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-upgrade-the-application-virtualization-sequencer.md b/mdop/appv-v4/how-to-upgrade-the-application-virtualization-sequencer.md
index 8505528785..5a9dfc32f5 100644
--- a/mdop/appv-v4/how-to-upgrade-the-application-virtualization-sequencer.md
+++ b/mdop/appv-v4/how-to-upgrade-the-application-virtualization-sequencer.md
@@ -1,7 +1,7 @@
---
title: How to Upgrade the Application Virtualization Sequencer
description: How to Upgrade the Application Virtualization Sequencer
-author: eavena
+author: dansimp
ms.assetid: 7f85f140-5034-4227-85ef-81f205e722ef
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-upgrade-the-servers-and-system-components.md b/mdop/appv-v4/how-to-upgrade-the-servers-and-system-components.md
index 07994fd06a..c8e13c8bf9 100644
--- a/mdop/appv-v4/how-to-upgrade-the-servers-and-system-components.md
+++ b/mdop/appv-v4/how-to-upgrade-the-servers-and-system-components.md
@@ -1,7 +1,7 @@
---
title: How to Upgrade the Servers and System Components
description: How to Upgrade the Servers and System Components
-author: eavena
+author: dansimp
ms.assetid: 7d8374fe-5897-452e-923e-556a854b2024
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-use-dynamic-suite-composition.md b/mdop/appv-v4/how-to-use-dynamic-suite-composition.md
index e2c025e1fc..61f69a8ddb 100644
--- a/mdop/appv-v4/how-to-use-dynamic-suite-composition.md
+++ b/mdop/appv-v4/how-to-use-dynamic-suite-composition.md
@@ -1,7 +1,7 @@
---
title: How To Use Dynamic Suite Composition
description: How To Use Dynamic Suite Composition
-author: eavena
+author: dansimp
ms.assetid: 24147feb-a0a8-4791-a8e5-cbe5fe13c762
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-use-the-cache-space-management-feature.md b/mdop/appv-v4/how-to-use-the-cache-space-management-feature.md
index c449a2a051..76e04ddf2f 100644
--- a/mdop/appv-v4/how-to-use-the-cache-space-management-feature.md
+++ b/mdop/appv-v4/how-to-use-the-cache-space-management-feature.md
@@ -1,7 +1,7 @@
---
title: How to Use the Cache Space Management Feature
description: How to Use the Cache Space Management Feature
-author: eavena
+author: dansimp
ms.assetid: 60965660-c015-46a8-88ac-54cbc050fe33
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-use-the-desktop-notification-area-for-application-virtualization-client-management.md b/mdop/appv-v4/how-to-use-the-desktop-notification-area-for-application-virtualization-client-management.md
index ec96967913..6f36531585 100644
--- a/mdop/appv-v4/how-to-use-the-desktop-notification-area-for-application-virtualization-client-management.md
+++ b/mdop/appv-v4/how-to-use-the-desktop-notification-area-for-application-virtualization-client-management.md
@@ -1,7 +1,7 @@
---
title: How to Use the Desktop Notification Area for Application Virtualization Client Management
description: How to Use the Desktop Notification Area for Application Virtualization Client Management
-author: eavena
+author: dansimp
ms.assetid: 75b2e636-7669-4e1e-8368-8b9fca567a84
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-use-the-differential-sft-file.md b/mdop/appv-v4/how-to-use-the-differential-sft-file.md
index 76fe2dc754..bb241b99c4 100644
--- a/mdop/appv-v4/how-to-use-the-differential-sft-file.md
+++ b/mdop/appv-v4/how-to-use-the-differential-sft-file.md
@@ -1,7 +1,7 @@
---
title: How to Use the Differential SFT File
description: How to Use the Differential SFT File
-author: eavena
+author: dansimp
ms.assetid: 607e30fd-2f0e-4e2f-b669-0b3f010aebb0
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/how-to-work-offline-or-online-with-application-virtualization.md b/mdop/appv-v4/how-to-work-offline-or-online-with-application-virtualization.md
index 99672dfe57..0c4b2711ea 100644
--- a/mdop/appv-v4/how-to-work-offline-or-online-with-application-virtualization.md
+++ b/mdop/appv-v4/how-to-work-offline-or-online-with-application-virtualization.md
@@ -1,7 +1,7 @@
---
title: How to Work Offline or Online with Application Virtualization
description: How to Work Offline or Online with Application Virtualization
-author: eavena
+author: dansimp
ms.assetid: aa532b37-8a00-4db4-9b51-e1e8354b2495
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/improving-security-during-app-v-sequencing.md b/mdop/appv-v4/improving-security-during-app-v-sequencing.md
index 36abc689dd..2b6ac85fe7 100644
--- a/mdop/appv-v4/improving-security-during-app-v-sequencing.md
+++ b/mdop/appv-v4/improving-security-during-app-v-sequencing.md
@@ -1,7 +1,7 @@
---
title: Improving Security During App-V Sequencing
description: Improving Security During App-V Sequencing
-author: eavena
+author: dansimp
ms.assetid: f30206dd-5749-4a27-bbaf-61fc21b9c663
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/incompatible-installer-dialog-box--app-v-46-sp1-.md b/mdop/appv-v4/incompatible-installer-dialog-box--app-v-46-sp1-.md
index b621af0ea0..a857bd41a4 100644
--- a/mdop/appv-v4/incompatible-installer-dialog-box--app-v-46-sp1-.md
+++ b/mdop/appv-v4/incompatible-installer-dialog-box--app-v-46-sp1-.md
@@ -1,7 +1,7 @@
---
title: Incompatible Installer Dialog Box (App-V 4.6 SP1)
description: Incompatible Installer Dialog Box (App-V 4.6 SP1)
-author: eavena
+author: dansimp
ms.assetid: 45d465b1-ee49-4274-8234-71dd031a07b6
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/installation-files-page.md b/mdop/appv-v4/installation-files-page.md
index e27b8a8203..20de615b7d 100644
--- a/mdop/appv-v4/installation-files-page.md
+++ b/mdop/appv-v4/installation-files-page.md
@@ -1,7 +1,7 @@
---
title: Installation Files Page
description: Installation Files Page
-author: eavena
+author: dansimp
ms.assetid: b0aad26f-b143-4f09-87a1-9f016a23cb62
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/installation-page--learn-more-.md b/mdop/appv-v4/installation-page--learn-more-.md
index decc1b459b..e6c8d1d84b 100644
--- a/mdop/appv-v4/installation-page--learn-more-.md
+++ b/mdop/appv-v4/installation-page--learn-more-.md
@@ -1,7 +1,7 @@
---
title: Installation Page (Learn More)
description: Installation Page (Learn More)
-author: eavena
+author: dansimp
ms.assetid: a53b8330-dfc3-4540-b147-7c10529f403a
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/installation-report-page--learn-more-.md b/mdop/appv-v4/installation-report-page--learn-more-.md
index 4dc8d9afc6..c84aa0f77a 100644
--- a/mdop/appv-v4/installation-report-page--learn-more-.md
+++ b/mdop/appv-v4/installation-report-page--learn-more-.md
@@ -1,7 +1,7 @@
---
title: Installation Report Page (Learn More)
description: Installation Report Page (Learn More)
-author: eavena
+author: dansimp
ms.assetid: 499cf4db-a39c-4dcf-b1cf-85fd7da11701
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/installing-app-v-management-server-or-streaming-server-securely.md b/mdop/appv-v4/installing-app-v-management-server-or-streaming-server-securely.md
index 9770276fd5..98b91fafd4 100644
--- a/mdop/appv-v4/installing-app-v-management-server-or-streaming-server-securely.md
+++ b/mdop/appv-v4/installing-app-v-management-server-or-streaming-server-securely.md
@@ -1,7 +1,7 @@
---
title: Installing App-V Management Server or Streaming Server Securely
description: Installing App-V Management Server or Streaming Server Securely
-author: eavena
+author: dansimp
ms.assetid: d2a51a81-a80f-427c-a727-611e1eb74f02
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/internet-facing-considerations-for-app-v-clients.md b/mdop/appv-v4/internet-facing-considerations-for-app-v-clients.md
index f1e423b957..b9d55dbf3c 100644
--- a/mdop/appv-v4/internet-facing-considerations-for-app-v-clients.md
+++ b/mdop/appv-v4/internet-facing-considerations-for-app-v-clients.md
@@ -1,7 +1,7 @@
---
title: Internet-Facing Considerations for App-V Clients
description: Internet-Facing Considerations for App-V Clients
-author: eavena
+author: dansimp
ms.assetid: 261acde3-7112-492e-8b11-934ae45adc5f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/internet-facing-server-scenarios-for-perimeter-networks.md b/mdop/appv-v4/internet-facing-server-scenarios-for-perimeter-networks.md
index 7ed378d7f0..53ac72fe47 100644
--- a/mdop/appv-v4/internet-facing-server-scenarios-for-perimeter-networks.md
+++ b/mdop/appv-v4/internet-facing-server-scenarios-for-perimeter-networks.md
@@ -1,7 +1,7 @@
---
title: Internet-Facing Server Scenarios for Perimeter Networks
description: Internet-Facing Server Scenarios for Perimeter Networks
-author: eavena
+author: dansimp
ms.assetid: 8a4da6e6-82c7-49e5-b9b1-1666cba02f65
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/introduction-to-the-application-virtualization-security-guide.md b/mdop/appv-v4/introduction-to-the-application-virtualization-security-guide.md
index 5e5e2a17d9..3377faf914 100644
--- a/mdop/appv-v4/introduction-to-the-application-virtualization-security-guide.md
+++ b/mdop/appv-v4/introduction-to-the-application-virtualization-security-guide.md
@@ -1,7 +1,7 @@
---
title: Introduction to the Application Virtualization Security Guide
description: Introduction to the Application Virtualization Security Guide
-author: eavena
+author: dansimp
ms.assetid: 50e1d220-7a95-45b8-933b-3dadddebe26f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/load-app.md b/mdop/appv-v4/load-app.md
index ec44358bc7..04554a2477 100644
--- a/mdop/appv-v4/load-app.md
+++ b/mdop/appv-v4/load-app.md
@@ -1,7 +1,7 @@
---
title: LOAD APP
description: LOAD APP
-author: eavena
+author: dansimp
ms.assetid: 7b727d0c-5423-419d-92ef-7ebbc6343e79
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/load-package.md b/mdop/appv-v4/load-package.md
index 2de2fe1aa4..b466aa1e10 100644
--- a/mdop/appv-v4/load-package.md
+++ b/mdop/appv-v4/load-package.md
@@ -1,7 +1,7 @@
---
title: LOAD PACKAGE
description: LOAD PACKAGE
-author: eavena
+author: dansimp
ms.assetid: eb19116d-e5d0-445c-b2f0-3116a09384d7
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/lock-app.md b/mdop/appv-v4/lock-app.md
index c6e0e0a6eb..ab1cbe6d65 100644
--- a/mdop/appv-v4/lock-app.md
+++ b/mdop/appv-v4/lock-app.md
@@ -1,7 +1,7 @@
---
title: LOCK APP
description: LOCK APP
-author: eavena
+author: dansimp
ms.assetid: 30673433-4364-499f-8116-cb135fe2716f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/log-file-for-the-application-virtualization-client.md b/mdop/appv-v4/log-file-for-the-application-virtualization-client.md
index ca3662f546..7e6cab69e0 100644
--- a/mdop/appv-v4/log-file-for-the-application-virtualization-client.md
+++ b/mdop/appv-v4/log-file-for-the-application-virtualization-client.md
@@ -1,7 +1,7 @@
---
title: Log File for the Application Virtualization Client
description: Log File for the Application Virtualization Client
-author: eavena
+author: dansimp
ms.assetid: ac4b3e4a-a220-4c06-bd60-af7dc318b3a9
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/log-files-for-the-application-virtualization-sequencer.md b/mdop/appv-v4/log-files-for-the-application-virtualization-sequencer.md
index ba4748b2d7..3c484c5336 100644
--- a/mdop/appv-v4/log-files-for-the-application-virtualization-sequencer.md
+++ b/mdop/appv-v4/log-files-for-the-application-virtualization-sequencer.md
@@ -1,7 +1,7 @@
---
title: Log Files for the Application Virtualization Sequencer
description: Log Files for the Application Virtualization Sequencer
-author: eavena
+author: dansimp
ms.assetid: 1a296544-eab4-46f9-82ce-3136f8b578af
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-1-privacy-statement.md b/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-1-privacy-statement.md
index b631d97a83..8b053caac1 100644
--- a/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-1-privacy-statement.md
+++ b/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-1-privacy-statement.md
@@ -1,7 +1,7 @@
---
title: Microsoft Application Virtualization 4.6 Service Pack 1 Privacy Statement
description: Microsoft Application Virtualization 4.6 Service Pack 1 Privacy Statement
-author: eavena
+author: dansimp
ms.assetid: e82c57ea-885d-4761-96db-4d80b1c3e1ae
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-2-privacy-statement.md b/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-2-privacy-statement.md
index feb3688ed5..e22f6404e8 100644
--- a/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-2-privacy-statement.md
+++ b/mdop/appv-v4/microsoft-application-virtualization-46-service-pack-2-privacy-statement.md
@@ -1,7 +1,7 @@
---
title: Microsoft Application Virtualization 4.6 Service Pack 2 Privacy Statement
description: Microsoft Application Virtualization 4.6 Service Pack 2 Privacy Statement
-author: eavena
+author: dansimp
ms.assetid: 4ee569b2-7711-475a-9f17-70247f00b1b7
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/microsoft-application-virtualization-client-management-help.md b/mdop/appv-v4/microsoft-application-virtualization-client-management-help.md
index 4c68c94bf5..7d3ac53771 100644
--- a/mdop/appv-v4/microsoft-application-virtualization-client-management-help.md
+++ b/mdop/appv-v4/microsoft-application-virtualization-client-management-help.md
@@ -1,7 +1,7 @@
---
title: Microsoft Application Virtualization Client Management Help
description: Microsoft Application Virtualization Client Management Help
-author: eavena
+author: dansimp
ms.assetid: 449eebda-70eb-48b7-855a-db965a680923
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/microsoft-application-virtualization-getting-started-guide.md b/mdop/appv-v4/microsoft-application-virtualization-getting-started-guide.md
index 8d3ac35075..e80f51864a 100644
--- a/mdop/appv-v4/microsoft-application-virtualization-getting-started-guide.md
+++ b/mdop/appv-v4/microsoft-application-virtualization-getting-started-guide.md
@@ -1,7 +1,7 @@
---
title: Microsoft Application Virtualization Getting Started Guide
description: Microsoft Application Virtualization Getting Started Guide
-author: eavena
+author: dansimp
ms.assetid: 6cd9a212-e270-4d7c-bd0a-bd6af9a5c3ba
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes-45-sp1.md b/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes-45-sp1.md
index e0573f689e..6e2ac2c22c 100644
--- a/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes-45-sp1.md
+++ b/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes-45-sp1.md
@@ -1,7 +1,7 @@
---
title: Microsoft Application Virtualization Management System Release Notes 4.5 SP1
description: Microsoft Application Virtualization Management System Release Notes 4.5 SP1
-author: eavena
+author: dansimp
ms.assetid: 5d6b11ea-7b87-4084-9a7c-0d831f247aa3
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes.md b/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes.md
index faa8e6fb37..f44ba1b0d9 100644
--- a/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes.md
+++ b/mdop/appv-v4/microsoft-application-virtualization-management-system-release-notes.md
@@ -1,7 +1,7 @@
---
title: Microsoft Application Virtualization Management System Release Notes
description: Microsoft Application Virtualization Management System Release Notes
-author: eavena
+author: dansimp
ms.assetid: e1a4d5ee-53c7-4b48-814c-a34ce0e698dc
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/microsoft-application-virtualization-security-guide.md b/mdop/appv-v4/microsoft-application-virtualization-security-guide.md
index 610d1317df..001edd2ecd 100644
--- a/mdop/appv-v4/microsoft-application-virtualization-security-guide.md
+++ b/mdop/appv-v4/microsoft-application-virtualization-security-guide.md
@@ -1,7 +1,7 @@
---
title: Microsoft Application Virtualization Security Guide
description: Microsoft Application Virtualization Security Guide
-author: eavena
+author: dansimp
ms.assetid: 5e794316-cc4f-459e-90ef-79fc9841ba4e
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/monitoring-application-virtualization-servers.md b/mdop/appv-v4/monitoring-application-virtualization-servers.md
index e2b08724bc..86d245cdb9 100644
--- a/mdop/appv-v4/monitoring-application-virtualization-servers.md
+++ b/mdop/appv-v4/monitoring-application-virtualization-servers.md
@@ -1,7 +1,7 @@
---
title: Monitoring Application Virtualization Servers
description: Monitoring Application Virtualization Servers
-author: eavena
+author: dansimp
ms.assetid: d84355ae-4fe4-41d9-ac3a-3eaa32d9a61f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/online-help-for-application-virtualization.md b/mdop/appv-v4/online-help-for-application-virtualization.md
index 7b0fb5aa06..78f73ff686 100644
--- a/mdop/appv-v4/online-help-for-application-virtualization.md
+++ b/mdop/appv-v4/online-help-for-application-virtualization.md
@@ -1,7 +1,7 @@
---
title: Online Help for Application Virtualization
description: Online Help for Application Virtualization
-author: eavena
+author: dansimp
ms.assetid: 261ede48-976f-473c-84bc-452577efdcdf
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/open-package-wizard---appv-46-sp1-.md b/mdop/appv-v4/open-package-wizard---appv-46-sp1-.md
index 1b5f04ae2a..1905d978d9 100644
--- a/mdop/appv-v4/open-package-wizard---appv-46-sp1-.md
+++ b/mdop/appv-v4/open-package-wizard---appv-46-sp1-.md
@@ -1,7 +1,7 @@
---
title: Open Package Wizard (AppV 4.6 SP1)
description: Open Package Wizard (AppV 4.6 SP1)
-author: eavena
+author: dansimp
ms.assetid: 26bdef59-2ea3-4e30-9095-0ee0d0085b2d
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/operations-guide-for-the-application-virtualization-system.md b/mdop/appv-v4/operations-guide-for-the-application-virtualization-system.md
index 0ecbf6bd98..9c61fc7e12 100644
--- a/mdop/appv-v4/operations-guide-for-the-application-virtualization-system.md
+++ b/mdop/appv-v4/operations-guide-for-the-application-virtualization-system.md
@@ -1,7 +1,7 @@
---
title: Operations Guide for the Application Virtualization System
description: Operations Guide for the Application Virtualization System
-author: eavena
+author: dansimp
ms.assetid: 686f2b75-7fba-4410-89b2-a539984b6ef2
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/osd-file-elements.md b/mdop/appv-v4/osd-file-elements.md
index 157d258180..1d0283818c 100644
--- a/mdop/appv-v4/osd-file-elements.md
+++ b/mdop/appv-v4/osd-file-elements.md
@@ -1,7 +1,7 @@
---
title: OSD File Elements
description: OSD File Elements
-author: eavena
+author: dansimp
ms.assetid: 8211b562-7549-4331-8321-144f52574e99
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/osd-tab-keep.md b/mdop/appv-v4/osd-tab-keep.md
index 6ee10b4d02..ccdcfd3633 100644
--- a/mdop/appv-v4/osd-tab-keep.md
+++ b/mdop/appv-v4/osd-tab-keep.md
@@ -1,7 +1,7 @@
---
title: OSD Tab
description: OSD Tab
-author: eavena
+author: dansimp
ms.assetid: e66f1384-1753-4216-b9ee-77e99af93c74
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/oversized-package-dialog-box--app-v-46-sp1-.md b/mdop/appv-v4/oversized-package-dialog-box--app-v-46-sp1-.md
index 1ad9f93518..b29db6ac31 100644
--- a/mdop/appv-v4/oversized-package-dialog-box--app-v-46-sp1-.md
+++ b/mdop/appv-v4/oversized-package-dialog-box--app-v-46-sp1-.md
@@ -1,7 +1,7 @@
---
title: Oversized Package Dialog Box (App-V 4.6 SP1)
description: Oversized Package Dialog Box (App-V 4.6 SP1)
-author: eavena
+author: dansimp
ms.assetid: 8973a493-6509-4d52-afb6-a9f47d1c5c26
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/overview-of-application-virtualization.md b/mdop/appv-v4/overview-of-application-virtualization.md
index 2381ed0605..022d6b07b1 100644
--- a/mdop/appv-v4/overview-of-application-virtualization.md
+++ b/mdop/appv-v4/overview-of-application-virtualization.md
@@ -1,7 +1,7 @@
---
title: Overview of Application Virtualization
description: Overview of Application Virtualization
-author: eavena
+author: dansimp
ms.assetid: 80545ef4-cf4c-420c-88d6-48e9f226051f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/overview-of-the-application-virtualization-system-components.md b/mdop/appv-v4/overview-of-the-application-virtualization-system-components.md
index 672e8b0158..eb607d81e1 100644
--- a/mdop/appv-v4/overview-of-the-application-virtualization-system-components.md
+++ b/mdop/appv-v4/overview-of-the-application-virtualization-system-components.md
@@ -1,7 +1,7 @@
---
title: Overview of the Application Virtualization System Components
description: Overview of the Application Virtualization System Components
-author: eavena
+author: dansimp
ms.assetid: 75d88ef7-44d8-4fa7-b7f5-9153f37e570d
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/package-name-page---learn-more-.md b/mdop/appv-v4/package-name-page---learn-more-.md
index 47e9be6e5f..3295f947df 100644
--- a/mdop/appv-v4/package-name-page---learn-more-.md
+++ b/mdop/appv-v4/package-name-page---learn-more-.md
@@ -1,7 +1,7 @@
---
title: Package Name Page (Learn More)
description: Package Name Page (Learn More)
-author: eavena
+author: dansimp
ms.assetid: ee75b8f0-bd9d-4460-a256-016ff97c2386
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/package-name-page--app-v-46-sp1.md b/mdop/appv-v4/package-name-page--app-v-46-sp1.md
index b595db124d..a8989e3452 100644
--- a/mdop/appv-v4/package-name-page--app-v-46-sp1.md
+++ b/mdop/appv-v4/package-name-page--app-v-46-sp1.md
@@ -1,7 +1,7 @@
---
title: Package Name Page
description: Package Name Page
-author: eavena
+author: dansimp
ms.assetid: 1cea36b7-737d-4c5e-9294-5feba02a3e7d
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/package-results-pane-columns.md b/mdop/appv-v4/package-results-pane-columns.md
index cfca796126..bc11c1fabe 100644
--- a/mdop/appv-v4/package-results-pane-columns.md
+++ b/mdop/appv-v4/package-results-pane-columns.md
@@ -1,7 +1,7 @@
---
title: Package Results Pane Columns
description: Package Results Pane Columns
-author: eavena
+author: dansimp
ms.assetid: 4ed3a06a-656d-497a-b62d-21684396e2b0
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/package-results-pane.md b/mdop/appv-v4/package-results-pane.md
index 65808ecea6..8b8dab1add 100644
--- a/mdop/appv-v4/package-results-pane.md
+++ b/mdop/appv-v4/package-results-pane.md
@@ -1,7 +1,7 @@
---
title: Package Results Pane
description: Package Results Pane
-author: eavena
+author: dansimp
ms.assetid: 07b7f737-f26f-4feb-88aa-3d8009c5622d
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/packages-node.md b/mdop/appv-v4/packages-node.md
index 6bdf422c6e..a8bcf5560e 100644
--- a/mdop/appv-v4/packages-node.md
+++ b/mdop/appv-v4/packages-node.md
@@ -1,7 +1,7 @@
---
title: Packages Node
description: Packages Node
-author: eavena
+author: dansimp
ms.assetid: 3465168c-012f-4e9f-905d-611418d2975a
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/packaging-method--learn-more-.md b/mdop/appv-v4/packaging-method--learn-more-.md
index f0fd04c1c6..193e825c51 100644
--- a/mdop/appv-v4/packaging-method--learn-more-.md
+++ b/mdop/appv-v4/packaging-method--learn-more-.md
@@ -1,7 +1,7 @@
---
title: Packaging Method (Learn More)
description: Packaging Method (Learn More)
-author: eavena
+author: dansimp
ms.assetid: 3975a640-1ffd-4b4c-95fd-608469f4c205
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/packaging-method-page--learn-more-.md b/mdop/appv-v4/packaging-method-page--learn-more-.md
index 7d367a7c65..a009435f20 100644
--- a/mdop/appv-v4/packaging-method-page--learn-more-.md
+++ b/mdop/appv-v4/packaging-method-page--learn-more-.md
@@ -1,7 +1,7 @@
---
title: Packaging Method Page (Learn More)
description: Packaging Method Page (Learn More)
-author: eavena
+author: dansimp
ms.assetid: f405a293-bcd4-48a1-b4d9-b5e4cf73c5f4
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/parse-items-tab-keep.md b/mdop/appv-v4/parse-items-tab-keep.md
index 5f70497e42..e2bd550ab2 100644
--- a/mdop/appv-v4/parse-items-tab-keep.md
+++ b/mdop/appv-v4/parse-items-tab-keep.md
@@ -1,7 +1,7 @@
---
title: Parse Items Tab
description: Parse Items Tab
-author: eavena
+author: dansimp
ms.assetid: bdf3fe0d-404a-4745-af52-f415fa321564
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/planning-and-deployment-guide-for-the-application-virtualization-system.md b/mdop/appv-v4/planning-and-deployment-guide-for-the-application-virtualization-system.md
index 890bce54a6..474424a086 100644
--- a/mdop/appv-v4/planning-and-deployment-guide-for-the-application-virtualization-system.md
+++ b/mdop/appv-v4/planning-and-deployment-guide-for-the-application-virtualization-system.md
@@ -1,7 +1,7 @@
---
title: Planning and Deployment Guide for the Application Virtualization System
description: Planning and Deployment Guide for the Application Virtualization System
-author: eavena
+author: dansimp
ms.assetid: 6c012e33-9ac6-4cd8-84ff-54f40973833f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/planning-for-application-virtualization-client-deployment.md b/mdop/appv-v4/planning-for-application-virtualization-client-deployment.md
index c7c2e67bf3..f40e560fdf 100644
--- a/mdop/appv-v4/planning-for-application-virtualization-client-deployment.md
+++ b/mdop/appv-v4/planning-for-application-virtualization-client-deployment.md
@@ -1,7 +1,7 @@
---
title: Planning for Application Virtualization Client Deployment
description: Planning for Application Virtualization Client Deployment
-author: eavena
+author: dansimp
ms.assetid: a352f80f-f0f9-4fbf-ac10-24c510b2d6be
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/planning-for-application-virtualization-system-deployment.md b/mdop/appv-v4/planning-for-application-virtualization-system-deployment.md
index b54977c4b8..acb7830906 100644
--- a/mdop/appv-v4/planning-for-application-virtualization-system-deployment.md
+++ b/mdop/appv-v4/planning-for-application-virtualization-system-deployment.md
@@ -1,7 +1,7 @@
---
title: Planning for Application Virtualization System Deployment
description: Planning for Application Virtualization System Deployment
-author: eavena
+author: dansimp
ms.assetid: 8215269f-c083-468a-bf0b-886b0d2dd69e
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/planning-for-client-security.md b/mdop/appv-v4/planning-for-client-security.md
index 2e70095470..8b6457f699 100644
--- a/mdop/appv-v4/planning-for-client-security.md
+++ b/mdop/appv-v4/planning-for-client-security.md
@@ -1,7 +1,7 @@
---
title: Planning for Client Security
description: Planning for Client Security
-author: eavena
+author: dansimp
ms.assetid: 4840a60f-4c91-489c-ad0b-6671882abf9b
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/planning-for-migration-from-previous-versions.md b/mdop/appv-v4/planning-for-migration-from-previous-versions.md
index 31b155f1d0..80ed54ee4b 100644
--- a/mdop/appv-v4/planning-for-migration-from-previous-versions.md
+++ b/mdop/appv-v4/planning-for-migration-from-previous-versions.md
@@ -1,7 +1,7 @@
---
title: Planning for Migration from Previous Versions
description: Planning for Migration from Previous Versions
-author: eavena
+author: dansimp
ms.assetid: 62967bf1-542f-41b0-838f-c62f3430ac73
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/planning-for-security-and-protection.md b/mdop/appv-v4/planning-for-security-and-protection.md
index a229a68305..92ff750703 100644
--- a/mdop/appv-v4/planning-for-security-and-protection.md
+++ b/mdop/appv-v4/planning-for-security-and-protection.md
@@ -1,7 +1,7 @@
---
title: Planning for Security and Protection
description: Planning for Security and Protection
-author: eavena
+author: dansimp
ms.assetid: d0e2ef81-c197-4020-ad85-8d66fe5c178f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/planning-for-sequencer-security.md b/mdop/appv-v4/planning-for-sequencer-security.md
index fc925dca50..9e8655200f 100644
--- a/mdop/appv-v4/planning-for-sequencer-security.md
+++ b/mdop/appv-v4/planning-for-sequencer-security.md
@@ -1,7 +1,7 @@
---
title: Planning for Sequencer Security
description: Planning for Sequencer Security
-author: eavena
+author: dansimp
ms.assetid: 8043cb02-476d-4c28-a850-903a8ac5b2d3
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/planning-for-server-security.md b/mdop/appv-v4/planning-for-server-security.md
index 2cc2c0459b..31f57ecb6d 100644
--- a/mdop/appv-v4/planning-for-server-security.md
+++ b/mdop/appv-v4/planning-for-server-security.md
@@ -1,7 +1,7 @@
---
title: Planning for Server Security
description: Planning for Server Security
-author: eavena
+author: dansimp
ms.assetid: c7cd8227-b359-41e7-a8ae-d0d5718a76a2
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/planning-the-application-virtualization-sequencer-implementation.md b/mdop/appv-v4/planning-the-application-virtualization-sequencer-implementation.md
index 90f6f01821..8825c4306e 100644
--- a/mdop/appv-v4/planning-the-application-virtualization-sequencer-implementation.md
+++ b/mdop/appv-v4/planning-the-application-virtualization-sequencer-implementation.md
@@ -1,7 +1,7 @@
---
title: Planning the Application Virtualization Sequencer Implementation
description: Planning the Application Virtualization Sequencer Implementation
-author: eavena
+author: dansimp
ms.assetid: 052f32fe-ad13-4921-a8ce-4a657eb2b2bf
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/planning-your-streaming-solution-in-an-application-virtualization-server-based-implementation.md b/mdop/appv-v4/planning-your-streaming-solution-in-an-application-virtualization-server-based-implementation.md
index f81b40c0e2..2fa2f11deb 100644
--- a/mdop/appv-v4/planning-your-streaming-solution-in-an-application-virtualization-server-based-implementation.md
+++ b/mdop/appv-v4/planning-your-streaming-solution-in-an-application-virtualization-server-based-implementation.md
@@ -1,7 +1,7 @@
---
title: Planning Your Streaming Solution in an Application Virtualization Server-Based Implementation
description: Planning Your Streaming Solution in an Application Virtualization Server-Based Implementation
-author: eavena
+author: dansimp
ms.assetid: 3a57306e-5c54-4fde-8593-fe3b788f18d3
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/planning-your-streaming-solution-in-an-electronic-software-distribution-implementation.md b/mdop/appv-v4/planning-your-streaming-solution-in-an-electronic-software-distribution-implementation.md
index 0ec37daf28..885a566c91 100644
--- a/mdop/appv-v4/planning-your-streaming-solution-in-an-electronic-software-distribution-implementation.md
+++ b/mdop/appv-v4/planning-your-streaming-solution-in-an-electronic-software-distribution-implementation.md
@@ -1,7 +1,7 @@
---
title: Planning Your Streaming Solution in an Electronic Software Distribution Implementation
description: Planning Your Streaming Solution in an Electronic Software Distribution Implementation
-author: eavena
+author: dansimp
ms.assetid: bc18772a-f169-486f-adb1-7af1a31845aa
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/prepare-computer-page--learn-more-.md b/mdop/appv-v4/prepare-computer-page--learn-more-.md
index 4920b634e8..508985a3fb 100644
--- a/mdop/appv-v4/prepare-computer-page--learn-more-.md
+++ b/mdop/appv-v4/prepare-computer-page--learn-more-.md
@@ -1,7 +1,7 @@
---
title: Prepare Computer Page (Learn More)
description: Prepare Computer Page (Learn More)
-author: eavena
+author: dansimp
ms.assetid: a401ce3d-b8f7-4b3f-9be9-ecf6d8b544fd
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/properties-tab-keep.md b/mdop/appv-v4/properties-tab-keep.md
index af45012be4..8f068996f6 100644
--- a/mdop/appv-v4/properties-tab-keep.md
+++ b/mdop/appv-v4/properties-tab-keep.md
@@ -1,7 +1,7 @@
---
title: Properties Tab
description: Properties Tab
-author: eavena
+author: dansimp
ms.assetid: 6ff20678-6766-4f0d-8bbb-f19b224682a1
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/provider-policies-node.md b/mdop/appv-v4/provider-policies-node.md
index 23667457d8..68130e6575 100644
--- a/mdop/appv-v4/provider-policies-node.md
+++ b/mdop/appv-v4/provider-policies-node.md
@@ -1,7 +1,7 @@
---
title: Provider Policies Node
description: Provider Policies Node
-author: eavena
+author: dansimp
ms.assetid: 89b47076-7732-4128-93cc-8e6d5b671c8e
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/provider-policies-results-pane-columns.md b/mdop/appv-v4/provider-policies-results-pane-columns.md
index edc54d5af9..d570b23283 100644
--- a/mdop/appv-v4/provider-policies-results-pane-columns.md
+++ b/mdop/appv-v4/provider-policies-results-pane-columns.md
@@ -1,7 +1,7 @@
---
title: Provider Policies Results Pane Columns
description: Provider Policies Results Pane Columns
-author: eavena
+author: dansimp
ms.assetid: f9456f17-3106-4e5a-9a8c-df3af66986e1
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/provider-policies-results-pane.md b/mdop/appv-v4/provider-policies-results-pane.md
index 2f0f38d356..da6df828bd 100644
--- a/mdop/appv-v4/provider-policies-results-pane.md
+++ b/mdop/appv-v4/provider-policies-results-pane.md
@@ -1,7 +1,7 @@
---
title: Provider Policies Results Pane
description: Provider Policies Results Pane
-author: eavena
+author: dansimp
ms.assetid: 17ea0836-bfb5-4966-8778-155444d81e64
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/publish-app.md b/mdop/appv-v4/publish-app.md
index 13b9f2635e..cc0c253c2f 100644
--- a/mdop/appv-v4/publish-app.md
+++ b/mdop/appv-v4/publish-app.md
@@ -1,7 +1,7 @@
---
title: PUBLISH APP
description: PUBLISH APP
-author: eavena
+author: dansimp
ms.assetid: f25f06a8-ca23-435b-a0c2-16a5f39b6b97
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/publish-package.md b/mdop/appv-v4/publish-package.md
index 04b4e5c319..f0fb1da684 100644
--- a/mdop/appv-v4/publish-package.md
+++ b/mdop/appv-v4/publish-package.md
@@ -1,7 +1,7 @@
---
title: PUBLISH PACKAGE
description: PUBLISH PACKAGE
-author: eavena
+author: dansimp
ms.assetid: a33e72dd-194f-4283-8e99-4584ab13de53
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/publishing-servers-node.md b/mdop/appv-v4/publishing-servers-node.md
index 76d964d714..1c6ffd8268 100644
--- a/mdop/appv-v4/publishing-servers-node.md
+++ b/mdop/appv-v4/publishing-servers-node.md
@@ -1,7 +1,7 @@
---
title: Publishing Servers Node
description: Publishing Servers Node
-author: eavena
+author: dansimp
ms.assetid: b5823c6c-15bc-4e8d-aeeb-acc366ffedd1
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/publishing-servers-results-pane-columns.md b/mdop/appv-v4/publishing-servers-results-pane-columns.md
index 4d18f6216d..18c1671c57 100644
--- a/mdop/appv-v4/publishing-servers-results-pane-columns.md
+++ b/mdop/appv-v4/publishing-servers-results-pane-columns.md
@@ -1,7 +1,7 @@
---
title: Publishing Servers Results Pane Columns
description: Publishing Servers Results Pane Columns
-author: eavena
+author: dansimp
ms.assetid: ad875715-50b3-4881-a6b3-586238d12527
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/publishing-servers-results-pane.md b/mdop/appv-v4/publishing-servers-results-pane.md
index 09a6240706..e812805dd8 100644
--- a/mdop/appv-v4/publishing-servers-results-pane.md
+++ b/mdop/appv-v4/publishing-servers-results-pane.md
@@ -1,7 +1,7 @@
---
title: Publishing Servers Results Pane
description: Publishing Servers Results Pane
-author: eavena
+author: dansimp
ms.assetid: ee0662e8-9623-4a7c-b6dc-657fa3f56161
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/publishing-virtual-applications-using-application-virtualization-management-servers.md b/mdop/appv-v4/publishing-virtual-applications-using-application-virtualization-management-servers.md
index 3e8cc15328..f2b259d4e6 100644
--- a/mdop/appv-v4/publishing-virtual-applications-using-application-virtualization-management-servers.md
+++ b/mdop/appv-v4/publishing-virtual-applications-using-application-virtualization-management-servers.md
@@ -1,7 +1,7 @@
---
title: Publishing Virtual Applications Using Application Virtualization Management Servers
description: Publishing Virtual Applications Using Application Virtualization Management Servers
-author: eavena
+author: dansimp
ms.assetid: f3d79284-3f82-4ca3-b741-1a80b61490da
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/publishing-virtual-applications-using-electronic-software-distribution.md b/mdop/appv-v4/publishing-virtual-applications-using-electronic-software-distribution.md
index 9201d18ee2..744cdd05d9 100644
--- a/mdop/appv-v4/publishing-virtual-applications-using-electronic-software-distribution.md
+++ b/mdop/appv-v4/publishing-virtual-applications-using-electronic-software-distribution.md
@@ -1,7 +1,7 @@
---
title: Publishing Virtual Applications Using Electronic Software Distribution
description: Publishing Virtual Applications Using Electronic Software Distribution
-author: eavena
+author: dansimp
ms.assetid: 295fbc1d-ed1c-43b4-aeee-0df384d4e630
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/query-obj.md b/mdop/appv-v4/query-obj.md
index ffe63b39cb..3c9adf095a 100644
--- a/mdop/appv-v4/query-obj.md
+++ b/mdop/appv-v4/query-obj.md
@@ -1,7 +1,7 @@
---
title: QUERY OBJ
description: QUERY OBJ
-author: eavena
+author: dansimp
ms.assetid: 55abf0d1-c779-4172-8357-552ab010933b
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/refresh-server.md b/mdop/appv-v4/refresh-server.md
index ce416e2f57..ae5e986c4f 100644
--- a/mdop/appv-v4/refresh-server.md
+++ b/mdop/appv-v4/refresh-server.md
@@ -1,7 +1,7 @@
---
title: REFRESH SERVER
description: REFRESH SERVER
-author: eavena
+author: dansimp
ms.assetid: 232df842-a160-46cd-b60b-f464cd9a0086
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/repair-app.md b/mdop/appv-v4/repair-app.md
index 8028a99b00..65bc1db344 100644
--- a/mdop/appv-v4/repair-app.md
+++ b/mdop/appv-v4/repair-app.md
@@ -1,7 +1,7 @@
---
title: REPAIR APP
description: REPAIR APP
-author: eavena
+author: dansimp
ms.assetid: 892b556b-612d-4531-890e-4cfc2ac88d9f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/reports-node.md b/mdop/appv-v4/reports-node.md
index 3a134a0bf2..c6969fb115 100644
--- a/mdop/appv-v4/reports-node.md
+++ b/mdop/appv-v4/reports-node.md
@@ -1,7 +1,7 @@
---
title: Reports Node
description: Reports Node
-author: eavena
+author: dansimp
ms.assetid: b7fdc52d-f112-4a65-af25-134398810e9b
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/reports-results-pane-columns.md b/mdop/appv-v4/reports-results-pane-columns.md
index 30d4a7cd79..7c6bc3a0c3 100644
--- a/mdop/appv-v4/reports-results-pane-columns.md
+++ b/mdop/appv-v4/reports-results-pane-columns.md
@@ -1,7 +1,7 @@
---
title: Reports Results Pane Columns
description: Reports Results Pane Columns
-author: eavena
+author: dansimp
ms.assetid: 907360ca-6a55-4e42-88d2-db1a24cd2a28
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/reports-results-pane.md b/mdop/appv-v4/reports-results-pane.md
index 1bf053f4df..57a5bb2b3e 100644
--- a/mdop/appv-v4/reports-results-pane.md
+++ b/mdop/appv-v4/reports-results-pane.md
@@ -1,7 +1,7 @@
---
title: Reports Results Pane
description: Reports Results Pane
-author: eavena
+author: dansimp
ms.assetid: 66beac62-fa55-4ab9-ac19-b9e1772e2d20
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/restart-task-failure-dialog-box--app-v-46-sp1-.md b/mdop/appv-v4/restart-task-failure-dialog-box--app-v-46-sp1-.md
index f8023fed89..2ecb94c6fd 100644
--- a/mdop/appv-v4/restart-task-failure-dialog-box--app-v-46-sp1-.md
+++ b/mdop/appv-v4/restart-task-failure-dialog-box--app-v-46-sp1-.md
@@ -1,7 +1,7 @@
---
title: Restart Task Failure Dialog Box (App-V 4.6 SP1)
description: Restart Task Failure Dialog Box (App-V 4.6 SP1)
-author: eavena
+author: dansimp
ms.assetid: 1933fe71-8aa0-4e43-b6f7-060050001edd
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/run-each-program-page-app-v-46-sp1.md b/mdop/appv-v4/run-each-program-page-app-v-46-sp1.md
index fca8e43e79..7fc9be9f19 100644
--- a/mdop/appv-v4/run-each-program-page-app-v-46-sp1.md
+++ b/mdop/appv-v4/run-each-program-page-app-v-46-sp1.md
@@ -1,7 +1,7 @@
---
title: Run Each Program Page
description: Run Each Program Page
-author: eavena
+author: dansimp
ms.assetid: 4f09a64e-9545-47aa-bc43-fda0089f7adb
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/security-and-protection-overview.md b/mdop/appv-v4/security-and-protection-overview.md
index 2f668ca5d7..6e0554598b 100644
--- a/mdop/appv-v4/security-and-protection-overview.md
+++ b/mdop/appv-v4/security-and-protection-overview.md
@@ -1,7 +1,7 @@
---
title: Security and Protection Overview
description: Security and Protection Overview
-author: eavena
+author: dansimp
ms.assetid: a43e1c53-7936-4d48-a110-0be26c8e9d97
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/select-files-page.md b/mdop/appv-v4/select-files-page.md
index 3e3ce46931..d4bfc181fb 100644
--- a/mdop/appv-v4/select-files-page.md
+++ b/mdop/appv-v4/select-files-page.md
@@ -1,7 +1,7 @@
---
title: Select Files Page
description: Select Files Page
-author: eavena
+author: dansimp
ms.assetid: 6d1524ca-6306-4a28-b65f-3ded9d487e75
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/select-guidance-page--package-accelerators-.md b/mdop/appv-v4/select-guidance-page--package-accelerators-.md
index f2a9ba20b3..680d508314 100644
--- a/mdop/appv-v4/select-guidance-page--package-accelerators-.md
+++ b/mdop/appv-v4/select-guidance-page--package-accelerators-.md
@@ -1,7 +1,7 @@
---
title: Select Guidance Page (Package Accelerators)
description: Select Guidance Page (Package Accelerators)
-author: eavena
+author: dansimp
ms.assetid: 608b8823-6eac-40c0-a6dc-2f0bfc0d42a1
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/select-installation-files-page-app-v-46-sp1.md b/mdop/appv-v4/select-installation-files-page-app-v-46-sp1.md
index 0fb499ff9d..0a26f2e4c6 100644
--- a/mdop/appv-v4/select-installation-files-page-app-v-46-sp1.md
+++ b/mdop/appv-v4/select-installation-files-page-app-v-46-sp1.md
@@ -1,7 +1,7 @@
---
title: Select Installation Files Page
description: Select Installation Files Page
-author: eavena
+author: dansimp
ms.assetid: 4c8cd49e-ba39-4918-9863-5b3c315d14a5
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/select-installer-page--learn-more-.md b/mdop/appv-v4/select-installer-page--learn-more-.md
index c0c95a1828..ade2d58d1f 100644
--- a/mdop/appv-v4/select-installer-page--learn-more-.md
+++ b/mdop/appv-v4/select-installer-page--learn-more-.md
@@ -1,7 +1,7 @@
---
title: Select Installer Page (Learn More)
description: Select Installer Page (Learn More)
-author: eavena
+author: dansimp
ms.assetid: da05e756-d23e-4557-8ff6-313d695a78a1
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/select-package--learn-more--page.md b/mdop/appv-v4/select-package--learn-more--page.md
index 078dbfbad4..2dac258cff 100644
--- a/mdop/appv-v4/select-package--learn-more--page.md
+++ b/mdop/appv-v4/select-package--learn-more--page.md
@@ -1,7 +1,7 @@
---
title: Select Package (Learn More) Page
description: Select Package (Learn More) Page
-author: eavena
+author: dansimp
ms.assetid: 0b3d4ca4-ff65-4aa5-87a9-61cbe2ffc8be
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/select-package-accelerator--learn-more--page.md b/mdop/appv-v4/select-package-accelerator--learn-more--page.md
index 28c3dd746a..887f03367c 100644
--- a/mdop/appv-v4/select-package-accelerator--learn-more--page.md
+++ b/mdop/appv-v4/select-package-accelerator--learn-more--page.md
@@ -1,7 +1,7 @@
---
title: Select Package Accelerator (Learn More) Page
description: Select Package Accelerator (Learn More) Page
-author: eavena
+author: dansimp
ms.assetid: 2db51514-8695-4b5e-b3e5-1e96e3ee4cc7
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/select-package-accelerator-page.md b/mdop/appv-v4/select-package-accelerator-page.md
index d06ddc61ba..e455a69f63 100644
--- a/mdop/appv-v4/select-package-accelerator-page.md
+++ b/mdop/appv-v4/select-package-accelerator-page.md
@@ -1,7 +1,7 @@
---
title: Select Package Accelerator Page
description: Select Package Accelerator Page
-author: eavena
+author: dansimp
ms.assetid: 865c2702-4dfd-41ae-8cfc-3514d5f41f76
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/select-primary-page--learn-more-.md b/mdop/appv-v4/select-primary-page--learn-more-.md
index a35e3c17bc..38a6d0748c 100644
--- a/mdop/appv-v4/select-primary-page--learn-more-.md
+++ b/mdop/appv-v4/select-primary-page--learn-more-.md
@@ -1,7 +1,7 @@
---
title: Select Primary Page (Learn More)
description: Select Primary Page (Learn More)
-author: eavena
+author: dansimp
ms.assetid: 17c779da-f683-4967-b136-94fe65373c1b
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/select-task-page--learn-more-.md b/mdop/appv-v4/select-task-page--learn-more-.md
index fd9a980960..18b296a24e 100644
--- a/mdop/appv-v4/select-task-page--learn-more-.md
+++ b/mdop/appv-v4/select-task-page--learn-more-.md
@@ -1,7 +1,7 @@
---
title: Select Task Page (Learn More)
description: Select Task Page (Learn More)
-author: eavena
+author: dansimp
ms.assetid: 09534c40-bf6c-4b3f-be9a-8624965c9c18
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/sequencer-command-line-error-codes.md b/mdop/appv-v4/sequencer-command-line-error-codes.md
index dd6de8148b..3f60bfec5b 100644
--- a/mdop/appv-v4/sequencer-command-line-error-codes.md
+++ b/mdop/appv-v4/sequencer-command-line-error-codes.md
@@ -1,7 +1,7 @@
---
title: Sequencer Command-Line Error Codes
description: Sequencer Command-Line Error Codes
-author: eavena
+author: dansimp
ms.assetid: 3d491314-4923-45fd-9839-c541c5e620bd
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/sequencer-command-line-parameters.md b/mdop/appv-v4/sequencer-command-line-parameters.md
index 45f23f75de..7731e1d5ea 100644
--- a/mdop/appv-v4/sequencer-command-line-parameters.md
+++ b/mdop/appv-v4/sequencer-command-line-parameters.md
@@ -1,7 +1,7 @@
---
title: Sequencer Command-Line Parameters
description: Sequencer Command-Line Parameters
-author: eavena
+author: dansimp
ms.assetid: 28fb875a-c302-4d95-b2e0-8dc0c5dbb0f8
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/sequencer-console.md b/mdop/appv-v4/sequencer-console.md
index 7400f6a83a..49d86a316d 100644
--- a/mdop/appv-v4/sequencer-console.md
+++ b/mdop/appv-v4/sequencer-console.md
@@ -1,7 +1,7 @@
---
title: Sequencer Console
description: Sequencer Console
-author: eavena
+author: dansimp
ms.assetid: 69e0202d-be2c-41cc-99cb-2a08a034e804
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/sequencer-dialog-boxes.md b/mdop/appv-v4/sequencer-dialog-boxes.md
index 41e0e7f3a7..2f48597aa3 100644
--- a/mdop/appv-v4/sequencer-dialog-boxes.md
+++ b/mdop/appv-v4/sequencer-dialog-boxes.md
@@ -1,7 +1,7 @@
---
title: Sequencer Dialog Boxes
description: Sequencer Dialog Boxes
-author: eavena
+author: dansimp
ms.assetid: f660d56b-0244-4167-b077-96ad482e6b36
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/sequencer-hardware-and-software-requirements.md b/mdop/appv-v4/sequencer-hardware-and-software-requirements.md
index 1a194914ee..bc08faf80a 100644
--- a/mdop/appv-v4/sequencer-hardware-and-software-requirements.md
+++ b/mdop/appv-v4/sequencer-hardware-and-software-requirements.md
@@ -1,7 +1,7 @@
---
title: Sequencer Hardware and Software Requirements
description: Sequencer Hardware and Software Requirements
-author: eavena
+author: dansimp
ms.assetid: 36084e12-831d-452f-a4a4-45f07f9ce471
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/sequencer-wizard---package-accelerator--appv-46-sp1-.md b/mdop/appv-v4/sequencer-wizard---package-accelerator--appv-46-sp1-.md
index 684ee01f73..1ef34e3837 100644
--- a/mdop/appv-v4/sequencer-wizard---package-accelerator--appv-46-sp1-.md
+++ b/mdop/appv-v4/sequencer-wizard---package-accelerator--appv-46-sp1-.md
@@ -1,7 +1,7 @@
---
title: Sequencer Wizard - Package Accelerator (AppV 4.6 SP1)
description: Sequencer Wizard - Package Accelerator (AppV 4.6 SP1)
-author: eavena
+author: dansimp
ms.assetid: 1f75f5ba-0707-48fb-b0b8-ba94a5159e36
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/sequencing-wizard.md b/mdop/appv-v4/sequencing-wizard.md
index d4f7d09fec..6d6e869a11 100644
--- a/mdop/appv-v4/sequencing-wizard.md
+++ b/mdop/appv-v4/sequencing-wizard.md
@@ -1,7 +1,7 @@
---
title: Sequencing Wizard
description: Sequencing Wizard
-author: eavena
+author: dansimp
ms.assetid: 81e2f4fa-b06e-4cbe-aeb8-6ceb8f0543a5
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/server-groups-node.md b/mdop/appv-v4/server-groups-node.md
index ce1414674d..991741f07e 100644
--- a/mdop/appv-v4/server-groups-node.md
+++ b/mdop/appv-v4/server-groups-node.md
@@ -1,7 +1,7 @@
---
title: Server Groups Node
description: Server Groups Node
-author: eavena
+author: dansimp
ms.assetid: 6b2ed086-9100-47d0-be7f-0c5fb4fa55c6
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/server-groups-results-pane-columns.md b/mdop/appv-v4/server-groups-results-pane-columns.md
index f3e42b607f..3777434491 100644
--- a/mdop/appv-v4/server-groups-results-pane-columns.md
+++ b/mdop/appv-v4/server-groups-results-pane-columns.md
@@ -1,7 +1,7 @@
---
title: Server Groups Results Pane Columns
description: Server Groups Results Pane Columns
-author: eavena
+author: dansimp
ms.assetid: e91b1b9b-e58c-4274-ad18-8b157936b9be
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/server-groups-results-pane.md b/mdop/appv-v4/server-groups-results-pane.md
index 129e193e76..43aca80bf7 100644
--- a/mdop/appv-v4/server-groups-results-pane.md
+++ b/mdop/appv-v4/server-groups-results-pane.md
@@ -1,7 +1,7 @@
---
title: Server Groups Results Pane
description: Server Groups Results Pane
-author: eavena
+author: dansimp
ms.assetid: ac7b0525-5946-4728-9cf1-c65007852ebe
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/server-management-console-about-dialog-boxes.md b/mdop/appv-v4/server-management-console-about-dialog-boxes.md
index 3efe389863..28765cec65 100644
--- a/mdop/appv-v4/server-management-console-about-dialog-boxes.md
+++ b/mdop/appv-v4/server-management-console-about-dialog-boxes.md
@@ -1,7 +1,7 @@
---
title: Server Management Console About Dialog Boxes
description: Server Management Console About Dialog Boxes
-author: eavena
+author: dansimp
ms.assetid: b5fdee0b-4269-4a48-98a0-ed3f06cff041
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/server-management-console-administrators-node.md b/mdop/appv-v4/server-management-console-administrators-node.md
index 015c4f342b..c8d25650e4 100644
--- a/mdop/appv-v4/server-management-console-administrators-node.md
+++ b/mdop/appv-v4/server-management-console-administrators-node.md
@@ -1,7 +1,7 @@
---
title: Server Management Console Administrators Node
description: Server Management Console Administrators Node
-author: eavena
+author: dansimp
ms.assetid: ab421454-69d1-4c10-8f58-2a35ae89c8b1
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/server-management-console-application-licenses-node.md b/mdop/appv-v4/server-management-console-application-licenses-node.md
index 3f238741ce..7673a67fdd 100644
--- a/mdop/appv-v4/server-management-console-application-licenses-node.md
+++ b/mdop/appv-v4/server-management-console-application-licenses-node.md
@@ -1,7 +1,7 @@
---
title: Server Management Console Application Licenses Node
description: Server Management Console Application Licenses Node
-author: eavena
+author: dansimp
ms.assetid: ad3fa486-2b3c-4efd-91f5-507e9c5057d5
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/server-management-console-application-virtualization-system-node.md b/mdop/appv-v4/server-management-console-application-virtualization-system-node.md
index 8b80ae666f..2d708a6647 100644
--- a/mdop/appv-v4/server-management-console-application-virtualization-system-node.md
+++ b/mdop/appv-v4/server-management-console-application-virtualization-system-node.md
@@ -1,7 +1,7 @@
---
title: Server Management Console Application Virtualization System Node
description: Server Management Console Application Virtualization System Node
-author: eavena
+author: dansimp
ms.assetid: 9450832e-335c-41e7-af24-fddb8ffc327c
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/server-management-console-applications-node.md b/mdop/appv-v4/server-management-console-applications-node.md
index a60b48ffce..b673e056f0 100644
--- a/mdop/appv-v4/server-management-console-applications-node.md
+++ b/mdop/appv-v4/server-management-console-applications-node.md
@@ -1,7 +1,7 @@
---
title: Server Management Console Applications Node
description: Server Management Console Applications Node
-author: eavena
+author: dansimp
ms.assetid: e465f816-032d-4824-9924-f2dcf30f2a2c
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/server-management-console-file-type-associations-node.md b/mdop/appv-v4/server-management-console-file-type-associations-node.md
index fceda812e7..f3d64be8f3 100644
--- a/mdop/appv-v4/server-management-console-file-type-associations-node.md
+++ b/mdop/appv-v4/server-management-console-file-type-associations-node.md
@@ -1,7 +1,7 @@
---
title: Server Management Console File Type Associations Node
description: Server Management Console File Type Associations Node
-author: eavena
+author: dansimp
ms.assetid: c22168be-6601-4154-b36b-9ca0fa87e5e0
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/server-management-console-packages-node.md b/mdop/appv-v4/server-management-console-packages-node.md
index 1dfe0fa72c..43d502c939 100644
--- a/mdop/appv-v4/server-management-console-packages-node.md
+++ b/mdop/appv-v4/server-management-console-packages-node.md
@@ -1,7 +1,7 @@
---
title: Server Management Console Packages Node
description: Server Management Console Packages Node
-author: eavena
+author: dansimp
ms.assetid: 458424f6-d586-4fa8-bf61-44c5028a4490
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/server-management-console-provider-policies-node.md b/mdop/appv-v4/server-management-console-provider-policies-node.md
index ce731f565e..0b55fe35db 100644
--- a/mdop/appv-v4/server-management-console-provider-policies-node.md
+++ b/mdop/appv-v4/server-management-console-provider-policies-node.md
@@ -1,7 +1,7 @@
---
title: Server Management Console Provider Policies Node
description: Server Management Console Provider Policies Node
-author: eavena
+author: dansimp
ms.assetid: a5b99158-9af8-45bb-b3b8-61e220529e14
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/server-management-console-reports-node.md b/mdop/appv-v4/server-management-console-reports-node.md
index 414250a6ed..2d44db2032 100644
--- a/mdop/appv-v4/server-management-console-reports-node.md
+++ b/mdop/appv-v4/server-management-console-reports-node.md
@@ -1,7 +1,7 @@
---
title: Server Management Console Reports Node
description: Server Management Console Reports Node
-author: eavena
+author: dansimp
ms.assetid: 9dde6332-5882-40dd-8a8f-857216df80ed
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/server-management-console-server-groups-node.md b/mdop/appv-v4/server-management-console-server-groups-node.md
index fa0a289798..73f5c2f80b 100644
--- a/mdop/appv-v4/server-management-console-server-groups-node.md
+++ b/mdop/appv-v4/server-management-console-server-groups-node.md
@@ -1,7 +1,7 @@
---
title: Server Management Console Server Groups Node
description: Server Management Console Server Groups Node
-author: eavena
+author: dansimp
ms.assetid: 83b86fc5-3f77-4470-985a-cf0bb8686067
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/sftmime--command-reference.md b/mdop/appv-v4/sftmime--command-reference.md
index 55ee1492e0..732b47bafc 100644
--- a/mdop/appv-v4/sftmime--command-reference.md
+++ b/mdop/appv-v4/sftmime--command-reference.md
@@ -1,7 +1,7 @@
---
title: SFTMIME Command Reference
description: SFTMIME Command Reference
-author: manikadhiman
+author: dansimp
ms.assetid: a4a69228-9dd3-4623-b773-899d03c0cf10
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/sfttray-command-reference.md b/mdop/appv-v4/sfttray-command-reference.md
index bf89666ba8..9e7dc93e91 100644
--- a/mdop/appv-v4/sfttray-command-reference.md
+++ b/mdop/appv-v4/sfttray-command-reference.md
@@ -1,7 +1,7 @@
---
title: SFTTRAY Command Reference
description: SFTTRAY Command Reference
-author: manikadhiman
+author: dansimp
ms.assetid: 6fa3a939-b047-4d6c-bd1d-dfb93e065eb2
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/side-by-side-privatization-failed-dialog-box--app-v-46-sp1-.md b/mdop/appv-v4/side-by-side-privatization-failed-dialog-box--app-v-46-sp1-.md
index ce583088cc..ced6882390 100644
--- a/mdop/appv-v4/side-by-side-privatization-failed-dialog-box--app-v-46-sp1-.md
+++ b/mdop/appv-v4/side-by-side-privatization-failed-dialog-box--app-v-46-sp1-.md
@@ -1,7 +1,7 @@
---
title: Side-by-side Privatization Failed Dialog Box (App-V 4.6 SP1)
description: Side-by-side Privatization Failed Dialog Box (App-V 4.6 SP1)
-author: manikadhiman
+author: dansimp
ms.assetid: bcdb9b82-b53d-4a36-9f5d-71c021d4be28
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/software-audit-reportserver.md b/mdop/appv-v4/software-audit-reportserver.md
index d360b339b8..9efbb49955 100644
--- a/mdop/appv-v4/software-audit-reportserver.md
+++ b/mdop/appv-v4/software-audit-reportserver.md
@@ -1,7 +1,7 @@
---
title: Software Audit Report
description: Software Audit Report
-author: manikadhiman
+author: dansimp
ms.assetid: 55a49ed2-f331-40d3-add6-8e5fcd6816fd
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/stand-alone-delivery-scenario-for-application-virtualization-clients.md b/mdop/appv-v4/stand-alone-delivery-scenario-for-application-virtualization-clients.md
index 057f6f881c..224b3b7a04 100644
--- a/mdop/appv-v4/stand-alone-delivery-scenario-for-application-virtualization-clients.md
+++ b/mdop/appv-v4/stand-alone-delivery-scenario-for-application-virtualization-clients.md
@@ -1,7 +1,7 @@
---
title: Stand-Alone Delivery Scenario for Application Virtualization Clients
description: Stand-Alone Delivery Scenario for Application Virtualization Clients
-author: manikadhiman
+author: dansimp
ms.assetid: 7545b468-f58a-4504-a6d5-3c2d303731c4
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/stand-alone-delivery-scenario-overview.md b/mdop/appv-v4/stand-alone-delivery-scenario-overview.md
index 07365c016e..d01a132c43 100644
--- a/mdop/appv-v4/stand-alone-delivery-scenario-overview.md
+++ b/mdop/appv-v4/stand-alone-delivery-scenario-overview.md
@@ -1,7 +1,7 @@
---
title: Stand-Alone Delivery Scenario Overview
description: Stand-Alone Delivery Scenario Overview
-author: manikadhiman
+author: dansimp
ms.assetid: b109f309-f3c1-43af-996f-2a9b138dd171
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/streaming-page-learn-more.md b/mdop/appv-v4/streaming-page-learn-more.md
index da5ad4a4f7..f46ecd595d 100644
--- a/mdop/appv-v4/streaming-page-learn-more.md
+++ b/mdop/appv-v4/streaming-page-learn-more.md
@@ -1,7 +1,7 @@
---
title: Streaming Page
description: Streaming Page
-author: manikadhiman
+author: dansimp
ms.assetid: a69a57a0-1bbe-4604-840d-bfa87ec463e1
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/support-for-client-reporting-over-http.md b/mdop/appv-v4/support-for-client-reporting-over-http.md
index affd21c498..23aa56eca5 100644
--- a/mdop/appv-v4/support-for-client-reporting-over-http.md
+++ b/mdop/appv-v4/support-for-client-reporting-over-http.md
@@ -1,7 +1,7 @@
---
title: Support for Client Reporting over HTTP
description: Support for Client Reporting over HTTP
-author: manikadhiman
+author: dansimp
ms.assetid: 4a26ac80-1fb5-4c05-83de-4d06793f7bf2
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/sxs-conflict-detected-dialog-box--app-v-46-sp1-.md b/mdop/appv-v4/sxs-conflict-detected-dialog-box--app-v-46-sp1-.md
index 836a996cb8..8e3965c0c2 100644
--- a/mdop/appv-v4/sxs-conflict-detected-dialog-box--app-v-46-sp1-.md
+++ b/mdop/appv-v4/sxs-conflict-detected-dialog-box--app-v-46-sp1-.md
@@ -1,7 +1,7 @@
---
title: SXS Conflict Detected Dialog Box (App-V 4.6 SP1)
description: SXS Conflict Detected Dialog Box (App-V 4.6 SP1)
-author: manikadhiman
+author: dansimp
ms.assetid: 7cbb67ba-cc11-4f10-b903-4a6af233eacb
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/system-error-reportserver.md b/mdop/appv-v4/system-error-reportserver.md
index a05fd63491..b94b419d2f 100644
--- a/mdop/appv-v4/system-error-reportserver.md
+++ b/mdop/appv-v4/system-error-reportserver.md
@@ -1,7 +1,7 @@
---
title: System Error Report
description: System Error Report
-author: manikadhiman
+author: dansimp
ms.assetid: 4081db2f-92a6-4928-a26b-757048159094
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/system-utilization-reportserver.md b/mdop/appv-v4/system-utilization-reportserver.md
index d8d31cf853..5bccc4c9ab 100644
--- a/mdop/appv-v4/system-utilization-reportserver.md
+++ b/mdop/appv-v4/system-utilization-reportserver.md
@@ -1,7 +1,7 @@
---
title: System Utilization Report
description: System Utilization Report
-author: manikadhiman
+author: dansimp
ms.assetid: 4d490d15-2d1f-4f2c-99bb-0685447c0672
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/target-os-page-learn-more.md b/mdop/appv-v4/target-os-page-learn-more.md
index 8b841dc45f..34db517496 100644
--- a/mdop/appv-v4/target-os-page-learn-more.md
+++ b/mdop/appv-v4/target-os-page-learn-more.md
@@ -1,7 +1,7 @@
---
title: Target OS Page
description: Target OS Page
-author: manikadhiman
+author: dansimp
ms.assetid: 003fd992-0a7e-494e-9e75-4dd5e0927e15
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/tasks-for-the-application-virtualization-sequencer--app-v-46-sp1-.md b/mdop/appv-v4/tasks-for-the-application-virtualization-sequencer--app-v-46-sp1-.md
index c7fd7547bb..f3df4eb7f8 100644
--- a/mdop/appv-v4/tasks-for-the-application-virtualization-sequencer--app-v-46-sp1-.md
+++ b/mdop/appv-v4/tasks-for-the-application-virtualization-sequencer--app-v-46-sp1-.md
@@ -1,7 +1,7 @@
---
title: Tasks for the Application Virtualization Sequencer (App-V 4.6 SP1)
description: Tasks for the Application Virtualization Sequencer (App-V 4.6 SP1)
-author: manikadhiman
+author: dansimp
ms.assetid: 58597af9-6a62-4588-ab41-dbf6b7026267
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/tasks-for-the-application-virtualization-sequencer.md b/mdop/appv-v4/tasks-for-the-application-virtualization-sequencer.md
index 5241b96cce..88d5d425f0 100644
--- a/mdop/appv-v4/tasks-for-the-application-virtualization-sequencer.md
+++ b/mdop/appv-v4/tasks-for-the-application-virtualization-sequencer.md
@@ -1,7 +1,7 @@
---
title: Tasks for the Application Virtualization Sequencer
description: Tasks for the Application Virtualization Sequencer
-author: manikadhiman
+author: dansimp
ms.assetid: 398018f4-297a-440d-b614-23f0ab03e7bd
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/troubleshooting-application-virtualization-sequencer-issues.md b/mdop/appv-v4/troubleshooting-application-virtualization-sequencer-issues.md
index 0c9d93141c..c7285083d5 100644
--- a/mdop/appv-v4/troubleshooting-application-virtualization-sequencer-issues.md
+++ b/mdop/appv-v4/troubleshooting-application-virtualization-sequencer-issues.md
@@ -1,7 +1,7 @@
---
title: Troubleshooting Application Virtualization Sequencer Issues
description: Troubleshooting Application Virtualization Sequencer Issues
-author: manikadhiman
+author: dansimp
ms.assetid: 2712094b-a0bc-4643-aced-5415535f3fec
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/troubleshooting-certificate-permission-issues.md b/mdop/appv-v4/troubleshooting-certificate-permission-issues.md
index 6987ec6314..9b05d6624b 100644
--- a/mdop/appv-v4/troubleshooting-certificate-permission-issues.md
+++ b/mdop/appv-v4/troubleshooting-certificate-permission-issues.md
@@ -1,7 +1,7 @@
---
title: Troubleshooting Certificate Permission Issues
description: Troubleshooting Certificate Permission Issues
-author: manikadhiman
+author: dansimp
ms.assetid: 06b8cbbc-93fd-44aa-af39-2d780792d3c3
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/troubleshooting-information-for-the-application-virtualization-client.md b/mdop/appv-v4/troubleshooting-information-for-the-application-virtualization-client.md
index 1a8a9821d5..a8b8781132 100644
--- a/mdop/appv-v4/troubleshooting-information-for-the-application-virtualization-client.md
+++ b/mdop/appv-v4/troubleshooting-information-for-the-application-virtualization-client.md
@@ -1,7 +1,7 @@
---
title: Troubleshooting Information for the Application Virtualization Client
description: Troubleshooting Information for the Application Virtualization Client
-author: manikadhiman
+author: dansimp
ms.assetid: 260a8dad-847f-4ec0-b7dd-6e6bc52017ed
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/troubleshooting-information-for-the-application-virtualization-server.md b/mdop/appv-v4/troubleshooting-information-for-the-application-virtualization-server.md
index 021372f847..df335aaec7 100644
--- a/mdop/appv-v4/troubleshooting-information-for-the-application-virtualization-server.md
+++ b/mdop/appv-v4/troubleshooting-information-for-the-application-virtualization-server.md
@@ -1,7 +1,7 @@
---
title: Troubleshooting Information for the Application Virtualization Server
description: Troubleshooting Information for the Application Virtualization Server
-author: manikadhiman
+author: dansimp
ms.assetid: e9d43d9b-84f2-4d1b-bb90-a13740151e0c
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/troubleshooting-the-application-virtualization-sequencer.md b/mdop/appv-v4/troubleshooting-the-application-virtualization-sequencer.md
index 0ee0ebe678..c832ebe830 100644
--- a/mdop/appv-v4/troubleshooting-the-application-virtualization-sequencer.md
+++ b/mdop/appv-v4/troubleshooting-the-application-virtualization-sequencer.md
@@ -1,7 +1,7 @@
---
title: Troubleshooting the Application Virtualization Sequencer
description: Troubleshooting the Application Virtualization Sequencer
-author: manikadhiman
+author: dansimp
ms.assetid: 12ea8367-0b84-44e1-a885-e0539486556b
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/type-of-application-page--learn-more-.md b/mdop/appv-v4/type-of-application-page--learn-more-.md
index 793ec8b0c1..529c2aac7d 100644
--- a/mdop/appv-v4/type-of-application-page--learn-more-.md
+++ b/mdop/appv-v4/type-of-application-page--learn-more-.md
@@ -1,7 +1,7 @@
---
title: Type of Application Page (Learn More)
description: Type of Application Page (Learn More)
-author: manikadhiman
+author: dansimp
ms.assetid: d1262d16-7b14-441e-8500-7974bf68d196
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/unload-app.md b/mdop/appv-v4/unload-app.md
index 692d0b2a1b..e9b1a2c013 100644
--- a/mdop/appv-v4/unload-app.md
+++ b/mdop/appv-v4/unload-app.md
@@ -1,7 +1,7 @@
---
title: UNLOAD APP
description: UNLOAD APP
-author: manikadhiman
+author: dansimp
ms.assetid: f0d729ae-8772-498b-be11-1a4b35499c53
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/unload-package.md b/mdop/appv-v4/unload-package.md
index d0ad6ce857..8c8678569e 100644
--- a/mdop/appv-v4/unload-package.md
+++ b/mdop/appv-v4/unload-package.md
@@ -1,7 +1,7 @@
---
title: UNLOAD PACKAGE
description: UNLOAD PACKAGE
-author: manikadhiman
+author: dansimp
ms.assetid: a076eb5a-ce3d-49e4-ac7a-4d4df10e3477
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/unlock-app.md b/mdop/appv-v4/unlock-app.md
index f003f66e5a..91940cb378 100644
--- a/mdop/appv-v4/unlock-app.md
+++ b/mdop/appv-v4/unlock-app.md
@@ -1,7 +1,7 @@
---
title: UNLOCK APP
description: UNLOCK APP
-author: manikadhiman
+author: dansimp
ms.assetid: 91fc8ceb-b4f5-4a06-8193-05189f830943
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/unpublish-package.md b/mdop/appv-v4/unpublish-package.md
index 28df41e62d..34f5a16083 100644
--- a/mdop/appv-v4/unpublish-package.md
+++ b/mdop/appv-v4/unpublish-package.md
@@ -1,7 +1,7 @@
---
title: UNPUBLISH PACKAGE
description: UNPUBLISH PACKAGE
-author: manikadhiman
+author: dansimp
ms.assetid: 1651427c-72a5-4701-bb57-71e14a7a3803
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/user-access-permissions-in-application-virtualization-client.md b/mdop/appv-v4/user-access-permissions-in-application-virtualization-client.md
index 1517ada613..b5823c5aa0 100644
--- a/mdop/appv-v4/user-access-permissions-in-application-virtualization-client.md
+++ b/mdop/appv-v4/user-access-permissions-in-application-virtualization-client.md
@@ -1,7 +1,7 @@
---
title: User Access Permissions in Application Virtualization Client
description: User Access Permissions in Application Virtualization Client
-author: manikadhiman
+author: dansimp
ms.assetid: 7459374c-810c-45e3-b205-fdd1f8514f80
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/using-application-virtualization-servers-as-a-package-management-solution.md b/mdop/appv-v4/using-application-virtualization-servers-as-a-package-management-solution.md
index 0537d830a9..e41d0cb21b 100644
--- a/mdop/appv-v4/using-application-virtualization-servers-as-a-package-management-solution.md
+++ b/mdop/appv-v4/using-application-virtualization-servers-as-a-package-management-solution.md
@@ -1,7 +1,7 @@
---
title: Using Application Virtualization Servers as a Package Management Solution
description: Using Application Virtualization Servers as a Package Management Solution
-author: manikadhiman
+author: dansimp
ms.assetid: 41597355-e7bb-45e2-b300-7b1724419975
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/using-electronic-software-distribution-as-a-package-management-solution.md b/mdop/appv-v4/using-electronic-software-distribution-as-a-package-management-solution.md
index 4788d4f85f..af5b7a4cfc 100644
--- a/mdop/appv-v4/using-electronic-software-distribution-as-a-package-management-solution.md
+++ b/mdop/appv-v4/using-electronic-software-distribution-as-a-package-management-solution.md
@@ -1,7 +1,7 @@
---
title: Using Electronic Software Distribution as a Package Management Solution
description: Using Electronic Software Distribution as a Package Management Solution
-author: manikadhiman
+author: dansimp
ms.assetid: 7d96ea70-3e7e-49fa-89cc-586804a10657
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/verify-applications-page--package-accelerators-.md b/mdop/appv-v4/verify-applications-page--package-accelerators-.md
index dc6a8604e7..fa38068d5e 100644
--- a/mdop/appv-v4/verify-applications-page--package-accelerators-.md
+++ b/mdop/appv-v4/verify-applications-page--package-accelerators-.md
@@ -1,7 +1,7 @@
---
title: Verify Applications Page (Package Accelerators)
description: Verify Applications Page (Package Accelerators)
-author: manikadhiman
+author: dansimp
ms.assetid: e58a37db-d042-453f-aa0d-2f324600a35b
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/virtual-application-package-additional-components.md b/mdop/appv-v4/virtual-application-package-additional-components.md
index 42d28df0f0..8fe48620bc 100644
--- a/mdop/appv-v4/virtual-application-package-additional-components.md
+++ b/mdop/appv-v4/virtual-application-package-additional-components.md
@@ -1,7 +1,7 @@
---
title: Virtual Application Package Additional Components
description: Virtual Application Package Additional Components
-author: manikadhiman
+author: dansimp
ms.assetid: 476b0f40-ebd6-4296-92fa-61fa9495c03c
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/virtual-file-system-tab-keep.md b/mdop/appv-v4/virtual-file-system-tab-keep.md
index 188445d4e4..290e0a1d2a 100644
--- a/mdop/appv-v4/virtual-file-system-tab-keep.md
+++ b/mdop/appv-v4/virtual-file-system-tab-keep.md
@@ -1,7 +1,7 @@
---
title: Virtual File System Tab
description: Virtual File System Tab
-author: manikadhiman
+author: dansimp
ms.assetid: 9d084e2a-720d-4a25-9cd5-d0d70868b413
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/virtual-registry-tab-keep.md b/mdop/appv-v4/virtual-registry-tab-keep.md
index 832f3dc40b..cd9e9a01da 100644
--- a/mdop/appv-v4/virtual-registry-tab-keep.md
+++ b/mdop/appv-v4/virtual-registry-tab-keep.md
@@ -1,7 +1,7 @@
---
title: Virtual Registry Tab
description: Virtual Registry Tab
-author: manikadhiman
+author: dansimp
ms.assetid: 25833383-24c4-40a1-b34c-73b2bd3f11e1
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/virtual-services-tab-keep.md b/mdop/appv-v4/virtual-services-tab-keep.md
index e78e0eee33..360df6d0a5 100644
--- a/mdop/appv-v4/virtual-services-tab-keep.md
+++ b/mdop/appv-v4/virtual-services-tab-keep.md
@@ -1,7 +1,7 @@
---
title: Virtual Services Tab
description: Virtual Services Tab
-author: manikadhiman
+author: dansimp
ms.assetid: 9fc4679d-ccb5-4df7-99de-dd7d3a367ecc
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v4/wizard-pages--appv-46-sp1-.md b/mdop/appv-v4/wizard-pages--appv-46-sp1-.md
index 8d47e49527..a0a4219295 100644
--- a/mdop/appv-v4/wizard-pages--appv-46-sp1-.md
+++ b/mdop/appv-v4/wizard-pages--appv-46-sp1-.md
@@ -1,7 +1,7 @@
---
title: Wizard Pages (AppV 4.6 SP1)
description: Wizard Pages (AppV 4.6 SP1)
-author: manikadhiman
+author: dansimp
ms.assetid: dadab8cf-fe6d-4cff-8f6c-e9676f244872
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/about-app-v-50-dynamic-configuration.md b/mdop/appv-v5/about-app-v-50-dynamic-configuration.md
index 103b44d92c..8a54d8a0da 100644
--- a/mdop/appv-v5/about-app-v-50-dynamic-configuration.md
+++ b/mdop/appv-v5/about-app-v-50-dynamic-configuration.md
@@ -1,7 +1,7 @@
---
title: About App-V 5.0 Dynamic Configuration
description: About App-V 5.0 Dynamic Configuration
-author: manikadhiman
+author: dansimp
ms.assetid: 88afaca1-68c5-45c4-a074-9371c56b5804
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/about-app-v-50-reporting.md b/mdop/appv-v5/about-app-v-50-reporting.md
index a050c4a164..f5bce3e29a 100644
--- a/mdop/appv-v5/about-app-v-50-reporting.md
+++ b/mdop/appv-v5/about-app-v-50-reporting.md
@@ -1,7 +1,7 @@
---
title: About App-V 5.0 Reporting
description: About App-V 5.0 Reporting
-author: manikadhiman
+author: dansimp
ms.assetid: 27c33dda-f017-41e3-8a78-1b681543ec4f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/about-app-v-50-sp1.md b/mdop/appv-v5/about-app-v-50-sp1.md
index d77515d490..2222333447 100644
--- a/mdop/appv-v5/about-app-v-50-sp1.md
+++ b/mdop/appv-v5/about-app-v-50-sp1.md
@@ -1,7 +1,7 @@
---
title: About App-V 5.0 SP1
description: About App-V 5.0 SP1
-author: manikadhiman
+author: dansimp
ms.assetid: 2848a51b-452e-4c70-b465-f6717cfa667f
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/about-app-v-50-sp2.md b/mdop/appv-v5/about-app-v-50-sp2.md
index 9da2057ae1..f3f167d10a 100644
--- a/mdop/appv-v5/about-app-v-50-sp2.md
+++ b/mdop/appv-v5/about-app-v-50-sp2.md
@@ -1,7 +1,7 @@
---
title: About App-V 5.0 SP2
description: About App-V 5.0 SP2
-author: manikadhiman
+author: dansimp
ms.assetid: 16ca8452-cef2-464e-b4b5-c10d4630fa6a
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/about-app-v-50-sp3.md b/mdop/appv-v5/about-app-v-50-sp3.md
index 404ea88933..a784b0b574 100644
--- a/mdop/appv-v5/about-app-v-50-sp3.md
+++ b/mdop/appv-v5/about-app-v-50-sp3.md
@@ -1,7 +1,7 @@
---
title: About App-V 5.0 SP3
description: About App-V 5.0 SP3
-author: manikadhiman
+author: dansimp
ms.assetid: 67b5268b-edc1-4027-98b0-b3937dd70a6b
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/about-app-v-50.md b/mdop/appv-v5/about-app-v-50.md
index 76b86ac82d..a81421348c 100644
--- a/mdop/appv-v5/about-app-v-50.md
+++ b/mdop/appv-v5/about-app-v-50.md
@@ -1,7 +1,7 @@
---
title: About App-V 5.0
description: About App-V 5.0
-author: manikadhiman
+author: dansimp
ms.assetid: 5799141b-44bc-4033-afcc-212235e15f00
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/about-app-v-51-dynamic-configuration.md b/mdop/appv-v5/about-app-v-51-dynamic-configuration.md
index b66bfce583..663c596d68 100644
--- a/mdop/appv-v5/about-app-v-51-dynamic-configuration.md
+++ b/mdop/appv-v5/about-app-v-51-dynamic-configuration.md
@@ -1,7 +1,7 @@
---
title: About App-V 5.1 dynamic configuration
description: You can use the dynamic configuration to customize an App-V 5.1 package for a user. Use the following information to create or edit an existing dynamic configuration file.
-author: manikadhiman
+author: dansimp
ms.assetid: 35bc9908-d502-4a9c-873f-8ee17b6d9d74
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/about-app-v-51-reporting.md b/mdop/appv-v5/about-app-v-51-reporting.md
index 05c85668ea..b37f88f1db 100644
--- a/mdop/appv-v5/about-app-v-51-reporting.md
+++ b/mdop/appv-v5/about-app-v-51-reporting.md
@@ -1,7 +1,7 @@
---
title: About App-V 5.1 Reporting
description: About App-V 5.1 Reporting
-author: manikadhiman
+author: dansimp
ms.assetid: 385dca00-7178-4e35-8d86-c58867ebd65c
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/about-app-v-51.md b/mdop/appv-v5/about-app-v-51.md
index 199fc19259..f52bcf1b64 100644
--- a/mdop/appv-v5/about-app-v-51.md
+++ b/mdop/appv-v5/about-app-v-51.md
@@ -1,7 +1,7 @@
---
title: About App-V 5.1
description: About App-V 5.1
-author: manikadhiman
+author: dansimp
ms.assetid: 35bc9908-d502-4a9c-873f-8ee17b6d9d74
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/about-client-configuration-settings.md b/mdop/appv-v5/about-client-configuration-settings.md
index 8671a0c754..9ba08f850a 100644
--- a/mdop/appv-v5/about-client-configuration-settings.md
+++ b/mdop/appv-v5/about-client-configuration-settings.md
@@ -1,7 +1,7 @@
---
title: About Client Configuration Settings
description: About Client Configuration Settings
-author: manikadhiman
+author: dansimp
ms.assetid: cc7ae28c-b2ac-4f68-b992-5ccdbd5316a4
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/about-client-configuration-settings51.md b/mdop/appv-v5/about-client-configuration-settings51.md
index b0af200279..0ea5586f2b 100644
--- a/mdop/appv-v5/about-client-configuration-settings51.md
+++ b/mdop/appv-v5/about-client-configuration-settings51.md
@@ -1,7 +1,7 @@
---
title: About Client Configuration Settings
description: About Client Configuration Settings
-author: manikadhiman
+author: dansimp
ms.assetid: 18bb307a-7eda-4dd6-a83e-6afaefd99470
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/about-the-connection-group-file.md b/mdop/appv-v5/about-the-connection-group-file.md
index a46bdbf5ea..6052eca8c9 100644
--- a/mdop/appv-v5/about-the-connection-group-file.md
+++ b/mdop/appv-v5/about-the-connection-group-file.md
@@ -1,7 +1,7 @@
---
title: About the Connection Group File
description: About the Connection Group File
-author: manikadhiman
+author: dansimp
ms.assetid: bfeb6013-a7ca-4e36-9fe3-229702e83f0d
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/about-the-connection-group-file51.md b/mdop/appv-v5/about-the-connection-group-file51.md
index f8949ce649..4b7274562f 100644
--- a/mdop/appv-v5/about-the-connection-group-file51.md
+++ b/mdop/appv-v5/about-the-connection-group-file51.md
@@ -1,7 +1,7 @@
---
title: About the Connection Group File
description: About the Connection Group File
-author: manikadhiman
+author: dansimp
ms.assetid: 1f4df515-f5f6-4b58-91a8-c71598cb3ea4
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/about-the-connection-group-virtual-environment.md b/mdop/appv-v5/about-the-connection-group-virtual-environment.md
index d8d9974471..5b7e566fae 100644
--- a/mdop/appv-v5/about-the-connection-group-virtual-environment.md
+++ b/mdop/appv-v5/about-the-connection-group-virtual-environment.md
@@ -1,7 +1,7 @@
---
title: About the Connection Group Virtual Environment
description: About the Connection Group Virtual Environment
-author: manikadhiman
+author: dansimp
ms.assetid: 535fa640-cbd9-425e-8437-94650a70c264
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/about-the-connection-group-virtual-environment51.md b/mdop/appv-v5/about-the-connection-group-virtual-environment51.md
index 3489f151b7..3acd54097c 100644
--- a/mdop/appv-v5/about-the-connection-group-virtual-environment51.md
+++ b/mdop/appv-v5/about-the-connection-group-virtual-environment51.md
@@ -1,7 +1,7 @@
---
title: About the Connection Group Virtual Environment
description: About the Connection Group Virtual Environment
-author: manikadhiman
+author: dansimp
ms.assetid: b7bb0e3d-8cd5-45a9-b84e-c9ab4196a18c
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/accessibility-for-app-v-50.md b/mdop/appv-v5/accessibility-for-app-v-50.md
index 1f11859823..4cc6cd8431 100644
--- a/mdop/appv-v5/accessibility-for-app-v-50.md
+++ b/mdop/appv-v5/accessibility-for-app-v-50.md
@@ -1,7 +1,7 @@
---
title: Accessibility for App-V 5.0
description: Accessibility for App-V 5.0
-author: manikadhiman
+author: dansimp
ms.assetid: 56696523-6332-4bbe-8ddf-32b1dfe38131
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/accessibility-for-app-v-51.md b/mdop/appv-v5/accessibility-for-app-v-51.md
index bae1242c01..30d29b8cd1 100644
--- a/mdop/appv-v5/accessibility-for-app-v-51.md
+++ b/mdop/appv-v5/accessibility-for-app-v-51.md
@@ -1,7 +1,7 @@
---
title: Accessibility for App-V 5.1
description: Accessibility for App-V 5.1
-author: manikadhiman
+author: dansimp
ms.assetid: ef3f7742-f2e9-4748-ad60-74e0961b1bd9
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/administering-app-v-50-virtual-applications-by-using-the-management-console.md b/mdop/appv-v5/administering-app-v-50-virtual-applications-by-using-the-management-console.md
index cb135d1d39..d0bcc87058 100644
--- a/mdop/appv-v5/administering-app-v-50-virtual-applications-by-using-the-management-console.md
+++ b/mdop/appv-v5/administering-app-v-50-virtual-applications-by-using-the-management-console.md
@@ -1,7 +1,7 @@
---
title: Administering App-V 5.0 Virtual Applications by Using the Management Console
description: Administering App-V 5.0 Virtual Applications by Using the Management Console
-author: manikadhiman
+author: dansimp
ms.assetid: e9280dbd-782b-493a-b495-daab25247795
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/administering-app-v-51-by-using-powershell.md b/mdop/appv-v5/administering-app-v-51-by-using-powershell.md
index 877702cf37..be798c4983 100644
--- a/mdop/appv-v5/administering-app-v-51-by-using-powershell.md
+++ b/mdop/appv-v5/administering-app-v-51-by-using-powershell.md
@@ -1,7 +1,7 @@
---
title: Administering App-V 5.1 by Using PowerShell
description: Administering App-V 5.1 by Using PowerShell
-author: manikadhiman
+author: dansimp
ms.assetid: 9e10ff07-2cd9-4dc1-9e99-582f90c36081
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/administering-app-v-51-virtual-applications-by-using-the-management-console.md b/mdop/appv-v5/administering-app-v-51-virtual-applications-by-using-the-management-console.md
index 72a7e81f82..9431f2a486 100644
--- a/mdop/appv-v5/administering-app-v-51-virtual-applications-by-using-the-management-console.md
+++ b/mdop/appv-v5/administering-app-v-51-virtual-applications-by-using-the-management-console.md
@@ -1,7 +1,7 @@
---
title: Administering App-V 5.1 Virtual Applications by Using the Management Console
description: Administering App-V 5.1 Virtual Applications by Using the Management Console
-author: manikadhiman
+author: dansimp
ms.assetid: a4d078aa-ec54-4fa4-9463-bfb3b971d724
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/administering-app-v-by-using-powershell.md b/mdop/appv-v5/administering-app-v-by-using-powershell.md
index 42d3dcaa27..8d6b8071a3 100644
--- a/mdop/appv-v5/administering-app-v-by-using-powershell.md
+++ b/mdop/appv-v5/administering-app-v-by-using-powershell.md
@@ -1,7 +1,7 @@
---
title: Administering App-V by Using PowerShell
description: Administering App-V by Using PowerShell
-author: manikadhiman
+author: dansimp
ms.assetid: 1ff4686a-1e19-4eff-b648-ada091281094
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/app-v-50-capacity-planning.md b/mdop/appv-v5/app-v-50-capacity-planning.md
index 457f754602..3fe507eacf 100644
--- a/mdop/appv-v5/app-v-50-capacity-planning.md
+++ b/mdop/appv-v5/app-v-50-capacity-planning.md
@@ -1,7 +1,7 @@
---
title: App-V 5.0 Capacity Planning
description: App-V 5.0 Capacity Planning
-author: manikadhiman
+author: dansimp
ms.assetid: 56f48b00-cd91-4280-9481-5372a0e2e792
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/app-v-50-deployment-checklist.md b/mdop/appv-v5/app-v-50-deployment-checklist.md
index 811e99527d..2b84226c10 100644
--- a/mdop/appv-v5/app-v-50-deployment-checklist.md
+++ b/mdop/appv-v5/app-v-50-deployment-checklist.md
@@ -1,7 +1,7 @@
---
title: App-V 5.0 Deployment Checklist
description: App-V 5.0 Deployment Checklist
-author: manikadhiman
+author: dansimp
ms.assetid: d6d93152-82b4-4b02-8b11-ed21d3331f00
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/app-v-50-planning-checklist.md b/mdop/appv-v5/app-v-50-planning-checklist.md
index 4dbf695034..3eeb21f0b8 100644
--- a/mdop/appv-v5/app-v-50-planning-checklist.md
+++ b/mdop/appv-v5/app-v-50-planning-checklist.md
@@ -1,7 +1,7 @@
---
title: App-V 5.0 Planning Checklist
description: App-V 5.0 Planning Checklist
-author: manikadhiman
+author: dansimp
ms.assetid: 81d3fa62-3c9e-4de7-a9da-cd13112b0862
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/app-v-50-prerequisites.md b/mdop/appv-v5/app-v-50-prerequisites.md
index 2ecd8abb24..1d1dcd7770 100644
--- a/mdop/appv-v5/app-v-50-prerequisites.md
+++ b/mdop/appv-v5/app-v-50-prerequisites.md
@@ -1,7 +1,7 @@
---
title: App-V 5.0 Prerequisites
description: App-V 5.0 Prerequisites
-author: manikadhiman
+author: dansimp
ms.assetid: 9756b571-c785-4ce6-a95c-d4e134e89429
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/app-v-50-security-considerations.md b/mdop/appv-v5/app-v-50-security-considerations.md
index f7291b163e..3425e93637 100644
--- a/mdop/appv-v5/app-v-50-security-considerations.md
+++ b/mdop/appv-v5/app-v-50-security-considerations.md
@@ -1,7 +1,7 @@
---
title: App-V 5.0 Security Considerations
description: App-V 5.0 Security Considerations
-author: manikadhiman
+author: dansimp
ms.assetid: 1e7292a0-7972-4b4f-85a9-eaf33f6c563a
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/app-v-50-sp3-prerequisites.md b/mdop/appv-v5/app-v-50-sp3-prerequisites.md
index fb281d9f9f..4b92ce66e0 100644
--- a/mdop/appv-v5/app-v-50-sp3-prerequisites.md
+++ b/mdop/appv-v5/app-v-50-sp3-prerequisites.md
@@ -1,7 +1,7 @@
---
title: App-V 5.0 SP3 Prerequisites
description: App-V 5.0 SP3 Prerequisites
-author: manikadhiman
+author: dansimp
ms.assetid: fa8d5578-3a53-4e8a-95c7-e7a5f6e4a31c
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/app-v-50-sp3-supported-configurations.md b/mdop/appv-v5/app-v-50-sp3-supported-configurations.md
index ce1e2700d6..8341bc668d 100644
--- a/mdop/appv-v5/app-v-50-sp3-supported-configurations.md
+++ b/mdop/appv-v5/app-v-50-sp3-supported-configurations.md
@@ -1,7 +1,7 @@
---
title: App-V 5.0 SP3 Supported Configurations
description: App-V 5.0 SP3 Supported Configurations
-author: manikadhiman
+author: dansimp
ms.assetid: 08ced79a-0ed3-43c3-82e7-de01c1f33e81
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/app-v-50-supported-configurations.md b/mdop/appv-v5/app-v-50-supported-configurations.md
index d8aebe5e0d..4b23a3738a 100644
--- a/mdop/appv-v5/app-v-50-supported-configurations.md
+++ b/mdop/appv-v5/app-v-50-supported-configurations.md
@@ -1,7 +1,7 @@
---
title: App-V 5.0 Supported Configurations
description: App-V 5.0 Supported Configurations
-author: manikadhiman
+author: dansimp
ms.assetid: 3787ff63-7ce7-45a8-8f01-81b4b6dced34
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/app-v-51-capacity-planning.md b/mdop/appv-v5/app-v-51-capacity-planning.md
index 81fe9f8d6c..0473ec9858 100644
--- a/mdop/appv-v5/app-v-51-capacity-planning.md
+++ b/mdop/appv-v5/app-v-51-capacity-planning.md
@@ -1,7 +1,7 @@
---
title: App-V 5.1 Capacity Planning
description: App-V 5.1 Capacity Planning
-author: manikadhiman
+author: dansimp
ms.assetid: 7a98062f-5a60-49d6-ab40-dc6057e1dd5a
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/app-v-51-deployment-checklist.md b/mdop/appv-v5/app-v-51-deployment-checklist.md
index 59236f1c84..955988dde1 100644
--- a/mdop/appv-v5/app-v-51-deployment-checklist.md
+++ b/mdop/appv-v5/app-v-51-deployment-checklist.md
@@ -1,7 +1,7 @@
---
title: App-V 5.1 Deployment Checklist
description: App-V 5.1 Deployment Checklist
-author: manikadhiman
+author: dansimp
ms.assetid: 44bed85a-e4f5-49d7-a308-a2b681f76372
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/app-v-51-planning-checklist.md b/mdop/appv-v5/app-v-51-planning-checklist.md
index c662fbb94c..52ac3984ce 100644
--- a/mdop/appv-v5/app-v-51-planning-checklist.md
+++ b/mdop/appv-v5/app-v-51-planning-checklist.md
@@ -1,7 +1,7 @@
---
title: App-V 5.1 Planning Checklist
description: App-V 5.1 Planning Checklist
-author: manikadhiman
+author: dansimp
ms.assetid: 1e26a861-0612-43a6-972f-375a40a8dcbc
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/app-v-51-prerequisites.md b/mdop/appv-v5/app-v-51-prerequisites.md
index 037f317f8d..f9709263ec 100644
--- a/mdop/appv-v5/app-v-51-prerequisites.md
+++ b/mdop/appv-v5/app-v-51-prerequisites.md
@@ -1,7 +1,7 @@
---
title: App-V 5.1 Prerequisites
description: App-V 5.1 Prerequisites
-author: manikadhiman
+author: dansimp
ms.assetid: 1bfa03c1-a4ae-45ec-8a2b-b10c2b94bfb0
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/app-v-51-security-considerations.md b/mdop/appv-v5/app-v-51-security-considerations.md
index dac917b699..cf442e5690 100644
--- a/mdop/appv-v5/app-v-51-security-considerations.md
+++ b/mdop/appv-v5/app-v-51-security-considerations.md
@@ -1,7 +1,7 @@
---
title: App-V 5.1 Security Considerations
description: App-V 5.1 Security Considerations
-author: manikadhiman
+author: dansimp
ms.assetid: 6bc6c1fc-f813-47d4-b763-06fd4faf6a72
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/app-v-51-supported-configurations.md b/mdop/appv-v5/app-v-51-supported-configurations.md
index 63e4f12d3c..aa2a35a202 100644
--- a/mdop/appv-v5/app-v-51-supported-configurations.md
+++ b/mdop/appv-v5/app-v-51-supported-configurations.md
@@ -1,7 +1,7 @@
---
title: App-V 5.1 Supported Configurations
description: App-V 5.1 Supported Configurations
-author: manikadhiman
+author: dansimp
ms.assetid: 8b8db63b-f71c-4ae9-80e7-a6752334e1f6
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/application-publishing-and-client-interaction.md b/mdop/appv-v5/application-publishing-and-client-interaction.md
index 6623e796d2..6c060982f7 100644
--- a/mdop/appv-v5/application-publishing-and-client-interaction.md
+++ b/mdop/appv-v5/application-publishing-and-client-interaction.md
@@ -1,7 +1,7 @@
---
title: Application Publishing and Client Interaction
description: Application Publishing and Client Interaction
-author: manikadhiman
+author: dansimp
ms.assetid: c69a724a-85d1-4e2d-94a2-7ffe0b47d971
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/application-publishing-and-client-interaction51.md b/mdop/appv-v5/application-publishing-and-client-interaction51.md
index 257cbe8a43..ba6d7e8fe7 100644
--- a/mdop/appv-v5/application-publishing-and-client-interaction51.md
+++ b/mdop/appv-v5/application-publishing-and-client-interaction51.md
@@ -1,7 +1,7 @@
---
title: Application Publishing and Client Interaction
description: Application Publishing and Client Interaction
-author: manikadhiman
+author: dansimp
ms.assetid: 36a4bf6f-a917-41a6-9856-6248686df352
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/check-reg-key-svr.md b/mdop/appv-v5/check-reg-key-svr.md
index 84fc0d654a..44498c1829 100644
--- a/mdop/appv-v5/check-reg-key-svr.md
+++ b/mdop/appv-v5/check-reg-key-svr.md
@@ -1,7 +1,7 @@
---
title: Check Registry Keys before installing App-V 5.x Server
description: Check Registry Keys before installing App-V 5.x Server
-author: manikadhiman
+author: dansimp
ms.pagetype: mdop, appcompat, virtualization
ms.mktglfcycl: deploy
ms.sitesec: library
diff --git a/mdop/appv-v5/creating-and-managing-app-v-50-virtualized-applications.md b/mdop/appv-v5/creating-and-managing-app-v-50-virtualized-applications.md
index 89f4fc49d7..fda09c81df 100644
--- a/mdop/appv-v5/creating-and-managing-app-v-50-virtualized-applications.md
+++ b/mdop/appv-v5/creating-and-managing-app-v-50-virtualized-applications.md
@@ -1,7 +1,7 @@
---
title: Creating and Managing App-V 5.0 Virtualized Applications
description: Creating and Managing App-V 5.0 Virtualized Applications
-author: manikadhiman
+author: dansimp
ms.assetid: 66bab403-d7e0-4e7b-bc8f-a29a98a7160a
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/how-to-install-the-app-v-databases-and-convert-the-associated-security-identifiers--by-using-powershell51.md b/mdop/appv-v5/how-to-install-the-app-v-databases-and-convert-the-associated-security-identifiers--by-using-powershell51.md
index 5cabf37196..ed4ef04eb0 100644
--- a/mdop/appv-v5/how-to-install-the-app-v-databases-and-convert-the-associated-security-identifiers--by-using-powershell51.md
+++ b/mdop/appv-v5/how-to-install-the-app-v-databases-and-convert-the-associated-security-identifiers--by-using-powershell51.md
@@ -3,7 +3,7 @@ title: How to Install the App-V Databases and Convert the Associated Security Id
description: How to Install the App-V Databases and Convert the Associated Security Identifiers by Using PowerShell
author: dansimp
ms.assetid: 2be6fb72-f3a6-4550-bba1-6defa78ca08a
-ms.reviewer:
+ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.pagetype: mdop, appcompat, virtualization
diff --git a/mdop/appv-v5/how-to-use-an-app-v-46-sp1-application-from-an-app-v-51-application.md b/mdop/appv-v5/how-to-use-an-app-v-46-sp1-application-from-an-app-v-51-application.md
index 06eb564ecc..51f82f6674 100644
--- a/mdop/appv-v5/how-to-use-an-app-v-46-sp1-application-from-an-app-v-51-application.md
+++ b/mdop/appv-v5/how-to-use-an-app-v-46-sp1-application-from-an-app-v-51-application.md
@@ -1,7 +1,7 @@
---
title: How to Use an App-V 4.6 Application From an App-V 5.1 Application
description: How to Use an App-V 4.6 Application From an App-V 5.1 Application
-author: msfttracyp
+author: dansimp
ms.assetid: 909b4391-762b-4988-b0cf-32b67f1fcf0e
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups.md b/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups.md
index 3f0e318e6e..6ce7d696b3 100644
--- a/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups.md
+++ b/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups.md
@@ -1,7 +1,7 @@
---
title: How to Use Optional Packages in Connection Groups
description: How to Use Optional Packages in Connection Groups
-author: msfttracyp
+author: dansimp
ms.assetid: 4d08a81b-55e5-471a-91dc-9a684fb3c9a1
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups51.md b/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups51.md
index d507575d2e..ed95d88c35 100644
--- a/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups51.md
+++ b/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups51.md
@@ -1,7 +1,7 @@
---
title: How to Use Optional Packages in Connection Groups
description: How to Use Optional Packages in Connection Groups
-author: msfttracyp
+author: dansimp
ms.assetid: 67666f18-b704-4852-a1e4-d13633bd2baf
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/how-to-view-and-configure-applications-and-default-virtual-application-extensions-by-using-the-management-console-51.md b/mdop/appv-v5/how-to-view-and-configure-applications-and-default-virtual-application-extensions-by-using-the-management-console-51.md
index 0dbc87a5e6..a33b56e4c3 100644
--- a/mdop/appv-v5/how-to-view-and-configure-applications-and-default-virtual-application-extensions-by-using-the-management-console-51.md
+++ b/mdop/appv-v5/how-to-view-and-configure-applications-and-default-virtual-application-extensions-by-using-the-management-console-51.md
@@ -1,7 +1,7 @@
---
title: How to View and Configure Applications and Default Virtual Application Extensions by Using the Management Console
description: How to View and Configure Applications and Default Virtual Application Extensions by Using the Management Console
-author: msfttracyp
+author: dansimp
ms.assetid: 1e1941d3-fb22-4077-8ec6-7a0cb80335d8
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/how-to-view-and-configure-applications-and-default-virtual-application-extensions-by-using-the-management-console-beta.md b/mdop/appv-v5/how-to-view-and-configure-applications-and-default-virtual-application-extensions-by-using-the-management-console-beta.md
index b7b66d2e47..0c2e254447 100644
--- a/mdop/appv-v5/how-to-view-and-configure-applications-and-default-virtual-application-extensions-by-using-the-management-console-beta.md
+++ b/mdop/appv-v5/how-to-view-and-configure-applications-and-default-virtual-application-extensions-by-using-the-management-console-beta.md
@@ -1,7 +1,7 @@
---
title: How to View and Configure Applications and Default Virtual Application Extensions by Using the Management Console
description: How to View and Configure Applications and Default Virtual Application Extensions by Using the Management Console
-author: msfttracyp
+author: dansimp
ms.assetid: c77e6662-7a18-4da1-8da8-b58068b65fa1
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/maintaining-app-v-50.md b/mdop/appv-v5/maintaining-app-v-50.md
index 21a91e196a..44f18c8769 100644
--- a/mdop/appv-v5/maintaining-app-v-50.md
+++ b/mdop/appv-v5/maintaining-app-v-50.md
@@ -1,7 +1,7 @@
---
title: Maintaining App-V 5.0
description: Maintaining App-V 5.0
-author: msfttracyp
+author: dansimp
ms.assetid: 66851ec3-c674-493b-ad6d-db8fcbf1956c
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/maintaining-app-v-51.md b/mdop/appv-v5/maintaining-app-v-51.md
index f972cbfdae..5ac415223c 100644
--- a/mdop/appv-v5/maintaining-app-v-51.md
+++ b/mdop/appv-v5/maintaining-app-v-51.md
@@ -1,7 +1,7 @@
---
title: Maintaining App-V 5.1
description: Maintaining App-V 5.1
-author: msfttracyp
+author: dansimp
ms.assetid: 5abd17d3-e8af-4261-b914-741ae116b0e7
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/managing-connection-groups.md b/mdop/appv-v5/managing-connection-groups.md
index baca427994..1b293614ae 100644
--- a/mdop/appv-v5/managing-connection-groups.md
+++ b/mdop/appv-v5/managing-connection-groups.md
@@ -1,7 +1,7 @@
---
title: Managing Connection Groups
description: Managing Connection Groups
-author: msfttracyp
+author: dansimp
ms.assetid: 1a9c8f26-f421-4b70-b7e2-da8118e8198c
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/managing-connection-groups51.md b/mdop/appv-v5/managing-connection-groups51.md
index 06ecc8b46b..f13c732883 100644
--- a/mdop/appv-v5/managing-connection-groups51.md
+++ b/mdop/appv-v5/managing-connection-groups51.md
@@ -1,7 +1,7 @@
---
title: Managing Connection Groups
description: Managing Connection Groups
-author: msfttracyp
+author: dansimp
ms.assetid: 22c9d3cb-7246-4173-9742-4ba1c24b0a6a
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/microsoft-application-virtualization-50-administrators-guide.md b/mdop/appv-v5/microsoft-application-virtualization-50-administrators-guide.md
index bcad0aeea4..f6f7a5cd96 100644
--- a/mdop/appv-v5/microsoft-application-virtualization-50-administrators-guide.md
+++ b/mdop/appv-v5/microsoft-application-virtualization-50-administrators-guide.md
@@ -1,7 +1,7 @@
---
title: Microsoft Application Virtualization 5.0 Administrator's Guide
description: Microsoft Application Virtualization 5.0 Administrator's Guide
-author: msfttracyp
+author: dansimp
ms.assetid: c46e94b5-32cd-4377-8dc3-8163539be897
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/microsoft-application-virtualization-51-administrators-guide.md b/mdop/appv-v5/microsoft-application-virtualization-51-administrators-guide.md
index f854875229..ec8eeadee2 100644
--- a/mdop/appv-v5/microsoft-application-virtualization-51-administrators-guide.md
+++ b/mdop/appv-v5/microsoft-application-virtualization-51-administrators-guide.md
@@ -1,7 +1,7 @@
---
title: Microsoft Application Virtualization 5.1 Administrator's Guide
description: Microsoft Application Virtualization 5.1 Administrator's Guide
-author: msfttracyp
+author: dansimp
ms.assetid: 3049996a-7253-4599-a29a-1b58f9ab14a4
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/migrating-from-a-previous-version-app-v-50.md b/mdop/appv-v5/migrating-from-a-previous-version-app-v-50.md
index b990ad8485..a659ae2142 100644
--- a/mdop/appv-v5/migrating-from-a-previous-version-app-v-50.md
+++ b/mdop/appv-v5/migrating-from-a-previous-version-app-v-50.md
@@ -1,7 +1,7 @@
---
title: Migrating from a Previous Version
description: Migrating from a Previous Version
-author: msfttracyp
+author: dansimp
ms.assetid: a13cd353-b22a-48f7-af1e-5d54ede2a7e5
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/migrating-to-app-v-51-from-a-previous-version.md b/mdop/appv-v5/migrating-to-app-v-51-from-a-previous-version.md
index 33eb8f92b7..cde64171ab 100644
--- a/mdop/appv-v5/migrating-to-app-v-51-from-a-previous-version.md
+++ b/mdop/appv-v5/migrating-to-app-v-51-from-a-previous-version.md
@@ -1,7 +1,7 @@
---
title: Migrating to App-V 5.1 from a Previous Version
description: Migrating to App-V 5.1 from a Previous Version
-author: msfttracyp
+author: dansimp
ms.assetid: e7ee0edc-7544-4c0a-aaca-d922a33bc1bb
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/operations-for-app-v-50.md b/mdop/appv-v5/operations-for-app-v-50.md
index 040240cc28..ce80cf068a 100644
--- a/mdop/appv-v5/operations-for-app-v-50.md
+++ b/mdop/appv-v5/operations-for-app-v-50.md
@@ -1,7 +1,7 @@
---
title: Operations for App-V 5.0
description: Operations for App-V 5.0
-author: msfttracyp
+author: dansimp
ms.assetid: 4d0d41a6-f7da-4a2f-8ac9-2d67cc18ea93
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/operations-for-app-v-51.md b/mdop/appv-v5/operations-for-app-v-51.md
index 4add886780..bbb273612e 100644
--- a/mdop/appv-v5/operations-for-app-v-51.md
+++ b/mdop/appv-v5/operations-for-app-v-51.md
@@ -1,7 +1,7 @@
---
title: Operations for App-V 5.1
description: Operations for App-V 5.1
-author: msfttracyp
+author: dansimp
ms.assetid: dd13b5c9-2d1e-442f-91e4-43dec7f17ea2
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/performance-guidance-for-application-virtualization-50.md b/mdop/appv-v5/performance-guidance-for-application-virtualization-50.md
index 8c33b0c43a..2dfc27c239 100644
--- a/mdop/appv-v5/performance-guidance-for-application-virtualization-50.md
+++ b/mdop/appv-v5/performance-guidance-for-application-virtualization-50.md
@@ -1,7 +1,7 @@
---
title: Performance Guidance for Application Virtualization 5.0
description: Performance Guidance for Application Virtualization 5.0
-author: msfttracyp
+author: dansimp
ms.assetid: 6b3a3255-b957-4b9b-8bfc-a93fe8438a81
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/performance-guidance-for-application-virtualization-51.md b/mdop/appv-v5/performance-guidance-for-application-virtualization-51.md
index adeaf0e07f..03b2a5a2dc 100644
--- a/mdop/appv-v5/performance-guidance-for-application-virtualization-51.md
+++ b/mdop/appv-v5/performance-guidance-for-application-virtualization-51.md
@@ -1,7 +1,7 @@
---
title: Performance Guidance for Application Virtualization 5.1
description: Performance Guidance for Application Virtualization 5.1
-author: msfttracyp
+author: dansimp
ms.assetid: 5f2643c7-5cf7-4a29-adb7-45bf9f5b0364
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-for-app-v-50-rc.md b/mdop/appv-v5/planning-for-app-v-50-rc.md
index a9830b1c28..57f79d8ada 100644
--- a/mdop/appv-v5/planning-for-app-v-50-rc.md
+++ b/mdop/appv-v5/planning-for-app-v-50-rc.md
@@ -1,7 +1,7 @@
---
title: Planning for App-V 5.0
description: Planning for App-V 5.0
-author: msfttracyp
+author: dansimp
ms.assetid: 69df85b3-06c7-4123-af05-29d537a687ec
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-for-app-v-51.md b/mdop/appv-v5/planning-for-app-v-51.md
index c32ba654cf..4184e228ca 100644
--- a/mdop/appv-v5/planning-for-app-v-51.md
+++ b/mdop/appv-v5/planning-for-app-v-51.md
@@ -1,7 +1,7 @@
---
title: Planning for App-V 5.1
description: Planning for App-V 5.1
-author: msfttracyp
+author: dansimp
ms.assetid: 8d84e679-0bd3-4864-976b-a3cbe6eafba6
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-for-high-availability-with-app-v-50.md b/mdop/appv-v5/planning-for-high-availability-with-app-v-50.md
index b861440d22..964dd5abc6 100644
--- a/mdop/appv-v5/planning-for-high-availability-with-app-v-50.md
+++ b/mdop/appv-v5/planning-for-high-availability-with-app-v-50.md
@@ -1,7 +1,7 @@
---
title: Planning for High Availability with App-V 5.0
description: Planning for High Availability with App-V 5.0
-author: msfttracyp
+author: dansimp
ms.assetid: 6d9a6492-23f8-465c-82e5-49c863594156
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-for-high-availability-with-app-v-51.md b/mdop/appv-v5/planning-for-high-availability-with-app-v-51.md
index c3e0e18888..39470aa4c7 100644
--- a/mdop/appv-v5/planning-for-high-availability-with-app-v-51.md
+++ b/mdop/appv-v5/planning-for-high-availability-with-app-v-51.md
@@ -1,7 +1,7 @@
---
title: Planning for High Availability with App-V 5.1
description: Planning for High Availability with App-V 5.1
-author: msfttracyp
+author: dansimp
ms.assetid: 1f190a0e-10ee-4fbe-a602-7e807e943033
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v.md b/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v.md
index 0413cff809..1ba223f790 100644
--- a/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v.md
+++ b/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v.md
@@ -1,7 +1,7 @@
---
title: Planning for Migrating from a Previous Version of App-V
description: Planning for Migrating from a Previous Version of App-V
-author: msfttracyp
+author: dansimp
ms.assetid: d4ca8f09-86fd-456f-8ec2-242ff94ae9a0
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v51.md b/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v51.md
index a895f50b35..34e606a7ab 100644
--- a/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v51.md
+++ b/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v51.md
@@ -1,7 +1,7 @@
---
title: Planning for Migrating from a Previous Version of App-V
description: Planning for Migrating from a Previous Version of App-V
-author: msfttracyp
+author: dansimp
ms.assetid: 4a058047-9674-41bc-8050-c58c97a80a9b
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-for-the-app-v-50-sequencer-and-client-deployment.md b/mdop/appv-v5/planning-for-the-app-v-50-sequencer-and-client-deployment.md
index d27170ec67..03ea39b207 100644
--- a/mdop/appv-v5/planning-for-the-app-v-50-sequencer-and-client-deployment.md
+++ b/mdop/appv-v5/planning-for-the-app-v-50-sequencer-and-client-deployment.md
@@ -1,7 +1,7 @@
---
title: Planning for the App-V 5.0 Sequencer and Client Deployment
description: Planning for the App-V 5.0 Sequencer and Client Deployment
-author: msfttracyp
+author: dansimp
ms.assetid: 57a604ad-90e1-4d32-86bb-eafff59aa43a
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-for-the-app-v-50-server-deployment.md b/mdop/appv-v5/planning-for-the-app-v-50-server-deployment.md
index a86ccf90cc..4522f9435f 100644
--- a/mdop/appv-v5/planning-for-the-app-v-50-server-deployment.md
+++ b/mdop/appv-v5/planning-for-the-app-v-50-server-deployment.md
@@ -1,7 +1,7 @@
---
title: Planning for the App-V 5.0 Server Deployment
description: Planning for the App-V 5.0 Server Deployment
-author: msfttracyp
+author: dansimp
ms.assetid: fd89b324-3961-471a-ad90-c8f9ae7a8155
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-for-the-app-v-51-sequencer-and-client-deployment.md b/mdop/appv-v5/planning-for-the-app-v-51-sequencer-and-client-deployment.md
index 03e04d5ec3..58f53e2c2b 100644
--- a/mdop/appv-v5/planning-for-the-app-v-51-sequencer-and-client-deployment.md
+++ b/mdop/appv-v5/planning-for-the-app-v-51-sequencer-and-client-deployment.md
@@ -1,7 +1,7 @@
---
title: Planning for the App-V 5.1 Sequencer and Client Deployment
description: Planning for the App-V 5.1 Sequencer and Client Deployment
-author: msfttracyp
+author: dansimp
ms.assetid: d92f8773-fa7d-4926-978a-433978f91202
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-for-the-app-v-51-server-deployment.md b/mdop/appv-v5/planning-for-the-app-v-51-server-deployment.md
index 7d2ec754d2..68c44e65f6 100644
--- a/mdop/appv-v5/planning-for-the-app-v-51-server-deployment.md
+++ b/mdop/appv-v5/planning-for-the-app-v-51-server-deployment.md
@@ -1,7 +1,7 @@
---
title: Planning for the App-V 5.1 Server Deployment
description: Planning for the App-V 5.1 Server Deployment
-author: msfttracyp
+author: dansimp
ms.assetid: eedd97c9-bee0-4749-9d1e-ab9528fba398
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-for-using-app-v-with-office.md b/mdop/appv-v5/planning-for-using-app-v-with-office.md
index 76440328d4..8ca81ecded 100644
--- a/mdop/appv-v5/planning-for-using-app-v-with-office.md
+++ b/mdop/appv-v5/planning-for-using-app-v-with-office.md
@@ -1,7 +1,7 @@
---
title: Planning for Using App-V with Office
description: Planning for Using App-V with Office
-author: msfttracyp
+author: dansimp
ms.assetid: c4371869-4bfc-4d13-9198-ef19f99fc192
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-for-using-app-v-with-office51.md b/mdop/appv-v5/planning-for-using-app-v-with-office51.md
index cb8f378a54..5d54fd6311 100644
--- a/mdop/appv-v5/planning-for-using-app-v-with-office51.md
+++ b/mdop/appv-v5/planning-for-using-app-v-with-office51.md
@@ -1,7 +1,7 @@
---
title: Planning for Using App-V with Office
description: Planning for Using App-V with Office
-author: msfttracyp
+author: dansimp
ms.assetid: e7a19b43-1746-469f-bad6-8e75cf4b3f67
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-to-deploy-app-v-50-with-an-electronic-software-distribution-system.md b/mdop/appv-v5/planning-to-deploy-app-v-50-with-an-electronic-software-distribution-system.md
index 4b5ea563cd..7357c45ff4 100644
--- a/mdop/appv-v5/planning-to-deploy-app-v-50-with-an-electronic-software-distribution-system.md
+++ b/mdop/appv-v5/planning-to-deploy-app-v-50-with-an-electronic-software-distribution-system.md
@@ -1,7 +1,7 @@
---
title: Planning to Deploy App-V 5.0 with an Electronic Software Distribution System
description: Planning to Deploy App-V 5.0 with an Electronic Software Distribution System
-author: msfttracyp
+author: dansimp
ms.assetid: 8cd3f1fb-b84e-4260-9e72-a14d01e7cadf
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-to-deploy-app-v-51-with-an-electronic-software-distribution-system.md b/mdop/appv-v5/planning-to-deploy-app-v-51-with-an-electronic-software-distribution-system.md
index 4a91a19040..aedb86f2c2 100644
--- a/mdop/appv-v5/planning-to-deploy-app-v-51-with-an-electronic-software-distribution-system.md
+++ b/mdop/appv-v5/planning-to-deploy-app-v-51-with-an-electronic-software-distribution-system.md
@@ -1,7 +1,7 @@
---
title: Planning to Deploy App-V 5.1 with an Electronic Software Distribution System
description: Planning to Deploy App-V 5.1 with an Electronic Software Distribution System
-author: msfttracyp
+author: dansimp
ms.assetid: c26602c2-5e8d-44e6-90df-adacc593607e
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-to-deploy-app-v.md b/mdop/appv-v5/planning-to-deploy-app-v.md
index 832c964236..a85bcc8922 100644
--- a/mdop/appv-v5/planning-to-deploy-app-v.md
+++ b/mdop/appv-v5/planning-to-deploy-app-v.md
@@ -1,7 +1,7 @@
---
title: Planning to Deploy App-V
description: Planning to Deploy App-V
-author: msfttracyp
+author: dansimp
ms.assetid: 28d3035c-3805-4339-90fc-6c3fd3b1123e
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-to-deploy-app-v51.md b/mdop/appv-v5/planning-to-deploy-app-v51.md
index 55b4441b42..76d04602d4 100644
--- a/mdop/appv-v5/planning-to-deploy-app-v51.md
+++ b/mdop/appv-v5/planning-to-deploy-app-v51.md
@@ -1,7 +1,7 @@
---
title: Planning to Deploy App-V
description: Planning to Deploy App-V
-author: msfttracyp
+author: dansimp
ms.assetid: 39cbf981-d9c6-457f-b047-f9046e1a6442
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v.md b/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v.md
index e5be2f3b21..798a2dac4b 100644
--- a/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v.md
+++ b/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v.md
@@ -1,7 +1,7 @@
---
title: Planning to Use Folder Redirection with App-V
description: Planning to Use Folder Redirection with App-V
-author: msfttracyp
+author: dansimp
ms.assetid: 2a4deeed-fdc0-465c-b88a-3a2fbbf27436
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v51.md b/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v51.md
index b64d421000..e5bc5e526b 100644
--- a/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v51.md
+++ b/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v51.md
@@ -1,7 +1,7 @@
---
title: Planning to Use Folder Redirection with App-V
description: Planning to Use Folder Redirection with App-V
-author: msfttracyp
+author: dansimp
ms.assetid: 6bea9a8f-a915-4d7d-be67-ef1cca1398ed
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/preparing-your-environment-for-app-v-50.md b/mdop/appv-v5/preparing-your-environment-for-app-v-50.md
index f20ba14b11..3470db8ec4 100644
--- a/mdop/appv-v5/preparing-your-environment-for-app-v-50.md
+++ b/mdop/appv-v5/preparing-your-environment-for-app-v-50.md
@@ -1,7 +1,7 @@
---
title: Preparing Your Environment for App-V 5.0
description: Preparing Your Environment for App-V 5.0
-author: msfttracyp
+author: dansimp
ms.assetid: 119d990e-a6c6-47b7-a7b0-52f88205e5ec
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/preparing-your-environment-for-app-v-51.md b/mdop/appv-v5/preparing-your-environment-for-app-v-51.md
index 3cef8f78e3..8c2fee5a36 100644
--- a/mdop/appv-v5/preparing-your-environment-for-app-v-51.md
+++ b/mdop/appv-v5/preparing-your-environment-for-app-v-51.md
@@ -1,7 +1,7 @@
---
title: Preparing Your Environment for App-V 5.1
description: Preparing Your Environment for App-V 5.1
-author: msfttracyp
+author: dansimp
ms.assetid: 64b2e1ac-1561-4c99-9815-b4688a0ff48a
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/release-notes-for-app-v-50-sp1.md b/mdop/appv-v5/release-notes-for-app-v-50-sp1.md
index 2437a3abaa..9336bced97 100644
--- a/mdop/appv-v5/release-notes-for-app-v-50-sp1.md
+++ b/mdop/appv-v5/release-notes-for-app-v-50-sp1.md
@@ -1,7 +1,7 @@
---
title: Release Notes for App-V 5.0 SP1
description: Release Notes for App-V 5.0 SP1
-author: msfttracyp
+author: dansimp
ms.assetid: 21a859cd-41b4-4cc4-9c9c-7ba236084bb0
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/release-notes-for-app-v-50-sp2.md b/mdop/appv-v5/release-notes-for-app-v-50-sp2.md
index 5f24db040f..f7d43521a3 100644
--- a/mdop/appv-v5/release-notes-for-app-v-50-sp2.md
+++ b/mdop/appv-v5/release-notes-for-app-v-50-sp2.md
@@ -1,7 +1,7 @@
---
title: Release Notes for App-V 5.0 SP2
description: Release Notes for App-V 5.0 SP2
-author: msfttracyp
+author: dansimp
ms.assetid: fe73139d-240c-4ed5-8e59-6ae76ee8e80c
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/release-notes-for-app-v-50-sp3.md b/mdop/appv-v5/release-notes-for-app-v-50-sp3.md
index a00754bd10..0f03b6bd95 100644
--- a/mdop/appv-v5/release-notes-for-app-v-50-sp3.md
+++ b/mdop/appv-v5/release-notes-for-app-v-50-sp3.md
@@ -1,7 +1,7 @@
---
title: Release Notes for App-V 5.0 SP3
description: Release Notes for App-V 5.0 SP3
-author: msfttracyp
+author: dansimp
ms.assetid: bc4806e0-2aba-4c7b-9ecc-1b2cc54af1d0
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/release-notes-for-app-v-50.md b/mdop/appv-v5/release-notes-for-app-v-50.md
index 4e86811e9d..56a0e3150d 100644
--- a/mdop/appv-v5/release-notes-for-app-v-50.md
+++ b/mdop/appv-v5/release-notes-for-app-v-50.md
@@ -1,7 +1,7 @@
---
title: Release Notes for App-V 5.0
description: Release Notes for App-V 5.0
-author: msfttracyp
+author: dansimp
ms.assetid: 68a6a5a1-4b3c-4c09-b00c-9ca4237695d5
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/release-notes-for-app-v-51.md b/mdop/appv-v5/release-notes-for-app-v-51.md
index 4f937ae374..5fe16584ad 100644
--- a/mdop/appv-v5/release-notes-for-app-v-51.md
+++ b/mdop/appv-v5/release-notes-for-app-v-51.md
@@ -1,7 +1,7 @@
---
title: Release Notes for App-V 5.1
description: Release Notes for App-V 5.1
-author: msfttracyp
+author: dansimp
ms.assetid: 62c5be3b-0a46-4512-93ed-97c23184f343
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications.md b/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications.md
index 8fb9c2b17a..34bad73ae5 100644
--- a/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications.md
+++ b/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications.md
@@ -1,7 +1,7 @@
---
title: Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications
description: Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications
-author: msfttracyp
+author: dansimp
ms.assetid: a8affa46-f1f7-416c-8125-9595cfbfdbc7
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications51.md b/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications51.md
index 147684b66e..04f3189b55 100644
--- a/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications51.md
+++ b/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications51.md
@@ -1,7 +1,7 @@
---
title: Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications
description: Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications
-author: msfttracyp
+author: dansimp
ms.assetid: 71baf193-a9e8-4ffa-aa7f-e0bffed2e4b2
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/technical-reference-for-app-v-50.md b/mdop/appv-v5/technical-reference-for-app-v-50.md
index 27f47f513c..91d5e9c9db 100644
--- a/mdop/appv-v5/technical-reference-for-app-v-50.md
+++ b/mdop/appv-v5/technical-reference-for-app-v-50.md
@@ -1,7 +1,7 @@
---
title: Technical Reference for App-V 5.0
description: Technical Reference for App-V 5.0
-author: msfttracyp
+author: dansimp
ms.assetid: aa899158-41e8-47d3-882c-8c5b96018308
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/technical-reference-for-app-v-51.md b/mdop/appv-v5/technical-reference-for-app-v-51.md
index 7920671469..5b6eb75ac8 100644
--- a/mdop/appv-v5/technical-reference-for-app-v-51.md
+++ b/mdop/appv-v5/technical-reference-for-app-v-51.md
@@ -1,7 +1,7 @@
---
title: Technical Reference for App-V 5.1
description: Technical Reference for App-V 5.1
-author: msfttracyp
+author: dansimp
ms.assetid: 2b9e8b2b-4cd1-46f3-ba08-e3bc8d5c6127
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/troubleshooting-app-v-50.md b/mdop/appv-v5/troubleshooting-app-v-50.md
index 4ec64fd490..e8853b459c 100644
--- a/mdop/appv-v5/troubleshooting-app-v-50.md
+++ b/mdop/appv-v5/troubleshooting-app-v-50.md
@@ -1,7 +1,7 @@
---
title: Troubleshooting App-V 5.0
description: Troubleshooting App-V 5.0
-author: msfttracyp
+author: dansimp
ms.assetid: a713b345-25b7-4cdf-ba55-66df672a1f3a
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/troubleshooting-app-v-51.md b/mdop/appv-v5/troubleshooting-app-v-51.md
index f9c03ad8f8..81fd93938a 100644
--- a/mdop/appv-v5/troubleshooting-app-v-51.md
+++ b/mdop/appv-v5/troubleshooting-app-v-51.md
@@ -1,7 +1,7 @@
---
title: Troubleshooting App-V 5.1
description: Troubleshooting App-V 5.1
-author: msfttracyp
+author: dansimp
ms.assetid: 435d0e56-0aa2-4168-b5a7-2f03a1f273d4
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/using-the-app-v-50-client-management-console.md b/mdop/appv-v5/using-the-app-v-50-client-management-console.md
index bc2bbc0a7d..9789c793bc 100644
--- a/mdop/appv-v5/using-the-app-v-50-client-management-console.md
+++ b/mdop/appv-v5/using-the-app-v-50-client-management-console.md
@@ -1,7 +1,7 @@
---
title: Using the App-V 5.0 Client Management Console
description: Using the App-V 5.0 Client Management Console
-author: msfttracyp
+author: dansimp
ms.assetid: 36398307-57dd-40f3-9d4f-b09f44fd37c3
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/using-the-app-v-51-client-management-console.md b/mdop/appv-v5/using-the-app-v-51-client-management-console.md
index ec85b78997..7113c44600 100644
--- a/mdop/appv-v5/using-the-app-v-51-client-management-console.md
+++ b/mdop/appv-v5/using-the-app-v-51-client-management-console.md
@@ -1,7 +1,7 @@
---
title: Using the App-V 5.1 Client Management Console
description: Using the App-V 5.1 Client Management Console
-author: msfttracyp
+author: dansimp
ms.assetid: be6d4e35-5701-4f9a-ba8a-bede12662cf1
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/viewing-app-v-server-publishing-metadata.md b/mdop/appv-v5/viewing-app-v-server-publishing-metadata.md
index ab6061698c..6e3f7208f0 100644
--- a/mdop/appv-v5/viewing-app-v-server-publishing-metadata.md
+++ b/mdop/appv-v5/viewing-app-v-server-publishing-metadata.md
@@ -1,7 +1,7 @@
---
title: Viewing App-V Server Publishing Metadata
description: Viewing App-V Server Publishing Metadata
-author: msfttracyp
+author: dansimp
ms.assetid: 048dd42a-24d4-4cc4-81f6-7a919aadd9b2
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/viewing-app-v-server-publishing-metadata51.md b/mdop/appv-v5/viewing-app-v-server-publishing-metadata51.md
index 9d1b578f94..499324a790 100644
--- a/mdop/appv-v5/viewing-app-v-server-publishing-metadata51.md
+++ b/mdop/appv-v5/viewing-app-v-server-publishing-metadata51.md
@@ -1,7 +1,7 @@
---
title: Viewing App-V Server Publishing Metadata
description: Viewing App-V Server Publishing Metadata
-author: msfttracyp
+author: dansimp
ms.assetid: d5fa9eb5-647c-478d-8a4d-0ecda018bce6
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/whats-new-in-app-v-50-sp1.md b/mdop/appv-v5/whats-new-in-app-v-50-sp1.md
index 01777e0e36..26d07fc5ef 100644
--- a/mdop/appv-v5/whats-new-in-app-v-50-sp1.md
+++ b/mdop/appv-v5/whats-new-in-app-v-50-sp1.md
@@ -1,7 +1,7 @@
---
title: What's new in App-V 5.0 SP1
description: What's new in App-V 5.0 SP1
-author: msfttracyp
+author: dansimp
ms.assetid: e97c2dbb-7b40-46a0-8137-9ee4fc2bd071
ms.reviewer:
manager: dansimp
diff --git a/mdop/appv-v5/whats-new-in-app-v-50.md b/mdop/appv-v5/whats-new-in-app-v-50.md
index 6f816996a0..2db8329b5f 100644
--- a/mdop/appv-v5/whats-new-in-app-v-50.md
+++ b/mdop/appv-v5/whats-new-in-app-v-50.md
@@ -1,7 +1,7 @@
---
title: What's New in App-V 5.0
description: What's New in App-V 5.0
-author: msfttracyp
+author: dansimp
ms.assetid: 79ff6e02-e926-4803-87d8-248a6b28099d
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/about-dart-10.md b/mdop/dart-v10/about-dart-10.md
index ad6c4560a0..3751028fe6 100644
--- a/mdop/dart-v10/about-dart-10.md
+++ b/mdop/dart-v10/about-dart-10.md
@@ -1,7 +1,7 @@
---
title: About DaRT 10
description: About DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: 02378035-58d1-4095-82fe-d60734a746fb
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/accessibility-for-dart-10.md b/mdop/dart-v10/accessibility-for-dart-10.md
index 7414466c4f..fd19439e04 100644
--- a/mdop/dart-v10/accessibility-for-dart-10.md
+++ b/mdop/dart-v10/accessibility-for-dart-10.md
@@ -1,7 +1,7 @@
---
title: Accessibility for DaRT 10
description: Accessibility for DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: 61d7a30c-3551-440d-bdcd-36333052c7b4
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/administering-dart-10-using-powershell.md b/mdop/dart-v10/administering-dart-10-using-powershell.md
index fb6f1d06b6..bfedfe3006 100644
--- a/mdop/dart-v10/administering-dart-10-using-powershell.md
+++ b/mdop/dart-v10/administering-dart-10-using-powershell.md
@@ -1,7 +1,7 @@
---
title: Administering DaRT 10 Using PowerShell
description: Administering DaRT 10 Using PowerShell
-author: msfttracyp
+author: dansimp
ms.assetid: eefe992f-077b-4e4b-8a5d-45b451614d7b
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/creating-the-dart-10-recovery-image.md b/mdop/dart-v10/creating-the-dart-10-recovery-image.md
index 3f47366774..0a8a5f353e 100644
--- a/mdop/dart-v10/creating-the-dart-10-recovery-image.md
+++ b/mdop/dart-v10/creating-the-dart-10-recovery-image.md
@@ -1,7 +1,7 @@
---
title: Creating the DaRT 10 Recovery Image
description: Creating the DaRT 10 Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: 173556de-2f20-4ea6-9e29-fc5ccc71ebd7
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/dart-10--c--page.md b/mdop/dart-v10/dart-10--c--page.md
index a0e3d60f0d..53300542ed 100644
--- a/mdop/dart-v10/dart-10--c--page.md
+++ b/mdop/dart-v10/dart-10--c--page.md
@@ -1,7 +1,7 @@
---
title: DaRT 10
description: DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: 4f62abe6-d971-44b4-b1e7-9dcaf199ca31
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/dart-10-cover-page.md b/mdop/dart-v10/dart-10-cover-page.md
index ab111cbe8e..2940b90d99 100644
--- a/mdop/dart-v10/dart-10-cover-page.md
+++ b/mdop/dart-v10/dart-10-cover-page.md
@@ -1,7 +1,7 @@
---
title: DaRT 10
description: DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: 875f6dc4-13f4-4625-8c6a-38215c2daf01
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/dart-10-deployment-checklist.md b/mdop/dart-v10/dart-10-deployment-checklist.md
index 3dfa45cfc5..d3a741a13f 100644
--- a/mdop/dart-v10/dart-10-deployment-checklist.md
+++ b/mdop/dart-v10/dart-10-deployment-checklist.md
@@ -1,7 +1,7 @@
---
title: DaRT 10 Deployment Checklist
description: DaRT 10 Deployment Checklist
-author: msfttracyp
+author: dansimp
ms.assetid: a6b7ba27-a969-4da9-bef0-d019739413cc
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/dart-10-planning-checklist.md b/mdop/dart-v10/dart-10-planning-checklist.md
index f7fc8ef40c..0a65b1cc0b 100644
--- a/mdop/dart-v10/dart-10-planning-checklist.md
+++ b/mdop/dart-v10/dart-10-planning-checklist.md
@@ -1,7 +1,7 @@
---
title: DaRT 10 Planning Checklist
description: DaRT 10 Planning Checklist
-author: msfttracyp
+author: dansimp
ms.assetid: d6482534-cdf3-4997-bec0-33d0edf6924a
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/dart-10-privacy-statement.md b/mdop/dart-v10/dart-10-privacy-statement.md
index 2b640d3109..c54a9d8d96 100644
--- a/mdop/dart-v10/dart-10-privacy-statement.md
+++ b/mdop/dart-v10/dart-10-privacy-statement.md
@@ -1,7 +1,7 @@
---
title: DaRT 10 Privacy Statement
description: DaRT 10 Privacy Statement
-author: msfttracyp
+author: dansimp
ms.assetid: 27ad36fe-6816-4fe8-8838-500c05b5b184
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/dart-10-supported-configurations.md b/mdop/dart-v10/dart-10-supported-configurations.md
index e700bfa7fa..8e8e070106 100644
--- a/mdop/dart-v10/dart-10-supported-configurations.md
+++ b/mdop/dart-v10/dart-10-supported-configurations.md
@@ -1,7 +1,7 @@
---
title: DaRT 10 Supported Configurations
description: DaRT 10 Supported Configurations
-author: msfttracyp
+author: dansimp
ms.assetid: a07d6562-1fa9-499f-829c-9cc487ede0b7
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/deploying-dart-10-to-administrator-computers.md b/mdop/dart-v10/deploying-dart-10-to-administrator-computers.md
index 0e84d83c2b..354f2d6320 100644
--- a/mdop/dart-v10/deploying-dart-10-to-administrator-computers.md
+++ b/mdop/dart-v10/deploying-dart-10-to-administrator-computers.md
@@ -1,7 +1,7 @@
---
title: Deploying DaRT 10 to Administrator Computers
description: Deploying DaRT 10 to Administrator Computers
-author: msfttracyp
+author: dansimp
ms.assetid: c1981cbe-10f8-41f6-8989-bcc9d57a2aa8
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/deploying-dart-10.md b/mdop/dart-v10/deploying-dart-10.md
index b2b9f2ace3..4d485fe455 100644
--- a/mdop/dart-v10/deploying-dart-10.md
+++ b/mdop/dart-v10/deploying-dart-10.md
@@ -1,7 +1,7 @@
---
title: Deploying DaRT 10
description: Deploying DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: 92cf70fd-006f-4fdc-9fb3-78d9d223148d
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/deploying-the-dart-recovery-image-dart-10.md b/mdop/dart-v10/deploying-the-dart-recovery-image-dart-10.md
index 6367ad326e..4a1bd4540a 100644
--- a/mdop/dart-v10/deploying-the-dart-recovery-image-dart-10.md
+++ b/mdop/dart-v10/deploying-the-dart-recovery-image-dart-10.md
@@ -1,7 +1,7 @@
---
title: Deploying the DaRT Recovery Image
description: Deploying the DaRT Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: 2b859da6-e31a-4240-8868-93a754328cf2
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/diagnosing-system-failures-with-crash-analyzer-dart-10.md b/mdop/dart-v10/diagnosing-system-failures-with-crash-analyzer-dart-10.md
index 0e168029e5..dee2c4b198 100644
--- a/mdop/dart-v10/diagnosing-system-failures-with-crash-analyzer-dart-10.md
+++ b/mdop/dart-v10/diagnosing-system-failures-with-crash-analyzer-dart-10.md
@@ -1,7 +1,7 @@
---
title: Diagnosing System Failures with Crash Analyzer
description: Diagnosing System Failures with Crash Analyzer
-author: msfttracyp
+author: dansimp
ms.assetid: 7ebef49e-a294-4173-adb1-7e6994aa01ad
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/getting-started-with-dart-10.md b/mdop/dart-v10/getting-started-with-dart-10.md
index 634c9a9c74..825d83b221 100644
--- a/mdop/dart-v10/getting-started-with-dart-10.md
+++ b/mdop/dart-v10/getting-started-with-dart-10.md
@@ -1,7 +1,7 @@
---
title: Getting Started with DaRT 10
description: Getting Started with DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: 593dd317-4fba-4d51-8a80-951590acede6
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/how-to-change-repair-or-remove-dart-10.md b/mdop/dart-v10/how-to-change-repair-or-remove-dart-10.md
index 166f07768a..c6b364316a 100644
--- a/mdop/dart-v10/how-to-change-repair-or-remove-dart-10.md
+++ b/mdop/dart-v10/how-to-change-repair-or-remove-dart-10.md
@@ -1,7 +1,7 @@
---
title: How to Change, Repair, or Remove DaRT 10
description: How to Change, Repair, or Remove DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: e7718c6f-06a1-48bb-b04b-1a0f659a0337
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/how-to-deploy-dart-10.md b/mdop/dart-v10/how-to-deploy-dart-10.md
index 805de4c46d..e2a3e044e5 100644
--- a/mdop/dart-v10/how-to-deploy-dart-10.md
+++ b/mdop/dart-v10/how-to-deploy-dart-10.md
@@ -1,7 +1,7 @@
---
title: How to Deploy DaRT 10
description: How to Deploy DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: 13e8ba20-21c3-4870-94ed-6d3106d69f21
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-10.md b/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-10.md
index 16d8853966..beb89d6265 100644
--- a/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-10.md
+++ b/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-10.md
@@ -1,7 +1,7 @@
---
title: How to Deploy the DaRT Recovery Image as a Remote Partition
description: How to Deploy the DaRT Recovery Image as a Remote Partition
-author: msfttracyp
+author: dansimp
ms.assetid: 06a5e250-b992-4f6a-ad74-e7715f9e96e7
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-10.md b/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-10.md
index 4fa7467fc0..7bf15bf936 100644
--- a/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-10.md
+++ b/mdop/dart-v10/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-10.md
@@ -1,7 +1,7 @@
---
title: How to Deploy the DaRT Recovery Image as Part of a Recovery Partition
description: How to Deploy the DaRT Recovery Image as Part of a Recovery Partition
-author: msfttracyp
+author: dansimp
ms.assetid: 0d2192c1-4058-49fb-b0b6-baf4699ac7f5
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/how-to-ensure-that-crash-analyzer-can-access-symbol-files-dart-10.md b/mdop/dart-v10/how-to-ensure-that-crash-analyzer-can-access-symbol-files-dart-10.md
index 3eeda04d28..6d46740189 100644
--- a/mdop/dart-v10/how-to-ensure-that-crash-analyzer-can-access-symbol-files-dart-10.md
+++ b/mdop/dart-v10/how-to-ensure-that-crash-analyzer-can-access-symbol-files-dart-10.md
@@ -1,7 +1,7 @@
---
title: How to Ensure that Crash Analyzer Can Access Symbol Files
description: How to Ensure that Crash Analyzer Can Access Symbol Files
-author: msfttracyp
+author: dansimp
ms.assetid: 39e307bd-5d21-4e44-bed6-bf532f580775
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/how-to-perform-dart-tasks-by-using-powershell-commands-dart-10.md b/mdop/dart-v10/how-to-perform-dart-tasks-by-using-powershell-commands-dart-10.md
index 6fda5d22e9..fc0752f99e 100644
--- a/mdop/dart-v10/how-to-perform-dart-tasks-by-using-powershell-commands-dart-10.md
+++ b/mdop/dart-v10/how-to-perform-dart-tasks-by-using-powershell-commands-dart-10.md
@@ -1,7 +1,7 @@
---
title: How to Perform DaRT Tasks by Using PowerShell Commands
description: How to Perform DaRT Tasks by Using PowerShell Commands
-author: msfttracyp
+author: dansimp
ms.assetid: f5a5c5f9-d667-4c85-9e82-7baf0b2aec6e
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/how-to-recover-local-computers-by-using-the-dart-recovery-image-dart-10.md b/mdop/dart-v10/how-to-recover-local-computers-by-using-the-dart-recovery-image-dart-10.md
index 688b37b172..b3bb7236d2 100644
--- a/mdop/dart-v10/how-to-recover-local-computers-by-using-the-dart-recovery-image-dart-10.md
+++ b/mdop/dart-v10/how-to-recover-local-computers-by-using-the-dart-recovery-image-dart-10.md
@@ -1,7 +1,7 @@
---
title: How to Recover Local Computers by Using the DaRT Recovery Image
description: How to Recover Local Computers by Using the DaRT Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: a6adc717-827c-45e8-b9c3-06d0e919e0bd
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-10.md b/mdop/dart-v10/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-10.md
index 2a8e35021d..e67ab0c1a4 100644
--- a/mdop/dart-v10/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-10.md
+++ b/mdop/dart-v10/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-10.md
@@ -1,7 +1,7 @@
---
title: How to Recover Remote Computers by Using the DaRT Recovery Image
description: How to Recover Remote Computers by Using the DaRT Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: c0062208-39cd-4e01-adf8-36a11386e2ea
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/how-to-run-the-crash-analyzer-in-stand-alone-mode-on-a-computer-other-than-an-end-user-computer-dart-10.md b/mdop/dart-v10/how-to-run-the-crash-analyzer-in-stand-alone-mode-on-a-computer-other-than-an-end-user-computer-dart-10.md
index c84297c5bf..853caccec0 100644
--- a/mdop/dart-v10/how-to-run-the-crash-analyzer-in-stand-alone-mode-on-a-computer-other-than-an-end-user-computer-dart-10.md
+++ b/mdop/dart-v10/how-to-run-the-crash-analyzer-in-stand-alone-mode-on-a-computer-other-than-an-end-user-computer-dart-10.md
@@ -1,7 +1,7 @@
---
title: How to Run the Crash Analyzer in Stand-alone Mode on a Computer Other than an End-user Computer
description: How to Run the Crash Analyzer in Stand-alone Mode on a Computer Other than an End-user Computer
-author: msfttracyp
+author: dansimp
ms.assetid: 27c1e1c6-123a-4f8a-b7d2-5bddc9ca3249
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-10.md b/mdop/dart-v10/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-10.md
index 7cf5e9a3d7..669547afa0 100644
--- a/mdop/dart-v10/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-10.md
+++ b/mdop/dart-v10/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-10.md
@@ -1,7 +1,7 @@
---
title: How to Run the Crash Analyzer on an End-user Computer
description: How to Run the Crash Analyzer on an End-user Computer
-author: msfttracyp
+author: dansimp
ms.assetid: 10334800-ff8e-43ac-a9c2-d28807473ec2
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/how-to-use-a-powershell-script-to-create-the-recovery-image-dart-10.md b/mdop/dart-v10/how-to-use-a-powershell-script-to-create-the-recovery-image-dart-10.md
index ef8ed9be21..d617ce9d88 100644
--- a/mdop/dart-v10/how-to-use-a-powershell-script-to-create-the-recovery-image-dart-10.md
+++ b/mdop/dart-v10/how-to-use-a-powershell-script-to-create-the-recovery-image-dart-10.md
@@ -1,7 +1,7 @@
---
title: How to Use a PowerShell Script to Create the Recovery Image
description: How to Use a PowerShell Script to Create the Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: cf5b0814-71a8-4f0b-b1f1-1ac6d8b51c4f
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/operations-for-dart-10.md b/mdop/dart-v10/operations-for-dart-10.md
index fb618d7c09..553e6af77d 100644
--- a/mdop/dart-v10/operations-for-dart-10.md
+++ b/mdop/dart-v10/operations-for-dart-10.md
@@ -1,7 +1,7 @@
---
title: Operations for DaRT 10
description: Operations for DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: 1776d5ed-96c6-4841-a097-721d8cf5c7f7
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/overview-of-the-tools-in-dart-10.md b/mdop/dart-v10/overview-of-the-tools-in-dart-10.md
index 61ca954cfa..badd1ae5d7 100644
--- a/mdop/dart-v10/overview-of-the-tools-in-dart-10.md
+++ b/mdop/dart-v10/overview-of-the-tools-in-dart-10.md
@@ -1,7 +1,7 @@
---
title: Overview of the Tools in DaRT 10
description: Overview of the Tools in DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: 752467dd-b646-4335-82ce-9090d4651f65
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/planning-for-dart-10.md b/mdop/dart-v10/planning-for-dart-10.md
index b8b88230b8..c5d2620d01 100644
--- a/mdop/dart-v10/planning-for-dart-10.md
+++ b/mdop/dart-v10/planning-for-dart-10.md
@@ -1,7 +1,7 @@
---
title: Planning for DaRT 10
description: Planning for DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: 2ca0249a-6a9f-4b4e-91f1-f1b34be7b16c
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/planning-how-to-save-and-deploy-the-dart-10-recovery-image.md b/mdop/dart-v10/planning-how-to-save-and-deploy-the-dart-10-recovery-image.md
index 0b4856b406..2d2ba6bfb2 100644
--- a/mdop/dart-v10/planning-how-to-save-and-deploy-the-dart-10-recovery-image.md
+++ b/mdop/dart-v10/planning-how-to-save-and-deploy-the-dart-10-recovery-image.md
@@ -1,7 +1,7 @@
---
title: Planning How to Save and Deploy the DaRT 10 Recovery Image
description: Planning How to Save and Deploy the DaRT 10 Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: 9a3e5413-2621-49ce-8bd2-992616691703
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/planning-to-create-the-dart-10-recovery-image.md b/mdop/dart-v10/planning-to-create-the-dart-10-recovery-image.md
index 25cd1696fb..f38768416f 100644
--- a/mdop/dart-v10/planning-to-create-the-dart-10-recovery-image.md
+++ b/mdop/dart-v10/planning-to-create-the-dart-10-recovery-image.md
@@ -1,7 +1,7 @@
---
title: Planning to Create the DaRT 10 Recovery Image
description: Planning to Create the DaRT 10 Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: a0087d93-b88f-454b-81b2-3c7ce3718023
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/planning-to-deploy-dart-10.md b/mdop/dart-v10/planning-to-deploy-dart-10.md
index 8d3571fea4..7b28c7d329 100644
--- a/mdop/dart-v10/planning-to-deploy-dart-10.md
+++ b/mdop/dart-v10/planning-to-deploy-dart-10.md
@@ -1,7 +1,7 @@
---
title: Planning to Deploy DaRT 10
description: Planning to Deploy DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: 32a39e97-a889-4aae-982c-b85cdc3d9134
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/recovering-computers-using-dart-10.md b/mdop/dart-v10/recovering-computers-using-dart-10.md
index 1d901afe01..f1a9b0f856 100644
--- a/mdop/dart-v10/recovering-computers-using-dart-10.md
+++ b/mdop/dart-v10/recovering-computers-using-dart-10.md
@@ -1,7 +1,7 @@
---
title: Recovering Computers Using DaRT 10
description: Recovering Computers Using DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: 2ad7fab0-c22d-4171-8b5a-b2b7d7c0ad2d
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/release-notes-for-dart-10.md b/mdop/dart-v10/release-notes-for-dart-10.md
index 0308185c37..7fdf8e3d2f 100644
--- a/mdop/dart-v10/release-notes-for-dart-10.md
+++ b/mdop/dart-v10/release-notes-for-dart-10.md
@@ -1,7 +1,7 @@
---
title: Release Notes for DaRT 10
description: Release Notes for DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: eb996980-f9c4-42cb-bde9-6b3d4b82b58c
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/security-and-privacy-for-dart-10.md b/mdop/dart-v10/security-and-privacy-for-dart-10.md
index 93b66f3a76..1e572fc05f 100644
--- a/mdop/dart-v10/security-and-privacy-for-dart-10.md
+++ b/mdop/dart-v10/security-and-privacy-for-dart-10.md
@@ -1,7 +1,7 @@
---
title: Security and Privacy for DaRT 10
description: Security and Privacy for DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: 9ce5d555-c4e9-4482-a147-27b26579c935
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/security-considerations-for-dart-10.md b/mdop/dart-v10/security-considerations-for-dart-10.md
index fc0621ba83..e5738d897d 100644
--- a/mdop/dart-v10/security-considerations-for-dart-10.md
+++ b/mdop/dart-v10/security-considerations-for-dart-10.md
@@ -1,7 +1,7 @@
---
title: Security Considerations for DaRT 10
description: Security Considerations for DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: c653daf1-f12a-4667-98cc-f0c89fa38e3f
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v10/troubleshooting-dart-10.md b/mdop/dart-v10/troubleshooting-dart-10.md
index 181fef10dd..4f7ed7f393 100644
--- a/mdop/dart-v10/troubleshooting-dart-10.md
+++ b/mdop/dart-v10/troubleshooting-dart-10.md
@@ -1,7 +1,7 @@
---
title: Troubleshooting DaRT 10
description: Troubleshooting DaRT 10
-author: msfttracyp
+author: dansimp
ms.assetid: 76d42a00-3f6b-4730-8857-39fe49535d37
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v65.md b/mdop/dart-v65.md
index 050094ae6f..2ca38d849e 100644
--- a/mdop/dart-v65.md
+++ b/mdop/dart-v65.md
@@ -1,7 +1,7 @@
---
title: Diagnostics and Recovery Toolset 6.5
description: Diagnostics and Recovery Toolset 6.5
-author: eavena
+author: dansimp
ms.pagetype: mdop
ms.mktglfcycl: manage
ms.sitesec: library
diff --git a/mdop/dart-v7/about-dart-70-new-ia.md b/mdop/dart-v7/about-dart-70-new-ia.md
index 7669450607..11e8f7a440 100644
--- a/mdop/dart-v7/about-dart-70-new-ia.md
+++ b/mdop/dart-v7/about-dart-70-new-ia.md
@@ -1,7 +1,7 @@
---
title: About DaRT 7.0
description: About DaRT 7.0
-author: msfttracyp
+author: dansimp
ms.assetid: 217ffafc-6d73-4b80-88d9-71870460d4ab
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/accessibility-for-dart-70.md b/mdop/dart-v7/accessibility-for-dart-70.md
index afb83c0c70..c85c2ce05f 100644
--- a/mdop/dart-v7/accessibility-for-dart-70.md
+++ b/mdop/dart-v7/accessibility-for-dart-70.md
@@ -1,7 +1,7 @@
---
title: Accessibility for DaRT 7.0
description: Accessibility for DaRT 7.0
-author: msfttracyp
+author: dansimp
ms.assetid: 41f7bb72-4f1d-44fb-bc3f-8b66557fec2f
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/creating-the-dart-70-recovery-image-dart-7.md b/mdop/dart-v7/creating-the-dart-70-recovery-image-dart-7.md
index 2fa4e1973e..d5b5333691 100644
--- a/mdop/dart-v7/creating-the-dart-70-recovery-image-dart-7.md
+++ b/mdop/dart-v7/creating-the-dart-70-recovery-image-dart-7.md
@@ -1,7 +1,7 @@
---
title: Creating the DaRT 7.0 Recovery Image
description: Creating the DaRT 7.0 Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: ebb2ec58-0349-469d-a23f-3f944fe4c1fa
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/dart-70-deployment-checklist-dart-7.md b/mdop/dart-v7/dart-70-deployment-checklist-dart-7.md
index fe7a329faa..c312c985c2 100644
--- a/mdop/dart-v7/dart-70-deployment-checklist-dart-7.md
+++ b/mdop/dart-v7/dart-70-deployment-checklist-dart-7.md
@@ -1,7 +1,7 @@
---
title: DaRT 7.0 Deployment Checklist
description: DaRT 7.0 Deployment Checklist
-author: msfttracyp
+author: dansimp
ms.assetid: 2c68ec15-0624-4a75-8237-05c68b61ad07
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/dart-70-planning-checklist-dart-7.md b/mdop/dart-v7/dart-70-planning-checklist-dart-7.md
index 5d125aafaf..eabf1df737 100644
--- a/mdop/dart-v7/dart-70-planning-checklist-dart-7.md
+++ b/mdop/dart-v7/dart-70-planning-checklist-dart-7.md
@@ -1,7 +1,7 @@
---
title: DaRT 7.0 Planning Checklist
description: DaRT 7.0 Planning Checklist
-author: msfttracyp
+author: dansimp
ms.assetid: f97a2318-6597-4774-a854-bb546279a8fd
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/dart-70-supported-configurations-dart-7.md b/mdop/dart-v7/dart-70-supported-configurations-dart-7.md
index 5c0de66ee4..19a84f8d6d 100644
--- a/mdop/dart-v7/dart-70-supported-configurations-dart-7.md
+++ b/mdop/dart-v7/dart-70-supported-configurations-dart-7.md
@@ -1,7 +1,7 @@
---
title: DaRT 7.0 Supported Configurations
description: DaRT 7.0 Supported Configurations
-author: msfttracyp
+author: dansimp
ms.assetid: e9ee87b0-3254-4625-b178-17b2f5b8f8c8
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/deploying-dart-70-new-ia.md b/mdop/dart-v7/deploying-dart-70-new-ia.md
index 9612cbbec2..7f4c348ffb 100644
--- a/mdop/dart-v7/deploying-dart-70-new-ia.md
+++ b/mdop/dart-v7/deploying-dart-70-new-ia.md
@@ -1,7 +1,7 @@
---
title: Deploying DaRT 7.0
description: Deploying DaRT 7.0
-author: msfttracyp
+author: dansimp
ms.assetid: 7bc99bce-b94f-4074-ba88-986ed76f8a6c
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/deploying-dart-70-to-administrator-computers-dart-7.md b/mdop/dart-v7/deploying-dart-70-to-administrator-computers-dart-7.md
index c8e61e3bbb..36d8f9c3e8 100644
--- a/mdop/dart-v7/deploying-dart-70-to-administrator-computers-dart-7.md
+++ b/mdop/dart-v7/deploying-dart-70-to-administrator-computers-dart-7.md
@@ -1,7 +1,7 @@
---
title: Deploying DaRT 7.0 to Administrator Computers
description: Deploying DaRT 7.0 to Administrator Computers
-author: msfttracyp
+author: dansimp
ms.assetid: 8baf26aa-b168-463c-810f-a165918b9d9f
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/deploying-the-dart-70-recovery-image-dart-7.md b/mdop/dart-v7/deploying-the-dart-70-recovery-image-dart-7.md
index b5bdee5e77..aa6254e9df 100644
--- a/mdop/dart-v7/deploying-the-dart-70-recovery-image-dart-7.md
+++ b/mdop/dart-v7/deploying-the-dart-70-recovery-image-dart-7.md
@@ -1,7 +1,7 @@
---
title: Deploying the DaRT 7.0 Recovery Image
description: Deploying the DaRT 7.0 Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: 6bba7bff-800f-44e4-bcfc-e143115607ca
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/diagnosing-system-failures-with-crash-analyzer--dart-7.md b/mdop/dart-v7/diagnosing-system-failures-with-crash-analyzer--dart-7.md
index 5376233690..58e2665ca5 100644
--- a/mdop/dart-v7/diagnosing-system-failures-with-crash-analyzer--dart-7.md
+++ b/mdop/dart-v7/diagnosing-system-failures-with-crash-analyzer--dart-7.md
@@ -1,7 +1,7 @@
---
title: Diagnosing System Failures with Crash Analyzer
description: Diagnosing System Failures with Crash Analyzer
-author: msfttracyp
+author: dansimp
ms.assetid: 170d40ef-4edb-4a32-a349-c285c0ea5e56
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/getting-started-with-dart-70-new-ia.md b/mdop/dart-v7/getting-started-with-dart-70-new-ia.md
index fe540dcf08..576bc94e50 100644
--- a/mdop/dart-v7/getting-started-with-dart-70-new-ia.md
+++ b/mdop/dart-v7/getting-started-with-dart-70-new-ia.md
@@ -1,7 +1,7 @@
---
title: Getting Started with DaRT 7.0
description: Getting Started with DaRT 7.0
-author: msfttracyp
+author: dansimp
ms.assetid: 796f52ce-0935-4d3d-9437-289b4c7b16c3
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/how-to-change-repair-or-remove-dart-70.md b/mdop/dart-v7/how-to-change-repair-or-remove-dart-70.md
index 3a447a185e..efa405245e 100644
--- a/mdop/dart-v7/how-to-change-repair-or-remove-dart-70.md
+++ b/mdop/dart-v7/how-to-change-repair-or-remove-dart-70.md
@@ -1,7 +1,7 @@
---
title: How to Change, Repair, or Remove DaRT 7.0
description: How to Change, Repair, or Remove DaRT 7.0
-author: msfttracyp
+author: dansimp
ms.assetid: a65ff4f3-2b6d-4105-a7a0-67c87e8e7300
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/how-to-create-a-time-limited-recovery-image-dart-7.md b/mdop/dart-v7/how-to-create-a-time-limited-recovery-image-dart-7.md
index b86616043e..e5172164b5 100644
--- a/mdop/dart-v7/how-to-create-a-time-limited-recovery-image-dart-7.md
+++ b/mdop/dart-v7/how-to-create-a-time-limited-recovery-image-dart-7.md
@@ -1,7 +1,7 @@
---
title: How to Create a Time Limited Recovery Image
description: How to Create a Time Limited Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: d2e29cac-c24c-4239-997f-0320b8a830ae
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/how-to-deploy-dart-70.md b/mdop/dart-v7/how-to-deploy-dart-70.md
index 5ea5704612..2eaec78452 100644
--- a/mdop/dart-v7/how-to-deploy-dart-70.md
+++ b/mdop/dart-v7/how-to-deploy-dart-70.md
@@ -1,7 +1,7 @@
---
title: How to Deploy DaRT 7.0
description: How to Deploy DaRT 7.0
-author: msfttracyp
+author: dansimp
ms.assetid: 30522441-40cb-4eca-99b4-dff758f5c647
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-7.md b/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-7.md
index 032c998a69..f3c6234fce 100644
--- a/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-7.md
+++ b/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-7.md
@@ -1,7 +1,7 @@
---
title: How to Deploy the DaRT Recovery Image as a Remote Partition
description: How to Deploy the DaRT Recovery Image as a Remote Partition
-author: msfttracyp
+author: dansimp
ms.assetid: 757c9340-8eac-42e8-85de-4302e436713a
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-7.md b/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-7.md
index 53d9e0c199..7484daf808 100644
--- a/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-7.md
+++ b/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-7.md
@@ -1,7 +1,7 @@
---
title: How to Deploy the DaRT Recovery Image as Part of a Recovery Partition
description: How to Deploy the DaRT Recovery Image as Part of a Recovery Partition
-author: msfttracyp
+author: dansimp
ms.assetid: 462f2d08-f03b-4a07-b2d3-c69205dc6f70
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-using-a-usb-flash-drive-dart-7.md b/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-using-a-usb-flash-drive-dart-7.md
index dec6b0ee1f..6f2b4bfdc4 100644
--- a/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-using-a-usb-flash-drive-dart-7.md
+++ b/mdop/dart-v7/how-to-deploy-the-dart-recovery-image-using-a-usb-flash-drive-dart-7.md
@@ -1,7 +1,7 @@
---
title: How to Deploy the DaRT Recovery Image Using a USB Flash Drive
description: How to Deploy the DaRT Recovery Image Using a USB Flash Drive
-author: msfttracyp
+author: dansimp
ms.assetid: 5b7aa843-731e-47e7-b5f9-48d08da732d6
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/how-to-ensure-that-crash-analyzer-can-access-symbol-files-dart-7.md b/mdop/dart-v7/how-to-ensure-that-crash-analyzer-can-access-symbol-files-dart-7.md
index 97919ebdaf..003b9a25dd 100644
--- a/mdop/dart-v7/how-to-ensure-that-crash-analyzer-can-access-symbol-files-dart-7.md
+++ b/mdop/dart-v7/how-to-ensure-that-crash-analyzer-can-access-symbol-files-dart-7.md
@@ -1,7 +1,7 @@
---
title: How to Ensure that Crash Analyzer Can Access Symbol Files
description: How to Ensure that Crash Analyzer Can Access Symbol Files
-author: msfttracyp
+author: dansimp
ms.assetid: 150a2f88-68a5-40eb-8471-e5008488ab6e
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/how-to-recover-local-computers-using-the-dart-recovery-image-dart-7.md b/mdop/dart-v7/how-to-recover-local-computers-using-the-dart-recovery-image-dart-7.md
index 3c5e049cc4..aab5c32455 100644
--- a/mdop/dart-v7/how-to-recover-local-computers-using-the-dart-recovery-image-dart-7.md
+++ b/mdop/dart-v7/how-to-recover-local-computers-using-the-dart-recovery-image-dart-7.md
@@ -1,7 +1,7 @@
---
title: How to Recover Local Computers Using the DaRT Recovery Image
description: How to Recover Local Computers Using the DaRT Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: be29b5a8-be08-4cf2-822e-77a51d3f3b65
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/how-to-recover-remote-computers-using-the-dart-recovery-image-dart-7.md b/mdop/dart-v7/how-to-recover-remote-computers-using-the-dart-recovery-image-dart-7.md
index 92044dc55f..42b1d76476 100644
--- a/mdop/dart-v7/how-to-recover-remote-computers-using-the-dart-recovery-image-dart-7.md
+++ b/mdop/dart-v7/how-to-recover-remote-computers-using-the-dart-recovery-image-dart-7.md
@@ -1,7 +1,7 @@
---
title: How to Recover Remote Computers Using the DaRT Recovery Image
description: How to Recover Remote Computers Using the DaRT Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: 66bc45fb-dc40-4d47-b583-5bb1ff5c97a7
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/how-to-run-the-crash-analyzer-in-stand-alone-mode-on-a-computer-other-than-an-end-user-computer-dart-7.md b/mdop/dart-v7/how-to-run-the-crash-analyzer-in-stand-alone-mode-on-a-computer-other-than-an-end-user-computer-dart-7.md
index ca96b96fa2..1bff3cde3b 100644
--- a/mdop/dart-v7/how-to-run-the-crash-analyzer-in-stand-alone-mode-on-a-computer-other-than-an-end-user-computer-dart-7.md
+++ b/mdop/dart-v7/how-to-run-the-crash-analyzer-in-stand-alone-mode-on-a-computer-other-than-an-end-user-computer-dart-7.md
@@ -1,7 +1,7 @@
---
title: How to Run the Crash Analyzer in Stand-alone Mode on a Computer Other than an End-user Computer
description: How to Run the Crash Analyzer in Stand-alone Mode on a Computer Other than an End-user Computer
-author: msfttracyp
+author: dansimp
ms.assetid: 881d573f-2f18-4c5f-838e-2f5320179f94
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-7.md b/mdop/dart-v7/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-7.md
index 1cd1277d48..d2fa4e6cfd 100644
--- a/mdop/dart-v7/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-7.md
+++ b/mdop/dart-v7/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-7.md
@@ -1,7 +1,7 @@
---
title: How to Run the Crash Analyzer on an End-user Computer
description: How to Run the Crash Analyzer on an End-user Computer
-author: msfttracyp
+author: dansimp
ms.assetid: 40af4ead-6588-4a81-8eaa-3dc00c397e1d
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/how-to-use-the-dart-recovery-image-wizard-to-create-the-recovery-image-dart-7.md b/mdop/dart-v7/how-to-use-the-dart-recovery-image-wizard-to-create-the-recovery-image-dart-7.md
index 68bcaa762b..c92cd507c9 100644
--- a/mdop/dart-v7/how-to-use-the-dart-recovery-image-wizard-to-create-the-recovery-image-dart-7.md
+++ b/mdop/dart-v7/how-to-use-the-dart-recovery-image-wizard-to-create-the-recovery-image-dart-7.md
@@ -1,7 +1,7 @@
---
title: How to Use the DaRT Recovery Image Wizard to Create the Recovery Image
description: How to Use the DaRT Recovery Image Wizard to Create the Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: 1b8ef983-fff9-4d75-a2f6-53120c5c00c9
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/operations-for-dart-70-new-ia.md b/mdop/dart-v7/operations-for-dart-70-new-ia.md
index aaeec42f32..82e9a6262f 100644
--- a/mdop/dart-v7/operations-for-dart-70-new-ia.md
+++ b/mdop/dart-v7/operations-for-dart-70-new-ia.md
@@ -1,7 +1,7 @@
---
title: Operations for DaRT 7.0
description: Operations for DaRT 7.0
-author: msfttracyp
+author: dansimp
ms.assetid: 5566d817-fc14-4408-ba01-1d87fbc132d9
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/overview-of-the-tools-in-dart-70-new-ia.md b/mdop/dart-v7/overview-of-the-tools-in-dart-70-new-ia.md
index 945180ced9..ca1639268e 100644
--- a/mdop/dart-v7/overview-of-the-tools-in-dart-70-new-ia.md
+++ b/mdop/dart-v7/overview-of-the-tools-in-dart-70-new-ia.md
@@ -1,7 +1,7 @@
---
title: Overview of the Tools in DaRT 7.0
description: Overview of the Tools in DaRT 7.0
-author: msfttracyp
+author: dansimp
ms.assetid: 67c5991e-cbe6-4ce9-9fe5-f1761369d1fe
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/planning-for-dart-70-new-ia.md b/mdop/dart-v7/planning-for-dart-70-new-ia.md
index 69e7f032bb..45d4cba004 100644
--- a/mdop/dart-v7/planning-for-dart-70-new-ia.md
+++ b/mdop/dart-v7/planning-for-dart-70-new-ia.md
@@ -1,7 +1,7 @@
---
title: Planning for DaRT 7.0
description: Planning for DaRT 7.0
-author: msfttracyp
+author: dansimp
ms.assetid: 9a60cb08-5efb-40fe-b1e3-9ece831f3b43
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/planning-how-to-save-and-deploy-the-dart-70-recovery-image.md b/mdop/dart-v7/planning-how-to-save-and-deploy-the-dart-70-recovery-image.md
index dfe697ea8f..13a06edae1 100644
--- a/mdop/dart-v7/planning-how-to-save-and-deploy-the-dart-70-recovery-image.md
+++ b/mdop/dart-v7/planning-how-to-save-and-deploy-the-dart-70-recovery-image.md
@@ -1,7 +1,7 @@
---
title: Planning How to Save and Deploy the DaRT 7.0 Recovery Image
description: Planning How to Save and Deploy the DaRT 7.0 Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: d96e9363-6186-4fc3-9b83-ba15ed9694a5
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/planning-to-create-the-dart-70-recovery-image.md b/mdop/dart-v7/planning-to-create-the-dart-70-recovery-image.md
index 3aa6ed872f..76cdbc0311 100644
--- a/mdop/dart-v7/planning-to-create-the-dart-70-recovery-image.md
+++ b/mdop/dart-v7/planning-to-create-the-dart-70-recovery-image.md
@@ -1,7 +1,7 @@
---
title: Planning to Create the DaRT 7.0 Recovery Image
description: Planning to Create the DaRT 7.0 Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: e5d49bee-ae4e-467b-9976-c1203f6355f9
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/planning-to-deploy-dart-70.md b/mdop/dart-v7/planning-to-deploy-dart-70.md
index 5fa805cf89..7ba9191fd7 100644
--- a/mdop/dart-v7/planning-to-deploy-dart-70.md
+++ b/mdop/dart-v7/planning-to-deploy-dart-70.md
@@ -1,7 +1,7 @@
---
title: Planning to Deploy DaRT 7.0
description: Planning to Deploy DaRT 7.0
-author: msfttracyp
+author: dansimp
ms.assetid: 05e97cdb-a8c2-46e4-9c75-a7d12fe26fe8
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/recovering-computers-using-dart-70-dart-7.md b/mdop/dart-v7/recovering-computers-using-dart-70-dart-7.md
index e3e5f4824e..b88da85ccc 100644
--- a/mdop/dart-v7/recovering-computers-using-dart-70-dart-7.md
+++ b/mdop/dart-v7/recovering-computers-using-dart-70-dart-7.md
@@ -1,7 +1,7 @@
---
title: Recovering Computers Using DaRT 7.0
description: Recovering Computers Using DaRT 7.0
-author: msfttracyp
+author: dansimp
ms.assetid: bcded7ca-237b-4971-ac34-4394b05cbc50
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/release-notes-for-dart-70-new-ia.md b/mdop/dart-v7/release-notes-for-dart-70-new-ia.md
index 035b7570cf..23e9fb82bb 100644
--- a/mdop/dart-v7/release-notes-for-dart-70-new-ia.md
+++ b/mdop/dart-v7/release-notes-for-dart-70-new-ia.md
@@ -1,7 +1,7 @@
---
title: Release Notes for DaRT 7.0
description: Release Notes for DaRT 7.0
-author: msfttracyp
+author: dansimp
ms.assetid: fad227d0-5c22-4efd-9187-0e5922f7250b
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/security-considerations-for-dart-70-dart-7.md b/mdop/dart-v7/security-considerations-for-dart-70-dart-7.md
index fb406cc6b9..25be976fde 100644
--- a/mdop/dart-v7/security-considerations-for-dart-70-dart-7.md
+++ b/mdop/dart-v7/security-considerations-for-dart-70-dart-7.md
@@ -1,7 +1,7 @@
---
title: Security Considerations for DaRT 7.0
description: Security Considerations for DaRT 7.0
-author: msfttracyp
+author: dansimp
ms.assetid: 52ad7e6c-c169-4ba4-aa76-56335a585eb8
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/technical-reference-for-dart-70-new-ia.md b/mdop/dart-v7/technical-reference-for-dart-70-new-ia.md
index 747af0760b..9858906b24 100644
--- a/mdop/dart-v7/technical-reference-for-dart-70-new-ia.md
+++ b/mdop/dart-v7/technical-reference-for-dart-70-new-ia.md
@@ -1,7 +1,7 @@
---
title: Technical Reference for DaRT 7.0
description: Technical Reference for DaRT 7.0
-author: msfttracyp
+author: dansimp
ms.assetid: f55c7e5e-713a-42d1-84c9-88370155f934
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v7/troubleshooting-dart-70-new-ia.md b/mdop/dart-v7/troubleshooting-dart-70-new-ia.md
index 7f1942cf6c..5ed44e7e05 100644
--- a/mdop/dart-v7/troubleshooting-dart-70-new-ia.md
+++ b/mdop/dart-v7/troubleshooting-dart-70-new-ia.md
@@ -1,7 +1,7 @@
---
title: Troubleshooting DaRT 7.0
description: Troubleshooting DaRT 7.0
-author: msfttracyp
+author: dansimp
ms.assetid: 24c50efa-e9ac-45c4-aca2-b1dcfe834fdd
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/about-dart-80-dart-8.md b/mdop/dart-v8/about-dart-80-dart-8.md
index 75405ef53f..5c87367d20 100644
--- a/mdop/dart-v8/about-dart-80-dart-8.md
+++ b/mdop/dart-v8/about-dart-80-dart-8.md
@@ -1,7 +1,7 @@
---
title: About DaRT 8.0
description: About DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: ce91efd6-7d78-44cb-bb8f-1f43f768ebaa
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/about-dart-80-sp1.md b/mdop/dart-v8/about-dart-80-sp1.md
index c6bec15027..3ccade84b6 100644
--- a/mdop/dart-v8/about-dart-80-sp1.md
+++ b/mdop/dart-v8/about-dart-80-sp1.md
@@ -1,7 +1,7 @@
---
title: About DaRT 8.0 SP1
description: About DaRT 8.0 SP1
-author: msfttracyp
+author: dansimp
ms.assetid: 2e166444-4097-4b23-9f50-d8819f1f4960
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/about-dart-81.md b/mdop/dart-v8/about-dart-81.md
index 9af17ffe96..b91ed2b3f4 100644
--- a/mdop/dart-v8/about-dart-81.md
+++ b/mdop/dart-v8/about-dart-81.md
@@ -1,7 +1,7 @@
---
title: About DaRT 8.1
description: About DaRT 8.1
-author: msfttracyp
+author: dansimp
ms.assetid: dcaddc57-0111-4a9d-8be9-f5ada0eefa7d
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/accessibility-for-dart-80-dart-8.md b/mdop/dart-v8/accessibility-for-dart-80-dart-8.md
index dedbc23dc8..ce54a3a916 100644
--- a/mdop/dart-v8/accessibility-for-dart-80-dart-8.md
+++ b/mdop/dart-v8/accessibility-for-dart-80-dart-8.md
@@ -1,7 +1,7 @@
---
title: Accessibility for DaRT 8.0
description: Accessibility for DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: 95f426de-222c-4ec0-9b9b-af817c7fff9b
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/administering-dart-80-using-powershell-dart-8.md b/mdop/dart-v8/administering-dart-80-using-powershell-dart-8.md
index 1aaf5e577a..7e837ccffc 100644
--- a/mdop/dart-v8/administering-dart-80-using-powershell-dart-8.md
+++ b/mdop/dart-v8/administering-dart-80-using-powershell-dart-8.md
@@ -1,7 +1,7 @@
---
title: Administering DaRT 8.0 Using PowerShell
description: Administering DaRT 8.0 Using PowerShell
-author: msfttracyp
+author: dansimp
ms.assetid: 776430e0-d5c9-4919-877a-fab503451b37
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/creating-the-dart-80-recovery-image-dart-8.md b/mdop/dart-v8/creating-the-dart-80-recovery-image-dart-8.md
index cec64c5c0e..be944c9ff8 100644
--- a/mdop/dart-v8/creating-the-dart-80-recovery-image-dart-8.md
+++ b/mdop/dart-v8/creating-the-dart-80-recovery-image-dart-8.md
@@ -1,7 +1,7 @@
---
title: Creating the DaRT 8.0 Recovery Image
description: Creating the DaRT 8.0 Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: 39001b8e-86c0-45ef-8f34-2d6199f9922d
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/dart-80-deployment-checklist-dart-8.md b/mdop/dart-v8/dart-80-deployment-checklist-dart-8.md
index 94c522e8cb..a3ef35e300 100644
--- a/mdop/dart-v8/dart-80-deployment-checklist-dart-8.md
+++ b/mdop/dart-v8/dart-80-deployment-checklist-dart-8.md
@@ -1,7 +1,7 @@
---
title: DaRT 8.0 Deployment Checklist
description: DaRT 8.0 Deployment Checklist
-author: msfttracyp
+author: dansimp
ms.assetid: 74e071fb-697c-463f-adce-d09b8d86495f
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/dart-80-planning-checklist-dart-8.md b/mdop/dart-v8/dart-80-planning-checklist-dart-8.md
index d94a6d2c8c..d9994dd3cc 100644
--- a/mdop/dart-v8/dart-80-planning-checklist-dart-8.md
+++ b/mdop/dart-v8/dart-80-planning-checklist-dart-8.md
@@ -1,7 +1,7 @@
---
title: DaRT 8.0 Planning Checklist
description: DaRT 8.0 Planning Checklist
-author: msfttracyp
+author: dansimp
ms.assetid: 0a0f5a71-b1d6-424c-8174-fc5aad506928
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/dart-80-privacy-statement-dart-8.md b/mdop/dart-v8/dart-80-privacy-statement-dart-8.md
index 0be261d833..1adbc23901 100644
--- a/mdop/dart-v8/dart-80-privacy-statement-dart-8.md
+++ b/mdop/dart-v8/dart-80-privacy-statement-dart-8.md
@@ -1,7 +1,7 @@
---
title: DaRT 8.0 Privacy Statement
description: DaRT 8.0 Privacy Statement
-author: msfttracyp
+author: dansimp
ms.assetid: db474241-e44e-4bca-9be4-3557a3614c2a
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/dart-80-supported-configurations-dart-8.md b/mdop/dart-v8/dart-80-supported-configurations-dart-8.md
index f659803a79..f79919bdd4 100644
--- a/mdop/dart-v8/dart-80-supported-configurations-dart-8.md
+++ b/mdop/dart-v8/dart-80-supported-configurations-dart-8.md
@@ -1,7 +1,7 @@
---
title: DaRT 8.0 Supported Configurations
description: DaRT 8.0 Supported Configurations
-author: msfttracyp
+author: dansimp
ms.assetid: 95d68e5c-d202-4f4a-adef-d2098328172e
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/deploying-dart-80-dart-8.md b/mdop/dart-v8/deploying-dart-80-dart-8.md
index c6a3f6f118..253b69e28d 100644
--- a/mdop/dart-v8/deploying-dart-80-dart-8.md
+++ b/mdop/dart-v8/deploying-dart-80-dart-8.md
@@ -1,7 +1,7 @@
---
title: Deploying DaRT 8.0
description: Deploying DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: 5a976d4e-3372-4ef6-9095-1b48e99af21b
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/deploying-dart-80-to-administrator-computers-dart-8.md b/mdop/dart-v8/deploying-dart-80-to-administrator-computers-dart-8.md
index ddd014d2eb..e29f368dde 100644
--- a/mdop/dart-v8/deploying-dart-80-to-administrator-computers-dart-8.md
+++ b/mdop/dart-v8/deploying-dart-80-to-administrator-computers-dart-8.md
@@ -1,7 +1,7 @@
---
title: Deploying DaRT 8.0 to Administrator Computers
description: Deploying DaRT 8.0 to Administrator Computers
-author: msfttracyp
+author: dansimp
ms.assetid: f918ead8-742e-464a-8bf6-1fcedde66cae
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/deploying-the-dart-recovery-image-dart-8.md b/mdop/dart-v8/deploying-the-dart-recovery-image-dart-8.md
index c635accd35..d06c1d699d 100644
--- a/mdop/dart-v8/deploying-the-dart-recovery-image-dart-8.md
+++ b/mdop/dart-v8/deploying-the-dart-recovery-image-dart-8.md
@@ -1,7 +1,7 @@
---
title: Deploying the DaRT Recovery Image
description: Deploying the DaRT Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: df5cb54a-be8c-4ed2-89ea-d3c67c2ef4d4
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/diagnosing-system-failures-with-crash-analyzer--dart-8.md b/mdop/dart-v8/diagnosing-system-failures-with-crash-analyzer--dart-8.md
index 77522cf3fa..93d1cee294 100644
--- a/mdop/dart-v8/diagnosing-system-failures-with-crash-analyzer--dart-8.md
+++ b/mdop/dart-v8/diagnosing-system-failures-with-crash-analyzer--dart-8.md
@@ -1,7 +1,7 @@
---
title: Diagnosing System Failures with Crash Analyzer
description: Diagnosing System Failures with Crash Analyzer
-author: msfttracyp
+author: dansimp
ms.assetid: ce3d3186-54fb-45b2-b5ce-9bb7841db28f
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/getting-started-with-dart-80-dart-8.md b/mdop/dart-v8/getting-started-with-dart-80-dart-8.md
index e313b81a37..f65f99da45 100644
--- a/mdop/dart-v8/getting-started-with-dart-80-dart-8.md
+++ b/mdop/dart-v8/getting-started-with-dart-80-dart-8.md
@@ -1,7 +1,7 @@
---
title: Getting Started with DaRT 8.0
description: Getting Started with DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: 579d18c5-7434-4a0e-9725-fb81ca5e3c6d
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/how-to-change-repair-or-remove-dart-80-dart-8.md b/mdop/dart-v8/how-to-change-repair-or-remove-dart-80-dart-8.md
index 6c2e3fb612..2ec61410a0 100644
--- a/mdop/dart-v8/how-to-change-repair-or-remove-dart-80-dart-8.md
+++ b/mdop/dart-v8/how-to-change-repair-or-remove-dart-80-dart-8.md
@@ -1,7 +1,7 @@
---
title: How to Change, Repair, or Remove DaRT 8.0
description: How to Change, Repair, or Remove DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: a9737635-aaf5-45bd-861f-f9dff4f02336
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/how-to-deploy-dart-80-dart-8.md b/mdop/dart-v8/how-to-deploy-dart-80-dart-8.md
index f562dc65ba..a569e0ab61 100644
--- a/mdop/dart-v8/how-to-deploy-dart-80-dart-8.md
+++ b/mdop/dart-v8/how-to-deploy-dart-80-dart-8.md
@@ -1,7 +1,7 @@
---
title: How to Deploy DaRT 8.0
description: How to Deploy DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: ab772e7a-c02f-4847-acdf-8bd362769a77
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-8.md b/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-8.md
index cddcfef5e9..e9ff959654 100644
--- a/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-8.md
+++ b/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-a-remote-partition-dart-8.md
@@ -1,7 +1,7 @@
---
title: How to Deploy the DaRT Recovery Image as a Remote Partition
description: How to Deploy the DaRT Recovery Image as a Remote Partition
-author: msfttracyp
+author: dansimp
ms.assetid: 58f4a6c6-6193-42bd-a095-0de868711af9
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-8.md b/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-8.md
index c84571d02c..e79d234f3a 100644
--- a/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-8.md
+++ b/mdop/dart-v8/how-to-deploy-the-dart-recovery-image-as-part-of-a-recovery-partition-dart-8.md
@@ -1,7 +1,7 @@
---
title: How to Deploy the DaRT Recovery Image as Part of a Recovery Partition
description: How to Deploy the DaRT Recovery Image as Part of a Recovery Partition
-author: msfttracyp
+author: dansimp
ms.assetid: 07c5d539-51d9-4759-adc7-72b40d5d7bb3
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/how-to-ensure-that-crash-analyzer-can-access-symbol-files.md b/mdop/dart-v8/how-to-ensure-that-crash-analyzer-can-access-symbol-files.md
index dfdfa5bf01..15135b16d0 100644
--- a/mdop/dart-v8/how-to-ensure-that-crash-analyzer-can-access-symbol-files.md
+++ b/mdop/dart-v8/how-to-ensure-that-crash-analyzer-can-access-symbol-files.md
@@ -1,7 +1,7 @@
---
title: How to Ensure that Crash Analyzer Can Access Symbol Files
description: How to Ensure that Crash Analyzer Can Access Symbol Files
-author: msfttracyp
+author: dansimp
ms.assetid: 99839013-1cd8-44d1-8484-0e15261c5a4b
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/how-to-perform-dart-tasks-by-using-powershell-commands-dart-8.md b/mdop/dart-v8/how-to-perform-dart-tasks-by-using-powershell-commands-dart-8.md
index c1eb0becc8..7036e2173b 100644
--- a/mdop/dart-v8/how-to-perform-dart-tasks-by-using-powershell-commands-dart-8.md
+++ b/mdop/dart-v8/how-to-perform-dart-tasks-by-using-powershell-commands-dart-8.md
@@ -1,7 +1,7 @@
---
title: How to Perform DaRT Tasks by Using PowerShell Commands
description: How to Perform DaRT Tasks by Using PowerShell Commands
-author: msfttracyp
+author: dansimp
ms.assetid: bc788b00-38c7-4f57-a832-916b68264d89
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/how-to-recover-local-computers-by-using-the-dart-recovery-image-dart-8.md b/mdop/dart-v8/how-to-recover-local-computers-by-using-the-dart-recovery-image-dart-8.md
index d4315fa44a..76ac2f9600 100644
--- a/mdop/dart-v8/how-to-recover-local-computers-by-using-the-dart-recovery-image-dart-8.md
+++ b/mdop/dart-v8/how-to-recover-local-computers-by-using-the-dart-recovery-image-dart-8.md
@@ -1,7 +1,7 @@
---
title: How to Recover Local Computers by Using the DaRT Recovery Image
description: How to Recover Local Computers by Using the DaRT Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: f679d522-49ab-429c-93d0-294c3f3e5639
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-8.md b/mdop/dart-v8/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-8.md
index 0b4c3efa63..da40c73d47 100644
--- a/mdop/dart-v8/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-8.md
+++ b/mdop/dart-v8/how-to-recover-remote-computers-by-using-the-dart-recovery-image-dart-8.md
@@ -1,7 +1,7 @@
---
title: How to Recover Remote Computers by Using the DaRT Recovery Image
description: How to Recover Remote Computers by Using the DaRT Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: 363ccd48-6820-4b5b-a43a-323c0b208a9d
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/how-to-run-the-crash-analyzer-in-stand-alone-mode-on-a-computer-other-than-an-end-user-computer-dart-8.md b/mdop/dart-v8/how-to-run-the-crash-analyzer-in-stand-alone-mode-on-a-computer-other-than-an-end-user-computer-dart-8.md
index 8b0b3c8a8c..2f82d060f4 100644
--- a/mdop/dart-v8/how-to-run-the-crash-analyzer-in-stand-alone-mode-on-a-computer-other-than-an-end-user-computer-dart-8.md
+++ b/mdop/dart-v8/how-to-run-the-crash-analyzer-in-stand-alone-mode-on-a-computer-other-than-an-end-user-computer-dart-8.md
@@ -1,7 +1,7 @@
---
title: How to Run the Crash Analyzer in Stand-alone Mode on a Computer Other than an End-user Computer
description: How to Run the Crash Analyzer in Stand-alone Mode on a Computer Other than an End-user Computer
-author: msfttracyp
+author: dansimp
ms.assetid: b2f87144-6379-478a-802b-9cfef5242f34
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-8.md b/mdop/dart-v8/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-8.md
index e3a35791e8..bcd43d11d1 100644
--- a/mdop/dart-v8/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-8.md
+++ b/mdop/dart-v8/how-to-run-the-crash-analyzer-on-an-end-user-computer-dart-8.md
@@ -1,7 +1,7 @@
---
title: How to Run the Crash Analyzer on an End-user Computer
description: How to Run the Crash Analyzer on an End-user Computer
-author: msfttracyp
+author: dansimp
ms.assetid: d36213e5-7719-44d7-be65-971c3ef7df2c
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/how-to-use-a-powershell-script-to-create-the-recovery-image-dart-8.md b/mdop/dart-v8/how-to-use-a-powershell-script-to-create-the-recovery-image-dart-8.md
index b0a3f41ad7..5ea2ed4af5 100644
--- a/mdop/dart-v8/how-to-use-a-powershell-script-to-create-the-recovery-image-dart-8.md
+++ b/mdop/dart-v8/how-to-use-a-powershell-script-to-create-the-recovery-image-dart-8.md
@@ -1,7 +1,7 @@
---
title: How to Use a PowerShell Script to Create the Recovery Image
description: How to Use a PowerShell Script to Create the Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: d0c71092-535e-43b1-9b1d-6ac819508348
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/microsoft-diagnostics-and-recovery-toolset--dart--users-should-use-windows-defender-offline--wdo--for-malware-detection.md b/mdop/dart-v8/microsoft-diagnostics-and-recovery-toolset--dart--users-should-use-windows-defender-offline--wdo--for-malware-detection.md
index f2a4047807..8d28155d2c 100644
--- a/mdop/dart-v8/microsoft-diagnostics-and-recovery-toolset--dart--users-should-use-windows-defender-offline--wdo--for-malware-detection.md
+++ b/mdop/dart-v8/microsoft-diagnostics-and-recovery-toolset--dart--users-should-use-windows-defender-offline--wdo--for-malware-detection.md
@@ -1,7 +1,7 @@
---
title: Microsoft Diagnostics and Recovery Toolset (DaRT) users should use Windows Defender Offline (WDO) for malware detection
description: Microsoft Diagnostics and Recovery Toolset (DaRT) users should use Windows Defender Offline (WDO) for malware detection
-author: msfttracyp
+author: dansimp
ms.assetid: 59678283-4b44-4d02-ba8f-0e7315efd5d1
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/operations-for-dart-80-dart-8.md b/mdop/dart-v8/operations-for-dart-80-dart-8.md
index c71925f264..8b4d4064ac 100644
--- a/mdop/dart-v8/operations-for-dart-80-dart-8.md
+++ b/mdop/dart-v8/operations-for-dart-80-dart-8.md
@@ -1,7 +1,7 @@
---
title: Operations for DaRT 8.0
description: Operations for DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: a31615de-eb6e-41af-909c-d0b6f3eb3f2f
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/overview-of-the-tools-in-dart-80-dart-8.md b/mdop/dart-v8/overview-of-the-tools-in-dart-80-dart-8.md
index dc1608bbf2..4939913f2a 100644
--- a/mdop/dart-v8/overview-of-the-tools-in-dart-80-dart-8.md
+++ b/mdop/dart-v8/overview-of-the-tools-in-dart-80-dart-8.md
@@ -1,7 +1,7 @@
---
title: Overview of the Tools in DaRT 8.0
description: Overview of the Tools in DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: 1766c82e-c099-47d4-b186-4689b026a7e0
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/planning-for-dart-80-dart-8.md b/mdop/dart-v8/planning-for-dart-80-dart-8.md
index 55b249c5e7..8c62020a06 100644
--- a/mdop/dart-v8/planning-for-dart-80-dart-8.md
+++ b/mdop/dart-v8/planning-for-dart-80-dart-8.md
@@ -1,7 +1,7 @@
---
title: Planning for DaRT 8.0
description: Planning for DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: c8be3ab3-dc54-43b9-b9ff-fbd5e1ef29a7
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/planning-how-to-save-and-deploy-the-dart-80-recovery-image-dart-8.md b/mdop/dart-v8/planning-how-to-save-and-deploy-the-dart-80-recovery-image-dart-8.md
index 00fe0bfbd8..4886b9d80d 100644
--- a/mdop/dart-v8/planning-how-to-save-and-deploy-the-dart-80-recovery-image-dart-8.md
+++ b/mdop/dart-v8/planning-how-to-save-and-deploy-the-dart-80-recovery-image-dart-8.md
@@ -1,7 +1,7 @@
---
title: Planning How to Save and Deploy the DaRT 8.0 Recovery Image
description: Planning How to Save and Deploy the DaRT 8.0 Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: 939fbe17-0e30-4c85-8782-5b84d69442a7
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/planning-to-create-the-dart-80-recovery-image-dart-8.md b/mdop/dart-v8/planning-to-create-the-dart-80-recovery-image-dart-8.md
index 3e41f760d4..4da66bd3aa 100644
--- a/mdop/dart-v8/planning-to-create-the-dart-80-recovery-image-dart-8.md
+++ b/mdop/dart-v8/planning-to-create-the-dart-80-recovery-image-dart-8.md
@@ -1,7 +1,7 @@
---
title: Planning to Create the DaRT 8.0 Recovery Image
description: Planning to Create the DaRT 8.0 Recovery Image
-author: msfttracyp
+author: dansimp
ms.assetid: cfd0e1e2-c379-4460-b545-3f7be9f33583
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/planning-to-deploy-dart-80-dart-8.md b/mdop/dart-v8/planning-to-deploy-dart-80-dart-8.md
index 57ade193c4..dffa452027 100644
--- a/mdop/dart-v8/planning-to-deploy-dart-80-dart-8.md
+++ b/mdop/dart-v8/planning-to-deploy-dart-80-dart-8.md
@@ -1,7 +1,7 @@
---
title: Planning to Deploy DaRT 8.0
description: Planning to Deploy DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: 36f2babb-9ac5-4ea2-932c-12c6211f5be2
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/recovering-computers-using-dart-80-dart-8.md b/mdop/dart-v8/recovering-computers-using-dart-80-dart-8.md
index 78ee035cb4..3c321dd003 100644
--- a/mdop/dart-v8/recovering-computers-using-dart-80-dart-8.md
+++ b/mdop/dart-v8/recovering-computers-using-dart-80-dart-8.md
@@ -1,7 +1,7 @@
---
title: Recovering Computers Using DaRT 8.0
description: Recovering Computers Using DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: 0caeb7d9-c1e6-4f32-bc27-157b91630989
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/release-notes-for-dart-80--dart-8.md b/mdop/dart-v8/release-notes-for-dart-80--dart-8.md
index a96b501caa..31b1b71c8c 100644
--- a/mdop/dart-v8/release-notes-for-dart-80--dart-8.md
+++ b/mdop/dart-v8/release-notes-for-dart-80--dart-8.md
@@ -1,7 +1,7 @@
---
title: Release Notes for DaRT 8.0
description: Release Notes for DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: e8b373c8-7aa5-4930-a8f9-743d26145dad
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/release-notes-for-dart-80-sp1.md b/mdop/dart-v8/release-notes-for-dart-80-sp1.md
index 28f2df8b60..15d2ce4009 100644
--- a/mdop/dart-v8/release-notes-for-dart-80-sp1.md
+++ b/mdop/dart-v8/release-notes-for-dart-80-sp1.md
@@ -1,7 +1,7 @@
---
title: Release Notes for DaRT 8.0 SP1
description: Release Notes for DaRT 8.0 SP1
-author: msfttracyp
+author: dansimp
ms.assetid: fa7512d8-fb00-4c27-8f65-c15f3a8ff1cc
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/release-notes-for-dart-81.md b/mdop/dart-v8/release-notes-for-dart-81.md
index d1183586b4..05c3ced9ce 100644
--- a/mdop/dart-v8/release-notes-for-dart-81.md
