Merged PR 9682: 7/10 PM Publish

windows/application-management/app-v/appv-connection-group-file.md

@@ -44,7 +44,7 @@ The following table describes the parameters in the XML file that define the con
 
 ### Parameters that define the packages in the connection group
 
-In the <Packages> section of the connection group XML file, you list the member packages in the connection group by specifying each package’s unique package identifier and version identifier, as described in the following table. The first package in the list has the highest precedence.
+In the **<Packages>** section of the connection group XML file, you list the member packages in the connection group by specifying each package’s unique package identifier and version identifier, as described in the following table. The first package in the list has the highest precedence.
 
 |Field|Description|
 |---|---|

windows/application-management/app-v/appv-convert-a-package-created-in-a-previous-version-of-appv.md

@@ -1,64 +1,92 @@
 ---
-title: How to Convert a Package Created in a Previous Version of App-V (Windows 10)
+title: How to convert a package created in a previous version of App-V (Windows 10)
-description: How to Convert a Package Created in a Previous Version of App-V
+description: How to convert a package created in a previous version of App-V.
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/19/2017
+ms.date: 07/10/2018
 ---
+# How to convert a package created in a previous version of App-V
 
+>Applies to: Windows 10, version 1607
 
-# How to Convert a Package Created in a Previous Version of App-V
+You can use the package converter utility to upgrade virtual application packages created by previous versions of App-V. This section will tell you how to convert existing virtual application packages for upgrade.
 
-**Applies to**
+>[!NOTE]  
--   Windows 10, version 1607
+>If you are running a computer with a 64-bit architecture, you must use the x86 version of Windows PowerShell.
 
-You can use the package converter utility to upgrade virtual application packages that have been created with previous versions of App-V.
+The package converter can only directly convert packages created by an App-V sequencer version 4.5 or later. Packages created with an App-V version earlier than 4.5 must be upgraded to at least App-V 4.5 before conversion.
 
-> [!NOTE]  
+>[!IMPORTANT]
-> If you are running a computer with a 64-bit architecture, you must use the x86 version of Windows PowerShell.
+>In order to keep your files secure, you must configure the package converter to always save the package ingredients file to a secure location and directory that can only be accessed by an administrator. When you deploy the package, you should either save the package to a secure location or make sure that no other users can sign in during the conversion process.
-
-The package converter can only directly convert packages that were created by using the App-V 4.5 sequencer or later. Packages that were created using a version prior to App-V 4.5 must be upgraded to at least App-V 4.5 before conversion.
-
-The following information provides direction for converting existing virtual application packages.
-
-> [!IMPORTANT]  
-> You must configure the package converter to always save the package ingredients file to a secure location and directory. A secure location is accessible only by an administrator. Additionally, when you deploy the package, you should save the package to a location that is secure, or make sure that no other user is allowed to be logged in during the conversion process.
 
 ## App-V 4.6 installation folder is redirected to virtual file system root
 
-When you convert packages from App-V 4.6 to App-V for Windows 10, the App-V for Windows 10 package can access the hardcoded drive that you were required to use when you created 4.6 packages. The drive letter will be the drive you selected as the installation drive on the 4.6 sequencing machine. (The default drive letter is Q:\\.)
+When you convert packages from App-V 4.6 to App-V for Windows 10, the App-V for Windows 10 package can access the hardcoded drive that you were required to use when you created 4.6 packages. The drive letter will be the drive you selected as the installation drive on the 4.6 sequencing machine. (The default drive is drive Q.)
 
-**Technical Details:** The App-V package converter will save the App-V 4.6 installation root folder and short folder names in the FilesystemMetadata.xml file in the Filesystem element. When the App-V for Windows 10 client creates the virtual process, it will map requests from the App-V 4.6 installation root to the virtual file system root.
+The App-V package converter will save the App-V 4.6 installation root folder and short folder names in the FilesystemMetadata.xml file in the **Filesystem** element. When the App-V for Windows 10 client creates the virtual process, it will map requests from the App-V 4.6 installation root to the virtual file system root.
 
 ## Getting started
 
-1.  Install the App-V Sequencer on a computer in your environment. For information about how to install the Sequencer, see [How to Install the Sequencer](appv-install-the-sequencer.md).
+1. Install the App-V Sequencer on a computer in your environment. For information about how to install the Sequencer, see [How to install the Sequencer](appv-install-the-sequencer.md).
 
-2.  The following cmdlets are available:
+2. You can enter the following cmdlets to check or convert packages:
 
-    -   **Test-AppvLegacyPackage** – This cmdlet is designed to check packages. It will return information about any failures with the package such as missing **.sft** files, an invalid source, **.osd** file errors, or invalid package version. This cmdlet will not parse the **.sft** file or do any in depth validation. For information about options and basic functionality for this cmdlet, using Windows PowerShell, type `Test-AppvLegacyPackage -?`.
+    - **Test-AppvLegacyPackage**—This cmdlet checks packages. It will return information about any failures with the package such as missing **.sft** files, an invalid source, **.osd** file errors, or invalid package version. This cmdlet will not parse the **.sft** file or do any in-depth validation. For information about options and basic functionality for this cmdlet, using Windows PowerShell, enter the following cmdlet:
 
-    -   **ConvertFrom-AppvLegacyPackage** – To convert an existing package, type `ConvertFrom-AppvLegacyPackage c:\contentStore c:\convertedPackages`. In this command, `c:\contentStore` represents the location of the existing package and `c:\convertedPackages` is the output directory to which the resulting App-V for Windows 10 virtual application package file will be saved. By default, if you do not specify a new name, the old package name will be used.
+         ```PowerShell
+         Test-AppvLegacyPackage -?
+         ```
 
-        Additionally, the package converter optimizes performance of packages in App-V for Windows 10 by setting the package to stream fault the App-V package.  This is more performant than the primary feature block and fully downloading the package. The flag **DownloadFullPackageOnFirstLaunch** allows you to convert the package and set the package to be fully downloaded by default.
+    - **ConvertFrom-AppvLegacyPackage**—This cmdlet converts packages from legacy versions to updated versions. To convert an existing package, enter the following cmdlet:
 
-        > [!NOTE]  
+         ```PowerShell
-        > Before you specify the output directory, you must create the output directory.
+         ConvertFrom-AppvLegacyPackage C:\contentStore C:\convertedPackages
+         ```
+
+     In this cmdlet, `C:\contentStore` represents the location of the existing package and `C:\convertedPackages` is the output directory to which the resulting App-V for Windows 10 virtual application package file will be saved. By default, if you do not specify a new name, the old package name will be used.
+
+     Additionally, the package converter optimizes performance of packages in App-V for Windows 10 by setting the package to stream fault the App-V package.  This is more performant than the primary feature block and fully downloading the package. The flag **DownloadFullPackageOnFirstLaunch** allows you to convert the package and set the package to be fully downloaded by default.
+
+      >[!NOTE]  
+      >Before you specify the output directory, you must create the output directory.
 
 ### Advanced Conversion Tips
 
--   Piping - Windows PowerShell supports piping. Piping allows you to call `dir c:\contentStore\myPackage | Test-AppvLegacyPackage`. In this example, the directory object that represents `myPackage` will be given as input to the `Test-AppvLegacyPackage` command and bound to the `-Source` parameter. Piping like this is especially useful when you want to batch commands together; for example, `dir .\ | Test-AppvLegacyPackage | ConvertFrom-AppvLegacyAppvPackage -Target .\ConvertedPackages`. This piped command would test the packages and then pass those objects on to actually be converted. You can also apply a filter on packages without errors or only specify a directory which contains an **.sprj** file or pipe them to another cmdlet that adds the filtered package to the server or publishes them to the App-V client.
+- Piping—Windows PowerShell supports piping. Piping allows you to enter cmdlets like this example:
 
--   Batching - The Windows PowerShell command enables batching. More specifically, the cmdlets support taking a string\[\] object for the `-Source` parameter which represents a list of directory paths. This allows you to enter `$packages = dir c:\contentStore` and then call `ConvertFrom-AppvLegacyAppvPackage-Source $packages -Target c:\ConvertedPackages` or to use piping and call `dir c:\ContentStore | ConvertFrom-AppvLegacyAppvPackage -Target C:\ConvertedPackages`.
+    ```PowerShell
+    dir C:\contentStore\myPackage | Test-AppvLegacyPackage
+    ```
 
--   Other functionality - Windows PowerShell has other built-in functionality for features such as aliases, piping, lazy-binding, .NET object, and many others. All of these are usable in Windows PowerShell and can help you create advanced scenarios for the Package Converter.
+    In this example, the directory object that represents `myPackage` will be given as input to the **Test-AppvLegacyPackage** cmdlet and bound to the *-Source* parameter. Piping like this is especially useful when you want to batch commands together, such as in the following example cmdlet:
+     
+    ```PowerShell
+    dir .\ | Test-AppvLegacyPackage | ConvertFrom-AppvLegacyAppvPackage -Target .\ConvertedPackages
+    ```
+      
+    This piped example command tests packages, then passes the objects on for conversion. You can also apply a filter on packages without errors or only specify a directory which contains an **.sprj** file or pipe them to another cmdlet that adds the filtered package to the server or publishes them to the App-V client.
+
+- Batching—The Windows PowerShell command enables batching. More specifically, the cmdlets support taking a string\[\] object for the *-Source* parameter that represents a list of directory paths. This allows you to enter the following cmdlets together:
+
+    ```PowerShell
+    $packages = dir C:\contentStore
+    ConvertFrom-AppvLegacyAppvPackage-Source $packages -Target C:\ConvertedPackages
+    ```
+
+    Alternatively, you can use piping like this:
+
+    ```PowerShell
+    dir C:\ContentStore | ConvertFrom-AppvLegacyAppvPackage -Target C:\ConvertedPackages
+    ```
+
+- Other functionality—Windows PowerShell has other built-in functionality for features such as aliases, lazy-binding, .NET Object, and many others. These features can help you create advanced scenarios for the Package Converter.
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
 
 ## Related topics
 

windows/application-management/app-v/appv-create-a-connection-group-with-user-published-and-globally-published-packages.md

@@ -1,87 +1,63 @@
 ---
-title: How to Create a Connection Group with User-Published and Globally Published Packages (Windows 10)
+title: How to create a connection croup with user-published and globally published packages (Windows 10)
-description: How to Create a Connection Group with User-Published and Globally Published Packages
+description: How to create a connection croup with user-published and globally published packages.
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/19/2017
+ms.date: 07/10/2018
 ---
+# How to create a connection croup with user-published and globally published packages
 
-
+>Applies to: Windows 10, version 1607
-# How to Create a Connection Group with User-Published and Globally Published Packages
-
-**Applies to**
--   Windows 10, version 1607
 
 You can create user-entitled connection groups that contain both user-published and globally published packages, using either of the following methods:
 
--   [How to use Windows PowerShell cmdlets to create user-entitled connection groups](#how-to-use-windows-powershell-cmdlets-to-create-user-entitled-connection-groups)
+- [How to use Windows PowerShell cmdlets to create user-entitled connection groups](#how-to-use-windows-powershell-cmdlets-to-create-user-entitled-connection-groups)
+- [How to use the App-V Server to create user-entitled connection groups](#how-to-use-the-app-v-server-to-create-user-entitled-connection-groups)
 
--   [How to use the App-V Server to create user-entitled connection groups](#how-to-use-the-app-v-server-to-create-user-entitled-connection-groups)
+## Unsupported scenarios and potential issues
 
-## What to know before you start:
+Here are some important things to know before you get started:
 
-<table>
+- If you add user-published packages in globally entitled connection groups, the connection group will fail.
-<colgroup>
+- Track the connection groups where you've used a non-optional package before removing it with the **Unpublish-AppvClientPackage <</span>package> -global** cmdlet.
-<col width="50%" />
-<col width="50%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th align="left">Unsupported scenarios and potential issues</th>
-<th align="left">Result</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td align="left"><p>You cannot include user-published packages in globally entitled connection groups.</p></td>
-<td align="left"><p>The connection group will fail.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>If you publish a package globally and then create a user-published connection group in which you’ve made that package non-optional, you can still run <strong>Unpublish-AppvClientPackage &lt;package&gt; -global</strong> to unpublish the package, even when that package is being used in another connection group.</p></td>
-<td align="left"><p>If any other connection groups are using that package, the package will fail in those connection groups.</p>
-<p>To avoid inadvertently unpublishing a non-optional package that is being used in another connection group, we recommend that you track the connection groups in which you’ve used a non-optional package.</p></td>
-</tr>
-</tbody>
-</table>
       
- 
+    In situations where you have a gobally published package that's listed as non-optional in a user-published connection group that also appears in other packages, running **Unpublish-AppvClientPackage <</span>package> -global** cmdlet can unpublish the package from every connection group containing that package. Tracking connection groups can help you avoid unintentionally unpublishing non-optional packages.
 
 ## How to use Windows PowerShell cmdlets to create user-entitled connection groups
 
-1.  Add and publish packages by using the following commands:
+1. Add and publish packages by using the following commands:
     
-    ```
+    ```PowerShell
     Add-AppvClientPackage <Package1_AppV_file_Path>
     Add-AppvClientPackage <Package2_AppV_file_Path>
     Publish-AppvClientPackage -PackageId <Package1_ID> -VersionId <Package1_Version_ID> -Global
     Publish-AppvClientPackage -PackageId <Package2_ID> -VersionId <Package2_Version_ID>
     ```
 
-2.  Create the connection group XML file. For more information, see [About the Connection Group File](appv-connection-group-file.md).
+2. Create the connection group XML file. For more information, see [About the connection group file](appv-connection-group-file.md).
 
-3.  Add and publish the connection group by using the following commands:
+3. Add and publish the connection group by using the following commands:
     
-    ```
+    ```PowerShell
     Add-AppvClientConnectionGroup <Connection_Group_XML_file_Path>
     Enable-AppvClientConnectionGroup -GroupId <CG_Group_ID> -VersionId <CG_Version_ID>
     ```
 
 ## How to use the App-V Server to create user-entitled connection groups
 
-1.  Open the App-V Management Console.
+1. Open the App-V Management Console.
 
-2.  Follow the instructions in [How to Publish a Package by Using the Management Console](appv-publish-a-packages-with-the-management-console.md) to publish packages globally and to the user.
+2. Follow the instructions in [How to publish a package by using the Management Console](appv-publish-a-packages-with-the-management-console.md) to publish packages globally and to the user.
 
-3.  Follow the instructions in [How to Create a Connection Group](appv-create-a-connection-group.md) to create the connection group, and add the user-published and globally published packages.
+3. Follow the instructions in [How to create a connection group](appv-create-a-connection-group.md) to create the connection group and  add the user-published and globally published packages.
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
 
 ## Related topics
 
-
+- [Managing Connection Groups](appv-managing-connection-groups.md)
-[Managing Connection Groups](appv-managing-connection-groups.md)

windows/application-management/app-v/appv-create-a-connection-group.md

@@ -1,51 +1,47 @@
 ---
-title: How to Create a Connection Group (Windows 10)
+title: How to create a connection group (Windows 10)
-description: How to Create a Connection Group
+description: How to create a connection group with the App-V Management Console.
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/19/2017
+ms.date: 07/10/2018
 ---
+# How to create a connection group
 
+>Applies to: Windows 10, version 1607
 
-# How to Create a Connection Group
+Use these steps to create a connection group by using the App-V Management Console. To use Windows PowerShell to create connection groups, see [How to manage connection groups on a stand-alone computer by using Windows PowerShell](appv-manage-connection-groups-on-a-stand-alone-computer-with-powershell.md).
 
-**Applies to**
+When you place packages in a connection group, their package root paths merge. If you remove packages, only the remaining packages maintain the merged root.
--   Windows 10, version 1607
 
-Use these steps to create a connection group by using the App-V Management Console. To use Windows PowerShell to create connection groups, see [How to Manage Connection Groups on a Stand-alone Computer by Using Windows PowerShell](appv-manage-connection-groups-on-a-stand-alone-computer-with-powershell.md).
+## Create a connection group
 
-When you place packages in a connection group, their package root paths are merged. If you remove packages, only the remaining packages maintain the merged root.
+1. In the App-V Management Console, select **CONNECTION GROUPS** to display the Connection Groups library.
 
-**To create a connection group**
+2. Select **ADD CONNECTION GROUP** to create a new connection group.
 
-1.  In the App-V Management Console, select **CONNECTION GROUPS** to display the Connection Groups library.
+3. In the **New Connection Group** pane, enter a description for the group.
 
-2.  Select **ADD CONNECTION GROUP** to create a new connection group.
+4. Select **EDIT** in the **CONNECTED PACKAGES** pane to add a new application to the connection group.
 
-3.  In the **New Connection Group** pane, type a description for the group.
+5. In the **PACKAGES Entire Library** pane, select the application to be added, then select the arrow to add the application.
 
-4.  Click **EDIT** in the **CONNECTED PACKAGES** pane to add a new application to the connection group.
+    To remove an application, select the application to be removed in the **PACKAGES IN** pane and select the arrow.
-
-5.  In the **PACKAGES Entire Library** pane, select the application to be added, and click the arrow to add the application.
-
-    To remove an application, select the application to be removed in the **PACKAGES IN** pane and click the arrow.
 
     To reprioritize the applications in your connection group, use the arrows in the **PACKAGES IN** pane.
 
-    **Important**<br>
+    >[!IMPORTANT]
-    By default, the Active Directory Domain Services access configurations that are associated with a specific application are not added to the connection group. To transfer the Active Directory access configuration, select **ADD PACKAGE ACCESS TO GROUP ACCESS**, which is located in the **PACKAGES IN** pane.
+    >By default, the Active Directory Domain Services access configurations that are associated with a specific application are not added to the connection group. To transfer the Active Directory access configuration, select **ADD PACKAGE ACCESS TO GROUP ACCESS**, which is located in the **PACKAGES IN** pane.
 
-6.  After adding all the applications and configuring Active Directory access, click **Apply**.
+6. After adding all the applications and configuring Active Directory access, select **Apply**.
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
 
 ## Related topics
 
-[Operations for App-V](appv-operations.md)
+- [Operations for App-V](appv-operations.md)
-
+- [Managing connection groups](appv-managing-connection-groups.md)
-[Managing Connection Groups](appv-managing-connection-groups.md)

windows/application-management/app-v/appv-create-a-custom-configuration-file-with-the-management-console.md

@@ -1,41 +1,38 @@
 ---
-title: How to Create a Custom Configuration File by Using the App-V Management Console (Windows 10)
+title: How to create a custom configuration file by using the App-V Management Console (Windows 10)
-description: How to Create a Custom Configuration File by Using the App-V Management Console
+description: How to create a custom configuration file by using the App-V Management Console.
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/19/2017
+ms.date: 07/10/2018
 ---
+# How to create a custom configuration file by using the App-V Management Console
 
+>Applies to: Windows 10, version 1607
 
-# How to Create a Custom Configuration File by Using the App-V Management Console
+You can use a dynamic configuration to customize an App-V package for a specific user. However, you must first create the dynamic user configuration (.xml) file or the dynamic deployment configuration file before you can use the files. Creation of the file is an advanced manual operation. For general information about dynamic user configuration files, see [About App-V dynamic configuration](appv-dynamic-configuration.md).
 
-**Applies to**
+You can create a dynamic user configuration file with the App-V Management Console by following the steps in this article.
--   Windows 10, version 1607
 
-You can use a dynamic configuration to customize an App-V package for a specific user. However, you must first create the dynamic user configuration (.xml) file or the dynamic deployment configuration file before you can use the files. Creation of the file is an advanced manual operation. For general information about dynamic user configuration files, see, [About App-V Dynamic Configuration](appv-dynamic-configuration.md).
+## Create a dynamic user configuration file
 
-Use the following procedure to create a Dynamic User Configuration file by using the App-V Management console.
+1. Right-click the name of the package that you want to view and select **Edit active directory access** to view the configuration that is assigned to a given user group. Alternatively, select the package, and click **Edit**.
 