+++ b/mdop/dart-v8/release-notes-for-dart-81.md
@@ -1,7 +1,7 @@
---
title: Release Notes for DaRT 8.1
description: Release Notes for DaRT 8.1
-author: msfttracyp
+author: dansimp
ms.assetid: 44303107-60f4-485c-848a-7e0529f142d4
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/security-and-privacy-for-dart-80-dart-8.md b/mdop/dart-v8/security-and-privacy-for-dart-80-dart-8.md
index f6a05dbbaf..17a4641be1 100644
--- a/mdop/dart-v8/security-and-privacy-for-dart-80-dart-8.md
+++ b/mdop/dart-v8/security-and-privacy-for-dart-80-dart-8.md
@@ -1,7 +1,7 @@
---
title: Security and Privacy for DaRT 8.0
description: Security and Privacy for DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: 668188fc-d9e9-4607-b90a-9e50bf53bc88
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/security-considerations-for-dart-80--dart-8.md b/mdop/dart-v8/security-considerations-for-dart-80--dart-8.md
index 716e3ed33f..1899542b1e 100644
--- a/mdop/dart-v8/security-considerations-for-dart-80--dart-8.md
+++ b/mdop/dart-v8/security-considerations-for-dart-80--dart-8.md
@@ -1,7 +1,7 @@
---
title: Security Considerations for DaRT 8.0
description: Security Considerations for DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: 45ef8164-fee7-41a1-9a36-de4e3264e7a8
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/technical-reference-for-dart-80-new-ia.md b/mdop/dart-v8/technical-reference-for-dart-80-new-ia.md
index 1084a0fc4e..fb98efd9d0 100644
--- a/mdop/dart-v8/technical-reference-for-dart-80-new-ia.md
+++ b/mdop/dart-v8/technical-reference-for-dart-80-new-ia.md
@@ -1,7 +1,7 @@
---
title: Technical Reference for DaRT 8.0
description: Technical Reference for DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: 1d0bf98b-b56b-4ce6-ad19-eb85e1ff1287
ms.reviewer:
manager: dansimp
diff --git a/mdop/dart-v8/troubleshooting-dart-80-dart-8.md b/mdop/dart-v8/troubleshooting-dart-80-dart-8.md
index dd64f0665f..1e1dd715ba 100644
--- a/mdop/dart-v8/troubleshooting-dart-80-dart-8.md
+++ b/mdop/dart-v8/troubleshooting-dart-80-dart-8.md
@@ -1,7 +1,7 @@
---
title: Troubleshooting DaRT 8.0
description: Troubleshooting DaRT 8.0
-author: msfttracyp
+author: dansimp
ms.assetid: 0444a390-3251-47f4-b6c8-828d4a2e8af4
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/about-mbam-10.md b/mdop/mbam-v1/about-mbam-10.md
index de3e35c13d..ca1ac44277 100644
--- a/mdop/mbam-v1/about-mbam-10.md
+++ b/mdop/mbam-v1/about-mbam-10.md
@@ -1,7 +1,7 @@
---
title: About MBAM 1.0
description: About MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: 99254aaa-2b30-4b2e-8365-0d4b67a89a0c
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/accessibility-for-mbam-10.md b/mdop/mbam-v1/accessibility-for-mbam-10.md
index f360475a2c..d1622daf4f 100644
--- a/mdop/mbam-v1/accessibility-for-mbam-10.md
+++ b/mdop/mbam-v1/accessibility-for-mbam-10.md
@@ -1,7 +1,7 @@
---
title: Accessibility for MBAM 1.0
description: Accessibility for MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: 5c1bf1a3-76cf-458c-ac4a-cd343aace4de
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/administering-mbam-10-by-using-powershell.md b/mdop/mbam-v1/administering-mbam-10-by-using-powershell.md
index b9f38f7a3e..045a75049c 100644
--- a/mdop/mbam-v1/administering-mbam-10-by-using-powershell.md
+++ b/mdop/mbam-v1/administering-mbam-10-by-using-powershell.md
@@ -1,7 +1,7 @@
---
title: Administering MBAM 1.0 by Using PowerShell
description: Administering MBAM 1.0 by Using PowerShell
-author: msfttracyp
+author: dansimp
ms.assetid: 3bf2eca5-4ab7-4e84-9e80-c0c7d709647b
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/administering-mbam-10-features.md b/mdop/mbam-v1/administering-mbam-10-features.md
index 26d27aea64..d4ffc956e4 100644
--- a/mdop/mbam-v1/administering-mbam-10-features.md
+++ b/mdop/mbam-v1/administering-mbam-10-features.md
@@ -1,7 +1,7 @@
---
title: Administering MBAM 1.0 Features
description: Administering MBAM 1.0 Features
-author: msfttracyp
+author: dansimp
ms.assetid: dd9a9eff-f1ad-4af3-85d9-c19131a4ad22
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/deploying-mbam-10-group-policy-objects.md b/mdop/mbam-v1/deploying-mbam-10-group-policy-objects.md
index f62d25bd4d..43a045b042 100644
--- a/mdop/mbam-v1/deploying-mbam-10-group-policy-objects.md
+++ b/mdop/mbam-v1/deploying-mbam-10-group-policy-objects.md
@@ -1,7 +1,7 @@
---
title: Deploying MBAM 1.0 Group Policy Objects
description: Deploying MBAM 1.0 Group Policy Objects
-author: msfttracyp
+author: dansimp
ms.assetid: 2129291e-d2b2-41ed-b643-1e311c49fee7
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/deploying-mbam-10.md b/mdop/mbam-v1/deploying-mbam-10.md
index 086a3a721d..738c0a8cf5 100644
--- a/mdop/mbam-v1/deploying-mbam-10.md
+++ b/mdop/mbam-v1/deploying-mbam-10.md
@@ -1,7 +1,7 @@
---
title: Deploying MBAM 1.0
description: Deploying MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: ff952ed6-08b2-4ed0-97b8-bf89f22cccbc
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/deploying-the-mbam-10-client.md b/mdop/mbam-v1/deploying-the-mbam-10-client.md
index df62ed3b09..2ea9421631 100644
--- a/mdop/mbam-v1/deploying-the-mbam-10-client.md
+++ b/mdop/mbam-v1/deploying-the-mbam-10-client.md
@@ -1,7 +1,7 @@
---
title: Deploying the MBAM 1.0 Client
description: Deploying the MBAM 1.0 Client
-author: msfttracyp
+author: dansimp
ms.assetid: f7ca233f-5035-4ff9-ab3a-f2453b4929d1
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/deploying-the-mbam-10-language-release-update.md b/mdop/mbam-v1/deploying-the-mbam-10-language-release-update.md
index 311a0ba253..e78020f8c7 100644
--- a/mdop/mbam-v1/deploying-the-mbam-10-language-release-update.md
+++ b/mdop/mbam-v1/deploying-the-mbam-10-language-release-update.md
@@ -1,7 +1,7 @@
---
title: Deploying the MBAM 1.0 Language Release Update
description: Deploying the MBAM 1.0 Language Release Update
-author: msfttracyp
+author: dansimp
ms.assetid: 9dbd85c3-e470-4752-a90f-25754dd46dab
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/deploying-the-mbam-10-server-infrastructure.md b/mdop/mbam-v1/deploying-the-mbam-10-server-infrastructure.md
index e802fbe9a3..271902cccb 100644
--- a/mdop/mbam-v1/deploying-the-mbam-10-server-infrastructure.md
+++ b/mdop/mbam-v1/deploying-the-mbam-10-server-infrastructure.md
@@ -1,7 +1,7 @@
---
title: Deploying the MBAM 1.0 Server Infrastructure
description: Deploying the MBAM 1.0 Server Infrastructure
-author: msfttracyp
+author: dansimp
ms.assetid: 90529379-b70e-4c92-b188-3d7aaf1844af
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/evaluating-mbam-10.md b/mdop/mbam-v1/evaluating-mbam-10.md
index c245904370..fdca62c06c 100644
--- a/mdop/mbam-v1/evaluating-mbam-10.md
+++ b/mdop/mbam-v1/evaluating-mbam-10.md
@@ -1,7 +1,7 @@
---
title: Evaluating MBAM 1.0
description: Evaluating MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: a1e2b674-eda9-4e1c-9b4c-e748470c71f2
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/getting-started-with-mbam-10.md b/mdop/mbam-v1/getting-started-with-mbam-10.md
index 80cf2a07bf..bea99f0a2d 100644
--- a/mdop/mbam-v1/getting-started-with-mbam-10.md
+++ b/mdop/mbam-v1/getting-started-with-mbam-10.md
@@ -1,7 +1,7 @@
---
title: Getting Started with MBAM 1.0
description: Getting Started with MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: 4fab4e4a-d25e-4661-b235-2b45bf5ac3e4
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/high-availability-for-mbam-10.md b/mdop/mbam-v1/high-availability-for-mbam-10.md
index 5817b9955d..5ed4167fde 100644
--- a/mdop/mbam-v1/high-availability-for-mbam-10.md
+++ b/mdop/mbam-v1/high-availability-for-mbam-10.md
@@ -1,7 +1,7 @@
---
title: High Availability for MBAM 1.0
description: High Availability for MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: 5869ecf8-1056-4c32-aecb-838a37e05d39
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/high-level-architecture-for-mbam-10.md b/mdop/mbam-v1/high-level-architecture-for-mbam-10.md
index d01784a142..0ebd00df60 100644
--- a/mdop/mbam-v1/high-level-architecture-for-mbam-10.md
+++ b/mdop/mbam-v1/high-level-architecture-for-mbam-10.md
@@ -1,7 +1,7 @@
---
title: High Level Architecture for MBAM 1.0
description: High Level Architecture for MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: b1349196-88ed-4d6c-8a1d-998f18127b6b
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-configure-network-load-balancing-for-mbam.md b/mdop/mbam-v1/how-to-configure-network-load-balancing-for-mbam.md
index 9020faa354..3d6704eaa2 100644
--- a/mdop/mbam-v1/how-to-configure-network-load-balancing-for-mbam.md
+++ b/mdop/mbam-v1/how-to-configure-network-load-balancing-for-mbam.md
@@ -1,7 +1,7 @@
---
title: How to Configure Network Load Balancing for MBAM
description: How to Configure Network Load Balancing for MBAM
-author: msfttracyp
+author: dansimp
ms.assetid: df2208c3-352b-4a48-9722-237b0c8cd6a5
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-deploy-the-mbam-client-as-part-of-a-windows-deployment-mbam-1.md b/mdop/mbam-v1/how-to-deploy-the-mbam-client-as-part-of-a-windows-deployment-mbam-1.md
index 8390876b1e..503daa81b3 100644
--- a/mdop/mbam-v1/how-to-deploy-the-mbam-client-as-part-of-a-windows-deployment-mbam-1.md
+++ b/mdop/mbam-v1/how-to-deploy-the-mbam-client-as-part-of-a-windows-deployment-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Deploy the MBAM Client as Part of a Windows Deployment
description: How to Deploy the MBAM Client as Part of a Windows Deployment
-author: msfttracyp
+author: dansimp
ms.assetid: 8704bf33-535d-41da-b9b2-45b60754367e
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-deploy-the-mbam-client-to-desktop-or-laptop-computers-mbam-1.md b/mdop/mbam-v1/how-to-deploy-the-mbam-client-to-desktop-or-laptop-computers-mbam-1.md
index 739b6c100e..e04dee41a9 100644
--- a/mdop/mbam-v1/how-to-deploy-the-mbam-client-to-desktop-or-laptop-computers-mbam-1.md
+++ b/mdop/mbam-v1/how-to-deploy-the-mbam-client-to-desktop-or-laptop-computers-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Deploy the MBAM Client to Desktop or Laptop Computers
description: How to Deploy the MBAM Client to Desktop or Laptop Computers
-author: msfttracyp
+author: dansimp
ms.assetid: f32927a2-4c05-4da8-acca-1108d1dfdb7e
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-determine-the-bitlocker-encryption-state-of-a-lost-computers-mbam-1.md b/mdop/mbam-v1/how-to-determine-the-bitlocker-encryption-state-of-a-lost-computers-mbam-1.md
index 9183a1ebb8..5b8a997a81 100644
--- a/mdop/mbam-v1/how-to-determine-the-bitlocker-encryption-state-of-a-lost-computers-mbam-1.md
+++ b/mdop/mbam-v1/how-to-determine-the-bitlocker-encryption-state-of-a-lost-computers-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Determine the BitLocker Encryption State of a Lost Computers
description: How to Determine the BitLocker Encryption State of a Lost Computers
-author: msfttracyp
+author: dansimp
ms.assetid: 9440890a-9c63-463b-9113-f46071446388
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-edit-mbam-10-gpo-settings.md b/mdop/mbam-v1/how-to-edit-mbam-10-gpo-settings.md
index 7b594af29c..638c95c3ca 100644
--- a/mdop/mbam-v1/how-to-edit-mbam-10-gpo-settings.md
+++ b/mdop/mbam-v1/how-to-edit-mbam-10-gpo-settings.md
@@ -1,7 +1,7 @@
---
title: How to Edit MBAM 1.0 GPO Settings
description: How to Edit MBAM 1.0 GPO Settings
-author: msfttracyp
+author: dansimp
ms.assetid: 03d12fbc-4302-43fc-9b38-440607d778a1
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-generate-mbam-reports-mbam-1.md b/mdop/mbam-v1/how-to-generate-mbam-reports-mbam-1.md
index 2117e28d4f..f8ee9675f3 100644
--- a/mdop/mbam-v1/how-to-generate-mbam-reports-mbam-1.md
+++ b/mdop/mbam-v1/how-to-generate-mbam-reports-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Generate MBAM Reports
description: How to Generate MBAM Reports
-author: msfttracyp
+author: dansimp
ms.assetid: cdf4ae76-040c-447c-8736-c9e57068d221
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-hide-default-bitlocker-encryption-in-the-windows-control-panel.md b/mdop/mbam-v1/how-to-hide-default-bitlocker-encryption-in-the-windows-control-panel.md
index dbf5369cc9..43b5fda53f 100644
--- a/mdop/mbam-v1/how-to-hide-default-bitlocker-encryption-in-the-windows-control-panel.md
+++ b/mdop/mbam-v1/how-to-hide-default-bitlocker-encryption-in-the-windows-control-panel.md
@@ -1,7 +1,7 @@
---
title: How to Hide Default BitLocker Encryption in The Windows Control Panel
description: How to Hide Default BitLocker Encryption in The Windows Control Panel
-author: msfttracyp
+author: dansimp
ms.assetid: c8503743-220c-497c-9785-e2feeca484d6
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-install-and-configure-mbam-on-a-single-server-mbam-1.md b/mdop/mbam-v1/how-to-install-and-configure-mbam-on-a-single-server-mbam-1.md
index 178bb1e922..55e383c7ac 100644
--- a/mdop/mbam-v1/how-to-install-and-configure-mbam-on-a-single-server-mbam-1.md
+++ b/mdop/mbam-v1/how-to-install-and-configure-mbam-on-a-single-server-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Install and Configure MBAM on a Single Server
description: How to Install and Configure MBAM on a Single Server
-author: msfttracyp
+author: dansimp
ms.assetid: 55841c63-bad9-44e7-b7fd-ea7037febbd7
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-install-and-configure-mbam-on-distributed-servers-mbam-1.md b/mdop/mbam-v1/how-to-install-and-configure-mbam-on-distributed-servers-mbam-1.md
index 8415738e13..d58d1a28b7 100644
--- a/mdop/mbam-v1/how-to-install-and-configure-mbam-on-distributed-servers-mbam-1.md
+++ b/mdop/mbam-v1/how-to-install-and-configure-mbam-on-distributed-servers-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Install and Configure MBAM on Distributed Servers
description: How to Install and Configure MBAM on Distributed Servers
-author: msfttracyp
+author: dansimp
ms.assetid: 9ee766aa-6339-422a-8d00-4f58e4646a5e
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-install-the-mbam-10-group-policy-template.md b/mdop/mbam-v1/how-to-install-the-mbam-10-group-policy-template.md
index 9a47bce6c6..825cfe0c61 100644
--- a/mdop/mbam-v1/how-to-install-the-mbam-10-group-policy-template.md
+++ b/mdop/mbam-v1/how-to-install-the-mbam-10-group-policy-template.md
@@ -1,7 +1,7 @@
---
title: How to Install the MBAM 1.0 Group Policy Template
description: How to Install the MBAM 1.0 Group Policy Template
-author: msfttracyp
+author: dansimp
ms.assetid: 451a50b0-939c-47ad-9248-a138deade550
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-install-the-mbam-language-update-on-a-single-server-mbam-1.md b/mdop/mbam-v1/how-to-install-the-mbam-language-update-on-a-single-server-mbam-1.md
index 40aea24b1a..b425b9d9b2 100644
--- a/mdop/mbam-v1/how-to-install-the-mbam-language-update-on-a-single-server-mbam-1.md
+++ b/mdop/mbam-v1/how-to-install-the-mbam-language-update-on-a-single-server-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Install the MBAM Language Update on a Single Server
description: How to Install the MBAM Language Update on a Single Server
-author: msfttracyp
+author: dansimp
ms.assetid: e6fe59a3-a3e1-455c-a059-1f23ee083cf6
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-install-the-mbam-language-update-on-distributed-servers-mbam-1.md b/mdop/mbam-v1/how-to-install-the-mbam-language-update-on-distributed-servers-mbam-1.md
index 1043c5be7b..9c23418768 100644
--- a/mdop/mbam-v1/how-to-install-the-mbam-language-update-on-distributed-servers-mbam-1.md
+++ b/mdop/mbam-v1/how-to-install-the-mbam-language-update-on-distributed-servers-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Install the MBAM Language Update on Distributed Servers
description: How to Install the MBAM Language Update on Distributed Servers
-author: msfttracyp
+author: dansimp
ms.assetid: 5ddc64c6-0417-4a04-843e-b5e18d9f1a52
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-manage-computer-bitlocker-encryption-exemptions.md b/mdop/mbam-v1/how-to-manage-computer-bitlocker-encryption-exemptions.md
index 56b13e75d8..649d3d3719 100644
--- a/mdop/mbam-v1/how-to-manage-computer-bitlocker-encryption-exemptions.md
+++ b/mdop/mbam-v1/how-to-manage-computer-bitlocker-encryption-exemptions.md
@@ -1,7 +1,7 @@
---
title: How to Manage Computer BitLocker Encryption Exemptions
description: How to Manage Computer BitLocker Encryption Exemptions
-author: msfttracyp
+author: dansimp
ms.assetid: d4400a0d-b36b-4cf5-a294-1f53ec47f9ee
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-manage-hardware-compatibility-mbam-1.md b/mdop/mbam-v1/how-to-manage-hardware-compatibility-mbam-1.md
index 1ed110d24c..b429461024 100644
--- a/mdop/mbam-v1/how-to-manage-hardware-compatibility-mbam-1.md
+++ b/mdop/mbam-v1/how-to-manage-hardware-compatibility-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Manage Hardware Compatibility
description: How to Manage Hardware Compatibility
-author: msfttracyp
+author: dansimp
ms.assetid: c74b96b9-8161-49bc-b5bb-4838734e7df5
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-manage-mbam-administrator-roles-mbam-1.md b/mdop/mbam-v1/how-to-manage-mbam-administrator-roles-mbam-1.md
index 71eda0e490..7b1c2917a9 100644
--- a/mdop/mbam-v1/how-to-manage-mbam-administrator-roles-mbam-1.md
+++ b/mdop/mbam-v1/how-to-manage-mbam-administrator-roles-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Manage MBAM Administrator Roles
description: How to Manage MBAM Administrator Roles
-author: msfttracyp
+author: dansimp
ms.assetid: c0f25a42-dbff-418d-a776-4fe23ee07d16
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-manage-mbam-client-bitlocker-encryption-options-by-using-the-control-panel-mbam-1.md b/mdop/mbam-v1/how-to-manage-mbam-client-bitlocker-encryption-options-by-using-the-control-panel-mbam-1.md
index 6800cc91ac..40dd467712 100644
--- a/mdop/mbam-v1/how-to-manage-mbam-client-bitlocker-encryption-options-by-using-the-control-panel-mbam-1.md
+++ b/mdop/mbam-v1/how-to-manage-mbam-client-bitlocker-encryption-options-by-using-the-control-panel-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Manage MBAM Client BitLocker Encryption Options by Using the Control Panel
description: How to Manage MBAM Client BitLocker Encryption Options by Using the Control Panel
-author: msfttracyp
+author: dansimp
ms.assetid: c08077e1-5529-468f-9370-c3b33fc258f3
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-manage-user-bitlocker-encryption-exemptions-mbam-1.md b/mdop/mbam-v1/how-to-manage-user-bitlocker-encryption-exemptions-mbam-1.md
index 48e9ef2121..e280f83a10 100644
--- a/mdop/mbam-v1/how-to-manage-user-bitlocker-encryption-exemptions-mbam-1.md
+++ b/mdop/mbam-v1/how-to-manage-user-bitlocker-encryption-exemptions-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Manage User BitLocker Encryption Exemptions
description: How to Manage User BitLocker Encryption Exemptions
-author: msfttracyp
+author: dansimp
ms.assetid: 48d69721-504f-4524-8a04-b9ce213ac9b4
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-move-mbam-10-features-to-another-computer.md b/mdop/mbam-v1/how-to-move-mbam-10-features-to-another-computer.md
index 8da7ef40e8..437ed73081 100644
--- a/mdop/mbam-v1/how-to-move-mbam-10-features-to-another-computer.md
+++ b/mdop/mbam-v1/how-to-move-mbam-10-features-to-another-computer.md
@@ -1,7 +1,7 @@
---
title: How to Move MBAM 1.0 Features to Another Computer
description: How to Move MBAM 1.0 Features to Another Computer
-author: msfttracyp
+author: dansimp
ms.assetid: e1907d92-6b42-4ba3-b0e4-60a9cc8285cc
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-recover-a-corrupted-drive-mbam-1.md b/mdop/mbam-v1/how-to-recover-a-corrupted-drive-mbam-1.md
index 4205bfe3db..078be72832 100644
--- a/mdop/mbam-v1/how-to-recover-a-corrupted-drive-mbam-1.md
+++ b/mdop/mbam-v1/how-to-recover-a-corrupted-drive-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Recover a Corrupted Drive
description: How to Recover a Corrupted Drive
-author: msfttracyp
+author: dansimp
ms.assetid: 715491ae-69c0-4fae-ad3f-3bd19a0db2f2
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-recover-a-drive-in-recovery-mode-mbam-1.md b/mdop/mbam-v1/how-to-recover-a-drive-in-recovery-mode-mbam-1.md
index 0e4e67dfcd..4b15fb333a 100644
--- a/mdop/mbam-v1/how-to-recover-a-drive-in-recovery-mode-mbam-1.md
+++ b/mdop/mbam-v1/how-to-recover-a-drive-in-recovery-mode-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Recover a Drive in Recovery Mode
description: How to Recover a Drive in Recovery Mode
-author: msfttracyp
+author: dansimp
ms.assetid: 09d27e4b-57fa-47c7-a004-8b876a49f27e
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-recover-a-moved-drive-mbam-1.md b/mdop/mbam-v1/how-to-recover-a-moved-drive-mbam-1.md
index 6425bd6b12..849c17e122 100644
--- a/mdop/mbam-v1/how-to-recover-a-moved-drive-mbam-1.md
+++ b/mdop/mbam-v1/how-to-recover-a-moved-drive-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Recover a Moved Drive
description: How to Recover a Moved Drive
-author: msfttracyp
+author: dansimp
ms.assetid: 0c7199d8-9463-4f44-9af3-b70eceeaff1d
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/how-to-reset-a-tpm-lockout-mbam-1.md b/mdop/mbam-v1/how-to-reset-a-tpm-lockout-mbam-1.md
index 354f5be7d0..59b6761eb8 100644
--- a/mdop/mbam-v1/how-to-reset-a-tpm-lockout-mbam-1.md
+++ b/mdop/mbam-v1/how-to-reset-a-tpm-lockout-mbam-1.md
@@ -1,7 +1,7 @@
---
title: How to Reset a TPM Lockout
description: How to Reset a TPM Lockout
-author: msfttracyp
+author: dansimp
ms.assetid: 91ec6666-1ae2-4e76-9459-ad65c405f639
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/known-issues-in-the-mbam-international-release-mbam-1.md b/mdop/mbam-v1/known-issues-in-the-mbam-international-release-mbam-1.md
index 152ae6db90..60ea674d89 100644
--- a/mdop/mbam-v1/known-issues-in-the-mbam-international-release-mbam-1.md
+++ b/mdop/mbam-v1/known-issues-in-the-mbam-international-release-mbam-1.md
@@ -1,7 +1,7 @@
---
title: Known Issues in the MBAM International Release
description: Known Issues in the MBAM International Release
-author: msfttracyp
+author: dansimp
ms.assetid: bbf888dc-93c1-4323-b43c-0ded098e9b93
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/maintaining-mbam-10.md b/mdop/mbam-v1/maintaining-mbam-10.md
index 6cdfa7c140..08d3397021 100644
--- a/mdop/mbam-v1/maintaining-mbam-10.md
+++ b/mdop/mbam-v1/maintaining-mbam-10.md
@@ -1,7 +1,7 @@
---
title: Maintaining MBAM 1.0
description: Maintaining MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: 02ffb093-c364-4837-bbe8-23d4c09fbd3d
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/mbam-10-deployment-checklist.md b/mdop/mbam-v1/mbam-10-deployment-checklist.md
index 98918bcd19..78811c5868 100644
--- a/mdop/mbam-v1/mbam-10-deployment-checklist.md
+++ b/mdop/mbam-v1/mbam-10-deployment-checklist.md
@@ -1,7 +1,7 @@
---
title: MBAM 1.0 Deployment Checklist
description: MBAM 1.0 Deployment Checklist
-author: msfttracyp
+author: dansimp
ms.assetid: 7e00be23-36a0-4b0f-8663-3c4f2c71546d
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/mbam-10-deployment-prerequisites.md b/mdop/mbam-v1/mbam-10-deployment-prerequisites.md
index efefe73d4b..ffa50dd748 100644
--- a/mdop/mbam-v1/mbam-10-deployment-prerequisites.md
+++ b/mdop/mbam-v1/mbam-10-deployment-prerequisites.md
@@ -1,7 +1,7 @@
---
title: MBAM 1.0 Deployment Prerequisites
description: MBAM 1.0 Deployment Prerequisites
-author: msfttracyp
+author: dansimp
ms.assetid: bd9e1010-7d25-43e7-8dc6-b521226a659d
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/mbam-10-planning-checklist.md b/mdop/mbam-v1/mbam-10-planning-checklist.md
index f2ca3f0e3a..9517808983 100644
--- a/mdop/mbam-v1/mbam-10-planning-checklist.md
+++ b/mdop/mbam-v1/mbam-10-planning-checklist.md
@@ -1,7 +1,7 @@
---
title: MBAM 1.0 Planning Checklist
description: MBAM 1.0 Planning Checklist
-author: msfttracyp
+author: dansimp
ms.assetid: e9439f16-d68b-48ed-99ce-5949356b180b
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/mbam-10-supported-configurations.md b/mdop/mbam-v1/mbam-10-supported-configurations.md
index 71a4d85992..6b5599561b 100644
--- a/mdop/mbam-v1/mbam-10-supported-configurations.md
+++ b/mdop/mbam-v1/mbam-10-supported-configurations.md
@@ -1,7 +1,7 @@
---
title: MBAM 1.0 Supported Configurations
description: MBAM 1.0 Supported Configurations
-author: msfttracyp
+author: dansimp
ms.assetid: 1f5ac58e-6a3f-47df-8a9b-4b57631ab9ee
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/monitoring-and-reporting-bitlocker-compliance-with-mbam-10.md b/mdop/mbam-v1/monitoring-and-reporting-bitlocker-compliance-with-mbam-10.md
index e01d92edeb..1d1aacab0b 100644
--- a/mdop/mbam-v1/monitoring-and-reporting-bitlocker-compliance-with-mbam-10.md
+++ b/mdop/mbam-v1/monitoring-and-reporting-bitlocker-compliance-with-mbam-10.md
@@ -1,7 +1,7 @@
---
title: Monitoring and Reporting BitLocker Compliance with MBAM 1.0
description: Monitoring and Reporting BitLocker Compliance with MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: fb497d3f-ff33-4747-8e34-366440ee25c2
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/operations-for-mbam-10.md b/mdop/mbam-v1/operations-for-mbam-10.md
index 2c21229603..526fe9bdf5 100644
--- a/mdop/mbam-v1/operations-for-mbam-10.md
+++ b/mdop/mbam-v1/operations-for-mbam-10.md
@@ -1,7 +1,7 @@
---
title: Operations for MBAM 1.0
description: Operations for MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: 2c358fa1-4795-45ab-9316-02db4aaa6d5f
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/performing-bitlocker-management-with-mbam.md b/mdop/mbam-v1/performing-bitlocker-management-with-mbam.md
index 466a1cc867..b23666e4fb 100644
--- a/mdop/mbam-v1/performing-bitlocker-management-with-mbam.md
+++ b/mdop/mbam-v1/performing-bitlocker-management-with-mbam.md
@@ -1,7 +1,7 @@
---
title: Performing BitLocker Management with MBAM
description: Performing BitLocker Management with MBAM
-author: msfttracyp
+author: dansimp
ms.assetid: 2d24390a-87bf-48b3-96a9-3882d6f2a15c
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/planning-for-mbam-10-administrator-roles.md b/mdop/mbam-v1/planning-for-mbam-10-administrator-roles.md
index 14a19f6fde..72bae93ade 100644
--- a/mdop/mbam-v1/planning-for-mbam-10-administrator-roles.md
+++ b/mdop/mbam-v1/planning-for-mbam-10-administrator-roles.md
@@ -1,7 +1,7 @@
---
title: Planning for MBAM 1.0 Administrator Roles
description: Planning for MBAM 1.0 Administrator Roles
-author: msfttracyp
+author: dansimp
ms.assetid: 95be0eb4-25e9-43ca-a8e7-27373d35544d
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/planning-for-mbam-10-client-deployment.md b/mdop/mbam-v1/planning-for-mbam-10-client-deployment.md
index 2820bf86ad..d5195197e8 100644
--- a/mdop/mbam-v1/planning-for-mbam-10-client-deployment.md
+++ b/mdop/mbam-v1/planning-for-mbam-10-client-deployment.md
@@ -1,7 +1,7 @@
---
title: Planning for MBAM 1.0 Client Deployment
description: Planning for MBAM 1.0 Client Deployment
-author: msfttracyp
+author: dansimp
ms.assetid: 3af2e7f3-134b-4ab9-9847-b07474ca6ac3
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/planning-for-mbam-10-group-policy-requirements.md b/mdop/mbam-v1/planning-for-mbam-10-group-policy-requirements.md
index ce78024608..0c384ae2d6 100644
--- a/mdop/mbam-v1/planning-for-mbam-10-group-policy-requirements.md
+++ b/mdop/mbam-v1/planning-for-mbam-10-group-policy-requirements.md
@@ -1,7 +1,7 @@
---
title: Planning for MBAM 1.0 Group Policy Requirements
description: Planning for MBAM 1.0 Group Policy Requirements
-author: msfttracyp
+author: dansimp
ms.assetid: 0fc9c509-7850-4a8e-bb82-b949025bcb02
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/planning-for-mbam-10-server-deployment.md b/mdop/mbam-v1/planning-for-mbam-10-server-deployment.md
index e3fd8e1f24..b2e492d53c 100644
--- a/mdop/mbam-v1/planning-for-mbam-10-server-deployment.md
+++ b/mdop/mbam-v1/planning-for-mbam-10-server-deployment.md
@@ -1,7 +1,7 @@
---
title: Planning for MBAM 1.0 Server Deployment
description: Planning for MBAM 1.0 Server Deployment
-author: msfttracyp
+author: dansimp
ms.assetid: 3cbef284-3092-4c42-9234-2826b18ddef1
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/planning-for-mbam-10.md b/mdop/mbam-v1/planning-for-mbam-10.md
index 633e4048d0..74f3e52c47 100644
--- a/mdop/mbam-v1/planning-for-mbam-10.md
+++ b/mdop/mbam-v1/planning-for-mbam-10.md
@@ -1,7 +1,7 @@
---
title: Planning for MBAM 1.0
description: Planning for MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: d4e8a42f-2836-48c8-83c1-40bd58270e19
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/planning-to-deploy-mbam-10.md b/mdop/mbam-v1/planning-to-deploy-mbam-10.md
index 0fe94548e9..a140ac107e 100644
--- a/mdop/mbam-v1/planning-to-deploy-mbam-10.md
+++ b/mdop/mbam-v1/planning-to-deploy-mbam-10.md
@@ -1,7 +1,7 @@
---
title: Planning to Deploy MBAM 1.0
description: Planning to Deploy MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: 30ad4304-45c6-427d-8e33-ebe8053c7871
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/preparing-your-environment-for-mbam-10.md b/mdop/mbam-v1/preparing-your-environment-for-mbam-10.md
index 796672f8b3..e6f0d28e17 100644
--- a/mdop/mbam-v1/preparing-your-environment-for-mbam-10.md
+++ b/mdop/mbam-v1/preparing-your-environment-for-mbam-10.md
@@ -1,7 +1,7 @@
---
title: Preparing your Environment for MBAM 1.0
description: Preparing your Environment for MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: 915f7c3c-70ad-4a90-a434-73e7fba97ecb
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/privacy-statement-for-mbam-10.md b/mdop/mbam-v1/privacy-statement-for-mbam-10.md
index 53d2f37793..c270853e2b 100644
--- a/mdop/mbam-v1/privacy-statement-for-mbam-10.md
+++ b/mdop/mbam-v1/privacy-statement-for-mbam-10.md
@@ -1,7 +1,7 @@
---
title: Privacy Statement for MBAM 1.0
description: Privacy Statement for MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: db18cc93-a1c1-44da-a450-a5399a4427b9
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/release-notes-for-mbam-10.md b/mdop/mbam-v1/release-notes-for-mbam-10.md
index 9b9be836c6..aac64b73a3 100644
--- a/mdop/mbam-v1/release-notes-for-mbam-10.md
+++ b/mdop/mbam-v1/release-notes-for-mbam-10.md
@@ -1,7 +1,7 @@
---
title: Release Notes for MBAM 1.0
description: Release Notes for MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: d82fddde-c360-48ef-86a0-d9b5fe066861
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/security-and-privacy-for-mbam-10.md b/mdop/mbam-v1/security-and-privacy-for-mbam-10.md
index 9b8209c9d4..77f5bbac35 100644
--- a/mdop/mbam-v1/security-and-privacy-for-mbam-10.md
+++ b/mdop/mbam-v1/security-and-privacy-for-mbam-10.md
@@ -1,7 +1,7 @@
---
title: Security and Privacy for MBAM 1.0
description: Security and Privacy for MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: ba4497f1-b9e3-41be-8953-3637d1f83f01
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/security-considerations-for-mbam-10.md b/mdop/mbam-v1/security-considerations-for-mbam-10.md
index bcfe42f061..eff551a11c 100644
--- a/mdop/mbam-v1/security-considerations-for-mbam-10.md
+++ b/mdop/mbam-v1/security-considerations-for-mbam-10.md
@@ -1,7 +1,7 @@
---
title: Security Considerations for MBAM 1.0
description: Security Considerations for MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: 5e1c8b8c-235b-4a92-8b0b-da50dca17353
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/troubleshooting-mbam-10.md b/mdop/mbam-v1/troubleshooting-mbam-10.md
index 5a72af69f9..8fb6127377 100644
--- a/mdop/mbam-v1/troubleshooting-mbam-10.md
+++ b/mdop/mbam-v1/troubleshooting-mbam-10.md
@@ -1,7 +1,7 @@
---
title: Troubleshooting MBAM 1.0
description: Troubleshooting MBAM 1.0
-author: msfttracyp
+author: dansimp
ms.assetid: 7d47fbfe-51c0-4619-bed3-163dfd18cdec
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v1/understanding-mbam-reports-mbam-1.md b/mdop/mbam-v1/understanding-mbam-reports-mbam-1.md
index e6b066b08a..022175bb77 100644
--- a/mdop/mbam-v1/understanding-mbam-reports-mbam-1.md
+++ b/mdop/mbam-v1/understanding-mbam-reports-mbam-1.md
@@ -1,7 +1,7 @@
---
title: Understanding MBAM Reports
description: Understanding MBAM Reports
-author: msfttracyp
+author: dansimp
ms.assetid: 34e4aaeb-7f89-41a1-b816-c6fe8397b060
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/about-mbam-20-mbam-2.md b/mdop/mbam-v2/about-mbam-20-mbam-2.md
index f12cb7956f..397a35cb79 100644
--- a/mdop/mbam-v2/about-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/about-mbam-20-mbam-2.md
@@ -1,7 +1,7 @@
---
title: About MBAM 2.0
description: About MBAM 2.0
-author: msfttracyp
+author: dansimp
ms.assetid: b43a0ba9-1c83-4854-a2c5-14eea0070e36
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/about-mbam-20-sp1.md b/mdop/mbam-v2/about-mbam-20-sp1.md
index b5bf6aee5b..b0c981921e 100644
--- a/mdop/mbam-v2/about-mbam-20-sp1.md
+++ b/mdop/mbam-v2/about-mbam-20-sp1.md
@@ -1,7 +1,7 @@
---
title: About MBAM 2.0 SP1
description: About MBAM 2.0 SP1
-author: msfttracyp
+author: dansimp
ms.assetid: 5ba89ed8-bb6e-407b-82c2-e2e36dd1078e
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/about-the-computer-tpm-chip.md b/mdop/mbam-v2/about-the-computer-tpm-chip.md
index 053703ed72..6c54503317 100644
--- a/mdop/mbam-v2/about-the-computer-tpm-chip.md
+++ b/mdop/mbam-v2/about-the-computer-tpm-chip.md
@@ -1,7 +1,7 @@
---
title: About the Computer TPM Chip
description: About the Computer TPM Chip
-author: msfttracyp
+author: dansimp
ms.assetid: 6f1cf18c-277a-4932-886d-14202ca8d175
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/accessibility-for-mbam-20-mbam-2.md b/mdop/mbam-v2/accessibility-for-mbam-20-mbam-2.md
index d4ab5fa177..7add613c67 100644
--- a/mdop/mbam-v2/accessibility-for-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/accessibility-for-mbam-20-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Accessibility for MBAM 2.0
description: Accessibility for MBAM 2.0
-author: msfttracyp
+author: dansimp
ms.assetid: 9cd628f1-f594-43ab-8095-4663272940a9
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/administering-mbam-20-features-mbam-2.md b/mdop/mbam-v2/administering-mbam-20-features-mbam-2.md
index 8331189deb..7ee742c396 100644
--- a/mdop/mbam-v2/administering-mbam-20-features-mbam-2.md
+++ b/mdop/mbam-v2/administering-mbam-20-features-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Administering MBAM 2.0 Features
description: Administering MBAM 2.0 Features
-author: msfttracyp
+author: dansimp
ms.assetid: 065e0704-069e-4372-9b86-0b57dd7638dd
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/administering-mbam-20-using-powershell-mbam-2.md b/mdop/mbam-v2/administering-mbam-20-using-powershell-mbam-2.md
index cd4cc7364f..f43d38765a 100644
--- a/mdop/mbam-v2/administering-mbam-20-using-powershell-mbam-2.md
+++ b/mdop/mbam-v2/administering-mbam-20-using-powershell-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Administering MBAM 2.0 Using PowerShell
description: Administering MBAM 2.0 Using PowerShell
-author: msfttracyp
+author: dansimp
ms.assetid: d785a8df-0a8c-4d70-abd2-93a762b4f3de
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/create-or-edit-the-sms-defmof-file.md b/mdop/mbam-v2/create-or-edit-the-sms-defmof-file.md
index 1ce8e1b6f2..744345ad5d 100644
--- a/mdop/mbam-v2/create-or-edit-the-sms-defmof-file.md
+++ b/mdop/mbam-v2/create-or-edit-the-sms-defmof-file.md
@@ -1,7 +1,7 @@
---
title: Create or Edit the Sms\_def.mof File
description: Create or Edit the Sms\_def.mof File
-author: msfttracyp
+author: dansimp
ms.assetid: d1747e43-484e-4031-a63b-6342fe588aa2
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/deploying-mbam-20-group-policy-objects-mbam-2.md b/mdop/mbam-v2/deploying-mbam-20-group-policy-objects-mbam-2.md
index a117c6af21..4b3e88d612 100644
--- a/mdop/mbam-v2/deploying-mbam-20-group-policy-objects-mbam-2.md
+++ b/mdop/mbam-v2/deploying-mbam-20-group-policy-objects-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Deploying MBAM 2.0 Group Policy Objects
description: Deploying MBAM 2.0 Group Policy Objects
-author: msfttracyp
+author: dansimp
ms.assetid: f17f3897-73ab-431b-a6ec-5a6cff9f279a
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/deploying-mbam-20-mbam-2.md b/mdop/mbam-v2/deploying-mbam-20-mbam-2.md
index 3123a95e40..80dc366d32 100644
--- a/mdop/mbam-v2/deploying-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/deploying-mbam-20-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Deploying MBAM 2.0
description: Deploying MBAM 2.0
-author: msfttracyp
+author: dansimp
ms.assetid: 4b0eaf10-81b4-427e-9d43-eb833de935a3
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/deploying-mbam-with-configuration-manager-mbam2.md b/mdop/mbam-v2/deploying-mbam-with-configuration-manager-mbam2.md
index b7254c63e3..1c67a9c241 100644
--- a/mdop/mbam-v2/deploying-mbam-with-configuration-manager-mbam2.md
+++ b/mdop/mbam-v2/deploying-mbam-with-configuration-manager-mbam2.md
@@ -1,7 +1,7 @@
---
title: Deploying MBAM with Configuration Manager
description: Deploying MBAM with Configuration Manager
-author: msfttracyp
+author: dansimp
ms.assetid: 89d03e29-457a-471d-b893-e0b74a83ec50
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/deploying-the-mbam-20-client-mbam-2.md b/mdop/mbam-v2/deploying-the-mbam-20-client-mbam-2.md
index ab113f1153..aec7e23b95 100644
--- a/mdop/mbam-v2/deploying-the-mbam-20-client-mbam-2.md
+++ b/mdop/mbam-v2/deploying-the-mbam-20-client-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Deploying the MBAM 2.0 Client
description: Deploying the MBAM 2.0 Client
-author: msfttracyp
+author: dansimp
ms.assetid: 3dd584fe-2a54-40f0-9bab-13ea74040b01
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/deploying-the-mbam-20-server-infrastructure-mbam-2.md b/mdop/mbam-v2/deploying-the-mbam-20-server-infrastructure-mbam-2.md
index 1b8e0bec49..92009c59e2 100644
--- a/mdop/mbam-v2/deploying-the-mbam-20-server-infrastructure-mbam-2.md
+++ b/mdop/mbam-v2/deploying-the-mbam-20-server-infrastructure-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Deploying the MBAM 2.0 Server Infrastructure
description: Deploying the MBAM 2.0 Server Infrastructure
-author: msfttracyp
+author: dansimp
ms.assetid: 52e68d94-e2b4-4b06-ae55-f900ea6cc59f
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/edit-the-configurationmof-file.md b/mdop/mbam-v2/edit-the-configurationmof-file.md
index 09e536028a..ac93e6c000 100644
--- a/mdop/mbam-v2/edit-the-configurationmof-file.md
+++ b/mdop/mbam-v2/edit-the-configurationmof-file.md
@@ -1,7 +1,7 @@
---
title: Edit the Configuration.mof File
description: Edit the Configuration.mof File
-author: msfttracyp
+author: dansimp
ms.assetid: 23e50ec9-4083-4b12-ad96-626cf30960bb
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/evaluating-mbam-20-mbam-2.md b/mdop/mbam-v2/evaluating-mbam-20-mbam-2.md
index 6499e380e6..40d947f55d 100644
--- a/mdop/mbam-v2/evaluating-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/evaluating-mbam-20-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Evaluating MBAM 2.0
description: Evaluating MBAM 2.0
-author: msfttracyp
+author: dansimp
ms.assetid: bfc77eec-0fd7-4fec-9c78-6870afa87152
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/getting-started---using-mbam-with-configuration-manager.md b/mdop/mbam-v2/getting-started---using-mbam-with-configuration-manager.md
index 9e4092ead8..5b542f196a 100644
--- a/mdop/mbam-v2/getting-started---using-mbam-with-configuration-manager.md
+++ b/mdop/mbam-v2/getting-started---using-mbam-with-configuration-manager.md
@@ -1,7 +1,7 @@
---
title: Getting Started - Using MBAM with Configuration Manager
description: Getting Started - Using MBAM with Configuration Manager
-author: msfttracyp
+author: dansimp
ms.assetid: b0a1d3cc-0b01-4b69-a2cd-fd09fb3beda4
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/getting-started-with-mbam-20-mbam-2.md b/mdop/mbam-v2/getting-started-with-mbam-20-mbam-2.md
index bfbd547d4b..625e1ee26f 100644
--- a/mdop/mbam-v2/getting-started-with-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/getting-started-with-mbam-20-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Getting Started with MBAM 2.0
description: Getting Started with MBAM 2.0
-author: msfttracyp
+author: dansimp
ms.assetid: 29f5c9af-5bbf-4d37-aa0f-0716046904af
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/helping-end-users-manage-bitlocker.md b/mdop/mbam-v2/helping-end-users-manage-bitlocker.md
index 72286236c4..b3623cb9aa 100644
--- a/mdop/mbam-v2/helping-end-users-manage-bitlocker.md
+++ b/mdop/mbam-v2/helping-end-users-manage-bitlocker.md
@@ -1,7 +1,7 @@
---
title: Helping End Users Manage BitLocker
description: Helping End Users Manage BitLocker
-author: msfttracyp
+author: dansimp
ms.assetid: 47776fb3-2d94-4970-b687-c35ec3dd6c64
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/high-availability-for-mbam-20-mbam-2.md b/mdop/mbam-v2/high-availability-for-mbam-20-mbam-2.md
index 21008d0070..a4caa36571 100644
--- a/mdop/mbam-v2/high-availability-for-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/high-availability-for-mbam-20-mbam-2.md
@@ -1,7 +1,7 @@
---
title: High Availability for MBAM 2.0
description: High Availability for MBAM 2.0
-author: msfttracyp
+author: dansimp
ms.assetid: 244ee013-9e2a-48d2-b842-4e10594fd74f
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/high-level-architecture-for-mbam-20-mbam-2.md b/mdop/mbam-v2/high-level-architecture-for-mbam-20-mbam-2.md
index 105afce636..27e1c2e644 100644
--- a/mdop/mbam-v2/high-level-architecture-for-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/high-level-architecture-for-mbam-20-mbam-2.md
@@ -1,7 +1,7 @@
---
title: High-Level Architecture for MBAM 2.0
description: High-Level Architecture for MBAM 2.0
-author: msfttracyp
+author: dansimp
ms.assetid: 7f73dd3a-0b1f-4af6-a2f0-d0c5bc5d183a
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-brand-the-self-service-portal.md b/mdop/mbam-v2/how-to-brand-the-self-service-portal.md
index fadf286056..f43a97e8c6 100644
--- a/mdop/mbam-v2/how-to-brand-the-self-service-portal.md
+++ b/mdop/mbam-v2/how-to-brand-the-self-service-portal.md
@@ -1,7 +1,7 @@
---
title: How to Brand the Self-Service Portal
description: How to Brand the Self-Service Portal
-author: msfttracyp
+author: dansimp
ms.assetid: 3ef9e951-7c42-4f7f-b131-3765d39b3207
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-create-or-edit-the-mof-files.md b/mdop/mbam-v2/how-to-create-or-edit-the-mof-files.md
index 4797ce3bfb..b47d44cf1c 100644
--- a/mdop/mbam-v2/how-to-create-or-edit-the-mof-files.md
+++ b/mdop/mbam-v2/how-to-create-or-edit-the-mof-files.md
@@ -1,7 +1,7 @@
---
title: How to Create or Edit the mof Files
description: How to Create or Edit the mof Files
-author: msfttracyp
+author: dansimp
ms.assetid: 4d19d707-b90f-4057-a6e9-e4221a607190
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-deploy-the-mbam-client-as-part-of-a-windows-deployment-mbam-2.md b/mdop/mbam-v2/how-to-deploy-the-mbam-client-as-part-of-a-windows-deployment-mbam-2.md
index 10ff64c8e7..10910254bf 100644
--- a/mdop/mbam-v2/how-to-deploy-the-mbam-client-as-part-of-a-windows-deployment-mbam-2.md
+++ b/mdop/mbam-v2/how-to-deploy-the-mbam-client-as-part-of-a-windows-deployment-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Deploy the MBAM Client as Part of a Windows Deployment
description: How to Deploy the MBAM Client as Part of a Windows Deployment
-author: msfttracyp
+author: dansimp
ms.assetid: 67387de7-8b02-4412-9850-3b8d8e5c18af
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-deploy-the-mbam-client-to-desktop-or-laptop-computers-mbam-2.md b/mdop/mbam-v2/how-to-deploy-the-mbam-client-to-desktop-or-laptop-computers-mbam-2.md
index 85cef41291..47593de55a 100644
--- a/mdop/mbam-v2/how-to-deploy-the-mbam-client-to-desktop-or-laptop-computers-mbam-2.md
+++ b/mdop/mbam-v2/how-to-deploy-the-mbam-client-to-desktop-or-laptop-computers-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Deploy the MBAM Client to Desktop or Laptop Computers
description: How to Deploy the MBAM Client to Desktop or Laptop Computers
-author: msfttracyp
+author: dansimp
ms.assetid: 56744922-bfdd-48f6-ae01-645ff53b64a8
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-determine-bitlocker-encryption-state-of-lost-computers-mbam-2.md b/mdop/mbam-v2/how-to-determine-bitlocker-encryption-state-of-lost-computers-mbam-2.md
index 5d87de60b6..bb42e53b57 100644
--- a/mdop/mbam-v2/how-to-determine-bitlocker-encryption-state-of-lost-computers-mbam-2.md
+++ b/mdop/mbam-v2/how-to-determine-bitlocker-encryption-state-of-lost-computers-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Determine BitLocker Encryption State of Lost Computers
description: How to Determine BitLocker Encryption State of Lost Computers
-author: msfttracyp
+author: dansimp
ms.assetid: dbd23b64-dff3-4913-9acd-affe67b9462e
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-edit-mbam-20-gpo-settings-mbam-2.md b/mdop/mbam-v2/how-to-edit-mbam-20-gpo-settings-mbam-2.md
index 183ffd7a51..6e2e8a86b9 100644
--- a/mdop/mbam-v2/how-to-edit-mbam-20-gpo-settings-mbam-2.md
+++ b/mdop/mbam-v2/how-to-edit-mbam-20-gpo-settings-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Edit MBAM 2.0 GPO Settings
description: How to Edit MBAM 2.0 GPO Settings
-author: msfttracyp
+author: dansimp
ms.assetid: f5ffa93d-b4d2-4317-8a1c-7d2be0264fe3
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-generate-mbam-reports-mbam-2.md b/mdop/mbam-v2/how-to-generate-mbam-reports-mbam-2.md
index 8f124cd31e..f316734c05 100644
--- a/mdop/mbam-v2/how-to-generate-mbam-reports-mbam-2.md
+++ b/mdop/mbam-v2/how-to-generate-mbam-reports-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Generate MBAM Reports
description: How to Generate MBAM Reports
-author: msfttracyp
+author: dansimp
ms.assetid: 083550cb-8c3f-49b3-a30e-97d85374d2f4
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-hide-default-bitlocker-encryption-in-the-windows-control-panel-mbam-2.md b/mdop/mbam-v2/how-to-hide-default-bitlocker-encryption-in-the-windows-control-panel-mbam-2.md
index 0371722265..38f047024f 100644
--- a/mdop/mbam-v2/how-to-hide-default-bitlocker-encryption-in-the-windows-control-panel-mbam-2.md
+++ b/mdop/mbam-v2/how-to-hide-default-bitlocker-encryption-in-the-windows-control-panel-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Hide Default BitLocker Encryption in the Windows Control Panel
description: How to Hide Default BitLocker Encryption in the Windows Control Panel
-author: msfttracyp
+author: dansimp
ms.assetid: 6674aa51-2b5d-4e4a-8b43-2cc18d008285
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-install-and-configure-mbam-on-a-single-server-mbam-2.md b/mdop/mbam-v2/how-to-install-and-configure-mbam-on-a-single-server-mbam-2.md
index a9475663df..27958ae9ea 100644
--- a/mdop/mbam-v2/how-to-install-and-configure-mbam-on-a-single-server-mbam-2.md
+++ b/mdop/mbam-v2/how-to-install-and-configure-mbam-on-a-single-server-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Install and Configure MBAM on a Single Server
description: How to Install and Configure MBAM on a Single Server
-author: msfttracyp
+author: dansimp
ms.assetid: 45e6a012-6c8c-4d90-902c-d09de9a0cbea
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-install-and-configure-mbam-on-distributed-servers-mbam-2.md b/mdop/mbam-v2/how-to-install-and-configure-mbam-on-distributed-servers-mbam-2.md
index 4a108246e2..1d8a7e2c2f 100644
--- a/mdop/mbam-v2/how-to-install-and-configure-mbam-on-distributed-servers-mbam-2.md
+++ b/mdop/mbam-v2/how-to-install-and-configure-mbam-on-distributed-servers-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Install and Configure MBAM on Distributed Servers
description: How to Install and Configure MBAM on Distributed Servers
-author: msfttracyp
+author: dansimp
ms.assetid: 67b91e6b-ae2e-4e47-9ef2-6819aba95976
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-install-mbam-with-configuration-manager.md b/mdop/mbam-v2/how-to-install-mbam-with-configuration-manager.md
index 6ada7f3b2f..c68683c237 100644
--- a/mdop/mbam-v2/how-to-install-mbam-with-configuration-manager.md
+++ b/mdop/mbam-v2/how-to-install-mbam-with-configuration-manager.md
@@ -1,7 +1,7 @@
---
title: How to Install MBAM with Configuration Manager
description: How to Install MBAM with Configuration Manager
-author: msfttracyp
+author: dansimp
ms.assetid: fd0832e4-3b79-4e56-9550-d2f396be6d09
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-install-the-mbam-20-group-policy-template-mbam-2.md b/mdop/mbam-v2/how-to-install-the-mbam-20-group-policy-template-mbam-2.md
index d69f082425..d8632fcd91 100644
--- a/mdop/mbam-v2/how-to-install-the-mbam-20-group-policy-template-mbam-2.md
+++ b/mdop/mbam-v2/how-to-install-the-mbam-20-group-policy-template-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Install the MBAM 2.0 Group Policy Template
description: How to Install the MBAM 2.0 Group Policy Template
-author: msfttracyp
+author: dansimp
ms.assetid: bc193232-d060-4285-842e-d194a74dd3c9
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-manage-mbam-administrator-roles-mbam-2.md b/mdop/mbam-v2/how-to-manage-mbam-administrator-roles-mbam-2.md
index 8b70578b3a..a7e9b0e7ac 100644
--- a/mdop/mbam-v2/how-to-manage-mbam-administrator-roles-mbam-2.md
+++ b/mdop/mbam-v2/how-to-manage-mbam-administrator-roles-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Manage MBAM Administrator Roles
description: How to Manage MBAM Administrator Roles
-author: msfttracyp
+author: dansimp
ms.assetid: 813ac0c4-3cf9-47af-b4cb-9395fd915e5c
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-manage-mbam-client-bitlocker-encryption-options-by-using-the-control-panel-mbam-2.md b/mdop/mbam-v2/how-to-manage-mbam-client-bitlocker-encryption-options-by-using-the-control-panel-mbam-2.md
index 93609c42c5..5f83c9dd0d 100644
--- a/mdop/mbam-v2/how-to-manage-mbam-client-bitlocker-encryption-options-by-using-the-control-panel-mbam-2.md
+++ b/mdop/mbam-v2/how-to-manage-mbam-client-bitlocker-encryption-options-by-using-the-control-panel-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Manage MBAM Client BitLocker Encryption Options by Using the Control Panel
description: How to Manage MBAM Client BitLocker Encryption Options by Using the Control Panel
-author: msfttracyp
+author: dansimp
ms.assetid: e2ff153e-5770-4a12-b79d-cda998b8a8ab
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-manage-user-bitlocker-encryption-exemptions-mbam-2.md b/mdop/mbam-v2/how-to-manage-user-bitlocker-encryption-exemptions-mbam-2.md
index 94028e58e1..e518a674e4 100644
--- a/mdop/mbam-v2/how-to-manage-user-bitlocker-encryption-exemptions-mbam-2.md
+++ b/mdop/mbam-v2/how-to-manage-user-bitlocker-encryption-exemptions-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Manage User BitLocker Encryption Exemptions
description: How to Manage User BitLocker Encryption Exemptions
-author: msfttracyp
+author: dansimp
ms.assetid: 1bfd9d66-6a9a-4d0e-b54a-e5a6627f5ada
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-move-mbam-20-features-to-another-computer-mbam-2.md b/mdop/mbam-v2/how-to-move-mbam-20-features-to-another-computer-mbam-2.md
index bdffa741a7..ed20b6e810 100644
--- a/mdop/mbam-v2/how-to-move-mbam-20-features-to-another-computer-mbam-2.md
+++ b/mdop/mbam-v2/how-to-move-mbam-20-features-to-another-computer-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Move MBAM 2.0 Features to Another Computer
description: How to Move MBAM 2.0 Features to Another Computer
-author: msfttracyp
+author: dansimp
ms.assetid: 49bc0792-60a4-473f-89cc-ada30191e04a
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-recover-a-corrupted-drive-mbam-2.md b/mdop/mbam-v2/how-to-recover-a-corrupted-drive-mbam-2.md
index 47c7f9cf92..127ccb9fb5 100644
--- a/mdop/mbam-v2/how-to-recover-a-corrupted-drive-mbam-2.md
+++ b/mdop/mbam-v2/how-to-recover-a-corrupted-drive-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Recover a Corrupted Drive
description: How to Recover a Corrupted Drive
-author: msfttracyp
+author: dansimp
ms.assetid: b0457a00-f72e-4ad8-ab3b-7701851ca87e
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-recover-a-drive-in-recovery-mode-mbam-2.md b/mdop/mbam-v2/how-to-recover-a-drive-in-recovery-mode-mbam-2.md
index 3ba78dbcad..829e609d9a 100644
--- a/mdop/mbam-v2/how-to-recover-a-drive-in-recovery-mode-mbam-2.md
+++ b/mdop/mbam-v2/how-to-recover-a-drive-in-recovery-mode-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Recover a Drive in Recovery Mode
description: How to Recover a Drive in Recovery Mode
-author: msfttracyp
+author: dansimp
ms.assetid: 8b792bc8-b671-4345-9d37-0208db3e5b03
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-recover-a-moved-drive-mbam-2.md b/mdop/mbam-v2/how-to-recover-a-moved-drive-mbam-2.md
index 0702c3658e..ca34602795 100644
--- a/mdop/mbam-v2/how-to-recover-a-moved-drive-mbam-2.md
+++ b/mdop/mbam-v2/how-to-recover-a-moved-drive-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Recover a Moved Drive
description: How to Recover a Moved Drive
-author: msfttracyp
+author: dansimp
ms.assetid: 697cd78d-962c-411e-901a-2e9220ba6552
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-reset-a-tpm-lockout-mbam-2.md b/mdop/mbam-v2/how-to-reset-a-tpm-lockout-mbam-2.md
index 09f2ccc21e..2cbe850d58 100644
--- a/mdop/mbam-v2/how-to-reset-a-tpm-lockout-mbam-2.md
+++ b/mdop/mbam-v2/how-to-reset-a-tpm-lockout-mbam-2.md
@@ -1,7 +1,7 @@
---
title: How to Reset a TPM Lockout
description: How to Reset a TPM Lockout
-author: msfttracyp
+author: dansimp
ms.assetid: 20719ab2-18ae-4d3b-989a-539341909816
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-use-a-command-line-to-install-the-mbam-client.md b/mdop/mbam-v2/how-to-use-a-command-line-to-install-the-mbam-client.md
index b9de2465f0..a0f768a971 100644
--- a/mdop/mbam-v2/how-to-use-a-command-line-to-install-the-mbam-client.md
+++ b/mdop/mbam-v2/how-to-use-a-command-line-to-install-the-mbam-client.md
@@ -1,7 +1,7 @@
---
title: How to Use a Command Line to Install the MBAM Client
description: How to Use a Command Line to Install the MBAM Client
-author: msfttracyp
+author: dansimp
ms.assetid: 4dc8f944-c2fd-4d89-aed6-e9dc77de3ae4
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-use-a-command-line-to-install-the-mbam-server.md b/mdop/mbam-v2/how-to-use-a-command-line-to-install-the-mbam-server.md
index 146fdd3729..3382609997 100644
--- a/mdop/mbam-v2/how-to-use-a-command-line-to-install-the-mbam-server.md
+++ b/mdop/mbam-v2/how-to-use-a-command-line-to-install-the-mbam-server.md
@@ -1,7 +1,7 @@
---
title: How to Use a Command Line to Install the MBAM Server
description: How to Use a Command Line to Install the MBAM Server
-author: msfttracyp
+author: dansimp
ms.assetid: 6ffc6d41-a793-42c2-b997-95ba47550648
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-use-the-help-desk-portal.md b/mdop/mbam-v2/how-to-use-the-help-desk-portal.md
index 1d863d9452..f072447022 100644
--- a/mdop/mbam-v2/how-to-use-the-help-desk-portal.md
+++ b/mdop/mbam-v2/how-to-use-the-help-desk-portal.md
@@ -1,7 +1,7 @@
---
title: How to Use the Help Desk Portal
description: How to Use the Help Desk Portal
-author: msfttracyp
+author: dansimp
ms.assetid: c27f7737-10c8-4164-9de8-57987292c89c
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-use-the-self-service-portal-to-regain-access-to-a-computer.md b/mdop/mbam-v2/how-to-use-the-self-service-portal-to-regain-access-to-a-computer.md
index 34f203bd9c..26c119c021 100644
--- a/mdop/mbam-v2/how-to-use-the-self-service-portal-to-regain-access-to-a-computer.md
+++ b/mdop/mbam-v2/how-to-use-the-self-service-portal-to-regain-access-to-a-computer.md
@@ -1,7 +1,7 @@
---
title: How to Use the Self-Service Portal to Regain Access to a Computer
description: How to Use the Self-Service Portal to Regain Access to a Computer
-author: msfttracyp
+author: dansimp
ms.assetid: bcf095de-0237-4bb0-b450-da8fb6d6f3d0
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/how-to-validate-the-mbam-installation-with-configuration-manager.md b/mdop/mbam-v2/how-to-validate-the-mbam-installation-with-configuration-manager.md
index 7c89b836a2..841a83a734 100644
--- a/mdop/mbam-v2/how-to-validate-the-mbam-installation-with-configuration-manager.md
+++ b/mdop/mbam-v2/how-to-validate-the-mbam-installation-with-configuration-manager.md
@@ -1,7 +1,7 @@
---
title: How to Validate the MBAM Installation with Configuration Manager
description: How to Validate the MBAM Installation with Configuration Manager
-author: msfttracyp
+author: dansimp
ms.assetid: 8e268539-91c3-4e8a-baae-faf3605da818
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/maintaining-mbam-20-mbam-2.md b/mdop/mbam-v2/maintaining-mbam-20-mbam-2.md
index 382a0458c3..aa1bef762a 100644
--- a/mdop/mbam-v2/maintaining-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/maintaining-mbam-20-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Maintaining MBAM 2.0
description: Maintaining MBAM 2.0
-author: msfttracyp
+author: dansimp
ms.assetid: 6479e093-840d-45d5-b759-1179aeeeefeb
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/mbam-20-deployment-checklist-mbam-2.md b/mdop/mbam-v2/mbam-20-deployment-checklist-mbam-2.md
index 3cdb1e8d9b..8741f7ce42 100644
--- a/mdop/mbam-v2/mbam-20-deployment-checklist-mbam-2.md
+++ b/mdop/mbam-v2/mbam-20-deployment-checklist-mbam-2.md
@@ -1,7 +1,7 @@
---
title: MBAM 2.0 Deployment Checklist
description: MBAM 2.0 Deployment Checklist
-author: msfttracyp
+author: dansimp
ms.assetid: 7905d31d-f21c-4683-b9c4-95b815e08fab
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/mbam-20-deployment-prerequisites-mbam-2.md b/mdop/mbam-v2/mbam-20-deployment-prerequisites-mbam-2.md
index f74d87fc3e..ed8e98f02c 100644
--- a/mdop/mbam-v2/mbam-20-deployment-prerequisites-mbam-2.md
+++ b/mdop/mbam-v2/mbam-20-deployment-prerequisites-mbam-2.md
@@ -1,7 +1,7 @@
---
title: MBAM 2.0 Deployment Prerequisites
description: MBAM 2.0 Deployment Prerequisites
-author: msfttracyp
+author: dansimp
ms.assetid: 57d1c2bb-5ea3-457e-badd-dd9206ff0f20
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/mbam-20-planning-checklist-mbam-2.md b/mdop/mbam-v2/mbam-20-planning-checklist-mbam-2.md
index 5b07a90aff..15ae83bc2e 100644
--- a/mdop/mbam-v2/mbam-20-planning-checklist-mbam-2.md
+++ b/mdop/mbam-v2/mbam-20-planning-checklist-mbam-2.md
@@ -1,7 +1,7 @@
---
title: MBAM 2.0 Planning Checklist
description: MBAM 2.0 Planning Checklist
-author: msfttracyp
+author: dansimp
ms.assetid: 16b27c27-5f5e-41e2-b526-89a036672fb8
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md b/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md
index ca24661fe9..85ede65e94 100644
--- a/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md
+++ b/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md
@@ -1,7 +1,7 @@
---
title: MBAM 2.0 Privacy Statement
description: MBAM 2.0 Privacy Statement
-author: msfttracyp
+author: dansimp
ms.assetid: fce72ad4-a837-4d17-8d3b-4d93f1a399be
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/mbam-20-security-considerations-mbam-2.md b/mdop/mbam-v2/mbam-20-security-considerations-mbam-2.md
index 61fa70e2f9..a6dcc8f87e 100644
--- a/mdop/mbam-v2/mbam-20-security-considerations-mbam-2.md
+++ b/mdop/mbam-v2/mbam-20-security-considerations-mbam-2.md
@@ -1,7 +1,7 @@
---
title: MBAM 2.0 Security Considerations
description: MBAM 2.0 Security Considerations
-author: msfttracyp
+author: dansimp
ms.assetid: 0aa5c6e2-d92c-4e30-9f6a-b48abb667ae5
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/mbam-20-supported-configurations-mbam-2.md b/mdop/mbam-v2/mbam-20-supported-configurations-mbam-2.md
index 926638dfd3..8d160e3e80 100644
--- a/mdop/mbam-v2/mbam-20-supported-configurations-mbam-2.md
+++ b/mdop/mbam-v2/mbam-20-supported-configurations-mbam-2.md
@@ -1,7 +1,7 @@
---
title: MBAM 2.0 Supported Configurations
description: MBAM 2.0 Supported Configurations
-author: msfttracyp
+author: dansimp
ms.assetid: dca63391-39fe-4273-a570-76d0a2f8a0fd
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/monitoring-and-reporting-bitlocker-compliance-with-mbam-20-mbam-2.md b/mdop/mbam-v2/monitoring-and-reporting-bitlocker-compliance-with-mbam-20-mbam-2.md
index d4b80cfd3e..5e116a6f1f 100644
--- a/mdop/mbam-v2/monitoring-and-reporting-bitlocker-compliance-with-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/monitoring-and-reporting-bitlocker-compliance-with-mbam-20-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Monitoring and Reporting BitLocker Compliance with MBAM 2.0
description: Monitoring and Reporting BitLocker Compliance with MBAM 2.0
-author: msfttracyp
+author: dansimp
ms.assetid: 0b9ba701-0aad-4e16-9b32-73d358047ccc
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/operations-for-mbam-20-mbam-2.md b/mdop/mbam-v2/operations-for-mbam-20-mbam-2.md
index 34efacc60e..1e1be481f3 100644
--- a/mdop/mbam-v2/operations-for-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/operations-for-mbam-20-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Operations for MBAM 2.0
description: Operations for MBAM 2.0
-author: msfttracyp
+author: dansimp
ms.assetid: ece72016-4ffa-48df-8c12-1e442ee9e980
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/performing-bitlocker-management-with-mbam-mbam-2.md b/mdop/mbam-v2/performing-bitlocker-management-with-mbam-mbam-2.md
index 5c2ed7373f..11954b890c 100644
--- a/mdop/mbam-v2/performing-bitlocker-management-with-mbam-mbam-2.md
+++ b/mdop/mbam-v2/performing-bitlocker-management-with-mbam-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Performing BitLocker Management with MBAM
description: Performing BitLocker Management with MBAM
-author: msfttracyp
+author: dansimp
ms.assetid: 9bfc6c67-f12c-4daa-8f08-5884fb47443c
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/planning-for-mbam-20-administrator-roles-mbam-2.md b/mdop/mbam-v2/planning-for-mbam-20-administrator-roles-mbam-2.md
index 092ae557f4..1e07104cc4 100644
--- a/mdop/mbam-v2/planning-for-mbam-20-administrator-roles-mbam-2.md
+++ b/mdop/mbam-v2/planning-for-mbam-20-administrator-roles-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Planning for MBAM 2.0 Administrator Roles
description: Planning for MBAM 2.0 Administrator Roles
-author: msfttracyp
+author: dansimp
ms.assetid: 6f813297-6479-42d3-a21b-896d54466b5b
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/planning-for-mbam-20-client-deployment-mbam-2.md b/mdop/mbam-v2/planning-for-mbam-20-client-deployment-mbam-2.md
index 61c41aee4a..b2cf23cc63 100644
--- a/mdop/mbam-v2/planning-for-mbam-20-client-deployment-mbam-2.md
+++ b/mdop/mbam-v2/planning-for-mbam-20-client-deployment-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Planning for MBAM 2.0 Client Deployment
description: Planning for MBAM 2.0 Client Deployment
-author: msfttracyp
+author: dansimp
ms.assetid: 3a92cf29-092f-4cad-bdfa-d5f6aafe554b
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/planning-for-mbam-20-group-policy-requirements-mbam-2.md b/mdop/mbam-v2/planning-for-mbam-20-group-policy-requirements-mbam-2.md
index 64b9b557da..ab9342bf18 100644
--- a/mdop/mbam-v2/planning-for-mbam-20-group-policy-requirements-mbam-2.md
+++ b/mdop/mbam-v2/planning-for-mbam-20-group-policy-requirements-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Planning for MBAM 2.0 Group Policy Requirements
description: Planning for MBAM 2.0 Group Policy Requirements
-author: msfttracyp
+author: dansimp
ms.assetid: f5e19dcb-eb15-4722-bb71-0734b3799eb8
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/planning-for-mbam-20-mbam-2.md b/mdop/mbam-v2/planning-for-mbam-20-mbam-2.md
index 49f97005ab..db0c53f609 100644
--- a/mdop/mbam-v2/planning-for-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/planning-for-mbam-20-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Planning for MBAM 2.0
description: Planning for MBAM 2.0
-author: msfttracyp
+author: dansimp
ms.assetid: 1206bd18-05ea-4ca8-9362-07e512503c3f
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/planning-for-mbam-20-server-deployment-mbam-2.md b/mdop/mbam-v2/planning-for-mbam-20-server-deployment-mbam-2.md
index 63dda787ef..70970945e1 100644
--- a/mdop/mbam-v2/planning-for-mbam-20-server-deployment-mbam-2.md
+++ b/mdop/mbam-v2/planning-for-mbam-20-server-deployment-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Planning for MBAM 2.0 Server Deployment
description: Planning for MBAM 2.0 Server Deployment
-author: msfttracyp
+author: dansimp
ms.assetid: b57f1a42-134f-4997-8697-7fbed08e2fc4
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/planning-to-deploy-mbam-20-mbam-2.md b/mdop/mbam-v2/planning-to-deploy-mbam-20-mbam-2.md
index 58205559b9..e580efcc33 100644
--- a/mdop/mbam-v2/planning-to-deploy-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/planning-to-deploy-mbam-20-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Planning to Deploy MBAM 2.0
description: Planning to Deploy MBAM 2.0
-author: msfttracyp
+author: dansimp
ms.assetid: 2dc05fcd-aed9-4315-aeaf-92aaa9e0e955
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/planning-to-deploy-mbam-with-configuration-manager-2.md b/mdop/mbam-v2/planning-to-deploy-mbam-with-configuration-manager-2.md
index 5a97d7bef6..60833f65dd 100644
--- a/mdop/mbam-v2/planning-to-deploy-mbam-with-configuration-manager-2.md
+++ b/mdop/mbam-v2/planning-to-deploy-mbam-with-configuration-manager-2.md
@@ -1,7 +1,7 @@
---
title: Planning to Deploy MBAM with Configuration Manager
description: Planning to Deploy MBAM with Configuration Manager
-author: msfttracyp
+author: dansimp
ms.assetid: fb768306-48c2-40b4-ac4e-c279db987391
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v2/preparing-your-environment-for-mbam-20-mbam-2.md b/mdop/mbam-v2/preparing-your-environment-for-mbam-20-mbam-2.md
index 726098f4e6..287db04f99 100644
--- a/mdop/mbam-v2/preparing-your-environment-for-mbam-20-mbam-2.md
+++ b/mdop/mbam-v2/preparing-your-environment-for-mbam-20-mbam-2.md
@@ -1,7 +1,7 @@
---
title: Preparing your Environment for MBAM 2.0
description: Preparing your Environment for MBAM 2.0
-author: msfttracyp
+author: dansimp
ms.assetid: 5fb01da9-620e-4992-9e54-2ed3fb69e6af
ms.reviewer:
manager: dansimp
diff --git a/mdop/mbam-v25/TOC.md b/mdop/mbam-v25/TOC.md
index a33c126e12..01a083b8b8 100644
--- a/mdop/mbam-v25/TOC.md
+++ b/mdop/mbam-v25/TOC.md
@@ -83,6 +83,7 @@
#### [Monitoring Web Service Request Performance Counters](monitoring-web-service-request-performance-counters.md)
### [Using Windows PowerShell to Administer MBAM 2.5](using-windows-powershell-to-administer-mbam-25.md)
## [Troubleshooting MBAM 2.5](troubleshooting-mbam-25.md)
+### [Upgrade from MBAM 2.5 to MBAM 2.5 SP1](upgrade-mbam2.5-sp1.md)
## [Applying hotfixes on MBAM 2.5 SP1](apply-hotfix-for-mbam-25-sp1.md)
## [Technical Reference for MBAM 2.5](technical-reference-for-mbam-25.md)
### [Client Event Logs](client-event-logs.md)
diff --git a/mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md b/mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md
index 3013d8a294..3ed2c2c111 100644
--- a/mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md
+++ b/mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md
@@ -2,7 +2,7 @@
title: Applying hotfixes on MBAM 2.5 SP1
description: Applying hotfixes on MBAM 2.5 SP1
ms.author: ppriya-msft
-author: intothedarkness
+author: dansimp
ms.assetid:
ms.reviewer:
manager: dansimp
@@ -19,7 +19,7 @@ author: shortpatti
This topic describes the process for applying the hotfixes for Microsoft BitLocker Administration and Monitoring (MBAM) Server 2.5 SP1
### Before you begin, download the latest hotfix of Microsoft BitLocker Administration and Monitoring (MBAM) Server 2.5 SP1
-[Desktop Optimization Pack](https://www.microsoft.com/en-us/download/details.aspx?id=58345)
+[Desktop Optimization Pack](https://www.microsoft.com/download/details.aspx?id=58345)
#### Steps to update the MBAM Server for existing MBAM environment
1. Remove MBAM server feature (do this by opening the MBAM Server Configuration Tool, then selecting Remove Features).
diff --git a/mdop/mbam-v25/copying-the-mbam-25-group-policy-templates.md b/mdop/mbam-v25/copying-the-mbam-25-group-policy-templates.md
index 185ace5f1b..166bfb30c5 100644
--- a/mdop/mbam-v25/copying-the-mbam-25-group-policy-templates.md
+++ b/mdop/mbam-v25/copying-the-mbam-25-group-policy-templates.md
@@ -26,7 +26,7 @@ MDOP Group Policy templates are available for download in a self-extracting, com
**How to download and deploy the MDOP Group Policy templates**
-1. Download the MDOP Group Policy templates from [Microsoft Desktop Optimization Pack Group Policy Administrative Templates](https://www.microsoft.com/en-us/download/details.aspx?id=55531).
+1. Download the MDOP Group Policy templates from [Microsoft Desktop Optimization Pack Group Policy Administrative Templates](https://www.microsoft.com/download/details.aspx?id=55531).
2. Run the downloaded file to extract the template folders.
diff --git a/mdop/mbam-v25/index.md b/mdop/mbam-v25/index.md
index e5988391c0..3f71f9edd8 100644
--- a/mdop/mbam-v25/index.md
+++ b/mdop/mbam-v25/index.md
@@ -14,7 +14,7 @@ ms.date: 04/19/2017
Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 provides a simplified administrative interface that you can use to manage BitLocker Drive Encryption. You configure MBAM Group Policy Templates that enable you to set BitLocker Drive Encryption policy options that are appropriate for your enterprise, and then use them to monitor client compliance with those policies. You can also report on the encryption status of an individual computer and on the enterprise as a whole. In addition, you can access recovery key information when users forget their PIN or password or when their BIOS or boot record changes. For a more detailed description of MBAM, see [About MBAM 2.5](about-mbam-25.md).
-To obtain MBAM, see [How Do I Get MDOP](index.md#how-to-get-mdop).
+To obtain MBAM, see [How Do I Get MDOP](https://docs.microsoft.com/microsoft-desktop-optimization-pack/index#how-to-get-mdop).
## Outline
diff --git a/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md b/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md
index e6b0faca0c..b95c5a854c 100644
--- a/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md
+++ b/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md
@@ -260,8 +260,9 @@ The following table lists the installation prerequisites for the MBAM Administra
Windows Server Features |
.NET Framework 4.5 features:
|
| MultiSIM CSP |
@@ -823,7 +831,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s
| Messaging CSP |
-Added new CSP. This CSP is only supported in Windows 10 Mobile and Mobile Enteprise editions.
+ | Added new CSP. This CSP is only supported in Windows 10 Mobile and Mobile Enterprise editions.
|
@@ -933,7 +941,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s
- WirelessDisplay/AllowProjectionToPCOverInfrastructure
- WirelessDisplay/AllowUserInputFromWirelessDisplayReceiver
Removed TextInput/AllowLinguisticDataCollection
-Starting in Windows 10, version 1703, Update/UpdateServiceUrl is not supported in Windows 10 Mobile Enteprise and IoT Enterprise
+Starting in Windows 10, version 1703, Update/UpdateServiceUrl is not supported in Windows 10 Mobile Enterprise and IoT Enterprise
Starting in Windows 10, version 1703, the maximum value of Update/DeferFeatureUpdatesPeriodInDays has been increased from 180 days, to 365 days.
Starting in Windows 10, version 1703, in Browser/HomePages you can use the "<about:blank>" value if you don’t want to send traffic to Microsoft.
Starting in Windows 10, version 1703, Start/StartLayout can now be set on a per-device basis in addition to the pre-existing per-user basis.
@@ -1522,7 +1530,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s
-Management tool for the Micosoft Store for Business |
+Management tool for the Microsoft Store for Business |
New topics. The Store for Business has a new web service designed for the enterprise to acquire, manage, and distribute applications in bulk. It enables several capabilities that are required for the enterprise to manage the lifecycle of applications from acquisition to updates. |
@@ -1892,10 +1900,17 @@ How do I turn if off? | The service can be stopped from the "Services" console o
## Change history in MDM documentation
+### September 2019
+
+|New or updated topic | Description|
+|--- | ---|
+|[Policy CSP - Defender](policy-csp-defender.md)|Updated the supported value list for Defender/ScheduleScanDay policy.|
+
### August 2019
|New or updated topic | Description|
|--- | ---|
+|[DiagnosticLog CSP](diagnosticlog-csp.md)
[DiagnosticLog DDF](diagnosticlog-ddf.md)|Added version 1.4 of the CSP in Windows 10, version 1903. Added the new 1.4 version of the DDF. Added the following new nodes:
Policy, Policy/Channels, Policy/Channels/ChannelName, Policy/Channels/ChannelName/MaximumFileSize, Policy/Channels/ChannelName/SDDL, Policy/Channels/ChannelName/ActionWhenFull, Policy/Channels/ChannelName/Enabled, DiagnosticArchive, DiagnosticArchive/ArchiveDefinition, DiagnosticArchive/ArchiveResults.|
|[Enroll a Windows 10 device automatically using Group Policy](enroll-a-windows-10-device-automatically-using-group-policy.md)|Enhanced the article to include additional reference links and the following two topics:
Verify auto-enrollment requirements and settings, Troubleshoot auto-enrollment of devices.|
### July 2019
@@ -2181,8 +2196,8 @@ How do I turn if off? | The service can be stopped from the "Services" console o
- AccountPoliciesAccountLockoutPolicy/AccountLockoutThreshold - removed from docs. Not supported.
- AccountPoliciesAccountLockoutPolicy/ResetAccountLockoutCounterAfter - removed from docs. Not supported.
- LocalPoliciesSecurityOptions/NetworkAccess_LetEveryonePermissionsApplyToAnonymousUsers - removed from docs. Not supported.
-- System/AllowFontProviders is not supported in Windows Holographic for Business.
-- Security/RequireDeviceEncryption is suported in the Home SKU.
+- System/AllowFontProviders is not supported in HoloLens (1st gen) Commercial Suite.
+- Security/RequireDeviceEncryption is supported in the Home SKU.
- Start/StartLayout - added a table of SKU support information.
- Start/ImportEdgeAssets - added a table of SKU support information.
@@ -2416,7 +2431,7 @@ How do I turn if off? | The service can be stopped from the "Services" console o
- ShellLauncher
- StatusConfiguration
-Updated the AssigneAccessConfiguration schema. Starting in Windows 10, version 1803 AssignedAccess CSP is supported in Windows Holographic for Business edition. Added example for Windows Holographic for Business edition.
+Updated the AssigneAccessConfiguration schema. Starting in Windows 10, version 1803 AssignedAccess CSP is supported in HoloLens (1st gen) Commercial Suite. Added example for HoloLens (1st gen) Commercial Suite.
| MultiSIM CSP |
@@ -2731,7 +2746,7 @@ How do I turn if off? | The service can be stopped from the "Services" console o
For examples, see section 4.3.1 RequestSecurityToken of the MS-MDE2 protocol documentation.
-| EntepriseAPN CSP |
+EnterpriseAPN CSP |
Added a SyncML example.
|
diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index 05ec05440b..9a03db87e3 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -1131,6 +1131,9 @@ The following diagram shows the Policy configuration service provider in tree fo
### Education policies
+ -
+ Education/AllowGraphingCalculator
+
-
Education/DefaultPrinterName
diff --git a/windows/client-management/mdm/policy-csp-abovelock.md b/windows/client-management/mdm/policy-csp-abovelock.md
index b5cb013a88..008c0c74a3 100644
--- a/windows/client-management/mdm/policy-csp-abovelock.md
+++ b/windows/client-management/mdm/policy-csp-abovelock.md
@@ -199,12 +199,14 @@ The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-accounts.md b/windows/client-management/mdm/policy-csp-accounts.md
index 871c434dca..053896ccc4 100644
--- a/windows/client-management/mdm/policy-csp-accounts.md
+++ b/windows/client-management/mdm/policy-csp-accounts.md
@@ -195,33 +195,13 @@ The following list shows the supported values:
-
-
-
-## Accounts policies supported by HoloLens 2
-
-- [Accounts/AllowMicrosoftAccountConnection](#accounts-allowmicrosoftaccountconnection)
-
-
-
-## Accounts policies supported by HoloLens (1st gen) Commercial Suite
-
-- [Accounts/AllowMicrosoftAccountConnection](#accounts-allowmicrosoftaccountconnection)
-
-
-
-## Accounts policies supported by HoloLens (1st gen) Development Edition
-
-- [Accounts/AllowMicrosoftAccountConnection](#accounts-allowmicrosoftaccountconnection)
-
-
-
-
Footnotes:
-- 1 - Added in Windows 10, version 1607.
-- 2 - Added in Windows 10, version 1703.
-- 3 - Added in Windows 10, version 1709.
-- 4 - Added in Windows 10, version 1803.
-- 5 - Added in Windows 10, version 1809.
+- 1 - Added in Windows 10, version 1607.
+- 2 - Added in Windows 10, version 1703.
+- 3 - Added in Windows 10, version 1709.
+- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-activexcontrols.md b/windows/client-management/mdm/policy-csp-activexcontrols.md
index 09639791f8..850e4ff945 100644
--- a/windows/client-management/mdm/policy-csp-activexcontrols.md
+++ b/windows/client-management/mdm/policy-csp-activexcontrols.md
@@ -92,12 +92,13 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
-
-
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-applicationdefaults.md b/windows/client-management/mdm/policy-csp-applicationdefaults.md
index 7bbea44531..86d413d085 100644
--- a/windows/client-management/mdm/policy-csp-applicationdefaults.md
+++ b/windows/client-management/mdm/policy-csp-applicationdefaults.md
@@ -199,12 +199,13 @@ This setting supports a range of values between 0 and 1.
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
-
-
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-applicationmanagement.md b/windows/client-management/mdm/policy-csp-applicationmanagement.md
index 9feb66be2d..1657cb97f4 100644
--- a/windows/client-management/mdm/policy-csp-applicationmanagement.md
+++ b/windows/client-management/mdm/policy-csp-applicationmanagement.md
@@ -1040,34 +1040,6 @@ XSD:
-
-
-
-
-## ApplicationManagement policies supported by HoloLens 2
-
-- [ApplicationManagement/AllowAllTrustedApps](#applicationmanagement-allowalltrustedapps)
-- [ApplicationManagement/AllowAppStoreAutoUpdate](#applicationmanagement-allowappstoreautoupdate)
-- [ApplicationManagement/AllowDeveloperUnlock](#applicationmanagement-allowdeveloperunlock)
-
-
-
-
-## ApplicationManagement policies supported by HoloLens (ist gen) Commercial Suite
-
-- [ApplicationManagement/AllowAllTrustedApps](#applicationmanagement-allowalltrustedapps)
-- [ApplicationManagement/AllowAppStoreAutoUpdate](#applicationmanagement-allowappstoreautoupdate)
-- [ApplicationManagement/AllowDeveloperUnlock](#applicationmanagement-allowdeveloperunlock)
-
-
-
-## ApplicationManagement policies supported by HoloLens (1st gen) Development Edition
-
-- [ApplicationManagement/AllowAllTrustedApps](#applicationmanagement-allowalltrustedapps)
-- [ApplicationManagement/AllowAppStoreAutoUpdate](#applicationmanagement-allowappstoreautoupdate)
-- [ApplicationManagement/AllowDeveloperUnlock](#applicationmanagement-allowdeveloperunlock)
-
-
Footnotes:
@@ -1078,3 +1050,4 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
diff --git a/windows/client-management/mdm/policy-csp-appruntime.md b/windows/client-management/mdm/policy-csp-appruntime.md
index 6f998bebf9..ce22da2a1b 100644
--- a/windows/client-management/mdm/policy-csp-appruntime.md
+++ b/windows/client-management/mdm/policy-csp-appruntime.md
@@ -89,12 +89,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-appvirtualization.md b/windows/client-management/mdm/policy-csp-appvirtualization.md
index 7ecd3a228b..6719816427 100644
--- a/windows/client-management/mdm/policy-csp-appvirtualization.md
+++ b/windows/client-management/mdm/policy-csp-appvirtualization.md
@@ -1812,7 +1812,7 @@ ADMX Info:
-Specifies a list of process paths (may contain wildcards) which are candidates for using virtual components (shell extensions, browser helper objects, etc). Only processes whose full path matches one of these items can use virtual components.
+Specifies a list of process paths (may contain wildcards) which are candidates for using virtual components (shell extensions, browser helper objects, etc.). Only processes whose full path matches one of these items can use virtual components.
> [!TIP]
@@ -1833,12 +1833,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-attachmentmanager.md b/windows/client-management/mdm/policy-csp-attachmentmanager.md
index f5630e76f5..bcb75801ca 100644
--- a/windows/client-management/mdm/policy-csp-attachmentmanager.md
+++ b/windows/client-management/mdm/policy-csp-attachmentmanager.md
@@ -226,12 +226,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-authentication.md b/windows/client-management/mdm/policy-csp-authentication.md
index 6ce830a730..fa0ff7ed0c 100644
--- a/windows/client-management/mdm/policy-csp-authentication.md
+++ b/windows/client-management/mdm/policy-csp-authentication.md
@@ -241,7 +241,7 @@ Preview release in Windows 10, version 1709. Supported in the next release. Spe
Value type is integer.
-Here is an example scenario: At Contoso, there are a lot of shared devices and kiosks that employees throughout the day using as many as 20 different devices. To minimize the loss in productivity when employees have to login with username and password everytime they pick up a device, the IT admin deploys SharePC CSP and Authentication/AllowFidoDeviceSignon policy to shared devices. The IT admin provisions and distributes FIDO 2.0 devices to employees, which allows them to authenticate to various shared devices and PCs.
+Here is an example scenario: At Contoso, there are a lot of shared devices and kiosks that employees throughout the day using as many as 20 different devices. To minimize the loss in productivity when employees have to login with username and password every time they pick up a device, the IT admin deploys SharePC CSP and Authentication/AllowFidoDeviceSignon policy to shared devices. The IT admin provisions and distributes FIDO 2.0 devices to employees, which allows them to authenticate to various shared devices and PCs.
@@ -364,7 +364,7 @@ This policy is intended for use on Shared PCs to enable a quick first sign-in ex
Value type is integer. Supported values:
- 0 - (default) The feature defaults to the existing SKU and device capabilities.
-- 1 - Enabled. Auto connect new non-admin AZure AD accounts to pre-configured candidate local accounts
+- 1 - Enabled. Auto connect new non-admin Azure AD accounts to pre-configured candidate local accounts
- 2 - Disabled. Do not auto connect new non-admin Azure AD accounts to pre-configured local accounts
@@ -499,30 +499,6 @@ Value type is string.
-
-
-
-
-## Authentication policies supported by HoloLens 2
-
-- [Authentication/AllowFastReconnect](#authentication-allowfastreconnect)
-- [Authentication/PreferredAadTenantDomainName](#authentication-preferredaadtenantdomainname)
-
-
-
-## Authentication policies supported by HoloLens (1st gen) Commercial Suite
-
-- [Authentication/AllowFastReconnect](#authentication-allowfastreconnect)
-- [Authentication/PreferredAadTenantDomainName](#authentication-preferredaadtenantdomainname)
-
-
-
-## Authentication policies supported by HoloLens (1st gen) Development Edition
-
-- [Authentication/AllowFastReconnect](#authentication-allowfastreconnect)
-
-
-
Footnotes:
@@ -533,3 +509,4 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-autoplay.md b/windows/client-management/mdm/policy-csp-autoplay.md
index 0845e952f8..0f89d7ad50 100644
--- a/windows/client-management/mdm/policy-csp-autoplay.md
+++ b/windows/client-management/mdm/policy-csp-autoplay.md
@@ -242,12 +242,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-bitlocker.md b/windows/client-management/mdm/policy-csp-bitlocker.md
index 85d8f6acdc..70106adeb4 100644
--- a/windows/client-management/mdm/policy-csp-bitlocker.md
+++ b/windows/client-management/mdm/policy-csp-bitlocker.md
@@ -13,7 +13,8 @@ manager: dansimp
# Policy CSP - Bitlocker
-
+> [!NOTE]
+> To manage encryption of PCs and devices, use [BitLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/bitlocker-csp).
@@ -68,7 +69,7 @@ manager: dansimp
Specifies the BitLocker Drive Encryption method and cipher strength.
> [!NOTE]
-> XTS-AES 128-bit and XTS-AES 256-bit values are only supported on Windows 10 for desktop.
+> XTS-AES 128-bit and XTS-AES 256-bit values are supported only on Windows 10 for desktop.
@@ -83,10 +84,7 @@ The following list shows the supported values:
-> [!NOTE]
-> To manage encryption of PCs and devices, use [BitLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/bitlocker-csp)
-
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
@@ -95,5 +93,4 @@ Footnote:
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
-
-
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-bits.md b/windows/client-management/mdm/policy-csp-bits.md
index 32fe01163f..c7305f22ee 100644
--- a/windows/client-management/mdm/policy-csp-bits.md
+++ b/windows/client-management/mdm/policy-csp-bits.md
@@ -91,7 +91,7 @@ If BITS/BandwidthThrottlingStartTime or BITS/BandwidthThrottlingEndTime are NOT
This policy specifies the bandwidth throttling **end time** that Background Intelligent Transfer Service (BITS) uses for background transfers. This policy setting does not affect foreground transfers. This policy is based on the 24-hour clock.
-Value type is integer. Default value is 17 (5 pm).
+Value type is integer. Default value is 17 (5 PM).
Supported value range: 0 - 23
@@ -101,7 +101,7 @@ Using the three policies together (BandwidthThrottlingStartTime, BandwidthThrott
If you disable or do not configure this policy setting, BITS uses all available unused bandwidth.
-Note: You should base the limit on the speed of the network link, not the computer's network interface card (NIC). This policy setting does not affect Peercaching transfers between peer computers (it does affect transfers from the origin server); the "Limit the maximum network bandwidth used for Peercaching" policy setting should be used for that purpose.
+Note: You should base the limit on the speed of the network link, not the computer's network interface card (NIC). This policy setting does not affect peer caching transfers between peer computers (it does affect transfers from the origin server); the "Limit the maximum network bandwidth used for Peercaching" policy setting should be used for that purpose.
Consider using this setting to prevent BITS transfers from competing for network bandwidth when the client computer has a fast network card (10Mbs), but is connected to the network via a slow link (56Kbs).
@@ -176,7 +176,7 @@ Using the three policies together (BandwidthThrottlingStartTime, BandwidthThrott
If you disable or do not configure this policy setting, BITS uses all available unused bandwidth.
-Note: You should base the limit on the speed of the network link, not the computer's network interface card (NIC). This policy setting does not affect Peercaching transfers between peer computers (it does affect transfers from the origin server); the "Limit the maximum network bandwidth used for Peercaching" policy setting should be used for that purpose.
+Note: You should base the limit on the speed of the network link, not the computer's network interface card (NIC). This policy setting does not affect peer caching transfers between peer computers (it does affect transfers from the origin server); the "Limit the maximum network bandwidth used for Peercaching" policy setting should be used for that purpose.
Consider using this setting to prevent BITS transfers from competing for network bandwidth when the client computer has a fast network card (10Mbs), but is connected to the network via a slow link (56Kbs).
@@ -251,7 +251,7 @@ Using the three policies together (BandwidthThrottlingStartTime, BandwidthThrott
If you disable or do not configure this policy setting, BITS uses all available unused bandwidth.
-Note: You should base the limit on the speed of the network link, not the computer's network interface card (NIC). This policy setting does not affect Peercaching transfers between peer computers (it does affect transfers from the origin server); the "Limit the maximum network bandwidth used for Peercaching" policy setting should be used for that purpose.
+Note: You should base the limit on the speed of the network link, not the computer's network interface card (NIC). This policy setting does not affect peer caching transfers between peer computers (it does affect transfers from the origin server); the "Limit the maximum network bandwidth used for Peercaching" policy setting should be used for that purpose.
Consider using this setting to prevent BITS transfers from competing for network bandwidth when the client computer has a fast network card (10Mbs), but is connected to the network via a slow link (56Kbs).
@@ -494,14 +494,14 @@ Supported values range: 0 - 999
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in the next major release of Windows 10.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-bluetooth.md b/windows/client-management/mdm/policy-csp-bluetooth.md
index 2475975ca6..d834300ed0 100644
--- a/windows/client-management/mdm/policy-csp-bluetooth.md
+++ b/windows/client-management/mdm/policy-csp-bluetooth.md
@@ -341,34 +341,18 @@ The default value is an empty string. For more information, see [ServicesAllowed
+
+Footnotes:
+- 1 - Added in Windows 10, version 1607.
+- 2 - Added in Windows 10, version 1703.
+- 3 - Added in Windows 10, version 1709.
+- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
-
-## Bluetooth policies supported by HoloLens 2
-
-- [Bluetooth/AllowDiscoverableMode](#bluetooth-allowdiscoverablemode)
-- [Bluetooth/LocalDeviceName](#bluetooth-localdevicename)
-
-
-
-## Bluetooth policies supported by HoloLens (1st gen) Commercial Suite
-
-- [Bluetooth/AllowAdvertising](#bluetooth-allowadvertising)
-- [Bluetooth/AllowDiscoverableMode](#bluetooth-allowdiscoverablemode)
-- [Bluetooth/LocalDeviceName](#bluetooth-localdevicename)
-
-
-
-## Bluetooth policies supported by HoloLens (1st gen) Development Edition
-
-- [Bluetooth/AllowAdvertising](#bluetooth-allowadvertising)
-- [Bluetooth/AllowDiscoverableMode](#bluetooth-allowdiscoverablemode)
-- [Bluetooth/LocalDeviceName](#bluetooth-localdevicename)
-
-
-
-
+
## ServicesAllowedList usage guide
@@ -481,14 +465,4 @@ Disabling file transfer shall have the following effects
- Fsquirt shall not allow sending of files
- Fsquirt shall not allow receiving of files
- Fsquirt shall display error message informing user of policy preventing file transfer
-- 3rd-party apps shall not be permitted to send or receive files using MSFT Bluetooth API
-
-
-Footnotes:
-
-- 1 - Added in Windows 10, version 1607.
-- 2 - Added in Windows 10, version 1703.
-- 3 - Added in Windows 10, version 1709.
-- 4 - Added in Windows 10, version 1803.
-- 5 - Added in Windows 10, version 1809.
-- 6 - Added in Windows 10, version 1903.
\ No newline at end of file
+- 3rd-party apps shall not be permitted to send or receive files using MSFT Bluetooth API
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-browser.md b/windows/client-management/mdm/policy-csp-browser.md
index 6553368bef..8f07ea575b 100644
--- a/windows/client-management/mdm/policy-csp-browser.md
+++ b/windows/client-management/mdm/policy-csp-browser.md
@@ -319,7 +319,7 @@ To verify AllowAutofill is set to 0 (not allowed):
1. Open Microsoft Edge.
2. In the upper-right corner of the browser, click **…**.
3. Click **Settings** in the drop down list, and select **View Advanced Settings**.
-4. Verify the setting **Save form entries** is greyed out.
+4. Verify the setting **Save form entries** is grayed out.
@@ -641,7 +641,7 @@ To verify AllowDoNotTrack is set to 0 (not allowed):
1. Open Microsoft Edge or Microsoft Edge for Windows 10 Mobile.
2. In the upper-right corner of the browser, click **…**.
3. Click **Settings** in the drop down list, and select **View Advanced Settings**.
-4. Verify the setting **Send Do Not Track requests** is greyed out.
+4. Verify the setting **Send Do Not Track requests** is grayed out.
@@ -3961,44 +3961,6 @@ Supported values:
Most restricted value: 0
-
-
-
-
-## Browser policies supported by HoloLens 2
-
-- [Browser/AllowAutofill](#browser-allowautofill)
-- [Browser/AllowCookies](#browser-allowcookies)
-- [Browser/AllowDoNotTrack](#browser-allowdonottrack)
-- [Browser/AllowPasswordManager](#browser-allowpasswordmanager)
-- [Browser/AllowPopups](#browser-allowpopups)
-- [Browser/AllowSearchSuggestionsinAddressBar](#browser-allowsearchsuggestionsinaddressbar)
-- [Browser/AllowSmartScreen](#browser-allowsmartscreen)
-
-
-
-## Browser policies supported by HoloLens (1st gen) Commercial Suite
-
-- [Browser/AllowAutofill](#browser-allowautofill)
-- [Browser/AllowCookies](#browser-allowcookies)
-- [Browser/AllowDoNotTrack](#browser-allowdonottrack)
-- [Browser/AllowPasswordManager](#browser-allowpasswordmanager)
-- [Browser/AllowPopups](#browser-allowpopups)
-- [Browser/AllowSearchSuggestionsinAddressBar](#browser-allowsearchsuggestionsinaddressbar)
-- [Browser/AllowSmartScreen](#browser-allowsmartscreen)
-
-
-
-## Browser policies supported by HoloLens (1st gen) Development Edition
-
-- [Browser/AllowCookies](#browser-allowcookies)
-- [Browser/AllowDoNotTrack](#browser-allowdonottrack)
-- [Browser/AllowPasswordManager](#browser-allowpasswordmanager)
-- [Browser/AllowPopups](#browser-allowpopups)
-- [Browser/AllowSearchSuggestionsinAddressBar](#browser-allowsearchsuggestionsinaddressbar)
-- [Browser/AllowSmartScreen](#browser-allowsmartscreen)
-
-
Footnotes:
@@ -4009,3 +3971,5 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
+
diff --git a/windows/client-management/mdm/policy-csp-camera.md b/windows/client-management/mdm/policy-csp-camera.md
index 0852d91632..64551b503d 100644
--- a/windows/client-management/mdm/policy-csp-camera.md
+++ b/windows/client-management/mdm/policy-csp-camera.md
@@ -88,30 +88,13 @@ The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
-
-
-
-## Camera policies that can be set using Exchange Active Sync (EAS)
-
-- [Camera/AllowCamera](#camera-allowcamera)
-
-
-
-## Camera policies supported by IoT Core
-
-- [Camera/AllowCamera](#camera-allowcamera)
-
-
-
-## Camera policies supported by Microsoft Surface Hub
-
-- [Camera/AllowCamera](#camera-allowcamera)
-
-
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-cellular.md b/windows/client-management/mdm/policy-csp-cellular.md
index ff738aa2e1..9a09add801 100644
--- a/windows/client-management/mdm/policy-csp-cellular.md
+++ b/windows/client-management/mdm/policy-csp-cellular.md
@@ -329,30 +329,13 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
-
-
-
-## Cellular policies that can be set using Exchange Active Sync (EAS)
-
-- [Cellular/ShowAppCellularAccessUI](#cellular-showappcellularaccessui)
-
-
-
-## Cellular policies supported by IoT Core
-
-- [Cellular/ShowAppCellularAccessUI](#cellular-showappcellularaccessui)
-
-
-
-## Cellular policies supported by Microsoft Surface Hub
-
-- [Cellular/ShowAppCellularAccessUI](#cellular-showappcellularaccessui)
-
-
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-connectivity.md b/windows/client-management/mdm/policy-csp-connectivity.md
index d86d214339..aadc67164b 100644
--- a/windows/client-management/mdm/policy-csp-connectivity.md
+++ b/windows/client-management/mdm/policy-csp-connectivity.md
@@ -120,7 +120,7 @@ Most restricted value is 0.
The following list shows the supported values:
-- 0 – Disallow Bluetooth. If this is set to 0, the radio in the Bluetooth control panel will be greyed out and the user will not be able to turn Bluetooth on.
+- 0 – Disallow Bluetooth. If this is set to 0, the radio in the Bluetooth control panel will be grayed out and the user will not be able to turn Bluetooth on.
- 1 – Reserved. If this is set to 1, the radio in the Bluetooth control panel will be functional and the user will be able to turn Bluetooth on.
- 2 (default) – Allow Bluetooth. If this is set to 2, the radio in the Bluetooth control panel will be functional and the user will be able to turn Bluetooth on.
@@ -418,7 +418,7 @@ This setting supports a range of values between 0 and 1.
Validation:
-If the Connectivity/AllowPhonePCLinking policy is configured to value 0, the add a phone button in the Phones section in settings will be greyed out and clicking it will not launch the window for a user to enter their phone number.
+If the Connectivity/AllowPhonePCLinking policy is configured to value 0, the add a phone button in the Phones section in settings will be grayed out and clicking it will not launch the window for a user to enter their phone number.
Device that has previously opt-in to MMX will also stop showing on the device list.
@@ -942,7 +942,7 @@ Determines whether a user can install and configure the Network Bridge.
Important: This settings is location aware. It only applies when a computer is connected to the same DNS domain network it was connected to when the setting was refreshed on that computer. If a computer is connected to a DNS domain network other than the one it was connected to when the setting was refreshed, this setting does not apply.
-The Network Bridge allows users to create a layer 2 MAC bridge, enabling them to connect two or more network segements together. This connection appears in the Network Connections folder.
+The Network Bridge allows users to create a layer 2 MAC bridge, enabling them to connect two or more network segments together. This connection appears in the Network Connections folder.
If you disable this setting or do not configure it, the user will be able to create and modify the configuration of a Network Bridge. Enabling this setting does not remove an existing Network Bridge from the user's computer.
@@ -963,30 +963,6 @@ ADMX Info:
-
-
-
-
-## Connectivity policies supported by HoloLens 2
-
-- [Connectivity/AllowBluetooth](#connectivity-allowbluetooth)
-- [Connectivity/AllowUSBConnection](#connectivity-allowusbconnection)
-
-
-
-## Connectivity policies supported by HoloLens (1st gen) Commercial Suite
-
-- [Connectivity/AllowBluetooth](#connectivity-allowbluetooth)
-- [Connectivity/AllowUSBConnection](#connectivity-allowusbconnection)
-
-
-
-## Connectivity policies supported by HoloLens (1st gen) Development Edition
-
-- [Connectivity/AllowBluetooth](#connectivity-allowbluetooth)
-- [Connectivity/AllowUSBConnection](#connectivity-allowusbconnection)
-
-
Footnotes:
@@ -996,4 +972,5 @@ Footnotes:
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in Windows 10, version 1903.
\ No newline at end of file
+- 6 - Added in Windows 10, version 1903.
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-controlpolicyconflict.md b/windows/client-management/mdm/policy-csp-controlpolicyconflict.md
index c9d03ef5de..92db88b0ff 100644
--- a/windows/client-management/mdm/policy-csp-controlpolicyconflict.md
+++ b/windows/client-management/mdm/policy-csp-controlpolicyconflict.md
@@ -106,12 +106,13 @@ The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
-
-
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-credentialproviders.md b/windows/client-management/mdm/policy-csp-credentialproviders.md
index 1e3b1dd91e..c90e160c5d 100644
--- a/windows/client-management/mdm/policy-csp-credentialproviders.md
+++ b/windows/client-management/mdm/policy-csp-credentialproviders.md
@@ -216,19 +216,13 @@ The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
-
-
-
-## CredentialProviders policies supported by IoT Core
-
-- [CredentialProviders/AllowPINLogon](#credentialproviders-allowpinlogon)
-- [CredentialProviders/BlockPicturePassword](#credentialproviders-blockpicturepassword)
-
-
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-credentialsdelegation.md b/windows/client-management/mdm/policy-csp-credentialsdelegation.md
index 80a987c29b..6d6549c026 100644
--- a/windows/client-management/mdm/policy-csp-credentialsdelegation.md
+++ b/windows/client-management/mdm/policy-csp-credentialsdelegation.md
@@ -91,12 +91,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-credentialsui.md b/windows/client-management/mdm/policy-csp-credentialsui.md
index 723426a323..480fd54f21 100644
--- a/windows/client-management/mdm/policy-csp-credentialsui.md
+++ b/windows/client-management/mdm/policy-csp-credentialsui.md
@@ -160,12 +160,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-cryptography.md b/windows/client-management/mdm/policy-csp-cryptography.md
index 4aaf66a50c..088711a7c3 100644
--- a/windows/client-management/mdm/policy-csp-cryptography.md
+++ b/windows/client-management/mdm/policy-csp-cryptography.md
@@ -148,21 +148,15 @@ Lists the Cryptographic Cipher Algorithms allowed for SSL connections. Format is
-
-
-## Cryptography policies supported by Microsoft Surface Hub
-
-- [Cryptography/AllowFipsAlgorithmPolicy](#cryptography-allowfipsalgorithmpolicy)
-- [Cryptography/TLSCipherSuites](#cryptography-tlsciphersuites)
-
-
Footnotes:
-- 1 - Added in Windows 10, version 1607.
-- 2 - Added in Windows 10, version 1703.
-- 3 - Added in Windows 10, version 1709.
-- 4 - Added in Windows 10, version 1803.
-- 5 - Added in Windows 10, version 1809.
+- 1 - Added in Windows 10, version 1607.
+- 2 - Added in Windows 10, version 1703.
+- 3 - Added in Windows 10, version 1709.
+- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-dataprotection.md b/windows/client-management/mdm/policy-csp-dataprotection.md
index cfa533aef2..c8866cf5c0 100644
--- a/windows/client-management/mdm/policy-csp-dataprotection.md
+++ b/windows/client-management/mdm/policy-csp-dataprotection.md
@@ -133,18 +133,13 @@ Setting used by Windows 8.1 Selective Wipe.
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
-
-
-
-## DataProtection policies supported by IoT Core
-
-- [DataProtection/AllowDirectMemoryAccess](#dataprotection-allowdirectmemoryaccess)
-
-
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-datausage.md b/windows/client-management/mdm/policy-csp-datausage.md
index 1268e6243c..cab2e300d4 100644
--- a/windows/client-management/mdm/policy-csp-datausage.md
+++ b/windows/client-management/mdm/policy-csp-datausage.md
@@ -111,12 +111,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-defender.md b/windows/client-management/mdm/policy-csp-defender.md
index 067c82000d..e88ef95636 100644
--- a/windows/client-management/mdm/policy-csp-defender.md
+++ b/windows/client-management/mdm/policy-csp-defender.md
@@ -6,17 +6,13 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
-ms.date: 01/26/2019
+ms.date: 09/24/2019
ms.reviewer:
manager: dansimp
---
# Policy CSP - Defender
-> [!WARNING]
-> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
-
-
@@ -205,8 +201,8 @@ ADMX Info:
The following list shows the supported values:
-- 0 – Not allowed.
-- 1 (default) – Allowed.
+- 0 – Not allowed. Turns off scanning on archived files.
+- 1 (default) – Allowed. Scans the archive files.
@@ -267,8 +263,8 @@ ADMX Info:
The following list shows the supported values:
-- 0 – Not allowed.
-- 1 (default) – Allowed.
+- 0 – Not allowed. Turns off behavior monitoring.
+- 1 (default) – Allowed. Turns on real-time behavior monitoring.
@@ -330,8 +326,8 @@ ADMX Info:
The following list shows the supported values:
-- 0 – Not allowed.
-- 1 (default) – Allowed.
+- 0 – Not allowed. Turns off the Microsoft Active Protection Service.
+- 1 (default) – Allowed. Turns on the Microsoft Active Protection Service.
@@ -392,8 +388,8 @@ ADMX Info:
The following list shows the supported values:
-- 0 (default) – Not allowed.
-- 1 – Allowed.
+- 0 (default) – Not allowed. Turns off email scanning.
+- 1 – Allowed. Turns on email scanning.
@@ -454,8 +450,8 @@ ADMX Info:
The following list shows the supported values:
-- 0 (default) – Not allowed.
-- 1 – Allowed.
+- 0 (default) – Not allowed. Disables scanning on mapped network drives.
+- 1 – Allowed. Scans mapped network drives.
@@ -502,7 +498,7 @@ The following list shows the supported values:
> This policy is only enforced in Windows 10 for desktop.
-Allows or disallows a full scan of removable drives.
+Allows or disallows a full scan of removable drives. During a quick scan, removable drives may still be scanned.
@@ -516,8 +512,8 @@ ADMX Info:
The following list shows the supported values:
-- 0 – Not allowed.
-- 1 (default) – Allowed.
+- 0 – Not allowed. Turns off scanning on removable drives.
+- 1 (default) – Allowed. Scans removable drives.
@@ -756,8 +752,8 @@ ADMX Info:
The following list shows the supported values:
-- 0 – Not allowed.
-- 1 (default) – Allowed.
+- 0 – Not allowed. Turns off the real-time monitoring service.
+- 1 (default) – Allowed. Turns on and runs the real-time monitoring service.
@@ -818,8 +814,8 @@ ADMX Info:
The following list shows the supported values:
-- 0 – Not allowed.
-- 1 (default) – Allowed.
+- 0 – Not allowed. Turns off scanning of network files.
+- 1 (default) – Allowed. Scans network files.
@@ -934,8 +930,8 @@ ADMX Info:
The following list shows the supported values:
-- 0 – Not allowed.
-- 1 (default) – Allowed.
+- 0 – Not allowed. Prevents users from accessing UI.
+- 1 (default) – Allowed. Lets users access UI.
@@ -2335,17 +2331,17 @@ ADMX Info:
-The following list shows the supported values:
+The following list shows the supported values:
-- 0 (default) – Every day
-- 1 – Monday
-- 2 – Tuesday
-- 3 – Wednesday
-- 4 – Thursday
-- 5 – Friday
-- 6 – Saturday
-- 7 – Sunday
-- 8 – No scheduled scan
+- 0 (default) – Every day
+- 1 – Sunday
+- 2 – Monday
+- 3 – Tuesday
+- 4 – Wednesday
+- 5 – Thursday
+- 6 – Friday
+- 7 – Saturday
+- 8 – No scheduled scan
@@ -2773,45 +2769,13 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in the next major release of Windows 10.
+- 6 - Added in Windows 10, version 1903.
-
-
-## Defender policies supported by Microsoft Surface Hub
-
-- [Defender/AllowArchiveScanning](#defender-allowarchivescanning)
-- [Defender/AllowBehaviorMonitoring](#defender-allowbehaviormonitoring)
-- [Defender/AllowCloudProtection](#defender-allowcloudprotection)
-- [Defender/AllowEmailScanning](#defender-allowemailscanning)
-- [Defender/AllowFullScanOnMappedNetworkDrives](#defender-allowfullscanonmappednetworkdrives)
-- [Defender/AllowFullScanRemovableDriveScanning](#defender-allowfullscanremovabledrivescanning)
-- [Defender/AllowIOAVProtection](#defender-allowioavprotection)
-- [Defender/AllowIntrusionPreventionSystem](#defender-allowintrusionpreventionsystem)
-- [Defender/AllowOnAccessProtection](#defender-allowonaccessprotection)
-- [Defender/AllowRealtimeMonitoring](#defender-allowrealtimemonitoring)
-- [Defender/AllowScanningNetworkFiles](#defender-allowscanningnetworkfiles)
-- [Defender/AllowScriptScanning](#defender-allowscriptscanning)
-- [Defender/AllowUserUIAccess](#defender-allowuseruiaccess)
-- [Defender/AvgCPULoadFactor](#defender-avgcpuloadfactor)
-- [Defender/DaysToRetainCleanedMalware](#defender-daystoretaincleanedmalware)
-- [Defender/ExcludedExtensions](#defender-excludedextensions)
-- [Defender/ExcludedPaths](#defender-excludedpaths)
-- [Defender/ExcludedProcesses](#defender-excludedprocesses)
-- [Defender/PUAProtection](#defender-puaprotection)
-- [Defender/RealTimeScanDirection](#defender-realtimescandirection)
-- [Defender/ScanParameter](#defender-scanparameter)
-- [Defender/ScheduleQuickScanTime](#defender-schedulequickscantime)
-- [Defender/ScheduleScanDay](#defender-schedulescanday)
-- [Defender/ScheduleScanTime](#defender-schedulescantime)
-- [Defender/SignatureUpdateInterval](#defender-signatureupdateinterval)
-- [Defender/SubmitSamplesConsent](#defender-submitsamplesconsent)
-- [Defender/ThreatSeverityDefaultAction](#defender-threatseveritydefaultaction)
-
diff --git a/windows/client-management/mdm/policy-csp-deliveryoptimization.md b/windows/client-management/mdm/policy-csp-deliveryoptimization.md
index 66ac43c7f6..951388e477 100644
--- a/windows/client-management/mdm/policy-csp-deliveryoptimization.md
+++ b/windows/client-management/mdm/policy-csp-deliveryoptimization.md
@@ -1701,101 +1701,6 @@ This policy allows an IT Admin to define the following:
-
-
-
-
-
-
-
-
-
-
-
-## DeliveryOptimization policies supported by IoT Core
-
-- [DeliveryOptimization/DOAbsoluteMaxCacheSize](#deliveryoptimization-doabsolutemaxcachesize)
-- [DeliveryOptimization/DOAllowVPNPeerCaching](#deliveryoptimization-doallowvpnpeercaching)
-- [DeliveryOptimization/DOCacheHost](#deliveryoptimization-docachehost)
-- [DeliveryOptimization/DODelayBackgroundDownloadFromHttp](#deliveryoptimization-dodelaybackgrounddownloadfromhttp)
-- [DeliveryOptimization/DODelayForegroundDownloadFromHttp](#deliveryoptimization-dodelayforegrounddownloadfromhttp)
-- [DeliveryOptimization/DODelayCacheServerFallbackBackground](#deliveryoptimization-dodelaycacheserverfallbackbackground)
-- [DeliveryOptimization/DODelayCacheServerFallbackForeground](#deliveryoptimization-dodelaycacheserverfallbackforeground)
-- [DeliveryOptimization/DODownloadMode](#deliveryoptimization-dodownloadmode)
-- [DeliveryOptimization/DOGroupId](#deliveryoptimization-dogroupid)
-- [DeliveryOptimization/DOGroupIdSource](#deliveryoptimization-dogroupidsource)
-- [DeliveryOptimization/DOMaxCacheAge](#deliveryoptimization-domaxcacheage)
-- [DeliveryOptimization/DOMaxCacheSize](#deliveryoptimization-domaxcachesize)
-- [DeliveryOptimization/DOMaxDownloadBandwidth](#deliveryoptimization-domaxdownloadbandwidth)
-- [DeliveryOptimization/DOMaxUploadBandwidth](#deliveryoptimization-domaxuploadbandwidth)
-- [DeliveryOptimization/DOMinBackgroundQos](#deliveryoptimization-dominbackgroundqos)
-- [DeliveryOptimization/DOMinBatteryPercentageAllowedToUpload](#deliveryoptimization-dominbatterypercentageallowedtoupload)
-- [DeliveryOptimization/DOMinDiskSizeAllowedToPeer](#deliveryoptimization-domindisksizeallowedtopeer)
-- [DeliveryOptimization/DOMinFileSizeToCache](#deliveryoptimization-dominfilesizetocache)
-- [DeliveryOptimization/DOMinRAMAllowedToPeer](#deliveryoptimization-dominramallowedtopeer)
-- [DeliveryOptimization/DOModifyCacheDrive](#deliveryoptimization-domodifycachedrive)
-- [DeliveryOptimization/DOMonthlyUploadDataCap](#deliveryoptimization-domonthlyuploaddatacap)
-- [DeliveryOptimization/DOPercentageMaxBackgroundBandwidth](#deliveryoptimization-dopercentagemaxbackgroundbandwidth)
-- [DeliveryOptimization/DOPercentageMaxDownloadBandwidth](#deliveryoptimization-dopercentagemaxdownloadbandwidth)
-- [DeliveryOptimization/DOPercentageMaxForegroundBandwidth](#deliveryoptimization-dopercentagemaxforegroundbandwidth)
-- [DeliveryOptimization/DORestrictPeerSelectionBy](#deliveryoptimization-dorestrictpeerselectionby)
-- [DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth](#deliveryoptimization-dosethourstolimitbackgrounddownloadbandwidth)
-- [DeliveryOptimization/DOSetHoursToLimitForegroundDownloadBandwidth](#deliveryoptimization-dosethourstolimitforegrounddownloadbandwidth)
-
-
-
-## DeliveryOptimization policies supported by IoT Enterprise
-
-- [DeliveryOptimization/DOAbsoluteMaxCacheSize](#deliveryoptimization-doabsolutemaxcachesize)
-- [DeliveryOptimization/DOAllowVPNPeerCaching](#deliveryoptimization-doallowvpnpeercaching)
-- [DeliveryOptimization/DOCacheHost](#deliveryoptimization-docachehost)
-- [DeliveryOptimization/DODelayBackgroundDownloadFromHttp](#deliveryoptimization-dodelaybackgrounddownloadfromhttp)
-- [DeliveryOptimization/DODelayForegroundDownloadFromHttp](#deliveryoptimization-dodelayforegrounddownloadfromhttp)
-- [DeliveryOptimization/DODelayCacheServerFallbackBackground](#deliveryoptimization-dodelaycacheserverfallbackbackground)
-- [DeliveryOptimization/DODelayCacheServerFallbackForeground](#deliveryoptimization-dodelaycacheserverfallbackforeground)
-- [DeliveryOptimization/DODownloadMode](#deliveryoptimization-dodownloadmode)
-- [DeliveryOptimization/DOGroupId](#deliveryoptimization-dogroupid)
-- [DeliveryOptimization/DOGroupIdSource](#deliveryoptimization-dogroupidsource)
-- [DeliveryOptimization/DOMaxCacheAge](#deliveryoptimization-domaxcacheage)
-- [DeliveryOptimization/DOMaxCacheSize](#deliveryoptimization-domaxcachesize)
-- [DeliveryOptimization/DOMaxDownloadBandwidth](#deliveryoptimization-domaxdownloadbandwidth)
-- [DeliveryOptimization/DOMaxUploadBandwidth](#deliveryoptimization-domaxuploadbandwidth)
-- [DeliveryOptimization/DOMinBackgroundQos](#deliveryoptimization-dominbackgroundqos)
-- [DeliveryOptimization/DOMinBatteryPercentageAllowedToUpload](#deliveryoptimization-dominbatterypercentageallowedtoupload)
-- [DeliveryOptimization/DOMinDiskSizeAllowedToPeer](#deliveryoptimization-domindisksizeallowedtopeer)
-- [DeliveryOptimization/DOMinFileSizeToCache](#deliveryoptimization-dominfilesizetocache)
-- [DeliveryOptimization/DOMinRAMAllowedToPeer](#deliveryoptimization-dominramallowedtopeer)
-- [DeliveryOptimization/DOModifyCacheDrive](#deliveryoptimization-domodifycachedrive)
-- [DeliveryOptimization/DOMonthlyUploadDataCap](#deliveryoptimization-domonthlyuploaddatacap)
-- [DeliveryOptimization/DOPercentageMaxBackgroundBandwidth](#deliveryoptimization-dopercentagemaxbackgroundbandwidth)
-- [DeliveryOptimization/DOPercentageMaxDownloadBandwidth](#deliveryoptimization-dopercentagemaxdownloadbandwidth)
-- [DeliveryOptimization/DOPercentageMaxForegroundBandwidth](#deliveryoptimization-dopercentagemaxforegroundbandwidth)
-- [DeliveryOptimization/DORestrictPeerSelectionBy](#deliveryoptimization-dorestrictpeerselectionby)
-- [DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth](#deliveryoptimization-dosethourstolimitbackgrounddownloadbandwidth)
-- [DeliveryOptimization/DOSetHoursToLimitForegroundDownloadBandwidth](#deliveryoptimization-dosethourstolimitforegrounddownloadbandwidth)
-
-
-
-
-## DeliveryOptimization policies supported by Microsoft Surface Hub
-
-- [DeliveryOptimization/DOAbsoluteMaxCacheSize](#deliveryoptimization-doabsolutemaxcachesize)
-- [DeliveryOptimization/DOAllowVPNPeerCaching](#deliveryoptimization-doallowvpnpeercaching)
-- [DeliveryOptimization/DODownloadMode](#deliveryoptimization-dodownloadmode)
-- [DeliveryOptimization/DOGroupId](#deliveryoptimization-dogroupid)
-- [DeliveryOptimization/DOMaxCacheAge](#deliveryoptimization-domaxcacheage)
-- [DeliveryOptimization/DOMaxCacheSize](#deliveryoptimization-domaxcachesize)
-- [DeliveryOptimization/DOMaxDownloadBandwidth](#deliveryoptimization-domaxdownloadbandwidth)
-- [DeliveryOptimization/DOMaxUploadBandwidth](#deliveryoptimization-domaxuploadbandwidth)
-- [DeliveryOptimization/DOMinBackgroundQos](#deliveryoptimization-dominbackgroundqos)
-- [DeliveryOptimization/DOMinDiskSizeAllowedToPeer](#deliveryoptimization-domindisksizeallowedtopeer)
-- [DeliveryOptimization/DOMinFileSizeToCache](#deliveryoptimization-dominfilesizetocache)
-- [DeliveryOptimization/DOMinRAMAllowedToPeer](#deliveryoptimization-dominramallowedtopeer)
-- [DeliveryOptimization/DOModifyCacheDrive](#deliveryoptimization-domodifycachedrive)
-- [DeliveryOptimization/DOMonthlyUploadDataCap](#deliveryoptimization-domonthlyuploaddatacap)
-- [DeliveryOptimization/DOPercentageMaxDownloadBandwidth](#deliveryoptimization-dopercentagemaxdownloadbandwidth)
-
-
Footnotes:
@@ -1806,3 +1711,5 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
+
diff --git a/windows/client-management/mdm/policy-csp-desktop.md b/windows/client-management/mdm/policy-csp-desktop.md
index ebe8a9efb2..4d1a10abe5 100644
--- a/windows/client-management/mdm/policy-csp-desktop.md
+++ b/windows/client-management/mdm/policy-csp-desktop.md
@@ -90,18 +90,13 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
-
-
-
-## Desktop policies supported by Microsoft Surface Hub
-
-- [Desktop/PreventUserRedirectionOfProfileFolders](#desktop-preventuserredirectionofprofilefolders)
-
-
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-deviceguard.md b/windows/client-management/mdm/policy-csp-deviceguard.md
index 44a9b306d9..c06a4e40e9 100644
--- a/windows/client-management/mdm/policy-csp-deviceguard.md
+++ b/windows/client-management/mdm/policy-csp-deviceguard.md
@@ -285,14 +285,14 @@ The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in the next major release of Windows 10.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-devicehealthmonitoring.md b/windows/client-management/mdm/policy-csp-devicehealthmonitoring.md
index c945a7c66c..786c883fe0 100644
--- a/windows/client-management/mdm/policy-csp-devicehealthmonitoring.md
+++ b/windows/client-management/mdm/policy-csp-devicehealthmonitoring.md
@@ -199,26 +199,6 @@ In most cases, an IT Pro does not need to define this policy. Instead, it is exp
-
-
-
-
-## DeviceHealthMonitoring policies supported by IoT Core
-
-- [DeviceHealthMonitoring/AllowDeviceHealthMonitoring](#devicehealthmonitoring-allowdevicehealthmonitoring)
-- [DeviceHealthMonitoring/ConfigDeviceHealthMonitoringScope](#devicehealthmonitoring-configdevicehealthmonitoringscope)
-- [DeviceHealthMonitoring/ConfigDeviceHealthMonitoringUploadDestination](#devicehealthmonitoring-configdevicehealthmonitoringuploaddestination)
-
-
-
-## DeviceHealthMonitoring policies supported by IoT Enterprise
-
-- [DeviceHealthMonitoring/AllowDeviceHealthMonitoring](#devicehealthmonitoring-allowdevicehealthmonitoring)
-- [DeviceHealthMonitoring/ConfigDeviceHealthMonitoringScope](#devicehealthmonitoring-configdevicehealthmonitoringscope)
-- [DeviceHealthMonitoring/ConfigDeviceHealthMonitoringUploadDestination](#devicehealthmonitoring-configdevicehealthmonitoringuploaddestination)
-
-
-
Footnotes:
- 1 - Added in Windows 10, version 1607.
@@ -226,4 +206,6 @@ Footnotes:
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in Windows 10, version 1903.
\ No newline at end of file
+- 6 - Added in Windows 10, version 1903.
+
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-deviceinstallation.md b/windows/client-management/mdm/policy-csp-deviceinstallation.md
index 192db804ab..d83435f182 100644
--- a/windows/client-management/mdm/policy-csp-deviceinstallation.md
+++ b/windows/client-management/mdm/policy-csp-deviceinstallation.md
@@ -861,7 +861,7 @@ To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see i
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
diff --git a/windows/client-management/mdm/policy-csp-devicelock.md b/windows/client-management/mdm/policy-csp-devicelock.md
index 1682e10bd8..dd583b02dc 100644
--- a/windows/client-management/mdm/policy-csp-devicelock.md
+++ b/windows/client-management/mdm/policy-csp-devicelock.md
@@ -1207,54 +1207,6 @@ Most restricted value is 0.
-
-
-
-
-## DeviceLock policies supported by HoloLens 2
-
-- [DeviceLock/AllowIdleReturnWithoutPassword](#devicelock-allowidlereturnwithoutpassword)
-- [DeviceLock/AllowSimpleDevicePassword](#devicelock-allowsimpledevicepassword)
-- [DeviceLock/AlphanumericDevicePasswordRequired](#devicelock-alphanumericdevicepasswordrequired)
-- [DeviceLock/DevicePasswordEnabled](#devicelock-devicepasswordenabled)
-- [DeviceLock/DevicePasswordExpiration](#devicelock-devicepasswordexpiration)
-- [DeviceLock/DevicePasswordHistory](#devicelock-devicepasswordhistory)
-- [DeviceLock/MaxDevicePasswordFailedAttempts](#devicelock-maxdevicepasswordfailedattempts)
-- [DeviceLock/MaxInactivityTimeDeviceLock](#devicelock-maxinactivitytimedevicelock)
-- [DeviceLock/MinDevicePasswordComplexCharacters](#devicelock-mindevicepasswordcomplexcharacters)
-- [DeviceLock/MinDevicePasswordLength](#devicelock-mindevicepasswordlength)
-
-
-
-
-## DeviceLock policies supported by HoloLens (1st gen) Commercial Suite
-
-- [DeviceLock/AllowIdleReturnWithoutPassword](#devicelock-allowidlereturnwithoutpassword)
-- [DeviceLock/AllowSimpleDevicePassword](#devicelock-allowsimpledevicepassword)
-- [DeviceLock/AlphanumericDevicePasswordRequired](#devicelock-alphanumericdevicepasswordrequired)
-- [DeviceLock/DevicePasswordEnabled](#devicelock-devicepasswordenabled)
-- [DeviceLock/DevicePasswordHistory](#devicelock-devicepasswordhistory)
-- [DeviceLock/MaxDevicePasswordFailedAttempts](#devicelock-maxdevicepasswordfailedattempts)
-- [DeviceLock/MaxInactivityTimeDeviceLock](#devicelock-maxinactivitytimedevicelock)
-- [DeviceLock/MinDevicePasswordComplexCharacters](#devicelock-mindevicepasswordcomplexcharacters)
-- [DeviceLock/MinDevicePasswordLength](#devicelock-mindevicepasswordlength)
-
-
-
-## DeviceLock policies supported by HoloLens (1st gen) Development Edition
-
-- [DeviceLock/AllowIdleReturnWithoutPassword](#devicelock-allowidlereturnwithoutpassword)
-- [DeviceLock/AllowSimpleDevicePassword](#devicelock-allowsimpledevicepassword)
-- [DeviceLock/AlphanumericDevicePasswordRequired](#devicelock-alphanumericdevicepasswordrequired)
-- [DeviceLock/DevicePasswordEnabled](#devicelock-devicepasswordenabled)
-- [DeviceLock/DevicePasswordHistory](#devicelock-devicepasswordhistory)
-- [DeviceLock/MaxDevicePasswordFailedAttempts](#devicelock-maxdevicepasswordfailedattempts)
-- [DeviceLock/MaxInactivityTimeDeviceLock](#devicelock-maxinactivitytimedevicelock)
-- [DeviceLock/MinDevicePasswordComplexCharacters](#devicelock-mindevicepasswordcomplexcharacters)
-- [DeviceLock/MinDevicePasswordLength](#devicelock-mindevicepasswordlength)
-
-
-
Footnotes:
@@ -1265,3 +1217,5 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-display.md b/windows/client-management/mdm/policy-csp-display.md
index e6bdb26828..1bda716377 100644
--- a/windows/client-management/mdm/policy-csp-display.md
+++ b/windows/client-management/mdm/policy-csp-display.md
@@ -349,12 +349,14 @@ To validate on Desktop, do the following:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-dmaguard.md b/windows/client-management/mdm/policy-csp-dmaguard.md
index 84edbd082b..da361d9226 100644
--- a/windows/client-management/mdm/policy-csp-dmaguard.md
+++ b/windows/client-management/mdm/policy-csp-dmaguard.md
@@ -105,14 +105,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in the next major release of Windows 10.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-education.md b/windows/client-management/mdm/policy-csp-education.md
index 75f755f4fb..40a7ae35c2 100644
--- a/windows/client-management/mdm/policy-csp-education.md
+++ b/windows/client-management/mdm/policy-csp-education.md
@@ -6,14 +6,15 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
-ms.date: 03/12/2018
+ms.date: 09/23/2019
ms.reviewer:
manager: dansimp
---
# Policy CSP - Education
-
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
@@ -21,6 +22,9 @@ manager: dansimp
## Education policies
+ -
+ Education/AllowGraphingCalculator
+
-
Education/DefaultPrinterName
@@ -32,6 +36,60 @@ manager: dansimp
+
+
+
+**Education/AllowGraphingCalculator**
+
+
+
+
+ | Home |
+ Pro |
+ Business |
+ Enterprise |
+ Education |
+ Mobile |
+ Mobile Enterprise |
+
+
+  |
+ |
+ |
+ |
+ |
+  |
+ |
+
+
+
+
+
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+
+
+
+
+Added in next major release of Windows 10. This policy setting allows you to control whether graphing functionality is available in the Windows Calculator app. If you disable this policy setting, graphing functionality will not be accessible in the Windows Calculator app. If you enable or don't configure this policy setting, you will be able to access graphing functionality.
+
+
+ADMX Info:
+- GP English name: *Allow Graphing Calculator*
+- GP name: *AllowGraphingCalculator*
+- GP path: *Windows Components/Calculator*
+- GP ADMX file name: *Programs.admx*
+
+
+
+The following list shows the supported values:
+- 0 - Disabled
+- 1 (default) - Enabled
+
+
@@ -176,18 +234,21 @@ The following list shows the supported values:
Added in Windows 10, version 1709. Allows IT Admins to automatically provision printers based on their names (network host names).
-The policy value is expected to be a `````` seperated list of printer names. The OS will attempt to search and install the matching printer driver for each listed printer.
+The policy value is expected to be a `````` separated list of printer names. The OS will attempt to search and install the matching printer driver for each listed printer.
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
+- 7 - Added in next major release of Windows 10.
diff --git a/windows/client-management/mdm/policy-csp-enterprisecloudprint.md b/windows/client-management/mdm/policy-csp-enterprisecloudprint.md
index 606cfc2ceb..255d2c5715 100644
--- a/windows/client-management/mdm/policy-csp-enterprisecloudprint.md
+++ b/windows/client-management/mdm/policy-csp-enterprisecloudprint.md
@@ -325,12 +325,14 @@ The default value is an empty string. Otherwise, the value should contain a URL.
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-errorreporting.md b/windows/client-management/mdm/policy-csp-errorreporting.md
index d498c385d6..c1dd1a8584 100644
--- a/windows/client-management/mdm/policy-csp-errorreporting.md
+++ b/windows/client-management/mdm/policy-csp-errorreporting.md
@@ -364,12 +364,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-eventlogservice.md b/windows/client-management/mdm/policy-csp-eventlogservice.md
index a12bf88937..c12aeb4299 100644
--- a/windows/client-management/mdm/policy-csp-eventlogservice.md
+++ b/windows/client-management/mdm/policy-csp-eventlogservice.md
@@ -287,12 +287,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-experience.md b/windows/client-management/mdm/policy-csp-experience.md
index 7e61e7696e..f3f3c0854d 100644
--- a/windows/client-management/mdm/policy-csp-experience.md
+++ b/windows/client-management/mdm/policy-csp-experience.md
@@ -1639,28 +1639,6 @@ Supported values:
-
-
-
-
-## Experience policies supported by HoloLens 2
-
-- [Experience/AllowCortana](#experience-allowcortana)
-- [Experience/AllowManualMDMUnenrollment](#experience-allowmanualmdmunenrollment)
-
-
-
-## Experience policies supported by HoloLens (1st gen) Commercial Suite
-
-- [Experience/AllowCortana](#experience-allowcortana)
-
-
-
-## Experience policies supported by HoloLens (1st gen) Development Edition
-
-- [Experience/AllowCortana](#experience-allowcortana)
-
-
Footnotes:
@@ -1671,3 +1649,4 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
diff --git a/windows/client-management/mdm/policy-csp-exploitguard.md b/windows/client-management/mdm/policy-csp-exploitguard.md
index b1150dc1b9..bd99331c3a 100644
--- a/windows/client-management/mdm/policy-csp-exploitguard.md
+++ b/windows/client-management/mdm/policy-csp-exploitguard.md
@@ -109,12 +109,14 @@ Here is an example:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-fileexplorer.md b/windows/client-management/mdm/policy-csp-fileexplorer.md
index f2666b4442..20df4e5b6a 100644
--- a/windows/client-management/mdm/policy-csp-fileexplorer.md
+++ b/windows/client-management/mdm/policy-csp-fileexplorer.md
@@ -146,12 +146,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-games.md b/windows/client-management/mdm/policy-csp-games.md
index 750f00f237..7160e21904 100644
--- a/windows/client-management/mdm/policy-csp-games.md
+++ b/windows/client-management/mdm/policy-csp-games.md
@@ -78,12 +78,14 @@ The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-handwriting.md b/windows/client-management/mdm/policy-csp-handwriting.md
index 12cb543539..752f2010f7 100644
--- a/windows/client-management/mdm/policy-csp-handwriting.md
+++ b/windows/client-management/mdm/policy-csp-handwriting.md
@@ -92,12 +92,14 @@ The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-internetexplorer.md b/windows/client-management/mdm/policy-csp-internetexplorer.md
index c39e01b943..e77d5a4eb3 100644
--- a/windows/client-management/mdm/policy-csp-internetexplorer.md
+++ b/windows/client-management/mdm/policy-csp-internetexplorer.md
@@ -17427,38 +17427,6 @@ ADMX Info:
-
-
-
-
-
-
-
-
-
-
-
-
-## InternetExplorer policies supported by IoT Core
-
-- [InternetExplorer/DisableActiveXVersionListAutoDownload](#internetexplorer-disableactivexversionlistautodownload)
-- [InternetExplorer/DisableCompatView](#internetexplorer-disablecompatview)
-- [InternetExplorer/DisableGeolocation](#internetexplorer-disablegeolocation)
-
-
-
-## InternetExplorer policies supported by IoT Enterprise
-
-- [InternetExplorer/AllowEnhancedSuggestionsInAddressBar](#internetexplorer-allowenhancedsuggestionsinaddressbar)
-- [InternetExplorer/DisableActiveXVersionListAutoDownload](#internetexplorer-disableactivexversionlistautodownload)
-- [InternetExplorer/DisableCompatView](#internetexplorer-disablecompatview)
-- [InternetExplorer/DisableFeedsBackgroundSync](#internetexplorer-disablefeedsbackgroundsync)
-- [InternetExplorer/DisableGeolocation](#internetexplorer-disablegeolocation)
-- [InternetExplorer/DisableWebAddressAutoComplete](#internetexplorer-disablewebaddressautocomplete)
-- [InternetExplorer/NewTabDefaultPage](#internetexplorer-newtabdefaultpage)
-
-
-
Footnotes:
@@ -17469,3 +17437,7 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
+
+
+
diff --git a/windows/client-management/mdm/policy-csp-kerberos.md b/windows/client-management/mdm/policy-csp-kerberos.md
index 2df8f06e1a..58ad5ba29e 100644
--- a/windows/client-management/mdm/policy-csp-kerberos.md
+++ b/windows/client-management/mdm/policy-csp-kerberos.md
@@ -416,14 +416,14 @@ Devices joined to Azure Active Directory in a hybrid environment need to interac
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in the next major release of Windows 10.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-kioskbrowser.md b/windows/client-management/mdm/policy-csp-kioskbrowser.md
index 99fb4e9a1b..347736e526 100644
--- a/windows/client-management/mdm/policy-csp-kioskbrowser.md
+++ b/windows/client-management/mdm/policy-csp-kioskbrowser.md
@@ -15,7 +15,7 @@ manager: dansimp
-These policies currently only apply to Kiosk Browser app. Kiosk Browser is a Microsoft Store app, added in Windows 10 version 1803, that provides IT a way to customize the end user’s browsing experience to fulfill kiosk, signage, and shared device scenarios. Application developers can also create their own kiosk browser and read these policies using [NamedPolicy.GetPolicyFromPath(String, String) Method](https://docs.microsoft.com/uwp/api/windows.management.policies.namedpolicy.getpolicyfrompath#Windows_Management_Policies_NamedPolicy_GetPolicyFromPath_System_String_System_String_).
+These policies currently only apply to Kiosk Browser app. Kiosk Browser is a Microsoft Store app, added in Windows 10 version 1803, that provides IT a way to customize the end user's browsing experience to fulfill kiosk, signage, and shared device scenarios. Application developers can also create their own kiosk browser and read these policies using [NamedPolicy.GetPolicyFromPath(String, String) Method](https://docs.microsoft.com/uwp/api/windows.management.policies.namedpolicy.getpolicyfrompath#Windows_Management_Policies_NamedPolicy_GetPolicyFromPath_System_String_System_String_).
@@ -224,7 +224,7 @@ Added in Windows 10, version 1803. Configures the default URL kiosk browsers to
-Shows the Kiosk Browser's end session button. When the policy is enabled, the Kiosk Browser app shows a button to reset the browser. When the user clicks on the button, the app will prompt the user for confirmation to end the session. When the user confirms, the Kiosk broswser will clear all browsing data (cache, cookies, etc.) and navigate back to the default URL.
+Shows the Kiosk Browser's end session button. When the policy is enabled, the Kiosk Browser app shows a button to reset the browser. When the user clicks on the button, the app will prompt the user for confirmation to end the session. When the user confirms, the Kiosk browser will clear all browsing data (cache, cookies, etc.) and navigate back to the default URL.
@@ -370,12 +370,14 @@ The value is an int 1-1440 that specifies the amount of minutes the session is i
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-lanmanworkstation.md b/windows/client-management/mdm/policy-csp-lanmanworkstation.md
index d185745718..28ed33797b 100644
--- a/windows/client-management/mdm/policy-csp-lanmanworkstation.md
+++ b/windows/client-management/mdm/policy-csp-lanmanworkstation.md
@@ -88,12 +88,14 @@ This setting supports a range of values between 0 and 1.
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-licensing.md b/windows/client-management/mdm/policy-csp-licensing.md
index 4c7c69815e..c933be9fb3 100644
--- a/windows/client-management/mdm/policy-csp-licensing.md
+++ b/windows/client-management/mdm/policy-csp-licensing.md
@@ -147,12 +147,14 @@ The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
index ec391230a3..74c59adcec 100644
--- a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
+++ b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
@@ -3460,14 +3460,14 @@ The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in the next major release of Windows 10.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-lockdown.md b/windows/client-management/mdm/policy-csp-lockdown.md
index 0f90b19790..960dbecada 100644
--- a/windows/client-management/mdm/policy-csp-lockdown.md
+++ b/windows/client-management/mdm/policy-csp-lockdown.md
@@ -65,7 +65,7 @@ manager: dansimp
-Added in Windows 10, version 1607. Allows the user to invoke any system user interface by swiping in from any screen edge using touch.
+Added in Windows 10, version 1607. Allows the user to invoke any system user interface by swiping in from any screen edge using touch.
The easiest way to verify the policy is to restart the explorer process or to reboot after the policy is applied. And then try to swipe from the right edge of the screen. The desired result is for Action Center to not be invoked by the swipe. You can also enter tablet mode and attempt to swipe from the top of the screen to rearrange. That will also be disabled.
@@ -88,12 +88,14 @@ The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-maps.md b/windows/client-management/mdm/policy-csp-maps.md
index 1028e204b8..7cb5bf15bc 100644
--- a/windows/client-management/mdm/policy-csp-maps.md
+++ b/windows/client-management/mdm/policy-csp-maps.md
@@ -145,12 +145,14 @@ The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-messaging.md b/windows/client-management/mdm/policy-csp-messaging.md
index b2efd6a840..745d653627 100644
--- a/windows/client-management/mdm/policy-csp-messaging.md
+++ b/windows/client-management/mdm/policy-csp-messaging.md
@@ -198,12 +198,14 @@ The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-mssecurityguide.md b/windows/client-management/mdm/policy-csp-mssecurityguide.md
index 4e53332f72..acea48e305 100644
--- a/windows/client-management/mdm/policy-csp-mssecurityguide.md
+++ b/windows/client-management/mdm/policy-csp-mssecurityguide.md
@@ -372,12 +372,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-msslegacy.md b/windows/client-management/mdm/policy-csp-msslegacy.md
index 722b58c97c..ec20518e9d 100644
--- a/windows/client-management/mdm/policy-csp-msslegacy.md
+++ b/windows/client-management/mdm/policy-csp-msslegacy.md
@@ -256,12 +256,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-networkisolation.md b/windows/client-management/mdm/policy-csp-networkisolation.md
index 9404b184fc..aac7ebd8b6 100644
--- a/windows/client-management/mdm/policy-csp-networkisolation.md
+++ b/windows/client-management/mdm/policy-csp-networkisolation.md
@@ -477,12 +477,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-notifications.md b/windows/client-management/mdm/policy-csp-notifications.md
index 1624dfe21f..638cc7018d 100644
--- a/windows/client-management/mdm/policy-csp-notifications.md
+++ b/windows/client-management/mdm/policy-csp-notifications.md
@@ -237,12 +237,14 @@ Validation:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-power.md b/windows/client-management/mdm/policy-csp-power.md
index 643ff5cea3..5b5da040da 100644
--- a/windows/client-management/mdm/policy-csp-power.md
+++ b/windows/client-management/mdm/policy-csp-power.md
@@ -1561,8 +1561,6 @@ Default value for unattended sleep timeout (plugged in):
-
-
Footnotes:
@@ -1573,3 +1571,6 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
+
+
diff --git a/windows/client-management/mdm/policy-csp-printers.md b/windows/client-management/mdm/policy-csp-printers.md
index 16470df06b..7220444c6a 100644
--- a/windows/client-management/mdm/policy-csp-printers.md
+++ b/windows/client-management/mdm/policy-csp-printers.md
@@ -261,12 +261,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-privacy.md b/windows/client-management/mdm/policy-csp-privacy.md
index 65dea5a83d..bd4b7bcb8f 100644
--- a/windows/client-management/mdm/policy-csp-privacy.md
+++ b/windows/client-management/mdm/policy-csp-privacy.md
@@ -922,11 +922,11 @@ Value type is integer.
ADMX Info:
-- GP English name: Let Windows apps access background spatial perception
-- GP name: LetAppsAccessBackgroundSpatialPerception
-- GP element: LetAppsAccessBackgroundSpatialPerception_Enum
-- GP path: Windows Components/App Privacy
-- GP ADMX file name: AppPrivacy.admx
+- GP English name: *Let Windows apps access background spatial perception*
+- GP name: *LetAppsAccessBackgroundSpatialPerception*
+- GP element: *LetAppsAccessBackgroundSpatialPerception_Enum*
+- GP path: *Windows Components/App Privacy*
+- GP ADMX file name: *AppPrivacy.admx*
@@ -989,11 +989,11 @@ Value type is chr.
ADMX Info:
-- GP English name: Let Windows apps access background spatial perception
-- GP name: LetAppsAccessBackgroundSpatialPerception
-- GP element: LetAppsAccessBackgroundSpatialPerception_ForceAllowTheseApps_List
-- GP path: Windows Components/App Privacy
-- GP ADMX file name: AppPrivacy.admx
+- GP English name: *Let Windows apps access background spatial perception*
+- GP name: *LetAppsAccessBackgroundSpatialPerception*
+- GP element: *LetAppsAccessBackgroundSpatialPerception_ForceAllowTheseApps_List*
+- GP path: *Windows Components/App Privacy*
+- GP ADMX file name: *AppPrivacy.admx*
@@ -1051,11 +1051,11 @@ Value type is chr.
ADMX Info:
-- GP English name: Let Windows apps access background spatial perception
-- GP name: LetAppsAccessBackgroundSpatialPerception
-- GP element: LetAppsAccessBackgroundSpatialPerception_ForceDenyTheseApps_List
-- GP path: Windows Components/App Privacy
-- GP ADMX file name: AppPrivacy.admx
+- GP English name: *Let Windows apps access background spatial perception*
+- GP name: *LetAppsAccessBackgroundSpatialPerception*
+- GP element: *LetAppsAccessBackgroundSpatialPerception_ForceDenyTheseApps_List*
+- GP path: *Windows Components/App Privacy*
+- GP ADMX file name: *AppPrivacy.admx*
@@ -1116,11 +1116,11 @@ Value type is chr.
ADMX Info:
-- GP English name: Let Windows apps access background spatial perception
-- GP name: LetAppsAccessBackgroundSpatialPerception
-- GP element: LetAppsAccessBackgroundSpatialPerception_UserInControlOfTheseApps_List
-- GP path: Windows Components/App Privacy
-- GP ADMX file name: AppPrivacy.admx
+- GP English name: *Let Windows apps access background spatial perception*
+- GP name: *LetAppsAccessBackgroundSpatialPerception*
+- GP element: *LetAppsAccessBackgroundSpatialPerception_UserInControlOfTheseApps_List*
+- GP path: *Windows Components/App Privacy*
+- GP ADMX file name: *AppPrivacy.admx*
@@ -5241,49 +5241,6 @@ ADMX Info:
-
-
-
-
-## Privacy policies supported by HoloLens 2
-
-- [Privacy/AllowInputPersonalization](#privacy-allowinputpersonalization)
-- [LetAppsAccessAccountInfo](#privacy-letappsaccessaccountinfo)
-- [LetAppsAccessAccountInfo_ForceAllowTheseApps](#privacy-letappsaccessaccountinfo-forceallowtheseapps)
-- [LetAppsAccessAccountInfo_ForceDenyTheseApps](#privacy-letappsaccessaccountinfo-forcedenytheseapps)
-- [LetAppsAccessAccountInfo_UserInControlOfTheseApps](#privacy-letappsaccessaccountinfo-userincontroloftheseapps)
-- [LetAppsAccessBackgroundSpatialPerception](#privacy-letappsaccessbackgroundspatialperception)
-- [LetAppsAccessBackgroundSpatialPerception_ForceAllowTheseApps](#privacy-letappsaccessbackgroundspatialperception-forceallowtheseapps)
-- [LetAppsAccessBackgroundSpatialPerception_ForceDenyTheseApps](#privacy-letappsaccessbackgroundspatialperception-forcedenytheseapps)
-- [LetAppsAccessBackgroundSpatialPerception_UserInControlOfTheseApps](#privacy-letappsaccessbackgroundspatialperception-userincontroloftheseapps)
-- [Privacy/LetAppsAccessCamera](#privacy-letappsaccesscamera)
-- [Privacy/LetAppsAccessLocation](#privacy-letappsaccesslocation)
-- [Privacy/LetAppsAccessMicrophone](#privacy-letappsaccessmicrophone)
-
-
-
-## Privacy policies supported by HoloLens (1st gen) Commercial Suite
-
-- [Privacy/AllowInputPersonalization](#privacy-allowinputpersonalization)
-
-
-
-## Privacy policies supported by HoloLens (1st gen) Development Edition
-
-- [Privacy/AllowInputPersonalization](#privacy-allowinputpersonalization)
-
-
-## Privacy policies supported by Windows 10 IoT Core
-- [Privacy/LetAppsActivateWithVoice](#privacy-letappsactivatewithvoice)
-- [Privacy/LetAppsActivateWithVoiceAboveLock](#privacy-letappsactivatewithvoiceabovelock)
-
-
-
-## Privacy policies supported by Windows 10 IoT Enterprise
-- [Privacy/LetAppsActivateWithVoice](#privacy-letappsactivatewithvoice)
-- [Privacy/LetAppsActivateWithVoiceAboveLock](#privacy-letappsactivatewithvoiceabovelock)
-
-
Footnotes:
@@ -5294,3 +5251,5 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
+
diff --git a/windows/client-management/mdm/policy-csp-remoteassistance.md b/windows/client-management/mdm/policy-csp-remoteassistance.md
index 338d517c12..c6e88e8bc0 100644
--- a/windows/client-management/mdm/policy-csp-remoteassistance.md
+++ b/windows/client-management/mdm/policy-csp-remoteassistance.md
@@ -336,12 +336,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-remotedesktopservices.md b/windows/client-management/mdm/policy-csp-remotedesktopservices.md
index c9c9ba51bf..3f901d522c 100644
--- a/windows/client-management/mdm/policy-csp-remotedesktopservices.md
+++ b/windows/client-management/mdm/policy-csp-remotedesktopservices.md
@@ -447,12 +447,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-remotemanagement.md b/windows/client-management/mdm/policy-csp-remotemanagement.md
index f176045650..8d76918842 100644
--- a/windows/client-management/mdm/policy-csp-remotemanagement.md
+++ b/windows/client-management/mdm/policy-csp-remotemanagement.md
@@ -1029,12 +1029,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-remoteprocedurecall.md b/windows/client-management/mdm/policy-csp-remoteprocedurecall.md
index ade921ae21..48ec861646 100644
--- a/windows/client-management/mdm/policy-csp-remoteprocedurecall.md
+++ b/windows/client-management/mdm/policy-csp-remoteprocedurecall.md
@@ -171,12 +171,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-remoteshell.md b/windows/client-management/mdm/policy-csp-remoteshell.md
index 21cfd117d2..6bf43c0535 100644
--- a/windows/client-management/mdm/policy-csp-remoteshell.md
+++ b/windows/client-management/mdm/policy-csp-remoteshell.md
@@ -484,12 +484,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-restrictedgroups.md b/windows/client-management/mdm/policy-csp-restrictedgroups.md
index 2ee10fa612..0ca2dc4914 100644
--- a/windows/client-management/mdm/policy-csp-restrictedgroups.md
+++ b/windows/client-management/mdm/policy-csp-restrictedgroups.md
@@ -52,12 +52,6 @@ manager: dansimp
|
-Footnote:
-
-- 1 - Added in Windows 10, version 1607.
-- 2 - Added in Windows 10, version 1703.
-- 3 - Added in Windows 10, version 1709.
-- 4 - Added in Windows 10, version 1803.
@@ -132,15 +126,23 @@ Here is an example:
```
+
+> [!Note]
+> * You should include the local administrator while modifying the administrators group to prevent accidental loss of access
+> * Include the entire UPN after AzureAD
+Footnotes:
-Take note:
-* You should include the local administrator while modifying the administrators group to prevent accidental loss of access
-* Include the entire UPN after AzureAD
-
+- 1 - Added in Windows 10, version 1607.
+- 2 - Added in Windows 10, version 1703.
+- 3 - Added in Windows 10, version 1709.
+- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-search.md b/windows/client-management/mdm/policy-csp-search.md
index f551f810e3..d1b35bda00 100644
--- a/windows/client-management/mdm/policy-csp-search.md
+++ b/windows/client-management/mdm/policy-csp-search.md
@@ -918,27 +918,6 @@ The following list shows the supported values:
-
-
-
-
-##
Search policies supported by HoloLens 2
-
-- [Search/AllowSearchToUseLocation](#search-allowsearchtouselocation)
-
-
-
-##
Search policies supported by HoloLens (1st gen) Commercial Suite
-
-- [Search/AllowSearchToUseLocation](#search-allowsearchtouselocation)
-
-
-
-##
Search policies supported by HoloLens (1st gen) Development Edition
-
-- [Search/AllowSearchToUseLocation](#search-allowsearchtouselocation)
-
-
Footnotes:
@@ -949,3 +928,5 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-security.md b/windows/client-management/mdm/policy-csp-security.md
index 22bddbe478..5018d1a105 100644
--- a/windows/client-management/mdm/policy-csp-security.md
+++ b/windows/client-management/mdm/policy-csp-security.md
@@ -741,27 +741,6 @@ The following list shows the supported values:
-
-
-
-
-##
Security policies supported by HoloLens 2
-
-- [Security/RequireDeviceEncryption](#security-requiredeviceencryption)
-
-
-
-##
Security policies supported by HoloLens (1st gen) Commercial Suite
-
-- [Security/RequireDeviceEncryption](#security-requiredeviceencryption)
-
-
-
-##
Security policies supported by HoloLens (1st gen) Development Edition
-
-- [Security/RequireDeviceEncryption](#security-requiredeviceencryption)
-
-
Footnotes:
@@ -772,3 +751,4 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-servicecontrolmanager.md b/windows/client-management/mdm/policy-csp-servicecontrolmanager.md
index 9ce3ab68b9..43f3e09bab 100644
--- a/windows/client-management/mdm/policy-csp-servicecontrolmanager.md
+++ b/windows/client-management/mdm/policy-csp-servicecontrolmanager.md
@@ -1,7 +1,7 @@
---
title: Policy CSP - ServiceControlManager
description: Policy CSP - ServiceControlManager
-ms.author: Heidi.Lohr
+ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
@@ -97,9 +97,6 @@ Supported values:
-
-
-
Footnotes:
@@ -109,4 +106,6 @@ Footnotes:
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in Windows 10, version 1903.
\ No newline at end of file
+- 6 - Added in Windows 10, version 1903.
+
+
diff --git a/windows/client-management/mdm/policy-csp-settings.md b/windows/client-management/mdm/policy-csp-settings.md
index e2a1e35daf..bfd4bd4760 100644
--- a/windows/client-management/mdm/policy-csp-settings.md
+++ b/windows/client-management/mdm/policy-csp-settings.md
@@ -841,30 +841,6 @@ To validate on Desktop, do the following:
-
-
-
-
-##
Settings policies supported by HoloLens 2
-
-- [Settings/AllowDateTime](#settings-allowdatetime)
-- [Settings/AllowVPN](#settings-allowvpn)
-
-
-
-##
Settings policies supported by HoloLens (1st gen) Commercial Suite
-
-- [Settings/AllowDateTime](#settings-allowdatetime)
-- [Settings/AllowVPN](#settings-allowvpn)
-
-
-
-##
Settings policies supported by HoloLens (1st gen) Development Edition
-
-- [Settings/AllowDateTime](#settings-allowdatetime)
-- [Settings/AllowVPN](#settings-allowvpn)
-
-
Footnotes:
@@ -875,3 +851,4 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-smartscreen.md b/windows/client-management/mdm/policy-csp-smartscreen.md
index 333716f687..2ecdcf1777 100644
--- a/windows/client-management/mdm/policy-csp-smartscreen.md
+++ b/windows/client-management/mdm/policy-csp-smartscreen.md
@@ -212,12 +212,14 @@ The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-speech.md b/windows/client-management/mdm/policy-csp-speech.md
index 0f385479cb..1897316311 100644
--- a/windows/client-management/mdm/policy-csp-speech.md
+++ b/windows/client-management/mdm/policy-csp-speech.md
@@ -84,27 +84,6 @@ The following list shows the supported values:
-
-
-
-
-##
Speech policies supported by HoloLens 2
-
-- [Speech/AllowSpeechModelUpdate](#speech-allowspeechmodelupdate)
-
-
-
-##
Speech policies supported by HoloLens (1st gen) Commercial Suite
-
-- [Speech/AllowSpeechModelUpdate](#speech-allowspeechmodelupdate)
-
-
-
-##
Speech policies supported by HoloLens (1st gen) Development Edition
-
-- [Speech/AllowSpeechModelUpdate](#speech-allowspeechmodelupdate)
-
-
Footnotes:
@@ -115,3 +94,4 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-start.md b/windows/client-management/mdm/policy-csp-start.md
index 05e37d1dc9..5450d8dc1a 100644
--- a/windows/client-management/mdm/policy-csp-start.md
+++ b/windows/client-management/mdm/policy-csp-start.md
@@ -668,13 +668,7 @@ The following list shows the supported values:
Enabling this policy prevents context menus from being invoked in the Start Menu.
-
-The following list shows the supported values:
-- 0 (default) – False (Do not disable).
-- 1 - True (disable).
-
-
ADMX Info:
- GP English name: *Disable context menus in the Start Menu*
@@ -684,6 +678,10 @@ ADMX Info:
+The following list shows the supported values:
+
+- 0 (default) – False (Do not disable).
+- 1 - True (disable).
@@ -1100,13 +1098,7 @@ Added in Windows 10, version 1709. Enabling this policy removes the people icon
Value type is integer.
-
-The following list shows the supported values:
-- 0 (default) – False (do not hide).
-- 1 - True (hide).
-
-
ADMX Info:
- GP English name: *Remove the People Bar from the taskbar*
@@ -1115,6 +1107,13 @@ ADMX Info:
- GP ADMX file name: *StartMenu.admx*
+
+The following list shows the supported values:
+
+- 0 (default) – False (do not hide).
+- 1 - True (hide).
+
+
@@ -1856,14 +1855,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in the next major release of Windows 10.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-storage.md b/windows/client-management/mdm/policy-csp-storage.md
index 02d36e60d9..d6ed85073e 100644
--- a/windows/client-management/mdm/policy-csp-storage.md
+++ b/windows/client-management/mdm/policy-csp-storage.md
@@ -6,17 +6,13 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
-ms.date: 01/14/2019
+ms.date: 09/23/2019
ms.reviewer:
manager: dansimp
---
# Policy CSP - Storage
-> [!WARNING]
-> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
-
-
@@ -627,7 +623,10 @@ ADMX Info:
-If you enable this policy setting, write access is denied to this removable storage class. If you disable or do not configure this policy setting, write access is allowed to this removable storage class. Note: To require that users write data to BitLocker-protected storage, enable the policy setting "Deny write access to drives not protected by BitLocker," which is located in "Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives."
+If you enable this policy setting, write access is denied to this removable storage class. If you disable or do not configure this policy setting, write access is allowed to this removable storage class.
+
+> [!Note]
+> To require that users write data to BitLocker-protected storage, enable the policy setting "Deny write access to drives not protected by BitLocker," which is located in "Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives."
Supported values:
- 0 - Disable
@@ -647,25 +646,26 @@ ADMX Info:
+Example for setting the device custom OMA-URI setting to enable this policy:
+To deny write access to removable storage within Intune’s custom profile, set OMA-URI to ```.\[device|user]\vendor\msft\policy\[config|result]\Storage/RemovableDiskDenyWriteAccess```, Data type to Integer, and Value to 1.
+See [Use custom settings for Windows 10 devices in Intune](https://docs.microsoft.com/en-us/intune/custom-settings-windows-10) for information on how to create custom profiles.
-
-
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in the next major release of Windows 10.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-system.md b/windows/client-management/mdm/policy-csp-system.md
index 65f8aca2b1..233d029683 100644
--- a/windows/client-management/mdm/policy-csp-system.md
+++ b/windows/client-management/mdm/policy-csp-system.md
@@ -395,7 +395,7 @@ The following list shows the supported values:
- 0 – Disabled.
- 1 (default) – Permits Microsoft to configure device settings only.
-- 2 – Allows Microsoft to conduct full experimentations.
+- 2 – Allows Microsoft to conduct full experimentation.
@@ -532,9 +532,9 @@ ADMX Info:
The following list shows the supported values:
-- 0 – Force Location Off. All Location Privacy settings are toggled off and greyed out. Users cannot change the settings, and no apps are allowed access to the Location service, including Cortana and Search.
+- 0 – Force Location Off. All Location Privacy settings are toggled off and grayed out. Users cannot change the settings, and no apps are allowed access to the Location service, including Cortana and Search.
- 1 (default) – Location service is allowed. The user has control and can change Location Privacy settings on or off.
-- 2 – Force Location On. All Location Privacy settings are toggled on and greyed out. Users cannot change the settings and all consent permissions will be automatically suppressed.
+- 2 – Force Location On. All Location Privacy settings are toggled on and grayed out. Users cannot change the settings and all consent permissions will be automatically suppressed.
@@ -763,16 +763,14 @@ Specifies whether to allow the user to factory reset the device by using control
Most restricted value is 0.
-
> [!TIP]
> This policy is also applicable to Windows 10 and not exclusive to phone.
->
-> The following list shows the supported values:
-> orted values:
+
+
+The following list shows the supported values:
- 0 – Not allowed.
- 1 (default) – Allowed to reset to factory default settings.
-
@@ -1006,10 +1004,10 @@ This policy setting determines whether people can change their own telemetry lev
If you set this policy setting to "Disable Telemetry opt-in Settings", telemetry levels are disabled in Settings, preventing people from changing them.
-If you set this policy setting to "Enable Telemetry opt-in Setings" or don't configure this policy setting, people can change their own telemetry levels in Settings.
+If you set this policy setting to "Enable Telemetry opt-in Settings" or don't configure this policy setting, people can change their own telemetry levels in Settings.
-Note:
-Set the Allow Telemetry policy setting to prevent people from sending diagnostic data to Microsoft beyond your organization's limit.
+> [!Note]
+> Set the Allow Telemetry policy setting to prevent people from sending diagnostic data to Microsoft beyond your organization's limit.
@@ -1578,32 +1576,6 @@ The following list shows the supported values:
-
-
-
-
-##
System policies supported by HoloLens 2
-
-- [System/AllowCommercialDataPipeline](#system-allowcommercialdatapipeline)
-- [System/AllowLocation](#system-allowlocation)
-- [System/AllowStorageCard](#system-allowstoragecard)
-- [System/AllowTelemetry](#system-allowtelemetry)
-
-
-
-##
System policies supported by HoloLens (1st gen) Commercial Suite
-
-- [System/AllowLocation](#system-allowlocation)
-- [System/AllowTelemetry](#system-allowtelemetry)
-
-
-
-##
System policies supported by HoloLens (1st gen) Development Edition
-
-- [System/AllowLocation](#system-allowlocation)
-- [System/AllowTelemetry](#system-allowtelemetry)
-
-
Footnotes:
@@ -1614,3 +1586,5 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-systemservices.md b/windows/client-management/mdm/policy-csp-systemservices.md
index 1b98e5a487..94edf1165e 100644
--- a/windows/client-management/mdm/policy-csp-systemservices.md
+++ b/windows/client-management/mdm/policy-csp-systemservices.md
@@ -336,12 +336,14 @@ GP Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-taskmanager.md b/windows/client-management/mdm/policy-csp-taskmanager.md
index 1553b89d93..eab903e15a 100644
--- a/windows/client-management/mdm/policy-csp-taskmanager.md
+++ b/windows/client-management/mdm/policy-csp-taskmanager.md
@@ -89,14 +89,14 @@ When the policy is set to 0 - users CANNOT execute 'End task' on processes in Ta
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in the next major release of Windows 10.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-taskscheduler.md b/windows/client-management/mdm/policy-csp-taskscheduler.md
index ca2b448d50..c289a0638d 100644
--- a/windows/client-management/mdm/policy-csp-taskscheduler.md
+++ b/windows/client-management/mdm/policy-csp-taskscheduler.md
@@ -70,12 +70,14 @@ Added in Windows 10, version 1803. This setting determines whether the specific
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-textinput.md b/windows/client-management/mdm/policy-csp-textinput.md
index ce3e59ecc4..dd9948d56b 100644
--- a/windows/client-management/mdm/policy-csp-textinput.md
+++ b/windows/client-management/mdm/policy-csp-textinput.md
@@ -1330,30 +1330,13 @@ The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in the next major release of Windows 10.
-
-
-
-
-##
TextInput policies supported by Microsoft Surface Hub
-
-- [TextInput/AllowIMELogging](#textinput-allowimelogging)
-- [TextInput/AllowIMENetworkAccess](#textinput-allowimenetworkaccess)
-- [TextInput/AllowInputPanel](#textinput-allowinputpanel)
-- [TextInput/AllowJapaneseIMESurrogatePairCharacters](#textinput-allowjapaneseimesurrogatepaircharacters)
-- [TextInput/AllowJapaneseIVSCharacters](#textinput-allowjapaneseivscharacters)
-- [TextInput/AllowJapaneseNonPublishingStandardGlyph](#textinput-allowjapanesenonpublishingstandardglyph)
-- [TextInput/AllowJapaneseUserDictionary](#textinput-allowjapaneseuserdictionary)
-- [TextInput/AllowLanguageFeaturesUninstall](#textinput-allowlanguagefeaturesuninstall)
-- [TextInput/ExcludeJapaneseIMEExceptJIS0208](#textinput-excludejapaneseimeexceptjis0208)
-- [TextInput/ExcludeJapaneseIMEExceptJIS0208andEUDC](#textinput-excludejapaneseimeexceptjis0208andeudc)
-- [TextInput/ExcludeJapaneseIMEExceptShiftJIS](#textinput-excludejapaneseimeexceptshiftjis)
-
+- 6 - Added in Windows 10, version 1903.
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-timelanguagesettings.md b/windows/client-management/mdm/policy-csp-timelanguagesettings.md
index 5feefe04ae..025ea3bdfd 100644
--- a/windows/client-management/mdm/policy-csp-timelanguagesettings.md
+++ b/windows/client-management/mdm/policy-csp-timelanguagesettings.md
@@ -130,9 +130,6 @@ Specifies the time zone to be applied to the device. This is the standard Window
-
-
-
Footnotes:
@@ -142,4 +139,6 @@ Footnotes:
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in Windows 10, version 1903.
\ No newline at end of file
+- 6 - Added in Windows 10, version 1903.
+
+
diff --git a/windows/client-management/mdm/policy-csp-troubleshooting.md b/windows/client-management/mdm/policy-csp-troubleshooting.md
index ec68e060bc..6b1d56a0b6 100644
--- a/windows/client-management/mdm/policy-csp-troubleshooting.md
+++ b/windows/client-management/mdm/policy-csp-troubleshooting.md
@@ -1,7 +1,7 @@
---
title: Policy CSP - Troubleshooting
description: Policy CSP - Troubleshooting
-ms.author: maricia
+ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
@@ -113,10 +113,11 @@ By default, this policy is not configured and the SKU based defaults are used fo
-ADMX Info:
- GP English name:
Troubleshooting: Allow users to access recommended troubleshooting for known problems
-- GP name:
TroubleshootingAllowRecommendations
-- GP path:
Troubleshooting and Diagnostics/Microsoft Support Diagnostic Tool
-- GP ADMX file name:
MSDT.admx
+ADMX Info:
+- GP English name: *Troubleshooting: Allow users to access recommended troubleshooting for known problems*
+- GP name: *TroubleshootingAllowRecommendations*
+- GP path: *Troubleshooting and Diagnostics/Microsoft Support Diagnostic Tool*
+- GP ADMX file name: *MSDT.admx*
@@ -127,8 +128,6 @@ ADMX Info:
- GP English name:
Troubleshooting: Allow users to access r
-
-
Footnotes:
@@ -138,4 +137,5 @@ Footnotes:
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in Windows 10, version 1903.
\ No newline at end of file
+- 6 - Added in Windows 10, version 1903.
+
diff --git a/windows/client-management/mdm/policy-csp-update.md b/windows/client-management/mdm/policy-csp-update.md
index fdb6615bf6..c29f9811ad 100644
--- a/windows/client-management/mdm/policy-csp-update.md
+++ b/windows/client-management/mdm/policy-csp-update.md
@@ -13,6 +13,8 @@ manager: dansimp
# Policy CSP - Update
+> [!NOTE]
+> If the MSA service is disabled, Windows Update will no longer offer feature updates to devices running Windows 10 1709 or higher. See [Feature updates are not being offered while other updates are](https://docs.microsoft.com/windows/deployment/update/windows-update-troubleshooting#feature-updates-are-not-being-offered-while-other-updates-are).
@@ -204,11 +206,6 @@ manager: dansimp
-> [!NOTE]
-> If the MSA service is disabled, Windows Update will no longer offer feature updates to devices running Windows 10 1709 or higher. See [Feature updates are not being offered while other updates are](https://docs.microsoft.com/windows/deployment/update/windows-update-troubleshooting#feature-updates-are-not-being-offered-while-other-updates-are).
-
-
-
**Update/ActiveHoursEnd**
@@ -1379,49 +1376,6 @@ Added in Windows 10, version 1803. Enable IT admin to configure feature update u
-
-**Update/ConfigureFeatureUpdateUninstallPeriod**
-
-
-
-
- | Home |
- Pro |
- Business |
- Enterprise |
- Education |
- Mobile |
- Mobile Enterprise |
-
-
- |
- 4 |
- 4 |
- 4 |
- 4 |
- |
- |
-
-
-
-
-
-[Scope](./policy-configuration-service-provider.md#policy-scope):
-
-> [!div class = "checklist"]
-> * Device
-
-
-
-
-
-Added in Windows 10, version 1803. Enable IT admin to configure feature update uninstall period. Values range 2 - 60 days. Default is 10 days.
-
-
-
-
-
-
**Update/DeferFeatureUpdatesPeriodInDays**
@@ -3951,69 +3905,6 @@ ADMX Info:
-
-
-
-
-## Update policies supported by HoloLens 2
-
-- [Update/AllowAutoUpdate](#update-allowautoupdate)
-- [Update/AllowUpdateService](#update-allowupdateservice)
-- [Update/BranchReadinessLevel](#update-branchreadinesslevel)
-- [Update/DeferFeatureUpdatesPeriodInDays](#update-deferfeatureupdatesperiodindays)
-- [Update/DeferQualityUpdatesPeriodInDays](#update-deferqualityupdatesperiodindays)
-- [Update/ManagePreviewBuilds](#update-managepreviewbuilds)
-- [Update/PauseFeatureUpdates](#update-pausefeatureupdates)
-- [Update/PauseQualityUpdates](#update-pausequalityupdates)
-- [Update/ScheduledInstallDay](#update-scheduledinstallday)
-- [Update/ScheduledInstallTime](#update-scheduledinstalltime)
-- [Update/UpdateServiceUrl](#update-updateserviceurl)
-
-
-
-
-## Update policies supported by HoloLens (1st gen) Commercial Suite
-
-- [Update/AllowAutoUpdate](#update-allowautoupdate)
-- [Update/AllowUpdateService](#update-allowupdateservice)
-- [Update/RequireDeferUpgrade](#update-requiredeferupgrade)
-- [Update/RequireUpdateApproval](#update-requireupdateapproval)
-- [Update/ScheduledInstallDay](#update-scheduledinstallday)
-- [Update/ScheduledInstallTime](#update-scheduledinstalltime)
-- [Update/UpdateServiceUrl](#update-updateserviceurl)
-
-
-
-
-## Update policies supported by HoloLens (1st gen) Development Edition
-
-- [Update/AllowAutoUpdate](#update-allowautoupdate)
-- [Update/AllowUpdateService](#update-allowupdateservice)
-- [Update/RequireDeferUpgrade](#update-requiredeferupgrade)
-- [Update/RequireUpdateApproval](#update-requireupdateapproval)
-- [Update/ScheduledInstallDay](#update-scheduledinstallday)
-- [Update/ScheduledInstallTime](#update-scheduledinstalltime)
-- [Update/UpdateServiceUrl](#update-updateserviceurl)
-
-
-
-
-## Update policies supported by IoT Core
-
-- [Update/ConfigureDeadlineForFeatureUpdates](#update-configuredeadlineforfeatureupdates)
-- [Update/ConfigureDeadlineForQualityUpdates](#update-configuredeadlineforqualityupdates)
-- [Update/ConfigureDeadlineGracePeriod](#update-configuredeadlinegraceperiod)
-- [Update/ConfigureDeadlineNoAutoReboot](#update-configuredeadlinenoautoreboot)
-
-
-
-## Update policies supported by IoT Enterprise
-
-- [Update/ConfigureDeadlineForFeatureUpdates](#update-configuredeadlineforfeatureupdates)
-- [Update/ConfigureDeadlineForQualityUpdates](#update-configuredeadlineforqualityupdates)
-- [Update/ConfigureDeadlineGracePeriod](#update-configuredeadlinegraceperiod)
-- [Update/ConfigureDeadlineNoAutoReboot](#update-configuredeadlinenoautoreboot)
-
Footnotes:
@@ -4024,3 +3915,4 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
diff --git a/windows/client-management/mdm/policy-csp-userrights.md b/windows/client-management/mdm/policy-csp-userrights.md
index bf7b2a8067..0676a9df9c 100644
--- a/windows/client-management/mdm/policy-csp-userrights.md
+++ b/windows/client-management/mdm/policy-csp-userrights.md
@@ -1600,12 +1600,14 @@ GP Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-wifi.md b/windows/client-management/mdm/policy-csp-wifi.md
index 9bc832c1ff..9e5e7bac19 100644
--- a/windows/client-management/mdm/policy-csp-wifi.md
+++ b/windows/client-management/mdm/policy-csp-wifi.md
@@ -381,49 +381,6 @@ Supported operations are Add, Delete, Get, and Replace.
-
-
-
-
-## Wifi policies that can be set using Exchange Active Sync (EAS)
-
-- [Wifi/AllowInternetSharing](#wifi-allowinternetsharing)
-- [Wifi/AllowWiFi](#wifi-allowwifi)
-
-
-
-## Wifi policies supported by HoloLens 2
-
-- [Wifi/AllowManualWiFiConfiguration](#wifi-allowmanualwificonfiguration)
-
-
-
-## Wifi policies supported by HoloLens (1st gen) Commercial Suite
-
-- [Wifi/AllowManualWiFiConfiguration](#wifi-allowmanualwificonfiguration)
-
-
-
-## Wifi policies supported by HoloLens (1st gen) Development Edition
-
-- [Wifi/AllowManualWiFiConfiguration](#wifi-allowmanualwificonfiguration)
-
-
-
-## Wifi policies supported by IoT Core
-
-- [Wifi/AllowAutoConnectToWiFiSenseHotspots](#wifi-allowautoconnecttowifisensehotspots)
-- [Wifi/AllowInternetSharing](#wifi-allowinternetsharing)
-- [Wifi/AllowWiFi](#wifi-allowwifi)
-- [Wifi/WLANScanMode](#wifi-wlanscanmode)
-
-
-
-## Wifi policies supported by Microsoft Surface Hub
-
-- [WiFi/AllowWiFiHotSpotReporting](#wifi-allowwifihotspotreporting)
-
-
Footnotes:
@@ -434,3 +391,4 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-windowsconnectionmanager.md b/windows/client-management/mdm/policy-csp-windowsconnectionmanager.md
index 6824a34e5c..0888c1a02a 100644
--- a/windows/client-management/mdm/policy-csp-windowsconnectionmanager.md
+++ b/windows/client-management/mdm/policy-csp-windowsconnectionmanager.md
@@ -97,12 +97,13 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
-
-
+
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md b/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md
index cc8580325d..f851afd08e 100644
--- a/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md
+++ b/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md
@@ -1426,14 +1426,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
-- 6 - Added in the next major release of Windows 10.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-windowsinkworkspace.md b/windows/client-management/mdm/policy-csp-windowsinkworkspace.md
index ca2a0c7b72..d20bb37601 100644
--- a/windows/client-management/mdm/policy-csp-windowsinkworkspace.md
+++ b/windows/client-management/mdm/policy-csp-windowsinkworkspace.md
@@ -149,12 +149,14 @@ Value type is int. The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-windowslogon.md b/windows/client-management/mdm/policy-csp-windowslogon.md
index dd40314d62..a8e9418f2e 100644
--- a/windows/client-management/mdm/policy-csp-windowslogon.md
+++ b/windows/client-management/mdm/policy-csp-windowslogon.md
@@ -544,9 +544,6 @@ To validate on Desktop, do the following:
-
-
-
Footnotes:
@@ -557,3 +554,6 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
+
+
+
diff --git a/windows/client-management/mdm/policy-csp-windowspowershell.md b/windows/client-management/mdm/policy-csp-windowspowershell.md
index 9e2d0223b5..69eb80be17 100644
--- a/windows/client-management/mdm/policy-csp-windowspowershell.md
+++ b/windows/client-management/mdm/policy-csp-windowspowershell.md
@@ -94,12 +94,14 @@ ADMX Info:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/policy-csp-wirelessdisplay.md b/windows/client-management/mdm/policy-csp-wirelessdisplay.md
index 1ba5d5ec2d..e8bdaab780 100644
--- a/windows/client-management/mdm/policy-csp-wirelessdisplay.md
+++ b/windows/client-management/mdm/policy-csp-wirelessdisplay.md
@@ -473,12 +473,14 @@ The following list shows the supported values:
-Footnote:
+Footnotes:
- 1 - Added in Windows 10, version 1607.
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
- 4 - Added in Windows 10, version 1803.
+- 5 - Added in Windows 10, version 1809.
+- 6 - Added in Windows 10, version 1903.
diff --git a/windows/client-management/mdm/supl-csp.md b/windows/client-management/mdm/supl-csp.md
index 09ea7f32d0..64077761f8 100644
--- a/windows/client-management/mdm/supl-csp.md
+++ b/windows/client-management/mdm/supl-csp.md
@@ -9,15 +9,15 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
-ms.date: 07/20/2018
+ms.date: 09/12/2019
---
# SUPL CSP
> [!WARNING]
-> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
-The SUPL configuration service provider is used to configure the location client, as shown in the following table.
+The SUPL configuration service provider is used to configure the location client, as shown in the following table:
@@ -51,7 +51,7 @@ The SUPL configuration service provider is used to configure the location client
MCC/MNC value pairs which are used to specify which networks' UUIC the SUPL account matches.
-Address of the server—a mobile positioning center for non-trusted mode. Address of the server — a mobile positioning center for non-trusted mode. The positioning method used by the MPC for non-trusted mode. |
@@ -68,7 +68,7 @@ The following diagram shows the SUPL configuration service provider management o
-
+
@@ -86,7 +86,10 @@ If this value is not specified, the device infers the H-SLP address from the IMS
For OMA DM, if the format for this node is incorrect the entry will be ignored and an error will be returned, but the configuration service provider will continue processing the rest of the parameters.
**Version**
-Optional. Determines the version of the SUPL protocol to use. For SUPL 1.0, set this value to `1`. For SUPL 2.0, set this value to `2`. The default is 1.
+Optional. Determines the major version of the SUPL protocol to use. For SUPL 1.0.0, set this value to 1. For SUPL 2.0.0, set this value to 2. The default is 1. Refer to FullVersion to define the minor version and the service indicator.
+
+**FullVersion**
+Added in the next major release of Windows 10. Optional. Determines the full version (X.Y.Z where X, Y, and Z are the major version, the minor version, and the service indicator, respectively) of the SUPL protocol to use. The default is 1.0.0. If FullVersion is defined, Version field is ignored.
**MCCMNCPairs**
Required. List all of the MCC and MNC pairs owned by the mobile operator. This list is used to verify that the UICC matches the network and SUPL can be used. When the UICC and network do not match, the device uses the default location service and does not use SUPL.
@@ -295,7 +298,7 @@ Optional. Specifies the positioning method that the SUPL client will use for mob
0 |
-None: The device uses the default positioning method. In this default mode, the GNSS obtains assistance (time injection, coarse position injection and ephemeris data) from the Microsoft Positioning Service. |
+None: The device uses the default positioning method. In this default mode, the GNSS obtains assistance (time injection, coarse position injection, and ephemeris data) from the Microsoft Positioning Service. |
1 |
@@ -582,18 +585,6 @@ The following table shows the Microsoft custom elements that this configuration
-
## Related topics
-
-[Configuration service provider reference](configuration-service-provider-reference.md)
-
-
-
-
-
-
-
-
-
-
+[Configuration service provider reference](configuration-service-provider-reference.md)
\ No newline at end of file
diff --git a/windows/client-management/mdm/supl-ddf-file.md b/windows/client-management/mdm/supl-ddf-file.md
index bf899e6c8e..e2b10b625a 100644
--- a/windows/client-management/mdm/supl-ddf-file.md
+++ b/windows/client-management/mdm/supl-ddf-file.md
@@ -15,13 +15,13 @@ ms.date: 07/20/2018
# SUPL DDF file
> [!WARNING]
-> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
-This topic shows the OMA DM device description framework (DDF) for the **SUPL** configuration service provider.
+This topic shows the OMA DM device description framework (DDF) for the **SUPL** configuration service provider (CSP).
Looking for the DDF XML files? See [CSP DDF files download](configuration-service-provider-reference.md#csp-ddf-files-download).
-The XML below is for Windows 10, version 1809.
+The XML below is the DDF for the current version for this CSP.
```xml
@@ -47,7 +47,7 @@ The XML below is for Windows 10, version 1809.
- com.microsoft/1.1/MDM/SUPL
+ com.microsoft/1.2/MDM/SUPL
@@ -159,7 +159,7 @@ The XML below is for Windows 10, version 1809.
1
- Optional. Determines the version of the SUPL protocol to use. For SUPL 1.0, set this value to 1. For SUPL 2.0, set this value to 2. The default is 1.
+ Optional. Determines the major version of the SUPL protocol to use. For SUPL 1.0.0, set this value to 1. For SUPL 2.0.0, set this value to 2. The default is 1. Refer to FullVersion to define the minor version and the service indicator.
@@ -174,6 +174,29 @@ The XML below is for Windows 10, version 1809.
+
+ FullVersion
+
+
+
+
+
+ 1.0.0
+ Optional. Determines the full version (X.Y.Z where X, Y, and Z are the major version, the minor version, and the service indicator, respectively) of the SUPL protocol to use. The default is 1.0.0. If FullVersion is defined, Version field is ignored.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
MCCMNCPairs
diff --git a/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md b/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md
index 300711d733..5bdd2eaf0f 100644
--- a/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md
+++ b/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md
@@ -50,17 +50,17 @@ New-CimInstance -Namespace $namespaceName -ClassName $className -Property @{Pare
Get-CimInstance -Namespace $namespaceName -ClassName $className
# Query instances with matching properties
-Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'"
+Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'"
# Modify existing instance
-$obj = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'"
+$obj = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'"
$obj.WLANScanMode=500
Set-CimInstance -CimInstance $obj
# Delete existing instance
try
{
- $obj = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'"
+ $obj = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'"
Remove-CimInstance -CimInstance $obj
}
catch [Exception]
@@ -113,9 +113,9 @@ $session = New-CimSession
# Create a new instance for MDM_Policy_User_Config01_Authentication02
##########################################################################
$newInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName
-$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key")
+$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key")
$newInstance.CimInstanceProperties.Add($property)
-$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key")
+$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key")
$newInstance.CimInstanceProperties.Add($property)
$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("AllowEAPCertSSO", 1, "Sint32", "Property")
$newInstance.CimInstanceProperties.Add($property)
@@ -138,9 +138,9 @@ $session.EnumerateInstances($namespaceName, $className, $options)
# with matching properties
##########################################################################
$getInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName
-$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key")
+$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key")
$getInstance.CimInstanceProperties.Add($property)
-$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key")
+$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key")
$getInstance.CimInstanceProperties.Add($property)
try
{
@@ -155,9 +155,9 @@ catch [Exception]
# Modify existing instance for MDM_Policy_User_Config01_Authentication02
##########################################################################
$getInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName
-$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key")
+$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key")
$getInstance.CimInstanceProperties.Add($property)
-$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key")
+$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key")
$getInstance.CimInstanceProperties.Add($property)
try
{
@@ -174,9 +174,9 @@ catch [Exception]
# Delete existing instance for MDM_Policy_User_Config01_Authentication02
##########################################################################
$getInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName
-$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key")
+$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key")
$getInstance.CimInstanceProperties.Add($property)
-$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key")
+$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key")
$getInstance.CimInstanceProperties.Add($property)
try
{
@@ -209,7 +209,7 @@ $params.Add($param)
try
{
- $instance = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT' and InstanceID='WindowsLicensing'"
+ $instance = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT' and InstanceID='WindowsLicensing'"
$session.InvokeMethod($namespaceName, $instance, $methodName, $params)
}
catch [Exception]
diff --git a/windows/client-management/mdm/vpnv2-csp.md b/windows/client-management/mdm/vpnv2-csp.md
index fa5597ecf6..c7555d45bf 100644
--- a/windows/client-management/mdm/vpnv2-csp.md
+++ b/windows/client-management/mdm/vpnv2-csp.md
@@ -450,7 +450,7 @@ Required for native profiles. Type of tunneling protocol used. This value can be
Value type is chr. Supported operations include Get, Add, Replace, and Delete.
-> **Note** The **Automatic** option means that the device will try each of the built-in tunneling protocols until one succeeds. It will attempt protocols in following order: IKEv2, PPTP and then L2TP. This order is not customizable.
+> **Note** The **Automatic** option means that the device will try each of the built-in tunneling protocols until one succeeds. It will attempt protocols in following order: SSTP, IKEv2, PPTP and then L2TP. This order is not customizable.
**VPNv2/**ProfileName**/NativeProfile/Authentication**
Required node for native profile. It contains authentication information for the native VPN profile.
diff --git a/windows/client-management/mdm/vpnv2-profile-xsd.md b/windows/client-management/mdm/vpnv2-profile-xsd.md
index fbb8abae88..dd82298d1b 100644
--- a/windows/client-management/mdm/vpnv2-profile-xsd.md
+++ b/windows/client-management/mdm/vpnv2-profile-xsd.md
@@ -23,7 +23,7 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
```xml
-
+
diff --git a/windows/client-management/new-policies-for-windows-10.md b/windows/client-management/new-policies-for-windows-10.md
index 2c02926ece..da9546ba23 100644
--- a/windows/client-management/new-policies-for-windows-10.md
+++ b/windows/client-management/new-policies-for-windows-10.md
@@ -25,6 +25,232 @@ ms.topic: reference
Windows 10 includes the following new policies for management. [Download the complete set of Administrative Template (.admx) files for Windows 10](https://www.microsoft.com/download/details.aspx?id=56121).
+
+## New Group Policy settings in Windows 10, version 1809
+
+The following Group Policy settings were added in Windows 10, version 1809:
+
+**Start Menu and Taskbar**
+
+- Start Menu and Taskbar\Force Start to be either full screen size or menu size
+- Start Menu and Taskbar\Remove "Recently added" list from Start Menu
+- Start Menu and Taskbar\Remove All Programs list from the Start menu
+- Start Menu and Taskbar\Remove frequent programs list from the Start Menu
+
+**System**
+
+- System\Group Policy\Allow asynchronous user Group Policy processing when logging on through Remote Desktop Services
+- System\Group Policy\Configure Applications preference extension policy processing
+- System\Group Policy\Configure Data Sources preference extension policy processing
+- System\Group Policy\Configure Devices preference extension policy processing
+- System\Group Policy\Configure Drive Maps preference extension policy processing
+- System\Group Policy\Configure Environment preference extension policy processing
+- System\Group Policy\Configure Files preference extension policy processing
+- System\Group Policy\Configure Folder Options preference extension policy processing
+- System\Group Policy\Configure Folders preference extension policy processing
+- System\Group Policy\Configure Ini Files preference extension policy processing
+- System\Group Policy\Configure Internet Settings preference extension policy processing
+- System\Group Policy\Configure Local Users and Groups preference extension policy processing
+- System\Group Policy\Configure Network Options preference extension policy processing
+- System\Group Policy\Configure Network Shares preference extension policy processing
+- System\Group Policy\Configure Power Options preference extension policy processing
+- System\Group Policy\Configure Printers preference extension policy processing
+- System\Group Policy\Configure Regional Options preference extension policy processing
+- System\Group Policy\Configure Registry preference extension policy processing
+- System\Group Policy\Configure Scheduled Tasks preference extension policy processing
+- System\Group Policy\Configure Services preference extension policy processing
+- System\Group Policy\Configure Shortcuts preference extension policy processing
+- System\Group Policy\Configure Start Menu preference extension policy processing
+- System\Group Policy\Logging and tracing\Configure Applications preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Data Sources preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Devices preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Drive Maps preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Environment preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Files preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Folder Options preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Folders preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure INI Files preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Internet Settings preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Local Users and Groups preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Network Options preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Network Shares preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Power Options preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Printers preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Regional Options preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Registry preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Scheduled Tasks preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Services preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Shortcuts preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Start Menu preference logging and tracing
+- System\Kernel DMA Protection\Enumeration policy for external devices incompatible with Kernel DMA Protection
+- System\OS Policies\Allow Clipboard History
+- System\OS Policies\Allow Clipboard synchronization across devices
+
+**Windows Components**
+
+- Windows Components\Data Collection and Preview Builds\Configure Microsoft 365 Update Readiness upload endpoint
+- Windows Components\Data Collection and Preview Builds\Disable deleting diagnostic data
+- Windows Components\Data Collection and Preview Builds\Disable diagnostic data viewer
+- Windows Components\Delivery Optimization\[Reserved for future use] Cache Server Hostname
+- Windows Components\Location and Sensors\Windows Location Provider\Turn off Windows Location Provider
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\DFS Management
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\File Server Resource Manager
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Share and Storage Management
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Storage Manager for SANs
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins\DFS Management Extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins\Disk Management Extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins\File Server Resource Manager Extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins\Share and Storage Management Extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins\Storage Manager for SANS Extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy Management Editor
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy Starter GPO Editor
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Application snap-ins
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Applications preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Control Panel Settings (Computers)
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Control Panel Settings (Users)
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Data Sources preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Devices preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Drive Maps preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Environment preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Files preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Folder Options preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Folders preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Ini Files preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Internet Settings preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Local Users and Groups preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Network Options preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Network Shares preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Power Options preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Preferences tab
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Printers preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Regional Options preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Registry preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Scheduled Tasks preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Services preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Shortcuts preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Start Menu preference extension
+- Windows Components\OOBE\Don't launch privacy settings experience on user logon
+- Windows Components\OOBE\Don't launch privacy settings experience on user logon
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Application Compatibility\Do not use Remote Desktop Session Host server IP address when virtual IP address is not available
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Application Compatibility\Select the network adapter to be used for Remote Desktop IP Virtualization
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Application Compatibility\Turn off Windows Installer RDS Compatibility
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Application Compatibility\Turn on Remote Desktop IP Virtualization
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\Allow remote start of unlisted programs
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\Turn off Fair Share CPU Scheduling
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection\Allow time zone redirection
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection\Do not allow Clipboard redirection
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Printer Redirection\Redirect only the default client printer
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Printer Redirection\Redirect only the default client printer
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\RD Connection Broker\Use RD Connection Broker load balancing
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Allow desktop composition for remote desktop sessions
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Always show desktop on connection
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Do not allow font smoothing
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Remove remote desktop wallpaper
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits\Set time limit for logoff of RemoteApp sessions
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits\Set time limit for logoff of RemoteApp sessions
+- Windows Components\Windows Defender Antivirus\Configure detection for potentially unwanted applications
+- Windows Components\Windows Defender Antivirus\Scan\Configure low CPU priority for scheduled scans
+- Windows Components\Windows Defender Application Guard\Allow camera and microphone access in Windows Defender Application Guard
+- Windows Components\Windows Defender Application Guard\Allow users to trust files that open in Windows Defender Application Guard
+- Windows Components\Windows Defender Application Guard\Allow Windows Defender Application Guard to use Root Certificate Authorities from the user’s device
+- Windows Components\Windows Defender Application Guard\Configure additional sources for untrusted files in Windows Defender Application Guard
+- Windows Components\Windows Hello for Business\Use Windows Hello for Business certificates as smart card certificates
+- Windows Components\Windows Media Player\Do Not Show First Use Dialog Boxes
+- Windows Components\Windows Media Player\Prevent Automatic Updates
+- Windows Components\Windows Media Player\Prevent CD and DVD Media Information Retrieval
+- Windows Components\Windows Media Player\Prevent Desktop Shortcut Creation
+- Windows Components\Windows Media Player\Prevent Media Sharing
+- Windows Components\Windows Media Player\Prevent Music File Media Information Retrieval
+- Windows Components\Windows Media Player\Prevent Quick Launch Toolbar Shortcut Creation
+- Windows Components\Windows Media Player\Prevent Radio Station Preset Retrieval
+- Windows Components\Windows Media Player\Prevent Video Smoothing
+- Windows Components\Windows Media Player\Networking\Configure HTTP Proxy
+- Windows Components\Windows Media Player\Networking\Configure MMS Proxy
+- Windows Components\Windows Media Player\Networking\Configure Network Buffering
+- Windows Components\Windows Media Player\Networking\Configure RTSP Proxy
+- Windows Components\Windows Media Player\Networking\Hide Network Tab
+- Windows Components\Windows Media Player\Networking\Streaming Media Protocols
+- Windows Components\Windows Media Player\Playback\Allow Screen Saver
+- Windows Components\Windows Media Player\Playback\Prevent Codec Download
+- Windows Components\Windows Media Player\User Interface\Do Not Show Anchor
+- Windows Components\Windows Media Player\User Interface\Hide Privacy Tab
+- Windows Components\Windows Media Player\User Interface\Hide Security Tab
+- Windows Components\Windows Media Player\User Interface\Set and Lock Skin
+- Windows Components\Windows Security\Account protection\Hide the Account protection area
+- Windows Components\Windows Security\App and browser protection\Hide the App and browser protection area
+- Windows Components\Windows Security\App and browser protection\Prevent users from modifying settings
+- Windows Components\Windows Security\Device performance and health\Hide the Device performance and health area
+- Windows Components\Windows Security\Device security\Disable the Clear TPM button
+- Windows Components\Windows Security\Device security\Hide the Device security area
+- Windows Components\Windows Security\Device security\Hide the Secure boot area
+- Windows Components\Windows Security\Device security\Hide the Security processor (TPM) troubleshooter page
+- Windows Components\Windows Security\Device security\Hide the TPM Firmware Update recommendation
+- Windows Components\Windows Security\Enterprise Customization\Configure customized contact information
+- Windows Components\Windows Security\Enterprise Customization\Configure customized notifications
+- Windows Components\Windows Security\Enterprise Customization\Specify contact company name
+- Windows Components\Windows Security\Enterprise Customization\Specify contact email address or Email ID
+- Windows Components\Windows Security\Enterprise Customization\Specify contact phone number or Skype ID
+- Windows Components\Windows Security\Enterprise Customization\Specify contact website
+- Windows Components\Windows Security\Family options\Hide the Family options area
+- Windows Components\Windows Security\Firewall and network protection\Hide the Firewall and network protection area
+- Windows Components\Windows Security\Notifications\Hide all notifications
+- Windows Components\Windows Security\Notifications\Hide non-critical notifications
+- Windows Components\Windows Security\Systray\Hide Windows Security Systray
+- Windows Components\Windows Security\Virus and threat protection\Hide the Ransomware data recovery area
+- Windows Components\Windows Security\Virus and threat protection\Hide the Virus and threat protection area
+- Windows Components\Windows Update\Display options for update notifications
+- Windows Components\Windows Update\Remove access to "Pause updates" feature
+
+**Control Panel**
+
+- Control Panel\Settings Page Visibility
+- Control Panel\Regional and Language Options\Allow users to enable online speech recognition services
+
+**Network**
+
+- Network\Windows Connection Manager\Enable Windows to soft-disconnect a computer from a network
+
+
+## New Group Policy settings in Windows 10, version 1803
+
+The following Group Policy settings were added in Windows 10, version 1803:
+
+**System**
+
+- System\Credentials Delegation\Encryption Oracle Remediation
+- System\Group Policy\Phone-PC linking on this device
+- System\OS Policies\Allow upload of User Activities
+
+**Windows Components**
+
+- Windows Components\App Privacy\Let Windows apps access an eye tracker device
+- Windows Components\Cloud Content\Turn off Windows Spotlight on Settings
+- Windows Components\Data Collection and Preview Builds\Allow device name to be sent in Windows diagnostic data
+- Windows Components\Data Collection and Preview Builds\Configure telemetry opt-in setting user interface
+- Windows Components\Data Collection and Preview Builds\Configure telemetry opt-in change notifications
+- Windows Components\Delivery Optimization\Maximum Background Download Bandwidth (percentage)
+- Windows Components\Delivery Optimization\Maximum Foreground Download Bandwidth (percentage)
+- Windows Components\Delivery Optimization\Select the source of Group IDs
+- Windows Components\Delivery Optimization\Delay background download from http (in secs)
+- Windows Components\Delivery Optimization\Delay Foreground download from http (in secs)
+- Windows Components\Delivery Optimization\Select a method to restrict Peer Selection
+- Windows Components\Delivery Optimization\Set Business Hours to Limit Background Download Bandwidth
+- Windows Components\Delivery Optimization\Set Business Hours to Limit Foreground Download Bandwidth
+- Windows Components\IME\Turn on Live Sticker
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection\Do not allow video capture redirection
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Use hardware graphics adapters for all Remote Desktop Services sessions
+- Windows Components\Search\Allow Cortana Page in OOBE on an AAD account
+- Windows Components\Store\Disable all apps from Microsoft Store
+- Windows Components\Text Input\Allow Uninstallation of Language Features
+- Windows Components\Text Input\Improve inking and typing recognition
+- Windows Components\Windows Defender Application Guard\Allow hardware-accelerated rendering for Windows Defender Application Guard
+- Windows Components\Windows Defender Security Center\Account protection\Hide the Account protection area
+- Windows Components\Windows Defender Security Center\Device security\Hide the Device security area
+- Windows Components\Windows Defender Security Center\Device security\Hide the Security processor (TPM) troubleshooter page
+- Windows Components\Windows Defender Security Center\Device security\Hide the Secure boot area
+- Windows Components\Windows Defender Security Center\Virus and threat protection\Hide the Ransomware data recovery area
+
+
## New Group Policy settings in Windows 10, version 1709
The following Group Policy settings were added in Windows 10, version 1709:
diff --git a/windows/client-management/system-failure-recovery-options.md b/windows/client-management/system-failure-recovery-options.md
new file mode 100644
index 0000000000..04dcbbafc9
--- /dev/null
+++ b/windows/client-management/system-failure-recovery-options.md
@@ -0,0 +1,205 @@
+---
+title: Configure system failure and recovery options in Windows
+description: Learn about the system failure and recovery options in Windows.
+ms.prod: w10
+ms.sitesec: library
+ms.topic: troubleshooting
+author: Deland-Han
+ms.localizationpriority: medium
+ms.author: delhan
+ms.date: 8/22/2019
+ms.reviewer:
+manager: dcscontentpm
+---
+
+# Configure system failure and recovery options in Windows
+
+This article describes how to configure the actions that Windows takes when a system error (also referred to as a bug check, system crash, fatal system error, or Stop error) occurs. You can configure the following actions:
+
+- Write an event to the System log.
+
+- Alert administrators (if you have set up administrative alerts).
+
+- Put system memory into a file that advanced users can use for debugging.
+
+- Automatically restart the computer.
+
+>[!Note]
+> You must be logged on as an administrator or a member of the Administrators group to complete this procedure. If your computer is connected to a network, network policy settings may prevent you from completing this procedure.
+
+## Configuring system failure and recovery options
+
+> [!IMPORTANT]
+> Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, [back up the registry for restoration](https://support.microsoft.com/help/322756) in case problems occur.
+
+The options are available in the **Startup and Recovery** dialog box. You can also use the following methods:
+
+- Modify the values under the following registry subkey:
+
+ **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl**
+
+- To modify the option on your local computer, use the command line utility (Wmic.exe) to access Windows Management Instrumentation (WMI).
+
+Follow these steps to view the options in **Startup and Recovery**. (The registry value and Wmic commands are also listed for each option.)
+
+1. In Control Panel, select **System and Security > System**.
+
+2. Select **Advanced system settings**, select the **Advanced** tab, and select **Settings** in the **Startup and Recovery** area.
+
+### Under "System failure"
+
+Select the check boxes for the actions that you want Windows to perform when a system error occurs.
+
+#### Write an event to the System log
+
+This option specifies that event information is recorded in the System log. By default, this option is turned on.
+
+To turn off this option, run the following command or modify the registry value:
+
+- ```cmd
+ wmic recoveros set WriteToSystemLog = False
+ ```
+
+- Set the **LogEvent** DWORD value to **0**.
+
+#### Send an administrative alert
+
+The option specifies that administrators are notified of the system error if you configured administrative alerts. By default, this option is turned on.
+
+To turn off this option, run the following command or modify the registry value:
+
+- ```cmd
+ wmic recoveros set SendAdminAlert = False
+ ```
+
+- Set the **SendAlert** DWORD value to **0**.
+
+#### Automatically restart
+
+The option specifies that Windows automatically restarts your computer. By default, this option is turned on.
+
+To turn off this option, run the following command or modify the registry value:
+
+- ```cmd
+ wmic recoveros set AutoReboot = False
+ ```
+
+- Set the **AutoReboot** DWORD value to **0**.
+
+### Under "Write debugging information"
+
+Select one of the following type of information that you want Windows to record in a memory dump file if the computer stops unexpectedly:
+
+#### (none)
+
+The option does not record any information in a memory dump file.
+
+To specify that you do not want Windows to record information in a memory dump file, run the following command or modify the registry value:
+
+- ```cmd
+ wmic recoveros set DebugInfoType = 0
+ ```
+- Set the **CrashDumpEnabled** DWORD value to **0**.
+
+#### Small Memory Dump
+
+The option records the smallest amount of information to help identify the problem. This option requires a paging file of at least 2 megabytes (MB) on the boot volume of your computer, and specifies that Windows will create a new file each time the system stops unexpectedly. A history of these files is stored in the folder that is listed under Small Dump Directory (%SystemRoot%\Minidump). In Windows XP and Windows Server 2003, the small memory dump file is used together with the Windows Error Reporting feature.
+
+To specify that you want to use a small memory dump file, run the following command or modify the registry value:
+
+- ```cmd
+ wmic recoveros set DebugInfoType = 3
+ ```
+
+- Set the **CrashDumpEnabled** DWORD value to **3**.
+
+To specify that you want to use a folder as your Small Dump Directory, run the following command or modify the registry value:
+
+- ```cmd
+ wmic recoveros set MiniDumpDirectory =
+ ```
+
+- Set the **MinidumpDir** Expandable String Value to \.
+
+#### Kernel Memory Dump
+
+The option records only kernel memory. This option stores more information than a small memory dump file, but it takes less time to complete than a complete memory dump file. The file is stored in %SystemRoot%\Memory.dmp by default, and any previous kernel or complete memory dump files are overwritten if the **Overwrite any existing file** check box is selected. If you set this option, you must have a sufficiently large paging file on the boot volume. The required size depends on the amount of RAM in your computer However, the maximum amount of space that must be available for a kernel memory dump on a 32-bit system is 2 GB plus 16 MB. On a 64-bit system, the maximum amount of space that must be available for a kernel memory dump is the size of the RAM plus 128 MB. The following table provides guidelines for the size of the paging file:
+
+|RAM size |Paging file should be no smaller than|
+|-------|-----------------|
+|256 MB–1,373 MB |1.5 times the RAM size|
+|1,374 MB or greater |32-bit system: 2 GB plus 16 MB
64-bit system: size of the RAM plus 128 MB|
+
+To specify that you want to use a kernel memory dump file, run the following command or modify the registry value:
+
+- ```cmd
+ wmic recoveros set DebugInfoType = 2
+ ```
+
+- Set the **CrashDumpEnabled** DWORD value to **2**.
+
+To specify that you want to use a file as your memory dump file, run the following command or modify the registry value:
+
+- ```cmd
+ wmic recoveros set DebugFilePath =
+ ```
+
+- Set the **DumpFile** Expandable String Value to \.
+
+To specify that you do not want to overwrite any previous kernel or complete memory dump files, run the following command or modify the registry value:
+
+- ```cmd
+ wmic recoveros set OverwriteExistingDebugFile = 0
+ ```
+
+- Set the **Overwrite** DWORD value to **0**.
+
+#### Complete Memory Dump
+
+The option records the contents of system memory when the computer stops unexpectedly. This option is not available on computers that have 2 or more GB of RAM. If you select this option, you must have a paging file on the boot volume that is sufficient to hold all the physical RAM plus 1 MB. The file is stored as specified in %SystemRoot%\Memory.dmp by default.
+
+The extra megabyte is required for a complete memory dump file because Windows writes a header in addition to dumping the memory contents. The header contains a crash dump signature and specifies the values of some kernel variables. The header information does not require a full megabyte of space, but Windows sizes your paging file in increments of megabytes.
+
+To specify that you want to use a complete memory dump file, run the following command or modify the registry value:
+
+- ```cmd
+ wmic recoveros set DebugInfoType = 1
+ ```
+
+- Set the **CrashDumpEnabled** DWORD value to **1**.
+
+To specify that you want to use a file as your memory dump file, run the following command or modify the registry value:
+
+- ```cmd
+ wmic recoveros set DebugFilePath =
+ ```
+
+- Set the DumpFile Expandable String Value to \.
+
+To specify that you do not want to overwrite any previous kernel or complete memory dump files, run the following command or modify the registry value:
+
+- ```cmd
+ wmic recoveros set OverwriteExistingDebugFile = 0
+ ```
+
+- Set the **Overwrite** DWORD value to **0**.
+
+>[!Note]
+>If you contact Microsoft Support about a Stop error, you might be asked for the memory dump file that is generated by the Write Debugging Information option.
+
+To view system failure and recovery settings for your local computer, type **wmic recoveros** at a command prompt, and then press Enter. To view system failure and recovery settings for a remote computer on your local area network, type **wmic /node: recoveros** at a command prompt, and then press Enter.
+
+>[!Note]
+>To successfully use these Wmic.exe command line examples, you must be logged on by using a user account that has administrative rights on the computer. If you are not logged on by using a user account that has administrative rights on the computer, use the **/user:user_name** and **/password:password** switches.
+
+### Tips
+
+- To take advantage of the dump file feature, your paging file must be on the boot volume. If you have moved the paging file to another volume, you must move it back to the boot volume before you use this feature.
+
+- If you set the Kernel Memory Dump or the Complete Memory Dump option, and you select the **Overwrite any existing file** check box, Windows always writes to the same file name. To save individual dump files, click to clear the **Overwrite any existing file** check box, and then change the file name after each Stop error.
+
+- You can save some memory if you click to clear the **Write an event to the system log** and **Send an administrative alert** check boxes. The memory that you save depends on the computer, but these features typically require about 60 to 70 KB.
+
+## References
+
+[Varieties of Kernel-Mode Dump Files](https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/varieties-of-kernel-mode-dump-files)
diff --git a/windows/client-management/troubleshoot-windows-startup.md b/windows/client-management/troubleshoot-windows-startup.md
index 1dcdb40a64..70bda5a8f5 100644
--- a/windows/client-management/troubleshoot-windows-startup.md
+++ b/windows/client-management/troubleshoot-windows-startup.md
@@ -14,8 +14,40 @@ manager: dansimp
# Advanced troubleshooting for Windows start-up issues
-In these topics, you will learn how to troubleshoot common problems related to Windows start-up.
+In these topics, you will learn how to troubleshoot common problems that are related to Windows startup.
-- [Advanced troubleshooting for Windows boot problems](advanced-troubleshooting-boot-problems.md)
-- [Advanced troubleshooting for Stop error or blue screen error](troubleshoot-stop-errors.md)
-- [Advanced troubleshooting for Windows-based computer freeze issues](troubleshoot-windows-freeze.md)
+## How it works
+
+When Microsoft Windows experiences a condition that compromises safe system operation, the system halts. These Windows startup problems are categorized in the following groups:
+
+- Bug check: Also commonly known as a system crash, a kernel error, or a Stop error.
+
+- No boot: The system may not produce a bug check but is unable to start up into Windows.
+
+- Freeze: Also known as "system hang".
+
+## Best practices
+
+To understand the underlying cause of Windows startup problems, it's important that the system be configured correctly. Here are some best practices for configuration:
+
+### Page file settings
+
+- [Introduction of page file](introduction-page-file.md)
+
+- [How to determine the appropriate page file size for 64-bit versions of Windows](determine-appropriate-page-file-size.md)
+
+### Memory dump settings
+
+- [Configure system failure and recovery options in Windows](system-failure-recovery-options.md)
+
+- [Generate a kernel or complete crash dump](generate-kernel-or-complete-crash-dump.md)
+
+## Troubleshooting
+
+These articles will walk you through the resources you need to troubleshoot Windows startup issues:
+
+- [Advanced troubleshooting for Windows boot problems](https://docs.microsoft.com/en-us/windows/client-management/advanced-troubleshooting-boot-problems)
+
+- [Advanced troubleshooting for Stop error or blue screen error](https://docs.microsoft.com/en-us/windows/client-management/troubleshoot-stop-errors)
+
+- [Advanced troubleshooting for Windows-based computer freeze issues](https://docs.microsoft.com/en-us/windows/client-management/troubleshoot-windows-freeze)
diff --git a/windows/client-management/windows-10-mobile-and-mdm.md b/windows/client-management/windows-10-mobile-and-mdm.md
index 9790bdb770..da7f583966 100644
--- a/windows/client-management/windows-10-mobile-and-mdm.md
+++ b/windows/client-management/windows-10-mobile-and-mdm.md
@@ -108,7 +108,7 @@ MDM enrollment can also be initiated with a provisioning package. This option en
Employees can use only one account to initialize a device so it’s imperative that your organization controls which account is enabled first. The account chosen will determine who controls the device and influence your management capabilities.
->**Note:** Why must the user add an account to the device in OOBE? Windows 10 Mobile are single user devices and the user accounts give access to a number of default cloud services that enhance the productivity and entertainment value of the phone for the user. Such services are: Store for downloading apps, Groove for music and entertainment, Xbox for gaming, etc. Both an [MSA](https://www.microsoft.com/en-us/account/) and an [Azure AD account](https://www.microsoft.com/en-us/server-cloud/products/azure-active-directory/?WT.srch=1&WT.mc_id=SEM_%5B_uniqid%5D&utm_source=Bing&utm_medium=CPC&utm_term=azure%20ad&utm_campaign=Enterprise_Mobility_Suite) give access to these services.
+>**Note:** Why must the user add an account to the device in OOBE? Windows 10 Mobile are single user devices and the user accounts give access to a number of default cloud services that enhance the productivity and entertainment value of the phone for the user. Such services are: Store for downloading apps, Groove for music and entertainment, Xbox for gaming, etc. Both an [MSA](https://www.microsoft.com/account/) and an [Azure AD account](https://www.microsoft.com/server-cloud/products/azure-active-directory/?WT.srch=1&WT.mc_id=SEM_%5B_uniqid%5D&utm_source=Bing&utm_medium=CPC&utm_term=azure%20ad&utm_campaign=Enterprise_Mobility_Suite) give access to these services.
The following table describes the impact of identity choice on device management characteristics of the personal and corporate device scenarios.
@@ -186,7 +186,7 @@ For both personal and corporate deployment scenarios, an MDM system is the essen
Azure AD is a cloud-based directory service that provides identity and access management. You can integrate it with existing on-premises directories to create a hybrid identity solution. Organizations that use Microsoft Office 365 or Intune are already using Azure AD, which has three editions: Free Basic, and Premium (see [Azure Active Directory editions](https://azure.microsoft.com/documentation/articles/active-directory-editions/)). All editions support Azure AD device registration, but the Premium edition is required to enable MDM auto-enrollment and conditional access based on device state.
**Mobile Device Management**
-Microsoft [Intune](https://www.microsoft.com/en-us/server-cloud/products/microsoft-intune/overview.aspx), part of the Enterprise Mobility + Security, is a cloud-based MDM system that manages devices off premises. Like Office 365, Intune uses Azure AD for identity management so employees use the same credentials to enroll devices in Intune that they use to sign into Office 365. Intune supports devices that run other operating systems, such as iOS and Android, to provide a complete MDM solution.
+Microsoft [Intune](https://www.microsoft.com/server-cloud/products/microsoft-intune/overview.aspx), part of the Enterprise Mobility + Security, is a cloud-based MDM system that manages devices off premises. Like Office 365, Intune uses Azure AD for identity management so employees use the same credentials to enroll devices in Intune that they use to sign into Office 365. Intune supports devices that run other operating systems, such as iOS and Android, to provide a complete MDM solution.
You can also integrate Intune with Configuration Manager to gain a single console for managing all devices in the cloud and on premises, mobile or PC. For more information, see [Manage Mobile Devices with Configuration Manager and Microsoft Intune](https://technet.microsoft.com/library/jj884158.aspx). For guidance on choosing between a stand-alone Intune installation and Intune integrated with System Center Configuration Manager, see Choose between Intune by itself or integrating Intune with System Center Configuration Manager.
Multiple MDM systems support Windows 10 and most support personal and corporate device deployment scenarios. MDM providers that support Windows 10 Mobile currently include: AirWatch, Citrix, MobileIron, SOTI, Blackberry and others. Most industry-leading MDM vendors already support integration with Azure AD. You can find the MDM vendors that support Azure AD in [Azure Marketplace](https://azure.microsoft.com/marketplace/). If your organization doesn’t use Azure AD, the user must use an MSA during OOBE before enrolling the device in your MDM using a corporate account.
diff --git a/windows/configuration/cortana-at-work/cortana-at-work-overview.md b/windows/configuration/cortana-at-work/cortana-at-work-overview.md
index b3077aeaf7..cca8151178 100644
--- a/windows/configuration/cortana-at-work/cortana-at-work-overview.md
+++ b/windows/configuration/cortana-at-work/cortana-at-work-overview.md
@@ -53,7 +53,7 @@ Your organization must have an Azure AD tenant and your employees’ devices mus
## Cortana and privacy
We understand that there are some questions about Cortana and your organization’s privacy, including concerns about what info is collected by Cortana, where the info is saved, how to manage what data is collected, how to turn Cortana off, how to opt completely out of data collection, and what info is shared with other Microsoft apps and services. For more details about these concerns, see the [Cortana, Search, and privacy: FAQ](https://windows.microsoft.com/windows-10/cortana-privacy-faq) topic.
-Cortana is covered under the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement) and [Microsoft Services Agreement](https://www.microsoft.com/en-us/servicesagreement).
+Cortana is covered under the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement) and [Microsoft Services Agreement](https://www.microsoft.com/servicesagreement).
## See also
- [What is Cortana?](https://go.microsoft.com/fwlink/p/?LinkId=746818)
diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md
index f731e345d8..7d96f06030 100644
--- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md
+++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md
@@ -18,7 +18,7 @@ manager: dansimp
- Windows 10 Mobile, version 1703
>[!IMPORTANT]
->The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering. For more info, see the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement) and the [Microsoft Services Agreement](https://www.microsoft.com/en-us/servicesagreement).
+>The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering. For more info, see the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement) and the [Microsoft Services Agreement](https://www.microsoft.com/servicesagreement).
Cortana automatically finds patterns in your email, suggesting reminders based things that you said you would do so you don’t forget about them. For example, Cortana recognizes that if you include the text, _I’ll get this to you by the end of the week_ in an email, you're making a commitment to provide something by a specific date. Cortana can now suggest that you be reminded about this event, letting you decide whether to keep it or to cancel it.
diff --git a/windows/configuration/customize-windows-10-start-screens-by-using-group-policy.md b/windows/configuration/customize-windows-10-start-screens-by-using-group-policy.md
index 0647e4eec3..3cd4ad2b71 100644
--- a/windows/configuration/customize-windows-10-start-screens-by-using-group-policy.md
+++ b/windows/configuration/customize-windows-10-start-screens-by-using-group-policy.md
@@ -12,7 +12,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 11/15/2017
---
# Customize Windows 10 Start and taskbar with Group Policy
diff --git a/windows/configuration/customize-windows-10-start-screens-by-using-provisioning-packages-and-icd.md b/windows/configuration/customize-windows-10-start-screens-by-using-provisioning-packages-and-icd.md
index 977161bcd3..369f3eb6fb 100644
--- a/windows/configuration/customize-windows-10-start-screens-by-using-provisioning-packages-and-icd.md
+++ b/windows/configuration/customize-windows-10-start-screens-by-using-provisioning-packages-and-icd.md
@@ -12,7 +12,6 @@ author: dansimp
ms.author: dansimp
ms.topic: article
ms.localizationpriority: medium
-ms.date: 11/15/2017
---
# Customize Windows 10 Start and taskbar with provisioning packages
@@ -48,7 +47,7 @@ Three features enable Start and taskbar layout control:
-## Prepare the Start layout XML file
+## Prepare the Start layout XML file
The **Export-StartLayout** cmdlet produces an XML file. Because Windows Configuration Designer produces a customizations.xml file that contains the configuration settings, adding the Start layout section to the customizations.xml file directly would result in an XML file embedded in an XML file. Before you add the Start layout section to the customizations.xml file, you must replace the markup characters in your layout.xml with escape characters.
@@ -131,7 +130,6 @@ Use the Windows Configuration Designer tool to create a provisioning package. [L
## Related topics
-
- [Manage Windows 10 Start and taskbar layout](windows-10-start-layout-options-and-policies.md)
- [Configure Windows 10 taskbar](configure-windows-10-taskbar.md)
- [Customize and export Start layout](customize-and-export-start-layout.md)
@@ -140,12 +138,3 @@ Use the Windows Configuration Designer tool to create a provisioning package. [L
- [Customize Windows 10 Start and taskbar with Group Policy](customize-windows-10-start-screens-by-using-group-policy.md)
- [Customize Windows 10 Start and tasbkar with mobile device management (MDM)](customize-windows-10-start-screens-by-using-mobile-device-management.md)
- [Changes to Start policies in Windows 10](changes-to-start-policies-in-windows-10.md)
-
-
-
-
-
-
-
-
-
diff --git a/windows/configuration/index.md b/windows/configuration/index.md
index 6517e9e14f..ca42852107 100644
--- a/windows/configuration/index.md
+++ b/windows/configuration/index.md
@@ -7,10 +7,10 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: high
-author: jdeckerms
-ms.author: jdecker
+manager: dansimp
+author: dansimp
+ms.author: dansimp
ms.topic: article
-ms.date: 05/11/2018
---
# Configure Windows 10
diff --git a/windows/configuration/kiosk-mdm-bridge.md b/windows/configuration/kiosk-mdm-bridge.md
index b08ebebd2c..51eeccc08b 100644
--- a/windows/configuration/kiosk-mdm-bridge.md
+++ b/windows/configuration/kiosk-mdm-bridge.md
@@ -35,7 +35,8 @@ Here’s an example to set AssignedAccess configuration:
$nameSpaceName="root\cimv2\mdm\dmmap"
$className="MDM_AssignedAccess"
$obj = Get-CimInstance -Namespace $namespaceName -ClassName $className
-$obj.Configuration = @"
+Add-Type -AssemblyName System.Web
+$obj.Configuration = [System.Web.HttpUtility]::HtmlEncode(@"
@@ -84,7 +85,7 @@ $obj.Configuration = @"
-"@
+"@)
Set-CimInstance -CimInstance $obj
```
diff --git a/windows/configuration/kiosk-prepare.md b/windows/configuration/kiosk-prepare.md
index c3491784d7..af5a26163b 100644
--- a/windows/configuration/kiosk-prepare.md
+++ b/windows/configuration/kiosk-prepare.md
@@ -21,15 +21,15 @@ ms.topic: article
- Windows 10 Pro, Enterprise, and Education
->[!WARNING]
->For kiosks in public-facing environments with auto sign-in enabled, you should use a user account with least privilege, such as a local standard user account.
+> [!WARNING]
+> For kiosks in public-facing environments with auto sign-in enabled, you should use a user account with the least privileges, such as a local standard user account.
>
->Assigned access can be configured via Windows Management Instrumentation (WMI) or configuration service provider (CSP) to run its applications under a domain user or service account, rather than a local account. However, use of domain user or service accounts introduces risks that an attacker subverting the assigned access application might gain access to sensitive domain resources that have been inadvertently left accessible to any domain account. We recommend that customers proceed with caution when using domain accounts with assigned access, and consider the domain resources potentially exposed by the decision to do so.
+> Assigned access can be configured via Windows Management Instrumentation (WMI) or configuration service provider (CSP) to run its applications under a domain user or service account, rather than a local account. However, use of domain user or service accounts introduces risks that might allow an attacker subverting the assigned access application to gain access to sensitive domain resources that have been inadvertently left accessible to any domain account. We recommend that customers proceed with caution when using domain accounts with assigned access, and consider the domain resources potentially exposed by the decision to do so.
->[!IMPORTANT]
->[User account control (UAC)](https://docs.microsoft.com/windows/security/identity-protection/user-account-control/user-account-control-overview) must be turned on to enable kiosk mode.
+> [!IMPORTANT]
+> [User account control (UAC)](https://docs.microsoft.com/windows/security/identity-protection/user-account-control/user-account-control-overview) must be turned on to enable kiosk mode.
>
->Kiosk mode is not supported over a remote desktop connection. Your kiosk users must sign in on the physical device that is set up as a kiosk.
+> Kiosk mode is not supported over a remote desktop connection. Your kiosk users must sign in on the physical device that is set up as a kiosk.
## Configuration recommendations
@@ -60,19 +60,19 @@ Logs can help you [troubleshoot issues](multi-app-kiosk-troubleshoot.md) kiosk i
In addition to the settings in the table, you may want to set up **automatic logon** for your kiosk device. When your kiosk device restarts, whether from an update or power outage, you can sign in the assigned access account manually or you can configure the device to sign in to the assigned access account automatically. Make sure that Group Policy settings applied to the device do not prevent automatic sign in.
->[!NOTE]
->If you are using a Windows 10 and later device restriction CSP to set "Preferred Azure AD tenant domain", this will break the "User logon type" auto-login feature of the Kiosk profile.
+> [!NOTE]
+> If you are using a Windows 10 and later device restriction CSP to set "Preferred Azure AD tenant domain", this will break the "User logon type" auto-login feature of the Kiosk profile.
->[!TIP]
->If you use the [kiosk wizard in Windows Configuration Designer](kiosk-single-app.md#wizard) or [XML in a provisioning package](lock-down-windows-10-to-specific-apps.md) to configure your kiosk, you can set an account to sign in automatically in the wizard or XML.
+> [!TIP]
+> If you use the [kiosk wizard in Windows Configuration Designer](kiosk-single-app.md#wizard) or [XML in a provisioning package](lock-down-windows-10-to-specific-apps.md) to configure your kiosk, you can set an account to sign in automatically in the wizard or XML.
**How to edit the registry to have an account sign in automatically**
1. Open Registry Editor (regedit.exe).
- >[!NOTE]
- >If you are not familiar with Registry Editor, [learn how to modify the Windows registry](https://go.microsoft.com/fwlink/p/?LinkId=615002).
+ > [!NOTE]
+ > If you are not familiar with Registry Editor, [learn how to modify the Windows registry](https://go.microsoft.com/fwlink/p/?LinkId=615002).
2. Go to
@@ -94,8 +94,8 @@ In addition to the settings in the table, you may want to set up **automatic log
4. Close Registry Editor. The next time the computer restarts, the account will sign in automatically.
->[!TIP]
->You can also configure automatic sign-in [using the Autologon tool from Sysinternals](https://docs.microsoft.com/sysinternals/downloads/autologon).
+> [!TIP]
+> You can also configure automatic sign-in [using the Autologon tool from Sysinternals](https://docs.microsoft.com/sysinternals/downloads/autologon).
## Interactions and interoperability
@@ -245,13 +245,13 @@ The following table describes some features that have interoperability issues we
+
-
## Testing your kiosk in a virtual machine (VM)
Customers sometimes use virtual machines (VMs) to test configurations before deploying those configurations to physical devices. If you use a VM to test your single-app kiosk configuration, you need to know how to connect to the VM properly.
-A single-app kiosk configuration runs an app above the lockscreen. It doesn't work when it's accessed remotely, which includes *enhanced* sessions in Hyper-V.
+A single-app kiosk configuration runs an app above the lock screen. It doesn't work when it's accessed remotely, which includes *enhanced* sessions in Hyper-V.
When you connect to a VM configured as a single-app kiosk, you need a *basic* session rather than an enhanced session. In the following image, notice that **Enhanced session** is not selected in the **View** menu; that means it's a basic session.
@@ -259,4 +259,4 @@ When you connect to a VM configured as a single-app kiosk, you need a *basic* se
To connect to a VM in a basic session, do not select **Connect** in the connection dialog, as shown in the following image, but instead, select the **X** button in the upper-right corner to cancel the dialog.
-
+
diff --git a/windows/configuration/kiosk-single-app.md b/windows/configuration/kiosk-single-app.md
index fec62e33fd..92c0f753d1 100644
--- a/windows/configuration/kiosk-single-app.md
+++ b/windows/configuration/kiosk-single-app.md
@@ -51,6 +51,7 @@ Method | Description
+
## Set up a kiosk in local Settings
>App type: UWP
@@ -122,6 +123,7 @@ To remove assigned access, choose **Turn off assigned access and sign out of the
+
## Set up a kiosk using Windows PowerShell
@@ -182,6 +184,7 @@ Clear-AssignedAccess
+
## Set up a kiosk using the kiosk wizard in Windows Configuration Designer
>App type: UWP or Windows desktop application
@@ -234,6 +237,7 @@ When you use the **Provision kiosk devices** wizard in Windows Configuration Des
+
## Set up a kiosk or digital sign using Microsoft Intune or other MDM service
>App type: UWP
diff --git a/windows/configuration/lock-down-windows-10-to-specific-apps.md b/windows/configuration/lock-down-windows-10-to-specific-apps.md
index 2b237f1092..b88f801492 100644
--- a/windows/configuration/lock-down-windows-10-to-specific-apps.md
+++ b/windows/configuration/lock-down-windows-10-to-specific-apps.md
@@ -591,6 +591,7 @@ To create a multi-app kiosk that can run mixed reality apps, you must include th
+
```
These are in addition to any mixed reality apps that you allow.
diff --git a/windows/configuration/provisioning-packages/provisioning-powershell.md b/windows/configuration/provisioning-packages/provisioning-powershell.md
index ad7c341563..02c28c2b6d 100644
--- a/windows/configuration/provisioning-packages/provisioning-powershell.md
+++ b/windows/configuration/provisioning-packages/provisioning-powershell.md
@@ -26,7 +26,7 @@ Windows 10, version 1703, ships with Windows Provisioning PowerShell cmdlets. Th
| Cmdlet | Use this cmdlet to | Syntax |
|---|
-| Add-ProvisioningPackage | Apply a provisioning package | Add-ProvisioningPackage [-Path] <string> [-ForceInstall] [-LogsFolder <string>] [-WprpFile <string>] [<CommonParameters>] |
+| Add-ProvisioningPackage | Apply a provisioning package | Add-ProvisioningPackage [-Path] <string> [-ForceInstall] [-LogsFolder <string>] [-QuietInstall] [-WprpFile <string>] [<CommonParameters>] |
| Remove-ProvisioningPackage | Remove a provisioning package | Remove-ProvisioningPackage -PackageId <string> [-LogsFolder <string>] [-WprpFile <string>] [<CommonParameters>] |
Remove-ProvisioningPackage -Path <string> [-LogsFolder <string>] [-WprpFile <string>] [<CommonParameters>] |
Remove-ProvisioningPackage -AllInstalledPackages [-LogsFolder <string>] [-WprpFile <string>] [<CommonParameters>] |
| Get-ProvisioningPackage | Get information about an installed provisioning package | Get-ProvisioningPackage -PackageId <string> [-LogsFolder <string>] [-WprpFile <string>] [<CommonParameters>] |
Get-ProvisioningPackage -Path <string> [-LogsFolder <string>] [-WprpFile <string>] [<CommonParameters>] |
Get-ProvisioningPackage -AllInstalledPackages [-LogsFolder <string>] [-WprpFile <string>] [<CommonParameters>] |
| Export-ProvisioningPackage | Extract the contents of a provisioning package | Export-ProvisioningPackage -PackageId <string> -OutputFolder <string> [-Overwrite] [-AnswerFileOnly] [-LogsFolder <string>] [-WprpFile <string>] [<CommonParameters>] |
Export-ProvisioningPackage -Path <string> -OutputFolder <string> [-Overwrite] [-AnswerFileOnly] [-LogsFolder <string>] [-WprpFile <string>] [<CommonParameters>] |
diff --git a/windows/configuration/start-secondary-tiles.md b/windows/configuration/start-secondary-tiles.md
index fd49af9302..2064129dc1 100644
--- a/windows/configuration/start-secondary-tiles.md
+++ b/windows/configuration/start-secondary-tiles.md
@@ -9,7 +9,6 @@ ms.localizationpriority: medium
author: dansimp
ms.author: dansimp
ms.topic: article
-ms.date: 06/27/2018
ms.reviewer:
manager: dansimp
---
@@ -76,10 +75,7 @@ In Windows 10, version 1703, by using the PowerShell cmdlet `export-StartLayoutE
3. If you’d like to change the image for a secondary tile to your own custom image, open the layout.xml file, and look for the images that the tile references.
- For example, your layout.xml contains `Square150x150LogoUri="ms-appdata:///local/PinnedTiles/21581260870/hires.png" Wide310x150LogoUri="ms-appx:///"`
- - Open `C:\Users\\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState\PinnedTiles\21581260870\` and replace those images with your customized images.
-
- >[!TIP]
- >A quick method for getting appropriately sized images for each tile size is to upload your image at [BuildMyPinnedSite](http://www.buildmypinnedsite.com/) and then download the resized tile images.
+ - Open `C:\Users\\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState\PinnedTiles\21581260870\` and replace those images with your customized images.
4. In Windows PowerShell, enter the following command:
@@ -112,12 +108,9 @@ In Microsoft Intune, you create a device restrictions policy to apply to device
>[!NOTE]
>The device restrictions in Microsoft Intune include [other Start settings](https://docs.microsoft.com/intune/device-restrictions-windows-10#start) that you can also configure in your profile.
-
-
### Using a provisioning package
-
-#### Prepare the Start layout and Edge assets XML files
+#### Prepare the Start layout and Edge assets XML files
The **export-StartLayout** and **export-StartLayoutEdgeAssets** cmdlets produce XML files. Because Windows Configuration Designer produces a customizations.xml file that contains the configuration settings, adding the Start layout and Edge assets sections to the customizations.xml file directly would result in an XML file embedded in an XML file. Before you add the Start layout and Edge assets sections to the customizations.xml file, you must replace the markup characters in your layout.xml with escape characters.
@@ -128,7 +121,7 @@ The **export-StartLayout** and **export-StartLayoutEdgeAssets** cmdlets produce
3. During the procedure to create a provisioning package, you will copy the text with the escape characters and paste it in the customizations.xml file for your project.
-#### Create a provisioning package that contains a customized Start layout
+#### Create a provisioning package that contains a customized Start layout
Use the Windows Configuration Designer tool to create a provisioning package. [Learn how to install Windows Configuration Designer.](provisioning-packages/provisioning-install-icd.md)
diff --git a/windows/configuration/stop-employees-from-using-microsoft-store.md b/windows/configuration/stop-employees-from-using-microsoft-store.md
index 643ebbc93e..15ac23506b 100644
--- a/windows/configuration/stop-employees-from-using-microsoft-store.md
+++ b/windows/configuration/stop-employees-from-using-microsoft-store.md
@@ -23,7 +23,7 @@ ms.date: 4/16/2018
- Windows 10
- Windows 10 Mobile
->For more info about the features and functionality that are supported in each edition of Windows, see [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
+>For more info about the features and functionality that are supported in each edition of Windows, see [Compare Windows 10 Editions](https://www.microsoft.com/WindowsForBusiness/Compare).
IT pros can configure access to Microsoft Store for client computers in their organization. For some organizations, business policies require blocking access to Microsoft Store.
diff --git a/windows/configuration/ue-v/uev-administering-uev-with-windows-powershell-and-wmi.md b/windows/configuration/ue-v/uev-administering-uev-with-windows-powershell-and-wmi.md
index 4f1ec82a51..e6a50b2114 100644
--- a/windows/configuration/ue-v/uev-administering-uev-with-windows-powershell-and-wmi.md
+++ b/windows/configuration/ue-v/uev-administering-uev-with-windows-powershell-and-wmi.md
@@ -9,7 +9,7 @@ ms.prod: w10
ms.date: 04/19/2017
ms.reviewer:
manager: dansimp
-ms.author: trudyha
+ms.author: dansimp
ms.topic: article
---
diff --git a/windows/configuration/ue-v/uev-administering-uev.md b/windows/configuration/ue-v/uev-administering-uev.md
index c06c6a0d85..16154765ea 100644
--- a/windows/configuration/ue-v/uev-administering-uev.md
+++ b/windows/configuration/ue-v/uev-administering-uev.md
@@ -9,7 +9,7 @@ ms.prod: w10
ms.date: 04/19/2017
ms.reviewer:
manager: dansimp
-ms.author: trudyha
+ms.author: dansimp
ms.topic: article
---
diff --git a/windows/configuration/ue-v/uev-application-template-schema-reference.md b/windows/configuration/ue-v/uev-application-template-schema-reference.md
index 156e4af29b..2a219ab6bc 100644
--- a/windows/configuration/ue-v/uev-application-template-schema-reference.md
+++ b/windows/configuration/ue-v/uev-application-template-schema-reference.md
@@ -9,7 +9,7 @@ ms.prod: w10
ms.date: 04/19/2017
ms.reviewer:
manager: dansimp
-ms.author: trudyha
+ms.author: dansimp
ms.topic: article
---
diff --git a/windows/configuration/ue-v/uev-changing-the-frequency-of-scheduled-tasks.md b/windows/configuration/ue-v/uev-changing-the-frequency-of-scheduled-tasks.md
index 05d2abc519..63eb702d7d 100644
--- a/windows/configuration/ue-v/uev-changing-the-frequency-of-scheduled-tasks.md
+++ b/windows/configuration/ue-v/uev-changing-the-frequency-of-scheduled-tasks.md
@@ -9,7 +9,7 @@ ms.prod: w10
ms.date: 04/19/2017
ms.reviewer:
manager: dansimp
-ms.author: trudyha
+ms.author: dansimp
ms.topic: article
---
diff --git a/windows/configuration/ue-v/uev-configuring-uev-with-group-policy-objects.md b/windows/configuration/ue-v/uev-configuring-uev-with-group-policy-objects.md
index 913d80ac7c..fbaeb69dbf 100644
--- a/windows/configuration/ue-v/uev-configuring-uev-with-group-policy-objects.md
+++ b/windows/configuration/ue-v/uev-configuring-uev-with-group-policy-objects.md
@@ -9,7 +9,7 @@ ms.prod: w10
ms.date: 04/19/2017
ms.reviewer:
manager: dansimp
-ms.author: trudyha
+ms.author: dansimp
ms.topic: article
---
diff --git a/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md b/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md
index 049e9cff9f..0d078ba82b 100644
--- a/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md
+++ b/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md
@@ -228,7 +228,7 @@ To distribute a new Notepad template, you would perform these steps:
## Get the UE-V Configuration Pack
-You can download the [System Center 2012 Configuration Pack for Microsoft User Experience Virtualization 2.0](https://www.microsoft.com/en-us/download/details.aspx?id=40913) from the Microsoft Download Center.
+You can download the [System Center 2012 Configuration Pack for Microsoft User Experience Virtualization 2.0](https://www.microsoft.com/download/details.aspx?id=40913) from the Microsoft Download Center.
diff --git a/windows/configuration/ue-v/uev-synchronizing-microsoft-office-with-uev.md b/windows/configuration/ue-v/uev-synchronizing-microsoft-office-with-uev.md
index 3a799a5027..3bf783b488 100644
--- a/windows/configuration/ue-v/uev-synchronizing-microsoft-office-with-uev.md
+++ b/windows/configuration/ue-v/uev-synchronizing-microsoft-office-with-uev.md
@@ -139,7 +139,7 @@ You can deploy UE-V settings location template with the following methods:
- **Registering template with Template Catalog Path**. If you use the Settings Template Catalog Path to manage templates on users’ computers, copy the Office template into the folder defined in the UE-V service. The next time the Template Auto Update (ApplySettingsCatalog.exe) scheduled task runs, the settings location template will be registered on the device. For more information, see [Deploy a settings template catalog](uev-deploy-uev-for-custom-applications.md).
-- **Registering template with Configuration Manager**. If you use Configuration Manager to manage your UE-V settings storage templates, recreate the Template Baseline CAB, import it into Configuration Manager, and then deploy the baseline to user devices. For more information, see the guidance provided in the documentation for the [System Center 2012 Configuration Pack for Microsoft User Experience Virtualization 2.0](https://www.microsoft.com/en-us/download/details.aspx?id=40913).
+- **Registering template with Configuration Manager**. If you use Configuration Manager to manage your UE-V settings storage templates, recreate the Template Baseline CAB, import it into Configuration Manager, and then deploy the baseline to user devices. For more information, see the guidance provided in the documentation for the [System Center 2012 Configuration Pack for Microsoft User Experience Virtualization 2.0](https://www.microsoft.com/download/details.aspx?id=40913).
diff --git a/windows/configuration/ue-v/uev-whats-new-in-uev-for-windows.md b/windows/configuration/ue-v/uev-whats-new-in-uev-for-windows.md
index e44d1c33a7..c17b9cedb8 100644
--- a/windows/configuration/ue-v/uev-whats-new-in-uev-for-windows.md
+++ b/windows/configuration/ue-v/uev-whats-new-in-uev-for-windows.md
@@ -22,7 +22,7 @@ User Experience Virtualization (UE-V) for Windows 10, version 1607, includes the
## UE-V is now a feature in Windows 10
-With Windows 10, version 1607 and later releases, UE-V is included with [Windows 10 for Enterprise](https://www.microsoft.com/en-us/WindowsForBusiness/windows-for-enterprise) and is no longer part of the Microsoft Desktop Optimization Pack.
+With Windows 10, version 1607 and later releases, UE-V is included with [Windows 10 for Enterprise](https://www.microsoft.com/WindowsForBusiness/windows-for-enterprise) and is no longer part of the Microsoft Desktop Optimization Pack.
The changes in UE-V for Windows 10, version 1607 impact already existing implementations of UE-V in the following ways:
diff --git a/windows/configuration/wcd/wcd-deviceupdatecenter.md b/windows/configuration/wcd/wcd-deviceupdatecenter.md
index e8431b2555..0a509c9bc2 100644
--- a/windows/configuration/wcd/wcd-deviceupdatecenter.md
+++ b/windows/configuration/wcd/wcd-deviceupdatecenter.md
@@ -4,9 +4,10 @@ description: This section describes the DeviceUpdateCenter settings that you can
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
-author: jdeckerMS
+author: dansimp
ms.localizationpriority: medium
-ms.author: jdecker
+ms.author: dansimp
+manager: dansimp
ms.topic: article
---
diff --git a/windows/configuration/wcd/wcd-location.md b/windows/configuration/wcd/wcd-location.md
index 51c9676fc7..c2585b8fec 100644
--- a/windows/configuration/wcd/wcd-location.md
+++ b/windows/configuration/wcd/wcd-location.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 10/02/2018
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-maps.md b/windows/configuration/wcd/wcd-maps.md
index 413d267bd9..d50b2c93ed 100644
--- a/windows/configuration/wcd/wcd-maps.md
+++ b/windows/configuration/wcd/wcd-maps.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 04/30/2018
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-messaging.md b/windows/configuration/wcd/wcd-messaging.md
index cb9a984961..67158a5f0c 100644
--- a/windows/configuration/wcd/wcd-messaging.md
+++ b/windows/configuration/wcd/wcd-messaging.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 04/30/2018
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-modemconfigurations.md b/windows/configuration/wcd/wcd-modemconfigurations.md
index 7e4b830d53..2e35a4939e 100644
--- a/windows/configuration/wcd/wcd-modemconfigurations.md
+++ b/windows/configuration/wcd/wcd-modemconfigurations.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 09/12/2017
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-multivariant.md b/windows/configuration/wcd/wcd-multivariant.md
index 1a6771f972..504a5fbd1b 100644
--- a/windows/configuration/wcd/wcd-multivariant.md
+++ b/windows/configuration/wcd/wcd-multivariant.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 09/06/2017
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-networkproxy.md b/windows/configuration/wcd/wcd-networkproxy.md
index 6fc060772a..916599130b 100644
--- a/windows/configuration/wcd/wcd-networkproxy.md
+++ b/windows/configuration/wcd/wcd-networkproxy.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 09/06/2017
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-networkqospolicy.md b/windows/configuration/wcd/wcd-networkqospolicy.md
index 33a0bfac6b..9a459a884b 100644
--- a/windows/configuration/wcd/wcd-networkqospolicy.md
+++ b/windows/configuration/wcd/wcd-networkqospolicy.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 09/06/2017
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-nfc.md b/windows/configuration/wcd/wcd-nfc.md
index cede584f46..0e69a8611f 100644
--- a/windows/configuration/wcd/wcd-nfc.md
+++ b/windows/configuration/wcd/wcd-nfc.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 09/06/2017
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-personalization.md b/windows/configuration/wcd/wcd-personalization.md
index 5368e5b446..c452d22dbc 100644
--- a/windows/configuration/wcd/wcd-personalization.md
+++ b/windows/configuration/wcd/wcd-personalization.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 09/06/2017
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-privacy.md b/windows/configuration/wcd/wcd-privacy.md
index 1e754ef32f..7e5e005614 100644
--- a/windows/configuration/wcd/wcd-privacy.md
+++ b/windows/configuration/wcd/wcd-privacy.md
@@ -4,9 +4,10 @@ description: This section describes the Privacy settings that you can configure
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
-author: jdeckerMS
+author: dansimp
ms.localizationpriority: medium
-ms.author: jdecker
+ms.author: dansimp
+manager: dansimp
ms.topic: article
---
diff --git a/windows/configuration/wcd/wcd-storaged3inmodernstandby.md b/windows/configuration/wcd/wcd-storaged3inmodernstandby.md
index 64f3ae3dc7..e435b32ee5 100644
--- a/windows/configuration/wcd/wcd-storaged3inmodernstandby.md
+++ b/windows/configuration/wcd/wcd-storaged3inmodernstandby.md
@@ -4,10 +4,11 @@ description: This section describes the StorageD3InModernStandby settings that y
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
-author: jdeckerMS
+author: dansimp
ms.localizationpriority: medium
-ms.author: jdecker
+ms.author: dansimp
ms.topic: article
+manager: dansimp
---
# StorageD3InModernStandby (Windows Configuration Designer reference)
diff --git a/windows/configuration/wcd/wcd-theme.md b/windows/configuration/wcd/wcd-theme.md
index 658b518cfb..d368119a52 100644
--- a/windows/configuration/wcd/wcd-theme.md
+++ b/windows/configuration/wcd/wcd-theme.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 09/06/2017
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-time.md b/windows/configuration/wcd/wcd-time.md
index c0ff2212ce..a453f8eabe 100644
--- a/windows/configuration/wcd/wcd-time.md
+++ b/windows/configuration/wcd/wcd-time.md
@@ -4,9 +4,10 @@ description: This section describes the Time settings that you can configure in
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
-author: jdeckerMS
+author: dansimp
ms.localizationpriority: medium
-ms.author: jdecker
+ms.author: dansimp
+manager: dansimp
ms.topic: article
---
diff --git a/windows/configuration/wcd/wcd-unifiedwritefilter.md b/windows/configuration/wcd/wcd-unifiedwritefilter.md
index 104503cd09..2d215d1d84 100644
--- a/windows/configuration/wcd/wcd-unifiedwritefilter.md
+++ b/windows/configuration/wcd/wcd-unifiedwritefilter.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 10/02/2018
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-universalappinstall.md b/windows/configuration/wcd/wcd-universalappinstall.md
index be0152d06b..0877cba652 100644
--- a/windows/configuration/wcd/wcd-universalappinstall.md
+++ b/windows/configuration/wcd/wcd-universalappinstall.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 04/30/2018
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-universalappuninstall.md b/windows/configuration/wcd/wcd-universalappuninstall.md
index d31c0c0dec..b9a7329acf 100644
--- a/windows/configuration/wcd/wcd-universalappuninstall.md
+++ b/windows/configuration/wcd/wcd-universalappuninstall.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 09/14/2017
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-usberrorsoemoverride.md b/windows/configuration/wcd/wcd-usberrorsoemoverride.md
index c2ba08ffff..92a723d0c0 100644
--- a/windows/configuration/wcd/wcd-usberrorsoemoverride.md
+++ b/windows/configuration/wcd/wcd-usberrorsoemoverride.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 09/14/2017
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-weakcharger.md b/windows/configuration/wcd/wcd-weakcharger.md
index a20822fe41..317198f6b9 100644
--- a/windows/configuration/wcd/wcd-weakcharger.md
+++ b/windows/configuration/wcd/wcd-weakcharger.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 04/30/2018
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-windowshelloforbusiness.md b/windows/configuration/wcd/wcd-windowshelloforbusiness.md
index e955414622..936d9d7e62 100644
--- a/windows/configuration/wcd/wcd-windowshelloforbusiness.md
+++ b/windows/configuration/wcd/wcd-windowshelloforbusiness.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 10/02/2018
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd-windowsteamsettings.md b/windows/configuration/wcd/wcd-windowsteamsettings.md
index 1f05397e01..f459457d42 100644
--- a/windows/configuration/wcd/wcd-windowsteamsettings.md
+++ b/windows/configuration/wcd/wcd-windowsteamsettings.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 04/30/2018
ms.reviewer:
manager: dansimp
---
diff --git a/windows/configuration/wcd/wcd.md b/windows/configuration/wcd/wcd.md
index 8719cd6f74..4372317664 100644
--- a/windows/configuration/wcd/wcd.md
+++ b/windows/configuration/wcd/wcd.md
@@ -8,7 +8,6 @@ author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic: article
-ms.date: 07/19/2018
ms.reviewer:
manager: dansimp
---
diff --git a/windows/deployment/deploy-enterprise-licenses.md b/windows/deployment/deploy-enterprise-licenses.md
index 55c9e3dfac..c4c52097cc 100644
--- a/windows/deployment/deploy-enterprise-licenses.md
+++ b/windows/deployment/deploy-enterprise-licenses.md
@@ -63,7 +63,7 @@ You probably have on-premises Active Directory Domain Services (AD DS) domains.
You might ask why you need to synchronize these identities. The answer is so that users will have a *single identity* that they can use to access their on-premises apps and cloud services that use Azure AD (such as Windows 10 Enterprise E3 or E5). This means that users can use their existing credentials to sign in to Azure AD and access the cloud services that you provide and manage for them.
-**Figure 1** illustrates the integration between the on-premises AD DS domain with Azure AD. [Microsoft Azure Active Directory Connect](https://www.microsoft.com/en-us/download/details.aspx?id=47594) (Azure AD Connect) is responsible for synchronization of identities between the on-premises AD DS domain and Azure AD. Azure AD Connect is a service that you can install on-premises or in a virtual machine in Azure.
+**Figure 1** illustrates the integration between the on-premises AD DS domain with Azure AD. [Microsoft Azure Active Directory Connect](https://www.microsoft.com/download/details.aspx?id=47594) (Azure AD Connect) is responsible for synchronization of identities between the on-premises AD DS domain and Azure AD. Azure AD Connect is a service that you can install on-premises or in a virtual machine in Azure.
@@ -194,7 +194,7 @@ If there are any problems with the Windows 10 Enterprise E3 or E5 license or th
## Virtual Desktop Access (VDA)
-Subscriptions to Windows 10 Enterprise are also available for virtualized clients. Windows 10 Enterprise E3 and E5 are available for Virtual Desktop Access (VDA) in Windows Azure or in another [qualified multitenant hoster](https://www.microsoft.com/en-us/CloudandHosting/licensing_sca.aspx).
+Subscriptions to Windows 10 Enterprise are also available for virtualized clients. Windows 10 Enterprise E3 and E5 are available for Virtual Desktop Access (VDA) in Windows Azure or in another [qualified multitenant hoster](https://www.microsoft.com/CloudandHosting/licensing_sca.aspx).
Virtual machines (VMs) must be configured to enable Windows 10 Enterprise subscriptions for VDA. Active Directory-joined and Azure Active Directory-joined clients are supported. See [Enable VDA for Enterprise Subscription Activation](vda-subscription-activation.md).
diff --git a/windows/deployment/deploy-whats-new.md b/windows/deployment/deploy-whats-new.md
index 267732586c..e512fb6f51 100644
--- a/windows/deployment/deploy-whats-new.md
+++ b/windows/deployment/deploy-whats-new.md
@@ -180,6 +180,6 @@ The following topics provide a change history for Windows 10 ITPro TechNet libra
[Overview of Windows as a service](update/waas-overview.md)
[Windows 10 deployment considerations](planning/windows-10-deployment-considerations.md)
[Windows 10 release information](https://docs.microsoft.com/windows/windows-10/release-information)
-
[Windows 10 Specifications & Systems Requirements](https://www.microsoft.com/en-us/windows/windows-10-specifications)
+
[Windows 10 Specifications & Systems Requirements](https://www.microsoft.com/windows/windows-10-specifications)
[Windows 10 upgrade paths](upgrade/windows-10-upgrade-paths.md)
[Windows 10 deployment tools](windows-deployment-scenarios-and-tools.md)
diff --git a/windows/deployment/mbr-to-gpt.md b/windows/deployment/mbr-to-gpt.md
index 7f2c14085a..b4ff72ee14 100644
--- a/windows/deployment/mbr-to-gpt.md
+++ b/windows/deployment/mbr-to-gpt.md
@@ -452,5 +452,5 @@ To fix this issue, mount the Windows PE image (WIM), copy the missing file from
## Related topics
[Windows 10 Enterprise system requirements](https://technet.microsoft.com/windows/dn798752.aspx)
-
[Windows 10 Specifications](https://www.microsoft.com/en-us/windows/Windows-10-specifications)
+
[Windows 10 Specifications](https://www.microsoft.com/windows/Windows-10-specifications)
[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro)
diff --git a/windows/deployment/planning/compatibility-administrator-users-guide.md b/windows/deployment/planning/compatibility-administrator-users-guide.md
index d19359cc40..afbb20379c 100644
--- a/windows/deployment/planning/compatibility-administrator-users-guide.md
+++ b/windows/deployment/planning/compatibility-administrator-users-guide.md
@@ -1,85 +1,71 @@
----
-title: Compatibility Administrator User's Guide (Windows 10)
-ms.assetid: 0ce05f66-9009-4739-a789-60f3ce380e76
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-description:
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.date: 04/19/2017
-ms.topic: article
----
-
-# Compatibility Administrator User's Guide
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The Compatibility Administrator tool helps you resolve potential application-compatibility issues before deploying a new version of Windows to your organization. Compatibility Administrator provides the following:
-
-- Compatibility fixes, compatibility modes, and AppHelp messages that you can use to resolve specific compatibility issues.
-
-- Tools for creating customized compatibility fixes, compatibility modes, AppHelp messages, and compatibility databases.
-
-- A query tool that you can use to search for installed compatibility fixes on your local computers.
-
-The following flowchart shows the steps for using the Compatibility Administrator tool to create your compatibility fixes, compatibility modes, and AppHelp messages.
-
-
-
-**Important**
-Application Compatibility Toolkit (ACT) installs a 32-bit and a 64-bit version of the Compatibility Administrator tool. You must use the 32-bit version to create and work with custom databases for 32-bit applications, and the 64-bit version to create and work with custom databases for 64-bit applications.
-
-
-
-## In this section
-
-
-
-
-
-
-
-
-
-
-
-
-Using the Compatibility Administrator Tool |
-This section provides information about using the Compatibility Administrator tool. |
-
-
-Managing Application-Compatibility Fixes and Custom Fix Databases |
-This section provides information about managing your application-compatibility fixes and custom-compatibility fix databases. This section explains the reasons for using compatibility fixes and how to deploy custom-compatibility fix databases. |
-
-
-Using the Sdbinst.exe Command-Line Tool |
-You must deploy your customized database (.sdb) files to other computers in your organization before your compatibility fixes, compatibility modes, and AppHelp messages are applied. You can deploy your customized database files in several ways, including by using a logon script, by using Group Policy, or by performing file copy operations. |
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+---
+title: Compatibility Administrator User's Guide (Windows 10)
+ms.assetid: 0ce05f66-9009-4739-a789-60f3ce380e76
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+description:
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.pagetype: appcompat
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Compatibility Administrator User's Guide
+
+
+**Applies to**
+
+- Windows 10
+- Windows 8.1
+- Windows 8
+- Windows 7
+- Windows Server 2012
+- Windows Server 2008 R2
+
+The Compatibility Administrator tool helps you resolve potential application-compatibility issues before deploying a new version of Windows to your organization. Compatibility Administrator provides the following:
+
+- Compatibility fixes, compatibility modes, and AppHelp messages that you can use to resolve specific compatibility issues.
+
+- Tools for creating customized compatibility fixes, compatibility modes, AppHelp messages, and compatibility databases.
+
+- A query tool that you can use to search for installed compatibility fixes on your local computers.
+
+The following flowchart shows the steps for using the Compatibility Administrator tool to create your compatibility fixes, compatibility modes, and AppHelp messages.
+
+
+
+> [!IMPORTANT]
+> Application Compatibility Toolkit (ACT) installs a 32-bit and a 64-bit version of the Compatibility Administrator tool. You must use the 32-bit version to create and work with custom databases for 32-bit applications, and the 64-bit version to create and work with custom databases for 64-bit applications.
+
+## In this section
+
+
+
+
+
+
+
+
+
+
+
+Using the Compatibility Administrator Tool |
+This section provides information about using the Compatibility Administrator tool. |
+
+
+Managing Application-Compatibility Fixes and Custom Fix Databases |
+This section provides information about managing your application-compatibility fixes and custom-compatibility fix databases. This section explains the reasons for using compatibility fixes and how to deploy custom-compatibility fix databases. |
+
+
+Using the Sdbinst.exe Command-Line Tool |
+You must deploy your customized database (.sdb) files to other computers in your organization before your compatibility fixes, compatibility modes, and AppHelp messages are applied. You can deploy your customized database files in several ways, including by using a logon script, by using Group Policy, or by performing file copy operations. |
+
+
+
diff --git a/windows/deployment/planning/compatibility-fix-database-management-strategies-and-deployment.md b/windows/deployment/planning/compatibility-fix-database-management-strategies-and-deployment.md
index c7052c8a15..162ad2c153 100644
--- a/windows/deployment/planning/compatibility-fix-database-management-strategies-and-deployment.md
+++ b/windows/deployment/planning/compatibility-fix-database-management-strategies-and-deployment.md
@@ -102,8 +102,8 @@ If you decide to use the centralized compatibility-fix database deployment strat
5. The team that manages the centralized database opens Custom DB1 and uses the Compatibility Administrator to include the new compatibility fixes that were included in Custom DB2.
- **Note**
- Custom DB1 contains a unique GUID that makes updating the database easier. For example, if you install a new version of the custom compatibility-fix database that uses the same GUID as the previous version, the computer will automatically uninstall the old version.
+ > [!NOTE]
+ > Custom DB1 contains a unique GUID that makes updating the database easier. For example, if you install a new version of the custom compatibility-fix database that uses the same GUID as the previous version, the computer will automatically uninstall the old version.
@@ -123,23 +123,17 @@ In order to meet the two requirements above, we recommend that you use one of th
You can package your .sdb file and a custom deployment script into an .msi file, and then deploy the .msi file into your organization.
- **Important**
- You must ensure that you mark your custom script so that it does not impersonate the calling user. For example, if you use Microsoft® Visual Basic® Scripting Edition (VBScript), the custom action type would be:
+ > [!IMPORTANT]
+ > You must ensure that you mark your custom script so that it does not impersonate the calling user. For example, if you use Microsoft® Visual Basic® Scripting Edition (VBScript), the custom action type would be:
+ >`msidbCustomActionTypeVBScript + msidbCustomActionTypeInScript + msidbCustomActionTypeNoImpersonate = 0x0006 + 0x0400 + 0x0800 = 0x0C06 = 3078 decimal)`
-
-~~~
-```
-msidbCustomActionTypeVBScript + msidbCustomActionTypeInScript + msidbCustomActionTypeNoImpersonate = 0x0006 + 0x0400 + 0x0800 = 0x0C06 = 3078 decimal)
-```
-~~~
-
- **Using a network share and a custom script**
You can store your .sdb file on your network share and then call to a script that resides on your specified computers.
-**Important**
-You must ensure that you call the script at a time when it will receive elevated rights. For example, you should call the script by using computer startup scripts instead of a user logon script. You must also ensure that the installation of the custom compatibility-fix database occurs with Administrator rights.
+> [!IMPORTANT]
+> You must ensure that you call the script at a time when it will receive elevated rights. For example, you should call the script by using computer startup scripts instead of a user logon script. You must also ensure that the installation of the custom compatibility-fix database occurs with Administrator rights.
diff --git a/windows/deployment/planning/compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md b/windows/deployment/planning/compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md
index 2ea1929b51..bc1991c752 100644
--- a/windows/deployment/planning/compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md
+++ b/windows/deployment/planning/compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md
@@ -1,972 +1,973 @@
----
-title: Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista (Windows 10)
-description: You can fix some compatibility issues that are due to the changes made between Windows operating system versions. These issues can include User Account Control (UAC) restrictions.
-ms.assetid: cd51c824-557f-462a-83bb-54b0771b7dff
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.date: 04/19/2017
-ms.topic: article
----
-
-# Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-You can fix some compatibility issues that are due to the changes made between Windows operating system versions. These issues can include User Account Control (UAC) restrictions.
-
-**Important**
-The Application Compatibility Toolkit (ACT) installs a 32-bit and a 64-bit version of the Compatibility Administrator. You must use the 32-bit version for 32-bit applications and the 64-bit version to work for 64-bit applications. You will receive an error message if you try to use the wrong version.
-
-If you start the Compatibility Administrator as an Administrator (with elevated privileges), all repaired applications can run successfully; however, virtualization and redirection might not occur as expected. To verify that a compatibility fix addresses an issue, you must test the repaired application by running it under the destination user account.
-
-
-
-## Compatibility Fixes
-
-
-The following table lists the known compatibility fixes for all Windows operating systems that have been released from Windows Vista through Windows 10. The fixes are listed in alphabetical order.
-
-
-
-
-
-
-
-
-
-
-
-8And16BitAggregateBlts |
-Applications that are mitigated by 8/16-bit mitigation can exhibit performance issues. This layer aggregates all the blt operations and improves performance. |
-
-
-8And16BitDXMaxWinMode |
-Applications that use DX8/9 and are mitigated by the 8/16-bit mitigation are run in a maximized windowed mode. This layer mitigates applications that exhibit graphical corruption in full screen mode. |
-
-
-8And16BitGDIRedraw |
-This fix repairs applications that use GDI and that work in 8-bit color mode. The application is forced to repaint its window on RealizePalette. |
-
-
-AccelGdipFlush |
-This fix increases the speed of GdipFlush, which has perf issues in DWM. |
-
-
-AoaMp4Converter |
-This fix resolves a display issue for the AoA Mp4 Converter. |
-
-
-BIOSRead |
-This problem is indicated when an application cannot access the Device\PhysicalMemory object beyond the kernel-mode drivers, on any of the Windows Server® 2003 operating systems.
-The fix enables OEM executable (.exe) files to use the GetSystemFirmwareTable function instead of the NtOpenSection function when the BIOS is queried for the \Device\Physical memory information.. |
-
-
-BlockRunasInteractiveUser |
-This problem occurs when InstallShield creates installers and uninstallers that fail to complete and that generate error messages or warnings.
-The fix blocks InstallShield from setting the value of RunAs registry keys to InteractiveUser Because InteractiveUser no longer has Administrator rights.
-
-
-
- |
-
-
-ChangeFolderPathToXPStyle |
-This fix is required when an application cannot return shell folder paths when it uses the SHGetFolder API.
-The fix intercepts the SHGetFolder path request to the common appdata file path and returns the Windows® XP-style file path instead of the Windows Vista-style file path. |
-
-
-ClearLastErrorStatusonIntializeCriticalSection |
-This fix is indicated when an application fails to start.
-The fix modifies the InitializeCriticalSection function call so that it checks the NTSTATUS error code, and then sets the last error to ERROR_SUCCESS. |
-
-
-CopyHKCUSettingsFromOtherUsers |
-This problem occurs when an application's installer must run in elevated mode and depends on the HKCU settings that are provided for other users.
-The fix scans the existing user profiles and tries to copy the specified keys into the HKEY_CURRENT_USER registry area.
-You can control this fix further by entering the relevant registry keys as parameters that are separated by the ^ Symbol; for example: Software\MyCompany\Key1^Software\MyCompany\Key2.
-
-
-
- |
-
-
-CorrectCreateBrushIndirectHatch |
-The problem is indicated by an access violation error message that displays and when the application fails when you select or crop an image.
-The fix corrects the brush style hatch value, which is passed to the CreateBrushIndirect() function and enables the information to be correctly interpreted. |
-
-
-CorrectFilePaths |
-The problem is indicated when an application tries to write files to the hard disk and is denied access or receives a file not found or path not found error message.
-The fix modifies the file path names to point to a new location on the hard disk.
-
- NoteFor more detailed information about the CorrectFilePaths application fix, see Using the CorrectFilePaths Fix. We recommend that you use this fix together with the CorrectFilePathsUninstall fix if you are applying it to a setup installation file.
-
-
- |
-
-
-CorrectFilePathsUninstall |
-This problem occurs when an uninstalled application leaves behind files, directories, and links.
-The fix corrects the file paths that are used by the uninstallation process of an application.
-
- NoteFor more detailed information about this fix, see Using the CorrectFilePathsUninstall Fix. We recommend that you use this fix together with the CorrectFilePaths fix if you are applying it to a setup installation file.
-
-
- |
-
-
-CorrectShellExecuteHWND |
-This problem occurs when you start an executable (.exe) and a taskbar item blinks instead of an elevation prompt being opened, or when the application does not provide a valid HWND value when it calls the ShellExecute(Ex) function.
-The fix intercepts the ShellExecute(Ex) calls, and then inspects the HWND value. If the value is invalid, this fix enables the call to use the currently active HWND value.
-
-
-
- |
-
-
-CustomNCRender |
-This fix instructs DWM to not render the non-client area, thereby forcing the application to do its own NC rendering. This often gives windows an XP look. |
-
-
-DelayApplyFlag |
-This fix applies a KERNEL, USER, or PROCESS flag if the specified DLL is loaded.
-You can control this fix further by typing the following command at the command prompt:
-DLL_Name;Flag_Type;Hexidecimal_Value
-Where the DLL_Name is the name of the specific DLL, including the file extension. Flag_Type is KERNEL, USER, or PROCESS, and a Hexidecimal_Value, starting with 0x and up to 64-bits long.
-
- NoteThe PROCESS flag type can have a 32-bit length only. You can separate multiple entries with a backslash ().
-
-
- |
-
-
-DeprecatedServiceShim |
-The problem is indicated when an application tries to install a service that has a dependency on a deprecated service. An error message displays.
-The fix intercepts the CreateService function calls and removes the deprecated dependency service from the lpDependencies parameter.
-You can control this fix further by typing the following command at the command prompt:
-Deprecated_Service\App_Service/Deprecated_Service2 \App_Service2
-Where Deprecated_Service is the name of the service that has been deprecated and App_Service is the name of the specific application service that is to be modified; for example, NtLmSsp\WMI.
-
- NoteIf you do not provide an App_Service name, the deprecated service will be removed from all newly created services.
-
-
-
-
- NoteYou can separate multiple entries with a forward slash (/).
-
-
- |
-
-
-DirectXVersionLie |
-This problem occurs when an application fails because it does not find the correct version number for DirectX®.
-The fix modifies the DXDIAGN GetProp function call to return the correct DirectX version.
-You can control this fix further by typing the following command at the command prompt:
-MAJORVERSION.MINORVERSION.LETTER
-For example, 9.0.c. |
-
-
-DetectorDWM8And16Bit |
-This fix offeres mitigation for applications that work in 8/16-bit display color mode because these legacy color modes are not supported in Windows 8 . |
-
-
-Disable8And16BitD3D |
-This fix improves performance of 8/16-bit color applications that render using D3D and do not mix directdraw. |
-
-
-Disable8And16BitModes |
-This fix disables 8/16-bit color mitigation and enumeration of 8/16-bit color modes. |
-
-
-DisableDWM |
-The problem occurs when some objects are not drawn or object artifacts remain on the screen in an application.
-The fix temporarily disables the Windows Aero menu theme functionality for unsupported applications.
-
-
-
- |
-
-
-DisableFadeAnimations |
-The problem is indicated when an application fade animations, buttons, or other controls do not function properly.
-The fix disables the fade animations functionality for unsupported applications. |
-
-
-DisableThemeMenus |
-The problem is indicated by an application that behaves unpredictably when it tries to detect and use the correct Windows settings.
-The fix temporarily disables the Windows Aero menu theme functionality for unsupported applications. |
-
-
-DisableWindowsDefender |
-The fix disables Windows Defender for security applications that do not work with Windows Defender. |
-
-
-DWM8And16BitMitigation |
-The fix offers mitigation for applications that work in 8/16-bit display color mode because these legacy color modes are not supported in Windows 8. |
-
-
-DXGICompat |
-The fix allows application-specific compatibility instructions to be passed to the DirectX engine. |
-
-
-DXMaximizedWindowedMode |
-Applications that use DX8/9 are run in a maximized windowed mode. This is required for applications that use GDI/DirectDraw in addition to Direct3D. |
-
-
-ElevateCreateProcess |
-The problem is indicated when installations, de-installations, or updates fail because the host process calls the CreateProcess function and it returns an ERROR_ELEVATION_REQUIRED error message.
-The fix handles the error code and attempts to recall the CreateProcess function together with requested elevation. If the fixed application already has a UAC manifest, the error code will be returned unchanged.
-
-
-
- |
-
-
-EmulateOldPathIsUNC |
-The problem occurs when an application fails because of an incorrect UNC path.
-The fix changes the PathIsUNC function to return a value of True for UNC paths in Windows. |
-
-
-EmulateGetDiskFreeSpace |
-The problem is indicated when an application fails to install or to run, and it generates an error message that there is not enough free disk space to install or use the application, even though there is enough free disk space to meet the application requirements.
-The fix determines the amount of free space, so that if the amount of free space is larger than 2 GB, the compatibility fix returns a value of 2 GB, but if the amount of free space is smaller than 2 GB, the compatibility fix returns the actual free space amount.
-
-
-
- |
-
-
-EmulateSorting |
-The problem occurs when an application experiences search functionality issues.
-The fix forces applications that use the CompareStringW/LCMapString sorting table to use an older version of the table.
-
-
-
- |
-
-
-EmulateSortingWindows61 |
-The fix emulates the sorting order of Windows 7 and Windows Server 2008 R2 for various APIs. |
-
-
-EnableRestarts |
-The problem is indicated when an application and computer appear to hang because processes cannot end to allow the computer to complete its restart processes.
-The fix enables the computer to restart and finish the installation process by verifying and enabling that the SeShutdownPrivilege service privilege exists.
-
-
-
- |
-
-
-ExtraAddRefDesktopFolder |
-The problem occurs when an application invokes the Release() method too many times and causes an object to be prematurely destroyed.
-The fix counteracts the application's tries to obtain the shell desktop folder by invoking the AddRef() method on the Desktop folder, which is returned by the SHGetDesktopFolder function. |
-
-
-FailObsoleteShellAPIs |
-The problem occurs when an application fails because it generated deprecated API calls.
-The fix either fully implements the obsolete functions or implements the obsolete functions with stubs that fail.
-
- NoteYou can type FailAll=1 at the command prompt to suppress the function implementation and force all functions to fail.
-
-
- |
-
-
-FailRemoveDirectory |
-The problem occurs when an application uninstallation process does not remove all of the application files and folders.
-This fix fails calls to RemoveDirectory() when called with a path matching the one specified in the shim command-line. Only a single path is supported. The path can contain environment variables, but must be an exact path – no partial paths are supported.
-The fix can resolve an issue where an application expects RemoveDirectory() to delete a folder immediately even though a handle is open to it. |
-
-
-FakeLunaTheme |
-The problem occurs when a theme application does not properly display: the colors are washed out or the user interface is not detailed.
-The fix intercepts the GetCurrentThemeName API and returns the value for the Windows XP default theme, (Luna).
-
-
-
- |
-
-
-FlushFile |
-This problem is indicated when a file is updated and changes do not immediately appear on the hard disk. Applications cannot see the file changes.
-The fix enables the WriteFile function to call to the FlushFileBuffers APIs, which flush the file cache onto the hard disk. |
-
-
-FontMigration |
-The fix replaces an application-requested font with a better font selection, to avoid text truncation. |
-
-
-ForceAdminAccess |
-The problem occurs when an application fails to function during an explicit administrator check.
-The fix allows the user to temporarily imitate being a part of the Administrators group by returning a value of True during the administrator check.
-
-
-
- |
-
-
-ForceInvalidateOnClose |
-The fix invalidates any windows that exist under a closing or hiding window for applications that rely on the invalidation messages. |
-
-
-ForceLoadMirrorDrvMitigation |
-The fix loads the Windows 8 mirror driver mitigation for applications where the mitigation is not automatically applied. |
-
-
-FreestyleBMX |
-The fix resolves an application race condition that is related to window message order. |
-
-
-GetDriveTypeWHook |
-The application presents unusual behavior during installation; for example, the setup program states that it cannot install to a user-specified location.
-The fix changes GetDriveType() so that only the root information appears for the file path. This is required when an application passes an incomplete or badly-formed file path when it tries to retrieve the drive type on which the file path exists. |
-
-
-GlobalMemoryStatusLie |
-The problem is indicated by a Computer memory full error message that displays when you start an application.
-The fix modifies the memory status structure, so that it reports a swap file that is 400 MB, regardless of the true swap file size. |
-
-
-HandleBadPtr |
-The problem is indicated by an access violation error message that displays because an API is performing pointer validation before it uses a parameter.
-The fix supports using lpBuffer validation from the InternetSetOptionA and InternetSetOptionW functions to perform the additional parameter validation. |
-
-
-HandleMarkedContentNotIndexed |
-The problem is indicated by an application that fails when it changes an attribute on a file or directory.
-The fix intercepts any API calls that return file attributes and directories that are invoked from the %TEMP% directory, and resets the FILE_ATTRIBUTE_NOT_CONTENT_INDEXED attribute to its original state. |
-
-
-HeapClearAllocation |
-The problem is indicated when the allocation process shuts down unexpectedly.
-The fix uses zeros to clear out the heap allocation for an application. |
-
-
-IgnoreAltTab |
-The problem occurs when an application fails to function when special key combinations are used.
-The fix intercepts the RegisterRawInputDevices API and prevents the delivery of the WM_INPUT messages. This delivery failure forces the included hooks to be ignored and forces DInput to use Windows-specific hooks.
-
-
-
- |
-
-
-IgnoreChromeSandbox |
-The fix allows Google Chrome to run on systems that have ntdll loaded above 4GB. |
-
-
-IgnoreDirectoryJunction |
-The problem is indicated by a read or access violation error message that displays when an application tries to find or open files.
-The fix links the FindNextFileW, FindNextFileA, FindFirstFileExW, FindFirstFileExA, FindFirstFileW and FindFirstFileA APIs to prevent them from returning directory junctions.
-
- NoteSymbolic links appear starting in Windows Vista.
-
-
- |
-
-
-IgnoreException |
-The problem is indicated when an application stops functioning immediately after it starts, or the application starts with only a cursor appearing on the screen.
-The fix enables the application to ignore specified exceptions. By default, this fix ignores privileged-mode exceptions; however, it can be configured to ignore any exception.
-You can control this fix further by typing the following command at the command prompt:
-Exception1;Exception2
-Where Exception1 and Exception2 are specific exceptions to be ignored. For example: ACCESS_VIOLATION_READ:1;ACCESS_VIOLATION_WRITE:1.
-
- ImportantYou should use this compatibility fix only if you are certain that it is acceptable to ignore the exception. You might experience additional compatibility issues if you choose to incorrectly ignore an exception.
-
-
-
-
-
-
- |
-
-
-IgnoreFloatingPointRoundingControl |
-This fix enables an application to ignore the rounding control request and to behave as expected in previous versions of the application.
-Before floating point SSE2 support in the C runtime library, the rounding control request was being ignored which would use round to nearest option by default. This shim ignores the rounding control request to support applications relying on old behavior. |
-
-
-IgnoreFontQuality |
-The problem occurs when application text appears to be distorted.
-The fix enables color-keyed fonts to properly work with anti-aliasing. |
-
-
-IgnoreMessageBox |
-The problem is indicated by a message box that displays with debugging or extraneous content when the application runs on an unexpected operating system.
-The fix intercepts the MessageBox* APIs and inspects them for specific message text. If matching text is found, the application continues without showing the message box.
-
-
-
- |
-
-
-IgnoreMSOXMLMF |
-The problem is indicated by an error message that states that the operating system cannot locate the MSVCR80D.DLL file.
-The fix ignores the registered MSOXMLMF.DLL object, which Microsoft® Office 2007 loads into the operating system any time that you load an XML file, and then it fails the CoGetClassObject for its CLSID. This compatibility fix will just ignore the registered MSOXMLMF and fail the CoGetClassObject for its CLSID. |
-
-
-IgnoreSetROP2 |
-The fix ignores read-modify-write operations on the desktop to avoid performance issues. |
-
-
-InstallComponent |
-The fix prompts the user to install.Net 3.5 or .Net 2.0 because .Net is not included with Windows 8. |
-
-
-LoadLibraryRedirect |
-The fix forces an application to load system versions of libraries instead of loading redistributable versions that shipped with the application. |
-
-
-LocalMappedObject |
-The problem occurs when an application unsuccessfully tries to create an object in the Global namespace.
-The fix intercepts the function call to create the object and replaces the word Global with Local.
-
-
-
- |
-
-
-MakeShortcutRunas |
-The problem is indicated when an application fails to uninstall because of access-related errors.
-The fix locates any RunDLL.exe-based uninstallers and forces them to run with different credentials during the application installation. After it applies this fix, the installer will create a shortcut that specifies a matching string to run during the application installation, thereby enabling the uninstallation to occur later.
-
-
-
- |
-
-
-ManageLinks |
-The fix intercepts common APIs that are going to a directory or to an executable (.exe) file, and then converts any symbolic or directory junctions before passing it back to the original APIs. |
-
-
-MirrorDriverWithComposition |
-The fix allows mirror drivers to work properly with acceptable performance with desktop composition. |
-
-
-MoveToCopyFileShim |
-The problem occurs when an application experiences security access issues during setup.
-The fix forces the CopyFile APIs to run instead of the MoveFile APIs. CopyFile APIs avoid moving the security descriptor, which enables the application files to get the default descriptor of the destination folder and prevents the security access issue. |
-
-
-OpenDirectoryAcl |
-The problem is indicated by an error message that states that you do not have the appropriate permissions to access the application.
-The fix reduces the security privilege levels on a specified set of files and folders.
-
-
-
- |
-
-
-PopCapGamesForceResPerf |
-The fix resolves the performance issues in PopCap games like Bejeweled2. The performance issues are visible in certain low-end cards at certain resolutions where the 1024x768 buffer is scaled to fit the display resolution. |
-
-
-PreInstallDriver |
-The fix preinstalls drivers for applications that would otherwise try to install or start drivers during the initial start process. |
-
-
-PreInstallSmarteSECURE |
-The fix preinstalls computer-wide CLSIDs for applications that use SmartSECURE copy protection, which would otherwise try to install the CLSIDs during the initial start process. |
-
-
-ProcessPerfData |
-The problem is indicated by an Unhandled Exception error message because the application tried to read the process performance data registry value to determine if another instance of the application is running.
-The fix handles the failure case by passing a fake process performance data registry key, so that the application perceives that it is the only instance running.
-
- NoteThis issue seems to occur most frequently with .NET applications.
-
-
- |
-
-
-PromoteDAM |
-The fix registers an application for power state change notifications. |
-
-
-PropagateProcessHistory |
-The problem occurs when an application incorrectly fails to apply an application fix.
-The fix sets the _PROCESS_HISTORY environment variable so that child processes can look in the parent directory for matching information while searching for application fixes. |
-
-
-ProtectedAdminCheck |
-The problem occurs when an application fails to run because of incorrect Protected Administrator permissions.
-The fix addresses the issues that occur when applications use non-standard Administrator checks, thereby generating false positives for user accounts that are being run as Protected Administrators. In this case, the associated SID exists, but it is set as deny-only. |
-
-
-RedirectCRTTempFile |
-The fix intercepts failing CRT calls that try to create a temporary file at the root of the volume, thereby redirecting the calls to a temporary file in the user's temporary directory. |
-
-
-RedirectHKCUKeys |
-The problem occurs when an application cannot be accessed because of User Account Control (UAC) restrictions.
-The fix duplicates any newly created HKCU keys to other users' HKCU accounts. This fix is generic for UAC restrictions, whereby the HKCU keys are required, but are unavailable to an application at runtime. |
-
-
-RedirectMP3Codec |
-This problem occurs when you cannot play MP3 files.
-The fix intercepts the CoCreateInstance call for the missing filter and then redirects it to a supported version. |
-
-
-RedirectShortcut |
-The problem occurs when an application cannot be accessed by its shortcut, or application shortcuts are not removed during the application uninstallation process.
-The fix redirects all of the shortcuts created during the application setup to appear according to a specified path.
-
-Start Menu shortcuts: Appear in the \ProgramData\Microsoft\Windows\Start Menu directory for all users. Desktop or Quick Launch shortcuts:You must manually place the shortcuts on the individual user's desktop or Quick Launch bar.
-This issue occurs because of UAC restrictions: specifically, when an application setup runs by using elevated privileges and stores the shortcuts according to the elevated user's context. In this situation, a restricted user cannot access the shortcuts.
-You cannot apply this fix to an .exe file that includes a manifest and provides a runlevel. |
-
-
-RelaunchElevated |
-The problem occurs when installers, uninstallers, or updaters fail when they are started from a host application.
-The fix enables a child .exe file to run with elevated privileges when it is difficult to determine the parent process with either the ElevateCreateProcess fix or by marking the .exe files to RunAsAdmin.
-
-
-
- |
-
-
-RetryOpenSCManagerWithReadAccess |
-The problem occurs when an application tries to open the Service Control Manager (SCM) and receives an Access Denied error message.
-The fix retries the call and requests a more restricted set of rights that include the following:
- |
-
-
-RetryOpenServiceWithReadAccess |
-The problem occurs when an Unable to open service due to your application using the OpenService() API to test for the existence of a particular service error message displays.
-The fix retries the OpenService() API call and verifies that the user has Administrator rights, is not a Protected Administrator, and by using read-only access. Applications can test for the existence of a service by calling the OpenService() API but some applications ask for all access when making this check. This fix retries the call but only asking for read-only access. The user needs to be an administrator for this to work
-
-
-
- |
-
-
-RunAsAdmin |
-The problem occurs when an application fails to function by using the Standard User or Protected Administrator account.
-The fix enables the application to run by using elevated privileges. The fix is the equivalent of specifying requireAdministrator in an application manifest.
-
-
-
- |
-
-
-RunAsHighest |
-The problem occurs when administrators cannot view the read/write version of an application that presents a read-only view to standard users.
-The fix enables the application to run by using the highest available permissions. This is the equivalent of specifying highestAvailable in an application manifest.
-
-
-
- |
-
-
-RunAsInvoker |
-The problem occurs when an application is not detected as requiring elevation.
-The fix enables the application to run by using the privileges that are associated with the creation process, without requiring elevation. This is the equivalent of specifying asInvoker in an application manifest.
-
-
-
- |
-
-
-SecuROM7 |
-The fix repairs applications by using SecuROM7 for copy protection. |
-
-
-SessionShim |
-The fix intercepts API calls from applications that are trying to interact with services that are running in another session, by using the terminal service name prefix (Global or Local) as the parameter.
-At the command prompt, you can supply a list of objects to modify, separating the values by a double backslash (). Or, you can choose not to include any parameters, so that all of the objects are modified.
-
- ImportantUsers cannot log in as Session 0 (Global Session) in Windows Vista and later. Therefore, applications that require access to Session 0 automatically fail.
-
-
-
-
-
-
- |
-
-
-SetProtocolHandler |
-The fix registers an application as a protocol handler.
-You can control this fix further by typing the following command at the command prompt:
-Client;Protocol;App
-Where the Client is the name of the email protocol, Protocol is mailto, and App is the name of the application.
-
- NoteOnly the mail client and the mailto protocol are supported. You can separate multiple clients by using a backslash ().
-
-
- |
-
-
-SetupCommitFileQueueIgnoreWow |
-The problem occurs when a 32-bit setup program fails to install because it requires 64-bit drivers.
-The fix disables the Wow64 file system that is used by the 64-bit editions of Windows, to prevent 32-bit applications from accessing 64-bit file systems during the application setup. |
-
-
-SharePointDesigner2007 |
-The fix resolves an application bug that severely slows the application when it runs in DWM. |
-
-
-ShimViaEAT |
-The problem occurs when an application fails, even after applying acompatibility fix that is known to fix an issue. Applications that use unicows.dll or copy protection often present this issue.
-The fix applies the specified compatibility fixes by modifying the export table and by nullifying the use of module inclusion and exclusion.
-
-
-
- |
-
-
-ShowWindowIE |
-The problem occurs when a web application experiences navigation and display issues because of the tabbing feature.
-The fix intercepts the ShowWindow API call to address the issues that can occur when a web application determines that it is in a child window. This fix calls the real ShowWindow API on the top-level parent window. |
-
-
-SierraWirelessHideCDROM |
-The fix repairs the Sierra Wireless Driver installation, thereby preventing bugcheck. |
-
-
-Sonique2 |
-The application uses an invalid window style, which breaks in DWM. This fix replaces the window style with a valid value. |
-
-
-SpecificInstaller |
-The problem occurs when an application installation file fails to be picked up by the GenericInstaller function.
-The fix flags the application as being an installer file (for example, setup.exe), and then prompts for elevation.
-
-
-
- |
-
-
-SpecificNonInstaller |
-The problem occurs when an application that is not an installer (and has sufficient privileges) generates a false positive from the GenericInstaller function.
-The fix flags the application to exclude it from detection by the GenericInstaller function.
-
-
-
- |
-
-
-SystemMetricsLie |
-The fix replaces SystemMetrics values and SystemParametersInfo values with the values of previous Windows versions. |
-
-
-TextArt |
-The application receives different mouse coordinates with DWM ON versus DWM OFF, which causes the application to hang. This fix resolves the issue. |
-
-
-TrimDisplayDeviceNames |
-The fix trims the names of the display devices that are returned by the EnumDisplayDevices API. |
-
-
-UIPICompatLogging |
-The fix enables the logging of Windows messages from Internet Explorer and other processes. |
-
-
-UIPIEnableCustomMsgs |
-The problem occurs when an application does not properly communicate with other processes because customized Windows messages are not delivered.
-The fix enables customized Windows messages to pass through to the current process from a lower Desktop integrity level. This fix is the equivalent of calling the RegisterWindowMessage function, followed by the ChangeWindowMessageFilter function in the code.
-You can control this fix further by typing the following command at the command prompt:
-MessageString1 MessageString2
-Where MessageString1 and MessageString2 reflect the message strings that can pass.
-
-
-
- |
-
-
-UIPIEnableStandardMsgs |
-The problem occurs when an application does not communicate properly with other processes because standard Windows messages are not delivered.
-The fix enables standard Windows messages to pass through to the current process from a lower Desktop integrity level. This fix is the equivalent of calling the ChangeWindowMessageFilter function in the code.
-You can control this fix further by typing the following command at the command prompt:
-1055 1056 1069
-Where 1055 reflects the first message ID, 1056 reflects the second message ID, and 1069 reflects the third message ID that can pass.
-
-
-
- |
-
-
-VirtualizeDeleteFileLayer |
-The fix virtualizes DeleteFile operations for applications that try to delete protected files. |
-
-
-VirtualizeDesktopPainting |
-This fix improves the performance of a number of operations on the Desktop DC while using DWM. |
-
-
-VirtualRegistry |
-The problem is indicated when a Component failed to be located error message displays when an application is started.
-The fix enables the registry functions to allow for virtualization, redirection, expansion values, version spoofing, the simulation of performance data counters, and so on.
-For more detailed information about this application fix, see Using the VirtualRegistry Fix. |
-
-
-VirtualizeDeleteFile |
-The problem occurs when several error messages display and the application cannot delete files.
-The fix makes the application's DeleteFile function call a virtual call in an effort to remedy the UAC and file virtualization issues that were introduced with Windows Vista. This fix also links other file APIs (for example, GetFileAttributes) to ensure that the virtualization of the file is deleted.
-
-
-
- |
-
-
-VirtualizeHKCRLite |
-The problem occurs when an application fails to register COM components at runtime.
-The fix redirects the HKCR write calls (HKLM) to the HKCU hive for a per-user COM registration. This operates much like the VirtualRegistry fix when you use the VirtualizeHKCR parameter; however, VirtualizeHKCRLite provides better performance.
-HKCR is a virtual merge of the HKCU\Software\Classes and HKLM\Software\Classes directories. The use of HKCU is preferred if an application is not elevated and is ignored if the application is elevated.
-You typically will use this compatibility fix in conjunction with the VirtualizeRegisterTypeLib fix.
-For more detailed information about this application fix, see Using the VirtualizeHKCRLite Fix. |
-
-
-VirtualizeRegisterTypeLib |
-The fix, when it is used with the VirtualizeHKCRLite fix, ensures that the type library and the COM class registration happen simultaneously. This functions much like the RegistryTypeLib fix when the RegisterTypeLibForUser parameter is used.
-
-
-
- |
-
-
-WaveOutIgnoreBadFormat |
-This problem is indicated by an error message that states: Unable to initialize sound device from your audio driver; the application then closes.
-The fix enables the application to ignore the format error and continue to function properly. |
-
-
-WerDisableReportException |
-The fix turns off the silent reporting of exceptions to the Windows Error Reporting tool, including those that are reported by Object Linking and Embedding-Database (OLE DB). The fix intercepts the RtlReportException API and returns a STATUS_NOT_SUPPORTED error message. |
-
-
-Win7RTM/Win8RTM |
-The layer provides the application with Windows 7/Windows 8 compatibility mode. |
-
-
-WinxxRTMVersionLie |
-The problem occurs when an application fails because it does not find the correct version number for the required Windows operating system.
-All version lie compatibility fixes address the issue whereby an application fails to function because it is checking for, but not finding, a specific version of the operating system. The version lie fix returns the appropriate operating system version information. For example, the VistaRTMVersionLie returns the Windows Vista version information to the application, regardless of the actual operating system version that is running on the computer. |
-
-
-Wing32SystoSys32 |
-The problem is indicated by an error message that states that the WinG library was not properly installed.
-The fix detects whether the WinG32 library exists in the correct directory. If the library is located in the wrong location, this fix copies the information (typically during the runtime of the application) into the %WINDIR% \system32 directory.
-
- ImportantThe application must have Administrator privileges for this fix to work.
-
-
- |
-
-
-WinSrv08R2RTM |
- |
-
-
-WinXPSP2VersionLie |
-The problem occurs when an application experiences issues because of a VB runtime DLL.
-The fix forces the application to follow these steps:
-
-Open the Compatibility Administrator, and then select None for Operating System Mode. On the Compatibility Fixes page, click WinXPSP2VersionLie, and then click Parameters.
-The Options for <fix_name> dialog box appears. Type vbrun60.dll into the Module Name box, click Include, and then click Add. Save the custom database.
-
-
-
- |
-
-
-WRPDllRegister |
-The application fails when it tries to register a COM component that is released together with Windows Vista and later.
-The fix skips the processes of registering and unregistering WRP-protected COM components when calling the DLLRegisterServer and DLLUnregisterServer functions.
-You can control this fix further by typing the following command at the command prompt:
-Component1.dll;Component2.dll
-Where Component1.dll and Component2.dll reflect the components to be skipped.
-
-
-
- |
-
-
-WRPMitigation |
-The problem is indicated when an access denied error message displays when the application tries to access a protected operating system resource by using more than read-only access.
-The fix emulates the successful authentication and modification of file and registry APIs, so that the application can continue.
-
-
-
- |
-
-
-WRPRegDeleteKey |
-The problem is indicated by an access denied error message that displays when the application tries to delete a registry key.
-The fix verifies whether the registry key is WRP-protected. If the key is protected, this fix emulates the deletion process. |
-
-
-XPAfxIsValidAddress |
-The fix emulates the behavior of Windows XP for MFC42!AfxIsValidAddress. |
-
-
-
-
-
-
-## Compatibility Modes
-
-
-The following table lists the known compatibility modes.
-
-
-
-
-
-
-
-
-
-
-
-
-WinSrv03 |
-Emulates the Windows Server 2003 operating system. |
- |
-
-
-WinSrv03Sp1 |
-Emulates the Windows Server 2003 with Service Pack 1 (SP1) operating system. |
- |
-
-
-
+---
+title: Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista (Windows 10)
+description: You can fix some compatibility issues that are due to the changes made between Windows operating system versions. These issues can include User Account Control (UAC) restrictions.
+ms.assetid: cd51c824-557f-462a-83bb-54b0771b7dff
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.pagetype: appcompat
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.date: 04/19/2017
+ms.topic: article
+---
+
+# Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista
+
+
+**Applies to**
+
+- Windows 10
+- Windows 8.1
+- Windows 8
+- Windows 7
+- Windows Server 2012
+- Windows Server 2008 R2
+
+You can fix some compatibility issues that are due to the changes made between Windows operating system versions. These issues can include User Account Control (UAC) restrictions.
+
+> [!IMPORTANT]
+> The Application Compatibility Toolkit (ACT) installs a 32-bit and a 64-bit version of the Compatibility Administrator. You must use the 32-bit version for 32-bit applications and the 64-bit version to work for 64-bit applications. You will receive an error message if you try to use the wrong version.
+
+If you start the Compatibility Administrator as an Administrator (with elevated privileges), all repaired applications can run successfully; however, virtualization and redirection might not occur as expected. To verify that a compatibility fix addresses an issue, you must test the repaired application by running it under the destination user account.
+
+
+
+## Compatibility Fixes
+
+
+The following table lists the known compatibility fixes for all Windows operating systems that have been released from Windows Vista through Windows 10. The fixes are listed in alphabetical order.
+
+
+
+
+
+
+
+
+
+
+
+8And16BitAggregateBlts |
+Applications that are mitigated by 8/16-bit mitigation can exhibit performance issues. This layer aggregates all the blt operations and improves performance. |
+
+
+8And16BitDXMaxWinMode |
+Applications that use DX8/9 and are mitigated by the 8/16-bit mitigation are run in a maximized windowed mode. This layer mitigates applications that exhibit graphical corruption in full screen mode. |
+
+
+8And16BitGDIRedraw |
+This fix repairs applications that use GDI and that work in 8-bit color mode. The application is forced to repaint its window on RealizePalette. |
+
+
+AccelGdipFlush |
+This fix increases the speed of GdipFlush, which has perf issues in DWM. |
+
+
+AoaMp4Converter |
+This fix resolves a display issue for the AoA Mp4 Converter. |
+
+
+BIOSRead |
+This problem is indicated when an application cannot access the Device\PhysicalMemory object beyond the kernel-mode drivers, on any of the Windows Server® 2003 operating systems.
+The fix enables OEM executable (.exe) files to use the GetSystemFirmwareTable function instead of the NtOpenSection function when the BIOS is queried for the \Device\Physical memory information.. |
+
+
+BlockRunasInteractiveUser |
+This problem occurs when InstallShield creates installers and uninstallers that fail to complete and that generate error messages or warnings.
+The fix blocks InstallShield from setting the value of RunAs registry keys to InteractiveUser Because InteractiveUser no longer has Administrator rights.
+
+
+
+ |
+
+
+ChangeFolderPathToXPStyle |
+This fix is required when an application cannot return shell folder paths when it uses the SHGetFolder API.
+The fix intercepts the SHGetFolder path request to the common appdata file path and returns the Windows® XP-style file path instead of the Windows Vista-style file path. |
+
+
+ClearLastErrorStatusonIntializeCriticalSection |
+This fix is indicated when an application fails to start.
+The fix modifies the InitializeCriticalSection function call so that it checks the NTSTATUS error code, and then sets the last error to ERROR_SUCCESS. |
+
+
+CopyHKCUSettingsFromOtherUsers |
+This problem occurs when an application's installer must run in elevated mode and depends on the HKCU settings that are provided for other users.
+The fix scans the existing user profiles and tries to copy the specified keys into the HKEY_CURRENT_USER registry area.
+You can control this fix further by entering the relevant registry keys as parameters that are separated by the ^ Symbol; for example: Software\MyCompany\Key1^Software\MyCompany\Key2.
+
+
+
+ |
+
+
+CorrectCreateBrushIndirectHatch |
+The problem is indicated by an access violation error message that displays and when the application fails when you select or crop an image.
+The fix corrects the brush style hatch value, which is passed to the CreateBrushIndirect() function and enables the information to be correctly interpreted. |
+
+
+CorrectFilePaths |
+The problem is indicated when an application tries to write files to the hard disk and is denied access or receives a file not found or path not found error message.
+The fix modifies the file path names to point to a new location on the hard disk.
+
+ NoteFor more detailed information about the CorrectFilePaths application fix, see Using the CorrectFilePaths Fix. We recommend that you use this fix together with the CorrectFilePathsUninstall fix if you are applying it to a setup installation file.
+
+
+ |
+
+
+CorrectFilePathsUninstall |
+This problem occurs when an uninstalled application leaves behind files, directories, and links.
+The fix corrects the file paths that are used by the uninstallation process of an application.
+
+ NoteFor more detailed information about this fix, see Using the CorrectFilePathsUninstall Fix. We recommend that you use this fix together with the CorrectFilePaths fix if you are applying it to a setup installation file.
+
+
+ |
+
+
+CorrectShellExecuteHWND |
+This problem occurs when you start an executable (.exe) and a taskbar item blinks instead of an elevation prompt being opened, or when the application does not provide a valid HWND value when it calls the ShellExecute(Ex) function.
+The fix intercepts the ShellExecute(Ex) calls, and then inspects the HWND value. If the value is invalid, this fix enables the call to use the currently active HWND value.
+
+
+
+ |
+
+
+CustomNCRender |
+This fix instructs DWM to not render the non-client area, thereby forcing the application to do its own NC rendering. This often gives windows an XP look. |
+
+
+DelayApplyFlag |
+This fix applies a KERNEL, USER, or PROCESS flag if the specified DLL is loaded.
+You can control this fix further by typing the following command at the command prompt:
+DLL_Name;Flag_Type;Hexidecimal_Value
+Where the DLL_Name is the name of the specific DLL, including the file extension. Flag_Type is KERNEL, USER, or PROCESS, and a Hexidecimal_Value, starting with 0x and up to 64-bits long.
+
+ NoteThe PROCESS flag type can have a 32-bit length only. You can separate multiple entries with a backslash ().
+
+
+ |
+
+
+DeprecatedServiceShim |
+The problem is indicated when an application tries to install a service that has a dependency on a deprecated service. An error message displays.
+The fix intercepts the CreateService function calls and removes the deprecated dependency service from the lpDependencies parameter.
+You can control this fix further by typing the following command at the command prompt:
+Deprecated_Service\App_Service/Deprecated_Service2 \App_Service2
+Where Deprecated_Service is the name of the service that has been deprecated and App_Service is the name of the specific application service that is to be modified; for example, NtLmSsp\WMI.
+
+ NoteIf you do not provide an App_Service name, the deprecated service will be removed from all newly created services.
+
+
+
+
+ NoteYou can separate multiple entries with a forward slash (/).
+
+
+ |
+
+
+DirectXVersionLie |
+This problem occurs when an application fails because it does not find the correct version number for DirectX®.
+The fix modifies the DXDIAGN GetProp function call to return the correct DirectX version.
+You can control this fix further by typing the following command at the command prompt:
+MAJORVERSION.MINORVERSION.LETTER
+For example, 9.0.c. |
+
+
+DetectorDWM8And16Bit |
+This fix offeres mitigation for applications that work in 8/16-bit display color mode because these legacy color modes are not supported in Windows 8 . |
+
+
+Disable8And16BitD3D |
+This fix improves performance of 8/16-bit color applications that render using D3D and do not mix directdraw. |
+
+
+Disable8And16BitModes |
+This fix disables 8/16-bit color mitigation and enumeration of 8/16-bit color modes. |
+
+
+DisableDWM |
+The problem occurs when some objects are not drawn or object artifacts remain on the screen in an application.
+The fix temporarily disables the Windows Aero menu theme functionality for unsupported applications.
+
+
+
+ |
+
+
+DisableFadeAnimations |
+The problem is indicated when an application fade animations, buttons, or other controls do not function properly.
+The fix disables the fade animations functionality for unsupported applications. |
+
+
+DisableThemeMenus |
+The problem is indicated by an application that behaves unpredictably when it tries to detect and use the correct Windows settings.
+The fix temporarily disables the Windows Aero menu theme functionality for unsupported applications. |
+
+
+DisableWindowsDefender |
+The fix disables Windows Defender for security applications that do not work with Windows Defender. |
+
+
+DWM8And16BitMitigation |
+The fix offers mitigation for applications that work in 8/16-bit display color mode because these legacy color modes are not supported in Windows 8. |
+
+
+DXGICompat |
+The fix allows application-specific compatibility instructions to be passed to the DirectX engine. |
+
+
+DXMaximizedWindowedMode |
+Applications that use DX8/9 are run in a maximized windowed mode. This is required for applications that use GDI/DirectDraw in addition to Direct3D. |
+
+
+ElevateCreateProcess |
+The problem is indicated when installations, de-installations, or updates fail because the host process calls the CreateProcess function and it returns an ERROR_ELEVATION_REQUIRED error message.
+The fix handles the error code and attempts to recall the CreateProcess function together with requested elevation. If the fixed application already has a UAC manifest, the error code will be returned unchanged.
+
+
+
+ |
+
+
+EmulateOldPathIsUNC |
+The problem occurs when an application fails because of an incorrect UNC path.
+The fix changes the PathIsUNC function to return a value of True for UNC paths in Windows. |
+
+
+EmulateGetDiskFreeSpace |
+The problem is indicated when an application fails to install or to run, and it generates an error message that there is not enough free disk space to install or use the application, even though there is enough free disk space to meet the application requirements.
+The fix determines the amount of free space, so that if the amount of free space is larger than 2 GB, the compatibility fix returns a value of 2 GB, but if the amount of free space is smaller than 2 GB, the compatibility fix returns the actual free space amount.
+
+
+
+ |
+
+
+EmulateSorting |
+The problem occurs when an application experiences search functionality issues.
+The fix forces applications that use the CompareStringW/LCMapString sorting table to use an older version of the table.
+
+
+
+ |
+
+
+EmulateSortingWindows61 |
+The fix emulates the sorting order of Windows 7 and Windows Server 2008 R2 for various APIs. |
+
+
+EnableRestarts |
+The problem is indicated when an application and computer appear to hang because processes cannot end to allow the computer to complete its restart processes.
+The fix enables the computer to restart and finish the installation process by verifying and enabling that the SeShutdownPrivilege service privilege exists.
+
+
+
+ |
+
+
+ExtraAddRefDesktopFolder |
+The problem occurs when an application invokes the Release() method too many times and causes an object to be prematurely destroyed.
+The fix counteracts the application's tries to obtain the shell desktop folder by invoking the AddRef() method on the Desktop folder, which is returned by the SHGetDesktopFolder function. |
+
+
+FailObsoleteShellAPIs |
+The problem occurs when an application fails because it generated deprecated API calls.
+The fix either fully implements the obsolete functions or implements the obsolete functions with stubs that fail.
+
+ NoteYou can type FailAll=1 at the command prompt to suppress the function implementation and force all functions to fail.
+
+
+ |
+
+
+FailRemoveDirectory |
+The problem occurs when an application uninstallation process does not remove all of the application files and folders.
+This fix fails calls to RemoveDirectory() when called with a path matching the one specified in the shim command-line. Only a single path is supported. The path can contain environment variables, but must be an exact path – no partial paths are supported.
+The fix can resolve an issue where an application expects RemoveDirectory() to delete a folder immediately even though a handle is open to it. |
+
+
+FakeLunaTheme |
+The problem occurs when a theme application does not properly display: the colors are washed out or the user interface is not detailed.
+The fix intercepts the GetCurrentThemeName API and returns the value for the Windows XP default theme, (Luna).
+
+
+
+ |
+
+
+FlushFile |
+This problem is indicated when a file is updated and changes do not immediately appear on the hard disk. Applications cannot see the file changes.
+The fix enables the WriteFile function to call to the FlushFileBuffers APIs, which flush the file cache onto the hard disk. |
+
+
+FontMigration |
+The fix replaces an application-requested font with a better font selection, to avoid text truncation. |
+
+
+ForceAdminAccess |
+The problem occurs when an application fails to function during an explicit administrator check.
+The fix allows the user to temporarily imitate being a part of the Administrators group by returning a value of True during the administrator check.
+
+
+
+ |
+
+
+ForceInvalidateOnClose |
+The fix invalidates any windows that exist under a closing or hiding window for applications that rely on the invalidation messages. |
+
+
+ForceLoadMirrorDrvMitigation |
+The fix loads the Windows 8 mirror driver mitigation for applications where the mitigation is not automatically applied. |
+
+
+FreestyleBMX |
+The fix resolves an application race condition that is related to window message order. |
+
+
+GetDriveTypeWHook |
+The application presents unusual behavior during installation; for example, the setup program states that it cannot install to a user-specified location.
+The fix changes GetDriveType() so that only the root information appears for the file path. This is required when an application passes an incomplete or badly-formed file path when it tries to retrieve the drive type on which the file path exists. |
+
+
+GlobalMemoryStatusLie |
+The problem is indicated by a Computer memory full error message that displays when you start an application.
+The fix modifies the memory status structure, so that it reports a swap file that is 400 MB, regardless of the true swap file size. |
+
+
+HandleBadPtr |
+The problem is indicated by an access violation error message that displays because an API is performing pointer validation before it uses a parameter.
+The fix supports using lpBuffer validation from the InternetSetOptionA and InternetSetOptionW functions to perform the additional parameter validation. |
+
+
+HandleMarkedContentNotIndexed |
+The problem is indicated by an application that fails when it changes an attribute on a file or directory.
+The fix intercepts any API calls that return file attributes and directories that are invoked from the %TEMP% directory, and resets the FILE_ATTRIBUTE_NOT_CONTENT_INDEXED attribute to its original state. |
+
+
+HeapClearAllocation |
+The problem is indicated when the allocation process shuts down unexpectedly.
+The fix uses zeros to clear out the heap allocation for an application. |
+
+
+IgnoreAltTab |
+The problem occurs when an application fails to function when special key combinations are used.
+The fix intercepts the RegisterRawInputDevices API and prevents the delivery of the WM_INPUT messages. This delivery failure forces the included hooks to be ignored and forces DInput to use Windows-specific hooks.
+
+
+
+ |
+
+
+IgnoreChromeSandbox |
+The fix allows Google Chrome to run on systems that have ntdll loaded above 4GB. |
+
+
+IgnoreDirectoryJunction |
+The problem is indicated by a read or access violation error message that displays when an application tries to find or open files.
+The fix links the FindNextFileW, FindNextFileA, FindFirstFileExW, FindFirstFileExA, FindFirstFileW and FindFirstFileA APIs to prevent them from returning directory junctions.
+
+ NoteSymbolic links appear starting in Windows Vista.
+
+
+ |
+
+
+IgnoreException |
+The problem is indicated when an application stops functioning immediately after it starts, or the application starts with only a cursor appearing on the screen.
+The fix enables the application to ignore specified exceptions. By default, this fix ignores privileged-mode exceptions; however, it can be configured to ignore any exception.
+You can control this fix further by typing the following command at the command prompt:
+Exception1;Exception2
+Where Exception1 and Exception2 are specific exceptions to be ignored. For example: ACCESS_VIOLATION_READ:1;ACCESS_VIOLATION_WRITE:1.
+
+ ImportantYou should use this compatibility fix only if you are certain that it is acceptable to ignore the exception. You might experience additional compatibility issues if you choose to incorrectly ignore an exception.
+
+
+
+
+
+
+ |
+
+
+IgnoreFloatingPointRoundingControl |
+This fix enables an application to ignore the rounding control request and to behave as expected in previous versions of the application.
+Before floating point SSE2 support in the C runtime library, the rounding control request was being ignored which would use round to nearest option by default. This shim ignores the rounding control request to support applications relying on old behavior. |
+
+
+IgnoreFontQuality |
+The problem occurs when application text appears to be distorted.
+The fix enables color-keyed fonts to properly work with anti-aliasing. |
+
+
+IgnoreMessageBox |
+The problem is indicated by a message box that displays with debugging or extraneous content when the application runs on an unexpected operating system.
+The fix intercepts the MessageBox* APIs and inspects them for specific message text. If matching text is found, the application continues without showing the message box.
+
+
+
+ |
+
+
+IgnoreMSOXMLMF |
+The problem is indicated by an error message that states that the operating system cannot locate the MSVCR80D.DLL file.
+The fix ignores the registered MSOXMLMF.DLL object, which Microsoft® Office 2007 loads into the operating system any time that you load an XML file, and then it fails the CoGetClassObject for its CLSID. This compatibility fix will just ignore the registered MSOXMLMF and fail the CoGetClassObject for its CLSID. |
+
+
+IgnoreSetROP2 |
+The fix ignores read-modify-write operations on the desktop to avoid performance issues. |
+
+
+InstallComponent |
+The fix prompts the user to install.Net 3.5 or .Net 2.0 because .Net is not included with Windows 8. |
+
+
+LoadLibraryRedirect |
+The fix forces an application to load system versions of libraries instead of loading redistributable versions that shipped with the application. |
+
+
+LocalMappedObject |
+The problem occurs when an application unsuccessfully tries to create an object in the Global namespace.
+The fix intercepts the function call to create the object and replaces the word Global with Local.
+
+
+
+ |
+
+
+MakeShortcutRunas |
+The problem is indicated when an application fails to uninstall because of access-related errors.
+The fix locates any RunDLL.exe-based uninstallers and forces them to run with different credentials during the application installation. After it applies this fix, the installer will create a shortcut that specifies a matching string to run during the application installation, thereby enabling the uninstallation to occur later.
+
+
+
+ |
+
+
+ManageLinks |
+The fix intercepts common APIs that are going to a directory or to an executable (.exe) file, and then converts any symbolic or directory junctions before passing it back to the original APIs. |
+
+
+MirrorDriverWithComposition |
+The fix allows mirror drivers to work properly with acceptable performance with desktop composition. |
+
+
+MoveToCopyFileShim |
+The problem occurs when an application experiences security access issues during setup.
+The fix forces the CopyFile APIs to run instead of the MoveFile APIs. CopyFile APIs avoid moving the security descriptor, which enables the application files to get the default descriptor of the destination folder and prevents the security access issue. |
+
+
+OpenDirectoryAcl |
+The problem is indicated by an error message that states that you do not have the appropriate permissions to access the application.
+The fix reduces the security privilege levels on a specified set of files and folders.
+
+
+
+ |
+
+
+PopCapGamesForceResPerf |
+The fix resolves the performance issues in PopCap games like Bejeweled2. The performance issues are visible in certain low-end cards at certain resolutions where the 1024x768 buffer is scaled to fit the display resolution. |
+
+
+PreInstallDriver |
+The fix preinstalls drivers for applications that would otherwise try to install or start drivers during the initial start process. |
+
+
+PreInstallSmarteSECURE |
+The fix preinstalls computer-wide CLSIDs for applications that use SmartSECURE copy protection, which would otherwise try to install the CLSIDs during the initial start process. |
+
+
+ProcessPerfData |
+The problem is indicated by an Unhandled Exception error message because the application tried to read the process performance data registry value to determine if another instance of the application is running.
+The fix handles the failure case by passing a fake process performance data registry key, so that the application perceives that it is the only instance running.
+
+ NoteThis issue seems to occur most frequently with .NET applications.
+
+
+ |
+
+
+PromoteDAM |
+The fix registers an application for power state change notifications. |
+
+
+PropagateProcessHistory |
+The problem occurs when an application incorrectly fails to apply an application fix.
+The fix sets the _PROCESS_HISTORY environment variable so that child processes can look in the parent directory for matching information while searching for application fixes. |
+
+
+ProtectedAdminCheck |
+The problem occurs when an application fails to run because of incorrect Protected Administrator permissions.
+The fix addresses the issues that occur when applications use non-standard Administrator checks, thereby generating false positives for user accounts that are being run as Protected Administrators. In this case, the associated SID exists, but it is set as deny-only. |
+
+
+RedirectCRTTempFile |
+The fix intercepts failing CRT calls that try to create a temporary file at the root of the volume, thereby redirecting the calls to a temporary file in the user's temporary directory. |
+
+
+RedirectHKCUKeys |
+The problem occurs when an application cannot be accessed because of User Account Control (UAC) restrictions.
+The fix duplicates any newly created HKCU keys to other users' HKCU accounts. This fix is generic for UAC restrictions, whereby the HKCU keys are required, but are unavailable to an application at runtime. |
+
+
+RedirectMP3Codec |
+This problem occurs when you cannot play MP3 files.
+The fix intercepts the CoCreateInstance call for the missing filter and then redirects it to a supported version. |
+
+
+RedirectShortcut |
+The problem occurs when an application cannot be accessed by its shortcut, or application shortcuts are not removed during the application uninstallation process.
+The fix redirects all of the shortcuts created during the application setup to appear according to a specified path.
+
+Start Menu shortcuts: Appear in the \ProgramData\Microsoft\Windows\Start Menu directory for all users. Desktop or Quick Launch shortcuts:You must manually place the shortcuts on the individual user's desktop or Quick Launch bar.
+This issue occurs because of UAC restrictions: specifically, when an application setup runs by using elevated privileges and stores the shortcuts according to the elevated user's context. In this situation, a restricted user cannot access the shortcuts.
+You cannot apply this fix to an .exe file that includes a manifest and provides a runlevel. |
+
+
+RelaunchElevated |
+The problem occurs when installers, uninstallers, or updaters fail when they are started from a host application.
+The fix enables a child .exe file to run with elevated privileges when it is difficult to determine the parent process with either the ElevateCreateProcess fix or by marking the .exe files to RunAsAdmin.
+
+
+
+ |
+
+
+RetryOpenSCManagerWithReadAccess |
+The problem occurs when an application tries to open the Service Control Manager (SCM) and receives an Access Denied error message.
+The fix retries the call and requests a more restricted set of rights that include the following:
+ |
+
+
+RetryOpenServiceWithReadAccess |
+The problem occurs when an Unable to open service due to your application using the OpenService() API to test for the existence of a particular service error message displays.
+The fix retries the OpenService() API call and verifies that the user has Administrator rights, is not a Protected Administrator, and by using read-only access. Applications can test for the existence of a service by calling the OpenService() API but some applications ask for all access when making this check. This fix retries the call but only asking for read-only access. The user needs to be an administrator for this to work
+
+
+
+ |
+
+
+RunAsAdmin |
+The problem occurs when an application fails to function by using the Standard User or Protected Administrator account.
+The fix enables the application to run by using elevated privileges. The fix is the equivalent of specifying requireAdministrator in an application manifest.
+
+
+
+ |
+
+
+RunAsHighest |
+The problem occurs when administrators cannot view the read/write version of an application that presents a read-only view to standard users.
+The fix enables the application to run by using the highest available permissions. This is the equivalent of specifying highestAvailable in an application manifest.
+
+
+
+ |
+
+
+RunAsInvoker |
+The problem occurs when an application is not detected as requiring elevation.
+The fix enables the application to run by using the privileges that are associated with the creation process, without requiring elevation. This is the equivalent of specifying asInvoker in an application manifest.
+
+
+
+ |
+
+
+SecuROM7 |
+The fix repairs applications by using SecuROM7 for copy protection. |
+
+
+SessionShim |
+The fix intercepts API calls from applications that are trying to interact with services that are running in another session, by using the terminal service name prefix (Global or Local) as the parameter.
+At the command prompt, you can supply a list of objects to modify, separating the values by a double backslash (). Or, you can choose not to include any parameters, so that all of the objects are modified.
+
+ ImportantUsers cannot log in as Session 0 (Global Session) in Windows Vista and later. Therefore, applications that require access to Session 0 automatically fail.
+
+
+
+
+
+
+ |
+
+
+SetProtocolHandler |
+The fix registers an application as a protocol handler.
+You can control this fix further by typing the following command at the command prompt:
+Client;Protocol;App
+Where the Client is the name of the email protocol, Protocol is mailto, and App is the name of the application.
+
+ NoteOnly the mail client and the mailto protocol are supported. You can separate multiple clients by using a backslash ().
+
+
+ |
+
+
+SetupCommitFileQueueIgnoreWow |
+The problem occurs when a 32-bit setup program fails to install because it requires 64-bit drivers.
+The fix disables the Wow64 file system that is used by the 64-bit editions of Windows, to prevent 32-bit applications from accessing 64-bit file systems during the application setup. |
+
+
+SharePointDesigner2007 |
+The fix resolves an application bug that severely slows the application when it runs in DWM. |
+
+
+ShimViaEAT |
+The problem occurs when an application fails, even after applying acompatibility fix that is known to fix an issue. Applications that use unicows.dll or copy protection often present this issue.
+The fix applies the specified compatibility fixes by modifying the export table and by nullifying the use of module inclusion and exclusion.
+
+
+
+ |
+
+
+ShowWindowIE |
+The problem occurs when a web application experiences navigation and display issues because of the tabbing feature.
+The fix intercepts the ShowWindow API call to address the issues that can occur when a web application determines that it is in a child window. This fix calls the real ShowWindow API on the top-level parent window. |
+
+
+SierraWirelessHideCDROM |
+The fix repairs the Sierra Wireless Driver installation, thereby preventing bugcheck. |
+
+
+Sonique2 |
+The application uses an invalid window style, which breaks in DWM. This fix replaces the window style with a valid value. |
+
+
+SpecificInstaller |
+The problem occurs when an application installation file fails to be picked up by the GenericInstaller function.
+The fix flags the application as being an installer file (for example, setup.exe), and then prompts for elevation.
+
+
+
+ |
+
+
+SpecificNonInstaller |
+The problem occurs when an application that is not an installer (and has sufficient privileges) generates a false positive from the GenericInstaller function.
+The fix flags the application to exclude it from detection by the GenericInstaller function.
+
+
+
+ |
+
+
+SystemMetricsLie |
+The fix replaces SystemMetrics values and SystemParametersInfo values with the values of previous Windows versions. |
+
+
+TextArt |
+The application receives different mouse coordinates with DWM ON versus DWM OFF, which causes the application to hang. This fix resolves the issue. |
+
+
+TrimDisplayDeviceNames |
+The fix trims the names of the display devices that are returned by the EnumDisplayDevices API. |
+
+
+UIPICompatLogging |
+The fix enables the logging of Windows messages from Internet Explorer and other processes. |
+
+
+UIPIEnableCustomMsgs |
+The problem occurs when an application does not properly communicate with other processes because customized Windows messages are not delivered.
+The fix enables customized Windows messages to pass through to the current process from a lower Desktop integrity level. This fix is the equivalent of calling the RegisterWindowMessage function, followed by the ChangeWindowMessageFilter function in the code.
+You can control this fix further by typing the following command at the command prompt:
+MessageString1 MessageString2
+Where MessageString1 and MessageString2 reflect the message strings that can pass.
+
+
+
+ |
+
+
+UIPIEnableStandardMsgs |
+The problem occurs when an application does not communicate properly with other processes because standard Windows messages are not delivered.
+The fix enables standard Windows messages to pass through to the current process from a lower Desktop integrity level. This fix is the equivalent of calling the ChangeWindowMessageFilter function in the code.
+You can control this fix further by typing the following command at the command prompt:
+1055 1056 1069
+Where 1055 reflects the first message ID, 1056 reflects the second message ID, and 1069 reflects the third message ID that can pass.
+
+
+
+ |
+
+
+VirtualizeDeleteFileLayer |
+The fix virtualizes DeleteFile operations for applications that try to delete protected files. |
+
+
+VirtualizeDesktopPainting |
+This fix improves the performance of a number of operations on the Desktop DC while using DWM. |
+
+
+VirtualRegistry |
+The problem is indicated when a Component failed to be located error message displays when an application is started.
+The fix enables the registry functions to allow for virtualization, redirection, expansion values, version spoofing, the simulation of performance data counters, and so on.
+For more detailed information about this application fix, see Using the VirtualRegistry Fix. |
+
+
+VirtualizeDeleteFile |
+The problem occurs when several error messages display and the application cannot delete files.
+The fix makes the application's DeleteFile function call a virtual call in an effort to remedy the UAC and file virtualization issues that were introduced with Windows Vista. This fix also links other file APIs (for example, GetFileAttributes) to ensure that the virtualization of the file is deleted.
+
+
+
+ |
+
+
+VirtualizeHKCRLite |
+The problem occurs when an application fails to register COM components at runtime.
+The fix redirects the HKCR write calls (HKLM) to the HKCU hive for a per-user COM registration. This operates much like the VirtualRegistry fix when you use the VirtualizeHKCR parameter; however, VirtualizeHKCRLite provides better performance.
+HKCR is a virtual merge of the HKCU\Software\Classes and HKLM\Software\Classes directories. The use of HKCU is preferred if an application is not elevated and is ignored if the application is elevated.
+You typically will use this compatibility fix in conjunction with the VirtualizeRegisterTypeLib fix.
+For more detailed information about this application fix, see Using the VirtualizeHKCRLite Fix. |
+
+
+VirtualizeRegisterTypeLib |
+The fix, when it is used with the VirtualizeHKCRLite fix, ensures that the type library and the COM class registration happen simultaneously. This functions much like the RegistryTypeLib fix when the RegisterTypeLibForUser parameter is used.
+
+
+
+ |
+
+
+WaveOutIgnoreBadFormat |
+This problem is indicated by an error message that states: Unable to initialize sound device from your audio driver; the application then closes.
+The fix enables the application to ignore the format error and continue to function properly. |
+
+
+WerDisableReportException |
+The fix turns off the silent reporting of exceptions to the Windows Error Reporting tool, including those that are reported by Object Linking and Embedding-Database (OLE DB). The fix intercepts the RtlReportException API and returns a STATUS_NOT_SUPPORTED error message. |
+
+
+Win7RTM/Win8RTM |
+The layer provides the application with Windows 7/Windows 8 compatibility mode. |
+
+
+WinxxRTMVersionLie |
+The problem occurs when an application fails because it does not find the correct version number for the required Windows operating system.
+All version lie compatibility fixes address the issue whereby an application fails to function because it is checking for, but not finding, a specific version of the operating system. The version lie fix returns the appropriate operating system version information. For example, the VistaRTMVersionLie returns the Windows Vista version information to the application, regardless of the actual operating system version that is running on the computer. |
+
+
+Wing32SystoSys32 |
+The problem is indicated by an error message that states that the WinG library was not properly installed.
+The fix detects whether the WinG32 library exists in the correct directory. If the library is located in the wrong location, this fix copies the information (typically during the runtime of the application) into the %WINDIR% \system32 directory.
+
+ ImportantThe application must have Administrator privileges for this fix to work.
+
+
+ |
+
+
+WinSrv08R2RTM |
+ |
+
+
+WinXPSP2VersionLie |
+The problem occurs when an application experiences issues because of a VB runtime DLL.
+The fix forces the application to follow these steps:
+
+Open the Compatibility Administrator, and then select None for Operating System Mode. On the Compatibility Fixes page, click WinXPSP2VersionLie, and then click Parameters.
+The Options for <fix_name> dialog box appears. Type vbrun60.dll into the Module Name box, click Include, and then click Add. Save the custom database.
+
+
+
+ |
+
+
+WRPDllRegister |
+The application fails when it tries to register a COM component that is released together with Windows Vista and later.
+The fix skips the processes of registering and unregistering WRP-protected COM components when calling the DLLRegisterServer and DLLUnregisterServer functions.
+You can control this fix further by typing the following command at the command prompt:
+Component1.dll;Component2.dll
+Where Component1.dll and Component2.dll reflect the components to be skipped.
+
+
+
+ |
+
+
+WRPMitigation |
+The problem is indicated when an access denied error message displays when the application tries to access a protected operating system resource by using more than read-only access.
+The fix emulates the successful authentication and modification of file and registry APIs, so that the application can continue.
+
+
+
+ |
+
+
+WRPRegDeleteKey |
+The problem is indicated by an access denied error message that displays when the application tries to delete a registry key.
+The fix verifies whether the registry key is WRP-protected. If the key is protected, this fix emulates the deletion process. |
+
+
+XPAfxIsValidAddress |
+The fix emulates the behavior of Windows XP for MFC42!AfxIsValidAddress. |
+
+
+
+
+
+
+## Compatibility Modes
+
+
+The following table lists the known compatibility modes.
+
+
+
+
+
+
+
+
+
+
+
+
+WinSrv03 |
+Emulates the Windows Server 2003 operating system. |
+ |
+
+
+WinSrv03Sp1 |
+Emulates the Windows Server 2003 with Service Pack 1 (SP1) operating system. |
+ |
+
+
+
diff --git a/windows/deployment/planning/creating-a-custom-compatibility-fix-in-compatibility-administrator.md b/windows/deployment/planning/creating-a-custom-compatibility-fix-in-compatibility-administrator.md
index 0be29f8a0c..9a86786070 100644
--- a/windows/deployment/planning/creating-a-custom-compatibility-fix-in-compatibility-administrator.md
+++ b/windows/deployment/planning/creating-a-custom-compatibility-fix-in-compatibility-administrator.md
@@ -1,86 +1,67 @@
----
-title: Creating a Custom Compatibility Fix in Compatibility Administrator (Windows 10)
-description: The Compatibility Administrator tool uses the term fix to describe the combination of compatibility information added to a customized database for a specific application.
-ms.assetid: e4f2853a-0e46-49c5-afd7-0ed12f1fe0c2
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.date: 04/19/2017
-ms.topic: article
----
-
-# Creating a Custom Compatibility Fix in Compatibility Administrator
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The Compatibility Administrator tool uses the term *fix* to describe the combination of compatibility information added to a customized database for a specific application. This combination can include single application fixes, groups of fixes that work together as a compatibility mode, and blocking and non-blocking AppHelp messages.
-
-**Important**
-Fixes apply to a single application only; therefore, you must create multiple fixes if you need to fix the same issue in multiple applications.
-
-
-
-## What is a Compatibility Fix?
-
-
-A compatibility fix, previously known as a shim, is a small piece of code that intercepts API calls from applications. The fix transforms the API calls so that the current version of the operating system supports the application in the same way as previous versions of the operating system. This can mean anything from disabling a new feature in the current version of the operating system to emulating a particular behavior of an older version of the Windows API.
-
-## Searching for Existing Compatibility Fixes
-
-
-The Compatibility Administrator tool has preloaded fixes for many common applications, including known compatibility fixes, compatibility modes, and AppHelp messages. Before you create a new compatibility fix, you can search for an existing application and then copy and paste the known fixes into your customized database.
-
-**Important**
-Application Compatibility Toolkit (ACT) installs a 32-bit and a 64-bit version of the Compatibility Administrator tool. You must use the 32-bit version to create custom databases for 32-bit applications and the 64-bit version to create custom databases for 64-bit applications.
-
-
-
-**To search for an existing application**
-
-1. In the left-side pane of Compatibility Administrator, expand the **Applications** folder and search for your application name.
-
-2. Click the application name to view the preloaded compatibility fixes, compatibility modes, or AppHelp messages.
-
-## Creating a New Compatibility Fix
-
-
-If you are unable to find a preloaded compatibility fix for your application, you can create a new one for use by your customized database.
-
-**To create a new compatibility fix**
-
-1. In the left-side pane of Compatibility Administrator underneath the **Custom Databases** heading, right-click the name of the database to which you want to apply the compatibility fix, click **Create New**, and then click **Application Fix**.
-
-2. Type the name of the application to which the compatibility fix applies, type the name of the application vendor, browse to the location of the application file (.exe) on your computer, and then click **Next**.
-
-3. Select the operating system for which your compatibility fix applies, click any applicable compatibility modes to apply to your compatibility fix, and then click **Next**.
-
-4. Select any additional compatibility fixes to apply to your compatibility fix, and then click **Next**.
-
-5. Select any additional criteria to use to match your applications to the AppHelp message, and then click **Finish**.
-
- By default, Compatibility Administrator selects the basic matching criteria for your application. As a best practice, use a limited set of matching information to represent your application, because it reduces the size of the database. However, make sure you have enough information to correctly identify your application.
-
-## Related topics
-[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
-
-
-
-
-
-
-
-
-
+---
+title: Creating a Custom Compatibility Fix in Compatibility Administrator (Windows 10)
+description: The Compatibility Administrator tool uses the term fix to describe the combination of compatibility information added to a customized database for a specific application.
+ms.assetid: e4f2853a-0e46-49c5-afd7-0ed12f1fe0c2
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.pagetype: appcompat
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Creating a Custom Compatibility Fix in Compatibility Administrator
+
+
+**Applies to**
+
+- Windows 10
+- Windows 8.1
+- Windows 8
+- Windows 7
+- Windows Server 2012
+- Windows Server 2008 R2
+
+The Compatibility Administrator tool uses the term *fix* to describe the combination of compatibility information added to a customized database for a specific application. This combination can include single application fixes, groups of fixes that work together as a compatibility mode, and blocking and non-blocking AppHelp messages.
+
+> [!IMPORTANT]
+> Fixes apply to a single application only; therefore, you must create multiple fixes if you need to fix the same issue in multiple applications.
+
+## What is a Compatibility Fix?
+
+A compatibility fix, previously known as a shim, is a small piece of code that intercepts API calls from applications. The fix transforms the API calls so that the current version of the operating system supports the application in the same way as previous versions of the operating system. This can mean anything from disabling a new feature in the current version of the operating system to emulating a particular behavior of an older version of the Windows API.
+
+## Searching for Existing Compatibility Fixes
+
+The Compatibility Administrator tool has preloaded fixes for many common applications, including known compatibility fixes, compatibility modes, and AppHelp messages. Before you create a new compatibility fix, you can search for an existing application and then copy and paste the known fixes into your customized database.
+
+> [!IMPORTANT]
+> Application Compatibility Toolkit (ACT) installs a 32-bit and a 64-bit version of the Compatibility Administrator tool. You must use the 32-bit version to create custom databases for 32-bit applications and the 64-bit version to create custom databases for 64-bit applications.
+
+**To search for an existing application**
+
+1. In the left-side pane of Compatibility Administrator, expand the **Applications** folder and search for your application name.
+2. Click the application name to view the preloaded compatibility fixes, compatibility modes, or AppHelp messages.
+
+## Creating a New Compatibility Fix
+
+
+If you are unable to find a preloaded compatibility fix for your application, you can create a new one for use by your customized database.
+
+**To create a new compatibility fix**
+
+1. In the left-side pane of Compatibility Administrator underneath the **Custom Databases** heading, right-click the name of the database to which you want to apply the compatibility fix, click **Create New**, and then click **Application Fix**.
+2. Type the name of the application to which the compatibility fix applies, type the name of the application vendor, browse to the location of the application file (.exe) on your computer, and then click **Next**.
+3. Select the operating system for which your compatibility fix applies, click any applicable compatibility modes to apply to your compatibility fix, and then click **Next**.
+4. Select any additional compatibility fixes to apply to your compatibility fix, and then click **Next**.
+5. Select any additional criteria to use to match your applications to the AppHelp message, and then click **Finish**.
+
+ By default, Compatibility Administrator selects the basic matching criteria for your application. As a best practice, use a limited set of matching information to represent your application, because it reduces the size of the database. However, make sure you have enough information to correctly identify your application.
+
+## Related topics
+
+[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
diff --git a/windows/deployment/planning/creating-a-custom-compatibility-mode-in-compatibility-administrator.md b/windows/deployment/planning/creating-a-custom-compatibility-mode-in-compatibility-administrator.md
index a34c87220b..c434f06486 100644
--- a/windows/deployment/planning/creating-a-custom-compatibility-mode-in-compatibility-administrator.md
+++ b/windows/deployment/planning/creating-a-custom-compatibility-mode-in-compatibility-administrator.md
@@ -39,8 +39,8 @@ A compatibility mode is a group of compatibility fixes. A compatibility fix, pre
The Compatibility Administrator tool has preloaded fixes for many common applications, including known compatibility fixes, compatibility modes, and AppHelp messages. Before you create a new compatibility mode, you can search for an existing application and then copy and paste the known fixes into your custom database.
-**Important**
-Application Compatibility Toolkit (ACT) installs a 32-bit and a 64-bit version of the Compatibility Administrator tool. You must use the 32-bit version to create custom databases for 32-bit applications and the 64-bit version to create custom databases for 64-bit applications.
+> [!IMPORTANT]
+> Application Compatibility Toolkit (ACT) installs a 32-bit and a 64-bit version of the Compatibility Administrator tool. You must use the 32-bit version to create custom databases for 32-bit applications and the 64-bit version to create custom databases for 64-bit applications.
@@ -55,8 +55,8 @@ Application Compatibility Toolkit (ACT) installs a 32-bit and a 64-bit version o
If you are unable to find a preloaded compatibility mode for your application, you can create a new one for use by your custom database.
-**Important**
-A compatibility mode includes a set of compatibility fixes and must be deployed as a group. Therefore, you should include only fixes that you intend to deploy together to the database.
+> [!IMPORTANT]
+> A compatibility mode includes a set of compatibility fixes and must be deployed as a group. Therefore, you should include only fixes that you intend to deploy together to the database.
diff --git a/windows/deployment/planning/creating-an-apphelp-message-in-compatibility-administrator.md b/windows/deployment/planning/creating-an-apphelp-message-in-compatibility-administrator.md
index 14270c5d3c..e4ebfef4e3 100644
--- a/windows/deployment/planning/creating-an-apphelp-message-in-compatibility-administrator.md
+++ b/windows/deployment/planning/creating-an-apphelp-message-in-compatibility-administrator.md
@@ -1,97 +1,98 @@
----
-title: Creating an AppHelp Message in Compatibility Administrator (Windows 10)
-description: The Compatibility Administrator tool enables you to create an AppHelp text message. This is a blocking or non-blocking message that appears when a user starts an application that you know has major functionality issues on the Windows® operating system.
-ms.assetid: 5c6e89f5-1942-4aa4-8439-ccf0ecd02848
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.date: 04/19/2017
-ms.topic: article
----
-
-# Creating an AppHelp Message in Compatibility Administrator
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The Compatibility Administrator tool enables you to create an AppHelp text message. This is a blocking or non-blocking message that appears when a user starts an application that you know has major functionality issues on the Windows® operating system.
-
-## Blocking Versus Non-Blocking AppHelp Messages
-
-
-A blocking AppHelp message prevents the application from starting and displays a message to the user. You can define a specific URL where the user can download an updated driver or other fix to resolve the issue. When using a blocking AppHelp message, you must also define the file-matching information to identify the version of the application and enable the corrected version to continue.
-
-A non-blocking AppHelp message does not prevent the application from starting, but provides a message to the user including information such as security issues, updates to the application, or changes to the location of network resources.
-
-## Searching for Existing Compatibility Fixes
-
-
-The Compatibility Administrator tool has preloaded fixes for many common applications, including known compatibility fixes, compatibility modes, and AppHelp messages. Before you create a new AppHelp message, you can search for an existing application and then copy and paste the known fixes into your custom database.
-
-**Important**
-Application Compatibility Toolkit (ACT) installs a 32-bit and a 64-bit version of the Compatibility Administrator tool. You must use the 32-bit version to create custom databases for 32-bit applications and the 64-bit version to create custom databases for 64-bit applications.
-
-
-
-**To search for an existing application**
-
-1. In the left-side pane of Compatibility Administrator, expand the **Applications** folder and search for your application name.
-
-2. Click the application name to view the preloaded AppHelp messages, compatibility fixes, and compatibility modes.
-
-## Creating a New AppHelp Message
-
-
-If you are unable to find a preloaded AppHelp message for your application, you can create a new one for use by your custom database.
-
-**To create a new AppHelp message**
-
-1. In the left-side pane of Compatibility Administrator, below the **Custom Databases** heading, right-click the name of the database to which you will apply the AppHelp message, click **Create New**, and then click **AppHelp Message**.
-
-2. Type the name of the application to which this AppHelp message applies, type the name of the application vendor, browse to the location of the application file (.exe) on your computer, and then click **Next**.
-
- The wizard shows the known **Matching Information**, which is used for program identification.
-
-3. Select any additional criteria to use to match your applications to the AppHelp message, and then click **Next**.
-
- By default, Compatibility Administrator selects the basic matching criteria for your application.
-
- The wizard shows the **Enter Message Type** options.
-
-4. Click one of the following options:
-
- - **Display a message and allow this program to run**. This is a non-blocking message, which means that you can alert the user that there might be a problem, but the application is not prevented from starting.
-
- - **Display a message and do not allow this program to run**. This is a blocking message, which means that the application will not start. Instead, this message points the user to a location that provides more information about fixing the issue.
-
-5. Click **Next**.
-
- The wizard then shows the **Enter Message Information** fields.
-
-6. Type the website URL and the message text to appear when the user starts the application, and then click **Finish**.
-
-## Issues with AppHelp Messages and Computers Running Windows 2000
-
-
-The following issues might occur with computers running Windows 2000:
-
-- You might be unable to create a custom AppHelp message.
-
-- The AppHelp message text used for system database entries might not appear.
-
-- Copying an AppHelp entry for a system database or a custom-compatibility fix from a system database might cause Compatibility Administrator to hide the descriptive text.
-
-## Related topics
-[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
+---
+title: Creating an AppHelp Message in Compatibility Administrator (Windows 10)
+description: The Compatibility Administrator tool enables you to create an AppHelp text message. This is a blocking or non-blocking message that appears when a user starts an application that you know has major functionality issues on the Windows® operating system.
+ms.assetid: 5c6e89f5-1942-4aa4-8439-ccf0ecd02848
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.pagetype: appcompat
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.date: 04/19/2017
+ms.topic: article
+---
+
+# Creating an AppHelp Message in Compatibility Administrator
+
+
+**Applies to**
+
+- Windows 10
+- Windows 8.1
+- Windows 8
+- Windows 7
+- Windows Server 2012
+- Windows Server 2008 R2
+
+The Compatibility Administrator tool enables you to create an AppHelp text message. This is a blocking or non-blocking message that appears when a user starts an application that you know has major functionality issues on the Windows® operating system.
+
+## Blocking Versus Non-Blocking AppHelp Messages
+
+
+A blocking AppHelp message prevents the application from starting and displays a message to the user. You can define a specific URL where the user can download an updated driver or other fix to resolve the issue. When using a blocking AppHelp message, you must also define the file-matching information to identify the version of the application and enable the corrected version to continue.
+
+A non-blocking AppHelp message does not prevent the application from starting, but provides a message to the user including information such as security issues, updates to the application, or changes to the location of network resources.
+
+## Searching for Existing Compatibility Fixes
+
+
+The Compatibility Administrator tool has preloaded fixes for many common applications, including known compatibility fixes, compatibility modes, and AppHelp messages. Before you create a new AppHelp message, you can search for an existing application and then copy and paste the known fixes into your custom database.
+
+> [!IMPORTANT]
+> Application Compatibility Toolkit (ACT) installs a 32-bit and a 64-bit version of the Compatibility Administrator tool. You must use the 32-bit version to create custom databases for 32-bit applications and the 64-bit version to create custom databases for 64-bit applications.
+
+
+
+**To search for an existing application**
+
+1. In the left-side pane of Compatibility Administrator, expand the **Applications** folder and search for your application name.
+
+2. Click the application name to view the preloaded AppHelp messages, compatibility fixes, and compatibility modes.
+
+## Creating a New AppHelp Message
+
+
+If you are unable to find a preloaded AppHelp message for your application, you can create a new one for use by your custom database.
+
+**To create a new AppHelp message**
+
+1. In the left-side pane of Compatibility Administrator, below the **Custom Databases** heading, right-click the name of the database to which you will apply the AppHelp message, click **Create New**, and then click **AppHelp Message**.
+
+2. Type the name of the application to which this AppHelp message applies, type the name of the application vendor, browse to the location of the application file (.exe) on your computer, and then click **Next**.
+
+ The wizard shows the known **Matching Information**, which is used for program identification.
+
+3. Select any additional criteria to use to match your applications to the AppHelp message, and then click **Next**.
+
+ By default, Compatibility Administrator selects the basic matching criteria for your application.
+
+ The wizard shows the **Enter Message Type** options.
+
+4. Click one of the following options:
+
+ - **Display a message and allow this program to run**. This is a non-blocking message, which means that you can alert the user that there might be a problem, but the application is not prevented from starting.
+
+ - **Display a message and do not allow this program to run**. This is a blocking message, which means that the application will not start. Instead, this message points the user to a location that provides more information about fixing the issue.
+
+5. Click **Next**.
+
+ The wizard then shows the **Enter Message Information** fields.
+
+6. Type the website URL and the message text to appear when the user starts the application, and then click **Finish**.
+
+## Issues with AppHelp Messages and Computers Running Windows 2000
+
+
+The following issues might occur with computers running Windows 2000:
+
+- You might be unable to create a custom AppHelp message.
+
+- The AppHelp message text used for system database entries might not appear.
+
+- Copying an AppHelp entry for a system database or a custom-compatibility fix from a system database might cause Compatibility Administrator to hide the descriptive text.
+
+## Related topics
+[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
diff --git a/windows/deployment/planning/deployment-considerations-for-windows-to-go.md b/windows/deployment/planning/deployment-considerations-for-windows-to-go.md
index decac6d28e..022ac067c8 100644
--- a/windows/deployment/planning/deployment-considerations-for-windows-to-go.md
+++ b/windows/deployment/planning/deployment-considerations-for-windows-to-go.md
@@ -1,340 +1,304 @@
----
-title: Deployment considerations for Windows To Go (Windows 10)
-description: Deployment considerations for Windows To Go
-ms.assetid: dcfc5d96-b96b-44cd-ab65-416b5611c65e
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-keywords: deploy, mobile, device, USB, boot, image, workspace, driver
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: mobility
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Deployment considerations for Windows To Go
-
-
-**Applies to**
-
-- Windows 10
-
->[!IMPORTANT]
->Windows To Go is no longer being developed. The feature does not support feature updates and therefore does not enable you to stay current. It also requires a specific type of USB that is no longer supported by many OEMs.
-
-From the start, Windows To Go was designed to minimize differences between the user experience of working on a laptop and Windows To Go booted from a USB drive. Given that Windows To Go was designed as an enterprise solution, extra consideration was given to the deployment workflows that enterprises already have in place. Additionally, there has been a focus on minimizing the number of differences in deployment between Windows To Go workspaces and laptop PCs.
-
-**Note**
-Windows To Go does not support operating system upgrades. Windows To Go is designed as a feature that is managed centrally. IT departments that plan to transition from one operating system version to a later version will need to incorporate re-imaging their existing Windows To Go drives as part of their upgrade deployment process.
-
-
-
-The following sections discuss the boot experience, deployment methods, and tools that you can use with Windows To Go.
-
-- [Initial boot experiences](#wtg-initboot)
-
-- [Image deployment and drive provisioning considerations](#wtg-imagedep)
-
-- [Application installation and domain join](#wtg-appinstall)
-
-- [Management of Windows To Go using Group Policy](#bkmk-wtggp)
-
-- [Supporting booting from USB](#wtg-bootusb)
-
-- [Updating firmware](#stg-firmware)
-
-- [Configure Windows To Go startup options](#wtg-startup)
-
-- [Change firmware settings](#wtg-changefirmware)
-
-## Initial boot experiences
-
-
-The following diagrams illustrate the two different methods you could use to provide Windows To Go drives to your users. The experiences differ depending on whether the user will be booting the device initially on-premises or off-premises:
-
-
-
-When a Windows To Go workspace is first used at the workplace, the Windows To Go workspace can be joined to the domain through the normal procedures that occur when a new computer is introduced. It obtains a lease, applicable policies are applied and set, and user account tokens are placed appropriately. BitLocker protection can be applied and the BitLocker recovery key automatically stored in Active Directory Domain Services. The user can access network resources to install software and get access to data sources. When the workspace is subsequently booted at a different location either on or off premises, the configuration required for it to connect back to the work network using either DirectAccess or a virtual private network connection can be configured. It is not necessary to configure the workspace for offline domain join. DirectAccess can make connecting to organizational resources easier, but is not required.
-
-
-
-When the Windows To Go workspace is going to be used first on an off-premises computer, such as one at the employee’s home, then the IT professional preparing the Windows To Go drives should configure the drive to be able to connect to organizational resources and to maintain the security of the workspace. In this situation, the Windows To Go workspace needs to be configured for offline domain join and BitLocker needs to be enabled before the workspace has been initialized.
-
-**Tip**
-Applying BitLocker Drive Encryption to the drives before provisioning is a much faster process than encrypting the drives after data has already been stored on them due to a new feature called used-disk space only encryption. For more information, see [What's New in BitLocker](https://go.microsoft.com/fwlink/p/?LinkId=619076).
-
-
-
-DirectAccess can be used to ensure that the user can login with their domain credentials without needing a local account. For instructions on setting up a DirectAccess solution, for a small pilot deployment see [Deploy a Single Remote Access Server using the Getting Started Wizard](https://go.microsoft.com/fwlink/p/?LinkId=619077) for a larger scale deployment, see [Deploy Remote Access in an Enterprise](https://go.microsoft.com/fwlink/p/?LinkId=619078). If you do not want to use DirectAccess as an alternative users could log on using a local user account on the Windows To Go workspace and then use a virtual private network for remote access to your organizational network.
-
-### Image deployment and drive provisioning considerations
-
-The Image Deployment process can be accomplished either by a centralized IT process for your organization or by individual users creating their own Windows To Go workspaces. You must have local Administrator access and access to a Windows 10 Enterprise or Windows 10 Education image to create a Windows To Go workspace, or you must be using System Center Configuration Manager 2012 Service Pack 1 or later to distribute Windows To Go workspaces to users. The image deployment process takes a blank USB drive and a Windows 10 Enterprise image (WIM) and turns it into a Windows To Go drive.
-
-
-
-The simplest way to provision a Windows To Go drive is to use the Windows To Go Creator. After a single Windows To Go workspace has been created, it can be duplicated as many times as necessary using widely available USB duplicator products as long as the device has not been booted. After the Windows To Go drive is initialized, it should not be duplicated. Alternatively, Windows To Go Workspace Creator can be run multiple times to create multiple Windows To Go drives.
-
-**Tip**
-When you create your Windows To Go image use sysprep /generalize, just as you do when you deploy Windows 10 to a standard PC. In fact, if appropriate, use the same image for both deployments.
-
-
-
-**Driver considerations**
-
-Windows includes most of the drivers that you will need to support a wide variety of host computers. However, you will occasionally need to download drivers from Windows Update to take advantage of the full functionality of a device. If you are using Windows To Go on a set of known host computers, you can add any additional drivers to the image used on Windows To Go to make Windows To Go drives more quickly usable by your employees. Especially ensure that network drivers are available so that the user can connect to Windows Update to get additional drivers if necessary.
-
-Wi-Fi network adapter drivers are one of the most important drivers to make sure that you include in your standard image so that users can easily connect to the internet for any additional updates. IT administrators that are attempting to build Windows 10 images for use with Windows To Go should consider adding additional Wi-Fi drivers to their image to ensure that their users have the best chance of still having basic network connectivity when roaming between systems.
-
-The following list of commonly used Wi-Fi network adapters that are not supported by the default drivers provided with Windows 10 is provided to help you ascertain whether or not you need to add drivers to your image.
-
-
-
-
-
-
-
-
-
-
-Vendor name |
-Product description |
-HWID |
-Windows Update availability |
-
-
-Broadcom |
-802.11abgn Wireless SDIO adapter |
-sd\vid_02d0&pid_4330&fn_1 |
-Contact the system OEM or Broadcom for driver availability. |
-
-
-Broadcom |
-802.11n Network Adapter |
-pci\ven_14e4&dev_4331&subsys_00d6106b&rev_02 |
-Contact the system OEM or Broadcom for driver availability. |
-
-
-Broadcom |
-802.11n Network Adapter |
-pci\ven_14e4&dev_4331&subsys_00f5106b&rev_02 |
-Contact the system OEM or Broadcom for driver availability. |
-
-
-Broadcom |
-802.11n Network Adapter |
-pci\ven_14e4&dev_4331&subsys_00ef106b&rev_02 |
-Contact the system OEM or Broadcom for driver availability. |
-
-
-Broadcom |
-802.11n Network Adapter |
-pci\ven_14e4&dev_4331&subsys_00f4106b&rev_02 |
-Contact the system OEM or Broadcom for driver availability. |
-
-
-Broadcom |
-802.11n Network Adapter |
-pci\ven_14e4&dev_4331&subsys_010e106b&rev_02 |
-Contact the system OEM or Broadcom for driver availability. |
-
-
-Broadcom |
-802.11n Network Adapter |
-pci\ven_14e4&dev_4331&subsys_00e4106b&rev_02 |
-Contact the system OEM or Broadcom for driver availability. |
-
-
-Broadcom |
-802.11n Network Adapter |
-pci\ven_14e4&dev_4331&subsys_433114e4&rev_02 |
-Contact the system OEM or Broadcom for driver availability. |
-
-
-Broadcom |
-802.11n Network Adapter |
-pci\ven_14e4&dev_4331&subsys_010f106b&rev_02 |
-Contact the system OEM or Broadcom for driver availability. |
-
-
-Marvell |
-Yukon 88E8001/8003/8010 PCI Gigabit Ethernet |
-pci\ven_11ab&dev_4320&subsys_811a1043 |
-32-bit driver
-64-bit driver |
-
-
-Marvell |
-Libertas 802.11b/g Wireless |
-pci\ven_11ab&dev_1faa&subsys_6b001385&rev_03 |
-32-bit driver
-64-bit driver |
-
-
-Qualcomm |
-Atheros AR6004 Wireless LAN Adapter |
-sd\vid_0271&pid_0401 |
-32-bit driver
-64-bit driver not available |
-
-
-Qualcomm |
-Atheros AR5BWB222 Wireless Network Adapter |
-pci\ven_168c&dev_0034&subsys_20031a56 |
-32-bit driver
-64-bit driver not available |
-
-
-Qualcomm |
-Atheros AR5BWB222 Wireless Network Adapter |
-pci\ven_168c&dev_0034&subsys_020a1028&rev_01 |
-Contact the system OEM or Qualcom for driver availability. |
-
-
-Qualcomm |
-Atheros AR5005G Wireless Network Adapter |
-pci\ven_168c&dev_001a&subsys_04181468&rev_01 |
-32-bit driver
-64-bit driver |
-
-
-Ralink |
-Wireless-G PCI Adapter |
-pci\ven_1814&dev_0301&subsys_00551737&rev_00 |
-32-bit driver
-64-bit driver |
-
-
-Ralink |
-Turbo Wireless LAN Card |
-pci\ven_1814&dev_0301&subsys_25611814&rev_00 |
-32-bit driver
-64-bit driver |
-
-
-Ralink |
-Wireless LAN Card V1 |
-pci\ven_1814&dev_0302&subsys_3a711186&rev_00 |
-32-bit driver
-64-bit driver |
-
-
-Ralink |
-D-Link AirPlus G DWL-G510 Wireless PCI Adapter(rev.C) |
-pci\ven_1814&dev_0302&subsys_3c091186&rev_00 |
-32-bit driver
-64-bit driver |
-
-
-
-
-
-
-IT administrators that want to target Windows To Go images for specific systems should test their images to ensure that the necessary system drivers are in the image, especially for critical functionality like Wi-Fi that is not supported by class drivers. Some consumer devices require OEM specific driver packages, which may not be available on Windows Update. For more information on how to add a driver to a Windows Image, please refer to the [Basic Windows Deployment Step-by-Step Guide](https://go.microsoft.com/fwlink/p/?LinkId=619079).
-
-### Application installation and domain join
-
-Unless you are using a customized Windows image that includes unattended installation settings, the initial Windows To Go workspace will not be domain joined and will not contain applications. This is exactly like a new installation of Windows on a desktop or laptop computer. When planning your deployment, you should develop methods to join Windows to Go drives to the domain and install the standard applications that users in your organization require. These methods probably will be similar to the ones used for setting up desktop and laptop computers with domain privileges and applications
-
-### Management of Windows To Go using Group Policy
-
-In general, management of Windows To Go workspaces is same as that for desktop and laptop computers. There are Windows To Go specific Group Policy settings that should be considered as part of Windows To Go deployment. Windows To Go Group Policy settings are located at `\\Computer Configuration\Administrative Templates\Windows Components\Portable Operating System\` in the Local Group Policy Editor.
-
-The use of the Store on Windows To Go workspaces that are running Windows 8 can also be controlled by Group Policy. This policy setting is located at `\\Computer Configuration\Administrative Templates\Windows Components\Store\` in the Local Group Policy Editor. The policy settings have specific implications for Windows To Go that you should be aware of when planning your deployment:
-
-**Settings for workspaces**
-
-- **Allow hibernate (S4) when started from a Windows To Go workspace**
-
- This policy setting specifies whether the PC can use the hibernation sleep state (S4) when started from a Windows To Go workspace. By default, hibernation is disabled when using Windows To Go workspace, so enabling this setting explicitly turns this ability back on. When a computer enters hibernation, the contents of memory are written to disk. When the disk is resumed, it is important that the hardware attached to the system, as well as the disk itself, are unchanged. This is inherently incompatible with roaming between PC hosts. Hibernation should only be used when the Windows To Go workspace is not being used to roam between host PCs.
-
- **Important**
- For the host-PC to resume correctly when hibernation is enabled the Windows To Go workspace must continue to use the same USB port.
-
-
-
-- **Disallow standby sleep states (S1-S3) when starting from a Windows To Go workspace**
-
- This policy setting specifies whether the PC can use standby sleep states (S1–S3) when started from a Windows To Go workspace. The Sleep state also presents a unique challenge to Windows To Go users. When a computer goes to sleep, it appears as if it is shut down. It could be very easy for a user to think that a Windows To Go workspace in sleep mode was actually shut down and they could remove the Windows To Go drive and take it home. Removing the Windows To Go drive in this scenario is equivalent to an unclean shutdown which may result in the loss of unsaved user data or the corruption on the drive. Moreover, if the user now boots the drive on another PC and brings it back to the first PC which still happens to be in the sleep state, it will lead to an arbitrary crash and eventually corruption of the drive and result in the workspace becoming unusable. If you enable this policy setting, the Windows To Go workspace cannot use the standby states to cause the PC to enter sleep mode. If you disable or do not configure this policy setting, the Windows To Go workspace can place the PC in sleep mode.
-
-**Settings for host PCs**
-
-- **Windows To Go Default Startup Options**
-
- This policy setting controls whether the host computer will boot to Windows To Go if a USB device containing a Windows To Go workspace is connected, and controls whether users can make changes using the **Windows To Go Startup Options** settings dialog. If you enable this policy setting, booting to Windows To Go when a USB device is connected will be enabled and users will not be able to make changes using the **Windows To Go Startup Options** settings dialog. If you disable this policy setting, booting to Windows To Go when a USB device is connected will not be enabled unless a user configures the option manually in the firmware. If you do not configure this policy setting, users who are members of the local Administrators group can enable or disable booting from USB using the **Windows To Go Startup Options** settings dialog.
-
- **Important**
- Enabling this policy setting will cause PCs running Windows to attempt to boot from any USB device that is inserted into the PC before it is started.
-
-
-
-## Supporting booting from USB
-
-
-The biggest hurdle for a user wanting to use Windows To Go is configuring their computer to boot from USB. This is traditionally done by entering the firmware and configuring the appropriate boot order options. To ease the process of making the firmware modifications required for Windows To Go, Windows includes a feature named **Windows To Go Startup Options** that allows a user to configure their computer to boot from USB from within Windows—without ever entering their firmware, as long as their firmware supports booting from USB.
-
-**Note**
-Enabling a system to always boot from USB first has implications that you should consider. For example, a USB device that includes malware could be booted inadvertently to compromise the system, or multiple USB drives could be plugged in to cause a boot conflict. For this reason, the Windows To Go startup options are disabled by default. In addition, administrator privileges are required to configure Windows To Go startup options.
-
-
-
-If you are going to be using a Windows 7 computer as a host-PC, see the wiki article [Tips for configuring your BIOS settings to work with Windows To Go](https://go.microsoft.com/fwlink/p/?LinkID=618951).
-
-### Roaming between different firmware types
-
-Windows supports two types of PC firmware: Unified Extensible Firmware Interface (UEFI), which is the new standard, and legacy BIOS firmware, which was used in most PCs shipping with Windows 7 or earlier version of Windows. Each firmware type has completely different Windows boot components that are incompatible with each other. Beyond the different boot components, Windows supports different partition styles and layout requirements for each type of firmware as shown in the following diagrams.
-
-
-
-This presented a unique challenge for Windows To Go because the firmware type is not easily determined by end-users—a UEFI computer looks just like a legacy BIOS computer and Windows To Go must boot on both types of firmware.
-
-To enable booting Windows To Go on both types of firmware, a new disk layout is provided for Windows 8 or later that contains both sets of boot components on a FAT32 system partition and a new command-line option was added to bcdboot.exe to support this configuration. The **/f** option is used with the **bcdboot /s** command to specify the firmware type of the target system partition by appending either **UEFI**, **BIOS** or **ALL**. When creating Windows To Go drives manually you must use the **ALL** parameter to provide the Windows To Go drive the ability to boot on both types of firmware. For example, on volume H: (your Windows To Go USB drive letter), you would use the command **bcdboot C:\\windows /s H: /f ALL**. The following diagram illustrates the disk layout that results from that command:
-
-
-
-This is the only supported disk configuration for Windows To Go. With this disk configuration, a single Windows To Go drive can be booted on computers with UEFI and legacy BIOS firmware.
-
-### Configure Windows To Go startup options
-
-Windows To Go Startup Options is a setting available on Windows 10-based PCs that enables the computer to be booted from a USB without manually changing the firmware settings of the PC. To configure Windows To Go Startup Options you must have administrative rights on the computer and the **Windows To Go Default Startup Options** Group Policy setting must not be configured.
-
-**To configure Windows To Go startup options**
-
-1. On the Start screen, type, type **Windows To Go Startup Options**, click **Settings** and then press Enter.
-
- 
-
-2. Select **Yes** to enable the startup options.
-
- **Tip**
- If your computer is part of a domain, the Group Policy setting can be used to enable the startup options instead of the dialog.
-
-
-
-3. Click **Save Changes**. If the User Account Control dialog box is displayed, confirm that the action it displays is what you want, and then click **Yes**.
-
-### Change firmware settings
-
-If you choose to not use the Windows To Go startup options or are using a PC running Windows 7 as your host computer you will need to manually configure the firmware settings. The process used to accomplish this will depend on the firmware type and manufacturer. If your host computer is protected by BitLocker and running Windows 7 you should suspend BitLocker before making the change to the firmware settings. After the firmware settings have been successfully reconfigured, resume BitLocker protection. If you do not suspend BitLocker first, BitLocker will assume that the computer has been tampered with and will boot into BitLocker recovery mode.
-
-## Related topics
-
-
-[Windows To Go: feature overview](windows-to-go-overview.md)
-
-[Prepare your organization for Windows To Go](prepare-your-organization-for-windows-to-go.md)
-
-[Security and data protection considerations for Windows To Go](security-and-data-protection-considerations-for-windows-to-go.md)
-
-[Windows To Go: frequently asked questions](windows-to-go-frequently-asked-questions.md)
-
-
-
-
-
-
-
-
-
+---
+title: Deployment considerations for Windows To Go (Windows 10)
+description: Deployment considerations for Windows To Go
+ms.assetid: dcfc5d96-b96b-44cd-ab65-416b5611c65e
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+keywords: deploy, mobile, device, USB, boot, image, workspace, driver
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.pagetype: mobility
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Deployment considerations for Windows To Go
+
+
+**Applies to**
+
+- Windows 10
+
+> [!IMPORTANT]
+> Windows To Go is no longer being developed. The feature does not support feature updates and therefore does not enable you to stay current. It also requires a specific type of USB that is no longer supported by many OEMs.
+
+From the start, Windows To Go was designed to minimize differences between the user experience of working on a laptop and Windows To Go booted from a USB drive. Given that Windows To Go was designed as an enterprise solution, extra consideration was given to the deployment workflows that enterprises already have in place. Additionally, there has been a focus on minimizing the number of differences in deployment between Windows To Go workspaces and laptop PCs.
+
+> [!NOTE]
+> Windows To Go does not support operating system upgrades. Windows To Go is designed as a feature that is managed centrally. IT departments that plan to transition from one operating system version to a later version will need to incorporate re-imaging their existing Windows To Go drives as part of their upgrade deployment process.
+
+The following sections discuss the boot experience, deployment methods, and tools that you can use with Windows To Go.
+
+- [Initial boot experiences](#wtg-initboot)
+- [Image deployment and drive provisioning considerations](#wtg-imagedep)
+- [Application installation and domain join](#wtg-appinstall)
+- [Management of Windows To Go using Group Policy](#bkmk-wtggp)
+- [Supporting booting from USB](#wtg-bootusb)
+- [Updating firmware](#stg-firmware)
+- [Configure Windows To Go startup options](#wtg-startup)
+- [Change firmware settings](#wtg-changefirmware)
+
+## Initial boot experiences
+
+The following diagrams illustrate the two different methods you could use to provide Windows To Go drives to your users. The experiences differ depending on whether the user will be booting the device initially on-premises or off-premises:
+
+
+
+When a Windows To Go workspace is first used at the workplace, the Windows To Go workspace can be joined to the domain through the normal procedures that occur when a new computer is introduced. It obtains a lease, applicable policies are applied and set, and user account tokens are placed appropriately. BitLocker protection can be applied and the BitLocker recovery key automatically stored in Active Directory Domain Services. The user can access network resources to install software and get access to data sources. When the workspace is subsequently booted at a different location either on or off premises, the configuration required for it to connect back to the work network using either DirectAccess or a virtual private network connection can be configured. It is not necessary to configure the workspace for offline domain join. DirectAccess can make connecting to organizational resources easier, but is not required.
+
+
+
+When the Windows To Go workspace is going to be used first on an off-premises computer, such as one at the employee’s home, then the IT professional preparing the Windows To Go drives should configure the drive to be able to connect to organizational resources and to maintain the security of the workspace. In this situation, the Windows To Go workspace needs to be configured for offline domain join and BitLocker needs to be enabled before the workspace has been initialized.
+
+> [!TIP]
+> Applying BitLocker Drive Encryption to the drives before provisioning is a much faster process than encrypting the drives after data has already been stored on them due to a new feature called used-disk space only encryption. For more information, see [What's New in BitLocker](https://go.microsoft.com/fwlink/p/?LinkId=619076).
+
+DirectAccess can be used to ensure that the user can login with their domain credentials without needing a local account. For instructions on setting up a DirectAccess solution, for a small pilot deployment see [Deploy a Single Remote Access Server using the Getting Started Wizard](https://go.microsoft.com/fwlink/p/?LinkId=619077) for a larger scale deployment, see [Deploy Remote Access in an Enterprise](https://go.microsoft.com/fwlink/p/?LinkId=619078). If you do not want to use DirectAccess as an alternative users could log on using a local user account on the Windows To Go workspace and then use a virtual private network for remote access to your organizational network.
+
+### Image deployment and drive provisioning considerations
+
+The Image Deployment process can be accomplished either by a centralized IT process for your organization or by individual users creating their own Windows To Go workspaces. You must have local Administrator access and access to a Windows 10 Enterprise or Windows 10 Education image to create a Windows To Go workspace, or you must be using System Center Configuration Manager 2012 Service Pack 1 or later to distribute Windows To Go workspaces to users. The image deployment process takes a blank USB drive and a Windows 10 Enterprise image (WIM) and turns it into a Windows To Go drive.
+
+
+
+The simplest way to provision a Windows To Go drive is to use the Windows To Go Creator. After a single Windows To Go workspace has been created, it can be duplicated as many times as necessary using widely available USB duplicator products as long as the device has not been booted. After the Windows To Go drive is initialized, it should not be duplicated. Alternatively, Windows To Go Workspace Creator can be run multiple times to create multiple Windows To Go drives.
+
+> [!TIP]
+> When you create your Windows To Go image use sysprep /generalize, just as you do when you deploy Windows 10 to a standard PC. In fact, if appropriate, use the same image for both deployments.
+
+**Driver considerations**
+
+Windows includes most of the drivers that you will need to support a wide variety of host computers. However, you will occasionally need to download drivers from Windows Update to take advantage of the full functionality of a device. If you are using Windows To Go on a set of known host computers, you can add any additional drivers to the image used on Windows To Go to make Windows To Go drives more quickly usable by your employees. Especially ensure that network drivers are available so that the user can connect to Windows Update to get additional drivers if necessary.
+
+Wi-Fi network adapter drivers are one of the most important drivers to make sure that you include in your standard image so that users can easily connect to the internet for any additional updates. IT administrators that are attempting to build Windows 10 images for use with Windows To Go should consider adding additional Wi-Fi drivers to their image to ensure that their users have the best chance of still having basic network connectivity when roaming between systems.
+
+The following list of commonly used Wi-Fi network adapters that are not supported by the default drivers provided with Windows 10 is provided to help you ascertain whether or not you need to add drivers to your image.
+
+
+
+
+
+
+
+
+
+
+Vendor name |
+Product description |
+HWID |
+Windows Update availability |
+
+
+Broadcom |
+802.11abgn Wireless SDIO adapter |
+sd\vid_02d0&pid_4330&fn_1 |
+Contact the system OEM or Broadcom for driver availability. |
+
+
+Broadcom |
+802.11n Network Adapter |
+pci\ven_14e4&dev_4331&subsys_00d6106b&rev_02 |
+Contact the system OEM or Broadcom for driver availability. |
+
+
+Broadcom |
+802.11n Network Adapter |
+pci\ven_14e4&dev_4331&subsys_00f5106b&rev_02 |
+Contact the system OEM or Broadcom for driver availability. |
+
+
+Broadcom |
+802.11n Network Adapter |
+pci\ven_14e4&dev_4331&subsys_00ef106b&rev_02 |
+Contact the system OEM or Broadcom for driver availability. |
+
+
+Broadcom |
+802.11n Network Adapter |
+pci\ven_14e4&dev_4331&subsys_00f4106b&rev_02 |
+Contact the system OEM or Broadcom for driver availability. |
+
+
+Broadcom |
+802.11n Network Adapter |
+pci\ven_14e4&dev_4331&subsys_010e106b&rev_02 |
+Contact the system OEM or Broadcom for driver availability. |
+
+
+Broadcom |
+802.11n Network Adapter |
+pci\ven_14e4&dev_4331&subsys_00e4106b&rev_02 |
+Contact the system OEM or Broadcom for driver availability. |
+
+
+Broadcom |
+802.11n Network Adapter |
+pci\ven_14e4&dev_4331&subsys_433114e4&rev_02 |
+Contact the system OEM or Broadcom for driver availability. |
+
+
+Broadcom |
+802.11n Network Adapter |
+pci\ven_14e4&dev_4331&subsys_010f106b&rev_02 |
+Contact the system OEM or Broadcom for driver availability. |
+
+
+Marvell |
+Yukon 88E8001/8003/8010 PCI Gigabit Ethernet |
+pci\ven_11ab&dev_4320&subsys_811a1043 |
+32-bit driver
+64-bit driver |
+
+
+Marvell |
+Libertas 802.11b/g Wireless |
+pci\ven_11ab&dev_1faa&subsys_6b001385&rev_03 |
+32-bit driver
+64-bit driver |
+
+
+Qualcomm |
+Atheros AR6004 Wireless LAN Adapter |
+sd\vid_0271&pid_0401 |
+32-bit driver
+64-bit driver not available |
+
+
+Qualcomm |
+Atheros AR5BWB222 Wireless Network Adapter |
+pci\ven_168c&dev_0034&subsys_20031a56 |
+32-bit driver
+64-bit driver not available |
+
+
+Qualcomm |
+Atheros AR5BWB222 Wireless Network Adapter |
+pci\ven_168c&dev_0034&subsys_020a1028&rev_01 |
+Contact the system OEM or Qualcom for driver availability. |
+
+
+Qualcomm |
+Atheros AR5005G Wireless Network Adapter |
+pci\ven_168c&dev_001a&subsys_04181468&rev_01 |
+32-bit driver
+64-bit driver |
+
+
+Ralink |
+Wireless-G PCI Adapter |
+pci\ven_1814&dev_0301&subsys_00551737&rev_00 |
+32-bit driver
+64-bit driver |
+
+
+Ralink |
+Turbo Wireless LAN Card |
+pci\ven_1814&dev_0301&subsys_25611814&rev_00 |
+32-bit driver
+64-bit driver |
+
+
+Ralink |
+Wireless LAN Card V1 |
+pci\ven_1814&dev_0302&subsys_3a711186&rev_00 |
+32-bit driver
+64-bit driver |
+
+
+Ralink |
+D-Link AirPlus G DWL-G510 Wireless PCI Adapter(rev.C) |
+pci\ven_1814&dev_0302&subsys_3c091186&rev_00 |
+32-bit driver
+64-bit driver |
+
+
+
+
+IT administrators that want to target Windows To Go images for specific systems should test their images to ensure that the necessary system drivers are in the image, especially for critical functionality like Wi-Fi that is not supported by class drivers. Some consumer devices require OEM specific driver packages, which may not be available on Windows Update. For more information on how to add a driver to a Windows Image, please refer to the [Basic Windows Deployment Step-by-Step Guide](https://go.microsoft.com/fwlink/p/?LinkId=619079).
+
+### Application installation and domain join
+
+Unless you are using a customized Windows image that includes unattended installation settings, the initial Windows To Go workspace will not be domain joined and will not contain applications. This is exactly like a new installation of Windows on a desktop or laptop computer. When planning your deployment, you should develop methods to join Windows to Go drives to the domain and install the standard applications that users in your organization require. These methods probably will be similar to the ones used for setting up desktop and laptop computers with domain privileges and applications
+
+### Management of Windows To Go using Group Policy
+
+In general, management of Windows To Go workspaces is same as that for desktop and laptop computers. There are Windows To Go specific Group Policy settings that should be considered as part of Windows To Go deployment. Windows To Go Group Policy settings are located at `\\Computer Configuration\Administrative Templates\Windows Components\Portable Operating System\` in the Local Group Policy Editor.
+
+The use of the Store on Windows To Go workspaces that are running Windows 8 can also be controlled by Group Policy. This policy setting is located at `\\Computer Configuration\Administrative Templates\Windows Components\Store\` in the Local Group Policy Editor. The policy settings have specific implications for Windows To Go that you should be aware of when planning your deployment:
+
+**Settings for workspaces**
+
+- **Allow hibernate (S4) when started from a Windows To Go workspace**
+
+ This policy setting specifies whether the PC can use the hibernation sleep state (S4) when started from a Windows To Go workspace. By default, hibernation is disabled when using Windows To Go workspace, so enabling this setting explicitly turns this ability back on. When a computer enters hibernation, the contents of memory are written to disk. When the disk is resumed, it is important that the hardware attached to the system, as well as the disk itself, are unchanged. This is inherently incompatible with roaming between PC hosts. Hibernation should only be used when the Windows To Go workspace is not being used to roam between host PCs.
+
+ > [!IMPORTANT]
+ > For the host-PC to resume correctly when hibernation is enabled the Windows To Go workspace must continue to use the same USB port.
+
+- **Disallow standby sleep states (S1-S3) when starting from a Windows To Go workspace**
+
+ This policy setting specifies whether the PC can use standby sleep states (S1–S3) when started from a Windows To Go workspace. The Sleep state also presents a unique challenge to Windows To Go users. When a computer goes to sleep, it appears as if it is shut down. It could be very easy for a user to think that a Windows To Go workspace in sleep mode was actually shut down and they could remove the Windows To Go drive and take it home. Removing the Windows To Go drive in this scenario is equivalent to an unclean shutdown which may result in the loss of unsaved user data or the corruption on the drive. Moreover, if the user now boots the drive on another PC and brings it back to the first PC which still happens to be in the sleep state, it will lead to an arbitrary crash and eventually corruption of the drive and result in the workspace becoming unusable. If you enable this policy setting, the Windows To Go workspace cannot use the standby states to cause the PC to enter sleep mode. If you disable or do not configure this policy setting, the Windows To Go workspace can place the PC in sleep mode.
+
+**Settings for host PCs**
+
+- **Windows To Go Default Startup Options**
+
+ This policy setting controls whether the host computer will boot to Windows To Go if a USB device containing a Windows To Go workspace is connected, and controls whether users can make changes using the **Windows To Go Startup Options** settings dialog. If you enable this policy setting, booting to Windows To Go when a USB device is connected will be enabled and users will not be able to make changes using the **Windows To Go Startup Options** settings dialog. If you disable this policy setting, booting to Windows To Go when a USB device is connected will not be enabled unless a user configures the option manually in the firmware. If you do not configure this policy setting, users who are members of the local Administrators group can enable or disable booting from USB using the **Windows To Go Startup Options** settings dialog.
+
+ > [!IMPORTANT]
+ > Enabling this policy setting will cause PCs running Windows to attempt to boot from any USB device that is inserted into the PC before it is started.
+
+## Supporting booting from USB
+
+The biggest hurdle for a user wanting to use Windows To Go is configuring their computer to boot from USB. This is traditionally done by entering the firmware and configuring the appropriate boot order options. To ease the process of making the firmware modifications required for Windows To Go, Windows includes a feature named **Windows To Go Startup Options** that allows a user to configure their computer to boot from USB from within Windows—without ever entering their firmware, as long as their firmware supports booting from USB.
+
+> [!NOTE]
+> Enabling a system to always boot from USB first has implications that you should consider. For example, a USB device that includes malware could be booted inadvertently to compromise the system, or multiple USB drives could be plugged in to cause a boot conflict. For this reason, the Windows To Go startup options are disabled by default. In addition, administrator privileges are required to configure Windows To Go startup options.
+
+If you are going to be using a Windows 7 computer as a host-PC, see the wiki article [Tips for configuring your BIOS settings to work with Windows To Go](https://go.microsoft.com/fwlink/p/?LinkID=618951).
+
+### Roaming between different firmware types
+
+Windows supports two types of PC firmware: Unified Extensible Firmware Interface (UEFI), which is the new standard, and legacy BIOS firmware, which was used in most PCs shipping with Windows 7 or earlier version of Windows. Each firmware type has completely different Windows boot components that are incompatible with each other. Beyond the different boot components, Windows supports different partition styles and layout requirements for each type of firmware as shown in the following diagrams.
+
+
+
+This presented a unique challenge for Windows To Go because the firmware type is not easily determined by end-users—a UEFI computer looks just like a legacy BIOS computer and Windows To Go must boot on both types of firmware.
+
+To enable booting Windows To Go on both types of firmware, a new disk layout is provided for Windows 8 or later that contains both sets of boot components on a FAT32 system partition and a new command-line option was added to bcdboot.exe to support this configuration. The **/f** option is used with the **bcdboot /s** command to specify the firmware type of the target system partition by appending either **UEFI**, **BIOS** or **ALL**. When creating Windows To Go drives manually you must use the **ALL** parameter to provide the Windows To Go drive the ability to boot on both types of firmware. For example, on volume H: (your Windows To Go USB drive letter), you would use the command **bcdboot C:\\windows /s H: /f ALL**. The following diagram illustrates the disk layout that results from that command:
+
+
+
+This is the only supported disk configuration for Windows To Go. With this disk configuration, a single Windows To Go drive can be booted on computers with UEFI and legacy BIOS firmware.
+
+### Configure Windows To Go startup options
+
+Windows To Go Startup Options is a setting available on Windows 10-based PCs that enables the computer to be booted from a USB without manually changing the firmware settings of the PC. To configure Windows To Go Startup Options you must have administrative rights on the computer and the **Windows To Go Default Startup Options** Group Policy setting must not be configured.
+
+**To configure Windows To Go startup options**
+
+1. On the Start screen, type, type **Windows To Go Startup Options**, click **Settings** and then press Enter.
+
+ 
+
+2. Select **Yes** to enable the startup options.
+
+ > [!TIP]
+ > If your computer is part of a domain, the Group Policy setting can be used to enable the startup options instead of the dialog.
+
+
+3. Click **Save Changes**. If the User Account Control dialog box is displayed, confirm that the action it displays is what you want, and then click **Yes**.
+
+### Change firmware settings
+
+If you choose to not use the Windows To Go startup options or are using a PC running Windows 7 as your host computer you will need to manually configure the firmware settings. The process used to accomplish this will depend on the firmware type and manufacturer. If your host computer is protected by BitLocker and running Windows 7 you should suspend BitLocker before making the change to the firmware settings. After the firmware settings have been successfully reconfigured, resume BitLocker protection. If you do not suspend BitLocker first, BitLocker will assume that the computer has been tampered with and will boot into BitLocker recovery mode.
+
+## Related topics
+
+[Windows To Go: feature overview](windows-to-go-overview.md)
+[Prepare your organization for Windows To Go](prepare-your-organization-for-windows-to-go.md)
+[Security and data protection considerations for Windows To Go](security-and-data-protection-considerations-for-windows-to-go.md)
+[Windows To Go: frequently asked questions](windows-to-go-frequently-asked-questions.md)
diff --git a/windows/deployment/planning/enabling-and-disabling-compatibility-fixes-in-compatibility-administrator.md b/windows/deployment/planning/enabling-and-disabling-compatibility-fixes-in-compatibility-administrator.md
index efa2cac236..565b9b6833 100644
--- a/windows/deployment/planning/enabling-and-disabling-compatibility-fixes-in-compatibility-administrator.md
+++ b/windows/deployment/planning/enabling-and-disabling-compatibility-fixes-in-compatibility-administrator.md
@@ -1,68 +1,68 @@
----
-title: Enabling and Disabling Compatibility Fixes in Compatibility Administrator (Windows 10)
-description: You can disable and enable individual compatibility fixes in your customized databases for testing and troubleshooting purposes.