-**To create a Dynamic User Configuration file**
+2. Using the list of **AD Entities with Access**, select the AD group that you want to customize. Select **Custom** from the drop-down list. A link named **Edit** will appear.
 
-1.  Right-click the name of the package that you want to view and select **Edit active directory access** to view the configuration that is assigned to a given user group. Alternatively, select the package, and click **Edit**.
+3. Select **Edit**. The Dynamic User Configuration assigned to the AD Group will appear.
 
-2.  Using the list of **AD Entities with Access**, select the AD group that you want to customize. Select **Custom** from the drop-down list, if it is not already selected. A link named **Edit** will be displayed.
+4. Select **Advanced**, and then select **Export Configuration**. Enter a file name and select **Save**. Now you can edit the file to configure a package for a user.
 
-3.  Click **Edit**. The Dynamic User Configuration that is assigned to the AD Group will be displayed.
+    >[!NOTE]  
-
+    >If you want to export a configuration while running on Windows Server, make sure to disable the IE Enhanced Security Configuration setting. If this setting is enabled and set to block downloads, you won't be able to download anything from the App-V Server.
-4.  Click **Advanced**, and then click **Export Configuration**. Type in a filename and click **Save**. Now you can edit the file to configure a package for a user.
-
-    **Note**  
-    To export a configuration while running on Windows Server, you must disable "IE Enhanced Security Configuration". If this is enabled and set to block downloads, you cannot download anything from the App-V Server.
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
 
 ## Related topics
 
-[Operations for App-V](appv-operations.md)
+- [Operations for App-V](appv-operations.md)

windows/application-management/app-v/appv-create-a-package-accelerator-with-powershell.md

@@ -1,50 +1,47 @@
 ---
-title: How to Create a Package Accelerator by Using Windows PowerShell (Windows 10)
+title: How to create a package accelerator by using Windows PowerShell (Windows 10)
-description: How to Create a Package Accelerator by Using Windows PowerShell
+description: How to create a package accelerator with Windows PowerShell.
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/19/2017
+ms.date: 07/10/2018
 ---
+# How to create a package accelerator by using Windows PowerShell
 
+>Applies to: Windows 10, version 1607
 
-# How to Create a Package Accelerator by Using Windows PowerShell
+App-V Package Accelerators automatically sequence large, complex applications. Also, when you apply an App-V Package Accelerator, you don't have to manually install an application to create the virtualized package.
 
-**Applies to**
+## Create a package accelerator
--   Windows 10, version 1607
 
-App-V package accelerators automatically sequence large, complex applications. Additionally, when you apply an App-V package accelerator, you are not always required to manually install an application to create the virtualized package.
+1. Install the App-V sequencer. For more information about installing the sequencer, see [How to install the sequencer](appv-install-the-sequencer.md).
+2. To open a Windows PowerShell console, select **Start** and enter **PowerShell**. Right-click **Windows PowerShell** and select **Run as Administrator**.
+3. Make sure that you have the .appv package to create an accelerator from the installation media or installation files. You can also optionally use a readme file for the accelerator's users to reference.
+4. Enter the **New-AppvPackageAccelerator** cmdlet.
 
-**To create a package accelerator**
+    The following parameters are required to use the package accelerator cmdlet:
 
-1.  Install the App-V sequencer. For more information about installing the sequencer see [How to Install the Sequencer](appv-install-the-sequencer.md).
+    - *InstalledFilesPath* specifies the application installation path.
+    - *Installer* specifies the path to the application installer media.
+    - *InputPackagePath* specifies the path to the .appv package.
+    - *Path* specifies the output directory for the package.
 
-2.  To open a Windows PowerShell console, click **Start** and type **PowerShell**. Right-click **Windows PowerShell** and select **Run as Administrator**. Use the **New-AppvPackageAccelerator** cmdlet.
+    The following example cmdlet shows how you can create a package accelerator with an .appv package and the installation media:
 
-3.  To create a package accelerator, make sure that you have the .appv package to create an accelerator from, the installation media or installation files, and optionally a read me file for consumers of the accelerator to use. The following parameters are required to use the package accelerator cmdlet:
+    ```PowerShell
+    New-AppvPackageAccelerator -InputPackagePath <path to the .appv file> -Installer <path to the installer executable> -Path <directory of the output path>
+    ```
 
-    -   **InstalledFilesPath** - specifies the application installation path.
+    You can also use the following optional parameter with the **New-AppvPackageAccelerator** cmdlet:
 
-    -   **Installer** – specifies the path to the application installer media
+    - *AcceleratorDescriptionFile* specifies the path to user-created package accelerator instructions. The package accelerator instructions are **.txt** or **.rtf** description files that will be included in the package created by the package accelerator.
-
-    -   **InputPackagePath** – specifies the path to the .appv package
-
-    -   **Path** – specifies the output directory for the package.
-
-    The following example displays how you can create a package accelerator with an .appv package and the installation media:
-
-    **New-AppvPackageAccelerator -InputPackagePath &lt;path to the .appv file&gt; -Installer &lt;path to the installer executable&gt; -Path &lt;directory of the output path&gt;**
-
-    An additional optional parameter that can be used with the **New-AppvPackageAccelerator** cmdlet is as follows:
-
-    -   **AcceleratorDescriptionFile** - specifies the path to user created package accelerator instructions. The package accelerator instructions are **.txt** or **.rtf** description files that will be packaged with the package created using the package accelerator.
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
 
 ## Related topics
 
-[Administering App-V by Using Windows PowerShell](appv-administering-appv-with-powershell.md)
+- [Administering App-V by using Windows PowerShell](appv-administering-appv-with-powershell.md)

windows/application-management/app-v/appv-create-a-package-accelerator.md

@@ -1,79 +1,77 @@
 ---
-title: How to Create a Package Accelerator (Windows 10)
+title: How to create a package accelerator (Windows 10)
-description: How to Create a Package Accelerator
+description: How to create a package accelerator.
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/19/2017
+ms.date: 07/10/2018
 ---
+# How to create a package accelerator
 
+>Applies to: Windows 10, version 1607
 
-# How to Create a Package Accelerator
+App-V Package Accelerators automatically generate new virtual application packages.
 
-**Applies to**
+>[!NOTE]
--   Windows 10, version 1607
+>You can use Windows PowerShell to create a package accelerator. For more information, see [How to create a package accelerator by using Windows PowerShell](appv-create-a-package-accelerator-with-powershell.md).
-
-App-V package accelerators automatically generate new virtual application packages.
-
->**Note**  You can use Windows PowerShell to create a package accelerator. For more information see [How to Create a Package Accelerator by Using Windows PowerShell](appv-create-a-package-accelerator-with-powershell.md).
 
 Use the following procedure to create a package accelerator.
 
->**Important**
+>[!IMPORTANT]
-> - Package Accelerators can contain password and user-specific information. Therefore you must save Package Accelerators and the associated installation media in a secure location, and you should digitally sign the Package Accelerator after you create it so that the publisher can be verified when the App-V Package Accelerator is applied.
+>
-> - Before you begin the following procedure, perform the following:
+>- Because package accelerators can contain password and user-specific information, you should save package accelerators and the associated installation media in a secure location, and you should also digitally sign the package accelerator after creating it so that you can verify the publisher when applying the App-V Package Accelerator.
-    -   Copy the virtual application package that you will use to create the package accelerator locally to the computer running the sequencer.
+>- Before you begin creating a package accelerator, do the following:
-    -   Copy all required installation files associated with the virtual application package to the computer running the sequencer.
+>     - Copy the virtual application package that you will use to create the package accelerator locally to the computer running the sequencer.
-> - The App-V Sequencer does not grant any license rights to the software application you are using to create the Package Accelerator. You must abide by all end user license terms for the application you are using. It is your responsibility to make sure the software application’s license terms allow you to create a Package Accelerator using App-V Sequencer.
+>     - Copy all required installation files associated with the virtual application package to the computer running the sequencer.
+>- The App-V Sequencer does not grant any license rights to the software application you are using to create the package accelerator. You must abide by all end user license terms for the application you are using. It is your responsibility to make sure the software application’s license terms allow you to create a package accelerator with the App-V sequencer.
 
-## To create a package accelerator
+## Create a package accelerator
 
-1.  To start the App-V sequencer, on the computer that is running the sequencer, click **Start** / **All Programs** / **Microsoft Application Virtualization** / **Microsoft Application Virtualization Sequencer**.
+1. To start the App-V sequencer on the computer running the sequencer, select **Start** > **All Programs** > **Microsoft Application Virtualization** > **Microsoft Application Virtualization Sequencer**.
 
-2.  To start the App-V **Create Package Accelerator** wizard, in the App-V sequencer console, click **Tools** / **Create Accelerator**.
+2. To start the App-V **Create Package Accelerator** wizard, in the App-V sequencer console, select **Tools** > **Create Accelerator**.
 
-3.  On the **Select Package** page, to specify an existing virtual application package to use to create the Package Accelerator, click **Browse**, and locate the existing virtual application package (.appv file).
+3. On the **Select Package** page, select **Browse** to specify an existing virtual application package to use to create the package accelerator, then locate the existing virtual application package (it will appear as an .appv file).
 
-    **Tip**<br>
+    >[!TIP]
-    Copy the files associated with the virtual application package you plan to use locally to the computer running the Sequencer.
+    >Copy the files associated with the virtual application package you plan to use locally to the computer running the Sequencer.
 
-    Click **Next**.
+    Select **Next**.
 
-4.  On the **Installation Files** page, to specify the folder that contains the installation files that you used to create the original virtual application package, click **Browse**, and then select the directory that contains the installation files.
+4. Go to the **Installation Files** page and select **Browse**, then select the directory that contains the installation files to specify the folder containing the original virtual package's installation files.
 
-    **Tip**<br>
+    >[!TIP]
-    Copy the folder that contains the required installation files to the computer running the Sequencer.
+    >Copy the folder that contains the required installation files to the computer running the Sequencer.
 