-ms.assetid: 6bd4a7c5-0ed9-4a35-948c-c438aa4d6cb6
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.date: 04/19/2017
-ms.topic: article
----
-
-# Enabling and Disabling Compatibility Fixes in Compatibility Administrator
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-You can disable and enable individual compatibility fixes in your customized databases for testing and troubleshooting purposes.
-
-## Disabling Compatibility Fixes
-
-
-Customized compatibility databases can become quite complex as you add your fixes for the multiple applications found in your organization. Over time, you may find you need to disable a particular fix in your customized database. For example, if a software vendor releases a fix for an issue addressed in one of your compatibility fixes, you must validate that the vendor's fix is correct and that it resolves your issue. To do this, you must temporarily disable the compatibility fix and then test your application.
-
-**Important**
-Application Compatibility Toolkit (ACT) installs a 32-bit and a 64-bit version of the Compatibility Administrator tool. You must use the 32-bit version to work with custom databases for 32-bit applications and the 64-bit version to work with custom databases for 64-bit applications.
-
-
-
-**To disable a compatibility fix within a database**
-
-1. In the left-sde pane of Compatibility Administrator, expand the custom database that includes the compatibility fix that you want to disable, and then select the specific compatibility fix.
-
- The compatibility fix details appear in the right-hand pane.
-
-2. On the **Database** menu, click **Disable Entry**.
-
- **Important**
- When you disable an entry, it will remain disabled even if you do not save the database file.
-
-
-
-## Enabling Compatibility Fixes
-
-
-You can enable your disabled compatibility fixes at any time.
-
-**To enable a compatibility fix within a database**
-
-1. In the left-side pane of Compatibility Administrator, expand the custom database that includes the compatibility fix that you want to enable, and then select the specific compatibility fix.
-
- The compatibility fix details appear in the right-side pane.
-
-2. On the **Database** menu, click **Enable Entry**.
-
-## Related topics
-[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
+---
+title: Enabling and Disabling Compatibility Fixes in Compatibility Administrator (Windows 10)
+description: You can disable and enable individual compatibility fixes in your customized databases for testing and troubleshooting purposes.
+ms.assetid: 6bd4a7c5-0ed9-4a35-948c-c438aa4d6cb6
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.pagetype: appcompat
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Enabling and Disabling Compatibility Fixes in Compatibility Administrator
+
+
+**Applies to**
+
+- Windows 10
+- Windows 8.1
+- Windows 8
+- Windows 7
+- Windows Server 2012
+- Windows Server 2008 R2
+
+You can disable and enable individual compatibility fixes in your customized databases for testing and troubleshooting purposes.
+
+## Disabling Compatibility Fixes
+
+Customized compatibility databases can become quite complex as you add your fixes for the multiple applications found in your organization. Over time, you may find you need to disable a particular fix in your customized database. For example, if a software vendor releases a fix for an issue addressed in one of your compatibility fixes, you must validate that the vendor's fix is correct and that it resolves your issue. To do this, you must temporarily disable the compatibility fix and then test your application.
+
+>[!IMPORTANT]
+>Application Compatibility Toolkit (ACT) installs a 32-bit and a 64-bit version of the Compatibility Administrator tool. You must use the 32-bit version to work with custom databases for 32-bit applications and the 64-bit version to work with custom databases for 64-bit applications.
+
+
+
+**To disable a compatibility fix within a database**
+
+1. In the left-sde pane of Compatibility Administrator, expand the custom database that includes the compatibility fix that you want to disable, and then select the specific compatibility fix.
+
+ The compatibility fix details appear in the right-hand pane.
+
+2. On the **Database** menu, click **Disable Entry**.
+
+ **Important**
+ When you disable an entry, it will remain disabled even if you do not save the database file.
+
+
+
+## Enabling Compatibility Fixes
+
+
+You can enable your disabled compatibility fixes at any time.
+
+**To enable a compatibility fix within a database**
+
+1. In the left-side pane of Compatibility Administrator, expand the custom database that includes the compatibility fix that you want to enable, and then select the specific compatibility fix.
+
+ The compatibility fix details appear in the right-side pane.
+
+2. On the **Database** menu, click **Enable Entry**.
+
+## Related topics
+
+[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
diff --git a/windows/deployment/planning/index.md b/windows/deployment/planning/index.md
index e0816f65f8..454580a0c1 100644
--- a/windows/deployment/planning/index.md
+++ b/windows/deployment/planning/index.md
@@ -4,11 +4,11 @@ description: Windows 10 provides new deployment capabilities, scenarios, and to
ms.assetid: 002F9B79-B50F-40C5-A7A5-0B4770E6EC15
keywords: deploy, upgrade, update, configure
ms.prod: w10
+manager: laurawi
ms.mktglfcycl: plan
ms.sitesec: library
ms.localizationpriority: medium
-author: TrudyHa
-ms.date: 07/27/2017
+author: greg-lindsay
ms.topic: article
---
diff --git a/windows/deployment/planning/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md b/windows/deployment/planning/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md
index 6159fe34e5..f8f502fe93 100644
--- a/windows/deployment/planning/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md
+++ b/windows/deployment/planning/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md
@@ -1,67 +1,68 @@
----
-title: Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator (Windows 10)
-description: The Compatibility Administrator tool enables the creation and the use of custom-compatibility and standard-compatibility databases.
-ms.assetid: 659c9d62-5f32-433d-94aa-12141c01368f
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.date: 04/19/2017
-ms.topic: article
----
-
-# Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The Compatibility Administrator tool enables the creation and the use of custom-compatibility and standard-compatibility databases. Both the custom databases and the standard databases store the known compatibility fixes, compatibility modes, and AppHelp messages. They also store the required application-matching information for installation on your local computers.
-
-By default, the Windows® operating system installs a System Application Fix database for use with the Compatibility Administrator. This database can be updated through Windows Update, and is stored in the %WINDIR% \\AppPatch directory. Your custom databases are automatically stored in the %WINDIR% \\AppPatch\\Custom directory and are installed by using the Sdbinst.exe tool provided with the Compatibility Administrator.
-
-**Important**
-Application Compatibility Toolkit (ACT) installs a 32-bit and a 64-bit version of the Compatibility Administrator tool. You must use the 32-bit version to work with custom databases for 32-bit applications and the 64-bit version to work with custom databases for 64-bit applications.
-
-In addition, you must deploy your databases to your organization’s computers before the included fixes will have any effect on the application issue. For more information about deploying your database, see [Using the Sdbinst.exe Command-Line Tool](using-the-sdbinstexe-command-line-tool.md).
-
-
-
-## Installing a Custom Database
-
-
-Installing your custom-compatibility database enables you to fix issues with your installed applications.
-
-**To install a custom database**
-
-1. In the left-side pane of Compatibility Administrator, click the custom database to install to your local computers.
-
-2. On the **File** menu, click **Install**.
-
- The Compatibility Administrator installs the database, which appears in the **Installed Databases** list.
-
- The relationship between your database file and an included application occurs in the registry. Every time you start an application, the operating system checks the registry for compatibility-fix information and, if found, retrieves the information from your customized database file.
-
-## Uninstalling a Custom Database
-
-
-When a custom database is no longer necessary, either because the applications are no longer used or because the vendor has provided a fix that resolves the compatibility issues, you can uninstall the custom database.
-
-**To uninstall a custom database**
-
-1. In the **Installed Databases** list, which appears in the left-side pane of Compatibility Administrator, click the database to uninstall from your local computers.
-
-2. On the **File** menu, click **Uninstall**.
-
-## Related topics
-[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
+---
+title: Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator (Windows 10)
+description: The Compatibility Administrator tool enables the creation and the use of custom-compatibility and standard-compatibility databases.
+ms.assetid: 659c9d62-5f32-433d-94aa-12141c01368f
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.pagetype: appcompat
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.date: 04/19/2017
+ms.topic: article
+---
+
+# Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator
+
+
+**Applies to**
+
+- Windows 10
+- Windows 8.1
+- Windows 8
+- Windows 7
+- Windows Server 2012
+- Windows Server 2008 R2
+
+The Compatibility Administrator tool enables the creation and the use of custom-compatibility and standard-compatibility databases. Both the custom databases and the standard databases store the known compatibility fixes, compatibility modes, and AppHelp messages. They also store the required application-matching information for installation on your local computers.
+
+By default, the Windows® operating system installs a System Application Fix database for use with the Compatibility Administrator. This database can be updated through Windows Update, and is stored in the %WINDIR% \\AppPatch directory. Your custom databases are automatically stored in the %WINDIR% \\AppPatch\\Custom directory and are installed by using the Sdbinst.exe tool provided with the Compatibility Administrator.
+
+> [!IMPORTANT]
+> Application Compatibility Toolkit (ACT) installs a 32-bit and a 64-bit version of the Compatibility Administrator tool. You must use the 32-bit version to work with custom databases for 32-bit applications and the 64-bit version to work with custom databases for 64-bit applications.
+
+In addition, you must deploy your databases to your organization’s computers before the included fixes will have any effect on the application issue. For more information about deploying your database, see [Using the Sdbinst.exe Command-Line Tool](using-the-sdbinstexe-command-line-tool.md).
+
+
+
+## Installing a Custom Database
+
+
+Installing your custom-compatibility database enables you to fix issues with your installed applications.
+
+**To install a custom database**
+
+1. In the left-side pane of Compatibility Administrator, click the custom database to install to your local computers.
+
+2. On the **File** menu, click **Install**.
+
+ The Compatibility Administrator installs the database, which appears in the **Installed Databases** list.
+
+ The relationship between your database file and an included application occurs in the registry. Every time you start an application, the operating system checks the registry for compatibility-fix information and, if found, retrieves the information from your customized database file.
+
+## Uninstalling a Custom Database
+
+
+When a custom database is no longer necessary, either because the applications are no longer used or because the vendor has provided a fix that resolves the compatibility issues, you can uninstall the custom database.
+
+**To uninstall a custom database**
+
+1. In the **Installed Databases** list, which appears in the left-side pane of Compatibility Administrator, click the database to uninstall from your local computers.
+
+2. On the **File** menu, click **Uninstall**.
+
+## Related topics
+[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
diff --git a/windows/deployment/planning/prepare-your-organization-for-windows-to-go.md b/windows/deployment/planning/prepare-your-organization-for-windows-to-go.md
index 6dca43c7ac..6c41d9922c 100644
--- a/windows/deployment/planning/prepare-your-organization-for-windows-to-go.md
+++ b/windows/deployment/planning/prepare-your-organization-for-windows-to-go.md
@@ -1,131 +1,132 @@
----
-title: Prepare your organization for Windows To Go (Windows 10)
-description: Prepare your organization for Windows To Go
-ms.assetid: f3f3c160-90ad-40a8-aeba-2aedee18f7ff
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-keywords: ["mobile, device, USB, deploy"]
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: mobility
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Prepare your organization for Windows To Go
-
-
-**Applies to**
-
-- Windows 10
-
->[!IMPORTANT]
->Windows To Go is no longer being developed. The feature does not support feature updates and therefore does not enable you to stay current. It also requires a specific type of USB that is no longer supported by many OEMs.
-
-The following information is provided to help you plan and design a new deployment of a Windows To Go in your production environment. It provides answers to the “what”, “why”, and “when” questions an IT professional might have when planning to deploy Windows To Go.
-
-## What is Windows To Go?
-
-
-Windows To Go is a feature of Windows 10 Enterprise and Windows 10 Education that enables users to boot Windows from a USB-connected external drive. Windows To Go drives can use the same image that enterprises use for their desktops and laptops, and can be managed the same way. Offering a new mobility option, a Windows To Go workspace is not intended to replace desktops or laptops, or supplant other mobility offerings.
-
-Enterprise customers utilizing Volume Activation Windows licensing will be able to deploy USB drives provisioned with Windows To Go workspace. These drives will be bootable on multiple compatible host computers. Compatible host computers are computers that are:
-
-- USB boot capable
-- Have USB boot enabled in the firmware
-- Meet Windows 7 minimum system requirements
-- Have compatible processor architectures (for example, x86 or AMD64) as the image used to create the Windows To Go workspace. ARM is not a supported processor for Windows To Go.
-- Have firmware architecture that is compatible with the architecture of the image used for the Windows To Go workspace
-
-Booting a Windows To Go workspace requires no specific software on the host computer. PCs certified for Windows 7 and later can host Windows To Go.
-
-The following topics will familiarize you with how you can use a Windows To Go workspace and give you an overview of some of the things you should consider in your design.
-
-## Usage scenarios
-
-
-The following scenarios are examples of situations in which Windows To Go workspaces provide a solution for an IT implementer:
-
-- **Continuance of operations (COO).** In this scenario, selected employees receive a USB drive with a Windows To Go workspace, which includes all of the applications that the employees use at work. The employees can keep the device at home, in a briefcase, or wherever they want to store it until needed. When the users boot their home computer from the USB drive, it will create a corporate desktop experience so that they can quickly start working. On the very first boot, the employee sees that Windows is installing devices; after that one time, the Windows To Go drive boots like a normal computer. If they have enterprise network access, employees can use a virtual private network (VPN) connection or DirectAccess to access corporate resources. If the enterprise network is available, the Windows To Go workspace will automatically be updated using your standard client management processes.
-
-- **Contractors and temporary workers.** In this situation, an enterprise IT pro or manager would distribute the Windows To Go drive directly to the worker where they can be assisted with any necessary additional user education needs or address any possible compatibility issues. While the worker is on assignment, they can boot their computer exclusively from the Windows To Go drive and run all applications in that environment until the end of the assignment when the device is returned. No installation of software is required on the worker’s personal computer.
-
-- **Managed free seating.** The employee is issued a Windows To Go drive that is then used with the host computer assigned to that employee for a given session (this could be a vehicle, workspace, or standalone laptop). When the employee leaves the session, the next time they return they use the same USB flash drive but use a different host computer.
-
-- **Work from home.** In this situation, the Windows To Go drive can be provisioned for employees using various methods including System Center Configuration Manager or other deployment tools and then distributed to employees. The employee is instructed to boot the Windows To Go drive initially at work, which caches the employee’s credentials on the Windows To Go workspace and allows the initial data synchronization between the enterprise network and the Windows To Go workspace. The user can then bring the Windows To Go drive home where it can be used with their home computer, with or without enterprise network connectivity.
-
-- **Travel lightly.** In this situation you have employees who are moving from site to site, but who always will have access to a compatible host computer on site. Using Windows To Go workspaces allows them to travel without the need to pack their PC.
-
-**Note**
-If the employee wants to work offline for the majority of the time, but still maintain the ability to use the drive on the enterprise network, they should be informed of how often the Windows To Go workspace needs to be connected to the enterprise network. Doing so will ensure that the drive retains its access privileges and the workspace’s computer object is not potentially deleted from Active Directory Domain Services (AD DS).
-
-
-
-## Infrastructure considerations
-
-
-Because Windows To Go requires no additional software and minimal configuration, the same tools used to deploy images to other PCs can be used by an enterprise to install Windows To Go on a large group of USB devices. Moreover, because Windows To Go is compatible with connectivity and synchronization solutions already in use—such as Remote Desktop, DirectAccess and Folder Redirection—no additional infrastructure or management is necessary for this deployment. A Windows To Go image can be created on a USB drive that is identical to the hard drive inside a desktop. However, you may wish to consider making some modifications to your infrastructure to help make management of Windows To Go drives easier and to be able to identify them as a distinct device group.
-
-## Activation considerations
-
-
-Windows To Go uses volume activation. You can use either Active Directory-based activation or KMS activation with Windows To Go. The Windows To Go workspace counts as another installation when assessing compliance with application licensing agreements.
-
-Microsoft software, such as Microsoft Office, distributed to a Windows To Go workspace must also be activated. Office deployment is fully supported on Windows To Go. Please note, due to the retail subscription activation method associated with Office 365 ProPlus, Office 365 ProPlus subscribers are provided volume licensing activation rights for Office Professional Plus 2013 MSI for local installation on the Windows To Go drive. This is available to organizations who purchase Office 365 ProPlus or Office 365 Enterprise SKUs containing Office 365 ProPlus via volume licensing channels. For more information about activating Microsoft Office, see [Volume activation methods in Office 2013](https://go.microsoft.com/fwlink/p/?LinkId=618922).
-
-You should investigate other software manufacturer’s licensing requirements to ensure they are compatible with roaming usage before deploying them to a Windows To Go workspace.
-
-**Note**
-Using Multiple Activation Key (MAK) activation is not a supported activation method for Windows To Go as each different PC-host would require separate activation. MAK activation should not be used for activating Windows, Office, or any other application on a Windows To Go drive.
-
-
-
-See [Plan for Volume Activation](https://go.microsoft.com/fwlink/p/?LinkId=618923) for more information about these activation methods and how they can be used in your organization.
-
-## Organizational unit structure and use of Group Policy Objects
-
-
-You may find it beneficial to create additional Active Directory organizational unit (OU) structures to support your Windows To Go deployment; one for host computer accounts and one for Windows To Go workspace computer accounts. Creating an organizational unit for host computers allows you to enable the Windows To Go Startup Options using Group Policy for only the computers that will be used as Windows To Go hosts. Setting this policy helps to prevent computers from being accidentally configured to automatically boot from USB devices and allows closer monitoring and control of those computers which have the ability to boot from a USB device. The organizational unit for Windows To Go workspaces allows you to apply specific policy controls to them, such as the ability to use the Store application, power state controls, and line-of-business application installation.
-
-If you are deploying Windows To Go workspaces for a scenario in which they are not going to be roaming, but are instead being used on the same host computer, such as with temporary or contract employees, you might wish to enable hibernation or the Windows Store.
-
-For more information about Group Policy settings that can be used with Windows To Go, see [Deployment considerations for Windows To Go](deployment-considerations-for-windows-to-go.md)
-
-## Computer account management
-
-
-If you configure Windows To Go drives for scenarios where drives may remain unused for extended period of time such as use in continuance of operations scenarios, the AD DS computer account objects that correspond to Windows To Go drives have the potential to become stale and be pruned during maintenance operations. To address this issue, you should either have users log on regularly according to a schedule or modify any maintenance scripts to not clean up computer accounts in the Windows To Go device organizational unit.
-
-## User account and data management
-
-
-People use computers to work with data and consume content - that is their core function. The data must be stored and retrievable for it to be useful. When users are working in a Windows To Go workspace, they need to have the ability to get to the data that they work with and to keep it accessible when the workspace is not being used. For this reason we recommend that you use folder redirection and offline files to redirect the path of local folders (such as the Documents folder) to a network location, while caching the contents locally for increased speed and availability. We also recommend that you use roaming user profiles to synchronize user specific settings so that users receive the same operating system and application settings when using their Windows To Go workspace and their desktop computer. When a user signs in using a domain account that is set up with a file share as the profile path, the user’s profile is downloaded to the local computer and merged with the local profile (if present). When the user logs off the computer, the local copy of their profile, including any changes, is merged with the server copy of the profile. For more information, see [Folder Redirection, Offline Files, and Roaming User Profiles overview](https://go.microsoft.com/fwlink/p/?LinkId=618924).
-
-Windows To Go is fully integrated with your Microsoft account. Setting synchronization is accomplished by connecting a Microsoft account to a user account. Windows To Go devices fully support this feature and can be managed by Group Policy so that the customization and configurations you prefer will be applied to your Windows To Go workspace.
-
-## Remote connectivity
-
-
-If you want Windows To Go to be able to connect back to organizational resources when it is being used off-premises a remote connectivity solution must be enabled. Windows Server 2012 DirectAccess can be used as can a virtual private network (VPN) solution. For more information about configuring a remote access solution, see the [Remote Access (DirectAccess, Routing and Remote Access) Overview](https://go.microsoft.com/fwlink/p/?LinkId=618925).
-
-## Related topics
-
-
-[Windows To Go: feature overview](windows-to-go-overview.md)
-
-[Deployment considerations for Windows To Go](deployment-considerations-for-windows-to-go.md)
-
-[Security and data protection considerations for Windows To Go](security-and-data-protection-considerations-for-windows-to-go.md)
-
-[Windows To Go: frequently asked questions](windows-to-go-frequently-asked-questions.md)
-
-
-
-
-
-
-
-
-
+---
+title: Prepare your organization for Windows To Go (Windows 10)
+description: Prepare your organization for Windows To Go
+ms.assetid: f3f3c160-90ad-40a8-aeba-2aedee18f7ff
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+keywords: ["mobile, device, USB, deploy"]
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.pagetype: mobility
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Prepare your organization for Windows To Go
+
+
+**Applies to**
+
+- Windows 10
+
+>[!IMPORTANT]
+>Windows To Go is no longer being developed. The feature does not support feature updates and therefore does not enable you to stay current. It also requires a specific type of USB that is no longer supported by many OEMs.
+
+The following information is provided to help you plan and design a new deployment of a Windows To Go in your production environment. It provides answers to the “what”, “why”, and “when” questions an IT professional might have when planning to deploy Windows To Go.
+
+## What is Windows To Go?
+
+
+Windows To Go is a feature of Windows 10 Enterprise and Windows 10 Education that enables users to boot Windows from a USB-connected external drive. Windows To Go drives can use the same image that enterprises use for their desktops and laptops, and can be managed the same way. Offering a new mobility option, a Windows To Go workspace is not intended to replace desktops or laptops, or supplant other mobility offerings.
+
+Enterprise customers utilizing Volume Activation Windows licensing will be able to deploy USB drives provisioned with Windows To Go workspace. These drives will be bootable on multiple compatible host computers. Compatible host computers are computers that are:
+
+- USB boot capable
+- Have USB boot enabled in the firmware
+- Meet Windows 7 minimum system requirements
+- Have compatible processor architectures (for example, x86 or AMD64) as the image used to create the Windows To Go workspace. ARM is not a supported processor for Windows To Go.
+- Have firmware architecture that is compatible with the architecture of the image used for the Windows To Go workspace
+
+Booting a Windows To Go workspace requires no specific software on the host computer. PCs certified for Windows 7 and later can host Windows To Go.
+
+The following topics will familiarize you with how you can use a Windows To Go workspace and give you an overview of some of the things you should consider in your design.
+
+## Usage scenarios
+
+
+The following scenarios are examples of situations in which Windows To Go workspaces provide a solution for an IT implementer:
+
+- **Continuance of operations (COO).** In this scenario, selected employees receive a USB drive with a Windows To Go workspace, which includes all of the applications that the employees use at work. The employees can keep the device at home, in a briefcase, or wherever they want to store it until needed. When the users boot their home computer from the USB drive, it will create a corporate desktop experience so that they can quickly start working. On the very first boot, the employee sees that Windows is installing devices; after that one time, the Windows To Go drive boots like a normal computer. If they have enterprise network access, employees can use a virtual private network (VPN) connection or DirectAccess to access corporate resources. If the enterprise network is available, the Windows To Go workspace will automatically be updated using your standard client management processes.
+
+- **Contractors and temporary workers.** In this situation, an enterprise IT pro or manager would distribute the Windows To Go drive directly to the worker where they can be assisted with any necessary additional user education needs or address any possible compatibility issues. While the worker is on assignment, they can boot their computer exclusively from the Windows To Go drive and run all applications in that environment until the end of the assignment when the device is returned. No installation of software is required on the worker’s personal computer.
+
+- **Managed free seating.** The employee is issued a Windows To Go drive that is then used with the host computer assigned to that employee for a given session (this could be a vehicle, workspace, or standalone laptop). When the employee leaves the session, the next time they return they use the same USB flash drive but use a different host computer.
+
+- **Work from home.** In this situation, the Windows To Go drive can be provisioned for employees using various methods including System Center Configuration Manager or other deployment tools and then distributed to employees. The employee is instructed to boot the Windows To Go drive initially at work, which caches the employee’s credentials on the Windows To Go workspace and allows the initial data synchronization between the enterprise network and the Windows To Go workspace. The user can then bring the Windows To Go drive home where it can be used with their home computer, with or without enterprise network connectivity.
+
+- **Travel lightly.** In this situation you have employees who are moving from site to site, but who always will have access to a compatible host computer on site. Using Windows To Go workspaces allows them to travel without the need to pack their PC.
+
+> [!NOTE]
+> If the employee wants to work offline for the majority of the time, but still maintain the ability to use the drive on the enterprise network, they should be informed of how often the Windows To Go workspace needs to be connected to the enterprise network. Doing so will ensure that the drive retains its access privileges and the workspace’s computer object is not potentially deleted from Active Directory Domain Services (AD DS).
+
+
+
+## Infrastructure considerations
+
+
+Because Windows To Go requires no additional software and minimal configuration, the same tools used to deploy images to other PCs can be used by an enterprise to install Windows To Go on a large group of USB devices. Moreover, because Windows To Go is compatible with connectivity and synchronization solutions already in use—such as Remote Desktop, DirectAccess and Folder Redirection—no additional infrastructure or management is necessary for this deployment. A Windows To Go image can be created on a USB drive that is identical to the hard drive inside a desktop. However, you may wish to consider making some modifications to your infrastructure to help make management of Windows To Go drives easier and to be able to identify them as a distinct device group.
+
+## Activation considerations
+
+
+Windows To Go uses volume activation. You can use either Active Directory-based activation or KMS activation with Windows To Go. The Windows To Go workspace counts as another installation when assessing compliance with application licensing agreements.
+
+Microsoft software, such as Microsoft Office, distributed to a Windows To Go workspace must also be activated. Office deployment is fully supported on Windows To Go. Please note, due to the retail subscription activation method associated with Office 365 ProPlus, Office 365 ProPlus subscribers are provided volume licensing activation rights for Office Professional Plus 2013 MSI for local installation on the Windows To Go drive. This is available to organizations who purchase Office 365 ProPlus or Office 365 Enterprise SKUs containing Office 365 ProPlus via volume licensing channels. For more information about activating Microsoft Office, see [Volume activation methods in Office 2013](https://go.microsoft.com/fwlink/p/?LinkId=618922).
+
+You should investigate other software manufacturer’s licensing requirements to ensure they are compatible with roaming usage before deploying them to a Windows To Go workspace.
+
+> [!NOTE]
+> Using Multiple Activation Key (MAK) activation is not a supported activation method for Windows To Go as each different PC-host would require separate activation. MAK activation should not be used for activating Windows, Office, or any other application on a Windows To Go drive.
+
+
+
+See [Plan for Volume Activation](https://go.microsoft.com/fwlink/p/?LinkId=618923) for more information about these activation methods and how they can be used in your organization.
+
+## Organizational unit structure and use of Group Policy Objects
+
+
+You may find it beneficial to create additional Active Directory organizational unit (OU) structures to support your Windows To Go deployment; one for host computer accounts and one for Windows To Go workspace computer accounts. Creating an organizational unit for host computers allows you to enable the Windows To Go Startup Options using Group Policy for only the computers that will be used as Windows To Go hosts. Setting this policy helps to prevent computers from being accidentally configured to automatically boot from USB devices and allows closer monitoring and control of those computers which have the ability to boot from a USB device. The organizational unit for Windows To Go workspaces allows you to apply specific policy controls to them, such as the ability to use the Store application, power state controls, and line-of-business application installation.
+
+If you are deploying Windows To Go workspaces for a scenario in which they are not going to be roaming, but are instead being used on the same host computer, such as with temporary or contract employees, you might wish to enable hibernation or the Windows Store.
+
+For more information about Group Policy settings that can be used with Windows To Go, see [Deployment considerations for Windows To Go](deployment-considerations-for-windows-to-go.md)
+
+## Computer account management
+
+
+If you configure Windows To Go drives for scenarios where drives may remain unused for extended period of time such as use in continuance of operations scenarios, the AD DS computer account objects that correspond to Windows To Go drives have the potential to become stale and be pruned during maintenance operations. To address this issue, you should either have users log on regularly according to a schedule or modify any maintenance scripts to not clean up computer accounts in the Windows To Go device organizational unit.
+
+## User account and data management
+
+
+People use computers to work with data and consume content - that is their core function. The data must be stored and retrievable for it to be useful. When users are working in a Windows To Go workspace, they need to have the ability to get to the data that they work with and to keep it accessible when the workspace is not being used. For this reason we recommend that you use folder redirection and offline files to redirect the path of local folders (such as the Documents folder) to a network location, while caching the contents locally for increased speed and availability. We also recommend that you use roaming user profiles to synchronize user specific settings so that users receive the same operating system and application settings when using their Windows To Go workspace and their desktop computer. When a user signs in using a domain account that is set up with a file share as the profile path, the user’s profile is downloaded to the local computer and merged with the local profile (if present). When the user logs off the computer, the local copy of their profile, including any changes, is merged with the server copy of the profile. For more information, see [Folder Redirection, Offline Files, and Roaming User Profiles overview](https://go.microsoft.com/fwlink/p/?LinkId=618924).
+
+Windows To Go is fully integrated with your Microsoft account. Setting synchronization is accomplished by connecting a Microsoft account to a user account. Windows To Go devices fully support this feature and can be managed by Group Policy so that the customization and configurations you prefer will be applied to your Windows To Go workspace.
+
+## Remote connectivity
+
+
+If you want Windows To Go to be able to connect back to organizational resources when it is being used off-premises a remote connectivity solution must be enabled. Windows Server 2012 DirectAccess can be used as can a virtual private network (VPN) solution. For more information about configuring a remote access solution, see the [Remote Access (DirectAccess, Routing and Remote Access) Overview](https://go.microsoft.com/fwlink/p/?LinkId=618925).
+
+## Related topics
+
+
+[Windows To Go: feature overview](windows-to-go-overview.md)
+
+[Deployment considerations for Windows To Go](deployment-considerations-for-windows-to-go.md)
+
+[Security and data protection considerations for Windows To Go](security-and-data-protection-considerations-for-windows-to-go.md)
+
+[Windows To Go: frequently asked questions](windows-to-go-frequently-asked-questions.md)
+
+
+
+
+
+
+
+
+
diff --git a/windows/deployment/planning/searching-for-fixed-applications-in-compatibility-administrator.md b/windows/deployment/planning/searching-for-fixed-applications-in-compatibility-administrator.md
index 66a530280c..955117dcd6 100644
--- a/windows/deployment/planning/searching-for-fixed-applications-in-compatibility-administrator.md
+++ b/windows/deployment/planning/searching-for-fixed-applications-in-compatibility-administrator.md
@@ -1,79 +1,79 @@
----
-title: Searching for Fixed Applications in Compatibility Administrator (Windows 10)
-description: With the search functionality in Compatibility Administrator, you can locate specific executable (.exe) files with previously applied compatibility fixes, compatibility modes, or AppHelp messages.
-ms.assetid: 1051a2dc-0362-43a4-8ae8-07dae39b1cb8
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.date: 04/19/2017
-ms.topic: article
----
-
-# Searching for Fixed Applications in Compatibility Administrator
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-With the search functionality in Compatibility Administrator, you can locate specific executable (.exe) files with previously applied compatibility fixes, compatibility modes, or AppHelp messages. This is particularly useful if you are trying to identify applications with a specific compatibility fix or identifying which fixes are applied to a specific application.
-
-The **Query Compatibility Databases** tool provides additional search options. For more information, see [Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator](searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md).
-
-## Searching for Previously Applied Compatibility Fixes
-
-
-**Important**
-You must perform your search with the correct version of the Compatibility Administrator tool. If you are searching for a 32-bit custom database, you must use the 32-bit version of Compatibility Administrator. If you are searching for a 64-bit custom database, you must use the 64-bit version of Compatibility Administrator.
-
-
-
-**To search for previous fixes**
-
-1. On the Compatibility Administrator toolbar, click **Search**.
-
-2. Click **Browse** to locate the directory location to search for .exe files.
-
-3. Select at least one check box from **Entries with Compatibility Fixes**, **Entries with Compatibility Modes**, or **Entries with AppHelp**.
-
-4. Click **Find Now**.
-
- The query runs, returning your results in the lower pane.
-
-## Viewing Your Query Results
-
-
-Your query results display the affected files, the application location, the application name, the type of compatibility fix, and the custom database that provided the fix.
-
-## Exporting Your Query Results
-
-
-You can export your search results to a text (.txt) file for later review or archival.
-
-**To export your search results**
-
-1. In the **Search for Fixes** dialog box, click **Export**.
-
-2. Browse to the location where you want to store your search result file, and then click **Save**.
-
-## Related topics
-[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
-
-
-
-
-
-
-
-
-
+---
+title: Searching for Fixed Applications in Compatibility Administrator (Windows 10)
+description: With the search functionality in Compatibility Administrator, you can locate specific executable (.exe) files with previously applied compatibility fixes, compatibility modes, or AppHelp messages.
+ms.assetid: 1051a2dc-0362-43a4-8ae8-07dae39b1cb8
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.pagetype: appcompat
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.date: 04/19/2017
+ms.topic: article
+---
+
+# Searching for Fixed Applications in Compatibility Administrator
+
+
+**Applies to**
+
+- Windows 10
+- Windows 8.1
+- Windows 8
+- Windows 7
+- Windows Server 2012
+- Windows Server 2008 R2
+
+With the search functionality in Compatibility Administrator, you can locate specific executable (.exe) files with previously applied compatibility fixes, compatibility modes, or AppHelp messages. This is particularly useful if you are trying to identify applications with a specific compatibility fix or identifying which fixes are applied to a specific application.
+
+The **Query Compatibility Databases** tool provides additional search options. For more information, see [Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator](searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md).
+
+## Searching for Previously Applied Compatibility Fixes
+
+> [!IMPORTANT]
+> You must perform your search with the correct version of the Compatibility Administrator tool. If you are searching for a 32-bit custom database, you must use the 32-bit version of Compatibility Administrator. If you are searching for a 64-bit custom database, you must use the 64-bit version of Compatibility Administrator.
+
+
+
+**To search for previous fixes**
+
+1. On the Compatibility Administrator toolbar, click **Search**.
+
+2. Click **Browse** to locate the directory location to search for .exe files.
+
+3. Select at least one check box from **Entries with Compatibility Fixes**, **Entries with Compatibility Modes**, or **Entries with AppHelp**.
+
+4. Click **Find Now**.
+
+ The query runs, returning your results in the lower pane.
+
+## Viewing Your Query Results
+
+
+Your query results display the affected files, the application location, the application name, the type of compatibility fix, and the custom database that provided the fix.
+
+## Exporting Your Query Results
+
+
+You can export your search results to a text (.txt) file for later review or archival.
+
+**To export your search results**
+
+1. In the **Search for Fixes** dialog box, click **Export**.
+
+2. Browse to the location where you want to store your search result file, and then click **Save**.
+
+## Related topics
+[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
+
+
+
+
+
+
+
+
+
diff --git a/windows/deployment/planning/searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md b/windows/deployment/planning/searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md
index 08b12d19fc..5bc84062d1 100644
--- a/windows/deployment/planning/searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md
+++ b/windows/deployment/planning/searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md
@@ -1,183 +1,154 @@
----
-title: Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator (Windows 10)
-description: You can access the Query tool from within Compatibility Administrator. The Query tool provides the same functionality as using the Search feature.
-ms.assetid: dd213b55-c71c-407a-ad49-33db54f82f22
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.date: 04/19/2017
-ms.topic: article
----
-
-# Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-You can access the Query tool from within Compatibility Administrator. The Query tool provides the same functionality as using the Search feature.
-
-For information about the Search feature, see [Searching for Fixed Applications in Compatibility Administrator](searching-for-fixed-applications-in-compatibility-administrator.md). However, the Query tool provides more detailed search criteria, including tabs that enable you to search the program properties, the compatibility fix properties, and the fix description. You can perform a search by using SQL SELECT and WHERE clauses, in addition to searching specific types of databases.
-
-**Important**
-You must perform your search with the correct version of the Compatibility Administrator tool. To use the Query tool to search for a 32-bit custom database, you must use the 32-bit version of Compatibility Administrator. To use the Query tool to search for a 64-bit custom database, you must use the 64-bit version of Compatibility Administrator.
-
-
-
-## Querying by Using the Program Properties Tab
-
-
-You can use the **Program Properties** tab of the Query tool to search for any compatibility fix, compatibility mode, or AppHelp for a specific application.
-
-**To query by using the Program Properties tab**
-
-1. On the Compatibility Administrator toolbar, click **Query**.
-
-2. In the **Look in** drop-down list, select the appropriate database type to search.
-
-3. Type the location of the application you are searching for into the **Search for the Application** field.
-
- This name should be the same as the name in the **Applications** area (left pane) of Compatibility Administrator.
-
-4. Type the application executable (.exe) file name into the **Search for the File** box. If you leave this box blank, the percent (%) sign appears as a wildcard to search for any file.
-
- You must designate the executable name that was given when the compatibility fix was added to the database.
-
-5. Optionally, select the check box for one of the following types of compatibility fix:
-
- - **Compatibility Modes**
-
- - **Compatibility Fixes**
-
- - **Application Helps**
-
- **Important**
- If you do not select any of the check boxes, the search will look for all types of compatibility fixes. Do not select multiple check boxes because only applications that match all of the requirements will appear.
-
-
-
-6. Click **Find Now**.
-
- The query runs and the results of the query are displayed in the lower pane.
-
-## Querying by Using the Fix Properties Tab
-
-
-You can use the **Fix Properties** tab of the Query tool to search for any application affected by a specific compatibility fix or a compatibility mode. For example, you can search for any application affected by the ProfilesSetup compatibility mode.
-
-**To query by using the Fix Properties tab**
-
-1. On the Compatibility Administrator toolbar, click **Query**.
-
-2. Click the **Fix Properties** tab.
-
-3. In the **Look in** drop-down list, select the appropriate database type to search.
-
-4. Type the name of the compatibility fix or compatibility mode into the **Search for programs fixed using** field.
-
- **Note**
- You can use the percent (%) symbol as a wildcard in your fix-properties query, as a substitute for any string of zero or more characters.
-
-
-
-5. Select the check box for either **Search in Compatibility Fixes** or **Search in Compatibility Modes**.
-
- **Important**
- Your text must match the type of compatibility fix or mode for which you are performing the query. For example, entering the name of a compatibility fix and selecting the compatibility mode check box will not return any results. Additionally, if you select both check boxes, the query will search for the fix by compatibility mode and compatibility fix. Only applications that match both requirements appear.
-
-
-
-6. Click **Find Now**.
-
- The query runs and the results of the query are displayed in the lower pane.
-
-## Querying by Using the Fix Description Tab
-
-
-You can use the **Fix Description** tab of the Query tool to add parameters that enable you to search your compatibility databases by application title or solution description text.
-
-**To query by using the Fix Description tab**
-
-1. On the Compatibility Administrator toolbar, click **Query**.
-
-2. Click the **Fix Description** tab.
-
-3. In the **Look in** drop-down list, select the appropriate database type to search.
-
-4. Type your search keywords into the box **Words to look for**. Use commas to separate multiple keywords.
-
- **Important**
- You cannot use wildcards as part of the Fix Description search query because the default behavior is to search for any entry that meets your search criteria.
-
-
-
-5. Refine your search by selecting **Match any word** or **Match all words** from the drop-down list.
-
-6. Click **Find Now**.
-
- The query runs and the results of the query are displayed in the lower pane.
-
-## Querying by Using the Fix Description Tab
-
-
-You can use the **Fix Description** tab of the Query tool to add additional SQL Server SELECT and WHERE clauses to your search criteria.
-
-**To query by using the Advanced tab**
-
-1. On the Compatibility Administrator toolbar, click **Query**.
-
-2. Click the **Advanced** tab.
-
-3. In the **Look in** drop-down list, select the appropriate database type to search.
-
-4. Select the appropriate SELECT clause for your search from the **Select clauses** box. For example, **APP\_NAME**.
-
- The **APP\_NAME** clause appears in the **SELECT** field. You can add as many additional clauses as you require. They will appear as columns in your search results.
-
-5. Select the appropriate WHERE clause for your search from the **Where clauses** box. For example, **DATABASE\_NAME**.
-
- The **DATABASE\_NAME =** clause appears in the **WHERE** box.
-
-6. Type the appropriate clause criteria after the equal (=) sign in the **WHERE** box. For example, **DATABASE\_NAME = "Custom\_Database"**.
-
- You must surround your clause criteria text with quotation marks (") for the clause to function properly.
-
-7. Click **Find Now**.
-
- The query runs and the results of the query are displayed in the lower pane.
-
-## Exporting Your Search Results
-
-
-You can export any of your search results into a tab-delimited text (.txt) file for later review or for archival purposes.
-
-**To export your results**
-
-1. After you have completed your search by using the Query tool, click **Export**.
-
- The **Save results to a file** dialog box appears.
-
-2. Browse to the location where you intend to store the search results file, and then click **Save**.
-
-## Related topics
-[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
-
-
-
-
-
-
-
-
-
+---
+title: Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator (Windows 10)
+description: You can access the Query tool from within Compatibility Administrator. The Query tool provides the same functionality as using the Search feature.
+ms.assetid: dd213b55-c71c-407a-ad49-33db54f82f22
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.pagetype: appcompat
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator
+
+
+**Applies to**
+
+- Windows 10
+- Windows 8.1
+- Windows 8
+- Windows 7
+- Windows Server 2012
+- Windows Server 2008 R2
+
+You can access the Query tool from within Compatibility Administrator. The Query tool provides the same functionality as using the Search feature.
+
+For information about the Search feature, see [Searching for Fixed Applications in Compatibility Administrator](searching-for-fixed-applications-in-compatibility-administrator.md). However, the Query tool provides more detailed search criteria, including tabs that enable you to search the program properties, the compatibility fix properties, and the fix description. You can perform a search by using SQL SELECT and WHERE clauses, in addition to searching specific types of databases.
+
+<<<<<<< HEAD
+> [!IMPORTANT]
+> You must perform your search with the correct version of the Compatibility Administrator tool. To use the Query tool to search for a 32-bit custom database, you must use the 32-bit version of Compatibility Administrator. To use the Query tool to search for a 64-bit custom database, you must use the 64-bit version of Compatibility Administrator.
+=======
+>[!IMPORTANT]
+>You must perform your search with the correct version of the Compatibility Administrator tool. To use the Query tool to search for a 32-bit custom database, you must use the 32-bit version of Compatibility Administrator. To use the Query tool to search for a 64-bit custom database, you must use the 64-bit version of Compatibility Administrator.
+>>>>>>> bfaab3359a63dde24e6d0dca11b841e045c481f6
+
+## Querying by Using the Program Properties Tab
+
+You can use the **Program Properties** tab of the Query tool to search for any compatibility fix, compatibility mode, or AppHelp for a specific application.
+
+**To query by using the Program Properties tab**
+
+1. On the Compatibility Administrator toolbar, click **Query**.
+2. In the **Look in** drop-down list, select the appropriate database type to search.
+3. Type the location of the application you are searching for into the **Search for the Application** field.
+
+ This name should be the same as the name in the **Applications** area (left pane) of Compatibility Administrator.
+
+4. Type the application executable (.exe) file name into the **Search for the File** box. If you leave this box blank, the percent (%) sign appears as a wildcard to search for any file.
+
+ You must designate the executable name that was given when the compatibility fix was added to the database.
+
+5. Optionally, select the check box for one of the following types of compatibility fix:
+
+ - **Compatibility Modes**
+ - **Compatibility Fixes**
+ - **Application Helps**
+
+ > [!IMPORTANT]
+ > If you do not select any of the check boxes, the search will look for all types of compatibility fixes. Do not select multiple check boxes because only applications that match all of the requirements will appear.
+
+6. Click **Find Now**.
+
+ The query runs and the results of the query are displayed in the lower pane.
+
+## Querying by Using the Fix Properties Tab
+
+
+You can use the **Fix Properties** tab of the Query tool to search for any application affected by a specific compatibility fix or a compatibility mode. For example, you can search for any application affected by the ProfilesSetup compatibility mode.
+
+**To query by using the Fix Properties tab**
+
+1. On the Compatibility Administrator toolbar, click **Query**.
+2. Click the **Fix Properties** tab.
+3. In the **Look in** drop-down list, select the appropriate database type to search.
+4. Type the name of the compatibility fix or compatibility mode into the **Search for programs fixed using** field.
+
+ >[!NOTE]
+ >You can use the percent (%) symbol as a wildcard in your fix-properties query, as a substitute for any string of zero or more characters
+
+5. Select the check box for either **Search in Compatibility Fixes** or **Search in Compatibility Modes**.
+
+ >[!IMPORTANT]
+ >Your text must match the type of compatibility fix or mode for which you are performing the query. For example, entering the name of a compatibility fix and selecting the compatibility mode check box will not return any results. Additionally, if you select both check boxes, the query will search for the fix by compatibility mode and compatibility fix. Only applications that match both requirements appear.
+
+6. Click **Find Now**.
+
+ The query runs and the results of the query are displayed in the lower pane.
+
+## Querying by Using the Fix Description Tab
+
+You can use the **Fix Description** tab of the Query tool to add parameters that enable you to search your compatibility databases by application title or solution description text.
+
+**To query by using the Fix Description tab**
+
+1. On the Compatibility Administrator toolbar, click **Query**.
+2. Click the **Fix Description** tab.
+3. In the **Look in** drop-down list, select the appropriate database type to search.
+4. Type your search keywords into the box **Words to look for**. Use commas to separate multiple keywords.
+
+ >[!IMPORTANT]
+ >You cannot use wildcards as part of the Fix Description search query because the default behavior is to search for any entry that meets your search criteria.
+
+5. Refine your search by selecting **Match any word** or **Match all words** from the drop-down list.
+6. Click **Find Now**.
+
+ The query runs and the results of the query are displayed in the lower pane.
+
+## Querying by Using the Fix Description Tab
+
+
+You can use the **Fix Description** tab of the Query tool to add additional SQL Server SELECT and WHERE clauses to your search criteria.
+
+**To query by using the Advanced tab**
+
+1. On the Compatibility Administrator toolbar, click **Query**.
+2. Click the **Advanced** tab.
+3. In the **Look in** drop-down list, select the appropriate database type to search.
+4. Select the appropriate SELECT clause for your search from the **Select clauses** box. For example, **APP\_NAME**.
+
+ The **APP\_NAME** clause appears in the **SELECT** field. You can add as many additional clauses as you require. They will appear as columns in your search results.
+
+5. Select the appropriate WHERE clause for your search from the **Where clauses** box. For example, **DATABASE\_NAME**.
+
+ The **DATABASE\_NAME =** clause appears in the **WHERE** box.
+
+6. Type the appropriate clause criteria after the equal (=) sign in the **WHERE** box. For example, **DATABASE\_NAME = "Custom\_Database"**.
+
+ You must surround your clause criteria text with quotation marks (") for the clause to function properly.
+
+7. Click **Find Now**.
+
+ The query runs and the results of the query are displayed in the lower pane.
+
+## Exporting Your Search Results
+
+
+You can export any of your search results into a tab-delimited text (.txt) file for later review or for archival purposes.
+
+**To export your results**
+
+1. After you have completed your search by using the Query tool, click **Export**.
+
+ The **Save results to a file** dialog box appears.
+
+2. Browse to the location where you intend to store the search results file, and then click **Save**.
+
+## Related topics
+
+[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
\ No newline at end of file
diff --git a/windows/deployment/planning/testing-your-application-mitigation-packages.md b/windows/deployment/planning/testing-your-application-mitigation-packages.md
index 180b884748..6782e5861f 100644
--- a/windows/deployment/planning/testing-your-application-mitigation-packages.md
+++ b/windows/deployment/planning/testing-your-application-mitigation-packages.md
@@ -1,92 +1,93 @@
----
-title: Testing Your Application Mitigation Packages (Windows 10)
-description: This topic provides details about testing your application-mitigation packages, including recommendations about how to report your information and how to resolve any outstanding issues.
-ms.assetid: ae946f27-d377-4db9-b179-e8875d454ccf
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.date: 04/19/2017
-ms.topic: article
----
-
-# Testing Your Application Mitigation Packages
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-This topic provides details about testing your application-mitigation packages, including recommendations about how to report your information and how to resolve any outstanding issues.
-
-## Testing Your Application Mitigation Packages
-
-
-Testing your application mitigation package strategies is an iterative process, whereby the mitigation strategies that prove unsuccessful will need to be revised and retested. The testing process includes a series of tests in the test environment and one or more pilot deployments in the production environment.
-
-**To test your mitigation strategies**
-
-1. Perform the following steps for each of the applications for which you have developed mitigations.
-
- 1. Test the mitigation strategy in your test environment.
-
- 2. If the mitigation strategy is unsuccessful, revise the mitigation strategy and perform step 1 again.
-
- At the end of this step, you will have successfully tested all of your mitigation strategies in your test environment and can move to your pilot deployment environment.
-
-2. Perform the following steps in the pilot deployments for each of the applications for which you have developed mitigations.
-
- 1. Test the mitigation strategy in your pilot deployment.
-
- 2. If the mitigation strategy is unsuccessful, revise the mitigation strategy and perform Step 2 again.
-
- At the end of this step, you will have successfully tested all of your mitigation strategies in your pilot environment.
-
-## Reporting the Compatibility Mitigation Status to Stakeholders
-
-
-After testing your application mitigation package, you must communicate your status to the appropriate stakeholders before deployment begins. We recommend that you perform this communication by using the following status ratings.
-
-- **Resolved application compatibility issues**. This status indicates that the application compatibility issues are resolved and that these applications represent no risk to your environment.
-
-- **Unresolved application compatibility issues**. This status indicates that there are unresolved issues for the specifically defined applications. Because these applications are a risk to your environment, more discussion is required before you can resolve the compatibility issues.
-
-- **Changes to user experience**. This status indicates that the fix will change the user experience for the defined applications, possibly requiring your staff to receive further training. More investigation is required before you can resolve the compatibility issues.
-
-- **Changes in help desk procedures and processes**. This status indicates that the fix will require changes to your help desk's procedures and processes, possibly requiring your support staff to receive further training. More investigation is required before you can resolve the compatibility issues.
-
-## Resolving Outstanding Compatibility Issues
-
-
-At this point, you probably cannot resolve any unresolved application compatibility issues by automated mitigation methods or by modifying the application. Resolve any outstanding application compatibility issues by using one of the following methods.
-
-- Apply specific compatibility modes, or run the program as an Administrator, by using the Compatibility Administrator tool.
-
- **Note**
- For more information about using Compatibility Administrator to apply compatibility fixes and compatibility modes, see [Using the Compatibility Administrator Tool](using-the-compatibility-administrator-tool.md).
-
-
-
-- Run the application in a virtual environment.
-
- Run the application in a version of Windows supported by the application in a virtualized environment. This method ensures application compatibility, because the application is running on a supported operating system.
-
-- Resolve application compatibility by using non-Microsoft tools.
-
- If the application was developed in an environment other than Microsoft Visual Studio®, you must use non-Microsoft debugging and analysis tools to help resolve the remaining application compatibility issues.
-
-- Outsource the application compatibility mitigation.
-
- If your developers have insufficient resources to resolve the application compatibility issues, outsource the mitigation effort to another organization within your company.
-
-## Related topics
-[Managing Application-Compatibility Fixes and Custom Fix Databases](managing-application-compatibility-fixes-and-custom-fix-databases.md)
+---
+title: Testing Your Application Mitigation Packages (Windows 10)
+description: This topic provides details about testing your application-mitigation packages, including recommendations about how to report your information and how to resolve any outstanding issues.
+ms.assetid: ae946f27-d377-4db9-b179-e8875d454ccf
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.pagetype: appcompat
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.date: 04/19/2017
+ms.topic: article
+---
+
+# Testing Your Application Mitigation Packages
+
+
+**Applies to**
+
+- Windows 10
+- Windows 8.1
+- Windows 8
+- Windows 7
+- Windows Server 2012
+- Windows Server 2008 R2
+
+This topic provides details about testing your application-mitigation packages, including recommendations about how to report your information and how to resolve any outstanding issues.
+
+## Testing Your Application Mitigation Packages
+
+
+Testing your application mitigation package strategies is an iterative process, whereby the mitigation strategies that prove unsuccessful will need to be revised and retested. The testing process includes a series of tests in the test environment and one or more pilot deployments in the production environment.
+
+**To test your mitigation strategies**
+
+1. Perform the following steps for each of the applications for which you have developed mitigations.
+
+ 1. Test the mitigation strategy in your test environment.
+
+ 2. If the mitigation strategy is unsuccessful, revise the mitigation strategy and perform step 1 again.
+
+ At the end of this step, you will have successfully tested all of your mitigation strategies in your test environment and can move to your pilot deployment environment.
+
+2. Perform the following steps in the pilot deployments for each of the applications for which you have developed mitigations.
+
+ 1. Test the mitigation strategy in your pilot deployment.
+
+ 2. If the mitigation strategy is unsuccessful, revise the mitigation strategy and perform Step 2 again.
+
+ At the end of this step, you will have successfully tested all of your mitigation strategies in your pilot environment.
+
+## Reporting the Compatibility Mitigation Status to Stakeholders
+
+
+After testing your application mitigation package, you must communicate your status to the appropriate stakeholders before deployment begins. We recommend that you perform this communication by using the following status ratings.
+
+- **Resolved application compatibility issues**. This status indicates that the application compatibility issues are resolved and that these applications represent no risk to your environment.
+
+- **Unresolved application compatibility issues**. This status indicates that there are unresolved issues for the specifically defined applications. Because these applications are a risk to your environment, more discussion is required before you can resolve the compatibility issues.
+
+- **Changes to user experience**. This status indicates that the fix will change the user experience for the defined applications, possibly requiring your staff to receive further training. More investigation is required before you can resolve the compatibility issues.
+
+- **Changes in help desk procedures and processes**. This status indicates that the fix will require changes to your help desk's procedures and processes, possibly requiring your support staff to receive further training. More investigation is required before you can resolve the compatibility issues.
+
+## Resolving Outstanding Compatibility Issues
+
+
+At this point, you probably cannot resolve any unresolved application compatibility issues by automated mitigation methods or by modifying the application. Resolve any outstanding application compatibility issues by using one of the following methods.
+
+- Apply specific compatibility modes, or run the program as an Administrator, by using the Compatibility Administrator tool.
+
+ > [!NOTE]
+ > For more information about using Compatibility Administrator to apply compatibility fixes and compatibility modes, see [Using the Compatibility Administrator Tool](using-the-compatibility-administrator-tool.md).
+
+
+
+- Run the application in a virtual environment.
+
+ Run the application in a version of Windows supported by the application in a virtualized environment. This method ensures application compatibility, because the application is running on a supported operating system.
+
+- Resolve application compatibility by using non-Microsoft tools.
+
+ If the application was developed in an environment other than Microsoft Visual Studio®, you must use non-Microsoft debugging and analysis tools to help resolve the remaining application compatibility issues.
+
+- Outsource the application compatibility mitigation.
+
+ If your developers have insufficient resources to resolve the application compatibility issues, outsource the mitigation effort to another organization within your company.
+
+## Related topics
+[Managing Application-Compatibility Fixes and Custom Fix Databases](managing-application-compatibility-fixes-and-custom-fix-databases.md)
diff --git a/windows/deployment/planning/understanding-and-using-compatibility-fixes.md b/windows/deployment/planning/understanding-and-using-compatibility-fixes.md
index 42f2b0f0dc..fe43dd8983 100644
--- a/windows/deployment/planning/understanding-and-using-compatibility-fixes.md
+++ b/windows/deployment/planning/understanding-and-using-compatibility-fixes.md
@@ -1,101 +1,94 @@
----
-title: Understanding and Using Compatibility Fixes (Windows 10)
-description: As the Windows operating system evolves to support new technology and functionality, the implementations of some functions may change.
-ms.assetid: 84bf663d-3e0b-4168-99d6-a26e054821b7
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.date: 04/19/2017
-ms.topic: article
----
-
-# Understanding and Using Compatibility Fixes
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-As the Windows operating system evolves to support new technology and functionality, the implementations of some functions may change. This can cause problems for applications that relied upon the original implementation. You can avoid compatibility issues by using the Microsoft Windows Application Compatibility (Compatibility Fix) infrastructure to create a specific application fix for a particular version of an application.
-
-## How the Compatibility Fix Infrastructure Works
-
-
-The Compatibility Fix infrastructure uses the linking ability of APIs to redirect an application from Windows code directly to alternative code that implements the compatibility fix.
-
-The Windows Portable Executable File Format includes headers that contain the data directories that are used to provide a layer of indirection between the application and the linked file. API calls to the external binary files take place through the Import Address Table (IAT), which then directly calls the Windows operating system, as shown in the following figure.
-
-
-
-Specifically, the process modifies the address of the affected Windows function in the IAT to point to the compatibility fix code, as shown in the following figure.
-
-
-
-**Note**
-For statically linked DLLs, the code redirection occurs as the application loads. You can also fix dynamically linked DLLs by hooking into the GetProcAddress API.
-
-
-
-## Design Implications of the Compatibility Fix Infrastructure
-
-
-There are important considerations to keep in mind when determining your application fix strategy, due to certain characteristics of the Compatibility Fix infrastructure.
-
-- The compatibility fix is not part of the Windows operating system (as shown in the previous figure). Therefore, the same security restrictions apply to the compatibility fix as apply to the application code, which means that you cannot use compatibility fixes to bypass any of the security mechanisms of the operating system. Therefore, compatibility fixes do not increase your security exposure, nor do you need to lower your security settings to accommodate compatibility fixes.
-
-- The Compatibility Fix infrastructure injects additional code into the application before it calls the operating system. This means that any remedy that can be accomplished by a compatibility fix can also be addressed by fixing the application code.
-
-- The compatibility fixes run as user-mode code inside of a user-mode application process. This means that you cannot use a compatibility fix to fix kernel-mode code issues. For example, you cannot use a compatibility fix to resolve device-driver issues.
-
- **Note**
- Some antivirus, firewall, and anti-spyware code runs in kernel mode.
-
-
-
-## Determining When to Use a Compatibility Fix
-
-
-The decision to use compatibility fixes to remedy your compatibility issues may involve more than just technical issues. The following scenarios reflect other common reasons for using a compatibility fix.
-
-### Scenario 1
-
-**The compatibility issue exists on an application which is no longer supported by the vendor.**
-
-As in many companies, you may run applications for which the vendor has ended support. In this situation, you cannot have the vendor make the fix, nor can you access the source code to modify the issue yourself. However, it is possible that the use of a compatibility fix might resolve the compatibility issue.
-
-### Scenario 2
-
-**The compatibility issue exists on an internally created application.**
-
-While it is preferable to fix the application code to resolve the issue, this is not always possible. Your internal team might not be able to fix all of the issues prior to the deployment of the new operating system. Instead, they might choose to employ a compatibility fix anywhere that it is possible. They can then fix the code only for issues that cannot be resolved in this manner. Through this method, your team can modify the application as time permits, without delaying the deployment of the new operating system into your environment.
-
-### Scenario 3
-
-**The compatibility issue exists on an application for which a compatible version is to be released in the near future, or an application that is not critical to the organization, regardless of its version.**
-
-In the situation where an application is either unimportant to your organization, or for which a newer, compatible version is to be released shortly, you can use a compatibility fix as a temporary solution. This means that you can continue to use the application without delaying the deployment of a new operating system, with the intention of updating your configuration as soon as the new version is released.
-
-## Determining Which Version of an Application to Fix
-
-
-You can apply a compatibility fix to a particular version of an application, either by using the "up to or including" clause or by selecting that specific version. This means that the next version of the application will not have the compatibility fix automatically applied. This is important, because it allows you to continue to use your application, but it also encourages the vendor to fix the application.
-
-## Support for Compatibility Fixes
-
-
-Compatibility fixes are shipped as part of the Windows operating system and are updated by using Windows Update. Therefore, they receive the same level of support as Windows itself.
-
-You can apply the compatibility fixes to any of your applications. However, Microsoft does not provide the tools to use the Compatibility Fix infrastructure to create your own custom fixes.
-
-## Related topics
-[Managing Application-Compatibility Fixes and Custom Fix Databases](managing-application-compatibility-fixes-and-custom-fix-databases.md)
+---
+title: Understanding and Using Compatibility Fixes (Windows 10)
+description: As the Windows operating system evolves to support new technology and functionality, the implementations of some functions may change.
+ms.assetid: 84bf663d-3e0b-4168-99d6-a26e054821b7
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.pagetype: appcompat
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Understanding and Using Compatibility Fixes
+
+**Applies to**
+
+- Windows 10
+- Windows 8.1
+- Windows 8
+- Windows 7
+- Windows Server 2012
+- Windows Server 2008 R2
+
+As the Windows operating system evolves to support new technology and functionality, the implementations of some functions may change. This can cause problems for applications that relied upon the original implementation. You can avoid compatibility issues by using the Microsoft Windows Application Compatibility (Compatibility Fix) infrastructure to create a specific application fix for a particular version of an application.
+
+## How the Compatibility Fix Infrastructure Works
+
+The Compatibility Fix infrastructure uses the linking ability of APIs to redirect an application from Windows code directly to alternative code that implements the compatibility fix.
+
+The Windows Portable Executable File Format includes headers that contain the data directories that are used to provide a layer of indirection between the application and the linked file. API calls to the external binary files take place through the Import Address Table (IAT), which then directly calls the Windows operating system, as shown in the following figure.
+
+
+
+Specifically, the process modifies the address of the affected Windows function in the IAT to point to the compatibility fix code, as shown in the following figure.
+
+
+
+>[!NOTE]
+>For statically linked DLLs, the code redirection occurs as the application loads. You can also fix dynamically linked DLLs by hooking into the GetProcAddress API.
+
+
+
+## Design Implications of the Compatibility Fix Infrastructure
+
+There are important considerations to keep in mind when determining your application fix strategy, due to certain characteristics of the Compatibility Fix infrastructure.
+
+- The compatibility fix is not part of the Windows operating system (as shown in the previous figure). Therefore, the same security restrictions apply to the compatibility fix as apply to the application code, which means that you cannot use compatibility fixes to bypass any of the security mechanisms of the operating system. Therefore, compatibility fixes do not increase your security exposure, nor do you need to lower your security settings to accommodate compatibility fixes.
+
+- The Compatibility Fix infrastructure injects additional code into the application before it calls the operating system. This means that any remedy that can be accomplished by a compatibility fix can also be addressed by fixing the application code.
+
+- The compatibility fixes run as user-mode code inside of a user-mode application process. This means that you cannot use a compatibility fix to fix kernel-mode code issues. For example, you cannot use a compatibility fix to resolve device-driver issues.
+
+ > [!NOTE]
+ > Some antivirus, firewall, and anti-spyware code runs in kernel mode.
+
+## Determining When to Use a Compatibility Fix
+
+The decision to use compatibility fixes to remedy your compatibility issues may involve more than just technical issues. The following scenarios reflect other common reasons for using a compatibility fix.
+
+### Scenario 1
+
+**The compatibility issue exists on an application which is no longer supported by the vendor.**
+
+As in many companies, you may run applications for which the vendor has ended support. In this situation, you cannot have the vendor make the fix, nor can you access the source code to modify the issue yourself. However, it is possible that the use of a compatibility fix might resolve the compatibility issue.
+
+### Scenario 2
+
+**The compatibility issue exists on an internally created application.**
+
+While it is preferable to fix the application code to resolve the issue, this is not always possible. Your internal team might not be able to fix all of the issues prior to the deployment of the new operating system. Instead, they might choose to employ a compatibility fix anywhere that it is possible. They can then fix the code only for issues that cannot be resolved in this manner. Through this method, your team can modify the application as time permits, without delaying the deployment of the new operating system into your environment.
+
+### Scenario 3
+
+**The compatibility issue exists on an application for which a compatible version is to be released in the near future, or an application that is not critical to the organization, regardless of its version.**
+
+In the situation where an application is either unimportant to your organization, or for which a newer, compatible version is to be released shortly, you can use a compatibility fix as a temporary solution. This means that you can continue to use the application without delaying the deployment of a new operating system, with the intention of updating your configuration as soon as the new version is released.
+
+## Determining Which Version of an Application to Fix
+
+You can apply a compatibility fix to a particular version of an application, either by using the "up to or including" clause or by selecting that specific version. This means that the next version of the application will not have the compatibility fix automatically applied. This is important, because it allows you to continue to use your application, but it also encourages the vendor to fix the application.
+
+## Support for Compatibility Fixes
+
+Compatibility fixes are shipped as part of the Windows operating system and are updated by using Windows Update. Therefore, they receive the same level of support as Windows itself.
+
+You can apply the compatibility fixes to any of your applications. However, Microsoft does not provide the tools to use the Compatibility Fix infrastructure to create your own custom fixes.
+
+## Related topics
+
+[Managing Application-Compatibility Fixes and Custom Fix Databases](managing-application-compatibility-fixes-and-custom-fix-databases.md)
diff --git a/windows/deployment/planning/viewing-the-events-screen-in-compatibility-administrator.md b/windows/deployment/planning/viewing-the-events-screen-in-compatibility-administrator.md
index f5419526ab..579f4b8bfa 100644
--- a/windows/deployment/planning/viewing-the-events-screen-in-compatibility-administrator.md
+++ b/windows/deployment/planning/viewing-the-events-screen-in-compatibility-administrator.md
@@ -1,59 +1,49 @@
----
-title: Viewing the Events Screen in Compatibility Administrator (Windows 10)
-description: The Events screen enables you to record and to view your activities in the Compatibility Administrator tool, provided that the screen is open while you perform the activities.
-ms.assetid: f2b2ada4-1b7b-4558-989d-5b52b40454b3
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.date: 04/19/2017
-ms.topic: article
----
-
-# Viewing the Events Screen in Compatibility Administrator
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The **Events** screen enables you to record and to view your activities in the Compatibility Administrator tool, provided that the screen is open while you perform the activities.
-
-**Important**
-The **Events** screen only records your activities when the screen is open. If you perform an action before opening the **Events** screen, the action will not appear in the list.
-
-
-
-**To open the Events screen**
-
-- On the **View** menu, click **Events**.
-
-## Handling Multiple Copies of Compatibility Fixes
-
-
-Compatibility Administrator enables you to copy your compatibility fixes from one database to another, which can become confusing after adding multiple fixes, compatibility modes, and databases. For example, you can copy a fix called MyFix from Database 1 to Database 2. However, if there is already a fix called MyFix in Database 2, Compatibility Administrator renames the fix as MyFix (1) to avoid duplicate names.
-
-If you open the **Events** screen and then perform the copy operation, you can see a description of the action, along with the time stamp, which enables you to view your fix information without confusion.
-
-## Related topics
-[Creating a Custom Compatibility Mode in Compatibility Administrator](creating-a-custom-compatibility-mode-in-compatibility-administrator.md)
-
-[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
-
-
-
-
-
-
-
-
-
+---
+title: Viewing the Events Screen in Compatibility Administrator (Windows 10)
+description: The Events screen enables you to record and to view your activities in the Compatibility Administrator tool, provided that the screen is open while you perform the activities.
+ms.assetid: f2b2ada4-1b7b-4558-989d-5b52b40454b3
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.pagetype: appcompat
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Viewing the Events Screen in Compatibility Administrator
+
+
+**Applies to**
+
+- Windows 10
+- Windows 8.1
+- Windows 8
+- Windows 7
+- Windows Server 2012
+- Windows Server 2008 R2
+
+The **Events** screen enables you to record and to view your activities in the Compatibility Administrator tool, provided that the screen is open while you perform the activities.
+
+>[!IMPORTANT]
+>The **Events** screen only records your activities when the screen is open. If you perform an action before opening the **Events** screen, the action will not appear in the list.
+
+
+
+**To open the Events screen**
+
+- On the **View** menu, click **Events**.
+
+## Handling Multiple Copies of Compatibility Fixes
+
+
+Compatibility Administrator enables you to copy your compatibility fixes from one database to another, which can become confusing after adding multiple fixes, compatibility modes, and databases. For example, you can copy a fix called MyFix from Database 1 to Database 2. However, if there is already a fix called MyFix in Database 2, Compatibility Administrator renames the fix as MyFix (1) to avoid duplicate names.
+
+If you open the **Events** screen and then perform the copy operation, you can see a description of the action, along with the time stamp, which enables you to view your fix information without confusion.
+
+## Related topics
+[Creating a Custom Compatibility Mode in Compatibility Administrator](creating-a-custom-compatibility-mode-in-compatibility-administrator.md)
+[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
diff --git a/windows/deployment/planning/windows-10-1703-removed-features.md b/windows/deployment/planning/windows-10-1703-removed-features.md
index 0d09296845..24b5b1b1d9 100644
--- a/windows/deployment/planning/windows-10-1703-removed-features.md
+++ b/windows/deployment/planning/windows-10-1703-removed-features.md
@@ -2,11 +2,11 @@
title: Windows 10, version 1703 removed features
description: Learn about features that were removed in Windows 10, version 1703
ms.prod: w10
+manager: laurawi
ms.mktglfcycl: plan
ms.localizationpriority: medium
ms.sitesec: library
-author: lizap
-ms.date: 10/09/2017
+author: greg-lindsay
ms.topic: article
---
# Features that are removed or deprecated in Windows 10, version 1703
diff --git a/windows/deployment/planning/windows-10-1903-removed-features.md b/windows/deployment/planning/windows-10-1903-removed-features.md
index 2c73c4bc18..7d8e437274 100644
--- a/windows/deployment/planning/windows-10-1903-removed-features.md
+++ b/windows/deployment/planning/windows-10-1903-removed-features.md
@@ -1,43 +1,45 @@
----
-title: Windows 10, version 1903 - Features that have been removed
-description: Learn about features that will be removed or deprecated in Windows 10, version 1903, or a future release
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.localizationpriority: medium
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-manager: laurawi
-ms.author: greglin
-ms.topic: article
----
-# Features removed or planned for replacement starting with Windows 10, version 1903
-
-> Applies to: Windows 10, version 1903
-
-Each version of Windows 10 adds new features and functionality; occasionally we also remove features and functionality, often because we've added a better option. Below are the details about the features and functionalities that we removed in Windows 10, version 1903. **The list below is subject to change and might not include every affected feature or functionality.**
-
-**Note**: Join the [Windows Insider program](https://insider.windows.com) to get early access to new Windows 10 builds and test these changes yourself.
-
-## Features we removed or will remove soon
-
-The following features and functionalities are removed from the installed product image for Windows 10, version 1903, or are planned for removal in an upcoming release. Applications or code that depend on these features won't function in this release unless you use another method.
-
-
-| Feature | Details |
-|---------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| XDDM-based remote display driver | Starting with this release the Remote Desktop Services uses a Windows Display Driver Model (WDDM) based Indirect Display Driver (IDD) for a single session remote desktop. The support for Windows 2000 Display Driver Model (XDDM) based remote display drivers will be removed in a future release. Independent Software Vendors that use XDDM-based remote display driver should plan a migration to the WDDM driver model. For more information on implementing remote indirect display driver ISVs can reach out to [rdsdev@microsoft.com](mailto:rdsdev@microsoft.com). |
-| Desktop messaging app doesn't offer messages sync | The messaging app on Desktop has a sync feature that can be used to sync SMS text messages received from Windows Mobile and keep a copy of them on the Desktop. The sync feature has been removed from all devices. Due to this change, you will only be able to access messages from the device that received the message. |
-
-## Features we’re no longer developing
-
-We're no longer actively developing these features and may remove them from a future update. Some features have been replaced with other features or functionality, while others are now available from different sources.
-
-If you have feedback about the proposed replacement of any of these features, you can use the [Feedback Hub app](https://support.microsoft.com/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app).
-
-|Feature |Details|
-|-----------|---------------------|
-| Taskbar settings roaming| Roaming of taskbar settings is no longer being developed and we plan to disable this capability in a future release|
-|Wi-Fi WEP and TKIP|In this release a warning message will appear when connecting to Wi-Fi networks secured with WEP or TKIP, which are not as secure as those using WPA2 or WPA3. In a future release, any connection to a Wi-Fi network using these old ciphers will be disallowed. Wi-Fi routers should be updated to use AES ciphers, available with WPA2 or WPA3. |
-|Windows To Go|Windows To Go is no longer being developed.
The feature does not support feature updates and therefore does not enable you to stay current. It also requires a specific type of USB that is no longer supported by many OEMs.|
-|Print 3D app|Going forward, 3D Builder is the recommended 3D printing app. To 3D print objects on new Windows devices, customers must first install 3D Builder from the Store.|
-
+---
+title: Windows 10, version 1903 - Features that have been removed
+description: Learn about features that will be removed or deprecated in Windows 10, version 1903, or a future release
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.localizationpriority: medium
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+manager: laurawi
+ms.author: greglin
+ms.topic: article
+---
+# Features removed or planned for replacement starting with Windows 10, version 1903
+
+> Applies to: Windows 10, version 1903
+
+Each version of Windows 10 adds new features and functionality; occasionally we also remove features and functionality, often because we've added a better option. Below are the details about the features and functionalities that we removed in Windows 10, version 1903. **The list below is subject to change and might not include every affected feature or functionality.**
+
+> [!NOTE]
+> Join the [Windows Insider program](https://insider.windows.com) to get early access to new Windows 10 builds and test these changes yourself.
+
+## Features we removed or will remove soon
+
+The following features and functionalities are removed from the installed product image for Windows 10, version 1903, or are planned for removal in an upcoming release. Applications or code that depend on these features won't function in this release unless you use another method.
+
+
+| Feature | Details |
+|---------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| XDDM-based remote display driver | Starting with this release the Remote Desktop Services uses a Windows Display Driver Model (WDDM) based Indirect Display Driver (IDD) for a single session remote desktop. The support for Windows 2000 Display Driver Model (XDDM) based remote display drivers will be removed in a future release. Independent Software Vendors that use XDDM-based remote display driver should plan a migration to the WDDM driver model. For more information on implementing remote indirect display driver ISVs can reach out to [rdsdev@microsoft.com](mailto:rdsdev@microsoft.com). |
+| Desktop messaging app doesn't offer messages sync | The messaging app on Desktop has a sync feature that can be used to sync SMS text messages received from Windows Mobile and keep a copy of them on the Desktop. The sync feature has been removed from all devices. Due to this change, you will only be able to access messages from the device that received the message. |
+
+## Features we’re no longer developing
+
+We're no longer actively developing these features and may remove them from a future update. Some features have been replaced with other features or functionality, while others are now available from different sources.
+
+If you have feedback about the proposed replacement of any of these features, you can use the [Feedback Hub app](https://support.microsoft.com/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app).
+
+|Feature |Details|
+|-----------|---------------------|
+| Taskbar settings roaming| Roaming of taskbar settings is no longer being developed and we plan to disable this capability in a future release|
+|Wi-Fi WEP and TKIP|In this release a warning message will appear when connecting to Wi-Fi networks secured with WEP or TKIP, which are not as secure as those using WPA2 or WPA3. In a future release, any connection to a Wi-Fi network using these old ciphers will be disallowed. Wi-Fi routers should be updated to use AES ciphers, available with WPA2 or WPA3. |
+|Windows To Go|Windows To Go is no longer being developed.
The feature does not support feature updates and therefore does not enable you to stay current. It also requires a specific type of USB that is no longer supported by many OEMs.|
+|Print 3D app|Going forward, 3D Builder is the recommended 3D printing app. To 3D print objects on new Windows devices, customers must first install 3D Builder from the Store.|
+
diff --git a/windows/deployment/planning/windows-10-enterprise-faq-itpro.md b/windows/deployment/planning/windows-10-enterprise-faq-itpro.md
index 2900db198c..8716d1b086 100644
--- a/windows/deployment/planning/windows-10-enterprise-faq-itpro.md
+++ b/windows/deployment/planning/windows-10-enterprise-faq-itpro.md
@@ -23,7 +23,7 @@ Get answers to common questions around compatibility, installation, and support
### Where can I download Windows 10 Enterprise?
-If you have Windows volume licenses with Software Assurance, or if you have purchased licenses for Windows 10 Enterprise volume licenses, you can download 32-bit and 64-bit versions of Windows 10 Enterprise from the [Volume Licensing Service Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx). If you do not have current Software Assurance for Windows and would like to purchase volume licenses for Windows 10 Enterprise, contact your preferred Microsoft Reseller or see [How to purchase through Volume Licensing](https://www.microsoft.com/en-us/Licensing/how-to-buy/how-to-buy.aspx).
+If you have Windows volume licenses with Software Assurance, or if you have purchased licenses for Windows 10 Enterprise volume licenses, you can download 32-bit and 64-bit versions of Windows 10 Enterprise from the [Volume Licensing Service Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx). If you do not have current Software Assurance for Windows and would like to purchase volume licenses for Windows 10 Enterprise, contact your preferred Microsoft Reseller or see [How to purchase through Volume Licensing](https://www.microsoft.com/Licensing/how-to-buy/how-to-buy.aspx).
### What are the system requirements?
@@ -35,7 +35,7 @@ Most computers that are compatible with Windows 8.1 will be compatible with Wind
### Can I evaluate Windows 10 Enterprise?
-Yes, a 90-day evaluation of Windows 10 Enterprise is available through the [TechNet Evaluation Center](https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprise). The evaluation is available in Chinese (Simplified), Chinese (Traditional), French, German, Italian, Japanese, Korean, Portuguese (Brazil), and Spanish (Spain, International Sort). We highly recommend that organizations make use of the Windows 10 Enterprise 90-day Evaluation to try out deployment and management scenarios, test compatibility with hardware and applications, and to get hands on experience with Windows 10 Enterprise features.
+Yes, a 90-day evaluation of Windows 10 Enterprise is available through the [TechNet Evaluation Center](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise). The evaluation is available in Chinese (Simplified), Chinese (Traditional), French, German, Italian, Japanese, Korean, Portuguese (Brazil), and Spanish (Spain, International Sort). We highly recommend that organizations make use of the Windows 10 Enterprise 90-day Evaluation to try out deployment and management scenarios, test compatibility with hardware and applications, and to get hands on experience with Windows 10 Enterprise features.
## Drivers and compatibility
@@ -56,7 +56,7 @@ Many existing Win32 and Win64 applications already run reliably on Windows 10 wi
### Is there an easy way to assess if my organization’s devices are ready to upgrade to Windows 10?
-[Windows Analytics Upgrade Readiness](https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics) (formerly known as Upgrade Analytics) provides powerful insights and recommendations about the computers, applications, and drivers in your organization, at no extra cost and without additional infrastructure requirements. This new service guides you through your upgrade and feature update projects using a workflow based on Microsoft recommended practices. Up-to-date inventory data allows you to balance cost and risk in your upgrade projects. You can find additional product information at [Windows Analytics](https://www.microsoft.com/en-us/WindowsForBusiness/Windows-Analytics).
+[Windows Analytics Upgrade Readiness](https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics) (formerly known as Upgrade Analytics) provides powerful insights and recommendations about the computers, applications, and drivers in your organization, at no extra cost and without additional infrastructure requirements. This new service guides you through your upgrade and feature update projects using a workflow based on Microsoft recommended practices. Up-to-date inventory data allows you to balance cost and risk in your upgrade projects. You can find additional product information at [Windows Analytics](https://www.microsoft.com/WindowsForBusiness/Windows-Analytics).
## Administration and deployment
diff --git a/windows/deployment/planning/windows-10-infrastructure-requirements.md b/windows/deployment/planning/windows-10-infrastructure-requirements.md
index 36c030bdcf..03fd161f35 100644
--- a/windows/deployment/planning/windows-10-infrastructure-requirements.md
+++ b/windows/deployment/planning/windows-10-infrastructure-requirements.md
@@ -1,133 +1,135 @@
----
-title: Windows 10 infrastructure requirements (Windows 10)
-description: There are specific infrastructure requirements to deploy and manage Windows 10 that should be in place prior to significant Windows 10 deployments within your organization.
-ms.assetid: B0FA27D9-A206-4E35-9AE6-74E70748BE64
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-keywords: deploy, upgrade, update, hardware
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.localizationpriority: medium
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Windows 10 infrastructure requirements
-
-
-**Applies to**
-
-- Windows 10
-
-There are specific infrastructure requirements to deploy and manage Windows 10 that should be in place prior to significant Windows 10 deployments within your organization.
-
-## High-level requirements
-
-
-For initial Windows 10 deployments, as well as subsequent Windows 10 upgrades, ensure that sufficient disk space is available for distribution of the Windows 10 installation files (about 3 GB for Windows 10 x64 images, slightly smaller for x86). Also, be sure to take into account the network impact of moving these large images to each PC; you may need to leverage local server storage.
-
-For persistent VDI environments, carefully consider the I/O impact from upgrading large numbers of PCs in a short period of time. Ensure that upgrades are performed in smaller numbers, or during off-peak time periods. (For pooled VDI environments, a better approach is to replace the base image with a new version.)
-
-## Deployment tools
-
-
-A new version of the Assessment and Deployment Toolkit (ADK) has been released to support Windows 10. This new version, available for download [here](https://go.microsoft.com/fwlink/p/?LinkId=526740), is required for Windows 10; you should not use earlier versions of the ADK to deploy Windows 10. It also supports the deployment of Windows 7, Windows 8, and Windows 8.1.
-
-Significant enhancements in the ADK for Windows 10 include new runtime provisioning capabilities, which leverage the Windows Imaging and Configuration Designer (Windows ICD), as well as updated versions of existing deployment tools (DISM, USMT, Windows PE, and more).
-
-Microsoft Deployment Toolkit 2013 Update 1, available for download [here](https://go.microsoft.com/fwlink/p/?LinkId=625079), has also been updated to support Windows 10 and the new ADK; older versions do not support Windows 10. New in this release is task sequence support for Windows 10 in-place upgrades.
-
-For System Center Configuration Manager, Windows 10 support is offered with various releases:
-
-| Release | Windows 10 management? | Windows 10 deployment? |
-|---------------------------------------------|------------------------|------------------------------------------------|
-| System Center Configuration Manager 2007 | Yes, with a hotfix | No |
-| System Center Configuration Manager 2012 | Yes, with SP2 and CU1 | Yes, with SP2, CU1, and the ADK for Windows 10 |
-| System Center Configuration Manager 2012 R2 | Yes, with SP1 and CU1 | Yes, with SP1, CU1, and the ADK for Windows 10 |
-
-
->Note: Configuration Manager 2012 supports Windows 10 version 1507 (build 10.0.10240) and 1511 (build 10.0.10586) for the lifecycle of these builds. Future releases of Windows 10 CB/CBB are not supported With Configuration Manager 2012, and will require System Center Configuration Manager current branch for supported management.
-
-
-For more details about System Center Configuration Manager support for Windows 10, see [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](../deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md).
-
-## Management tools
-
-
-In addition to System Center Configuration Manager, Windows 10 also leverages other tools for management. For Windows Server and Active Directory, existing supported versions are fully supported for Windows 10. New Group Policy templates will be needed to configure new settings available in Windows 10; these templates are available in the Windows 10 media images, and are available as a separate download [here](https://go.microsoft.com/fwlink/p/?LinkId=625081). See [Group Policy settings reference](https://go.microsoft.com/fwlink/p/?LinkId=625082) for a list of the new and modified policy settings. If you are using a central policy store, follow the steps outlined [here](https://go.microsoft.com/fwlink/p/?LinkId=625083) to update the ADMX files stored in that central store.
-
-No new Active Directory schema updates or specific functional levels are currently required for core Windows 10 product functionality, although subsequent upgrades could require these to support new features.
-
-Microsoft Desktop Optimization Pack (MDOP) has been updated to support Windows 10. The minimum versions required to support Windows 10 are as follows:
-
-| Product | Required version |
-|----------------------------------------------------------|--------------------------|
-| Advanced Group Policy Management (AGPM) | AGPM 4.0 Service Pack 3 |
-| Application Virtualization (App-V) | App-V 5.1 |
-| Diagnostics and Recovery Toolkit (DaRT) | DaRT 10 |
-| Microsoft BitLocker Administration and Monitoring (MBAM) | MBAM 2.5 SP1 (2.5 is OK) |
-| User Experience Virtualization (UE-V) | UE-V 2.1 SP1 |
-
-
-
-For more information, see the [MDOP TechCenter](https://go.microsoft.com/fwlink/p/?LinkId=625090).
-
-For devices you manage with mobile device management (MDM) solutions such as Microsoft Intune, existing capabilities (provided initially in Windows 8.1) are fully supported in Windows 10; new Windows 10 MDM settings and capabilities will require updates to the MDM services. See [Mobile device management](https://go.microsoft.com/fwlink/p/?LinkId=625084) for more information.
-
-Windows Server Update Services (WSUS) requires some additional configuration to receive updates for Windows 10. Use the Windows Server Update Services admin tool and follow these instructions:
-
-1. Select the **Options** node, and then click **Products and Classifications**.
-
-2. In the **Products** tree, select the **Windows 10** and **Windows 10 LTSB** products and any other Windows 10-related items that you want. Click **OK**.
-
-3. From the **Synchronizations** node, right-click and choose **Synchronize Now**.
-
-
-
-Figure 1. WSUS product list with Windows 10 choices
-
-Because Windows 10 updates are cumulative in nature, each month’s new update will supersede the previous month's. Consider leveraging “express installation” packages to reduce the size of the payload that needs to be sent to each PC each month; see [Express installation files](https://go.microsoft.com/fwlink/p/?LinkId=625086) for more information. (Note that this will increase the amount of disk storage needed by WSUS, and impacts all operating systems being managed with WSUS.)
-
-## Activation
-
-
-Windows 10 volume license editions of Windows 10 will continue to support all existing activation methods (KMS, MAK, and AD-based activation). An update will be required for existing KMS servers:
-
-| Product | Required update |
-|----------------------------------------|---------------------------------------------------------------------------------------------|
-| Windows 10 | None |
-| Windows Server 2012 R2 and Windows 8.1 | [https://support.microsoft.com/kb/3058168](https://go.microsoft.com/fwlink/p/?LinkId=625087) |
-| Windows Server 2012 and Windows 8 | [https://support.microsoft.com/kb/3058168](https://go.microsoft.com/fwlink/p/?LinkId=625087) |
-| Windows Server 2008 R2 and Windows 7 | [https://support.microsoft.com/kb/3079821](https://support.microsoft.com/kb/3079821) |
-
-
-
-Also see: [Windows Server 2016 Volume Activation Tips](https://blogs.technet.microsoft.com/askcore/2016/10/19/windows-server-2016-volume-activation-tips/)
-
-Additionally, new product keys will be needed for all types of volume license activation (KMS, MAK, and AD-based Activation); these keys are available on the Volume Licensing Service Center (VLSC) for customers with rights to the Windows 10 operating system. To find the needed keys:
-
-- Sign into the [Volume Licensing Service Center (VLSC)](https://go.microsoft.com/fwlink/p/?LinkId=625088) at with a Microsoft account that has appropriate rights.
-
-- For KMS keys, click **Licenses** and then select **Relationship Summary**. Click the appropriate active license ID, and then select **Product Keys** near the right side of the page. For KMS running on Windows Server, find the **Windows Srv 2012R2 DataCtr/Std KMS for Windows 10** product key; for KMS running on client operating systems, find the **Windows 10** product key.
-
-- For MAK keys, click **Downloads and Keys**, and then filter the list by using **Windows 10** as a product. Click the **Key** link next to an appropriate list entry (for example, **Windows 10 Enterprise** or **Windows 10 Enterprise LTSB**) to view the available MAK keys. (You can also find keys for KMS running on Windows 10 in this list. These keys will not work on Windows servers running KMS.)
-
-Note that Windows 10 Enterprise and Windows 10 Enterprise LTSB installations use different MAK keys. But you can use the same KMS server or Active Directory-based activation environment for both; the KMS keys obtained from the Volume Licensing Service Center will work with both.
-
-## Related topics
-
-
-[Windows 10 servicing options](../update/waas-servicing-strategy-windows-10-updates.md)
-
[Windows 10 deployment considerations](windows-10-deployment-considerations.md)
-
[Windows 10 compatibility](windows-10-compatibility.md)
-
-
-
-
-
-
-
-
-
+---
+title: Windows 10 infrastructure requirements (Windows 10)
+description: There are specific infrastructure requirements to deploy and manage Windows 10 that should be in place prior to significant Windows 10 deployments within your organization.
+ms.assetid: B0FA27D9-A206-4E35-9AE6-74E70748BE64
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+keywords: deploy, upgrade, update, hardware
+ms.prod: w10
+ms.mktglfcycl: plan
+ms.localizationpriority: medium
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Windows 10 infrastructure requirements
+
+
+**Applies to**
+
+- Windows 10
+
+There are specific infrastructure requirements to deploy and manage Windows 10 that should be in place prior to significant Windows 10 deployments within your organization.
+
+## High-level requirements
+
+
+For initial Windows 10 deployments, as well as subsequent Windows 10 upgrades, ensure that sufficient disk space is available for distribution of the Windows 10 installation files (about 3 GB for Windows 10 x64 images, slightly smaller for x86). Also, be sure to take into account the network impact of moving these large images to each PC; you may need to leverage local server storage.
+
+For persistent VDI environments, carefully consider the I/O impact from upgrading large numbers of PCs in a short period of time. Ensure that upgrades are performed in smaller numbers, or during off-peak time periods. (For pooled VDI environments, a better approach is to replace the base image with a new version.)
+
+## Deployment tools
+
+
+A new version of the Assessment and Deployment Toolkit (ADK) has been released to support Windows 10. This new version, available for download [here](https://go.microsoft.com/fwlink/p/?LinkId=526740), is required for Windows 10; you should not use earlier versions of the ADK to deploy Windows 10. It also supports the deployment of Windows 7, Windows 8, and Windows 8.1.
+
+Significant enhancements in the ADK for Windows 10 include new runtime provisioning capabilities, which leverage the Windows Imaging and Configuration Designer (Windows ICD), as well as updated versions of existing deployment tools (DISM, USMT, Windows PE, and more).
+
+Microsoft Deployment Toolkit 2013 Update 1, available for download [here](https://go.microsoft.com/fwlink/p/?LinkId=625079), has also been updated to support Windows 10 and the new ADK; older versions do not support Windows 10. New in this release is task sequence support for Windows 10 in-place upgrades.
+
+For System Center Configuration Manager, Windows 10 support is offered with various releases:
+
+| Release | Windows 10 management? | Windows 10 deployment? |
+|---------------------------------------------|------------------------|------------------------------------------------|
+| System Center Configuration Manager 2007 | Yes, with a hotfix | No |
+| System Center Configuration Manager 2012 | Yes, with SP2 and CU1 | Yes, with SP2, CU1, and the ADK for Windows 10 |
+| System Center Configuration Manager 2012 R2 | Yes, with SP1 and CU1 | Yes, with SP1, CU1, and the ADK for Windows 10 |
+
+
+> [!NOTE]
+> Configuration Manager 2012 supports Windows 10 version 1507 (build 10.0.10240) and 1511 (build 10.0.10586) for the lifecycle of these builds. Future releases of Windows 10 CB/CBB are not supported With Configuration Manager 2012, and will require System Center Configuration Manager current branch for supported management.
+
+
+For more details about System Center Configuration Manager support for Windows 10, see [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](../deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md).
+
+## Management tools
+
+
+In addition to System Center Configuration Manager, Windows 10 also leverages other tools for management. For Windows Server and Active Directory, existing supported versions are fully supported for Windows 10. New Group Policy templates will be needed to configure new settings available in Windows 10; these templates are available in the Windows 10 media images, and are available as a separate download [here](https://go.microsoft.com/fwlink/p/?LinkId=625081). See [Group Policy settings reference](https://go.microsoft.com/fwlink/p/?LinkId=625082) for a list of the new and modified policy settings. If you are using a central policy store, follow the steps outlined [here](https://go.microsoft.com/fwlink/p/?LinkId=625083) to update the ADMX files stored in that central store.
+
+No new Active Directory schema updates or specific functional levels are currently required for core Windows 10 product functionality, although subsequent upgrades could require these to support new features.
+
+Microsoft Desktop Optimization Pack (MDOP) has been updated to support Windows 10. The minimum versions required to support Windows 10 are as follows:
+
+| Product | Required version |
+|----------------------------------------------------------|--------------------------|
+| Advanced Group Policy Management (AGPM) | AGPM 4.0 Service Pack 3 |
+| Application Virtualization (App-V) | App-V 5.1 |
+| Diagnostics and Recovery Toolkit (DaRT) | DaRT 10 |
+| Microsoft BitLocker Administration and Monitoring (MBAM) | MBAM 2.5 SP1 (2.5 is OK) |
+| User Experience Virtualization (UE-V) | UE-V 2.1 SP1 |
+
+
+
+For more information, see the [MDOP TechCenter](https://go.microsoft.com/fwlink/p/?LinkId=625090).
+
+For devices you manage with mobile device management (MDM) solutions such as Microsoft Intune, existing capabilities (provided initially in Windows 8.1) are fully supported in Windows 10; new Windows 10 MDM settings and capabilities will require updates to the MDM services. See [Mobile device management](https://go.microsoft.com/fwlink/p/?LinkId=625084) for more information.
+
+Windows Server Update Services (WSUS) requires some additional configuration to receive updates for Windows 10. Use the Windows Server Update Services admin tool and follow these instructions:
+
+1. Select the **Options** node, and then click **Products and Classifications**.
+
+2. In the **Products** tree, select the **Windows 10** and **Windows 10 LTSB** products and any other Windows 10-related items that you want. Click **OK**.
+
+3. From the **Synchronizations** node, right-click and choose **Synchronize Now**.
+
+
+
+Figure 1. WSUS product list with Windows 10 choices
+
+Because Windows 10 updates are cumulative in nature, each month’s new update will supersede the previous month's. Consider leveraging “express installation” packages to reduce the size of the payload that needs to be sent to each PC each month; see [Express installation files](https://go.microsoft.com/fwlink/p/?LinkId=625086) for more information. (Note that this will increase the amount of disk storage needed by WSUS, and impacts all operating systems being managed with WSUS.)
+
+## Activation
+
+
+Windows 10 volume license editions of Windows 10 will continue to support all existing activation methods (KMS, MAK, and AD-based activation). An update will be required for existing KMS servers:
+
+| Product | Required update |
+|----------------------------------------|---------------------------------------------------------------------------------------------|
+| Windows 10 | None |
+| Windows Server 2012 R2 and Windows 8.1 | [https://support.microsoft.com/kb/3058168](https://go.microsoft.com/fwlink/p/?LinkId=625087) |
+| Windows Server 2012 and Windows 8 | [https://support.microsoft.com/kb/3058168](https://go.microsoft.com/fwlink/p/?LinkId=625087) |
+| Windows Server 2008 R2 and Windows 7 | [https://support.microsoft.com/kb/3079821](https://support.microsoft.com/kb/3079821) |
+
+
+
+Also see: [Windows Server 2016 Volume Activation Tips](https://blogs.technet.microsoft.com/askcore/2016/10/19/windows-server-2016-volume-activation-tips/)
+
+Additionally, new product keys will be needed for all types of volume license activation (KMS, MAK, and AD-based Activation); these keys are available on the Volume Licensing Service Center (VLSC) for customers with rights to the Windows 10 operating system. To find the needed keys:
+
+- Sign into the [Volume Licensing Service Center (VLSC)](https://go.microsoft.com/fwlink/p/?LinkId=625088) at with a Microsoft account that has appropriate rights.
+
+- For KMS keys, click **Licenses** and then select **Relationship Summary**. Click the appropriate active license ID, and then select **Product Keys** near the right side of the page. For KMS running on Windows Server, find the **Windows Srv 2012R2 DataCtr/Std KMS for Windows 10** product key; for KMS running on client operating systems, find the **Windows 10** product key.
+
+- For MAK keys, click **Downloads and Keys**, and then filter the list by using **Windows 10** as a product. Click the **Key** link next to an appropriate list entry (for example, **Windows 10 Enterprise** or **Windows 10 Enterprise LTSB**) to view the available MAK keys. (You can also find keys for KMS running on Windows 10 in this list. These keys will not work on Windows servers running KMS.)
+
+Note that Windows 10 Enterprise and Windows 10 Enterprise LTSB installations use different MAK keys. But you can use the same KMS server or Active Directory-based activation environment for both; the KMS keys obtained from the Volume Licensing Service Center will work with both.
+
+## Related topics
+
+
+[Windows 10 servicing options](../update/waas-servicing-strategy-windows-10-updates.md)
+
[Windows 10 deployment considerations](windows-10-deployment-considerations.md)
+
[Windows 10 compatibility](windows-10-compatibility.md)
+
+
+
+
+
+
+
+
+
diff --git a/windows/deployment/planning/windows-to-go-frequently-asked-questions.md b/windows/deployment/planning/windows-to-go-frequently-asked-questions.md
index c48af35d6e..40c4c03e81 100644
--- a/windows/deployment/planning/windows-to-go-frequently-asked-questions.md
+++ b/windows/deployment/planning/windows-to-go-frequently-asked-questions.md
@@ -1,462 +1,463 @@
----
-title: Windows To Go frequently asked questions (Windows 10)
-description: Windows To Go frequently asked questions
-ms.assetid: bfdfb824-4a19-4401-b369-22c5e6ca9d6e
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-keywords: FAQ, mobile, device, USB
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.pagetype: mobility
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Windows To Go: frequently asked questions
-
-
-**Applies to**
-
-- Windows 10
-
->[!IMPORTANT]
->Windows To Go is no longer being developed. The feature does not support feature updates and therefore does not enable you to stay current. It also requires a specific type of USB that is no longer supported by many OEMs.
-
-The following list identifies some commonly asked questions about Windows To Go.
-
-- [What is Windows To Go?](#wtg-faq-whatis)
-
-- [Does Windows To Go rely on virtualization?](#wtg-faq-virt)
-
-- [Who should use Windows To Go?](#wtg-faq-who)
-
-- [How can Windows To Go be deployed in an organization?](#wtg-faq-deploy)
-
-- [Is Windows To Go supported on both USB 2.0 and USB 3.0 drives?](#wtg-faq-usbvs)
-
-- [Is Windows To Go supported on USB 2.0 and USB 3.0 ports?](#wtg-faq-usbports)
-
-- [How do I identify a USB 3.0 port?](#wtg-faq-usb3port)
-
-- [Does Windows To Go run faster on a USB 3.0 port?](#wtg-faq-usb3speed)
-
-- [Can the user self-provision Windows To Go?](#wtg-faq-selfpro)
-
-- [How can Windows To Go be managed in an organization?](#wtg-faq-mng)
-
-- [How do I make my computer boot from USB?](#wtf-faq-startup)
-
-- [Why isn’t my computer booting from USB?](#wtg-faq-noboot)
-
-- [What happens if I remove my Windows To Go drive while it is running?](#wtg-faq-surprise)
-
-- [Can I use BitLocker to protect my Windows To Go drive?](#wtg-faq-bitlocker)
-
-- [Why can’t I enable BitLocker from Windows To Go Creator?](#wtg-faq-blfail)
-
-- [What power states does Windows To Go support?](#wtg-faq-power)
-
-- [Why is hibernation disabled in Windows To Go?](#wtg-faq-hibernate)
-
-- [Does Windows To Go support crash dump analysis?](#wtg-faq-crashdump)
-
-- [Do “Windows To Go Startup Options” work with dual boot computers?](#wtg-faq-dualboot)
-
-- [I plugged my Windows To Go drive into a running computer and I can’t see the partitions on the drive. Why not?](#wtg-faq-diskpart)
-
-- [I’m booted into Windows To Go, but I can’t browse to the internal hard drive of the host computer. Why not?](#wtg-faq-san4)
-
-- [Why does my Windows To Go drive have an MBR disk format with a FAT32 system partition?](#wtg-faq-fatmbr)
-
-- [Is Windows To Go secure if I use it on an untrusted machine?](#wtg-faq-malhost)
-
-- [Does Windows To Go work with ARM processors?](#wtg-faq-arm)
-
-- [Can I synchronize data from Windows To Go with my other computer?](#wtg-faq-datasync)
-
-- [What size USB Flash Drive do I need to make a Windows To Go drive?](#wtg-faq-usbsz)
-
-- [Do I need to activate Windows To Go every time I roam?](#wtg-faq-roamact)
-
-- [Can I use all Windows features on Windows To Go?](#wtg-faq-features)
-
-- [Can I use all my applications on Windows To Go?](#wtg-faq-approam)
-
-- [Does Windows To Go work slower than standard Windows?](#wtg-faq-slow)
-
-- [If I lose my Windows To Go drive, will my data be safe?](#wtg-faq-safeloss)
-
-- [Can I boot Windows To Go on a Mac?](#wtg-faq-mac)
-
-- [Are there any APIs that allow applications to identify a Windows To Go workspace?](#wtg-faq-api)
-
-- [How is Windows To Go licensed?](#wtg-faq-lic)
-
-- [Does Windows Recovery Environment work with Windows To Go? What’s the guidance for recovering a Windows To Go drive?](#wtg-faq-recovery)
-
-- [Why won’t Windows To Go work on a computer running Windows XP or Windows Vista?](#wtg-faq-oldos)
-
-- [Why does the operating system on the host computer matter?](#wtg-faq-oldos2)
-
-- [My host computer running Windows 7 is protected by BitLocker Drive Encryption. Why did I need to use the recovery key to unlock and reboot my host computer after using Windows To Go?](#wtg-faq-blreckey)
-
-- [I decided to stop using a drive for Windows To Go and reformatted it – why doesn’t it have a drive letter assigned and how can I fix it?](#wtg-faq-reformat)
-
-- [Why do I keep on getting the message “Installing devices…” when I boot Windows To Go?](#bkmk-roamconflict)
-
-- [How do I upgrade the operating system on my Windows To Go drive?](#bkmk-upgradewtg)
-
-## What is Windows To Go?
-
-
-Windows To Go is a feature for users of Windows 10 Enterprise and Windows 10 Education that enables users to boot a full version of Windows from external USB drives on host PCs.
-
-## Does Windows To Go rely on virtualization?
-
-
-No. Windows To Go is a native instance of Windows 10 that runs from a USB device. It is just like a laptop hard drive with Windows 8 that has been put into a USB enclosure.
-
-## Who should use Windows To Go?
-
-
-Windows To Go was designed for enterprise usage and targets scenarios such as continuance of operations, contractors, managed free seating, traveling workers, and work from home.
-
-## How can Windows To Go be deployed in an organization?
-
-
-Windows To Go can be deployed using standard Windows deployment tools like Diskpart and DISM. The prerequisites for deploying Windows To Go are:
-
-- A Windows To Go recommended USB drive to provision; See the list of currently available USB drives at [Hardware considerations for Windows To Go](windows-to-go-overview.md#wtg-hardware)
-
-- A Windows 10 Enterprise or Windows 10 Education image
-
-- A Windows 10 Enterprise, Windows 10 Education or Windows 10 Professional host PC that can be used to provision new USB keys
-
-You can use a Windows PowerShell script to target several drives and scale your deployment for a large number of Windows To Go drives. You can also use a USB duplicator to duplicate a Windows To Go drive after it has been provisioned if you are creating a large number of drives. See the [Windows To Go Step by Step](https://go.microsoft.com/fwlink/p/?LinkId=618950) article on the TechNet wiki for a walkthrough of the drive creation process.
-
-## Is Windows To Go supported on both USB 2.0 and USB 3.0 drives?
-
-
-No. Windows To Go is supported on USB 3.0 drives that are certified for Windows To Go.
-
-## Is Windows To Go supported on USB 2.0 and USB 3.0 ports?
-
-
-Yes. Windows To Go is fully supported on either USB 2.0 ports or USB 3.0 ports on PCs certified for Windows 7 or later.
-
-## How do I identify a USB 3.0 port?
-
-
-USB 3.0 ports are usually marked blue or carry a SS marking on the side.
-
-## Does Windows To Go run faster on a USB 3.0 port?
-
-
-Yes. Because USB 3.0 offers significantly faster speeds than USB 2.0, a Windows To Go drive running on a USB 3.0 port will operate considerably faster. This speed increase applies to both drive provisioning and when the drive is being used as a workspace.
-
-## Can the user self-provision Windows To Go?
-
-
-Yes, if the user has administrator permissions they can self-provision a Windows To Go drive using the Windows To Go Creator wizard which is included in Windows 10 Enterprise, Windows 10 Education and Windows 10 Professional. Additionally, System Center 2012 Configuration Manager SP1 and later releases includes support for user self-provisioning of Windows To Go drives. Configuration Manager can be downloaded for evaluation from the [Microsoft TechNet Evaluation Center](https://go.microsoft.com/fwlink/p/?LinkID=618746).
-
-## How can Windows To Go be managed in an organization?
-
-
-Windows To Go can be deployed and managed like a traditional desktop PC using standard Windows enterprise software distribution tools like System Center Configuration Manager. Computer and user settings for Windows To Go workspaces can be managed using Group Policy setting also in the same manner that you manage Group Policy settings for other PCs in your organization. Windows To Go workspaces can be configured to connect to the organizational resources remotely using DirectAccess or a virtual private network connection so that they can connect securely to your network.
-
-## How do I make my computer boot from USB?
-
-
-For host computers running Windows 10
-
-- Using Cortana, search for **Windows To Go startup options**, and then press Enter.
-- In the **Windows To Go Startup Options** dialog box, select **Yes**, and then click **Save Changes** to configure the computer to boot from USB.
-
-For host computers running Windows 8 or Windows 8.1:
-
-Press **Windows logo key+W** and then search for **Windows To Go startup options** and then press Enter.
-
-In the **Windows To Go Startup Options** dialog box select **Yes** and then click **Save Changes** to configure the computer to boot from USB.
-
-**Note**
-Your IT department can use Group Policy to configure Windows To Go Startup Options in your organization.
-
-
-
-If the host computer is running an earlier version of the Windows operating system need to configure the computer to boot from USB manually.
-
-To do this, early during boot time (usually when you see the manufacturer’s logo), enter your firmware/BIOS setup. (This method to enter firmware/BIOS setup differs with different computer manufacturers, but is usually entered by pressing one of the function keys, such as F12, F2, F1, Esc, and so forth. You should check the manufacturer’s site to be sure if you do not know which key to use to enter firmware setup.)
-
-After you have entered firmware setup, make sure that boot from USB is enabled. Then change the boot order to boot from USB drives first.
-
-Alternatively, if your computer supports it, you can try to use the one-time boot menu (often F12), to select USB boot on a per-boot basis.
-
-For more detailed instructions, see the wiki article, [Tips for configuring your BIOS settings to work with Windows To Go](https://go.microsoft.com/fwlink/p/?LinkID=618951).
-
-**Warning**
-Configuring a computer to boot from USB will cause your computer to attempt to boot from any bootable USB device connected to your computer. This potentially includes malicious devices. Users should be informed of this risk and instructed to not have any bootable USB storage devices plugged in to their computers except for their Windows To Go drive.
-
-
-
-## Why isn’t my computer booting from USB?
-
-
-Computers certified for Windows 7 and later are required to have support for USB boot. Check to see if any of the following items apply to your situation:
-
-1. Ensure that your computer has the latest BIOS installed and the BIOS is configured to boot from a USB device.
-
-2. Ensure that the Windows To Go drive is connected directly to a USB port on the computer. Many computers don’t support booting from a device connected to a USB 3 PCI add-on card or external USB hubs.
-
-3. If the computer is not booting from a USB 3.0 port, try to boot from a USB 2.0 port.
-
-If none of these items enable the computer to boot from USB, contact the hardware manufacturer for additional support.
-
-## What happens if I remove my Windows To Go drive while it is running?
-
-
-If the Windows To Go drive is removed, the computer will freeze and the user will have 60 seconds to reinsert the Windows To Go drive. If the Windows To Go drive is reinserted into the same port it was removed from, Windows will resume at the point where the drive was removed. If the USB drive is not reinserted, or is reinserted into a different port, the host computer will turn off after 60 seconds.
-
-**Warning**
-You should never remove your Windows To Go drive when your workspace is running. The computer freeze is a safety measure to help mitigate the risk of accidental removal. Removing the Windows To Go drive without shutting down the Windows To Go workspace could result in corruption of the Windows To Go drive.
-
-
-
-## Can I use BitLocker to protect my Windows To Go drive?
-
-
-Yes. In Windows 8 and later, BitLocker has added support for using a password to protect operating system drives. This means that you can use a password to secure your Windows To Go workspace and you will be prompted to enter this password every time you use the Windows To Go workspace.
-
-## Why can’t I enable BitLocker from Windows To Go Creator?
-
-
-Several different Group Policies control the use of BitLocker on your organizations computers. These policies are located in the **Computer Configuration\\Policies\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption** folder of the local Group Policy editor. The folder contains three sub-folders for fixed, operating system and removable data drive types.
-
-When you are using Windows To Go Creator, the Windows To Go drive is considered a removable data drive by BitLocker. Review the following setting to see if these settings apply in your situation:
-
-1. **Control use of BitLocker on removable drives**
-
- If this setting is disabled BitLocker cannot be used with removable drives, so the Windows To Go Creator wizard will fail if it attempts to enable BitLocker on the Windows To Go drive.
-
-2. **Configure use of smart cards on removable data drives**
-
- If this setting is enabled and the option **Require use of smart cards on removable data drives** is also selected the creator wizard might fail if you have not already signed on using your smart card credentials before starting the Windows To Go Creator wizard.
-
-3. **Configure use of passwords for removable data drives**
-
- If this setting is enabled and the **Require password complexity option** is selected the computer must be able to connect to the domain controller to verify that the password specified meets the password complexity requirements. If the connection is not available, the Windows To Go Creator wizard will fail to enable BitLocker.
-
-Additionally, the Windows To Go Creator will disable the BitLocker option if the drive does not have any volumes. In this situation, you should initialize the drive and create a volume using the Disk Management console before provisioning the drive with Windows To Go.
-
-## What power states does Windows To Go support?
-
-
-Windows To Go supports all power states except the hibernate class of power states, which include hybrid boot, hybrid sleep, and hibernate. This default behavior can be modified by using Group Policy settings to enable hibernation of the Windows To Go workspace.
-
-## Why is hibernation disabled in Windows To Go?
-
-
-When a Windows To Go workspace is hibernated, it will only successfully resume on the exact same hardware. Therefore, if a Windows To Go workspace is hibernated on one computer and roamed to another, the hibernation state (and therefore user state) will be lost. To prevent this from happening, the default settings for a Windows To Go workspace disable hibernation. If you are confident that you will only attempt to resume on the same computer, you can enable hibernation using the Windows To Go Group Policy setting, **Allow hibernate (S4) when started from a Windows To Go workspace** that is located at **\\\\Computer Configuration\\Administrative Templates\\Windows Components\\Portable Operating System\\** in the Local Group Policy Editor (gpedit.msc).
-
-## Does Windows To Go support crash dump analysis?
-
-
-Yes. Windows 8 and later support crash dump stack analysis for both USB 2.0 and 3.0.
-
-## Do “Windows To Go Startup Options” work with dual boot computers?
-
-
-Yes, if both operating systems are running the Windows 8 operating system. Enabling “Windows To Go Startup Options” should cause the computer to boot from the Windows To Go workspace when the drive is plugged in before the computer is turned on.
-
-If you have configured a dual boot computer with a Windows operating system and another operating system it might work occasionally and fail occasionally. Using this configuration is unsupported.
-
-## I plugged my Windows To Go drive into a running computer and I can’t see the partitions on the drive. Why not?
-
-
-Windows To Go Creator and the recommended deployment steps for Windows To Go set the NO\_DEFAULT\_DRIVE\_LETTER flag on the Windows To Go drive. This flag prevents Windows from automatically assigning drive letters to the partitions on the Windows To Go drive. That’s why you can’t see the partitions on the drive when you plug your Windows To Go drive into a running computer. This helps prevent accidental data leakage between the Windows To Go drive and the host computer. If you really need to access the files on the Windows To Go drive from a running computer, you can use diskmgmt.msc or diskpart to assign a drive letter.
-
-**Warning**
-It is strongly recommended that you do not plug your Windows To Go drive into a running computer. If the computer is compromised, your Windows To Go workspace can also be compromised.
-
-
-
-## I’m booted into Windows To Go, but I can’t browse to the internal hard drive of the host computer. Why not?
-
-
-Windows To Go Creator and the recommended deployment steps for Windows To Go set SAN Policy 4 on Windows To Go drive. This policy prevents Windows from automatically mounting internal disk drives. That’s why you can’t see the internal hard drives of the host computer when you are booted into Windows To Go. This is done to prevent accidental data leakage between Windows To Go and the host system. This policy also prevents potential corruption on the host drives or data loss if the host operating system is in a hibernation state. If you really need to access the files on the internal hard drive, you can use diskmgmt.msc to mount the internal drive.
-
-**Warning**
-It is strongly recommended that you do not mount internal hard drives when booted into the Windows To Go workspace. If the internal drive contains a hibernated Windows 8 or later operating system, mounting the drive will lead to loss of hibernation state and therefor user state or any unsaved user data when the host operating system is booted. If the internal drive contains a hibernated Windows 7 or earlier operating system, mounting the drive will lead to corruption when the host operating system is booted.
-
-
-
-## Why does my Windows To Go drive have an MBR disk format with a FAT32 system partition?
-
-
-This is done to allow Windows To Go to boot from UEFI and legacy systems.
-
-## Is Windows To Go secure if I use it on an untrusted computer?
-
-
-While you are more secure than if you use a completely untrusted operating system, you are still vulnerable to attacks from the firmware or anything that runs before Windows To Go starts. If you plug your Windows To Go drive into a running untrusted computer, your Windows To Go drive can be compromised because any malicious software that might be active on the computer can access the drive.
-
-## Does Windows To Go work with ARM processors?
-
-
-No. Windows RT is a specialized version of Windows designed for ARM processors. Windows To Go is currently only supported on PCs with x86 or x64-based processors.
-
-## Can I synchronize data from Windows To Go with my other computer?
-
-
-To get your data across all your computers, we recommend using folder redirection and client side caching to store copies of your data on a server while giving you offline access to the files you need.
-
-## What size USB flash drive do I need to make a Windows To Go drive?
-
-
-The size constraints are the same as full Windows. To ensure that you have enough space for Windows, your data, and your applications, we recommend USB drives that are a minimum of 20 GB in size.
-
-## Do I need to activate Windows To Go every time I roam?
-
-
-No, Windows To Go requires volume activation; either using the [Key Management Service](https://go.microsoft.com/fwlink/p/?LinkId=619051) (KMS) server in your organization or using [Active Directory](https://go.microsoft.com/fwlink/p/?LinkId=619053) based volume activation. The Windows To Go workspace will not need to be reactivated every time you roam. KMS activates Windows on a local network, eliminating the need for individual computers to connect to Microsoft. To remain activated, KMS client computers must renew their activation by connecting to the KMS host on periodic basis. This typically occurs as soon as the user has access to the corporate network (either through a direct connection on-premises or a through remote connection using DirectAccess or a virtual private network connection), once activated the machine will not need to be activated again until the activation validity interval has passed. In a KMS configuration the activation validity interval is 180 days.
-
-## Can I use all Windows features on Windows To Go?
-
-
-Yes, with some minor exceptions, you can use all Windows features with your Windows To Go workspace. The only currently unsupported features are using the Windows Recovery Environment and PC Reset & Refresh.
-
-## Can I use all my applications on Windows To Go?
-
-
-Yes. Because your Windows To Go workspace is a full Windows 10 environment, all applications that work with Windows 10 should work in your Windows To Go workspace. However, any applications that use hardware binding (usually for licensing and/or digital rights management reasons) may not run when you roam your Windows To Go drive between different host computers, and you may have to use those applications on the same host computer every time.
-
-## Does Windows To Go work slower than standard Windows?
-
-
-If you are using a USB 3.0 port and a Windows To Go certified device, there should be no perceivable difference between standard Windows and Windows To Go. However, if you are booting from a USB 2.0 port, you may notice some slowdown since USB 2.0 transfer speeds are slower than SATA speeds.
-
-## If I lose my Windows To Go drive, will my data be safe?
-
-
-Yes! If you enable BitLocker on your Windows To Go drive, all your data will be encrypted and protected and a malicious user will not be able to access your data without your password. If you don’t enable BitLocker, your data will be vulnerable if you lose your Windows To Go drive.
-
-## Can I boot Windows To Go on a Mac?
-
-
-We are committed to give customers a consistent and quality Windows 10 experience with Windows To Go. Windows To Go supports host devices certified for use with Windows 7 or later. Because Mac computers are not certified for use with Windows 7 or later, using Windows To Go is not supported on a Mac.
-
-## Are there any APIs that allow applications to identify a Windows To Go workspace?
-
-
-Yes. You can use a combination of identifiers to determine if the currently running operating system is a Windows To Go workspace. First, check if the **PortableOperatingSystem** property is true. When that value is true it means that the operating system was booted from an external USB device.
-
-Next, check if the **OperatingSystemSKU** property is equal to **4** (for Windows 10 Enterprise) or **121** (for Windows 10 Education). The combination of those two properties represents a Windows To Go workspace environment.
-
-For more information, see the MSDN article on the [Win32\_OperatingSystem class](https://go.microsoft.com/fwlink/p/?LinkId=619059).
-
-## How is Windows To Go licensed?
-
-
-Windows To Go allows organization to support the use of privately owned PCs at the home or office with more secure access to their organizational resources. With Windows To Go use rights under [Software Assurance](https://go.microsoft.com/fwlink/p/?LinkId=619062), an employee will be able to use Windows To Go on any company PC licensed with Software Assurance as well as from their home PC.
-
-## Does Windows Recovery Environment work with Windows To Go? What’s the guidance for recovering a Windows To Go drive?
-
-
-No, use of Windows Recovery Environment is not supported on Windows To Go. It is recommended that you implement user state virtualization technologies like Folder Redirection to centralize and back up user data in the data center. If any corruption occurs on a Windows To Go drive, you should re-provision the workspace.
-
-## Why won’t Windows To Go work on a computer running Windows XP or Windows Vista?
-
-
-Actually it might. If you have purchased a computer certified for Windows 7 or later and then installed an older operating system, Windows To Go will boot and run as expected as long as you have configured the firmware to boot from USB. However, if the computer was certified for Windows XP or Windows Vista, it might not meet the hardware requirements for Windows To Go to run. Typically computers certified for Windows Vista and earlier operating systems have less memory, less processing power, reduced video rendering, and slower USB ports.
-
-## Why does the operating system on the host computer matter?
-
-
-It doesn’t other than to help visually identify if the PC has compatible hardware. For a PC to be certified for Windows 7 or later it had to support booting from USB. If a computer cannot boot from USB there is no way that it can be used with Windows To Go. The Windows To Go workspace is a full Windows 10 environment, so all of the hardware requirements of Windows 10 with respect to processing speed, memory usage, and graphics rendering need to be supported to be assured that it will work as expected.
-
-## My host computer running Windows 7 is protected by BitLocker Drive Encryption. Why did I need to use the recovery key to unlock and reboot my host computer after using Windows To Go?
-
-
-The default BitLocker protection profile in Windows 7 monitors the host computer for changes to the boot order as part of protecting the computer from tampering. When you change the boot order of the host computer to enable it to boot from the Windows To Go drive, the BitLocker system measurements will reflect that change and boot into recovery mode so that the computer can be inspected if necessary.
-
-You can reset the BitLocker system measurements to incorporate the new boot order using the following steps:
-
-1. Log on to the host computer using an account with administrator privileges.
-
-2. Click **Start**, click **Control Panel**, click **System and Security**, and then click **BitLocker Drive Encryption**.
-
-3. Click **Suspend Protection** for the operating system drive.
-
- A message is displayed, informing you that your data will not be protected while BitLocker is suspended and asking if you want to suspend BitLocker Drive Encryption. Click **Yes** to continue and suspend BitLocker on the drive.
-
-4. Restart the computer and enter the firmware settings to reset the boot order to boot from USB first. For more information on changing the boot order in the BIOS, see [Tips for configuring your BIOS settings to work with Windows To Go](https://go.microsoft.com/fwlink/p/?LinkId=618951) on the TechNet wiki.
-
-5. Restart the computer again and then log on to the host computer using an account with administrator privileges. (Neither your Windows To Go drive nor any other USB drive should be inserted.)
-
-6. Click **Start**, click **Control Panel**, click **System and Security**, and then click **BitLocker Drive Encryption**.
-
-7. Click **Resume Protection** to re-enable BitLocker protection.
-
-The host computer will now be able to be booted from a USB drive without triggering recovery mode.
-
-**Note**
-The default BitLocker protection profile in Windows 8 or later does not monitor the boot order.
-
-
-
-## I decided to stop using a drive for Windows To Go and reformatted it – why doesn’t it have a drive letter assigned and how can I fix it?
-
-
-Reformatting the drive erases the data on the drive, but doesn’t reconfigure the volume attributes. When a drive is provisioned for use as a Windows To Go drive the NODEFAULTDRIVELETTER attribute is set on the volume. To remove this attribute, use the following steps:
-
-1. Open a command prompt with full administrator permissions.
-
- **Note**
- If your user account is a member of the Administrators group, but is not the Administrator account itself, then, by default, the programs that you run only have standard user permissions unless you explicitly choose to elevate them.
-
-
-
-2. Start the [diskpart](https://go.microsoft.com/fwlink/p/?LinkId=619070) command interpreter, by typing `diskpart` at the command prompt.
-
-3. Use the `select disk` command to identify the drive. If you do not know the drive number, use the `list` command to display the list of disks available.
-
-4. After selecting the disk, run the `clean` command to remove all data, formatting, and initialization information from the drive.
-
-## Why do I keep on getting the message “Installing devices…” when I boot Windows To Go?
-
-
-One of the challenges involved in moving the Windows To Go drive between PCs while seamlessly booting Windows with access to all of their applications and data is that for Windows to be fully functional, specific drivers need to be installed for the hardware in each machine that runs Windows. Windows 8 or later has a process called respecialize which will identify new drivers that need to be loaded for the new PC and disable drivers which are not present on the new configuration. In general this feature is reliable and efficient when roaming between PCs of widely varying hardware configurations.
-
-In certain cases, third party drivers for different hardware models or versions can reuse device ID’s, driver file names, registry keys (or any other operating system constructs which do not support side-by-side storage) for similar hardware. For example, Touchpad drivers on different laptops often reuse the same device ID’s, and video cards from the same manufacturer may often reuse service names. Windows handles these situations by marking the non-present device node with a flag that indicates the existing driver needs to be reinstalled before continuing to install the new driver.
-
-This process will occur on any boot that a new driver is found and a driver conflict is detected. In some cases that will result in a respecialize progress message “Installing devices…” displaying every time that a Windows to Go drive is roamed between two PCs which require conflicting drivers.
-
-## How do I upgrade the operating system on my Windows To Go drive?
-
-
-There is no support in Windows for upgrading a Windows To Go drive. Deployed Windows To Go drives with older versions of Windows will need to be re-imaged with a new version of Windows in order to transition to the new operating system version.
-
-## Additional resources
-
-
-- [Windows 10 forums](https://go.microsoft.com/fwlink/p/?LinkId=618949)
-
-- [Windows To Go Step by Step Wiki](https://go.microsoft.com/fwlink/p/?LinkId=618950)
-
-- [Windows To Go: feature overview](windows-to-go-overview.md)
-
-- [Prepare your organization for Windows To Go](prepare-your-organization-for-windows-to-go.md)
-
-- [Deployment considerations for Windows To Go](deployment-considerations-for-windows-to-go.md)
-
-- [Security and data protection considerations for Windows To Go](security-and-data-protection-considerations-for-windows-to-go.md)
-
-
-
-
-
-
-
-
-
+---
+title: Windows To Go frequently asked questions (Windows 10)
+description: Windows To Go frequently asked questions
+ms.assetid: bfdfb824-4a19-4401-b369-22c5e6ca9d6e
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+keywords: FAQ, mobile, device, USB
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.pagetype: mobility
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Windows To Go: frequently asked questions
+
+
+**Applies to**
+
+- Windows 10
+
+>[!IMPORTANT]
+>Windows To Go is no longer being developed. The feature does not support feature updates and therefore does not enable you to stay current. It also requires a specific type of USB that is no longer supported by many OEMs.
+
+The following list identifies some commonly asked questions about Windows To Go.
+
+- [What is Windows To Go?](#wtg-faq-whatis)
+
+- [Does Windows To Go rely on virtualization?](#wtg-faq-virt)
+
+- [Who should use Windows To Go?](#wtg-faq-who)
+
+- [How can Windows To Go be deployed in an organization?](#wtg-faq-deploy)
+
+- [Is Windows To Go supported on both USB 2.0 and USB 3.0 drives?](#wtg-faq-usbvs)
+
+- [Is Windows To Go supported on USB 2.0 and USB 3.0 ports?](#wtg-faq-usbports)
+
+- [How do I identify a USB 3.0 port?](#wtg-faq-usb3port)
+
+- [Does Windows To Go run faster on a USB 3.0 port?](#wtg-faq-usb3speed)
+
+- [Can the user self-provision Windows To Go?](#wtg-faq-selfpro)
+
+- [How can Windows To Go be managed in an organization?](#wtg-faq-mng)
+
+- [How do I make my computer boot from USB?](#wtf-faq-startup)
+
+- [Why isn’t my computer booting from USB?](#wtg-faq-noboot)
+
+- [What happens if I remove my Windows To Go drive while it is running?](#wtg-faq-surprise)
+
+- [Can I use BitLocker to protect my Windows To Go drive?](#wtg-faq-bitlocker)
+
+- [Why can’t I enable BitLocker from Windows To Go Creator?](#wtg-faq-blfail)
+
+- [What power states does Windows To Go support?](#wtg-faq-power)
+
+- [Why is hibernation disabled in Windows To Go?](#wtg-faq-hibernate)
+
+- [Does Windows To Go support crash dump analysis?](#wtg-faq-crashdump)
+
+- [Do “Windows To Go Startup Options” work with dual boot computers?](#wtg-faq-dualboot)
+
+- [I plugged my Windows To Go drive into a running computer and I can’t see the partitions on the drive. Why not?](#wtg-faq-diskpart)
+
+- [I’m booted into Windows To Go, but I can’t browse to the internal hard drive of the host computer. Why not?](#wtg-faq-san4)
+
+- [Why does my Windows To Go drive have an MBR disk format with a FAT32 system partition?](#wtg-faq-fatmbr)
+
+- [Is Windows To Go secure if I use it on an untrusted machine?](#wtg-faq-malhost)
+
+- [Does Windows To Go work with ARM processors?](#wtg-faq-arm)
+
+- [Can I synchronize data from Windows To Go with my other computer?](#wtg-faq-datasync)
+
+- [What size USB Flash Drive do I need to make a Windows To Go drive?](#wtg-faq-usbsz)
+
+- [Do I need to activate Windows To Go every time I roam?](#wtg-faq-roamact)
+
+- [Can I use all Windows features on Windows To Go?](#wtg-faq-features)
+
+- [Can I use all my applications on Windows To Go?](#wtg-faq-approam)
+
+- [Does Windows To Go work slower than standard Windows?](#wtg-faq-slow)
+
+- [If I lose my Windows To Go drive, will my data be safe?](#wtg-faq-safeloss)
+
+- [Can I boot Windows To Go on a Mac?](#wtg-faq-mac)
+
+- [Are there any APIs that allow applications to identify a Windows To Go workspace?](#wtg-faq-api)
+
+- [How is Windows To Go licensed?](#wtg-faq-lic)
+
+- [Does Windows Recovery Environment work with Windows To Go? What’s the guidance for recovering a Windows To Go drive?](#wtg-faq-recovery)
+
+- [Why won’t Windows To Go work on a computer running Windows XP or Windows Vista?](#wtg-faq-oldos)
+
+- [Why does the operating system on the host computer matter?](#wtg-faq-oldos2)
+
+- [My host computer running Windows 7 is protected by BitLocker Drive Encryption. Why did I need to use the recovery key to unlock and reboot my host computer after using Windows To Go?](#wtg-faq-blreckey)
+
+- [I decided to stop using a drive for Windows To Go and reformatted it – why doesn’t it have a drive letter assigned and how can I fix it?](#wtg-faq-reformat)
+
+- [Why do I keep on getting the message “Installing devices…” when I boot Windows To Go?](#bkmk-roamconflict)
+
+- [How do I upgrade the operating system on my Windows To Go drive?](#bkmk-upgradewtg)
+
+## What is Windows To Go?
+
+
+Windows To Go is a feature for users of Windows 10 Enterprise and Windows 10 Education that enables users to boot a full version of Windows from external USB drives on host PCs.
+
+## Does Windows To Go rely on virtualization?
+
+
+No. Windows To Go is a native instance of Windows 10 that runs from a USB device. It is just like a laptop hard drive with Windows 8 that has been put into a USB enclosure.
+
+## Who should use Windows To Go?
+
+
+Windows To Go was designed for enterprise usage and targets scenarios such as continuance of operations, contractors, managed free seating, traveling workers, and work from home.
+
+## How can Windows To Go be deployed in an organization?
+
+
+Windows To Go can be deployed using standard Windows deployment tools like Diskpart and DISM. The prerequisites for deploying Windows To Go are:
+
+- A Windows To Go recommended USB drive to provision; See the list of currently available USB drives at [Hardware considerations for Windows To Go](windows-to-go-overview.md#wtg-hardware)
+
+- A Windows 10 Enterprise or Windows 10 Education image
+
+- A Windows 10 Enterprise, Windows 10 Education or Windows 10 Professional host PC that can be used to provision new USB keys
+
+You can use a Windows PowerShell script to target several drives and scale your deployment for a large number of Windows To Go drives. You can also use a USB duplicator to duplicate a Windows To Go drive after it has been provisioned if you are creating a large number of drives. See the [Windows To Go Step by Step](https://go.microsoft.com/fwlink/p/?LinkId=618950) article on the TechNet wiki for a walkthrough of the drive creation process.
+
+## Is Windows To Go supported on both USB 2.0 and USB 3.0 drives?
+
+
+No. Windows To Go is supported on USB 3.0 drives that are certified for Windows To Go.
+
+## Is Windows To Go supported on USB 2.0 and USB 3.0 ports?
+
+
+Yes. Windows To Go is fully supported on either USB 2.0 ports or USB 3.0 ports on PCs certified for Windows 7 or later.
+
+## How do I identify a USB 3.0 port?
+
+
+USB 3.0 ports are usually marked blue or carry a SS marking on the side.
+
+## Does Windows To Go run faster on a USB 3.0 port?
+
+
+Yes. Because USB 3.0 offers significantly faster speeds than USB 2.0, a Windows To Go drive running on a USB 3.0 port will operate considerably faster. This speed increase applies to both drive provisioning and when the drive is being used as a workspace.
+
+## Can the user self-provision Windows To Go?
+
+
+Yes, if the user has administrator permissions they can self-provision a Windows To Go drive using the Windows To Go Creator wizard which is included in Windows 10 Enterprise, Windows 10 Education and Windows 10 Professional. Additionally, System Center 2012 Configuration Manager SP1 and later releases includes support for user self-provisioning of Windows To Go drives. Configuration Manager can be downloaded for evaluation from the [Microsoft TechNet Evaluation Center](https://go.microsoft.com/fwlink/p/?LinkID=618746).
+
+## How can Windows To Go be managed in an organization?
+
+
+Windows To Go can be deployed and managed like a traditional desktop PC using standard Windows enterprise software distribution tools like System Center Configuration Manager. Computer and user settings for Windows To Go workspaces can be managed using Group Policy setting also in the same manner that you manage Group Policy settings for other PCs in your organization. Windows To Go workspaces can be configured to connect to the organizational resources remotely using DirectAccess or a virtual private network connection so that they can connect securely to your network.
+
+## How do I make my computer boot from USB?
+
+
+For host computers running Windows 10
+
+- Using Cortana, search for **Windows To Go startup options**, and then press Enter.
+- In the **Windows To Go Startup Options** dialog box, select **Yes**, and then click **Save Changes** to configure the computer to boot from USB.
+
+For host computers running Windows 8 or Windows 8.1:
+
+Press **Windows logo key+W** and then search for **Windows To Go startup options** and then press Enter.
+
+In the **Windows To Go Startup Options** dialog box select **Yes** and then click **Save Changes** to configure the computer to boot from USB.
+
+> [!NOTE]
+> Your IT department can use Group Policy to configure Windows To Go Startup Options in your organization.
+
+
+
+If the host computer is running an earlier version of the Windows operating system need to configure the computer to boot from USB manually.
+
+To do this, early during boot time (usually when you see the manufacturer’s logo), enter your firmware/BIOS setup. (This method to enter firmware/BIOS setup differs with different computer manufacturers, but is usually entered by pressing one of the function keys, such as F12, F2, F1, Esc, and so forth. You should check the manufacturer’s site to be sure if you do not know which key to use to enter firmware setup.)
+
+After you have entered firmware setup, make sure that boot from USB is enabled. Then change the boot order to boot from USB drives first.
+
+Alternatively, if your computer supports it, you can try to use the one-time boot menu (often F12), to select USB boot on a per-boot basis.
+
+For more detailed instructions, see the wiki article, [Tips for configuring your BIOS settings to work with Windows To Go](https://go.microsoft.com/fwlink/p/?LinkID=618951).
+
+**Warning**
+Configuring a computer to boot from USB will cause your computer to attempt to boot from any bootable USB device connected to your computer. This potentially includes malicious devices. Users should be informed of this risk and instructed to not have any bootable USB storage devices plugged in to their computers except for their Windows To Go drive.
+
+
+
+## Why isn’t my computer booting from USB?
+
+
+Computers certified for Windows 7 and later are required to have support for USB boot. Check to see if any of the following items apply to your situation:
+
+1. Ensure that your computer has the latest BIOS installed and the BIOS is configured to boot from a USB device.
+
+2. Ensure that the Windows To Go drive is connected directly to a USB port on the computer. Many computers don’t support booting from a device connected to a USB 3 PCI add-on card or external USB hubs.
+
+3. If the computer is not booting from a USB 3.0 port, try to boot from a USB 2.0 port.
+
+If none of these items enable the computer to boot from USB, contact the hardware manufacturer for additional support.
+
+## What happens if I remove my Windows To Go drive while it is running?
+
+
+If the Windows To Go drive is removed, the computer will freeze and the user will have 60 seconds to reinsert the Windows To Go drive. If the Windows To Go drive is reinserted into the same port it was removed from, Windows will resume at the point where the drive was removed. If the USB drive is not reinserted, or is reinserted into a different port, the host computer will turn off after 60 seconds.
+
+**Warning**
+You should never remove your Windows To Go drive when your workspace is running. The computer freeze is a safety measure to help mitigate the risk of accidental removal. Removing the Windows To Go drive without shutting down the Windows To Go workspace could result in corruption of the Windows To Go drive.
+
+
+
+## Can I use BitLocker to protect my Windows To Go drive?
+
+
+Yes. In Windows 8 and later, BitLocker has added support for using a password to protect operating system drives. This means that you can use a password to secure your Windows To Go workspace and you will be prompted to enter this password every time you use the Windows To Go workspace.
+
+## Why can’t I enable BitLocker from Windows To Go Creator?
+
+
+Several different Group Policies control the use of BitLocker on your organizations computers. These policies are located in the **Computer Configuration\\Policies\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption** folder of the local Group Policy editor. The folder contains three sub-folders for fixed, operating system and removable data drive types.
+
+When you are using Windows To Go Creator, the Windows To Go drive is considered a removable data drive by BitLocker. Review the following setting to see if these settings apply in your situation:
+
+1. **Control use of BitLocker on removable drives**
+
+ If this setting is disabled BitLocker cannot be used with removable drives, so the Windows To Go Creator wizard will fail if it attempts to enable BitLocker on the Windows To Go drive.
+
+2. **Configure use of smart cards on removable data drives**
+
+ If this setting is enabled and the option **Require use of smart cards on removable data drives** is also selected the creator wizard might fail if you have not already signed on using your smart card credentials before starting the Windows To Go Creator wizard.
+
+3. **Configure use of passwords for removable data drives**
+
+ If this setting is enabled and the **Require password complexity option** is selected the computer must be able to connect to the domain controller to verify that the password specified meets the password complexity requirements. If the connection is not available, the Windows To Go Creator wizard will fail to enable BitLocker.
+
+Additionally, the Windows To Go Creator will disable the BitLocker option if the drive does not have any volumes. In this situation, you should initialize the drive and create a volume using the Disk Management console before provisioning the drive with Windows To Go.
+
+## What power states does Windows To Go support?
+
+
+Windows To Go supports all power states except the hibernate class of power states, which include hybrid boot, hybrid sleep, and hibernate. This default behavior can be modified by using Group Policy settings to enable hibernation of the Windows To Go workspace.
+
+## Why is hibernation disabled in Windows To Go?
+
+
+When a Windows To Go workspace is hibernated, it will only successfully resume on the exact same hardware. Therefore, if a Windows To Go workspace is hibernated on one computer and roamed to another, the hibernation state (and therefore user state) will be lost. To prevent this from happening, the default settings for a Windows To Go workspace disable hibernation. If you are confident that you will only attempt to resume on the same computer, you can enable hibernation using the Windows To Go Group Policy setting, **Allow hibernate (S4) when started from a Windows To Go workspace** that is located at **\\\\Computer Configuration\\Administrative Templates\\Windows Components\\Portable Operating System\\** in the Local Group Policy Editor (gpedit.msc).
+
+## Does Windows To Go support crash dump analysis?
+
+
+Yes. Windows 8 and later support crash dump stack analysis for both USB 2.0 and 3.0.
+
+## Do “Windows To Go Startup Options” work with dual boot computers?
+
+
+Yes, if both operating systems are running the Windows 8 operating system. Enabling “Windows To Go Startup Options” should cause the computer to boot from the Windows To Go workspace when the drive is plugged in before the computer is turned on.
+
+If you have configured a dual boot computer with a Windows operating system and another operating system it might work occasionally and fail occasionally. Using this configuration is unsupported.
+
+## I plugged my Windows To Go drive into a running computer and I can’t see the partitions on the drive. Why not?
+
+
+Windows To Go Creator and the recommended deployment steps for Windows To Go set the NO\_DEFAULT\_DRIVE\_LETTER flag on the Windows To Go drive. This flag prevents Windows from automatically assigning drive letters to the partitions on the Windows To Go drive. That’s why you can’t see the partitions on the drive when you plug your Windows To Go drive into a running computer. This helps prevent accidental data leakage between the Windows To Go drive and the host computer. If you really need to access the files on the Windows To Go drive from a running computer, you can use diskmgmt.msc or diskpart to assign a drive letter.
+
+**Warning**
+It is strongly recommended that you do not plug your Windows To Go drive into a running computer. If the computer is compromised, your Windows To Go workspace can also be compromised.
+
+
+
+## I’m booted into Windows To Go, but I can’t browse to the internal hard drive of the host computer. Why not?
+
+
+Windows To Go Creator and the recommended deployment steps for Windows To Go set SAN Policy 4 on Windows To Go drive. This policy prevents Windows from automatically mounting internal disk drives. That’s why you can’t see the internal hard drives of the host computer when you are booted into Windows To Go. This is done to prevent accidental data leakage between Windows To Go and the host system. This policy also prevents potential corruption on the host drives or data loss if the host operating system is in a hibernation state. If you really need to access the files on the internal hard drive, you can use diskmgmt.msc to mount the internal drive.
+
+**Warning**
+It is strongly recommended that you do not mount internal hard drives when booted into the Windows To Go workspace. If the internal drive contains a hibernated Windows 8 or later operating system, mounting the drive will lead to loss of hibernation state and therefor user state or any unsaved user data when the host operating system is booted. If the internal drive contains a hibernated Windows 7 or earlier operating system, mounting the drive will lead to corruption when the host operating system is booted.
+
+
+
+## Why does my Windows To Go drive have an MBR disk format with a FAT32 system partition?
+
+
+This is done to allow Windows To Go to boot from UEFI and legacy systems.
+
+## Is Windows To Go secure if I use it on an untrusted computer?
+
+
+While you are more secure than if you use a completely untrusted operating system, you are still vulnerable to attacks from the firmware or anything that runs before Windows To Go starts. If you plug your Windows To Go drive into a running untrusted computer, your Windows To Go drive can be compromised because any malicious software that might be active on the computer can access the drive.
+
+## Does Windows To Go work with ARM processors?
+
+
+No. Windows RT is a specialized version of Windows designed for ARM processors. Windows To Go is currently only supported on PCs with x86 or x64-based processors.
+
+## Can I synchronize data from Windows To Go with my other computer?
+
+
+To get your data across all your computers, we recommend using folder redirection and client side caching to store copies of your data on a server while giving you offline access to the files you need.
+
+## What size USB flash drive do I need to make a Windows To Go drive?
+
+
+The size constraints are the same as full Windows. To ensure that you have enough space for Windows, your data, and your applications, we recommend USB drives that are a minimum of 20 GB in size.
+
+## Do I need to activate Windows To Go every time I roam?
+
+
+No, Windows To Go requires volume activation; either using the [Key Management Service](https://go.microsoft.com/fwlink/p/?LinkId=619051) (KMS) server in your organization or using [Active Directory](https://go.microsoft.com/fwlink/p/?LinkId=619053) based volume activation. The Windows To Go workspace will not need to be reactivated every time you roam. KMS activates Windows on a local network, eliminating the need for individual computers to connect to Microsoft. To remain activated, KMS client computers must renew their activation by connecting to the KMS host on periodic basis. This typically occurs as soon as the user has access to the corporate network (either through a direct connection on-premises or a through remote connection using DirectAccess or a virtual private network connection), once activated the machine will not need to be activated again until the activation validity interval has passed. In a KMS configuration the activation validity interval is 180 days.
+
+## Can I use all Windows features on Windows To Go?
+
+
+Yes, with some minor exceptions, you can use all Windows features with your Windows To Go workspace. The only currently unsupported features are using the Windows Recovery Environment and PC Reset & Refresh.
+
+## Can I use all my applications on Windows To Go?
+
+
+Yes. Because your Windows To Go workspace is a full Windows 10 environment, all applications that work with Windows 10 should work in your Windows To Go workspace. However, any applications that use hardware binding (usually for licensing and/or digital rights management reasons) may not run when you roam your Windows To Go drive between different host computers, and you may have to use those applications on the same host computer every time.
+
+## Does Windows To Go work slower than standard Windows?
+
+
+If you are using a USB 3.0 port and a Windows To Go certified device, there should be no perceivable difference between standard Windows and Windows To Go. However, if you are booting from a USB 2.0 port, you may notice some slowdown since USB 2.0 transfer speeds are slower than SATA speeds.
+
+## If I lose my Windows To Go drive, will my data be safe?
+
+
+Yes! If you enable BitLocker on your Windows To Go drive, all your data will be encrypted and protected and a malicious user will not be able to access your data without your password. If you don’t enable BitLocker, your data will be vulnerable if you lose your Windows To Go drive.
+
+## Can I boot Windows To Go on a Mac?
+
+
+We are committed to give customers a consistent and quality Windows 10 experience with Windows To Go. Windows To Go supports host devices certified for use with Windows 7 or later. Because Mac computers are not certified for use with Windows 7 or later, using Windows To Go is not supported on a Mac.
+
+## Are there any APIs that allow applications to identify a Windows To Go workspace?
+
+
+Yes. You can use a combination of identifiers to determine if the currently running operating system is a Windows To Go workspace. First, check if the **PortableOperatingSystem** property is true. When that value is true it means that the operating system was booted from an external USB device.
+
+Next, check if the **OperatingSystemSKU** property is equal to **4** (for Windows 10 Enterprise) or **121** (for Windows 10 Education). The combination of those two properties represents a Windows To Go workspace environment.
+
+For more information, see the MSDN article on the [Win32\_OperatingSystem class](https://go.microsoft.com/fwlink/p/?LinkId=619059).
+
+## How is Windows To Go licensed?
+
+
+Windows To Go allows organization to support the use of privately owned PCs at the home or office with more secure access to their organizational resources. With Windows To Go use rights under [Software Assurance](https://go.microsoft.com/fwlink/p/?LinkId=619062), an employee will be able to use Windows To Go on any company PC licensed with Software Assurance as well as from their home PC.
+
+## Does Windows Recovery Environment work with Windows To Go? What’s the guidance for recovering a Windows To Go drive?
+
+
+No, use of Windows Recovery Environment is not supported on Windows To Go. It is recommended that you implement user state virtualization technologies like Folder Redirection to centralize and back up user data in the data center. If any corruption occurs on a Windows To Go drive, you should re-provision the workspace.
+
+## Why won’t Windows To Go work on a computer running Windows XP or Windows Vista?
+
+
+Actually it might. If you have purchased a computer certified for Windows 7 or later and then installed an older operating system, Windows To Go will boot and run as expected as long as you have configured the firmware to boot from USB. However, if the computer was certified for Windows XP or Windows Vista, it might not meet the hardware requirements for Windows To Go to run. Typically computers certified for Windows Vista and earlier operating systems have less memory, less processing power, reduced video rendering, and slower USB ports.
+
+## Why does the operating system on the host computer matter?
+
+
+It doesn’t other than to help visually identify if the PC has compatible hardware. For a PC to be certified for Windows 7 or later it had to support booting from USB. If a computer cannot boot from USB there is no way that it can be used with Windows To Go. The Windows To Go workspace is a full Windows 10 environment, so all of the hardware requirements of Windows 10 with respect to processing speed, memory usage, and graphics rendering need to be supported to be assured that it will work as expected.
+
+## My host computer running Windows 7 is protected by BitLocker Drive Encryption. Why did I need to use the recovery key to unlock and reboot my host computer after using Windows To Go?
+
+
+The default BitLocker protection profile in Windows 7 monitors the host computer for changes to the boot order as part of protecting the computer from tampering. When you change the boot order of the host computer to enable it to boot from the Windows To Go drive, the BitLocker system measurements will reflect that change and boot into recovery mode so that the computer can be inspected if necessary.
+
+You can reset the BitLocker system measurements to incorporate the new boot order using the following steps:
+
+1. Log on to the host computer using an account with administrator privileges.
+
+2. Click **Start**, click **Control Panel**, click **System and Security**, and then click **BitLocker Drive Encryption**.
+
+3. Click **Suspend Protection** for the operating system drive.
+
+ A message is displayed, informing you that your data will not be protected while BitLocker is suspended and asking if you want to suspend BitLocker Drive Encryption. Click **Yes** to continue and suspend BitLocker on the drive.
+
+4. Restart the computer and enter the firmware settings to reset the boot order to boot from USB first. For more information on changing the boot order in the BIOS, see [Tips for configuring your BIOS settings to work with Windows To Go](https://go.microsoft.com/fwlink/p/?LinkId=618951) on the TechNet wiki.
+
+5. Restart the computer again and then log on to the host computer using an account with administrator privileges. (Neither your Windows To Go drive nor any other USB drive should be inserted.)
+
+6. Click **Start**, click **Control Panel**, click **System and Security**, and then click **BitLocker Drive Encryption**.
+
+7. Click **Resume Protection** to re-enable BitLocker protection.
+
+The host computer will now be able to be booted from a USB drive without triggering recovery mode.
+
+> [!NOTE]
+> The default BitLocker protection profile in Windows 8 or later does not monitor the boot order.
+
+
+
+## I decided to stop using a drive for Windows To Go and reformatted it – why doesn’t it have a drive letter assigned and how can I fix it?
+
+
+Reformatting the drive erases the data on the drive, but doesn’t reconfigure the volume attributes. When a drive is provisioned for use as a Windows To Go drive the NODEFAULTDRIVELETTER attribute is set on the volume. To remove this attribute, use the following steps:
+
+1. Open a command prompt with full administrator permissions.
+
+ > [!NOTE]
+ > If your user account is a member of the Administrators group, but is not the Administrator account itself, then, by default, the programs that you run only have standard user permissions unless you explicitly choose to elevate them.
+
+
+
+2. Start the [diskpart](https://go.microsoft.com/fwlink/p/?LinkId=619070) command interpreter, by typing `diskpart` at the command prompt.
+
+3. Use the `select disk` command to identify the drive. If you do not know the drive number, use the `list` command to display the list of disks available.
+
+4. After selecting the disk, run the `clean` command to remove all data, formatting, and initialization information from the drive.
+
+## Why do I keep on getting the message “Installing devices…” when I boot Windows To Go?
+
+
+One of the challenges involved in moving the Windows To Go drive between PCs while seamlessly booting Windows with access to all of their applications and data is that for Windows to be fully functional, specific drivers need to be installed for the hardware in each machine that runs Windows. Windows 8 or later has a process called respecialize which will identify new drivers that need to be loaded for the new PC and disable drivers which are not present on the new configuration. In general this feature is reliable and efficient when roaming between PCs of widely varying hardware configurations.
+
+In certain cases, third party drivers for different hardware models or versions can reuse device ID’s, driver file names, registry keys (or any other operating system constructs which do not support side-by-side storage) for similar hardware. For example, Touchpad drivers on different laptops often reuse the same device ID’s, and video cards from the same manufacturer may often reuse service names. Windows handles these situations by marking the non-present device node with a flag that indicates the existing driver needs to be reinstalled before continuing to install the new driver.
+
+This process will occur on any boot that a new driver is found and a driver conflict is detected. In some cases that will result in a respecialize progress message “Installing devices…” displaying every time that a Windows to Go drive is roamed between two PCs which require conflicting drivers.
+
+## How do I upgrade the operating system on my Windows To Go drive?
+
+
+There is no support in Windows for upgrading a Windows To Go drive. Deployed Windows To Go drives with older versions of Windows will need to be re-imaged with a new version of Windows in order to transition to the new operating system version.
+
+## Additional resources
+
+
+- [Windows 10 forums](https://go.microsoft.com/fwlink/p/?LinkId=618949)
+
+- [Windows To Go Step by Step Wiki](https://go.microsoft.com/fwlink/p/?LinkId=618950)
+
+- [Windows To Go: feature overview](windows-to-go-overview.md)
+
+- [Prepare your organization for Windows To Go](prepare-your-organization-for-windows-to-go.md)
+
+- [Deployment considerations for Windows To Go](deployment-considerations-for-windows-to-go.md)
+
+- [Security and data protection considerations for Windows To Go](security-and-data-protection-considerations-for-windows-to-go.md)
+
+
+
+
+
+
+
+
+
diff --git a/windows/deployment/planning/windows-to-go-overview.md b/windows/deployment/planning/windows-to-go-overview.md
index 3ed1e2e88c..57d74a1341 100644
--- a/windows/deployment/planning/windows-to-go-overview.md
+++ b/windows/deployment/planning/windows-to-go-overview.md
@@ -1,284 +1,239 @@
----
-title: Windows To Go feature overview (Windows 10)
-description: Windows To Go is a feature in Windows 10 Enterprise and Windows 10 Education that enables the creation of a Windows To Go workspace that can be booted from a USB-connected external drive on PCs.
-ms.assetid: 9df82b03-acba-442c-801d-56db241f8d42
-ms.reviewer:
-manager: laurawi
-ms.author: greglin
-keywords: workspace, mobile, installation, image, USB, device, image, edu
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.pagetype: mobility, edu
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Windows To Go: feature overview
-
-
-**Applies to**
-
-- Windows 10
-
->[!IMPORTANT]
->Windows To Go is no longer being developed. The feature does not support feature updates and therefore does not enable you to stay current. It also requires a specific type of USB that is no longer supported by many OEMs.
-
-Windows To Go is a feature in Windows 10 Enterprise and Windows 10 Education that enables the creation of a Windows To Go workspace that can be booted from a USB-connected external drive on PCs.
-
-PCs that meet the Windows 7 or later [certification requirements](https://go.microsoft.com/fwlink/p/?LinkId=618711) can run Windows 10 in a Windows To Go workspace, regardless of the operating system running on the PC. Windows To Go workspaces can use the same image enterprises use for their desktops and laptops and can be managed the same way. Windows To Go is not intended to replace desktops, laptops or supplant other mobility offerings. Rather, it provides support for efficient use of resources for alternative workplace scenarios. There are some additional considerations that you should keep in mind before you start to use Windows To Go:
-
-- [Differences between Windows To Go and a typical installation of Windows](#bkmk-wtgdif)
-- [Roaming with Windows To Go](#bkmk-wtgroam)
-- [Prepare for Windows To Go](#wtg-prep-intro)
-- [Hardware considerations for Windows To Go](#wtg-hardware)
-
-**Note**
-Windows To Go is not supported on Windows RT.
-
-
-
-## Differences between Windows To Go and a typical installation of Windows
-
-
-Windows To Go workspace operates just like any other installation of Windows with a few exceptions. These exceptions are:
-
-- **Internal disks are offline.** To ensure data isn’t accidentally disclosed, internal hard disks on the host computer are offline by default when booted into a Windows To Go workspace. Similarly if a Windows To Go drive is inserted into a running system, the Windows To Go drive will not be listed in Windows Explorer.
-
-- **Trusted Platform Module (TPM) is not used.** When using BitLocker Drive Encryption a pre-operating system boot password will be used for security rather than the TPM since the TPM is tied to a specific computer and Windows To Go drives will move between computers.
-
-- **Hibernate is disabled by default.** To ensure that the Windows To Go workspace is able to move between computers easily, hibernation is disabled by default. Hibernation can be re-enabled by using Group Policy settings.
-
-- **Windows Recovery Environment is not available.** In the rare case that you need to recover your Windows To Go drive, you should re-image it with a fresh image of Windows.
-
-- **Refreshing or resetting a Windows To Go workspace is not supported.** Resetting to the manufacturer’s standard for the computer doesn’t apply when running a Windows To Go workspace, so the feature was disabled.
-
-- **Upgrading a Windows To Go workspace is not supported.** Older Windows 8 or Windows 8.1 Windows To Go workspaces cannot be upgraded to Windows 10 workspaces, nor can Windows 10 Windows To Go workspaces be upgraded to future versions of Windows 10. For new versions, the workspace needs to be re-imaged with a fresh image of Windows.
-
-## Roaming with Windows To Go
-
-
-Windows To Go drives can be booted on multiple computers. When a Windows To Go workspace is first booted on a host computer it will detect all hardware on the computer and install any needed drivers. When the Windows To Go workspace is subsequently booted on that host computer it will be able to identify the host computer and load the correct set of drivers automatically.
-
-The applications that you want to use from the Windows To Go workspace should be tested to make sure they also support roaming. Some applications bind to the computer hardware which will cause difficulties if the workspace is being used with multiple host computers.
-
-## Prepare for Windows To Go
-
-
-Enterprises install Windows on a large group of computers either by using configuration management software (such as System Center Configuration Manager), or by using standard Windows deployment tools such as DiskPart and the Deployment Image Servicing and Management (DISM) tool.
-
-These same tools can be used to provision Windows To Go drive, just as you would if you were planning for provisioning a new class of mobile PCs. You can use the [Windows Assessment and Deployment Kit](https://go.microsoft.com/fwlink/p/?LinkId=526803) to review deployment tools available.
-
-**Important**
-Make sure you use the versions of the deployment tools provided for the version of Windows you are deploying. There have been many enhancements made to support Windows To Go. Using versions of the deployment tools released for earlier versions of Windows to provision a Windows To Go drive is not supported.
-
-
-
-As you decide what to include in your Windows To Go image, be sure to consider the following questions:
-
-Are there any drivers that you need to inject into the image?
-
-How will data be stored and synchronized to appropriate locations from the USB device?
-
-Are there any applications that are incompatible with Windows To Go roaming that should not be included in the image?
-
-What should be the architecture of the image - 32bit/64bit?
-
-What remote connectivity solution should be supported in the image if Windows To Go is used outside the corporate network?
-
-For more information about designing and planning your Windows To Go deployment, see [Prepare your organization for Windows To Go](prepare-your-organization-for-windows-to-go.md).
-
-## Hardware considerations for Windows To Go
-
-
-**For USB drives**
-
-The devices listed in this section have been specially optimized and certified for Windows To Go and meet the necessary requirements for booting and running a full version of Windows 10 from a USB drive. The optimizations for Windows To Go include the following:
-
-- Windows To Go certified USB drives are built for high random read/write speeds and support the thousands of random access I/O operations per second required for running normal Windows workloads smoothly.
-
-- Windows To Go certified USB drives have been tuned to ensure they boot and run on hardware certified for use with Windows 7 and later.
-
-- Windows To Go certified USB drives are built to last. Certified USB drives are backed with manufacturer warranties and should continue operating under normal usage. Refer to the manufacturer websites for warranty details.
-
-As of the date of publication, the following are the USB drives currently certified for use as Windows To Go drives:
-
-**Warning**
-Using a USB drive that has not been certified is not supported
-
-
-
-- IronKey Workspace W700 ([http://www.ironkey.com/windows-to-go-drives/ironkey-workspace-w700.html](https://go.microsoft.com/fwlink/p/?LinkId=618714))
-
-- IronKey Workspace W500 ([http://www.ironkey.com/windows-to-go-drives/ironkey-workspace-w500.html](https://go.microsoft.com/fwlink/p/?LinkId=618717))
-
-- IronKey Workspace W300 ([http://www.ironkey.com/windows-to-go-drives/ironkey-workspace-w300.html](https://go.microsoft.com/fwlink/p/?LinkId=618718))
-
-- Kingston DataTraveler Workspace for Windows To Go ([http://www.kingston.com/wtg/](https://go.microsoft.com/fwlink/p/?LinkId=618719))
-
-- Spyrus Portable Workplace ([http://www.spyruswtg.com/](https://go.microsoft.com/fwlink/p/?LinkId=618720))
-
- We recommend that you run the Spyrus Deployment Suite for Windows To Go to provision the Spyrus Portable Workplace.
-
-- Spyrus Secure Portable Workplace ([http://www.spyruswtg.com/](https://go.microsoft.com/fwlink/p/?LinkId=618720))
-
- **Important**
- You must use the Spyrus Deployment Suite for Windows To Go to provision the Spyrus Secure Portable Workplace. For more information about the Spyrus Deployment Suite for Windows To Go please refer to [http://www.spyruswtg.com/](https://go.microsoft.com/fwlink/p/?LinkId=618720).
-
-
-
-- Spyrus Worksafe ([http://www.spyruswtg.com/](https://go.microsoft.com/fwlink/p/?LinkId=618720))
-
- **Tip**
- This device contains an embedded smart card.
-
-
-
-- Super Talent Express RC4 for Windows To Go
-
- -and-
-
- Super Talent Express RC8 for Windows To Go
-
- ([http://www.supertalent.com/wtg/](https://go.microsoft.com/fwlink/p/?LinkId=618721))
-
-- Western Digital My Passport Enterprise ([http://www.wd.com/wtg](https://go.microsoft.com/fwlink/p/?LinkId=618722))
-
- We recommend that you run the WD Compass utility to prepare the Western Digital My Passport Enterprise drive for provisioning with Windows To Go. For more information about the WD Compass utility please refer to [http://www.wd.com/wtg](https://go.microsoft.com/fwlink/p/?LinkId=618722)
-
-**For host computers**
-
-When assessing the use of a PC as a host for a Windows To Go workspace you should consider the following criteria:
-
-- Hardware that has been certified for use with Windows 7or later operating systems will work well with Windows To Go.
-
-- Running a Windows To Go workspace from a computer that is running Windows RT is not a supported scenario.
-
-- Running a Windows To Go workspace on a Mac computer is not a supported scenario.
-
-The following table details the characteristics that the host computer must have to be used with Windows To Go:
-
-
-
-
-
-
-
-
-
-
-
-Boot process |
-Capable of USB boot |
-
-
-Firmware |
-USB boot enabled. (PCs certified for use with Windows 7 or later can be configured to boot directly from USB, check with the hardware manufacturer if you are unsure of the ability of your PC to boot from USB) |
-
-
-Processor architecture |
-Must support the image on the Windows To Go drive |
-
-
-External USB Hubs |
-Not supported; connect the Windows To Go drive directly to the host machine |
-
-
-Processor |
-1 Ghz or faster |
-
-
-RAM |
-2 GB or greater |
-
-
-Graphics |
-DirectX 9 graphics device with WDDM 1.2 or greater driver |
-
-
-USB port |
-USB 2.0 port or greater |
-
-
-
-
-
-
-**Checking for architectural compatibility between the host PC and the Windows To Go drive**
-
-In addition to the USB boot support in the BIOS, the Windows 10 image on your Windows To Go drive must be compatible with the processor architecture and the firmware of the host PC as shown in the table below.
-
-
-
-
-
-
-
-
-
-
-
-
-Legacy BIOS |
-32-bit |
-32-bit only |
-
-
-Legacy BIOS |
-64-bit |
-32-bit and 64-bit |
-
-
-UEFI BIOS |
-32-bit |
-32-bit only |
-
-
-UEFI BIOS |
-64-bit |
-64-bit only |
-
-
-
-
-
-
-## Additional resources
-
-
-- [Windows 10 forums](https://go.microsoft.com/fwlink/p/?LinkId=618949)
-
-- [Windows To Go Step by Step Wiki](https://go.microsoft.com/fwlink/p/?LinkId=618950)
-
-- [Tips for configuring your BIOS settings to work with Windows To Go](https://go.microsoft.com/fwlink/p/?LinkId=618951)
-
-## Related topics
-
-
-- [Deploy Windows To Go in your organization](https://go.microsoft.com/fwlink/p/?LinkId=619975)
-
-- [Windows To Go: frequently asked questions](windows-to-go-frequently-asked-questions.md)
-
-- [Prepare your organization for Windows To Go](prepare-your-organization-for-windows-to-go.md)
-
-- [Deployment considerations for Windows To Go](deployment-considerations-for-windows-to-go.md)
-
-- [Security and data protection considerations for Windows To Go](security-and-data-protection-considerations-for-windows-to-go.md)
-
-- [Best practice recommendations for Windows To Go](best-practice-recommendations-for-windows-to-go.md)
-
-
-
-
-
-
-
-
-
+---
+title: Windows To Go feature overview (Windows 10)
+description: Windows To Go is a feature in Windows 10 Enterprise and Windows 10 Education that enables the creation of a Windows To Go workspace that can be booted from a USB-connected external drive on PCs.
+ms.assetid: 9df82b03-acba-442c-801d-56db241f8d42
+ms.reviewer:
+manager: laurawi
+ms.author: greglin
+keywords: workspace, mobile, installation, image, USB, device, image, edu
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.pagetype: mobility, edu
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Windows To Go: feature overview
+
+
+**Applies to**
+
+- Windows 10
+
+> [!IMPORTANT]
+> Windows To Go is no longer being developed. The feature does not support feature updates and therefore does not enable you to stay current. It also requires a specific type of USB that is no longer supported by many OEMs.
+
+Windows To Go is a feature in Windows 10 Enterprise and Windows 10 Education that enables the creation of a Windows To Go workspace that can be booted from a USB-connected external drive on PCs.
+
+PCs that meet the Windows 7 or later [certification requirements](https://go.microsoft.com/fwlink/p/?LinkId=618711) can run Windows 10 in a Windows To Go workspace, regardless of the operating system running on the PC. Windows To Go workspaces can use the same image enterprises use for their desktops and laptops and can be managed the same way. Windows To Go is not intended to replace desktops, laptops or supplant other mobility offerings. Rather, it provides support for efficient use of resources for alternative workplace scenarios. There are some additional considerations that you should keep in mind before you start to use Windows To Go:
+
+- [Differences between Windows To Go and a typical installation of Windows](#bkmk-wtgdif)
+- [Roaming with Windows To Go](#bkmk-wtgroam)
+- [Prepare for Windows To Go](#wtg-prep-intro)
+- [Hardware considerations for Windows To Go](#wtg-hardware)
+
+> [!NOTE]
+> Windows To Go is not supported on Windows RT.
+
+## Differences between Windows To Go and a typical installation of Windows
+
+Windows To Go workspace operates just like any other installation of Windows with a few exceptions. These exceptions are:
+
+- **Internal disks are offline.** To ensure data isn’t accidentally disclosed, internal hard disks on the host computer are offline by default when booted into a Windows To Go workspace. Similarly if a Windows To Go drive is inserted into a running system, the Windows To Go drive will not be listed in Windows Explorer.
+- **Trusted Platform Module (TPM) is not used.** When using BitLocker Drive Encryption a pre-operating system boot password will be used for security rather than the TPM since the TPM is tied to a specific computer and Windows To Go drives will move between computers.
+- **Hibernate is disabled by default.** To ensure that the Windows To Go workspace is able to move between computers easily, hibernation is disabled by default. Hibernation can be re-enabled by using Group Policy settings.
+- **Windows Recovery Environment is not available.** In the rare case that you need to recover your Windows To Go drive, you should re-image it with a fresh image of Windows.
+- **Refreshing or resetting a Windows To Go workspace is not supported.** Resetting to the manufacturer’s standard for the computer doesn’t apply when running a Windows To Go workspace, so the feature was disabled.
+- **Upgrading a Windows To Go workspace is not supported.** Older Windows 8 or Windows 8.1 Windows To Go workspaces cannot be upgraded to Windows 10 workspaces, nor can Windows 10 Windows To Go workspaces be upgraded to future versions of Windows 10. For new versions, the workspace needs to be re-imaged with a fresh image of Windows.
+
+## Roaming with Windows To Go
+
+Windows To Go drives can be booted on multiple computers. When a Windows To Go workspace is first booted on a host computer it will detect all hardware on the computer and install any needed drivers. When the Windows To Go workspace is subsequently booted on that host computer it will be able to identify the host computer and load the correct set of drivers automatically.
+
+The applications that you want to use from the Windows To Go workspace should be tested to make sure they also support roaming. Some applications bind to the computer hardware which will cause difficulties if the workspace is being used with multiple host computers.
+
+## Prepare for Windows To Go
+
+Enterprises install Windows on a large group of computers either by using configuration management software (such as System Center Configuration Manager), or by using standard Windows deployment tools such as DiskPart and the Deployment Image Servicing and Management (DISM) tool.
+
+These same tools can be used to provision Windows To Go drive, just as you would if you were planning for provisioning a new class of mobile PCs. You can use the [Windows Assessment and Deployment Kit](https://go.microsoft.com/fwlink/p/?LinkId=526803) to review deployment tools available.
+
+> [!IMPORTANT]
+> Make sure you use the versions of the deployment tools provided for the version of Windows you are deploying. There have been many enhancements made to support Windows To Go. Using versions of the deployment tools released for earlier versions of Windows to provision a Windows To Go drive is not supported.
+
+As you decide what to include in your Windows To Go image, be sure to consider the following questions:
+
+Are there any drivers that you need to inject into the image?
+
+How will data be stored and synchronized to appropriate locations from the USB device?
+
+Are there any applications that are incompatible with Windows To Go roaming that should not be included in the image?
+
+What should be the architecture of the image - 32bit/64bit?
+
+What remote connectivity solution should be supported in the image if Windows To Go is used outside the corporate network?
+
+For more information about designing and planning your Windows To Go deployment, see [Prepare your organization for Windows To Go](prepare-your-organization-for-windows-to-go.md).
+
+## Hardware considerations for Windows To Go
+
+**For USB drives**
+
+The devices listed in this section have been specially optimized and certified for Windows To Go and meet the necessary requirements for booting and running a full version of Windows 10 from a USB drive. The optimizations for Windows To Go include the following:
+
+- Windows To Go certified USB drives are built for high random read/write speeds and support the thousands of random access I/O operations per second required for running normal Windows workloads smoothly.
+- Windows To Go certified USB drives have been tuned to ensure they boot and run on hardware certified for use with Windows 7 and later.
+- Windows To Go certified USB drives are built to last. Certified USB drives are backed with manufacturer warranties and should continue operating under normal usage. Refer to the manufacturer websites for warranty details.
+
+As of the date of publication, the following are the USB drives currently certified for use as Windows To Go drives:
+
+> [!WARNING]
+> Using a USB drive that has not been certified is not supported.
+
+- IronKey Workspace W700 ([http://www.ironkey.com/windows-to-go-drives/ironkey-workspace-w700.html](https://go.microsoft.com/fwlink/p/?LinkId=618714))
+- IronKey Workspace W500 ([http://www.ironkey.com/windows-to-go-drives/ironkey-workspace-w500.html](https://go.microsoft.com/fwlink/p/?LinkId=618717))
+- IronKey Workspace W300 ([http://www.ironkey.com/windows-to-go-drives/ironkey-workspace-w300.html](https://go.microsoft.com/fwlink/p/?LinkId=618718))
+- Kingston DataTraveler Workspace for Windows To Go ([http://www.kingston.com/wtg/](https://go.microsoft.com/fwlink/p/?LinkId=618719))
+- Spyrus Portable Workplace ([http://www.spyruswtg.com/](https://go.microsoft.com/fwlink/p/?LinkId=618720))
+
+ We recommend that you run the Spyrus Deployment Suite for Windows To Go to provision the Spyrus Portable Workplace.
+
+- Spyrus Secure Portable Workplace ([http://www.spyruswtg.com/](https://go.microsoft.com/fwlink/p/?LinkId=618720))
+
+ > [!IMPORTANT]
+ > You must use the Spyrus Deployment Suite for Windows To Go to provision the Spyrus Secure Portable Workplace. For more information about the Spyrus Deployment Suite for Windows To Go please refer to [http://www.spyruswtg.com/](https://go.microsoft.com/fwlink/p/?LinkId=618720).
+
+
+- Spyrus Worksafe ([http://www.spyruswtg.com/](https://go.microsoft.com/fwlink/p/?LinkId=618720))
+
+ > [!TIP]
+ > This device contains an embedded smart card.
+
+
+
+- Super Talent Express RC4 for Windows To Go
+
+ -and-
+
+ Super Talent Express RC8 for Windows To Go
+
+ ([http://www.supertalent.com/wtg/](https://go.microsoft.com/fwlink/p/?LinkId=618721))
+
+- Western Digital My Passport Enterprise ([http://www.wd.com/wtg](https://go.microsoft.com/fwlink/p/?LinkId=618722))
+
+ We recommend that you run the WD Compass utility to prepare the Western Digital My Passport Enterprise drive for provisioning with Windows To Go. For more information about the WD Compass utility please refer to [http://www.wd.com/wtg](https://go.microsoft.com/fwlink/p/?LinkId=618722)
+
+**For host computers**
+
+When assessing the use of a PC as a host for a Windows To Go workspace you should consider the following criteria:
+
+- Hardware that has been certified for use with Windows 7 or later operating systems will work well with Windows To Go.
+- Running a Windows To Go workspace from a computer that is running Windows RT is not a supported scenario.
+- Running a Windows To Go workspace on a Mac computer is not a supported scenario.
+
+The following table details the characteristics that the host computer must have to be used with Windows To Go:
+
+
+
+
+
+
+
+
+
+
+
+Boot process |
+Capable of USB boot |
+
+
+Firmware |
+USB boot enabled. (PCs certified for use with Windows 7 or later can be configured to boot directly from USB, check with the hardware manufacturer if you are unsure of the ability of your PC to boot from USB) |
+
+
+Processor architecture |
+Must support the image on the Windows To Go drive |
+
+
+External USB Hubs |
+Not supported; connect the Windows To Go drive directly to the host machine |
+
+
+Processor |
+1 Ghz or faster |
+
+
+RAM |
+2 GB or greater |
+
+
+Graphics |
+DirectX 9 graphics device with WDDM 1.2 or greater driver |
+
+
+USB port |
+USB 2.0 port or greater |
+
+
+
+
+**Checking for architectural compatibility between the host PC and the Windows To Go drive**
+
+In addition to the USB boot support in the BIOS, the Windows 10 image on your Windows To Go drive must be compatible with the processor architecture and the firmware of the host PC as shown in the table below.
+
+
+
+
+
+
+
+
+
+
+
+
+Legacy BIOS |
+32-bit |
+32-bit only |
+
+
+Legacy BIOS |
+64-bit |
+32-bit and 64-bit |
+
+
+UEFI BIOS |
+32-bit |
+32-bit only |
+
+
+UEFI BIOS |
+64-bit |
+64-bit only |
+
+
+
+
+## Additional resources
+
+- [Windows 10 forums](https://go.microsoft.com/fwlink/p/?LinkId=618949)
+- [Windows To Go Step by Step Wiki](https://go.microsoft.com/fwlink/p/?LinkId=618950)
+- [Tips for configuring your BIOS settings to work with Windows To Go](https://go.microsoft.com/fwlink/p/?LinkId=618951)
+
+## Related topics
+
+[Deploy Windows To Go in your organization](https://go.microsoft.com/fwlink/p/?LinkId=619975)
+[Windows To Go: frequently asked questions](windows-to-go-frequently-asked-questions.md)
+[Prepare your organization for Windows To Go](prepare-your-organization-for-windows-to-go.md)
+[Deployment considerations for Windows To Go](deployment-considerations-for-windows-to-go.md)
+[Security and data protection considerations for Windows To Go](security-and-data-protection-considerations-for-windows-to-go.md)
+[Best practice recommendations for Windows To Go](best-practice-recommendations-for-windows-to-go.md)
diff --git a/windows/deployment/s-mode.md b/windows/deployment/s-mode.md
index 530c47ce6f..3d5adb42f4 100644
--- a/windows/deployment/s-mode.md
+++ b/windows/deployment/s-mode.md
@@ -1,57 +1,59 @@
----
-title: Windows 10 Pro in S mode
-description: Overview of Windows 10 Pro/Enterprise in S mode. What is S mode for Enterprise customers?
-keywords: Windows 10 S, S mode, Windows S mode, Windows 10 S mode, S-mode, system requirements, Overview, Windows 10 Pro in S mode, Windows 10 Enterprise in S mode, Windows 10 Pro/Enterprise in S mode
-ms.mktglfcycl: deploy
-ms.localizationpriority: medium
-ms.prod: w10
-ms.sitesec: library
-ms.pagetype: deploy
-ms.date: 12/05/2018
-ms.reviewer:
-manager: laurawi
-ms.audience: itpro
author: greg-lindsay
-audience: itpro
author: greg-lindsay
-ms.topic: article
----
-
-# Windows 10 in S mode - What is it?
-S mode is an evolution of the S SKU introduced with Windows 10 April 2018 Update. It's a configuration that's available on all Windows Editions when enabled at the time of manufacturing. The edition of Windows can be upgrade at any time as shown below. However, the switch from S mode is a onetime switch and can only be undone by a wipe and reload of the OS.
-
-
-
-## S mode key features
-**Microsoft-verified security**
-
-With Windows 10 in S mode, you’ll find your favorite applications, such as Office, Evernote, and Spotify in the Microsoft Store where they’re Microsoft-verified for security. You can also feel secure when you’re online. Microsoft Edge, your default browser, gives you protection against phishing and socially engineered malware.
-
-**Performance that lasts**
-
-Start-ups are quick, and S mode is built to keep them that way. With Microsoft Edge as your browser, your online experience is fast and secure. Plus, you’ll enjoy a smooth, responsive experience, whether you’re streaming HD video, opening apps, or being productive on the go.
-
-**Choice and flexibility**
-
-Save your files to your favorite cloud, like OneDrive or Dropbox, and access them from any device you choose. Browse the Microsoft Store for thousands of apps, and if you don’t find exactly what you want, you can easily [switch out of S mode](https://docs.microsoft.com/windows/deployment/windows-10-pro-in-s-mode) to Windows 10 Home, Pro, or Enterprise editions at any time and search the web for more choices, as shown below.
-
-
-
-
-## Deployment
-
-Windows 10 in S mode is built for [modern management](https://docs.microsoft.com/windows/client-management/manage-windows-10-in-your-organization-modern-management) which means using [Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-10-autopilot). Windows Autopilot lets you deploy the device directly to a user without IT having to touch the physical device. Instead of manually deploying a custom image, Windows Autopilot will start with a generic PC that can only be used to join the company domain; policies are then deployed automatically through mobile device management to customize the device to the user and the desired environment. Devices are shipped in S mode; you can either keep them in S mode or use Windows Autopilot to switch the device out of S mode during the first run process or later using mobile device management, if desired.
-
-## Keep line of business apps functioning with Desktop Bridge
-
-Worried about your line of business apps not working in S mode? [Desktop Bridge](https://docs.microsoft.com/windows/uwp/porting/desktop-to-uwp-root) enables you to convert your line of business apps to a packaged app with UWP manifest. After testing and validating you can distribute the app through the Microsoft Store, making it ideal for Windows 10 in S mode.
-
-## Repackage Win32 apps into the MSIX format
-
-The [MSIX Packaging Tool](https://docs.microsoft.com/windows/application-management/msix-app-packaging-tool), available from the Microsoft Store, enables you to repackage existing Win32 applications to the MSIX format. You can run your desktop installers through this tool interactively and obtain an MSIX package that you can install on your device and upload to the Microsoft Store. This is another way to get your apps ready to run on Windows 10 in S mode.
-
-
-## Related links
-
-- [Consumer applications for S mode](https://www.microsoft.com/en-us/windows/s-mode)
-- [S mode devices](https://www.microsoft.com/en-us/windows/view-all-devices)
-- [Windows Defender Application Control deployment guide](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide)
-- [Windows Defender Advanced Threat Protection](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp)
+---
+title: Windows 10 Pro in S mode
+description: Overview of Windows 10 Pro/Enterprise in S mode. What is S mode for Enterprise customers?
+keywords: Windows 10 S, S mode, Windows S mode, Windows 10 S mode, S-mode, system requirements, Overview, Windows 10 Pro in S mode, Windows 10 Enterprise in S mode, Windows 10 Pro/Enterprise in S mode
+ms.mktglfcycl: deploy
+ms.localizationpriority: medium
+ms.prod: w10
+ms.sitesec: library
+ms.pagetype: deploy
+ms.date: 12/05/2018
+ms.reviewer:
+manager: laurawi
+ms.audience: itpro
+author: greg-lindsay
+audience: itpro
+author: greg-lindsay
+ms.topic: article
+---
+
+# Windows 10 in S mode - What is it?
+S mode is an evolution of the S SKU introduced with Windows 10 April 2018 Update. It's a configuration that's available on all Windows Editions when enabled at the time of manufacturing. The edition of Windows can be upgrade at any time as shown below. However, the switch from S mode is a onetime switch and can only be undone by a wipe and reload of the OS.
+
+
+
+## S mode key features
+**Microsoft-verified security**
+
+With Windows 10 in S mode, you’ll find your favorite applications, such as Office, Evernote, and Spotify in the Microsoft Store where they’re Microsoft-verified for security. You can also feel secure when you’re online. Microsoft Edge, your default browser, gives you protection against phishing and socially engineered malware.
+
+**Performance that lasts**
+
+Start-ups are quick, and S mode is built to keep them that way. With Microsoft Edge as your browser, your online experience is fast and secure. Plus, you’ll enjoy a smooth, responsive experience, whether you’re streaming HD video, opening apps, or being productive on the go.
+
+**Choice and flexibility**
+
+Save your files to your favorite cloud, like OneDrive or Dropbox, and access them from any device you choose. Browse the Microsoft Store for thousands of apps, and if you don’t find exactly what you want, you can easily [switch out of S mode](https://docs.microsoft.com/windows/deployment/windows-10-pro-in-s-mode) to Windows 10 Home, Pro, or Enterprise editions at any time and search the web for more choices, as shown below.
+
+
+
+
+## Deployment
+
+Windows 10 in S mode is built for [modern management](https://docs.microsoft.com/windows/client-management/manage-windows-10-in-your-organization-modern-management) which means using [Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-10-autopilot). Windows Autopilot lets you deploy the device directly to a user without IT having to touch the physical device. Instead of manually deploying a custom image, Windows Autopilot will start with a generic PC that can only be used to join the company domain; policies are then deployed automatically through mobile device management to customize the device to the user and the desired environment. Devices are shipped in S mode; you can either keep them in S mode or use Windows Autopilot to switch the device out of S mode during the first run process or later using mobile device management, if desired.
+
+## Keep line of business apps functioning with Desktop Bridge
+
+Worried about your line of business apps not working in S mode? [Desktop Bridge](https://docs.microsoft.com/windows/uwp/porting/desktop-to-uwp-root) enables you to convert your line of business apps to a packaged app with UWP manifest. After testing and validating you can distribute the app through the Microsoft Store, making it ideal for Windows 10 in S mode.
+
+## Repackage Win32 apps into the MSIX format
+
+The [MSIX Packaging Tool](https://docs.microsoft.com/windows/application-management/msix-app-packaging-tool), available from the Microsoft Store, enables you to repackage existing Win32 applications to the MSIX format. You can run your desktop installers through this tool interactively and obtain an MSIX package that you can install on your device and upload to the Microsoft Store. This is another way to get your apps ready to run on Windows 10 in S mode.
+
+
+## Related links
+
+- [Consumer applications for S mode](https://www.microsoft.com/windows/s-mode)
+- [S mode devices](https://www.microsoft.com/windows/view-all-devices)
+- [Windows Defender Application Control deployment guide](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide)
+- [Windows Defender Advanced Threat Protection](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp)
diff --git a/windows/deployment/update/fod-and-lang-packs.md b/windows/deployment/update/fod-and-lang-packs.md
index 9d1e2e68e3..8e8e208b29 100644
--- a/windows/deployment/update/fod-and-lang-packs.md
+++ b/windows/deployment/update/fod-and-lang-packs.md
@@ -6,7 +6,8 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: article
ms.author: greglin
-audience: itpro
author: greg-lindsay
+audience: itpro
+author: greg-lindsay
ms.localizationpriority: medium
ms.date: 03/13/2019
ms.reviewer:
@@ -17,10 +18,14 @@ ms.topic: article
> Applies to: Windows 10
-As of Windows 10 version 1709, you cannot use Windows Server Update Services (WSUS) to host [Features on Demand](https://docs.microsoft.com/windows-hardware/manufacture/desktop/features-on-demand-v2--capabilities) (FOD) and language packs for Windows 10 clients locally. Instead, you can enforce a Group Policy setting that tells the clients to pull them directly from Windows Update. You can also host FOD and language packs on a network share, but starting with Windows 10 version 1809, FOD and language packs can only be installed from Windows Update.
-
-For Windows domain environments running WSUS or SCCM, change the **Specify settings for optional component installation and component repair** policy to enable downloading FOD and language packs from Windows Update. This setting is located in `Computer Configuration\Administrative Templates\System` in the Group Policy Editor.
+As of Windows 10 version 1709, you can't use Windows Server Update Services (WSUS) to host [Features on Demand](https://docs.microsoft.com/windows-hardware/manufacture/desktop/features-on-demand-v2--capabilities) (FODs) locally. Starting with Windows 10 version 1803, language packs can no longer be hosted on WSUS.
-Changing this policy does not affect how other updates are distributed. They continue to come from WSUS or SCCM as you have scheduled them.
+The **Specify settings for optional component installation and component repair** policy, located under `Computer Configuration\Administrative Templates\System` in the Group Policy Editor, can be used to specify alternate ways to acquire FOD packages, language packages, and content for corruption repair. However, it’s important to note this policy only allows specifying one alternate location and behaves differently across OS versions.
+
+In Windows 10 version 1709 and 1803, changing the **Specify settings for optional component installation and component repair** policy to download content from Windows Update enables acquisition of FOD packages while also enabling corruption repair. Specifying a network location works for either, depending on the content is found at that location. Changing this policy on these OS versions does not influence how language packs are acquired.
+
+In Windows 10 version 1809 and beyond, changing the **Specify settings for optional component installation and component repair** policy also influences how language packs are acquired, however language packs can only be acquired directly from Windows Update. It’s currently not possible to acquire them from a network share. Specifying a network location works for FOD packages or corruption repair, depending on the content at that location.
+
+For all OS versions, changing the **Specify settings for optional component installation and component repair** policy does not affect how OS updates are distributed. They continue to come from WSUS or SCCM or other sources as you have scheduled them, even while optional content is sourced from Windows Update or a network location.
Learn about other client management options, including using Group Policy and administrative templates, in [Manage clients in Windows 10](https://docs.microsoft.com/windows/client-management/).
diff --git a/windows/deployment/update/how-windows-update-works.md b/windows/deployment/update/how-windows-update-works.md
index 0cce8e0389..e71e615d1f 100644
--- a/windows/deployment/update/how-windows-update-works.md
+++ b/windows/deployment/update/how-windows-update-works.md
@@ -16,7 +16,7 @@ ms.topic: article
# How does Windows Update work?
->Applies to: Windows 10
+> Applies to: Windows 10
The Windows Update workflow has four core areas of functionality:
@@ -35,7 +35,7 @@ The Windows Update workflow has four core areas of functionality:
### Install
-1. Orchestrator initates the installation.
+1. Orchestrator initiates the installation.
2. The arbiter calls the installer to install the package.
@@ -96,8 +96,8 @@ When users start scanning in Windows Update through the Settings panel, the foll
- Common service IDs
- >[!IMPORTANT]
- >ServiceId here identifies a client abstraction, not any specific service in the cloud. No assumption should be made of which server a serviceId is pointing to, it's totally controlled by the SLS responses.
+ > [!IMPORTANT]
+ > ServiceId here identifies a client abstraction, not any specific service in the cloud. No assumption should be made of which server a serviceId is pointing to, it's totally controlled by the SLS responses.
|Service|ServiceId|
|-------|---------|
@@ -116,8 +116,8 @@ Common update failure is caused due to network issues. To find the root of the i
- "SOAP faults" can be either client- or server-side issues; read the message.
- The WU client uses SLS (Service Locator Service) to discover the configurations and endpoints of Microsoft network update sources – WU, MU, Flighting.
- >[!NOTE]
- >Warning messages for SLS can be ignored if the search is against WSUS/SCCM.
+ > [!NOTE]
+ > Warning messages for SLS can be ignored if the search is against WSUS/SCCM.
- On sites that only use WSUS/SCCM, the SLS may be blocked at the firewall. In this case the SLS request will fail, and can’t scan against Windows Update or Microsoft Update but can still scan against WSUS/SCCM, since it’s locally configured.
diff --git a/windows/deployment/update/index.md b/windows/deployment/update/index.md
index a13003c55f..210ebcaf84 100644
--- a/windows/deployment/update/index.md
+++ b/windows/deployment/update/index.md
@@ -5,9 +5,9 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: Jaimeo
+manager: laurawi
ms.localizationpriority: high
ms.author: jaimeo
-ms.date: 04/06/2018
ms.topic: article
---
diff --git a/windows/deployment/update/update-compliance-wd-av-status.md b/windows/deployment/update/update-compliance-wd-av-status.md
index 35deef9366..74250033ff 100644
--- a/windows/deployment/update/update-compliance-wd-av-status.md
+++ b/windows/deployment/update/update-compliance-wd-av-status.md
@@ -20,7 +20,7 @@ ms.topic: article
The Windows Defender AV Status section deals with data concerning signature and threat status for devices that use Windows Defender Antivirus. The section tile in the [Overview Blade](update-compliance-using.md#overview-blade) provides the percentage of devices with insufficient protection – this percentage only considers devices using Windows Defender Antivirus.
>[!NOTE]
->Update Compliance's Windows Defender Antivirus status is compatible with E3, B, F1, VL Professional and below licenses. Devices with an E5 license are not shown here; devices with an E5 license can be monitored using the [Windows Defender ATP portal](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-endpoints-windows-defender-advanced-threat-protection). If you'd like to learn more about Windows 10 licensing, see the [Windows 10 product licensing options](https://www.microsoft.com/en-us/Licensing/product-licensing/windows10.aspx).
+>Update Compliance's Windows Defender Antivirus status is compatible with E3, B, F1, VL Professional and below licenses. Devices with an E5 license are not shown here; devices with an E5 license can be monitored using the [Windows Defender ATP portal](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-endpoints-windows-defender-advanced-threat-protection). If you'd like to learn more about Windows 10 licensing, see the [Windows 10 product licensing options](https://www.microsoft.com/Licensing/product-licensing/windows10.aspx).
# Windows Defender AV Status sections
The **Protection Status** blade gives a count for devices that have either out-of-date signatures or real-time protection turned off. Below, it gives a more detailed breakdown of the two issues. Selecting any of these statuses will navigate you to a Log Search view containing the query.
diff --git a/windows/deployment/update/waas-delivery-optimization.md b/windows/deployment/update/waas-delivery-optimization.md
index 1f15840c95..64deb7803d 100644
--- a/windows/deployment/update/waas-delivery-optimization.md
+++ b/windows/deployment/update/waas-delivery-optimization.md
@@ -8,9 +8,9 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
audience: itpro
-author: greg-lindsay
+author: jaimeo
ms.localizationpriority: medium
-ms.author: greglin
+ms.author: jaimeo
ms.collection: M365-modern-desktop
ms.topic: article
---
@@ -97,7 +97,12 @@ For more details, check out the [Adopting Windows as a Service at Microsoft](htt
**Does Delivery Optimization work with WSUS?**: Yes. Devices will obtain the update payloads from the WSUS server, but must also have an internet connection as they communicate with the Delivery Optimization cloud service for coordination.
-**Which ports does Delivery Optimization use?**: For peer-to-peer traffic, it uses 7680 for TCP/IP or 3544 for NAT traversal (optionally Teredo). For client-service communication, it uses HTTP or HTTPS over port 80/443.
+**Which ports does Delivery Optimization use?**: Delivery Optimization listens on port 7680 for requests from other peers by using TCP/IP. The service will register and open this port on the device, but you might need to set this port to accept inbound traffic through your firewall yourself. If you don't allow inbound traffic over port 7680, you can't use the peer-to-peer functionality of Delivery Optimization. However, devices can still successfully download by using HTTP or HTTPS traffic over port 80 (such as for default Windows Update data).
+
+If you set up Delivery Optimization to create peer groups that include devices across NATs (or any form of internal subnet that uses gateways or firewalls between subnets), it will use Teredo. For this to work, you must allow inbound TCP/IP traffic over port 3544. Look for a "NAT traversal" setting in your firewall to set this up.
+
+Delivery Optimization also communicates with its cloud service by using HTTP/HTTPS over port 80.
+
**What are the requirements if I use a proxy?**: You must allow Byte Range requests. See [Proxy requirements for Windows Update](https://support.microsoft.com/help/3175743/proxy-requirements-for-windows-update) for details.
diff --git a/windows/deployment/update/waas-mobile-updates.md b/windows/deployment/update/waas-mobile-updates.md
index 78594a2262..73652f10a9 100644
--- a/windows/deployment/update/waas-mobile-updates.md
+++ b/windows/deployment/update/waas-mobile-updates.md
@@ -18,7 +18,7 @@ ms.topic: article
**Applies to**
- Windows 10 Mobile
-- [Windows 10 IoT Mobile](https://www.microsoft.com/en-us/WindowsForBusiness/windows-iot)
+- [Windows 10 IoT Mobile](https://www.microsoft.com/WindowsForBusiness/windows-iot)
> **Looking for consumer information?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq)
diff --git a/windows/deployment/update/waas-morenews.md b/windows/deployment/update/waas-morenews.md
index b1122abef6..bf740f50c0 100644
--- a/windows/deployment/update/waas-morenews.md
+++ b/windows/deployment/update/waas-morenews.md
@@ -37,7 +37,7 @@ Here's more news about [Windows as a service](windows-as-a-service.md):
- How to get the Windows 10 October 2018 Update - October 2, 2018
- Reducing Windows 10 Package Size Downloads for x64 Systems - September 26, 2018
- Windows 7 Servicing Stack Updates: Managing Change and Appreciating Cumulative Updates - September 21, 2018
-- Helping customers shift to a modern desktop - September 6, 2018
+- Helping customers shift to a modern desktop - September 6, 2018
- Windows Update for Business & Windows Analytics: a real-world experience - September 5, 2018
- What's next for Windows 10 and Windows Server quality updates - August 16, 2018
- Windows 10 monthly updates - August 1, 2018 (video)
diff --git a/windows/deployment/update/waas-optimize-windows-10-updates.md b/windows/deployment/update/waas-optimize-windows-10-updates.md
index 08ff7d66a5..993d1f887d 100644
--- a/windows/deployment/update/waas-optimize-windows-10-updates.md
+++ b/windows/deployment/update/waas-optimize-windows-10-updates.md
@@ -4,9 +4,9 @@ description: Two methods of peer-to-peer content distribution are available in W
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
-author: greg-lindsay
+author: jaimeo
ms.localizationpriority: medium
-ms.author: greg-lindsay
+ms.author: jaimeo
ms.reviewer:
manager: laurawi
ms.topic: article
diff --git a/windows/deployment/update/waas-overview.md b/windows/deployment/update/waas-overview.md
index 49efd6e3b2..02b95b42a5 100644
--- a/windows/deployment/update/waas-overview.md
+++ b/windows/deployment/update/waas-overview.md
@@ -132,7 +132,7 @@ Specialized systems—such as devices that control medical equipment, point-of-s
> [!NOTE]
> Windows 10 Enterprise LTSB is a separate Long Term Servicing Channel version.
>
->Long-term Servicing channel is not intended for deployment on most or all the devicess in an organization; it should be used only for special-purpose devices. As a general guideline, a device with Microsoft Office installed is a general-purpose device, typically used by an information worker, and therefore it is better suited for the Semi-Annual servicing channel.
+> Long-term Servicing channel is not intended for deployment on most or all the devices in an organization; it should be used only for special-purpose devices. As a general guideline, a device with Microsoft Office installed is a general-purpose device, typically used by an information worker, and therefore it is better suited for the Semi-Annual servicing channel.
Microsoft never publishes feature updates through Windows Update on devices that run Windows 10 Enterprise LTSB. Instead, it typically offers new LTSC releases every 2–3 years, and organizations can choose to install them as in-place upgrades or even skip releases over a 10-year life cycle.
diff --git a/windows/deployment/update/waas-quick-start.md b/windows/deployment/update/waas-quick-start.md
index 56b4cc46a7..74c05a0abe 100644
--- a/windows/deployment/update/waas-quick-start.md
+++ b/windows/deployment/update/waas-quick-start.md
@@ -50,7 +50,7 @@ See [Assign devices to servicing channels for Windows 10 updates](waas-servicing
## Staying up to date
-The process for keeping Windows 10 up to date involves deploying a feature update, at an appropriate time after its release. A variety of tools management and patching tools such as Windows Update, Windows Update for Business, Windows Server Update Services, System Center Configuration Manager, and third-party products) can be used to help with this process. [Windows Analytics Upgrade Readiness](https://www.microsoft.com/en-us/WindowsForBusiness/windows-analytics), a free tool to streamline Windows upgrade projects, is another important tool to help.
+The process for keeping Windows 10 up to date involves deploying a feature update, at an appropriate time after its release. A variety of tools management and patching tools such as Windows Update, Windows Update for Business, Windows Server Update Services, System Center Configuration Manager, and third-party products) can be used to help with this process. [Windows Analytics Upgrade Readiness](https://www.microsoft.com/WindowsForBusiness/windows-analytics), a free tool to streamline Windows upgrade projects, is another important tool to help.
Because app compatibility, both for desktop apps and web apps, is outstanding with Windows 10, extensive advanced testing isn’t required. Instead, only business-critical apps need to be tested, with the remaining apps validated through a series of pilot deployment rings. Once these pilot deployments have validated most apps, broad deployment can begin.
diff --git a/windows/deployment/update/waas-restart.md b/windows/deployment/update/waas-restart.md
index bab9a9e136..0ea4468377 100644
--- a/windows/deployment/update/waas-restart.md
+++ b/windows/deployment/update/waas-restart.md
@@ -4,10 +4,9 @@ description: tbd
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
-author: greg-lindsay
+author: jaimeo
ms.localizationpriority: medium
-ms.author: greg-lindsay
-ms.date: 07/27/2017
+ms.author: jaimeo
ms.reviewer:
manager: laurawi
ms.topic: article
diff --git a/windows/deployment/update/waas-servicing-differences.md b/windows/deployment/update/waas-servicing-differences.md
index fda8dac6f6..1b5f466c3f 100644
--- a/windows/deployment/update/waas-servicing-differences.md
+++ b/windows/deployment/update/waas-servicing-differences.md
@@ -25,8 +25,8 @@ Today, many enterprise customers have a mix of modern and legacy client and serv
The following provides an initial overview of how updating client and server differs between the Windows 10-era Operating Systems (such as, Windows 10 version 1709, Windows Server 2016) and legacy operating systems (such as Windows 7, Windows 8.1, Windows Server 2008 R2, Windows Server 2012 R2).
->[!NOTE]
->A note on naming convention in this article: For brevity, "Windows 10" refers to all operating systems across client, server and IoT released since July 2015, while "legacy" refers to all operating systems prior to that period for client and server, including Windows 7, Window 8.1, Windows Server 2008 R2, Windows Server 2012 R2, etc.
+> [!NOTE]
+> A note on naming convention in this article: For brevity, "Windows 10" refers to all operating systems across client, server and IoT released since July 2015, while "legacy" refers to all operating systems prior to that period for client and server, including Windows 7, Window 8.1, Windows Server 2008 R2, Windows Server 2012 R2, etc.
## Infinite fragmentation
Prior to Windows 10, all updates to operating system (OS) components were published individually. On "Update Tuesday," customers would pick and choose individual updates they wanted to apply. Most chose to update security fixes, while far fewer selected non-security fixes, updated drivers, or installed .NET Framework updates.
@@ -87,6 +87,12 @@ Moving to the cumulative model for legacy OS versions continues to improve predi
## Public preview releases
Lastly, the cumulative update model directly impacts the public Preview releases offered in the 3rd and/or 4th weeks of the month. Update Tuesday, also referred to as the "B" week release occurs on the second Tuesday of the month. It is always a required security update across all operating systems. In addition to this monthly release, Windows also releases non-security update "previews" targeting the 3rd (C) and the 4th (D) weeks of the month. These preview releases include that month’s B-release plus a set of non-security updates for testing and validation as a cumulative package. We recommend IT Administrators uses the C/D previews to test the update in their environments. Any issues identified with the updates in the C/D releases are identified and then fixed or removed, prior to being rolled up in to the next month’s B release package together with new security updates. Security-only Packages are not part of the C/D preview program.
+> [!NOTE]
+> Only preview updates for the most recent release of Windows 10 are published to Windows Server Update Services (WSUS). For customers using the WSUS channel, and products such as System Center Configuration Manager that rely on it, will not see preview updates for older versions of Windows 10.
+
+> [!NOTE]
+> Preview updates for Windows 10 are not named differently than their LCU counterparts and do not contain the word 'Preview'. They can be identified by their release date (C or D week) and their classification as non-security updates.
+
### Examples
Windows 10 version 1709:
- (9B) September 11, 2018 Update Tuesday / B release - includes security, non-security and IE update. This update is categorized as "Required, Security" it requires a system reboot.
diff --git a/windows/deployment/update/waas-wufb-group-policy.md b/windows/deployment/update/waas-wufb-group-policy.md
index 4748ffac57..d45100b41b 100644
--- a/windows/deployment/update/waas-wufb-group-policy.md
+++ b/windows/deployment/update/waas-wufb-group-policy.md
@@ -4,10 +4,9 @@ description: Configure Windows Update for Business settings using Group Policy.
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
-author: greg-lindsay
+author: jaimeo
ms.localizationpriority: medium
-ms.author: greg-lindsay
-ms.date: 07/27/2017
+ms.author: jaimeo
ms.reviewer:
manager: laurawi
ms.topic: article
diff --git a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
index 423c82f71c..8ba5c114c5 100644
--- a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
+++ b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
@@ -8,8 +8,10 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: deploy
-audience: itpro
author: greg-lindsay
-ms.audience: itpro
author: greg-lindsay
+audience: itpro
+author: greg-lindsay
+ms.audience: itpro
+author: greg-lindsay
ms.localizationpriority: medium
ms.collection: M365-analytics
ms.topic: article
@@ -53,12 +55,12 @@ If you've followed the steps in the [Enrolling devices in Windows Analytics](win
### Devices not appearing in Upgrade Readiness
-In Log Analytics, go to **Settings > Connected sources > Windows telemetry** and verify that you are subscribed to the Windows Analytics solutions you intend to use.
+In Log Analytics workspace, go to **Solutions** and verify that you are subscribed to the Windows Analytics solutions you intend to use.
Even though devices can take 2-3 days after enrollment to show up due to latency in the system, you can now verify the status of your devices within a few hours of running the deployment script as described in [You can now check on the status of your computers within hours of running the deployment script](https://techcommunity.microsoft.com/t5/Windows-Analytics-Blog/You-can-now-check-on-the-status-of-your-computers-within-hours/ba-p/187213) on the Tech Community Blog.
>[!NOTE]
-> If you generate the status report and get an error message saying "Sorry! We’re not recognizing your Commercial Id," go to **Settings > Connected sources > Windows telemetry** remove the Upgrade Readiness solution, and then re-add it.
+> If you generate the status report and get an error message saying "Sorry! We’re not recognizing your Commercial Id, See [Enrolling devices in Windows Analytics](https://docs.microsoft.com/windows/deployment/update/windows-analytics-get-started).
If devices are not showing up as expected, find a representative device and follow these steps to run the latest pilot version of the Upgrade Readiness deployment script on it to troubleshoot issues:
@@ -230,9 +232,7 @@ We have identified an incompatibility between AbnormalShutdownCount and the Limi
If you want to stop using Upgrade Readiness and stop sending diagnostic data to Microsoft, follow these steps:
-1. Unsubscribe from the Upgrade Readiness solution in Azure Portal. In Azure Portal, go to **Settings** > **Connected Sources** > **Windows Telemetry** and choose the **Unsubscribe** option.
-
- 
+1. Delete the Upgrade Readiness solution in Log Analytics workspace. In Log Analytics workspace. select **Solutions** > **Compatibility Assessment** > **Delete**.
2. Disable the Commercial Data Opt-in Key on computers running Windows 7 SP1 or 8.1. On computers running Windows 10, set the diagnostic data level to **Security**:
diff --git a/windows/deployment/update/windows-as-a-service.md b/windows/deployment/update/windows-as-a-service.md
index ab43140802..d7d45d741a 100644
--- a/windows/deployment/update/windows-as-a-service.md
+++ b/windows/deployment/update/windows-as-a-service.md
@@ -80,7 +80,7 @@ Prepare to implement Windows as a service effectively using the right tools, pro
-Simplified updates
+Simplified updates
Windows 10 end user readiness
diff --git a/windows/deployment/update/windows-update-resources.md b/windows/deployment/update/windows-update-resources.md
index c98b9d29d0..ead5fd7aaf 100644
--- a/windows/deployment/update/windows-update-resources.md
+++ b/windows/deployment/update/windows-update-resources.md
@@ -1,126 +1,132 @@
----
-title: Windows Update - Additional resources
-description: Additional resources for Windows Update
-ms.prod: w10
-ms.mktglfcycl:
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.localizationpriority: medium
-ms.audience: itpro
author: greg-lindsay
-ms.date: 09/18/2018
-ms.reviewer:
-manager: laurawi
-ms.topic: article
----
-
-# Windows Update - additional resources
-
->Applies to: Windows 10
-
-The following resources provide additional information about using Windows Update.
-
-## WSUS Troubleshooting
-
-[Troubleshooting issues with WSUS client agents](https://support.microsoft.com/help/10132/)
-
-[How to troubleshoot WSUS](https://support.microsoft.com/help/4025764/)
-
-[Error 80244007 when WSUS client scans for updates](https://support.microsoft.com/help/4096317/)
-
-[Updates may not be installed with Fast Startup in Windows 10](https://support.microsoft.com/help/4011287/)
-
-
-## How do I reset Windows Update components?
-
-[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-WindowsUpdateps1-e0c5eb78) will completely reset the Windows Update client settings. It has been tested on Windows 7, 8, 10, and Windows Server 2012 R2. It will configure the services and registry keys related to Windows Update for default settings. It will also clean up files related to Windows Update, in addition to BITS related data.
-
-
-[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-Windows-Update-Agent-d824badc) allow reset the Windows Update Agent resolving issues with Windows Update.
-
-
-## Reset Windows Update components manually
-1. Open a Windows command prompt. To open a command prompt, click **Start > Run**. Copy and paste (or type) the following command and then press ENTER:
- ```
- cmd
- ```
-2. Stop the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
- ```
- net stop bits
- net stop wuauserv
- ```
-3. Delete the qmgr\*.dat files. To do this, type the following command at a command prompt, and then press ENTER:
- ```
- Del "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr*.dat"
- ```
-4. If this is your first attempt at resolving your Windows Update issues by using the steps in this article, go to step 5 without carrying out the steps in step 4. The steps in step 4 should only be performed at this point in the troubleshooting if you cannot resolve your Windows Update issues after following all steps but step 4. The steps in step 4 are also performed by the "Aggressive" mode of the Fix it Solution above.
- 1. Rename the following folders to *.BAK:
- - %systemroot%\SoftwareDistribution\DataStore
- - %systemroot%\SoftwareDistribution\Download
- - %systemroot%\system32\catroot2
-
- To do this, type the following commands at a command prompt. Press ENTER after you type each command.
- - Ren %systemroot%\SoftwareDistribution\DataStore *.bak
- - Ren %systemroot%\SoftwareDistribution\Download *.bak
- - Ren %systemroot%\system32\catroot2 *.bak
- 2. Reset the BITS service and the Windows Update service to the default security descriptor. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
- - sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
- - sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
-5. Type the following command at a command prompt, and then press ENTER:
- ```
- cd /d %windir%\system32
- ```
-6. Reregister the BITS files and the Windows Update files. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
- - regsvr32.exe atl.dll
- - regsvr32.exe urlmon.dll
- - regsvr32.exe mshtml.dll
- - regsvr32.exe shdocvw.dll
- - regsvr32.exe browseui.dll
- - regsvr32.exe jscript.dll
- - regsvr32.exe vbscript.dll
- - regsvr32.exe scrrun.dll
- - regsvr32.exe msxml.dll
- - regsvr32.exe msxml3.dll
- - regsvr32.exe msxml6.dll
- - regsvr32.exe actxprxy.dll
- - regsvr32.exe softpub.dll
- - regsvr32.exe wintrust.dll
- - regsvr32.exe dssenh.dll
- - regsvr32.exe rsaenh.dll
- - regsvr32.exe gpkcsp.dll
- - regsvr32.exe sccbase.dll
- - regsvr32.exe slbcsp.dll
- - regsvr32.exe cryptdlg.dll
- - regsvr32.exe oleaut32.dll
- - regsvr32.exe ole32.dll
- - regsvr32.exe shell32.dll
- - regsvr32.exe initpki.dll
- - regsvr32.exe wuapi.dll
- - regsvr32.exe wuaueng.dll
- - regsvr32.exe wuaueng1.dll
- - regsvr32.exe wucltui.dll
- - regsvr32.exe wups.dll
- - regsvr32.exe wups2.dll
- - regsvr32.exe wuweb.dll
- - regsvr32.exe qmgr.dll
- - regsvr32.exe qmgrprxy.dll
- - regsvr32.exe wucltux.dll
- - regsvr32.exe muweb.dll
- - regsvr32.exe wuwebv.dll
-7. Reset Winsock. To do this, type the following command at a command prompt, and then press ENTER:
- ```
- netsh winsock reset
- ```
-8. If you are running Windows XP or Windows Server 2003, you have to set the proxy settings. To do this, type the following command at a command prompt, and then press ENTER:
- ```
- proxycfg.exe -d
- ```
-9. Restart the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
- ```
- net start bits
-
- net start wuauserv
- ```
-10. If you are running Windows Vista or Windows Server 2008, clear the BITS queue. To do this, type the following command at a command prompt, and then press ENTER:
- ```
- bitsadmin.exe /reset /allusers
- ```
+---
+title: Windows Update - Additional resources
+description: Additional resources for Windows Update
+ms.prod: w10
+ms.mktglfcycl:
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.localizationpriority: medium
+ms.audience: itpro
+author: greg-lindsay
+ms.date: 09/18/2018
+ms.reviewer:
+manager: laurawi
+ms.topic: article
+---
+
+# Windows Update - additional resources
+
+>Applies to: Windows 10
+
+The following resources provide additional information about using Windows Update.
+
+## WSUS Troubleshooting
+
+[Troubleshooting issues with WSUS client agents](https://support.microsoft.com/help/10132/)
+
+[How to troubleshoot WSUS](https://support.microsoft.com/help/4025764/)
+
+[Error 80244007 when WSUS client scans for updates](https://support.microsoft.com/help/4096317/)
+
+[Updates may not be installed with Fast Startup in Windows 10](https://support.microsoft.com/help/4011287/)
+
+
+## How do I reset Windows Update components?
+
+[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-WindowsUpdateps1-e0c5eb78) will completely reset the Windows Update client settings. It has been tested on Windows 7, 8, 10, and Windows Server 2012 R2. It will configure the services and registry keys related to Windows Update for default settings. It will also clean up files related to Windows Update, in addition to BITS related data.
+
+
+[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-Windows-Update-Agent-d824badc) allow reset the Windows Update Agent resolving issues with Windows Update.
+
+
+## Reset Windows Update components manually
+1. Open a Windows command prompt. To open a command prompt, click **Start > Run**. Copy and paste (or type) the following command and then press ENTER:
+ ```
+ cmd
+ ```
+2. Stop the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
+ ```
+ net stop bits
+ net stop wuauserv
+ ```
+3. Delete the qmgr\*.dat files. To do this, type the following command at a command prompt, and then press ENTER:
+ ```
+ Del "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr*.dat"
+ ```
+4. If this is your first attempt at resolving your Windows Update issues by using the steps in this article, go to step 5 without carrying out the steps in step 4. The steps in step 4 should only be performed at this point in the troubleshooting if you cannot resolve your Windows Update issues after following all steps but step 4. The steps in step 4 are also performed by the "Aggressive" mode of the Fix it Solution above.
+ 1. Rename the following folders to *.BAK:
+ - %systemroot%\SoftwareDistribution\DataStore
+ - %systemroot%\SoftwareDistribution\Download
+ - %systemroot%\system32\catroot2
+
+ To do this, type the following commands at a command prompt. Press ENTER after you type each command.
+ - Ren %systemroot%\SoftwareDistribution\DataStore *.bak
+ - Ren %systemroot%\SoftwareDistribution\Download *.bak
+ - Ren %systemroot%\system32\catroot2 *.bak
+ 2. Reset the BITS service and the Windows Update service to the default security descriptor. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
+ - sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
+ - sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
+5. Type the following command at a command prompt, and then press ENTER:
+ ```
+ cd /d %windir%\system32
+ ```
+6. Reregister the BITS files and the Windows Update files. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
+
+ ```
+ regsvr32.exe atl.dll
+ regsvr32.exe urlmon.dll
+ regsvr32.exe mshtml.dll
+ regsvr32.exe shdocvw.dll
+ regsvr32.exe browseui.dll
+ regsvr32.exe jscript.dll
+ regsvr32.exe vbscript.dll
+ regsvr32.exe scrrun.dll
+ regsvr32.exe msxml.dll
+ regsvr32.exe msxml3.dll
+ regsvr32.exe msxml6.dll
+ regsvr32.exe actxprxy.dll
+ regsvr32.exe softpub.dll
+ regsvr32.exe wintrust.dll
+ regsvr32.exe dssenh.dll
+ regsvr32.exe rsaenh.dll
+ regsvr32.exe gpkcsp.dll
+ regsvr32.exe sccbase.dll
+ regsvr32.exe slbcsp.dll
+ regsvr32.exe cryptdlg.dll
+ regsvr32.exe oleaut32.dll
+ regsvr32.exe ole32.dll
+ regsvr32.exe shell32.dll
+ regsvr32.exe initpki.dll
+ regsvr32.exe wuapi.dll
+ regsvr32.exe wuaueng.dll
+ regsvr32.exe wuaueng1.dll
+ regsvr32.exe wucltui.dll
+ regsvr32.exe wups.dll
+ regsvr32.exe wups2.dll
+ regsvr32.exe wuweb.dll
+ regsvr32.exe qmgr.dll
+ regsvr32.exe qmgrprxy.dll
+ regsvr32.exe wucltux.dll
+ regsvr32.exe muweb.dll
+ regsvr32.exe wuwebv.dll
+ ```
+
+7. Reset Winsock. To do this, type the following command at a command prompt, and then press ENTER:
+ ```
+ netsh winsock reset
+ ```
+8. If you are running Windows XP or Windows Server 2003, you have to set the proxy settings. To do this, type the following command at a command prompt, and then press ENTER:
+ ```
+ proxycfg.exe -d
+ ```
+9. Restart the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
+ ```
+ net start bits
+
+ net start wuauserv
+ ```
+10. If you are running Windows Vista or Windows Server 2008, clear the BITS queue. To do this, type the following command at a command prompt, and then press ENTER:
+ ```
+ bitsadmin.exe /reset /allusers
+ ```
diff --git a/windows/deployment/upgrade/log-files.md b/windows/deployment/upgrade/log-files.md
index 0216aec2c1..0214e53ad8 100644
--- a/windows/deployment/upgrade/log-files.md
+++ b/windows/deployment/upgrade/log-files.md
@@ -166,6 +166,6 @@ Therefore, Windows Setup failed because it was not able to migrate the corrupt f
[Windows 10 FAQ for IT professionals](https://technet.microsoft.com/windows/dn798755.aspx)
[Windows 10 Enterprise system requirements](https://technet.microsoft.com/windows/dn798752.aspx)
-
[Windows 10 Specifications](https://www.microsoft.com/en-us/windows/Windows-10-specifications)
+
[Windows 10 Specifications](https://www.microsoft.com/windows/Windows-10-specifications)
[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro)
[Fix Windows Update errors by using the DISM or System Update Readiness tool](https://support.microsoft.com/kb/947821)
diff --git a/windows/deployment/upgrade/quick-fixes.md b/windows/deployment/upgrade/quick-fixes.md
index 305917b360..01850db7f6 100644
--- a/windows/deployment/upgrade/quick-fixes.md
+++ b/windows/deployment/upgrade/quick-fixes.md
@@ -234,6 +234,6 @@ If you downloaded the SetupDiag.exe program to your computer, then copied it to
[Windows 10 FAQ for IT professionals](https://technet.microsoft.com/windows/dn798755.aspx)
[Windows 10 Enterprise system requirements](https://technet.microsoft.com/windows/dn798752.aspx)
-
[Windows 10 Specifications](https://www.microsoft.com/en-us/windows/Windows-10-specifications)
+
[Windows 10 Specifications](https://www.microsoft.com/windows/Windows-10-specifications)
[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro)
[Fix Windows Update errors by using the DISM or System Update Readiness tool](https://support.microsoft.com/kb/947821)
diff --git a/windows/deployment/upgrade/resolution-procedures.md b/windows/deployment/upgrade/resolution-procedures.md
index 34e22a7ab7..15c4156866 100644
--- a/windows/deployment/upgrade/resolution-procedures.md
+++ b/windows/deployment/upgrade/resolution-procedures.md
@@ -504,7 +504,7 @@ This error has more than one possible cause. Attempt [quick fixes](quick-fixes.m
| 0xC1900200 |
Setup.exe has detected that the machine does not meet the minimum system requirements. |
-Ensure the system you are trying to upgrade meets the minimum system requirements.
See Windows 10 specifications for information. |
+Ensure the system you are trying to upgrade meets the minimum system requirements.
See Windows 10 specifications for information. |
@@ -524,14 +524,14 @@ This error has more than one possible cause. Attempt [quick fixes](quick-fixes.m
| 0x80190001 |
An unexpected error was encountered while attempting to download files required for upgrade. |
-To resolve this issue, download and run the media creation tool. See Download windows 10.
+ | To resolve this issue, download and run the media creation tool. See Download windows 10.
|
| 0x80246007 |
The update was not downloaded successfully. |
Attempt other methods of upgrading the operating system.
-Download and run the media creation tool. See Download windows 10.
+Download and run the media creation tool. See Download windows 10.
Attempt to upgrade using .ISO or USB.
Note: Windows 10 Enterprise isn’t available in the media creation tool. For more information, go to the Volume Licensing Service Center.
|
@@ -640,7 +640,7 @@ Download and run the media creation tool. See Windows 10 Specifications and verify the computer meets minimum requirements.
+See Windows 10 Specifications and verify the computer meets minimum requirements.
Review logs for [compatibility information](https://blogs.technet.microsoft.com/askcore/2016/01/21/using-the-windows-10-compatibility-reports-to-understand-upgrade-issues/). |
0x80070004 - 0x3000D
@@ -766,6 +766,6 @@ Also see the following sequential list of modern setup (mosetup) error codes wit
[Windows 10 FAQ for IT professionals](https://technet.microsoft.com/windows/dn798755.aspx)
[Windows 10 Enterprise system requirements](https://technet.microsoft.com/windows/dn798752.aspx)
-
[Windows 10 Specifications](https://www.microsoft.com/en-us/windows/Windows-10-specifications)
+
[Windows 10 Specifications](https://www.microsoft.com/windows/Windows-10-specifications)
[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro)
[Fix Windows Update errors by using the DISM or System Update Readiness tool](https://support.microsoft.com/kb/947821)
diff --git a/windows/deployment/upgrade/resolve-windows-10-upgrade-errors.md b/windows/deployment/upgrade/resolve-windows-10-upgrade-errors.md
index af24d3c075..3a7f854132 100644
--- a/windows/deployment/upgrade/resolve-windows-10-upgrade-errors.md
+++ b/windows/deployment/upgrade/resolve-windows-10-upgrade-errors.md
@@ -58,7 +58,7 @@ See the following topics in this article:
[Windows 10 FAQ for IT professionals](https://technet.microsoft.com/windows/dn798755.aspx)
[Windows 10 Enterprise system requirements](https://technet.microsoft.com/windows/dn798752.aspx)
-
[Windows 10 Specifications](https://www.microsoft.com/en-us/windows/Windows-10-specifications)
+
[Windows 10 Specifications](https://www.microsoft.com/windows/Windows-10-specifications)
[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro)
[Fix Windows Update errors by using the DISM or System Update Readiness tool](https://support.microsoft.com/kb/947821)
diff --git a/windows/deployment/upgrade/setupdiag.md b/windows/deployment/upgrade/setupdiag.md
index a34a0b7891..0a503b2010 100644
--- a/windows/deployment/upgrade/setupdiag.md
+++ b/windows/deployment/upgrade/setupdiag.md
@@ -213,7 +213,7 @@ Each rule name and its associated unique rule identifier are listed with a descr
8. CompatBlockedApplicationAutoUninstall – BEBA5BC6-6150-413E-8ACE-5E1EC8D34DD5
- This rule indicates there is an application that needs to be uninstalled before setup can continue.
9. CompatBlockedApplicationDismissable - EA52620B-E6A0-4BBC-882E-0686605736D9
- - When running setup in /quiet mode, there are dismissible application messages that turn into blocks unless the command line also specifies “/compat /ignore warning”. This rule indicates setup was executed in /quiet mode but there is an application dismissible block message that have prevented setup from continuing.
+ - When running setup in /quiet mode, there are dismissible application messages that turn into blocks unless the command line also specifies “/compat ignorewarning”. This rule indicates setup was executed in /quiet mode but there is an application dismissible block message that have prevented setup from continuing.
10. CompatBlockedApplicationManualUninstall - 9E912E5F-25A5-4FC0-BEC1-CA0EA5432FF4
- This rule indicates that an application without an Add/Remove Programs entry, is present on the system and blocking setup from continuing. This typically requires manual removal of the files associated with this application to continue.
11. HardblockDeviceOrDriver - ED3AEFA1-F3E2-4F33-8A21-184ADF215B1B
@@ -334,54 +334,54 @@ Each rule name and its associated unique rule identifier are listed with a descr
06/19/2019 - SetupDiag v1.5.0.0 is released with 60 rules, as a standalone tool available from the Download Center.
- - All date and time outputs are updated to localized format per user request.
- - Added setup Operation and Phase information to /verbose log.
- - Added last Setup Operation and last Setup Phase information to most rules where it make sense (see new output below).
- - Performance improvement in searching setupact.logs to determine correct log to parse.
- - Added SetupDiag version number to text report (xml and json always had it).
- - Added "no match" reports for xml and json per user request.
- - Formatted Json output for easy readability.
- - Performance improvements when searching for setup logs; this should be much faster now.
- - Added 7 new rules: PlugInComplianceBlock, PreReleaseWimMountDriverFound, WinSetupBootFilterFailure, WimMountDriverIssue, DISMImageSessionFailure, FindEarlyDownlevelError, and FindSPFatalError. See the [Rules](#rules) section above for more information.
- - Diagnostic information is now output to the registry at **HKLM\SYSTEM\Setup\MoSetup\Volatile\SetupDiag**
- - The **/AddReg** command was added to toggle registry output. This setting is off by default for offline mode, and on by default for online mode. The command has no effect for online mode and enables registry output for offline mode.
- - This registry key is deleted as soon as SetupDiag is run a second time, and replaced with current data, so it’s always up to date.
- - This registry key also gets deleted when a new update instance is invoked.
- - For an example, see [Sample registry key](#sample-registry-key).
+- All date and time outputs are updated to localized format per user request.
+- Added setup Operation and Phase information to /verbose log.
+- Added last Setup Operation and last Setup Phase information to most rules where it make sense (see new output below).
+- Performance improvement in searching setupact.logs to determine correct log to parse.
+- Added SetupDiag version number to text report (xml and json always had it).
+- Added "no match" reports for xml and json per user request.
+- Formatted Json output for easy readability.
+- Performance improvements when searching for setup logs; this should be much faster now.
+- Added 7 new rules: PlugInComplianceBlock, PreReleaseWimMountDriverFound, WinSetupBootFilterFailure, WimMountDriverIssue, DISMImageSessionFailure, FindEarlyDownlevelError, and FindSPFatalError. See the [Rules](#rules) section above for more information.
+- Diagnostic information is now output to the registry at **HKLM\SYSTEM\Setup\MoSetup\Volatile\SetupDiag**
+ - The **/AddReg** command was added to toggle registry output. This setting is off by default for offline mode, and on by default for online mode. The command has no effect for online mode and enables registry output for offline mode.
+ - This registry key is deleted as soon as SetupDiag is run a second time, and replaced with current data, so it’s always up to date.
+ - This registry key also gets deleted when a new update instance is invoked.
+ - For an example, see [Sample registry key](#sample-registry-key).
05/17/2019 - SetupDiag v1.4.1.0 is released with 53 rules, as a standalone tool available from the Download Center.
- - This release dds the ability to find and diagnose reset and recovery failures (Push Button Reset).
+- This release dds the ability to find and diagnose reset and recovery failures (Push Button Reset).
12/18/2018 - SetupDiag v1.4.0.0 is released with 53 rules, as a standalone tool available from the Download Center.
- - This release includes major improvements in rule processing performance: ~3x faster rule processing performance!
- - The FindDownlevelFailure rule is up to 10x faster.
- - New rules have been added to analyze failures upgrading to Windows 10 version 1809.
- - A new help link is available for resolving servicing stack failures on the down-level OS when the rule match indicates this type of failure.
- - Removed the need to specify /Mode parameter. Now if you specify /LogsPath, it automatically assumes offline mode.
- - Some functional and output improvements were made for several rules.
+- This release includes major improvements in rule processing performance: ~3x faster rule processing performance!
+ - The FindDownlevelFailure rule is up to 10x faster.
+- New rules have been added to analyze failures upgrading to Windows 10 version 1809.
+- A new help link is available for resolving servicing stack failures on the down-level OS when the rule match indicates this type of failure.
+- Removed the need to specify /Mode parameter. Now if you specify /LogsPath, it automatically assumes offline mode.
+- Some functional and output improvements were made for several rules.
07/16/2018 - SetupDiag v1.3.1 is released with 44 rules, as a standalone tool available from the Download Center.
- - This release fixes a problem that can occur when running SetupDiag in online mode on a computer that produces a setupmem.dmp file, but does not have debugger binaries installed.
+- This release fixes a problem that can occur when running SetupDiag in online mode on a computer that produces a setupmem.dmp file, but does not have debugger binaries installed.
07/10/2018 - SetupDiag v1.30 is released with 44 rules, as a standalone tool available from the Download Center.
- - Bug fix for an over-matched plug-in rule. The rule will now correctly match only critical (setup failure) plug-in issues.
- - New feature: Ability to output logs in JSON and XML format.
- - Use "/Format:xml" or "/Format:json" command line parameters to specify the new output format. See [sample logs](#sample-logs) at the bottom of this topic.
- - If the “/Format:xml” or “/Format:json” parameter is omitted, the log output format will default to text.
- - New Feature: Where possible, specific instructions are now provided in rule output to repair the identified error. For example, instructions are provided to remediate known blocking issues such as uninstalling an incompatible app or freeing up space on the system drive.
- - 3 new rules added: AdvancedInstallerFailed, MigrationAbortedDueToPluginFailure, DISMAddPackageFailed.
+- Bug fix for an over-matched plug-in rule. The rule will now correctly match only critical (setup failure) plug-in issues.
+- New feature: Ability to output logs in JSON and XML format.
+ - Use "/Format:xml" or "/Format:json" command line parameters to specify the new output format. See [sample logs](#sample-logs) at the bottom of this topic.
+ - If the “/Format:xml” or “/Format:json” parameter is omitted, the log output format will default to text.
+- New Feature: Where possible, specific instructions are now provided in rule output to repair the identified error. For example, instructions are provided to remediate known blocking issues such as uninstalling an incompatible app or freeing up space on the system drive.
+- 3 new rules added: AdvancedInstallerFailed, MigrationAbortedDueToPluginFailure, DISMAddPackageFailed.
05/30/2018 - SetupDiag v1.20 is released with 41 rules, as a standalone tool available from the Download Center.
- - Fixed a bug in device install failure detection in online mode.
- - Changed SetupDiag to work without an instance of setupact.log. Previously, SetupDiag required at least one setupact.log to operate. This change enables the tool to analyze update failures that occur prior to calling SetupHost.
- - Telemetry is refactored to only send the rule name and GUID (or “NoRuleMatched” if no rule is matched) and the Setup360 ReportId. This change assures data privacy during rule processing.
+- Fixed a bug in device install failure detection in online mode.
+- Changed SetupDiag to work without an instance of setupact.log. Previously, SetupDiag required at least one setupact.log to operate. This change enables the tool to analyze update failures that occur prior to calling SetupHost.
+- Telemetry is refactored to only send the rule name and GUID (or “NoRuleMatched” if no rule is matched) and the Setup360 ReportId. This change assures data privacy during rule processing.
05/02/2018 - SetupDiag v1.10 is released with 34 rules, as a standalone tool available from the Download Center.
- - A performance enhancment has been added to result in faster rule processing.
- - Rules output now includes links to support articles, if applicable.
- - SetupDiag now provides the path and name of files that it is processing.
- - You can now run SetupDiag by simply clicking on it and then examining the output log file.
- - An output log file is now always created, whether or not a rule was matched.
+- A performance enhancment has been added to result in faster rule processing.
+- Rules output now includes links to support articles, if applicable.
+- SetupDiag now provides the path and name of files that it is processing.
+- You can now run SetupDiag by simply clicking on it and then examining the output log file.
+- An output log file is now always created, whether or not a rule was matched.
03/30/2018 - SetupDiag v1.00 is released with 26 rules, as a standalone tool available from the Download Center.
diff --git a/windows/deployment/upgrade/submit-errors.md b/windows/deployment/upgrade/submit-errors.md
index 6f6bde4fba..64716a73e7 100644
--- a/windows/deployment/upgrade/submit-errors.md
+++ b/windows/deployment/upgrade/submit-errors.md
@@ -29,7 +29,7 @@ This topic describes how to submit problems with a Windows 10 upgrade to Microso
## About the Feedback Hub
-The Feedback Hub app lets you tell Microsoft about any problems you run in to while using Windows 10 and send suggestions to help us improve your Windows experience. Previously, you could only use the Feedback Hub if you were in the Windows Insider Program. Now anyone can use this tool. You can download the Feedback Hub app from the Microsoft Store [here](https://www.microsoft.com/en-us/store/p/feedback-hub/9nblggh4r32n?SilentAuth=1&wa=wsignin1.0).
+The Feedback Hub app lets you tell Microsoft about any problems you run in to while using Windows 10 and send suggestions to help us improve your Windows experience. Previously, you could only use the Feedback Hub if you were in the Windows Insider Program. Now anyone can use this tool. You can download the Feedback Hub app from the Microsoft Store [here](https://www.microsoft.com/store/p/feedback-hub/9nblggh4r32n?SilentAuth=1&wa=wsignin1.0).
The Feedback Hub requires Windows 10 or Windows 10 mobile. If you are having problems upgrading from an older version of Windows to Windows 10, you can use the Feedback Hub to submit this information, but you must collect the log files from the legacy operating system and then attach these files to your feedback using a device that is running Windows 10. If you are upgrading to Windows 10 from a previous verion of Windows 10, the Feedback Hub will collect log files automatically.
diff --git a/windows/deployment/upgrade/troubleshoot-upgrade-errors.md b/windows/deployment/upgrade/troubleshoot-upgrade-errors.md
index b252ff670a..c9509188a3 100644
--- a/windows/deployment/upgrade/troubleshoot-upgrade-errors.md
+++ b/windows/deployment/upgrade/troubleshoot-upgrade-errors.md
@@ -92,6 +92,6 @@ WIM = Windows image (Microsoft)
[Windows 10 FAQ for IT professionals](https://technet.microsoft.com/windows/dn798755.aspx)
[Windows 10 Enterprise system requirements](https://technet.microsoft.com/windows/dn798752.aspx)
-
[Windows 10 Specifications](https://www.microsoft.com/en-us/windows/Windows-10-specifications)
+
[Windows 10 Specifications](https://www.microsoft.com/windows/Windows-10-specifications)
[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro)
[Fix Windows Update errors by using the DISM or System Update Readiness tool](https://support.microsoft.com/kb/947821)
diff --git a/windows/deployment/upgrade/upgrade-error-codes.md b/windows/deployment/upgrade/upgrade-error-codes.md
index f06c6fb87b..0dd0d042c6 100644
--- a/windows/deployment/upgrade/upgrade-error-codes.md
+++ b/windows/deployment/upgrade/upgrade-error-codes.md
@@ -154,6 +154,6 @@ For example: An extend code of **0x4000D**, represents a problem during phase 4
[Windows 10 FAQ for IT professionals](https://technet.microsoft.com/windows/dn798755.aspx)
[Windows 10 Enterprise system requirements](https://technet.microsoft.com/windows/dn798752.aspx)
-
[Windows 10 Specifications](https://www.microsoft.com/en-us/windows/Windows-10-specifications)
+
[Windows 10 Specifications](https://www.microsoft.com/windows/Windows-10-specifications)
[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro)
[Fix Windows Update errors by using the DISM or System Update Readiness tool](https://support.microsoft.com/kb/947821)
diff --git a/windows/deployment/upgrade/upgrade-readiness-requirements.md b/windows/deployment/upgrade/upgrade-readiness-requirements.md
index 3078890be7..582f5bb732 100644
--- a/windows/deployment/upgrade/upgrade-readiness-requirements.md
+++ b/windows/deployment/upgrade/upgrade-readiness-requirements.md
@@ -31,7 +31,7 @@ If you need to update user computers to Windows 7 SP1 or Windows 8.1, use Window
> [!NOTE]
> Upgrade Readiness is designed to best support in-place upgrades. In-place upgrades do not support migrations from BIOS to UEFI or from 32-bit to 64-bit architecture. If you need to migrate computers in these scenarios, use the wipe-and-reload method. Upgrade Readiness insights are still valuable in this scenario, however, you can ignore in-place upgrade specific guidance.
-See [Windows 10 Specifications](https://www.microsoft.com/en-US/windows/windows-10-specifications) for additional information about computer system requirements.
+See [Windows 10 Specifications](https://www.microsoft.com/windows/windows-10-specifications) for additional information about computer system requirements.
### Windows 10
diff --git a/windows/deployment/upgrade/windows-10-edition-upgrades.md b/windows/deployment/upgrade/windows-10-edition-upgrades.md
index 72345c3d54..d683bd63b3 100644
--- a/windows/deployment/upgrade/windows-10-edition-upgrades.md
+++ b/windows/deployment/upgrade/windows-10-edition-upgrades.md
@@ -138,7 +138,7 @@ Downgrading from Enterprise
- Upgrade edition: **Enterprise**
- Valid downgrade paths: **Pro, Pro for Workstations, Pro Education, Education**
-You can move directly from Enterprise to any valid destination edition. In this example, downgrading to Pro for Workstations, Pro Education, or Education requires an additional activation key to supersede the firmware-embedded Pro key. In all cases, you must comply with [Microsoft License Terms](https://www.microsoft.com/useterms). If you are a volume license customer, refer to the [Microsoft Volume Licensing Reference Guide](https://www.microsoft.com/en-us/download/details.aspx?id=11091).
+You can move directly from Enterprise to any valid destination edition. In this example, downgrading to Pro for Workstations, Pro Education, or Education requires an additional activation key to supersede the firmware-embedded Pro key. In all cases, you must comply with [Microsoft License Terms](https://www.microsoft.com/useterms). If you are a volume license customer, refer to the [Microsoft Volume Licensing Reference Guide](https://www.microsoft.com/download/details.aspx?id=11091).
### Supported Windows 10 downgrade paths
diff --git a/windows/deployment/upgrade/windows-10-upgrade-paths.md b/windows/deployment/upgrade/windows-10-upgrade-paths.md
index c1cf90e9a0..c5cc2c3ba1 100644
--- a/windows/deployment/upgrade/windows-10-upgrade-paths.md
+++ b/windows/deployment/upgrade/windows-10-upgrade-paths.md
@@ -24,7 +24,7 @@ ms.topic: article
This topic provides a summary of available upgrade paths to Windows 10. You can upgrade to Windows 10 from Windows 7 or a later operating system. This includes upgrading from one release of Windows 10 to later release of Windows 10. Migrating from one edition of Windows 10 to a different edition of the same release is also supported. For more information about migrating to a different edition of Windows 10, see [Windows 10 edition upgrade](windows-10-edition-upgrades.md).
-> **Windows 10 version upgrade**: You can directly upgrade a supported version of Windows 10 to a newer version of Windows 10, even if it involves skipping versions. Work with your account representative if your current version of Windows is out of support. See the [Windows lifecycle fact sheet](https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet) for availability and service information.
+> **Windows 10 version upgrade**: You can directly upgrade any semi-annual channel version of Windows 10 to a newer, supported semi-annual channel version of Windows 10, even if it involves skipping versions. Work with your account representative if your current version of Windows is out of support. See the [Windows lifecycle fact sheet](https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet) for availability and service information.
>
> **Windows 10 LTSC/LTSB**: Due to [naming changes](https://docs.microsoft.com/windows/deployment/update/waas-overview#naming-changes), product versions that display Windows 10 LTSB will be replaced with Windows 10 LTSC in subsequent feature updates. The term LTSC is used here to refer to all long term servicing versions.
>
@@ -34,7 +34,7 @@ This topic provides a summary of available upgrade paths to Windows 10. You can
>
> **Windows 8.0**: You cannot upgrade directly from Windows 8.0 to Windows 10. To upgrade from Windows 8.0, you must first install the [Windows 8.1 update](https://support.microsoft.com/help/15356/windows-8-install-update-kb-2919355).
-✔ = Full upgrade is supported including personal data, settings, and applications.
+✔ = Full upgrade is supported including personal data, settings, and applications.
D = Edition downgrade; personal data is maintained, applications and settings are removed.
diff --git a/windows/deployment/upgrade/windows-error-reporting.md b/windows/deployment/upgrade/windows-error-reporting.md
index f0f918ef4a..77f1ae38b0 100644
--- a/windows/deployment/upgrade/windows-error-reporting.md
+++ b/windows/deployment/upgrade/windows-error-reporting.md
@@ -68,6 +68,6 @@ The event will also contain links to log files that can be used to perform a det
[Windows 10 FAQ for IT professionals](https://technet.microsoft.com/windows/dn798755.aspx)
[Windows 10 Enterprise system requirements](https://technet.microsoft.com/windows/dn798752.aspx)
-[Windows 10 Specifications](https://www.microsoft.com/en-us/windows/Windows-10-specifications)
+[Windows 10 Specifications](https://www.microsoft.com/windows/Windows-10-specifications)
[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro)
[Fix Windows Update errors by using the DISM or System Update Readiness tool](https://support.microsoft.com/kb/947821)
diff --git a/windows/deployment/vda-subscription-activation.md b/windows/deployment/vda-subscription-activation.md
index 1ed8638bcc..7ba4d88b2d 100644
--- a/windows/deployment/vda-subscription-activation.md
+++ b/windows/deployment/vda-subscription-activation.md
@@ -29,13 +29,13 @@ Deployment instructions are provided for the following scenarios:
- VMs must be running Windows 10 Pro, version 1703 (also known as the Creator's Update) or later.
- VMs must be Active Directory-joined or Azure Active Directory (AAD)-joined.
- VMs must be generation 1.
-- VMs must hosted by a [Qualified Multitenant Hoster](https://www.microsoft.com/en-us/CloudandHosting/licensing_sca.aspx) (QMTH).
+- VMs must hosted by a [Qualified Multitenant Hoster](https://www.microsoft.com/CloudandHosting/licensing_sca.aspx) (QMTH).
## Activation
### Scenario 1
- The VM is running Windows 10, version 1803 or later.
-- The VM is hosted in Azure or another [Qualified Multitenant Hoster](https://www.microsoft.com/en-us/CloudandHosting/licensing_sca.aspx) (QMTH).
+- The VM is hosted in Azure or another [Qualified Multitenant Hoster](https://www.microsoft.com/CloudandHosting/licensing_sca.aspx) (QMTH).
When a user with VDA rights signs in to the VM using their AAD credentials, the VM is automatically stepped-up to Enterprise and activated. There is no need to perform Windows 10 Pro activation. This eliminates the need to maintain KMS or MAK in the qualifying cloud infrastructure.
@@ -45,7 +45,7 @@ Deployment instructions are provided for the following scenarios:
[Inherited Activation](https://docs.microsoft.com/windows/deployment/windows-10-subscription-activation#inherited-activation) is enabled. All VMs created by a user with a Windows 10 E3 or E5 license are automatically activated independent of whether a user signs in with a local account or using an Azure Active Directory account.
### Scenario 3
-- The VM is running Windows 10, version 1703 or 1709, or the hoster is not an authorized [QMTH](https://www.microsoft.com/en-us/CloudandHosting/licensing_sca.aspx) partner.
+- The VM is running Windows 10, version 1703 or 1709, or the hoster is not an authorized [QMTH](https://www.microsoft.com/CloudandHosting/licensing_sca.aspx) partner.
In this scenario, the underlying Windows 10 Pro license must be activated prior to Subscription Activation of Windows 10 Enterprise. Activation is accomplished using a Windows 10 Pro Generic Volume License Key (GVLK) and a Volume License KMS activation server provided by the hoster. Alternatively, a KMS activation server on your corporate network can be used if you have configured a private connection, such as [ExpressRoute](https://azure.microsoft.com/services/expressroute/) or [VPN Gateway](https://azure.microsoft.com/services/vpn-gateway/).
diff --git a/windows/deployment/windows-10-enterprise-e3-overview.md b/windows/deployment/windows-10-enterprise-e3-overview.md
index 6b45127282..e241930c1e 100644
--- a/windows/deployment/windows-10-enterprise-e3-overview.md
+++ b/windows/deployment/windows-10-enterprise-e3-overview.md
@@ -43,9 +43,9 @@ When you purchase Windows 10 Enterprise E3 via a partner, you get the followin
How does the Windows 10 Enterprise E3 in CSP program compare with Microsoft Volume Licensing Agreements and Software Assurance?
-- [Microsoft Volume Licensing](https://www.microsoft.com/en-us/licensing/default.aspx) programs are broader in scope, providing organizations with access to licensing for all Microsoft products.
+- [Microsoft Volume Licensing](https://www.microsoft.com/licensing/default.aspx) programs are broader in scope, providing organizations with access to licensing for all Microsoft products.
-- [Software Assurance](https://www.microsoft.com/en-us/Licensing/licensing-programs/software-assurance-default.aspx) provides organizations with the following categories of benefits:
+- [Software Assurance](https://www.microsoft.com/Licensing/licensing-programs/software-assurance-default.aspx) provides organizations with the following categories of benefits:
- **Deployment and management**. These benefits include planning services, Microsoft Desktop Optimization (MDOP), Windows Virtual Desktop Access Rights, Windows-To-Go Rights, Windows Roaming Use Rights, Windows Thin PC, Windows RT Companion VDA Rights, and other benefits.
diff --git a/windows/deployment/windows-10-media.md b/windows/deployment/windows-10-media.md
index 66d5049d31..e46fc7ed24 100644
--- a/windows/deployment/windows-10-media.md
+++ b/windows/deployment/windows-10-media.md
@@ -77,7 +77,7 @@ Features on demand is a method for adding features to your Windows 10 image that
## Related topics
-[Microsoft Volume Licensing Service Center (VLSC) User Guide](https://www.microsoft.com/en-us/download/details.aspx?id=10585)
+[Microsoft Volume Licensing Service Center (VLSC) User Guide](https://www.microsoft.com/download/details.aspx?id=10585)
[Volume Activation for Windows 10](https://docs.microsoft.com/windows/deployment/volume-activation/volume-activation-windows-10)
[Plan for volume activation](https://docs.microsoft.com/windows/deployment/volume-activation/plan-for-volume-activation-client)
[VLSC downloads FAQ](https://www.microsoft.com/Licensing/servicecenter/Help/FAQDetails.aspx?id=150)
diff --git a/windows/deployment/windows-10-poc-mdt.md b/windows/deployment/windows-10-poc-mdt.md
index ddb22cbbbb..87eea0e845 100644
--- a/windows/deployment/windows-10-poc-mdt.md
+++ b/windows/deployment/windows-10-poc-mdt.md
@@ -75,7 +75,7 @@ MDT performs deployments by using the Lite Touch Installation (LTI), Zero Touch
Set-ItemProperty -Path $AdminKey -Name “IsInstalled” -Value 0
Stop-Process -Name Explorer
```
-2. Download and install the 64-bit version of [Microsoft Deployment Toolkit (MDT)](https://www.microsoft.com/en-us/download/details.aspx?id=54259) on SRV1 using the default options. As of the writing of this guide, the latest version of MDT was 8443.
+2. Download and install the 64-bit version of [Microsoft Deployment Toolkit (MDT)](https://www.microsoft.com/download/details.aspx?id=54259) on SRV1 using the default options. As of the writing of this guide, the latest version of MDT was 8443.
3. Download and install the latest [Windows Assessment and Deployment Kit (ADK)](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit) on SRV1 using the default installation settings. The current version is the ADK for Windows 10, version 1703. Installation might require several minutes to acquire all components.
@@ -638,7 +638,7 @@ Deployment logs are available on the client computer in the following locations:
You can review WDS events in Event Viewer at: **Applications and Services Logs > Microsoft > Windows > Deployment-Services-Diagnostics**. By default, only the **Admin** and **Operational** logs are enabled. To enable other logs, right-click the log and then click **Enable Log**.
-Tools for viewing log files, and to assist with troubleshooting are available in the [System Center 2012 R2 Configuration Manager Toolkit](https://www.microsoft.com/en-us/download/details.aspx?id=50012)
+Tools for viewing log files, and to assist with troubleshooting are available in the [System Center 2012 R2 Configuration Manager Toolkit](https://www.microsoft.com/download/details.aspx?id=50012)
Also see [Resolve Windows 10 upgrade errors](upgrade/resolve-windows-10-upgrade-errors.md) for detailed troubleshooting information.
diff --git a/windows/deployment/windows-10-poc-sc-config-mgr.md b/windows/deployment/windows-10-poc-sc-config-mgr.md
index d9a32a74be..929b097d58 100644
--- a/windows/deployment/windows-10-poc-sc-config-mgr.md
+++ b/windows/deployment/windows-10-poc-sc-config-mgr.md
@@ -72,7 +72,7 @@ Topics and procedures in this guide are summarized in the following table. An es
>If the request to add features fails, retry the installation by typing the command again.
-2. Download [SQL Server 2014 SP2](https://www.microsoft.com/en-us/evalcenter/evaluate-sql-server-2014-sp2) from the Microsoft Evaluation Center as an .ISO file on the Hyper-V host computer. Save the file to the **C:\VHD** directory.
+2. Download [SQL Server 2014 SP2](https://www.microsoft.com/evalcenter/evaluate-sql-server-2014-sp2) from the Microsoft Evaluation Center as an .ISO file on the Hyper-V host computer. Save the file to the **C:\VHD** directory.
3. When you have downloaded the file **SQLServer2014SP2-FullSlipstream-x64-ENU.iso** and placed it in the C:\VHD directory, type the following command at an elevated Windows PowerShell prompt on the Hyper-V host:
```
@@ -126,7 +126,7 @@ Topics and procedures in this guide are summarized in the following table. An es
Stop-Process -Name Explorer
```
-2. Download [System Center Configuration Manager and Endpoint Protection](https://www.microsoft.com/en-us/evalcenter/evaluate-system-center-configuration-manager-and-endpoint-protection) on SRV1 (download the executable file anywhere on SRV1), double-click the file, enter **C:\configmgr** for **Unzip to folder**, and click **Unzip**. The C:\configmgr directory will be automatically created. Click **OK** and then close the **WinZip Self-Extractor** dialog box when finished.
+2. Download [System Center Configuration Manager and Endpoint Protection](https://www.microsoft.com/evalcenter/evaluate-system-center-configuration-manager-and-endpoint-protection) on SRV1 (download the executable file anywhere on SRV1), double-click the file, enter **C:\configmgr** for **Unzip to folder**, and click **Unzip**. The C:\configmgr directory will be automatically created. Click **OK** and then close the **WinZip Self-Extractor** dialog box when finished.
3. Before starting the installation, verify that WMI is working on SRV1. See the following examples. Verify that **Running** is displayed under **Status** and **True** is displayed next to **TcpTestSucceeded**:
diff --git a/windows/deployment/windows-10-poc.md b/windows/deployment/windows-10-poc.md
index b12b80110d..7a4fb81ed7 100644
--- a/windows/deployment/windows-10-poc.md
+++ b/windows/deployment/windows-10-poc.md
@@ -224,9 +224,9 @@ Starting with Windows 8, the host computer’s microprocessor must support secon
### Download VHD and ISO files
-When you have completed installation of Hyper-V on the host computer, begin configuration of Hyper-V by downloading VHD and ISO files to the Hyper-V host. These files will be used to create the VMs used in the lab. Before you can download VHD and ISO files, you will need to register and sign in to the [TechNet Evaluation Center](https://www.microsoft.com/en-us/evalcenter/) using your Microsoft account.
+When you have completed installation of Hyper-V on the host computer, begin configuration of Hyper-V by downloading VHD and ISO files to the Hyper-V host. These files will be used to create the VMs used in the lab. Before you can download VHD and ISO files, you will need to register and sign in to the [TechNet Evaluation Center](https://www.microsoft.com/evalcenter/) using your Microsoft account.
-1. Create a directory on your Hyper-V host named **C:\VHD** and download a single [Windows Server 2012 R2 VHD](https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2012-r2) from the TechNet Evaluation Center to the **C:\VHD** directory.
+1. Create a directory on your Hyper-V host named **C:\VHD** and download a single [Windows Server 2012 R2 VHD](https://www.microsoft.com/evalcenter/evaluate-windows-server-2012-r2) from the TechNet Evaluation Center to the **C:\VHD** directory.
**Important**: This guide assumes that VHDs are stored in the **C:\VHD** directory on the Hyper-V host. If you use a different directory to store VHDs, you must adjust steps in this guide appropriately.
@@ -238,7 +238,7 @@ When you have completed installation of Hyper-V on the host computer, begin conf
2. Download the file to the **C:\VHD** directory. When the download is complete, rename the VHD file that you downloaded to **2012R2-poc-1.vhd**. This is done to make the filename simple to recognize and type.
3. Copy the VHD to a second file also in the **C:\VHD** directory and name this VHD **2012R2-poc-2.vhd**.
-4. Download the [Windows 10 Enterprise ISO](https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprise) from the TechNet Evaluation Center to the **C:\VHD** directory on your Hyper-V host.
+4. Download the [Windows 10 Enterprise ISO](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise) from the TechNet Evaluation Center to the **C:\VHD** directory on your Hyper-V host.
>During registration, you must specify the type, version, and language of installation media to download. In this example, a Windows 10 Enterprise, 64 bit, English ISO is chosen. You can choose a different version if desired. **Note: The evaluation version of Windows 10 does not support in-place upgrade**.
diff --git a/windows/deployment/windows-10-subscription-activation.md b/windows/deployment/windows-10-subscription-activation.md
index 198a7e9aa2..11ef79b654 100644
--- a/windows/deployment/windows-10-subscription-activation.md
+++ b/windows/deployment/windows-10-subscription-activation.md
@@ -105,8 +105,8 @@ If devices are running Windows 7 or Windows 8.1, see [New Windows 10 upgrade ben
With Windows 10 Enterprise or Windows 10 Education, businesses and institutions can benefit from enterprise-level security and control. Previously, only organizations with a Microsoft Volume Licensing Agreement could deploy Windows 10 Education or Windows 10 Enterprise to their users. Now, with Windows 10 Enterprise E3 or A3 and E5 or A5 being available as a true online service, it is available in select channels thus allowing all organizations to take advantage of enterprise-grade Windows 10 features. To compare Windows 10 editions and review pricing, see the following:
-- [Compare Windows 10 editions](https://www.microsoft.com/en-us/windowsforbusiness/compare)
-- [Enterprise Mobility + Security Pricing Options](https://www.microsoft.com/en-us/cloud-platform/enterprise-mobility-security-pricing)
+- [Compare Windows 10 editions](https://www.microsoft.com/windowsforbusiness/compare)
+- [Enterprise Mobility + Security Pricing Options](https://www.microsoft.com/cloud-platform/enterprise-mobility-security-pricing)
You can benefit by moving to Windows as an online service in the following ways:
@@ -215,12 +215,12 @@ See [Deploy Windows 10 Enterprise licenses](deploy-enterprise-licenses.md).
## Virtual Desktop Access (VDA)
-Subscriptions to Windows 10 Enterprise are also available for virtualized clients. Windows 10 Enterprise E3 and E5 are available for Virtual Desktop Access (VDA) in Windows Azure or in another [qualified multitenant hoster](https://www.microsoft.com/en-us/CloudandHosting/licensing_sca.aspx).
+Subscriptions to Windows 10 Enterprise are also available for virtualized clients. Windows 10 Enterprise E3 and E5 are available for Virtual Desktop Access (VDA) in Windows Azure or in another [qualified multitenant hoster](https://www.microsoft.com/CloudandHosting/licensing_sca.aspx).
Virtual machines (VMs) must be configured to enable Windows 10 Enterprise subscriptions for VDA. Active Directory-joined and Azure Active Directory-joined clients are supported. See [Enable VDA for Subscription Activation](vda-subscription-activation.md).
## Related topics
[Connect domain-joined devices to Azure AD for Windows 10 experiences](https://azure.microsoft.com/documentation/articles/active-directory-azureadjoin-devices-group-policy/)
-[Compare Windows 10 editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare)
-[Windows for business](https://www.microsoft.com/en-us/windowsforbusiness/default.aspx)
+[Compare Windows 10 editions](https://www.microsoft.com/WindowsForBusiness/Compare)
+[Windows for business](https://www.microsoft.com/windowsforbusiness/default.aspx)
diff --git a/windows/deployment/windows-autopilot/add-devices.md b/windows/deployment/windows-autopilot/add-devices.md
index a8090d1812..6d2dc8e363 100644
--- a/windows/deployment/windows-autopilot/add-devices.md
+++ b/windows/deployment/windows-autopilot/add-devices.md
@@ -26,7 +26,7 @@ Before deploying a device using Windows Autopilot, the device must be registered
## OEM registration
-When you purchase devices directly from an OEM, that OEM can automatically register the devices with the Windows Autopilot deployment service. For the list of OEMs that currently support this, see the "Participant device manufacturers" section of the [Windows Autopilot information page](https://www.microsoft.com/en-us/windowsforbusiness/windows-autopilot).
+When you purchase devices directly from an OEM, that OEM can automatically register the devices with the Windows Autopilot deployment service. For the list of OEMs that currently support this, see the "Participant device manufacturers" section of the [Windows Autopilot information page](https://www.microsoft.com/windowsforbusiness/windows-autopilot).
Before an OEM can register devices on behalf of an organization, the organization must grant the OEM permission to do so. This process is initiated by the OEM, with approval granted by an Azure AD global administrator from the organization. See the "Customer Consent" section of the [Customer consent page](https://docs.microsoft.com/windows/deployment/windows-autopilot/registration-auth#oem-authorization).
diff --git a/windows/deployment/windows-autopilot/autopilot-support.md b/windows/deployment/windows-autopilot/autopilot-support.md
index b3e02db65f..b93ac48408 100644
--- a/windows/deployment/windows-autopilot/autopilot-support.md
+++ b/windows/deployment/windows-autopilot/autopilot-support.md
@@ -7,7 +7,8 @@ ms.mktglfcycl: deploy
ms.localizationpriority: low
ms.sitesec: library
ms.pagetype: deploy
-audience: itpro
author: greg-lindsay
+audience: itpro
+author: greg-lindsay
ms.author: greglin
ms.date: 10/31/2018
ms.reviewer:
@@ -29,9 +30,8 @@ Before contacting the resources listed below for Windows Autopilot-related issue
|---------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| OEM or Channel Partner registering devices as a CSP (via MPC) | Use the help resources available in MPC. Whether you are a named partner or a channel partner (distributor, reseller, SI, etc.), if you’re a CSP registering Autopilot devices through MPC (either manually or through the MPC API), your first-line of support should be the help resources within MPC. |
| OEM registering devices using OEM Direct API | Contact MSOEMOPS@microsoft.com. Response time depends on priority:
Low – 120 hours
Normal – 72 hours
High – 24 hours
Immediate – 4 hours |
-| OEM with a PFE | Reach out to your PFE for support. |
| Partners with a Partner Technology Strategist (PTS) | If you have a PTS (whether you’re a CSP or not), you may first try working through your account’s specific Partner Technology Strategist (PTS). |
-| Partners with an Ecosystem PM | If you have an Ecosystem PM (whether you’re a CSP or not), you may first try working through your account’s specific Ecosystem PM, especially for technical issues. |
+| Partners with an Ecosystem PM | If you have an Ecosystem PM (whether you’re a CSP or not), you may first try working through your account’s specific Ecosystem PM, especially for technical issues. To learn more about Ecosystem PMs and the services they offer, contact epsoinfo@microsoft.com. |
| Enterprise customers | Contact your Technical Account Manager (TAM), or Account Technology Strategist (ATS), or Customer Service Support (CSS) representative. |
| End-user | Contact your IT administrator. |
| Microsoft Partner Center (MPC) users | Use the [help resources](https://partner.microsoft.com/support) available in MPC. |
diff --git a/windows/deployment/windows-autopilot/bitlocker.md b/windows/deployment/windows-autopilot/bitlocker.md
index 7e85f7099d..234ae17fcc 100644
--- a/windows/deployment/windows-autopilot/bitlocker.md
+++ b/windows/deployment/windows-autopilot/bitlocker.md
@@ -1,54 +1,54 @@
----
-title: Setting the BitLocker encryption algorithm for Autopilot devices
-ms.reviewer:
-manager: laurawi
-description: Microsoft Intune provides a comprehensive set of configuration options to manage BitLocker on Windows 10 devices.
-keywords: Autopilot, BitLocker, encryption, 256-bit, Windows 10
-ms.prod: w10
-ms.technology: Windows
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: deploy
-ms.localizationpriority: medium
-audience: itpro
author: greg-lindsay
-ms.author: greglin
-ms.collection: M365-modern-desktop
-ms.topic: article
----
-
-
-# Setting the BitLocker encryption algorithm for Autopilot devices
-
-**Applies to**
-
-- Windows 10
-
-With Windows Autopilot, you can configure the BitLocker encryption settings to be applied before automatic encryption is started. This ensures that the default encrytion algorithm is not applied automatically when this is not the desired setting. Other BitLocker policies that must be applied prior to encryption can also be delivered before automatic BitLocker encryption begins.
-
-The BitLocker encryption algorithm is used when BitLocker is first enabled, and sets the strength to which full volume encryption should occur. Available encryption algorithms are: AES-CBC 128-bit, AES-CBC 256-bit, XTS-AES 128-bit or XTS-AES 256-bit encryption. The default value is XTS-AES 128-bit encryption. See [BitLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/bitlocker-csp) for information about the recommended encryption algorithms to use.
-
-To ensure the desired BitLocker encryption algorithm is set before automatic encryption occurs for Autopilot devices:
-
-1. Configure the [encryption method settings](https://docs.microsoft.com/intune/endpoint-protection-windows-10#windows-encryption) in the Windows 10 Endpoint Protection profile to the desired encryption algorithm.
-2. [Assign the policy](https://docs.microsoft.com/intune/device-profile-assign) to your Autopilot device group.
- - **IMPORTANT**: The encryption policy must be assigned to **devices** in the group, not users.
-3. Enable the Autopilot [Enrollment Status Page](https://docs.microsoft.com/windows/deployment/windows-autopilot/enrollment-status) (ESP) for these devices.
- - **IMPORTANT**: If the ESP is not enabled, the policy will not apply before encryption starts.
-
-An example of Microsoft Intune Windows Encryption settings is shown below.
-
- 
-
-Note that a device which is encrypted automatically will need to be decrypted prior to changing the encyption algorithm.
-
-The settings are available under Device Configuration -> Profiles -> Create profile -> Platform = Windows 10 and later, Profile type = Endpoint protection -> Configure -> Windows Encryption -> BitLocker base settings, Configure encryption methods = Enable.
-
-Note: It is also recommended to set Windows Encryption -> Windows Settings -> Encrypt = **Require**.
-
-## Requirements
-
-Windows 10, version 1809 or later.
-
-## See also
-
-[Bitlocker overview](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-overview)
+---
+title: Setting the BitLocker encryption algorithm for Autopilot devices
+ms.reviewer:
+manager: laurawi
+description: Microsoft Intune provides a comprehensive set of configuration options to manage BitLocker on Windows 10 devices.
+keywords: Autopilot, BitLocker, encryption, 256-bit, Windows 10
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: deploy
+ms.localizationpriority: medium
+audience: itpro
+author: greg-lindsay
+ms.author: greglin
+ms.collection: M365-modern-desktop
+ms.topic: article
+---
+
+
+# Setting the BitLocker encryption algorithm for Autopilot devices
+
+**Applies to**
+
+- Windows 10
+
+With Windows Autopilot, you can configure the BitLocker encryption settings to be applied before automatic encryption is started. This ensures that the default encrytion algorithm is not applied automatically when this is not the desired setting. Other BitLocker policies that must be applied prior to encryption can also be delivered before automatic BitLocker encryption begins.
+
+The BitLocker encryption algorithm is used when BitLocker is first enabled, and sets the strength to which full volume encryption should occur. Available encryption algorithms are: AES-CBC 128-bit, AES-CBC 256-bit, XTS-AES 128-bit or XTS-AES 256-bit encryption. The default value is XTS-AES 128-bit encryption. See [BitLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/bitlocker-csp) for information about the recommended encryption algorithms to use.
+
+To ensure the desired BitLocker encryption algorithm is set before automatic encryption occurs for Autopilot devices:
+
+1. Configure the [encryption method settings](https://docs.microsoft.com/intune/endpoint-protection-windows-10#windows-encryption) in the Windows 10 Endpoint Protection profile to the desired encryption algorithm.
+2. [Assign the policy](https://docs.microsoft.com/intune/device-profile-assign) to your Autopilot device group.
+ - **IMPORTANT**: The encryption policy must be assigned to **devices** in the group, not users.
+3. Enable the Autopilot [Enrollment Status Page](https://docs.microsoft.com/windows/deployment/windows-autopilot/enrollment-status) (ESP) for these devices.
+ - **IMPORTANT**: If the ESP is not enabled, the policy will not apply before encryption starts.
+
+An example of Microsoft Intune Windows Encryption settings is shown below.
+
+ 
+
+Note that a device which is encrypted automatically will need to be decrypted prior to changing the encyption algorithm.
+
+The settings are available under Device Configuration -> Profiles -> Create profile -> Platform = Windows 10 and later, Profile type = Endpoint protection -> Configure -> Windows Encryption -> BitLocker base settings, Configure encryption methods = Enable.
+
+Note: It is also recommended to set Windows Encryption -> Windows Settings -> Encrypt = **Require**.
+
+## Requirements
+
+Windows 10, version 1809 or later.
+
+## See also
+
+[Bitlocker overview](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-overview)
diff --git a/windows/deployment/windows-autopilot/enrollment-status.md b/windows/deployment/windows-autopilot/enrollment-status.md
index 6c5c118bec..11a393eada 100644
--- a/windows/deployment/windows-autopilot/enrollment-status.md
+++ b/windows/deployment/windows-autopilot/enrollment-status.md
@@ -1,39 +1,39 @@
----
-title: Windows Autopilot Enrollment Status Page
-ms.reviewer:
-manager: laurawi
-description: Gives an overview of the Enrollment Status Page capabilities, configuration
-keywords: Autopilot Plug and Forget, Windows 10
-ms.prod: w10
-ms.technology: Windows
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: deploy
-ms.localizationpriority: medium
-audience: itpro
author: greg-lindsay
-ms.author: greglin
-ms.collection: M365-modern-desktop
-ms.topic: article
----
-
-
-# Windows Autopilot Enrollment Status Page
-
-**Applies to**
-
-- Windows 10, version 1803 and later
-
-The Enrollment Status Page (ESP) displays the status of the complete device configuration process when an MDM managed user signs into a device for the very first time. The ESP will help users understand the progress of device provisioning and ensures the device has met the organizations desired state before the user can access the desktop for the first time.
-
-The ESP will track the installation of applications, security policies, certificates and network connections. Within Intune, an administrator can deploy ESP profiles to a licensed Intune user and configure specific settings within the ESP profile; a few of these settings are: force the installation of specified applications, allow users to collect troubleshooting logs, specify what a user can do if device setup fails. For more information, see how to set up the [Enrollment Status Page in Intune](https://docs.microsoft.com/intune/windows-enrollment-status).
-
- 
-
-
-## More information
-
-For more information on configuring the Enrollment Status Page, see the [Microsoft Intune documentation](https://docs.microsoft.com/intune/windows-enrollment-status).
-For details about the underlying implementation, see the [FirstSyncStatus details in the DMClient CSP documentation](https://docs.microsoft.com/windows/client-management/mdm/dmclient-csp).
-For more information about blocking for app installation:
-- [Blocking for app installation using Enrollment Status Page](https://blogs.technet.microsoft.com/mniehaus/2018/12/06/blocking-for-app-installation-using-enrollment-status-page/).
-- [Support Tip: Office C2R installation is now tracked during ESP](https://techcommunity.microsoft.com/t5/Intune-Customer-Success/Support-Tip-Office-C2R-installation-is-now-tracked-during-ESP/ba-p/295514).
+---
+title: Windows Autopilot Enrollment Status Page
+ms.reviewer:
+manager: laurawi
+description: Gives an overview of the Enrollment Status Page capabilities, configuration
+keywords: Autopilot Plug and Forget, Windows 10
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: deploy
+ms.localizationpriority: medium
+audience: itpro
+author: greg-lindsay
+ms.author: greglin
+ms.collection: M365-modern-desktop
+ms.topic: article
+---
+
+
+# Windows Autopilot Enrollment Status Page
+
+**Applies to**
+
+- Windows 10, version 1803 and later
+
+The Enrollment Status Page (ESP) displays the status of the complete device configuration process when an MDM managed user signs into a device for the very first time. The ESP will help users understand the progress of device provisioning and ensures the device has met the organizations desired state before the user can access the desktop for the first time.
+
+The ESP will track the installation of applications, security policies, certificates and network connections. Within Intune, an administrator can deploy ESP profiles to a licensed Intune user and configure specific settings within the ESP profile; a few of these settings are: force the installation of specified applications, allow users to collect troubleshooting logs, specify what a user can do if device setup fails. For more information, see how to set up the [Enrollment Status Page in Intune](https://docs.microsoft.com/intune/windows-enrollment-status).
+
+ 
+
+
+## More information
+
+For more information on configuring the Enrollment Status Page, see the [Microsoft Intune documentation](https://docs.microsoft.com/intune/windows-enrollment-status).
+For details about the underlying implementation, see the [FirstSyncStatus details in the DMClient CSP documentation](https://docs.microsoft.com/windows/client-management/mdm/dmclient-csp).
+For more information about blocking for app installation:
+- [Blocking for app installation using Enrollment Status Page](https://blogs.technet.microsoft.com/mniehaus/2018/12/06/blocking-for-app-installation-using-enrollment-status-page/).
+- [Support Tip: Office C2R installation is now tracked during ESP](https://techcommunity.microsoft.com/t5/Intune-Customer-Success/Support-Tip-Office-C2R-installation-is-now-tracked-during-ESP/ba-p/295514).
diff --git a/windows/deployment/windows-autopilot/existing-devices.md b/windows/deployment/windows-autopilot/existing-devices.md
index f514184445..e762a53ed9 100644
--- a/windows/deployment/windows-autopilot/existing-devices.md
+++ b/windows/deployment/windows-autopilot/existing-devices.md
@@ -1,315 +1,317 @@
----
-title: Windows Autopilot for existing devices
-description: Windows Autopilot deployment
-keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune
-ms.reviewer: mniehaus
-manager: laurawi
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.localizationpriority: medium
-ms.sitesec: library
-ms.pagetype: deploy
-audience: itpro
author: greg-lindsay
-ms.author: greglin
-ms.collection: M365-modern-desktop
-ms.topic: article
----
-
-# Windows Autopilot for existing devices
-
-**Applies to: Windows 10**
-
-Modern desktop deployment with Windows Autopilot enables you to easily deploy the latest version of Windows 10 to your existing devices. The apps you need for work can be automatically installed. Your work profile is synchronized, so you can resume working right away.
-
-This topic describes how to convert Windows 7 or Windows 8.1 domain-joined computers to Windows 10 devices joined to either Azure Active Directory or Active Directory (Hybrid Azure AD Join) by using Windows Autopilot.
-
->[!NOTE]
->Windows Autopilot for existing devices only supports user-driven Azure Active Directory and Hybrid Azure AD profiles. Self-deploying profiles are not supported.
-
-## Prerequisites
-
-- System Center Configuration Manager Current Branch (1806) OR System Center Configuration Manager Technical Preview (1808)
-- The [Windows ADK](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit) 1803 or later
- - Note: Config Mgr 1806 or later is required to [support](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10#windows-10-adk) the Windows ADK 1809.
-- Assigned Microsoft Intune Licenses
-- Azure Active Directory Premium
-- Windows 10 version 1809 or later imported into Config Mgr as an Operating System Image
-
-## Procedures
-
-### Configure the Enrollment Status Page (optional)
-
-If desired, you can set up an [enrollment status page](https://docs.microsoft.com/windows/deployment/windows-autopilot/enrollment-status) for Autopilot using Intune.
-
-To enable and configure the enrollment and status page:
-
-1. Open [Intune in the Azure portal](https://aka.ms/intuneportal).
-2. Access **Intune > Device enrollment > Windows enrollment** and [Set up an enrollment status page](https://docs.microsoft.com/intune/windows-enrollment-status).
-3. Access **Azure Active Directory > Mobility (MDM and MAM) > Microsoft Intune** and [Configure automatic MDM enrollment](https://docs.microsoft.com/sccm/mdm/deploy-use/enroll-hybrid-windows#enable-windows-10-automatic-enrollment) and configure the MDM user scope for some or all users.
-
-See the following examples.
-
-
-
-
-### Create the JSON file
-
->[!TIP]
->To run the following commands on a computer running Windows Server 2012/2012 R2 or Windows 7/8.1, you must first download and install the [Windows Management Framework](https://www.microsoft.com/en-us/download/details.aspx?id=54616).
-
-1. On an Internet connected Windows PC or Server open an elevated Windows PowerShell command window
-2. Enter the following lines to install the necessary modules
-
- #### Install required modules
-
- ```powershell
- Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
- Install-Module AzureAD -Force
- Install-Module WindowsAutopilotIntune -Force
- ```
-
-3. Enter the following lines and provide Intune administrative credentials
- - In the following command, replace the example user principal name for Azure authentication (admin@M365x373186.onmicrosoft.com) with your user account. Be sure that the user account you specify has sufficient administrative rights.
-
- ```powershell
- Connect-AutopilotIntune -user admin@M365x373186.onmicrosoft.com
- ```
- The password for your account will be requested using a standard Azure AD form. Type your password and then click **Sign in**.
-
See the following example:
-
- 
-
- If this is the first time you’ve used the Intune Graph APIs, you’ll also be prompted to enable read and write permissions for Microsoft Intune PowerShell. To enable these permissions:
- - Select **Consent on behalf or your organization**
- - Click **Accept**
-
-4. Next, retrieve and display all the Autopilot profiles available in the specified Intune tenant in JSON format:
-
- #### Retrieve profiles in Autopilot for existing devices JSON format
-
- ```powershell
- Get-AutopilotProfile | ConvertTo-AutopilotConfigurationJSON
- ```
-
- See the following sample output: (use the horizontal scroll bar at the bottom to view long lines)
-
- PS C:\> Get-AutopilotProfile | ConvertTo-AutopilotConfigurationJSON
- {
- "CloudAssignedTenantId": "1537de22-988c-4e93-b8a5-83890f34a69b",
- "CloudAssignedForcedEnrollment": 1,
- "Version": 2049,
- "Comment_File": "Profile Autopilot Profile",
- "CloudAssignedAadServerData": "{\"ZeroTouchConfig\":{\"CloudAssignedTenantUpn\":\"\",\"ForcedEnrollment\":1,\"CloudAssignedTenantDomain\":\"M365x373186.onmicrosoft.com\"}}",
- "CloudAssignedTenantDomain": "M365x373186.onmicrosoft.com",
- "CloudAssignedDomainJoinMethod": 0,
- "CloudAssignedOobeConfig": 28,
- "ZtdCorrelationId": "7F9E6025-1E13-45F3-BF82-A3E8C5B59EAC"
- }
-
- Each profile is encapsulated within braces **{ }**. In the previous example, a single profile is displayed.
-
- See the following table for a description of properties used in the JSON file.
-
-
- | Property | Description |
- |------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
- | Version (number, optional) | The version number that identifies the format of the JSON file. For Windows 10 1809, the version specified must be 2049. |
- | CloudAssignedTenantId (guid, required) | The Azure Active Directory tenant ID that should be used. This is the GUID for the tenant, and can be found in properties of the tenant. The value should not include braces. |
- | CloudAssignedTenantDomain (string, required) | The Azure Active Directory tenant name that should be used, e.g. tenant.onmicrosoft.com. |
- | CloudAssignedOobeConfig (number, required) | This is a bitmap that shows which Autopilot settings were configured. Values include: SkipCortanaOptIn = 1, OobeUserNotLocalAdmin = 2, SkipExpressSettings = 4, SkipOemRegistration = 8, SkipEula = 16 |
- | CloudAssignedDomainJoinMethod (number, required) | This property specifies whether the device should join Azure Active Directory or Active Directory (Hybrid Azure AD Join). Values include: Active AD Join = 0, Hybrid Azure AD Join = 1 |
- | CloudAssignedForcedEnrollment (number, required) | Specifies that the device should require AAD Join and MDM enrollment.
0 = not required, 1 = required. |
- | ZtdCorrelationId (guid, required) | A unique GUID (without braces) that will be provided to Intune as part of the registration process. ZtdCorrelationId will be included in enrollment message as “OfflineAutoPilotEnrollmentCorrelator”. This attribute will be present only if the enrollment is taking place on a device registered with Zero Touch Provisioning via offline registration. |
- | CloudAssignedAadServerData (encoded JSON string, required) | An embedded JSON string used for branding. It requires AAD corp branding enabled.
Example value: "CloudAssignedAadServerData": "{\"ZeroTouchConfig\":{\"CloudAssignedTenantUpn\":\"\",\"CloudAssignedTenantDomain\":\"tenant.onmicrosoft.com\"}}" |
- | CloudAssignedDeviceName (string, optional) | The name automatically assigned to the computer. This follows the naming pattern convention that can be configured in Intune as part of the Autopilot profile, or can specify an explicit name to use. |
-
-
-5. The Autopilot profile must be saved as a JSON file in ASCII or ANSI format. Windows PowerShell defaults to Unicode format, so if you attempt to redirect output of the commands to a file, you must also specify the file format. For example, to save the file in ASCII format using Windows PowerShell, you can create a directory (ex: c:\Autopilot) and save the profile as shown below: (use the horizontal scroll bar at the bottom if needed to view the entire command string)
-
- ```powershell
- Get-AutopilotProfile | ConvertTo-AutopilotConfigurationJSON | Out-File c:\Autopilot\AutopilotConfigurationFile.json -Encoding ASCII
- ```
- **IMPORTANT**: The file name must be named **AutopilotConfigurationFile.json** in addition to being encoded as ASCII/ANSI.
-
- If preferred, you can save the profile to a text file and edit in Notepad. In Notepad, when you choose **Save as** you must select Save as type: **All Files** and choose ANSI from the drop-down list next to **Encoding**. See the following example.
-
- 
-
- After saving the file, move the file to a location suitable as an SCCM package source.
-
- >[!IMPORTANT]
- >Multiple JSON profile files can be used, but each must be named **AutopilotConfigurationFile.json** in order for OOBE to follow the Autopilot experience. The file also must be encoded as ANSI.
**Saving the file with Unicode or UTF-8 encoding or saving it with a different file name will cause Windows 10 OOBE to not follow the Autopilot experience**.
-
-
-### Create a package containing the JSON file
-
-1. In Configuration Manager, navigate to **\Software Library\Overview\Application Management\Packages**
-2. On the ribbon, click **Create Package**
-3. In the **Create Package and Program Wizard** enter the following **Package** and **Program Type** details:
- - Name: **Autopilot for existing devices config**
- - Select the **This package contains source files** checkbox
- - Source folder: Click **Browse** and specify a UNC path containing the AutopilotConfigurationFile.json file.
- - Click **OK** and then click **Next**.
- - Program Type: **Do not create a program**
-4. Click **Next** twice and then click **Close**.
-
-**NOTE**: If you change user-driven Autopilot profile settings in Intune at a later date, you must also update the JSON file and redistribute the associated Config Mgr package.
-
-### Create a target collection
-
->[!NOTE]
->You can also choose to reuse an existing collection
-
-1. Navigate to **\Assets and Compliance\Overview\Device Collections**
-2. On the ribbon, click **Create** and then click **Create Device Collection**
-3. In the **Create Device Collection Wizard** enter the following **General** details:
- - Name: **Autopilot for existing devices collection**
- - Comment: (optional)
- - Limiting collection: Click **Browse** and select **All Systems**
-
- >[!NOTE]
- >You can optionally choose to use an alternative collection for the limiting collection. The device to be upgraded must be running the ConfigMgr agent in the collection that you select.
-
-4. Click **Next**, then enter the following **Membership Rules** details:
- - Click **Add Rule** and specify either a direct or query based collection rule to add the target test Windows 7 devices to the new collection.
- - For example, if the hostname of the computer to be wiped and reloaded is PC-01 and you wish to use Name as the attribute, click **Add Rule > Direct Rule > (wizard opens) > Next** and then enter **PC-01** next to **Value**. Click **Next** and then choose **PC-01** under **Resources**. See the following examples.
-
- 
- 
-
-5. Continue creating the device collection with the default settings:
- - Use incremental updates for this collection: not selected
- - Schedule a full update on this collection: default
- - Click **Next** twice and then click **Close**
-
-### Create an Autopilot for existing devices Task Sequence
-
->[!TIP]
->The next procedure requires a boot image for Windows 10 1803 or later. Review your available boot images in the Configuration Manager conole under **Software Library\Overview\Operating Systems\Boot images** and verify that the **OS Version** is 10.0.17134.1 (Windows 10 version 1803) or later.
-
-1. In the Configuration Manager console, navigate to **\Software Library\Overview\Operating Systems\Task Sequences**
-2. On the Home ribbon, click **Create Task Sequence**
-3. Select **Install an existing image package** and then click **Next**
-4. In the Create Task Sequence Wizard enter the following details:
- - Task sequence name: **Autopilot for existing devices**
- - Boot Image: Click **Browse** and select a Windows 10 boot image (1803 or later)
- - Click **Next**, and then on the Install Windows page click **Browse** and select a Windows 10 **Image package** and **Image Index**, version 1803 or later.
- - Select the **Partition and format the target computer before installing the operating system** checkbox.
- - Select or clear **Configure task sequence for use with Bitlocker** checkbox. This is optional.
- - Product Key and Server licensing mode: Optionally enter a product key and server licencing mode.
- - Randomly generate the local administrator password and disable the account on all support platforms (recommended): Optional.
- - Enable the account and specify the local administrator password: Optional.
- - Click **Next**, and then on the Configure Network page choose **Join a workgroup** and specify a name (ex: workgroup) next to **Workgroup**.
-
- >[!IMPORTANT]
- >The Autopilot for existing devices task sequence will run the **Prepare Windows for capture** action which calls the System Preparation Tool (syeprep). This action will fail if the target machine is joined to a domain.
-
-5. Click **Next** and then click **Next** again to accept the default settings on the Install Configuration Manager page.
-6. On the State Migration page, enter the following details:
- - Clear the **Capture user settings and files** checkbox.
- - Clear the **Capture network settings** checkbox.
- - Clear the **Capture Microsoft Windows settings** checkbox.
- - Click **Next**.
-
- >[!NOTE]
- >The Autopilot for existing devices task sequence will result in an Azure Active Directory Domain (AAD) joined device. The User State Migration Toolkit (USMT) does not support AAD joined or hybrid AAD joined devices.
-
-7. On the Include Updates page, choose one of the three available options. This selection is optional.
-8. On the Install applications page, add applications if desired. This is optional.
-9. Click **Next**, confirm settings, click **Next** and then click **Close**.
-10. Right click on the Autopilot for existing devices task sequence and click **Edit**.
-11. In the Task Sequence Editor under the **Install Operating System** group, click the **Apply Windows Settings** action.
-12. Click **Add** then click **New Group**.
-13. Change the group **Name** from **New Group** to **Autopilot for existing devices config**.
-14. Click **Add**, point to **General**, then click **Run Command Line**.
-15. Verify that the **Run Command Line** step is nested under the **Autopilot for existing devices config** group.
-16. Change the **Name** to **Apply Autopilot for existing devices config file** and paste the following into the **Command line** text box, and then click **Apply**:
- ```
- cmd.exe /c xcopy AutopilotConfigurationFile.json %OSDTargetSystemDrive%\windows\provisioning\Autopilot\ /c
- ```
- - **AutopilotConfigurationFile.json** must be the name of the JSON file present in the Autopilot for existing devices package created earlier.
-
-17. In the **Apply Autopilot for existing devices config file** step, select the **Package** checkbox and then click **Browse**.
-18. Select the **Autopilot for existing devices config** package created earlier and click **OK**. An example is displayed at the end of this section.
-19. Under the **Setup Operating System** group, click the **Setup Windows and Configuration Manager** task.
-20. Click **Add** and then click **New Group**.
-21. Change **Name** from **New Group** to **Prepare Device for Autopilot**
-22. Verify that the **Prepare Device for Autopilot** group is the very last step in the task sequence. Use the **Move Down** button if necessary.
-23. With the **Prepare device for Autopilot** group selected, click **Add**, point to **Images** and then click **Prepare ConfigMgr Client for Capture**.
-24. Add a second step by clicking **Add**, pointing to **Images**, and clicking **Prepare Windows for Capture**. Use the following settings in this step:
- - Automatically build mass storage driver list: **Not selected**
- - Do not reset activation flag: **Not selected**
- - Shutdown the computer after running this action: **Optional**
-
- 
-
-25. Click **OK** to close the Task Sequence Editor.
-
-### Deploy Content to Distribution Points
-
-Next, ensure that all content required for the task sequence is deployed to distribution points.
-
-1. Right click on the **Autopilot for existing devices** task sequence and click **Distribute Content**.
-2. Click **Next**, **Review the content to distribute** and then click **Next**.
-3. On the Specify the content distribution page click **Add** to specify either a **Distribution Point** or **Distribution Point Group**.
-4. On the a Add Distribution Points or Add Distribution Point Groups wizard specify content destinations that will allow the JSON file to be retrieved when the task sequence is run.
-5. When you are finished specifying content distribution, click **Next** twice then click **Close**.
-
-### Deploy the OS with Autopilot Task Sequence
-
-1. Right click on the **Autopilot for existing devices** task sequence and then click **Deploy**.
-2. In the Deploy Software Wizard enter the following **General** and **Deployment Settings** details:
- - Task Sequence: **Autopilot for existing devices**.
- - Collection: Click **Browse** and then select **Autopilot for existing devices collection** (or another collection you prefer).
- - Click **Next** to specify **Deployment Settings**.
- - Action: **Install**.
- - Purpose: **Available**. You can optionally select **Required** instead of **Available**. This is not recommended during the test owing to the potential impact of inadvertent configurations.
- - Make available to the following: **Only Configuration Manager Clients**. Note: Choose the option here that is relevant for the context of your test. If the target client does not have the Configuration Manager agent or Windows installed, you will need to select an option that includes PXE or Boot Media.
- - Click **Next** to specify **Scheduling** details.
- - Schedule when this deployment will become available: Optional
- - Schedule when this deployment will expire: Optional
- - Click **Next** to specify **User Experience** details.
- - Show Task Sequence progress: Selected.
- - Software Installation: Not selected.
- - System restart (if required to complete the installation): Not selected.
- - Commit changed at deadline or during a maintenance windows (requires restart): Optional.
- - Allow task sequence to be run for client on the Internet: Optional
- - Click **Next** to specify **Alerts** details.
- - Create a deployment alert when the threshold is higher than the following: Optional.
- - Click **Next** to specify **Distribution Points** details.
- - Deployment options: **Download content locally when needed by the running task sequence**.
- - When no local distribution point is available use a remote distribution point: Optional.
- - Allow clients to use distribution points from the default site boundary group: Optional.
- - Click **Next**, confirm settings, click **Next**, and then click **Close**.
-
-### Complete the client installation process
-
-1. Open the Software Center on the target Windows 7 or Windows 8.1 client computer. You can do this by clicking Start and then typing **software** in the search box, or by typing the following at a Windows PowerShell or command prompt:
-
- ```
- C:\Windows\CCM\SCClient.exe
- ```
-
-2. In the software library, select **Autopilot for existing devices** and click **Install**. See the following example:
-
- 
- 
-
-The Task Sequence will download content, reboot, format the drives and install Windows 10. The device will then proceed to be prepared for Autopilot. Once the task sequence has completed the device will boot into OOBE and provide an Autopilot experience.
-
-
-
-
-
->[!NOTE]
->If joining devices to Active Directory (Hybrid Azure AD Join), it is necessary to create a Domain Join device configuration profile that is targeted to "All Devices" (since there is no Azure Active Directory device object for the computer to do group-based targeting). See [User-driven mode for hybrid Azure Active Directory join](https://docs.microsoft.com/windows/deployment/windows-autopilot/user-driven#user-driven-mode-for-hybrid-azure-active-directory-join) for more information.
-
-### Register the device for Windows Autopilot
-
-Devices provisioned through Autopilot will only receive the guided OOBE Autopilot experience on first boot. Once updated to Windows 10, the device should be registered to ensure a continued Autopilot experience in the event of PC reset. You can enable automatic registration for an assigned group using the **Convert all targeted devices to Autopilot** setting. For more information, see [Create an Autopilot deployment profile](https://docs.microsoft.com/intune/enrollment-autopilot#create-an-autopilot-deployment-profile).
-
-Also see [Adding devices to Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-autopilot/add-devices).
-
-## Speeding up the deployment process
-
-To remove around 20 minutes from the deployment process, see Michael Niehaus's blog with instructions for [Speeding up Windows Autopilot for existing devices](https://blogs.technet.microsoft.com/mniehaus/2018/10/25/speeding-up-windows-autopilot-for-existing-devices/).
+---
+title: Windows Autopilot for existing devices
+description: Windows Autopilot deployment
+keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune
+ms.reviewer: mniehaus
+manager: laurawi
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.localizationpriority: medium
+ms.sitesec: library
+ms.pagetype: deploy
+audience: itpro
+author: greg-lindsay
+ms.author: greglin
+ms.collection: M365-modern-desktop
+ms.topic: article
+---
+
+# Windows Autopilot for existing devices
+
+**Applies to: Windows 10**
+
+Modern desktop deployment with Windows Autopilot enables you to easily deploy the latest version of Windows 10 to your existing devices. The apps you need for work can be automatically installed. Your work profile is synchronized, so you can resume working right away.
+
+This topic describes how to convert Windows 7 or Windows 8.1 domain-joined computers to Windows 10 devices joined to either Azure Active Directory or Active Directory (Hybrid Azure AD Join) by using Windows Autopilot.
+
+>[!NOTE]
+>Windows Autopilot for existing devices only supports user-driven Azure Active Directory and Hybrid Azure AD profiles. Self-deploying profiles are not supported.
+
+## Prerequisites
+
+- System Center Configuration Manager Current Branch (1806) OR System Center Configuration Manager Technical Preview (1808)
+- The [Windows ADK](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit) 1803 or later
+ - Note: Config Mgr 1806 or later is required to [support](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10#windows-10-adk) the Windows ADK 1809.
+- Assigned Microsoft Intune Licenses
+- Azure Active Directory Premium
+- Windows 10 version 1809 or later imported into Config Mgr as an Operating System Image
+ - **Important**: See [Known issues](known-issues.md) if you are using Windows 10 1903 with Configuration Manager’s built-in **Windows Autopilot existing device** task sequence template. Currently, one of the steps in this task sequence must be edited to work properly with Windows 10, version 1903.
+
+## Procedures
+
+### Configure the Enrollment Status Page (optional)
+
+If desired, you can set up an [enrollment status page](https://docs.microsoft.com/windows/deployment/windows-autopilot/enrollment-status) for Autopilot using Intune.
+
+To enable and configure the enrollment and status page:
+
+1. Open [Intune in the Azure portal](https://aka.ms/intuneportal).
+2. Access **Intune > Device enrollment > Windows enrollment** and [Set up an enrollment status page](https://docs.microsoft.com/intune/windows-enrollment-status).
+3. Access **Azure Active Directory > Mobility (MDM and MAM) > Microsoft Intune** and [Configure automatic MDM enrollment](https://docs.microsoft.com/sccm/mdm/deploy-use/enroll-hybrid-windows#enable-windows-10-automatic-enrollment) and configure the MDM user scope for some or all users.
+
+See the following examples.
+
+
+
+
+### Create the JSON file
+
+>[!TIP]
+>To run the following commands on a computer running Windows Server 2012/2012 R2 or Windows 7/8.1, you must first download and install the [Windows Management Framework](https://www.microsoft.com/download/details.aspx?id=54616).
+
+1. On an Internet connected Windows PC or Server open an elevated Windows PowerShell command window
+2. Enter the following lines to install the necessary modules
+
+ #### Install required modules
+
+ ```powershell
+ Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
+ Install-Module AzureAD -Force
+ Install-Module WindowsAutopilotIntune -Force
+ ```
+
+3. Enter the following lines and provide Intune administrative credentials
+ - In the following command, replace the example user principal name for Azure authentication (admin@M365x373186.onmicrosoft.com) with your user account. Be sure that the user account you specify has sufficient administrative rights.
+
+ ```powershell
+ Connect-AutopilotIntune -user admin@M365x373186.onmicrosoft.com
+ ```
+ The password for your account will be requested using a standard Azure AD form. Type your password and then click **Sign in**.
+
See the following example:
+
+ 
+
+ If this is the first time you’ve used the Intune Graph APIs, you’ll also be prompted to enable read and write permissions for Microsoft Intune PowerShell. To enable these permissions:
+ - Select **Consent on behalf or your organization**
+ - Click **Accept**
+
+4. Next, retrieve and display all the Autopilot profiles available in the specified Intune tenant in JSON format:
+
+ #### Retrieve profiles in Autopilot for existing devices JSON format
+
+ ```powershell
+ Get-AutopilotProfile | ConvertTo-AutopilotConfigurationJSON
+ ```
+
+ See the following sample output: (use the horizontal scroll bar at the bottom to view long lines)
+
+ PS C:\> Get-AutopilotProfile | ConvertTo-AutopilotConfigurationJSON
+ {
+ "CloudAssignedTenantId": "1537de22-988c-4e93-b8a5-83890f34a69b",
+ "CloudAssignedForcedEnrollment": 1,
+ "Version": 2049,
+ "Comment_File": "Profile Autopilot Profile",
+ "CloudAssignedAadServerData": "{\"ZeroTouchConfig\":{\"CloudAssignedTenantUpn\":\"\",\"ForcedEnrollment\":1,\"CloudAssignedTenantDomain\":\"M365x373186.onmicrosoft.com\"}}",
+ "CloudAssignedTenantDomain": "M365x373186.onmicrosoft.com",
+ "CloudAssignedDomainJoinMethod": 0,
+ "CloudAssignedOobeConfig": 28,
+ "ZtdCorrelationId": "7F9E6025-1E13-45F3-BF82-A3E8C5B59EAC"
+ }
+
+ Each profile is encapsulated within braces **{ }**. In the previous example, a single profile is displayed.
+
+ See the following table for a description of properties used in the JSON file.
+
+
+ | Property | Description |
+ |------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+ | Version (number, optional) | The version number that identifies the format of the JSON file. For Windows 10 1809, the version specified must be 2049. |
+ | CloudAssignedTenantId (guid, required) | The Azure Active Directory tenant ID that should be used. This is the GUID for the tenant, and can be found in properties of the tenant. The value should not include braces. |
+ | CloudAssignedTenantDomain (string, required) | The Azure Active Directory tenant name that should be used, e.g. tenant.onmicrosoft.com. |
+ | CloudAssignedOobeConfig (number, required) | This is a bitmap that shows which Autopilot settings were configured. Values include: SkipCortanaOptIn = 1, OobeUserNotLocalAdmin = 2, SkipExpressSettings = 4, SkipOemRegistration = 8, SkipEula = 16 |
+ | CloudAssignedDomainJoinMethod (number, required) | This property specifies whether the device should join Azure Active Directory or Active Directory (Hybrid Azure AD Join). Values include: Active AD Join = 0, Hybrid Azure AD Join = 1 |
+ | CloudAssignedForcedEnrollment (number, required) | Specifies that the device should require AAD Join and MDM enrollment.
0 = not required, 1 = required. |
+ | ZtdCorrelationId (guid, required) | A unique GUID (without braces) that will be provided to Intune as part of the registration process. ZtdCorrelationId will be included in enrollment message as “OfflineAutoPilotEnrollmentCorrelator”. This attribute will be present only if the enrollment is taking place on a device registered with Zero Touch Provisioning via offline registration. |
+ | CloudAssignedAadServerData (encoded JSON string, required) | An embedded JSON string used for branding. It requires AAD corp branding enabled.
Example value: "CloudAssignedAadServerData": "{\"ZeroTouchConfig\":{\"CloudAssignedTenantUpn\":\"\",\"CloudAssignedTenantDomain\":\"tenant.onmicrosoft.com\"}}" |
+ | CloudAssignedDeviceName (string, optional) | The name automatically assigned to the computer. This follows the naming pattern convention that can be configured in Intune as part of the Autopilot profile, or can specify an explicit name to use. |
+
+
+5. The Autopilot profile must be saved as a JSON file in ASCII or ANSI format. Windows PowerShell defaults to Unicode format, so if you attempt to redirect output of the commands to a file, you must also specify the file format. For example, to save the file in ASCII format using Windows PowerShell, you can create a directory (ex: c:\Autopilot) and save the profile as shown below: (use the horizontal scroll bar at the bottom if needed to view the entire command string)
+
+ ```powershell
+ Get-AutopilotProfile | ConvertTo-AutopilotConfigurationJSON | Out-File c:\Autopilot\AutopilotConfigurationFile.json -Encoding ASCII
+ ```
+ **IMPORTANT**: The file name must be named **AutopilotConfigurationFile.json** in addition to being encoded as ASCII/ANSI.
+
+ If preferred, you can save the profile to a text file and edit in Notepad. In Notepad, when you choose **Save as** you must select Save as type: **All Files** and choose ANSI from the drop-down list next to **Encoding**. See the following example.
+
+ 
+
+ After saving the file, move the file to a location suitable as an SCCM package source.
+
+ >[!IMPORTANT]
+ >Multiple JSON profile files can be used, but each must be named **AutopilotConfigurationFile.json** in order for OOBE to follow the Autopilot experience. The file also must be encoded as ANSI.
**Saving the file with Unicode or UTF-8 encoding or saving it with a different file name will cause Windows 10 OOBE to not follow the Autopilot experience**.
+
+
+### Create a package containing the JSON file
+
+1. In Configuration Manager, navigate to **\Software Library\Overview\Application Management\Packages**
+2. On the ribbon, click **Create Package**
+3. In the **Create Package and Program Wizard** enter the following **Package** and **Program Type** details:
+ - Name: **Autopilot for existing devices config**
+ - Select the **This package contains source files** checkbox
+ - Source folder: Click **Browse** and specify a UNC path containing the AutopilotConfigurationFile.json file.
+ - Click **OK** and then click **Next**.
+ - Program Type: **Do not create a program**
+4. Click **Next** twice and then click **Close**.
+
+**NOTE**: If you change user-driven Autopilot profile settings in Intune at a later date, you must also update the JSON file and redistribute the associated Config Mgr package.
+
+### Create a target collection
+
+>[!NOTE]
+>You can also choose to reuse an existing collection
+
+1. Navigate to **\Assets and Compliance\Overview\Device Collections**
+2. On the ribbon, click **Create** and then click **Create Device Collection**
+3. In the **Create Device Collection Wizard** enter the following **General** details:
+ - Name: **Autopilot for existing devices collection**
+ - Comment: (optional)
+ - Limiting collection: Click **Browse** and select **All Systems**
+
+ >[!NOTE]
+ >You can optionally choose to use an alternative collection for the limiting collection. The device to be upgraded must be running the ConfigMgr agent in the collection that you select.
+
+4. Click **Next**, then enter the following **Membership Rules** details:
+ - Click **Add Rule** and specify either a direct or query based collection rule to add the target test Windows 7 devices to the new collection.
+ - For example, if the hostname of the computer to be wiped and reloaded is PC-01 and you wish to use Name as the attribute, click **Add Rule > Direct Rule > (wizard opens) > Next** and then enter **PC-01** next to **Value**. Click **Next** and then choose **PC-01** under **Resources**. See the following examples.
+
+ 
+ 
+
+5. Continue creating the device collection with the default settings:
+ - Use incremental updates for this collection: not selected
+ - Schedule a full update on this collection: default
+ - Click **Next** twice and then click **Close**
+
+### Create an Autopilot for existing devices Task Sequence
+
+>[!TIP]
+>The next procedure requires a boot image for Windows 10 1803 or later. Review your available boot images in the Configuration Manager conole under **Software Library\Overview\Operating Systems\Boot images** and verify that the **OS Version** is 10.0.17134.1 (Windows 10 version 1803) or later.
+
+1. In the Configuration Manager console, navigate to **\Software Library\Overview\Operating Systems\Task Sequences**
+2. On the Home ribbon, click **Create Task Sequence**
+3. Select **Install an existing image package** and then click **Next**
+4. In the Create Task Sequence Wizard enter the following details:
+ - Task sequence name: **Autopilot for existing devices**
+ - Boot Image: Click **Browse** and select a Windows 10 boot image (1803 or later)
+ - Click **Next**, and then on the Install Windows page click **Browse** and select a Windows 10 **Image package** and **Image Index**, version 1803 or later.
+ - Select the **Partition and format the target computer before installing the operating system** checkbox.
+ - Select or clear **Configure task sequence for use with Bitlocker** checkbox. This is optional.
+ - Product Key and Server licensing mode: Optionally enter a product key and server licensing mode.
+ - Randomly generate the local administrator password and disable the account on all support platforms (recommended): Optional.
+ - Enable the account and specify the local administrator password: Optional.
+ - Click **Next**, and then on the Configure Network page choose **Join a workgroup** and specify a name (ex: workgroup) next to **Workgroup**.
+
+ >[!IMPORTANT]
+ >The Autopilot for existing devices task sequence will run the **Prepare Windows for capture** action which calls the System Preparation Tool (syeprep). This action will fail if the target machine is joined to a domain.
+
+5. Click **Next** and then click **Next** again to accept the default settings on the Install Configuration Manager page.
+6. On the State Migration page, enter the following details:
+ - Clear the **Capture user settings and files** checkbox.
+ - Clear the **Capture network settings** checkbox.
+ - Clear the **Capture Microsoft Windows settings** checkbox.
+ - Click **Next**.
+
+ >[!NOTE]
+ >The Autopilot for existing devices task sequence will result in an Azure Active Directory Domain (AAD) joined device. The User State Migration Toolkit (USMT) does not support AAD joined or hybrid AAD joined devices.
+
+7. On the Include Updates page, choose one of the three available options. This selection is optional.
+8. On the Install applications page, add applications if desired. This is optional.
+9. Click **Next**, confirm settings, click **Next** and then click **Close**.
+10. Right click on the Autopilot for existing devices task sequence and click **Edit**.
+11. In the Task Sequence Editor under the **Install Operating System** group, click the **Apply Windows Settings** action.
+12. Click **Add** then click **New Group**.
+13. Change the group **Name** from **New Group** to **Autopilot for existing devices config**.
+14. Click **Add**, point to **General**, then click **Run Command Line**.
+15. Verify that the **Run Command Line** step is nested under the **Autopilot for existing devices config** group.
+16. Change the **Name** to **Apply Autopilot for existing devices config file** and paste the following into the **Command line** text box, and then click **Apply**:
+ ```
+ cmd.exe /c xcopy AutopilotConfigurationFile.json %OSDTargetSystemDrive%\windows\provisioning\Autopilot\ /c
+ ```
+ - **AutopilotConfigurationFile.json** must be the name of the JSON file present in the Autopilot for existing devices package created earlier.
+
+17. In the **Apply Autopilot for existing devices config file** step, select the **Package** checkbox and then click **Browse**.
+18. Select the **Autopilot for existing devices config** package created earlier and click **OK**. An example is displayed at the end of this section.
+19. Under the **Setup Operating System** group, click the **Setup Windows and Configuration Manager** task.
+20. Click **Add** and then click **New Group**.
+21. Change **Name** from **New Group** to **Prepare Device for Autopilot**
+22. Verify that the **Prepare Device for Autopilot** group is the very last step in the task sequence. Use the **Move Down** button if necessary.
+23. With the **Prepare device for Autopilot** group selected, click **Add**, point to **Images** and then click **Prepare ConfigMgr Client for Capture**.
+24. Add a second step by clicking **Add**, pointing to **Images**, and clicking **Prepare Windows for Capture**. Use the following settings in this step:
+ - Automatically build mass storage driver list: **Not selected**
+ - Do not reset activation flag: **Not selected**
+ - Shutdown the computer after running this action: **Optional**
+
+ 
+
+25. Click **OK** to close the Task Sequence Editor.
+
+### Deploy Content to Distribution Points
+
+Next, ensure that all content required for the task sequence is deployed to distribution points.
+
+1. Right click on the **Autopilot for existing devices** task sequence and click **Distribute Content**.
+2. Click **Next**, **Review the content to distribute** and then click **Next**.
+3. On the Specify the content distribution page click **Add** to specify either a **Distribution Point** or **Distribution Point Group**.
+4. On the a Add Distribution Points or Add Distribution Point Groups wizard specify content destinations that will allow the JSON file to be retrieved when the task sequence is run.
+5. When you are finished specifying content distribution, click **Next** twice then click **Close**.
+
+### Deploy the OS with Autopilot Task Sequence
+
+1. Right click on the **Autopilot for existing devices** task sequence and then click **Deploy**.
+2. In the Deploy Software Wizard enter the following **General** and **Deployment Settings** details:
+ - Task Sequence: **Autopilot for existing devices**.
+ - Collection: Click **Browse** and then select **Autopilot for existing devices collection** (or another collection you prefer).
+ - Click **Next** to specify **Deployment Settings**.
+ - Action: **Install**.
+ - Purpose: **Available**. You can optionally select **Required** instead of **Available**. This is not recommended during the test owing to the potential impact of inadvertent configurations.
+ - Make available to the following: **Only Configuration Manager Clients**. Note: Choose the option here that is relevant for the context of your test. If the target client does not have the Configuration Manager agent or Windows installed, you will need to select an option that includes PXE or Boot Media.
+ - Click **Next** to specify **Scheduling** details.
+ - Schedule when this deployment will become available: Optional
+ - Schedule when this deployment will expire: Optional
+ - Click **Next** to specify **User Experience** details.
+ - Show Task Sequence progress: Selected.
+ - Software Installation: Not selected.
+ - System restart (if required to complete the installation): Not selected.
+ - Commit changed at deadline or during a maintenance windows (requires restart): Optional.
+ - Allow task sequence to be run for client on the Internet: Optional
+ - Click **Next** to specify **Alerts** details.
+ - Create a deployment alert when the threshold is higher than the following: Optional.
+ - Click **Next** to specify **Distribution Points** details.
+ - Deployment options: **Download content locally when needed by the running task sequence**.
+ - When no local distribution point is available use a remote distribution point: Optional.
+ - Allow clients to use distribution points from the default site boundary group: Optional.
+ - Click **Next**, confirm settings, click **Next**, and then click **Close**.
+
+### Complete the client installation process
+
+1. Open the Software Center on the target Windows 7 or Windows 8.1 client computer. You can do this by clicking Start and then typing **software** in the search box, or by typing the following at a Windows PowerShell or command prompt:
+
+ ```
+ C:\Windows\CCM\SCClient.exe
+ ```
+
+2. In the software library, select **Autopilot for existing devices** and click **Install**. See the following example:
+
+ 
+ 
+
+The Task Sequence will download content, reboot, format the drives and install Windows 10. The device will then proceed to be prepared for Autopilot. Once the task sequence has completed the device will boot into OOBE and provide an Autopilot experience.
+
+
+
+
+
+>[!NOTE]
+>If joining devices to Active Directory (Hybrid Azure AD Join), it is necessary to create a Domain Join device configuration profile that is targeted to "All Devices" (since there is no Azure Active Directory device object for the computer to do group-based targeting). See [User-driven mode for hybrid Azure Active Directory join](https://docs.microsoft.com/windows/deployment/windows-autopilot/user-driven#user-driven-mode-for-hybrid-azure-active-directory-join) for more information.
+
+### Register the device for Windows Autopilot
+
+Devices provisioned through Autopilot will only receive the guided OOBE Autopilot experience on first boot. Once updated to Windows 10, the device should be registered to ensure a continued Autopilot experience in the event of PC reset. You can enable automatic registration for an assigned group using the **Convert all targeted devices to Autopilot** setting. For more information, see [Create an Autopilot deployment profile](https://docs.microsoft.com/intune/enrollment-autopilot#create-an-autopilot-deployment-profile).
+
+Also see [Adding devices to Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-autopilot/add-devices).
+
+## Speeding up the deployment process
+
+To remove around 20 minutes from the deployment process, see Michael Niehaus's blog with instructions for [Speeding up Windows Autopilot for existing devices](https://blogs.technet.microsoft.com/mniehaus/2018/10/25/speeding-up-windows-autopilot-for-existing-devices/).
diff --git a/windows/deployment/windows-autopilot/known-issues.md b/windows/deployment/windows-autopilot/known-issues.md
index d1f538dd46..b2de8f53ee 100644
--- a/windows/deployment/windows-autopilot/known-issues.md
+++ b/windows/deployment/windows-autopilot/known-issues.md
@@ -1,46 +1,68 @@
----
-title: Windows Autopilot known issues
-ms.reviewer:
-manager: laurawi
-description: Windows Autopilot deployment
-keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.localizationpriority: medium
-ms.sitesec: library
-ms.pagetype: deploy
-audience: itpro
author: greg-lindsay
-ms.author: greglin
-ms.collection: M365-modern-desktop
-ms.topic: article
----
-
-
-# Windows Autopilot - known issues
-
-**Applies to**
-
-- Windows 10
-
-
-| Issue | More information
- | | The following known issues are resolved by installing the July 26, 2019 KB4505903 update (OS Build 18362.267):
-
-- Windows Autopilot white glove does not work for a non-English OS and you see a red screen that says "Success."
-- Windows Autopilot reports an AUTOPILOTUPDATE error during OOBE after sysprep, reset or other variations. This typically happens if you reset the OS or used a custom sysprepped image.
-- BitLocker encryption is not correctly configured. Ex: BitLocker didn’t get an expected notification after policies were applied to begin encryption.
-- You are unable to install UWP apps from the Microsoft Store, causing failures during Windows Autopilot. If you are deploying Company Portal as a blocking app during Windows Autopilot ESP, you’ve probably seen this error.
-- A user is not granted administrator rights in the Windows Autopilot user-driven Hybrid Azure AD join scenario. This is another non-English OS issue.
- | Download and install the KB4505903 update.
See the section: How to get this update for information on specific release channels you can use to obtain the update.
- | | White glove gives a red screen and the Microsoft-Windows-User Device Registration/Admin event log displays HResult error code 0x801C03F3 | This can happen if Azure AD can’t find an AAD device object for the device that you are trying to deploy. This will occur if you manually delete the object. To fix it, remove the device from AAD, Intune, and Autopilot, then re-register it with Autopilot, which will recreate the AAD device object.
-
To obtain troubleshooting logs use: Mdmdiagnosticstool.exe -area Autopilot;TPM -cab c:\autopilot.cab
- | | White glove gives a red screen | White glove is not supported on a VM.
- | | Error importing Windows Autopilot devices from a .csv file | Ensure that you have not edited the .csv file in Microsoft Excel or an editor other than Notepad. Some of these editors can introduce extra characters causing the file format to be invalid.
- | | Windows Autopilot for existing devices does not follow the Autopilot OOBE experience. | Ensure that the JSON profile file is saved in ANSI/ASCII format, not Unicode or UTF-8.
- | | Something went wrong is displayed page during OOBE. | The client is likely unable to access all the required AAD/MSA-related URLs. For more information, see Networking requirements.
- |
-
-## Related topics
-
-[Diagnose MDM failures in Windows 10](https://docs.microsoft.com/windows/client-management/mdm/diagnose-mdm-failures-in-windows-10)
-[Troubleshooting Windows Autopilot](troubleshooting.md)
+---
+title: Windows Autopilot known issues
+ms.reviewer:
+manager: laurawi
+description: Windows Autopilot deployment
+keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.localizationpriority: medium
+ms.sitesec: library
+ms.pagetype: deploy
+audience: itpro
+author: greg-lindsay
+ms.author: greglin
+ms.collection: M365-modern-desktop
+ms.topic: article
+---
+
+
+# Windows Autopilot - known issues
+
+**Applies to**
+
+- Windows 10
+
+
+| Issue | More information
+ | Windows Autopilot for existing devices does not work for Windows 10, version 1903; you see screens that you've disabled in your Windows Autopilot profile, such as the Windows 10 License Agreement screen.
+
+This happens because Windows 10, version 1903 deletes the AutopilotConfigurationFile.json file.
+ | To fix this issue: - Edit the Configuration Manager task sequence and disable the Prepare Windows for Capture step.
+
- Add a new Run command line step that runs c:\windows\system32\sysprep\sysprep.exe /oobe /reboot.
+More information
+ | The following known issue will be resolved by installing the KB4517211 update, due to be released in late September 2019.
+
+TPM attestation fails on Windows 10 1903 due to missing AKI extension in EK certificate. (An additional validation added in Windows 10 1903 to check that the TPM EK certs had the proper attributes according to the TCG specifications uncovered that a number of them don’t, so that validation will be removed).
+ | Download and install the KB4517211 update.
This update is currently pending release.
+ | | The following known issues are resolved by installing the August 30, 2019 KB4512941 update (OS Build 18362.329):
+
+- Windows Autopilot for existing devices feature does not properly suppress “Activities” page during OOBE. (Because of this, you’ll see that extra page during OOBE).
+- TPM attestation state is not cleared by sysprep /generalize, causing TPM attestation failure during later OOBE flow. (This isn’t a particularly common issue, but you could run into it while testing if you are running sysprep /generalize and then rebooting or reimaging the device to go back through an Autopilot white glove or self-deploying scenario).
+- TPM attestation may fail if the device has a valid AIK cert but no EK cert. (This is related to the previous item).
+- If TPM attestation fails during the Windows Autopilot white glove process, the landing page appears to be hung. (Basically, the white glove landing page, where you click “Provision” to start the white glove process, isn’t reporting errors properly).
+- TPM attestation fails on newer Infineon TPMs (firmware version > 7.69). (Prior to this fix, only a specific list of firmware versions was accepted).
+- Device naming templates may truncate the computer name at 14 characters instead of 15.
+- Assigned Access policies cause a reboot which can interfere with the configuration of single-app kiosk devices.
+ | Download and install the KB4512941 update.
See the section: How to get this update for information on specific release channels you can use to obtain the update.
+ | | The following known issues are resolved by installing the July 26, 2019 KB4505903 update (OS Build 18362.267):
+
+- Windows Autopilot white glove does not work for a non-English OS and you see a red screen that says "Success."
+- Windows Autopilot reports an AUTOPILOTUPDATE error during OOBE after sysprep, reset or other variations. This typically happens if you reset the OS or used a custom sysprepped image.
+- BitLocker encryption is not correctly configured. Ex: BitLocker didn’t get an expected notification after policies were applied to begin encryption.
+- You are unable to install UWP apps from the Microsoft Store, causing failures during Windows Autopilot. If you are deploying Company Portal as a blocking app during Windows Autopilot ESP, you’ve probably seen this error.
+- A user is not granted administrator rights in the Windows Autopilot user-driven Hybrid Azure AD join scenario. This is another non-English OS issue.
+ | Download and install the KB4505903 update.
See the section: How to get this update for information on specific release channels you can use to obtain the update.
+
+ | | White glove gives a red screen and the Microsoft-Windows-User Device Registration/Admin event log displays HResult error code 0x801C03F3 | This can happen if Azure AD can’t find an AAD device object for the device that you are trying to deploy. This will occur if you manually delete the object. To fix it, remove the device from AAD, Intune, and Autopilot, then re-register it with Autopilot, which will recreate the AAD device object.
+
To obtain troubleshooting logs use: Mdmdiagnosticstool.exe -area Autopilot;TPM -cab c:\autopilot.cab
+ | | White glove gives a red screen | White glove is not supported on a VM.
+ | | Error importing Windows Autopilot devices from a .csv file | Ensure that you have not edited the .csv file in Microsoft Excel or an editor other than Notepad. Some of these editors can introduce extra characters causing the file format to be invalid.
+ | | Windows Autopilot for existing devices does not follow the Autopilot OOBE experience. | Ensure that the JSON profile file is saved in ANSI/ASCII format, not Unicode or UTF-8.
+ | | Something went wrong is displayed page during OOBE. | The client is likely unable to access all the required AAD/MSA-related URLs. For more information, see Networking requirements.
+ |
+
+## Related topics
+
+[Diagnose MDM failures in Windows 10](https://docs.microsoft.com/windows/client-management/mdm/diagnose-mdm-failures-in-windows-10)
+[Troubleshooting Windows Autopilot](troubleshooting.md)
diff --git a/windows/deployment/windows-autopilot/user-driven.md b/windows/deployment/windows-autopilot/user-driven.md
index 7629dc2ba8..ae6ae398bc 100644
--- a/windows/deployment/windows-autopilot/user-driven.md
+++ b/windows/deployment/windows-autopilot/user-driven.md
@@ -1,99 +1,103 @@
----
-title: Windows Autopilot User-Driven Mode
-description: Windows Autopilot deployment
-keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune
-ms.reviewer: mniehaus
-manager: laurawi
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.localizationpriority: medium
-ms.sitesec: library
-ms.pagetype: deploy
-audience: itpro
author: greg-lindsay
-ms.author: greglin
-ms.collection: M365-modern-desktop
-ms.topic: article
----
-
-
-# Windows Autopilot user-driven mode
-
-Windows Autopilot user-driven mode is designed to enable new Windows 10 devices to be transformed from their initial state, directly from the factory, into a ready-to-use state without requiring that IT personnel ever touch the device. The process is designed to be simple so that anyone can complete it, enabling devices to be shipped or distributed to the end user directly with simple instructions:
-
-- Unbox the device, plug it in, and turn it on.
-- Choose a language, locale and keyboard.
-- Connect it to a wireless or wired network with internet access.
-- Specify your e-mail address and password for your organization account.
-
-After completing those simple steps, the remainder of the process is completely automated, with the device being joined to the organization, enrolled in Intune (or another MDM service), and fully configured as defined by the organization. Any additional prompts during the Out-of-Box Experience (OOBE) can be supressed; see [Configuring Autopilot Profiles](profiles.md) for options that are available.
-
-Today, Windows Autopilot user-driven mode supports joining devices to Azure Active Directory. Support for Hybrid Azure Active Directory Join (with devices joined to an on-premises Active Directory domain) will be available in a future Windows 10 release. See [Introduction to device management in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/device-management-introduction) for more information about the differences between these two join options.
-
-## Available user-driven modes
-
-The following options are available for user-driven deployment:
-
-- [Azure Active Directory join](#user-driven-mode-for-azure-active-directory-join) is available if devices do not need to be joined to an on-prem Active Directory domain.
-- [Hybrid Azure Active Directory join](#user-driven-mode-for-hybrid-azure-active-directory-join) is available for devices that must be joined to both Azure Active Directory and your on-prem Active Directory domain.
-
-### User-driven mode for Azure Active Directory join
-
-In order to perform a user-driven deployment using Windows Autopilot, the following preparation steps need to be completed:
-
-- Ensure that the users who will be performing user-driven mode deployments are able to join devices to Azure Active Directory. See [Configure device settings](https://docs.microsoft.com/azure/active-directory/device-management-azure-portal#configure-device-settings) in the Azure Active Directory documentation for more information.
-- Create an Autopilot profile for user-driven mode with the desired settings. In Microsoft Intune, this mode is explicitly chosen when creating the profile. With Microsoft Store for Business and Partner Center, user-driven mode is the default and does not need to be selected.
-- If using Intune, create a device group in Azure Active Directory and assign the Autopilot profile to that group.
-
-For each device that will be deployed using user-driven deployment, these additional steps are needed:
-
-- Ensure that the device has been added to Windows Autopilot. This can be done automatically by an OEM or partner at the time the device is purchased, or it can be done through a manual harvesting process later. See [Adding devices to Windows Autopilot](add-devices.md) for more information.
-- Ensure an Autopilot profile has been assigned to the device:
- - If using Intune and Azure Active Directory dynamic device groups, this can be done automatically.
- - If using Intune and Azure Active Directory static device groups, manually add the device to the device group.
- - If using other methods (e.g. Microsoft Store for Business or Partner Center), manually assign an Autopilot profile to the device.
-
-Also see the [Validation](#validation) section below.
-
-### User-driven mode for hybrid Azure Active Directory join
-
-Windows Autopilot requires that devices be Azure Active Directory joined. If you have an on-premises Active Directory environment and want to also join devices to your on-premises domain, you can accomplish this by configuring Autopilot devices to be [hybrid Azure Active Directory (AAD) joined](https://docs.microsoft.com/azure/active-directory/devices/hybrid-azuread-join-plan).
-
-#### Requirements
-
-To perform a user-driven hybrid AAD joined deployment using Windows Autopilot:
-
-- A Windows Autopilot profile for user-driven mode must be created and
- - **Hybrid Azure AD joined** must be specified as the selected option under **Join to Azure AD as** in the Autopilot profile.
-- If using Intune, a device group in Azure Active Directory must exist with the Windows Autopilot profile assigned to that group.
-- The device must be running Windows 10, version 1809 or later.
-- The device must be able to access an Active Directory domain controller, so it must be connected to the organization's network (where it can resolve the DNS records for the AD domain and the AD domain controller, and communicate with the domain controller to authenticate the user).
-- The device must be able to access the Internet, following the [documented Windows Autopilot network requirements](windows-autopilot-requirements.md).
-- The Intune Connector for Active Directory must be installed.
- - Note: The Intune Connector will perform an on-prem AD join, therefore users do not need on-prem AD-join permission, assuming the Connector is [configured to perform this action](https://docs.microsoft.com/intune/windows-autopilot-hybrid#increase-the-computer-account-limit-in-the-organizational-unit) on the user's behalf.
-- If using Proxy, WPAD Proxy settings option must be enabled and configured.
-
-**AAD device join**: The hybrid AAD join process uses the system context to perform device AAD join, therefore it is not affected by user based AAD join permission settings. In addition, all users are enabled to join devices to AAD by default.
-
-#### Step by step instructions
-
-See [Deploy hybrid Azure AD joined devices using Intune and Windows Autopilot](https://docs.microsoft.com/intune/windows-autopilot-hybrid).
-
-Also see the **Validation** section in the [Windows Autopilot user-driven mode](user-driven.md) topic.
-
-## Validation
-
-When performing a user-driven deployment using Windows Autopilot, the following end-user experience should be observed:
-
-- If multiple languages are preinstalled in Windows 10, the user must pick a language.
-- The user must pick a locale and a keyboard layout, and optionally a second keyboard layout.
-- If connected via Ethernet, no network prompt is expected. If no Ethernet connection is available and Wi-fi is built in, the user needs to connect to a wireless network.
-- Once connected to a network, the Autopilot profile will be downloaded.
-- Windows 10 will check for critical OOBE updates, and if any are available they will be automatically installed (rebooting if required).
-- The user will be prompted for Azure Active Directory credentials, with a customized user experience showing the Azure AD tenant name, logo, and sign-in text.
-- Once correct credentials have been entered, the device will join Azure Active Directory.
-- After joining Azure Active Directory, the device will enroll in Intune (or other configured MDM services).
-- If configured, the [enrollment status page](enrollment-status.md) will be displayed.
-- Once the device configuration tasks have completed, the user will be signed into Windows 10 using the credentials they previously provided.
-- Once signed in, the enrollment status page will again be displayed for user-targeted configuration tasks.
-
-In case the observed results do not match these expectations, consult the [Windows Autopilot Troubleshooting](troubleshooting.md) documentation.
+---
+title: Windows Autopilot User-Driven Mode
+description: Windows Autopilot deployment
+keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune
+ms.reviewer: mniehaus
+manager: laurawi
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.localizationpriority: medium
+ms.sitesec: library
+ms.pagetype: deploy
+audience: itpro
+author: greg-lindsay
+ms.author: greglin
+ms.collection: M365-modern-desktop
+ms.topic: article
+---
+
+
+# Windows Autopilot user-driven mode
+
+Windows Autopilot user-driven mode is designed to enable new Windows 10 devices to be transformed from their initial state, directly from the factory, into a ready-to-use state without requiring that IT personnel ever touch the device. The process is designed to be simple so that anyone can complete it, enabling devices to be shipped or distributed to the end user directly with simple instructions:
+
+- Unbox the device, plug it in, and turn it on.
+- Choose a language, locale and keyboard.
+- Connect it to a wireless or wired network with internet access.
+- Specify your e-mail address and password for your organization account.
+
+After completing those simple steps, the remainder of the process is completely automated, with the device being joined to the organization, enrolled in Intune (or another MDM service), and fully configured as defined by the organization. Any additional prompts during the Out-of-Box Experience (OOBE) can be suppressed; see [Configuring Autopilot Profiles](profiles.md) for options that are available.
+
+Today, Windows Autopilot user-driven mode supports joining devices to Azure Active Directory. Support for Hybrid Azure Active Directory Join (with devices joined to an on-premises Active Directory domain) will be available in a future Windows 10 release. See [Introduction to device management in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/device-management-introduction) for more information about the differences between these two join options.
+
+## Available user-driven modes
+
+The following options are available for user-driven deployment:
+
+- [Azure Active Directory join](#user-driven-mode-for-azure-active-directory-join) is available if devices do not need to be joined to an on-prem Active Directory domain.
+- [Hybrid Azure Active Directory join](#user-driven-mode-for-hybrid-azure-active-directory-join) is available for devices that must be joined to both Azure Active Directory and your on-prem Active Directory domain.
+
+### User-driven mode for Azure Active Directory join
+
+In order to perform a user-driven deployment using Windows Autopilot, the following preparation steps need to be completed:
+
+- Ensure that the users who will be performing user-driven mode deployments are able to join devices to Azure Active Directory. See [Configure device settings](https://docs.microsoft.com/azure/active-directory/device-management-azure-portal#configure-device-settings) in the Azure Active Directory documentation for more information.
+- Create an Autopilot profile for user-driven mode with the desired settings. In Microsoft Intune, this mode is explicitly chosen when creating the profile. With Microsoft Store for Business and Partner Center, user-driven mode is the default and does not need to be selected.
+- If using Intune, create a device group in Azure Active Directory and assign the Autopilot profile to that group.
+
+For each device that will be deployed using user-driven deployment, these additional steps are needed:
+
+- Ensure that the device has been added to Windows Autopilot. This can be done automatically by an OEM or partner at the time the device is purchased, or it can be done through a manual harvesting process later. See [Adding devices to Windows Autopilot](add-devices.md) for more information.
+- Ensure an Autopilot profile has been assigned to the device:
+ - If using Intune and Azure Active Directory dynamic device groups, this can be done automatically.
+ - If using Intune and Azure Active Directory static device groups, manually add the device to the device group.
+ - If using other methods (e.g. Microsoft Store for Business or Partner Center), manually assign an Autopilot profile to the device.
+
+Also see the [Validation](#validation) section below.
+
+>[!NOTE]
+>If the device reboots during the device enrollment status page (ESP) in the user-driven Azure Active Directoy join scenario, the user will not automatically sign on because the user's credentials cannot be saved across reboots. In this scenario, the user will need to sign in manually after the device ESP completes.
+
+### User-driven mode for hybrid Azure Active Directory join
+
+Windows Autopilot requires that devices be Azure Active Directory joined. If you have an on-premises Active Directory environment and want to also join devices to your on-premises domain, you can accomplish this by configuring Autopilot devices to be [hybrid Azure Active Directory (AAD) joined](https://docs.microsoft.com/azure/active-directory/devices/hybrid-azuread-join-plan).
+
+#### Requirements
+
+To perform a user-driven hybrid AAD joined deployment using Windows Autopilot:
+
+- A Windows Autopilot profile for user-driven mode must be created and
+ - **Hybrid Azure AD joined** must be specified as the selected option under **Join to Azure AD as** in the Autopilot profile.
+- If using Intune, a device group in Azure Active Directory must exist with the Windows Autopilot profile assigned to that group.
+- The device must be running Windows 10, version 1809 or later.
+- The device must be able to access an Active Directory domain controller, so it must be connected to the organization's network (where it can resolve the DNS records for the AD domain and the AD domain controller, and communicate with the domain controller to authenticate the user).
+- The device must be able to access the Internet, following the [documented Windows Autopilot network requirements](windows-autopilot-requirements.md).
+- The Intune Connector for Active Directory must be installed.
+ - Note: The Intune Connector will perform an on-prem AD join, therefore users do not need on-prem AD-join permission, assuming the Connector is [configured to perform this action](https://docs.microsoft.com/intune/windows-autopilot-hybrid#increase-the-computer-account-limit-in-the-organizational-unit) on the user's behalf.
+- If using Proxy, WPAD Proxy settings option must be enabled and configured.
+
+**AAD device join**: The hybrid AAD join process uses the system context to perform device AAD join, therefore it is not affected by user based AAD join permission settings. In addition, all users are enabled to join devices to AAD by default.
+
+#### Step by step instructions
+
+See [Deploy hybrid Azure AD joined devices using Intune and Windows Autopilot](https://docs.microsoft.com/intune/windows-autopilot-hybrid).
+
+Also see the **Validation** section in the [Windows Autopilot user-driven mode](user-driven.md) topic.
+
+## Validation
+
+When performing a user-driven deployment using Windows Autopilot, the following end-user experience should be observed:
+
+- If multiple languages are preinstalled in Windows 10, the user must pick a language.
+- The user must pick a locale and a keyboard layout, and optionally a second keyboard layout.
+- If connected via Ethernet, no network prompt is expected. If no Ethernet connection is available and Wi-fi is built in, the user needs to connect to a wireless network.
+- Once connected to a network, the Autopilot profile will be downloaded.
+- Windows 10 will check for critical OOBE updates, and if any are available they will be automatically installed (rebooting if required).
+- The user will be prompted for Azure Active Directory credentials, with a customized user experience showing the Azure AD tenant name, logo, and sign-in text.
+- Once correct credentials have been entered, the device will join Azure Active Directory.
+- After joining Azure Active Directory, the device will enroll in Intune (or other configured MDM services).
+- If configured, the [enrollment status page](enrollment-status.md) will be displayed.
+- Once the device configuration tasks have completed, the user will be signed into Windows 10 using the credentials they previously provided.
+- Once signed in, the enrollment status page will again be displayed for user-targeted configuration tasks.
+
+If your results do not match these expectations, see the [Windows Autopilot Troubleshooting](troubleshooting.md) documentation.
diff --git a/windows/deployment/windows-autopilot/white-glove.md b/windows/deployment/windows-autopilot/white-glove.md
index 75e7e3a334..b5cc63019b 100644
--- a/windows/deployment/windows-autopilot/white-glove.md
+++ b/windows/deployment/windows-autopilot/white-glove.md
@@ -71,7 +71,7 @@ Windows Autopilot for white glove deployment supports two distinct scenarios:
- User-driven deployments with Hybrid Azure AD Join. The device will be joined to an on-premises Active Directory domain, and separately registered with Azure AD.
Each of these scenarios consists of two parts, a technician flow and a user flow. At a high level, these parts are the same for Azure AD Join and Hybrid Azure AD join; differences are primarily seen by the end user in the authentication steps.
-### Technican flow
+### Technician flow
After the customer or IT Admin has targeted all the apps and settings they want for their devices through Intune, the white glove technician can begin the white glove process. The technician could be a member of the IT staff, a services partner, or an OEM – each organization can decide who should perform these activities. Regardless of the scenario, the process to be performed by the technician is the same:
- Boot the device (running Windows 10 Pro, Enterprise, or Education SKUs, version 1903 or later).
diff --git a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
index 4fcd4811c2..1baaf03dea 100644
--- a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
+++ b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
@@ -46,9 +46,10 @@ Windows Autopilot depends on a variety of internet-based services. Access to the
In environments that have more restrictive Internet access, or for those that require authentication before internet access can be obtained, additional configuration may be required to whitelist access to the required services. For additional details about each of these services and their specific requirements, review the following details:
| Service | Information
- | | Windows Autopilot Deployment Service and Windows Activation | After a network connection is in place, each Windows 10 device will contact the Windows Autopilot Deployment Service. With Windows 10 builds 18204 and above, the following URLs are used: https://ztd.dds.microsoft.com, https://cs.dds.microsoft.com.
-
-For all supported Windows 10 releases, Windows Autopilot also uses Windows Activation services. See Windows activation or validation fails with error code 0x8004FE33 for details about problems that might occur when you connect to the Internet through a proxy server.
+ | | Windows Autopilot Deployment Service | After a network connection is in place, each Windows 10 device will contact the Windows Autopilot Deployment Service. With Windows 10 version 1903 and above, the following URLs are used: https://ztd.dds.microsoft.com, https://cs.dds.microsoft.com.
+
+ | | Windows Activation | Windows Autopilot also requires Windows Activation services. See Windows activation or validation fails with error code 0x8004FE33 for details about the URLs that need to be accessible for the activation services.
+
| | Azure Active Directory | User credentials are validated by Azure Active Directory, and the device can also be joined to Azure Active Directory. See Office 365 IP Address and URL Web service for more information.
| | Intune | Once authenticated, Azure Active Directory will trigger enrollment of the device into the Intune MDM service. See the following link for details about network communication requirements: Intune network configuration requirements and bandwidth.
| | Windows Update | During the OOBE process, as well as after the Windows 10 OS is fully configured, the Windows Update service is leveraged to retrieve needed updates. If there are problems connecting to Windows Update, see How to solve connection problems concerning Windows Update or Microsoft Update.
@@ -84,16 +85,16 @@ If the Microsoft Store is not accessible, the AutoPilot process will still conti
Windows Autopilot depends on specific capabilities available in Windows 10 and Azure Active Directory. It also requires an MDM service such as Microsoft Intune. These capabilities can be obtained through various editions and subscription programs:
To provide needed Azure Active Directory (automatic MDM enrollment and company branding features) and MDM functionality, one of the following is required:
-- [Microsoft 365 Business subscriptions](https://www.microsoft.com/en-us/microsoft-365/business)
-- [Microsoft 365 F1 subscriptions](https://www.microsoft.com/en-us/microsoft-365/enterprise/firstline)
-- [Microsoft 365 Academic A1, A3, or A5 subscriptions](https://www.microsoft.com/en-us/education/buy-license/microsoft365/default.aspx)
-- [Microsoft 365 Enterprise E3 or E5 subscriptions](https://www.microsoft.com/en-us/microsoft-365/enterprise), which include all Windows 10, Office 365, and EM+S features (Azure AD and Intune).
-- [Enterprise Mobility + Security E3 or E5 subscriptions](https://www.microsoft.com/en-us/cloud-platform/enterprise-mobility-security), which include all needed Azure AD and Intune features.
+- [Microsoft 365 Business subscriptions](https://www.microsoft.com/microsoft-365/business)
+- [Microsoft 365 F1 subscriptions](https://www.microsoft.com/microsoft-365/enterprise/firstline)
+- [Microsoft 365 Academic A1, A3, or A5 subscriptions](https://www.microsoft.com/education/buy-license/microsoft365/default.aspx)
+- [Microsoft 365 Enterprise E3 or E5 subscriptions](https://www.microsoft.com/microsoft-365/enterprise), which include all Windows 10, Office 365, and EM+S features (Azure AD and Intune).
+- [Enterprise Mobility + Security E3 or E5 subscriptions](https://www.microsoft.com/cloud-platform/enterprise-mobility-security), which include all needed Azure AD and Intune features.
- [Intune for Education subscriptions](https://docs.microsoft.com/intune-education/what-is-intune-for-education), which include all needed Azure AD and Intune features.
-- [Azure Active Directory Premium P1 or P2](https://azure.microsoft.com/services/active-directory/) and [Microsoft Intune subscriptions](https://www.microsoft.com/en-us/cloud-platform/microsoft-intune) (or an alternative MDM service).
+- [Azure Active Directory Premium P1 or P2](https://azure.microsoft.com/services/active-directory/) and [Microsoft Intune subscriptions](https://www.microsoft.com/cloud-platform/microsoft-intune) (or an alternative MDM service).
Additionally, the following are also recommended (but not required):
-- [Office 365 ProPlus](https://www.microsoft.com/en-us/p/office-365-proplus/CFQ7TTC0K8R0), which can be deployed easily via Intune (or other MDM services).
+- [Office 365 ProPlus](https://www.microsoft.com/p/office-365-proplus/CFQ7TTC0K8R0), which can be deployed easily via Intune (or other MDM services).
- [Windows Subscription Activation](https://docs.microsoft.com/windows/deployment/windows-10-enterprise-subscription-activation), to automatically step up devices from Windows 10 Pro to Windows 10 Enterprise.
## Configuration requirements
diff --git a/windows/hub/index.md b/windows/hub/index.md
index c9bfdfd89d..d9e3556000 100644
--- a/windows/hub/index.md
+++ b/windows/hub/index.md
@@ -7,9 +7,8 @@ ms.localizationpriority: high
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
-ms.date: 07/16/2019
ms.author: dansimp
-ms.date: 09/03/2018
+author: dansimp
ms.reviewer: dansimp
manager: dansimp
---
diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1903.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1903.md
index 54f9081648..f7e901603e 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1903.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1903.md
@@ -8,7 +8,7 @@ ms.sitesec: library
ms.pagetype: security
localizationpriority: high
author: brianlic-msft
-ms.author: brianlic
+ms.author: dansimp
manager: dansimp
ms.collection: M365-security-compliance
ms.topic: article
diff --git a/windows/privacy/diagnostic-data-viewer-overview.md b/windows/privacy/diagnostic-data-viewer-overview.md
index 6f5daf90d1..7ebad52ee8 100644
--- a/windows/privacy/diagnostic-data-viewer-overview.md
+++ b/windows/privacy/diagnostic-data-viewer-overview.md
@@ -42,7 +42,7 @@ Before you can use this tool for viewing Windows diagnostic data, you must turn
### Download the Diagnostic Data Viewer
-Download the app from the [Microsoft Store Diagnostic Data Viewer](https://www.microsoft.com/en-us/store/p/diagnostic-data-viewer/9n8wtrrsq8f7?rtc=1) page.
+Download the app from the [Microsoft Store Diagnostic Data Viewer](https://www.microsoft.com/store/p/diagnostic-data-viewer/9n8wtrrsq8f7?rtc=1) page.
>[!Important]
>It's possible that your Windows device doesn't have the Microsoft Store available (for example, Windows Server). If this is the case, see [Diagnostic Data Viewer for PowerShell](https://go.microsoft.com/fwlink/?linkid=2023830).
diff --git a/windows/privacy/gdpr-it-guidance.md b/windows/privacy/gdpr-it-guidance.md
index 524f34b78a..50d0770521 100644
--- a/windows/privacy/gdpr-it-guidance.md
+++ b/windows/privacy/gdpr-it-guidance.md
@@ -74,7 +74,7 @@ For example, when an organization is using Microsoft Windows Defender Advanced T
#### Processor scenario
-In the controller scenario described above, Microsoft is a *processor* because Microsoft provides data processing services to that controller (in the given example, an organization that subscribed to Windows Defender ATP and enabled it for the user’s device). As processor, Microsoft only processes data on behalf of the enterprise customer and does not have the right to process data beyond their instructions as specified in a written contract, such as the [Microsoft Product Terms and the Microsoft Online Services Terms (OST)](https://www.microsoft.com/en-us/licensing/product-licensing/products.aspx).
+In the controller scenario described above, Microsoft is a *processor* because Microsoft provides data processing services to that controller (in the given example, an organization that subscribed to Windows Defender ATP and enabled it for the user’s device). As processor, Microsoft only processes data on behalf of the enterprise customer and does not have the right to process data beyond their instructions as specified in a written contract, such as the [Microsoft Product Terms and the Microsoft Online Services Terms (OST)](https://www.microsoft.com/licensing/product-licensing/products.aspx).
## GDPR relationship between a Windows 10 user and Microsoft
@@ -117,14 +117,14 @@ Diagnostic data is categorized into the levels "Security", "Basic", "Enhanced",
### Windows services where Microsoft is the processor under the GDPR
-Most Windows 10 services are controller services in terms of the GDPR – for both Windows functional data and Windows diagnostic data. But there are a few Windows services where Microsoft is a processor for functional data under the GDPR, such as [Windows Analytics](https://www.microsoft.com/windowsforbusiness/windows-analytics) and [Windows Defender Advanced Threat Protection (ATP)](https://www.microsoft.com/windowsforbusiness/windows-atp).
+Most Windows 10 services are controller services in terms of the GDPR – for both Windows functional data and Windows diagnostic data. But there are a few Windows services where Microsoft is a processor for functional data under the GDPR, such as [Windows Analytics](https://www.microsoft.com/windowsforbusiness/windows-analytics) and [Windows Defender Advanced Threat Protection (ATP)](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp).
>[!NOTE]
->Both Windows Analytics and Windows Defender ATP are subscription services for organizations. Some functionality requires a certain license (please see [Compare Windows 10 editions](https://www.microsoft.com/en-us/windowsforbusiness/compare)).
+>Both Windows Analytics and Windows Defender ATP are subscription services for organizations. Some functionality requires a certain license (please see [Compare Windows 10 editions](https://www.microsoft.com/windowsforbusiness/compare)).
#### Windows Analytics
-[Windows Analytics](https://www.microsoft.com/en-us/windowsforbusiness/windows-analytics) is a service that provides rich, actionable information for helping organizations to gain deep insights into the operational efficiency and health of the Windows devices in their environment. It uses Windows diagnostic data from devices enrolled by the IT organization of an enterprise into the Windows Analytics service.
+[Windows Analytics](https://www.microsoft.com/windowsforbusiness/windows-analytics) is a service that provides rich, actionable information for helping organizations to gain deep insights into the operational efficiency and health of the Windows devices in their environment. It uses Windows diagnostic data from devices enrolled by the IT organization of an enterprise into the Windows Analytics service.
Windows [transmits Windows diagnostic data](enhanced-diagnostic-data-windows-analytics-events-and-fields.md) to Microsoft datacenters, where that data is analyzed and stored. With Windows Analytics, the IT organization can then view the analyzed data to detect and fix issues or to improve their processes for upgrading to Windows 10.
@@ -137,7 +137,7 @@ As a result, in terms of the GDPR, the organization that has subscribed to Windo
#### Windows Defender ATP
-[Windows Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp) is cloud-based service that collects and analyzes usage data from an organization’s devices to detect security threats. Some of the data can contain personal data as defined by the GDPR. Enrolled devices transmit usage data to Microsoft datacenters, where that data is analyzed, processed, and stored. The security operations center (SOC) of the organization can view the analyzed data using the [Windows Defender ATP portal](https://securitycenter.windows.com/).
+[Windows Defender ATP](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) is cloud-based service that collects and analyzes usage data from an organization’s devices to detect security threats. Some of the data can contain personal data as defined by the GDPR. Enrolled devices transmit usage data to Microsoft datacenters, where that data is analyzed, processed, and stored. The security operations center (SOC) of the organization can view the analyzed data using the [Windows Defender ATP portal](https://securitycenter.windows.com/).
As a result, in terms of the GDPR, the organization that has subscribed to Windows Defender ATP is acting as the controller, while Microsoft is the processor for Windows Defender ATP.
@@ -285,7 +285,7 @@ To make it easier to deploy settings that restrict connections from Windows 10 a
### Microsoft Trust Center and Service Trust Portal
-Please visit our [GDPR section of the Microsoft Trust Center](https://www.microsoft.com/en-us/trustcenter/privacy/gdpr) to obtain additional resources and to learn more about how Microsoft can help you fulfill specific GDPR requirements. There you can find lots of useful information about the GDPR, including how Microsoft is helping customers to successfully master the GDPR, a FAQ list, and a list of [resources for GDPR compliance](https://www.microsoft.com/en-us/TrustCenter/Privacy/gdpr/resources). Also, please check out the [Compliance Manager](https://aka.ms/compliancemanager) of the Microsoft [Service Trust Portal (STP)](https://aka.ms/stp) and [Get Started: Support for GDPR Accountability](https://servicetrust.microsoft.com/ViewPage/GDPRGetStarted).
+Please visit our [GDPR section of the Microsoft Trust Center](https://www.microsoft.com/trustcenter/privacy/gdpr) to obtain additional resources and to learn more about how Microsoft can help you fulfill specific GDPR requirements. There you can find lots of useful information about the GDPR, including how Microsoft is helping customers to successfully master the GDPR, a FAQ list, and a list of [resources for GDPR compliance](https://www.microsoft.com/TrustCenter/Privacy/gdpr/resources). Also, please check out the [Compliance Manager](https://aka.ms/compliancemanager) of the Microsoft [Service Trust Portal (STP)](https://aka.ms/stp) and [Get Started: Support for GDPR Accountability](https://servicetrust.microsoft.com/ViewPage/GDPRGetStarted).
### Additional resources
diff --git a/windows/privacy/gdpr-win10-whitepaper.md b/windows/privacy/gdpr-win10-whitepaper.md
index 3ad1a4a14e..259561932e 100644
--- a/windows/privacy/gdpr-win10-whitepaper.md
+++ b/windows/privacy/gdpr-win10-whitepaper.md
@@ -30,7 +30,7 @@ Microsoft and our customers are now on a journey to achieve the privacy goals of
We have outlined our commitment to the GDPR and how we are supporting our customers within the [Get GDPR compliant with the Microsoft Cloud](https://blogs.microsoft.com/on-the-issues/2017/02/15/get-gdpr-compliant-with-the-microsoft-cloud/#hv52B68OZTwhUj2c.99) blog post by our Chief Privacy Officer [Brendon Lynch](https://blogs.microsoft.com/on-the-issues/author/brendonlynch/) and the [Earning your trust with contractual commitments to the General Data Protection Regulation](https://blogs.microsoft.com/on-the-issues/2017/04/17/earning-trust-contractual-commitments-general-data-protection-regulation/#6QbqoGWXCLavGM63.99)” blog post by [Rich Sauer](https://blogs.microsoft.com/on-the-issues/author/rsauer/) - Microsoft Corporate Vice President & Deputy General Counsel.
-Although your journey to GDPR-compliance may seem challenging, we're here to help you. For specific information about the GDPR, our commitments and how to begin your journey, please visit the [GDPR section of the Microsoft Trust Center](https://www.microsoft.com/en-us/trustcenter/privacy/gdpr).
+Although your journey to GDPR-compliance may seem challenging, we're here to help you. For specific information about the GDPR, our commitments and how to begin your journey, please visit the [GDPR section of the Microsoft Trust Center](https://www.microsoft.com/trustcenter/privacy/gdpr).
## GDPR and its implications
The GDPR is a complex regulation that may require significant changes in how you gather, use and manage personal data. Microsoft has a long history of helping our customers comply with complex regulations, and when it comes to preparing for the GDPR, we are your partner on this journey.
@@ -82,7 +82,7 @@ Given how much is involved to become GDPR-compliant, we strongly recommend that
-For each of the steps, we've outlined example tools, resources, and features in various Microsoft solutions, which can be used to help you address the requirements of that step. While this article isn't a comprehensive “how to,” we've included links for you to find out more details, and more information is available in the [GDPR section of the Microsoft Trust Center](https://www.microsoft.com/en-us/trustcenter/privacy/gdpr).
+For each of the steps, we've outlined example tools, resources, and features in various Microsoft solutions, which can be used to help you address the requirements of that step. While this article isn't a comprehensive “how to,” we've included links for you to find out more details, and more information is available in the [GDPR section of the Microsoft Trust Center](https://www.microsoft.com/trustcenter/privacy/gdpr).
## Windows 10 security and privacy
As you work to comply with the GDPR, understanding the role of your desktop and laptop client machines in creating, accessing, processing, storing and managing data that may qualify as personal and potentially sensitive data under the GDPR is important. Windows 10 provides capabilities that will help you comply with the GDPR requirements to implement appropriate technical and organizational security measures to protect personal data.
@@ -252,7 +252,7 @@ There are numerous ways one can use the Windows Hello Companion Device Framework
- Wear a fitness band that has already authenticated the wearer. Upon approaching PC, and by performing a special gesture (like clapping), the PC unlocks.
#### Protection against attacks by isolating user credentials
-As noted in the [Windows 10 Credential Theft Mitigation Guide](https://www.microsoft.com/en-us/download/confirmation.aspx?id=54095), “_the tools and techniques criminals use to carry out credential theft and reuse attacks improve, malicious attackers are finding it easier to achieve their goals. Credential theft often relies on operational practices or user credential exposure, so effective mitigations require a holistic approach that addresses people, processes, and technology. In addition, these attacks rely on the attacker stealing credentials after compromising a system to expand or persist access, so organizations must contain breaches rapidly by implementing strategies that prevent attackers from moving freely and undetected in a compromised network._”
+As noted in the [Windows 10 Credential Theft Mitigation Guide](https://www.microsoft.com/download/confirmation.aspx?id=54095), “_the tools and techniques criminals use to carry out credential theft and reuse attacks improve, malicious attackers are finding it easier to achieve their goals. Credential theft often relies on operational practices or user credential exposure, so effective mitigations require a holistic approach that addresses people, processes, and technology. In addition, these attacks rely on the attacker stealing credentials after compromising a system to expand or persist access, so organizations must contain breaches rapidly by implementing strategies that prevent attackers from moving freely and undetected in a compromised network._”
An important design consideration for Windows 10 was mitigating credential theft — in particular, derived credentials. Windows Defender Credential Guard provides significantly improved security against derived credential theft and reuse by implementing a significant architectural change in Windows designed to help eliminate hardware-based isolation attacks rather than simply trying to defend against them.
diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index d507296ac2..8211fc3089 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -6,10 +6,12 @@ keywords: privacy, manage connections to Microsoft, Windows 10
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
-ms.localizationpriority: medium
+ms.localizationpriority: high
+audience: ITPro
author: medgarmedgar
ms.author: v-medgar
-ms.date: 8/23/2019
+manager: sanashar
+ms.date: 9/10/2019
---
# Manage connections from Windows 10 operating system components to Microsoft services using Microsoft Intune MDM Server
@@ -100,7 +102,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
1. **OneDrive**
1. MDM Policy: [DisableOneDriveFileSync](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync). Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1 (one)**
1. Ingest the ADMX - To get the latest OneDrive ADMX file you need an up-to-date Windows 10 client. The ADMX files are located under the following path: %LocalAppData%\Microsoft\OneDrive\ there's a folder with the current OneDrive build (e.g. "18.162.0812.0001"). There is a folder named "adm" which contains the admx and adml policy definition files.
- 1. MDM Policy: Prevent Network Traffic before User SignIn. **PreventNetworkTrafficPreUserSignIn**. The OMA-URI value is: ./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC\~Policy\~OneDriveNGSC/PreventNetworkTrafficPreUserSignIn, **String, \**
+ 1. MDM Policy: Prevent Network Traffic before User SignIn. **PreventNetworkTrafficPreUserSignIn**. The OMA-URI value is: **./Device/Vendor/MSFT/Policy/Config/OneDriveNGSC\~Policy\~OneDriveNGSC/PreventNetworkTrafficPreUserSignIn**, Data type: **String**, Value: **\**
1. **Privacy settings** Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC.
@@ -139,6 +141,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
1. Windows Defender Smartscreen - [Browser/AllowSmartScreen](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen). Disable Windows Defender Smartscreen. **Set to 0 (zero)**
1. Windows Defender Smartscreen EnableAppInstallControl - [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol). Controls whether users are allowed to install apps from places other than the Microsoft Store. **Set to 0 (zero)**
1. Windows Defender Potentially Unwanted Applications(PUA) Protection - [Defender/PUAProtection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-puaprotection). Specifies the level of detection for potentially unwanted applications (PUAs). **Set to 1 (one)**
+ 1. [Defender/SignatureUpdateFallbackOrder](https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-mdm). Allows you to define the order in which different definition update sources should be contacted. The OMA-URI for this is: **./Vendor/MSFT/Policy/Config/Defender/SignatureUpdateFallbackOrder**, Data type: **String**, Value: **FileShares**
1. **Windows Spotlight** - [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight). Disable Windows Spotlight. **Set to 0 (zero)**
1. **Microsoft Store**
1. [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps). Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded. **Set to 1 (one)**
diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 33f7ec2b4b..71b2aa6e37 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -7,14 +7,14 @@ keywords: privacy, manage connections to Microsoft, Windows 10, Windows Server 2
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
-ms.localizationpriority: medium
+ms.localizationpriority: high
audience: ITPro
-author: dansimp
-ms.author: dansimp
-manager: dansimp
+author: medgarmedgar
+ms.author: v-medgar
+manager: sanashar
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 8/23/2019
+ms.date: 9/17/2019
---
# Manage connections from Windows 10 operating system components to Microsoft services
@@ -271,7 +271,6 @@ Find the Cortana Group Policy objects under **Computer Configuration** > **Ad
| Allow search and Cortana to use location | Choose whether Cortana and Search can provide location-aware search results.
**Disable** this policy to block access to location information for Cortana. |
| Do not allow web search | Choose whether to search the web from Windows Desktop Search.
**Enable** this policy to remove the option to search the Internet from Cortana. |
| Don't search the web or display web results in Search| Choose whether to search the web from Cortana.
**Enable** this policy to stop web queries and results from showing in Search. |
-| Set what information is shared in Search | Control what information is shared with Bing in Search.
If you **enable** this policy and set it to **Anonymous info**, usage information will be shared but not search history, Microsoft Account information, or specific location. |
You can also apply the Group Policies using the following registry keys:
@@ -281,7 +280,7 @@ You can also apply the Group Policies using the following registry keys:
| Allow search and Cortana to use location | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: AllowSearchToUseLocation
Value: 0 |
| Do not allow web search | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: DisableWebSearch
Value: 1 |
| Don't search the web or display web results in Search| HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: ConnectedSearchUseWeb
Value: 0 |
-| Set what information is shared in Search | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: ConnectedSearchPrivacy
Value: 3 |
+
>[!IMPORTANT]
> Using the Group Policy editor these steps are required for all supported versions of Windows 10, however they are not required for devices running Windows 10, version 1607 or Windows Server 2016.
diff --git a/windows/release-information/resolved-issues-windows-10-1507.yml b/windows/release-information/resolved-issues-windows-10-1507.yml
index 6eb7bd7645..b4f166be36 100644
--- a/windows/release-information/resolved-issues-windows-10-1507.yml
+++ b/windows/release-information/resolved-issues-windows-10-1507.yml
@@ -38,10 +38,7 @@ sections:
| Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible
See details > | OS Build 10240.18215
May 14, 2019
KB4499154 | Resolved
KB4505051 | May 19, 2019
02:00 PM PT |
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4493475 | April 09, 2019
10:00 AM PT |
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 10240.18094
January 08, 2019
KB4480962 | Resolved
KB4493475 | April 09, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.
See details > | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4489872 | March 12, 2019
10:00 AM PT |
- First character of Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details > | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4489872 | March 12, 2019
10:00 AM PT |
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 10240.18158
March 12, 2019
KB4489872 | Resolved
KB4493475 | April 09, 2019
10:00 AM PT |
- Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
See details > | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4489872 | March 12, 2019
10:00 AM PT |
"
@@ -95,9 +92,6 @@ sections:
text: "
| Details | Originating update | Status | History |
| Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493475.
Back to top | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4493475 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4487018, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489872.
Back to top | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4489872 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
- First character of Japanese era name not recognizedAfter installing KB4487018, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.
Back to top | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4489872 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
- | Applications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.
Back to top | OS Build 10240.18132
February 12, 2019
KB4487018 | Resolved
KB4489872 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
"
diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml
index 08b49123c4..f2e5cd3bcb 100644
--- a/windows/release-information/resolved-issues-windows-10-1607.yml
+++ b/windows/release-information/resolved-issues-windows-10-1607.yml
@@ -32,9 +32,11 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
+ IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 14393.3204
September 10, 2019
KB4516044 | Resolved
| September 17, 2019
04:47 PM PT |
+ Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.
See details > | OS Build 14393.3053
June 18, 2019
KB4503294 | Resolved
KB4516044 | September 10, 2019
10:00 AM PT |
+ Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 14393.3115
July 16, 2019
KB4507459 | Resolved
KB4512517 | August 13, 2019
10:00 AM PT |
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | OS Build 14393.3025
June 11, 2019
KB4503267 | Resolved
KB4512495 | August 17, 2019
02:00 PM PT |
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 14393.3144
August 13, 2019
KB4512517 | Resolved
KB4512495 | August 17, 2019
02:00 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 14393.3115
July 16, 2019
KB4507459 | Resolved
KB4512517 | August 13, 2019
10:00 AM PT |
Internet Explorer 11 and apps using the WebBrowser control may fail to render
JavaScript may fail to render as expected in Internet Explorer 11 and in apps using JavaScript or the WebBrowser control.
See details > | OS Build 14393.3085
July 09, 2019
KB4507460 | Resolved
KB4512517 | August 13, 2019
10:00 AM PT |
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | OS Build 14393.3025
June 11, 2019
KB4503267 | Resolved External
| August 09, 2019
07:03 PM PT |
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.
See details > | OS Build 14393.2639
November 27, 2018
KB4467684 | Resolved
KB4507459 | July 16, 2019
10:00 AM PT |
@@ -52,9 +54,7 @@ sections:
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details > | OS Build 14393.2724
January 08, 2019
KB4480961 | Resolved
KB4493470 | April 09, 2019
10:00 AM PT |
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup.
See details > | OS Build 14393.2879
March 19, 2019
KB4489889 | Resolved
KB4493470 | April 09, 2019
10:00 AM PT |
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 14393.2724
January 08, 2019
KB4480961 | Resolved
KB4493470 | April 09, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
See details > | OS Build 14393.2791
February 12, 2019
KB4487026 | Resolved
KB4489882 | March 12, 2019
10:00 AM PT |
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 14393.2848
March 12, 2019
KB4489882 | Resolved
KB4493473 | April 25, 2019
02:00 PM PT |
- Issue hosting multiple terminal server sessions and a user logs off on Windows Server
In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off.
See details > | OS Build 14393.2828
February 19, 2019
KB4487006 | Resolved
KB4489882 | March 12, 2019
10:00 AM PT |
"
@@ -65,11 +65,21 @@ sections:
"
+- title: September 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: After investigation, we have found that this issue does not affect this version of Windows.
Back to top | OS Build 14393.3204
September 10, 2019
KB4516044 | Resolved
| Resolved:
September 17, 2019
04:47 PM PT
Opened:
September 13, 2019
05:25 PM PT |
+
+ "
+
- title: August 2019
- items:
- type: markdown
text: "
| Details | Originating update | Status | History |
+ Apps and scripts using the NetQueryDisplayInformation API may fail with error Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”
Affected platforms: - Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4516044.
Back to top | OS Build 14393.3053
June 18, 2019
KB4503294 | Resolved
KB4516044 | Resolved:
September 10, 2019
10:00 AM PT
Opened:
August 01, 2019
05:00 PM PT |
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with errorAfter installing KB4512517, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512495. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512495 and install. For instructions, see Update Windows 10.
Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).
Back to top | OS Build 14393.3144
August 13, 2019
KB4512517 | Resolved
KB4512495 | Resolved:
August 17, 2019
02:00 PM PT
Opened:
August 14, 2019
03:34 PM PT |
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devicesYou may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 ( KB4503267) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Back to top | OS Build 14393.3025
June 11, 2019
KB4503267 | Resolved External
| Last updated:
August 09, 2019
07:03 PM PT
Opened:
August 09, 2019
04:25 PM PT |
@@ -80,9 +90,9 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
+ Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507459. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512517 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 14393.3115
July 16, 2019
KB4507459 | Resolved
KB4512517 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
Devices starting using PXE from a WDS or SCCM servers may fail to startDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503267 on a WDS server.
Affected platforms: - Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512495.
Back to top | OS Build 14393.3025
June 11, 2019
KB4503267 | Resolved
KB4512495 | Resolved:
August 17, 2019
02:00 PM PT
Opened:
July 10, 2019
02:51 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507459. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512517. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Back to top | OS Build 14393.3115
July 16, 2019
KB4507459 | Resolved
KB4512517 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
Internet Explorer 11 and apps using the WebBrowser control may fail to renderInternet Explorer 11 may fail to render some JavaScript after installing KB4507460. You may also have issues with apps using JavaScript or the WebBrowser control, such as the present PowerPoint feature of Skype Meeting Broadcast.
Affected platforms: - Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server 2016
Resolution: This issue was resolved in KB4512517.
Back to top | OS Build 14393.3085
July 09, 2019
KB4507460 | Resolved
KB4512517 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 26, 2019
04:58 PM PT |
"
@@ -137,8 +147,6 @@ sections:
text: "
| Details | Originating update | Status | History |
| Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493470.
Back to top | OS Build 14393.2791
February 12, 2019
KB4487026 | Resolved
KB4493470 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4487026, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489882.
Back to top | OS Build 14393.2791
February 12, 2019
KB4487026 | Resolved
KB4489882 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
- | Issue hosting multiple terminal server sessions and a user logs off on Windows Server In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off. The faulting driver is win32kbase.sys.
Affected platforms: - Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
- Server: Windows Server 2016
Resolution: This issue is resolved in KB4489882.
Back to top | OS Build 14393.2828
February 19, 2019
KB4487006 | Resolved
KB4489882 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 19, 2019
02:00 PM PT |
"
diff --git a/windows/release-information/resolved-issues-windows-10-1703.yml b/windows/release-information/resolved-issues-windows-10-1703.yml
index 22ddb295df..a15dc08538 100644
--- a/windows/release-information/resolved-issues-windows-10-1703.yml
+++ b/windows/release-information/resolved-issues-windows-10-1703.yml
@@ -32,8 +32,9 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
+ IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 15063.2045
September 10, 2019
KB4516068 | Resolved
| September 17, 2019
04:47 PM PT |
+ Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 15063.1955
July 16, 2019
KB4507467 | Resolved
KB4512507 | August 13, 2019
10:00 AM PT |
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 15063.1988
August 13, 2019
KB4512507 | Resolved
KB4512474 | August 17, 2019
02:00 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 15063.1955
July 16, 2019
KB4507467 | Resolved
KB4512507 | August 13, 2019
10:00 AM PT |
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | OS Build 15063.1868
June 11, 2019
KB4503279 | Resolved External
| August 09, 2019
07:03 PM PT |
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.
See details > | OS Build 15063.1805
May 14, 2019
KB4499181 | Resolved
KB4507450 | July 09, 2019
10:00 AM PT |
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.
See details > | OS Build 15063.1839
May 28, 2019
KB4499162 | Resolved
KB4509476 | June 26, 2019
04:00 PM PT |
@@ -44,7 +45,6 @@ sections:
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 15063.1631
February 12, 2019
KB4487020 | Resolved
KB4493474 | April 09, 2019
10:00 AM PT |
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details > | OS Build 15063.1716
March 19, 2019
KB4489888 | Resolved
KB4493474 | April 09, 2019
10:00 AM PT |
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 15063.1563
January 08, 2019
KB4480973 | Resolved
KB4493474 | April 09, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
See details > | OS Build 15063.1659
February 19, 2019
KB4487011 | Resolved
KB4489871 | March 12, 2019
10:00 AM PT |
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 15063.1689
March 12, 2019
KB4489871 | Resolved
KB4493436 | April 25, 2019
02:00 PM PT |
"
@@ -56,6 +56,15 @@ sections:
"
+- title: September 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: After investigation, we have found that this issue does not affect this version of Windows.
Back to top | OS Build 15063.2045
September 10, 2019
KB4516068 | Resolved
| Resolved:
September 17, 2019
04:47 PM PT
Opened:
September 13, 2019
05:25 PM PT |
+
+ "
+
- title: August 2019
- items:
- type: markdown
@@ -71,8 +80,8 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507467. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512507. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Back to top | OS Build 15063.1955
July 16, 2019
KB4507467 | Resolved
KB4512507 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
+ Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507467. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512507 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 15063.1955
July 16, 2019
KB4507467 | Resolved
KB4512507 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
"
@@ -114,7 +123,6 @@ sections:
text: "
| Details | Originating update | Status | History |
| Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493474.
Back to top | OS Build 15063.1631
February 12, 2019
KB4487020 | Resolved
KB4493474 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4487011, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489871.
Back to top | OS Build 15063.1659
February 19, 2019
KB4487011 | Resolved
KB4489871 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 19, 2019
02:00 PM PT |
"
diff --git a/windows/release-information/resolved-issues-windows-10-1709.yml b/windows/release-information/resolved-issues-windows-10-1709.yml
index 9bf77f7d45..07fbc6a7b2 100644
--- a/windows/release-information/resolved-issues-windows-10-1709.yml
+++ b/windows/release-information/resolved-issues-windows-10-1709.yml
@@ -32,9 +32,10 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
+ IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 16299.1387
September 10, 2019
KB4516066 | Resolved
| September 19, 2019
04:08 PM PT |
+ Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 16299.1296
July 16, 2019
KB4507465 | Resolved
KB4512516 | August 13, 2019
10:00 AM PT |
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | OS Build 16299.1217
June 11, 2019
KB4503284 | Resolved
KB4512494 | August 16, 2019
02:00 PM PT |
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 16299.1331
August 13, 2019
KB4512516 | Resolved
KB4512494 | August 16, 2019
02:00 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 16299.1296
July 16, 2019
KB4507465 | Resolved
KB4512516 | August 13, 2019
10:00 AM PT |
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | OS Build 16299.1217
June 11, 2019
KB4503284 | Resolved External
| August 09, 2019
07:03 PM PT |
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.
See details > | OS Build 16299.1182
May 28, 2019
KB4499147 | Resolved
KB4509477 | June 26, 2019
04:00 PM PT |
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.
See details > | OS Build 16299.1217
June 11, 2019
KB4503284 | Resolved
KB4503281 | June 18, 2019
02:00 PM PT |
@@ -46,7 +47,6 @@ sections:
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 16299.967
February 12, 2019
KB4486996 | Resolved
KB4493441 | April 09, 2019
10:00 AM PT |
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details > | OS Build 16299.1059
March 19, 2019
KB4489890 | Resolved
KB4493441 | April 09, 2019
10:00 AM PT |
MSXML6 causes applications to stop responding if an exception was thrown
MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 16299.904
January 08, 2019
KB4480978 | Resolved
KB4493441 | April 09, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
See details > | OS Build 16299.967
February 12, 2019
KB4486996 | Resolved
KB4489886 | March 12, 2019
10:00 AM PT |
Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.
See details > | OS Build 16299.1029
March 12, 2019
KB4489886 | Resolved
KB4493441 | April 09, 2019
10:00 AM PT |
"
@@ -58,6 +58,15 @@ sections:
"
+- title: September 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4516066, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 16299.1387
September 10, 2019
KB4516066 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
+
+ "
+
- title: August 2019
- items:
- type: markdown
@@ -73,9 +82,9 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
+ Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507465. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512516 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 16299.1296
July 16, 2019
KB4507465 | Resolved
KB4512516 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
Devices starting using PXE from a WDS or SCCM servers may fail to startDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503284 on a WDS server.
Affected platforms: - Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512494.
Back to top | OS Build 16299.1217
June 11, 2019
KB4503284 | Resolved
KB4512494 | Resolved:
August 16, 2019
02:00 PM PT
Opened:
July 10, 2019
02:51 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507465. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512516. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Back to top | OS Build 16299.1296
July 16, 2019
KB4507465 | Resolved
KB4512516 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
"
@@ -126,7 +135,6 @@ sections:
text: "
| Details | Originating update | Status | History |
| Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493441.
Back to top | OS Build 16299.967
February 12, 2019
KB4486996 | Resolved
KB4493441 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4486996, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489886.
Back to top | OS Build 16299.967
February 12, 2019
KB4486996 | Resolved
KB4489886 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
"
diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml
index b3059b9fe8..678191535f 100644
--- a/windows/release-information/resolved-issues-windows-10-1803.yml
+++ b/windows/release-information/resolved-issues-windows-10-1803.yml
@@ -32,9 +32,11 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
+ IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 17134.1006
September 10, 2019
KB4516058 | Resolved
| September 19, 2019
04:08 PM PT |
+ Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 17134.915
July 16, 2019
KB4507466 | Resolved
KB4512501 | August 13, 2019
10:00 AM PT |
+ Notification issue: \"Your device is missing important security and quality fixes.\"
Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes.\"
See details > | N/A
| Resolved
| September 03, 2019
12:32 PM PT |
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | OS Build 17134.829
June 11, 2019
KB4503286 | Resolved
KB4512509 | August 19, 2019
02:00 PM PT |
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 17134.950
August 13, 2019
KB4512501 | Resolved
KB4512509 | August 19, 2019
02:00 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 17134.915
July 16, 2019
KB4507466 | Resolved
KB4512501 | August 13, 2019
10:00 AM PT |
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | OS Build 17134.829
June 11, 2019
KB4503286 | Resolved External
| August 09, 2019
07:03 PM PT |
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.
See details > | OS Build 17134.799
May 21, 2019
KB4499183 | Resolved
KB4509478 | June 26, 2019
04:00 PM PT |
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.
See details > | OS Build 17134.829
June 11, 2019
KB4503286 | Resolved
KB4503288 | June 18, 2019
02:00 PM PT |
@@ -45,7 +47,6 @@ sections:
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | OS Build 17134.590
February 12, 2019
KB4487017 | Resolved
KB4493464 | April 09, 2019
10:00 AM PT |
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details > | OS Build 17134.677
March 19, 2019
KB4489894 | Resolved
KB4493464 | April 09, 2019
10:00 AM PT |
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 17134.523
January 08, 2019
KB4480966 | Resolved
KB4493464 | April 09, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.
See details > | OS Build 17134.590
February 12, 2019
KB4487017 | Resolved
KB4489868 | March 12, 2019
10:00 AM PT |
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | OS Build 17134.648
March 12, 2019
KB4489868 | Resolved
KB4493437 | April 25, 2019
02:00 PM PT |
Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.
See details > | OS Build 17134.648
March 12, 2019
KB4489868 | Resolved
KB4493464 | April 09, 2019
10:00 AM PT |
@@ -58,6 +59,16 @@ sections:
"
+- title: September 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4516058, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 17134.1006
September 10, 2019
KB4516058 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
+ | Notification issue: \"Your device is missing important security and quality fixes.\" Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes\" in the Windows Update dialog and a red \"!\" in the task tray on the Windows Update tray icon. This notification is intended for devices that are 90 days or more out of date, but some users with installed updates released in June or July also saw this notification.
Affected platforms: - Client: Windows 10, version 1803
- Server: Windows Server, version 1803
Resolution: This issue was resolved on the server side on August 30, 2019. Only devices that are out of date by 90 days or more should now see the notification. No action is required by the user to resolve this issue. If you are still seeing the \"Your device is missing important security and quality fixes\" notification, we recommend selecting Check for Updates in the Windows Update dialog. For instructions, see Update Windows 10. Microsoft always recommends trying to keep your devices up to date, as the monthly updates contain important security fixes.
Back to top | N/A
| Resolved
| Resolved:
September 03, 2019
12:32 PM PT
Opened:
September 03, 2019
12:32 PM PT |
+
+ "
+
- title: August 2019
- items:
- type: markdown
@@ -73,9 +84,9 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
+ Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507466. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512501 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 17134.915
July 16, 2019
KB4507466 | Resolved
KB4512501 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
Devices starting using PXE from a WDS or SCCM servers may fail to startDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503286 on a WDS server.
Affected platforms: - Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512509.
Back to top | OS Build 17134.829
June 11, 2019
KB4503286 | Resolved
KB4512509 | Resolved:
August 19, 2019
02:00 PM PT
Opened:
July 10, 2019
02:51 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507466. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512501. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Back to top | OS Build 17134.915
July 16, 2019
KB4507466 | Resolved
KB4512501 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
"
@@ -126,7 +137,6 @@ sections:
text: "
| Details | Originating update | Status | History |
| Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493464.
Back to top | OS Build 17134.590
February 12, 2019
KB4487017 | Resolved
KB4493464 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4487017, users may received \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489868.
Back to top | OS Build 17134.590
February 12, 2019
KB4487017 | Resolved
KB4489868 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
"
diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
index c70c55ae78..29d533154d 100644
--- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
+++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
@@ -32,9 +32,11 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
+ Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.
See details > | OS Build 17763.55
October 09, 2018
KB4464330 | Resolved
KB4516077 | September 24, 2019
10:00 AM PT |
+ IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 17763.737
September 10, 2019
KB4512578 | Resolved
| September 19, 2019
04:08 PM PT |
+ Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 17763.652
July 22, 2019
KB4505658 | Resolved
KB4511553 | August 13, 2019
10:00 AM PT |
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | OS Build 17763.557
June 11, 2019
KB4503327 | Resolved
KB4512534 | August 17, 2019
02:00 PM PT |
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 17763.678
August 13, 2019
KB4511553 | Resolved
KB4512534 | August 17, 2019
02:00 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 17763.652
July 22, 2019
KB4505658 | Resolved
KB4511553 | August 13, 2019
10:00 AM PT |
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | OS Build 17763.557
June 11, 2019
KB4503327 | Resolved External
| August 09, 2019
07:03 PM PT |
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.
See details > | OS Build 17763.529
May 21, 2019
KB4497934 | Resolved
KB4509479 | June 26, 2019
04:00 PM PT |
Devices with Realtek Bluetooth radios drivers may not pair or connect as expected
Devices with some Realtek Bluetooth radios drivers, in some circumstances, may have issues pairing or connecting to devices.
See details > | OS Build 17763.503
May 14, 2019
KB4494441 | Resolved
KB4501371 | June 18, 2019
02:00 PM PT |
@@ -54,14 +56,6 @@ sections:
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details > | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4493509 | April 09, 2019
10:00 AM PT |
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.
See details > | OS Build 17763.404
April 02, 2019
KB4490481 | Resolved
KB4493509 | April 09, 2019
10:00 AM PT |
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4493509 | April 09, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.
See details > | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4489899 | March 12, 2019
10:00 AM PT |
- Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
See details > | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4482887 | March 01, 2019
10:00 AM PT |
- First character of the Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details > | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4482887 | March 01, 2019
10:00 AM PT |
- Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 9 file format may randomly stop working.
See details > | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4482887 | March 01, 2019
10:00 AM PT |
- Shared albums may not sync with iCloud for Windows
Upgrade block: Apple has identified an incompatibility with iCloud for Windows (version 7.7.0.27) where users may experience issues updating or synching Shared Albums.
See details > | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4482887 | March 01, 2019
10:00 AM PT |
- Intel Audio Display (intcdaud.sys) notification during Windows 10 Setup
Upgrade block: Users may see an Intel Audio Display (intcdaud.sys) notification during setup for devices with certain Intel Display Audio Drivers.
See details > | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4482887 | March 01, 2019
10:00 AM PT |
- F5 VPN clients losing network connectivity
Upgrade block: After updating to Windows 10, version 1809, F5 VPN clients may lose network connectivity when the VPN service is in a split tunnel configuration.
See details > | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4482887 | March 01, 2019
10:00 AM PT |
- Global DNS outage affects Windows Update customers
Windows Update customers were recently affected by a network infrastructure event caused by an external DNS service provider's global outage.
See details > | N/A
| Resolved
| March 08, 2019
11:15 AM PT |
Apps may stop working after selecting an audio output device other than the default
Users with multiple audio devices that select an audio output device different from the \"Default Audio Device\" may find certain applications stop working unexpectedly.
See details > | OS Build 17763.348
March 01, 2019
KB4482887 | Resolved
KB4490481 | April 02, 2019
10:00 AM PT |
"
@@ -73,11 +67,21 @@ sections:
"
+- title: September 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4512578, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 17763.737
September 10, 2019
KB4512578 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
+
+ "
+
- title: August 2019
- items:
- type: markdown
text: "
| Details | Originating update | Status | History |
+ Apps and scripts using the NetQueryDisplayInformation API may fail with error Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”
Affected platforms: - Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4516077.
Back to top | OS Build 17763.55
October 09, 2018
KB4464330 | Resolved
KB4516077 | Resolved:
September 24, 2019
10:00 AM PT
Opened:
August 01, 2019
05:00 PM PT |
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with errorAfter installing KB4511553, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512534. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512534 and install. For instructions, see Update Windows 10.
Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).
Back to top | OS Build 17763.678
August 13, 2019
KB4511553 | Resolved
KB4512534 | Resolved:
August 17, 2019
02:00 PM PT
Opened:
August 14, 2019
03:34 PM PT |
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devicesYou may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 ( KB4503327) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Back to top | OS Build 17763.557
June 11, 2019
KB4503327 | Resolved External
| Last updated:
August 09, 2019
07:03 PM PT
Opened:
August 09, 2019
04:25 PM PT |
@@ -88,9 +92,9 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
+ Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4505658. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4511553 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 17763.652
July 22, 2019
KB4505658 | Resolved
KB4511553 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
Devices starting using PXE from a WDS or SCCM servers may fail to startDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503327 on a WDS server.
Affected platforms: - Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512534.
Back to top | OS Build 17763.557
June 11, 2019
KB4503327 | Resolved
KB4512534 | Resolved:
August 17, 2019
02:00 PM PT
Opened:
July 10, 2019
02:51 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4505658. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4511553. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Back to top | OS Build 17763.652
July 22, 2019
KB4505658 | Resolved
KB4511553 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
"
@@ -147,10 +151,6 @@ sections:
text: "
| Details | Originating update | Status | History |
| Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493509.
Back to top | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4493509 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4487044, users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489899.
Back to top | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4489899 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
- Internet Explorer may fail to load imagesAfter installing KB4487044, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4482887.
Back to top | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4482887 | Resolved:
March 01, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
- First character of the Japanese era name not recognizedAfter installing KB4487044, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4482887.
Back to top | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4482887 | Resolved:
March 01, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
- | Applications using Microsoft Jet database and Access 95 file format stop working Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4482887.
Back to top | OS Build 17763.316
February 12, 2019
KB4487044 | Resolved
KB4482887 | Resolved:
March 01, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
"
@@ -161,7 +161,6 @@ sections:
| Details | Originating update | Status | History |
Internet Explorer 11 authentication issue with multiple concurrent logonsAfter installing KB4480116, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to: - Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493509.
Back to top | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4493509 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
MSXML6 may cause applications to stop responding After installing KB4480116, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode(). The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493509.
Back to top | OS Build 17763.253
January 08, 2019
KB4480116 | Resolved
KB4493509 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
- | Global DNS outage affects Windows Update customers Windows Update customers were affected by a network infrastructure event on January 29, 2019 (21:00 UTC), caused by an external DNS service provider's global outage. A software update to the external provider's DNS servers resulted in the distribution of corrupted DNS records that affected connectivity to the Windows Update service. The DNS records were restored by January 30, 2019 (00:10 UTC), and the majority of local Internet Service Providers (ISP) have refreshed their DNS servers and customer services have been restored. Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
While this was not an issue with Microsoft's services, we take any service disruption for our customers seriously. We will work with partners to better understand this so we can provide higher quality service in the future even across diverse global network providers. If you are still unable to connect to Windows Update services due to this problem, please contact your local ISP or network administrator. You can also refer to our new KB4493784 for more information to determine if your network is affected, and to provide your local ISP or network administrator with additional information to assist you.
Back to top | N/A
| Resolved
| Resolved:
March 08, 2019
11:15 AM PT
Opened:
January 29, 2019
02:00 PM PT |
"
@@ -171,8 +170,5 @@ sections:
text: "
| Details | Originating update | Status | History |
| Audio not working on monitors or TV connected to a PC via HDMI, USB, or DisplayPort Upgrade block: Microsoft has identified issues with certain new Intel display drivers. Intel inadvertently released versions of its display driver (versions 24.20.100.6344, 24.20.100.6345) to OEMs that accidentally turned on unsupported features in Windows. As a result, after updating to Windows 10, version 1809, audio playback from a monitor or television connected to a PC via HDMI, USB-C, or a DisplayPort may not function correctly on devices with these drivers. Note: This Intel display driver issue is different from the Intel Smart Sound Technology driver (version 09.21.00.3755) audio issue previously documented.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Next steps: Intel has released updated drivers to OEM device manufacturers. OEMs need to make the updated driver available via Windows Update. For more information, see the Intel Customer Support article.
Resolution: Microsoft has removed the safeguard hold.
Back to top | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
| Resolved:
May 21, 2019
07:42 AM PT
Opened:
November 13, 2018
10:00 AM PT |
- | Shared albums may not sync with iCloud for Windows Upgrade block: Users who attempt to install iCloud for Windows (version 7.7.0.27) will see a message displayed that this version iCloud for Windows isn't supported and the install will fail.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
To ensure a seamless experience, Microsoft is blocking devices with iCloud for Windows (version 7.7.0.27) software installed from being offered Windows 10, version 1809 until this issue has been resolved.
We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool from the Microsoft software download website until this issue is resolved. Resolution: Apple has released an updated version of iCloud for Windows (version 7.8.1) that resolves compatibility issues encountered when updating or synching Shared Albums after updating to Windows 10, version 1809. We recommend that you update your iCloud for Windows to version 7.8.1 when prompted before attempting to upgrade to Windows 10, version 1809. You can also manually download the latest version of iCloud for Windows by visiting https://support.apple.com/HT204283.
Back to top | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4482887 | Resolved:
March 01, 2019
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PT |
- | Intel Audio Display (intcdaud.sys) notification during Windows 10 Setup Upgrade block: Microsoft and Intel have identified a compatibility issue with a range of Intel Display Audio device drivers (intcdaud.sys, versions 10.25.0.3 - 10.25.0.8) that may result in excessive processor demand and reduced battery life. As a result, the update process to the Windows 10 October 2018 Update (Windows 10, version 1809) will fail and affected devices will automatically revert to the previous working configuration.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
If you see a \"What needs your attention\" notification during installation of the October 2018 Update, you have one of these affected drivers on your system. On the notification, click Back to remain on your current version of Windows 10. To ensure a seamless experience, we are blocking devices from being offered the October 2018 Update until updated Intel device drivers are installed on your current operating system. We recommend that you do not attempt to manually update to Windows 10, version 1809, using the Update Now button or the Media Creation Tool from the Microsoft Software Download Center until newer Intel device drivers are available with the update. You can either wait for newer drivers to be installed automatically through Windows Update or check with your computer manufacturer for the latest device driver software availability and installation procedures. For more information about this issue, see Intel's customer support guidance. Resolution: This issue was resolved in KB4482887 and the upgrade block removed.
Back to top | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4482887 | Resolved:
March 01, 2019
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PT |
- | F5 VPN clients losing network connectivity Upgrade block: After updating to Windows 10, version 1809, F5 VPN clients may lose network connectivity when the VPN service is in a split tunnel configuration.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
- Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4482887 and the upgrade block removed.
Back to top | OS Build 17763.134
November 13, 2018
KB4467708 | Resolved
KB4482887 | Resolved:
March 01, 2019
10:00 AM PT
Opened:
November 13, 2018
10:00 AM PT |
"
diff --git a/windows/release-information/resolved-issues-windows-10-1903.yml b/windows/release-information/resolved-issues-windows-10-1903.yml
index 46128ad713..5178fde6ad 100644
--- a/windows/release-information/resolved-issues-windows-10-1903.yml
+++ b/windows/release-information/resolved-issues-windows-10-1903.yml
@@ -32,6 +32,16 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
+ IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| September 19, 2019
04:08 PM PT |
+ Some users report issues related to the Start menu and Windows Desktop Search
Microsoft has received reports that a small number of users are having issues related to the Start menu and Windows Desktop Search.
See details > | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| September 19, 2019
04:58 PM PT |
+ Screenshots and Snips have an unnatural orange tint
Users have reported an orange tint on Screenshots and Snips with the Lenovo Vantage app installed
See details > | OS Build 18362.356
September 10, 2019
KB4516115 | Resolved External
| September 11, 2019
08:54 PM PT |
+ Windows Desktop Search may not return any results and may have high CPU usage
Windows Desktop Search may not return any results and SearchUI.exe may have high CPU usage after installing KB4512941.
See details > | OS Build 18362.329
August 30, 2019
KB4512941 | Resolved
KB4515384 | September 10, 2019
10:00 AM PT |
+ Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | August 30, 2019
10:00 AM PT |
+ Issues updating when certain versions of Intel storage drivers are installed
Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.
See details > | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | August 30, 2019
10:00 AM PT |
+ Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 18362.295
August 13, 2019
KB4512508 | Resolved
KB4512941 | August 30, 2019
10:00 AM PT |
+ Initiating a Remote Desktop connection may result in black screen
When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.
See details > | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | August 30, 2019
10:00 AM PT |
+ Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates
See details > | OS Build 18362.116
May 20, 2019
KB4505057 | Resolved
KB4512941 | August 30, 2019
10:00 AM PT |
+ Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | OS Build 18362.175
June 11, 2019
KB4503293 | Resolved
KB4512941 | August 30, 2019
10:00 AM PT |
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | OS Build 18362.175
June 11, 2019
KB4503293 | Resolved External
| August 09, 2019
07:03 PM PT |
Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.
See details > | OS Build 18362.116
May 21, 2019
KB4505057 | Resolved
KB4505903 | July 26, 2019
02:00 PM PT |
RASMAN service may stop working and result in the error “0xc0000005”
The Remote Access Connection Manager (RASMAN) service may stop working and result in the error “0xc0000005” with VPN profiles configured as an Always On VPN connection.
See details > | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4505903 | July 26, 2019
02:00 PM PT |
@@ -53,15 +63,41 @@ sections:
"
+- title: September 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4515384, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
+ | Some users report issues related to the Start menu and Windows Desktop Search Microsoft has received reports that a small number of users are having issues related to the Start menu and Windows Desktop Search.
Affected platforms: - Client: Windows 10, version 1903
Resolution: At this time, Microsoft has not found a Search or Start issue significantly impacting users originating from KB4515384. We will continue monitoring to ensure users have a high-quality experience when interacting with these areas. If you are currently having issues, we recommend you to take a moment to report it in via the Feedback Hub (Windows + F) then try the Windows 10 Troubleshoot settings (found in Settings). If you are having an issue with search, see Fix problems in Windows Search.
Back to top | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| Resolved:
September 19, 2019
04:58 PM PT
Opened:
September 11, 2019
05:18 PM PT |
+ | Screenshots and Snips have an unnatural orange tint When creating screenshots or using similar tools (such as Snipping Tool or Snip & Sketch), the resulting images may have an unnatural orange tint. This issue is caused by the Eye Care mode feature of Lenovo Vantage. This issue started on or around September 5, 2019.
Affected platforms: - Client: Windows 10, version 1903
- Server: None
Back to top | OS Build 18362.356
September 10, 2019
KB4516115 | Resolved External
| Last updated:
September 11, 2019
08:54 PM PT
Opened:
September 11, 2019
08:54 PM PT |
+ Windows Desktop Search may not return any results and may have high CPU usageMicrosoft is getting reports that a small number of users may not receive results when using Windows Desktop Search and may see high CPU usage from SearchUI.exe when searching after installing KB4512941. This issue is only encountered on devices in which searching the web from Windows Desktop Search has been disabled.
Affected platforms: - Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4515384.
Back to top | OS Build 18362.329
August 30, 2019
KB4512941 | Resolved
KB4515384 | Resolved:
September 10, 2019
10:00 AM PT
Opened:
September 04, 2019
02:25 PM PT |
+
+ "
+
- title: August 2019
- items:
- type: markdown
text: "
| Details | Originating update | Status | History |
+ Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with errorAfter installing KB4512508, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512941. The ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512941 and install. For instructions, see Update Windows 10.
Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).