-5.  If the application is already installed on the computer running the sequencer, to specify the installation file, select **Files installed on local system**. To use this option, the application must already be installed in the default installation location.
+5. If the application is already installed on the computer running the sequencer, then select **Files installed on local system** to specify the installation file. To use this option, the application must already be installed in the default installation location.
 
-6.  On the **Gathering Information** page, review the files that were not found in the location specified on the **Installation Files** page of this wizard. If the files displayed are not required, select **Remove these files**, and then click **Next**. If the files are required, click **Previous** and copy the required files to the directory specified on the **Installation Files** page.
+6. On the **Gathering Information** page, review the files that you couldn't find in the location specified by the **Installation Files** page. If the files displayed are not required, select **Remove these files**, then select **Next**. If the files are required, select **Previous** and copy the required files to the directory specified on the **Installation Files** page.
 
-    **Note**<br>
+    >[!NOTE]
-    You must either remove the unrequired files, or click **Previous** and locate the required files to advance to the next page of this wizard.
+    >You must either remove the unrequired files or select **Previous** and locate the required files to advance to the next page of this wizard.
 
-7.  On the **Select Files** page, carefully review the files that were detected, and clear any file that should be removed from the package accelerator. Select only files that are required for the application to run successfully, and then click **Next**.
+7. On the **Select Files** page, carefully review the detected files. Clear any file the package accelerator doesn't need to run successfully and select only the files that the application requires. When you're done, select **Next**.
 
-8.  On the **Verify Applications** page, confirm that all installation files that are required to build the package are displayed. When the Package Accelerator is used to create a new package, all installation files displayed in the **Applications** pane are required to create the package.
+8. Confirm that the **Verify Applications** page displays all installation files required to build the package. The package accelerator requires all installation files displayed in the **Applications** pane in order to create the package.
 
-    If necessary, to add additional Installer files, click **Add**. To remove unnecessary installation files, select the Installer file, and then click **Delete**. To edit the properties associated with an installer, click **Edit**. The installation files specified in this step will be required when the Package Accelerator is used to create a new virtual application package. After you have confirmed the information displayed, click **Next**.
+    If you need to add additional Installer files, select **Add**. To remove unnecessary installation files, select the **Installer file**, then select **Delete**. To edit the properties associated with an installer, select **Edit**. The package accelerator requires the installation files specified in this step to create a new virtual application package. After you have confirmed the information displayed, select **Next**.
 
-9.  On the **Select Guidance** page, to specify a file that contains information about how the Package Accelerator, click **Browse**. For example, this file can contain information about how the computer running the Sequencer should be configured, application prerequisite information for target computers, and general notes. You should provide all required information for the Package Accelerator to be successfully applied. The file you select must be in rich text (.rtf) or text file (.txt) format. Click **Next**.
+9. On the **Select Guidance** page, select **Browse** to specify the file that will provide the package accelerator with application instructions. For example, this file can contain information about how the computer running the Sequencer should be configured, application prerequisite information for target computers, and general notes. You should provide all required information for successful package accelerator application. The file you select must be in rich text (.rtf) or text file (.txt) format. After specifying the file, select **Next**.
 
-10. On the **Create Package Accelerator** page, to specify where to save the Package Accelerator, click **Browse** and select the directory.
+10. On the **Create Package Accelerator** page, select **Browse** and select the directory where you want to save the package accelerator.
 
-11. On the **Completion** page, to close the **Create Package Accelerator** wizard, click **Close**.
+11. On the **Completion** page, select **Close**.
 
-    **Important**<br>
+    >[!IMPORTANT]
-    To help ensure that the package accelerator is as secure as possible, and so that the publisher can be verified when the package accelerator is applied, you should always digitally sign the package accelerator.
+    >You should always digitally sign the package accelerator to ensure that it is secure and can be verified by a publisher during application.
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
 
 ## Related topics
 
-[Operations for App-V](appv-operations.md)
+- [Operations for App-V](appv-operations.md)
-
+- [How to create a virtual application package using an App-V Package Accelerator](appv-create-a-virtual-application-package-package-accelerator.md)
-[How to Create a Virtual Application Package Using an App-V Package Accelerator](appv-create-a-virtual-application-package-package-accelerator.md)

windows/application-management/app-v/appv-create-a-virtual-application-package-package-accelerator.md

@@ -1,79 +1,76 @@
 ---
-title: How to Create a Virtual Application Package Using an App-V Package Accelerator (Windows 10)
+title: How to create a virtual application package using an App-V Package Accelerator (Windows 10)
-description: How to Create a Virtual Application Package Using an App-V Package Accelerator
+description: How to create a virtual application package using an App-V Package Accelerator.
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/19/2017
+ms.date: 07/10/2018
 ---
+# How to create a virtual application package using an App-V Package Accelerator
 
-
+>Applies to: Windows 10, version 1607
-# How to Create a Virtual Application Package Using an App-V Package Accelerator
-
-**Applies to**
--   Windows 10, version 1607
 
 Use the following procedure to create a virtual application package with the App-V Package Accelerator.
 
-> **Important**  The App-V Sequencer does not grant any license rights to the software application that you use to create the Package Accelerator. You must abide by all end user license terms for the application that you use. It is your responsibility to make sure that the software application’s license terms allow you to create a Package Accelerator with the App-V Sequencer.
+>[!IMPORTANT]
+>The App-V Sequencer does not grant any license rights to the software application that you use to create the package accelerator. You must abide by all end user license terms for the application that you use. It is your responsibility to make sure that the software application’s license terms allow you to create a package accelerator with the App-V Sequencer.
 
-**To create a virtual application package with an App-V Package Accelerator**
+## Create a virtual application package with an App-V Package Accelerator
 
-1. Be sure that the required Package Accelerator has been copied locally to the computer that runs the App-V Sequencer. Also copy all required installation files for the package to a local folder on the computer that runs the Sequencer. This is the folder that you have to specify in step 6 of this procedure.
+1. Make sure you've copied the required package accelerator locally to the computer running the App-V Sequencer. Also make sure to copy all required installation files for the package to a local folder on the computer running the Sequencer. This is the folder that you have to specify in step 6 of this procedure.
 
-2.  To start the App-V Sequencer, on the computer that runs the App-V Sequencer, click **Start** / **All Programs** / **Microsoft Application Virtualization** / **Microsoft Application Virtualization Sequencer**.
+2. To start the App-V Sequencer on the computer that runs the Sequencer, go to **Start** > **All Programs** > **Microsoft Application Virtualization** > **Microsoft Application Virtualization Sequencer**.
 
-3.  To start the **Create New Package Wizard**, click **Create a New Virtual Application Package**. To create the package, select the **Create Package using a Package Accelerator** check box, and then click **Next**.
+3. Select **Create a New Virtual Application Package**. To create the package, select the **Create Package using a Package Accelerator** check box, then select **Next**.
 
-4.  To specify the package accelerator that will be used to create the new virtual application package, click **Browse** on the **Select Package Accelerator** page. Click **Next**.
+4. To specify the package accelerator that will be used to create the new virtual application package, select **Browse** on the **Select Package Accelerator** page. Select **Next**.
 
-    > **Important**  If the publisher of the package accelerator cannot be verified and does not contain a valid digital signature, then before you click **Run**, you must confirm that you trust the source of the package accelerator. Confirm your choice in the **Security Warning** dialog box.
+    >[!IMPORTANT]
+    >If the publisher of the package accelerator cannot be verified and does not contain a valid digital signature, then before you select **Run**, you must confirm that you trust the source of the package accelerator. Confirm your choice in the **Security Warning** dialog box.
 
-5.  On the **Guidance** page, review the publishing guidance information that is displayed in the information pane. This information was added when the Package Accelerator was created and it contains guidance about how to create and publish the package. To export the guidance information to a text (.txt) file, click **Export** and specify the location where the file should be saved, and then click **Next**.
+5. On the **Guidance** page, review the publishing guidance information that is displayed in the information pane. This information was added when the package accelerator was created and it contains guidance about how to create and publish the package. To export the guidance information to a text (.txt) file, select **Export** and specify the location where the file should be saved, and then select **Next**.
 
-6.  On the **Select Installation Files** page, click **Make New Folder** to create a local folder that contains all required installation files for the package, and specify where the folder should be saved. You must also specify a name to be assigned to the folder. You must then copy all required installation files to the location that you specified. If the folder that contains the installation files already exists on the computer that runs the Sequencer, click **Browse** to select the folder.
+6. On the **Select Installation Files** page, select **Make New Folder** to create a local folder that contains all required installation files for the package, and specify where the folder should be saved. You must also specify a name to be assigned to the folder. You must then copy all required installation files to the location that you specified. If the folder that contains the installation files already exists on the computer that runs the Sequencer, select **Browse** to select the folder.
 
-    Alternatively, if you have already copied the installation files to a directory on this computer, click **Make New Folder**, browse to the folder that contains the installation files, and then click **Next**.
+    Alternatively, if you have already copied the installation files to a directory on this computer, select **Make New Folder**, browse to the folder that contains the installation files, then select **Next**.
 
-    > **Note**  You can specify the following types of supported installation files:
+    >[!NOTE]
-    > -   Windows Installer files (**.msi**)
+    >You can specify the following types of supported installation files:
-    > -   Cabinet files (.cab)
+    > - Windows Installer files (**.msi**)
-    > -   Compressed files with a .zip file name extension
+    > - Cabinet files (.cab)
-    > -   The actual application files
+    > - Compressed files with a .zip file name extension
+    > - The actual application files
     > The following file types are not supported: **.msp** and **.exe** files. If you specify an **.exe** file, you must extract the installation files manually.
 
-7.  If the package accelerator requires an application to be installed before you apply the Package Accelerator, and if you have already installed the required application, select **I have installed all applications**, and then click **Next** on the **Local Installation** page.
+7. If the package accelerator requires you to install an application before you apply the package accelerator and you have already installed the required application, select **I have installed all applications**, then select **Next** on the **Local Installation** page.
 
-8.  On the **Package Name** page, specify a name that will be associated with the package. The name that you specify identifies the package in the App-V Management Console. Click **Next**.
+8. On the **Package Name** page, specify a name that will be associated with the package. The name you choose will identify the package in the App-V Management Console. Select **Next**.
 