Back to top | OS Build 18362.295
August 13, 2019
KB4512508 | Resolved
KB4512941 | Resolved:
August 30, 2019
10:00 AM PT
Opened:
August 14, 2019
03:34 PM PT |
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devicesYou may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 ( KB4503293) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Back to top | OS Build 18362.175
June 11, 2019
KB4503293 | Resolved External
| Last updated:
August 09, 2019
07:03 PM PT
Opened:
August 09, 2019
04:25 PM PT |
"
+- title: July 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4497935. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512941 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | Resolved:
August 30, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
+ | Issues updating when certain versions of Intel storage drivers are installed Intel and Microsoft have found incompatibility issues with certain versions of the Intel Rapid Storage Technology (Intel RST) drivers and the Windows 10 May 2019 Update (Windows 10, version 1903).
To safeguard your update experience, we have applied a compatibility hold on devices with Intel RST drivers, versions 15.1.0.1002 through version 15.5.2.1053 installed from installing or being offered Windows 10, version 1903 or Windows Server, version 1903, until the driver has been updated.
Versions 15.5.2.1054 or later are compatible, and a device that has these drivers installed can install the Windows 10 May 2019 Update. For affected devices, the recommended version is 15.9.8.1050.
Affected platforms: - Client: Windows 10, version 1903
- Server: Windows Server, version 1903
Resolution: This issue was resolved in KB4512941 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.
Back to top | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | Resolved:
August 30, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
+ | Initiating a Remote Desktop connection may result in black screen When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen. Any version of Windows may encounter this issue when initiating a Remote Desktop connection to a Windows 10, version 1903 device which is running an affected display driver, including the drivers for the Intel 4 series chipset integrated GPU (iGPU).
Affected platforms: - Client: Windows 10, version 1903
- Server: Windows Server, version 1903
Resolution: This issue was resolved in KB4512941.
Back to top | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | Resolved:
August 30, 2019
10:00 AM PT
Opened:
July 12, 2019
04:42 PM PT |
+ Devices starting using PXE from a WDS or SCCM servers may fail to startDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503293 on a WDS server.
Affected platforms: - Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512941.
Back to top | OS Build 18362.175
June 11, 2019
KB4503293 | Resolved
KB4512941 | Resolved:
August 30, 2019
10:00 AM PT
Opened:
July 10, 2019
02:51 PM PT |
+
+ "
+
- title: June 2019
- items:
- type: markdown
@@ -77,6 +113,7 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
+ | Windows Sandbox may fail to start with error code “0x80070002” Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.
Affected platforms: - Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4512941.
Back to top | OS Build 18362.116
May 20, 2019
KB4505057 | Resolved
KB4512941 | Resolved:
August 30, 2019
10:00 AM PT
Opened:
May 24, 2019
04:20 PM PT |
| Display brightness may not respond to adjustments Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.
To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until this issue is resolved.
Affected platforms: - Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4505903 and the safeguard hold has been removed. Please ensure you have applied the resolving update before attempting to update to the Windows 10 May 2019 Update (version 1903). Please note, it can take up to 48 hours for the safeguard to be removed.
Back to top | OS Build 18362.116
May 21, 2019
KB4505057 | Resolved
KB4505903 | Resolved:
July 26, 2019
02:00 PM PT
Opened:
May 21, 2019
07:56 AM PT |
| Loss of functionality in Dynabook Smartphone Link app Some users may experience a loss of functionality after updating to Windows 10, version 1903 when using the Dynabook Smartphone Link application on Windows devices. Loss of functionality may affect the display of phone numbers in the Call menu and the ability to answer phone calls on the Windows PC.
To safeguard your update experience, we have applied a compatibility hold on devices with Dynabook Smartphone Link from being offered Windows 10, version 1903, until this issue is resolved.
Affected platforms: - Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.
Back to top | OS Build 18362.116
May 20, 2019
KB4505057 | Resolved
| Resolved:
July 11, 2019
01:54 PM PT
Opened:
May 24, 2019
03:10 PM PT |
| Error attempting to update with external USB device or memory card attached If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.
Sample scenario: An update to Windows 10, version 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is reassigned a different drive letter (e.g., drive H).
Note The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.
To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until this issue is resolved.
Affected platforms: - Client: Windows 10, version 1903
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.
Back to top | OS Build 18362.116
May 21, 2019
KB4505057 | Resolved
| Resolved:
July 11, 2019
01:53 PM PT
Opened:
May 21, 2019
07:38 AM PT |
diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
index 5305dd2345..5ac6ed8257 100644
--- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -32,6 +32,7 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
+ You may receive an error when opening or using the Toshiba Qosmio AV Center
Toshiba Qosmio AV Center may error when opening and you may also receive an error in Event Log related to cryptnet.dll.
See details > | August 13, 2019
KB4512506 | Resolved
KB4516048 | September 24, 2019
10:00 AM PT |
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed
See details > | August 13, 2019
KB4512506 | Resolved External
| August 27, 2019
02:29 PM PT |
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | June 11, 2019
KB4503292 | Resolved
KB4512514 | August 17, 2019
02:00 PM PT |
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | August 13, 2019
KB4512506 | Resolved
KB4517297 | August 16, 2019
02:00 PM PT |
@@ -49,7 +50,6 @@ sections:
NETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.
See details > | March 12, 2019
KB4489878 | Resolved
KB4493472 | April 09, 2019
10:00 AM PT |
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | March 12, 2019
KB4489878 | Resolved
KB4493472 | April 09, 2019
10:00 AM PT |
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details > | January 08, 2019
KB4480970 | Resolved
KB4493472 | April 09, 2019
10:00 AM PT |
- Event Viewer may not show some event descriptions for network interface cards
The Event Viewer may not show some event descriptions for network interface cards (NIC).
See details > | October 18, 2018
KB4462927 | Resolved
KB4489878 | March 12, 2019
10:00 AM PT |
"
@@ -60,6 +60,15 @@ sections:
"
+- title: September 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ You may receive an error when opening or using the Toshiba Qosmio AV CenterAfter installing KB4512506, you may receive an error when opening or using the Toshiba Qosmio AV Center. You may also receive an error in Event Log related to cryptnet.dll.
Affected platforms: Resolution: This issue was resolved in KB4516048.
Back to top | August 13, 2019
KB4512506 | Resolved
KB4516048 | Resolved:
September 24, 2019
10:00 AM PT
Opened:
September 10, 2019
09:48 AM PT |
+
+ "
+
- title: August 2019
- items:
- type: markdown
@@ -140,12 +149,3 @@ sections:
Internet Explorer 11 authentication issue with multiple concurrent logonsAfter installing KB4480970, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to: - Cache size and location show zero or empty.
- Keyboard shortcuts may not work properly.
- Webpages may intermittently fail to load or render correctly.
- Issues with credential prompts.
- Issues when downloading files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493472.
Back to top | January 08, 2019
KB4480970 | Resolved
KB4493472 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
"
-
-- title: October 2018
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- Event Viewer may not show some event descriptions for network interface cardsAfter installing KB4462927, the Event Viewer may not show some event descriptions for network interface cards (NICs).
Affected Platforms: - Client: Windows 7 SP1
- Server: Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4489878.
Back to top | October 18, 2018
KB4462927 | Resolved
KB4489878 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
October 18, 2018
10:00 AM PT |
-
- "
diff --git a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml
index cee285c22f..16abec6cc8 100644
--- a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml
+++ b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml
@@ -32,6 +32,7 @@ sections:
- type: markdown
text: "
| Summary | Originating update | Status | Date resolved |
+ Windows RT 8.1 devices may have issues opening Internet Explorer 11
On Windows RT 8.1 devices, Internet Explorer 11 may not open and you may receive an error.
See details > | September 10, 2019
KB4516067 | Resolved
KB4516041 | September 24, 2019
10:00 AM PT |
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | June 11, 2019
KB4503276 | Resolved
KB4512478 | August 17, 2019
02:00 PM PT |
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | August 13, 2019
KB4512488 | Resolved
KB4517298 | August 16, 2019
02:00 PM PT |
System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.
See details > | April 09, 2019
KB4493446 | Resolved External
| August 13, 2019
06:59 PM PT |
@@ -46,9 +47,7 @@ sections:
System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.
See details > | April 09, 2019
KB4493446 | Resolved
| May 14, 2019
01:21 PM PT |
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | February 12, 2019
KB4487000 | Resolved
KB4493446 | April 09, 2019
10:00 AM PT |
Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.
See details > | April 09, 2019
KB4493446 | Resolved
| April 25, 2019
02:00 PM PT |
- Devices with winsock kernel client may receive error
Devices with a winsock kernel client may receive D1, FC, and other errors.
See details > | March 12, 2019
KB4489881 | Resolved
KB4489893 | March 19, 2019
10:00 AM PT |
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.
See details > | March 12, 2019
KB4489881 | Resolved
KB4493446 | April 09, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
See details > | February 19, 2019
KB4487016 | Resolved
KB4489881 | March 12, 2019
10:00 AM PT |
MSXML6 may cause applications to stop responding.
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | January 08, 2019
KB4480963 | Resolved
KB4493446 | April 09, 2019
10:00 AM PT |
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details > | January 08, 2019
KB4480963 | Resolved
KB4493446 | April 09, 2019
10:00 AM PT |
@@ -61,6 +60,15 @@ sections:
"
+- title: September 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | Windows RT 8.1 devices may have issues opening Internet Explorer 11 On Windows 8.1 RT devices, Internet Explorer 11 may not open and you may receive the error, \"C:\\Program Files\\Internet Explorer\\iexplore.exe: A certificate was explicitly revoked by its issuer.\"
Affected platforms: Resolution: This issue was resolved in KB4516041.
Back to top | September 10, 2019
KB4516067 | Resolved
KB4516041 | Resolved:
September 24, 2019
10:00 AM PT
Opened:
September 13, 2019
05:25 PM PT |
+
+ "
+
- title: August 2019
- items:
- type: markdown
@@ -119,7 +127,6 @@ sections:
text: "
| Details | Originating update | Status | History |
Issue using PXE to start a device from WDSAfter installing KB4489881, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4503276.
Back to top | March 12, 2019
KB4489881 | Resolved
KB4503276 | Resolved:
June 11, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
- Devices with winsock kernel client may receive errorAfter installing KB4489881, devices with a winsock kernel client may receive D1, FC, and other errors. Additionally, systems that run the Skype for Business or Lync Server Edge Transport role may be affected by this issue.
Affected platforms: - Client: Windows 8.1
- Server: Windows Server 2012 R2
Resolution: This issue is resolved in KB4489893.
Back to top | March 12, 2019
KB4489881 | Resolved
KB4489893 | Resolved:
March 19, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
Custom URI schemes may not start corresponding applicationAfter installing KB4489881, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493446.
Back to top | March 12, 2019
KB4489881 | Resolved
KB4493446 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
March 12, 2019
10:00 AM PT |
"
@@ -130,7 +137,6 @@ sections:
text: "
| Details | Originating update | Status | History |
| Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.
Affected platforms - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493446.
Back to top | February 12, 2019
KB4487000 | Resolved
KB4493446 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4487016, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489881.
Back to top | February 19, 2019
KB4487016 | Resolved
KB4489881 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 19, 2019
02:00 PM PT |
"
diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
index df7f82cfb2..f81be52e89 100644
--- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
+++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
@@ -40,7 +40,6 @@ sections:
System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.
See details > | April 09, 2019
KB4493471 | Resolved
| May 14, 2019
01:19 PM PT |
Authentication may fail for services after the Kerberos ticket expires
Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires.
See details > | March 12, 2019
KB4489880 | Resolved
KB4499149 | May 14, 2019
10:00 AM PT |
NETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.
See details > | March 12, 2019
KB4489880 | Resolved
KB4493471 | April 09, 2019
10:00 AM PT |
- First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
See details > | January 17, 2019
KB4480974 | Resolved
KB4489880 | March 12, 2019
10:00 AM PT |
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | February 12, 2019
KB4487023 | Resolved
KB4493471 | April 09, 2019
10:00 AM PT |
"
@@ -108,12 +107,3 @@ sections:
|
| Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.
Affected platforms - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493471.
Back to top | February 12, 2019
KB4487023 | Resolved
KB4493471 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
"
-
-- title: January 2019
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- First character of the Japanese era name not recognized as an abbreviationAfter installing KB4480974, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489880.
Back to top | January 17, 2019
KB4480974 | Resolved
KB4489880 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
January 17, 2019
10:00 AM PT |
-
- "
diff --git a/windows/release-information/resolved-issues-windows-server-2012.yml b/windows/release-information/resolved-issues-windows-server-2012.yml
index 4bd64240b8..bb1c5a4635 100644
--- a/windows/release-information/resolved-issues-windows-server-2012.yml
+++ b/windows/release-information/resolved-issues-windows-server-2012.yml
@@ -44,10 +44,8 @@ sections:
System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.
See details > | April 09, 2019
KB4493451 | Resolved
| May 14, 2019
01:21 PM PT |
System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.
See details > | April 09, 2019
KB4493451 | Resolved
| May 14, 2019
01:19 PM PT |
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
See details > | February 12, 2019
KB4487025 | Resolved
KB4493451 | April 09, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.
See details > | February 12, 2019
KB4487025 | Resolved
KB4489891 | March 12, 2019
10:00 AM PT |
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.
See details > | January 08, 2019
KB4480975 | Resolved
KB4493451 | April 09, 2019
10:00 AM PT |
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
See details > | January 08, 2019
KB4480975 | Resolved
KB4493451 | April 09, 2019
10:00 AM PT |
- Event Viewer may not show some event descriptions for network interface cards
The Event Viewer may not show some event descriptions for network interface cards (NIC).
See details > | September 11, 2018
KB4457135 | Resolved
KB4489891 | March 12, 2019
10:00 AM PT |
"
@@ -123,7 +121,6 @@ sections:
text: "
| Details | Originating update | Status | History |
| Embedded objects may display incorrectly Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.
Affected platforms - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493451.
Back to top | February 12, 2019
KB4487025 | Resolved
KB4493451 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
- Error 1309 when installing/uninstalling MSI or MSP filesAfter installing KB4487025, users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489891.
Back to top | February 12, 2019
KB4487025 | Resolved
KB4489891 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
February 12, 2019
10:00 AM PT |
"
@@ -136,12 +133,3 @@ sections:
MSXML6 may cause applications to stop responding After installing KB4480975, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.
Affected platforms: - Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
- Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493451.
Back to top | January 08, 2019
KB4480975 | Resolved
KB4493451 | Resolved:
April 09, 2019
10:00 AM PT
Opened:
January 08, 2019
10:00 AM PT |
"
-
-- title: September 2018
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- Event Viewer may not show some event descriptions for network interface cardsAfter installing KB4457135, the Event Viewer may not show some event descriptions for network interface cards (NICs).
Affected Platforms: - Client: Windows 7 SP1
- Server: Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4489891.
Back to top | September 11, 2018
KB4457135 | Resolved
KB4489891 | Resolved:
March 12, 2019
10:00 AM PT
Opened:
September 11, 2018
10:00 AM PT |
-
- "
diff --git a/windows/release-information/status-windows-10-1507.yml b/windows/release-information/status-windows-10-1507.yml
index 9a8ebe8053..88f03f07b7 100644
--- a/windows/release-information/status-windows-10-1507.yml
+++ b/windows/release-information/status-windows-10-1507.yml
@@ -60,8 +60,6 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 10240.18305
August 13, 2019
KB4512497 | Resolved
KB4517276 | August 17, 2019
02:00 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | OS Build 10240.18244
June 11, 2019
KB4503291 | Resolved External
| August 09, 2019
07:03 PM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 10240.18094
January 08, 2019
KB4480962 | Mitigated
| April 25, 2019
02:00 PM PT |
"
@@ -73,16 +71,6 @@ sections:
"
-- title: August 2019
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with errorAfter installing KB4512497, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517276. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4517276 and install. For instructions, see Update Windows 10.
Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).
Back to top | OS Build 10240.18305
August 13, 2019
KB4512497 | Resolved
KB4517276 | Resolved:
August 17, 2019
02:00 PM PT
Opened:
August 14, 2019
03:34 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devicesYou may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 ( KB4503291) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Back to top | OS Build 10240.18244
June 11, 2019
KB4503291 | Resolved External
| Last updated:
August 09, 2019
07:03 PM PT
Opened:
August 09, 2019
04:25 PM PT |
-
- "
-
- title: January 2019
- items:
- type: markdown
diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
index fb76299a24..0d1188c730 100644
--- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
+++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
@@ -60,12 +60,9 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | OS Build 14393.3025
June 11, 2019
KB4503267 | Resolved
KB4512495 | August 17, 2019
02:00 PM PT |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 14393.3144
August 13, 2019
KB4512517 | Resolved
KB4512495 | August 17, 2019
02:00 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 14393.3115
July 16, 2019
KB4507459 | Resolved
KB4512517 | August 13, 2019
10:00 AM PT |
- Internet Explorer 11 and apps using the WebBrowser control may fail to render
JavaScript may fail to render as expected in Internet Explorer 11 and in apps using JavaScript or the WebBrowser control.
See details > | OS Build 14393.3085
July 09, 2019
KB4507460 | Resolved
KB4512517 | August 13, 2019
10:00 AM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | OS Build 14393.3025
June 11, 2019
KB4503267 | Resolved External
| August 09, 2019
07:03 PM PT |
- Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.
See details > | OS Build 14393.3053
June 18, 2019
KB4503294 | Investigating
| August 01, 2019
05:00 PM PT |
+ IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 14393.3204
September 10, 2019
KB4516044 | Resolved
| September 17, 2019
04:47 PM PT |
+ Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.
See details > | OS Build 14393.3053
June 18, 2019
KB4503294 | Resolved
KB4516044 | September 10, 2019
10:00 AM PT |
+ Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 14393.3115
July 16, 2019
KB4507459 | Resolved
KB4512517 | August 13, 2019
10:00 AM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 14393.2724
January 08, 2019
KB4480961 | Mitigated
| April 25, 2019
02:00 PM PT |
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.
See details > | OS Build 14393.2608
November 13, 2018
KB4467691 | Mitigated
| February 19, 2019
10:00 AM PT |
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.
See details > | OS Build 14393.2639
November 27, 2018
KB4467684 | Mitigated
| April 25, 2019
02:00 PM PT |
@@ -79,14 +76,21 @@ sections:
"
+- title: September 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: After investigation, we have found that this issue does not affect this version of Windows.
Back to top | OS Build 14393.3204
September 10, 2019
KB4516044 | Resolved
| Resolved:
September 17, 2019
04:47 PM PT
Opened:
September 13, 2019
05:25 PM PT |
+
+ "
+
- title: August 2019
- items:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with errorAfter installing KB4512517, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512495. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512495 and install. For instructions, see Update Windows 10.
Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).
Back to top | OS Build 14393.3144
August 13, 2019
KB4512517 | Resolved
KB4512495 | Resolved:
August 17, 2019
02:00 PM PT
Opened:
August 14, 2019
03:34 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devicesYou may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 ( KB4503267) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Back to top | OS Build 14393.3025
June 11, 2019
KB4503267 | Resolved External
| Last updated:
August 09, 2019
07:03 PM PT
Opened:
August 09, 2019
04:25 PM PT |
- Apps and scripts using the NetQueryDisplayInformation API may fail with error Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”
Affected platforms: - Server: Windows Server 2019; Windows Server 2016
Next steps: We are working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 14393.3053
June 18, 2019
KB4503294 | Investigating
| Last updated:
August 01, 2019
05:00 PM PT
Opened:
August 01, 2019
05:00 PM PT |
+ Apps and scripts using the NetQueryDisplayInformation API may fail with error Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”
Affected platforms: - Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4516044.
Back to top | OS Build 14393.3053
June 18, 2019
KB4503294 | Resolved
KB4516044 | Resolved:
September 10, 2019
10:00 AM PT
Opened:
August 01, 2019
05:00 PM PT |
"
@@ -95,10 +99,8 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Devices starting using PXE from a WDS or SCCM servers may fail to startDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503267 on a WDS server.
Affected platforms: - Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512495.
Back to top | OS Build 14393.3025
June 11, 2019
KB4503267 | Resolved
KB4512495 | Resolved:
August 17, 2019
02:00 PM PT
Opened:
July 10, 2019
02:51 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507459. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512517. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Back to top | OS Build 14393.3115
July 16, 2019
KB4507459 | Resolved
KB4512517 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
- Internet Explorer 11 and apps using the WebBrowser control may fail to renderInternet Explorer 11 may fail to render some JavaScript after installing KB4507460. You may also have issues with apps using JavaScript or the WebBrowser control, such as the present PowerPoint feature of Skype Meeting Broadcast.
Affected platforms: - Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server 2016
Resolution: This issue was resolved in KB4512517.
Back to top | OS Build 14393.3085
July 09, 2019
KB4507460 | Resolved
KB4512517 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 26, 2019
04:58 PM PT |
+ Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507459. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512517 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 14393.3115
July 16, 2019
KB4507459 | Resolved
KB4512517 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
"
diff --git a/windows/release-information/status-windows-10-1703.yml b/windows/release-information/status-windows-10-1703.yml
index dbe7b4e91e..c9f01b66d5 100644
--- a/windows/release-information/status-windows-10-1703.yml
+++ b/windows/release-information/status-windows-10-1703.yml
@@ -66,9 +66,8 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 15063.1988
August 13, 2019
KB4512507 | Resolved
KB4512474 | August 17, 2019
02:00 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 15063.1955
July 16, 2019
KB4507467 | Resolved
KB4512507 | August 13, 2019
10:00 AM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | OS Build 15063.1868
June 11, 2019
KB4503279 | Resolved External
| August 09, 2019
07:03 PM PT |
+ IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 15063.2045
September 10, 2019
KB4516068 | Resolved
| September 17, 2019
04:47 PM PT |
+ Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 15063.1955
July 16, 2019
KB4507467 | Resolved
KB4512507 | August 13, 2019
10:00 AM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 15063.1563
January 08, 2019
KB4480973 | Mitigated
| April 25, 2019
02:00 PM PT |
"
@@ -80,13 +79,12 @@ sections:
"
-- title: August 2019
+- title: September 2019
- items:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with errorAfter installing KB4512507, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512474. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512474 and install. For instructions, see Update Windows 10.
Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).
Back to top | OS Build 15063.1988
August 13, 2019
KB4512507 | Resolved
KB4512474 | Resolved:
August 17, 2019
02:00 PM PT
Opened:
August 14, 2019
03:34 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devicesYou may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 ( KB4503279) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Back to top | OS Build 15063.1868
June 11, 2019
KB4503279 | Resolved External
| Last updated:
August 09, 2019
07:03 PM PT
Opened:
August 09, 2019
04:25 PM PT |
+ | IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: After investigation, we have found that this issue does not affect this version of Windows.
Back to top | OS Build 15063.2045
September 10, 2019
KB4516068 | Resolved
| Resolved:
September 17, 2019
04:47 PM PT
Opened:
September 13, 2019
05:25 PM PT |
"
@@ -95,8 +93,8 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507467. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512507. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Back to top | OS Build 15063.1955
July 16, 2019
KB4507467 | Resolved
KB4512507 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
+ Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507467. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512507 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 15063.1955
July 16, 2019
KB4507467 | Resolved
KB4512507 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
"
diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml
index 9fa8392574..736fe704a3 100644
--- a/windows/release-information/status-windows-10-1709.yml
+++ b/windows/release-information/status-windows-10-1709.yml
@@ -60,10 +60,8 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | OS Build 16299.1217
June 11, 2019
KB4503284 | Resolved
KB4512494 | August 16, 2019
02:00 PM PT |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 16299.1331
August 13, 2019
KB4512516 | Resolved
KB4512494 | August 16, 2019
02:00 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 16299.1296
July 16, 2019
KB4507465 | Resolved
KB4512516 | August 13, 2019
10:00 AM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | OS Build 16299.1217
June 11, 2019
KB4503284 | Resolved External
| August 09, 2019
07:03 PM PT |
+ IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 16299.1387
September 10, 2019
KB4516066 | Resolved
| September 19, 2019
04:08 PM PT |
+ Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 16299.1296
July 16, 2019
KB4507465 | Resolved
KB4512516 | August 13, 2019
10:00 AM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 16299.904
January 08, 2019
KB4480978 | Mitigated
| April 25, 2019
02:00 PM PT |
"
@@ -75,13 +73,12 @@ sections:
"
-- title: August 2019
+- title: September 2019
- items:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with errorAfter installing KB4512516, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512494. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512494 and install. For instructions, see Update Windows 10.
Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).
Back to top | OS Build 16299.1331
August 13, 2019
KB4512516 | Resolved
KB4512494 | Resolved:
August 16, 2019
02:00 PM PT
Opened:
August 14, 2019
03:34 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devicesYou may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 ( KB4503284) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Back to top | OS Build 16299.1217
June 11, 2019
KB4503284 | Resolved External
| Last updated:
August 09, 2019
07:03 PM PT
Opened:
August 09, 2019
04:25 PM PT |
+ | IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4516066, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 16299.1387
September 10, 2019
KB4516066 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
"
@@ -90,9 +87,8 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Devices starting using PXE from a WDS or SCCM servers may fail to startDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503284 on a WDS server.
Affected platforms: - Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512494.
Back to top | OS Build 16299.1217
June 11, 2019
KB4503284 | Resolved
KB4512494 | Resolved:
August 16, 2019
02:00 PM PT
Opened:
July 10, 2019
02:51 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507465. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512516. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Back to top | OS Build 16299.1296
July 16, 2019
KB4507465 | Resolved
KB4512516 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
+ Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507465. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512516 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 16299.1296
July 16, 2019
KB4507465 | Resolved
KB4512516 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
"
diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml
index c9f0739b5a..d5c98d427e 100644
--- a/windows/release-information/status-windows-10-1803.yml
+++ b/windows/release-information/status-windows-10-1803.yml
@@ -65,10 +65,10 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | OS Build 17134.829
June 11, 2019
KB4503286 | Resolved
KB4512509 | August 19, 2019
02:00 PM PT |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 17134.950
August 13, 2019
KB4512501 | Resolved
KB4512509 | August 19, 2019
02:00 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 17134.915
July 16, 2019
KB4507466 | Resolved
KB4512501 | August 13, 2019
10:00 AM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | OS Build 17134.829
June 11, 2019
KB4503286 | Resolved External
| August 09, 2019
07:03 PM PT |
+ IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 17134.1006
September 10, 2019
KB4516058 | Resolved
| September 19, 2019
04:08 PM PT |
+ Windows Mixed Reality Portal users may intermittently receive a 15-5 error code
You may receive a 15-5 error code in Windows Mixed Reality Portal and your headset may not respond to \"wake up\" from sleep.
See details > | OS Build 17134.950
August 13, 2019
KB4512501 | Mitigated
| September 11, 2019
05:32 PM PT |
+ Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 17134.915
July 16, 2019
KB4507466 | Resolved
KB4512501 | August 13, 2019
10:00 AM PT |
+ Notification issue: \"Your device is missing important security and quality fixes.\"
Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes.\"
See details > | N/A
| Resolved
| September 03, 2019
12:32 PM PT |
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.
See details > | OS Build 17134.829
June 11, 2019
KB4503286 | Mitigated
| June 14, 2019
04:41 PM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 17134.523
January 08, 2019
KB4480966 | Mitigated
| April 25, 2019
02:00 PM PT |
@@ -81,13 +81,14 @@ sections:
"
-- title: August 2019
+- title: September 2019
- items:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with errorAfter installing KB4512501, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512509. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512509 and install. For instructions, see Update Windows 10.
Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).
Back to top | OS Build 17134.950
August 13, 2019
KB4512501 | Resolved
KB4512509 | Resolved:
August 19, 2019
02:00 PM PT
Opened:
August 14, 2019
03:34 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devicesYou may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 ( KB4503286) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Back to top | OS Build 17134.829
June 11, 2019
KB4503286 | Resolved External
| Last updated:
August 09, 2019
07:03 PM PT
Opened:
August 09, 2019
04:25 PM PT |
+ | IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4516058, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 17134.1006
September 10, 2019
KB4516058 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
+ Windows Mixed Reality Portal users may intermittently receive a 15-5 error codeAfter installing KB4512501, Windows Mixed Reality Portal users may intermittently receive a 15-5 error code. In some cases, Windows Mixed Reality Portal may report that the headset is sleeping and pressing “Wake up” may appear to produce no action.
Affected platforms: - Client: Windows 10, version 1809; Windows 10, version 1803
Workaround: To mitigate the issue, use the following steps: - Close the Windows Mixed Reality Portal, if it is running.
- Open Task Manager by selecting the Start button and typing Task Manager.
- In Task Manager under the Processes tab, right click or long press on “Windows Explorer” and select restart.
- You can now open the Windows Mixed Reality Portal.
Next steps: We are working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 17134.950
August 13, 2019
KB4512501 | Mitigated
| Last updated:
September 11, 2019
05:32 PM PT
Opened:
September 11, 2019
05:32 PM PT |
+ | Notification issue: \"Your device is missing important security and quality fixes.\" Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes\" in the Windows Update dialog and a red \"!\" in the task tray on the Windows Update tray icon. This notification is intended for devices that are 90 days or more out of date, but some users with installed updates released in June or July also saw this notification.
Affected platforms: - Client: Windows 10, version 1803
- Server: Windows Server, version 1803
Resolution: This issue was resolved on the server side on August 30, 2019. Only devices that are out of date by 90 days or more should now see the notification. No action is required by the user to resolve this issue. If you are still seeing the \"Your device is missing important security and quality fixes\" notification, we recommend selecting Check for Updates in the Windows Update dialog. For instructions, see Update Windows 10. Microsoft always recommends trying to keep your devices up to date, as the monthly updates contain important security fixes.
Back to top | N/A
| Resolved
| Resolved:
September 03, 2019
12:32 PM PT
Opened:
September 03, 2019
12:32 PM PT |
"
@@ -96,9 +97,8 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Devices starting using PXE from a WDS or SCCM servers may fail to startDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503286 on a WDS server.
Affected platforms: - Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512509.
Back to top | OS Build 17134.829
June 11, 2019
KB4503286 | Resolved
KB4512509 | Resolved:
August 19, 2019
02:00 PM PT
Opened:
July 10, 2019
02:51 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507466. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512501. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Back to top | OS Build 17134.915
July 16, 2019
KB4507466 | Resolved
KB4512501 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
+ Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507466. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512501 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 17134.915
July 16, 2019
KB4507466 | Resolved
KB4512501 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
"
diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
index 5a2c3b8df0..157e975b35 100644
--- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
+++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
@@ -64,11 +64,10 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | OS Build 17763.557
June 11, 2019
KB4503327 | Resolved
KB4512534 | August 17, 2019
02:00 PM PT |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 17763.678
August 13, 2019
KB4511553 | Resolved
KB4512534 | August 17, 2019
02:00 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 17763.652
July 22, 2019
KB4505658 | Resolved
KB4511553 | August 13, 2019
10:00 AM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | OS Build 17763.557
June 11, 2019
KB4503327 | Resolved External
| August 09, 2019
07:03 PM PT |
- Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.
See details > | OS Build 17763.55
October 09, 2018
KB4464330 | Investigating
| August 01, 2019
05:00 PM PT |
+ Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.
See details > | OS Build 17763.55
October 09, 2018
KB4464330 | Resolved
KB4516077 | September 24, 2019
10:00 AM PT |
+ IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 17763.737
September 10, 2019
KB4512578 | Resolved
| September 19, 2019
04:08 PM PT |
+ Windows Mixed Reality Portal users may intermittently receive a 15-5 error code
You may receive a 15-5 error code in Windows Mixed Reality Portal and your headset may not respond to \"wake up\" from sleep.
See details > | OS Build 17763.678
August 13, 2019
KB4511553 | Mitigated
| September 11, 2019
05:32 PM PT |
+ Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 17763.652
July 22, 2019
KB4505658 | Resolved
KB4511553 | August 13, 2019
10:00 AM PT |
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.
See details > | OS Build 17763.557
June 11, 2019
KB4503327 | Mitigated
| June 14, 2019
04:41 PM PT |
Devices with some Asian language packs installed may receive an error
After installing the KB4493509 devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_F
See details > | OS Build 17763.437
April 09, 2019
KB4493509 | Mitigated
| May 03, 2019
10:59 AM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".
See details > | OS Build 17763.253
January 08, 2019
KB4480116 | Mitigated
| April 09, 2019
10:00 AM PT |
@@ -82,14 +81,22 @@ sections:
"
+- title: September 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4512578, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 17763.737
September 10, 2019
KB4512578 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
+ Windows Mixed Reality Portal users may intermittently receive a 15-5 error codeAfter installing KB4511553, Windows Mixed Reality Portal users may intermittently receive a 15-5 error code. In some cases, Windows Mixed Reality Portal may report that the headset is sleeping and pressing “Wake up” may appear to produce no action.
Affected platforms: - Client: Windows 10, version 1809; Windows 10, version 1803
Workaround: To mitigate the issue, use the following steps: - Close the Windows Mixed Reality Portal, if it is running.
- Open Task Manager by selecting the Start button and typing Task Manager.
- In Task Manager under the Processes tab, right click or long press on “Windows Explorer” and select restart.
- You can now open the Windows Mixed Reality Portal.
Next steps: We are working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 17763.678
August 13, 2019
KB4511553 | Mitigated
| Last updated:
September 11, 2019
05:32 PM PT
Opened:
September 11, 2019
05:32 PM PT |
+
+ "
+
- title: August 2019
- items:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with errorAfter installing KB4511553, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512534. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512534 and install. For instructions, see Update Windows 10.
Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).
Back to top | OS Build 17763.678
August 13, 2019
KB4511553 | Resolved
KB4512534 | Resolved:
August 17, 2019
02:00 PM PT
Opened:
August 14, 2019
03:34 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devicesYou may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 ( KB4503327) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Back to top | OS Build 17763.557
June 11, 2019
KB4503327 | Resolved External
| Last updated:
August 09, 2019
07:03 PM PT
Opened:
August 09, 2019
04:25 PM PT |
- Apps and scripts using the NetQueryDisplayInformation API may fail with error Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”
Affected platforms: - Server: Windows Server 2019; Windows Server 2016
Next steps: We are working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 17763.55
October 09, 2018
KB4464330 | Investigating
| Last updated:
August 01, 2019
05:00 PM PT
Opened:
August 01, 2019
05:00 PM PT |
+ Apps and scripts using the NetQueryDisplayInformation API may fail with error Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”
Affected platforms: - Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4516077.
Back to top | OS Build 17763.55
October 09, 2018
KB4464330 | Resolved
KB4516077 | Resolved:
September 24, 2019
10:00 AM PT
Opened:
August 01, 2019
05:00 PM PT |
"
@@ -98,9 +105,8 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Devices starting using PXE from a WDS or SCCM servers may fail to startDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503327 on a WDS server.
Affected platforms: - Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512534.
Back to top | OS Build 17763.557
June 11, 2019
KB4503327 | Resolved
KB4512534 | Resolved:
August 17, 2019
02:00 PM PT
Opened:
July 10, 2019
02:51 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4505658. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4511553. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Back to top | OS Build 17763.652
July 22, 2019
KB4505658 | Resolved
KB4511553 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
+ Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4505658. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4511553 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 17763.652
July 22, 2019
KB4505658 | Resolved
KB4511553 | Resolved:
August 13, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
"
diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml
index f2377ee4cf..a6705b085d 100644
--- a/windows/release-information/status-windows-10-1903.yml
+++ b/windows/release-information/status-windows-10-1903.yml
@@ -65,18 +65,22 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates
See details > | OS Build 18362.116
May 20, 2019
KB4505057 | Investigating
| August 20, 2019
11:06 AM PT |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 18362.295
August 13, 2019
KB4512508 | Investigating
| August 17, 2019
01:49 PM PT |
+ IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.
See details > | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| September 19, 2019
04:08 PM PT |
+ Some users report issues related to the Start menu and Windows Desktop Search
Microsoft has received reports that a small number of users are having issues related to the Start menu and Windows Desktop Search.
See details > | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| September 19, 2019
04:58 PM PT |
+ Safeguard on certain devices with some Intel and Broadcom Wi-Fi adapters
Microsoft and NEC have found incompatibility issues with some devices with Intel Centrino 6205/6235 and Broadcom 802.11ac Wi-Fi cards when running Windows 10, version 1903.
See details > | N/A
| Mitigated
| September 13, 2019
05:25 PM PT |
+ Audio in games is quiet or different than expected
Microsoft has received reports that audio in certain games is quieter or different than expected.
See details > | OS Build 18362.356
September 10, 2019
KB4515384 | Mitigated
| September 13, 2019
05:25 PM PT |
+ Screenshots and Snips have an unnatural orange tint
Users have reported an orange tint on Screenshots and Snips with the Lenovo Vantage app installed
See details > | OS Build 18362.356
September 10, 2019
KB4516115 | Resolved External
| September 11, 2019
08:54 PM PT |
+ Windows Desktop Search may not return any results and may have high CPU usage
Windows Desktop Search may not return any results and SearchUI.exe may have high CPU usage after installing KB4512941.
See details > | OS Build 18362.329
August 30, 2019
KB4512941 | Resolved
KB4515384 | September 10, 2019
10:00 AM PT |
+ Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | August 30, 2019
10:00 AM PT |
+ Issues updating when certain versions of Intel storage drivers are installed
Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.
See details > | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | August 30, 2019
10:00 AM PT |
+ Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | OS Build 18362.295
August 13, 2019
KB4512508 | Resolved
KB4512941 | August 30, 2019
10:00 AM PT |
+ Initiating a Remote Desktop connection may result in black screen
When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.
See details > | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | August 30, 2019
10:00 AM PT |
+ Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates
See details > | OS Build 18362.116
May 20, 2019
KB4505057 | Resolved
KB4512941 | August 30, 2019
10:00 AM PT |
+ Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | OS Build 18362.175
June 11, 2019
KB4503293 | Resolved
KB4512941 | August 30, 2019
10:00 AM PT |
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive an error, \"Updates Failed, There were problems installing some updates, but we'll try again later\" and \"Error 0x80073701.\"
See details > | OS Build 18362.145
May 29, 2019
KB4497935 | Investigating
| August 16, 2019
04:28 PM PT |
- Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.
See details > | OS Build 18362.145
May 29, 2019
KB4497935 | Investigating
| August 13, 2019
06:59 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | OS Build 18362.175
June 11, 2019
KB4503293 | Resolved External
| August 09, 2019
07:03 PM PT |
- Issues updating when certain versions of Intel storage drivers are installed
Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.
See details > | OS Build 18362.145
May 29, 2019
KB4497935 | Mitigated External
| August 09, 2019
07:03 PM PT |
Intermittent loss of Wi-Fi connectivity
Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver.
See details > | OS Build 18362.116
May 21, 2019
KB4505057 | Mitigated External
| August 01, 2019
08:44 PM PT |
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.
See details > | OS Build 18362.116
May 21, 2019
KB4505057 | Mitigated
| August 01, 2019
06:27 PM PT |
- Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.
See details > | OS Build 18362.116
May 21, 2019
KB4505057 | Resolved
KB4505903 | July 26, 2019
02:00 PM PT |
The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU
Some apps or games that needs to perform graphics intensive operations may close or fail to open on Surface Book 2 devices with Nvidia dGPU.
See details > | OS Build 18362.145
May 29, 2019
KB4497935 | Investigating
| July 16, 2019
09:04 AM PT |
- Initiating a Remote Desktop connection may result in black screen
When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.
See details > | OS Build 18362.145
May 29, 2019
KB4497935 | Investigating
| July 12, 2019
04:42 PM PT |
- Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | OS Build 18362.175
June 11, 2019
KB4503293 | Mitigated
| July 10, 2019
07:09 PM PT |
Unable to discover or connect to Bluetooth devices
Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers.
See details > | OS Build 18362.116
May 21, 2019
KB4505057 | Mitigated
| May 21, 2019
04:48 PM PT |
Intel Audio displays an intcdaud.sys notification
Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in battery drain.
See details > | OS Build 18362.116
May 21, 2019
KB4505057 | Mitigated
| May 21, 2019
04:47 PM PT |
Cannot launch Camera app
Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.
See details > | OS Build 18362.116
May 21, 2019
KB4505057 | Mitigated
| May 21, 2019
04:47 PM PT |
@@ -90,14 +94,27 @@ sections:
"
+- title: September 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ | IME may become unresponsive or have High CPU usage Some Input Method Editor (IME) may become unresponsive or may have high CPU usage. Affected IMEs include Chinese Simplified (ChsIME.EXE) and Chinese Traditional (ChtIME.EXE) with Changjie/Quick keyboard.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: Due to security related changes in KB4515384, this issue may occur when Touch Keyboard and Handwriting Panel Service is not configured to its default startup type of Manual. To resolve the issue, perform the following steps: - Select the Start button and type Services.
- Locate Touch Keyboard and Handwriting Panel Service and double click on it or long press and select Properties.
- Locate Startup type: and change it to Manual
- Select Ok
- The TabletInputService service is now in the default configuration and IME should work as expected.
Back to top | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| Resolved:
September 19, 2019
04:08 PM PT
Opened:
September 13, 2019
05:25 PM PT |
+ | Some users report issues related to the Start menu and Windows Desktop Search Microsoft has received reports that a small number of users are having issues related to the Start menu and Windows Desktop Search.
Affected platforms: - Client: Windows 10, version 1903
Resolution: At this time, Microsoft has not found a Search or Start issue significantly impacting users originating from KB4515384. We will continue monitoring to ensure users have a high-quality experience when interacting with these areas. If you are currently having issues, we recommend you to take a moment to report it in via the Feedback Hub (Windows + F) then try the Windows 10 Troubleshoot settings (found in Settings). If you are having an issue with search, see Fix problems in Windows Search.
Back to top | OS Build 18362.356
September 10, 2019
KB4515384 | Resolved
| Resolved:
September 19, 2019
04:58 PM PT
Opened:
September 11, 2019
05:18 PM PT |
+ | Safeguard on certain devices with some Intel and Broadcom Wi-Fi adapters Microsoft and NEC have found incompatibility issues with Intel Centrino 6205/6235 and Broadcom 802.11ac Wi-Fi cards when running Windows 10, version 1903 on specific models of NEC devices. If these devices are updated to Windows 10, version 1903, they will no longer be able to use any Wi-Fi connections. The Wi-Fi driver may have a yellow exclamation point in device manager. The task tray icon for networking may show the icon for no internet and Network & Internet settings may not show any Wi-Fi networks.
To safeguard your update experience, we have applied a compatibility hold on the affected devices from being offered Windows 10, version 1903.
Affected platforms: - Client: Windows 10, version 1903
Workaround: If you are using an affected device and you have already installed Windows 10, version 1903, you can mitigate the issue disabling then re-enabling the Wi-Fi adapter in Device Manager. You should now be able to use Wi-Fi until your next reboot.
Next steps: Microsoft and NEC are working on a resolution and will provide an update in an upcoming release.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Back to top | N/A
| Mitigated
| Last updated:
September 13, 2019
05:25 PM PT
Opened:
September 13, 2019
05:25 PM PT |
+ | Audio in games is quiet or different than expected Microsoft has received reports that audio in certain games is quieter or different than expected. At the request of some of our audio partners, we implemented a compatibility change that enabled certain games to query support and render multi-channel audio. Due to customer feedback, we are reverting this change as some games and some devices are not rendering multi-channel audio as expected. This may result in games sounding different than customers are used to and may have missing channels.
Affected platforms: - Client: Windows 10, version 1903
Workaround: To mitigate the issue, open settings in the impacted game and disable multi-channel audio, if this option is available. You can also search in the Windows Control Panel for 3rd party audio device control panels and disable Multi-channel audio or Virtual Surround Sound, if these options are available.
Next steps: We are working on a resolution and estimates a solution will be available in late September.
Back to top | OS Build 18362.356
September 10, 2019
KB4515384 | Mitigated
| Last updated:
September 13, 2019
05:25 PM PT
Opened:
September 13, 2019
05:25 PM PT |
+ | Screenshots and Snips have an unnatural orange tint When creating screenshots or using similar tools (such as Snipping Tool or Snip & Sketch), the resulting images may have an unnatural orange tint. This issue is caused by the Eye Care mode feature of Lenovo Vantage. This issue started on or around September 5, 2019.
Affected platforms: - Client: Windows 10, version 1903
- Server: None
Back to top | OS Build 18362.356
September 10, 2019
KB4516115 | Resolved External
| Last updated:
September 11, 2019
08:54 PM PT
Opened:
September 11, 2019
08:54 PM PT |
+ Windows Desktop Search may not return any results and may have high CPU usageMicrosoft is getting reports that a small number of users may not receive results when using Windows Desktop Search and may see high CPU usage from SearchUI.exe when searching after installing KB4512941. This issue is only encountered on devices in which searching the web from Windows Desktop Search has been disabled.
Affected platforms: - Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4515384.
Back to top | OS Build 18362.329
August 30, 2019
KB4512941 | Resolved
KB4515384 | Resolved:
September 10, 2019
10:00 AM PT
Opened:
September 04, 2019
02:25 PM PT |
+
+ "
+
- title: August 2019
- items:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with errorAfter installing KB4512508, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Next steps: Microsoft is working on a resolution and estimates a solution will be available late August. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive the update once it is released.
Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).
Back to top | OS Build 18362.295
August 13, 2019
KB4512508 | Investigating
| Last updated:
August 17, 2019
01:49 PM PT
Opened:
August 14, 2019
03:34 PM PT |
+ Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with errorAfter installing KB4512508, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512941. The ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512941 and install. For instructions, see Update Windows 10.
Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).
Back to top | OS Build 18362.295
August 13, 2019
KB4512508 | Resolved
KB4512941 | Resolved:
August 30, 2019
10:00 AM PT
Opened:
August 14, 2019
03:34 PM PT |
| Updates may fail to install and you may receive Error 0x80073701 Installation of updates may fail and you may receive the error message, \"Updates Failed, There were problems installing some updates, but we'll try again later\" or \"Error 0x80073701\" on the Windows Update dialog or within Update history.
Affected platforms: - Client: Windows 10, version 1903
- Server: Windows Server, version 1903
Next steps: We are working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 18362.145
May 29, 2019
KB4497935 | Investigating
| Last updated:
August 16, 2019
04:28 PM PT
Opened:
August 16, 2019
01:41 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devicesYou may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 ( KB4503293) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Back to top | OS Build 18362.175
June 11, 2019
KB4503293 | Resolved External
| Last updated:
August 09, 2019
07:03 PM PT
Opened:
August 09, 2019
04:25 PM PT |
"
@@ -106,12 +123,12 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4497935. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Next steps: At this time, we suggest that devices in an affected environment do not install KB4497935. We are working on a resolution and estimate a solution will be available in late August.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Back to top | OS Build 18362.145
May 29, 2019
KB4497935 | Investigating
| Last updated:
August 13, 2019
06:59 PM PT
Opened:
July 25, 2019
06:10 PM PT |
- | Issues updating when certain versions of Intel storage drivers are installed Intel and Microsoft have found incompatibility issues with certain versions of the Intel Rapid Storage Technology (Intel RST) drivers and the Windows 10 May 2019 Update (Windows 10, version 1903).
To safeguard your update experience, we have applied a compatibility hold on devices with Intel RST drivers, versions 15.1.0.1002 through version 15.5.2.1053 installed from installing or being offered Windows 10, version 1903 or Windows Server, version 1903, until the driver has been updated.
Versions 15.5.2.1054 or later are compatible, and a device that has these drivers installed can install the Windows 10 May 2019 Update. For affected devices, the recommended version is 15.9.8.1050.
Affected platforms: - Client: Windows 10, version 1903
- Server: Windows Server, version 1903
Workaround: To mitigate this issue before the resolution is released, you will need to update the Intel RST drivers for your device to version 15.5.2.1054 or a later. Check with your device manufacturer (OEM) to see if an updated driver is available and install it. You can also download the latest Intel RST drivers directly from Intel at Intel® Rapid Storage Technology (Intel® RST) User Interface and Driver. Once your drivers are updated, you can restart the installation process for Windows 10, version 1903. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.
Note Until an updated driver has been installed, we recommend you do not attempt to manually update using the Update now button or the Media Creation Tool.
Next Steps: We are working on a resolution and estimate a solution will be available in late August.
Back to top | OS Build 18362.145
May 29, 2019
KB4497935 | Mitigated External
| Last updated:
August 09, 2019
07:03 PM PT
Opened:
July 25, 2019
06:10 PM PT |
+ Domain connected devices that use MIT Kerberos realms will not start upDevices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4497935. Devices that are domain controllers or domain members are both affected.
To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.
Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512941 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.
Back to top | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | Resolved:
August 30, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
+ | Issues updating when certain versions of Intel storage drivers are installed Intel and Microsoft have found incompatibility issues with certain versions of the Intel Rapid Storage Technology (Intel RST) drivers and the Windows 10 May 2019 Update (Windows 10, version 1903).
To safeguard your update experience, we have applied a compatibility hold on devices with Intel RST drivers, versions 15.1.0.1002 through version 15.5.2.1053 installed from installing or being offered Windows 10, version 1903 or Windows Server, version 1903, until the driver has been updated.
Versions 15.5.2.1054 or later are compatible, and a device that has these drivers installed can install the Windows 10 May 2019 Update. For affected devices, the recommended version is 15.9.8.1050.
Affected platforms: - Client: Windows 10, version 1903
- Server: Windows Server, version 1903
Resolution: This issue was resolved in KB4512941 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.
Back to top | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | Resolved:
August 30, 2019
10:00 AM PT
Opened:
July 25, 2019
06:10 PM PT |
+ | Initiating a Remote Desktop connection may result in black screen When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen. Any version of Windows may encounter this issue when initiating a Remote Desktop connection to a Windows 10, version 1903 device which is running an affected display driver, including the drivers for the Intel 4 series chipset integrated GPU (iGPU).
Affected platforms: - Client: Windows 10, version 1903
- Server: Windows Server, version 1903
Resolution: This issue was resolved in KB4512941.
Back to top | OS Build 18362.145
May 29, 2019
KB4497935 | Resolved
KB4512941 | Resolved:
August 30, 2019
10:00 AM PT
Opened:
July 12, 2019
04:42 PM PT |
+ Devices starting using PXE from a WDS or SCCM servers may fail to startDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503293 on a WDS server.
Affected platforms: - Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512941.
Back to top | OS Build 18362.175
June 11, 2019
KB4503293 | Resolved
KB4512941 | Resolved:
August 30, 2019
10:00 AM PT
Opened:
July 10, 2019
02:51 PM PT |
| The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU Microsoft has identified a compatibility issue on some Surface Book 2 devices configured with Nvidia discrete graphics processing unit (dGPU). After updating to Windows 10, version 1903 (May 2019 Feature Update), some apps or games that needs to perform graphics intensive operations may close or fail to open.
To safeguard your update experience, we have applied a compatibility hold on Surface Book 2 devices with Nvidia dGPUs from being offered Windows 10, version 1903, until this issue is resolved.
Affected platforms: - Client: Windows 10, version 1903
Workaround: To mitigate the issue if you are already on Windows 10, version 1903, you can restart the device or select the Scan for hardware changes button in the Action menu or on the toolbar in Device Manager.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Next steps: We are working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 18362.145
May 29, 2019
KB4497935 | Investigating
| Last updated:
July 16, 2019
09:04 AM PT
Opened:
July 12, 2019
04:20 PM PT |
- | Initiating a Remote Desktop connection may result in black screen When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen. Any version of Windows may encounter this issue when initiating a Remote Desktop connection to a Windows 10, version 1903 device which is running an affected display driver, including the drivers for the Intel 4 series chipset integrated GPU (iGPU).
Affected platforms: - Client: Windows 10, version 1903
- Server: Windows Server, version 1903
Next steps: We are working on a resolution that will be made available in upcoming release.
Back to top | OS Build 18362.145
May 29, 2019
KB4497935 | Investigating
| Last updated:
July 12, 2019
04:42 PM PT
Opened:
July 12, 2019
04:42 PM PT |
- Devices starting using PXE from a WDS or SCCM servers may fail to startDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503293 on a WDS server.
Affected platforms: - Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround: To mitigate this issue on an SCCM server: - Verify Variable Window Extension is enabled.
- Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.
To mitigate this issue on a WDS server without SCCM: - In WDS TFTP settings, verify Variable Window Extension is enabled.
- In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
- In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.
Next steps: We are working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 18362.175
June 11, 2019
KB4503293 | Mitigated
| Last updated:
July 10, 2019
07:09 PM PT
Opened:
July 10, 2019
02:51 PM PT |
"
@@ -120,10 +137,9 @@ sections:
- type: markdown
text: "
| Details | Originating update | Status | History |
- | Windows Sandbox may fail to start with error code “0x80070002” Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.
Affected platforms: - Client: Windows 10, version 1903
Next steps: We are working on a resolution and estimates a solution will be available in late August.
Back to top | OS Build 18362.116
May 20, 2019
KB4505057 | Investigating
| Last updated:
August 20, 2019
11:06 AM PT
Opened:
May 24, 2019
04:20 PM PT |
+ | Windows Sandbox may fail to start with error code “0x80070002” Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.
Affected platforms: - Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4512941.
Back to top | OS Build 18362.116
May 20, 2019
KB4505057 | Resolved
KB4512941 | Resolved:
August 30, 2019
10:00 AM PT
Opened:
May 24, 2019
04:20 PM PT |
| Intermittent loss of Wi-Fi connectivity Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).
To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until the updated driver is installed.
Affected platforms: - Client: Windows 10, version 1903
Workaround: Before updating to Windows 10, version 1903, you will need to download and install an updated Wi-Fi driver from your device manufacturer (OEM). Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.
Back to top | OS Build 18362.116
May 21, 2019
KB4505057 | Mitigated External
| Last updated:
August 01, 2019
08:44 PM PT
Opened:
May 21, 2019
07:13 AM PT |
| Gamma ramps, color profiles, and night light settings do not apply in some cases Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.
Microsoft has identified some scenarios in which these features may have issues or stop working, for example: - Connecting to (or disconnecting from) an external monitor, dock, or projector
- Rotating the screen
- Updating display drivers or making other display mode changes
- Closing full screen applications
- Applying custom color profiles
- Running applications that rely on custom gamma ramps
Affected platforms: - Client: Windows 10, version 1903
Workaround: If you find that your night light has stopped working, try turning the night light off and on, or restarting your computer. For other color setting issues, restart your computer to correct the issue.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Next steps: We are working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 18362.116
May 21, 2019
KB4505057 | Mitigated
| Last updated:
August 01, 2019
06:27 PM PT
Opened:
May 21, 2019
07:28 AM PT |
- | Display brightness may not respond to adjustments Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.
To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until this issue is resolved.
Affected platforms: - Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4505903 and the safeguard hold has been removed. Please ensure you have applied the resolving update before attempting to update to the Windows 10 May 2019 Update (version 1903). Please note, it can take up to 48 hours for the safeguard to be removed.
Back to top | OS Build 18362.116
May 21, 2019
KB4505057 | Resolved
KB4505903 | Resolved:
July 26, 2019
02:00 PM PT
Opened:
May 21, 2019
07:56 AM PT |
| Unable to discover or connect to Bluetooth devices Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek and Qualcomm. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek or Qualcomm Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.
Affected platforms: - Client: Windows 10, version 1903
- Server: Windows Server, version 1903
Workaround: Check with your device manufacturer (OEM) to see if an updated driver is available and install it.
- For Qualcomm drivers, you will need to install a driver version greater than 10.0.1.11.
- For Realtek drivers, you will need to install a driver version greater than 1.5.1011.0.
Note Until an updated driver has been installed, we recommend you do not attempt to manually update using the Update now button or the Media Creation Tool.
Next steps: Microsoft is working with Realtek and Qualcomm to release new drivers for all affected system via Windows Update.
Back to top | OS Build 18362.116
May 21, 2019
KB4505057 | Mitigated
| Last updated:
May 21, 2019
04:48 PM PT
Opened:
May 21, 2019
07:29 AM PT |
| Intel Audio displays an intcdaud.sys notification Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain. If you see an intcdaud.sys notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8). To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until updated device drivers have been installed.
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809
Workaround: On the “What needs your attention\" notification, click the Back button to remain on your current version of Windows 10. (Do not click Confirm as this will proceed with the update and you may experience compatibility issues.) Affected devices will automatically revert to the previous working configuration.
Note We recommend you do not attempt to update your devices until newer device drivers are installed.
Next steps: You can opt to wait for newer drivers to be installed automatically through Windows Update or check with the computer manufacturer for the latest device driver software availability and installation procedures.
Back to top | OS Build 18362.116
May 21, 2019
KB4505057 | Mitigated
| Last updated:
May 21, 2019
04:47 PM PT
Opened:
May 21, 2019
07:22 AM PT |
| Cannot launch Camera app Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating: \"Close other apps, error code: 0XA00F4243.”
To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until this issue is resolved.
Affected platforms: - Client: Windows 10, version 1903
Workaround: To temporarily resolve this issue, perform one of the following:
- Unplug your camera and plug it back in.
or - Disable and re-enable the driver in Device Manager. In the Search box, type \"Device Manager\" and press Enter. In the Device Manager dialog box, expand Cameras, then right-click on any RealSense driver listed and select Disable device. Right click on the driver again and select Enable device.
or - Restart the RealSense service. In the Search box, type \"Task Manager\" and hit Enter. In the Task Manager dialog box, click on the Services tab, right-click on RealSense, and select Restart.
Note This workaround will only resolve the issue until your next system restart.
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.
Next steps: We are working on a resolution and will provide an update in an upcoming release.
Back to top | OS Build 18362.116
May 21, 2019
KB4505057 | Mitigated
| Last updated:
May 21, 2019
04:47 PM PT
Opened:
May 21, 2019
07:20 AM PT |
diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
index a8fa52963a..a3fe4bad82 100644
--- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -60,12 +60,9 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
+ You may receive an error when opening or using the Toshiba Qosmio AV Center
Toshiba Qosmio AV Center may error when opening and you may also receive an error in Event Log related to cryptnet.dll.
See details > | August 13, 2019
KB4512506 | Resolved
KB4516048 | September 24, 2019
10:00 AM PT |
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed
See details > | August 13, 2019
KB4512506 | Resolved External
| August 27, 2019
02:29 PM PT |
- Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | June 11, 2019
KB4503292 | Resolved
KB4512514 | August 17, 2019
02:00 PM PT |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | August 13, 2019
KB4512506 | Resolved
KB4517297 | August 16, 2019
02:00 PM PT |
IA64 and x64 devices may fail to start after installing updates
After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.
See details > | August 13, 2019
KB4512506 | Mitigated
| August 17, 2019
12:59 PM PT |
- System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.
See details > | April 09, 2019
KB4493472 | Resolved External
| August 13, 2019
06:59 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | June 11, 2019
KB4503292 | Resolved External
| August 09, 2019
07:03 PM PT |
"
@@ -76,32 +73,21 @@ sections:
"
+- title: September 2019
+- items:
+ - type: markdown
+ text: "
+ | Details | Originating update | Status | History |
+ You may receive an error when opening or using the Toshiba Qosmio AV CenterAfter installing KB4512506, you may receive an error when opening or using the Toshiba Qosmio AV Center. You may also receive an error in Event Log related to cryptnet.dll.
Affected platforms: Resolution: This issue was resolved in KB4516048.
Back to top | August 13, 2019
KB4512506 | Resolved
KB4516048 | Resolved:
September 24, 2019
10:00 AM PT
Opened:
September 10, 2019
09:48 AM PT |
+
+ "
+
- title: August 2019
- items:
- type: markdown
text: "
| Details | Originating update | Status | History |
| Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV Symantec identified the potential for a negative interaction that may occur after Windows Updates code signed with SHA-2 only certificates are installed on devices with Symantec or Norton antivirus programs installed. The software may not correctly identify files included in the update as code signed by Microsoft, putting the device at risk for a delayed or incomplete update.
Affected platforms: - Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1
Resolution: The safeguard hold has been removed. Symantec has completed its evaluation of the impact of this update and future updates to Windows 7/Windows 2008 R2 and has determined that there is no increased risk of a false positive detection for all in-field versions of Symantec Endpoint Protection and Norton antivirus programs. See the Symantec support article for additional detail and please reach out to Symantec or Norton support if you encounter any issues.
Back to top | August 13, 2019
KB4512506 | Resolved External
| Last updated:
August 27, 2019
02:29 PM PT
Opened:
August 13, 2019
10:05 AM PT |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with errorAfter installing KB4512506, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517297. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).
Back to top | August 13, 2019
KB4512506 | Resolved
KB4517297 | Resolved:
August 16, 2019
02:00 PM PT
Opened:
August 14, 2019
03:34 PM PT |
| IA64 and x64 devices may fail to start after installing updates IA64 devices (in any configuration) and x64 devices using EFI boot that were provisioned after the July 9th updates and/or skipped the recommended update (KB3133977), may fail to start with the following error: \"File: \\Windows\\system32\\winload.efi Status: 0xc0000428 Info: Windows cannot verify the digital signature for this file.\"
Affected platforms: - Client: Windows 7 SP1
- Server: Windows Server 2008 R2 SP1
Take Action: To resolve this issue please follow the steps outlined in the SHA-2 support FAQ article for error code 0xc0000428.
Back to top | August 13, 2019
KB4512506 | Mitigated
| Last updated:
August 17, 2019
12:59 PM PT
Opened:
August 13, 2019
08:34 AM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devicesYou may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 ( KB4503292) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Back to top | June 11, 2019
KB4503292 | Resolved External
| Last updated:
August 09, 2019
07:03 PM PT
Opened:
August 09, 2019
04:25 PM PT |
-
- "
-
-- title: July 2019
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- Devices starting using PXE from a WDS or SCCM servers may fail to startDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503292 on a WDS server.
Affected platforms: - Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512514.
Back to top | June 11, 2019
KB4503292 | Resolved
KB4512514 | Resolved:
August 17, 2019
02:00 PM PT
Opened:
July 10, 2019
02:51 PM PT |
-
- "
-
-- title: April 2019
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- | System may be unresponsive after restart with certain McAfee antivirus products Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue has been resolved. McAfee has released an automatic update to address this issue. Guidance for McAfee customers can be found in the following McAfee support articles:
Back to top | April 09, 2019
KB4493472 | Resolved External
| Last updated:
August 13, 2019
06:59 PM PT
Opened:
April 09, 2019
10:00 AM PT |
"
diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml
index 3efbd362b4..10f5e9dea3 100644
--- a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml
+++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml
@@ -60,10 +60,7 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | June 11, 2019
KB4503276 | Resolved
KB4512478 | August 17, 2019
02:00 PM PT |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | August 13, 2019
KB4512488 | Resolved
KB4517298 | August 16, 2019
02:00 PM PT |
- System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.
See details > | April 09, 2019
KB4493446 | Resolved External
| August 13, 2019
06:59 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | June 11, 2019
KB4503276 | Resolved External
| August 09, 2019
07:03 PM PT |
+ Windows RT 8.1 devices may have issues opening Internet Explorer 11
On Windows RT 8.1 devices, Internet Explorer 11 may not open and you may receive an error.
See details > | September 10, 2019
KB4516067 | Resolved
KB4516041 | September 24, 2019
10:00 AM PT |
Japanese IME doesn't show the new Japanese Era name as a text input option
If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.
See details > | April 25, 2019
KB4493443 | Mitigated
| May 15, 2019
05:53 PM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.
See details > | January 08, 2019
KB4480963 | Mitigated
| April 25, 2019
02:00 PM PT |
@@ -76,22 +73,12 @@ sections:
"
-- title: August 2019
+- title: September 2019
- items:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with errorAfter installing KB4512488, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517298. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).
Back to top | August 13, 2019
KB4512488 | Resolved
KB4517298 | Resolved:
August 16, 2019
02:00 PM PT
Opened:
August 14, 2019
03:34 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devicesYou may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 ( KB4503276) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Back to top | June 11, 2019
KB4503276 | Resolved External
| Last updated:
August 09, 2019
07:03 PM PT
Opened:
August 09, 2019
04:25 PM PT |
-
- "
-
-- title: July 2019
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- Devices starting using PXE from a WDS or SCCM servers may fail to startDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503276 on a WDS server.
Affected platforms: - Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512478.
Back to top | June 11, 2019
KB4503276 | Resolved
KB4512478 | Resolved:
August 17, 2019
02:00 PM PT
Opened:
July 10, 2019
02:51 PM PT |
+ | Windows RT 8.1 devices may have issues opening Internet Explorer 11 On Windows 8.1 RT devices, Internet Explorer 11 may not open and you may receive the error, \"C:\\Program Files\\Internet Explorer\\iexplore.exe: A certificate was explicitly revoked by its issuer.\"
Affected platforms: Resolution: This issue was resolved in KB4516041.
Back to top | September 10, 2019
KB4516067 | Resolved
KB4516041 | Resolved:
September 24, 2019
10:00 AM PT
Opened:
September 13, 2019
05:25 PM PT |
"
@@ -104,15 +91,6 @@ sections:
"
-- title: April 2019
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- | System may be unresponsive after restart with certain McAfee antivirus products Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update.
Affected platforms: - Client: Windows 8.1; Windows 7 SP1
- Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue has been resolved. McAfee has released an automatic update to address this issue. Guidance for McAfee customers can be found in the following McAfee support articles:
Back to top | April 09, 2019
KB4493446 | Resolved External
| Last updated:
August 13, 2019
06:59 PM PT
Opened:
April 09, 2019
10:00 AM PT |
-
- "
-
- title: January 2019
- items:
- type: markdown
diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml
index d1010bdae7..344715f1b3 100644
--- a/windows/release-information/status-windows-server-2008-sp2.yml
+++ b/windows/release-information/status-windows-server-2008-sp2.yml
@@ -60,9 +60,7 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | June 11, 2019
KB4503273 | Resolved
KB4512499 | August 17, 2019
02:00 PM PT |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | August 13, 2019
KB4512476 | Resolved
KB4517301 | August 16, 2019
02:00 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | June 11, 2019
KB4503273 | Resolved External
| August 09, 2019
07:03 PM PT |
+ Issues manually installing updates by double-clicking the .msu file
You may encounter issues manually installing updates by double-clicking the .msu file and may receive an error.
See details > | September 10, 2019
KB4474419 | Mitigated
KB4474419 | September 24, 2019
08:17 AM PT |
"
@@ -73,21 +71,11 @@ sections:
"
-- title: August 2019
+- title: September 2019
- items:
- type: markdown
text: "
| Details | Originating update | Status | History |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with errorAfter installing KB4512476, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517301. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).
Back to top | August 13, 2019
KB4512476 | Resolved
KB4517301 | Resolved:
August 16, 2019
02:00 PM PT
Opened:
August 14, 2019
03:34 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devicesYou may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 ( KB4503273) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Back to top | June 11, 2019
KB4503273 | Resolved External
| Last updated:
August 09, 2019
07:03 PM PT
Opened:
August 09, 2019
04:25 PM PT |
-
- "
-
-- title: July 2019
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- Devices starting using PXE from a WDS or SCCM servers may fail to startDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503273 on a WDS server.
Affected platforms: - Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512499.
Back to top | June 11, 2019
KB4503273 | Resolved
KB4512499 | Resolved:
August 17, 2019
02:00 PM PT
Opened:
July 10, 2019
02:51 PM PT |
+ Issues manually installing updates by double-clicking the .msu fileAfter installing the SHA-2 update ( KB4474419) released on September 10, 2019, you may encounter issues manually installing updates by double-clicking on the .msu file and may receive the error, \"Installer encountered an error: 0x80073afc. The resource loader failed to find MUI file.\"
Affected platforms: - Server: Windows Server 2008 SP2
Workaround: Open a command prompt and use the following command (replacing <msu location> with the actual location and filename of the update): wusa.exe <msu location> /quiet
Resolution: This issue is resolved in KB4474419 released September 23, 2019. Currently, this version is only available from the Microsoft Update Catalog. To resolve this issue, you will need to manually download the package and use the workaround above to install it.
Next steps: We estimate a solution will be available in mid-October on Windows Update and Windows Server Update Services (WSUS).
Back to top | September 10, 2019
KB4474419 | Mitigated
KB4474419 | Last updated:
September 24, 2019
08:17 AM PT
Opened:
September 20, 2019
04:57 PM PT |
"
diff --git a/windows/release-information/status-windows-server-2012.yml b/windows/release-information/status-windows-server-2012.yml
index 055acb57ff..c62be0f298 100644
--- a/windows/release-information/status-windows-server-2012.yml
+++ b/windows/release-information/status-windows-server-2012.yml
@@ -60,9 +60,6 @@ sections:
- type: markdown
text: "This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.
| Summary | Originating update | Status | Last updated |
- Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"
See details > | June 11, 2019
KB4503285 | Resolved
KB4512512 | August 17, 2019
02:00 PM PT |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.
See details > | August 13, 2019
KB4512518 | Resolved
KB4517302 | August 16, 2019
02:00 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.
See details > | June 11, 2019
KB4503285 | Resolved External
| August 09, 2019
07:03 PM PT |
Japanese IME doesn't show the new Japanese Era name as a text input option
If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.
See details > | April 25, 2019
KB4493462 | Mitigated
| May 15, 2019
05:53 PM PT |
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.
See details > | January 08, 2019
KB4480975 | Mitigated
| April 25, 2019
02:00 PM PT |
@@ -75,25 +72,6 @@ sections:
"
-- title: August 2019
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with errorAfter installing KB4512518, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517302. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).
Back to top | August 13, 2019
KB4512518 | Resolved
KB4517302 | Resolved:
August 16, 2019
02:00 PM PT
Opened:
August 14, 2019
03:34 PM PT |
- MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devicesYou may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 ( KB4503285) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”
Affected platforms: - Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Back to top | June 11, 2019
KB4503285 | Resolved External
| Last updated:
August 09, 2019
07:03 PM PT
Opened:
August 09, 2019
04:25 PM PT |
-
- "
-
-- title: July 2019
-- items:
- - type: markdown
- text: "
- | Details | Originating update | Status | History |
- Devices starting using PXE from a WDS or SCCM servers may fail to startDevices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503285 on a WDS server.
Affected platforms: - Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512512.
Back to top | June 11, 2019
KB4503285 | Resolved
KB4512512 | Resolved:
August 17, 2019
02:00 PM PT
Opened:
July 10, 2019
02:51 PM PT |
-
- "
-
- title: May 2019
- items:
- type: markdown
diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml
index 0ff0106922..54f29148ec 100644
--- a/windows/release-information/windows-message-center.yml
+++ b/windows/release-information/windows-message-center.yml
@@ -1,11 +1,11 @@
### YamlMime:YamlDocument
documentType: LandingData
-title: Windows 10 message center
+title: Windows message center
metadata:
document_id:
- title: Windows 10 message center
- description: Windows 10 message center
+ title: Windows message center
+ description: Windows message center
keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories
ms.localizationpriority: high
author: greg-lindsay
@@ -50,6 +50,15 @@ sections:
text: "
| Message | Date |
+ Advisory: Scripting Engine Memory Corruption Vulnerability (CVE-2019-1367)
On September 23, 2019, Microsoft released a security update to address a remote code execution vulnerability in the way the scripting engine handles objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could gain the same user permissions as the current user. For example, if a user is logged on with administrative rights, an attacker could take control of an affected system and install programs; view, change, or delete data; or create new accounts with full user rights. Alternatively, an attacker could host a specially crafted website targeting Internet Explorer and then entice a user to open web page or a malicious document attached to an e-mail. For more information about the vulnerability, see the Microsoft Security Guide CVE-2019-1367 | Scripting Engine Memory Corruption Vulnerability.
Update: Starting September 24, 2019, mitigation for this vulnerability is included as part of the 9C optional update, via Windows Update (WU) and Microsoft Update Catalog, for all supported versions of Windows 10, with the exception of Windows 10, version 1903 and Windows 10, version 1507 (LTSB). For devices running Windows 10, version 1903, mitigation for this vulnerability will be included as part of the 9D optional update via WU, WSUS and the Microsoft Update Catalog (targeted for September 26, 2019.) To apply this update, go to Settings > Windows Update > Check for Updates. (Note Because this update requires a reboot, we are making it optional to give customers and administrators a choice to install/deploy the update now.)
For customers running Windows 8.1/ Windows Server 2012 R2 or below, the 9C update is also available on Windows Server Update Services (WSUS). For other supported versions, IT admins using WSUS can import this update into WSUS/SCCM manually. See instructions on the WSUS and the Catalog Site. | September 24, 2019
05:00 PM PT |
+ Status update: September 2019 Windows \"C\" optional release available
The September 2019 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release. | September 24, 2019
08:10 AM PT |
+ Plan for change: Windows Media Center Electronic Program Guide retiring in January 2020
Starting in January 2020, Microsoft is retiring its Electronic Program Guide (EPG) service for all versions of Windows Media Center. To continue receiving TV Program Guide information on your Windows Media Center, you’ll need to configure an alternate TV listing provider. | September 24, 2019
08:00 AM PT |
+ Status of September 2019 “C” release
The optional monthly “C” release for September 2019 for all supported versions of Windows and Windows Server prior to Windows 10, version 1903 and Windows Server, version 1903 will be available in the near term. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release. | September 19, 2019
04:11 PM PT |
+ Plan for change: End of service reminders for Windows 10, versions 1703 and 1803
The Enterprise and Education editions of Windows 10, version 1703 (the Creators Update) will reach end of service on October 8, 2019. The Home, Pro, Pro for Workstations, and IoT Core editions of Windows 10, version 1803 (the April 2018 Update) will reach end of service on November 12, 2019. We recommend that you update devices running these versions and editions to the latest version of Windows 10—Windows 10, version 1903—as soon as possible to help keep them protected and your environments secure. | September 13, 2019
03:23 PM PT |
+ September 2019 security update available for all supported versions of Windows
The September 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. We recommend that you install these updates promptly. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate. | September 10, 2019
09:34 AM PT |
+ Status update: Windows 10, version 1903 \"D\" optional release available August 30th
The August optional monthly “D” release for Windows 10, version 1903 is now available. Follow @WindowsUpdate for the latest on the availability of this release. | August 30, 2019
08:00 AM PT |
+ Feature update install notification on Windows 10, version 1809 (the October 2018 Update)
We've had reports on August 29th that some customers running Windows 10, version 1809 (the October 2018 Update) have received notification to install the latest feature update (version 1903) early. Updating remains in your control. To install the update, you must select one of the following options: \"Pick a Time\", \"Restart Tonight,\" or \"Restart Now\". If you are not ready to update at this time, simply dismiss the notification by clicking the arrow in the top right corner. If you have updated to Windows 10, version 1903 and would like to go back to your previous version, see the instructions here. | August 29, 2019
04:39 PM PT |
+ Take Action: Internet Explorer 11 now available on Windows Update/WSUS for Windows Server 2012 and Windows Embedded 8 Standard
Internet Explorer 11 ( KB 4492872) is now available via Windows Update (WU) and Windows Server Update Services (WSUS) for commercial customers running Windows Server 2012 and Windows Embedded 8 Standard. For details about these changes and end of support for IE10, please refer to the IT Pro blog. | August 29, 2019
08:00 AM PT |
Take action: SHA-2 code signing support guidance for Windows 7 SP1 and Windows Server 2008 RS2 SP1
Windows 7 SP1 and Windows Server 2008 R2 SP1 update signatures are now SHA-2 based signatures and requires that SHA-2 support to be installed. For important customer guidance on installation and troubleshooting tips, please read the knowledge base article 2019 SHA-2 Code Signing Support requirement for Windows and WSUS. | August 23, 2019
03:35 PM PT |
Take action: Windows 10, version 1703 (the Windows 10 Creators Update) reaches end of life on October 9, 2019
The Enterprise and Education editions of Windows 10, version 1703 (the Windows 10 Creators Update) will reach end of life on October 9, 2019. The Home, Pro, Pro for Workstations, and IoT Core editions reached end of service on October 8, 2018.
There is no extended support available for any edition of Windows 10, version 1703. Therefore, it will no longer be supported after October 9, 2019 and will not receive monthly security and quality updates containing protections from the latest security threats.
To continue receiving security and quality updates, Microsoft recommends that you update your devices to the latest version of Windows 10. For more information on end of service dates and currently supported versions of Windows 10, see the Windows lifecycle fact sheet. | August 23, 2019
02:17 PM PT |
Resolved: Delays starting Internet Explorer 11
On August 16, 2019 at 7:16 AM a server required for downloading the Internet Explorer 11 (IE11) startup page, went down. As a result of the server outage, IE 11 became unresponsive for some customers who had not yet installed the August 2019 security updates. Customers who had the August 2019 security update installed were not affected. In order to ensure your devices remain in a serviced and secure state, we recommend you install the latest monthly update.
This issue was resolved on the server side at 1:00 pm PST. | August 16, 2019
04:00 PM PT |
diff --git a/windows/security/identity-protection/access-control/access-control.md b/windows/security/identity-protection/access-control/access-control.md
index 36a6c863ed..8e6cf74f38 100644
--- a/windows/security/identity-protection/access-control/access-control.md
+++ b/windows/security/identity-protection/access-control/access-control.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/access-control/active-directory-accounts.md b/windows/security/identity-protection/access-control/active-directory-accounts.md
index 9b684b3be6..50958f0314 100644
--- a/windows/security/identity-protection/access-control/active-directory-accounts.md
+++ b/windows/security/identity-protection/access-control/active-directory-accounts.md
@@ -7,12 +7,12 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
ms.localizationpriority: medium
-ms.date: 04/19/2017
+ms.date: 08/23/2019
ms.reviewer:
---
@@ -330,9 +330,7 @@ Windows Server Kerberos authentication is achieved by the use of a special Kerbe
### KRBTGT account maintenance considerations
-A strong password is assigned to the KRBTGT account automatically. Be sure that you change the password on a regular schedule. The password for the KDC account is used to derive a secret key for encrypting and decrypting the TGT requests that are issued. The password for a domain trust account is used to derive an inter-realm key for encrypting referral tickets.
-
-On occasion, the KRBTGT account password requires a reset, for example, when an attempt to change the password on the KRBTGT account fails. In order to resolve this issue, you reset the KRBTGT user account password twice by using Active Directory Users and Computers. You must reset the password twice because the KRBTGT account stores only two of the most recent passwords in the password history. By resetting the password twice, you effectively clear all passwords from the password history.
+A strong password is assigned to the KRBTGT and trust accounts automatically. Like any privileged service accounts, organizations should change these passwords on a regular schedule. The password for the KDC account is used to derive a secret key for encrypting and decrypting the TGT requests that are issued. The password for a domain trust account is used to derive an inter-realm key for encrypting referral tickets.
Resetting the password requires you either to be a member of the Domain Admins group, or to have been delegated with the appropriate authority. In addition, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.
diff --git a/windows/security/identity-protection/access-control/active-directory-security-groups.md b/windows/security/identity-protection/access-control/active-directory-security-groups.md
index 4981294bac..afaaca56b3 100644
--- a/windows/security/identity-protection/access-control/active-directory-security-groups.md
+++ b/windows/security/identity-protection/access-control/active-directory-security-groups.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/access-control/dynamic-access-control.md b/windows/security/identity-protection/access-control/dynamic-access-control.md
index 73b4f343aa..1ef5a24b40 100644
--- a/windows/security/identity-protection/access-control/dynamic-access-control.md
+++ b/windows/security/identity-protection/access-control/dynamic-access-control.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/access-control/local-accounts.md b/windows/security/identity-protection/access-control/local-accounts.md
index 65a665503d..33ef3a0add 100644
--- a/windows/security/identity-protection/access-control/local-accounts.md
+++ b/windows/security/identity-protection/access-control/local-accounts.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/access-control/microsoft-accounts.md b/windows/security/identity-protection/access-control/microsoft-accounts.md
index 0b346118ef..d1f2624bf6 100644
--- a/windows/security/identity-protection/access-control/microsoft-accounts.md
+++ b/windows/security/identity-protection/access-control/microsoft-accounts.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/access-control/security-identifiers.md b/windows/security/identity-protection/access-control/security-identifiers.md
index c1d0c47fdc..f8a3185eb0 100644
--- a/windows/security/identity-protection/access-control/security-identifiers.md
+++ b/windows/security/identity-protection/access-control/security-identifiers.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/access-control/security-principals.md b/windows/security/identity-protection/access-control/security-principals.md
index bc865d734c..111f5d902d 100644
--- a/windows/security/identity-protection/access-control/security-principals.md
+++ b/windows/security/identity-protection/access-control/security-principals.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/access-control/service-accounts.md b/windows/security/identity-protection/access-control/service-accounts.md
index cd289738ae..bc52668527 100644
--- a/windows/security/identity-protection/access-control/service-accounts.md
+++ b/windows/security/identity-protection/access-control/service-accounts.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/access-control/special-identities.md b/windows/security/identity-protection/access-control/special-identities.md
index 978d72142a..48f324427e 100644
--- a/windows/security/identity-protection/access-control/special-identities.md
+++ b/windows/security/identity-protection/access-control/special-identities.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
@@ -255,7 +255,7 @@ The Network Service account is similar to an Authenticated User account. The Net
| Well-Known SID/RID | S-1-5-20 |
|Object Class| Foreign Security Principal|
|Default Location in Active Directory |cn=WellKnown Security Principals, cn=Configuration, dc=\|
-|Default User Rights| [Adjust memory quotas for a process](/windows/device-security/security-policy-settings/adjust-memory-quotas-for-a-process): SeIncreaseQuotaPrivilege
[Bypass traverse checking](/windows/device-security/security-policy-settings/bypass-traverse-checking): SeChangeNotifyPrivilege
[Create global objects](/windows/device-security/security-policy-settings/create-global-objects): SeCreateGlobalPrivilege
[Generate security audits](/windows/device-security/security-policy-settings/generate-security-audits): SeAuditPrivilege
[Impersonate a client after authentication](/windows/device-security/security-policy-settings/impersonate-a-client-after-authentication): SeImpersonatePrivilege
[Restore files and directories](/windows/device-security/security-policy-settings/restore-files-and-directories): SeRestorePrivilege
[Replace a process level token](/windows/device-security/security-policy-settings/replace-a-process-level-token): SeAssignPrimaryTokenPrivilege
|
+|Default User Rights| [Adjust memory quotas for a process](/windows/device-security/security-policy-settings/adjust-memory-quotas-for-a-process): SeIncreaseQuotaPrivilege
[Bypass traverse checking](/windows/device-security/security-policy-settings/bypass-traverse-checking): SeChangeNotifyPrivilege
[Create global objects](/windows/device-security/security-policy-settings/create-global-objects): SeCreateGlobalPrivilege
[Generate security audits](/windows/device-security/security-policy-settings/generate-security-audits): SeAuditPrivilege
[Impersonate a client after authentication](/windows/device-security/security-policy-settings/impersonate-a-client-after-authentication): SeImpersonatePrivilege
[Replace a process level token](/windows/device-security/security-policy-settings/replace-a-process-level-token): SeAssignPrimaryTokenPrivilege
|
## NTLM Authentication
diff --git a/windows/security/identity-protection/change-history-for-access-protection.md b/windows/security/identity-protection/change-history-for-access-protection.md
index 5244518021..954dd6020d 100644
--- a/windows/security/identity-protection/change-history-for-access-protection.md
+++ b/windows/security/identity-protection/change-history-for-access-protection.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/configure-s-mime.md b/windows/security/identity-protection/configure-s-mime.md
index daccf69649..8e823b08e6 100644
--- a/windows/security/identity-protection/configure-s-mime.md
+++ b/windows/security/identity-protection/configure-s-mime.md
@@ -10,7 +10,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/credential-guard/additional-mitigations.md b/windows/security/identity-protection/credential-guard/additional-mitigations.md
index 870cc58a84..63a6a403c2 100644
--- a/windows/security/identity-protection/credential-guard/additional-mitigations.md
+++ b/windows/security/identity-protection/credential-guard/additional-mitigations.md
@@ -8,7 +8,7 @@ ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/credential-guard/credential-guard-considerations.md b/windows/security/identity-protection/credential-guard/credential-guard-considerations.md
index bb9bbc4a97..60d02adb71 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-considerations.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-considerations.md
@@ -8,7 +8,7 @@ ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/credential-guard/credential-guard-how-it-works.md b/windows/security/identity-protection/credential-guard/credential-guard-how-it-works.md
index 400ce3d5d2..00a4a3e6bb 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-how-it-works.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-how-it-works.md
@@ -1,6 +1,6 @@
---
title: How Windows Defender Credential Guard works
-description: Using virtualization-based security, Windows Defender Credential Guard features a new component called the isolated LSA process, which stores and protects secrets, isolating them from the rest of the operating system, so that only privileged system software can access them.
+description: Using virtualization-based security, Windows Defender Credential Guard features a new component called the isolated LSA process, which stores and protects secrets, isolating them from the rest of the operating system, so that only privileged system software can access them.
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library
@@ -8,7 +8,7 @@ ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md
index b9b11df607..e2c7665e97 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md
@@ -8,7 +8,7 @@ ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/credential-guard/credential-guard-manage.md b/windows/security/identity-protection/credential-guard/credential-guard-manage.md
index a583960ecd..71715e1e9d 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-manage.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-manage.md
@@ -8,7 +8,7 @@ ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
@@ -113,7 +113,7 @@ You can do this by using either the Control Panel or the Deployment Image Servic
You can also enable Windows Defender Credential Guard by using the [Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337).
```
-DG_Readiness_Tool_v3.5.ps1 -Enable -AutoReboot
+DG_Readiness_Tool_v3.6.ps1 -Enable -AutoReboot
```
> [!IMPORTANT]
> When running the Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool on a non-English operating system, within the script, change `$OSArch = $(gwmi win32_operatingsystem).OSArchitecture` to be `$OSArch = $((gwmi win32_operatingsystem).OSArchitecture).tolower()` instead, in order for the tool to work.
@@ -136,7 +136,7 @@ You can view System Information to check that Windows Defender Credential Guard
You can also check that Windows Defender Credential Guard is running by using the [Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337).
```
-DG_Readiness_Tool_v3.5.ps1 -Ready
+DG_Readiness_Tool_v3.6.ps1 -Ready
```
> [!IMPORTANT]
> When running the Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool on a non-English operating system, within the script, change `*$OSArch = $(gwmi win32_operatingsystem).OSArchitecture` to be `$OSAch = $((gwmi win32_operatingsystem).OSArchitecture).tolower()` instead, in order for the tool to work.
diff --git a/windows/security/identity-protection/credential-guard/credential-guard-not-protected-scenarios.md b/windows/security/identity-protection/credential-guard/credential-guard-not-protected-scenarios.md
index 582af34a67..b2f1d37cea 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-not-protected-scenarios.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-not-protected-scenarios.md
@@ -8,7 +8,7 @@ ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md b/windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md
index b3ceb19440..bd6b456162 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md
@@ -8,7 +8,7 @@ ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/credential-guard/credential-guard-requirements.md b/windows/security/identity-protection/credential-guard/credential-guard-requirements.md
index 8c3d26bfae..cacd765584 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-requirements.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-requirements.md
@@ -8,7 +8,7 @@ ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/credential-guard/credential-guard-scripts.md b/windows/security/identity-protection/credential-guard/credential-guard-scripts.md
index dae9193c68..ae294baabb 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-scripts.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-scripts.md
@@ -8,7 +8,7 @@ ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/credential-guard/credential-guard.md b/windows/security/identity-protection/credential-guard/credential-guard.md
index bdcdac0346..e5422219e7 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard.md
@@ -10,7 +10,7 @@ ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/enterprise-certificate-pinning.md b/windows/security/identity-protection/enterprise-certificate-pinning.md
index 6747177c1d..b45b7ac061 100644
--- a/windows/security/identity-protection/enterprise-certificate-pinning.md
+++ b/windows/security/identity-protection/enterprise-certificate-pinning.md
@@ -2,10 +2,10 @@
title: Enterprise Certificate Pinning
ms.mktglfcycl: manage
ms.sitesec: library
-description: Enterprise certificate pinning is a Windows feature for remembering, or “pinning” a root, issuing certificate authority, or end entity certificate to a given domain name.
+description: Enterprise certificate pinning is a Windows feature for remembering, or “pinning” a root, issuing certificate authority, or end entity certificate to a given domain name.
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md b/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
index c23f167615..3da855c332 100644
--- a/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
+++ b/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
@@ -319,7 +319,7 @@ This example configures Wi-Fi as a trusted signal (Windows 10, version 1803)
### How to configure Multifactor Unlock policy settings
-You need a Windows 10, version 1709 workstation to run the Group Policy Management Console, which provides the latest Windows Hello for Business Group Policy settings, which includes multi-factor unlock. To run the Group Policy Management Console, you need to install the Remote Server Administration Tools for Windows 10. You can download these tools from the [Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=45520). Install the Remote Server Administration Tools for Windows 10 on a computer running Windows 10, version 1709.
+You need a Windows 10, version 1709 workstation to run the Group Policy Management Console, which provides the latest Windows Hello for Business Group Policy settings, which includes multi-factor unlock. To run the Group Policy Management Console, you need to install the Remote Server Administration Tools for Windows 10. You can download these tools from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=45520). Install the Remote Server Administration Tools for Windows 10 on a computer running Windows 10, version 1709.
Alternatively, you can create copy the .ADMX and .ADML files from a Windows 10, version 1703 to their respective language folder on a Windows Server or you can create a Group Policy Central Store and copy them their respective language folder. See [How to create and manage the Central Store for Group Policy Administrative Templates in Windows](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administrative-templates-in-windows) for more information.
@@ -332,6 +332,7 @@ The Group Policy object contains the policy settings needed to trigger Windows H
> * PIN **must** be in at least one of the groups
> * Trusted signals **must** be combined with another credential provider
> * You cannot use the same unlock factor to satisfy both categories. Therefore, if you include any credential provider in both categories, it means it can satisfy either category, but not both.
+> * The multifactor unlock feature is also supported via the Passport for Work CSP. See [Passport For Work CSP](https://docs.microsoft.com/windows/client-management/mdm/passportforwork-csp) for more information.
1. Start the **Group Policy Management Console** (gpmc.msc)
2. Expand the domain and select the **Group Policy Object** node in the navigation pane.
diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
index 00344d3bd5..c9b80af1e6 100644
--- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
+++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
@@ -24,7 +24,7 @@ ms.reviewer:
- Certificate trust
-You need a Windows 10, version 1703 workstation to run the Group Policy Management Console, which provides the latest Windows Hello for Business and PIN Complexity Group Policy settings. To run the Group Policy Management Console, you need to install the Remote Server Administration Tools for Windows 10. You can download these tools from the [Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=45520).
+You need a Windows 10, version 1703 workstation to run the Group Policy Management Console, which provides the latest Windows Hello for Business and PIN Complexity Group Policy settings. To run the Group Policy Management Console, you need to install the Remote Server Administration Tools for Windows 10. You can download these tools from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=45520).
Install the Remote Server Administration Tools for Windows 10 on a computer running Windows 10, version 1703.
Alternatively, you can create copy the .ADMX and .ADML files from a Windows 10, version 1703 to their respective language folder on a Windows Server or you can create a Group Policy Central Store and copy them their respective language folder. See [How to create and manage the Central Store for Group Policy Administrative Templates in Windows](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administrative-templates-in-windows) for more information.
diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md b/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md
index ffee400b8c..72257804e5 100644
--- a/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md
+++ b/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md
@@ -21,7 +21,6 @@ ms.reviewer:
**Applies to**
- Windows 10, version 1703 or later
-
Windows Hello for Business is the springboard to a world without passwords. It replaces username and password sign-in to Windows with strong user authentication based on an asymmetric key pair.
This deployment guide is to guide you through deploying Windows Hello for Business, based on the planning decisions made using the Planning a Windows Hello for Business Deployment Guide. It provides you with the information needed to successfully deploy Windows Hello for Business in an existing environment.
@@ -52,16 +51,18 @@ The trust model determines how you want users to authenticate to the on-premises
* The certificate-trust model is for enterprise that *do* want to issue end-entity certificates to their users and have the benefits of certificate expiration and renewal, similar to how smart cards work today.
* The certificate trust model also supports enterprises which are not ready to deploy Windows Server 2016 Domain Controllers.
->[!NOTE]
->RDP does not support authentication with Windows Hello for business key trust deployments. RDP is only supported with certificate trust deployments at this time.
+> [!NOTE]
+> Remote Desktop Protocol (RDP) does not support authentication with Windows Hello for Business key trust deployments. RDP is only supported with certificate trust deployments at this time. See [Remote Desktop](hello-feature-remote-desktop.md) to learn more.
-Following are the various deployment guides included in this topic:
+Following are the various deployment guides and models included in this topic:
- [Hybrid Azure AD Joined Key Trust Deployment](hello-hybrid-key-trust.md)
- [Hybrid Azure AD Joined Certificate Trust Deployment](hello-hybrid-cert-trust.md)
- [Azure AD Join Single Sign-on Deployment Guides](hello-hybrid-aadj-sso.md)
- [On Premises Key Trust Deployment](hello-deployment-key-trust.md)
- [On Premises Certificate Trust Deployment](hello-deployment-cert-trust.md)
+> [!NOTE]
+> For Windows Hello for Business hybrid [certificate trust prerequisites](hello-hybrid-cert-trust-prereqs.md#directory-synchronization) and [key trust prerequisites](hello-hybrid-key-trust-prereqs.md#directory-synchronization) deployments, you will need Azure Active Directory Connect to synchronize user accounts in the on-premises Active Directory with Azure Active Directory. For on-premises deployments, both key and certificate trust, use the Azure MFA server where the credentials are not synchronized to Azure Active Directory. Learn how to [deploy Multifactor Authentication Services (MFA) for key trust](hello-key-trust-validate-deploy-mfa.md) and [for certificate trust](hello-cert-trust-validate-deploy-mfa.md) deployments.
## Provisioning
diff --git a/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md b/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md
index 8eecd51ab4..5738d0e7ff 100644
--- a/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md
+++ b/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md
@@ -187,12 +187,17 @@ If the error occurs again, check the error code against the following table to s
The AIK certificate is no longer valid |
Sign out and then sign in again. |
-
-| 0x801C044D |
+
+| 0x801C03F2 |
+Windows Hello key registration failed. |
+ERROR_BAD_DIRECTORY_REQUEST. Another object with the same value for property proxyAddresses already exists. To resolve the issue refer to Duplicate Attributes Prevent Dirsync. |
+
+
+| 0x801C044D |
Unable to obtain user token |
Sign out and then sign in again. Check network and credentials. |
-
+
| 0x801C044E |
Failed to receive user creds input |
Sign out and then sign in again. |
diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.md b/windows/security/identity-protection/hello-for-business/hello-faq.md
index d1ba25aae2..0cfbf47cc6 100644
--- a/windows/security/identity-protection/hello-for-business/hello-faq.md
+++ b/windows/security/identity-protection/hello-for-business/hello-faq.md
@@ -22,7 +22,7 @@ ms.reviewer:
- Windows 10
## What about virtual smart cards?
-Windows Hello for Business is the modern, two-factor credential for Windows 10. Microsoft will be deprecating virtual smart cards in the future but not date at this time. Customers using Windows 10 and virtual smart cards should move to Windows Hello for Business. Microsoft will publish the date early to ensure customers have adequate lead time to move to Windows Hello for Business. Microsoft recommends new Windows 10 deployments to use Windows Hello for Business. Virtual smart card remain supported for Windows 7 and Windows 8.
+Windows Hello for Business is the modern, two-factor credential for Windows 10. Microsoft will be deprecating virtual smart cards in the future, but no date is set at this time. Customers using Windows 10 and virtual smart cards should move to Windows Hello for Business. Microsoft will publish the date early to ensure customers have adequate lead time to move to Windows Hello for Business. Microsoft recommends new Windows 10 deployments to use Windows Hello for Business. Virtual smart card remain supported for Windows 7 and Windows 8.
## What about convenience PIN?
Microsoft is committed to its vision of a world without passwords. We recognize the *convenience* provided by convenience PIN, but it stills uses a password for authentication. Microsoft recommends customers using Windows 10 and convenience PINs should move to Windows Hello for Business. New Windows 10 deployments should deploy Windows Hello for Business and not convenience PINs. Microsoft will be deprecating convenience PINs in the future and will publish the date early to ensure customers have adequate lead time to deploy Windows Hello for Business.
@@ -45,7 +45,7 @@ The statement "PIN is stronger than Password" is not directed at the strength of
The **Key Admins** and **Enterprise Key Admins** groups are created when you install the first Windows Server 2016 domain controller into a domain. Domain controllers running previous versions of Windows Server cannot translate the security identifier (SID) to a name. To resolve this, transfer the PDC emulator domain role to a domain controller running Windows Server 2016.
## Can I use a convenience PIN with Azure AD?
-It is currently possible to set a convience PIN on Azure Active Directory Joined or Hybrid Active Directory Joined devices. Convience PIN is not supported for Azure Active Directory user accounts. It is only supported for on-premises only Domain Joined users and local account users.
+It is currently possible to set a convenience PIN on Azure Active Directory Joined or Hybrid Active Directory Joined devices. Convenience PIN is not supported for Azure Active Directory user accounts. It is only supported for on-premises only Domain Joined users and local account users.
## Can I use an external camera when my laptop is closed or docked?
No. Windows 10 currently only supports one Windows Hello for Business camera and does not fluidly switch to an external camera when the computer is docked with the lid closed. The product group is aware of this and is investigating this topic further.
@@ -80,7 +80,7 @@ If your environment uses Microsoft Intune, you need these additional URLs:
- portal.manage.microsoft.com
## What is the difference between non-destructive and destructive PIN reset?
-Windows Hello for Business has two types of PIN reset: non-destructive and destructive. Organizations running Windows 10 Enterprise and Azure Active Directory can take advantage of the Microsoft PIN Reset service. Once on-boarded to a tenant and deployed to computers, users who have forgotten their PINs can authenticate to Azure, provided a second factor of authentication, and reset their PIN without re-provisioning a new Windows Hello for Business enrollment. This is a non-destructive PIN reset because the user does not delete the current credential and obtain a new one. Read [PIN Reset](hello-features.md#pin-reset) from our [Windows Hello for Business Features](hello-features.md) page for more information.
+Windows Hello for Business has two types of PIN reset: non-destructive and destructive. Organizations running Windows 10 Enterprise and Azure Active Directory can take advantage of the Microsoft PIN Reset service. Once on-boarded to a tenant and deployed to computers, users who have forgotten their PINs can authenticate to Azure, provided a second factor of authentication, and reset their PIN without re-provisioning a new Windows Hello for Business enrollment. This is a non-destructive PIN reset because the user does not delete the current credential and obtain a new one. Read [PIN Reset](hello-feature-pin-reset.md) page for more information.
Organizations that have the on-premises deployment of Windows Hello for Business, or those not using Windows 10 Enterprise can use destructive PIN reset. with destructive PIN reset, users that have forgotten their PIN can authenticate using their password, perform a second factor of authentication to re-provision their Windows Hello for Business credential. Re-provisioning deletes the old credential and requests a new credential and certificate. On-premises deployments need network connectivity to their domain controllers, Active Directory Federation Services, and their issuing certificate authority to perform a destructive PIN reset. Also, for hybrid deployments, destructive PIN reset is only supported with the certificate trust model and the latest updates to Active Directory Federation Services.
diff --git a/windows/security/identity-protection/hello-for-business/hello-feature-conditional-access.md b/windows/security/identity-protection/hello-for-business/hello-feature-conditional-access.md
new file mode 100644
index 0000000000..4b08f7b6f1
--- /dev/null
+++ b/windows/security/identity-protection/hello-for-business/hello-feature-conditional-access.md
@@ -0,0 +1,45 @@
+---
+title: Conditional Access
+description: Conditional Access
+keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, cert-trust, device, registration, unlock, conditional access
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security, mobile
+audience: ITPro
+author: mapalko
+ms.author: mapalko
+manager: dansimp
+ms.collection: M365-identity-device-management
+ms.topic: article
+localizationpriority: medium
+ms.date: 09/09/2019
+ms.reviewer:
+---
+
+# Conditional access
+
+**Requirements:**
+
+* Azure Active Directory
+* Hybrid Windows Hello for Business deployment
+
+In a mobile-first, cloud-first world, Azure Active Directory enables single sign-on to devices, applications, and services from anywhere. With the proliferation of devices (including BYOD), work off corporate networks, and 3rd party SaaS applications, IT professionals are faced with two opposing goals:
+
+* Empower the end users to be productive wherever and whenever
+* Protect the corporate assets at any time
+
+To improve productivity, Azure Active Directory provides your users with a broad range of options to access your corporate assets. With application access management, Azure Active Directory enables you to ensure that only the right people can access your applications. What if you want to have more control over how the right people are accessing your resources under certain conditions? What if you even have conditions under which you want to block access to certain applications even for the right people? For example, it might be OK for you if the right people are accessing certain applications from a trusted network; however, you might not want them to access these applications from a network you don't trust. You can address these questions using conditional access.
+
+Read [Conditional access in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/active-directory-conditional-access-azure-portal) to learn more about Conditional Access. Afterwards, read [Getting started with conditional access in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/active-directory-conditional-access-azure-portal-get-started) to start deploying Conditional access.
+
+## Related topics
+
+* [Windows Hello for Business](hello-identity-verification.md)
+* [Manage Windows Hello for Business in your organization](hello-manage-in-organization.md)
+* [Why a PIN is better than a password](hello-why-pin-is-better-than-password.md)
+* [Prepare people to use Windows Hello](hello-prepare-people-to-use.md)
+* [Windows Hello and password changes](hello-and-password-changes.md)
+* [Windows Hello errors during PIN creation](hello-errors-during-pin-creation.md)
+* [Event ID 300 - Windows Hello successfully created](hello-event-300.md)
+* [Windows Hello biometrics in the enterprise](hello-biometrics-in-enterprise.md)
diff --git a/windows/security/identity-protection/hello-for-business/hello-feature-dual-enrollment.md b/windows/security/identity-protection/hello-for-business/hello-feature-dual-enrollment.md
new file mode 100644
index 0000000000..1db3c21e10
--- /dev/null
+++ b/windows/security/identity-protection/hello-for-business/hello-feature-dual-enrollment.md
@@ -0,0 +1,90 @@
+---
+title: Dual Enrollment
+description: Dual Enrollment
+keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, cert-trust, device, registration, unlock, dual enrollment,
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security, mobile
+audience: ITPro
+author: mapalko
+ms.author: mapalko
+manager: dansimp
+ms.collection: M365-identity-device-management
+ms.topic: article
+localizationpriority: medium
+ms.date: 09/09/2019
+ms.reviewer:
+---
+
+# Dual Enrollment
+
+**Requirements**
+
+* Hybrid and On-premises Windows Hello for Business deployments
+* Enterprise Joined or Hybrid Azure joined devices
+* Windows 10, version 1709
+
+> [!NOTE]
+> This feature was previously known as **Privileged Credential** but was renamed to **Dual Enrollment** to prevent any confusion with the **Privileged Access Workstation** feature.
+
+> [!IMPORTANT]
+> Dual enrollment does not replace or provide the same security as Privileged Access Workstations feature. Microsoft encourages enterprises to use the Privileged Access Workstations for their privileged credential users. Enterprises can consider Windows Hello for Business dual enrollment in situations where the Privileged Access feature cannot be used. Read [Privileged Access Workstations](https://docs.microsoft.com/windows-server/identity/securing-privileged-access/privileged-access-workstations) for more information.
+
+Dual enrollment enables administrators to perform elevated, administrative functions by enrolling both their non-privileged and privileged credentials on their device.
+
+By design, Windows 10 does not enumerate all Windows Hello for Business users from within a user's session. Using the computer Group Policy setting, **Allow enumeration of emulated smart card for all users**, you can configure a device to enumerate all enrolled Windows Hello for Business credentials on selected devices.
+
+With this setting, administrative users can sign-in to Windows 10, version 1709 using their non-privileged Windows Hello for Business credentials for normal work flow such as email, but can launch Microsoft Management Consoles (MMCs), Remote Desktop Services clients, and other applications by selecting **Run as different user** or **Run as administrator**, selecting the privileged user account, and providing their PIN. Administrators can also take advantage of this feature with command line applications by using **runas.exe** combined with the **/smartcard** argument. This enables administrators to perform their day-to-day operations without needing to sign-in and out, or use fast user switching when alternating between privileged and non-privileged workloads.
+
+> [!IMPORTANT]
+> You must configure a Windows 10 computer for Windows Hello for Business dual enrollment before either user (privileged or non-privileged) provisions Windows Hello for Business. Dual enrollment is a special setting that is configured on the Windows Hello container during creation.
+
+## Configure Windows Hello for Business Dual Enrollment
+
+In this task you will
+
+* Configure Active Directory to support Domain Administrator enrollment
+* Configure Dual Enrollment using Group Policy
+
+### Configure Active Directory to support Domain Administrator enrollment
+
+The designed Windows for Business configuration has you give the **Key Admins** (or **KeyCredential Admins** when using domain controllers prior to Windows Server 2016) group read and write permissions to the msDS-KeyCredentialsLink attribute. You provided these permissions at root of the domain and use object inheritance to ensure the permissions apply to all users in the domain regardless of their location within the domain hierarchy.
+
+Active Directory Domain Services uses AdminSDHolder to secure privileged users and groups from unintentional modification by comparing and replacing the security on privileged users and groups to match those defined on the AdminSDHolder object on an hourly cycle. For Windows Hello for Business, your domain administrator account may receive the permissions but will they will disappear from the user object unless you give the AdminSDHolder read and write permissions to the msDS-KeyCredential attribute.
+
+Sign-in to a domain controller or management workstation with access equivalent to _domain administrator_.
+
+1. Type the following command to add the **allow** read and write property permissions for msDS-KeyCredentialLink attribute for the **Key Admins** (or **KeyCredential Admins**) group on the AdminSDHolder object.
+```dsacls "CN=AdminSDHolder,CN=System,DC=domain,DC=com" /g "[domainName\keyAdminGroup]":RPWP;msDS-KeyCredentialLink```
+where **DC=domain,DC=com** is the LDAP path of your Active Directory domain and **domainName\keyAdminGroup]** is the NetBIOS name of your domain and the name of the group you use to give access to keys based on your deployment. For example:
+```dsacls "CN=AdminSDHolder,CN=System,DC=corp,DC=mstepdemo,DC=net" /g "mstepdemo\Key Admins":RPWP;msDS-KeyCredentialLink```
+2. To trigger security descriptor propagation, open **ldp.exe**.
+3. Click **Connection** and select **Connect...** Next to **Server**, type the name of the domain controller that holds the PDC role for the domain. Next to **Port**, type **389** and click **OK**.
+4. Click **Connection** and select **Bind...** Click **OK** to bind as the currently signed-in user.
+5. Click **Browser** and select **Modify**. Leave the **DN** text box blank. Next to **Attribute**, type **RunProtectAdminGroupsTask**. Next to **Values**, type **1**. Click **Enter** to add this to the **Entry List**.
+6. Click **Run** to start the task.
+7. Close LDP.
+
+### Configuring Dual Enrollment using Group Policy
+
+You configure Windows 10 to support dual enrollment using the computer configuration portion of a Group Policy object.
+
+1. Using the Group Policy Management Console (GPMC), create a new domain-based Group Policy object and link it to an organizational Unit that contains Active Directory computer objects used by privileged users.
+2. Edit the Group Policy object from step 1.
+3. Enable the **Allow enumeration of emulated smart cards for all users** policy setting located under **Computer Configuration->Administrative Templates->Windows Components->Windows Hello for Business**.
+4. Close the Group Policy Management Editor to save the Group Policy object. Close the GPMC.
+5. Restart computers targeted by this Group Policy object.
+
+The computer is ready for dual enrollment. Sign-in as the privileged user first and enroll for Windows Hello for Business. Once completed, sign-out and sign-in as the non-privileged user and enroll for Windows Hello for Business. You can now use your privileged credential to perform privileged tasks without using your password and without needing to switch users.
+
+## Related topics
+
+* [Windows Hello for Business](hello-identity-verification.md)
+* [Manage Windows Hello for Business in your organization](hello-manage-in-organization.md)
+* [Why a PIN is better than a password](hello-why-pin-is-better-than-password.md)
+* [Prepare people to use Windows Hello](hello-prepare-people-to-use.md)
+* [Windows Hello and password changes](hello-and-password-changes.md)
+* [Windows Hello errors during PIN creation](hello-errors-during-pin-creation.md)
+* [Event ID 300 - Windows Hello successfully created](hello-event-300.md)
+* [Windows Hello biometrics in the enterprise](hello-biometrics-in-enterprise.md)
diff --git a/windows/security/identity-protection/hello-for-business/hello-feature-dynamic-lock.md b/windows/security/identity-protection/hello-for-business/hello-feature-dynamic-lock.md
new file mode 100644
index 0000000000..62304559ae
--- /dev/null
+++ b/windows/security/identity-protection/hello-for-business/hello-feature-dynamic-lock.md
@@ -0,0 +1,68 @@
+---
+title: Conditional Access
+description: Conditional Access
+keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, cert-trust, device, registration, unlock, conditional access
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security, mobile
+audience: ITPro
+author: mapalko
+ms.author: mapalko
+manager: dansimp
+ms.collection: M365-identity-device-management
+ms.topic: article
+localizationpriority: medium
+ms.date: 09/09/2019
+ms.reviewer:
+---
+
+# Dynamic lock
+
+**Requirements:**
+
+* Windows 10, version 1703
+
+Dynamic lock enables you to configure Windows 10 devices to automatically lock when Bluetooth paired device signal falls below the maximum Received Signal Strength Indicator (RSSI) value. You configure the dynamic lock policy using Group Policy. You can locate the policy setting at **Computer Configuration\Administrative Templates\Windows Components\Windows Hello for Business**. The name of the policy is **Configure dynamic lock factors**.
+
+The Group Policy Editor, when the policy is enabled, creates a default signal rule policy with the following value:
+
+```
+
+
+
+```
+
+>[!IMPORTANT]
+>Microsoft recommends using the default values for this policy settings. Measurements are relative based on the varying conditions of each environment. Therefore, the same values may produce different results. Test policy settings in each environment prior to broadly deploying the setting.
+
+For this policy setting, the **type** and **scenario** attribute values are static and cannot change. The **classofDevice** is configurable but Phone is the only currently supported configuration. The attribute defaults to Phones sand uses the values from the following table:
+
+|Description|Value|
+|:-------------|:-------:|
+|Miscellaneous|0|
+|Computer|256|
+|Phone|512|
+|LAN/Network Access Point|768|
+|Audio/Video|1024|
+|Peripheral|1280|
+|Imaging|1536|
+|Wearable|1792|
+|Toy|2048|
+|Health|2304|
+|Uncategorized|7936|
+
+The **rssiMin** attribute value signal indicates the strength needed for the device to be considered "in-range". The default value of **-10** enables a user to move about an average size office or cubicle without triggering Windows to lock the device. The **rssiMaxDelta** has a default value of **-10**, which instruct Windows 10 to lock the device once the signal strength weakens by more than measurement of 10.
+
+RSSI measurements are relative and lower as the bluetooth signals between the two paired devices reduces. Therefore a measurement of 0 is stronger than -10, which is stronger than -60, which is an indicator the devices are moving further apart from each other.
+
+## Related topics
+
+* [Windows Hello for Business](hello-identity-verification.md)
+* [Manage Windows Hello for Business in your organization](hello-manage-in-organization.md)
+* [Why a PIN is better than a password](hello-why-pin-is-better-than-password.md)
+* [Prepare people to use Windows Hello](hello-prepare-people-to-use.md)
+* [Windows Hello and password changes](hello-and-password-changes.md)
+* [Windows Hello errors during PIN creation](hello-errors-during-pin-creation.md)
+* [Event ID 300 - Windows Hello successfully created](hello-event-300.md)
+* [Windows Hello biometrics in the enterprise](hello-biometrics-in-enterprise.md)
diff --git a/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md b/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md
new file mode 100644
index 0000000000..6e32dda47f
--- /dev/null
+++ b/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md
@@ -0,0 +1,127 @@
+---
+title: Pin Reset
+description: Pin Reset
+keywords: identity, PIN, Hello, passport, WHFB, hybrid, cert-trust, device, reset
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security, mobile
+audience: ITPro
+author: mapalko
+ms.author: mapalko
+manager: dansimp
+ms.collection: M365-identity-device-management
+ms.topic: article
+localizationpriority: medium
+ms.date: 09/09/2019
+ms.reviewer:
+---
+
+# PIN reset
+
+**Applies to:**
+
+- Windows 10, version 1709 or later
+
+## Hybrid Deployments
+
+**Requirements:**
+
+- Azure Active Directory
+- Hybrid Windows Hello for Business deployment
+- Azure AD registered, Azure AD joined, and Hybrid Azure AD joined
+- Windows 10, version 1709 or later, **Enterprise Edition**
+
+The Microsoft PIN reset services enables you to help users recover who have forgotten their PIN. Using Group Policy, Microsoft Intune or a compatible MDM, you can configure Windows 10 devices to securely use the Microsoft PIN reset service that enables users to reset their forgotten PIN through settings or above the lock screen without requiring re-enrollment.
+
+>[!IMPORTANT]
+> The Microsoft PIN Reset service only works with Windows 10, version 1709 or later **Enterprise Edition**. The feature does not work with the **Pro** edition.]
+
+### Onboarding the Microsoft PIN reset service to your Intune tenant
+
+Before you can remotely reset PINs, you must on-board the Microsoft PIN reset service to your Azure Active Directory tenant, and configure devices you manage.
+
+### Connect Azure Active Directory with the PIN reset service
+
+1. Visit [Microsoft PIN Reset Service Integration website](https://login.windows.net/common/oauth2/authorize?response_type=code&client_id=b8456c59-1230-44c7-a4a2-99b085333e84&resource=https%3A%2F%2Fgraph.windows.net&redirect_uri=https%3A%2F%2Fcred.microsoft.com&state=e9191523-6c2f-4f1d-a4f9-c36f26f89df0&prompt=admin_consent), and sign in using the tenant administrator account you use to manage your Azure Active Directory tenant.
+2. After you log in, click **Accept** to give consent for the PIN reset service to access your account.
+
+3. In the Azure portal, you can verify that the Microsoft PIN reset service is integrated from the **Enterprise applications** blade. Filter to application status "Enabled" and both Microsoft Pin Reset Service Production and Microsoft Pin Reset Client Production will show up in your tenant.
+
+
+### Configure Windows devices to use PIN reset using Group Policy
+
+You configure Windows 10 to use the Microsoft PIN Reset service using the computer configuration portion of a Group Policy object.
+
+1. Using the Group Policy Management Console (GPMC), scope a domain-based Group Policy to computer accounts in Active Directory.
+2. Edit the Group Policy object from step 1.
+3. Enable the **Use PIN Recovery** policy setting located under **Computer Configuration->Administrative Templates->Windows Components->Windows Hello for Business**.
+4. Close the Group Policy Management Editor to save the Group Policy object. Close the GPMC.
+
+### Configure Windows devices to use PIN reset using Microsoft Intune
+
+To configure PIN reset on Windows devices you manage, use an [Intune Windows 10 custom device policy](https://docs.microsoft.com/intune/custom-settings-windows-10) to enable the feature. Configure the policy using the following Windows policy configuration service provider (CSP):
+
+#### Create a PIN Reset Device configuration profile using Microsoft Intune
+
+1. Sign-in to [Azure Portal](https://portal.azure.com) using a tenant administrator account.
+2. You need your tenant ID to complete the following task. You can discovery your tenant ID viewing the **Properties** of your Azure Active Directory from the Azure Portal. It will be listed under Directory ID. You can also use the following command in a command Window on any Azure AD joined or hybrid Azure AD joined computer.
+
+ ```
+ dsregcmd /status | findstr -snip "tenantid"
+ ```
+
+1. Navigate to the Microsoft Intune blade. Click **Device configuration**. Click **Profiles**. Click **Create profile**.
+1. Type **Use PIN Recovery** in the **Name** field. Select **Windows 10 and later** from the **Platform** list. Select **Custom** from the **Profile type** list.
+1. In the **Custom OMA-URI Settings** blade, Click **Add**.
+1. In the **Add Row** blade, type **PIN Reset Settings** in the **Name** field. In the **OMA-URI** field, type **./Device/Vendor/MSFT/PassportForWork/*tenant ID*/Policies/EnablePinRecovery** where *tenant ID* is your Azure Active Directory tenant ID from step 2.
+1. Select **Boolean** from the **Data type** list and select **True** from the **Value** list.
+1. Click **OK** to save the row configuration. Click **OK** to close the Custom OMA-URI Settings blade. Click **Create to save the profile.
+
+#### Assign the PIN Reset Device configuration profile using Microsoft Intune
+
+1. Sign-in to [Azure Portal](https://portal.azure.com) using a tenant administrator account.
+2. Navigate to the Microsoft Intune blade. Click **Device configuration**. Click **Profiles**. From the list of device configuration profiles, click the profile that contains the PIN reset configuration.
+3. In the device configuration profile, click **Assignments**.
+4. Use the **Include** and/or **Exclude** tabs to target the device configuration profile to select groups.
+
+## On-premises Deployments
+
+**Requirements**
+
+* Active Directory
+* On-premises Windows Hello for Business deployment
+* Reset from settings - Windows 10, version 1703, Professional
+* Reset above Lock - Windows 10, version 1709, Professional
+
+On-premises deployments provide users with the ability to reset forgotten PINs either through the settings page or from above the user's lock screen. Users must know or be provided their password for authentication, must perform a second factor of authentication, and then re-provision Windows Hello for Business.
+
+>[!IMPORTANT]
+>Users must have corporate network connectivity to domain controllers and the federation service to reset their PINs.
+
+### Reset PIN from Settings
+
+1. Sign-in to Windows 10, version 1703 or later using an alternate credential.
+2. Open **Settings**, click **Accounts**, click **Sign-in options**.
+3. Under **PIN**, click **I forgot my PIN** and follow the instructions.
+
+#### Reset PIN above the Lock Screen
+
+ 1. On Windows 10, version 1709, click **I forgot my PIN** from the Windows Sign-in
+ 2. Enter your password and press enter.
+ 3. Follow the instructions provided by the provisioning process
+ 4. When finished, unlock your desktop using your newly created PIN.
+
+>[!NOTE]
+> Visit the [Windows Hello for Business Videos](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-videos.md) page and watch the [Windows Hello for Business forgotten PIN user experience](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-videos#windows-hello-for-business-forgotten-pin-user-experience) video.
+
+## Related topics
+
+- [Windows Hello for Business](hello-identity-verification.md)
+- [Manage Windows Hello for Business in your organization](hello-manage-in-organization.md)
+- [Why a PIN is better than a password](hello-why-pin-is-better-than-password.md)
+- [Prepare people to use Windows Hello](hello-prepare-people-to-use.md)
+- [Windows Hello and password changes](hello-and-password-changes.md)
+- [Windows Hello errors during PIN creation](hello-errors-during-pin-creation.md)
+- [Event ID 300 - Windows Hello successfully created](hello-event-300.md)
+- [Windows Hello biometrics in the enterprise](hello-biometrics-in-enterprise.md)
diff --git a/windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md b/windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md
new file mode 100644
index 0000000000..981587e970
--- /dev/null
+++ b/windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md
@@ -0,0 +1,74 @@
+---
+title: Remote Desktop
+description: Remote Desktop
+keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, cert-trust, device, registration, unlock, remote desktop, RDP
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security, mobile
+audience: ITPro
+author: mapalko
+ms.author: mapalko
+manager: dansimp
+ms.collection: M365-identity-device-management
+ms.topic: article
+localizationpriority: medium
+ms.date: 09/09/2019
+ms.reviewer:
+---
+
+# Remote Desktop
+
+**Requirements**
+
+- Windows 10
+- Certificate trust deployments
+- Hybrid and On-premises Windows Hello for Business deployments
+- Azure AD joined, Hybrid Azure AD joined, and Enterprise joined devices
+- Certificate trust deployments
+
+Windows Hello for Business supports using a certificate deployed to a WHFB container to a remote desktop to a server or another device. This functionality is not supported for key trust deployments. This feature takes advantage of the redirected smart card capabilities of the remote desktop protocol.
+
+Microsoft continues to investigate supporting this feature for key trust deployments in a future release.
+
+## Remote Desktop with Biometrics
+
+**Requirements**
+
+- Hybrid and On-premises Windows Hello for Business deployments
+- Azure AD joined, Hybrid Azure AD joined, and Enterprise joined devices
+- Certificate trust deployments
+- Biometric enrollments
+- Windows 10, version 1809
+
+Users using earlier versions of Windows 10 could remote desktop to using Windows Hello for Business but were limited to the using their PIN as their authentication gesture. Windows 10, version 1809 introduces the ability for users to authenticate to a remote desktop session using their Windows Hello for Business biometric gesture. The feature is on by default, so your users can take advantage of it as soon as they upgrade to Windows 10, version 1809.
+
+### How does it work
+
+Windows generates and stores cryptographic keys using a software component called a key storage provider (KSP). Software-based keys are created and stored using the Microsoft Software Key Storage Provider. Smart card keys are created and stored using the Microsoft Smart Card Key Storage Provider. Keys created and protected by Windows Hello for Business are created and stored using the Microsoft Passport Key Storage Provider.
+
+A certificate on a smart card starts with creating an asymmetric key pair using the Microsoft Smart Card KSP. Windows requests a certificate based on the key pair from your enterprises issuing certificate authority, which returns a certificate that is stored in the user's Personal certificate store. The private key remains on the smart card and the public key is stored with the certificate. Metadata on the certificate (and the key) store the key storage provider used to create the key (remember the certificate contains the public key).
+
+This same concept applies to Windows Hello for Business. Except, the keys are created using the Microsoft Passport KSP and the user's private key remains protected by the device's security module (TPM) and the user's gesture (PIN/biometric). The certificate APIs hide this complexity. When an application uses a certificate, the certificate APIs locate the keys using the saved key storage provider. The key storage providers directs the certificate APIs on which provider they use to find the private key associated with the certificate. This is how Windows knows you have a smart card certificate without the smart card inserted (and prompts you to insert the smart card).
+
+Windows Hello for Business emulates a smart card for application compatibility. Versions of Windows 10 prior to version 1809, would redirect private key access for Windows Hello for Business certificate to use its emulated smart card using the Microsoft Smart Card KSP, which would enable the user to provide their PIN. Windows 10, version 1809 no longer redirects private key access for Windows Hello for Business certificates to the Microsoft Smart Card KSP-- it continues using the Microsoft Passport KSP. The Microsoft Passport KSP enabled Windows 10 to prompt the user for their biometric gesture or PIN.
+
+### Compatibility
+
+Users appreciate convenience of biometrics and administrators value the security however, you may experience compatibility issues with your applications and Windows Hello for Business certificates. You can relax knowing a Group Policy setting and a [MDM URI](https://docs.microsoft.com/windows/client-management/mdm/passportforwork-csp) exist to help you revert to the previous behavior for those users who need it.
+
+
+
+> [!IMPORTANT]
+> The remote desktop with biometric feature does not work with [Dual Enrollment](hello-feature-dual-enrollment.md) feature or scenarios where the user provides alternative credentials. Microsoft continues to investigate supporting the feature.
+
+## Related topics
+
+- [Windows Hello for Business](hello-identity-verification.md)
+- [Manage Windows Hello for Business in your organization](hello-manage-in-organization.md)
+- [Why a PIN is better than a password](hello-why-pin-is-better-than-password.md)
+- [Prepare people to use Windows Hello](hello-prepare-people-to-use.md)
+- [Windows Hello and password changes](hello-and-password-changes.md)
+- [Windows Hello errors during PIN creation](hello-errors-during-pin-creation.md)
+- [Event ID 300 - Windows Hello successfully created](hello-event-300.md)
+- [Windows Hello biometrics in the enterprise](hello-biometrics-in-enterprise.md)
diff --git a/windows/security/identity-protection/hello-for-business/hello-features.md b/windows/security/identity-protection/hello-for-business/hello-features.md
index 37591f1f54..83a4dc444e 100644
--- a/windows/security/identity-protection/hello-for-business/hello-features.md
+++ b/windows/security/identity-protection/hello-for-business/hello-features.md
@@ -20,247 +20,17 @@ ms.date: 05/05/2018
# Windows Hello for Business Features
**Applies to:**
-- Windows 10
-Consider these additional features you can use after your organization deploys Windows Hello for Business.
+- Windows 10
-- [Conditional access](#conditional-access)
-- [Dynamic lock](#dynamic-lock)
-- [PIN reset](#pin-reset)
-- [Dual Enrollment](#dual-enrollment)
-- [Remote Desktop with Biometrics](#remote-desktop-with-biometrics)
+Consider these additional features you can use after your organization deploys Windows Hello for Business.
-## Conditional access
-
-**Requirements:**
-* Azure Active Directory
-* Hybrid Windows Hello for Business deployment
-
-
-In a mobile-first, cloud-first world, Azure Active Directory enables single sign-on to devices, applications, and services from anywhere. With the proliferation of devices (including BYOD), work off corporate networks, and 3rd party SaaS applications, IT professionals are faced with two opposing goals:+
-* Empower the end users to be productive wherever and whenever
-* Protect the corporate assets at any time
-
-To improve productivity, Azure Active Directory provides your users with a broad range of options to access your corporate assets. With application access management, Azure Active Directory enables you to ensure that only the right people can access your applications. What if you want to have more control over how the right people are accessing your resources under certain conditions? What if you even have conditions under which you want to block access to certain applications even for the right people? For example, it might be OK for you if the right people are accessing certain applications from a trusted network; however, you might not want them to access these applications from a network you don't trust. You can address these questions using conditional access.
-
-Read [Conditional access in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/active-directory-conditional-access-azure-portal) to learn more about Conditional Access. Afterwards, read [Getting started with conditional access in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/active-directory-conditional-access-azure-portal-get-started) to start deploying Conditional access.
-
-## Dynamic lock
-
-**Requirements:**
-* Windows 10, version 1703
-
-Dynamic lock enables you to configure Windows 10 devices to automatically lock when Bluetooth paired device signal falls below the maximum Received Signal Strength Indicator (RSSI) value. You configure the dynamic lock policy using Group Policy. You can locate the policy setting at **Computer Configuration\Administrative Templates\Windows Components\Windows Hello for Business**. The name of the policy is **Configure dynamic lock factors**.
-
-The Group Policy Editor, when the policy is enabled, creates a default signal rule policy with the following value:
-
->[!IMPORTANT]
->Microsoft recommends using the default values for this policy settings. Measurements are relative based on the varying conditions of each environment. Therefore, the same values may produce different results. Test policy settings in each environment prior to broadly deploying the setting.
-
-```
-
-
-
-```
-
-For this policy setting, the **type** and **scenario** attribute values are static and cannot change. The **classofDevice** attribute defaults Phones and uses the values from the following table
-
-|Description|Value|
-|:-------------|:-------:|
-|Miscellaneous|0|
-|Computer|256|
-|Phone|512|
-|LAN/Network Access Point|768|
-|Audio/Video|1024|
-|Peripheral|1280|
-|Imaging|1536|
-|Wearable|1792|
-|Toy|2048|
-|Health|2304|
-|Uncategorized|7936|
-
-The **rssiMin** attribute value signal indicates the strength needed for the device to be considered "in-range". The default value of **-10** enables a user to move about an average size office or cubicle without triggering Windows to lock the device. The **rssiMaxDelta** has a default value of **-10**, which instruct Windows 10 to lock the device once the signal strength weakens by more than measurement of 10.
-
-RSSI measurements are relative and lower as the bluetooth signals between the two paired devices reduces. Therefore a measurement of 0 is stronger than -10, which is stronger than -60, which is an indicator the devices are moving further apart from each other.
-
-## PIN reset
-
-**Applies to:**
-- Windows 10, version 1709 or later
-
-
-### Hybrid Deployments
-
-**Requirements:**
-- Azure Active Directory
-- Hybrid Windows Hello for Business deployment
-- Azure AD registered, Azure AD joined, and Hybrid Azure AD joined
-- Windows 10, version 1709 or later, **Enterprise Edition**
-
-The Microsoft PIN reset services enables you to help users who have forgotten their PIN. Using Group Policy, Microsoft Intune or a compatible MDM, you can configure Windows 10 devices to securely use the Microsoft PIN reset service that enables users to reset their forgotten PIN through settings or above the lock screen without requiring re-enrollment.
-
->[!IMPORTANT]
-> The Microsoft PIN Reset service only works with Windows 10, version 1709 or later **Enterprise Edition**. The feature does not work with the **Pro** edition.]
-
-#### Onboarding the Microsoft PIN reset service to your Intune tenant
-
-Before you can remotely reset PINs, you must on-board the Microsoft PIN reset service to your Azure Active Directory tenant, and configure devices you manage.
-
-#### Connect Azure Active Directory with the PIN reset service
-
-1. Visit [Microsoft PIN Reset Service Integration website](https://login.windows.net/common/oauth2/authorize?response_type=code&client_id=b8456c59-1230-44c7-a4a2-99b085333e84&resource=https%3A%2F%2Fgraph.windows.net&redirect_uri=https%3A%2F%2Fcred.microsoft.com&state=e9191523-6c2f-4f1d-a4f9-c36f26f89df0&prompt=admin_consent), and sign in using the tenant administrator account you use to manage your Azure Active Directory tenant.
-2. After you log in, click **Accept** to give consent for the PIN reset service to access your account.
-
-3. In the Azure portal, you can verify that the Microsoft PIN reset service is integrated from the **Enterprise applications**, **All applications** blade.
-
-
-#### Configure Windows devices to use PIN reset using Group Policy
-You configure Windows 10 to use the Microsoft PIN Reset service using the computer configuration portion of a Group Policy object.
-
-1. Using the Group Policy Management Console (GPMC), scope a domain-based Group Policy to computer accounts in Active Directory.
-2. Edit the Group Policy object from step 1.
-3. Enable the **Use PIN Recovery** policy setting located under **Computer Configuration->Administrative Templates->Windows Components->Windows Hello for Business**.
-4. Close the Group Policy Management Editor to save the Group Policy object. Close the GPMC.
-
-#### Configure Windows devices to use PIN reset using Microsoft Intune
-To configure PIN reset on Windows devices you manage, use an [Intune Windows 10 custom device policy](https://docs.microsoft.com/intune/custom-settings-windows-10) to enable the feature. Configure the policy using the following Windows policy configuration service provider (CSP):
-
-##### Create a PIN Reset Device configuration profile using Microsoft Intune
-
-1. Sign-in to [Azure Portal](https://portal.azure.com) using a tenant administrator account.
-2. You need your tenant ID to complete the following task. You can discovery your tenant ID viewing the **Properties** of your Azure Active Directory from the Azure Portal. You can also use the following command in a command Window on any Azure AD joined or hybrid Azure AD joined computer.
- ```
- dsregcmd /status | findstr -snip "tenantid"
- ```
-3. Navigate to the Microsoft Intune blade. Click **Device configuration**. Click **Profiles**. Click **Create profile**.
-4. Type **Use PIN Recovery** in the **Name** field. Select **Windows 10 and later** from the **Platform** list. Select **Custom** from the **Profile type** list.
-5. In the **Custom OMA-URI Settings** blade, Click **Add**.
-6. In the **Add Row** blade, type **PIN Reset Settings** in the **Name** field. In the **OMA-URI** field, type **./Device/Vendor/MSFT/PassportForWork/*tenant ID*/Policies/EnablePinRecovery** where *tenant ID* is your Azure Active Directory tenant ID from step 2.
-7. Select **Boolean** from the **Data type** list and select **True** from the **Value** list.
-8. Click **OK** to save the row configuration. Click **OK** to close the Custom OMA-URI Settings blade. Click **Create to save the profile.
-
-##### Assign the PIN Reset Device configuration profile using Microsoft Intune
-1. Sign-in to [Azure Portal](https://portal.azure.com) using a tenant administrator account.
-2. Navigate to the Microsoft Intune blade. Click **Device configuration**. Click **Profiles**. From the list of device configuration profiles, click the profile that contains the PIN reset configuration.
-3. In the device configuration profile, click **Assignments**.
-4. Use the **Include** and/or **Exclude** tabs to target the device configuration profile to select groups.
-
-### On-premises Deployments
-
-**Requirements**
-* Active Directory
-* On-premises Windows Hello for Business deployment
-* Reset from settings - Windows 10, version 1703, Professional
-* Reset above Lock - Windows 10, version 1709, Professional
-
-On-premises deployments provide users with the ability to reset forgotten PINs either through the settings page or from above the user's lock screen. Users must know or be provided their password for authentication, must perform a second factor of authentication, and then re-provision Windows Hello for Business.
-
->[!IMPORTANT]
->Users must have corporate network connectivity to domain controllers and the federation service to reset their PINs.
-
-#### Reset PIN from Settings
-1. Sign-in to Windows 10, version 1703 or later using an alternate credential.
-2. Open **Settings**, click **Accounts**, click **Sign-in options**.
-3. Under **PIN**, click **I forgot my PIN** and follow the instructions.
-
-#### Reset PIN above the Lock Screen
- 1. On Windows 10, version 1709, click **I forgot my PIN** from the Windows Sign-in
- 2. Enter your password and press enter.
- 3. Follow the instructions provided by the provisioning process
- 4. When finished, unlock your desktop using your newly created PIN.
-
->[!NOTE]
-> Visit the [Windows Hello for Business Videos](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-videos.md) page and watch the [Windows Hello for Business forgotten PIN user experience](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-videos#windows-hello-for-business-forgotten-pin-user-experience) video.
-
-## Dual Enrollment
-
-**Requirements**
-* Hybrid and On-premises Windows Hello for Business deployments
-* Enterprise Joined or Hybrid Azure joined devices
-* Windows 10, version 1709
-
-> [!NOTE]
-> This feature was previously known as **Privileged Credential** but was renamed to **Dual Enrollment** to prevent any confusion with the **Privileged Access Workstation** feature.
-
-> [!IMPORTANT]
-> Dual enrollment does not replace or provide the same security as Privileged Access Workstations feature. Microsoft encourages enterprises to use the Privileged Access Workstations for their privileged credential users. Enterprises can consider Windows Hello for Business dual enrollment in situations where the Privileged Access feature cannot be used. Read [Privileged Access Workstations](https://docs.microsoft.com/windows-server/identity/securing-privileged-access/privileged-access-workstations) for more information.
-
-Dual enrollment enables administrators to perform elevated, administrative functions by enrolling both their non-privileged and privileged credentials on their device.
-
-By design, Windows 10 does not enumerate all Windows Hello for Business users from within a user's session. Using the computer Group Policy setting, **Allow enumeration of emulated smart card for all users**, you can configure a device to enumerate all enrolled Windows Hello for Business credentials on selected devices.
-
-With this setting, administrative users can sign-in to Windows 10, version 1709 using their non-privileged Windows Hello for Business credentials for normal work flow such as email, but can launch Microsoft Management Consoles (MMCs), Remote Desktop Services clients, and other applications by selecting **Run as different user** or **Run as administrator**, selecting the privileged user account, and providing their PIN. Administrators can also take advantage of this feature with command line applications by using **runas.exe** combined with the **/smartcard** argument. This enables administrators to perform their day-to-day operations without needing to sign-in and out, or use fast user switching when alternating between privileged and non-privileged workloads.
-
-> [!IMPORTANT]
-> You must configure a Windows 10 computer for Windows Hello for Business dual enrollment before either user (privileged or non-privileged) provisions Windows Hello for Business. Dual enrollment is a special setting that is configured on the Windows Hello container during creation.
-
-### Configure Windows Hello for Business Dual Enroll
-In this task you will
-- Configure Active Directory to support Domain Administrator enrollment
-- Configure Dual Enrollment using Group Policy
-
-#### Configure Active Directory to support Domain Administrator enrollment
-The designed Windows for Business configuration has you give the **Key Admins** (or **KeyCredential Admins** when using domain controllers prior to Windows Server 2016) group read and write permissions to the msDS-KeyCredentialsLink attribute. You provided these permissions at root of the domain and use object inheritance to ensure the permissions apply to all users in the domain regardless of their location within the domain hierarchy.
-
-Active Directory Domain Services uses AdminSDHolder to secure privileged users and groups from unintentional modification by comparing and replacing the security on privileged users and groups to match those defined on the AdminSDHolder object on an hourly cycle. For Windows Hello for Business, your domain administrator account may receive the permissions but will they will disappear from the user object unless you give the AdminSDHolder read and write permissions to the msDS-KeyCredential attribute.
-
-Sign-in to a domain controller or management workstation with access equivalent to _domain administrator_.
-
-1. Type the following command to add the **allow** read and write property permissions for msDS-KeyCredentialLink attribute for the **Key Admins** (or **KeyCredential Admins**) group on the AdminSDHolder object.
-```dsacls "CN=AdminSDHolder,CN=System,DC=domain,DC=com" /g "[domainName\keyAdminGroup]":RPWP;msDS-KeyCredentialLink```
-where **DC=domain,DC=com** is the LDAP path of your Active Directory domain and **domainName\keyAdminGroup]** is the NetBIOS name of your domain and the name of the group you use to give access to keys based on your deployment. For example:
-```dsacls "CN=AdminSDHolder,CN=System,DC=corp,DC=mstepdemo,DC=net" /g "mstepdemo\Key Admins":RPWP;msDS-KeyCredentialLink```
-2. To trigger security descriptor propagation, open **ldp.exe**.
-3. Click **Connection** and select **Connect...** Next to **Server**, type the name of the domain controller that holds the PDC role for the domain. Next to **Port**, type **389** and click **OK**.
-4. Click **Connection** and select **Bind...** Click **OK** to bind as the currently signed-in user.
-5. Click **Browser** and select **Modify**. Leave the **DN** text box blank. Next to **Attribute**, type **RunProtectAdminGroupsTask**. Next to **Values**, type **1**. Click **Enter** to add this to the **Entry List**.
-6. Click **Run** to start the task.
-7. Close LDP.
-
-#### Configuring Dual Enrollment using Group Policy
-You configure Windows 10 to support dual enrollment using the computer configuration portion of a Group Policy object.
-
-1. Using the Group Policy Management Console (GPMC), create a new domain-based Group Policy object and link it to an organizational Unit that contains Active Directory computer objects used by privileged users.
-2. Edit the Group Policy object from step 1.
-3. Enable the **Allow enumeration of emulated smart cards for all users** policy setting located under **Computer Configuration->Administrative Templates->Windows Components->Windows Hello for Business**.
-4. Close the Group Policy Management Editor to save the Group Policy object. Close the GPMC.
-5. Restart computers targeted by this Group Policy object.
-
-The computer is ready for dual enrollment. Sign-in as the privileged user first and enroll for Windows Hello for Business. Once completed, sign-out and sign-in as the non-privileged user and enroll for Windows Hello for Business. You can now use your privileged credential to perform privileged tasks without using your password and without needing to switch users.
-
-## Remote Desktop with Biometrics
-
-> [!Warning]
-> Some information relates to pre-released product that may change before it is commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
-
-**Requirements**
-- Hybrid and On-premises Windows Hello for Business deployments
-- Azure AD joined, Hybrid Azure AD joined, and Enterprise joined devices
-- Certificate trust deployments
-- Biometric enrollments
-- Windows 10, version 1809
-
-Users using earlier versions of Windows 10 could remote desktop to using Windows Hello for Business but were limited to the using their PIN as their authentication gesture. Windows 10, version 1809 introduces the ability for users to authenticate to a remote desktop session using their Windows Hello for Business biometric gesture. The feature is on by default, so your users can take advantage of it as soon as they upgrade to Windows 10, version 1809.
-
-> [!IMPORTANT]
-> The remote desktop with biometrics feature only works with certificate trust deployments. The feature takes advantage of the redirected smart card capabilities of the remote desktop protocol. Microsoft continues to investigate supporting this feature for key trust deployments.
-
-### How does it work
-It start with creating cryptographic keys. Windows generates and stores cryptographic keys using a software component called a key storage provider (KSP). Software-based keys are created and stored using the Microsoft Software Key Storage Provider. Smart card keys are created and stored using the Microsoft Smart Card Key Storage Provider. Keys created and protected by Windows Hello for Business are created and stored using the Microsoft Passport Key Storage Provider.
-
-A certificate on a smart card starts with creating an asymmetric key pair using the Microsoft Smart Card KSP. Windows requests a certificate based on the key pair from your enterprises issuing certificate authority, which returns a certificate that is stored in the user's Personal certificate store. The private key remains on the smart card and the public key is stored with the certificate. Metadata on the certificate (and the key) store the key storage provider used to create the key (remember the certificate contains the public key).
-
-This same concept applies to Windows Hello for Business. Except, the keys are created using the Microsoft Passport KSP and the user's private key remains protected by the device's security module (TPM) and the user's gesture (PIN/biometric). The certificate APIs hide this complexity. When an application uses a certificate, the certificate APIs locate the keys using the saved key storage provider. The key storage providers directs the certificate APIs on which provider they use to find the private key associated with the certificate. This is how Windows knows you have a smart card certificate without the smart card inserted (and prompts you to insert the smart card).
-
-Windows Hello for Business emulates a smart card for application compatibility. Versions of Windows 10 prior to version 1809, would redirect private key access for Windows Hello for Business certificate to use its emulated smart card using the Microsoft Smart Card KSP, which would enable the user to provide their PIN. Windows 10, version 1809 no longer redirects private key access for Windows Hello for Business certificates to the Microsoft Smart Card KSP-- it continues using the Microsoft Passport KSP. The Microsoft Passport KSP enabled Windows 10 to prompt the user for their biometric gesture or PIN.
-
-### Compatibility
-Users appreciate convenience of biometrics and administrators value the security however, you may experience compatibility issues with your applications and Windows Hello for Business certificates. You can relax knowing a Group Policy setting and a [MDM URI](https://docs.microsoft.com/windows/client-management/mdm/passportforwork-csp) exist to help you revert to the previous behavior for those users who need it.
-
-
-
-> [!IMPORTANT]
-> The remote desktop with biometric feature does not work with [Dual Enrollment](#dual-enrollment) feature or scenarios where the user provides alternative credentials. Microsoft continues to investigate supporting the feature.
+- [Conditional Access](hello-feature-conditional-access.md)
+- [Dual Enrollment](hello-feature-dual-enrollment.md)
+- [Dynamic lock](hello-feature-dynamic-lock.md)
+- [Multifactor Unlock](feature-multifactor-unlock.md)
+- [PIN Reset](hello-feature-pin-reset.md)
+- [Remote Desktop](hello-feature-remote-desktop.md)
## Related topics
diff --git a/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md b/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md
index 9a2711dc1c..c876fbd351 100644
--- a/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md
+++ b/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md
@@ -32,6 +32,8 @@ Windows Hello for Business provisioning enables a user to enroll a new, strong,
[Domain joined provisioning in an On-premises Key Trust deployment](#domain-joined-provisioning-in-an-on-premises-key-trust-deployment)
[Domain joined provisioning in an On-premises Certificate Trust deployment](#domain-joined-provisioning-in-an-on-premises-certificate-trust-deployment)
+> [!NOTE]
+> The flows in this section are not exhaustive for every possible scenario. For example, Federated Key Trust is also a supported configuration.
## Azure AD joined provisioning in a Managed environment
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md
index 8eb13e3cb1..5136ececee 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md
@@ -656,15 +656,16 @@ Sign-in a workstation with access equivalent to a _domain user_.
10. Select **Enroll to Windows Hello for Business, otherwise fail (Windows 10 and later)** from the **Key storage provider (KSP)** list.
11. Select **Custom** from the **Subject name format** list.
12. Next to **Custom**, type **CN={{OnPrem_Distinguished_Name}}** to make the on-premises distinguished name the subject of the issued certificate.
-13. Refer to the "Configure Certificate Templates on NDES" task for how you configured the **AADJ WHFB Authentication** certificate template in the registry. Select the appropriate combination of key usages from the **Key Usages** list that map to configured NDES template in the registry. In this example, the **AADJ WHFB Authentication** certificate template was added to the **SignatureTemplate** registry value name. The **Key usage** that maps to that registry value name is **Digital Signature**.
-14. Select a previously configured **Trusted certificate** profile that matches the root certificate of the issuing certificate authority.
+13. Specify **User Principal Name (UPN)** as a **Subject Alternative Name** value.
+14. Refer to the "Configure Certificate Templates on NDES" task for how you configured the **AADJ WHFB Authentication** certificate template in the registry. Select the appropriate combination of key usages from the **Key Usages** list that map to configured NDES template in the registry. In this example, the **AADJ WHFB Authentication** certificate template was added to the **SignatureTemplate** registry value name. The **Key usage** that maps to that registry value name is **Digital Signature**.
+15. Select a previously configured **Trusted certificate** profile that matches the root certificate of the issuing certificate authority.
-15. Under **Extended key usage**, type **Smart Card Logon** under **Name**. Type **1.3.6.1.4.1.311.20.2.2** under **Object identifier**. Click **Add**.
-16. Type a percentage (without the percent sign) next to **Renewal Threshold** to determine when the certificate should attempt to renew. The recommended value is **20**.
+16. Under **Extended key usage**, type **Smart Card Logon** under **Name**. Type **1.3.6.1.4.1.311.20.2.2** under **Object identifier**. Click **Add**.
+17. Type a percentage (without the percent sign) next to **Renewal Threshold** to determine when the certificate should attempt to renew. The recommended value is **20**.
-17. Under **SCEP Server URLs**, type the fully qualified external name of the Azure AD Application proxy you configured. Append to the name **/certsrv/mscep/mscep.dll**. For example, https://ndes-mtephendemo.msappproxy.net/certsrv/mscep/mscep.dll. Click **Add**. Repeat this step for each additional NDES Azure AD Application Proxy you configured to issue Windows Hello for Business certificates. Microsoft Intune round-robin load balances requests amongst the URLs listed in the SCEP certificate profile.
-18. Click **OK**.
-19. Click **Create**.
+18. Under **SCEP Server URLs**, type the fully qualified external name of the Azure AD Application proxy you configured. Append to the name **/certsrv/mscep/mscep.dll**. For example, https://ndes-mtephendemo.msappproxy.net/certsrv/mscep/mscep.dll. Click **Add**. Repeat this step for each additional NDES Azure AD Application Proxy you configured to issue Windows Hello for Business certificates. Microsoft Intune round-robin load balances requests among the URLs listed in the SCEP certificate profile.
+19. Click **OK**.
+20. Click **Create**.
### Assign Group to the WHFB Certificate Enrollment Certificate Profile
Sign-in a workstation with access equivalent to a _domain user_.
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-policy.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-policy.md
index f65eaf8b20..80325188e6 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-policy.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-policy.md
@@ -26,7 +26,7 @@ ms.reviewer:
## Policy Configuration
-You need a Windows 10, version 1703 workstation to run the Group Policy Management Console, which provides the latest Windows Hello for Business and PIN Complexity Group Policy settings. To run the Group Policy Management Console, you need to install the Remote Server Administration Tools for Windows 10. You can download these tools from the [Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=45520).
+You need a Windows 10, version 1703 workstation to run the Group Policy Management Console, which provides the latest Windows Hello for Business and PIN Complexity Group Policy settings. To run the Group Policy Management Console, you need to install the Remote Server Administration Tools for Windows 10. You can download these tools from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=45520).
Install the Remote Server Administration Tools for Windows 10 on a computer running Windows 10, version 1703.
Alternatively, you can create copy the .ADMX and .ADML files from a Windows 10 Creators Edition (1703) to their respective language folder on a Windows Server or you can create a Group Policy Central Store and copy them their respective language folder. See [How to create and manage the Central Store for Group Policy Administrative Templates in Windows](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administrative-templates-in-windows) for more information.
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-devreg.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-devreg.md
index aa99101b75..0977f9b6a8 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-devreg.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-devreg.md
@@ -39,7 +39,7 @@ Begin configuring device registration to support Hybrid Windows Hello for Busine
To do this, follow the **Configure device settings** steps under [Setting up Azure AD Join in your organization](https://azure.microsoft.com/documentation/articles/active-directory-azureadjoin-setup/)
-Next, follow the guidance on the [How to configure hybrid Azure Active Directory joined devices](https://docs.microsoft.com/azure/active-directory/device-management-hybrid-azuread-joined-devices-setup) page. In the **Configuration steps** section, identify your configuration at the top of the table (either **Windows current and password hash sync** or **Windows current and federation**) and perform only the steps identified with a check mark.
+Next, follow the guidance on the [How to configure hybrid Azure Active Directory joined devices](https://docs.microsoft.com/azure/active-directory/devices/hybrid-azuread-join-manual) page. In the **Configuration steps** section, identify your configuration at the top of the table (either **Windows current and password hash sync** or **Windows current and federation**) and perform only the steps identified with a check mark.
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md
index c38ab35a87..122053e414 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md
@@ -26,7 +26,7 @@ ms.reviewer:
## Policy Configuration
-You need a Windows 10, version 1703 workstation to run the Group Policy Management Console, which provides the latest Windows Hello for Business and PIN Complexity Group Policy settings. To run the Group Policy Management Console, you need to install the Remote Server Administration Tools for Windows 10. You can download these tools from the [Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=45520).
+You need a Windows 10, version 1703 workstation to run the Group Policy Management Console, which provides the latest Windows Hello for Business and PIN Complexity Group Policy settings. To run the Group Policy Management Console, you need to install the Remote Server Administration Tools for Windows 10. You can download these tools from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=45520).
Install the Remote Server Administration Tools for Windows 10 on a computer running Windows 10, version 1703.
Alternatively, you can create copy the .ADMX and .ADML files from a Windows 10 Creators Edition (1703) to their respective language folder on a Windows Server or you can create a Group Policy Central Store and copy them their respective language folder. See [How to create and manage the Central Store for Group Policy Administrative Templates in Windows](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administrative-templates-in-windows) for more information.
diff --git a/windows/security/identity-protection/hello-for-business/hello-key-trust-policy-settings.md b/windows/security/identity-protection/hello-for-business/hello-key-trust-policy-settings.md
index 1b30d94278..b7c09bf09e 100644
--- a/windows/security/identity-protection/hello-for-business/hello-key-trust-policy-settings.md
+++ b/windows/security/identity-protection/hello-for-business/hello-key-trust-policy-settings.md
@@ -24,7 +24,7 @@ ms.reviewer:
- Key trust
-You need a Windows 10, version 1703 workstation to run the Group Policy Management Console, which provides the latest Windows Hello for Business and PIN Complexity Group Policy settings. To run the Group Policy Management Console, you need to install the Remote Server Administration Tools for Windows 10. You can download these tools from the [Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=45520).
+You need a Windows 10, version 1703 workstation to run the Group Policy Management Console, which provides the latest Windows Hello for Business and PIN Complexity Group Policy settings. To run the Group Policy Management Console, you need to install the Remote Server Administration Tools for Windows 10. You can download these tools from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=45520).
Install the Remote Server Administration Tools for Windows 10 on a computer running Windows 10, version 1703.
Alternatively, you can create copy the .ADMX and .ADML files from a Windows 10, version 1703 to their respective language folder on a Windows Server or you can create a Group Policy Central Store and copy them their respective language folder. See [How to create and manage the Central Store for Group Policy Administrative Templates in Windows](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administrative-templates-in-windows) for more information.
diff --git a/windows/security/identity-protection/hello-for-business/hello-overview.md b/windows/security/identity-protection/hello-for-business/hello-overview.md
index 07989c7579..e5194ab324 100644
--- a/windows/security/identity-protection/hello-for-business/hello-overview.md
+++ b/windows/security/identity-protection/hello-for-business/hello-overview.md
@@ -105,7 +105,7 @@ Windows Hello for Business with a key does not support RDP. RDP does not support
## Learn more
-[Implementing Windows Hello for Business at Microsoft](https://www.microsoft.com/en-us/itshowcase/implementing-windows-hello-for-business-at-microsoft)
+[Implementing Windows Hello for Business at Microsoft](https://www.microsoft.com/itshowcase/implementing-windows-hello-for-business-at-microsoft)
[Introduction to Windows Hello](https://go.microsoft.com/fwlink/p/?LinkId=786649), video presentation on Microsoft Virtual Academy
diff --git a/windows/security/identity-protection/hello-for-business/images/howitworks/devreg-aadj-managed.png b/windows/security/identity-protection/hello-for-business/images/howitworks/devreg-aadj-managed.png
index bc2fdb105b..44bbc4a572 100644
Binary files a/windows/security/identity-protection/hello-for-business/images/howitworks/devreg-aadj-managed.png and b/windows/security/identity-protection/hello-for-business/images/howitworks/devreg-aadj-managed.png differ
diff --git a/windows/security/identity-protection/hello-for-business/toc.md b/windows/security/identity-protection/hello-for-business/toc.md
index 312e43cff6..3fe33458fc 100644
--- a/windows/security/identity-protection/hello-for-business/toc.md
+++ b/windows/security/identity-protection/hello-for-business/toc.md
@@ -7,7 +7,12 @@
## [Windows Hello biometrics in the enterprise](hello-biometrics-in-enterprise.md)
## [Windows Hello for Business Features](hello-features.md)
+### [Conditional Access](hello-feature-conditional-access.md)
+### [Dual Enrollment](hello-feature-dual-enrollment.md)
+### [Dynamic Lock](hello-feature-dynamic-lock.md)
### [Multifactor Unlock](feature-multifactor-unlock.md)
+### [PIN Reset](hello-feature-pin-reset.md)
+### [Remote Desktop](hello-feature-remote-desktop.md)
## [How Windows Hello for Business works](hello-how-it-works.md)
### [Technical Deep Dive](hello-how-it-works.md#technical-deep-dive)
diff --git a/windows/security/identity-protection/installing-digital-certificates-on-windows-10-mobile.md b/windows/security/identity-protection/installing-digital-certificates-on-windows-10-mobile.md
index a181ec72c9..65e353cb81 100644
--- a/windows/security/identity-protection/installing-digital-certificates-on-windows-10-mobile.md
+++ b/windows/security/identity-protection/installing-digital-certificates-on-windows-10-mobile.md
@@ -10,7 +10,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/remote-credential-guard.md b/windows/security/identity-protection/remote-credential-guard.md
index 59a2e070cb..a4029266dd 100644
--- a/windows/security/identity-protection/remote-credential-guard.md
+++ b/windows/security/identity-protection/remote-credential-guard.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
@@ -79,7 +79,7 @@ For helpdesk support scenarios in which personnel require administrative access
Therefore, we recommend instead that you use the Restricted Admin mode option. For helpdesk support scenarios, RDP connections should only be initiated using the /RestrictedAdmin switch. This helps ensure that credentials and other user resources are not exposed to compromised remote hosts. For more information, see [Mitigating Pass-the-Hash and Other Credential Theft v2](https://download.microsoft.com/download/7/7/A/77ABC5BD-8320-41AF-863C-6ECFB10CB4B9/Mitigating-Pass-the-Hash-Attacks-and-Other-Credential-Theft-Version-2.pdf).
-To further harden security, we also recommend that you implement Local Administrator Password Solution (LAPS), a Group Policy client-side extension (CSE) introduced in Windows 8.1 that automates local administrator password management. LAPS mitigates the risk of lateral escalation and other cyberattacks facilitated when customers use the same administrative local account and password combination on all their computers. You can download and install LAPS [here](https://www.microsoft.com/en-us/download/details.aspx?id=46899).
+To further harden security, we also recommend that you implement Local Administrator Password Solution (LAPS), a Group Policy client-side extension (CSE) introduced in Windows 8.1 that automates local administrator password management. LAPS mitigates the risk of lateral escalation and other cyberattacks facilitated when customers use the same administrative local account and password combination on all their computers. You can download and install LAPS [here](https://www.microsoft.com/download/details.aspx?id=46899).
For further information on LAPS, see [Microsoft Security Advisory 3062591](https://technet.microsoft.com/library/security/3062591.aspx).
diff --git a/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md b/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md
index 695c7d15b9..5e5003aa9f 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-architecture.md b/windows/security/identity-protection/smart-cards/smart-card-architecture.md
index 33bbc7b730..89ddb7fa8a 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-architecture.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-architecture.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md b/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md
index 2bf4650d4b..997384b9e0 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md b/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
index cd06dda9a5..a408a47cf2 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md
index 9013c10df6..9ee26abcab 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-events.md b/windows/security/identity-protection/smart-cards/smart-card-events.md
index cb5e74736a..830bfcfcfc 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-events.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-events.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md b/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md
index dd70a1c7c6..992e66a6c7 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md b/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md
index 08f350db77..56228dff85 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md b/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md
index 6f0f59e3d1..dd8812970c 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md b/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md
index da07ec19a4..a913f4c769 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md b/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md
index 63d129266c..794b8e096c 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md b/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md
index 747e68618a..03d90751c8 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/user-account-control/how-user-account-control-works.md b/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
index 32d9213cda..4a92507705 100644
--- a/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
+++ b/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md b/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md
index 35ae0d0d3d..e8d50dc97f 100644
--- a/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md
+++ b/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/user-account-control/user-account-control-overview.md b/windows/security/identity-protection/user-account-control/user-account-control-overview.md
index ad92df7445..15ea04101f 100644
--- a/windows/security/identity-protection/user-account-control/user-account-control-overview.md
+++ b/windows/security/identity-protection/user-account-control/user-account-control-overview.md
@@ -10,7 +10,7 @@ ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md b/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md
index a6bec76e99..e6ee5742aa 100644
--- a/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md
+++ b/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-deploy-virtual-smart-cards.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-deploy-virtual-smart-cards.md
index 34667eb1f8..5e643f7d75 100644
--- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-deploy-virtual-smart-cards.md
+++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-deploy-virtual-smart-cards.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-evaluate-security.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-evaluate-security.md
index d7653b982e..f0b0220678 100644
--- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-evaluate-security.md
+++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-evaluate-security.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-get-started.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-get-started.md
index fd93a5fd19..34daf7a11e 100644
--- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-get-started.md
+++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-get-started.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-overview.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-overview.md
index b81fc4b4cd..8d19264cfa 100644
--- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-overview.md
+++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-overview.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: conceptual
@@ -26,6 +26,9 @@ This topic for IT professional provides an overview of the virtual smart card te
- [Smart Cards](../smart-cards/smart-card-windows-smart-card-technical-reference.md)
+> [!NOTE]
+> [Windows Hello for Business](../hello-for-business/hello-identity-verification.md) is the modern, two-factor authentication for Windows 10. Microsoft will be deprecating virtual smart cards in the future, but no date has been set at this time. Customers using Windows 10 and virtual smart cards should move to Windows Hello for Business. Microsoft will publish the date early to ensure customers have adequate lead time to move to Windows Hello for Business. We recommend that new Windows 10 deployments use Windows Hello for Business. Virtual smart cards remain supported for Windows 7 and Windows 8.
+
## Feature description
Virtual smart card technology from Microsoft offers comparable security benefits to physical smart cards by using two-factor authentication. Virtual smart cards emulate the functionality of physical smart cards, but they use the Trusted Platform Module (TPM) chip that is available on computers in many organizations, rather than requiring the use of a separate physical smart card and reader. Virtual smart cards are created in the TPM, where the keys that are used for authentication are stored in cryptographically secured hardware.
diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-tpmvscmgr.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-tpmvscmgr.md
index f2ce999ee5..cb25136eb0 100644
--- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-tpmvscmgr.md
+++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-tpmvscmgr.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-understanding-and-evaluating.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-understanding-and-evaluating.md
index 42f77aef08..aab4745ee9 100644
--- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-understanding-and-evaluating.md
+++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-understanding-and-evaluating.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-use-virtual-smart-cards.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-use-virtual-smart-cards.md
index bdf8fb184c..db7f20bb3e 100644
--- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-use-virtual-smart-cards.md
+++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-use-virtual-smart-cards.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/identity-protection/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md b/windows/security/identity-protection/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md
index 73746dfff2..22355b9383 100644
--- a/windows/security/identity-protection/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md
+++ b/windows/security/identity-protection/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md
@@ -6,7 +6,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security, networking
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
ms.localizationpriority: medium
ms.date: 02/08/2018
ms.reviewer:
diff --git a/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md b/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md
index 7b32119ae3..a162e20e45 100644
--- a/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md
+++ b/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md
@@ -9,7 +9,7 @@ author: dulcemontemayor
ms.date: 04/19/2017
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
---
# How to use single sign on (SSO) over VPN and Wi-Fi connections
diff --git a/windows/security/identity-protection/vpn/vpn-authentication.md b/windows/security/identity-protection/vpn/vpn-authentication.md
index 7bb106781a..9f6f6fa2a5 100644
--- a/windows/security/identity-protection/vpn/vpn-authentication.md
+++ b/windows/security/identity-protection/vpn/vpn-authentication.md
@@ -10,7 +10,7 @@ ms.localizationpriority: medium
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
---
# VPN authentication options
diff --git a/windows/security/identity-protection/vpn/vpn-auto-trigger-profile.md b/windows/security/identity-protection/vpn/vpn-auto-trigger-profile.md
index 3038aa0e34..09ca26d20e 100644
--- a/windows/security/identity-protection/vpn/vpn-auto-trigger-profile.md
+++ b/windows/security/identity-protection/vpn/vpn-auto-trigger-profile.md
@@ -10,7 +10,7 @@ ms.localizationpriority: medium
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
---
# VPN auto-triggered profile options
diff --git a/windows/security/identity-protection/vpn/vpn-conditional-access.md b/windows/security/identity-protection/vpn/vpn-conditional-access.md
index 4e6d182cfc..674df551a5 100644
--- a/windows/security/identity-protection/vpn/vpn-conditional-access.md
+++ b/windows/security/identity-protection/vpn/vpn-conditional-access.md
@@ -1,12 +1,12 @@
---
title: VPN and conditional access (Windows 10)
-description: The VPN client is now able to integrate with the cloud-based Conditional Access Platform to provide a device compliance option for remote clients. Conditional Access is a policy-based evaluation engine that lets you create access rules for any Azure Active Directory (Azure AD) connected application.
+description: The VPN client is now able to integrate with the cloud-based Conditional Access Platform to provide a device compliance option for remote clients. Conditional Access is a policy-based evaluation engine that lets you create access rules for any Azure Active Directory (Azure AD) connected application.
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security, networking
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.reviewer:
ms.localizationpriority: medium
diff --git a/windows/security/identity-protection/vpn/vpn-connection-type.md b/windows/security/identity-protection/vpn/vpn-connection-type.md
index cb033205df..b6fab222d1 100644
--- a/windows/security/identity-protection/vpn/vpn-connection-type.md
+++ b/windows/security/identity-protection/vpn/vpn-connection-type.md
@@ -10,7 +10,7 @@ ms.localizationpriority: medium
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
---
# VPN connection types
diff --git a/windows/security/identity-protection/vpn/vpn-guide.md b/windows/security/identity-protection/vpn/vpn-guide.md
index d5c7cfca83..c72139b6db 100644
--- a/windows/security/identity-protection/vpn/vpn-guide.md
+++ b/windows/security/identity-protection/vpn/vpn-guide.md
@@ -9,7 +9,7 @@ ms.localizationpriority: medium
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
---
# Windows 10 VPN technical guide
diff --git a/windows/security/identity-protection/vpn/vpn-name-resolution.md b/windows/security/identity-protection/vpn/vpn-name-resolution.md
index e4f509397e..5c277ef964 100644
--- a/windows/security/identity-protection/vpn/vpn-name-resolution.md
+++ b/windows/security/identity-protection/vpn/vpn-name-resolution.md
@@ -10,7 +10,7 @@ ms.localizationpriority: medium
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
---
# VPN name resolution
diff --git a/windows/security/identity-protection/vpn/vpn-profile-options.md b/windows/security/identity-protection/vpn/vpn-profile-options.md
index a234d017d0..6931c47d7b 100644
--- a/windows/security/identity-protection/vpn/vpn-profile-options.md
+++ b/windows/security/identity-protection/vpn/vpn-profile-options.md
@@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security, networking
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
ms.localizationpriority: medium
ms.date: 05/17/2018
---
@@ -300,7 +300,7 @@ The following is a sample plug-in VPN profile. This blob would fall under the Pr
After you configure the settings that you want using ProfileXML, you can apply it using Intune and a **Custom Configuration (Windows 10 Desktop and Mobile and later)** policy.
1. Sign into the [Azure portal](https://portal.azure.com).
-2. Go to **Intune** > **Device Configuration** > **Properties**.
+2. Go to **Intune** > **Device Configuration** > **Profiles**.
3. Click **Create Profile**.
4. Enter a name and (optionally) a description.
5. Choose **Windows 10 and later** as the platform.
diff --git a/windows/security/identity-protection/vpn/vpn-routing.md b/windows/security/identity-protection/vpn/vpn-routing.md
index e9652fe89a..c8ce525e53 100644
--- a/windows/security/identity-protection/vpn/vpn-routing.md
+++ b/windows/security/identity-protection/vpn/vpn-routing.md
@@ -10,7 +10,7 @@ ms.localizationpriority: medium
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
---
# VPN routing decisions
diff --git a/windows/security/identity-protection/vpn/vpn-security-features.md b/windows/security/identity-protection/vpn/vpn-security-features.md
index 250ee154a5..18e7b41ec9 100644
--- a/windows/security/identity-protection/vpn/vpn-security-features.md
+++ b/windows/security/identity-protection/vpn/vpn-security-features.md
@@ -10,7 +10,7 @@ ms.localizationpriority: medium
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
---
# VPN security features
diff --git a/windows/security/identity-protection/windows-credential-theft-mitigation-guide-abstract.md b/windows/security/identity-protection/windows-credential-theft-mitigation-guide-abstract.md
index 701083c55c..26db02bc64 100644
--- a/windows/security/identity-protection/windows-credential-theft-mitigation-guide-abstract.md
+++ b/windows/security/identity-protection/windows-credential-theft-mitigation-guide-abstract.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md b/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md
index d08c6e889a..c1b6366ec7 100644
--- a/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md
+++ b/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md
index 144180cd40..7bb74bdb71 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md
index acd70ac9ea..10924772a5 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md
index 2a85725c2c..0177ea0901 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.md b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.md
index 5431485c7f..78092912cd 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
index 8c9c724383..b9b8646bf0 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.md b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.md
index 26bf69d169..fce071badf 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md
index e3226ec136..38e7cefb70 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md
index f8d1a6e1f9..3a17290bcd 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md
index 49b3e4f60f..23276f3144 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.md b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.md
index fa1f49ee5d..6aa957697c 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md b/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md
index e6b90ed8bc..caee851596 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md
@@ -7,12 +7,12 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: conceptual
-ms.date: 02/28/2019
+ms.date: 02/28/2019
ms.reviewer:
---
diff --git a/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.md b/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.md
index 0405362524..79f29f59ec 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.md b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.md
index a6622c810c..000e35587d 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview.md b/windows/security/information-protection/bitlocker/bitlocker-overview.md
index d15b81c76a..0707268a3a 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-overview.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-overview.md
@@ -3,7 +3,7 @@ title: BitLocker (Windows 10)
description: This topic provides a high-level overview of BitLocker, including a list of system requirements, practical applications, and deprecated features.
ms.assetid: 40526fcc-3e0d-4d75-90e0-c7d0615f33b2
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
diff --git a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md
index bde16da8e3..16272b6213 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/bitlocker-security-faq.md b/windows/security/information-protection/bitlocker/bitlocker-security-faq.md
index a12e4c3b02..6bb6a48e28 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-security-faq.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-security-faq.md
@@ -9,12 +9,12 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: conceptual
-ms.date: 02/28/2019
+ms.date: 02/28/2019
---
# BitLocker Security FAQ
diff --git a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md
index 347a0003b8..f5de0c1816 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md
@@ -3,7 +3,7 @@ title: BitLocker To Go FAQ (Windows 10)
description: This topic for the IT professional answers frequently asked questions concerning the requirements to use, upgrade, deploy and administer, and key management policies for BitLocker.
ms.assetid: c40f87ac-17d3-47b2-afc6-6c641f72ecee
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
diff --git a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md
index de4112e3d5..3ec8b9d7db 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
index 20ab73acfb..bb6cc83966 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
@@ -9,12 +9,12 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: conceptual
-ms.date: 02/28/2019
+ms.date: 02/28/2019
---
# BitLocker: Use BitLocker Drive Encryption Tools to manage BitLocker
diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
index 0e544985b8..56534228b9 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
@@ -9,12 +9,12 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: conceptual
-ms.date: 02/28/2019
+ms.date: 02/28/2019
---
# BitLocker: Use BitLocker Recovery Password Viewer
diff --git a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.md b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.md
index 8c25c57e76..a093ef4773 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md b/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md
index 2f53662c16..1105a1bf99 100644
--- a/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md
+++ b/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md
index 01c9fe213f..c0e83393a2 100644
--- a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md
+++ b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/encrypted-hard-drive.md b/windows/security/information-protection/encrypted-hard-drive.md
index cf637532f1..d9b80efe97 100644
--- a/windows/security/information-protection/encrypted-hard-drive.md
+++ b/windows/security/information-protection/encrypted-hard-drive.md
@@ -4,7 +4,7 @@ description: Encrypted Hard Drive uses the rapid encryption that is provided by
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
diff --git a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
index 53bf9b0641..527daea7c6 100644
--- a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
+++ b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
@@ -6,7 +6,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
@@ -100,7 +100,7 @@ In-market systems, released with Windows 10 version 1709 or earlier, will not su
No, Kernel DMA Protection only protects against drive-by DMA attacks after the OS is loaded. It is the responsibility of the system firmware/BIOS to protect against attacks via the Thunderbolt™ 3 ports during boot.
### How can I check if a certain driver supports DMA-remapping?
-DMA-remapping is supported for specific device drivers, and is not universally supported by all devices and drivers on a platform. To check if a specific driver is opted into DMA-remapping, check the values corresponding to the DMA Remapping Policy property in the Details tab of a device in Device Manager*. A value of 0 or 1 means that the device driver does not support DMA-remapping. A value of 2 means that the device driver supports DMA-remapping.
+DMA-remapping is supported for specific device drivers, and is not universally supported by all devices and drivers on a platform. To check if a specific driver is opted into DMA-remapping, check the values corresponding to the DMA Remapping Policy property in the Details tab of a device in Device Manager*. A value of 0 or 1 means that the device driver does not support DMA-remapping. A value of 2 means that the device driver supports DMA-remapping. If the property is not available, then the policy is not set by the device driver (i.e. the device driver does not support DMA-remapping).
Please check the driver instance for the device you are testing. Some drivers may have varying values depending on the location of the device (internal vs. external).
*For Windows 10 versions 1803 and 1809, the property field in Device Manager uses a GUID, as highlighted in the following image.
diff --git a/windows/security/information-protection/secure-the-windows-10-boot-process.md b/windows/security/information-protection/secure-the-windows-10-boot-process.md
index 2090fe9ea8..73692e6065 100644
--- a/windows/security/information-protection/secure-the-windows-10-boot-process.md
+++ b/windows/security/information-protection/secure-the-windows-10-boot-process.md
@@ -14,7 +14,7 @@ ms.collection: M365-security-compliance
ms.topic: conceptual
ms.date: 11/16/2018
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
---
# Secure the Windows 10 boot process
@@ -96,7 +96,7 @@ Because Secure Boot has protected the bootloader and Trusted Boot has protected
Early Launch Anti-Malware (ELAM) can load a Microsoft or non-Microsoft anti-malware driver before all non-Microsoft boot drivers and applications, thus continuing the chain of trust established by Secure Boot and Trusted Boot. Because the operating system hasn’t started yet, and because Windows needs to boot as quickly as possible, ELAM has a simple task: examine every boot driver and determine whether it is on the list of trusted drivers. If it’s not trusted, Windows won’t load it.
-An ELAM driver isn’t a full-featured anti-malware solution; that loads later in the boot process. Windows Defender (included with Windows 10) supports ELAM, as does [Microsoft System Center 2012 Endpoint Protection](https://www.microsoft.com/en-us/server-cloud/system-center/endpoint-protection-2012.aspx) and several non-Microsoft anti-malware apps.
+An ELAM driver isn’t a full-featured anti-malware solution; that loads later in the boot process. Windows Defender (included with Windows 10) supports ELAM, as does [Microsoft System Center 2012 Endpoint Protection](https://www.microsoft.com/server-cloud/system-center/endpoint-protection-2012.aspx) and several non-Microsoft anti-malware apps.
## Measured Boot
If a PC in your organization does become infected with a rootkit, you need to know about it. Enterprise anti-malware apps can report malware infections to the IT department, but that doesn’t work with rootkits that hide their presence. In other words, you can’t trust the client to tell you whether it’s healthy.
diff --git a/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds.md b/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds.md
index 090906ffce..3e3fdfd9b5 100644
--- a/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds.md
+++ b/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds.md
@@ -8,7 +8,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md
index 39e3573cd8..1cb7f1c281 100644
--- a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md
+++ b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md
@@ -8,7 +8,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md b/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md
index fbb2f028fd..c802bfae51 100644
--- a/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md
+++ b/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm.md b/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm.md
index 8e25014ef9..cf6d045df3 100644
--- a/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm.md
+++ b/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm.md
@@ -8,7 +8,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/tpm/manage-tpm-commands.md b/windows/security/information-protection/tpm/manage-tpm-commands.md
index 5a388b1fc3..bd30e9b8f2 100644
--- a/windows/security/information-protection/tpm/manage-tpm-commands.md
+++ b/windows/security/information-protection/tpm/manage-tpm-commands.md
@@ -3,7 +3,7 @@ title: Manage TPM commands (Windows 10)
description: This topic for the IT professional describes how to manage which Trusted Platform Module (TPM) commands are available to domain users and to local users.
ms.assetid: a78e751a-2806-43ae-9c20-2e7ca466b765
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
diff --git a/windows/security/information-protection/tpm/manage-tpm-lockout.md b/windows/security/information-protection/tpm/manage-tpm-lockout.md
index 05dbc34f16..37f9839c3e 100644
--- a/windows/security/information-protection/tpm/manage-tpm-lockout.md
+++ b/windows/security/information-protection/tpm/manage-tpm-lockout.md
@@ -3,7 +3,7 @@ title: Manage TPM lockout (Windows 10)
description: This topic for the IT professional describes how to manage the lockout feature for the Trusted Platform Module (TPM) in Windows.
ms.assetid: bf27adbe-404c-4691-a644-29ec722a3f7b
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
diff --git a/windows/security/information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md b/windows/security/information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md
index 7f618aa9ba..d9e1befbcd 100644
--- a/windows/security/information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md
+++ b/windows/security/information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md
@@ -1,6 +1,6 @@
---
title: Understanding PCR banks on TPM 2.0 devices (Windows 10)
-description: This topic for the IT professional provides background about what happens when you switch PCR banks on TPM 2.0 devices.
+description: This topic for the IT professional provides background about what happens when you switch PCR banks on TPM 2.0 devices.
ms.assetid: 743FCCCB-99A9-4636-8F48-9ECB3A3D10DE
ms.reviewer:
ms.prod: w10
@@ -8,7 +8,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/tpm/tpm-fundamentals.md b/windows/security/information-protection/tpm/tpm-fundamentals.md
index 3d930a2334..8f99d1e45e 100644
--- a/windows/security/information-protection/tpm/tpm-fundamentals.md
+++ b/windows/security/information-protection/tpm/tpm-fundamentals.md
@@ -8,7 +8,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/tpm/tpm-recommendations.md b/windows/security/information-protection/tpm/tpm-recommendations.md
index 5da4caee6b..bd96309c30 100644
--- a/windows/security/information-protection/tpm/tpm-recommendations.md
+++ b/windows/security/information-protection/tpm/tpm-recommendations.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/tpm/trusted-platform-module-overview.md b/windows/security/information-protection/tpm/trusted-platform-module-overview.md
index c3f0286d24..a6c748fa89 100644
--- a/windows/security/information-protection/tpm/trusted-platform-module-overview.md
+++ b/windows/security/information-protection/tpm/trusted-platform-module-overview.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
@@ -88,7 +88,7 @@ Some things that you can check on the device are:
## Related topics
- [Trusted Platform Module](trusted-platform-module-top-node.md) (list of topics)
-- [Details on the TPM standard](https://www.microsoft.com/en-us/research/project/the-trusted-platform-module-tpm/) (has links to features using TPM)
+- [Details on the TPM standard](https://www.microsoft.com/research/project/the-trusted-platform-module-tpm/) (has links to features using TPM)
- [TPM Base Services Portal](https://docs.microsoft.com/windows/desktop/TBS/tpm-base-services-portal)
- [TPM Base Services API](https://docs.microsoft.com/windows/desktop/api/_tbs/)
- [TPM Cmdlets in Windows PowerShell](https://docs.microsoft.com/powershell/module/trustedplatformmodule)
diff --git a/windows/security/information-protection/tpm/trusted-platform-module-services-group-policy-settings.md b/windows/security/information-protection/tpm/trusted-platform-module-services-group-policy-settings.md
index 1fc294342f..f8b477aa62 100644
--- a/windows/security/information-protection/tpm/trusted-platform-module-services-group-policy-settings.md
+++ b/windows/security/information-protection/tpm/trusted-platform-module-services-group-policy-settings.md
@@ -8,7 +8,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/tpm/trusted-platform-module-top-node.md b/windows/security/information-protection/tpm/trusted-platform-module-top-node.md
index 3558bdf368..45c32cd7da 100644
--- a/windows/security/information-protection/tpm/trusted-platform-module-top-node.md
+++ b/windows/security/information-protection/tpm/trusted-platform-module-top-node.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md b/windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md
index f8bb770494..cbb074f9fa 100644
--- a/windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md
+++ b/windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/collect-wip-audit-event-logs.md b/windows/security/information-protection/windows-information-protection/collect-wip-audit-event-logs.md
index f38a7aa7c0..0d7d91e071 100644
--- a/windows/security/information-protection/windows-information-protection/collect-wip-audit-event-logs.md
+++ b/windows/security/information-protection/windows-information-protection/collect-wip-audit-event-logs.md
@@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md b/windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md
index 704773750d..f6d1a67328 100644
--- a/windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md
+++ b/windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md
@@ -8,7 +8,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md b/windows/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md
index aeca37426f..8c73819a8e 100644
--- a/windows/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md
+++ b/windows/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md
@@ -8,7 +8,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md
index 85c7bfae87..d6f39a9895 100644
--- a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md
+++ b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md
@@ -6,7 +6,7 @@ ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-sccm.md b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-sccm.md
index bd212a95e3..61ce1a5f3b 100644
--- a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-sccm.md
+++ b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-sccm.md
@@ -10,7 +10,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md b/windows/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md
index cb68d68e93..42caa212cd 100644
--- a/windows/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md
+++ b/windows/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md
@@ -8,7 +8,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
index 5ee54b85a9..93a5d00470 100644
--- a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
+++ b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
@@ -10,7 +10,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
@@ -82,6 +82,10 @@ Microsoft still has apps that are unenlightened, but which have been tested and
- Skype for Business
## Adding enlightened Microsoft apps to the allowed apps list
+
+> [!NOTE]
+> As of January 2019 it is no longer necessary to add Intune Company Portal as an exempt app since it is now included in the default list of protected apps.
+
You can add any or all of the enlightened Microsoft apps to your allowed apps list. Included here is the **Publisher name**, **Product or File name**, and **App Type** info for both Microsoft Intune and System Center Configuration Manager.
diff --git a/windows/security/information-protection/windows-information-protection/guidance-and-best-practices-wip.md b/windows/security/information-protection/windows-information-protection/guidance-and-best-practices-wip.md
index 78620f0447..f9e51d4cb9 100644
--- a/windows/security/information-protection/windows-information-protection/guidance-and-best-practices-wip.md
+++ b/windows/security/information-protection/windows-information-protection/guidance-and-best-practices-wip.md
@@ -10,7 +10,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels.md b/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels.md
index 8205436cc7..5b2d65942a 100644
--- a/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels.md
+++ b/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels.md
@@ -8,7 +8,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/limitations-with-wip.md b/windows/security/information-protection/windows-information-protection/limitations-with-wip.md
index e9ee801003..a01fabb5ce 100644
--- a/windows/security/information-protection/windows-information-protection/limitations-with-wip.md
+++ b/windows/security/information-protection/windows-information-protection/limitations-with-wip.md
@@ -7,7 +7,7 @@ ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/mandatory-settings-for-wip.md b/windows/security/information-protection/windows-information-protection/mandatory-settings-for-wip.md
index 36a6fbf255..6b736fd281 100644
--- a/windows/security/information-protection/windows-information-protection/mandatory-settings-for-wip.md
+++ b/windows/security/information-protection/windows-information-protection/mandatory-settings-for-wip.md
@@ -8,7 +8,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/overview-create-wip-policy-sccm.md b/windows/security/information-protection/windows-information-protection/overview-create-wip-policy-sccm.md
index 9fe48f688d..40ab9e148d 100644
--- a/windows/security/information-protection/windows-information-protection/overview-create-wip-policy-sccm.md
+++ b/windows/security/information-protection/windows-information-protection/overview-create-wip-policy-sccm.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/overview-create-wip-policy.md b/windows/security/information-protection/windows-information-protection/overview-create-wip-policy.md
index 29087982ee..8905cdb7b4 100644
--- a/windows/security/information-protection/windows-information-protection/overview-create-wip-policy.md
+++ b/windows/security/information-protection/windows-information-protection/overview-create-wip-policy.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md b/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md
index 246227f7c4..62403b8b81 100644
--- a/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md
+++ b/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md
@@ -10,7 +10,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
@@ -35,7 +35,7 @@ Windows Information Protection (WIP), previously known as enterprise data protec
## Video: Protect enterprise data from being accidentally copied to the wrong place
-> [!Video https://www.microsoft.com/en-us/videoplayer/embed/RE2IGhh]
+> [!Video https://www.microsoft.com/videoplayer/embed/RE2IGhh]
## Prerequisites
You’ll need this software to run WIP in your enterprise:
diff --git a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md
index 0852a6c1be..46f40cb732 100644
--- a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md
+++ b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md
@@ -8,7 +8,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
@@ -35,6 +35,7 @@ This table includes the recommended URLs to add to your Enterprise Cloud Resourc
|-----------------------------|---------------------------------------------------------------------|
|Office 365 for Business |- contoso.sharepoint.com
- contoso-my.sharepoint.com
- contoso-files.sharepoint.com
- tasks.office.com
- protection.office.com
- meet.lync.com
- teams.microsoft.com
|
|Yammer |- www.yammer.com
- yammer.com
- persona.yammer.com
|
+|Outlook Web Access (OWA) |attachments.office.net |
|Microsoft Dynamics |contoso.crm.dynamics.com |
|Visual Studio Online |contoso.visualstudio.com |
|Power BI |contoso.powerbi.com |
diff --git a/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md b/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md
index 96b109ce32..d056e573c8 100644
--- a/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md
+++ b/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md
@@ -10,7 +10,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/using-owa-with-wip.md b/windows/security/information-protection/windows-information-protection/using-owa-with-wip.md
index 7a321fae6b..958ab7847d 100644
--- a/windows/security/information-protection/windows-information-protection/using-owa-with-wip.md
+++ b/windows/security/information-protection/windows-information-protection/using-owa-with-wip.md
@@ -8,7 +8,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/information-protection/windows-information-protection/wip-app-enterprise-context.md b/windows/security/information-protection/windows-information-protection/wip-app-enterprise-context.md
index dc97c95d0d..5a8333cab2 100644
--- a/windows/security/information-protection/windows-information-protection/wip-app-enterprise-context.md
+++ b/windows/security/information-protection/windows-information-protection/wip-app-enterprise-context.md
@@ -8,7 +8,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 3bb9e5537f..eaedfb4d15 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -71,13 +71,15 @@
###### [Run antivirus scan](microsoft-defender-atp/respond-machine-alerts.md#run-windows-defender-antivirus-scan-on-machines)
###### [Restrict app execution](microsoft-defender-atp/respond-machine-alerts.md#restrict-app-execution)
###### [Isolate machines from the network](microsoft-defender-atp/respond-machine-alerts.md#isolate-machines-from-the-network)
-####### [Check activity details in Action center](microsoft-defender-atp/respond-machine-alerts.md#check-activity-details-in-action-center)
+###### [Consult a threat expert](microsoft-defender-atp/respond-machine-alerts.md#consult-a-threat-expert)
+###### [Check activity details in Action center](microsoft-defender-atp/respond-machine-alerts.md#check-activity-details-in-action-center)
##### [Take response actions on a file]()
###### [Response actions on files](microsoft-defender-atp/respond-file-alerts.md)
###### [Stop and quarantine files in your network](microsoft-defender-atp/respond-file-alerts.md#stop-and-quarantine-files-in-your-network)
###### [Restore file from quarantine](microsoft-defender-atp/respond-file-alerts.md#restore-file-from-quarantine)
###### [Add indicators to block or allow a file](microsoft-defender-atp/respond-file-alerts.md#add-indicator-to-block-or-allow-a-file)
+###### [Consult a threat expert](microsoft-defender-atp/respond-file-alerts.md#consult-a-threat-expert)
###### [Check activity details in Action center](microsoft-defender-atp/respond-file-alerts.md#check-activity-details-in-action-center)
###### [Download or collect file](microsoft-defender-atp/respond-file-alerts.md#download-or-collect-file)
###### [Deep analysis](microsoft-defender-atp/respond-file-alerts.md#deep-analysis)
@@ -85,6 +87,7 @@
###### [View deep analysis reports](microsoft-defender-atp/respond-file-alerts.md#view-deep-analysis-reports)
###### [Troubleshoot deep analysis](microsoft-defender-atp/respond-file-alerts.md#troubleshoot-deep-analysis)
+
##### [Investigate entities using Live response]()
###### [Investigate entities on machines](microsoft-defender-atp/live-response.md)
###### [Live response command examples](microsoft-defender-atp/live-response-command-examples.md)
@@ -100,6 +103,7 @@
### [Advanced hunting]()
#### [Advanced hunting overview](microsoft-defender-atp/overview-hunting.md)
#### [Query data using Advanced hunting](microsoft-defender-atp/advanced-hunting.md)
+#### [Stream Advanced hunting events to Azure Event Hubs](microsoft-defender-atp/raw-data-export-event-hub.md)
#### [Advanced hunting schema reference]()
##### [All tables in the Advanced hunting schema](microsoft-defender-atp/advanced-hunting-reference.md)
##### [AlertEvents table](microsoft-defender-atp/advanced-hunting-alertevents-table.md)
@@ -114,24 +118,24 @@
##### [RegistryEvents table](microsoft-defender-atp/advanced-hunting-registryevents-table.md)
#### [Advanced hunting query language best practices](microsoft-defender-atp/advanced-hunting-best-practices.md)
+
#### [Custom detections]()
##### [Understand custom detection rules](microsoft-defender-atp/overview-custom-detections.md)
-##### [Create custom detections rules](microsoft-defender-atp/custom-detection-rules.md)
+##### [Create and manage custom detections rules](microsoft-defender-atp/custom-detection-rules.md)
-#### [Management and APIs]()
-##### [Overview of management and APIs](microsoft-defender-atp/management-apis.md)
-##### [Understand threat intelligence concepts](microsoft-defender-atp/threat-indicator-concepts.md)
-##### [Microsoft Defender ATP APIs](microsoft-defender-atp/apis-intro.md)
-##### [Managed security service provider support](microsoft-defender-atp/mssp-support.md)
+### [Management and APIs]()
+#### [Overview of management and APIs](microsoft-defender-atp/management-apis.md)
+#### [Understand threat intelligence concepts](microsoft-defender-atp/threat-indicator-concepts.md)
+#### [Managed security service provider support](microsoft-defender-atp/mssp-support.md)
-#### [Integrations]()
-##### [Microsoft Defender ATP integrations](microsoft-defender-atp/threat-protection-integration.md)
-##### [Protect users, data, and devices with conditional access](microsoft-defender-atp/conditional-access.md)
-##### [Microsoft Cloud App Security integration overview](microsoft-defender-atp/microsoft-cloud-app-security-integration.md)
+### [Integrations]()
+#### [Microsoft Defender ATP integrations](microsoft-defender-atp/threat-protection-integration.md)
+#### [Protect users, data, and devices with conditional access](microsoft-defender-atp/conditional-access.md)
+#### [Microsoft Cloud App Security integration overview](microsoft-defender-atp/microsoft-cloud-app-security-integration.md)
-#### [Information protection in Windows overview]()
-##### [Windows integration](microsoft-defender-atp/information-protection-in-windows-overview.md)
-##### [Use sensitivity labels to prioritize incident response](microsoft-defender-atp/information-protection-investigation.md)
+### [Information protection in Windows overview]()
+#### [Windows integration](microsoft-defender-atp/information-protection-in-windows-overview.md)
+#### [Use sensitivity labels to prioritize incident response](microsoft-defender-atp/information-protection-investigation.md)
### [Microsoft Threat Experts](microsoft-defender-atp/microsoft-threat-experts.md)
@@ -299,6 +303,7 @@
### [Microsoft Defender Advanced Threat Protection for Mac](windows-defender-antivirus/microsoft-defender-atp-mac.md)
+#### [What's New in Microsoft Defender ATP for Mac](windows-defender-antivirus/microsoft-defender-atp-mac-whatsnew.md)
#### [Deploy Microsoft Defender Advanced Threat Protection for Mac]()
##### [Microsoft Intune-based deployment](windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md)
##### [JAMF-based deployment](windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md)
@@ -399,7 +404,6 @@
####### [Get domain related alerts](microsoft-defender-atp/get-domain-related-alerts.md)
####### [Get domain related machines](microsoft-defender-atp/get-domain-related-machines.md)
####### [Get domain statistics](microsoft-defender-atp/get-domain-statistics.md)
-####### [Is domain seen in organization (Deprecated)](microsoft-defender-atp/is-domain-seen-in-org.md)
###### [File]()
####### [File methods and properties](microsoft-defender-atp/files.md)
@@ -410,9 +414,7 @@
###### [IP]()
####### [Get IP related alerts](microsoft-defender-atp/get-ip-related-alerts.md)
-####### [Get IP related machines (Deprecated)](microsoft-defender-atp/get-ip-related-machines.md)
####### [Get IP statistics](microsoft-defender-atp/get-ip-statistics.md)
-####### [Is IP seen in organization (Deprecated)](microsoft-defender-atp/is-ip-seen-org.md)
###### [User]()
####### [User methods](microsoft-defender-atp/user.md)
@@ -433,7 +435,6 @@
##### [Get CVE-KB map](microsoft-defender-atp/get-cvekbmap-collection.md)
#### [API for custom alerts (Deprecated)]()
-##### [Enable the custom threat intelligence application (Deprecated)](microsoft-defender-atp/enable-custom-ti.md)
##### [Use the threat intelligence API to create custom alerts (Deprecated)](microsoft-defender-atp/use-custom-ti.md)
##### [Create custom threat intelligence alerts (Deprecated)](microsoft-defender-atp/custom-ti-api.md)
##### [PowerShell code examples (Deprecated)](microsoft-defender-atp/powershell-example-code.md)
@@ -441,13 +442,13 @@
##### [Experiment with custom threat intelligence alerts (Deprecated)](microsoft-defender-atp/experiment-custom-ti.md)
##### [Troubleshoot custom threat intelligence issues (Deprecated)](microsoft-defender-atp/troubleshoot-custom-ti.md)
-#### [Pull alerts to your SIEM tools]()
-##### [Learn about different ways to pull alerts](microsoft-defender-atp/configure-siem.md)
+#### [Pull detections to your SIEM tools]()
+##### [Learn about different ways to pull detections](microsoft-defender-atp/configure-siem.md)
##### [Enable SIEM integration](microsoft-defender-atp/enable-siem-integration.md)
-##### [Configure Splunk to pull alerts](microsoft-defender-atp/configure-splunk.md)
-##### [Configure HP ArcSight to pull alerts](microsoft-defender-atp/configure-arcsight.md)
-##### [Microsoft Defender ATP SIEM alert API fields](microsoft-defender-atp/api-portal-mapping.md)
-##### [Pull alerts using SIEM REST API](microsoft-defender-atp/pull-alerts-using-rest-api.md)
+##### [Configure Splunk to pull detections](microsoft-defender-atp/configure-splunk.md)
+##### [Configure HP ArcSight to pull detections](microsoft-defender-atp/configure-arcsight.md)
+##### [Microsoft Defender ATP detection fields](microsoft-defender-atp/api-portal-mapping.md)
+##### [Pull detections using SIEM REST API](microsoft-defender-atp/pull-alerts-using-rest-api.md)
##### [Troubleshoot SIEM tool integration issues](microsoft-defender-atp/troubleshoot-siem.md)
#### [Reporting]()
@@ -455,8 +456,11 @@
##### [Threat protection reports](microsoft-defender-atp/threat-protection-reports.md)
##### [Machine health and compliance reports](microsoft-defender-atp/machine-reports.md)
-#### [Interoperability]()
+#### [Partners & APIs]()
##### [Partner applications](microsoft-defender-atp/partner-applications.md)
+##### [Connected applications](microsoft-defender-atp/connected-applications.md)
+##### [API explorer](microsoft-defender-atp/api-explorer.md)
+
#### [Manage machine configuration]()
##### [Ensure your machines are configured properly](microsoft-defender-atp/configure-machines.md)
@@ -502,7 +506,6 @@
#### [Rules]()
##### [Manage suppression rules](microsoft-defender-atp/manage-suppression-rules.md)
-##### [Manage automation allowed/blocked lists](microsoft-defender-atp/manage-automation-allowed-blocked-list.md)
##### [Manage indicators](microsoft-defender-atp/manage-indicators.md)
##### [Manage automation file uploads](microsoft-defender-atp/manage-automation-file-uploads.md)
##### [Manage automation folder exclusions](microsoft-defender-atp/manage-automation-folder-exclusions.md)
diff --git a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
index 8896c08c25..ad2a9abf62 100644
--- a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
+++ b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
@@ -3,13 +3,13 @@ title: Advanced security audit policy settings (Windows 10)
description: This reference for IT professionals provides information about the advanced audit policy settings that are available in Windows and the audit events that they generate.
ms.assetid: 93b28b92-796f-4036-a53b-8b9e80f9f171
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
@@ -65,7 +65,7 @@ Detailed Tracking security policy settings and audit events can be used to monit
- [Audit Process Termination](audit-process-termination.md)
- [Audit RPC Events](audit-rpc-events.md)
- [Audit Credential Validation](https://docs.microsoft.com/windows/security/threat-protection/auditing/audit-credential-validation)
- > **Note:** For more information, see [Security Monitoring](https://blogs.technet.microsoft.com/nathangau/2018/01/25/security-monitoring-a-possible-new-way-to-detect-privilege-escalation/)
+- [Audit Token Right Adjusted](https://docs.microsoft.com/windows/security/threat-protection/auditing/audit-token-right-adjusted)
## DS Access
diff --git a/windows/security/threat-protection/auditing/advanced-security-auditing-faq.md b/windows/security/threat-protection/auditing/advanced-security-auditing-faq.md
index c0611c6e06..99b8a989c4 100644
--- a/windows/security/threat-protection/auditing/advanced-security-auditing-faq.md
+++ b/windows/security/threat-protection/auditing/advanced-security-auditing-faq.md
@@ -3,13 +3,13 @@ title: Advanced security auditing FAQ (Windows 10)
description: This topic for the IT professional lists questions and answers about understanding, deploying, and managing security audit policies.
ms.assetid: 80f8f187-0916-43c2-a7e8-ea712b115a06
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/auditing/advanced-security-auditing.md b/windows/security/threat-protection/auditing/advanced-security-auditing.md
index 63485f34ef..9270164aec 100644
--- a/windows/security/threat-protection/auditing/advanced-security-auditing.md
+++ b/windows/security/threat-protection/auditing/advanced-security-auditing.md
@@ -3,13 +3,13 @@ title: Advanced security audit policies (Windows 10)
description: Advanced security audit policy settings are found in Security Settings\\Advanced Audit Policy Configuration\\System Audit Policies and appear to overlap with basic security audit policies, but they are recorded and applied differently.
ms.assetid: 6FE8AC10-F48E-4BBF-979B-43A5DFDC5DFC
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md b/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md
index f416edda8c..d212b266b1 100644
--- a/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md
+++ b/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md
@@ -6,11 +6,11 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
---
# Appendix A: Security monitoring recommendations for many audit events
diff --git a/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md b/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md
index f623632235..e559dc6001 100644
--- a/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md
+++ b/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md
@@ -3,13 +3,13 @@ title: Apply a basic audit policy on a file or folder (Windows 10)
description: You can apply audit policies to individual files and folders on your computer by setting the permission type to record successful access attempts or failed access attempts in the security log.
ms.assetid: 565E7249-5CD0-4B2E-B2C0-B3A0793A51E2
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/auditing/audit-account-lockout.md b/windows/security/threat-protection/auditing/audit-account-lockout.md
index dcd17c9695..34e1304ce4 100644
--- a/windows/security/threat-protection/auditing/audit-account-lockout.md
+++ b/windows/security/threat-protection/auditing/audit-account-lockout.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: da68624b-a174-482c-9bc5-ddddab38e589
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 07/16/2018
---
diff --git a/windows/security/threat-protection/auditing/audit-application-generated.md b/windows/security/threat-protection/auditing/audit-application-generated.md
index e880c6b05b..72a5aecec7 100644
--- a/windows/security/threat-protection/auditing/audit-application-generated.md
+++ b/windows/security/threat-protection/auditing/audit-application-generated.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 6c58a365-b25b-42b8-98ab-819002e31871
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-application-group-management.md b/windows/security/threat-protection/auditing/audit-application-group-management.md
index 870ef553dd..96f7a50301 100644
--- a/windows/security/threat-protection/auditing/audit-application-group-management.md
+++ b/windows/security/threat-protection/auditing/audit-application-group-management.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: 1bcaa41e-5027-4a86-96b7-f04eaf1c0606
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-audit-policy-change.md b/windows/security/threat-protection/auditing/audit-audit-policy-change.md
index f8d37dcdaa..8f4d1d0d23 100644
--- a/windows/security/threat-protection/auditing/audit-audit-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-audit-policy-change.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 7153bf75-6978-4d7e-a821-59a699efb8a9
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-authentication-policy-change.md b/windows/security/threat-protection/auditing/audit-authentication-policy-change.md
index 0171ab438c..8020663eb5 100644
--- a/windows/security/threat-protection/auditing/audit-authentication-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-authentication-policy-change.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes this Advanced Security
ms.assetid: aa9cea7a-aadf-47b7-b704-ac253b8e79be
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-authorization-policy-change.md b/windows/security/threat-protection/auditing/audit-authorization-policy-change.md
index 329e7259b8..af4339ce53 100644
--- a/windows/security/threat-protection/auditing/audit-authorization-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-authorization-policy-change.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: ca0587a2-a2b3-4300-aa5d-48b4553c3b36
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md b/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md
index a9c4011dab..061105bbac 100644
--- a/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md
+++ b/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: D9BB11CE-949A-4B48-82BF-30DC5E6FC67D
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-certification-services.md b/windows/security/threat-protection/auditing/audit-certification-services.md
index 1dd10ad26a..4214420b03 100644
--- a/windows/security/threat-protection/auditing/audit-certification-services.md
+++ b/windows/security/threat-protection/auditing/audit-certification-services.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: cdefc34e-fb1f-4eff-b766-17713c5a1b03
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-computer-account-management.md b/windows/security/threat-protection/auditing/audit-computer-account-management.md
index 1425e2cb70..d0d902a868 100644
--- a/windows/security/threat-protection/auditing/audit-computer-account-management.md
+++ b/windows/security/threat-protection/auditing/audit-computer-account-management.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: 6c406693-57bf-4411-bb6c-ff83ce548991
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-credential-validation.md b/windows/security/threat-protection/auditing/audit-credential-validation.md
index 68b0305d77..feac5d138b 100644
--- a/windows/security/threat-protection/auditing/audit-credential-validation.md
+++ b/windows/security/threat-protection/auditing/audit-credential-validation.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: 6654b33a-922e-4a43-8223-ec5086dfc926
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-detailed-directory-service-replication.md b/windows/security/threat-protection/auditing/audit-detailed-directory-service-replication.md
index 93757103e6..2b345207d2 100644
--- a/windows/security/threat-protection/auditing/audit-detailed-directory-service-replication.md
+++ b/windows/security/threat-protection/auditing/audit-detailed-directory-service-replication.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: 1b89c8f5-bce7-4b20-8701-42585c7ab993
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-detailed-file-share.md b/windows/security/threat-protection/auditing/audit-detailed-file-share.md
index 6d6e5b0095..41ed83320d 100644
--- a/windows/security/threat-protection/auditing/audit-detailed-file-share.md
+++ b/windows/security/threat-protection/auditing/audit-detailed-file-share.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 60310104-b820-4033-a1cb-022a34f064ae
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-directory-service-access.md b/windows/security/threat-protection/auditing/audit-directory-service-access.md
index a56a269acd..ae15d23652 100644
--- a/windows/security/threat-protection/auditing/audit-directory-service-access.md
+++ b/windows/security/threat-protection/auditing/audit-directory-service-access.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: ba2562ba-4282-4588-b87c-a3fcb771c7d0
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-directory-service-changes.md b/windows/security/threat-protection/auditing/audit-directory-service-changes.md
index 8fc975671d..4110cd1ec6 100644
--- a/windows/security/threat-protection/auditing/audit-directory-service-changes.md
+++ b/windows/security/threat-protection/auditing/audit-directory-service-changes.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: 9f7c0dd4-3977-47dd-a0fb-ec2f17cad05e
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-directory-service-replication.md b/windows/security/threat-protection/auditing/audit-directory-service-replication.md
index 6580b8f311..06737f9521 100644
--- a/windows/security/threat-protection/auditing/audit-directory-service-replication.md
+++ b/windows/security/threat-protection/auditing/audit-directory-service-replication.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: b95d296c-7993-4e8d-8064-a8bbe284bd56
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-distribution-group-management.md b/windows/security/threat-protection/auditing/audit-distribution-group-management.md
index 83d36fa376..0c779c954f 100644
--- a/windows/security/threat-protection/auditing/audit-distribution-group-management.md
+++ b/windows/security/threat-protection/auditing/audit-distribution-group-management.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: d46693a4-5887-4a58-85db-2f6cba224a66
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-dpapi-activity.md b/windows/security/threat-protection/auditing/audit-dpapi-activity.md
index 3efd600fab..835e1fd7f3 100644
--- a/windows/security/threat-protection/auditing/audit-dpapi-activity.md
+++ b/windows/security/threat-protection/auditing/audit-dpapi-activity.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: be4d4c83-c857-4e3d-a84e-8bcc3f2c99cd
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-file-share.md b/windows/security/threat-protection/auditing/audit-file-share.md
index ed86354e2b..512ae2084a 100644
--- a/windows/security/threat-protection/auditing/audit-file-share.md
+++ b/windows/security/threat-protection/auditing/audit-file-share.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 9ea985f8-8936-4b79-abdb-35cbb7138f78
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-file-system.md b/windows/security/threat-protection/auditing/audit-file-system.md
index 6f97bd7fdd..fe21575b2b 100644
--- a/windows/security/threat-protection/auditing/audit-file-system.md
+++ b/windows/security/threat-protection/auditing/audit-file-system.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 6a71f283-b8e5-41ac-b348-0b7ec6ea0b1f
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md b/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md
index 187040144e..734f231b24 100644
--- a/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md
+++ b/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: d72936e9-ff01-4d18-b864-a4958815df59
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md b/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md
index e37ee47f16..b953cf56c0 100644
--- a/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md
+++ b/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 95457601-68d1-4385-af20-87916ddab906
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md b/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md
index 6cd117429a..c82bbebd49 100644
--- a/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 0eaf1c56-672b-4ea9-825a-22dc03eb4041
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-group-membership.md b/windows/security/threat-protection/auditing/audit-group-membership.md
index 7af1da773b..18b2e9556d 100644
--- a/windows/security/threat-protection/auditing/audit-group-membership.md
+++ b/windows/security/threat-protection/auditing/audit-group-membership.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: 1CD7B014-FBD9-44B9-9274-CC5715DE58B9
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-handle-manipulation.md b/windows/security/threat-protection/auditing/audit-handle-manipulation.md
index 4f4f0616af..3802d34249 100644
--- a/windows/security/threat-protection/auditing/audit-handle-manipulation.md
+++ b/windows/security/threat-protection/auditing/audit-handle-manipulation.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 1fbb004a-ccdc-4c80-b3da-a4aa7a9f4091
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-ipsec-driver.md b/windows/security/threat-protection/auditing/audit-ipsec-driver.md
index 6b69b8a282..0f0a9fa7b5 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-driver.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-driver.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: c8b8c02f-5ad0-4ee5-9123-ea8cdae356a5
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 10/02/2018
---
diff --git a/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md b/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md
index 27e7cf7591..af3502ddce 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: 2b4fee9e-482a-4181-88a8-6a79d8fc8049
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 10/02/2018
---
diff --git a/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md b/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md
index 84c5eda210..d4aa3ebf77 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: 06ed26ec-3620-4ef4-a47a-c70df9c8827b
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 10/02/2018
---
diff --git a/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md b/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md
index 9f081e8e45..54e46c85cd 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: 7be67a15-c2ce-496a-9719-e25ac7699114
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 10/02/2018
---
diff --git a/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md b/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md
index 995bf11ffc..d28314643d 100644
--- a/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md
+++ b/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 990dd6d9-1a1f-4cce-97ba-5d7e0a7db859
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md b/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md
index 4e685381b1..f8bacdd852 100644
--- a/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md
+++ b/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: ddc0abef-ac7f-4849-b90d-66700470ccd6
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-kernel-object.md b/windows/security/threat-protection/auditing/audit-kernel-object.md
index f4c965ec52..44049a109f 100644
--- a/windows/security/threat-protection/auditing/audit-kernel-object.md
+++ b/windows/security/threat-protection/auditing/audit-kernel-object.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 75619d8b-b1eb-445b-afc9-0f9053be97fb
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-logoff.md b/windows/security/threat-protection/auditing/audit-logoff.md
index 3ff2570d46..45e9abeb45 100644
--- a/windows/security/threat-protection/auditing/audit-logoff.md
+++ b/windows/security/threat-protection/auditing/audit-logoff.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 681e51f2-ba06-46f5-af8c-d9c48d515432
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 07/16/2018
---
diff --git a/windows/security/threat-protection/auditing/audit-logon.md b/windows/security/threat-protection/auditing/audit-logon.md
index a1fa633cae..3742607eba 100644
--- a/windows/security/threat-protection/auditing/audit-logon.md
+++ b/windows/security/threat-protection/auditing/audit-logon.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: ca968d03-7d52-48c4-ba0e-2bcd2937231b
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md b/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md
index f756f7d9b5..25e29659e8 100644
--- a/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 263461b3-c61c-4ec3-9dee-851164845019
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-network-policy-server.md b/windows/security/threat-protection/auditing/audit-network-policy-server.md
index cc023326da..6d7eaac005 100644
--- a/windows/security/threat-protection/auditing/audit-network-policy-server.md
+++ b/windows/security/threat-protection/auditing/audit-network-policy-server.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 43b2aea4-26df-46da-b761-2b30f51a80f7
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md b/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md
index 309f195d7d..f1227802bd 100644
--- a/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md
+++ b/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 8fd74783-1059-443e-aa86-566d78606627
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-other-account-logon-events.md b/windows/security/threat-protection/auditing/audit-other-account-logon-events.md
index 218e662e92..edbcb2555d 100644
--- a/windows/security/threat-protection/auditing/audit-other-account-logon-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-account-logon-events.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: c8c6bfe0-33d2-4600-bb1a-6afa840d75b3
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-other-account-management-events.md b/windows/security/threat-protection/auditing/audit-other-account-management-events.md
index a52ff0d042..cd054ab132 100644
--- a/windows/security/threat-protection/auditing/audit-other-account-management-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-account-management-events.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 4ce22eeb-a96f-4cf9-a46d-6642961a31d5
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md b/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md
index 77527e8253..b10a5106ba 100644
--- a/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 76d987cd-1917-4907-a739-dd642609a458
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-other-object-access-events.md b/windows/security/threat-protection/auditing/audit-other-object-access-events.md
index d9513980da..3bfc786df1 100644
--- a/windows/security/threat-protection/auditing/audit-other-object-access-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-object-access-events.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: b9774595-595d-4199-b0c5-8dbc12b6c8b2
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 05/29/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-other-policy-change-events.md b/windows/security/threat-protection/auditing/audit-other-policy-change-events.md
index 2690694166..e156529bf1 100644
--- a/windows/security/threat-protection/auditing/audit-other-policy-change-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-policy-change-events.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 8618502e-c21c-41cc-8a49-3dc1eb359e60
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md b/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md
index bbe45925d3..e13d22c6e3 100644
--- a/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md
@@ -4,13 +4,13 @@ description: This security policy setting is not used.
ms.assetid: 5f7f5b25-42a6-499f-8aa2-01ac79a2a63c
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-other-system-events.md b/windows/security/threat-protection/auditing/audit-other-system-events.md
index 66a05eb6c1..839166429b 100644
--- a/windows/security/threat-protection/auditing/audit-other-system-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-system-events.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 2401e4cc-d94e-41ec-82a7-e10914295f8b
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-pnp-activity.md b/windows/security/threat-protection/auditing/audit-pnp-activity.md
index cc7a689b7c..6e2ce1aa93 100644
--- a/windows/security/threat-protection/auditing/audit-pnp-activity.md
+++ b/windows/security/threat-protection/auditing/audit-pnp-activity.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: A3D87B3B-EBBE-442A-953B-9EB75A5F600E
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-process-creation.md b/windows/security/threat-protection/auditing/audit-process-creation.md
index 0868fa7fe7..8532644095 100644
--- a/windows/security/threat-protection/auditing/audit-process-creation.md
+++ b/windows/security/threat-protection/auditing/audit-process-creation.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 67e39fcd-ded6-45e8-b1b6-d411e4e93019
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-process-termination.md b/windows/security/threat-protection/auditing/audit-process-termination.md
index 5bf90b6f6a..3943542ccf 100644
--- a/windows/security/threat-protection/auditing/audit-process-termination.md
+++ b/windows/security/threat-protection/auditing/audit-process-termination.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 65d88e53-14aa-48a4-812b-557cebbf9e50
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-registry.md b/windows/security/threat-protection/auditing/audit-registry.md
index 4db7d65686..fe4cd66839 100644
--- a/windows/security/threat-protection/auditing/audit-registry.md
+++ b/windows/security/threat-protection/auditing/audit-registry.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 02bcc23b-4823-46ac-b822-67beedf56b32
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-removable-storage.md b/windows/security/threat-protection/auditing/audit-removable-storage.md
index f35a441ef8..96314fa0bd 100644
--- a/windows/security/threat-protection/auditing/audit-removable-storage.md
+++ b/windows/security/threat-protection/auditing/audit-removable-storage.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 1746F7B3-8B41-4661-87D8-12F734AFFB26
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-rpc-events.md b/windows/security/threat-protection/auditing/audit-rpc-events.md
index 1a4b0dbfbc..f35fb87e98 100644
--- a/windows/security/threat-protection/auditing/audit-rpc-events.md
+++ b/windows/security/threat-protection/auditing/audit-rpc-events.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: 868aec2d-93b4-4bc8-a150-941f88838ba6
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-sam.md b/windows/security/threat-protection/auditing/audit-sam.md
index 2a7efe94ec..31d65aafb1 100644
--- a/windows/security/threat-protection/auditing/audit-sam.md
+++ b/windows/security/threat-protection/auditing/audit-sam.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 1d00f955-383d-4c95-bbd1-fab4a991a46e
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-security-group-management.md b/windows/security/threat-protection/auditing/audit-security-group-management.md
index 91aef3a375..710f45b4ae 100644
--- a/windows/security/threat-protection/auditing/audit-security-group-management.md
+++ b/windows/security/threat-protection/auditing/audit-security-group-management.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: ac2ee101-557b-4c84-b9fa-4fb23331f1aa
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 02/28/2019
---
diff --git a/windows/security/threat-protection/auditing/audit-security-state-change.md b/windows/security/threat-protection/auditing/audit-security-state-change.md
index ac8fcf4c32..f002a9938a 100644
--- a/windows/security/threat-protection/auditing/audit-security-state-change.md
+++ b/windows/security/threat-protection/auditing/audit-security-state-change.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: decb3218-a67d-4efa-afc0-337c79a89a2d
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-security-system-extension.md b/windows/security/threat-protection/auditing/audit-security-system-extension.md
index 97c9f853c7..3d2beb88d0 100644
--- a/windows/security/threat-protection/auditing/audit-security-system-extension.md
+++ b/windows/security/threat-protection/auditing/audit-security-system-extension.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 9f3c6bde-42b2-4a0a-b353-ed3106ebc005
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md b/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md
index c099b898d6..ac5edaec4a 100644
--- a/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md
+++ b/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 915abf50-42d2-45f6-9fd1-e7bd201b193d
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-special-logon.md b/windows/security/threat-protection/auditing/audit-special-logon.md
index faa994ab12..cae080c72b 100644
--- a/windows/security/threat-protection/auditing/audit-special-logon.md
+++ b/windows/security/threat-protection/auditing/audit-special-logon.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: e1501bac-1d09-4593-8ebb-f311231567d3
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-system-integrity.md b/windows/security/threat-protection/auditing/audit-system-integrity.md
index df2120830a..606b78493e 100644
--- a/windows/security/threat-protection/auditing/audit-system-integrity.md
+++ b/windows/security/threat-protection/auditing/audit-system-integrity.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the Advanced Security
ms.assetid: 942a9a7f-fa31-4067-88c7-f73978bf2034
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
new file mode 100644
index 0000000000..a4fb47fef4
--- /dev/null
+++ b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
@@ -0,0 +1,27 @@
+---
+title: Audit Token Right Adjusted (Windows 10)
+description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Token Right Adjusted, which determines whether the operating system generates audit events when specific changes are made to the privileges of a token.
+---
+
+# Audit Token Right Adjusted
+
+**Applies to**
+- Windows 10
+- Windows Server 2016
+
+
+Audit Token Right Adjusted allows you to audit events generated by adjusting the privileges of a token.
+
+For more information, see [Security Monitoring: A Possible New Way to Detect Privilege Escalation](https://blogs.technet.microsoft.com/nathangau/2018/01/25/security-monitoring-a-possible-new-way-to-detect-privilege-escalation/).
+
+| Computer Type | General Success | General Failure | Stronger Success | Stronger Failure | Comments |
+|-------------------|-----------------|-----------------|------------------|------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Domain Controller | IF | No | IF | No | IF – With Success auditing for this subcategory, you can get information related to changes to the privileges of a token.
However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Member Server | IF | No | IF | No | IF – With Success auditing for this subcategory, you can get information related to changes to the privileges of a token.
However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Workstation | IF | No | IF | No | IF – With Success auditing for this subcategory, you can get information related to changes to the privileges of a token.
However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+
+**Events List:**
+
+- [4703](event-4703.md)(S): A user right was adjusted.
+
+**Event volume**: High.
diff --git a/windows/security/threat-protection/auditing/audit-user-account-management.md b/windows/security/threat-protection/auditing/audit-user-account-management.md
index 82f8975fd5..25d5f2620c 100644
--- a/windows/security/threat-protection/auditing/audit-user-account-management.md
+++ b/windows/security/threat-protection/auditing/audit-user-account-management.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: f7e72998-3858-4197-a443-19586ecc4bfb
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/audit-user-device-claims.md b/windows/security/threat-protection/auditing/audit-user-device-claims.md
index 7877fe6b80..55da915b55 100644
--- a/windows/security/threat-protection/auditing/audit-user-device-claims.md
+++ b/windows/security/threat-protection/auditing/audit-user-device-claims.md
@@ -4,13 +4,13 @@ description: This topic for the IT professional describes the advanced security
ms.assetid: D3D2BFAF-F2C0-462A-9377-673DB49D5486
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
---
diff --git a/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md b/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md
index 07f239f4d3..f345a84336 100644
--- a/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md
+++ b/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md
@@ -3,13 +3,13 @@ title: Audit account logon events (Windows 10)
description: Determines whether to audit each instance of a user logging on to or logging off from another device in which this device is used to validate the account.
ms.assetid: 84B44181-E325-49A1-8398-AECC3CE0A516
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/auditing/basic-audit-account-management.md b/windows/security/threat-protection/auditing/basic-audit-account-management.md
index 3d6f35ef9d..e699a88ac1 100644
--- a/windows/security/threat-protection/auditing/basic-audit-account-management.md
+++ b/windows/security/threat-protection/auditing/basic-audit-account-management.md
@@ -3,13 +3,13 @@ title: Audit account management (Windows 10)
description: Determines whether to audit each event of account management on a device.
ms.assetid: 369197E1-7E0E-45A4-89EA-16D91EF01689
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md b/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md
index 65f6a0672b..5fcf6e9222 100644
--- a/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md
+++ b/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md
@@ -3,13 +3,13 @@ title: Audit directory service access (Windows 10)
description: Determines whether to audit the event of a user accessing an Active Directory object that has its own system access control list (SACL) specified.
ms.assetid: 52F02EED-3CFE-4307-8D06-CF1E27693D09
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/auditing/basic-audit-logon-events.md b/windows/security/threat-protection/auditing/basic-audit-logon-events.md
index edba7f71a5..5c7672c13a 100644
--- a/windows/security/threat-protection/auditing/basic-audit-logon-events.md
+++ b/windows/security/threat-protection/auditing/basic-audit-logon-events.md
@@ -3,13 +3,13 @@ title: Audit logon events (Windows 10)
description: Determines whether to audit each instance of a user logging on to or logging off from a device.
ms.assetid: 78B5AFCB-0BBD-4C38-9FE9-6B4571B94A35
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/auditing/basic-audit-object-access.md b/windows/security/threat-protection/auditing/basic-audit-object-access.md
index ae6a25d613..438dd850c9 100644
--- a/windows/security/threat-protection/auditing/basic-audit-object-access.md
+++ b/windows/security/threat-protection/auditing/basic-audit-object-access.md
@@ -3,13 +3,13 @@ title: Audit object access (Windows 10)
description: Determines whether to audit the event of a user accessing an object--for example, a file, folder, registry key, printer, and so forth--that has its own system access control list (SACL) specified.
ms.assetid: D15B6D67-7886-44C2-9972-3F192D5407EA
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/auditing/basic-audit-policy-change.md b/windows/security/threat-protection/auditing/basic-audit-policy-change.md
index a98760482c..b80e5788af 100644
--- a/windows/security/threat-protection/auditing/basic-audit-policy-change.md
+++ b/windows/security/threat-protection/auditing/basic-audit-policy-change.md
@@ -3,13 +3,13 @@ title: Audit policy change (Windows 10)
description: Determines whether to audit every incident of a change to user rights assignment policies, audit policies, or trust policies.
ms.assetid: 1025A648-6B22-4C85-9F47-FE0897F1FA31
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/auditing/basic-audit-privilege-use.md b/windows/security/threat-protection/auditing/basic-audit-privilege-use.md
index 4a0ea891c0..a3e7893fe6 100644
--- a/windows/security/threat-protection/auditing/basic-audit-privilege-use.md
+++ b/windows/security/threat-protection/auditing/basic-audit-privilege-use.md
@@ -3,13 +3,13 @@ title: Audit privilege use (Windows 10)
description: Determines whether to audit each instance of a user exercising a user right.
ms.assetid: C5C6DAAF-8B58-4DFB-B1CE-F0675AE0E9F8
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/auditing/basic-audit-process-tracking.md b/windows/security/threat-protection/auditing/basic-audit-process-tracking.md
index c99e882563..4f02eab9a3 100644
--- a/windows/security/threat-protection/auditing/basic-audit-process-tracking.md
+++ b/windows/security/threat-protection/auditing/basic-audit-process-tracking.md
@@ -3,13 +3,13 @@ title: Audit process tracking (Windows 10)
description: Determines whether to audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access.
ms.assetid: 91AC5C1E-F4DA-4B16-BEE2-C92D66E4CEEA
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/auditing/basic-audit-system-events.md b/windows/security/threat-protection/auditing/basic-audit-system-events.md
index 6283d5a530..7811de4253 100644
--- a/windows/security/threat-protection/auditing/basic-audit-system-events.md
+++ b/windows/security/threat-protection/auditing/basic-audit-system-events.md
@@ -3,13 +3,13 @@ title: Audit system events (Windows 10)
description: Determines whether to audit when a user restarts or shuts down the computer or when an event occurs that affects either the system security or the security log.
ms.assetid: BF27588C-2AA7-4365-A4BF-3BB377916447
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/auditing/basic-security-audit-policies.md b/windows/security/threat-protection/auditing/basic-security-audit-policies.md
index 80170efbf6..1e73acf50d 100644
--- a/windows/security/threat-protection/auditing/basic-security-audit-policies.md
+++ b/windows/security/threat-protection/auditing/basic-security-audit-policies.md
@@ -3,13 +3,13 @@ title: Basic security audit policies (Windows 10)
description: Before you implement auditing, you must decide on an auditing policy.
ms.assetid: 3B678568-7AD7-4734-9BB4-53CF5E04E1D3
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md b/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md
index 997ee3cfee..686cdfdc71 100644
--- a/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md
+++ b/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md
@@ -3,13 +3,13 @@ title: Basic security audit policy settings (Windows 10)
description: Basic security audit policy settings are found under Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Audit Policy.
ms.assetid: 31C2C453-2CFC-4D9E-BC88-8CE1C1A8F900
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md b/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md
index a99bb14e40..745c787671 100644
--- a/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md
+++ b/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md
@@ -3,13 +3,13 @@ title: Create a basic audit policy for an event category (Windows 10)
description: By defining auditing settings for specific event categories, you can create an auditing policy that suits the security needs of your organization.
ms.assetid: C9F52751-B40D-482E-BE9D-2C61098249D3
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
diff --git a/windows/security/threat-protection/auditing/event-1100.md b/windows/security/threat-protection/auditing/event-1100.md
index 5f995bb735..251aa8834c 100644
--- a/windows/security/threat-protection/auditing/event-1100.md
+++ b/windows/security/threat-protection/auditing/event-1100.md
@@ -6,11 +6,11 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
---
# 1100(S): The event logging service has shut down.
diff --git a/windows/security/threat-protection/auditing/event-1102.md b/windows/security/threat-protection/auditing/event-1102.md
index 1edce314ef..c1d44d55e0 100644
--- a/windows/security/threat-protection/auditing/event-1102.md
+++ b/windows/security/threat-protection/auditing/event-1102.md
@@ -6,11 +6,11 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
---
# 1102(S): The audit log was cleared.
diff --git a/windows/security/threat-protection/auditing/event-1104.md b/windows/security/threat-protection/auditing/event-1104.md
index d70f00eeb9..5854f68b90 100644
--- a/windows/security/threat-protection/auditing/event-1104.md
+++ b/windows/security/threat-protection/auditing/event-1104.md
@@ -6,11 +6,11 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
-author: Mir0sh
+author: dansimp
ms.date: 04/19/2017
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
---
# 1104(S): The security log is now full.
diff --git a/windows/security/threat-protection/auditing/event-4624.md b/windows/security/threat-protection/auditing/event-4624.md
index 2ca7e8267c..1eaf9e6b79 100644
--- a/windows/security/threat-protection/auditing/event-4624.md
+++ b/windows/security/threat-protection/auditing/event-4624.md
@@ -33,55 +33,55 @@ This event generates when a logon session is created (on destination machine). I
***Event XML:***
-```
--
--
-
- 4624
- 2
- 0
- 12544
- 0
- 0x8020000000000000
-
- 211
-
-
- Security
- WIN-GG82ULGC9GO
-
-
--
- S-1-5-18
- WIN-GG82ULGC9GO$
- WORKGROUP
- 0x3e7
- S-1-5-21-1377283216-344919071-3415362939-500
- Administrator
- WIN-GG82ULGC9GO
- 0x8dcdc
- 2
- User32
- Negotiate
- WIN-GG82ULGC9GO
- {00000000-0000-0000-0000-000000000000}
- -
- -
- 0
- 0x44c
- C:\\Windows\\System32\\svchost.exe
- 127.0.0.1
- 0
- %%1833
- -
- -
- -
- %%1843
- 0x0
- %%1842
-
-
-
+```xml
+
+
+
+
+ 4624
+ 2
+ 0
+ 12544
+ 0
+ 0x8020000000000000
+
+ 211
+
+
+ Security
+ WIN-GG82ULGC9GO
+
+
+
+ S-1-5-18
+ WIN-GG82ULGC9GO$
+ WORKGROUP
+ 0x3e7
+ S-1-5-21-1377283216-344919071-3415362939-500
+ Administrator
+ WIN-GG82ULGC9GO
+ 0x8dcdc
+ 2
+ User32
+ Negotiate
+ WIN-GG82ULGC9GO
+ {00000000-0000-0000-0000-000000000000}
+ -
+ -
+ 0
+ 0x44c
+ C:\\Windows\\System32\\svchost.exe
+ 127.0.0.1
+ 0
+ %%1833
+ -
+ -
+ -
+ %%1843
+ 0x0
+ %%1842
+
+
```
***Required Server Roles:*** None.
@@ -144,17 +144,17 @@ This event generates when a logon session is created (on destination machine). I
## Logon types and descriptions
-| Logon Type | Logon Title | Description |
-|------------|-------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| 2 | Interactive | A user logged on to this computer. |
-| 3 | Network | A user or computer logged on to this computer from the network. |
-| 4 | Batch | Batch logon type is used by batch servers, where processes may be executing on behalf of a user without their direct intervention. |
-| 5 | Service | A service was started by the Service Control Manager. |
-| 7 | Unlock | This workstation was unlocked. |
-| 8 | NetworkCleartext | A user logged on to this computer from the network. The user's password was passed to the authentication package in its unhashed form. The built-in authentication packages all hash credentials before sending them across the network. The credentials do not traverse the network in plaintext (also called cleartext). |
-| 9 | NewCredentials | A caller cloned its current token and specified new credentials for outbound connections. The new logon session has the same local identity, but uses different credentials for other network connections. |
-| 10 | RemoteInteractive | A user logged on to this computer remotely using Terminal Services or Remote Desktop. |
-| 11 | CachedInteractive | A user logged on to this computer with network credentials that were stored locally on the computer. The domain controller was not contacted to verify the credentials. |
+| Logon Type | Logon Title | Description |
+|:----------:|---------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `2` | `Interactive` | A user logged on to this computer. |
+| `3` | `Network` | A user or computer logged on to this computer from the network. |
+| `4` | `Batch` | Batch logon type is used by batch servers, where processes may be executing on behalf of a user without their direct intervention. |
+| `5` | `Service` | A service was started by the Service Control Manager. |
+| `7` | `Unlock` | This workstation was unlocked. |
+| `8` | `NetworkCleartext` | A user logged on to this computer from the network. The user's password was passed to the authentication package in its unhashed form. The built-in authentication packages all hash credentials before sending them across the network. The credentials do not traverse the network in plaintext (also called cleartext). |
+| `9` | `NewCredentials` | A caller cloned its current token and specified new credentials for outbound connections. The new logon session has the same local identity, but uses different credentials for other network connections. |
+| `10` | `RemoteInteractive` | A user logged on to this computer remotely using Terminal Services or Remote Desktop. |
+| `11` | `CachedInteractive` | A user logged on to this computer with network credentials that were stored locally on the computer. The domain controller was not contacted to verify the credentials. |
- **Restricted Admin Mode** \[Version 2\] \[Type = UnicodeString\]**:** Only populated for **RemoteInteractive** logon type sessions. This is a Yes/No flag indicating if the credentials provided were passed using Restricted Admin mode. Restricted Admin mode was added in Win8.1/2012R2 but this flag was added to the event in Win10.
diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md
index 934f310147..9964b6f390 100644
--- a/windows/security/threat-protection/auditing/event-5155.md
+++ b/windows/security/threat-protection/auditing/event-5155.md
@@ -24,35 +24,46 @@ By default Windows firewall won't prevent a port from being listened by an appli
You can add your own filters using the WFP APIs to block listen to reproduce this event: .
-There is no event example in this document.
-
***Subcategory:*** [Audit Filtering Platform Connection](audit-filtering-platform-connection.md)
-***Event Schema:***
+***Event Description:***
-*The Windows Filtering Platform has blocked an application or service from listening on a port for incoming connections.*
+This event generates every time the [Windows Filtering Platform](https://docs.microsoft.com/windows/win32/fwp/windows-filtering-platform-start-page) blocks an application or service from listening on a port for incoming connections.
-*Application Information:*
+
-> *Process ID:%1*
->
-> *Application Name:%2*
-
-*Network Information:*
-
-> *Source Address:%3*
->
-> *Source Port:%4*
->
-> *Protocol:%5*
-
-*Filter Information:*
-
-> *Filter Run-Time ID:%6*
->
-> *Layer Name:%7*
->
-> *Layer Run-Time ID:%8*
+***Event XML:***
+```xml
+
+
+
+ 5155
+ 0
+ 0
+ 12810
+ 0
+ 0x8010000000000000
+
+ 42196
+
+
+ Security
+ NATHAN-AGENT2
+
+
+
+ 2628
+ \device\harddiskvolume2\users\test\desktop\netcat\nc.exe
+ 0.0.0.0
+ 5555
+ 6
+ 84576
+ %%14609
+ 40
+
+
+```
***Required Server Roles:*** None.
@@ -60,6 +71,76 @@ There is no event example in this document.
***Event Versions:*** 0.
+***Field Descriptions:***
+
+**Application Information**:
+
+- **Process ID** \[Type = Pointer\]: Hexadecimal Process ID (PID) of the process which was permitted to bind to the local port. The PID is a number used by the operating system to uniquely identify an active process. To see the PID for a specific process you can, for example, use Task Manager (Details tab, PID column):
+
+ 
+
+ If you convert the hexadecimal value to decimal, you can compare it to the values in Task Manager.
+
+ You can also correlate this process ID with a process ID in other events, for example, “[4688](event-4688.md): A new process has been created” **Process Information\\New Process ID**.
+
+
+
+- **Application Name** \[Type = UnicodeString\]**:** Full path and the name of the executable for the process.
+
+ Logical disk is displayed in the format \\device\\harddiskvolume\#. You can get all local volume numbers by using the **diskpart** utility. The command to get volume numbers using diskpart is “**list volume**”:
+
+
+
+**Network Information:**
+
+- **Source Address** \[Type = UnicodeString\]**:** The local IP address of the computer running the application.
+
+ - IPv4 Address
+
+ - IPv6 Address
+
+ - :: - all IP addresses in IPv6 format
+
+ - 0.0.0.0 - all IP addresses in IPv4 format
+
+ - 127.0.0.1 , ::1 - localhost
+
+- **Source Port** \[Type = UnicodeString\]**:** The port number used by the application.
+
+- **Protocol** \[Type = UInt32\]: the protocol number being used.
+
+| Service | Protocol Number |
+|----------------------------------------------------|-----------------|
+| Internet Control Message Protocol (ICMP) | 1 |
+| Transmission Control Protocol (TCP) | 6 |
+| User Datagram Protocol (UDP) | 17 |
+| General Routing Encapsulation (PPTP data over GRE) | 47 |
+| Authentication Header (AH) IPSec | 51 |
+| Encapsulation Security Payload (ESP) IPSec | 50 |
+| Exterior Gateway Protocol (EGP) | 8 |
+| Gateway-Gateway Protocol (GGP) | 3 |
+| Host Monitoring Protocol (HMP) | 20 |
+| Internet Group Management Protocol (IGMP) | 88 |
+| MIT Remote Virtual Disk (RVD) | 66 |
+| OSPF Open Shortest Path First | 89 |
+| PARC Universal Packet Protocol (PUP) | 12 |
+| Reliable Datagram Protocol (RDP) | 27 |
+| Reservation Protocol (RSVP) QoS | 46 |
+
+**Filter Information:**
+
+- **Filter Run-Time ID** \[Type = UInt64\]: A unique filter ID which blocks the application from binding to the port. By default, Windows firewall won't prevent a port from binding to an application, and if this application doesn’t match any filters, you will get a 0 value in this field.
+
+ To find a specific Windows Filtering Platform filter by ID, you need to execute the following command: **netsh wfp show filters**. As a result of this command, a **filters.xml** file will be generated. You need to open this file and find the specific substring with the required filter ID (**<filterId>**), for example:
+
+ 
+
+- **Layer Name** \[Type = UnicodeString\]: [Application Layer Enforcement](https://msdn.microsoft.com/library/windows/desktop/aa363971(v=vs.85).aspx) layer name.
+
+- **Layer Run-Time ID** \[Type = UInt64\]: Windows Filtering Platform layer identifier. To find a specific Windows Filtering Platform layer ID, you need to execute the following command: **netsh wfp show state**. As result of this command, a **wfpstate.xml** file will be generated. You need to open this file and find the specific substring with the required layer ID (**<layerId>**), for example:
+
+
+
## Security Monitoring Recommendations
- If you use Windows Filtering Platform APIs to block application or services from listening on a port, then you can use this event for troubleshooting and monitoring.
diff --git a/windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md b/windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md
index 99b2a8e507..70362c9d1c 100644
--- a/windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md
+++ b/windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md
@@ -10,7 +10,7 @@ ms.mktglfcycl: deploy
ms.pagetype: security
ms.sitesec: library
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
ms.date: 08/14/2017
ms.localizationpriority: medium
---
@@ -21,7 +21,7 @@ ms.localizationpriority: medium
- Windows 10
->Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
+>Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/WindowsForBusiness/Compare).
To help protect your company from attacks which may originate from untrusted or attacker controlled font files, we’ve created the Blocking Untrusted Fonts feature. Using this feature, you can turn on a global setting that stops your employees from loading untrusted fonts processed using the Graphics Device Interface (GDI) onto your network. Untrusted fonts are any font installed outside of the `%windir%/Fonts` directory. Blocking untrusted fonts helps prevent both remote (web-based or email-based) and local EOP attacks that can happen during the font file-parsing process.
diff --git a/windows/security/threat-protection/change-history-for-threat-protection.md b/windows/security/threat-protection/change-history-for-threat-protection.md
index 7c5320ff0d..af17bfed1e 100644
--- a/windows/security/threat-protection/change-history-for-threat-protection.md
+++ b/windows/security/threat-protection/change-history-for-threat-protection.md
@@ -1,7 +1,7 @@
---
title: Change history for [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
ms.reviewer:
-ms.author: dolmont
+ms.author: dansimp
description: This topic lists new and updated topics in the WWindows Defender ATP content set.
ms.prod: w10
ms.mktglfcycl: deploy
diff --git a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md
index f900f5ea9c..2c39b15201 100644
--- a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md
+++ b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md
@@ -6,38 +6,58 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
-ms.author: daniha
-author: danihalfin
-ms.date: 02/22/2019
-ms.reviewer:
+ms.author: dansimp
+author: dansimp
+ms.date: 09/12/2019
+ms.reviewer: dansimp
manager: dansimp
audience: ITPro
---
-# How to control USB devices and other removable media using Windows Defender ATP
+# How to control USB devices and other removable media using Microsoft Defender ATP
-**Applies to:** [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-Microsoft recommends [a layered approach to securing removable media](https://aka.ms/devicecontrolblog), and Windows Defender ATP provides multiple monitoring and control features to help prevent threats in unauthorized peripherals from compromising your devices:
+Microsoft recommends [a layered approach to securing removable media](https://aka.ms/devicecontrolblog), and Microsoft Defender ATP provides multiple monitoring and control features to help prevent threats in unauthorized peripherals from compromising your devices:
1. [Prevent threats from removable storage](#prevent-threats-from-removable-storage) introduced by removable storage devices by enabling:
- [Windows Defender Antivirus real-time protection (RTP)](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus) to scan removable storage for malware.
- The [Attack Surface Reduction (ASR) USB rule](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard) to block untrusted and unsigned processes that run from USB.
- [Direct Memory Access (DMA) protection settings](#protect-against-direct-memory-access-dma-attacks) to mitigate DMA attacks, including [Kernel DMA Protection for Thunderbolt](https://docs.microsoft.com/windows/security/information-protection/kernel-dma-protection-for-thunderbolt) and blocking DMA until a user signs in.
-2. [Detect plug and play connected events for peripherals in Windows Defender ATP advanced hunting](#detect-plug-and-play-connected-events)
- - Identify or investigate suspicious usage activity. Create customized alerts based on these PnP events or any other Windows Defender ATP events with [custom detection rules](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/custom-detection-rules).
+2. [Detect plug and play connected events for peripherals in Microsoft Defender ATP advanced hunting](#detect-plug-and-play-connected-events)
+ - Identify or investigate suspicious usage activity. Create customized alerts based on these PnP events or any other Microsoft Defender ATP events with [custom detection rules](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/custom-detection-rules).
3. [Respond to threats](#respond-to-threats) from peripherals in real-time based on properties reported by each peripheral:
- Granular configuration to deny write access to removable disks and approve or deny devices by USB vendor code, product code, device IDs, or a combination.
- Flexible policy assignment of device installation settings based on an individual or group of Azure Active Directory (Azure AD) users and devices.
>[!Note]
->These threat reduction measures help prevent malware from coming into your environment. To protect enterprise data from leaving your environment, you can also configure data loss prevention measures. For example, on Windows 10 devices you can configure [BitLocker](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-overview) and [Windows Information Protection](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure), which will encrypt company data even if it is stored on a personal device, or use the [Storage/RemovableDiskDenyWriteAccess CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-storage#storage-removablediskdenywriteaccess) to deny write access to removable disks. Additionally, you can [classify and protect files on Windows devices](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/information-protection-in-windows-overview) (including their mounted USB devices) by using Windows Defender ATP and Azure Information Protection.
+>These threat reduction measures help prevent malware from coming into your environment. To protect enterprise data from leaving your environment, you can also configure data loss prevention measures. For example, on Windows 10 devices you can configure [BitLocker](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-overview) and [Windows Information Protection](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure), which will encrypt company data even if it is stored on a personal device, or use the [Storage/RemovableDiskDenyWriteAccess CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-storage#storage-removablediskdenywriteaccess) to deny write access to removable disks. Additionally, you can [classify and protect files on Windows devices](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/information-protection-in-windows-overview) (including their mounted USB devices) by using Microsoft Defender ATP and Azure Information Protection.
## Prevent threats from removable storage
-Windows Defender ATP can help identify and block malicious files on allowed removable storage peripherals.
+Removable storage devices can introduce additional security risk to your organization. Microsoft Defender ATP can help identify and block malicious files on removable storage devices.
+
+Microsoft Defender ATP can also prevent USB peripherals from being used on devices to help prevent external threats. It does this by using the properties reported by USB peripherals to determine whether or not they can be installed and used on the device.
+
+Note that if you block USB devices or any other device classes using the device installation policies, connected devices, such as phones, can still charge.
+
+>[!NOTE]
+>Always test and refine these settings with a pilot group of users and devices first before widely distributing to your organization.
+
+The following table describes the ways Microsoft Defender ATP can help prevent installation and usage of USB peripherals.
+
+For more information about controlling USB devices, see the [Microsoft Defender ATP blog](https://aka.ms/devicecontrolblog).
+
+| Control | Description |
+|----------|-------------|
+| [Block installation and usage of removable storage](#block-installation-and-usage-of-removable-storage) | Users can't install or use removable storage |
+| [Only allow installation and usage of specifically approved peripherals](#only-allow-installation-and-usage-of-specifically-approved-peripherals) | Users can only install and use approved peripherals that report specific properties in their firmware |
+| [Prevent installation of specifically prohibited peripherals](#prevent-installation-of-specifically-prohibited-peripherals) | Users can't install or use prohibited peripherals that report specific properties in their firmware |
+
+>[!NOTE]
+>Because an unauthorized USB peripheral can have firmware that spoofs its USB properties, we recommend only allowing specifically approved USB peripherals and limiting the users who can access them.
### Enable Windows Defender Antivirus Scanning
@@ -49,7 +69,7 @@ Protecting authorized removable storage with Windows Defender Antivirus requires
>[!NOTE]
>We recommend enabling real-time monitoring for scanning. In Intune, you can enable real-time monitoring for Windows 10 in **Device Restrictions** > **Configure** > **Windows Defender Antivirus** > **Real-time monitoring**.
-
### Block untrusted and unsigned processes on USB peripherals
@@ -97,7 +117,7 @@ DMA attacks can lead to disclosure of sensitive information residing on a PC, or
Peripherals that support device memory isolation can always connect. Peripherals that don't can be blocked, allowed, or allowed only after the user signs in (default).
-2. On Windows 10 systems that do not suppprt Kernel DMA Protection, you can:
+2. On Windows 10 systems that do not support Kernel DMA Protection, you can:
- [Block DMA until a user signs in](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-dataprotection#dataprotection-allowdirectmemoryaccess)
- [Block all connections via the Thunderbolt ports (including USB devices)](https://support.microsoft.com/help/2516445/blocking-the-sbp-2-driver-and-thunderbolt-controllers-to-reduce-1394-d)
@@ -113,7 +133,7 @@ To prevent malware infections or data loss, an organization may restrict USB dri
All of the above controls can be set through the Intune [Administrative Templates](https://docs.microsoft.com/intune/administrative-templates-windows). The relevant policies are located here in the Intune Administrator Templates:
-
+
>[!Note]
>Using Intune, you can apply device configuration policies to AAD user and/or device groups.
@@ -121,7 +141,7 @@ The above policies can also be set through the [Device Installation CSP settings
> [!Note]
> Always test and refine these settings with a pilot group of users and devices first before applying them in production.
-For more information about controlling USB devices, see the [Microsoft Secure blog "WDATP has protections for USB and removable devices"](https://www.microsoft.com/security/blog/2018/12/19/windows-defender-atp-has-protections-for-usb-and-removable-devices/).
+For more information about controlling USB devices, see the [Microsoft Defender ATP blog](https://www.microsoft.com/security/blog/2018/12/19/windows-defender-atp-has-protections-for-usb-and-removable-devices/).
### Allow installation and usage of USB drives and other peripherals
@@ -138,7 +158,7 @@ When configuring the allow device installation policy, you will need to allow al
-In this example, the following classesneeded to be added: HID, Keboard, and {36fc9e60-c465-11cf-8056-444553540000}. More information on [Microsoft-provided USB drivers](https://docs.microsoft.com/windows-hardware/drivers/usbcon/supported-usb-classes).
+In this example, the following classes needed to be added: HID, Keyboard, and {36fc9e60-c465-11cf-8056-444553540000}. More information on [Microsoft-provided USB drivers](https://docs.microsoft.com/windows-hardware/drivers/usbcon/supported-usb-classes).
@@ -199,7 +219,7 @@ Allowing installation of specific devices requires also enabling [DeviceInstalla
### Prevent installation of specifically prohibited peripherals
-Windows Defender ATP blocks installation and usage of prohibited peripherals by using either of these options:
+Microsoft Defender ATP blocks installation and usage of prohibited peripherals by using either of these options:
- [Administrative Templates](https://docs.microsoft.com/intune/administrative-templates-windows) can block any device with a matching hardware ID or setup class.
- [Device Installation CSP settings](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation) with a custom profile in Intune. You can [prevent installation of specific device IDs](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventinstallationofmatchingdeviceids) or [prevent specific device classes](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventinstallationofmatchingdevicesetupclasses).
@@ -216,30 +236,18 @@ Using Intune, you can limited the services that can use Bluetooth through the
-## Detect plug and play connected events
-
-You can view plug and play connected events in Windows Defender ATP advanced hunting to identify suspicious usage activity or perform internal investigations.
-For examples of Windows Defender ATP advanced hunting queries, see the [Windows Defender ATP hunting queries GitHub repo](https://github.com/Microsoft/WindowsDefenderATP-Hunting-Queries).
-Based on any Windows Defender ATP event, including the plug and play events, you can create custom alerts using the Windows Defender ATP [custom detection rule feature](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/custom-detection-rules).
-
## Respond to threats
-Windows Defender ATP can prevent USB peripherals from being used on devices to help prevent external threats. It does this by using the properties reported by USB peripherals to determine whether or not they can be installed and used on the device.
+You can create custom alerts and automatic response actions with the [Microsoft Defender ATP Custom Detection Rules](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules). Response actions within the custom detection cover both machine and file level actions. You can also create alerts and automatic response actions using [PowerApps](https://powerapps.microsoft.com/) and [Flow](https://flow.microsoft.com/) with the [Microsoft Defender ATP connector](https://docs.microsoft.com/connectors/wdatp/). The connector supports actions for investigation, threat scanning, and restricting running applications. It is one of over 200 pre-defined connectors including Outlook, Teams, Slack, and more. Custom connectors can also be built. See [Connectors](https://docs.microsoft.com/connectors/) to learn more about connectors.
+
+For example, using either approach, you can automatically have the Microsoft Defender Antivirus run when a USB device is mounted onto a machine.
-> [!NOTE]
-> Always test and refine these settings with a pilot group of users and devices first before applying them in production.
+## Detect plug and play connected events
-The following table describes the ways Windows Defender ATP can help prevent installation and usage of USB peripherals.
-For more information about controlling USB devices, see the [Microsoft Secure blog "WDATP has protections for USB and removable devices"](https://aka.ms/devicecontrolblog).
+You can view plug and play connected events in Microsoft Defender ATP advanced hunting to identify suspicious usage activity or perform internal investigations.
+For examples of Microsoft Defender ATP advanced hunting queries, see the [Microsoft Defender ATP hunting queries GitHub repo](https://github.com/Microsoft/WindowsDefenderATP-Hunting-Queries).
- Control | Description
--|-
- [Block installation and usage of removable storage](#block-installation-and-usage-of-removable-storage) | Users can't install or use removable storage
- [Only allow installation and usage of specifically approved peripherals](#only-allow-installation-and-usage-of-specifically-approved-peripherals) | Users can only install and use approved peripherals that report specific properties in their firmware
- [Prevent installation of specifically prohibited peripherals](#prevent-installation-of-specifically-prohibited-peripherals) | Users can't install or use prohibited peripherals that report specific properties in their firmware
-
-> [!NOTE]
-> Because an unauthorized USB peripheral can have firmware that spoofs its USB properties, we recommend only allowing specifically approved USB peripherals and limiting the users who can access them.
+Sample Power BI report templates are available for Microsoft Defender ATP that you can use for Advanced hunting queries. With these sample templates, including one for device control, you can integrate the power of Advanced hunting into Power BI. See the [GitHub repository for PowerBI templates](https://github.com/microsoft/MDATP-PowerBI-Templates) for more information. See [Create custom reports using Power BI](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/api-power-bi) to learn more about Power BI integration.
### Custom Alerts and Response Actions
diff --git a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md
index 91f7206e6d..1edd7842a6 100644
--- a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md
+++ b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md
@@ -274,9 +274,12 @@ B. If you experience software or device malfunction after using the above proced
C. If you experience a critical error during boot or your system is unstable after using the above procedure to turn on HVCI, you can recover using the Windows Recovery Environment (Windows RE). To boot to Windows RE, see [Windows RE Technical Reference](https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-recovery-environment--windows-re--technical-reference). After logging in to Windows RE, you can turn off HVCI by renaming or deleting the SIPolicy.p7b file from the file location in step 3 above and then restart your device.
-## How to turn off HVCI on the Windows 10 Fall Creators Update
+## How to turn off HVCI
-1. Rename or delete the SIPolicy.p7b file located at C:\Windows\System32\CodeIntegrity.
+1. Run the following command from an elevated prompt to set the HVCI registry key to off
+```ini
+reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Enabled" /t REG_DWORD /d 0 /f
+```
2. Restart the device.
3. To confirm HVCI has been successfully disabled, open System Information and check **Virtualization-based security Services Running**, which should now have no value displayed.
diff --git a/windows/security/threat-protection/fips-140-validation.md b/windows/security/threat-protection/fips-140-validation.md
index 5548e18dd5..5f47de9db6 100644
--- a/windows/security/threat-protection/fips-140-validation.md
+++ b/windows/security/threat-protection/fips-140-validation.md
@@ -4,7 +4,7 @@ description: This topic provides information on how Microsoft products and crypt
ms.prod: w10
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
@@ -109,6 +109,7 @@ The following list contains some of the Windows components and Microsoft product
- Some Microsoft .NET Framework Applications (.NET also provides cryptographic algorithm implementations that have not been FIPS 140 validated.)
- BitLocker® Drive Full-volume Encryption
- IPsec Settings of Windows Firewall
+- Server Message Block (SMB) 3.x
## Information for System Integrators
@@ -1290,7 +1291,7 @@ Validated Editions: Ultimate Edition
Algorithms |
-| Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enchanced Cryptographic Provider, and Enhanced Cryptographic Provider |
+Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider |
5.0.2150.1 |
76 |
FIPS Approved algorithms: Triple-DES (vendor affirmed); DSA/SHA-1 (Certs. #28 and 29); RSA (vendor affirmed)
@@ -1317,7 +1318,7 @@ Validated Editions: Ultimate Edition
| Algorithms |
-| Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enchanced Cryptographic Provider, and Enhanced Cryptographic Provider |
+Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider |
5.0.1877.6 and 5.0.1877.7 |
75 |
FIPS Approved algorithms: Triple-DES (vendor affirmed); SHA-1 (Certs. #20 and 21); DSA/SHA-1 (Certs. #25 and 26); RSA (vendor- affirmed)
@@ -6219,7 +6220,7 @@ Version 6.3.9600 |
SHA-256 (BYTE-only)
SHA-384 (BYTE-only)
SHA-512 (BYTE-only)
-Windows 7and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation #1081
+ | Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation #1081
Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) #816 |
diff --git a/windows/security/threat-protection/get-support-for-security-baselines.md b/windows/security/threat-protection/get-support-for-security-baselines.md
index 2c5d379949..c3cdc07f58 100644
--- a/windows/security/threat-protection/get-support-for-security-baselines.md
+++ b/windows/security/threat-protection/get-support-for-security-baselines.md
@@ -5,7 +5,7 @@ keywords: virtualization, security, malware
ms.prod: w10
ms.mktglfcycl: deploy
ms.localizationpriority: medium
-ms.author: dolmont
+ms.author: dansimp
author: dulcemontemayor
manager: dansimp
audience: ITPro
diff --git a/windows/security/threat-protection/images/TVM_icon.png b/windows/security/threat-protection/images/TVM_icon.png
index 41faa16718..63f8c75929 100644
Binary files a/windows/security/threat-protection/images/TVM_icon.png and b/windows/security/threat-protection/images/TVM_icon.png differ
diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md
index ed4ed90c14..080a09e0b5 100644
--- a/windows/security/threat-protection/index.md
+++ b/windows/security/threat-protection/index.md
@@ -7,12 +7,12 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
-ms.author: dolmont
+ms.author: dansimp
author: DulceMontemayor
ms.localizationpriority: medium
manager: dansimp
audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: M365-security-compliance
ms.topic: conceptual
---
@@ -132,7 +132,7 @@ Microsoft Defender ATP's new managed threat hunting service provides proactive h
Integrate Microsoft Defender Advanced Threat Protection into your existing workflows.
- [Onboarding](microsoft-defender-atp/onboard-configure.md)
- [API and SIEM integration](microsoft-defender-atp/configure-siem.md)
-- [Exposed APIs](microsoft-defender-atp/use-apis.md)
+- [Exposed APIs](microsoft-defender-atp/apis-intro.md)
- [Role-based access control (RBAC)](microsoft-defender-atp/rbac.md)
- [Reporting and trends](microsoft-defender-atp/powerbi-reports.md)
diff --git a/windows/security/threat-protection/intelligence/coordinated-malware-eradication.md b/windows/security/threat-protection/intelligence/coordinated-malware-eradication.md
index 31ef30f618..fef7da884b 100644
--- a/windows/security/threat-protection/intelligence/coordinated-malware-eradication.md
+++ b/windows/security/threat-protection/intelligence/coordinated-malware-eradication.md
@@ -36,4 +36,4 @@ Organizations participating in the CME effort work together to help eradicate se
Any organization that is involved in cybersecurity and antimalware or interested in fighting cybercrime can participate in CME campaigns by enrolling in the [Virus Information Alliance (VIA) program](virus-information-alliance-criteria.md). It ensures that everyone agrees to use the information and tools available for campaigns for their intended purpose (that is, the eradication of malware).
-If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/en-us/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/en-us/wdsi/alliances/collaboration-inquiry).
+If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/wdsi/alliances/collaboration-inquiry).
diff --git a/windows/security/threat-protection/intelligence/developer-resources.md b/windows/security/threat-protection/intelligence/developer-resources.md
index a7e660c5da..35aec2bd9c 100644
--- a/windows/security/threat-protection/intelligence/developer-resources.md
+++ b/windows/security/threat-protection/intelligence/developer-resources.md
@@ -24,9 +24,9 @@ If you believe that your application or program has been incorrectly detected by
Check out the following resources for information on how to submit and view submissions:
-- [Submit files](https://www.microsoft.com/en-us/wdsi/filesubmission)
+- [Submit files](https://www.microsoft.com/wdsi/filesubmission)
-- [View your submissions](https://www.microsoft.com/en-us/wdsi/submissionhistory)
+- [View your submissions](https://www.microsoft.com/wdsi/submissionhistory)
## Additional resources
diff --git a/windows/security/threat-protection/intelligence/fileless-threats.md b/windows/security/threat-protection/intelligence/fileless-threats.md
index 62bcff1173..bc3ecd48d1 100644
--- a/windows/security/threat-protection/intelligence/fileless-threats.md
+++ b/windows/security/threat-protection/intelligence/fileless-threats.md
@@ -96,6 +96,6 @@ Having described the broad categories, we can now dig into the details and provi
## Defeating fileless malware
-At Microsoft, we actively monitor the security landscape to identify new threat trends and develop solutions that continuously enhance Windows security and mitigate classes of threats. We instrument durable protections that are effective against a wide range of threats. Through AntiMalware Scan Interface (AMSI), behavior monitoring, memory scanning, and boot sector protection, Microsoft Defender Advanced Threat Protection [(Microsoft Defender ATP)](https://www.microsoft.com/en-us/windowsforbusiness?ocid=docs-fileless) can inspect fileless threats even with heavy obfuscation. Machine learning technologies in the cloud allow us to scale these protections against new and emerging threats.
+At Microsoft, we actively monitor the security landscape to identify new threat trends and develop solutions that continuously enhance Windows security and mitigate classes of threats. We instrument durable protections that are effective against a wide range of threats. Through AntiMalware Scan Interface (AMSI), behavior monitoring, memory scanning, and boot sector protection, Microsoft Defender Advanced Threat Protection [(Microsoft Defender ATP)](https://www.microsoft.com/windowsforbusiness?ocid=docs-fileless) can inspect fileless threats even with heavy obfuscation. Machine learning technologies in the cloud allow us to scale these protections against new and emerging threats.
To learn more, read: [Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV](https://cloudblogs.microsoft.com/microsoftsecure/2018/09/27/out-of-sight-but-not-invisible-defeating-fileless-malware-with-behavior-monitoring-amsi-and-next-gen-av/)
diff --git a/windows/security/threat-protection/intelligence/images/MITRE-Microsoft-Defender-ATP.png b/windows/security/threat-protection/intelligence/images/MITRE-Microsoft-Defender-ATP.png
new file mode 100644
index 0000000000..446ad19d77
Binary files /dev/null and b/windows/security/threat-protection/intelligence/images/MITRE-Microsoft-Defender-ATP.png differ
diff --git a/windows/security/threat-protection/intelligence/images/Transparency-report-August-2.png b/windows/security/threat-protection/intelligence/images/Transparency-report-August-2.png
new file mode 100644
index 0000000000..9769fd54cb
Binary files /dev/null and b/windows/security/threat-protection/intelligence/images/Transparency-report-August-2.png differ
diff --git a/windows/security/threat-protection/intelligence/images/prevalent-malware-small.png b/windows/security/threat-protection/intelligence/images/prevalent-malware-small.png
deleted file mode 100644
index 15a95c2276..0000000000
Binary files a/windows/security/threat-protection/intelligence/images/prevalent-malware-small.png and /dev/null differ
diff --git a/windows/security/threat-protection/intelligence/images/real-world-small.png b/windows/security/threat-protection/intelligence/images/real-world-small.png
deleted file mode 100644
index 89bf7a1819..0000000000
Binary files a/windows/security/threat-protection/intelligence/images/real-world-small.png and /dev/null differ
diff --git a/windows/security/threat-protection/intelligence/images/transparency-report-3.png b/windows/security/threat-protection/intelligence/images/transparency-report-3.png
deleted file mode 100644
index 413454d293..0000000000
Binary files a/windows/security/threat-protection/intelligence/images/transparency-report-3.png and /dev/null differ
diff --git a/windows/security/threat-protection/intelligence/macro-malware.md b/windows/security/threat-protection/intelligence/macro-malware.md
index d4c3119d19..ec97b244a7 100644
--- a/windows/security/threat-protection/intelligence/macro-malware.md
+++ b/windows/security/threat-protection/intelligence/macro-malware.md
@@ -31,7 +31,7 @@ We've seen macro malware download threats from the following families:
* [Ransom:Win32/Teerac](Ransom:Win32/Teerac)
* [TrojanDownloader:Win32/Chanitor](https://www.microsoft.com/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:Win32/Chanitor.A)
* [TrojanSpy:Win32/Ursnif](https://www.microsoft.com/wdsi/threats/malware-encyclopedia-description?Name=TrojanSpy:Win32/Ursnif)
-* [Win32/Fynloski](https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Win32/Fynloski)
+* [Win32/Fynloski](https://www.microsoft.com/wdsi/threats/malware-encyclopedia-description?Name=Win32/Fynloski)
* [Worm:Win32/Gamarue](https://www.microsoft.com/wdsi/threats/malware-encyclopedia-description?Name=Win32/Gamarue)
## How to protect against macro malware
diff --git a/windows/security/threat-protection/intelligence/prevent-malware-infection.md b/windows/security/threat-protection/intelligence/prevent-malware-infection.md
index 59d35b2c35..63ef1862ba 100644
--- a/windows/security/threat-protection/intelligence/prevent-malware-infection.md
+++ b/windows/security/threat-protection/intelligence/prevent-malware-infection.md
@@ -53,7 +53,7 @@ Using pirated content is not only illegal, it can also expose your device to mal
Users do not openly discuss visits to these sites, so any untoward experience are more likely to stay unreported.
-To stay safe, download movies, music, and apps from official publisher websites or stores. Consider running a streamlined OS such as [Windows 10 Pro SKU S Mode](https://www.microsoft.com/en-us/windows/s-mode?ocid=cx-wdsi-articles), which ensures that only vetted apps from the Windows Store are installed.
+To stay safe, download movies, music, and apps from official publisher websites or stores. Consider running a streamlined OS such as [Windows 10 Pro SKU S Mode](https://www.microsoft.com/windows/s-mode?ocid=cx-wdsi-articles), which ensures that only vetted apps from the Windows Store are installed.
## Don't attach unfamiliar removable drives
diff --git a/windows/security/threat-protection/intelligence/ransomware-malware.md b/windows/security/threat-protection/intelligence/ransomware-malware.md
index 5ebb6aa87a..b91211e7da 100644
--- a/windows/security/threat-protection/intelligence/ransomware-malware.md
+++ b/windows/security/threat-protection/intelligence/ransomware-malware.md
@@ -61,6 +61,6 @@ We recommend:
* Educate your employees so they can identify social engineering and spear-phishing attacks.
-* [Controlled folder access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard). It can stop ransomware from encrypting files and holding the files for ransom.
+* [Controlled folder access](../microsoft-defender-atp/controlled-folders.md). It can stop ransomware from encrypting files and holding the files for ransom.
For more general tips, see [prevent malware infection](prevent-malware-infection.md).
diff --git a/windows/security/threat-protection/intelligence/rootkits-malware.md b/windows/security/threat-protection/intelligence/rootkits-malware.md
index 3dc3456226..ffe4254e2b 100644
--- a/windows/security/threat-protection/intelligence/rootkits-malware.md
+++ b/windows/security/threat-protection/intelligence/rootkits-malware.md
@@ -31,7 +31,7 @@ Many modern malware families use rootkits to try and avoid detection and removal
* [Cutwail](https://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Win32%2fCutwail)
-* [Datrahere](https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win64/Detrahere) (Zacinlo)
+* [Datrahere](https://www.microsoft.com/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win64/Detrahere) (Zacinlo)
* [Rustock](https://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Win32%2fRustock)
diff --git a/windows/security/threat-protection/intelligence/safety-scanner-download.md b/windows/security/threat-protection/intelligence/safety-scanner-download.md
index d3bd25dce2..f00d63e08f 100644
--- a/windows/security/threat-protection/intelligence/safety-scanner-download.md
+++ b/windows/security/threat-protection/intelligence/safety-scanner-download.md
@@ -24,12 +24,12 @@ Microsoft Safety Scanner is a scan tool designed to find and remove malware from
- [Download Microsoft Safety Scanner (64-bit)](https://go.microsoft.com/fwlink/?LinkId=212732)
> [!NOTE]
-> The security intelligence update version of the Microsoft Safety Scanner matches the version described [in this web page](https://www.microsoft.com/en-us/wdsi/definitions).
+> The security intelligence update version of the Microsoft Safety Scanner matches the version described [in this web page](https://www.microsoft.com/wdsi/definitions).
Safety Scanner only scans when manually triggered and is available for use 10 days after being downloaded. We recommend that you always download the latest version of this tool before each scan.
> [!NOTE]
-> This tool does not replace your antimalware product. For real-time protection with automatic updates, use [Windows Defender Antivirus on Windows 10 and Windows 8](https://www.microsoft.com/windows/comprehensive-security) or [Microsoft Security Essentials on Windows 7](https://support.microsoft.com/help/14210/security-essentials-download). These antimalware products also provide powerful malware removal capabilities. If you are having difficulties removing malware with these products, you can refer to our help on [removing difficult threats](https://www.microsoft.com/en-us/wdsi/help/troubleshooting-infection).
+> This tool does not replace your antimalware product. For real-time protection with automatic updates, use [Windows Defender Antivirus on Windows 10 and Windows 8](https://www.microsoft.com/windows/comprehensive-security) or [Microsoft Security Essentials on Windows 7](https://support.microsoft.com/help/14210/security-essentials-download). These antimalware products also provide powerful malware removal capabilities. If you are having difficulties removing malware with these products, you can refer to our help on [removing difficult threats](https://www.microsoft.com/wdsi/help/troubleshooting-infection).
> [!NOTE]
> Safety scanner is a portable executable and does not appear in the Windows Start menu or as an icon on the desktop. Note where you saved this download.
diff --git a/windows/security/threat-protection/intelligence/submission-guide.md b/windows/security/threat-protection/intelligence/submission-guide.md
index 545a2d7f62..05e5ab7db4 100644
--- a/windows/security/threat-protection/intelligence/submission-guide.md
+++ b/windows/security/threat-protection/intelligence/submission-guide.md
@@ -52,7 +52,7 @@ We encourage all software vendors and developers to read about [how Microsoft id
## How do I track or view past sample submissions?
-You can track your submissions through the [submission history page](https://www.microsoft.com/en-us/wdsi/submissionhistory). Your submission will only appear on this page if you were signed in when you submitted it.
+You can track your submissions through the [submission history page](https://www.microsoft.com/wdsi/submissionhistory). Your submission will only appear on this page if you were signed in when you submitted it.
If you’re not signed in when you submit a sample, you will be redirected to a tracking page. Bookmark this page if you want to come back and check on the status of your submission.
@@ -66,7 +66,7 @@ Each submission is shown to be in one of the following status types:
* Closed—a final determination has been given by an analyst
-If you are signed in, you can see the status of any files you submit to us on the [submission history page](https://www.microsoft.com/en-us/wdsi/submissionhistory).
+If you are signed in, you can see the status of any files you submit to us on the [submission history page](https://www.microsoft.com/wdsi/submissionhistory).
## How does Microsoft prioritize submissions
diff --git a/windows/security/threat-protection/intelligence/top-scoring-industry-antivirus-tests.md b/windows/security/threat-protection/intelligence/top-scoring-industry-antivirus-tests.md
index aba371a6c3..792be1c6c8 100644
--- a/windows/security/threat-protection/intelligence/top-scoring-industry-antivirus-tests.md
+++ b/windows/security/threat-protection/intelligence/top-scoring-industry-antivirus-tests.md
@@ -18,16 +18,17 @@ search.appverid: met150
# Top scoring in industry tests
-Microsoft Defender Advanced Threat Protection ([Microsoft Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=cx-docs-avreports)) technologies consistently achieve high scores in independent tests, demonstrating the strength of its enterprise threat protection capabilities. Microsoft aims to be transparent about these test scores. This page summarizes the results and provides analysis.
+Microsoft Defender Advanced Threat Protection ([Microsoft Defender ATP](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=cx-docs-avreports)) technologies consistently achieve high scores in independent tests, demonstrating the strength of its enterprise threat protection capabilities. Microsoft aims to be transparent about these test scores. This page summarizes the results and provides analysis.
## Next generation protection
[Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10?ocid=cx-docs-avreports) consistently performs highly in independent tests, displaying how it is a top choice in the antivirus market. Note that these tests only provide results for antivirus and do not test for additional security protections.
-Windows Defender Antivirus is part of the [next generation](https://www.youtube.com/watch?v=Xy3MOxkX_o4) Microsoft Defender ATP security stack which addresses the latest and most sophisticated threats today. In some cases, customers might not even know they were protected because a cyberattack is stopped [milliseconds after a campaign starts](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign?ocid=cx-docs-avreports). That's because Windows Defender Antivirus detects and stops malware at first sight by using [machine learning](https://cloudblogs.microsoft.com/microsoftsecure/2018/06/07/machine-learning-vs-social-engineering?ocid=cx-docs-avreports), [artificial intelligence](https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak?ocid=cx-docs-avreports), behavioral analysis, and other advanced technologies.
+Windows Defender Antivirus is the [next generation protection](https://www.youtube.com/watch?v=Xy3MOxkX_o4) capability in the Microsoft Defender ATP security stack which addresses the latest and most sophisticated threats today. In some cases, customers might not even know they were protected because a cyberattack is stopped [milliseconds after a campaign starts](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign?ocid=cx-docs-avreports). That's because Windows Defender Antivirus detects and stops malware at first sight by using [machine learning](https://cloudblogs.microsoft.com/microsoftsecure/2018/06/07/machine-learning-vs-social-engineering?ocid=cx-docs-avreports), [artificial intelligence](https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak?ocid=cx-docs-avreports), behavioral analysis, and other advanced technologies.
+
- **Download the latest transparency report: [Examining industry test results, August 2019](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE3Esbl)**
+**Download the latest transparency report: [Examining industry test results, August 2019](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE3Esbl)**
### AV-TEST: Protection score of 6.0/6.0 in the latest test
@@ -47,10 +48,6 @@ The AV-TEST Product Review and Certification Report tests on three categories: p
- July - August 2018 AV-TEST Business User test: [Protection score 6.0/6.0](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/august-2018/microsoft-windows-defender-antivirus-4.12--4.18-183212/) | [Analysis](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2IL3Y)
-|||
-|---|---|
-|||
-
### AV-Comparatives: Protection rating of 99.9% in the latest test
Business Security Test consists of three main parts: the Real-World Protection Test which mimics online malware attacks, the Malware Protection Test where the malware enters the system from outside the internet (e.g. USB), and the Performance Test which looks at the impact on the system’s performance.
@@ -63,9 +60,7 @@ Business Security Test consists of three main parts: the Real-World Protection T
- Business Security Test 2018 (March - June): [Real-World Protection Rate 98.7%](https://www.av-comparatives.org/tests/business-security-test-2018-march-june/)
-
-
-### SE Labs: Total accuracy rating of AAA in the latest test
+### SE Labs: AAA award in the latest test
SE Labs tests a range of solutions used by products and services to detect and/or protect against attacks, including endpoint software, network appliances, and cloud services.
@@ -83,6 +78,10 @@ SE Labs tests a range of solutions used by products and services to detect and/o
Microsoft Defender ATP [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) capabilities provide advanced attack detections that are near real-time and actionable. Security analysts can prioritize alerts effectively, gain visibility into the full scope of a breach, and take response actions to remediate threats.
+
+
+**Read our analysis: [MITRE evaluation highlights industry-leading EDR capabilities in Windows Defender ATP](https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/MITRE-evaluation-highlights-industry-leading-EDR-capabilities-in/ba-p/369831)**
+
### MITRE: Industry-leading optics and detection capabilities
MITRE tested the ability of products to detect techniques commonly used by the targeted attack group APT3 (also known as Boron or UPS). To isolate detection capabilities, all protection and prevention features were turned off. Microsoft is happy to be one of the first EDR vendors to sign up for the MITRE evaluation based on the ATT&CK framework, widely regarded today as the most comprehensive catalog of attacker techniques and tactics.
@@ -95,6 +94,6 @@ MITRE tested the ability of products to detect techniques commonly used by the t
It is important to remember that Microsoft sees a wider and broader set of threats beyond what’s tested in the evaluations highlighted above. For example, in an average month, we identify over 100 million new threats. Even if an independent tester can acquire and test 1% of those threats, that is a million tests across 20 or 30 products. In other words, the vastness of the malware landscape makes it extremely difficult to evaluate the quality of protection against real world threats.
-The capabilities within [Microsoft Defender ATP](https://www.microsoft.com/en-us/windowsforbusiness?ocid=cx-docs-avreports) provide [additional layers of protection](https://cloudblogs.microsoft.com/microsoftsecure/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses?ocid=cx-docs-avreports) that are not factored into industry antivirus tests, and address some of the latest and most sophisticated threats. Isolating AV from the rest of Microsoft Defender ATP creates a partial picture of how our security stack operates in the real world. For example, attack surface reduction and endpoint detection & response capabilities can help prevent malware from getting onto devices in the first place. We have proven that [Microsoft Defender ATP components catch samples](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA?ocid=cx-docs-avreports) that Windows Defender Antivirus missed in these industry tests, which is more representative of how effectively our security suite protects customers in the real world.
+The capabilities within [Microsoft Defender ATP](https://www.microsoft.com/windowsforbusiness?ocid=cx-docs-avreports) provide [additional layers of protection](https://cloudblogs.microsoft.com/microsoftsecure/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses?ocid=cx-docs-avreports) that are not factored into industry antivirus tests, and address some of the latest and most sophisticated threats. Isolating AV from the rest of Microsoft Defender ATP creates a partial picture of how our security stack operates in the real world. For example, attack surface reduction and endpoint detection & response capabilities can help prevent malware from getting onto devices in the first place. We have proven that [Microsoft Defender ATP components catch samples](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA?ocid=cx-docs-avreports) that Windows Defender Antivirus missed in these industry tests, which is more representative of how effectively our security suite protects customers in the real world.
-Using independent tests, customers can view one aspect of their security suite but can't assess the complete protection of all the security features. Microsoft is highly engaged in working with several independent testers to evolve security testing to focus on the end-to-end security stack. In the meantime, customers can evaluate Microsoft Defender Advanced Threat Protection in their own networks by signing up for a [90-day trial of Microsoft Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=cx-docs-avreports), or [enabling Preview features on existing tenants](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection?ocid=cx-docs-avreports).
+Using independent tests, customers can view one aspect of their security suite but can't assess the complete protection of all the security features. Microsoft is highly engaged in working with several independent testers to evolve security testing to focus on the end-to-end security stack. In the meantime, customers can evaluate Microsoft Defender Advanced Threat Protection in their own networks by signing up for a [90-day trial of Microsoft Defender ATP](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=cx-docs-avreports), or [enabling Preview features on existing tenants](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection?ocid=cx-docs-avreports).
diff --git a/windows/security/threat-protection/intelligence/understanding-malware.md b/windows/security/threat-protection/intelligence/understanding-malware.md
index 220e69b806..c28ab7c0e4 100644
--- a/windows/security/threat-protection/intelligence/understanding-malware.md
+++ b/windows/security/threat-protection/intelligence/understanding-malware.md
@@ -21,7 +21,7 @@ Malware is a term used to describe malicious applications and code that can caus
Cybercriminals that distribute malware are often motivated by money and will use infected computers to launch attacks, obtain banking credentials, collect information that can be sold, sell access to computing resources, or extort payment from victims.
-As criminals become more sophisticated with their attacks, Microsoft is here to help. Windows 10 is the most secure version of Windows yet and includes many features to help protect you whether you're at home, at work, or on the go. With Microsoft Defender Advanced Threat Protection ([Microsoft Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp)), businesses can stay protected with next-generation protection and other security capabilities.
+As criminals become more sophisticated with their attacks, Microsoft is here to help. Windows 10 is the most secure version of Windows yet and includes many features to help protect you whether you're at home, at work, or on the go. With Microsoft Defender Advanced Threat Protection ([Microsoft Defender ATP](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp)), businesses can stay protected with next-generation protection and other security capabilities.
For good general tips, check out the [prevent malware infection](prevent-malware-infection.md) topic.
diff --git a/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md b/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md
index 82c6baab29..cfda4379ca 100644
--- a/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md
+++ b/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md
@@ -50,4 +50,4 @@ To be eligible for VIA your organization must:
3. Be willing to sign and adhere to the VIA membership agreement.
-If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/en-us/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/en-us/wdsi/alliances/collaboration-inquiry).
+If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/wdsi/alliances/collaboration-inquiry).
diff --git a/windows/security/threat-protection/intelligence/virus-initiative-criteria.md b/windows/security/threat-protection/intelligence/virus-initiative-criteria.md
index 38ad06123a..adfe6b2035 100644
--- a/windows/security/threat-protection/intelligence/virus-initiative-criteria.md
+++ b/windows/security/threat-protection/intelligence/virus-initiative-criteria.md
@@ -54,4 +54,4 @@ Your organization must meet the following eligibility requirements to qualify fo
### Apply now
-If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/en-us/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/en-us/wdsi/alliances/collaboration-inquiry).
+If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/wdsi/alliances/collaboration-inquiry).
diff --git a/windows/security/threat-protection/intelligence/worms-malware.md b/windows/security/threat-protection/intelligence/worms-malware.md
index 6c51864314..6b392dcc81 100644
--- a/windows/security/threat-protection/intelligence/worms-malware.md
+++ b/windows/security/threat-protection/intelligence/worms-malware.md
@@ -34,7 +34,7 @@ Jenxcus (also known as Dunihi), Gamarue (also known as Androm), and Bondat have
Both Bondat and Gamarue have clever ways of obscuring themselves to evade detection. By hiding what they are doing, they try to avoid detection by security software.
-* [**WannaCrypt**](https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Ransom:Win32/WannaCrypt) also deserves a mention here. Unlike older worms that often spread just because they could, modern worms often spread to drop a payload (e.g. ransomware).
+* [**WannaCrypt**](https://www.microsoft.com/wdsi/threats/malware-encyclopedia-description?Name=Ransom:Win32/WannaCrypt) also deserves a mention here. Unlike older worms that often spread just because they could, modern worms often spread to drop a payload (e.g. ransomware).
This image shows how a worm can quickly spread through a shared USB drive.
diff --git a/windows/security/threat-protection/mbsa-removal-and-guidance.md b/windows/security/threat-protection/mbsa-removal-and-guidance.md
index b2d4621b58..d1b7cfa967 100644
--- a/windows/security/threat-protection/mbsa-removal-and-guidance.md
+++ b/windows/security/threat-protection/mbsa-removal-and-guidance.md
@@ -5,7 +5,7 @@ keywords: MBSA, security, removal
ms.prod: w10
ms.mktglfcycl: deploy
ms.localizationpriority: medium
-ms.author: dolmont
+ms.author: dansimp
author: dulcemontemayor
ms.date: 10/05/2018
ms.reviewer:
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md
index 38d679e8fa..85ea675b5d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md
@@ -22,7 +22,7 @@ ms.topic: article
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedfeats-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedfeats-abovefoldlink)
Depending on the Microsoft security products that you use, some advanced features might be available for you to integrate Microsoft Defender ATP with.
@@ -53,7 +53,7 @@ For tenants created on or after Windows 10, version 1809 the automated investiga
> - The result of the auto-resolve action may influence the Machine risk level calculation which is based on the active alerts found on a machine.
>- If a security operations analyst manually sets the status of an alert to "In progress" or "Resolved" the auto-resolve capability will not overwrite it.
-## Block file
+## Allow or block file
Blocking is only available if your organization uses Windows Defender Antivirus as the active antimalware solution, and if the cloud-based protection feature is enabled.
@@ -71,6 +71,19 @@ To turn **Allow or block** files on:
Once you have enabled this feature, you can [block files](respond-file-alerts.md#allow-or-block-file) via the **Add Indicator** tab on a file's profile page.
+
+## Custom network indicators
+
+Enabling this feature allows you to create indicators for IP addresses, domains, or URLs which determine whether they will be allowed or blocked based on your custom indicator list.
+
+To use this feature, machines must be running Windows 10 version 1709 or later. They should also have network protection in block mode and version 4.18.1906.3 or later of the antimalware platform [see KB 4052623](https://go.microsoft.com/fwlink/?linkid=2099834).
+
+For more information, see [Manage indicators](manage-indicators.md).
+
+>[!NOTE]
+>Network protection leverages reputation services that process requests in locations that might be outside of the location you have selected for your Microsoft Defender ATP data.
+
+
## Show user details
When you enable this feature, you'll be able to see user details stored in Azure Active Directory including a user's picture, name, title, and department information when investigating user account entities. You can find user account information in the following views:
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-alertevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-alertevents-table.md
index 9544001b7c..e8fd745ba1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-alertevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-alertevents-table.md
@@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The AlertEvents table in the Advanced hunting schema contains information about alerts on Microsoft Defender Security Center. Use this reference to construct queries that return information from the table.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md
index fbe2aa1d4c..75465b34a5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md
@@ -24,7 +24,7 @@ ms.date: 04/24/2018
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-bestpractices-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-bestpractices-abovefoldlink)
## Performance best practices
The following best practices serve as a guideline of query performance best practices and for you to get faster results and be able to run complex queries.
@@ -93,4 +93,4 @@ ProcessCreationEvents
| where CanonicalCommandLine contains "stop" and CanonicalCommandLine contains "MpsSvc"
```
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-bestpractices-belowfoldlink)
\ No newline at end of file
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-bestpractices-belowfoldlink)
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-filecreationevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-filecreationevents-table.md
index 9180ed1db4..2b414ee047 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-filecreationevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-filecreationevents-table.md
@@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The FileCreationEvents table in the Advanced hunting schema contains information about file creation, modification, and other file system events. Use this reference to construct queries that return information from the table.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-imageloadevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-imageloadevents-table.md
index d7e0521472..160e833850 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-imageloadevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-imageloadevents-table.md
@@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The ImageLoadEvents table in the Advanced hunting schema contains information about DLL loading events. Use this reference to construct queries that return information from the table.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-logonevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-logonevents-table.md
index 1e8a0cfcc7..c5279cdd3d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-logonevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-logonevents-table.md
@@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The LogonEvents table in the Advanced hunting schema contains information about user logons and other authentication events. Use this reference to construct queries that return information from the table.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-machineinfo-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-machineinfo-table.md
index fa58a67cdd..abe7b49af5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-machineinfo-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-machineinfo-table.md
@@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The MachineInfo table in the Advanced hunting schema contains information about machines in the organization, including OS version, active users, and computer name. Use this reference to construct queries that return information from the table.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-machinenetworkinfo-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-machinenetworkinfo-table.md
index 3ec3dfd8f2..717019c475 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-machinenetworkinfo-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-machinenetworkinfo-table.md
@@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The MachineNetworkInfo table in the Advanced hunting schema contains information about networking configuration of machines, including network adapters, IP and MAC addresses, and connected networks or domains. Use this reference to construct queries that return information from the table.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-miscevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-miscevents-table.md
index 01c38628be..deeef6fd8a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-miscevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-miscevents-table.md
@@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The MiscEvents table in the Advanced hunting schema contains information about multiple event types, including events triggered by security controls, such as Windows Defender Antivirus and exploit protection. Use this reference to construct queries that return information from the table.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-networkcommunicationevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-networkcommunicationevents-table.md
index fb18d453d7..9427ce74c8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-networkcommunicationevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-networkcommunicationevents-table.md
@@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The NetworkCommunicationEvents table in the Advanced hunting schema contains information about network connections and related events. Use this reference to construct queries that return information from the table.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-processcreationevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-processcreationevents-table.md
index d6ef50a878..43a0651a0f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-processcreationevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-processcreationevents-table.md
@@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The ProcessCreationEvents table in the Advanced hunting schema contains information about process creation and related events. Use this reference to construct queries that return information from the table.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-reference.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-reference.md
index 40810a2f12..140286d974 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-reference.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-reference.md
@@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
## Advanced hunting table reference
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-registryevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-registryevents-table.md
index 75b7b12ee6..3099373d13 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-registryevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-registryevents-table.md
@@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The RegistryEvents table in the Advanced hunting schema contains information about the creation and modification of registry entries. Use this reference to construct queries that return information from the table.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting.md
index 4ca2aebb87..9ce09a700b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting.md
@@ -20,7 +20,7 @@ ms.date: 08/15/2018
# Query data using Advanced hunting in Microsoft Defender ATP
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink)
To get you started in querying your data, you can use the Basic or Advanced query examples, which have some preloaded queries to help you understand the basic query syntax.
@@ -146,7 +146,7 @@ The filter selections will resolve as an additional query term and the results w
Check out the [Advanced hunting repository](https://github.com/Microsoft/WindowsDefenderATP-Hunting-Queries). Contribute and use example queries shared by our customers.
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhunting-belowfoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-belowfoldlink)
## Related topic
- [Advanced hunting reference](advanced-hunting-reference.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/alerts-queue.md b/windows/security/threat-protection/microsoft-defender-atp/alerts-queue.md
index 652e76f78d..9d9bea3f59 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/alerts-queue.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/alerts-queue.md
@@ -23,7 +23,7 @@ ms.date: 04/24/2018
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-alertsq-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-alertsq-abovefoldlink)
The **Alerts queue** shows a list of alerts that were flagged from machines in your network. By default, the queue displays alerts seen in the last 30 days in a grouped view, with the most recent alerts showing at the top of the list, helping you see the most recent alerts first.
@@ -84,9 +84,10 @@ The table below lists the current categories and how they generally map to previ
| Persistence | Installation, Persistence | Creating autostart extensibility points (ASEPs) to remain active and survive system restarts |
| Privilege escalation | PrivilegeEscalation | Obtaining higher permission levels for code by running it in the context of a privileged process or account |
| Ransomware | Ransomware | Malware that encrypts files and extorts payment to restore access |
-| Suspicious activity | General, None, NotApplicable, EnterprisePolicy, SuspiciousNetworkTraffic | Atypicaly activity that could be malware activity or part of an attack |
+| Suspicious activity | General, None, NotApplicable, EnterprisePolicy, SuspiciousNetworkTraffic | Atypical activity that could be malware activity or part of an attack |
| Unwanted software | UnwantedSoftware | Low-reputation apps and apps that impact productivity and the user experience; detected as potentially unwanted applications (PUAs) |
+
### Status
You can choose to limit the list of alerts based on their status.
@@ -115,6 +116,11 @@ If you have specific machine groups that you're interested in checking the alert
### Associated threat
Use this filter to focus on alerts that are related to high profile threats. You can see the full list of high-profile threats in [Threat analytics](threat-analytics.md).
+
+
+
+
+
## Related topics
- [Manage Microsoft Defender Advanced Threat Protection alerts](manage-alerts.md)
- [Investigate Microsoft Defender Advanced Threat Protection alerts](investigate-alerts.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-explorer.md b/windows/security/threat-protection/microsoft-defender-atp/api-explorer.md
new file mode 100644
index 0000000000..010fb7a43b
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-explorer.md
@@ -0,0 +1,61 @@
+---
+title: API Explorer in Microsoft Defender ATP
+ms.reviewer:
+description: Use the API Explorer to construct and perform API queries, test and send requests for any available API
+keywords: api, explorer, send, request, get, post,
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: macapara
+author: mjcaparas
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance
+ms.topic: conceptual
+---
+
+# API Explorer
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](prerelease.md)]
+
+The Microsoft Defender ATP API Explorer is a tool that helps you explore various Microsoft Defender ATP APIs interactively.
+
+The API Explorer makes it easy to construct and perform API queries, test and send requests for any available Microsoft Defender ATP API endpoint. You can also use the API Explorer to perform actions or find data that might not yet be available through the user interface.
+
+The tool is useful during app development because it allows you to perform API queries that respect your user access settings, reducing the need to generate access tokens.
+
+You can also use the tool to explore the gallery of sample queries, copy result code samples, and generate debug information.
+
+With the API Explorer, you can:
+
+- Run requests for any method and see responses in real-time
+- Quickly browse through the API samples and learn what parameters they support
+- Make API calls with ease; no need to authenticate beyond the management portal sign-in
+
+## Access API Explorer
+From the left navigation menu, select **Partners & APIs** > **API Explorer**.
+
+## Supported APIs
+API Explorer supports all the APIs offered by Microsoft Defender ATP.
+
+The list of supported APIs is available in the [APIs documentation](apis-intro.md).
+
+## Get started with the API Explorer
+1. In the left pane, there is a list of sample requests that you can use.
+2. Follow the links and click **Run query**.
+
+Some of the samples may require specifying a parameter in the URL, for example, {machine- id}.
+
+## FAQ
+**Do I need to have an API token to use the API Explorer?**
+Credentials to access an API are not needed since the API Explorer uses the Microsoft Defender ATP management portal token whenever it makes a request.
+
+The logged-in user authentication credential is used to verify that the API Explorer is authorized to access data on your behalf.
+
+Specific API requests are limited based on your RBAC privileges; for example, a request to "Submit indicator" is limited to the security admin role.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md b/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md
index b4aec2ce09..82dfc632fd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md
@@ -21,7 +21,7 @@ ms.topic: article
**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
+- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
## Get Alerts using a simple PowerShell script
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md b/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md
index 4af26a7805..03274e47b8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md
@@ -21,7 +21,7 @@ ms.topic: article
**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
+- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
Automating security procedures is a standard requirement for every modern Security Operations Center. The lack of professional Cyber defenders, forces SOC to work in the most efficient way and automation is a must. MS flow supports different connectors that were built exactly for that. You can build an end-to-end procedure automation within few minutes.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md b/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md
index 9706e81443..3b57273926 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md
@@ -1,7 +1,7 @@
---
-title: Microsoft Defender ATP alert API fields
-description: Understand how the alert API fields map to the values in Microsoft Defender Security Center
-keywords: alerts, alert fields, fields, api, fields, pull alerts, rest api, request, response
+title: Microsoft Defender ATP detections API fields
+description: Understand how the Detections API fields map to the values in Microsoft Defender Security Center
+keywords: detections, detections fields, fields, api, fields, pull Detections, rest api, request, response
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
@@ -15,21 +15,24 @@ manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 10/16/2017
---
-# Microsoft Defender ATP SIEM alert API fields
+# Microsoft Defender ATP detections API fields
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-apiportalmapping-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-apiportalmapping-abovefoldlink)
-Understand what data fields are exposed as part of the alerts API and how they map to Microsoft Defender Security Center.
+Understand what data fields are exposed as part of the detections API and how they map to Microsoft Defender Security Center.
-## Alert API fields and portal mapping
-The following table lists the available fields exposed in the alerts API payload. It shows examples for the populated values and a reference on how data is reflected on the portal.
+>[!Note]
+>- [Microsoft Defender ATP Alert](alerts.md) is composed from one or more detections
+>- **Microsoft Defender ATP Detection** is composed from the suspicious event occurred on the Machine and its related **Alert** details.
+
+## Detections API fields and portal mapping
+The following table lists the available fields exposed in the detections API payload. It shows examples for the populated values and a reference on how data is reflected on the portal.
The ArcSight field column contains the default mapping between the Microsoft Defender ATP fields and the built-in fields in ArcSight. You can download the mapping file from the portal when you enable the SIEM integration feature and you can modify it to match the needs of your organization. For more information, see [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md).
@@ -39,33 +42,33 @@ Field numbers match the numbers in the images below.
>
> | Portal label | SIEM field name | ArcSight field | Example value | Description |
> |------------------|---------------------------|---------------------|------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-> | 1 | AlertTitle | name | Windows Defender AV detected 'Mikatz' high-severity malware | Value available for every alert. |
-> | 2 | Severity | deviceSeverity | High | Value available for every alert. |
-> | 3 | Category | deviceEventCategory | Malware | Value available for every alert. |
-> | 4 | Detection source | sourceServiceName | Antivirus | Windows Defender Antivirus or Microsoft Defender ATP. Value available for every alert. |
-> | 5 | MachineName | sourceHostName | desktop-4a5ngd6 | Value available for every alert. |
-> | 6 | FileName | fileName | Robocopy.exe | Available for alerts associated with a file or process. |
-> | 7 | FilePath | filePath | C:\Windows\System32\Robocopy.exe | Available for alerts associated with a file or process. |
-> | 8 | UserDomain | sourceNtDomain | CONTOSO | The domain of the user context running the activity, available for Microsoft Defender ATP behavioral based alerts. |
-> | 9 | UserName | sourceUserName | liz.bean | The user context running the activity, available for Microsoft Defender ATP behavioral based alerts. |
-> | 10 | Sha1 | fileHash | 3da065e07b990034e9db7842167f70b63aa5329 | Available for alerts associated with a file or process. |
-> | 11 | Sha256 | deviceCustomString6 | ebf54f745dc81e1958f75e4ca91dd0ab989fc9787bb6b0bf993e2f5 | Available for Windows Defender AV alerts. |
-> | 12 | Md5 | deviceCustomString5 | db979c04a99b96d370988325bb5a8b21 | Available for Windows Defender AV alerts. |
-> | 13 | ThreatName | deviceCustomString1 | HackTool:Win32/Mikatz!dha | Available for Windows Defender AV alerts. |
-> | 14 | IpAddress | sourceAddress | 218.90.204.141 | Available for alerts associated to network events. For example, 'Communication to a malicious network destination'. |
-> | 15 | Url | requestUrl | down.esales360.cn | Available for alerts associated to network events. For example, 'Communication to a malicious network destination'. |
-> | 16 | RemediationIsSuccess | deviceCustomNumber2 | TRUE | Available for Windows Defender AV alerts. ArcSight value is 1 when TRUE and 0 when FALSE. |
-> | 17 | WasExecutingWhileDetected | deviceCustomNumber1 | FALSE | Available for Windows Defender AV alerts. ArcSight value is 1 when TRUE and 0 when FALSE. |
-> | 18 | AlertId | externalId | 636210704265059241_673569822 | Value available for every alert. |
-> | 19 | LinkToWDATP | flexString1 | `https://securitycenter.windows.com/alert/636210704265059241_673569822` | Value available for every alert. |
-> | 20 | AlertTime | deviceReceiptTime | 2017-05-07T01:56:59.3191352Z | The time the activity relevant to the alert occurred. Value available for every alert. |
-> | 21 | MachineDomain | sourceDnsDomain | contoso.com | Domain name not relevant for AAD joined machines. Value available for every alert. |
+> | 1 | AlertTitle | name | Windows Defender AV detected 'Mikatz' high-severity malware | Value available for every Detection. |
+> | 2 | Severity | deviceSeverity | High | Value available for every Detection. |
+> | 3 | Category | deviceEventCategory | Malware | Value available for every Detection. |
+> | 4 | Detection source | sourceServiceName | Antivirus | Windows Defender Antivirus or Microsoft Defender ATP. Value available for every Detection. |
+> | 5 | MachineName | sourceHostName | desktop-4a5ngd6 | Value available for every Detection. |
+> | 6 | FileName | fileName | Robocopy.exe | Available for detections associated with a file or process. |
+> | 7 | FilePath | filePath | C:\Windows\System32\Robocopy.exe | Available for detections associated with a file or process. |
+> | 8 | UserDomain | sourceNtDomain | CONTOSO | The domain of the user context running the activity, available for Microsoft Defender ATP behavioral based detections. |
+> | 9 | UserName | sourceUserName | liz.bean | The user context running the activity, available for Microsoft Defender ATP behavioral based detections. |
+> | 10 | Sha1 | fileHash | 3da065e07b990034e9db7842167f70b63aa5329 | Available for detections associated with a file or process. |
+> | 11 | Sha256 | deviceCustomString6 | ebf54f745dc81e1958f75e4ca91dd0ab989fc9787bb6b0bf993e2f5 | Available for Windows Defender AV detections. |
+> | 12 | Md5 | deviceCustomString5 | db979c04a99b96d370988325bb5a8b21 | Available for Windows Defender AV detections. |
+> | 13 | ThreatName | deviceCustomString1 | HackTool:Win32/Mikatz!dha | Available for Windows Defender AV detections. |
+> | 14 | IpAddress | sourceAddress | 218.90.204.141 | Available for detections associated to network events. For example, 'Communication to a malicious network destination'. |
+> | 15 | Url | requestUrl | down.esales360.cn | Available for detections associated to network events. For example, 'Communication to a malicious network destination'. |
+> | 16 | RemediationIsSuccess | deviceCustomNumber2 | TRUE | Available for Windows Defender AV detections. ArcSight value is 1 when TRUE and 0 when FALSE. |
+> | 17 | WasExecutingWhileDetected | deviceCustomNumber1 | FALSE | Available for Windows Defender AV detections. ArcSight value is 1 when TRUE and 0 when FALSE. |
+> | 18 | AlertId | externalId | 636210704265059241_673569822 | Value available for every Detection. |
+> | 19 | LinkToWDATP | flexString1 | `https://securitycenter.windows.com/alert/636210704265059241_673569822` | Value available for every Detection. |
+> | 20 | AlertTime | deviceReceiptTime | 2017-05-07T01:56:59.3191352Z | The time the event occurred. Value available for every Detection. |
+> | 21 | MachineDomain | sourceDnsDomain | contoso.com | Domain name not relevant for AAD joined machines. Value available for every Detection. |
> | 22 | Actor | deviceCustomString4 | BORON | Available for alerts related to a known actor group. |
-> | 21+5 | ComputerDnsName | No mapping | liz-bean.contoso.com | The machine fully qualified domain name. Value available for every alert. |
+> | 21+5 | ComputerDnsName | No mapping | liz-bean.contoso.com | The machine fully qualified domain name. Value available for every Detection. |
> | | LogOnUsers | sourceUserId | contoso\liz-bean; contoso\jay-hardee | The domain and user of the interactive logon user/s at the time of the event. Note: For machines on Windows 10 version 1607, the domain information will not be available. |
> | | InternalIPv4List | No mapping | 192.168.1.7, 10.1.14.1 | List of IPV4 internal IPs for active network interfaces. |
> | | InternalIPv6List | No mapping | fd30:0000:0000:0001:ff4e:003e:0009:000e, FE80:CD00:0000:0CDE:1257:0000:211E:729C | List of IPV6 internal IPs for active network interfaces. |
-> | Internal field | LastProcessedTimeUtc | No mapping | 2017-05-07T01:56:58.9936648Z | Time when event arrived at the backend. This field can be used when setting the request parameter for the range of time that alerts are retrieved. |
+> | Internal field | LastProcessedTimeUtc | No mapping | 2017-05-07T01:56:58.9936648Z | Time when event arrived at the backend. This field can be used when setting the request parameter for the range of time that detections are retrieved. |
> | | Not part of the schema | deviceVendor | | Static value in the ArcSight mapping - 'Microsoft'. |
> | | Not part of the schema | deviceProduct | | Static value in the ArcSight mapping - 'Microsoft Defender ATP'. |
> | | Not part of the schema | deviceVersion | | Static value in the ArcSight mapping - '2.0', used to identify the mapping versions.
@@ -88,7 +91,7 @@ Field numbers match the numbers in the images below.
## Related topics
- [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md)
-- [Configure Splunk to pull Microsoft Defender ATP alerts](configure-splunk.md)
-- [Configure ArcSight to pull Microsoft Defender ATP alerts](configure-arcsight.md)
-- [Pull Microsoft Defender ATP alerts using REST API](pull-alerts-using-rest-api.md)
+- [Configure Splunk to pull Microsoft Defender ATP detections](configure-splunk.md)
+- [Configure ArcSight to pull Microsoft Defender ATP detections](configure-arcsight.md)
+- [Pull Microsoft Defender ATP detections using REST API](pull-alerts-using-rest-api.md)
- [Troubleshoot SIEM tool integration issues](troubleshoot-siem.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-power-bi.md b/windows/security/threat-protection/microsoft-defender-atp/api-power-bi.md
index 4c582017dc..2eaa43daee 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-power-bi.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-power-bi.md
@@ -21,7 +21,7 @@ ms.topic: article
**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
+- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
In this section you will learn create a Power BI report on top of Microsoft Defender ATP APIs.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md b/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md
index 3fd9f905d0..425ad57ee8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md
@@ -22,7 +22,7 @@ ms.topic: conceptual
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
+> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
Microsoft Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will enable you to automate workflows and innovate based on Microsoft Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-code).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/assign-portal-access.md b/windows/security/threat-protection/microsoft-defender-atp/assign-portal-access.md
index f7afee3646..4329883752 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/assign-portal-access.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/assign-portal-access.md
@@ -25,7 +25,7 @@ ms.date: 11/28/2018
- Office 365
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
Microsoft Defender ATP supports two ways to manage permissions:
diff --git a/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md b/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md
index ad94b7494d..ce50cf47b1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md
@@ -24,7 +24,7 @@ ms.date: 11/20/2018
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-attacksimulations-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-attacksimulations-abovefoldlink)
>[!TIP]
>- Learn about the latest enhancements in Microsoft Defender ATP: [What's new in Microsoft Defender ATP](https://cloudblogs.microsoft.com/microsoftsecure/2018/11/15/whats-new-in-windows-defender-atp/).
@@ -58,7 +58,7 @@ Read the walkthrough document provided with each attack scenario. Each document
> Simulation files or scripts mimic attack activity but are actually benign and will not harm or compromise the test machine.
>
>
-> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-attacksimulations-belowfoldlink)
+> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-attacksimulations-belowfoldlink)
## Related topics
diff --git a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md
index 7e77ed48e3..00a8b85828 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md
@@ -19,7 +19,7 @@ ms.topic: conceptual
# Overview of Automated investigations
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automated-investigations-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-automated-investigations-abovefoldlink)
The Microsoft Defender ATP service has a wide breadth of visibility on multiple machines. With this kind of optics, the service generates a multitude of alerts. The volume of alerts generated can be challenging for a typical security operations team to individually address.
@@ -40,7 +40,7 @@ Entities are the starting point for Automated investigations. When an alert cont
>- Windows 10, version 1803 (OS Build 17134.704 with [KB4493464](https://support.microsoft.com/en-us/help/4493464/windows-10-update-kb4493464)) or later
>- Later versions of Windows 10
-The alerts start by analyzing the supported entities from the alert and also runs a generic machine playbook to see if there is anything else suspicious on that machine. The outcome and details from the investigation is seen in the Automated investigation view.
+The Automated investigation starts by analyzing the supported entities from the alert and also runs a generic machine playbook to see if there is anything else suspicious on that machine. The outcome and details from the investigation is seen in the Automated investigation view.
### Details of an Automated investigation
@@ -85,4 +85,4 @@ The default machine group is configured for semi-automatic remediation. This mea
When a pending action is approved, the entity is then remediated and this new state is reflected in the **Entities** tab of the investigation.
## Related topic
-- [Learn about the automated investigations dashboard](manage-auto-investigation.md)
\ No newline at end of file
+- [Learn about the automated investigations dashboard](manage-auto-investigation.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md b/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md
index 861f47388c..b735ec5aa0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md
@@ -23,7 +23,7 @@ ms.topic: article
- Azure Active Directory
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-basicaccess-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-basicaccess-abovefoldlink)
Refer to the instructions below to use basic permissions management.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md b/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md
index 8057947dc2..3666eb4a2a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md
@@ -23,7 +23,7 @@ ms.date: 04/24/2018
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-checksensor-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-checksensor-abovefoldlink)
The sensor health tile is found on the Security Operations dashboard. This tile provides information on the individual machine’s ability to provide sensor data and communicate with the Microsoft Defender ATP service. It reports how many machines require attention and helps you identify problematic machines and take action to correct known issues.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/commercial-gov.md b/windows/security/threat-protection/microsoft-defender-atp/commercial-gov.md
index dfff630e9d..7adc0c6ece 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/commercial-gov.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/commercial-gov.md
@@ -71,6 +71,10 @@ The following capabilities are not currently available:
- Integration with third-party products
+## Email notifications
+Not currently available.
+
+
## Integrations
Integrations with the following Microsoft products are not currently available:
- Azure Security Center
diff --git a/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md b/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md
index 396e2730fb..9049705849 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md
@@ -24,7 +24,7 @@ ms.topic: article
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-conditionalaccess-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-conditionalaccess-abovefoldlink)
Conditional Access is a capability that helps you better protect your users and enterprise information by making sure that only secure devices have access to applications.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md b/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md
index f6f11da946..fac075a33c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md
@@ -52,6 +52,19 @@ The goal is to remediate the issues in the security recommendations list to impr
See how you can [improve your security configuration](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios#improve-your-security-configuration), for details.
+>[!IMPORTANT]
+>To boost your vulnerability assessment detection rates, you can download the following set of optional security updates and deploy them in your network:
+>- 19H1 customers | [KB 4512941](https://support.microsoft.com/help/4512941/windows-10-update-kb4512941)
+>- RS5 customers | [KB 4516077](https://support.microsoft.com/help/4516077/windows-10-update-kb4516077)
+>- RS4 customers | [KB 4516045](https://support.microsoft.com/help/4516045/windows-10-update-kb4516045)
+>- RS3 customers | [KB 4516071](https://support.microsoft.com/help/4516071/windows-10-update-kb4516071)
+>
+>To download the security updates:
+>1. Go to [Microsoft Update Catalog](http://www.catalog.update.microsoft.com/home.aspx).
+>2. Key-in the security update KB number that you need to download, then click **Search**.
+>
+>Downloading the above-mentioned security updates will be mandatory starting Patch Tuesday, October 8, 2019.
+
## Related topics
- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md b/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md
index 22c9359f44..0b7d271c77 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md
@@ -1,6 +1,6 @@
---
-title: Configure HP ArcSight to pull Microsoft Defender ATP alerts
-description: Configure HP ArcSight to receive and pull alerts from Microsoft Defender Security Center
+title: Configure HP ArcSight to pull Microsoft Defender ATP detections
+description: Configure HP ArcSight to receive and pull detections from Microsoft Defender Security Center
keywords: configure hp arcsight, security information and events management tools, arcsight
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@@ -15,10 +15,9 @@ manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 12/20/2018
---
-# Configure HP ArcSight to pull Microsoft Defender ATP alerts
+# Configure HP ArcSight to pull Microsoft Defender ATP detections
**Applies to:**
@@ -27,12 +26,16 @@ ms.date: 12/20/2018
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configurearcsight-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configurearcsight-abovefoldlink)
-You'll need to install and configure some files and tools to use HP ArcSight so that it can pull Microsoft Defender ATP alerts.
+You'll need to install and configure some files and tools to use HP ArcSight so that it can pull Microsoft Defender ATP detections.
+
+>[!Note]
+>- [Microsoft Defender ATP Alert](alerts.md) is composed from one or more detections
+>- [Microsoft Defender ATP Detection](api-portal-mapping.md) is composed from the suspicious event occurred on the Machine and its related Alert details.
## Before you begin
-Configuring the HP ArcSight Connector tool requires several configuration files for it to pull and parse alerts from your Azure Active Directory (AAD) application.
+Configuring the HP ArcSight Connector tool requires several configuration files for it to pull and parse detections from your Azure Active Directory (AAD) application.
This section guides you in getting the necessary information to set and use the required configuration files correctly.
@@ -163,7 +166,7 @@ The following steps assume that you have completed all the required steps in [Be
You can now run queries in the HP ArcSight console.
-Microsoft Defender ATP alerts will appear as discrete events, with "Microsoft” as the vendor and “Windows Defender ATP” as the device name.
+Microsoft Defender ATP detections will appear as discrete events, with "Microsoft” as the vendor and “Windows Defender ATP” as the device name.
## Troubleshooting HP ArcSight connection
@@ -187,6 +190,6 @@ Microsoft Defender ATP alerts will appear as discrete events, with "Microsoft”
## Related topics
- [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md)
-- [Configure Splunk to pull Microsoft Defender ATP alerts](configure-splunk.md)
-- [Pull Microsoft Defender ATP alerts using REST API](pull-alerts-using-rest-api.md)
+- [Configure Splunk to pull Microsoft Defender ATP detections](configure-splunk.md)
+- [Pull Microsoft Defender ATP detections using REST API](pull-alerts-using-rest-api.md)
- [Troubleshoot SIEM tool integration issues](troubleshoot-siem.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md b/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md
index 3c3fa5ffff..944a823a64 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md
@@ -104,4 +104,4 @@ Take the following steps to enable Conditional Access:
For more information, see [Enable Microsoft Defender ATP with Conditional Access in Intune](https://docs.microsoft.com/intune/advanced-threat-protection).
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-conditionalaccess-belowfoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-conditionalaccess-belowfoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md b/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md
index a381b9ef5a..35c6a3a37d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md
@@ -23,7 +23,7 @@ ms.topic: article
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-emailconfig-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-emailconfig-abovefoldlink)
You can configure Microsoft Defender ATP to send email notifications to specified recipients for new alerts. This feature enables you to identify a group of individuals who will immediately be informed and can act on alerts based on their severity.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md
index 5e84c75371..fafeee5fd2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md
@@ -29,12 +29,14 @@ ms.date: 04/24/2018
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configureendpointsgp-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configureendpointsgp-abovefoldlink)
> [!NOTE]
> To use Group Policy (GP) updates to deploy the package, you must be on Windows Server 2008 R2 or later.
+> For Windows Server 2019, you may need to replace NT AUTHORITY\Well-Known-System-Account with NT AUTHORITY\SYSTEM of the XML file that the Group Policy preference creates.
+
## Onboard machines using Group Policy
1. Open the GP configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Microsoft Defender Security Center](https://securitycenter.windows.com/):
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md
index 88aa16e2cf..cc02d11893 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md
@@ -25,7 +25,7 @@ ms.date: 12/06/2018
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configureendpointsmdm-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configureendpointsmdm-abovefoldlink)
You can use mobile device management (MDM) solutions to configure machines. Microsoft Defender ATP supports MDMs by providing OMA-URIs to create policies to manage machines.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md
index 8be4bddd06..7da16a125c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md
@@ -8,6 +8,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
+ms.author macaparas
author: mjcaparas
ms.localizationpriority: medium
manager: dansimp
@@ -24,7 +25,7 @@ ms.topic: article
- Linux
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-nonwindows-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-nonwindows-abovefoldlink)
@@ -67,4 +68,4 @@ You'll need to take the following steps to onboard non-Windows machines:
- [Onboard Windows 10 machines](configure-endpoints.md)
- [Onboard servers](configure-server-endpoints.md)
- [Configure proxy and Internet connectivity settings](configure-proxy-internet.md)
-- [Troubleshooting Microsoft Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding.md)
\ No newline at end of file
+- [Troubleshooting Microsoft Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md
index f1e4b4412d..60b3f33af2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md
@@ -28,7 +28,7 @@ ms.date: 12/11/2018
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configureendpointssccm-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configureendpointssccm-abovefoldlink)
## Onboard Windows 10 machines using System Center Configuration Manager (current branch) version 1606
@@ -36,6 +36,8 @@ System Center Configuration Manager (SCCM) (current branch) version 1606, has UI
>[!NOTE]
> If you’re using SCCM client version 1606 with server version 1610 or above, you must upgrade the client version to match the server version.
+> Starting with version 1606 of Configuration Manager, see [Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/sccm/protect/deploy-use/windows-defender-advanced-threat-protection) for ATP configuration.
+
## Onboard Windows 10 machines using System Center Configuration Manager earlier versions
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md
index d326a4194b..f290c1d7b3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md
@@ -27,7 +27,7 @@ ms.topic: article
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configureendpointsscript-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configureendpointsscript-abovefoldlink)
You can also manually onboard individual machines to Microsoft Defender ATP. You might want to do this first when testing the service before you commit to onboarding all machines in your network.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
index 9bcaf00305..b268c9db63 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
@@ -25,7 +25,7 @@ ms.date: 04/24/2018
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configvdi-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configvdi-abovefoldlink)
## Onboard non-persistent virtual desktop infrastructure (VDI) machines
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md
index 3387e07476..bff2f62710 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md
@@ -45,4 +45,4 @@ Topic | Description
[Onboard non-persistent virtual desktop infrastructure (VDI) machines](configure-endpoints-vdi.md) | Learn how to use the configuration package to configure VDI machines.
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configureendpoints-belowfoldlink)
\ No newline at end of file
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configureendpoints-belowfoldlink)
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md
index 4640790859..3974d3dc84 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md
@@ -22,7 +22,7 @@ ms.topic: article
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
Each onboarded machine adds an additional endpoint detection and response (EDR) sensor and increases visibility over breach activity in your network. Onboarding also ensures that a machine can be checked for vulnerable components as well security configuration issues and can receive critical remediation actions during attacks.
@@ -44,32 +44,22 @@ The **Onboarding** card provides a high-level overview of your onboarding rate b
Microsoft Defender ATP provides several convenient options for [onboarding Windows 10 machines](onboard-configure.md). For Intune-managed machines, however, you can leverage Intune profiles to conveniently deploy the Microsoft Defender ATP sensor to select machines, effectively onboarding these devices to the service.
-From the **Onboarding** card, select **Onboard more machines** to create and assign a profile on Intune. The link takes you to a similar overview of your onboarding state.
+From the **Onboarding** card, select **Onboard more machines** to create and assign a profile on Intune. The link takes you to the device compliance page on Intune, which provides a similar overview of your onboarding state.
+
+
+ *Microsoft Defender ATP device compliance page on Intune device management*
>[!TIP]
>Alternatively, you can navigate to the Microsoft Defender ATP onboarding compliance page in the [Microsoft Azure portal](https://portal.azure.com/) from **All services > Intune > Device compliance > Microsoft Defender ATP**.
-From the overview, create a configuration profile specifically for the deployment of the Microsoft Defender ATP sensor and assign that profile to the machines you want to onboard.
+From the device compliance page, create a configuration profile specifically for the deployment of the Microsoft Defender ATP sensor and assign that profile to the machines you want to onboard. To do this, you can either:
-1. Select **Create a device configuration profile to configure ATP sensor**.
+- Select **Create a device configuration profile to configure ATP sensor** to start with a predefined device configuration profile.
+- Create the device configuration profile from scratch.
- 
- *Microsoft Defender ATP device compliance page on Intune device management*
+For more information, [read about using Intune device configuration profiles to onboard machines to Microsoft Defender ATP](https://docs.microsoft.com/en-us/intune/advanced-threat-protection#onboard-devices-by-using-a-configuration-profile).
-2. Specify a name for the profile, specify desired configuration options for sample sharing and reporting frequency, and select **Create** to save the new profile.
-
- 
- *Configuration profile creation*
-
-3. After creating the profile, assign it to all your machines. You can review profiles and their deployment status anytime by accessing **Device configuration > Profiles** on Intune.
-
- 
- *Assigning the new profile to all machines*
-
->[!TIP]
->To learn more about Intune profiles, read about [assigning user and device profiles](https://docs.microsoft.com/intune/device-profile-assign).
-
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-belowfoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-belowfoldlink)
# Related topics
- [Ensure your machines are configured properly](configure-machines.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md
index 5c04c5d86d..c51725fb99 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md
@@ -22,7 +22,7 @@ ms.topic: article
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
Security baselines ensure that security features are configured according to guidance from both security experts and expert Windows system administrators. When deployed, the Microsoft Defender ATP security baseline sets Microsoft Defender ATP security controls to provide optimal protection.
@@ -95,7 +95,7 @@ Machine configuration management monitors baseline compliance only of Windows 10
>[!TIP]
>Security baselines on Intune provide a convenient way to comprehensively secure and protect your machines. [Learn more about security baselines on Intune](https://docs.microsoft.com/intune/security-baselines).
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-belowfoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-belowfoldlink)
# Related topics
- [Ensure your machines are configured properly](configure-machines.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md
index 11f16e8b9f..463aa8e967 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md
@@ -22,7 +22,7 @@ ms.topic: conceptual
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
With properly configured machines, you can boost overall resilience against threats and enhance your capability to detect and respond to attacks. Security configuration management helps ensure that your machines:
@@ -76,4 +76,4 @@ Topic | Description
[Increase compliance to the Microsoft Defender ATP security baseline](configure-machines-security-baseline.md) | Track baseline compliance and noncompliance. Deploy the security baseline to more Intune-managed machines.
[Optimize ASR rule deployment and detections](configure-machines-asr.md) | Review rule deployment and tweak detections using impact analysis tools in Microsoft 365 security center.
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-belowfoldlink)
\ No newline at end of file
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-belowfoldlink)
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
index e07aee7cf0..584f376ee3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
@@ -23,11 +23,9 @@ ms.topic: article
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-[!Include[Prerelease information](prerelease.md)]
+[!include[Prerelease information](prerelease.md)]
## Before you begin
-To experience the full Microsoft Threat Experts targeted attack notification capability in Microsoft Defender ATP, and preview the experts-on-demand capability, you need to have a valid Premier customer service and support account. Premier charges are not incurred during for the capability in preview, but for the generally available capability, there will be charges.
-
Ensure that you have Microsoft Defender ATP deployed in your environment with machines enrolled, and not just on a laboratory set-up.
## Register to Microsoft Threat Experts managed threat hunting service
@@ -36,13 +34,13 @@ If you're already a Microsoft Defender ATP customer, you can apply through the M
1. From the navigation pane, go to **Settings > General > Advanced features > Microsoft Threat Experts**.
2. Click **Apply**.
-
+
3. Enter your name and email address so that Microsoft can get back to you on your application.
-
+
4. Read the privacy statement, then click **Submit** when you're done. You will receive a welcome email once your application is approved.
-
+
6. From the navigation pane, go to **Settings** > **General** > **Advanced features** to turn the **Threat Experts** toggle on. Click **Save preferences**.
@@ -64,48 +62,32 @@ You'll start receiving targeted attack notification from Microsoft Threat Expert
2. From the dashboard, select the same alert topic that you got from the email, to view the details.
-## Ask a Microsoft threat expert about suspicious cybersecurity activities in your organization
+## Consult a Microsoft threat expert about suspicious cybersecurity activities in your organization
>[!NOTE]
>The Microsoft Threat Experts' experts-on-demand capability is still in preview. You can only use the experts-on-demand capability if you have applied for preview and your application has been approved.
-You can partner with Microsoft Threat Experts who can be engaged directly from within the Windows Defender Security Center for timely and accurate response. Experts provide insights to better understand complex threats, targeted attack notifications that you get, or if you need more information about the alerts, a potentially compromised machine, or a threat intelligence context that you see on your portal dashboard.
+You can partner with Microsoft Threat Experts who can be engaged directly from within the Microsoft Defender Security Center for timely and accurate response. Experts provide insights to better understand complex threats, targeted attack notifications that you get, or if you need more information about the alerts, a potentially compromised machine, or a threat intelligence context that you see on your portal dashboard.
>[!NOTE]
>Alert inquiries related to your organization's customized threat intelligence data are currently not supported. Consult your security operations or incident response team for details.
-1. Navigate to the portal page with the relevant information that you'd like to investigate, for example, the **Incident** page. Ensure that the page for the relevant alert or machine is in view before you send an inquiry.
-2. From the upper right-hand menu, click **?**. Then, select **Ask a threat expert**.
-3. Asking a threat expert is a two-step process: provide the necessary information and open a support ticket.
-
- **Step 1: Provide information**
- a. Provide enough information to give the Microsoft Threat Experts enough context to start the investigation. Select the inquiry category from the **Provide information > Inquiry** details drop-down menu.
-
- b. Enter the additional details to give the threat experts more context of what you’d like to investigate. Click **Next**, and it takes you to the **Open support ticket** tab.
-
- c. Remember to use the ID number from the **Open a support ticket** tab page and include it to the details you will provide in the subsequent Customer Services and Support (CSS) pages.
+1. Navigate to the portal page with the relevant information that you'd like to investigate, for example, the **Incident** page. Ensure that the page for the relevant alert or machine is in view before you send an investigation request.
- **Step 2: Open a support ticket**
- >[!NOTE]
- >To experience the full Microsoft Threat Experts preview capability in Microsoft Defender ATP, you need a Premier customer service and support account. However, you will not be charged for the Experts-on-demand service during the preview.
-
- a. In the **New support request** customer support page, select the following from the dropdown menu and then click **Next**:
+2. From the upper right-hand menu, click **?**. Then, select **Consult a threat expert**.
- **Select the product family**: **Security**
- **Select a product**: **Microsoft Threat Experts**
- **Select a category that best describes the issue**: **Microsoft Defender ATP**
- **Select a problem that best describes the issue**: Choose according to your inquiry category
-
- b. Fill out the fields with the necessary information about the issue and use the auto-generated ID when you open a Customer Services and Support (CSS) ticket. Then, click **Next**.
-
- c. In the **Select a support plan** page, select **Professional No Charge**.
+>
- d. The severity of your issue has been pre-selected by default, per the support plan, **Professional No Charge**, that you'll use for this public preview. Select the time zone by which you'd like to receive the correspondence. Then, click **Next**.
-
- e. Verify your contact details and add another if necessary. Then, click **Next**.
+>A flyout screen opens.
- f. Review the summary of your support request, and update if necessary. Make sure that you read and understand the **Microsoft Services Agreement** and **Privacy Statement**. Then, click **Submit**. A confirmation page indicating the response time and your support request number shows.
+>
-## Sample questions to ask Microsoft Threat Experts
+>The **Inquiry topic** field is pre-populated with the link to the relevant page for your investigation request. For example, a link to the incident, alert, or machine details page that you were at when you made the request.
+
+3. In the next field, provide enough information to give the Microsoft Threat Experts enough context to start the investigation.
+
+4. Enter the email address that you'd like to use to correspond with Microsoft Threat Experts.
+
+## Sample investigation topics that you can consult with Microsoft Threat Experts
**Alert information**
- We see a new type of alert for a living-off-the-land binary: [AlertID]. Can you tell us something more about this alert and how we can investigate further?
@@ -118,7 +100,7 @@ You can partner with Microsoft Threat Experts who can be engaged directly from w
- Can you help validate a possible compromise on the following system on [date] with similar behaviors as the previous [malware name] malware detection on the same system in [month]?
**Threat intelligence details**
-- This morning, we detected a phishing email that delivered a malicious Word document to a user. This caused a series of suspicious events which triggered multiple Windows Defender alerts for [malware name] malware. Do you have any information on this malware? If yes, can you send me a link?
+- This morning, we detected a phishing email that delivered a malicious Word document to a user. This caused a series of suspicious events which triggered multiple Microsoft Defender alerts for [malware name] malware. Do you have any information on this malware? If yes, can you send me a link?
- I recently saw a [social media reference e.g., Twitter or blog] post about a threat that is targeting my industry. Can you help me understand what protection Microsoft Defender ATP provides against this threat actor?
**Microsoft Threat Experts’ alert communications**
@@ -132,10 +114,14 @@ You can partner with Microsoft Threat Experts who can be engaged directly from w
## Scenario
### Receive a progress report about your managed hunting inquiry
-Response from Microsoft Threat Experts varies according to your inquiry. They will email a progress report to you about the Ask a threat expert inquiry that you've submitted, within two days, to communicate the investigation status from the following categories:
+Response from Microsoft Threat Experts varies according to your inquiry. They will email a progress report to you about your **Consult a threat expert** inquiry within two days, to communicate the investigation status from the following categories:
- More information is needed to continue with the investigation
- A file or several file samples are needed to determine the technical context
- Investigation requires more time
- Initial information was enough to conclude the investigation
It is crucial to respond in a timely manner to keep the investigation moving. See the Premier customer service and support service level agreement for details.
+
+## Related topic
+- [Microsoft Threat Experts overview](microsoft-threat-experts.md)
+
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md
index 406b15ff97..33c9d7d4d1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md
@@ -26,7 +26,7 @@ ms.date: 09/03/2018
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-mssp-support-abovefoldlink)
+>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
[!include[Prerelease information](prerelease.md)]
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
index 3ba4e51fda..5830eaa9af 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
@@ -109,7 +109,7 @@ If a proxy or firewall is blocking all traffic by default and allowing only spec
Service location | Microsoft.com DNS record
-|-
-Common URLs for all locations | ```*.blob.core.windows.net```
```crl.microsoft.com```
```ctldl.windowsupdate.com```
```events.data.microsoft.com```
```notify.windows.com```
+Common URLs for all locations | ```*.blob.core.windows.net```
```crl.microsoft.com```
```ctldl.windowsupdate.com```
```events.data.microsoft.com```
```notify.windows.com```
```settings-win.data.microsoft.com ```
European Union | ```eu.vortex-win.data.microsoft.com```
```eu-v20.events.data.microsoft.com```
```winatp-gw-neu.microsoft.com```
```winatp-gw-weu.microsoft.com```
United Kingdom | ```uk.vortex-win.data.microsoft.com```
```uk-v20.events.data.microsoft.com```
```winatp-gw-uks.microsoft.com```
```winatp-gw-ukw.microsoft.com```
United States | ```us.vortex-win.data.microsoft.com```
```us-v20.events.data.microsoft.com```
```winatp-gw-cus.microsoft.com```
```winatp-gw-eus.microsoft.com```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
index 6b24d02ebe..7e89edf437 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
@@ -9,6 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
author: mjcaparas
+ms.author: macapara
ms.localizationpriority: medium
manager: dansimp
audience: ITPro
@@ -20,22 +21,20 @@ ms.topic: article
**Applies to:**
-- Windows Server 2008 R2 SP1 (pre-release)
+- Windows Server 2008 R2 SP1
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server, version 1803
- Windows Server, 2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-[!include[Prerelease information](prerelease.md)]
-
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configserver-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configserver-abovefoldlink)
Microsoft Defender ATP extends support to also include the Windows Server operating system, providing advanced attack detection and investigation capabilities, seamlessly through the Microsoft Defender Security Center console.
The service supports the onboarding of the following servers:
-- Windows Server 2008 R2 SP1 (pre-release)
+- Windows Server 2008 R2 SP1
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server, version 1803
@@ -66,7 +65,7 @@ You'll need to take the following steps if you choose to onboard servers through
- For Windows Server 2008 R2 SP1, ensure that you fulfill the following requirements:
- Install the [February monthly update rollup](https://support.microsoft.com/en-us/help/4074598/windows-7-update-kb4074598)
- Install the [Update for customer experience and diagnostic telemetry](https://support.microsoft.com/en-us/help/3080149/update-for-customer-experience-and-diagnostic-telemetry)
- - Install either [.NET framework 4.5](https://www.microsoft.com/en-us/download/details.aspx?id=30653) (or later) or [KB3154518](https://support.microsoft.com/help/3154518/support-for-tls-system-default-versions-included-in-the-net-framework)
+ - Install either [.NET framework 4.5](https://www.microsoft.com/download/details.aspx?id=30653) (or later) or [KB3154518](https://support.microsoft.com/help/3154518/support-for-tls-system-default-versions-included-in-the-net-framework)
- For Windows Server 2008 R2 SP1 and Windows Server 2012 R2: Configure and update System Center Endpoint Protection clients.
@@ -75,7 +74,7 @@ You'll need to take the following steps if you choose to onboard servers through
>This step is required only if your organization uses System Center Endpoint Protection (SCEP) and you're onboarding Windows Server 2008 R2 SP1 and Windows Server 2012 R2.
- Turn on server monitoring from Microsoft Defender Security Center.
-- If you're already leveraging System Center Operations Manager (SCOM) or Azure Monitor (formerly known as Operations Management Suite (OMS)), simply attach the Microsoft Monitoring Agent (MMA) to report to your Microsoft Defender ATP workspace through Multi Homing support. Otherwise, install and configure MMA to report sensor data to Microsoft Defender ATP as instructed below. For more information, see [Collect log data with Azure Log Analytics agent](https://docs.microsoft.com/azure/azure-monitor/platform/log-analytics-agent).
+- If you're already leveraging System Center Operations Manager (SCOM) or Azure Monitor (formerly known as Operations Management Suite (OMS)), simply attach the Microsoft Monitoring Agent (MMA) to report to your Microsoft Defender ATP workspace through Multihoming support. Otherwise, install and configure MMA to report sensor data to Microsoft Defender ATP as instructed below. For more information, see [Collect log data with Azure Log Analytics agent](https://docs.microsoft.com/azure/azure-monitor/platform/log-analytics-agent).
>[!TIP]
@@ -207,7 +206,7 @@ For other server versions, you have two options to offboard servers from the ser
>[!NOTE]
>Offboarding causes the server to stop sending sensor data to the portal but data from the server, including reference to any alerts it has had will be retained for up to 6 months.
-### Uninstall servers by uinstalling the MMA agent
+### Uninstall servers by uninstalling the MMA agent
To offboard the server, you can uninstall the MMA agent from the server or detach it from reporting to your Microsoft Defender ATP workspace. After offboarding the agent, the server will no longer send sensor data to Microsoft Defender ATP.
For more information, see [To disable an agent](https://docs.microsoft.com/azure/log-analytics/log-analytics-windows-agents#to-disable-an-agent).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md b/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md
index c5e8719018..521fbb5621 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md
@@ -1,6 +1,6 @@
---
-title: Pull alerts to your SIEM tools from Microsoft Defender Advanced Threat Protection
-description: Learn how to use REST API and configure supported security information and events management tools to receive and pull alerts.
+title: Pull detections to your SIEM tools from Microsoft Defender Advanced Threat Protection
+description: Learn how to use REST API and configure supported security information and events management tools to receive and pull detections.
keywords: configure siem, security information and events management tools, splunk, arcsight, custom indicators, rest api, alert definitions, indicators of compromise
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@@ -18,16 +18,21 @@ ms.topic: article
ms.date: 10/16/2017
---
-# Pull alerts to your SIEM tools
+# Pull detections to your SIEM tools
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configuresiem-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configuresiem-abovefoldlink)
-## Pull alerts using security information and events management (SIEM) tools
-Microsoft Defender ATP supports (SIEM) tools to pull alerts. Microsoft Defender ATP exposes alerts through an HTTPS endpoint hosted in Azure. The endpoint can be configured to pull alerts from your enterprise tenant in Azure Active Directory (AAD) using the OAuth 2.0 authentication protocol for an AAD application that represents the specific SIEM connector installed in your environment.
+## Pull detections using security information and events management (SIEM) tools
+
+>[!Note]
+>- [Microsoft Defender ATP Alert](alerts.md) is composed from one or more detections
+>- [Microsoft Defender ATP Detection](api-portal-mapping.md) is composed from the suspicious event occurred on the Machine and its related Alert details.
+
+Microsoft Defender ATP supports security information and event management (SIEM) tools to pull detections. Microsoft Defender ATP exposes alerts through an HTTPS endpoint hosted in Azure. The endpoint can be configured to pull detections from your enterprise tenant in Azure Active Directory (AAD) using the OAuth 2.0 authentication protocol for an AAD application that represents the specific SIEM connector installed in your environment.
Microsoft Defender ATP currently supports the following SIEM tools:
@@ -39,16 +44,16 @@ To use either of these supported SIEM tools you'll need to:
- [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md)
- Configure the supported SIEM tool:
- - [Configure Splunk to pull Microsoft Defender ATP alerts](configure-splunk.md)
- - [Configure HP ArcSight to pull Microsoft Defender ATP alerts](configure-arcsight.md)
+ - [Configure Splunk to pull Microsoft Defender ATP detections](configure-splunk.md)
+ - [Configure HP ArcSight to pull Microsoft Defender ATP detections](configure-arcsight.md)
-For more information on the list of fields exposed in the alerts API see, [Microsoft Defender ATP alert API fields](api-portal-mapping.md).
+For more information on the list of fields exposed in the Detection API see, [Microsoft Defender ATP Detection fields](api-portal-mapping.md).
-## Pull Microsoft Defender ATP alerts using REST API
-Microsoft Defender ATP supports the OAuth 2.0 protocol to pull alerts using REST API.
+## Pull Microsoft Defender ATP detections using REST API
+Microsoft Defender ATP supports the OAuth 2.0 protocol to pull detections using REST API.
-For more information, see [Pull Microsoft Defender ATP alerts using REST API](pull-alerts-using-rest-api.md).
+For more information, see [Pull Microsoft Defender ATP detections using REST API](pull-alerts-using-rest-api.md).
## In this section
@@ -56,8 +61,8 @@ For more information, see [Pull Microsoft Defender ATP alerts using REST API](pu
Topic | Description
:---|:---
[Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md)| Learn about enabling the SIEM integration feature in the **Settings** page in the portal so that you can use and generate the required information to configure supported SIEM tools.
-[Configure Splunk to pull Microsoft Defender ATP alerts](configure-splunk.md)| Learn about installing the REST API Modular Input app and other configuration settings to enable Splunk to pull Microsoft Defender ATP alerts.
-[Configure HP ArcSight to pull Microsoft Defender ATP alerts](configure-arcsight.md)| Learn about installing the HP ArcSight REST FlexConnector package and the files you need to configure ArcSight to pull Microsoft Defender ATP alerts.
-[Microsoft Defender ATP alert API fields](api-portal-mapping.md) | Understand what data fields are exposed as part of the alerts API and how they map to Microsoft Defender Security Center.
-[Pull Microsoft Defender ATP alerts using REST API](pull-alerts-using-rest-api.md) | Use the Client credentials OAuth 2.0 flow to pull alerts from Microsoft Defender ATP using REST API.
+[Configure Splunk to pull Microsoft Defender ATP detections](configure-splunk.md)| Learn about installing the REST API Modular Input App and other configuration settings to enable Splunk to pull Microsoft Defender ATP detections.
+[Configure HP ArcSight to pull Microsoft Defender ATP detections](configure-arcsight.md)| Learn about installing the HP ArcSight REST FlexConnector package and the files you need to configure ArcSight to pull Microsoft Defender ATP detections.
+[Microsoft Defender ATP Detection fields](api-portal-mapping.md) | Understand what data fields are exposed as part of the alerts API and how they map to Microsoft Defender Security Center.
+[Pull Microsoft Defender ATP detections using REST API](pull-alerts-using-rest-api.md) | Use the Client credentials OAuth 2.0 flow to pull detections from Microsoft Defender ATP using REST API.
[Troubleshoot SIEM tool integration issues](troubleshoot-siem.md) | Address issues you might encounter when using the SIEM integration feature.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md b/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md
index 13cf662e66..fd5efbf9ea 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md
@@ -1,6 +1,6 @@
---
-title: Configure Splunk to pull Microsoft Defender ATP alerts
-description: Configure Splunk to receive and pull alerts from Microsoft Defender Security Center.
+title: Configure Splunk to pull Microsoft Defender ATP detections
+description: Configure Splunk to receive and pull detections from Microsoft Defender Security Center.
keywords: configure splunk, security information and events management tools, splunk
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@@ -17,7 +17,7 @@ ms.collection: M365-security-compliance
ms.topic: article
---
-# Configure Splunk to pull Microsoft Defender ATP alerts
+# Configure Splunk to pull Microsoft Defender ATP detections
**Applies to:**
@@ -26,9 +26,13 @@ ms.topic: article
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configuresplunk-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configuresplunk-abovefoldlink)
-You'll need to configure Splunk so that it can pull Microsoft Defender ATP alerts.
+You'll need to configure Splunk so that it can pull Microsoft Defender ATP detections.
+
+>[!Note]
+>- [Microsoft Defender ATP Alert](alerts.md) is composed from one or more detections
+>- [Microsoft Defender ATP Detection](api-portal-mapping.md) is composed from the suspicious event occurred on the Machine and its related Alert details.
## Before you begin
@@ -36,19 +40,19 @@ You'll need to configure Splunk so that it can pull Microsoft Defender ATP alert
- Make sure you have enabled the **SIEM integration** feature from the **Settings** menu. For more information, see [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md)
- Have the details file you saved from enabling the **SIEM integration** feature ready. You'll need to get the following values:
- - OAuth 2 Token refresh URL
- - OAuth 2 Client ID
- - OAuth 2 Client secret
+ - Tenant ID
+ - Client ID
+ - Client Secret
+ - Resource URL
-- Have the refresh token that you generated from the SIEM integration feature ready.
## Configure Splunk
1. Login in to Splunk.
-2. Click **Search & Reporting**, then **Settings** > **Data inputs**.
+2. Go to **Settings** > **Data inputs**.
-3. Click **REST** under **Local inputs**.
+3. Select **Windows Defender ATP alerts** under **Local inputs**.
NOTE:
This input will only appear after you install the [Windows Defender ATP Modular Inputs TA](https://splunkbase.splunk.com/app/4128/).
@@ -67,86 +71,61 @@ You'll need to configure Splunk so that it can pull Microsoft Defender ATP alert
Value |
- | Endpoint URL |
+ Name |
+ Name for the Data Input |
+
+ Login URL |
+ URL to authenticate the azure app (Default : https://login.microsoftonline.com) |
+
+ Endpoint |
Depending on the location of your datacenter, select any of the following URL: For EU: https://wdatp-alertexporter-eu.securitycenter.windows.com/api/alerts
For US:https://wdatp-alertexporter-us.securitycenter.windows.com/api/alerts
For UK:https://wdatp-alertexporter-uk.securitycenter.windows.com/api/alerts
|
- | HTTP Method |
- GET |
+ Tenant ID |
+ Azure Tenant ID |
- Authentication Type |
- oauth2 |
+ Resource |
+ Value from the SIEM integration feature page |
- | OAuth 2 Access token |
- Use the value that you generated when you enabled the SIEM integration feature. NOTE: The access token expires after an hour. |
+ Client ID |
+ Value from the SIEM integration feature page |
- | OAuth 2 Refresh Token |
- Use the value that you generated when you enabled the SIEM integration feature. |
-
-
- | OAuth 2 Token Refresh URL |
- Use the value from the details file you saved when you enabled the SIEM integration feature. |
-
-
- | OAuth 2 Client ID |
- Use the value from the details file you saved when you enabled the SIEM integration feature. |
-
-
- | OAuth 2 Client Secret |
- Use the value from the details file you saved when you enabled the SIEM integration feature. |
-
-
- | Response type |
- Json |
-
-
- | Response Handler |
- JSONArrayHandler |
-
-
- | Polling Interval |
- Number of seconds that Splunk will ping the Microsoft Defender ATP machine. Accepted values are in seconds. |
-
-
- | Set sourcetype |
- Manual |
-
-
- | Source type |
- _json |
+ Client Secret |
+ Value from the SIEM integration feature page |
+
After completing these configuration steps, you can go to the Splunk dashboard and run queries.
-## View alerts using Splunk solution explorer
-Use the solution explorer to view alerts in Splunk.
+## View detections using Splunk solution explorer
+Use the solution explorer to view detections in Splunk.
1. In Splunk, go to **Settings** > **Searchers, reports, and alerts**.
2. Select **New**.
3. Enter the following details:
- - Destination app: Select Search & Reporting (search)
- - Search name: Enter a name for the query
- Search: Enter a query, for example:
- `source="rest://windows atp alerts"|spath|table*`
+ `sourcetype="wdatp:alerts" |spath|table*`
+ - App: Add-on for Windows Defender (TA_Windows-defender)
Other values are optional and can be left with the default values.
+
4. Click **Save**. The query is saved in the list of searches.
5. Find the query you saved in the list and click **Run**. The results are displayed based on your query.
>[!TIP]
-> To mininimize alert duplications, you can use the following query:
->```source="rest://windows atp alerts" | spath | dedup _raw | table *```
+> To minimize Detection duplications, you can use the following query:
+>```source="rest://wdatp:alerts" | spath | dedup _raw | table *```
## Related topics
- [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md)
-- [Configure ArcSight to pull Microsoft Defender ATP alerts](configure-arcsight.md)
-- [Microsoft Defender ATP alert API fields](api-portal-mapping.md)
-- [Pull Microsoft Defender ATP alerts using REST API](pull-alerts-using-rest-api.md)
+- [Configure ArcSight to pull Microsoft Defender ATP detections](configure-arcsight.md)
+- [Microsoft Defender ATP Detection fields](api-portal-mapping.md)
+- [Pull Microsoft Defender ATP detections using REST API](pull-alerts-using-rest-api.md)
- [Troubleshoot SIEM tool integration issues](troubleshoot-siem.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md b/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md
new file mode 100644
index 0000000000..97adf97d65
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md
@@ -0,0 +1,45 @@
+---
+title: Connected applications in Microsoft Defender ATP
+ms.reviewer:
+description: View connected partner applications to Microsoft Defender ATP
+keywords: partners, applications, third-party, connections, sentinelone, lookout, bitdefender, corrata, morphisec, paloalto, ziften, better mobile
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: macapara
+author: mjcaparas
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance
+ms.topic: conceptual
+---
+
+# Connected applications in Microsoft Defender ATP
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+[!include[Prerelease information](prerelease.md)]
+
+Connected applications integrates with the Microsoft Defender ATP platform using APIs.
+
+Applications use standard OAuth 2.0 protocol to authenticate and provide tokens for use with Microsoft Defender ATP APIs. In addition, Azure Active Directory (Azure AD) applications allow tenant admins to set explicit control over which APIs can be accessed using the corresponding app.
+
+You'll need to follow [these steps](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/apis-intro) to use the APIs with the connected application.
+
+## Access the connected application page
+From the left navigation menu, select **Partners & APIs** > **Connected AAD applications**.
+
+
+## View connected application details
+The Connected applications page provides information about the Azure AD applications connected to Microsoft Defender ATP in your organization. You can review the usage of the connected applications: last seen, number of requests in the past 24 hours, and request trends in the last 30 days.
+
+
+
+## Edit, reconfigure, or delete a connected application
+The **Open application settings** link opens the corresponding Azure AD application management page in the Azure portal. From the Azure portal, you can manage permissions, reconfigure, or delete the connected applications.
+
+
diff --git a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md
index 9561fe831c..0af9f2e7a8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md
@@ -1,16 +1,16 @@
---
-title: Create custom detection rules in Microsoft Defender ATP
+title: Create and manage custom detection rules in Microsoft Defender ATP
ms.reviewer:
-description: Learn how to create custom detections rules based on advanced hunting queries
-keywords: create custom detections, detections, advanced hunting, hunt, detect, query
+description: Learn how to create and manage custom detections rules based on advanced hunting queries
+keywords: custom detections, create, manage, alerts, edit, run on demand, frequency, interval, detection rules, advanced hunting, hunt, query, response actions, mdatp, microsoft defender atp
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
-ms.author: macapara
-author: mjcaparas
+ms.author: lomayor
+author: lomayor
ms.localizationpriority: medium
manager: dansimp
audience: ITPro
@@ -19,53 +19,86 @@ ms.topic: article
---
-# Create custom detections rules
+# Create and manage custom detections rules
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-Create custom detection rules from [Advanced hunting](overview-hunting.md) queries to automatically check for threat indicators and generate alerts whenever these indicators are found.
+Custom detection rules built from [Advanced hunting](overview-hunting.md) queries let you proactively monitor various events and system states, including suspected breach activity and misconfigured machines. The queries run every 24 hours, generating alerts and taking response actions whenever there are matches.
>[!NOTE]
->To create and manage custom detections, [your role](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group) needs to have the **manage security settings** permission. For the detection rule to work properly and create alerts, the query must return in each row a set of MachineId, ReportId, EventTime which match to an actual event in advanced hunting.
+>To create and manage custom detections, [your role](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group) needs to have the **manage security settings** permission.
-1. In the navigation pane, select **Advanced hunting**.
+## Create a custom detection rule
+### 1. Prepare the query.
-2. Select an existing query that you'd like to base the monitor on or create a new query.
+In Microsoft Defender Security Center, go to **Advanced hunting** and select an existing query or create a new query. When using an new query, run the query to identify errors and understand possible results.
-3. Select **Create detection rule**.
+>[!NOTE]
+>To use a query for a custom detection rule, the query must return the `EventTime`, `MachineId`, and `ReportId` columns in the results. Queries that don’t use the `project` operator to customize results usually return these common columns.
-4. Specify the alert details:
+### 2. Create new rule and provide alert details.
- - Alert title
- - Severity
- - Category
- - Description
- - Recommended actions
+With the query in the query editor, select **Create detection rule** and specify the following alert details:
-5. Click **Create**.
+- **Alert title**
+- **Severity**
+- **Category**
+- **Description**
+- **Recommended actions**
-> [!TIP]
-> TIP #1: Running the query for the first time before saving it can help you find any mistakes or errors and give you a preview of the data you can expect to be returned.
-> When a new detection rule is created, it will run for the first time (it might take a few minutes) and raise any alerts created by this rule. After that, the rule will automatically run every 24 hours.
-> TIP #2: Since the detection automatically runs every 24 hours, it's best to query data in the last 24 hours.
+For more information about these alert details, [read about managing alerts](manage-alerts.md).
+
+### 3. Specify actions on files or machines.
+Your custom detection rule can automatically take actions on files or machines that are returned by the query.
+
+#### Actions on machines
+These actions are applied to machines in the `MachineId` column of the query results:
+- **Isolate machine** — applies full network isolation, preventing the machine from connecting to any application or service, except for the Microsoft Defender ATP service. [Learn more about machine isolation](respond-machine-alerts.md#isolate-machines-from-the-network)
+- **Collect investigation package** — collects machine information in a ZIP file. [Learn more about the investigation package](respond-machine-alerts.md#collect-investigation-package-from-machines)
+- **Run antivirus scan** — performs a full Windows Defender Antivirus scan on the machine
+- **Initiate investigation** — initiates an [automated investigation](automated-investigations.md) on the machine
+
+#### Actions on files
+These actions are applied to files in the `SHA1` or the `InitiatingProcessSHA1` column of the query results:
+- **Allow/Block** — automatically adds the file to your [custom indicator list](manage-indicators.md) so that it is always allowed to run or blocked from running. You can set the scope of this action so that it is taken only on selected machine groups. This scope is independent of the scope of the rule.
+- **Quarantine file** — deletes the file from its current location and places a copy in quarantine
+
+### 4. Click **Create** to save and turn on the rule.
+When saved, the custom detection rule immediately runs. It runs again every 24 hours to check for matches, generate alerts, and take response actions.
## Manage existing custom detection rules
-View existing rules in your network, see the last results of each rule, navigate to view all alerts that were created by each rule. You can also modify existing rules.
+In **Settings** > **Custom detections**, you can view the list of existing custom detection rules, check their previous runs, and review the alerts they have triggered. You can also run a rule on demand and modify it.
-1. In the navigation pane, select **Settings** > **Custom detections**. You'll see all the detections created in the system.
+### View existing rules
-2. Select one of the rules to take any of the following actions:
- - Open related alerts - See all the alerts that were raised based to this rule
- - Run - Run the selected detection immediately.
+To view all existing custom detection rules, navigate to **Settings** > **Custom detections**. The page lists all the rules with the following run information:
- > [!NOTE]
- > The next run for the query will be in 24 hours after the last run.
-
- - Edit - Modify the settings of the rule.
- - Modify query - View and edit the query itself.
- - Turn off - Stop the query from running.
- - Delete
+- **Last run** — when a rule was last run to check for query matches and generate alerts
+- **Last run status** — whether a rule ran successfully
+- **Next run** — the next scheduled run
+- **Status** — whether a rule has been turned on or off
+### View rule details, modify rule, and run rule
+
+To view comprehensive information about a custom detection rule, select the name of rule from the list of rules in **Settings** > **Custom detections**. This opens a page about the custom detection rule with the following information:
+
+- General information about the rule, including the details of the alert, run status, and scope
+- List of triggered alerts
+- List of triggered actions
+
+
+*Custom detection rule page*
+
+You can also take the following actions on the rule from this page:
+
+- **Run** — run the rule immediately. This also resets the interval for the next run.
+- **Edit** — modify the rule without changing the query
+- **Modify query** — edit the query in Advanced hunting
+- **Turn on** / **Turn off** — enable the rule or stop it from running
+- **Delete** — turn off the rule and remove it
+
+>[!TIP]
+>To quickly view information and take action on an item in a table, use the selection column [✓] at the left of the table.
## Related topic
- [Custom detections overview](overview-custom-detections.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/custom-ti-api.md b/windows/security/threat-protection/microsoft-defender-atp/custom-ti-api.md
index 2601b05b63..90dbd0efc5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/custom-ti-api.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/custom-ti-api.md
@@ -25,7 +25,7 @@ ms.topic: article
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-customti-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-customti-abovefoldlink)
You can define custom alert definitions and indicators of compromise (IOC) using the threat intelligence API. Creating custom threat intelligence alerts allows you to generate specific alerts that are applicable to your organization.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md b/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md
index 249bf4cfb4..1c3591492a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md
@@ -26,7 +26,7 @@ ms.date: 04/24/2018
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-gensettings-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-gensettings-abovefoldlink)
During the onboarding process, a wizard takes you through the general settings of Microsoft Defender ATP. After onboarding, you might want to update the data retention settings.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md
index 2ad4f2c528..f59264a083 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md
@@ -90,6 +90,6 @@ Microsoft Defender ATP for Government (soon to be in preview) is currently under
By providing customers with compliant, independently-verified services, Microsoft makes it easier for customers to achieve compliance for the infrastructure and applications they run.
-For more information on the Microsoft Defender ATP ISO certification reports, see [Microsoft Trust Center](https://www.microsoft.com/en-us/trustcenter/compliance/iso-iec-27001).
+For more information on the Microsoft Defender ATP ISO certification reports, see [Microsoft Trust Center](https://www.microsoft.com/trustcenter/compliance/iso-iec-27001).
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-datastorage-belowfoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-datastorage-belowfoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md b/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md
index 4d9d0fa3ce..a8b1269d9c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md
@@ -28,7 +28,7 @@ ms.date: 04/24/2018
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-defendercompat-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-defendercompat-abovefoldlink)
The Microsoft Defender Advanced Threat Protection agent depends on Windows Defender Antivirus for some capabilities such as file scanning.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/deprecate.md b/windows/security/threat-protection/microsoft-defender-atp/deprecate.md
deleted file mode 100644
index 20b16719e7..0000000000
--- a/windows/security/threat-protection/microsoft-defender-atp/deprecate.md
+++ /dev/null
@@ -1,11 +0,0 @@
----
-ms.date: 10/17/2018
-ms.reviewer:
-manager: dansimp
-ms.author: macapara
-author: mjcaparas
----
-> [!WARNING]
->
->
-> This page documents a feature that will soon be deprecated. For the updated and supported version, see [Use the Microsoft Defender ATP APIs](use-apis.md).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
index a7ff6da08f..40cbdce038 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
@@ -55,7 +55,7 @@ For more information about disabling local list merging, see [Prevent or allow u
> If controlled folder access is configured with Group Policy, PowerShell, or MDM CSPs, the state will change in the Windows Security app after a restart of the device.
> If the feature is set to **Audit mode** with any of those tools, the Windows Security app will show the state as **Off**.
->If you are protecting user profile data, we recommend that the user profile should be on the default Windows installation drive.
+> If you are protecting user profile data, we recommend that the user profile should be on the default Windows installation drive.
## Intune
@@ -63,7 +63,7 @@ For more information about disabling local list merging, see [Prevent or allow u
1. Click **Device configuration** > **Profiles** > **Create profile**.
1. Name the profile, choose **Windows 10 and later** and **Endpoint protection**.
-1. Click **Configure** > **Windows Defender Exploit Guard** > **Network filtering** > **Enable**.
+1. Click **Configure** > **Windows Defender Exploit Guard** > **Controlled folder access** > **Enable**.
1. Type the path to each application that has access to protected folders and the path to any additional folder that needs protection and click **Add**.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-custom-ti.md b/windows/security/threat-protection/microsoft-defender-atp/enable-custom-ti.md
deleted file mode 100644
index 754b7d28e8..0000000000
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-custom-ti.md
+++ /dev/null
@@ -1,56 +0,0 @@
----
-title: Enable the custom threat intelligence API in Microsoft Defender ATP
-description: Learn how to setup the custom threat intelligence application in Microsoft Defender ATP to create custom threat intelligence (TI).
-keywords: enable custom threat intelligence application, custom ti application, application name, client id, authorization url, resource, client secret, access tokens
-search.product: eADQiWindows 10XVcnh
-search.appverid: met150
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: macapara
-author: mjcaparas
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance
-ms.topic: article
----
-
-# Enable the custom threat intelligence API in Microsoft Defender ATP (Deprecated)
-
-**Applies to:**
-
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-> [!TIP]
-> This topic has been deprecated. See [Indicators](ti-indicator.md) for the updated content.
->
-> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-enablecustomti-abovefoldlink)
-
-Before you can create custom threat intelligence (TI) using REST API, you'll need to set up the custom threat intelligence application through Microsoft Defender Security Center.
-
-1. In the navigation pane, select **Settings** > **Threat intel**.
-
- 
-
-2. Select **Enable threat intel API**. This activates the **Azure Active Directory application** setup sections with pre-populated values.
-
-3. Copy the individual values or select **Save details to file** to download a file that contains all the values.
-
- >[!WARNING]
- >The client secret is only displayed once. Make sure you keep a copy of it in a safe place.
- For more information about getting a new secret see, [Learn how to get a new secret](troubleshoot-custom-ti.md#learn-how-to-get-a-new-client-secret).
-
-4. Select **Generate tokens** to get an access and refresh token.
-
-You’ll need to use the access token in the Authorization header when doing REST API calls.
-
-## Related topics
-- [Understand threat intelligence concepts](threat-indicator-concepts.md)
-- [Create custom alerts using the threat intelligence API](custom-ti-api.md)
-- [PowerShell code examples for the custom threat intelligence API](powershell-example-code.md)
-- [Python code examples for the custom threat intelligence API](python-example-code.md)
-- [Experiment with custom threat intelligence alerts](experiment-custom-ti.md)
-- [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md b/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md
index 2c9fa62654..f27473d081 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md
@@ -1,6 +1,6 @@
---
title: Enable SIEM integration in Microsoft Defender ATP
-description: Enable SIEM integration to receive alerts in your security information and event management (SIEM) solution.
+description: Enable SIEM integration to receive detections in your security information and event management (SIEM) solution.
keywords: enable siem connector, siem, connector, security information and events
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@@ -15,7 +15,6 @@ manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 12/10/2018
---
# Enable SIEM integration in Microsoft Defender ATP
@@ -24,9 +23,13 @@ ms.date: 12/10/2018
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-enablesiem-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-enablesiem-abovefoldlink)
-Enable security information and event management (SIEM) integration so you can pull alerts from Microsoft Defender Security Center using your SIEM solution or by connecting directly to the alerts REST API.
+Enable security information and event management (SIEM) integration so you can pull detections from Microsoft Defender Security Center using your SIEM solution or by connecting directly to the detections REST API.
+
+>[!Note]
+>- [Microsoft Defender ATP Alert](alerts.md) is composed from one or more detections
+>- [Microsoft Defender ATP Detection](api-portal-mapping.md) is composed from the suspicious event occurred on the Machine and its related Alert details.
## Prerequisites
- The user who activates the setting must have permissions to create an app in Azure Active Directory (AAD). This is typically someone with a **Global administrator** role.
@@ -55,7 +58,7 @@ Enable security information and event management (SIEM) integration so you can p
> - WDATP-connector.jsonparser.properties
> - WDATP-connector.properties
- If you want to connect directly to the alerts REST API through programmatic access, choose **Generic API**.
+ If you want to connect directly to the detections REST API through programmatic access, choose **Generic API**.
4. Copy the individual values or select **Save details to file** to download a file that contains all the values.
@@ -64,14 +67,14 @@ Enable security information and event management (SIEM) integration so you can p
> [!NOTE]
> You'll need to generate a new Refresh token every 90 days.
-You can now proceed with configuring your SIEM solution or connecting to the alerts REST API through programmatic access. You'll need to use the tokens when configuring your SIEM solution to allow it to receive alerts from Microsoft Defender Security Center.
+You can now proceed with configuring your SIEM solution or connecting to the detections REST API through programmatic access. You'll need to use the tokens when configuring your SIEM solution to allow it to receive detections from Microsoft Defender Security Center.
## Integrate Microsoft Defender ATP with IBM QRadar
-You can configure IBM QRadar to collect alerts from Microsoft Defender ATP. For more information, see [IBM Knowledge Center](https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/c_dsm_guide_MS_Win_Defender_ATP_overview.html?cp=SS42VS_7.3.1).
+You can configure IBM QRadar to collect detections from Microsoft Defender ATP. For more information, see [IBM Knowledge Center](https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/c_dsm_guide_MS_Win_Defender_ATP_overview.html?cp=SS42VS_7.3.1).
## Related topics
-- [Configure Splunk to pull Microsoft Defender ATP alerts](configure-splunk.md)
-- [Configure HP ArcSight to pull Microsoft Defender ATP alerts](configure-arcsight.md)
-- [Microsoft Defender ATP alert API fields](api-portal-mapping.md)
-- [Pull Microsoft Defender ATP alerts using REST API](pull-alerts-using-rest-api.md)
+- [Configure Splunk to pull Microsoft Defender ATP detections](configure-splunk.md)
+- [Configure HP ArcSight to pull Microsoft Defender ATP detections](configure-arcsight.md)
+- [Microsoft Defender ATP Detection fields](api-portal-mapping.md)
+- [Pull Microsoft Defender ATP detections using REST API](pull-alerts-using-rest-api.md)
- [Troubleshoot SIEM tool integration issues](troubleshoot-siem.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluate-atp.md b/windows/security/threat-protection/microsoft-defender-atp/evaluate-atp.md
index 9ccbcfb220..2278aa052c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluate-atp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluate-atp.md
@@ -22,7 +22,7 @@ ms.topic: conceptual
[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) is a unified platform for preventative protection, post-breach detection, automated investigation, and response.
-You can evaluate Microsoft Defender Advanced Threat Protection in your organization by [starting your free trial](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp).
+You can evaluate Microsoft Defender Advanced Threat Protection in your organization by [starting your free trial](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp).
You can also evaluate the different security capabilities in Microsoft Defender ATP by using the following instructions.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
index f75898aa98..bc33d59c55 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
@@ -20,7 +20,6 @@ ms.topic: article
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-[!include[Prerelease information](prerelease.md)]
Conducting a comprehensive security product evaluation can be a complex process requiring cumbersome environment and machine configuration before an end-to-end attack simulation can actually be done. Adding to the complexity is the challenge of tracking where the simulation activities, alerts, and results are reflected during the evaluation.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md b/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md
index 080111bee7..2fe02c746b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md
@@ -342,7 +342,7 @@ See [!NOTE]
-> The event side pane now provides additional insight to the WIP and AIP protection status.
-
>[!TIP]
>These data points are also exposed through the ‘FileCreationEvents’ in advanced hunting, allowing advanced queries and schedule detection to take into account sensitivity labels and file protection status.
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md
index 11e43b707c..755dafb1e4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md
@@ -26,13 +26,17 @@ ms.date: 04/24/2018
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-investigatealerts-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatealerts-abovefoldlink)
Investigate alerts that are affecting your network, understand what they mean, and how to resolve them.
Click an alert to see the alert details view and the various tiles that provide information about the alert.
-You can also manage an alert and see alert metadata along with other information that can help you make better decisions on how to approach them. You'll also see a status of the automated investigation on the upper right corner. Clicking on the link will take you to the Automated investigations view. For more information, see [Automated investigations](automated-investigations.md).
+From the alert details view, you can manage an alert and see alert data such as severity, category, technique, along with other information that can help you make better decisions on how to approach them.
+
+The techniques reflected in the card are based on [MITRE enterprise techniques](https://attack.mitre.org/techniques/enterprise/).
+
+You'll also see a status of the automated investigation on the upper right corner. Clicking on the link will take you to the Automated investigations view. For more information, see [Automated investigations](automated-investigations.md).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md
index 18d267c4cd..487d24f359 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md
@@ -23,7 +23,7 @@ ms.topic: article
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-investigatemachines-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatemachines-abovefoldlink)
Microsoft Defender ATP supports network connection monitoring from different levels of the network stack. A challenging case is when the network uses a forward proxy as a gateway to the Internet.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md
index 8268c3ce96..5b10ecbcd6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md
@@ -26,7 +26,7 @@ ms.date: 04/24/2018
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-investigatedomain-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatedomain-abovefoldlink)
Investigate a domain to see if machines and servers in your enterprise network have been communicating with a known malicious domain.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md
index 6cb6750c1c..2f88847202 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md
@@ -26,7 +26,7 @@ ms.date: 04/24/2018
[!include[Prerelease information](prerelease.md)]
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-investigatefiles-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatefiles-abovefoldlink)
Investigate the details of a file associated with a specific alert, behavior, or event to help determine if the file exhibits malicious activities, identify the attack motivation, and understand the potential scope of the breach.
@@ -52,6 +52,7 @@ Along the top of the profile page, above the file information cards. Actions you
- Stop and quarantine
- Add/edit indicator
- Download file
+- Consult a threat expert
- Action center
For more information on these actions, see [Take response action on a file](respond-file-alerts.md).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md
index 4f3711af17..fd55917f2d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md
@@ -24,7 +24,7 @@ ms.date: 04/24/2018
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
Examine possible communication between your machines and external internet protocol (IP) addresses.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md
index c79fa83c94..eada51bd1c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md
@@ -23,7 +23,7 @@ ms.topic: article
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-investigatemachines-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatemachines-abovefoldlink)
Investigate the details of an alert raised on a specific machine to identify other behaviors or events that might be related to the alert or the potential scope of the breach.
@@ -60,6 +60,7 @@ Response actions run along the top of a specific machine page and include:
- Run antivirus scan
- Restrict app execution
- Isolate machine
+- Consult a threat expert
- Action center
You can take response actions in the Action center, in a specific machine page, or in a specific file page.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md
index 4ef33de1cf..e086f41f6b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md
@@ -23,7 +23,7 @@ ms.date: 04/24/2018
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-investigatgeuser-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatgeuser-abovefoldlink)
## Investigate user account entities
diff --git a/windows/security/threat-protection/microsoft-defender-atp/is-domain-seen-in-org.md b/windows/security/threat-protection/microsoft-defender-atp/is-domain-seen-in-org.md
deleted file mode 100644
index 38debbe291..0000000000
--- a/windows/security/threat-protection/microsoft-defender-atp/is-domain-seen-in-org.md
+++ /dev/null
@@ -1,82 +0,0 @@
----
-title: Is domain seen in org API
-description: Use this API to create calls related to checking whether a domain was seen in the organization.
-keywords: apis, graph api, supported apis, domain, domain seen
-search.product: eADQiWindows 10XVcnh
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: macapara
-author: mjcaparas
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance
-ms.topic: article
----
-
-# Was domain seen in org (Deprecated)
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-Answers whether a domain was seen in the organization.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
-
-Permission type | Permission | Permission display name
-:---|:---|:---
-Application | Url.Read.All | 'Read URLs'
-Delegated (work or school account) | URL.Read.All | 'Read URLs'
-
->[!Note]
-> When obtaining a token using user credentials:
->- The user needs to have at least the following role permission: 'View Data' (See [Create and manage roles](user-roles.md) for more information)
-
-## HTTP request
-```
-GET /api/domains/{domain}
-```
-
-## Request headers
-
-Header | Value
-:---|:---
-Authorization | Bearer {token}. **Required**.
-
-
-## Request body
-Empty
-
-## Response
-If successful and domain exists - 200 OK. If domain does not exist - 404 Not Found.
-
-## Example
-
-**Request**
-
-Here is an example of the request.
-
-[!include[Improve request performance](improve-request-performance.md)]
-
-```
-GET https://api.securitycenter.windows.com/api/domains/example.com
-Content-type: application/json
-```
-
-**Response**
-
-Here is an example of the response.
-
-
-```
-HTTP/1.1 200 OK
-Content-type: application/json
-{
- "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Domains/$entity",
- "host": "example.com"
-}
-```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/is-ip-seen-org.md b/windows/security/threat-protection/microsoft-defender-atp/is-ip-seen-org.md
deleted file mode 100644
index f112796be2..0000000000
--- a/windows/security/threat-protection/microsoft-defender-atp/is-ip-seen-org.md
+++ /dev/null
@@ -1,82 +0,0 @@
----
-title: Is IP seen in org API
-description: Answers whether an IP was seen in the organization.
-keywords: apis, graph api, supported apis, is, ip, seen, org, organization
-search.product: eADQiWindows 10XVcnh
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: macapara
-author: mjcaparas
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance
-ms.topic: article
----
-
-# Was IP seen in org (Deprecated)
-
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-Answers whether an IP was seen in the organization.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
-
-Permission type | Permission | Permission display name
-:---|:---|:---
-Application | Ip.Read.All | 'Read IP address profiles'
-Delegated (work or school account) | Ip.Read.All | 'Read IP address profiles'
-
->[!Note]
-> When obtaining a token using user credentials:
->- The user needs to have at least the following role permission: 'View Data' (See [Create and manage roles](user-roles.md) for more information)
-
-## HTTP request
-```
-GET /api/ips/{ip}
-```
-
-## Request headers
-
-Name | Type | Description
-:---|:---|:---
-Authorization | String | Bearer {token}. **Required**.
-
-
-## Request body
-Empty
-
-## Response
-If successful and IP exists - 200 OK. If IP do not exist - 404 Not Found.
-
-
-## Example
-
-**Request**
-
-Here is an example of the request.
-
-```
-GET https://api.securitycenter.windows.com/api/ips/10.209.67.177
-```
-
-**Response**
-
-Here is an example of the response.
-
-[!include[Improve request performance](improve-request-performance.md)]
-
-
-```
-HTTP/1.1 200 OK
-Content-type: application/json
-{
- "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Ips/$entity",
- "id": "10.209.67.177"
-}
-```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/licensing.md b/windows/security/threat-protection/microsoft-defender-atp/licensing.md
index 105fc8bd52..c86b827fd6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/licensing.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/licensing.md
@@ -24,7 +24,7 @@ ms.topic: article
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-validatelicense-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-validatelicense-abovefoldlink)
## Check license state
diff --git a/windows/security/threat-protection/microsoft-defender-atp/live-response.md b/windows/security/threat-protection/microsoft-defender-atp/live-response.md
index d3ed3224e5..151cc9a4d1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/live-response.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/live-response.md
@@ -22,8 +22,6 @@ ms.topic: article
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-[!include[Prerelease information](prerelease.md)]
-
Live response is a capability that gives you instantaneous access to a machine using a remote shell connection. This gives you the power to do in-depth investigative work and take immediate response actions to promptly contain identified threats – real-time.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md b/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md
index 6dff3ffaae..c9543f40e7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md
@@ -67,7 +67,8 @@ Machines with similar tags can be handy when you need to apply contextual action
Use the following registry key entry to add a tag on a machine:
- Registry key: `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection\DeviceTagging\`
-- Registry key value (string): Group
+- Registry key name: `Group`
+- Registry key value (REG_SZ): `Name of the tag you want to set`
>[!NOTE]
>The device tag is part of the machine information report that's generated once a day. As an alternative, you may choose to restart the endpoint that would transfer a new machine information report.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md b/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md
index 788a106f59..3380258c96 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md
@@ -23,7 +23,7 @@ ms.topic: article
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-machinesview-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-machinesview-abovefoldlink)
The **Machines list** shows a list of the machines in your network where alerts were generated. By default, the queue displays machines with alerts seen in the last 30 days.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md
index 36e579945b..c66fbce85b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md
@@ -22,7 +22,7 @@ ms.topic: article
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-managealerts-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-managealerts-abovefoldlink)
Microsoft Defender ATP notifies you of possible malicious events, attributes, and contextual information through alerts. A summary of new alerts is displayed in the **Security operations dashboard**, and you can access all alerts in the **Alerts queue**.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-allowed-blocked-list.md b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-allowed-blocked-list.md
deleted file mode 100644
index b30f739163..0000000000
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-allowed-blocked-list.md
+++ /dev/null
@@ -1,68 +0,0 @@
----
-title: Manage automation allowed/blocked lists
-description: Create lists that control what items are automatically blocked or allowed during an automatic investigation.
-keywords: manage, automation, whitelist, blacklist, block, clean, malicious
-search.product: eADQiWindows 10XVcnh
-search.appverid: met150
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: macapara
-author: mjcaparas
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance
-ms.topic: article
----
-
-# Manage automation allowed/blocked lists
-
-**Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-
-
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink)
-
-Create a rule to control which entities are automatically incriminated or exonerated during Automated investigations.
-
-Entities added to the allowed list are considered safe and will not be analyzed during Automated investigations.
-
-Entities added to the blocked list are considered malicious and will be remediated during Automated investigations.
-
-You can define the conditions for when entities are identified as malicious or safe based on certain attributes such as hash values or certificates.
-
-## Create an allowed or blocked list
-1. In the navigation pane, select **Settings** > **Automation allowed/blocked list**.
-
-2. Select the tab of the type of entity you'd like to create an exclusion for. Currently, you can add a rule for certificates.
-
-3. Select **Add allowed/blocked list rule**.
-
-4. For each attribute specify the exclusion type, details, and their corresponding required values.
-
-5. Click **Add rule**.
-
-## Edit a list
-1. In the navigation pane, select **Settings** > **Automation allowed/blocked list**.
-
-2. Select the tab of the entity type you'd like to edit the list from.
-
-3. Update the details of the rule and click **Update rule**.
-
-## Delete a list
-1. In the navigation pane, select **Settings** > **Automation allowed/blocked list**.
-
-2. Select the tab of the entity type you'd like to delete the list from.
-
-3. Select the list type by clicking the check-box beside the list type.
-
-4. Click **Delete**.
-
-
-## Related topics
-- [Manage automation file uploads](manage-automation-file-uploads.md)
-- [Manage indicators](manage-indicators.md)
-- [Manage automation folder exclusions](manage-automation-folder-exclusions.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md
index cdf8cabeb1..e79bbef836 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md
@@ -26,7 +26,7 @@ ms.topic: article
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationefileuploads-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-automationefileuploads-abovefoldlink)
Enable the content analysis capability so that certain files and email attachments can automatically be uploaded to the cloud for additional inspection in Automated investigation.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md
index 2ff51aee05..a919bff814 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md
@@ -26,7 +26,7 @@ ms.topic: article
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionfolder-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-automationexclusionfolder-abovefoldlink)
Automation folder exclusions allow you to specify folders that the Automated investigation will skip.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md
index a5f617c624..f0cf3d6772 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md
@@ -1,4 +1,4 @@
----
+---
title: Manage indicators
ms.reviewer:
description: Create indicators for a file hash, IP address, URLs or domains that define the detection, prevention, and exclusion of entities.
@@ -23,32 +23,121 @@ ms.topic: article
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+[!include[Prerelease information](prerelease.md)]
+
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink)
+Indicator of compromise (IoCs) matching is an essential feature in every endpoint protection solution. This capability is available in Microsoft Defender ATP and gives SecOps the ability to set a list of indicators for detection and for blocking (prevention and response).
+
Create indicators that define the detection, prevention, and exclusion of entities. You can define the action to be taken as well as the duration for when to apply the action as well as the scope of the machine group to apply it to.
-On the top navigation you can:
+Currently supported sources are the cloud detection engine of Microsoft Defender ATP, the automated investigation and remediation engine, and the endpoint prevention engine (Windows Defender AV).
-- Import a list
-- Add an indicator
-- Customize columns to add or remove columns
-- Export the entire list in CSV format
-- Select the items to show per page
-- Navigate between pages
-- Apply filters
+**Cloud detection engine**
+The cloud detection engine of Microsoft Defender ATP regularly scans collected data and tries to match the indicators you set. When there is a match, action will be taken according to the settings you specified for the IoC.
-## Create an indicator
+**Endpoint prevention engine**
+The same list of indicators is honored by the prevention agent. Meaning, if Windows Defender AV is the primary AV configured, the matched indicators will be treated according to the settings. For example, if the action is "Alert and Block", Windows Defender AV will prevent file executions (block and remediate) and a corresponding alert will be raised. On the other hand, if the Action is set to "Allow", Windows Defender AV will not detect nor block the file from being run.
+
+**Automated investigation and remediation engine**
+The automated investigation and remediation behave the same. If an indicator is set to "Allow", Automated investigation and remediation will ignore a "bad" verdict for it. If set to "Block", Automated investigation and remediation will treat it as "bad".
+
+
+The current supported actions are:
+- Allow
+- Alert only
+- Alert and block
+
+
+You can create an indicator for:
+- Files
+- IP addresses
+- URLs/domains
+
+>[!NOTE]
+>There is a limit of 5000 indicators per tenant.
+
+
+
+
+
+## Create indicators for files
+You can prevent further propagation of an attack in your organization by banning potentially malicious files or suspected malware. If you know a potentially malicious portable executable (PE) file, you can block it. This operation will prevent it from being read, written, or executed on machines in your organization.
+
+There are two ways you can create indicators for files:
+- By creating an indicator through the settings page
+- By creating a contextual indicator using the add indicator button from the file details page
+
+### Before you begin
+It's important to understand the following prerequisites prior to creating indicators for files:
+- This feature is available if your organization uses Windows Defender Antivirus and Cloud–based protection is enabled. For more information, see [Manage cloud–based protection](../windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md).
+- The Antimalware client version must be 4.18.1901.x or later.
+- Supported on machines on Windows 10, version 1703 or later.
+- To start blocking files, you first need to [turn the **Block or allow** feature on](advanced-features.md) in Settings.
+- This feature is designed to prevent suspected malware (or potentially malicious files) from being downloaded from the web. It currently supports portable executable (PE) files, including _.exe_ and _.dll_ files. The coverage will be extended over time.
+
+>[!IMPORTANT]
+>- The allow or block function cannot be done on files if the file's classification exists on the device's cache prior to the allow or block action
+>- Trusted signed files will be treated differently. Microsoft Defender ATP is optimized to handle malicious files. Trying to block trusted signed files, in some cases, may have performance implications.
+>- The PE file needs to be in the machine timeline for you to be able to take this action.
+
+
+>[!NOTE]
+>There may be a couple of minutes of latency between the time the action is taken and the actual file being blocked.
+
+### Create an indicator for files from the settings page
1. In the navigation pane, select **Settings** > **Indicators**.
-2. Select the tab of the type of entity you'd like to create an indicator for. You can choose any of the following entities:
- - File hash
- - IP address
- - URLs/Domains
-
-3. Click **Add indicator**.
+2. Select the **File hash** tab.
-4. For each attribute specify the following details:
+3. Select **Add indicator**.
+
+4. Specify the following details:
+ - Indicator - Specify the entity details and define the expiration of the indicator.
+ - Action - Specify the action to be taken and provide a description.
+ - Scope - Define the scope of the machine group.
+
+5. Review the details in the Summary tab, then click **Save**.
+
+### Create a contextual indicator from the file details page
+One of the options when taking [response actions on a file](respond-file-alerts.md) is adding an indicator for the file.
+
+When you add an indicator hash for a file, you can choose to raise an alert and block the file whenever a machine in your organization attempts to run it.
+
+Files automatically blocked by an indicator won't show up in the files's Action center, but the alerts will still be visible in the Alerts queue.
+
+
+## Create indicators for IPs and URLs/domains (preview)
+Microsoft Defender ATP can block what Microsoft deems as malicious IPs/URLs through SmartScreen for Microsoft browsers and Network Protection for non-Microsoft browsers and calls made outside the browser.
+
+The threat intelligence data set for this has been managed by Microsoft.
+
+By creating indicators for IPs and URLs or domains, you can now allow or block IPs, URLs or domains based on your own threat intelligence. You can do this through the settings page or by machine groups if you deem certain groups to be more or less at risk than others.
+
+### Before you begin
+It's important to understand the following prerequisites prior to creating indicators for IPS, URLs or domains:
+- URL/IP allow and block relies on the Microsoft Defender ATP component Network Protection to be enabled in block mode. For more information on Network Protection and configuration instructions, see [Protect your network](network-protection.md).
+- The Antimalware client version must be 4.18.1906.x or later.
+- Supported on machines on Windows 10, version 1709 or later.
+- Ensure that **Custom network indicators** is enabled in **Microsoft Defender Security Center > Settings > Advanced features**. For more information, see [Advanced features](advanced-features.md).
+
+
+>[!IMPORTANT]
+> Only external IPs can be added to the indicator list. Indicators cannot be created for internal IPs.
+
+>[!NOTE]
+>There may be up to 2 hours latency (usually less) between the time the action is taken, and the URL and IP being blocked.
+
+### Create an indicator for IPs, URLs or domains from the settings page
+
+1. In the navigation pane, select **Settings** > **Indicators**.
+
+2. Select the **IP addresses or URLs/Domains** tab.
+
+3. Select **Add indicator**.
+
+4. Specify the following details:
- Indicator - Specify the entity details and define the expiration of the indicator.
- Action - Specify the action to be taken and provide a description.
- Scope - Define the scope of the machine group.
@@ -56,10 +145,6 @@ On the top navigation you can:
5. Review the details in the Summary tab, then click **Save**.
->[!NOTE]
->Blocking IPs, domains, or URLs is currently available on limited preview only.
->This requires sending your custom list to [network protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection) to be enforced which is an option that will be generally available soon.
->As it is not yet generally available, when Automated investigations finds this indicator during an investigation it will use the allowed/block list as the basis of its decision to automatically remediate (blocked list) or skip (allowed list) the entity.
## Manage indicators
@@ -69,12 +154,14 @@ On the top navigation you can:
3. Update the details of the indicator and click **Save** or click the **Delete** button if you'd like to remove the entity from the list.
-## Import a list
+## Import a list of IoCs
You can also choose to upload a CSV file that defines the attributes of indicators, the action to be taken, and other details.
Download the sample CSV to know the supported column attributes.
## Related topic
+- [Create contextual IoC](respond-file-alerts.md#add-indicator-to-block-or-allow-a-file)
+- [Use the Microsoft Defender ATP indicators API](ti-indicator.md)
+- [Use partner integrated solutions](partner-applications.md)
-- [Manage automation allowed/blocked lists](manage-automation-allowed-blocked-list.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
index c4c4ca728b..30bbd5efe4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-mgt-apis-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mgt-apis-abovefoldlink)
Microsoft Defender ATP supports a wide variety of options to ensure that customers can easily adopt the platform.
@@ -52,7 +52,6 @@ An important aspect of machine management is the ability to analyze the environm
Topic | Description
:---|:---
Understand threat intelligence concepts | Learn about alert definitions, indicators of compromise, and other threat intelligence concepts.
-Supported Microsoft Defender ATP APIs | Learn more about the individual supported entities where you can run API calls to and details such as HTTP request values, request headers and expected responses.
Managed security service provider | Get a quick overview on managed security service provider support.
@@ -61,7 +60,7 @@ Managed security service provider | Get a quick overview on managed security ser
## Related topics
- [Onboard machines](onboard-configure.md)
- [Enable the custom threat intelligence application](enable-custom-ti.md)
-- [Microsoft Defender ATP Public API](use-apis.md)
+- [Microsoft Defender ATP Public API](apis-intro.md)
- [Pull alerts to your SIEM tools](configure-siem.md)
- [Create and build Power BI reports using Microsoft Defender ATP data](powerbi-reports.md)
- [Role-based access control](rbac.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
index 70561d13b0..33bd480db3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
@@ -19,9 +19,9 @@ ms.topic: conceptual
# Microsoft Defender Advanced Threat Protection
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-main-abovefoldlink)
+> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-main-abovefoldlink)
>
->For more info about Windows 10 Enterprise Edition features and functionality, see [Windows 10 Enterprise edition](https://www.microsoft.com/WindowsForBusiness/buy).
+> For more info about Windows 10 Enterprise Edition features and functionality, see [Windows 10 Enterprise edition](https://www.microsoft.com/WindowsForBusiness/buy).
Microsoft Defender Advanced Threat Protection is a platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.
@@ -66,9 +66,9 @@ Microsoft Defender ATP uses the following combination of technology built into W
->[!TIP]
->- Learn about the latest enhancements in Microsoft Defender ATP: [What's new in Microsoft Defender ATP](https://cloudblogs.microsoft.com/microsoftsecure/2018/11/15/whats-new-in-windows-defender-atp/).
->- Microsoft Defender ATP demonstrated industry-leading optics and detection capabilities in the recent MITRE evaluation. Read: [Insights from the MITRE ATT&CK-based evaluation](https://cloudblogs.microsoft.com/microsoftsecure/2018/12/03/insights-from-the-mitre-attack-based-evaluation-of-windows-defender-atp/).
+> [!TIP]
+> - Learn about the latest enhancements in Microsoft Defender ATP: [What's new in Microsoft Defender ATP](https://cloudblogs.microsoft.com/microsoftsecure/2018/11/15/whats-new-in-windows-defender-atp/).
+> - Microsoft Defender ATP demonstrated industry-leading optics and detection capabilities in the recent MITRE evaluation. Read: [Insights from the MITRE ATT&CK-based evaluation](https://cloudblogs.microsoft.com/microsoftsecure/2018/12/03/insights-from-the-mitre-attack-based-evaluation-of-windows-defender-atp/).
@@ -78,7 +78,7 @@ This built-in capability uses a game-changing risk-based approach to the discove
**[Attack surface reduction](overview-attack-surface-reduction.md)**
-The attack surface reduction set of capabilities provide the first line of defense in the stack. By ensuring configuration settings are properly set and exploit mitigation techniques are applied, these set of capabilities resist attacks and exploitations.
+The attack surface reduction set of capabilities provide the first line of defense in the stack. By ensuring configuration settings are properly set and exploit mitigation techniques are applied, these set of capabilities resist attacks and exploitation.
@@ -99,7 +99,7 @@ In conjunction with being able to quickly respond to advanced attacks, Microsoft
**[Secure score](overview-secure-score.md)**
->[!NOTE]
+> [!NOTE]
> Secure score is now part of [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) as [Configuration score](configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page.
Microsoft Defender ATP includes a secure score to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security of your organization.
@@ -127,7 +127,7 @@ To help you maximize the effectiveness of the security platform, you can configu
Topic | Description
:---|:---
[Overview](overview.md) | Understand the concepts behind the capabilities in Microsoft Defender ATP so you take full advantage of the complete threat protection platform.
-[Get started](get-started.md) | Learn about the requirements of the platform and the initial steps you need to take to get started with Microsoft Defender ATP.
+[Minimum requirements](minimum-requirements.md) | Learn about the requirements of the platform and the initial steps you need to take to get started with Microsoft Defender ATP.
[Configure and manage capabilities](onboard.md)| Configure and manage the individual capabilities in Microsoft Defender ATP.
[Troubleshoot Microsoft Defender ATP](troubleshoot-mdatp.md) | Learn how to address issues that you might encounter while using the platform.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
index f799ef59bc..71b44a53e7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
@@ -1,8 +1,8 @@
---
title: Microsoft Threat Experts
ms.reviewer:
-description: Microsoft Threat Experts is the new managed threat hunting service in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) that provides proactive hunting, prioritization, and additional context and insights that further empower security operations centers (SOCs) to identify and respond to threats quickly and accurately. It provides additional layer of expertise and optics that Microsoft customers can utilize to augment security operation capabilities as part of Microsoft 365.
-keywords: managed threat hunting service, managed threat hunting, MTE, Microsoft Threat Experts
+description: Microsoft Threat Experts is the new managed detection and response (MDR) service in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) that provides proactive hunting, prioritization, and additional context and insights that further empower security operations centers (SOCs) to identify and respond to threats quickly and accurately. It provides additional layer of expertise and optics that Microsoft customers can utilize to augment security operation capabilities as part of Microsoft 365.
+keywords: managed threat hunting service, managed threat hunting, managed detection and response (MDR) service, MTE, Microsoft Threat Experts
search.product: Windows 10
search.appverid: met150
ms.prod: w10
@@ -24,8 +24,7 @@ ms.topic: conceptual
[!include[Prerelease information](prerelease.md)]
-
-Microsoft Threat Experts is a managed hunting service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don’t get missed.
+Microsoft Threat Experts is a managed detection and response (MDR) service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don’t get missed.
This new capability provides expert-driven insights and data through targeted attack notification and access to experts on demand.
@@ -36,9 +35,9 @@ Microsoft Threat Experts provides proactive hunting for the most important threa
- Identifying the most important risks, helping SOCs maximize time and energy
- Scope of compromise and as much context as can be quickly delivered to enable fast SOC response.
-## Collaborate with experts, on demand
+## Collaborate with experts, on demand
>[!NOTE]
->The Microsoft Threat Experts' experts-on-demand capability is still in preview. You can only use the experts-on-demand capability if you have applied for preview and your application has been approved.
+>The Microsoft Threat Experts' experts-on-demand capability is still in preview. You can only use the experts-on-demand capability if you have applied for preview and your application has been approved.
Customers can engage our security experts directly from within Microsoft Defender Security Center for timely and accurate response. Experts provide insights needed to better understand the complex threats affecting your organization, from alert inquiries, potentially compromised machines, root cause of a suspicious network connection, to additional threat intelligence regarding ongoing advanced persistent threat campaigns. With this capability, you can:
@@ -47,6 +46,19 @@ Customers can engage our security experts directly from within Microsoft Defende
- Determine risk and protection regarding threat actors, campaigns, or emerging attacker techniques
- Seamlessly transition to Microsoft Incident Response (IR) or other third-party Incident Response services when necessary
+The option to **Consult a threat expert** is available in several places in the portal so you can engage with experts in the context of your investigation:
+
+- **Help and support menu**
+
+
+- **Machine page actions menu**
+
+
+- **Alerts page actions menu**
+
+
+- **File page actions menu**
+
## Related topic
- [Configure Microsoft Threat Experts capabilities](configure-microsoft-threat-experts.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
index ba54f650be..c4f7ae5fd8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
There are some minimum requirements for onboarding machines to the service. Learn about the licensing, hardware and software requirements, and other configuration settings to onboard devices to the service.
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-minreqs-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-minreqs-abovefoldlink)
>[!TIP]
@@ -38,7 +38,7 @@ Microsoft Defender Advanced Threat Protection requires one of the following Micr
- Windows 10 Education E5
- Microsoft 365 E5 (M365 E5) which includes Windows 10 Enterprise E5
-For more information on the array of features in Windows 10 editions, see [Compare Windows 10 editions](https://www.microsoft.com/en-us/windowsforbusiness/compare).
+For more information on the array of features in Windows 10 editions, see [Compare Windows 10 editions](https://www.microsoft.com/windowsforbusiness/compare).