-9.  On the **Create Package** page, provide comments that will be associated with the package. The comments should contain identifying information about the package that you are creating. To confirm the location where the package is created, review the information that is displayed in **Save Location**. To compress the package, select **Compress Package**. Select the **Compress Package** check box if the package will be streamed across the network, or when the package size exceeds 4 GB.
+9. On the **Create Package** page, provide comments that will be associated with the package. The comments should contain identifying information about the package that you are creating. To confirm the location where the package is created, review the information displayed in **Save Location**. To compress the package, select **Compress Package**. Select the **Compress Package** check box if the package will be streamed across the network or the package size exceeds 4 GB.
 
-10.  To create the package, click **Create**. After the package is created, click **Next**.
+10. To create the package, select **Create**. After the package is created, select **Next**.
 
-11.  On the **Configure Software** page, to enable the Sequencer to configure the applications that are contained in the package, select **Configure Software**. In this step you can configure any associated tasks that must be completed in order to run the application on the target computers. For example, you can configure any associated license agreements.
+11. On the **Configure Software** page, to enable the Sequencer to configure the applications contained within the package, select **Configure Software**. **Configure Software** will let you configure any associated tasks required to run the application on the target computers. For example, you can configure any associated license agreements.
 
-    If you select **Configure Software**, the following items can be configured using the Sequencer as part of this step:
+    The following items can be configured using the Sequencer as part of this step:
 
-    -   **Load Package**. The Sequencer loads the files that are associated with the package. It can take several seconds to an hour to decode the package.
+    - **Load Package** loads files associated with the package. It can take several seconds to an hour to decode the package.
+    - **Run Each Program** optionally runs programs contained within the package. This step can help you complete associated license or configuration tasks that must be completed before deploying and running the package on target computers. To run all the programs at once, select at least one program, and then select **Run All**. To run specific programs, select the program or programs that you want to run, and then select **Run Selected**. Complete the required configuration tasks, then close the applications. It can take several minutes for all programs to run. Select **Next**.
+    - **Save Package** saves the package.
+    - **Primary Feature Block** optimizes the package for streaming by rebuilding the primary feature block.
 
-    -   **Run Each Program**. Optionally run the programs that are contained in the package. This step is helpful to complete any associated license or configuration tasks that are required to run the application before you deploy and run the package on target computers. To run all the programs at once, select at least one program, and then click **Run All**. To run specific programs, select the program or programs that you want to run, and then click **Run Selected**. Complete the required configuration tasks, and then close the applications. It can take several minutes for all programs to run. Click **Next**.
+    If you don't want to configure the applications, select **Skip this step**, then select **Next**.
 
-    -   **Save Package**. The Sequencer saves the package.
+12. On the **Completion** page, after you review the information that is displayed in the **Virtual Application Package Report** pane, select **Close**.
 
-    -   **Primary Feature Block**. The Sequencer optimizes the package for streaming by rebuilding the primary feature block.
+    The package is now available in the Sequencer. To edit the package properties, select **Edit \[Package Name\]**. For more information about how to modify a package, see [How to modify an existing virtual application package](appv-modify-an-existing-virtual-application-package.md).
-
-    If you do not want to configure the applications, click **Skip this step**, and then click **Next**.
-
-12.  On the **Completion** page, after you review the information that is displayed in the **Virtual Application Package Report** pane, click **Close**.
-
-    The package is now available in the Sequencer. To edit the package properties, click **Edit \[Package Name\]**. For more information about how to modify a package, see [How to Modify an Existing Virtual Application Package](appv-modify-an-existing-virtual-application-package.md).
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
 
 ## Related topics
 
-[Operations for App-V](appv-operations.md)
+- [Operations for App-V](appv-operations.md)

windows/application-management/app-v/appv-create-and-use-a-project-template.md

@@ -6,60 +6,54 @@ ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/19/2017
+ms.date: 07/10/2018
 ---
-
 # Create and apply an App-V project template to a sequenced App-V package
 
-**Applies to**
+>Applies to: Windows 10, version 1607
--   Windows 10, version 1607
 
-You can use an App-V project template (.appvt) file to save commonly applied settings associated with an existing virtual application package. These settings can then be applied when you create new virtual application packages in your environment. Using a project template can streamline the process of creating virtual application packages. App-V project templates differ from App-V Package Accelerators because App-V Package Accelerators are application-specific, while App-V project templates can be applied to multiple applications. For more info about Package Accelerators, see the [How to create a Package Accelerator](appv-create-a-package-accelerator.md) topic.
+You can use an App-V Project Template (.appvt) file to save commonly applied settings associated with an existing virtual application package. You can then apply these settings whenever you create new virtual application packages in your environment, streamlining the package creation process. App-V Project Templates differ from App-V Package Accelerators because App-V Package Accelerators are application-specific, while App-V Project Templates can be applied to multiple applications. To learn more about package accelerators, see [How to create a package accelerator](appv-create-a-package-accelerator.md).
 
 >[!IMPORTANT]
->In Windows 10, version 1703, running the new-appvsequencerpackage or the update-appvsequencepackage cmdlets automatically captures and stores all of your customizations as an App-V project template. If you want to make changes to this package later, your customizations are automatically loaded from this template file. If you have an auto-saved template and you attempt to load another template through the _TemplateFilePath_ parameter, the customization value from the parameter will override the auto-saved template.
+>In Windows 10, version 1703, running the **New-AppvSequencerPackage** or the **Update-AppvSequencerPackage** cmdlets will automatically capture and store your customizations as an App-V Project Template. If you want to make changes to this package later, you can automatically load your customizations from this template file. If you have an auto-saved template and you attempt to load another template through the *TemplateFilePath* parameter, the customization value from the parameter will override the auto-saved template.
-
 
 ## Create a project template
+
 You must first create and save a project template, including a virtual app package with settings to be used by the template.
 
-**To create a project template**
+1. On the device running the App-V Sequencer, select **Start**, select **All Programs**, select **Microsoft Application Virtualization**, and then select **Microsoft Application Virtualization Sequencer**.
-
-1. On the device running the App-V Sequencer, click **Start**, click **All Programs**, click **Microsoft Application Virtualization**, and then click **Microsoft Application Virtualization Sequencer**.
 
     >[!NOTE]
     >If the virtual app package is currently open in the App-V Sequencer console, skip to Step 3 of this procedure.
 
-2. On the **File** menu, click **Open**, click **Edit Package**, browse for the virtual app package that includes the settings you want to save with the App-V project template, and then click **Edit** to change any of the settings or info included in the file.
+2. On the **File** menu, select **Open**, select **Edit Package**, browse for the virtual app package that includes the settings you want to save with the App-V Project Template, and then select **Edit** to change any of the settings or info included in the file.
 
-3. On the **File** menu, click **Save As Template**, review the settings associated with the new template, click **OK**, name your new template, and then click **Save**.
+3. On the **File** menu, select **Save As Template**, review the settings associated with the new template, select **OK**, name your new template, and then select **Save**.
 
-    The new App-V project template is saved in the folder you specified.
+    The new App-V Project Template is saved in the folder you specified.
 
 ## Apply a project template
+
 After creating the template, you can apply it to all of your new virtual app packages, automatically including all of the settings.
 
 >[!IMPORTANT]
->Virtual app packages don't support using both a project template and a Package Accelerator together.
+>Virtual app packages don't support using both a project template and a package accelerator at the same time.
 
-1. On the device running the App-V Sequencer, click **Start**, click **All Programs**, click **Microsoft Application Virtualization**, and then click **Microsoft Application Virtualization Sequencer**.
+1. On the device running the App-V Sequencer, select **Start** > **All Programs** > **Microsoft Application Virtualization** > **Microsoft Application Virtualization Sequencer**.
 
-2. On the **File** menu, click **New From Template**, browse to your newly created project template, and then click **Open**.
+2. On the **File** menu, select **New From Template**, browse to your newly created project template and select **Open**.
 
 3. Create your new virtual app package. The settings saved with your template are automatically applied.
 
 ### Related topics
+
 - [Download the Windows ADK](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit)
-
 - [How to install the App-V Sequencer](appv-install-the-sequencer.md)
-
 - [Learn about Hyper-V on Windows Server 2016](https://technet.microsoft.com/en-us/windows-server-docs/compute/hyper-v/hyper-v-on-windows-server)
-
 - [Automatically sequence multiple apps at the same time using Microsoft Application Virtualization Sequencer (App-V Sequencer)](appv-auto-batch-sequencing.md)
-
 - [Automatically update multiple apps at the same time using Microsoft Application Virtualization Sequencer (App-V Sequencer)](appv-auto-batch-updating.md)
-
 - [Manually sequence a new app using Microsoft Application Virtualization Sequencer (App-V Sequencer)](appv-sequence-a-new-application.md)
 
-**Have a suggestion for App-V?**<p>
+## Have a suggestion for App-V?
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).

windows/application-management/app-v/appv-creating-and-managing-virtualized-applications.md

@@ -1,6 +1,6 @@
 ---
-title: Creating and Managing App-V Virtualized Applications (Windows 10)
+title: Creating and managing App-V virtualized applications (Windows 10)
-description: Creating and Managing App-V Virtualized Applications
+description: Creating and managing App-V virtualized applications
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
@@ -8,7 +8,7 @@ ms.sitesec: library
 ms.prod: w10
 ms.date: 04/18/2018
 ---
-# Creating and Managing App-V Virtualized Applications
+# Creating and managing App-V virtualized applications
 
 >Applies to: Windows 10, version 1607
 

windows/application-management/app-v/appv-customize-virtual-application-extensions-with-the-management-console.md

@@ -1,40 +1,37 @@
 ---
-title: How to Customize Virtual Applications Extensions for a Specific AD Group by Using the Management Console (Windows 10)
+title: How to customize virtual application extensions for a specific AD group by using the Management Console (Windows 10)
-description: How to Customize Virtual Applications Extensions for a Specific AD Group by Using the Management Console
+description: How to customize virtual application extensions for a specific AD group by using the Management Console.
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/19/2017
+ms.date: 07/10/2018
 ---
+# How to customize virtual applications extensions for a specific AD group by using the Management Console
 
-
+>Applies to: Windows 10, version 1607
-# How to Customize Virtual Applications Extensions for a Specific AD Group by Using the Management Console
-
-**Applies to**
--   Windows 10, version 1607
 
 Use the following procedure to customize the virtual application extensions for an Active Directory (AD) group.
 