For a detailed comparison table of Windows 10 commercial edition comparison, see the [comparison PDF](https://go.microsoft.com/fwlink/p/?linkid=2069559).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md b/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md
index 35519d3909..4859c4cd49 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md
@@ -22,7 +22,7 @@ ms.topic: conceptual
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-mssp-support-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
index cc13be6a2b..3a670e00a5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
@@ -1,7 +1,7 @@
---
-title: Next-generation Threat & Vulnerability Management
+title: Threat & Vulnerability Management
description: This new capability uses a game-changing risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.
-keywords: threat and vulnerability management, MDATP-TVM, vulnerability management, threat and vulnerability scanning
+keywords: threat & vulnerability management, threat and vulnerability management, MDATP TVM, MDATP-TVM, vulnerability management, vulnerability assessment, threat and vulnerability scanning, secure configuration asessment, windows defender atp, microsoft defender atp, endpoint vulnerabilities
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
diff --git a/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md b/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md
index ada385d846..7d9e52a115 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md
@@ -27,7 +27,7 @@ ms.topic: conceptual
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-offboardmachines-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-offboardmachines-abovefoldlink)
Follow the corresponding instructions depending on your preferred deployment method.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt b/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt
index f06995f573..9dd1998f62 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt
+++ b/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt
@@ -392,7 +392,6 @@
####### [Get domain related alerts](get-domain-related-alerts.md)
####### [Get domain related machines](get-domain-related-machines.md)
####### [Get domain statistics](get-domain-statistics.md)
-####### [Is domain seen in organization (Deprecated)](is-domain-seen-in-org.md)
###### [File]()
####### [Methods and properties](files.md)
@@ -403,9 +402,7 @@
###### [IP]()
####### [Get IP related alerts](get-ip-related-alerts.md)
-####### [Get IP related machines (Deprecated)](get-ip-related-machines.md)
####### [Get IP statistics](get-ip-statistics.md)
-####### [Is IP seen in organization (Deprecated)](is-ip-seen-org.md)
###### [User]()
####### [Methods](user.md)
@@ -428,13 +425,13 @@
##### [Experiment with custom threat intelligence alerts](experiment-custom-ti.md)
##### [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti.md)
-#### [Pull alerts to your SIEM tools]()
-##### [Learn about different ways to pull alerts](configure-siem.md)
+#### [Pull Detections to your SIEM tools]()
+##### [Learn about different ways to pull Detections](configure-siem.md)
##### [Enable SIEM integration](enable-siem-integration.md)
-##### [Configure Splunk to pull alerts](configure-splunk.md)
-##### [Configure HP ArcSight to pull alerts](configure-arcsight.md)
-##### [Microsoft Defender ATP SIEM alert API fields](api-portal-mapping.md)
-##### [Pull alerts using SIEM REST API](pull-alerts-using-rest-api.md)
+##### [Configure Splunk to pull Detections](configure-splunk.md)
+##### [Configure HP ArcSight to pull Detections](configure-arcsight.md)
+##### [Microsoft Defender ATP Detection fields](api-portal-mapping.md)
+##### [Pull Detections using SIEM REST API](pull-alerts-using-rest-api.md)
##### [Troubleshoot SIEM tool integration issues](troubleshoot-siem.md)
#### [Reporting]()
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md
index e6720fb5ed..88b05d98e7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
[!include[Prerelease information](prerelease.md)]
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
You'll need to go the onboarding section of the Microsoft Defender ATP portal to onboard any of the supported devices. Depending on the device, you'll be guided with appropriate steps and provided management and deployment tool options suitable for the device.
@@ -46,7 +46,7 @@ Topic | Description
[Configure proxy and Internet settings](configure-proxy-internet.md)| Enable communication with the Microsoft Defender ATP cloud service by configuring the proxy and Internet connectivity settings.
[Troubleshoot onboarding issues](troubleshoot-onboarding.md) | Learn about resolving issues that might arise during onboarding.
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-belowfoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-belowfoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md
index 1d8fa91df1..800d493402 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md
@@ -28,7 +28,7 @@ ms.topic: article
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-downlevel-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-downlevel-abovefoldlink)
Microsoft Defender ATP extends support to include down-level operating systems, providing advanced attack detection and investigation capabilities on supported Windows versions.
@@ -64,7 +64,7 @@ Review the following details to verify minimum system requirements:
- Install the [Update for customer experience and diagnostic telemetry](https://support.microsoft.com/help/3080149/update-for-customer-experience-and-diagnostic-telemetry)
-- Install either [.NET framework 4.5](https://www.microsoft.com/en-us/download/details.aspx?id=30653) (or later) or [KB3154518](https://support.microsoft.com/help/3154518/support-for-tls-system-default-versions-included-in-the-net-framework)
+- Install either [.NET framework 4.5](https://www.microsoft.com/download/details.aspx?id=30653) (or later) or [KB3154518](https://support.microsoft.com/help/3154518/support-for-tls-system-default-versions-included-in-the-net-framework)
>[!NOTE]
>Only applicable for Windows 7 SP1 Enterprise and Windows 7 SP1 Pro.
@@ -112,7 +112,7 @@ Agent Resource | Ports
## Offboard client endpoints
To offboard, you can uninstall the MMA agent from the endpoint or detach it from reporting to your Microsoft Defender ATP workspace. After offboarding the agent, the endpoint will no longer send sensor data to Microsoft Defender ATP.
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-downlevele-belowfoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-downlevele-belowfoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md b/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md
index 9579771415..8398ee9986 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md
@@ -1,16 +1,16 @@
---
-title: Custom detections overview
+title: Overview of custom detections in Microsoft Defender ATP
ms.reviewer:
-description: Understand how you can leverage the power of advanced hunting to create custom detections
-keywords: custom detections, detections, advanced hunting, hunt, detect, query
+description: Understand how you can use Advanced hunting to create custom detections and generate alerts
+keywords: custom detections, alerts, detection rules, advanced hunting, hunt, query, response actions, interval, mdatp, microsoft defender atp
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
-ms.author: macapara
-author: mjcaparas
+ms.author: lomayor
+author: lomayor
ms.localizationpriority: medium
manager: dansimp
audience: ITPro
@@ -23,18 +23,16 @@ ms.topic: conceptual
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+With custom detections, you can proactively monitor for and respond to various events and system states, including suspected breach activity and misconfigured machines. This is made possible by customizable detection rules that automatically trigger alerts as well as response actions.
-Alerts in Microsoft Defender ATP are surfaced through the system based on signals gathered from endpoints. With custom detections, you can create custom queries to monitor events for any kind of behavior such as suspicious events or emerging threats.
+Custom detections work with [Advanced hunting](overview-hunting.md), which provides a powerful, flexible query language that covers a broad set of event and system information from your network. The queries run every 24 hours, generating alerts and taking response actions whenever there are matches.
-This can be done by leveraging the power of [Advanced hunting](overview-hunting.md) through the creation of custom detection rules.
-Custom detections are queries that run periodically every 24 hours and can be configured so that when the query meets the criteria you set, alerts are created and are surfaced in Microsoft Defender Security Center. These alerts will be treated like any other alert in the system.
-
-This capability is particularly useful for scenarios when you want to pro-actively prevent threats and be notified quickly of emerging threats.
+Custom detections provide:
+- Alerts from rule-based detections built from Advanced hunting queries
+- Automatic response actions that apply to files and machines
>[!NOTE]
>To create and manage custom detections, [your role](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group) needs to have the **manage security settings** permission.
## Related topic
-- [Create custom detection rules](custom-detection-rules.md)
-
-
+- [Create and manage custom detection rules](custom-detection-rules.md)
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md b/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md
index 84cf299759..060f4d77f0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
Enterprise security teams can use Microsoft Defender Security Center to monitor and assist in responding to alerts of potential advanced persistent threat (APT) activity or data breaches.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md
index 53cae96485..c11e8a4597 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md
@@ -22,12 +22,14 @@ ms.topic: article
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->[!Note]
+>[!NOTE]
> Currently this API is supported only for AppOnly context requests. (See [Get access with application context](exposed-apis-create-app-webapp.md) for more information)
- Submits or Updates new [Indicator](ti-indicator.md) entity.
+>[!NOTE]
+>There is a limit of 5000 indicators per tenant.
## Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Get started](apis-intro.md)
@@ -116,3 +118,6 @@ Content-type: application/json
}
```
+
+## Related topic
+- [Manage indicators](manage-indicators.md)
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/powerbi-reports.md b/windows/security/threat-protection/microsoft-defender-atp/powerbi-reports.md
index 8a85c8796f..ca18de6ec8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/powerbi-reports.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/powerbi-reports.md
@@ -9,6 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
author: mjcaparas
+ms.author: macaparas
ms.localizationpriority: medium
manager: dansimp
audience: ITPro
@@ -28,7 +29,7 @@ ms.topic: article
> [!TIP]
> Go to **Advanced features** in the **Settings** page to turn on the preview features.
>
-> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-powerbireports-abovefoldlink)
+> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-powerbireports-abovefoldlink)
Understand the security status of your organization, including the status of machines, alerts, and investigations using the Microsoft Defender ATP reporting feature that integrates with Power BI.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/powershell-example-code.md b/windows/security/threat-protection/microsoft-defender-atp/powershell-example-code.md
index f61fc0625f..f74cd077fd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/powershell-example-code.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/powershell-example-code.md
@@ -172,7 +172,7 @@ $ioc =
-Method Post -Headers $headers -Body ($iocPayload | ConvertTo-Json)
```
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-psexample-belowfoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-psexample-belowfoldlink)
## Related topics
diff --git a/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md b/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md
index e5f2d93731..2eede71088 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md
@@ -22,7 +22,7 @@ ms.topic: article
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-prefsettings-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-prefsettings-abovefoldlink)
Use the **Settings** menu to modify general settings, advanced features, enable the preview experience, email notifications, and the custom threat intelligence feature.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md b/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md
index b92d9d416a..5aef332edd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md
@@ -21,7 +21,7 @@ ms.topic: article
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-previewsettings-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-previewsettings-abovefoldlink)
Turn on the preview experience setting to be among the first to try upcoming features.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview.md b/windows/security/threat-protection/microsoft-defender-atp/preview.md
index a18bcddf2c..a3780835a9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/preview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
The Microsoft Defender ATP service is constantly being updated to include new feature enhancements and capabilities.
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-preview-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-preview-abovefoldlink)
Learn about new features in the Microsoft Defender ATP preview release and be among the first to try upcoming features by turning on the preview experience.
@@ -42,16 +42,19 @@ Turn on the preview experience setting to be among the first to try upcoming fea
## Preview features
The following features are included in the preview release:
-- [Evaluation lab](evaluation-lab.md)
The Microsoft Defender ATP evaluation lab is designed to eliminate the complexities of machine and environment configuration so that you can
- focus on evaluating the capabilities of the platform, running simulations, and seeing the prevention, detection, and remediation features in action.
+- [Connected Azure AD applications](connected-applications.md)
The Connected applications page provides information about the Azure AD applications connected to Microsoft Defender ATP in your organization.
-- [Windows Server 2008 R2 SP1](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints#windows-server-2008-r2-sp1--windows-server-2012-r2-and-windows-server-2016)
You can now onboard Windows Server 2008 R2 SP1.
+- [API Explorer](api-explorer.md)
The API explorer makes it easy to construct and perform API queries, test and send requests for any available Microsoft Defender ATP API endpoint.
+
+- [Tamper Protection settings in Intune](../windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md#turn-tamper-protection-on-or-off-for-your-organization-with-intune)
You can now turn Tamper Protection on (or off) for your organization in the Microsoft 365 Device Management portal (Intune).
+
+- [Microsoft Threat Experts - Experts on Demand](microsoft-threat-experts.md)
You now have the option to consult with Microsoft Threat Experts from several places in the portal to help you in the context of your investigation.
+
+- [Indicators for IP addresses, URLs/Domains](manage-indicators.md)
You can now allow or block URLs/domains using your own threat intelligence.
- [Microsoft Defender ATP for Mac](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac)
Microsoft Defender ATP for Mac brings the next-generation protection, and endpoint detection and response coverage to Mac devices. Core components of the unified endpoint security platform will now be available for Mac devices.
-- [Live response](live-response.md)
Get instantaneous access to a machine using a remote shell connection. Do in-depth investigative work and take immediate response actions to promptly contain identified threats – real-time.
-
-- [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
A new built-in capability that uses a risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.
+- [Threat & Vulnerability Management Report inaccuracy](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation#report-inaccuracy)
You can report a false positive when you see any vague, inaccurate, incomplete, or already remediated [security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation#report-inaccuracy), [software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory#report-inaccuracy), and [discovered vulnerabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses#report-inaccuracy).
- [Machine health and compliance report](machine-reports.md) The machine health and compliance report provides high-level information about the devices in your organization.
@@ -71,4 +74,4 @@ Information protection is an integral part of Microsoft 365 Enterprise suite, pr
- [Power BI reports using Microsoft Defender ATP data](powerbi-reports.md)
Microsoft Defender ATP makes it easy to create a Power BI dashboard by providing an option straight from the portal.
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-preview-belowfoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-preview-belowfoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md b/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md
index abf6c2fb00..3395bce7c7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md
@@ -1,7 +1,7 @@
---
-title: Pull Microsoft Defender ATP alerts using REST API
-description: Pull alerts from Microsoft Defender ATP REST API.
-keywords: alerts, pull alerts, rest api, request, response
+title: Pull Microsoft Defender ATP detections using REST API
+description: Pull detections from Microsoft Defender ATP REST API.
+keywords: detections, pull detections, rest api, request, response
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
@@ -17,16 +17,20 @@ ms.collection: M365-security-compliance
ms.topic: article
---
-# Pull Microsoft Defender ATP alerts using SIEM REST API
+# Pull Microsoft Defender ATP detections using SIEM REST API
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-pullalerts-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-pullalerts-abovefoldlink)
-Microsoft Defender ATP supports the OAuth 2.0 protocol to pull alerts from the portal.
+>[!Note]
+>- [Microsoft Defender ATP Alert](alerts.md) is composed from one or more detections
+>- [Microsoft Defender ATP Detection](api-portal-mapping.md) is composed from the suspicious event occurred on the Machine and its related Alert details.
+
+Microsoft Defender ATP supports the OAuth 2.0 protocol to pull detections from the API.
In general, the OAuth 2.0 protocol supports four types of flows:
- Authorization grant flow
@@ -36,19 +40,19 @@ In general, the OAuth 2.0 protocol supports four types of flows:
For more information about the OAuth specifications, see the [OAuth Website](http://www.oauth.net).
-Microsoft Defender ATP supports the _Authorization grant flow_ and _Client credential flow_ to obtain access to generate alerts from the portal, with Azure Active Directory (AAD) as the authorization server.
+Microsoft Defender ATP supports the _Authorization grant flow_ and _Client credential flow_ to obtain access to pull detections, with Azure Active Directory (AAD) as the authorization server.
The _Authorization grant flow_ uses user credentials to get an authorization code, which is then used to obtain an access token.
The _Client credential flow_ uses client credentials to authenticate against the Microsoft Defender ATP endpoint URL. This flow is suitable for scenarios when an OAuth client creates requests to an API that doesn't require user credentials.
-Use the following method in the Microsoft Defender ATP API to pull alerts in JSON format.
+Use the following method in the Microsoft Defender ATP API to pull detections in JSON format.
>[!NOTE]
>Microsoft Defender Security Center merges similar alert detections into a single alert. This API pulls alert detections in its raw form based on the query parameters you set, enabling you to apply your own grouping and filtering.
## Before you begin
-- Before calling the Microsoft Defender ATP endpoint to pull alerts, you'll need to enable the SIEM integration application in Azure Active Directory (AAD). For more information, see [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md).
+- Before calling the Microsoft Defender ATP endpoint to pull detections, you'll need to enable the SIEM integration application in Azure Active Directory (AAD). For more information, see [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md).
- Take note of the following values in your Azure application registration. You need these values to configure the OAuth flow in your service or daemon app:
- Application ID (unique to your application)
@@ -59,7 +63,7 @@ Use the following method in the Microsoft Defender ATP API to pull alerts in JSO
## Get an access token
Before creating calls to the endpoint, you'll need to get an access token.
-You'll use the access token to access the protected resource, which are alerts in Microsoft Defender ATP.
+You'll use the access token to access the protected resource, which are detections in Microsoft Defender ATP.
To get an access token, you'll need to do a POST request to the token issuing endpoint. Here is a sample request:
@@ -105,23 +109,23 @@ Use optional query parameters to specify and control the amount of data returned
Name | Value| Description
:---|:---|:---
-DateTime?sinceTimeUtc | string | Defines the lower time bound alerts are retrieved from, based on field:
`LastProcessedTimeUtc`
The time range will be: from sinceTimeUtc time to current time.
**NOTE**: When not specified, all alerts generated in the last two hours are retrieved.
-DateTime?untilTimeUtc | string | Defines the upper time bound alerts are retrieved.
The time range will be: from `sinceTimeUtc` time to `untilTimeUtc` time.
**NOTE**: When not specified, the default value will be the current time.
-string ago | string | Pulls alerts in the following time range: from `(current_time - ago)` time to `current_time` time.
Value should be set according to **ISO 8601** duration format
E.g. `ago=PT10M` will pull alerts received in the last 10 minutes.
-int?limit | int | Defines the number of alerts to be retrieved. Most recent alerts will be retrieved based on the number defined.
**NOTE**: When not specified, all alerts available in the time range will be retrieved.
-machinegroups | String | Specifies machine groups to pull alerts from.
**NOTE**: When not specified, alerts from all machine groups will be retrieved.
Example:
```https://wdatp-alertexporter-eu.securitycenter.windows.com/api/Alerts/?machinegroups=UKMachines&machinegroups=FranceMachines```
+sinceTimeUtc | DateTime | Defines the lower time bound alerts are retrieved from, based on field:
`LastProcessedTimeUtc`
The time range will be: from sinceTimeUtc time to current time.
**NOTE**: When not specified, all alerts generated in the last two hours are retrieved.
+untilTimeUtc | DateTime | Defines the upper time bound alerts are retrieved.
The time range will be: from `sinceTimeUtc` time to `untilTimeUtc` time.
**NOTE**: When not specified, the default value will be the current time.
+ago | string | Pulls alerts in the following time range: from `(current_time - ago)` time to `current_time` time.
Value should be set according to **ISO 8601** duration format
E.g. `ago=PT10M` will pull alerts received in the last 10 minutes.
+limit | int | Defines the number of alerts to be retrieved. Most recent alerts will be retrieved based on the number defined.
**NOTE**: When not specified, all alerts available in the time range will be retrieved.
+machinegroups | string | Specifies machine groups to pull alerts from.
**NOTE**: When not specified, alerts from all machine groups will be retrieved.
Example:
```https://wdatp-alertexporter-eu.securitycenter.windows.com/api/Alerts/?machinegroups=UKMachines&machinegroups=FranceMachines```
DeviceCreatedMachineTags | string | Single machine tag from the registry.
CloudCreatedMachineTags | string | Machine tags that were created in Microsoft Defender Security Center.
### Request example
-The following example demonstrates how to retrieve all the alerts in your organization.
+The following example demonstrates how to retrieve all the detections in your organization.
```syntax
GET https://wdatp-alertexporter-eu.windows.com/api/alerts
Authorization: Bearer
```
-The following example demonstrates a request to get the last 20 alerts since 2016-09-12 00:00:00.
+The following example demonstrates a request to get the last 20 detections since 2016-09-12 00:00:00.
```syntax
GET https://wdatp-alertexporter-eu.windows.com/api/alerts?limit=20&sinceTimeUtc=2016-09-12T00:00:00.000
@@ -178,14 +182,14 @@ AuthenticationContext context = new AuthenticationContext(string.Format("https:/
ClientCredential clientCredentials = new ClientCredential(clientId, clientSecret);
AuthenticationResult authenticationResult = context.AcquireToken(resource, clientCredentials);
```
-### Use token to connect to the alerts endpoint
+### Use token to connect to the detections endpoint
```
HttpClient httpClient = new HttpClient();
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(authenticationResult.AccessTokenType, authenticationResult.AccessToken);
HttpResponseMessage response = httpClient.GetAsync("https://wdatp-alertexporter-eu.windows.com/api/alert").GetAwaiter().GetResult();
-string alertsJson = response.Content.ReadAsStringAsync().Result;
-Console.WriteLine("Got alert list: {0}", alertsJson);
+string detectionsJson = response.Content.ReadAsStringAsync().Result;
+Console.WriteLine("Got detections list: {0}", detectionsJson);
```
@@ -203,7 +207,7 @@ HTTP error code | Description
## Related topics
- [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md)
-- [Configure ArcSight to pull Microsoft Defender ATP alerts](configure-arcsight.md)
-- [Configure Splunk to pull Microsoft Defender ATP alerts](configure-splunk.md)
-- [Microsoft Defender ATP alert API fields](api-portal-mapping.md)
+- [Configure ArcSight to pull Microsoft Defender ATP detections](configure-arcsight.md)
+- [Configure Splunk to pull Microsoft Defender ATP detections](configure-splunk.md)
+- [Microsoft Defender ATP Detection fields](api-portal-mapping.md)
- [Troubleshoot SIEM tool integration issues](troubleshoot-siem.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/python-example-code.md b/windows/security/threat-protection/microsoft-defender-atp/python-example-code.md
index 58a9f19fcf..f3794d16aa 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/python-example-code.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/python-example-code.md
@@ -176,7 +176,7 @@ with requests.Session() as session:
```
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-pyexample-belowfoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-pyexample-belowfoldlink)
## Related topics
diff --git a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md
index 6dfcdb8e95..f689022abe 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md
@@ -23,7 +23,7 @@ ms.topic: article
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configuresiem-abovefoldlink)
+Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configuresiem-abovefoldlink)
## Before you begin:
diff --git a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md
index d969ecb9ab..a30dc4ead2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md
@@ -23,7 +23,7 @@ ms.topic: article
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configuresiem-abovefoldlink)
+Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configuresiem-abovefoldlink)
## Before you begin:
diff --git a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md
index 3da3cdc512..75e88ccf52 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md
@@ -23,7 +23,7 @@ ms.topic: article
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configuresiem-abovefoldlink)
+- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configuresiem-abovefoldlink)
## Stream Advanced Hunting events to Event Hubs and/or Azure storage account.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/rbac.md b/windows/security/threat-protection/microsoft-defender-atp/rbac.md
index 2264afd86c..20269f37f3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/rbac.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/rbac.md
@@ -23,7 +23,7 @@ ms.topic: article
- Office 365
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-rbac-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-rbac-abovefoldlink)
Using role-based access control (RBAC), you can create roles and groups within your security operations team to grant appropriate access to the portal. Based on the roles and groups you create, you have fine-grained control over what users with access to the portal can see and do.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
index 3910cda2ff..34d1296ea7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
@@ -25,7 +25,7 @@ ms.topic: article
[!include[Prerelease information](prerelease.md)]
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-responddile-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-responddile-abovefoldlink)
Quickly respond to detected attacks by stopping and quarantining files or blocking a file. After taking action on files, you can check activity details in the Action center.
@@ -36,10 +36,23 @@ Response actions run along the top of the file page, and include:
- Stop and Quarantine File
- Add Indicator
- Download file
+- Consult a threat expert
- Action center
You can also submit files for deep analysis, to run the file in a secure cloud sandbox. When the analysis is complete, you'll get a detailed report that provides information about the behavior of the file. You can submit files for deep analysis and read past reports by selecting the **Deep analysis** tab. It's located below the file information cards.
+Some actions require certain permissions. The following table describes what action certain permissions can take on portable executable (PE) and non-PE files:
+
+Permission | PE files | Non-PE files
+:---|:---|:---
+View data | X | X
+Alerts investigation | ☑ | X
+Live response basic | X | X
+Live response advanced | ☑ |☑
+
+For more information on roles, see [Create and manage roles for role-based access control](user-roles.md).
+
+
## Stop and quarantine files in your network
You can contain an attack in your organization by stopping the malicious process and quarantining the file where it was observed.
@@ -157,6 +170,12 @@ When you select this action, a fly-out will appear. From the fly-out, you can re
If a file is not already stored by Microsoft Defender ATP, you cannot download it. Instead, you will see a **Collect file** button in the same location. If a file has not been seen in the organization in the past 30 days, **Collect file** will be disabled.
+## Consult a threat expert
+
+You can consult a Microsoft threat expert for more insights regarding a potentially compromised machine or already compromised ones. Microsoft Threat Experts can be engaged directly from within the Microsoft Defender Security Center for timely and accurate response. Experts provide insights not just regarding a potentially compromised machine, but also to better understand complex threats, targeted attack notifications that you get, or if you need more information about the alerts, or a threat intelligence context that you see on your portal dashboard.
+
+See [Consult a Microsoft Threat Expert](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts#consult-a-microsoft-threat-expert-about-suspicious-cybersecurity-activities-in-your-organization) for details.
+
## Check activity details in Action center
The **Action center** provides information on actions that were taken on a machine or file. You’ll be able to view the following details:
diff --git a/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md
index d9cfb97c3f..5430c0d17a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md
@@ -22,7 +22,7 @@ ms.topic: article
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-respondmachine-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-respondmachine-abovefoldlink)
Quickly respond to detected attacks by isolating machines or collecting an investigation package. After taking action on machines, you can check activity details on the Action center.
@@ -35,6 +35,7 @@ Response actions run along the top of a specific machine page and include:
- Run antivirus scan
- Restrict app execution
- Isolate machine
+- Consult a threat expert
- Action center
@@ -173,6 +174,13 @@ When a machine is being isolated, the following notification is displayed to inf
+## Consult a threat expert
+
+You can consult a Microsoft threat expert for more insights regarding a potentially compromised machine or already compromised ones. Microsoft Threat Experts can be engaged directly from within the Microsoft Defender Security Center for timely and accurate response. Experts provide insights not just regarding a potentially compromised machine, but also to better understand complex threats, targeted attack notifications that you get, or if you need more information about the alerts, or a threat intelligence context that you see on your portal dashboard.
+
+See [Consult a Microsoft Threat Expert](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts#consult-a-microsoft-threat-expert-about-suspicious-cybersecurity-activities-in-your-organization) for details.
+
+
## Check activity details in Action center
The **Action center** provides information on actions that were taken on a machine or file. You’ll be able to view the following details:
@@ -188,3 +196,4 @@ All other related details are also shown, for example, submission date/time, sub
## Related topic
- [Take response actions on a file](respond-file-alerts.md)
+- [Report inaccuracy](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation#report-inaccuracy)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md b/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md
index 731963f220..ea54e6d0ea 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md
@@ -22,7 +22,7 @@ ms.topic: conceptual
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-secopsdashboard-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-secopsdashboard-abovefoldlink)
The **Security operations dashboard** is where the endpoint detection and response capabilities are surfaced. It provides a high level overview of where detections were seen and highlights where response actions are needed.
@@ -116,7 +116,7 @@ The tile shows you a list of user accounts with the most active alerts and the n
Click the user account to see details about the user account. For more information see [Investigate a user account](investigate-user.md).
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-secopsdashboard-belowfoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-secopsdashboard-belowfoldlink)
## Related topics
- [Understand the Microsoft Defender Advanced Threat Protection portal](use.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/service-status.md b/windows/security/threat-protection/microsoft-defender-atp/service-status.md
index afa8a14d4f..0caa79489b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/service-status.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/service-status.md
@@ -24,7 +24,7 @@ ms.topic: article
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-servicestatus-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-servicestatus-abovefoldlink)
The **Service health** provides information on the current status of the Window Defender ATP service. You'll be able to verify that the service health is healthy or if there are current issues. If there are issues, you'll see details related to the issue such as when the issue was detected, what the preliminary root cause is, and the expected resolution time.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/supported-response-apis.md b/windows/security/threat-protection/microsoft-defender-atp/supported-response-apis.md
index c77fa63c0f..a5ad0b88e2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/supported-response-apis.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/supported-response-apis.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-supported-response-apis-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-supported-response-apis-abovefoldlink)
Learn about the supported response related API calls you can run and details such as the required request headers, and expected response from the calls.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
index 499d34f2f0..d63d1f4ea5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
@@ -1,156 +1,163 @@
----
-title: Threat & Vulnerability Management scenarios
-description: Learn how to use Threat & Vulnerability Management in the context of scenarios that Security Administrators encounter when you collaborate with IT Administrators and SecOps as you protect your organization from cybersecurity threats.
-keywords: mdatp-tvm scenarios, mdatp, tvm, tvm scenarios, reduce threat & vulnerability exposure, reduce threat and vulnerability, improve security configuration, increase configuration score, increase threat & vulnerability configuration score, configuration score, exposure score, security controls
-search.product: eADQiWindows 10XVcnh
-search.appverid: met150
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: dolmont
-author: DulceMontemayor
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance
-ms.topic: article
----
-
-# Threat & Vulnerability Management scenarios
-**Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-## Before you begin
-Ensure that your machines:
-- Are onboarded to Microsoft Defender Advanced Threat Protection
-- Run with Windows 10 1709 (Fall Creators Update) or later
-
->[!NOTE]
->Threat & Vulnerability Management can also scan machines that run on Windows 7 and Windows Server 2019 operating systems and detects vulnerabilities addressed in patch Tuesday.
-
-- Have the following mandatory updates installed:
-- (1) RS3 customers | [KB4493441](https://support.microsoft.com/en-us/help/4493441/windows-10-update-kb4493441)
-- (2) RS4 customers | [KB4493464](https://support.microsoft.com/en-us/help/4493464)
-- Are onboarded to Microsoft Intune and System Center Configuration Manager (SCCM). If you are use SCCM, update your console to the latest May version 1905
-- Have at least one security recommendation that can be viewed in the machine page
-- Are tagged or marked as co-managed
-
-
-## Reduce your threat and vulnerability exposure
-Threat & Vulnerability Management introduces a new exposure score metric, which visually represents how exposed your machines are to imminent threats.
-
-The exposure score is continuously calculated on each device in the organization and influenced by the following factors:
-- Weaknesses, such as vulnerabilities discovered on the device
-- External and internal threats such as public exploit code and security alerts
-- Likelihood of the device to get breached given its current security posture
-- Value of the device to the organization given its role and content
-
-The exposure score is broken down into the following levels:
-- 0–29: low exposure score
-- 30–69: medium exposure score
-- 70–100: high exposure score
-
-You can remediate the issues based on prioritized security recommendations to reduce the exposure score. Each software has weaknesses that are transformed into recommendations and prioritized based on risk to the organization.
-
-To lower down your threat and vulnerability exposure:
-
-1. Review the **Top security recommendations** from your **Threat & Vulnerability Management dashboard**, and select the first item on the list. The **Security recommendation** page opens.
-
- >>
-
- >[!NOTE]
- > There are two types of recommendations:
- > - Security update which refers to recommendations that require a package installation
- > - Configuration change which refers to recommendations that require a registry or GPO modification
- > Always prioritize recommendations that are associated with ongoing threats. These recommendations are marked with the threat insight  icon and possible active alert  icon.
-
-2. The **Security recommendations** page shows the list of items to remediate. Select the security recommendation that you need to investigate. When you select a recommendation from the list, a fly-out panel will display a description of what you need to remediate, number of vulnerabilities, associated exploits in machines, number of exposed machines and their machine names, business impact, and a list of CVEs. Click **Open software page** option from the flyout panel. 
-
-3. Click **Installed machines** and select the affected machine from the list to open the flyout panel with the relevant machine details, exposure and risk levels, alert and incident activities. 
-
-4. Click **Open machine page** to connect to the machine and apply the selected recommendation. See [Investigate machines in the Microsoft Defender ATP Machines list](investigate-machines.md) for details. 
-
-5. Allow a few hours for the changes to propagate in the system.
-
-6. Review the machine **Security recommendation** tab again. The recommendation you've chosen to remediate is removed from the security recommendation list, and the exposure score decreases.
-
-## Improve your security configuration
->[!NOTE]
-> Secure score is now part of Threat & Vulnerability Management as [configuration score](configuration-score.md). The secure score page is available for a few weeks. View the [secure score](https://securitycenter.windows.com/securescore) page.
-
-You can improve your security configuration when you remediate issues from the security recommendations list. As you do so, your configuration score improves, which means your organization becomes more resilient against cybersecurity threats and vulnerabilities.
-
-1. From the Configuration score widget, select **Security controls**. The **Security recommendations** page opens and shows the list of issues related to security controls.
-
- >
-
-2. Select the first item on the list. The flyout panel will open with a description of the security controls issue, a short description of the potential risk, insights, configuration ID, exposed machines, and business impact. Click **Remediation options**.
- 
-
-3. Read the description to understand the context of the issue and what to do next. Select a due date, add notes, and select **Export all remediation activity data to CSV** so you can attach it to the email that you can send to your IT Administrator for follow-up.
-
- >.
-
- >You will see a confirmation message that the remediation task has been created.
- >
-
-4. Save your CSV file.
- 
-
-5. Send a follow-up email to your IT Administrator and allow the time that you have allotted for the remediation to propagate in the system.
-
-6. Review the machine **Configuration score** widget again. The number of the security controls issues will decrease. When you click **Security controls** to go back to the **Security recommendations** page, the item that you have addressed will not be listed there anymore, and your configuration score should increase.
-
-## Request a remediation
->[!NOTE]
->To use this capability, enable your Microsoft Intune connections. Navigate to **Settings** > **General** > **Advanced features**. Scroll down and look for **Microsoft Intune connection**. By default, the toggle is turned off. Turn your **Microsoft Intune connection** toggle on.
-
-The Threat & Vulnerability Management capability in Microsoft Defender ATP bridges the gap between Security and IT Administrators through the remediation request workflow.
-
-Security Administrators like you can request for the IT Administrator to remediate a vulnerability from the **Security recommendation** pages to Intune.
-
-1. Click a security recommendation you would like to request remediation for, and then click **Remediation options**.
-
-2. Select **Open a ticket in Intune (for AAD joined devices)**, select a due date, and add optional notes for the IT Administrator. Click **Submit request**.
-
-3. Notify your IT Administrator about the new request and have them log into Intune to approve or reject the request and start a package deployment.
-
-4. Go to the **Remediation** page to view the status of your remediation request.
-
-See [Use Intune to remediate vulnerabilities identified by Microsoft Defender ATP](https://docs.microsoft.com/intune/atp-manage-vulnerabilities) for details.
-
->[!NOTE]
->If your request involves remediating more than 10,000 machines, we can only send 10,000 machines for remediation to Intune.
-
-## File for exception
-With Threat & Vulnerability Management, you can create exceptions for recommendations, as an alternative to a remediation request.
-
-There are many reasons why organizations create exceptions for a recommendation. For example, if there's a business justification that prevents the company from applying the recommendation, the existence of a compensating or alternative control that provides as much protection than the recommendation would, a false positive, among other reasons.
-
-Exceptions can be created for both *Security update* and *Configuration change* recommendations.
-
-When an exception is created for a recommendation, the recommendation is no longer active. The recommendation state changes to **Exception**, and it no longer shows up in the security recommendations list.
-
-
-1. Navigate to the **Security recommendations** page under the **Threat & Vulnerability Management** section menu.
-
-2. Click the top-most recommendation. A flyout panel opens with the recommendation details.
-
-3. Click **Exception options**.
-
-4. Select your justification for the exception you need to file instead of remediating the security recommendation in question. Fill out the justification context, then set the exception duration.
-
-5. Click **Submit**. A confirmation message at the top of the page indicates that the exception has been created.
-
-6. Navigate to the **Remediation** page under the **Threat & Vulnerability Management** menu and click the **Exceptions** tab to view all your exceptions (current and past).
-
-## Related topics
-- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
-- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
-- [Exposure score](tvm-exposure-score.md)
-- [Configuration score](configuration-score.md)
-- [Security recommendations](tvm-security-recommendation.md)
-- [Remediation](tvm-remediation.md)
-- [Software inventory](tvm-software-inventory.md)
-- [Weaknesses](tvm-weaknesses.md)
+---
+title: Threat & Vulnerability Management scenarios
+description: Learn how to use Threat & Vulnerability Management in the context of scenarios that Security Administrators encounter when you collaborate with IT Administrators and SecOps as you protect your organization from cybersecurity threats.
+keywords: mdatp-tvm scenarios, mdatp, tvm, tvm scenarios, reduce threat & vulnerability exposure, reduce threat and vulnerability, improve security configuration, increase configuration score, increase threat & vulnerability configuration score, configuration score, exposure score, security controls
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance
+ms.topic: article
+---
+
+# Threat & Vulnerability Management scenarios
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+## Before you begin
+Ensure that your machines:
+- Are onboarded to Microsoft Defender Advanced Threat Protection
+- Run with Windows 10 1709 (Fall Creators Update) or later
+
+>[!NOTE]
+>Threat & Vulnerability Management can also scan machines that run on Windows 7 and Windows Server 2019 operating systems and detects vulnerabilities addressed in patch Tuesday.
+
+- Have the following mandatory updates installed:
+- (1) RS3 customers | [KB4493441](https://support.microsoft.com/help/4493441/windows-10-update-kb4493441)
+- (2) RS4 customers | [KB4493464](https://support.microsoft.com/help/4493464)
+- Are onboarded to Microsoft Intune and System Center Configuration Manager (SCCM). If you are use SCCM, update your console to the latest May version 1905
+- Have at least one security recommendation that can be viewed in the machine page
+- Are tagged or marked as co-managed
+
+>[!IMPORTANT]
+>To boost your vulnerability assessment detection rates, you can download the following set of optional security updates and deploy them in your network:
+>- 19H1 customers | [KB 4512941](https://support.microsoft.com/help/4512941/windows-10-update-kb4512941)
+>- RS5 customers | [KB 4516077](https://support.microsoft.com/help/4516077/windows-10-update-kb4516077)
+>- RS4 customers | [KB 4516045](https://support.microsoft.com/help/4516045/windows-10-update-kb4516045)
+>- RS3 customers | [KB 4516071](https://support.microsoft.com/help/4516071/windows-10-update-kb4516071)
+>Downloading and deploying the above-mentioned security updates will be mandatory starting Patch Tuesday, October 8, 2019.
+
+## Reduce your threat and vulnerability exposure
+Threat & Vulnerability Management introduces a new exposure score metric, which visually represents how exposed your machines are to imminent threats.
+
+The exposure score is continuously calculated on each device in the organization and influenced by the following factors:
+- Weaknesses, such as vulnerabilities discovered on the device
+- External and internal threats such as public exploit code and security alerts
+- Likelihood of the device to get breached given its current security posture
+- Value of the device to the organization given its role and content
+
+The exposure score is broken down into the following levels:
+- 0–29: low exposure score
+- 30–69: medium exposure score
+- 70–100: high exposure score
+
+You can remediate the issues based on prioritized security recommendations to reduce the exposure score. Each software has weaknesses that are transformed into recommendations and prioritized based on risk to the organization.
+
+To lower down your threat and vulnerability exposure:
+
+1. Review the **Top security recommendations** from your **Threat & Vulnerability Management dashboard**, and select the first item on the list. The **Security recommendation** page opens.
+
+ >>
+
+ >[!NOTE]
+ > There are two types of recommendations:
+ > - Security update which refers to recommendations that require a package installation
+ > - Configuration change which refers to recommendations that require a registry or GPO modification
+ > Always prioritize recommendations that are associated with ongoing threats. These recommendations are marked with the threat insight  icon and possible active alert  icon.
+
+2. The **Security recommendations** page shows the list of items to remediate. Select the security recommendation that you need to investigate. When you select a recommendation from the list, a fly-out panel will display a description of what you need to remediate, number of vulnerabilities, associated exploits in machines, number of exposed machines and their machine names, business impact, and a list of CVEs. Click **Open software page** option from the flyout panel. 
+
+3. Click **Installed machines** and select the affected machine from the list to open the flyout panel with the relevant machine details, exposure and risk levels, alert and incident activities. 
+
+4. Click **Open machine page** to connect to the machine and apply the selected recommendation. See [Investigate machines in the Microsoft Defender ATP Machines list](investigate-machines.md) for details. 
+
+5. Allow a few hours for the changes to propagate in the system.
+
+6. Review the machine **Security recommendation** tab again. The recommendation you've chosen to remediate is removed from the security recommendation list, and the exposure score decreases.
+
+## Improve your security configuration
+>[!NOTE]
+> Secure score is now part of Threat & Vulnerability Management as [configuration score](configuration-score.md). The secure score page is available for a few weeks. View the [secure score](https://securitycenter.windows.com/securescore) page.
+
+You can improve your security configuration when you remediate issues from the security recommendations list. As you do so, your configuration score improves, which means your organization becomes more resilient against cybersecurity threats and vulnerabilities.
+
+1. From the Configuration score widget, select **Security controls**. The **Security recommendations** page opens and shows the list of issues related to security controls.
+
+ >
+
+2. Select the first item on the list. The flyout panel will open with a description of the security controls issue, a short description of the potential risk, insights, configuration ID, exposed machines, and business impact. Click **Remediation options**.
+ 
+
+3. Read the description to understand the context of the issue and what to do next. Select a due date, add notes, and select **Export all remediation activity data to CSV** so you can attach it to the email that you can send to your IT Administrator for follow-up.
+
+ >.
+
+ >You will see a confirmation message that the remediation task has been created.
+ >
+
+4. Save your CSV file.
+ 
+
+5. Send a follow-up email to your IT Administrator and allow the time that you have allotted for the remediation to propagate in the system.
+
+6. Review the machine **Configuration score** widget again. The number of the security controls issues will decrease. When you click **Security controls** to go back to the **Security recommendations** page, the item that you have addressed will not be listed there anymore, and your configuration score should increase.
+
+## Request a remediation
+>[!NOTE]
+>To use this capability, enable your Microsoft Intune connections. Navigate to **Settings** > **General** > **Advanced features**. Scroll down and look for **Microsoft Intune connection**. By default, the toggle is turned off. Turn your **Microsoft Intune connection** toggle on.
+
+The Threat & Vulnerability Management capability in Microsoft Defender ATP bridges the gap between Security and IT Administrators through the remediation request workflow.
+
+Security Administrators like you can request for the IT Administrator to remediate a vulnerability from the **Security recommendation** pages to Intune.
+
+1. Click a security recommendation you would like to request remediation for, and then click **Remediation options**.
+
+2. Select **Open a ticket in Intune (for AAD joined devices)**, select a due date, and add optional notes for the IT Administrator. Click **Submit request**.
+
+3. Notify your IT Administrator about the new request and have them log into Intune to approve or reject the request and start a package deployment.
+
+4. Go to the **Remediation** page to view the status of your remediation request.
+
+See [Use Intune to remediate vulnerabilities identified by Microsoft Defender ATP](https://docs.microsoft.com/intune/atp-manage-vulnerabilities) for details.
+
+>[!NOTE]
+>If your request involves remediating more than 10,000 machines, we can only send 10,000 machines for remediation to Intune.
+
+## File for exception
+With Threat & Vulnerability Management, you can create exceptions for recommendations, as an alternative to a remediation request.
+
+There are many reasons why organizations create exceptions for a recommendation. For example, if there's a business justification that prevents the company from applying the recommendation, the existence of a compensating or alternative control that provides as much protection than the recommendation would, a false positive, among other reasons.
+
+Exceptions can be created for both *Security update* and *Configuration change* recommendations.
+
+When an exception is created for a recommendation, the recommendation is no longer active. The recommendation state changes to **Exception**, and it no longer shows up in the security recommendations list.
+
+
+1. Navigate to the **Security recommendations** page under the **Threat & Vulnerability Management** section menu.
+
+2. Click the top-most recommendation. A flyout panel opens with the recommendation details.
+
+3. Click **Exception options**.
+
+4. Select your justification for the exception you need to file instead of remediating the security recommendation in question. Fill out the justification context, then set the exception duration.
+
+5. Click **Submit**. A confirmation message at the top of the page indicates that the exception has been created.
+
+6. Navigate to the **Remediation** page under the **Threat & Vulnerability Management** menu and click the **Exceptions** tab to view all your exceptions (current and past).
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
+- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
+- [Exposure score](tvm-exposure-score.md)
+- [Configuration score](configuration-score.md)
+- [Security recommendations](tvm-security-recommendation.md)
+- [Remediation](tvm-remediation.md)
+- [Software inventory](tvm-software-inventory.md)
+- [Weaknesses](tvm-weaknesses.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-indicator-concepts.md b/windows/security/threat-protection/microsoft-defender-atp/threat-indicator-concepts.md
index 0be4b4e073..8ad9940788 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-indicator-concepts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-indicator-concepts.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-threatindicator-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-threatindicator-abovefoldlink)
Advanced cybersecurity attacks comprise of multiple complex malicious events, attributes, and contextual information. Identifying and deciding which of these activities qualify as suspicious can be a challenging task. Your knowledge of known attributes and abnormal activities specific to your industry is fundamental in knowing when to call an observed behavior as suspicious.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-protection-integration.md b/windows/security/threat-protection/microsoft-defender-atp/threat-protection-integration.md
index d527fa77fd..c99a26affb 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-protection-integration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-protection-integration.md
@@ -55,7 +55,7 @@ Microsoft Cloud App Security leverages Microsoft Defender ATP endpoint signals t
> Office 365 ATP data is displayed for events within the last 30 days. For alerts, Office 365 ATP data is displayed based on first activity time. After that, the data is no longer available in Office 365 ATP.
## Skype for Business
-The Skype for Business integration provides s a way for analysts to communicate with a potentially compromised user or device owner through ao simple button from the portal.
+The Skype for Business integration provides a way for analysts to communicate with a potentially compromised user or device owner through a simple button from the portal.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md b/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md
index 4d110a041b..1c38ae5395 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md
@@ -28,7 +28,9 @@ Method|Return Type |Description
[Submit Indicator](post-ti-indicator.md) | [Indicator](ti-indicator.md) | Submits [Indicator](ti-indicator.md) entity.
[Delete Indicator](delete-ti-indicator-by-id.md) | No Content | Deletes [Indicator](ti-indicator.md) entity.
-- See the corresponding [page](https://securitycenter.windows.com/preferences2/custom_ti_indicators/files) in the portal:
+- See the corresponding [page](https://securitycenter.windows.com/preferences2/custom_ti_indicators/files) in the portal.
+
+For more information on creating indicators, see [Manage indicators](manage-indicators.md).
# Properties
Property | Type | Description
diff --git a/windows/security/threat-protection/microsoft-defender-atp/time-settings.md b/windows/security/threat-protection/microsoft-defender-atp/time-settings.md
index 7f6c773756..e0ce98100b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/time-settings.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/time-settings.md
@@ -24,7 +24,7 @@ ms.topic: article
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-settings-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-settings-abovefoldlink)
Use the **Time zone** menu  to configure the time zone and view license information.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-asr.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-asr.md
index aec7204fc9..dc8f75b9f2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-asr.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-asr.md
@@ -79,7 +79,7 @@ To add an exclusion, see [Customize Attack surface reduction](customize-attack-s
## Report a false positive or false negative
-Use the [Windows Defender Security Intelligence web-based submission form](https://www.microsoft.com/en-us/wdsi/filesubmission) to report a false negative or false positive for network protection. With an E5 subscription, you can also [provide a link to any associated alert](../microsoft-defender-atp/alerts-queue.md).
+Use the [Windows Defender Security Intelligence web-based submission form](https://www.microsoft.com/wdsi/filesubmission) to report a false negative or false positive for network protection. With an E5 subscription, you can also [provide a link to any associated alert](../microsoft-defender-atp/alerts-queue.md).
## Collect diagnostic data for file submissions
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-custom-ti.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-custom-ti.md
index 159081aa19..0a0c29fec9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-custom-ti.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-custom-ti.md
@@ -48,7 +48,7 @@ If your client secret expires or if you've misplaced the copy provided when you
7. Copy the value and save it in a safe place.
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-troubleshootcustomti-belowfoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-troubleshootcustomti-belowfoldlink)
## Related topics
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-mdatp.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-mdatp.md
index 3cd0504b1f..31804e546b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-mdatp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-mdatp.md
@@ -62,7 +62,7 @@ The following date and time formats are currently not supported:
**Use of comma to indicate thousand**
Support of use of comma as a separator in numbers are not supported. Regions where a number is separated with a comma to indicate a thousand, will only see the use of a dot as a separator. For example, 15,5K is displayed as 15.5K.
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-troubleshoot-belowfoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-troubleshoot-belowfoldlink)
## Microsoft Defender ATP tenant was automatically created in Europe
When you use Azure Security Center to monitor servers, a Microsoft Defender ATP tenant is automatically created. The Microsoft Defender ATP data is stored in Europe by default.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md
index 078fc9543d..e49cc30afe 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md
@@ -24,7 +24,7 @@ ms.topic: troubleshooting
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-troublshootonboarding-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-troublshootonboarding-abovefoldlink)
This page provides detailed steps to troubleshoot issues that might occur when setting up your Microsoft Defender ATP service.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
index 5f81c16bed..bf3d381bd3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
@@ -302,10 +302,10 @@ Microsoft Defender Advanced Threat Protection requires one of the following Micr
- Windows 10 Education E5
- Microsoft 365 Enterprise E5 which includes Windows 10 Enterprise E5
-For more information, see [Windows 10 Licensing](https://www.microsoft.com/en-us/Licensing/product-licensing/windows10.aspx#tab=2).
+For more information, see [Windows 10 Licensing](https://www.microsoft.com/Licensing/product-licensing/windows10.aspx#tab=2).
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-troubleshootonboarding-belowfoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-troubleshootonboarding-belowfoldlink)
## Related topics
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md
index c45bc362d2..6641950721 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md
@@ -25,7 +25,7 @@ ms.topic: troubleshooting
-You might need to troubleshoot issues while pulling alerts in your SIEM tools.
+You might need to troubleshoot issues while pulling detections in your SIEM tools.
This page provides detailed steps to troubleshoot issues you might encounter.
@@ -76,11 +76,11 @@ If you encounter an error when trying to enable the SIEM connector application,
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-troubleshootsiem-belowfoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-troubleshootsiem-belowfoldlink)
## Related topics
- [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md)
-- [Configure ArcSight to pull Microsoft Defender ATP alerts](configure-arcsight.md)
-- [Configure Splunk to pull Microsoft Defender ATP alerts](configure-splunk.md)
-- [Microsoft Defender ATP alert API fields](api-portal-mapping.md)
-- [Pull Microsoft Defender ATP alerts using REST API](pull-alerts-using-rest-api.md)
+- [Configure ArcSight to pull Microsoft Defender ATP detections](configure-arcsight.md)
+- [Configure Splunk to pull Microsoft Defender ATP detections](configure-splunk.md)
+- [Microsoft Defender ATP Detection fields](api-portal-mapping.md)
+- [Pull Microsoft Defender ATP detections using REST API](pull-alerts-using-rest-api.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
index b25ce8e1e3..b6571426ba 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
@@ -2,9 +2,8 @@
title: What's in the dashboard and what it means for my organization's security posture
description: What's in the Threat & Vulnerability Management dashboard and how it can help SecOps and Security Administrators arrive at informed decisions to address cybersecurity threat vulnerabilities and build their organization's security resilience.
keywords: mdatp-tvm, mdatp-tvm dashboard, threat & vulnerability management, risk-based threat & vulnerability management, security configuration, configuration score, exposure score
-search.product: eADQiWindows 10XVcnh
search.appverid: met150
-ms.prod: eADQiWindows 10XVcnh
+search.product: eADQiWindows 10XVcnh
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -21,7 +20,7 @@ ms.topic: conceptual
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
Threat & Vulnerability Management is a component of Microsoft Defender ATP, and provides both security administrators and security operations teams with unique value, including:
- Real-time endpoint detection and response (EDR) insights correlated with endpoint vulnerabilities
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md
index f6488ecbd0..8eebb66298 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md
@@ -1,48 +1,48 @@
----
-title: Exposure score
-description: Your exposure level reflects how vulnerable your organization is to cybersecurity threats. Apply the Threat & Vulnerability Management security recommendations to keep your exposure level low.
-keywords: exposure score, mdatp exposure score, mdatp tvm exposure score, organization exposure score, tvm organization exposure score
-search.product: eADQiWindows 10XVcnh
-search.appverid: met150
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: dolmont
-author: DulceMontemayor
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance
-ms.topic: conceptual
-ms.date: 06/30/2019
----
-# Exposure score
-**Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-Your exposure score reflects how vulnerable your organization is to cybersecurity threats. Low exposure score means your machines are less vulnerable from exploitation.
-
-The widget also gives you a high-level view of your exposure score trend over time. Any spikes in the chart gives you a visual indication of a high cybersecurity threat exposure that you can investigate further.
-
-
-
-## How it works
-
-Several factors affect your organization exposure score:
-- Weakness discovered on the device
-- Likelihood of a device getting breached
-- Value of the device to the organization
-- Relevant alert discovered on the device
-
-Reduce the exposure score by addressing what needs to be remediated based on the prioritized security recommendations. See [Security recommendations](tvm-security-recommendation.md) for details.
-
-## Related topics
-- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
-- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
-- [Configuration score](configuration-score.md)
-- [Security recommendations](tvm-security-recommendation.md)
-- [Remediation](tvm-remediation.md)
-- [Software inventory](tvm-software-inventory.md)
-- [Weaknesses](tvm-weaknesses.md)
-- [Scenarios](threat-and-vuln-mgt-scenarios.md)
+---
+title: Exposure score
+description: Your exposure level reflects how vulnerable your organization is to cybersecurity threats. Apply the Threat & Vulnerability Management security recommendations to keep your exposure level low.
+keywords: exposure score, mdatp exposure score, mdatp tvm exposure score, organization exposure score, tvm organization exposure score
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance
+ms.topic: conceptual
+ms.date: 06/30/2019
+---
+# Exposure score
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+Your exposure score reflects how vulnerable your organization is to cybersecurity threats. Low exposure score means your machines are less vulnerable from exploitation.
+
+The widget also gives you a high-level view of your exposure score trend over time. Any spikes in the chart gives you a visual indication of a high cybersecurity threat exposure that you can investigate further.
+
+
+
+## How it works
+
+Several factors affect your organization exposure score:
+- Weakness discovered on the device
+- Likelihood of a device getting breached
+- Value of the device to the organization
+- Relevant alert discovered on the device
+
+Reduce the exposure score by addressing what needs to be remediated based on the prioritized security recommendations. See [Security recommendations](tvm-security-recommendation.md) for details.
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
+- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
+- [Configuration score](configuration-score.md)
+- [Security recommendations](tvm-security-recommendation.md)
+- [Remediation](tvm-remediation.md)
+- [Software inventory](tvm-software-inventory.md)
+- [Weaknesses](tvm-weaknesses.md)
+- [Scenarios](threat-and-vuln-mgt-scenarios.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
index 6e208209cb..674d4b0309 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
@@ -1,66 +1,66 @@
----
-title: Remediation
-description: You can lower down your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations. Threat & Vulnerability Management bridges the gap between security administration and IT administration during remediation process. It does so by creating a security task or ticket through integration with Microsoft Intune and Microsoft System Center Configuration Manager (SCCM).
-keywords: microsoft defender atp tvm remediation, mdatp tvm, threat & vulnerability management, threat & vulnerability management remediation, tvm remediation intune, tvm remediation sccm
-search.product: eADQiWindows 10XVcnh
-search.appverid: met150
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: dolmont
-author: DulceMontemayor
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance
-ms.topic: conceptual
-ms.date: 04/11/2019
----
-# Remediation
-**Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
->[!NOTE]
->To use this capability, enable your Microsoft Intune connections. Navigate to **Settings** > **General** > **Advanced features**. Scroll down and look for **Microsoft Intune connection**. By default, the toggle is turned off. Turn your **Microsoft Intune connection** toggle on.
-
-After your organization's cybersecurity weaknesses are identified and mapped to actionable security recommendations, you can start creating security tasks through the integration with Microsoft Intune where remediation tickets are created.
-
-You can lower down your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations.
-
-## Navigate through your remediation options
-You'll see your remediation options when you select one of the security recommendation blocks from your **Top security recommendations** widget in the dashboard.
-1. From the flyout panel, you'll see the security recommendation details including your next steps. Click **Remediation options**.
-2. In the **Remediation options** page, select **Open a ticket in Intune (for AAD joined devices)**.
-
->[!NOTE]
->If your request involves remediating more than 10,000 machines, we will only send 10,000 machines for remediation to Intune.
-
-3. Select a remediation due date.
-4. Add notes to give your IT administrator a context of your remediation request. For example, you can indicate urgency of the remediation request to avoid potential exposure to a recent exploit activity, or if the request is a part of compliance.
-
-If you want to check how the ticket shows up in Intune, see [Use Intune to remediate vulnerabilities identified by Microsoft Defender ATP](https://docs.microsoft.com/intune/atp-manage-vulnerabilities) for details.
-
-## How it works
-
-When you submit a remediation request from Threat & Vulnerability Management, it kicks-off a remediation activity.
-
-It creates a security task which will be tracked in Threat & Vulnerability Management **Remediation** page, and it also creates a remediation ticket in Microsoft Intune.
-
-You also have the option to export all remediation activity data to CSV for records, reporting purposes, or if you want to notify your IT administration counterpart that a remediation ticket has been submitted.
-
-The dashboard will show that status of your top remediation activities. Click any of the entries and it will take you to the **Remediation** page. You can mark the remediation activity as completed after the IT administration team remediates the task.
-
-However, if the security recommendation stemmed from a false positive report, or if there are existing business justification that blocks the remediation, such as compensating control, productivity needs, compliance, or if there's already a planned remediation grace period, you can file an exception and indicate the reason. The exceptions you've filed will also show up in the **Remediation** page, in the **Exceptions** tab.
-
-## Related topics
-- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
-- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
-- [Exposure score](tvm-exposure-score.md)
-- [Configuration score](configuration-score.md)
-- [Security recommendation](tvm-security-recommendation.md)
-- [Software inventory](tvm-software-inventory.md)
-- [Weaknesses](tvm-weaknesses.md)
-- [Scenarios](threat-and-vuln-mgt-scenarios.md)
-
-
+---
+title: Remediation
+description: You can lower down your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations. Threat & Vulnerability Management bridges the gap between security administration and IT administration during remediation process. It does so by creating a security task or ticket through integration with Microsoft Intune and Microsoft System Center Configuration Manager (SCCM).
+keywords: microsoft defender atp tvm remediation, mdatp tvm, threat & vulnerability management, threat & vulnerability management remediation, tvm remediation intune, tvm remediation sccm
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance
+ms.topic: conceptual
+ms.date: 04/11/2019
+---
+# Remediation
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+>[!NOTE]
+>To use this capability, enable your Microsoft Intune connections. Navigate to **Settings** > **General** > **Advanced features**. Scroll down and look for **Microsoft Intune connection**. By default, the toggle is turned off. Turn your **Microsoft Intune connection** toggle on.
+
+After your organization's cybersecurity weaknesses are identified and mapped to actionable security recommendations, you can start creating security tasks through the integration with Microsoft Intune where remediation tickets are created.
+
+You can lower down your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations.
+
+## Navigate through your remediation options
+You'll see your remediation options when you select one of the security recommendation blocks from your **Top security recommendations** widget in the dashboard.
+1. From the flyout panel, you'll see the security recommendation details including your next steps. Click **Remediation options**.
+2. In the **Remediation options** page, select **Open a ticket in Intune (for AAD joined devices)**.
+
+>[!NOTE]
+>If your request involves remediating more than 10,000 machines, we will only send 10,000 machines for remediation to Intune.
+
+3. Select a remediation due date.
+4. Add notes to give your IT administrator a context of your remediation request. For example, you can indicate urgency of the remediation request to avoid potential exposure to a recent exploit activity, or if the request is a part of compliance.
+
+If you want to check how the ticket shows up in Intune, see [Use Intune to remediate vulnerabilities identified by Microsoft Defender ATP](https://docs.microsoft.com/intune/atp-manage-vulnerabilities) for details.
+
+## How it works
+
+When you submit a remediation request from Threat & Vulnerability Management, it kicks-off a remediation activity.
+
+It creates a security task which will be tracked in Threat & Vulnerability Management **Remediation** page, and it also creates a remediation ticket in Microsoft Intune.
+
+You also have the option to export all remediation activity data to CSV for records, reporting purposes, or if you want to notify your IT administration counterpart that a remediation ticket has been submitted.
+
+The dashboard will show that status of your top remediation activities. Click any of the entries and it will take you to the **Remediation** page. You can mark the remediation activity as completed after the IT administration team remediates the task.
+
+However, if the security recommendation stemmed from a false positive report, or if there are existing business justification that blocks the remediation, such as compensating control, productivity needs, compliance, or if there's already a planned remediation grace period, you can file an exception and indicate the reason. The exceptions you've filed will also show up in the **Remediation** page, in the **Exceptions** tab.
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
+- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
+- [Exposure score](tvm-exposure-score.md)
+- [Configuration score](configuration-score.md)
+- [Security recommendation](tvm-security-recommendation.md)
+- [Software inventory](tvm-software-inventory.md)
+- [Weaknesses](tvm-weaknesses.md)
+- [Scenarios](threat-and-vuln-mgt-scenarios.md)
+
+
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
index a866f2ef4f..cb1913abcb 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
@@ -1,66 +1,92 @@
----
-title: Security recommendation
-description: The weaknesses identified in the environment are mapped to actionable security recommendations and prioritized by their impact on the organizational exposure score.
-keywords: threat and vulnerability management, mdatp tvm security recommendation, cybersecurity recommendation, actionable security recommendation
-search.product: eADQiWindows 10XVcnh
-search.appverid: met150
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: dolmont
-author: DulceMontemayor
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance
-ms.topic: conceptual
-ms.date: 04/11/2019
----
-# Security recommendation
-**Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-The cybersecurity weaknesses identified in your organization are mapped to actionable security recommendations and prioritized by their impact on the security recommendation list. Prioritized recommendation helps shorten the mean time to mitigate or remediate vulnerabilities and drive compliance.
-
-Each security recommendation includes an actionable remediation recommendation which can be pushed into the IT task queue through a built-in integration with Microsoft Intune and SCCM. It is also dynamic in the sense that when the threat landscape changes, the recommendation also changes as it continuously collect information from your environment.
-
-## The basis of the security recommendation
-Each machine in the organization is scored based on three important factors: threat, likelihood to be breached, and value, to help customers to focus on the right things at the right time.
-
-- Threat - Characteristics of the vulnerabilities and exploits in your organizations' devices and breach history. Based on these factors, the security recommendations shows the correponding links to active alerts, ongoing threat campaigns, and their corresponding threat analytic reports.
-
-- Breach likelihood - Your organization's security posture and resilience against threats
-
-- Business value - Your organization's assets, critical processes, and intellectual properties
-
-
-## Navigate through your security recommendations
-You can access the security recommendation from the Microsoft Defender ATP Threat & Vulnerability Management menu, dashboard, software page, and machine page, to give you the context that you need as you require it.
-
-There are security recommendations for application, operating system, network, accounts, and security controls.
-
-In a given day as a Security Administrator, you can take a look at the dashboard to see your exposure score side-by-side with your configuration score. The goal is to lower down your organization's exposure from vulnerabilities, and increase your organization's security configuration to be more resilient against cybersecurity threat attacks. The top security recommendations list can help you achieve that goal.
-
-The top security recommendations lists down the improvement opportunities prioritized based on the three important factors mentioned in the previous section - threat, likelihood to be breached, and value.
-
-You can click on each one of them and see the details, the description, the potential risk if you don't act on or remediate it, insights, how many exposed devices are associated with the security recommendation, vulnerabilities, and other threats.
-
-From that page, you can do any of the following depending on what you need to do:
-
-- Open software page - Drill down and open the software page to get more context of the software details, prevalence in the organization, weaknesses discovered, version distribution, and charts so you can see the exposure trend over time.
-
-- Choose from remediation options - Submit a remediation request to open a ticket in Microsoft Intune for your IT Administrator to pick up and address.
-
-- Choose from exception options - Submit an exception, provide justification, and set exception duration if you can't remediate the issue just yet due to specific business reasons, compensation controls, or if it is a false positive.
-
-
-## Related topics
-- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
-- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
-- [Exposure score](tvm-exposure-score.md)
-- [Configuration score](configuration-score.md)
-- [Remediation](tvm-remediation.md)
-- [Software inventory](tvm-software-inventory.md)
-- [Weaknesses](tvm-weaknesses.md)
-- [Scenarios](threat-and-vuln-mgt-scenarios.md)
+---
+title: Security recommendation
+description: The weaknesses identified in the environment are mapped to actionable security recommendations and prioritized by their impact on the organizational exposure score.
+keywords: threat and vulnerability management, mdatp tvm security recommendation, cybersecurity recommendation, actionable security recommendation
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance
+ms.topic: conceptual
+ms.date: 04/11/2019
+---
+# Security recommendation
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+The cybersecurity weaknesses identified in your organization are mapped to actionable security recommendations and prioritized by their impact on the security recommendation list. Prioritized recommendation helps shorten the mean time to mitigate or remediate vulnerabilities and drive compliance.
+
+Each security recommendation includes an actionable remediation recommendation which can be pushed into the IT task queue through a built-in integration with Microsoft Intune and Microsoft System Center Configuration Manager (SCCM). It is also dynamic in the sense that when the threat landscape changes, the recommendation also changes as it continuously collect information from your environment.
+
+## The basis of the security recommendation
+Each machine in the organization is scored based on three important factors: threat, likelihood to be breached, and value, to help customers to focus on the right things at the right time.
+
+- Threat - Characteristics of the vulnerabilities and exploits in your organizations' devices and breach history. Based on these factors, the security recommendations shows the corresponding links to active alerts, ongoing threat campaigns, and their corresponding threat analytic reports.
+
+- Breach likelihood - Your organization's security posture and resilience against threats
+
+- Business value - Your organization's assets, critical processes, and intellectual properties
+
+
+## Navigate through your security recommendations
+
+You can access the security recommendation from the Microsoft Defender ATP Threat & Vulnerability Management menu, dashboard, software page, and machine page, to give you the context that you need, as you require it.
+
+There are security recommendations for application, operating system, network, accounts, and security controls.
+
+In a given day as a Security Administrator, you can take a look at the dashboard to see your exposure score side-by-side with your configuration score. The goal is to lower down your organization's exposure from vulnerabilities, and increase your organization's security configuration to be more resilient against cybersecurity threat attacks. The top security recommendations list can help you achieve that goal.
+
+The top security recommendations lists down the improvement opportunities prioritized based on the three important factors mentioned in the previous section - threat, likelihood to be breached, and value.
+
+You can click on each one of them and see the details, the description, the potential risk if you don't act on or remediate it, insights, how many exposed devices are associated with the security recommendation, vulnerabilities, and other threats.
+
+From that page, you can do any of the following depending on what you need to do:
+
+- Open software page - Drill down and open the software page to get more context of the software details, prevalence in the organization, weaknesses discovered, version distribution, and charts so you can see the exposure trend over time.
+
+- Choose from remediation options - Submit a remediation request to open a ticket in Microsoft Intune for your IT Administrator to pick up and address.
+
+- Choose from exception options - Submit an exception, provide justification, and set exception duration if you can't remediate the issue just yet due to specific business reasons, compensation controls, or if it is a false positive.
+
+## Report inaccuracy
+
+You can report a false positive when you see any vague, inaccurate, incomplete, or already remediated security recommendation information in the machine page.
+
+1. Select the **Security recommendation** tab.
+
+2. Click **:** beside the security recommendation that you want to report about, then select **Report inaccuracy**.
+
+
A flyout pane opens.
+
+
+3. From the flyout pane, select the inaccuracy category from the drop-down menu.
+
+
+4. Include your email address so Microsoft can send you feedback regarding the inaccuracy you reported.
+
+5. Include your machine name for investigation context.
+
+>[!NOTE]
+> You can also provide details regarding the inaccuracy you reported in the **Tell us more (optional)** field to give the threat and vulnerability management investigators context.
+
+6. Click **Submit**. Your feedback is immediately sent to the Threat & Vulnerability Management experts with its context.
+
+
+
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
+- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
+- [Exposure score](tvm-exposure-score.md)
+- [Configuration score](configuration-score.md)
+- [Remediation](tvm-remediation.md)
+- [Software inventory](tvm-software-inventory.md)
+- [Weaknesses](tvm-weaknesses.md)
+- [Scenarios](threat-and-vuln-mgt-scenarios.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
index 6954b3f5d6..a7ff6812ce 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
@@ -1,44 +1,68 @@
----
-title: Software inventory
-description: Microsoft Defender ATP Threat & Vulnerability management's discovery capability shows in the software inventory page. You can see the name of the product, vendor, the latest version it is in, and the number of weaknesses and vulnerabilities detected.
-keywords: microsoft defender atp, microsoft defender atp software inventory, mdatp threat & vulnerability management, mdatp threat & vulnerability management software inventory, mdatp tvm software inventory, tvm software inventory
-search.product: eADQiWindows 10XVcnh
-search.appverid: met150
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: dolmont
-author: DulceMontemayor
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance
-ms.topic: conceptual
-ms.date: 04/11/2019
----
-# Software inventory
-**Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-Microsoft Defender ATP Threat & Vulnerability management's discovery capability shows in the **Software inventory** page. The software inventory includes the name of the product or vendor, the latest version it is in, and the number of weaknesses and vulnerabilities detected with it.
-
-## Navigate through your software inventory
-1. Select **Software inventory** from the Threat & Vulnerability management navigation menu.
-2. In the **Software inventory** page, select the application that you want to investigate and a flyout panel opens up with the software details, vendor information, prevalence in the organization, exposed machines, threat context, and its impact to your organization's exposure score.
-3. In the flyout panel, select **Open software page** to dive deeper into your software inventory. You will see how many weaknesses are discovered with the application, devices exposed, installed machines, version distribution, and the corresponding security recommendations for the weaknesses and vulnerabilities identified.
-
-## How it works
-In the field of discovery, we are leveraging the same set of signals in Microsoft Defender ATP's endpoint detection and response that's responsible for detection, for vulnerability assessment.
-
-Since it is real-time, in a matter of minutes, you will see vulnerability information as they get discovered. The engine automatically grabs information from multiple security feeds. In fact, you'll will see if a particular application is connected to a live campaign. It also provides a link to a Threat Analytics report soon as it's available.
-
-## Related topics
-- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
-- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
-- [Exposure score](tvm-exposure-score.md)
-- [Configuration score](configuration-score.md)
-- [Security recommendation](tvm-security-recommendation.md)
-- [Remediation](tvm-remediation.md)
-- [Weaknesses](tvm-weaknesses.md)
-- [Scenarios](threat-and-vuln-mgt-scenarios.md)
+---
+title: Software inventory
+description: Microsoft Defender ATP Threat & Vulnerability management's discovery capability shows in the software inventory page. You can see the name of the product, vendor, the latest version it is in, and the number of weaknesses and vulnerabilities detected.
+keywords: microsoft defender atp, microsoft defender atp software inventory, mdatp threat & vulnerability management, mdatp threat & vulnerability management software inventory, mdatp tvm software inventory, tvm software inventory
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance
+ms.topic: conceptual
+ms.date: 04/11/2019
+---
+# Software inventory
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+Microsoft Defender ATP Threat & Vulnerability management's discovery capability shows in the **Software inventory** page. The software inventory includes the name of the product or vendor, the latest version it is in, and the number of weaknesses and vulnerabilities detected with it.
+
+## Navigate through your software inventory
+1. Select **Software inventory** from the Threat & Vulnerability management navigation menu.
+2. In the **Software inventory** page, select the application that you want to investigate and a flyout panel opens up with the software details, vendor information, prevalence in the organization, exposed machines, threat context, and its impact to your organization's exposure score.
+3. In the flyout panel, select **Open software page** to dive deeper into your software inventory. You will see how many weaknesses are discovered with the application, devices exposed, installed machines, version distribution, and the corresponding security recommendations for the weaknesses and vulnerabilities identified.
+
+## How it works
+In the field of discovery, we are leveraging the same set of signals in Microsoft Defender ATP's endpoint detection and response that's responsible for detection, for vulnerability assessment.
+
+Since it is real-time, in a matter of minutes, you will see vulnerability information as they get discovered. The engine automatically grabs information from multiple security feeds. In fact, you'll will see if a particular application is connected to a live campaign. It also provides a link to a Threat Analytics report soon as it's available.
+
+## Report inaccuracy
+
+You can report a false positive when you see any vague, inaccurate version, incomplete, or already remediated software inventory information in the machine page.
+
+1. Select the **Software inventory** tab.
+
+2. Click **:** beside the software that you want to report about, and then select **Report inaccuracy**.
+
+
A flyout pane opens.
+
+
+3. From the flyout pane, select the inaccuracy category from the **Software inventory inaccuracy reason** drop-down menu.
+
+
+4. Include your email address so Microsoft can send you feedback regarding the inaccuracy you reported.
+
+5. Include your machine name for investigation context.
+
+>[!NOTE]
+> You can also provide details regarding the inaccuracy you reported in the **Tell us more (optional)** field to give the threat and vulnerability management investigators context.
+
+6. Click **Submit**. Your feedback is immediately sent to the Threat & Vulnerability Management experts with its context.
+
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
+- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
+- [Exposure score](tvm-exposure-score.md)
+- [Configuration score](configuration-score.md)
+- [Security recommendation](tvm-security-recommendation.md)
+- [Remediation](tvm-remediation.md)
+- [Weaknesses](tvm-weaknesses.md)
+- [Scenarios](threat-and-vuln-mgt-scenarios.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
index 108aef13b2..bb9f499cd3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
@@ -1,78 +1,121 @@
----
-title: Weaknesses
-description: The **Weaknesses** page lists down the vulnerabilities found in the infected software running in your organization, their severity, Common Vulnerability Scoring System (CVSS) rating, its prevalence in your organization, breach, and threat insights.
-keywords: mdatp threat & vulnerability management, mdatp tvm weaknesses page, finding weaknesses through tvm, tvm vulnerability list, vulnerability details in tvm
-search.product: eADQiWindows 10XVcnh
-search.appverid: met150
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: dolmont
-author: DulceMontemayor
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance
-ms.topic: conceptual
-ms.date: 04/11/2019
----
-# Weaknesses
-**Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-Threat & Vulnerability Management leverages the same signals in Microsoft Defender ATP's endpoint protection to scan and detect vulnerabilities.
-
-The **Weaknesses** page lists down the vulnerabilities found in the infected software running in your organization, their severity, Common Vulnerability Scoring System (CVSS) rating, its prevalence in your organization, corresponding breach, and threat insights.
-
-## Navigate through your organization's weaknesses page
-You can see the list of vulnerabilities in three ways:
-
-*Vulnerabilities in global search*
-1. Click the global search drop-down menu.
-2. Select **Vulnerability** and key-in the Common Vulnerabilities and Exposures (CVE) ID that you are looking for, then click the search icon. The **Weaknesses** page opens with the CVE information that you are looking for.
-
-3. Select the CVE and a flyout panel opens up with more information - the vulnerability description, exploits available, severity level, CVSS v3 rating, publishing and update dates.
-
->[!NOTE]
->To see the rest of the vulnerabilities in the **Weaknesses** page, type CVE, then click search.
-
-*Weaknesses page in the menu*
-1. Go to the Threat & Vulnerability Management navigation menu and select **Weaknesses** to open up the list of vulnerabilities found in your organization.
-2. Select the vulnerability that you want to investigate to open up a flyout panel with the vulnerability details, such as: CVE description, CVE ID, exploits available, CVSS V3 rating, severity, publish, and update dates.
-
-*Top vulnerable software widget in the dashboard*
-1. Go to the Threat & Vulnerability Management dashboard and scroll down to the **Top vulnerable software** widget. You will see the number of vulnerabilities found in each software along with threat information and a high-level view of the device exposure trend over time.
-
-2. Click the software that you want to investigate and it takes you to the software page. You will the weaknesses found in your machine per severity level, in which machines are they installed, version distribution, and the corresponding security recommendation.
-3. Select the **Discovered vulnerabilities** tab.
-4. Select the vulnerability that you want to investigate to open up a flyout panel with the vulnerability details, such as: CVE description, CVE ID, exploits available, CVSS V3 rating, severity, publish, and update dates.
-
-## How it works
-When new vulnerabilities are released, you would want know how many of your assets are exposed. You can see the list of vulnerabilities and the details in the **Weaknesses** page.
-
-If the **Exposed Machines** column shows 0, that means you are not infected.
-
-If there's a number in the **Exposed Machines**, that means you need to remediate the vulnerabilities in those machines because they put the rest of your assets and your organization at risk.
-
-You can also see the related alert and threat insights in the **Threat** column.
-
-The breach insights icons are highlighted if there are active alerts associated with the vulnerability found in your organization.
-
-
-The threat insights icons are highlighted if there are associated exploits in the vulnerability found in your organization. It also shows whether the threat is connected to specific campaign for which, Threat Analytics report links are provided that you can read.
-
-
- >[!NOTE]
- > Always prioritize recommendations that are associated with ongoing threats. These recommendations are marked with the threat insight  icon and possible active alert  icon.
-
-
-## Related topics
-- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
-- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
-- [Exposure score](tvm-exposure-score.md)
-- [Configuration score](configuration-score.md)
-- [Security recommendation](tvm-security-recommendation.md)
-- [Remediation](tvm-remediation.md)
-- [Software inventory](tvm-software-inventory.md)
-- [Scenarios](threat-and-vuln-mgt-scenarios.md)
+---
+title: Weaknesses
+description: The **Weaknesses** page lists down the vulnerabilities found in the infected software running in your organization, their severity, Common Vulnerability Scoring System (CVSS) rating, its prevalence in your organization, breach, and threat insights.
+keywords: mdatp threat & vulnerability management, mdatp tvm weaknesses page, finding weaknesses through tvm, tvm vulnerability list, vulnerability details in tvm
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dolmont
+author: DulceMontemayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance
+ms.topic: conceptual
+ms.date: 04/11/2019
+---
+# Weaknesses
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+Threat & Vulnerability Management leverages the same signals in Microsoft Defender ATP's endpoint protection to scan and detect vulnerabilities.
+
+The **Weaknesses** page lists down the vulnerabilities found in the infected software running in your organization, their severity, Common Vulnerability Scoring System (CVSS) rating, its prevalence in your organization, corresponding breach, and threat insights.
+
+>[!IMPORTANT]
+>To boost your vulnerability assessment detection rates, you can download the following set of optional security updates and deploy them in your network:
+>- 19H1 customers | [KB 4512941](https://support.microsoft.com/help/4512941/windows-10-update-kb4512941)
+>- RS5 customers | [KB 4516077](https://support.microsoft.com/help/4516077/windows-10-update-kb4516077)
+>- RS4 customers | [KB 4516045](https://support.microsoft.com/help/4516045/windows-10-update-kb4516045)
+>- RS3 customers | [KB 4516071](https://support.microsoft.com/help/4516071/windows-10-update-kb4516071)
+>
Downloading the above-mentioned security updates will be mandatory starting Patch Tuesday, October 8, 2019.
+
+## Navigate through your organization's weaknesses page
+You can see the list of vulnerabilities in four ways:
+
+*Vulnerabilities in global search*
+1. Click the global search drop-down menu.
+2. Select **Vulnerability** and key-in the Common Vulnerabilities and Exposures (CVE) ID that you are looking for, then click the search icon. The **Weaknesses** page opens with the CVE information that you are looking for.
+
+3. Select the CVE and a flyout panel opens up with more information - the vulnerability description, exploits available, severity level, CVSS v3 rating, publishing and update dates.
+
+>[!NOTE]
+>To see the rest of the vulnerabilities in the **Weaknesses** page, type CVE, then click search.
+
+*Weaknesses page in the menu*
+1. Go to the Threat & Vulnerability Management navigation menu and select **Weaknesses** to open up the list of vulnerabilities found in your organization.
+2. Select the vulnerability that you want to investigate to open up a flyout panel with the vulnerability details, such as: CVE description, CVE ID, exploits available, CVSS V3 rating, severity, publish, and update dates.
+
+*Top vulnerable software widget in the dashboard*
+1. Go to the Threat & Vulnerability Management dashboard and scroll down to the **Top vulnerable software** widget. You will see the number of vulnerabilities found in each software along with threat information and a high-level view of the device exposure trend over time.
+
+2. Click the software that you want to investigate and it takes you to the software page. You will the weaknesses found in your machine per severity level, in which machines are they installed, version distribution, and the corresponding security recommendation.
+3. Select the **Discovered vulnerabilities** tab.
+4. Select the vulnerability that you want to investigate to open up a flyout panel with the vulnerability details, such as: CVE description, CVE ID, exploits available, CVSS V3 rating, severity, publish, and update dates.
+
+*Discovered vulnerabilities in the machine page*
+1. Go to the left-hand navigation menu bar, then select the machine icon. The **Machines list** page opens.
+
+2. In the **Machines list** page, select the machine that you want to investigate.
+
+
A flyout pane opens with machine details and response action options.
+
+3. In the flyout pane, select **Open machine page**. A page opens with details and response options for the machine you want to investigate.
+
+4. Select **Discovered vulnerabilities**.
+5. Select the vulnerability that you want to investigate to open up a flyout panel with the vulnerability details, such as: CVE description, CVE ID, exploits available, CVSS V3 rating, severity, publish, and update dates.
+
+## How it works
+When new vulnerabilities are released, you would want know how many of your assets are exposed. You can see the list of vulnerabilities and the details in the **Weaknesses** page.
+
+If the **Exposed Machines** column shows 0, that means you are not infected.
+
+If there's a number in the **Exposed Machines**, that means you need to remediate the vulnerabilities in those machines because they put the rest of your assets and your organization at risk.
+
+You can also see the related alert and threat insights in the **Threat** column.
+
+The breach insights icons are highlighted if there are active alerts associated with the vulnerability found in your organization.
+
+
+The threat insights icons are highlighted if there are associated exploits in the vulnerability found in your organization. It also shows whether the threat is connected to specific campaign for which, Threat Analytics report links are provided that you can read.
+
+
+ >[!NOTE]
+ > Always prioritize recommendations that are associated with ongoing threats. These recommendations are marked with the threat insight  icon and possible active alert  icon.
+
+## Report inaccuracy
+
+You can report a false positive when you see any vague, inaccurate, missing, or already remediated vulnerability information in the machine page.
+
+1. Select the **Discovered vulnerabilities** tab.
+
+2. Click **:** beside the vulnerability that you want to report about, and then select **Report inaccuracy**.
+
+
A flyout pane opens.
+
+
+3. From the flyout pane, select the inaccuracy category from the **Discovered vulnerability inaccuracy reason** drop-down menu.
+
+
+4. Include your email address so Microsoft can send you feedback regarding the inaccuracy you reported.
+
+5. Include your machine name for investigation context.
+
+>[!NOTE]
+> You can also provide details regarding the inaccuracy you reported in the **Tell us more (optional)** field to give the threat and vulnerability management investigators context.
+
+6. Click **Submit**. Your feedback is immediately sent to the Threat & Vulnerability Management experts with its context.
+
+
+## Related topics
+- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
+- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
+- [Exposure score](tvm-exposure-score.md)
+- [Configuration score](configuration-score.md)
+- [Security recommendation](tvm-security-recommendation.md)
+- [Remediation](tvm-remediation.md)
+- [Software inventory](tvm-software-inventory.md)
+- [Scenarios](threat-and-vuln-mgt-scenarios.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/update-alert.md b/windows/security/threat-protection/microsoft-defender-atp/update-alert.md
index ca069f5c81..8d6c69ea8d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/update-alert.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/update-alert.md
@@ -51,7 +51,7 @@ Content-Type | String | application/json. **Required**.
## Request body
-In the request body, supply the values for the relevant fields that should be updated.Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance you shouldn't include existing values that haven't change.
+In the request body, supply the values for the relevant fields that should be updated. Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance you shouldn't include existing values that haven't change.
Property | Type | Description
:---|:---|:---
@@ -60,6 +60,7 @@ assignedTo | String | Owner of the alert
classification | String | Specifies the specification of the alert. The property values are: 'Unknown', 'FalsePositive', 'TruePositive'.
determination | String | Specifies the determination of the alert. The property values are: 'NotAvailable', 'Apt', 'Malware', 'SecurityPersonnel', 'SecurityTesting', 'UnwantedSoftware', 'Other'
+[!include[Improve request performance](improve-request-performance.md)]
## Response
If successful, this method returns 200 OK, and the [alert](alerts.md) entity in the response body with the updated properties. If alert with the specified id was not found - 404 Not Found.
@@ -71,8 +72,6 @@ If successful, this method returns 200 OK, and the [alert](alerts.md) entity in
Here is an example of the request.
-[!include[Improve request performance](improve-request-performance.md)]
-
```
PATCH https://api.securitycenter.windows.com/api/alerts/121688558380765161_2136280442
Content-Type: application/json
diff --git a/windows/security/threat-protection/microsoft-defender-atp/use-custom-ti.md b/windows/security/threat-protection/microsoft-defender-atp/use-custom-ti.md
index 9452c634c4..105f0ac7f1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/use-custom-ti.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/use-custom-ti.md
@@ -26,7 +26,7 @@ ms.date: 04/24/2018
> [!TIP]
> This topic has been deprecated. See [Indicators](ti-indicator.md) for the updated content.
>
-> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-customti-abovefoldlink)
+> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-customti-abovefoldlink)
Understand threat intelligence concepts, then enable the custom threat intelligence application so that you can proceed to create custom threat intelligence alerts that are specific to your organization.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/use.md b/windows/security/threat-protection/microsoft-defender-atp/use.md
index 5b80236d1c..dbf6830312 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/use.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/use.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-usewdatp-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-usewdatp-abovefoldlink)
Microsoft Defender Security Center is the portal where you can access Microsoft Defender Advanced Threat Protection capabilities.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/user-roles.md b/windows/security/threat-protection/microsoft-defender-atp/user-roles.md
index 668831d19d..8d498f43b4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/user-roles.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/user-roles.md
@@ -23,7 +23,7 @@ ms.topic: article
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-roles-abovefoldlink)
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-roles-abovefoldlink)
## Create roles and assign the role to an Azure Active Directory group
The following steps guide you on how to create roles in Microsoft Defender Security Center. It assumes that you have already created Azure Active Directory user groups.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md
index b3c05cd9a2..f8f068cd50 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md
@@ -28,6 +28,16 @@ The following features are generally available (GA) in the latest release of Mic
For more information preview features, see [Preview features](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection).
+
+## September 2019
+- [Live response](live-response.md)
Get instantaneous access to a machine using a remote shell connection. Do in-depth investigative work and take immediate response actions to promptly contain identified threats - real-time.
+
+- [Evaluation lab](evaluation-lab.md)
The Microsoft Defender ATP evaluation lab is designed to eliminate the complexities of machine and environment configuration so that you can
+ focus on evaluating the capabilities of the platform, running simulations, and seeing the prevention, detection, and remediation features in action.
+
+- [Windows Server 2008 R2 SP1](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints#windows-server-2008-r2-sp1--windows-server-2012-r2-and-windows-server-2016)
You can now onboard Windows Server 2008 R2 SP1.
+
+
## June 2019
- [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
A new built-in capability that uses a risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.
@@ -50,7 +60,7 @@ For more information preview features, see [Preview features](https://docs.micro
## April 2019
- [Microsoft Threat Experts Targeted Attack Notification capability](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts#targeted-attack-notification)
Microsoft Threat Experts' Targeted Attack Notification alerts are tailored to organizations to provide as much information as can be quickly delivered thus bringing attention to critical threats in their network, including the timeline, scope of breach, and the methods of intrusion.
-- [Microsoft Defender ATP API](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/use-apis)
Microsoft Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will enable you to automate workflows and innovate based on Microsoft Defender ATP capabilities.
+- [Microsoft Defender ATP API](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/apis-intro)
Microsoft Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will enable you to automate workflows and innovate based on Microsoft Defender ATP capabilities.
diff --git a/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md b/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md
index 00ba76594e..a9b824cade 100644
--- a/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md
+++ b/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md
@@ -1,8 +1,6 @@
-ms.date: 04/19/2017
-ms.reviewer:
-manager: dansimp
-ms.author: dolmont
---
+manager: dansimp
+ms.author: dansimp
title: Override Process Mitigation Options to help enforce app-related security policies (Windows 10)
description: How to use Group Policy to override individual Process Mitigation Options settings and to help enforce specific app-related security policies.
keywords: Process Mitigation Options, Mitigation Options, Group Policy Mitigation Options
@@ -10,7 +8,6 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.pagetype: security
ms.sitesec: library
-
author: dulcemontemayor
ms.localizationpriority: medium
---
diff --git a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
index 3168a333af..1198ca299a 100644
--- a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
+++ b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
@@ -1,6 +1,6 @@
---
title: Mitigate threats by using Windows 10 security features (Windows 10)
-description: This topic provides an overview of software and firmware threats faced in the current security landscape, and the mitigations that Windows 10 offers in response to these threats.
+description: This topic provides an overview of software and firmware threats faced in the current security landscape, and the mitigations that Windows 10 offers in response to these threats.
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
@@ -10,7 +10,7 @@ author: dulcemontemayor
ms.date: 10/13/2017
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
---
# Mitigate threats by using Windows 10 security features
@@ -106,7 +106,7 @@ Windows Defender Antivirus in Windows 10 uses a multi-pronged approach to improv
For more information, see [Windows Defender in Windows 10](windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md) and [Windows Defender Overview for Windows Server](https://technet.microsoft.com/windows-server-docs/security/windows-defender/windows-defender-overview-windows-server).
-For information about Microsoft Defender Advanced Threat Protection, a service that helps enterprises to detect, investigate, and respond to advanced and targeted attacks on their networks, see [Microsoft Defender Advanced Threat Protection (ATP)](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp) (resources) and [Microsoft Defender Advanced Threat Protection (ATP)](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection) (documentation).
+For information about Microsoft Defender Advanced Threat Protection, a service that helps enterprises to detect, investigate, and respond to advanced and targeted attacks on their networks, see [Microsoft Defender Advanced Threat Protection (ATP)](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) (resources) and [Microsoft Defender Advanced Threat Protection (ATP)](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection) (documentation).
### Data Execution Prevention
@@ -450,10 +450,10 @@ Microsoft Consulting Services (MCS) and Microsoft Support/Premier Field Engineer
## Related topics
- [Security and Assurance in Windows Server 2016](https://technet.microsoft.com/windows-server-docs/security/security-and-assurance)
-- [Microsoft Defender Advanced Threat Protection (ATP) - resources](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp)
+- [Microsoft Defender Advanced Threat Protection (ATP) - resources](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp)
- [Microsoft Defender Advanced Threat Protection (ATP) - documentation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection)
- [Exchange Online Advanced Threat Protection Service Description](https://technet.microsoft.com/library/exchange-online-advanced-threat-protection-service-description.aspx)
- [Office 365 Advanced Threat Protection](https://products.office.com/en-us/exchange/online-email-threat-protection)
-- [Microsoft Malware Protection Center](https://www.microsoft.com/en-us/security/portal/mmpc/default.aspx)
+- [Microsoft Malware Protection Center](https://www.microsoft.com/security/portal/mmpc/default.aspx)
diff --git a/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md b/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
index a0f5a549a6..1f3bb33e56 100644
--- a/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
+++ b/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
@@ -4,14 +4,13 @@ description: This article details an end-to-end solution that helps you protect
ms.assetid: 45DB1C41-C35D-43C9-A274-3AD5F31FE873
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
keywords: security, BYOD, malware, device health attestation, mobile
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: security, devices
author: dulcemontemayor
-
ms.date: 10/13/2017
ms.localizationpriority: medium
---
diff --git a/windows/security/threat-protection/security-compliance-toolkit-10.md b/windows/security/threat-protection/security-compliance-toolkit-10.md
index 7036973802..8ce51363fd 100644
--- a/windows/security/threat-protection/security-compliance-toolkit-10.md
+++ b/windows/security/threat-protection/security-compliance-toolkit-10.md
@@ -5,7 +5,7 @@ keywords: virtualization, security, malware
ms.prod: w10
ms.mktglfcycl: deploy
ms.localizationpriority: medium
-ms.author: dolmont
+ms.author: dansimp
author: dulcemontemayor
manager: dansimp
audience: ITPro
diff --git a/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md b/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md
index a485a13590..af394cc02a 100644
--- a/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md
+++ b/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md
@@ -22,7 +22,7 @@ ms.date: 04/19/2017
**Applies to**
- Windows 10
->Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
+>Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/WindowsForBusiness/Compare).
Describes the best practices, location, values, policy management, and security considerations for the **Bypass traverse checking** security policy setting.
diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md b/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md
index b4f0324679..3aa61ca9b4 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md
@@ -76,7 +76,7 @@ This section describes how an attacker might exploit a feature or its configurat
### Vulnerability
-By default, the domain members submit a password change every 30 days. If you increase this interval significantly, or set it to 0 so that the computers no longer submit a password change, an attacker has more time to undertake a brute-force attack to guess the password of one or more computer accounts.
+By default, the domain members submit a password change every 30 days. If you increase this interval significantly so that the computers no longer submit a password change, an attacker has more time to undertake a brute-force attack to guess the password of one or more computer accounts.
### Countermeasure
diff --git a/windows/security/threat-protection/security-policy-settings/maximum-password-age.md b/windows/security/threat-protection/security-policy-settings/maximum-password-age.md
index 00c2b3a1a2..2e2b5f172a 100644
--- a/windows/security/threat-protection/security-policy-settings/maximum-password-age.md
+++ b/windows/security/threat-protection/security-policy-settings/maximum-password-age.md
@@ -74,7 +74,7 @@ The longer a password exists, the higher the likelihood that it will be compromi
### Considerations
-Mandated password changes are a long-standing security practice, but current research strongly indicates that password expiration has a negative effect. See [Microsoft Password Guidance](https://www.microsoft.com/en-us/research/publication/password-guidance/) for further information.
+Mandated password changes are a long-standing security practice, but current research strongly indicates that password expiration has a negative effect. See [Microsoft Password Guidance](https://www.microsoft.com/research/publication/password-guidance/) for further information.
Configure the **Maximum password age** policy setting to a value that is suitable for your organization's business requirements. For example, many organisations have compliance or insurance mandates requiring a short lifespan on passwords. Where such a requirement exists, the **Maximum password age** policy setting can be used to meet business requirements.
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md
index 8a376e6b4f..d3d0816760 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md
@@ -35,14 +35,13 @@ The following table lists and explains the allowed encryption types.
| Encryption type | Description and version support |
| - | - |
-| DES_CBC_CRC | Data Encryption Standard with Cipher Block Chaining using the Cyclic Redundancy Check function
Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10 and Windows Server 2008 R2 operating systems do not support DES| by default.
+| DES_CBC_CRC | Data Encryption Standard with Cipher Block Chaining using the Cyclic Redundancy Check function
Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10 and Windows Server 2008 R2 operating systems do not support DES by default. |
| DES_CBC_MD5| Data Encryption Standard with Cipher Block Chaining using the Message-Digest algorithm 5 checksum function
Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10 and Windows Server 2008 R2 operating systems do not support DES by default. |
| RC4_HMAC_MD5| Rivest Cipher 4 with Hashed Message Authentication Code using the Message-Digest algorithm 5 checksum function
Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows 10 and Windows Server 2008 R2.|
| AES128_HMAC_SHA1| Advanced Encryption Standard in 128 bit cipher block with Hashed Message Authentication Code using the Secure Hash Algorithm (1).
Not supported in Windows 2000 Server, Windows XP, or Windows Server 2003. Supported in Windows Vista, Windows Server 2008, Windows 7, Windows 10 and Windows Server 2008 R2. |
| AES256_HMAC_SHA1| Advanced Encryption Standard in 256 bit cipher block with Hashed Message Authentication Code using the Secure Hash Algorithm (1).
Not supported in Windows 2000 Server, Windows XP, or Windows Server 2003. Supported in Windows Vista, Windows Server 2008, Windows 7, Windows 10 and Windows Server 2008 R2. |
| Future encryption types| Reserved by Microsoft for additional encryption types that might be implemented.|
-
-
+
### Possible values
diff --git a/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md b/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md
index 300f56c569..51ff05189a 100644
--- a/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md
+++ b/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md
@@ -4,7 +4,7 @@ description: Learn about an approach to collect events from devices in your orga
ms.assetid: 733263E5-7FD1-45D2-914A-184B9E3E6A3F
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
diff --git a/windows/security/threat-protection/wannacrypt-ransomware-worm-targets-out-of-date-systems-wdsi.md b/windows/security/threat-protection/wannacrypt-ransomware-worm-targets-out-of-date-systems-wdsi.md
index a9d12cc027..0a5d73d832 100644
--- a/windows/security/threat-protection/wannacrypt-ransomware-worm-targets-out-of-date-systems-wdsi.md
+++ b/windows/security/threat-protection/wannacrypt-ransomware-worm-targets-out-of-date-systems-wdsi.md
@@ -12,7 +12,7 @@ author: dulcemontemayor
ms.date: 07/27/2017
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
---
# WannaCrypt ransomware worm targets out-of-date systems
@@ -182,7 +182,7 @@ When it successfully infects a vulnerable computer, the malware runs kernel-leve
## Protection against the WannaCrypt attack
-To get the latest protection from Microsoft, upgrade to [Windows 10](https://www.microsoft.com/en-us/windows/windows-10-upgrade). Keeping your computers [up-to-date](https://www.microsoft.com/en-us/security/portal/mmpc/help/updatefaqs.aspx) gives you the benefits of the latest features and proactive mitigations built into the latest versions of Windows.
+To get the latest protection from Microsoft, upgrade to [Windows 10](https://www.microsoft.com/windows/windows-10-upgrade). Keeping your computers [up-to-date](https://www.microsoft.com/security/portal/mmpc/help/updatefaqs.aspx) gives you the benefits of the latest features and proactive mitigations built into the latest versions of Windows.
We recommend customers that have not yet installed the security update [MS17-010](https://technet.microsoft.com/library/security/ms17-010.aspx) do so as soon as possible. Until you can apply the patch, we also recommend two possible workarounds to reduce the attack surface:
@@ -195,7 +195,7 @@ For enterprises, use [Device Guard](https://technet.microsoft.com/itpro/windows/
Use [Office 365 Advanced Threat Protection](https://blogs.office.com/2015/04/08/introducing-exchange-online-advanced-threat-protection/), which has machine learning capability that blocks dangerous email threats, such as the emails carrying ransomware.
-Monitor networks with [Windows Defender Advanced Threat Protection](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp), which alerts security operations teams about suspicious activities. Download this playbook to see how you can leverage Windows Defender ATP to detect, investigate, and mitigate ransomware in networks: [Windows Defender Advanced Threat Protection - Ransomware response playbook](https://www.microsoft.com/en-us/download/details.aspx?id=55090).
+Monitor networks with [Windows Defender Advanced Threat Protection](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp), which alerts security operations teams about suspicious activities. Download this playbook to see how you can leverage Windows Defender ATP to detect, investigate, and mitigate ransomware in networks: [Windows Defender Advanced Threat Protection - Ransomware response playbook](https://www.microsoft.com/download/details.aspx?id=55090).
## Resources
@@ -207,7 +207,7 @@ MS17-010 Security Update: [https://technet.microsoft.com/library/security/ms17-0
Customer guidance for WannaCrypt attacks: [https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/](https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/)
-General information on ransomware: [https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx](https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx)
+General information on ransomware: [https://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx](https://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx)
## Indicators of compromise
diff --git a/windows/security/threat-protection/windows-10-mobile-security-guide.md b/windows/security/threat-protection/windows-10-mobile-security-guide.md
index 0389c92dd6..eede2665f7 100644
--- a/windows/security/threat-protection/windows-10-mobile-security-guide.md
+++ b/windows/security/threat-protection/windows-10-mobile-security-guide.md
@@ -4,7 +4,7 @@ description: This guide provides a detailed description of the most important se
ms.assetid: D51EF508-699E-4A68-A7CD-91D821A97205
ms.reviewer:
manager: dansimp
-ms.author: dolmont
+ms.author: dansimp
keywords: data protection, encryption, malware resistance, smartphone, device, Microsoft Store
ms.prod: w10
ms.mktglfcycl: manage
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md
index 39bb11b2f0..e73bbfe476 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md
@@ -46,7 +46,7 @@ See [Enable cloud-delivered protection](enable-cloud-protection-windows-defender
After you've enabled the service, you may need to configure your network or firewall to allow connections between it and your endpoints.
-As a cloud service, it is required that computers have access to the internet and that the ATP machine learning services are reachable. The following table lists the services and their associated URLs. You should ensure there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an allow rule specifically for them:
+As a cloud service, it is required that computers have access to the internet and that the ATP machine learning services are reachable. The URL: "\*.blob.core.windows.net" should not be excluded from any kind of network inspection. The table below lists the services and their associated URLs. You should ensure there are no firewall or network filtering rules denying access to these URLs, or you may need to create an allow rule specifically for them (excluding the URL: "\*.blob.core.windows.net").
| **Service**| **Description** |**URL** |
diff --git a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
index 404e3d39cf..b95dce5844 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
@@ -41,7 +41,7 @@ Tool|Deployment options (2)|Management options (net
Microsoft Intune|[Add endpoint protection settings in Intune](https://docs.microsoft.com/intune/endpoint-protection-configure)|[Configure device restriction settings in Intune](https://docs.microsoft.com/intune/device-restrictions-configure)| [Use the Intune console to manage devices](https://docs.microsoft.com/intune/device-management)
System Center Configuration Manager ([1](#fn1))|Use the [Endpoint Protection point site system role][] and [enable Endpoint Protection with custom client settings][]|With [default and customized antimalware policies][] and [client management][]|With the default [Configuration Manager Monitoring workspace][] and [email alerts][]
Group Policy and Active Directory (domain-joined)|Use a Group Policy Object to deploy configuration changes and ensure Windows Defender Antivirus is enabled.|Use Group Policy Objects (GPOs) to [Configure update options for Windows Defender Antivirus][] and [Configure Windows Defender features][]|Endpoint reporting is not available with Group Policy. You can generate a list of [Group Policies to determine if any settings or policies are not applied][]
-PowerShell|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set-MpPreference][] and [Update-MpSignature] [] cmdlets available in the Defender module|Use the appropriate [Get- cmdlets available in the Defender module][]
+PowerShell|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set-MpPreference] and [Update-MpSignature] cmdlets available in the Defender module.|Use the appropriate [Get- cmdlets available in the Defender module][]
Windows Management Instrumentation|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set method of the MSFT_MpPreference class][] and the [Update method of the MSFT_MpSignature class][]|Use the [MSFT_MpComputerStatus][] class and the get method of associated classes in the [Windows Defender WMIv2 Provider][]
Microsoft Azure|Deploy Microsoft Antimalware for Azure in the [Azure portal, by using Visual Studio virtual machine configuration, or using Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#antimalware-deployment-scenarios). You can also [Install Endpoint protection in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection)|Configure [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) or [use code samples](https://gallery.technet.microsoft.com/Antimalware-For-Azure-5ce70efe)|Use [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) to enable monitoring. You can also review usage reports in Azure Active Directory to determine suspicious activity, including the [Possibly infected devices][] report and configure an SIEM tool to report on [Windows Defender Antivirus events][] and add that tool as an app in AAD.
diff --git a/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md
index 115361ba35..307d8fcd7d 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md
@@ -24,7 +24,7 @@ manager: dansimp
In addition to standard on-premises or hardware configurations, you can also use Windows Defender Antivirus in a remote desktop (RDS) or virtual desktop infrastructure (VDI) environment.
-See the [Microsoft Desktop virtualization site](https://www.microsoft.com/en-us/server-cloud/products/virtual-desktop-infrastructure/) for more details on Microsoft Remote Desktop Services and VDI support.
+See the [Microsoft Desktop virtualization site](https://www.microsoft.com/server-cloud/products/virtual-desktop-infrastructure/) for more details on Microsoft Remote Desktop Services and VDI support.
For Azure-based virtual machines, you can also review the [Install Endpoint Protection in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection) topic.
@@ -143,7 +143,7 @@ You can initiate the update manually by right-clicking on the task and clicking
If you would prefer to do everything manually, this what you would need to do to replicate the script’s behavior:
1. Create a new folder on the system root called *wdav_update* to store intelligence updates, for example, create the folder *c:\wdav_update*
1. Create a subfolder under *wdav_update* with a GUID name, such as *{00000000-0000-0000-0000-000000000000}*; for example *c:\wdav_update\{00000000-0000-0000-0000-000000000000}* (note, in the script we set it so the last 12 digits of the GUID are the year, month, day, and time when the file was downloaded so that a new folder is created each time. You can change this so that the file is downloaded to the same folder each time)
-1. Download a security intelligence package from https://www.microsoft.com/en-us/wdsi/definitions into the GUID folder. The file should be named *mpam-fe.exe*.
+1. Download a security intelligence package from https://www.microsoft.com/wdsi/definitions into the GUID folder. The file should be named *mpam-fe.exe*.
1. Open a cmd prompt window and navigate to the GUID folder you created. Use the **/X** extraction command to extract the files, for example **mpam-fe.exe /X**.
Note: The VMs will pick up the updated package whenever a new GUID folder is created with an extracted update package or whenever an existing folder is updated with a new extracted package.
diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
index da2a6a8dcd..21be43c179 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
@@ -166,6 +166,12 @@ Once the Intune changes are propagated to the enrolled devices, you can see them
+## Troubleshooting
+
+Issue: No license found
+
+Solution: Follow the steps above to create a device profile using WindowsDefenderATPOnboarding.xml
+
## Logging installation issues
For more information on how to find the automatically generated log that is created by the installer when an error occurs, see [Logging installation issues](microsoft-defender-atp-mac-resources.md#logging-installation-issues) .
diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
index 44f2ed7150..9a52b56369 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
@@ -198,8 +198,9 @@ You can check that devices have been correctly onboarded by creating a script. F
mdatp --health healthy
```
-This script returns:
-- 0 if Microsoft Defender ATP is registered with the Microsoft Defender ATP service
+The above command prints "1" if the product is onboarded and functioning as expected.
+
+If the product is not healthy, the exit code (which can be checked through `echo $?`) indicates the problem:
- 1 if the device is not yet onboarded
- 3 if the connection to the daemon cannot be established—for example, if the daemon is not running
diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md
index 856b617100..ffa0df06d3 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md
@@ -35,6 +35,9 @@ This topic describes the structure of this profile (including a recommended prof
The configuration profile is a .plist file that consists of entries identified by a key (which denotes the name of the preference), followed by a value, which depends on the nature of the preference. Values can either be simple (such as a numerical value) or complex, such as a nested list of preferences.
+>[!CAUTION]
+>The layout of the configuration profile depends on the management console that you are using. The following sections contain examples of configuration profiles for JAMF and Intune.
+
The top level of the configuration profile includes product-wide preferences and entries for subareas of the product, which are explained in more detail in the next sections.
### Antivirus engine preferences
@@ -59,6 +62,23 @@ Whether real-time protection (scan files as they are accessed) is enabled or not
| **Data type** | Boolean |
| **Possible values** | true (default)
false |
+#### Enable / disable passive mode
+
+Whether the antivirus engine runs in passive mode or not. In passive mode:
+- Real-time protection is turned off
+- On demand scanning is turned on
+- Automatic threat remediation is turned off
+- Security intelligence updates are turned on
+- Status menu icon is hidden
+
+|||
+|:---|:---|
+| **Domain** | com.microsoft.wdav |
+| **Key** | passiveMode |
+| **Data type** | Boolean |
+| **Possible values** | false (default)
true |
+| **Comments** | Available in Microsoft Defender ATP version 100.67.60 or higher. |
+
#### Scan exclusions
Entities that have been excluded from the scan. Exclusions can be specified by full paths, extensions, or file names.
@@ -210,6 +230,28 @@ Determines whether suspicious samples (that are likely to contain threats) are s
| **Data type** | Boolean |
| **Possible values** | true (default)
false |
+### User interface preferences
+
+The *userInterface* section of the configuration profile is used to manage the preferences of the user interface of the product.
+
+|||
+|:---|:---|
+| **Domain** | com.microsoft.wdav |
+| **Key** | userInterface |
+| **Data type** | Dictionary (nested preference) |
+| **Comments** | See the following sections for a description of the dictionary contents. |
+
+#### Show / hide status menu icon
+
+Whether the status menu icon (shown in the top right corner of the screen) is hidden or not.
+
+|||
+|:---|:---|
+| **Domain** | com.microsoft.wdav |
+| **Key** | hideStatusMenuIcon |
+| **Data type** | Boolean |
+| **Possible values** | false (default)
true |
+
## Recommended configuration profile
To get started, we recommend the following configuration profile for your enterprise to take advantage of all protection features that Microsoft Defender ATP provides.
@@ -222,6 +264,8 @@ The following configuration profile will:
- Enable cloud delivered protection
- Enable automatic sample submission
+### JAMF profile
+
```XML
@@ -258,10 +302,91 @@ The following configuration profile will:
```
+### Intune profile
+
+```XML
+
+
+
+
+ PayloadUUID
+ C4E6A782-0C8D-44AB-A025-EB893987A295
+ PayloadType
+ Configuration
+ PayloadOrganization
+ Microsoft
+ PayloadIdentifier
+ com.microsoft.wdav
+ PayloadDisplayName
+ Microsoft Defender ATP settings
+ PayloadDescription
+ Microsoft Defender ATP configuration settings
+ PayloadVersion
+ 1
+ PayloadEnabled
+
+ PayloadRemovalDisallowed
+
+ PayloadScope
+ System
+ PayloadContent
+
+
+ PayloadUUID
+ 99DBC2BC-3B3A-46A2-A413-C8F9BB9A7295
+ PayloadType
+ com.microsoft.wdav
+ PayloadOrganization
+ Microsoft
+ PayloadIdentifier
+ com.microsoft.wdav
+ PayloadDisplayName
+ Microsoft Defender ATP configuration settings
+ PayloadDescription
+
+ PayloadVersion
+ 1
+ PayloadEnabled
+
+ antivirusEngine
+
+ enableRealTimeProtection
+
+ threatTypeSettings
+
+
+ key
+ potentially_unwanted_application
+ value
+ block
+
+
+ key
+ archive_bomb
+ value
+ audit
+
+
+
+ cloudService
+
+ enabled
+
+ automaticSampleSubmission
+
+
+
+
+
+
+```
+
## Full configuration profile example
The following configuration profile contains entries for all settings described in this document and can be used for more advanced scenarios where you want more control over the product.
+### JAMF profile
+
```XML
@@ -271,6 +396,8 @@ The following configuration profile contains entries for all settings described
enableRealTimeProtection
+ passiveMode
+
exclusions
@@ -325,10 +452,132 @@ The following configuration profile contains entries for all settings described
automaticSampleSubmission
+ userInterface
+
+ hideStatusMenuIcon
+
+
```
+### Intune profile
+
+```XML
+
+
+
+
+ PayloadUUID
+ C4E6A782-0C8D-44AB-A025-EB893987A295
+ PayloadType
+ Configuration
+ PayloadOrganization
+ Microsoft
+ PayloadIdentifier
+ C4E6A782-0C8D-44AB-A025-EB893987A295
+ PayloadDisplayName
+ Microsoft Defender ATP settings
+ PayloadDescription
+ Microsoft Defender ATP configuration settings
+ PayloadVersion
+ 1
+ PayloadEnabled
+
+ PayloadRemovalDisallowed
+
+ PayloadScope
+ System
+ PayloadContent
+
+
+ PayloadUUID
+ 99DBC2BC-3B3A-46A2-A413-C8F9BB9A7295
+ PayloadType
+ com.microsoft.wdav
+ PayloadOrganization
+ Microsoft
+ PayloadIdentifier
+ 99DBC2BC-3B3A-46A2-A413-C8F9BB9A7295
+ PayloadDisplayName
+ Microsoft Defender ATP configuration settings
+ PayloadDescription
+
+ PayloadVersion
+ 1
+ PayloadEnabled
+
+ antivirusEngine
+
+ enableRealTimeProtection
+
+ passiveMode
+
+ exclusions
+
+
+ $type
+ excludedPath
+ isDirectory
+
+ path
+ /var/log/system.log
+
+
+ $type
+ excludedPath
+ isDirectory
+
+ path
+ /home
+
+
+ $type
+ excludedFileExtension
+ extension
+ pdf
+
+
+ allowedThreats
+
+ eicar
+
+ threatTypeSettings
+
+
+ key
+ potentially_unwanted_application
+ value
+ block
+
+
+ key
+ archive_bomb
+ value
+ audit
+
+
+
+ cloudService
+
+ enabled
+
+ diagnosticLevel
+ optional
+ automaticSampleSubmission
+
+
+ userInterface
+
+ hideStatusMenuIcon
+
+
+
+
+
+
+```
+
## Configuration profile deployment
Once you've built the configuration profile for your enterprise, you can deploy it through the management console that your enterprise is using. The following sections provide instructions on how to deploy this profile using JAMF and Intune.
diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md
index 977d404c8d..0c56970e6f 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md
@@ -116,12 +116,16 @@ The following fields are collected:
| Field | Description |
| --------------------------------------------------- | ----------- |
| antivirus_engine.enable_real_time_protection | Whether real-time protection is enabled on the device or not. |
+| antivirus_engine.passive_mode | Whether passive mode is enabled on the device or not. |
| cloud_service.enabled | Whether cloud delivered protection is enabled on the device or not. |
| cloud_service.timeout | Time out when the application communicates with the Microsoft Defender ATP cloud. |
| cloud_service.heartbeat_interval | Interval between consecutive heartbeats sent by the product to the cloud. |
| cloud_service.service_uri | URI used to communicate with the cloud. |
| cloud_service.diagnostic_level | Diagnostic level of the device (required, optional). |
| cloud_service.automatic_sample_submission | Whether automatic sample submission is turned on or not. |
+| edr.early_preview | Whether the machine should run EDR early preview features. |
+| edr.group_id | Group identifier used by the detection and response component. |
+| edr.tags | User-defined tags. |
| features.\[optional feature name\] | List of preview features, along with whether they are enabled or not. |
#### Product and service performance data events
@@ -229,37 +233,44 @@ The following fields are collected:
| Field | Description |
| ------------------------------ | ----------- |
| pkt_ack_timeout | The following properties are aggregated numerical values, representing count of events that happened since kernel extension startup. |
-| pkt_ack_conn_timeout | |
-| ipc.ack_pkts | |
-| ipc.nack_pkts | |
-| ipc.send.ack_no_conn | |
-| ipc.send.nack_no_conn | |
-| ipc.send.ack_no_qsq | |
-| ipc.send.nack_no_qsq | |
-| ipc.ack.no_space | |
-| ipc.ack.timeout | |
-| ipc.ack.ackd_fast | |
-| ipc.ack.ackd | |
-| ipc.recv.bad_pkt_len | |
-| ipc.recv.bad_reply_len | |
-| ipc.recv.no_waiter | |
-| ipc.recv.copy_failed | |
-| ipc.kauth.vnode.mask | |
-| ipc.kauth.vnode.read | |
-| ipc.kauth.vnode.write | |
-| ipc.kauth.vnode.exec | |
-| ipc.kauth.vnode.del | |
-| ipc.kauth.vnode.read_attr | |
-| ipc.kauth.vnode.write_attr | |
-| ipc.kauth.vnode.read_ex_attr | |
-| ipc.kauth.vnode.write_ex_attr | |
-| ipc.kauth.vnode.read_sec | |
-| ipc.kauth.vnode.write_sec | |
-| ipc.kauth.vnode.take_own | |
-| ipc.kauth.vnode.denied | |
-| ipc.kauth.file_op.mask | |
-| ipc.kauth_file_op.open | |
-| ipc.kauth.file_op.close | |
+| pkt_ack_conn_timeout | |
+| ipc.ack_pkts | |
+| ipc.nack_pkts | |
+| ipc.send.ack_no_conn | |
+| ipc.send.nack_no_conn | |
+| ipc.send.ack_no_qsq | |
+| ipc.send.nack_no_qsq | |
+| ipc.ack.no_space | |
+| ipc.ack.timeout | |
+| ipc.ack.ackd_fast | |
+| ipc.ack.ackd | |
+| ipc.recv.bad_pkt_len | |
+| ipc.recv.bad_reply_len | |
+| ipc.recv.no_waiter | |
+| ipc.recv.copy_failed | |
+| ipc.kauth.vnode.mask | |
+| ipc.kauth.vnode.read | |
+| ipc.kauth.vnode.write | |
+| ipc.kauth.vnode.exec | |
+| ipc.kauth.vnode.del | |
+| ipc.kauth.vnode.read_attr | |
+| ipc.kauth.vnode.write_attr | |
+| ipc.kauth.vnode.read_ex_attr | |
+| ipc.kauth.vnode.write_ex_attr | |
+| ipc.kauth.vnode.read_sec | |
+| ipc.kauth.vnode.write_sec | |
+| ipc.kauth.vnode.take_own | |
+| ipc.kauth.vnode.denied | |
+| ipc.kauth.file_op.mask | |
+| ipc.kauth_file_op.open | |
+| ipc.kauth.file_op.close | |
+| ipc.kauth.file_op.close_modified | |
+| ipc.kauth.file_op.move | |
+| ipc.kauth.file_op.link | |
+| ipc.kauth.file_op.exec | |
+| ipc.kauth.file_op.remove | |
+| ipc.kauth.file_op.fork | |
+| ipc.kauth.file_op.create | |
## Resources
diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md
index dde9d19622..50267f26bb 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md
@@ -34,7 +34,7 @@ If you decide to deploy updates by using your software distribution tools, you s
## Use msupdate
-MAU includes a command line tool, called *msupdate*, that is designed for IT administrators so that they have more precise control over when updates are applied. Instructions for how to use this tool can be found in [Update Office for Mac by using msupdate](https://docs.microsoft.com/deployoffice/mac/update-office-for-mac-using-msupdate).
+MAU includes a command-line tool, called *msupdate*, that is designed for IT administrators so that they have more precise control over when updates are applied. Instructions for how to use this tool can be found in [Update Office for Mac by using msupdate](https://docs.microsoft.com/deployoffice/mac/update-office-for-mac-using-msupdate).
In MAU, the application identifier for Microsoft Defender ATP for Mac is *WDAV00*. To download and install the latest updates for Microsoft Defender ATP for Mac, execute the following command from a Terminal window:
@@ -86,6 +86,17 @@ Change how MAU searches for updates.
| **Possible values** | Manual
AutomaticCheck
AutomaticDownload |
| **Comment** | Note that AutomaticDownload will do a download and install silently if possible. |
+### Change whether the "Check for Updates" button is enabled
+
+Change whether local users will be able to click the "Check for Updates" option in the Microsoft AutoUpdate user interface.
+
+|||
+|:---|:---|
+| **Domain** | com.microsoft.autoupdate2 |
+| **Key** | EnableCheckForUpdatesButton |
+| **Data type** | Boolean |
+| **Possible values** | True (default)
False |
+
### Disable Insider checkbox
Set to true to make the "Join the Office Insider Program..." checkbox unavailable / greyed out to users.
@@ -116,6 +127,8 @@ The following configuration profile is used to:
- Enable the "Check for updates" button in the user interface
- Allow users on the device to enroll into the Insider channels
+### JAMF
+
```XML
@@ -135,6 +148,68 @@ The following configuration profile is used to:
```
+### Intune
+
+```XML
+
+
+
+
+ PayloadUUID
+ B762FF60-6ACB-4A72-9E72-459D00C936F3
+ PayloadType
+ Configuration
+ PayloadOrganization
+ Microsoft
+ PayloadIdentifier
+ com.microsoft.autoupdate2
+ PayloadDisplayName
+ Microsoft AutoUpdate settings
+ PayloadDescription
+ Microsoft AutoUpdate configuration settings
+ PayloadVersion
+ 1
+ PayloadEnabled
+
+ PayloadRemovalDisallowed
+
+ PayloadScope
+ System
+ PayloadContent
+
+
+ PayloadUUID
+ 5A6F350A-CC2C-440B-A074-68E3F34EBAE9
+ PayloadType
+ com.microsoft.autoupdate2
+ PayloadOrganization
+ Microsoft
+ PayloadIdentifier
+ com.microsoft.autoupdate2
+ PayloadDisplayName
+ Microsoft AutoUpdate configuration settings
+ PayloadDescription
+
+ PayloadVersion
+ 1
+ PayloadEnabled
+
+ ChannelName
+ InsiderFast
+ HowToCheck
+ AutomaticDownload
+ EnableCheckForUpdatesButton
+
+ DisableInsiderCheckbox
+
+ SendAllTelemetryEnabled
+
+
+
+
+
+```
+
To configure MAU, you can deploy this configuration profile from the management tool that your enterprise is using:
- From JAMF, upload this configuration profile and set the Preference Domain to *com.microsoft.autoupdate2*.
- From Intune, upload this configuration profile and set the custom configuration profile name to *com.microsoft.autoupdate2*.
diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-whatsnew.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-whatsnew.md
new file mode 100644
index 0000000000..8fb33dfa72
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-whatsnew.md
@@ -0,0 +1,26 @@
+---
+title: Microsoft Defender ATP for Mac What's New
+ms.reviewer:
+description: List of major changes for Microsoft Defender ATP for Mac.
+keywords: microsoft, defender, atp, mac, installation, macos, whatsnew
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: security
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dansimp
+author: dansimp
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance
+ms.topic: conceptual
+---
+
+# What's new in Microsoft Defender Advanced Threat Protection for Mac
+
+## 100.65.28
+
+- Added support for macOS Catalina
+- Performance improvements
diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md
index 8fe52e371e..7c18dc31d2 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md
@@ -27,7 +27,7 @@ This topic describes how to install, configure, update, and use Microsoft Defend
## What’s new in the latest release
-Since the announcement of the public preview, Microsoft has been working non-stop to enhance the product, by listening to customer feedback. We've added management features and more granular controls for diagnostic data collection, refined the user experience, and fixed bugs.
+[What's new](microsoft-defender-atp-mac-whatsnew.md)
If you have any feedback that you would like to share, submit it by opening Microsoft Defender ATP for Mac on your device and navigating to **Help** > **Send feedback**.
diff --git a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
index 02469ed7c3..5ba3f228c0 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
@@ -70,7 +70,9 @@ If you are a home user, or you are not subject to settings managed by a security
## Turn Tamper Protection on (or off) for your organization with Intune
-If you are part of your organization's security team, the ability to turn Tamper Protection on (or off) for your organization in the Microsoft 365 Device Management portal (Intune) is now in preview.
+If you are part of your organization's security team, the ability to turn Tamper Protection on (or off) for your organization in the Microsoft 365 Device Management portal (Intune) is now in preview. "In preview" means this feature is rolling out to business customers who have [Microsoft Defender ATP](../microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md) and who have agreed to participate in the preview program. As a preview feature, the following applies:
+
+*Some information in this section relates to prereleased product that might be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.*
You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-access.md), such as global admin, security admin, or security operations, to perform the following task.
@@ -114,7 +116,7 @@ Tamper Protection will not have any impact on such devices.
### How can I turn Tamper Protection on/off?
-If you are home user, see [Turn Tamper Protection on (or off) for an individual machine](#turn-tamper-protection-on-or-off-for-an-individual-machine).
+If you are a home user, see [Turn Tamper Protection on (or off) for an individual machine](#turn-tamper-protection-on-or-off-for-an-individual-machine).
If you are an organization using [Microsoft Defender Advanced Threat Protection E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp), you should be able to manage Tamper Protection in Intune similar to how you manage other endpoint protection features. See [Turn Tamper Protection on (or off) for your organization with Intune](#turn-tamper-protection-on-or-off-for-your-organization-with-intune).
diff --git a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
index 44eb90d185..5553e762b8 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
@@ -34,7 +34,7 @@ To take advantage of the power and speed of these next-gen technologies, Windows
With cloud-delivered protection, next-gen technologies provide rapid identification of new threats, sometimes even before a single machine is infected. Watch the following video about Microsoft AI and Windows Defender Antivirus in action:
+src="https://www.microsoft.com/videoplayer/embed/RE1Yu4B" width="768" height="432" allowFullScreen="true" frameBorder="0" scrolling="no">
To understand how next-gen technologies shorten protection delivery time through the cloud, watch the following video:
diff --git a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md
index def6571abc..f4224a60a4 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md
@@ -11,35 +11,28 @@ ms.pagetype: security
ms.localizationpriority: medium
author: dansimp
ms.author: dansimp
+ms.date: 06/11/2019
ms.reviewer:
manager: dansimp
---
-# Windows Defender Antivirus
+# Next Generation Protection in Windows 10 and Windows Server 2016
**Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-Windows Defender Antivirus is a built-in antimalware solution that provides next generation protection for desktops, portable computers, and servers.
+Next-gen protection provides enhanced safety, alongside more traditional security measures. Next-gen services use machine learning and the cloud to keep all devices on your enterprise network safe.
-Windows Defender Antivirus includes:
-- [Cloud-delivered protection](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for near-instant detection and blocking of new and emerging threats. Along with machine learning and the Intelligent Security Graph, cloud-delivered protection is part of the next-gen technologies that power Windows Defender Antivirus.
-- [Always-on scanning](configure-real-time-protection-windows-defender-antivirus.md), using advanced file and process behavior monitoring and other heuristics (also known as "real-time protection")
-- [Dedicated protection updates](manage-updates-baselines-windows-defender-antivirus.md) based on machine-learning, human and automated big-data analysis, and in-depth threat resistance research
+Next-gen protection services include:
-Windows Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
-
-
-You can configure and manage Windows Defender Antivirus with:
-- System Center Configuration Manager (as System Center Endpoint Protection, or SCEP)
-- Microsoft Intune
-- PowerShell
-- Windows Management Instrumentation (WMI)
-- Group Policy
+- [Always-on scanning](configure-real-time-protection-windows-defender-antivirus.md), also known as "real-time protection", for advanced file and process behavior monitoring
+- [Cloud-based delivery](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for near-instant detection and blocking of new and emerging threats
+- [Dedicated protection updates](manage-updates-baselines-windows-defender-antivirus.md) powered by machine-learning, big-data analysis, and in-depth threat resistance research
>[!TIP]
>You can visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working and see how they work:
+>
>- Cloud-delivered protection
>- Fast learning (including Block at first sight)
>- Potentially unwanted application blocking
@@ -50,11 +43,24 @@ You can configure and manage Windows Defender Antivirus with:
## Minimum system requirements
-Windows Defender AV has the same hardware requirements as Windows 10. For more information, see:
-- [Minimum hardware requirements](https://msdn.microsoft.com/library/windows/hardware/dn915086.aspx)
-- [Hardware component guidelines](https://msdn.microsoft.com/library/windows/hardware/dn915049.aspx)
+Windows Defender Antivirus is our main vehicle for next-gen protection.
-Functionality, configuration, and management is largely the same when using Windows Defender AV on Windows Server 2016; however, [there are some differences](windows-defender-antivirus-on-windows-server-2016.md).
+It has the same hardware requirements as Windows 10. For more information, see:
+
+- [Minimum hardware requirements](https://msdn.microsoft.com/library/windows/hardware/dn915086.aspx)
+- [Hardware component guidelines](https://msdn.microsoft.com/library/windows/hardware/dn915049.aspx)
+
+## Configuring next-gen services
+
+You can use the following to configure and manage next-gen services in Windows 10, while running Windows Defender Antivirus:
+
+- System Center Configuration Manager (as System Center Endpoint Protection, or SCEP)
+- Microsoft Intune
+- PowerShell
+- Windows Management Instrumentation (WMI)
+- Group Policy
+
+Configuration and management is largely the same in Windows Server 2016, while running Windows Defender Antivirus; however, [there are some differences](windows-defender-antivirus-on-windows-server-2016.md).
>[!TIP]
>You can visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working and see how they work:
@@ -64,13 +70,10 @@ Functionality, configuration, and management is largely the same when using Wind
## Related topics
-- [Windows Defender AV in the Windows Security app](windows-defender-security-center-antivirus.md)
-- [Windows Defender AV on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md)
-- [Windows Defender AV compatibility](windows-defender-antivirus-compatibility.md)
-- [Evaluate Windows Defender AV protection](evaluate-windows-defender-antivirus.md)
-- [Deploy, manage updates, and report on Windows Defender AV](deploy-manage-report-windows-defender-antivirus.md)
-- [Configure Windows Defender AV features](configure-windows-defender-antivirus-features.md)
-- [Customize, initiate, and review the results of scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
-- [Review event logs and error codes to troubleshoot issues](troubleshoot-windows-defender-antivirus.md)
-- [Reference topics for management and configuration tools](configuration-management-reference-windows-defender-antivirus.md)
-
+- [Full version history for Microsoft Defender Advanced Threat Protection](../microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md)
+- [Windows Defender Antivirus management and configuration](configuration-management-reference-windows-defender-antivirus.md)
+- [Evaluate Windows Defender Antivirus protection](evaluate-windows-defender-antivirus.md)
+- [Enable cloud protection](enable-cloud-protection-windows-defender-antivirus.md)
+- [Configure real-time protection](configure-real-time-protection-windows-defender-antivirus.md)
+- [Configure cloud block at first sight](configure-block-at-first-sight-windows-defender-antivirus.md)
+- [Create and deploy cloud-protected antimalware policies](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016.md b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016.md
index dfac2bdc61..5af8d81560 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
-author: dansimp
-ms.author: dansimp
-ms.date: 09/03/2018
+author: denisebmsft
+ms.author: deniseb
+ms.date: 09/10/2019
ms.reviewer:
manager: dansimp
---
@@ -31,17 +31,16 @@ While the functionality, configuration, and management is largely the same for W
This topic includes the following instructions for setting up and running Windows Defender AV on a server platform:
-- [Enable the interface](#BKMK_UsingDef)
+- [Enable the interface](#enable-or-disable-the-interface-on-windows-server-2016)
-- [Verify Windows Defender AV is running](#BKMK_DefRun)
+- [Verify Windows Defender AV is running](#verify-windows-defender-is-running)
-- [Update antimalware Security intelligence](#BKMK_UpdateDef)
+- [Update antimalware Security intelligence](#update-antimalware-security-intelligence)
-- [Submit Samples](#BKMK_DefSamples)
+- [Submit Samples](#submit-samples)
-- [Configure automatic exclusions](#BKMK_DefExclusions)
+- [Configure automatic exclusions](#configure-automatic-exclusions)
-
## Enable or disable the interface on Windows Server 2016
By default, Windows Defender AV is installed and functional on Windows Server 2016. The user interface is installed by default on some SKUs, but is not required.
@@ -76,7 +75,7 @@ Uninstall-WindowsFeature -Name Windows-Defender-GUI
You can also uninstall Windows Defender AV completely with the **Remove Roles and Features Wizard** by deselecting the **Windows Defender Features** option at the **Features** step in the wizard.
-This is useful if you have a third-party antivirus product installed on the machine already. Multiple AV products can cause problems when installed and actively running on the same machine. See the question "Should I run Microsoft security software at the same time as other security products?" on the [Windows Defender Security Intelligence Antivirus and antimalware software FAQ](https://www.microsoft.com/en-us/wdsi/help/antimalware-faq#multiple-products).
+This is useful if you have a third-party antivirus product installed on the machine already. Multiple AV products can cause problems when installed and actively running on the same machine. See the question "Should I run Microsoft security software at the same time as other security products?" on the [Windows Defender Security Intelligence Antivirus and antimalware software FAQ](https://www.microsoft.com/wdsi/help/antimalware-faq#multiple-products).
>[!NOTE]
>Deselecting **Windows Defender** on its own under the **Windows Defender Features** section will automatically prompt you to remove the interface option **GUI for Windows Defender**.
@@ -87,7 +86,7 @@ This is useful if you have a third-party antivirus product installed on the mach
The following PowerShell cmdlet will also uninstall Windows Defender AV on Windows Server 2016:
-```PS
+```PowerShell
Uninstall-WindowsFeature -Name Windows-Defender
```
@@ -95,7 +94,7 @@ To install Windows Defender AV again, use the **Add Roles and Features Wizard**
You can also use the following PowerShell cmdlet to install Windows Defender AV:
-```PS
+```PowerShell
Install-WindowsFeature -Name Windows-Defender
```
@@ -103,9 +102,21 @@ Install-WindowsFeature -Name Windows-Defender
> Event messages for the antimalware engine included with Windows Defender AV can be found in [Windows Defender AV Events](troubleshoot-windows-defender-antivirus.md).
-
## Verify Windows Defender is running
-To verify that Windows Defender AV is running on the server, run the following command from a command prompt:
+
+To verify that Windows Defender AV is running on the server, run the following PowerShell cmdlet:
+
+```PowerShell
+Get-Service -Name windefend
+```
+
+To verify that firewall protection through Windows Defender is turned on, run the following PowerShell cmdlet:
+
+```PowerShell
+Get-Service -Name mpssvc
+```
+
+As an alternative to PowerShell, you can use Command Prompt to verify that Windows Defender AV is running. To do that, run the following command from a command prompt:
```DOS
sc query Windefend
@@ -113,8 +124,8 @@ sc query Windefend
The `sc query` command returns information about the Windows Defender service. If Windows Defender is running, the `STATE` value displays `RUNNING`.
-
## Update antimalware Security intelligence
+
In order to get updated antimalware Security intelligence , you must have the Windows Update service running. If you use an update management service, like Windows Server Update Services (WSUS), make sure that updates for Windows Defender Antivirus Security intelligence are approved for the computers you manage.
By default, Windows Update does not download and install updates automatically on Windows Server 2016. You can change this configuration by using one of the following methods:
@@ -148,37 +159,34 @@ The following table lists the services for Windows Defender and the dependent se
|Windows Defender Firewall (MpsSvc)|C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork|We recommend leaving the Windows Defender Firewall service enabled.|
|Windows Update (Wuauserv)|C:\WINDOWS\system32\svchost.exe -k netsvcs|Windows Update is needed to get Security intelligence updates and antimalware engine updates|
-
-
-
## Submit Samples
+
Sample submission allows Microsoft to collect samples of potentially malicious software. To help provide continued and up-to-date protection, Microsoft researchers use these samples to analyze suspicious activities and produce updated antimalware Security intelligence.
We collect program executable files, such as .exe files and .dll files. We do not collect files that contain personal data, like Microsoft Word documents and PDF files.
### Enable automatic sample submission
-- To enable automatic sample submission, start a Windows PowerShell console as an administrator, and set the **SubmitSamplesConsent** value data according to one of the following settings:
+To enable automatic sample submission, start a Windows PowerShell console as an administrator, and set the **SubmitSamplesConsent** value data according to one of the following settings:
- - **0** Always prompt. The Windows Defender service prompts you to confirm submission of all required files. This is the default setting for Windows Defender, but is not recommended for Windows Server 2016 installations without a GUI.
+- **0** Always prompt. The Windows Defender service prompts you to confirm submission of all required files. This is the default setting for Windows Defender, but is not recommended for Windows Server 2016 installations without a GUI.
- - **1** Send safe samples automatically. The Windows Defender service sends all files marked as "safe" and prompts for the remainder of the files.
+- **1** Send safe samples automatically. The Windows Defender service sends all files marked as "safe" and prompts for the remainder of the files.
- - **2** Never send. The Windows Defender service does not prompt and does not send any files.
+- **2** Never send. The Windows Defender service does not prompt and does not send any files.
- - **3** Send all samples automatically. The Windows Defender service sends all files without a prompt for confirmation.
+- **3** Send all samples automatically. The Windows Defender service sends all files without a prompt for confirmation.
-
## Configure automatic exclusions
+
To help ensure security and performance, certain exclusions are automatically added based on the roles and features you install when using Windows Defender AV on Server 2016.
See the [Configure exclusions in Windows Defender AV on Windows Server](configure-server-exclusions-windows-defender-antivirus.md) topic for more information.
-
-
## Related topics
- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
+
- [Configure exclusions in Windows Defender AV on Windows Server](configure-server-exclusions-windows-defender-antivirus.md)
diff --git a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
index 8fb9a6ccaf..fbad450704 100644
--- a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
+++ b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
@@ -116,7 +116,7 @@ If the app you intend to block is not installed on the system you are using the
3. Copy the GUID in the URL for the app
- Example: the GUID for the Microsoft To-Do app is 9nblggh5r558
- - https://www.microsoft.com/en-us/p/microsoft-to-do-list-task-reminder/9nblggh5r558?activetab=pivot:overviewtab
+ - https://www.microsoft.com/p/microsoft-to-do-list-task-reminder/9nblggh5r558?activetab=pivot:overviewtab
4. Use the GUID in the following REST query URL to retrieve the identifiers for the app
- Example: for the Microsoft To-Do app, the URL would be https://bspmts.mp.microsoft.com/v1/public/catalog/Retail/Products/9nblggh5r558/applockerdata
- The URL will return:
diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
index 6f92fd0056..8aae066fd4 100644
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
@@ -1,6 +1,6 @@
---
title: Microsoft recommended block rules (Windows 10)
-description: To help you plan and begin the initial test stages of a deployment of Microsoft Windows Defender Application Comntrol, this article outlines how to gather information, create a plan, and begin to create and test initial code integrity policies.
+description: To help you plan and begin the initial test stages of a deployment of Microsoft Windows Defender Application Control, this article outlines how to gather information, create a plan, and begin to create and test initial code integrity policies.
keywords: virtualization, security, malware
ms.prod: w10
ms.mktglfcycl: deploy
diff --git a/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md
index c129bb0353..d79135d66a 100644
--- a/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md
+++ b/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md
@@ -33,9 +33,17 @@ These settings, located at **Computer Configuration\Administrative Templates\Net
|Policy name|Supported versions|Description|
|-----------|------------------|-----------|
|Private network ranges for apps|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of IP address ranges that are in your corporate network. Included endpoints or endpoints that are included within a specified IP address range, are rendered using Microsoft Edge and won't be accessible from the Application Guard environment.|
-|Enterprise resource domains hosted in the cloud|At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (\|) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment. Notes: 1) If you want to specify a complete domain, include a full domain name (for example "**contoso.com**") in the configuration. 2) You may optionally use "." as a previous wildcard character to automatically trust all subdomains (when there is more than one subdomain). Configuring "**.constoso.com**" will automatically trust "**subdomain1.contoso.com**", "**subdomain2.contoso.com**", etc. 3) To trust a subdomain, precede your domain with two dots, for example "**..contoso.com**". |
-|Domains categorized as both work and personal|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and will be accessible from the Application Guard and regular Edge environment.|
-
+|Enterprise resource domains hosted in the cloud|At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (\|) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment. Note: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.|
+|Domains categorized as both work and personal|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and will be accessible from the Application Guard and regular Edge environment. Note: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.|
+
+## Network isolation settings wildcards
+
+|Value|Number of dots to the left|Meaning|
+|-----|--------------------------|-------|
+|contoso.com|0|Trust only the literal value of **contoso.com**.|
+|www.contoso.com|0|Trust only the literal value of **www.contoso.com**.|
+|.contoso.com|1|Trust any domain that ends with the text **contoso.com**. Matching sites include **spearphishingcontoso.com**, **contoso.com**, and **www.contoso.com**.|
+|..contoso.com|2|Trust all levels of the domain hierarchy that are to the left of the dot. Matching sites include **shop.contoso.com**, **us.shop.contoso.com**, **www.us.shop.contoso.com**, but NOT **contoso.com** itself.|
## Application-specific settings
These settings, located at **Computer Configuration\Administrative Templates\Windows Components\Windows Defender Application Guard**, can help you to manage your company's implementation of Application Guard.
diff --git a/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md b/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md
index 00c7bfddf4..7e4be68ec5 100644
--- a/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md
+++ b/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md
@@ -37,17 +37,6 @@ Application Guard has been created to target several types of systems:
- **Personal devices.** These personally-owned desktops or mobile laptops are not domain-joined or managed by an organization. The user is an admin on the device and uses a high-bandwidth wireless personal network while at home or a comparable public network while outside.
-## Frequently Asked Questions
-
-Please see [Frequently asked questions - Windows Defender Application Guard](faq-wd-app-guard.md) for common user-submitted questions.
-
-| | |
-|--------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| **Q:** | Are there differences between using Application Guard on Windows Pro vs Windows Enterprise? |
-| **A:** | When using Windows Pro and Windows Enterprise, you will have access to using Application Guard's Standalone Mode. However, when using Enterprise you will have access to Application Guard's Enterprise-Managed Mode. This mode has some extra features that the Standalone Mode does not. For more information, see [Prepare to install Windows Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard). |
-
-
-
## Related topics
|Topic |Description |
@@ -55,5 +44,5 @@ Please see [Frequently asked questions - Windows Defender Application Guard](faq
|[System requirements for Windows Defender Application Guard](reqs-wd-app-guard.md) |Specifies the pre-requisites necessary to install and use Application Guard.|
|[Prepare and install Windows Defender Application Guard](install-wd-app-guard.md) |Provides instructions about determining which mode to use, either Standalone or Enterprise-managed, and how to install Application Guard in your organization.|
|[Configure the Group Policy settings for Windows Defender Application Guard](configure-wd-app-guard.md) |Provides info about the available Group Policy and MDM settings.|
-|[Testing scenarios using Windows Defender Application Guard in your business or organization](test-scenarios-wd-app-guard.md)|Provides a list of suggested testing scenarios that you can use to test Windows Defender Application Guard (Application Guard) in your organization.|
-
+|[Testing scenarios using Windows Defender Application Guard in your business or organization](test-scenarios-wd-app-guard.md)|Provides a list of suggested testing scenarios that you can use to test Application Guard in your organization.|
+|[Frequently asked questions - Windows Defender Application Guard](faq-wd-app-guard.md)|Provides answers to frequently asked questions about Application Guard features, integration with the Windows operating system, and general configuration.|
\ No newline at end of file
diff --git a/windows/security/threat-protection/windows-platform-common-criteria.md b/windows/security/threat-protection/windows-platform-common-criteria.md
index 149ba35f1d..f2d8e10f0a 100644
--- a/windows/security/threat-protection/windows-platform-common-criteria.md
+++ b/windows/security/threat-protection/windows-platform-common-criteria.md
@@ -4,7 +4,7 @@ description: This topic details how Microsoft supports the Common Criteria certi
ms.prod: w10
audience: ITPro
author: dulcemontemayor
-ms.author: dolmont
+ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
diff --git a/windows/security/threat-protection/windows-security-baselines.md b/windows/security/threat-protection/windows-security-baselines.md
index 9a3a439e54..e59d8d582b 100644
--- a/windows/security/threat-protection/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-baselines.md
@@ -5,7 +5,7 @@ keywords: virtualization, security, malware
ms.prod: w10
ms.mktglfcycl: deploy
ms.localizationpriority: medium
-ms.author: dolmont
+ms.author: dansimp
author: dulcemontemayor
manager: dansimp
audience: ITPro
diff --git a/windows/whats-new/get-started-with-1709.md b/windows/whats-new/get-started-with-1709.md
index 6dc2400981..b7879030be 100644
--- a/windows/whats-new/get-started-with-1709.md
+++ b/windows/whats-new/get-started-with-1709.md
@@ -38,7 +38,7 @@ To view availability dates and servicing options for each version and update of
## Windows 10 Roadmap
-If you'd like to gain some insight into preview, or in-development features, visit the [Windows 10 Roadmap](https://www.microsoft.com/en-us/WindowsForBusiness/windows-roadmap) page. You'll be able to filter by feature state and product category, to make this information easier to navigate.
+If you'd like to gain some insight into preview, or in-development features, visit the [Windows 10 Roadmap](https://www.microsoft.com/WindowsForBusiness/windows-roadmap) page. You'll be able to filter by feature state and product category, to make this information easier to navigate.
## Top support solutions for Windows 10
diff --git a/windows/whats-new/index.md b/windows/whats-new/index.md
index 27d454fa86..b4809b546b 100644
--- a/windows/whats-new/index.md
+++ b/windows/whats-new/index.md
@@ -1,38 +1,40 @@
----
-title: What's new in Windows 10 (Windows 10)
-description: Learn about new features in Windows 10 for IT professionals, such as Windows Information Protection, Windows Hello, Device Guard, and more.
-ms.assetid: F1867017-76A1-4761-A200-7450B96AEF44
-keywords: ["What's new in Windows 10", "Windows 10"]
-ms.prod: w10
-audience: itpro
author: greg-lindsay
-manager: laurawi
-ms.localizationpriority: high
-ms.topic: article
----
-
-# What's new in Windows 10
-
-Windows 10 provides IT professionals with advanced protection against modern security threats and comprehensive management and control over devices and apps, as well as flexible deployment, update, and support options. Learn about new features in Windows 10 for IT professionals, such as Windows Information Protection, Windows Hello, Device Guard, and more.
-
-## In this section
-
-- [What's new in Windows 10, version 1903](whats-new-windows-10-version-1903.md)
-- [What's new in Windows 10, version 1809](whats-new-windows-10-version-1809.md)
-- [What's new in Windows 10, version 1803](whats-new-windows-10-version-1803.md)
-- [What's new in Windows 10, version 1709](whats-new-windows-10-version-1709.md)
-- [What's new in Windows 10, version 1703](whats-new-windows-10-version-1703.md)
-- [What's new in Windows 10, version 1607](whats-new-windows-10-version-1607.md)
-- [What's new in Windows 10, versions 1507 and 1511](whats-new-windows-10-version-1507-and-1511.md)
-
-## Learn more
-
-- [Windows 10 release information](https://technet.microsoft.com/windows/release-info)
-- [Windows 10 update history](https://support.microsoft.com/help/12387/windows-10-update-history)
-- [Windows 10 content from Microsoft Ignite](https://go.microsoft.com/fwlink/p/?LinkId=613210)
-- [Compare Windows 10 Editions](https://go.microsoft.com/fwlink/p/?LinkId=690485)
-
-## See also
-
-[Windows 10 Enterprise LTSC](ltsc/index.md)
-[Edit an existing topic using the Edit link](contribute-to-a-topic.md)
-
+---
+title: What's new in Windows 10 (Windows 10)
+description: Learn about new features in Windows 10 for IT professionals, such as Windows Information Protection, Windows Hello, Device Guard, and more.
+ms.assetid: F1867017-76A1-4761-A200-7450B96AEF44
+keywords: ["What's new in Windows 10", "Windows 10"]
+ms.prod: w10
+audience: itpro
+author: greg-lindsay
+ms.author: greglin
+manager: laurawi
+ms.localizationpriority: high
+ms.topic: article
+---
+
+# What's new in Windows 10
+
+Windows 10 provides IT professionals with advanced protection against modern security threats and comprehensive management and control over devices and apps, as well as flexible deployment, update, and support options. Learn about new features in Windows 10 for IT professionals, such as Windows Information Protection, Windows Hello, Device Guard, and more.
+
+## In this section
+
+- [What's new in Windows 10, version 1903](whats-new-windows-10-version-1903.md)
+- [What's new in Windows 10, version 1809](whats-new-windows-10-version-1809.md)
+- [What's new in Windows 10, version 1803](whats-new-windows-10-version-1803.md)
+- [What's new in Windows 10, version 1709](whats-new-windows-10-version-1709.md)
+- [What's new in Windows 10, version 1703](whats-new-windows-10-version-1703.md)
+- [What's new in Windows 10, version 1607](whats-new-windows-10-version-1607.md)
+- [What's new in Windows 10, versions 1507 and 1511](whats-new-windows-10-version-1507-and-1511.md)
+
+## Learn more
+
+- [Windows 10 release information](https://technet.microsoft.com/windows/release-info)
+- [Windows 10 update history](https://support.microsoft.com/help/12387/windows-10-update-history)
+- [Windows 10 content from Microsoft Ignite](https://go.microsoft.com/fwlink/p/?LinkId=613210)
+- [Compare Windows 10 Editions](https://go.microsoft.com/fwlink/p/?LinkId=690485)
+
+## See also
+
+[Windows 10 Enterprise LTSC](ltsc/index.md)
+[Edit an existing topic using the Edit link](contribute-to-a-topic.md)
+
diff --git a/windows/whats-new/ltsc/index.md b/windows/whats-new/ltsc/index.md
index fa6b259b1c..b1464088fc 100644
--- a/windows/whats-new/ltsc/index.md
+++ b/windows/whats-new/ltsc/index.md
@@ -1,50 +1,52 @@
----
-title: Windows 10 Enterprise LTSC
-description: New and updated IT Pro content about new features in Windows 10, LTSC (also known as Windows 10 LTSB).
-keywords: ["What's new in Windows 10", "Windows 10", "Windows 10 LTSC", "Windows 10 LTSB"]
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-manager: laurawi
-ms.localizationpriority: low
-ms.topic: article
----
-
-# Windows 10 Enterprise LTSC
-
-**Applies to**
-- Windows 10 Enterprise LTSC
-
-## In this topic
-
-This topic provides links to articles with information about what's new in each release of Windows 10 Enterprise LTSC, and includes a short description of this servicing channel.
-
-[What's New in Windows 10 Enterprise 2019 LTSC](whats-new-windows-10-2019.md)
-[What's New in Windows 10 Enterprise 2016 LTSC](whats-new-windows-10-2016.md)
-[What's New in Windows 10 Enterprise 2015 LTSC](whats-new-windows-10-2015.md)
-
-## The Long Term Servicing Channel (LTSC)
-
-The following table summarizes equivalent feature update versions of Windows 10 LTSC and semi-annual channel (SAC) releases.
-
-| LTSC release | Equivalent SAC release | Availability date |
-| --- | --- | --- |
-| Windows 10 Enterprise 2015 LTSC | Windows 10, Version 1507 | 7/29/2015 |
-| Windows 10 Enterprise 2016 LTSC | Windows 10, Version 1607 | 8/2/2016 |
-| Windows 10 Enterprise 2019 LTSC | Windows 10, Version 1809 | 11/13/2018 |
-
->[!NOTE]
->The Long Term Servicing Channel was previously called the Long Term Servicing Branch (LTSB). All references to LTSB are changed in this article to LTSC for consistency, even though the name of previous versions might still be displayed as LTSB.
-
-With the LTSC servicing model, customers can delay receiving feature updates and instead only receive monthly quality updates on devices. Features from Windows 10 that could be updated with new functionality, including Cortana, Edge, and all in-box Universal Windows apps, are also not included. Feature updates are offered in new LTSC releases every 2–3 years instead of every 6 months, and organizations can choose to install them as in-place upgrades or even skip releases over a 10-year life cycle. Microsoft is committed to providing bug fixes and security patches for each LTSC release during this 10 year period.
-
->[!IMPORTANT]
->The Long Term Servicing Channel is not intended for deployment on most or all the PCs in an organization. The LTSC edition of Windows 10 provides customers with access to a deployment option for their special-purpose devices and environments. These devices typically perform a single important task and don’t need feature updates as frequently as other devices in the organization. These devices are also typically not heavily dependent on support from external apps and tools. Since the feature set for LTSC does not change for the lifetime of the release, over time there might be some external tools that do not continue to provide legacy support. See [LTSC: What is it, and when it should be used](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/LTSC-What-is-it-and-when-should-it-be-used/ba-p/293181).
-
-For detailed information about Windows 10 servicing, see [Overview of Windows as a service](/windows/deployment/update/waas-overview).
-
-## See Also
-
-[What's New in Windows 10](https://docs.microsoft.com/windows/whats-new/): See what’s new in other versions of Windows 10.
-[Windows 10 - Release information](https://docs.microsoft.com/windows/windows-10/release-information): Windows 10 current versions by servicing option.
+---
+title: Windows 10 Enterprise LTSC
+description: New and updated IT Pro content about new features in Windows 10, LTSC (also known as Windows 10 LTSB).
+keywords: ["What's new in Windows 10", "Windows 10", "Windows 10 LTSC", "Windows 10 LTSB"]
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.author: greglin
+manager: laurawi
+ms.localizationpriority: low
+ms.topic: article
+---
+
+# Windows 10 Enterprise LTSC
+
+**Applies to**
+- Windows 10 Enterprise LTSC
+
+## In this topic
+
+This topic provides links to articles with information about what's new in each release of Windows 10 Enterprise LTSC, and includes a short description of this servicing channel.
+
+[What's New in Windows 10 Enterprise 2019 LTSC](whats-new-windows-10-2019.md)
+[What's New in Windows 10 Enterprise 2016 LTSC](whats-new-windows-10-2016.md)
+[What's New in Windows 10 Enterprise 2015 LTSC](whats-new-windows-10-2015.md)
+
+## The Long Term Servicing Channel (LTSC)
+
+The following table summarizes equivalent feature update versions of Windows 10 LTSC and semi-annual channel (SAC) releases.
+
+| LTSC release | Equivalent SAC release | Availability date |
+| --- | --- | --- |
+| Windows 10 Enterprise 2015 LTSC | Windows 10, Version 1507 | 7/29/2015 |
+| Windows 10 Enterprise 2016 LTSC | Windows 10, Version 1607 | 8/2/2016 |
+| Windows 10 Enterprise 2019 LTSC | Windows 10, Version 1809 | 11/13/2018 |
+
+>[!NOTE]
+>The Long Term Servicing Channel was previously called the Long Term Servicing Branch (LTSB). All references to LTSB are changed in this article to LTSC for consistency, even though the name of previous versions might still be displayed as LTSB.
+
+With the LTSC servicing model, customers can delay receiving feature updates and instead only receive monthly quality updates on devices. Features from Windows 10 that could be updated with new functionality, including Cortana, Edge, and all in-box Universal Windows apps, are also not included. Feature updates are offered in new LTSC releases every 2–3 years instead of every 6 months, and organizations can choose to install them as in-place upgrades or even skip releases over a 10-year life cycle. Microsoft is committed to providing bug fixes and security patches for each LTSC release during this 10 year period.
+
+>[!IMPORTANT]
+>The Long Term Servicing Channel is not intended for deployment on most or all the PCs in an organization. The LTSC edition of Windows 10 provides customers with access to a deployment option for their special-purpose devices and environments. These devices typically perform a single important task and don’t need feature updates as frequently as other devices in the organization. These devices are also typically not heavily dependent on support from external apps and tools. Since the feature set for LTSC does not change for the lifetime of the release, over time there might be some external tools that do not continue to provide legacy support. See [LTSC: What is it, and when it should be used](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/LTSC-What-is-it-and-when-should-it-be-used/ba-p/293181).
+
+For detailed information about Windows 10 servicing, see [Overview of Windows as a service](/windows/deployment/update/waas-overview).
+
+## See Also
+
+[What's New in Windows 10](https://docs.microsoft.com/windows/whats-new/): See what’s new in other versions of Windows 10.
+[Windows 10 - Release information](https://docs.microsoft.com/windows/windows-10/release-information): Windows 10 current versions by servicing option.
diff --git a/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md b/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md
index cfc863d9b5..d4aae3c31c 100644
--- a/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md
+++ b/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md
@@ -3,14 +3,13 @@ title: What's new in Windows 10, versions 1507 and 1511 (Windows 10)
description: This topic lists new and updated topics in the What's new in Windows 10 documentation for Windows 10 and Windows 10 Mobile.
ms.assetid: 75F285B0-09BE-4821-9B42-37B9BE54CEC6
ms.reviewer:
-manager: dansimp
-ms.author: dansimp
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
-author: dansimp
+author: greg-lindsay
+manager: laurawi
+ms.author: greglin
ms.localizationpriority: high
-ms.date: 10/16/2017
ms.topic: article
---
diff --git a/windows/whats-new/whats-new-windows-10-version-1607.md b/windows/whats-new/whats-new-windows-10-version-1607.md
index a77ae7c354..4a42f3e98b 100644
--- a/windows/whats-new/whats-new-windows-10-version-1607.md
+++ b/windows/whats-new/whats-new-windows-10-version-1607.md
@@ -5,12 +5,11 @@ keywords: ["What's new in Windows 10", "Windows 10", "anniversary update"]
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
-author: dansimp
ms.localizationpriority: high
-ms.date: 10/16/2017
ms.reviewer:
-manager: dansimp
-ms.author: dansimp
+author: greg-lindsay
+manager: laurawi
+ms.author: greglin
ms.topic: article
---
diff --git a/windows/whats-new/whats-new-windows-10-version-1703.md b/windows/whats-new/whats-new-windows-10-version-1703.md
index 0e1be04497..71c7f06847 100644
--- a/windows/whats-new/whats-new-windows-10-version-1703.md
+++ b/windows/whats-new/whats-new-windows-10-version-1703.md
@@ -5,13 +5,12 @@ keywords: ["What's new in Windows 10", "Windows 10", "creators update"]
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
-author: dansimp
ms.localizationpriority: high
ms.assetid: dca7c655-c4f6-45f8-aa02-64187b202617
ms.reviewer:
-manager: dansimp
-ms.author: dansimp
-ms.date: 10/16/2017
+author: greg-lindsay
+manager: laurawi
+ms.author: greglin
ms.topic: article
---
diff --git a/windows/whats-new/whats-new-windows-10-version-1709.md b/windows/whats-new/whats-new-windows-10-version-1709.md
index a1ba0c02f2..ef9b4541f0 100644
--- a/windows/whats-new/whats-new-windows-10-version-1709.md
+++ b/windows/whats-new/whats-new-windows-10-version-1709.md
@@ -5,11 +5,10 @@ keywords: ["What's new in Windows 10", "Windows 10", "Fall Creators Update"]
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
-author: dansimp
-ms.date: 01/24/2018
ms.reviewer:
-manager: dansimp
-ms.author: dansimp
+author: greg-lindsay
+manager: laurawi
+ms.author: greglin
ms.localizationpriority: high
ms.topic: article
---
@@ -25,7 +24,7 @@ A brief description of new or updated features in this version of Windows 10 is
-> [!video https://www.microsoft.com/en-us/videoplayer/embed/43942201-bec9-4f8b-8ba7-2d9bfafa8bba?autoplay=false]
+> [!video https://www.microsoft.com/videoplayer/embed/43942201-bec9-4f8b-8ba7-2d9bfafa8bba?autoplay=false]
## Deployment
diff --git a/windows/whats-new/whats-new-windows-10-version-1803.md b/windows/whats-new/whats-new-windows-10-version-1803.md
index f74337a7a7..e13290b34f 100644
--- a/windows/whats-new/whats-new-windows-10-version-1803.md
+++ b/windows/whats-new/whats-new-windows-10-version-1803.md
@@ -5,11 +5,10 @@ keywords: ["What's new in Windows 10", "Windows 10", "April 2018 Update"]
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
-author: dansimp
-ms.date: 07/07/2018
ms.reviewer:
-manager: dansimp
-ms.author: dansimp
+author: greg-lindsay
+manager: laurawi
+ms.author: greglin
ms.localizationpriority: high
ms.topic: article
---
@@ -25,7 +24,7 @@ This article lists new and updated features and content that are of interest to
The following 3-minute video summarizes some of the new features that are available for IT Pros in this release.
-> [!video https://www.microsoft.com/en-us/videoplayer/embed/RE21ada?autoplay=false]
+> [!video https://www.microsoft.com/videoplayer/embed/RE21ada?autoplay=false]
## Deployment
@@ -66,7 +65,7 @@ With this release you can easily deploy and manage kiosk devices with Microsoft
- To help with troubleshooting, you can now view error reports generated if an assigned access-configured app has issues.
For more information, see:
-- [Making IT simpler with a modern workplace](https://www.microsoft.com/en-us/microsoft-365/blog/2018/04/27/making-it-simpler-with-a-modern-workplace/)
+- [Making IT simpler with a modern workplace](https://www.microsoft.com/microsoft-365/blog/2018/04/27/making-it-simpler-with-a-modern-workplace/)
- [Simplifying kiosk management for IT with Windows 10](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Simplifying-kiosk-management-for-IT-with-Windows-10/ba-p/187691)
### Windows 10 Subscription Activation
diff --git a/windows/whats-new/whats-new-windows-10-version-1809.md b/windows/whats-new/whats-new-windows-10-version-1809.md
index b4e4f4f224..0ff6fadb69 100644
--- a/windows/whats-new/whats-new-windows-10-version-1809.md
+++ b/windows/whats-new/whats-new-windows-10-version-1809.md
@@ -1,14 +1,14 @@
---
title: What's new in Windows 10, version 1809
ms.reviewer:
-manager: dansimp
-ms.author: dansimp
description: New and updated features in Windows 10, version 1809
keywords: ["What's new in Windows 10", "Windows 10", "Windows 10 October 2018 Update"]
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
-author: dansimp
+author: greg-lindsay
+manager: laurawi
+ms.author: greglin
ms.localizationpriority: high
ms.topic: article
---
@@ -160,6 +160,15 @@ Windows Defender ATP now adds support for Windows Server 2019. You'll be able to
- [Onboard previous versions of Windows](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection)
Onboard supported versions of Windows machines so that they can send sensor data to the Windows Defender ATP sensor
+## Cloud Clipboard
+
+Cloud clipboard helps users copy content between devices. It also manages the clipboard histroy so that you can paste your old copied data. You can access it by using **Windows+V**. Set up Cloud clipboard:
+
+1. Go to **Windows Settings** and select **Systems**.
+2. On the left menu, click on **Clipboard**.
+3. Turn on **Clipboard history**.
+4. Turn on **Sync across devices**. Chose whether or not to automatically sync copied text across your devices.
+
## Kiosk setup experience
We introduced a simplified assigned access configuration experience in **Settings** that allows device administrators to easily set up a PC as a kiosk or digital sign. A wizard experience walks you through kiosk setup including creating a kiosk account that will automatically sign in when a device starts.
diff --git a/windows/whats-new/whats-new-windows-10-version-1903.md b/windows/whats-new/whats-new-windows-10-version-1903.md
index 0301b62f00..d5949e5781 100644
--- a/windows/whats-new/whats-new-windows-10-version-1903.md
+++ b/windows/whats-new/whats-new-windows-10-version-1903.md
@@ -1,151 +1,153 @@
----
-title: What's new in Windows 10, version 1903
-description: New and updated IT Pro content about new features in Windows 10, version 1903 (also known as the Windows 10 May 2019 Update).
-keywords: ["What's new in Windows 10", "Windows 10", "May 2019 Update"]
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-manager: laurawi
-ms.localizationpriority: high
-ms.topic: article
----
-
-# What's new in Windows 10, version 1903 IT Pro content
-
-**Applies to**
-- Windows 10, version 1903
-
-This article lists new and updated features and content that are of interest to IT Pros for Windows 10 version 1903, also known as the Windows 10 May 2019 Update. This update also contains all features and fixes included in previous cumulative updates to Windows 10, version 1809.
-
->[!NOTE]
->New disk space requirement for Windows 10, version 1903 applies only to OEMs for the manufacture of new PCs. This new requirement does not apply to existing devices. PCs that don’t meet new device disk space requirements will continue to receive updates and the 1903 update will require about the same amount of free disk space as previous updates. For more information, see [Reserved storage](#reserved-storage).
-
-## Deployment
-
-### Windows Autopilot
-
-[Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-autopilot) is a collection of technologies used to set up and pre-configure new devices, getting them ready for productive use. The following Windows Autopilot features are available in Windows 10, version 1903 and later:
-
-- [Windows Autopilot for white glove deployment](https://docs.microsoft.com/windows/deployment/windows-autopilot/white-glove) is new in this version of Windows. "White glove" deployment enables partners or IT staff to pre-provision devices so they are fully configured and business ready for your users.
-- The Intune [enrollment status page](https://docs.microsoft.com/intune/windows-enrollment-status) (ESP) now tracks Intune Management Extensions.
-- [Cortana voiceover](https://docs.microsoft.com/windows-hardware/customize/desktop/cortana-voice-support) and speech recognition during OOBE is disabled by default for all Windows 10 Pro Education, and Enterprise SKUs.
-- Windows Autopilot is self-updating during OOBE. Starting with the Windows 10, version 1903 Autopilot functional and critical updates will begin downloading automatically during OOBE.
-- Windows Autopilot will set the [diagnostics data](https://docs.microsoft.com/windows/privacy/windows-diagnostic-data) level to Full on Windows 10 version 1903 and later during OOBE.
-
-### Windows 10 Subscription Activation
-
-Windows 10 Education support has been added to Windows 10 Subscription Activation.
-
-With Windows 10, version 1903, you can step-up from Windows 10 Pro Education to the enterprise-grade edition for educational institutions – Windows 10 Education. For more information, see [Windows 10 Subscription Activation](https://docs.microsoft.com/windows/deployment/windows-10-subscription-activation).
-
-### SetupDiag
-
-[SetupDiag](https://docs.microsoft.com/windows/deployment/upgrade/setupdiag) version 1.4.1 is available.
-
-SetupDiag is a command-line tool that can help diagnose why a Windows 10 update failed. SetupDiag works by searching Windows Setup log files. When searching log files, SetupDiag uses a set of rules to match known issues. In the current version of SetupDiag there are 53 rules contained in the rules.xml file, which is extracted when SetupDiag is run. The rules.xml file will be updated as new versions of SetupDiag are made available.
-
-### Reserved storage
-
-[**Reserved storage**](https://techcommunity.microsoft.com/t5/Storage-at-Microsoft/Windows-10-and-reserved-storage/ba-p/428327): Reserved storage sets aside disk space to be used by updates, apps, temporary files, and system caches. It improves the day-to-day function of your PC by ensuring critical OS functions always have access to disk space. Reserved storage will be enabled automatically on new PCs with Windows 10, version 1903 pre-installed, and for clean installs. It will not be enabled when updating from a previous version of Windows 10.
-
-## Servicing
-
-- [**Delivery Optimization**](https://docs.microsoft.com/windows/deployment/update/waas-delivery-optimization): Improved Peer Efficiency for enterprises and educational institutions with complex networks is enabled with of [new policies](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization). This now supports Office 365 ProPlus updates, and Intune content, with System Center Configuration Manager content coming soon!
-- [**Automatic Restart Sign-on (ARSO)**](https://docs.microsoft.com/windows-insider/at-work-pro/wip-4-biz-whats-new#automatic-restart-and-sign-on-arso-for-enterprises-build-18305): Windows will automatically logon as the user and lock their device in order to complete the update, ensuring that when the user returns and unlocks the device, the update will be completed.
-- [**Windows Update for Business**](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Update-for-Business-and-the-retirement-of-SAC-T/ba-p/339523): There will now be a single, common start date for phased deployments (no more SAC-T designation). In addition, there will a new notification and reboot scheduling experience for end users, the ability to enforce update installation and reboot deadlines, and the ability to provide end user control over reboots for a specific time period.
-- **Update rollback improvements**: You can now automatically recover from startup failures by removing updates if the startup failure was introduced after the installation of recent driver or quality updates. When a device is unable to start up properly after the recent installation of Quality of driver updates, Windows will now automatically uninstall the updates to get the device back up and running normally.
-- **Pause updates**: We have extended the ability to pause updates for both feature and monthly updates. This extension ability is for all editions of Windows 10, including Home. You can pause both feature and monthly updates for up to 35 days (seven days at a time, up to five times). Once the 35-day pause period is reached, you will need to update your device before pausing again.
-- **Improved update notifications**: When there’s an update requiring you to restart your device, you’ll see a colored dot on the Power button in the Start menu and on the Windows icon in your taskbar.
-- **Intelligent active hours**: To further enhance active hours, users will now have the option to let Windows Update intelligently adjust active hours based on their device-specific usage patterns. You must enable the intelligent active hours feature for the system to predict device-specific usage patterns.
-- **Improved update orchestration to improve system responsiveness**: This feature will improve system performance by intelligently coordinating Windows updates and Microsoft Store updates, so they occur when users are away from their devices to minimize disruptions.
-
-## Security
-
-### Windows Information Protection
-
-With this release, Windows Defender ATP extends discovery and protection of sensitive information with [Auto Labeling](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels#how-wip-protects-automatically-classified-files).
-
-### Security configuration framework
-
-With this release of Windows 10, Microsoft is introducing a [new taxonomy for security configurations](https://docs.microsoft.com/windows/security/threat-protection/windows-security-configuration-framework/windows-security-configuration-framework), called the **SECCON framework**, comprised of 5 device security configurations.
-
-### Security baseline for Windows 10 and Windows Server
-
-The draft release of the [security configuration baseline settings](https://blogs.technet.microsoft.com/secguide/2019/04/24/security-baseline-draft-for-windows-10-v1903-and-windows-server-v1903/) for Windows 10, version 1903 and for Windows Server version 1903 is available.
-
-### Intune security baselines
-
-[Intune Security Baselines](https://docs.microsoft.com/intune/security-baselines) (Preview): Now includes many settings supported by Intune that you can use to help secure and protect your users and devices. You can automatically set these settings to values recommended by security teams.
-
-### Microsoft Defender Advanced Threat Protection (ATP):
-
-- [Attack surface area reduction](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/overview-attack-surface-reduction) – IT admins can configure devices with advanced web protection that enables them to define allow and deny lists for specific URL’s and IP addresses.
-- [Next generation protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) – Controls have been extended to protection from ransomware, credential misuse, and attacks that are transmitted through removable storage.
- - Integrity enforcement capabilities – Enable remote runtime attestation of Windows 10 platform.
- - Tamper-proofing capabilities – Uses virtualization-based security to isolate critical ATP security capabilities away from the OS and attackers.
-- [Platform support](https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Protecting-Windows-Server-with-Windows-Defender-ATP/ba-p/267114) – In addition to Windows 10, Windows Defender ATP’s functionality has been extended to support Windows 7 and Windows 8.1 clients, as well as macOS, Linux, and Windows Server with both its Endpoint Detection (EDR) and Endpoint Protection Platform (EPP) capabilities.
-
-### Microsoft Defender ATP next-gen protection technologies:
-
-- **Advanced machine learning**: Improved with advanced machine learning and AI models that enable it to protect against apex attackers using innovative vulnerability exploit techniques, tools and malware.
-- **Emergency outbreak protection**: Provides emergency outbreak protection which will automatically update devices with new intelligence when a new outbreak has been detected.
-- **Certified ISO 27001 compliance**: Ensures that the cloud service has analyzed for threats, vulnerabilities and impacts, and that risk management and security controls are in place.
-- **Geolocation support**: Support geolocation and sovereignty of sample data as well as configurable retention policies.
-
-### Threat Protection
-
-- [Windows Sandbox](https://techcommunity.microsoft.com/t5/Windows-Kernel-Internals/Windows-Sandbox/ba-p/301849): Isolated desktop environment where you can run untrusted software without the fear of lasting impact to your device.
-- [Microphone privacy settings](https://support.microsoft.com/en-us/help/4468232/windows-10-camera-microphone-and-privacy-microsoft-privacy): A microphone icon appears in the notification area letting you see which apps are using your microphone.
-
-- [Windows Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview) enhancements:
- - Standalone users can install and configure their Windows Defender Application Guard settings without needing to change Registry key settings. Enterprise users can check their settings to see what their administrators have configured for their machines to better understand the behavior.
- - WDAG is now an extension in Google Chrome and Mozilla Firefox. Many users are in a hybrid browser environment, and would like to extend WDAG’s browser isolation technology beyond Microsoft Edge. In the latest release, users can install the WDAG extension in their Chrome or Firefox browsers. This extension will redirect untrusted navigations to the WDAG Edge browser. There is also a companion app to enable this feature in the Microsoft Store. Users can quickly launch WDAG from their desktop using this app. This feature is also available in Windows 10, version 1803 or later with the latest updates.
-
- To try this extension:
- 1. Configure WDAG policies on your device.
- 2. Go to the Chrome Web Store or Firefox Add-ons and search for Application Guard. Install the extension.
- 3. Follow any additional configuration steps on the extension setup page.
- 4. Reboot the device.
- 5. Navigate to an untrusted site in Chrome and Firefox.
-
- - WDAG allows dynamic navigation: Application Guard now allows users to navigate back to their default host browser from the WDAG Microsoft Edge. Previously, users browsing in WDAG Edge would see an error page when they try to go to a trusted site within the container browser. With this new feature, users will automatically be redirected to their host default browser when they enter or click on a trusted site in WDAG Edge. This feature is also available in Windows 10, version 1803 or later with the latest updates.
-
-- [Windows Defender Application Control (WDAC)](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control): In Windows 10, version 1903 WDAC has a number of new features that light up key scenarios and provide feature parity with AppLocker.
- - [Multiple Policies](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies): WDAC now supports multiple simultaneous code integrity policies for one device in order to enable the following scenarios: 1) enforce and audit side-by-side, 2) simpler targeting for policies with different scope/intent, 3) expanding a policy using a new ‘supplemental’ policy.
- - [Path-Based Rules](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules): The path condition identifies an app by its location in the file system of the computer or on the network instead of a signer or hash identifier. Additionally, WDAC has an option that allows admins to enforce at runtime that only code from paths that are not user-writeable is executed. When code tries to execute at runtime, the directory is scanned and files will be checked for write permissions for non-known admins. If a file is found to be user writeable, the executable is blocked from running unless it is authorized by something other than a path rule like a signer or hash rule.
- This brings WDAC to functionality parity with AppLocker in terms of support for file path rules. WDAC improves upon the security of policies based on file path rules with the availability of the user-writability permission checks at runtime time, which is a capability that is not available with AppLocker.
- - [Allow COM Object Registration](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy): Previously, WDAC enforced a built-in allow list for COM object registration. While this mechanism works for most common application usage scenarios, customers have provided feedback that there are cases where additional COM objects need to be allowed. The 1903 update to Windows 10 introduces the ability to specify allowed COM objects via their GUID in the WDAC policy.
-
-#### System Guard
-
-[System Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows) has added a new feature in this version of Windows called **SMM Firmware Measurement**. This feature is built on top of [System Guard Secure Launch](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection) to check that the System Management Mode (SMM) firmware on the device is operating in a healthy manner - specifically, OS memory and secrets are protected from SMM. There are currently no devices out there with compatible hardware, but they will be coming out in the next few months.
-
-This new feature is displayed under the Device Security page with the string “Your device exceeds the requirements for enhanced hardware security” if configured properly:
-
-
-
-### Identity Protection
-
-- [Windows Hello FIDO2 certification](https://fidoalliance.org/microsoft-achieves-fido2-certification-for-windows-hello/): Windows Hello is now a FIDO2 Certified authenticator and enables password-less login for websites supporting FIDO2 authentication, such as Microsoft account and Azure AD.
-- [Streamlined Windows Hello PIN reset experience](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-videos#windows-hello-for-business-forgotten-pin-user-experience): Microsoft account users have a revamped Windows Hello PIN reset experience with the same look and feel as signing in on the web.
-- Sign-in with [Password-less](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/passwordless-strategy) Microsoft accounts: Sign in to Windows 10 with a phone number account. Then use Windows Hello for an even easier sign-in experience!
-- [Remote Desktop with Biometrics](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-features#remote-desktop-with-biometrics): Azure Active Directory and Active Directory users using Windows Hello for Business can use biometrics to authenticate to a remote desktop session.
-
-### Security management
-
-- [Windows Defender Firewall now supports Windows Subsystem for Linux (WSL)](https://blogs.windows.com/windowsexperience/2018/04/19/announcing-windows-10-insider-preview-build-17650-for-skip-ahead/#II14f7VlSBcZ0Gs4.97): Lets you add rules for WSL process, just like for Windows processes.
-- [Windows Security app](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center) improvements now include Protection history, including detailed and easier to understand information about threats and available actions, Controlled Folder Access blocks are now in the Protection history, Windows Defender Offline Scanning tool actions, and any pending recommendations.
-- [Tamper Protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection) lets you prevent others from tampering with important security features.
-
-## Microsoft Edge
-
-Several new features are coming in the next version of Edge. See the [news from Build 2019](https://blogs.windows.com/msedgedev/2019/05/06/edge-chromium-build-2019-pwa-ie-mode-devtools/#2QJF4u970WjQ2Sv7.97) for more information.
-
-## See Also
-
-[What's New in Windows Server, version 1903](https://docs.microsoft.com/windows-server/get-started/whats-new-in-windows-server-1903): New and updated features in Windows Server.
-[Windows 10 Features](https://www.microsoft.com/windows/features): Review general information about Windows 10 features.
-[What's New in Windows 10](https://docs.microsoft.com/windows/whats-new/): See what’s new in other versions of Windows 10.
-[What's new in Windows 10](https://docs.microsoft.com/windows-hardware/get-started/what-s-new-in-windows): See what’s new in Windows 10 hardware.
-[What's new in Windows 10 for developers](https://blogs.windows.com/buildingapps/2019/04/18/start-developing-on-windows-10-may-2019-update-today/#2Lp8FUFQ3Jm8KVcq.97): New and updated features in Windows 10 that are of interest to developers.
+---
+title: What's new in Windows 10, version 1903
+description: New and updated IT Pro content about new features in Windows 10, version 1903 (also known as the Windows 10 May 2019 Update).
+keywords: ["What's new in Windows 10", "Windows 10", "May 2019 Update"]
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.author: greglin
+manager: laurawi
+ms.localizationpriority: high
+ms.topic: article
+---
+
+# What's new in Windows 10, version 1903 IT Pro content
+
+**Applies to**
+- Windows 10, version 1903
+
+This article lists new and updated features and content that are of interest to IT Pros for Windows 10 version 1903, also known as the Windows 10 May 2019 Update. This update also contains all features and fixes included in previous cumulative updates to Windows 10, version 1809.
+
+>[!NOTE]
+>New disk space requirement for Windows 10, version 1903 applies only to OEMs for the manufacture of new PCs. This new requirement does not apply to existing devices. PCs that don’t meet new device disk space requirements will continue to receive updates and the 1903 update will require about the same amount of free disk space as previous updates. For more information, see [Reserved storage](#reserved-storage).
+
+## Deployment
+
+### Windows Autopilot
+
+[Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-autopilot) is a collection of technologies used to set up and pre-configure new devices, getting them ready for productive use. The following Windows Autopilot features are available in Windows 10, version 1903 and later:
+
+- [Windows Autopilot for white glove deployment](https://docs.microsoft.com/windows/deployment/windows-autopilot/white-glove) is new in this version of Windows. "White glove" deployment enables partners or IT staff to pre-provision devices so they are fully configured and business ready for your users.
+- The Intune [enrollment status page](https://docs.microsoft.com/intune/windows-enrollment-status) (ESP) now tracks Intune Management Extensions.
+- [Cortana voiceover](https://docs.microsoft.com/windows-hardware/customize/desktop/cortana-voice-support) and speech recognition during OOBE is disabled by default for all Windows 10 Pro Education, and Enterprise SKUs.
+- Windows Autopilot is self-updating during OOBE. Starting with the Windows 10, version 1903 Autopilot functional and critical updates will begin downloading automatically during OOBE.
+- Windows Autopilot will set the [diagnostics data](https://docs.microsoft.com/windows/privacy/windows-diagnostic-data) level to Full on Windows 10 version 1903 and later during OOBE.
+
+### Windows 10 Subscription Activation
+
+Windows 10 Education support has been added to Windows 10 Subscription Activation.
+
+With Windows 10, version 1903, you can step-up from Windows 10 Pro Education to the enterprise-grade edition for educational institutions – Windows 10 Education. For more information, see [Windows 10 Subscription Activation](https://docs.microsoft.com/windows/deployment/windows-10-subscription-activation).
+
+### SetupDiag
+
+[SetupDiag](https://docs.microsoft.com/windows/deployment/upgrade/setupdiag) version 1.4.1 is available.
+
+SetupDiag is a command-line tool that can help diagnose why a Windows 10 update failed. SetupDiag works by searching Windows Setup log files. When searching log files, SetupDiag uses a set of rules to match known issues. In the current version of SetupDiag there are 53 rules contained in the rules.xml file, which is extracted when SetupDiag is run. The rules.xml file will be updated as new versions of SetupDiag are made available.
+
+### Reserved storage
+
+[**Reserved storage**](https://techcommunity.microsoft.com/t5/Storage-at-Microsoft/Windows-10-and-reserved-storage/ba-p/428327): Reserved storage sets aside disk space to be used by updates, apps, temporary files, and system caches. It improves the day-to-day function of your PC by ensuring critical OS functions always have access to disk space. Reserved storage will be enabled automatically on new PCs with Windows 10, version 1903 pre-installed, and for clean installs. It will not be enabled when updating from a previous version of Windows 10.
+
+## Servicing
+
+- [**Delivery Optimization**](https://docs.microsoft.com/windows/deployment/update/waas-delivery-optimization): Improved Peer Efficiency for enterprises and educational institutions with complex networks is enabled with of [new policies](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization). This now supports Office 365 ProPlus updates, and Intune content, with System Center Configuration Manager content coming soon!
+- [**Automatic Restart Sign-on (ARSO)**](https://docs.microsoft.com/windows-insider/at-work-pro/wip-4-biz-whats-new#automatic-restart-and-sign-on-arso-for-enterprises-build-18305): Windows will automatically logon as the user and lock their device in order to complete the update, ensuring that when the user returns and unlocks the device, the update will be completed.
+- [**Windows Update for Business**](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Update-for-Business-and-the-retirement-of-SAC-T/ba-p/339523): There will now be a single, common start date for phased deployments (no more SAC-T designation). In addition, there will a new notification and reboot scheduling experience for end users, the ability to enforce update installation and reboot deadlines, and the ability to provide end user control over reboots for a specific time period.
+- **Update rollback improvements**: You can now automatically recover from startup failures by removing updates if the startup failure was introduced after the installation of recent driver or quality updates. When a device is unable to start up properly after the recent installation of Quality of driver updates, Windows will now automatically uninstall the updates to get the device back up and running normally.
+- **Pause updates**: We have extended the ability to pause updates for both feature and monthly updates. This extension ability is for all editions of Windows 10, including Home. You can pause both feature and monthly updates for up to 35 days (seven days at a time, up to five times). Once the 35-day pause period is reached, you will need to update your device before pausing again.
+- **Improved update notifications**: When there’s an update requiring you to restart your device, you’ll see a colored dot on the Power button in the Start menu and on the Windows icon in your taskbar.
+- **Intelligent active hours**: To further enhance active hours, users will now have the option to let Windows Update intelligently adjust active hours based on their device-specific usage patterns. You must enable the intelligent active hours feature for the system to predict device-specific usage patterns.
+- **Improved update orchestration to improve system responsiveness**: This feature will improve system performance by intelligently coordinating Windows updates and Microsoft Store updates, so they occur when users are away from their devices to minimize disruptions.
+
+## Security
+
+### Windows Information Protection
+
+With this release, Windows Defender ATP extends discovery and protection of sensitive information with [Auto Labeling](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels#how-wip-protects-automatically-classified-files).
+
+### Security configuration framework
+
+With this release of Windows 10, Microsoft is introducing a [new taxonomy for security configurations](https://docs.microsoft.com/windows/security/threat-protection/windows-security-configuration-framework/windows-security-configuration-framework), called the **SECCON framework**, comprised of 5 device security configurations.
+
+### Security baseline for Windows 10 and Windows Server
+
+The draft release of the [security configuration baseline settings](https://blogs.technet.microsoft.com/secguide/2019/04/24/security-baseline-draft-for-windows-10-v1903-and-windows-server-v1903/) for Windows 10, version 1903 and for Windows Server version 1903 is available.
+
+### Intune security baselines
+
+[Intune Security Baselines](https://docs.microsoft.com/intune/security-baselines) (Preview): Now includes many settings supported by Intune that you can use to help secure and protect your users and devices. You can automatically set these settings to values recommended by security teams.
+
+### Microsoft Defender Advanced Threat Protection (ATP):
+
+- [Attack surface area reduction](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/overview-attack-surface-reduction) – IT admins can configure devices with advanced web protection that enables them to define allow and deny lists for specific URL’s and IP addresses.
+- [Next generation protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) – Controls have been extended to protection from ransomware, credential misuse, and attacks that are transmitted through removable storage.
+ - Integrity enforcement capabilities – Enable remote runtime attestation of Windows 10 platform.
+ - Tamper-proofing capabilities – Uses virtualization-based security to isolate critical ATP security capabilities away from the OS and attackers.
+- [Platform support](https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Protecting-Windows-Server-with-Windows-Defender-ATP/ba-p/267114) – In addition to Windows 10, Windows Defender ATP’s functionality has been extended to support Windows 7 and Windows 8.1 clients, as well as macOS, Linux, and Windows Server with both its Endpoint Detection (EDR) and Endpoint Protection Platform (EPP) capabilities.
+
+### Microsoft Defender ATP next-gen protection technologies:
+
+- **Advanced machine learning**: Improved with advanced machine learning and AI models that enable it to protect against apex attackers using innovative vulnerability exploit techniques, tools and malware.
+- **Emergency outbreak protection**: Provides emergency outbreak protection which will automatically update devices with new intelligence when a new outbreak has been detected.
+- **Certified ISO 27001 compliance**: Ensures that the cloud service has analyzed for threats, vulnerabilities and impacts, and that risk management and security controls are in place.
+- **Geolocation support**: Support geolocation and sovereignty of sample data as well as configurable retention policies.
+
+### Threat Protection
+
+- [Windows Sandbox](https://techcommunity.microsoft.com/t5/Windows-Kernel-Internals/Windows-Sandbox/ba-p/301849): Isolated desktop environment where you can run untrusted software without the fear of lasting impact to your device.
+- [Microphone privacy settings](https://support.microsoft.com/en-us/help/4468232/windows-10-camera-microphone-and-privacy-microsoft-privacy): A microphone icon appears in the notification area letting you see which apps are using your microphone.
+
+- [Windows Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview) enhancements:
+ - Standalone users can install and configure their Windows Defender Application Guard settings without needing to change Registry key settings. Enterprise users can check their settings to see what their administrators have configured for their machines to better understand the behavior.
+ - WDAG is now an extension in Google Chrome and Mozilla Firefox. Many users are in a hybrid browser environment, and would like to extend WDAG’s browser isolation technology beyond Microsoft Edge. In the latest release, users can install the WDAG extension in their Chrome or Firefox browsers. This extension will redirect untrusted navigations to the WDAG Edge browser. There is also a companion app to enable this feature in the Microsoft Store. Users can quickly launch WDAG from their desktop using this app. This feature is also available in Windows 10, version 1803 or later with the latest updates.
+
+ To try this extension:
+ 1. Configure WDAG policies on your device.
+ 2. Go to the Chrome Web Store or Firefox Add-ons and search for Application Guard. Install the extension.
+ 3. Follow any additional configuration steps on the extension setup page.
+ 4. Reboot the device.
+ 5. Navigate to an untrusted site in Chrome and Firefox.
+
+ - WDAG allows dynamic navigation: Application Guard now allows users to navigate back to their default host browser from the WDAG Microsoft Edge. Previously, users browsing in WDAG Edge would see an error page when they try to go to a trusted site within the container browser. With this new feature, users will automatically be redirected to their host default browser when they enter or click on a trusted site in WDAG Edge. This feature is also available in Windows 10, version 1803 or later with the latest updates.
+
+- [Windows Defender Application Control (WDAC)](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control): In Windows 10, version 1903 WDAC has a number of new features that light up key scenarios and provide feature parity with AppLocker.
+ - [Multiple Policies](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies): WDAC now supports multiple simultaneous code integrity policies for one device in order to enable the following scenarios: 1) enforce and audit side-by-side, 2) simpler targeting for policies with different scope/intent, 3) expanding a policy using a new ‘supplemental’ policy.
+ - [Path-Based Rules](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules): The path condition identifies an app by its location in the file system of the computer or on the network instead of a signer or hash identifier. Additionally, WDAC has an option that allows admins to enforce at runtime that only code from paths that are not user-writeable is executed. When code tries to execute at runtime, the directory is scanned and files will be checked for write permissions for non-known admins. If a file is found to be user writeable, the executable is blocked from running unless it is authorized by something other than a path rule like a signer or hash rule.
+ This brings WDAC to functionality parity with AppLocker in terms of support for file path rules. WDAC improves upon the security of policies based on file path rules with the availability of the user-writability permission checks at runtime time, which is a capability that is not available with AppLocker.
+ - [Allow COM Object Registration](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy): Previously, WDAC enforced a built-in allow list for COM object registration. While this mechanism works for most common application usage scenarios, customers have provided feedback that there are cases where additional COM objects need to be allowed. The 1903 update to Windows 10 introduces the ability to specify allowed COM objects via their GUID in the WDAC policy.
+
+#### System Guard
+
+[System Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows) has added a new feature in this version of Windows called **SMM Firmware Measurement**. This feature is built on top of [System Guard Secure Launch](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection) to check that the System Management Mode (SMM) firmware on the device is operating in a healthy manner - specifically, OS memory and secrets are protected from SMM. There are currently no devices out there with compatible hardware, but they will be coming out in the next few months.
+
+This new feature is displayed under the Device Security page with the string “Your device exceeds the requirements for enhanced hardware security” if configured properly:
+
+
+
+### Identity Protection
+
+- [Windows Hello FIDO2 certification](https://fidoalliance.org/microsoft-achieves-fido2-certification-for-windows-hello/): Windows Hello is now a FIDO2 Certified authenticator and enables password-less login for websites supporting FIDO2 authentication, such as Microsoft account and Azure AD.
+- [Streamlined Windows Hello PIN reset experience](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-videos#windows-hello-for-business-forgotten-pin-user-experience): Microsoft account users have a revamped Windows Hello PIN reset experience with the same look and feel as signing in on the web.
+- Sign-in with [Password-less](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/passwordless-strategy) Microsoft accounts: Sign in to Windows 10 with a phone number account. Then use Windows Hello for an even easier sign-in experience!
+- [Remote Desktop with Biometrics](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-features#remote-desktop-with-biometrics): Azure Active Directory and Active Directory users using Windows Hello for Business can use biometrics to authenticate to a remote desktop session.
+
+### Security management
+
+- [Windows Defender Firewall now supports Windows Subsystem for Linux (WSL)](https://blogs.windows.com/windowsexperience/2018/04/19/announcing-windows-10-insider-preview-build-17650-for-skip-ahead/#II14f7VlSBcZ0Gs4.97): Lets you add rules for WSL process, just like for Windows processes.
+- [Windows Security app](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center) improvements now include Protection history, including detailed and easier to understand information about threats and available actions, Controlled Folder Access blocks are now in the Protection history, Windows Defender Offline Scanning tool actions, and any pending recommendations.
+- [Tamper Protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection) lets you prevent others from tampering with important security features.
+
+## Microsoft Edge
+
+Several new features are coming in the next version of Edge. See the [news from Build 2019](https://blogs.windows.com/msedgedev/2019/05/06/edge-chromium-build-2019-pwa-ie-mode-devtools/#2QJF4u970WjQ2Sv7.97) for more information.
+
+## See Also
+
+[What's New in Windows Server, version 1903](https://docs.microsoft.com/windows-server/get-started/whats-new-in-windows-server-1903): New and updated features in Windows Server.
+[Windows 10 Features](https://www.microsoft.com/windows/features): Review general information about Windows 10 features.
+[What's New in Windows 10](https://docs.microsoft.com/windows/whats-new/): See what’s new in other versions of Windows 10.
+[What's new in Windows 10](https://docs.microsoft.com/windows-hardware/get-started/what-s-new-in-windows): See what’s new in Windows 10 hardware.
+[What's new in Windows 10 for developers](https://blogs.windows.com/buildingapps/2019/04/18/start-developing-on-windows-10-may-2019-update-today/#2Lp8FUFQ3Jm8KVcq.97): New and updated features in Windows 10 that are of interest to developers.