-**To customize virtual applications extensions for an AD group**
+## Customize virtual applications extensions for an AD group
 
-1.  To view the package that you want to configure, open the App-V Management Console. To view the configuration that is assigned to a given user group, select the package, and right-click the package name and select **Edit active directory access**. Alternatively, select the package and click **EDIT** in the **AD ACCESS** pane.
+1. To view the package that you want to configure, open the App-V Management Console. To view the configuration assigned to a given user group, select the package, then right-click the package name and select **Edit active directory access**. Alternatively, select the package and select **EDIT** in the **AD ACCESS** pane.
 
-2.  To customize an AD group, you can find the group from the list of **AD Entities with Access**. Then, using the drop-down box in the **Assigned Configuration** pane, select **Custom**, and then click **EDIT**.
+2. To customize an AD group, you can find the group from the list of **AD Entities with Access**. Then, using the drop-down box in the **Assigned Configuration** pane, select **Custom**, and then select **EDIT**.
 
-3.  To disable all extensions for a given application, clear **ENABLE**.
+3. To disable all extensions for a given application, clear **ENABLE**.
 
-    To add a new shortcut for the selected application, right-click the application in the **SHORTCUTS** pane, and select **Add new shortcut**. To remove a shortcut, right-click the application in the **SHORTCUTS** pane, and select **Remove Shortcut**. To edit an existing shortcut, right-click the application, and select **Edit Shortcut**.
+    To add a new shortcut for the selected application, right-click the application in the **SHORTCUTS** pane, and select **Add new shortcut**. To remove a shortcut, right-click the application in the **SHORTCUTS** pane and select **Remove Shortcut**. To edit an existing shortcut, right-click the application and select **Edit Shortcut**.
 
-4.  To view any other application extensions, click **Advanced**, and click **Export Configuration**. Type in a filename and click **Save**. You can view all application extensions that are associated with the package using the configuration file.
+4. To view any other application extensions, select **Advanced**, and select **Export Configuration**. Enter a filename and select **Save**. You can view all application extensions that are associated with the package using the configuration file.
 
-5.  To edit additional application extensions, modify the configuration file and click **Import and Overwrite this Configuration**. Select the modified file and click **Open**. In the dialog, click **Overwrite** to complete the process.
+5. To edit additional application extensions, modify the configuration file and select **Import and Overwrite this Configuration**. Select the modified file and select **Open**. In the dialog, select **Overwrite** to complete the process.
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
 
 ## Related topics
 
-[Operations for App-V](appv-operations.md)
+- [Operations for App-V](appv-operations.md)

windows/application-management/apps-in-windows-10.md

@@ -8,7 +8,7 @@ ms.pagetype: mobile
 ms.author: elizapo
 author: lizap
 ms.localizationpriority: medium
-ms.date: 04/30/2018
+ms.date: 07/10/2018
 ---
 # Understand the different apps included in Windows 10
 
@@ -97,7 +97,7 @@ System apps are integral to the operating system. Here are the typical system ap
 Here are the typical installed Windows apps in Windows 10 versions 1703, 1709, and 1803.
 
 | Name               | Full name                                | 1703 | 1709 | 1803 |Uninstall through UI? |
-|--------------------|------------------------------------------|:------:|:------:|:------:|----------------------|
+|--------------------|------------------------------------------|:----:|:----:|:----:|----------------------|
 | Remote Desktop     | Microsoft.RemoteDesktop                  | x    | x    |      | Yes                  |
 | PowerBI            | Microsoft.Microsoft PowerBIforWindows    | x    |      |      | Yes                  |
 | Code Writer        | ActiproSoftwareLLC.562882FEEB491         | x    | x    | x    | Yes                  |
@@ -106,7 +106,7 @@ Here are the typical installed Windows apps in Windows 10 versions 1703, 1709, a
 | Photoshop Express  | AdobeSystemIncorporated. AdobePhotoshop  | x    | x    | x    | Yes                  |
 | Duolingo           | D5EA27B7.Duolingo- LearnLanguagesforFree | x    | x    | x    | Yes                  |
 | Network Speed Test | Microsoft.NetworkSpeedTest               | x    | x    | x    | Yes                  |
-| News                            | Microsoft.BingNews                     | x    |  x   | x    | Yes                       |
+| News               | Microsoft.BingNews                       | x    |  x   | x    | Yes                  |
 | Flipboard          |                                          |      |      |      | Yes                  |
 |                    | Microsoft.Advertising.Xaml               | x    | x    | x    | Yes                  |
 |                    | Microsoft.NET.Native.Framework.1.2       | x    | x    | x    | Yes                  |
@@ -172,3 +172,6 @@ Here are the typical provisioned Windows apps in Windows 10 versions 1703, 1709,
 |                                 | Microsoft.XboxGamingOverlay            |      |      | x    | No                        |
 |                                 | Microsoft.XboxIdentityProvider         | x    |  x   | x    | No                        |
 |                                 | Microsoft.XboxSpeech ToTextOverlay     | x    |  x   | x    | No                        |
+
+>[!NOTE]
+>The Store app can't be removed. If you want to remove and reinstall the Store app, you can only bring Store back by either restoring your system from a backup or resetting your system. Instead of removing the Store app, you should use group policies to hide or disable it.

windows/client-management/mdm/policy-configuration-service-provider.md

@@ -3044,6 +3044,14 @@ The following diagram shows the Policy configuration service provider in tree fo
   </dd>
 </dl>
 
+### TaskManager policies
+
+<dl>
+  <dd>
+    <a href="./policy-csp-taskmanager.md#taskmanager-allowendtask" id="taskmanager-allowendtask">TaskManager/AllowEndTask</a>
+  </dd>
+</dl>
+
 ### TaskScheduler policies
 
 <dl>

windows/client-management/mdm/policy-csp-taskmanager.md

@@ -0,0 +1,99 @@
+---
+title: Policy CSP - TaskManager
+description: Policy CSP - TaskManager
+ms.author: maricia
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: MariciaAlforque
+ms.date: 07/05/2018
+---
+
+# Policy CSP - TaskManager
+
+> [!WARNING]
+> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+
+
+<hr/>
+
+<!--Policies-->
+## TaskManager policies  
+
+<dl>
+  <dd>
+    <a href="#taskmanager-allowendtask">TaskManager/AllowEndTask</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="taskmanager-allowendtask"></a>**TaskManager/AllowEndTask**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+	<th>Home</th>
+	<th>Pro</th>
+	<th>Business</th>
+	<th>Enterprise</th>
+	<th>Education</th>
+	<th>Mobile</th>
+	<th>Mobile Enterprise</th>
+</tr>
+<tr>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td></td>
+	<td></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This setting determines whether non-administrators can use Task Manager to end tasks.
+
+Value type is integer. Supported values:  
+ -  0 - Disabled. EndTask functionality is blocked in TaskManager.
+ -  1 - Enabled (default).  Users can perform EndTask in TaskManager.
+
+<!--/Description-->
+<!--SupportedValues-->
+
+<!--/SupportedValues-->
+<!--Example-->
+
+<!--/Example-->
+<!--Validation-->
+**Validation procedure:**  
+When this policy is set to 1 - users CAN execute 'End task' on processes in TaskManager 
+When the policy is set to 0 - users CANNOT execute 'End task' on processes in TaskManager
+
+<!--/Validation-->
+<!--/Policy-->
+<hr/>
+
+Footnote:
+
+-   1 - Added in Windows 10, version 1607.
+-   2 - Added in Windows 10, version 1703.
+-   3 - Added in Windows 10, version 1709.
+-   4 - Added in Windows 10, version 1803.
+-   5 - Added in the next major release of Windows 10.
+
+<!--/Policies-->
+

windows/deployment/TOC.md

@@ -220,6 +220,10 @@
 ### [Optimize Windows 10 update delivery](update/waas-optimize-windows-10-updates.md)
 #### [Configure Delivery Optimization for Windows 10 updates](update/waas-delivery-optimization.md)
 #### [Configure BranchCache for Windows 10 updates](update/waas-branchcache.md)
+### [Best practices for feature updates on mission-critical devices](update/feature-update-mission-critical.md)
+#### [Deploy feature updates during maintenance windows](update/feature-update-maintenance-window.md)
+#### [Deploy feature updates for user-initiated installations](update/feature-update-user-install.md)
+#### [Conclusion](update/feature-update-conclusion.md)
 ### [Deploy updates for Windows 10 Mobile Enterprise and Windows 10 IoT Mobile](update/waas-mobile-updates.md)
 ### [Deploy updates using Windows Update for Business](update/waas-manage-updates-wufb.md)
 #### [Configure Windows Update for Business](update/waas-configure-wufb.md)

windows/deployment/update/feature-update-conclusion.md

@@ -0,0 +1,20 @@
+---
+title: Best practices for feature updates - conclusion
+description: Final thoughts about how to deploy feature updates
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: lizap
+ms.localizationpriority: medium
+ms.author: elizapo
+ms.date: 07/09/2018
+---
+
+# Conclusion
+
+**Applies to**: Windows 10
+
+Mission critical devices that need to be online 24x7 pose unique challenges for the IT Pro looking to stay current with the latest Windows 10 feature update. Because these devices are online continually, providing mission critical services, with only a small window of time available to apply feature updates, specific procedures are required to effectively keep these devices current, with as little downtime as possible. 
+
+Whether you have defined servicing windows at your disposal where feature updates can be installed automatically, or you require user initiated installs by a technician, this whitepaper provides guidelines for either approach. Improvements are continually being made to Windows 10 setup to reduce device offline time for feature updates. This whitepaper will be updated as enhancements become available to improve the overall servicing approach and experience.   
+

windows/deployment/update/feature-update-maintenance-window.md

@@ -0,0 +1,257 @@
+---
+title: Best practices - deploy feature updates during maintenance windows
+description: Learn how to deploy feature updates during a maintenance window
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: mcureton
+ms.localizationpriority: medium
+ms.author: mikecure
+ms.date: 07/09/2018
+---
+
+# Deploy feature updates during maintenance windows
+
+**Applies to**: Windows 10
+
+Use the following information to deploy feature updates during a maintenance window.
+
+## Get ready to deploy feature updates
+
+### Step 1: Configure maintenance windows
+
+1.	In the Configuration Manager console, choose **Assets and Compliance> Device Collections**. 
+2.	In the **Device Collections** list, select the collection for which you intended to deploy the feature update(s). 
+3.	On the **Home** tab, in the **Properties** group, choose **Properties**. 
+4.	In the **Maintenance Windows** tab of the <collection name> Properties dialog box, choose the New icon. 
+5.	Complete the <new> Schedule dialog. 
+6.	Select from the Apply this schedule to drop-down list. 
+7.	Choose **OK** and then close the **\<collection name\> Properties** dialog box.
+
+### Step 2: Review computer restart device settings
+
+If you’re not suppressing computer restarts and the feature update will be installed when no users are present, consider deploying a custom client settings policy to your feature update target collection to shorten the settings below or consider the total duration of these settings when defining your maintenance window duration. 
+
+For example, by default, 90 minutes will be honored before the system is rebooted after the feature update install. If users will not be impacted by the user logoff or restart, there is no need to wait a full 90 minutes before rebooting the computer. If a delay and notification is needed, ensure that the maintenance window takes this into account along with the total time needed to install the feature update.
+
+>[!NOTE]
+> The following settings must be shorter in duration than the shortest maintenance window applied to the computer. 
+>- **Display a temporary notification to the user that indicates the interval before the user is logged off or the computer restarts (minutes).**
+>- **Display a dialog box that the user cannot close, which displays the countdown interval before the user is logged off or the computer restarts (minutes).**
+
+### Step 3: Enable Peer Cache
+
+Use **Peer Cache** to help manage deployment of content to clients in remote locations. Peer Cache is a built-in Configuration Manager solution that enables clients to share content with other clients directly from their local cache.
+
+[Enable Configuration Manager client in full OS to share content](https://docs.microsoft.com/sccm/core/clients/deploy/about-client-settings#enable-configuration-manager-client-in-full-os-to-share-content) if you have clients in remote locations that would benefit from downloading feature update content from a peer instead of downloading it from a distribution point (or Microsoft Update). 
+
+### Step 4: Override the default Windows setup priority (Windows 10, version 1709 and later)
+
+If you’re deploying **Feature update to Windows 10, version 1709** or later, by default, portions of setup are configured to run at a lower priority. This can result in a longer total install time for the feature update. When deploying within a maintenance window, we recommend that you override this default behavior to benefit from faster total install times. To override the default priority, create a file called SetupConfig.ini on each machine to be upgraded in the below location containing the single section noted. 
+
+%systemdrive%\Users\Default\AppData\Local\Microsoft\Windows\WSUS\SetupConfig.ini
+
+```
+[SetupConfig]
+Priority=Normal
+```
+
+You can use the new [Run Scripts](https://docs.microsoft.com/sccm/apps/deploy-use/create-deploy-scripts) feature to run a PowerShell script like the sample below to create the SetupConfig.ini on target devices. 
+
+```
+#Parameters
+Param(
+  [string] $PriorityValue = "Normal"
+  )
+
+#Variable for ini file path
+$iniFilePath = "$env:SystemDrive\Users\Default\AppData\Local\Microsoft\Windows\WSUS\SetupConfig.ini"
+
+#Variables for SetupConfig
+$iniSetupConfigSlogan = "[SetupConfig]"
+$iniSetupConfigKeyValuePair =@{"Priority"=$PriorityValue;}
+
+#Init SetupConfig content
+$iniSetupConfigContent = @"
+$iniSetupConfigSlogan
+"@
+
+#Build SetupConfig content with settings
+foreach ($k in $iniSetupConfigKeyValuePair.Keys) 
+{
+    $val = $iniSetupConfigKeyValuePair[$k]
+    
+    $iniSetupConfigContent = $iniSetupConfigContent.Insert($iniSetupConfigContent.Length, "`r`n$k=$val")
+}
+
+#Write content to file 
+New-Item $iniFilePath -ItemType File -Value $iniSetupConfigContent -Force
+
+Disclaimer 
+Sample scripts are not supported under any Microsoft standard support program or service. The sample scripts is 
+provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without 
+limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk 
+arising out of the use or performance of the sample script and documentation remains with you. In no event shall 
+Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable 
+for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, 
+loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample script 
+or documentation, even if Microsoft has been advised of the possibility of such damages.
+```
+
+>[!NOTE] 
+>If you elect not to override the default setup priority, you will need to increase the [maximum run time](https://docs.microsoft.com/sccm/sum/get-started/manage-settings-for-software-updates#BKMK_SetMaxRunTime) value for Feature Update to Windows 10, version 1709 or higher from the default of 60 minutes. A value of 240 minutes may be required. Remember to ensure that your maintenance window duration is larger than your defined maximum run time value. 
+
+## Manually deploy feature updates
+
+The following sections provide the steps to manually deploy a feature update.
+
+### Step 1: Specify search criteria for feature updates
+There are potentially a thousand or more feature updates displayed in the Configuration Manager console. The first step in the workflow for manually deploying feature updates is to identify the feature updates that you want to deploy. 
+
+1.	In the Configuration Manager console, click **Software Library**. 
+2.	In the Software Library workspace, expand **Windows 10 Servicing**, and click **All Windows 10 Updates**. The synchronized feature updates are displayed. 
+3.	In the search pane, filter to identify the feature updates that you need by using one or both of the following steps:
+   - In the search text box, type a search string that will filter the feature updates. For example, type the version number for a specific feature update, or enter a string that would appear in the title of the feature update. 
+   - Click **Add Criteria**, select the criteria that you want to use to filter software updates, click **Add**, and then provide the values for the criteria. For example, Title contains 1803, Required is greater than or equal to 1, and Language equals English.
+
+4.	Save the search for future use. 
+
+### Step 2: Download the content for the feature update(s)
+Before you deploy the feature updates, you can download the content as a separate step. Do this so you can verify that the content is available on the distribution points before you deploy the feature updates. This will help you to avoid any unexpected issues with the content delivery. Use the following procedure to download the content for feature updates before creating the deployment. 
+
+1.	In the Configuration Manager console, navigate to **Software Library > Windows 10 Servicing**. 
+2.	Choose the feature update(s) to download by using your saved search criteria. Select one or more of the feature updates returned, right click, and select Download.
+
+   The **Download Software Updates Wizard** opens. 
+3.	On the **Deployment Package** page, configure the following settings: 
+   **Create a new deployment package**: Select this setting to create a new deployment package for the software updates that are in the deployment. Configure the following settings: 
+      - **Name**: Specifies the name of the deployment package. The package must have a unique name that briefly describes the package content. It is limited to 50 characters. 
+      - **Description**: Specifies the description of the deployment package. The package description provides information about the package contents and is limited to 127 characters. 
+      - **Package source**: Specifies the location of the feature update source files. Type a network path for the source location, for example, \\server\sharename\path, or click **Browse** to find the network location. You must create the shared folder for the deployment package source files before you proceed to the next page. 
+
+   >[!NOTE] 
+   >The deployment package source location that you specify cannot be used by another software deployment package. 
+
+   >[!IMPORTANT] 
+   >The SMS Provider computer account and the user that is running the wizard to download the feature updates must both have Write NTFS permissions on the download location. You should carefully restrict access to the download location to reduce the risk of attackers tampering with the feature update source files. 
+
+   >[!IMPORTANT] 
+   >You can change the package source location in the deployment package properties after Configuration Manager creates the deployment package. But if you do so, you must first copy the content from the original package source to the new package source location. 
+
+   Click **Next**. 
+4.	On the **Distribution Points** page, specify the distribution points or distribution point groups that will host the feature update files, and then click **Next**. For more information about distribution points, see [Distribution point configurations](https://docs.microsoft.com/sccm/core/servers/deploy/configure/install-and-configure-distribution-points#bkmk_configs). 
+
+   >[!NOTE]
+   >The Distribution Points page is available only when you create a new software update deployment package. 
+5.	On the **Distribution Settings** page, specify the following settings: 
+
+   - **Distribution priority**: Use this setting to specify the distribution priority for the deployment package. The distribution priority applies when the deployment package is sent to distribution points at child sites. Deployment packages are sent in priority order: High, Medium, or Low. Packages with identical priorities are sent in the order in which they were created. If there is no backlog, the package will process immediately regardless of its priority. By default, packages are sent using Medium priority. 
+   - **Enable for on-demand distribution**: Use this setting to enable on-demand content distribution to preferred distribution points. When this setting is enabled, the management point creates a trigger for the distribution manager to distribute the content to all preferred distribution points when a client requests the content for the package and the content is not available on any preferred distribution points. For more information about preferred distribution points and on-demand content, see [Content source location scenarios](https://docs.microsoft.com/sccm/core/plan-design/hierarchy/content-source-location-scenarios). 
+   - **Prestaged distribution point settings**: Use this setting to specify how you want to distribute content to prestaged distribution points. Choose one of the following options: 
+      - **Automatically download content when packages are assigned to distribution points**: Use this setting to ignore the prestage settings and distribute content to the distribution point. 
+      - **Download only content changes to the distribution point**: Use this setting to prestage the initial content to the distribution point, and then distribute content changes to the distribution point.
+      - **Manually copy the content in this package to the distribution point**: Use this setting to always prestage content on the distribution point. This is the default setting. 
+      
+      For more information about prestaging content to distribution points, see [Use Prestaged content](https://docs.microsoft.com/sccm/core/servers/deploy/configure/deploy-and-manage-content#bkmk_prestage). 
+   Click **Next**. 
+6.	On the **Download Location** page, specify location that Configuration Manager will use to download the software update source files. As needed, use the following options: 
+
+   - **Download software updates from the Internet**: Select this setting to download the software updates from the location on the Internet. This is the default setting.
+   - **Download software updates from a location on the local network**: Select this setting to download software updates from a local folder or shared network folder. Use this setting when the computer running the wizard does not have Internet access. 
+   
+      >[!NOTE] 
+      >When you use this setting, download the software updates from any computer with Internet access, and then copy the software updates to a location on the local network that is accessible from the computer running the wizard.
+
+   Click **Next**. 
+7.	On the **Language Selection** page, specify the languages for which the selected feature updates are to be downloaded, and then click **Next**. Ensure that your language selection matches the language(s) of the feature updates selected for download. For example, if you selected English and German based feature updates for download, select those same languages on the language selection page. 
+8.	On the **Summary** page, verify the settings that you selected in the wizard, and then click Next to download the software updates. 
+9.	On the **Completion** page, verify that the software updates were successfully downloaded, and then click Close. 
+
+#### To monitor content status
+1.	To monitor the content status for the feature updates, click **Monitoring** in the Configuration Manager console. 
+2.	In the Monitoring workspace, expand **Distribution Status**, and then click **Content Status**. 
+3.	Select the feature update package that you previously identified to download the feature updates. 
+4.	On the **Home** tab, in the Content group, click **View Status**.
+
+### Step 3: Deploy the feature update(s) 
+After you determine which feature updates you intend to deploy, you can manually deploy the feature update(s). Use the following procedure to manually deploy the feature update(s). 
+
+1.	In the Configuration Manager console, click **Software Library**. 
+2.	In the Software Library workspace, expand **Windows 10 Servicing**, and click **All Windows 10 Updates**. 
+3.	 Choose the feature update(s) to deploy by using your saved search criteria. Select one or more of the feature updates returned, right click, and select **Deploy**.
+
+   The **Deploy Software Updates Wizard** opens. 
+4.	On the General page, configure the following settings: 
+   - **Name**: Specify the name for the deployment. The deployment must have a unique name that describes the purpose of the deployment and differentiates it from other deployments in the Configuration Manager site. By default, Configuration Manager automatically provides a name for the deployment in the following format: **Microsoft Software Updates - \<date\>\<time\>** 
+   - **Description**: Specify a description for the deployment. The description provides an overview of the deployment and any other relevant information that helps to identify and differentiate the deployment among others in Configuration Manager site. The description field is optional, has a limit of 256 characters, and has a blank value by default. 
+   - **Software Update/Software Update Group**: Verify that the displayed software update group, or software update, is correct. 
+   - **Select Deployment Template**: Specify whether to apply a previously saved deployment template. You can configure a deployment template to contain multiple common software update deployment properties and then apply the template when you deploy subsequent software updates to ensure consistency across similar deployments and to save time. 
+   - **Collection**: Specify the collection for the deployment, as applicable. Members of the collection receive the feature updates that are defined in the deployment. 
+5.	On the Deployment Settings page, configure the following settings: 
+
+   - **Type of deployment**: Specify the deployment type for the software update deployment. Select **Required** to create a mandatory software update deployment in which the feature updates are automatically installed on clients before a configured installation deadline. 
+   
+      >[!IMPORTANT] 
+      > After you create the software update deployment, you cannot later change the type of deployment. 
+   
+      >[!NOTE] 
+      >A software update group deployed as Required will be downloaded in background and honor BITS settings, if configured.
+
+   - **Use Wake-on-LAN to wake up clients for required deployments**: Specify whether to enable Wake On LAN at the deadline to send wake-up packets to computers that require one or more software updates in the deployment. Any computers that are in sleep mode at the installation deadline time will be awakened so the software update installation can initiate. Clients that are in sleep mode that do not require any software updates in the deployment are not started. By default, this setting is not enabled and is available only when Type of deployment is set to Required. 
+
+      >[!WARNING] 
+      >Before you can use this option, computers and networks must be configured for Wake On LAN. 
+
+   - **Detail level**: Specify the level of detail for the state messages that are reported by client computers. 
+6.	On the Scheduling page, configure the following settings:
+
+   - **Schedule evaluation**: Specify whether the available time and installation deadline times are evaluated according to UTC or the local time of the computer running the Configuration Manager console. 
+   
+      >[!NOTE] 
+      >When you select local time, and then select **As soon as possible** for the **Software available time** or **Installation deadline**, the current time on the computer running the Configuration Manager console is used to evaluate when updates are available or when they are installed on a client. If the client is in a different time zone, these actions will occur when the client's time reaches the evaluation time. 
+
+   - **Software available time**: Select **As soon as possible** to specify when the software updates will be available to clients: 
+      - **As soon as possible**: Select this setting to make the software updates in the deployment available to clients as soon as possible. When the deployment is created, the client policy is updated, the clients are made aware of the deployment at their next client policy polling cycle, and then the software updates are available for installation. 
+   - **Installation deadline**: Select **Specific time** to specify the installation deadline for the software updates in the deployment. 
+   
+      >[!NOTE] 
+      >You can configure the installation deadline setting only when **Type of deployment** is set to **Required** on the Deployment Settings page. 
+
+   - **Specific time**: Select this setting to automatically install the software updates in the deployment at a specific date and time. Set the date and time value to correspond with your defined maintenance window for the target collection. Allow sufficient time for clients to download the content in advance of the deadline. Adjust accordingly if clients in your environment will need additional download time. E.g., slow or unreliable network links. 
+
+   >[!NOTE] 
+   >The actual installation deadline time is the specific time that you configure plus a random amount of time up to 2 hours. This reduces the potential impact of all client computers in the destination collection installing the software updates in the deployment at the same time. Configure the Computer Agent client setting, Disable deadline randomization to disable the installation randomization delay for the required software updates to allow a greater chance for the installation to start and complete within your defined maintenance window. For more information, see [Computer Agent](https://docs.microsoft.com/sccm/core/clients/deploy/about-client-settings#computer-agent). 
+7.	On the User Experience page, configure the following settings: 
+   - **User notifications**: Specify whether to display notification of the software updates in Software Center on the client computer at the configured **Software available time** and whether to display user notifications on the client computers. When **Type of deployment** is set to **Available** on the Deployment Settings page, you cannot select **Hide in Software Center and all notifications**. 
+   - **Deadline behavior**: Available only when **Type of deployment** is set to **Required** on the Deployment Settings page. Specify the behavior that is to occur when the deadline is reached for the software update deployment. Specify whether to install the software updates in the deployment. Also specify whether to perform a system restart after software update installation regardless of a configured maintenance window. For more information about maintenance windows, see [How to use maintenance windows](https://docs.microsoft.com/sccm/core/clients/manage/collections/use-maintenance-windows). 
+   - **Device restart behavior**: Available only when **Type of deployment** is set to **Required** on the Deployment Settings page. Specify whether to suppress a system restart on servers and workstations after software updates are installed and a system restart is required to complete the installation. 
+
+      >[!IMPORTANT]
+      >Suppressing system restarts can be useful in server environments or for cases in which you do not want the computers that are installing the software updates to restart by default. However, doing so can leave computers in an insecure state, whereas allowing a forced restart helps to ensure immediate completion of the software update installation.
+   - **Write filter handling for Windows Embedded devices**: When you deploy software updates to Windows Embedded devices that are write filter enabled, you can specify to install the software update on the temporary overlay and either commit changes later or commit the changes at the installation deadline or during a maintenance window. When you commit changes at the installation deadline or during a maintenance window, a restart is required and the changes persist on the device. 
+
+      >[!NOTE] 
+      >When you deploy a software update to a Windows Embedded device, make sure that the device is a member of a collection that has a configured maintenance window. 
+   - **Software updates deployment re-evaluation behavior upon restart**: Starting in Configuration Manager version 1606, select this setting to configure software updates deployments to have clients run a software updates compliance scan immediately after a client installs software updates and restarts. This enables the client to check for additional software updates that become applicable after the client restarts, and to then install them (and become compliant) during the same maintenance window. 
+8.	On the Alerts page, configure how Configuration Manager and System Center Operations Manager will generate alerts for this deployment. You can configure alerts only when **Type of deployment** is set to **Required** on the Deployment Settings page. 
+
+   >[!NOTE]
+   >You can review recent software updates alerts from the Software Updates node in the Software Library workspace. 
+9.	On the Download Settings page, configure the following settings: 
+   - Specify whether the client will download and install the software updates when a client is connected to a slow network or is using a fallback content location. 
+   - Specify whether to have the client download and install the software updates from a fallback distribution point when the content for the software updates is not available on a preferred distribution point. 
+   - **Allow clients to share content with other clients on the same subnet**: Specify whether to enable the use of BranchCache for content downloads. For more information about BranchCache, see [Fundamental concepts for content management](https://docs.microsoft.com/sccm/core/plan-design/hierarchy/fundamental-concepts-for-content-management#branchcache). 
+   - **If software updates are not available on distribution point in current, neighbor or site groups, download content from Microsoft Updates**: Select this setting to have clients that are connected to the intranet download software updates from Microsoft Update if software updates are not available on distribution points. Internet-based clients can always go to Microsoft Update for software updates content.
+   - Specify whether to allow clients to download after an installation deadline when they use metered Internet connections. Internet providers sometimes charge by the amount of data that you send and receive when you are on a metered Internet connection. 
+
+      >[!NOTE]
+      >Clients request the content location from a management point for the software updates in a deployment. The download behavior depends upon how you have configured the distribution point, the deployment package, and the settings on this page. For more information, see [Content source location scenarios](https://docs.microsoft.com/sccm/core/plan-design/hierarchy/content-source-location-scenarios). 
+10.	On the Summary page, review the settings. To save the settings to a deployment template, click **Save As Template**, enter a name and select the settings that you want to include in the template, and then click **Save**. To change a configured setting, click the associated wizard page and change the setting. 
+11.	Click **Next** to deploy the feature update(s). 
+
+### Step 4: Monitor the deployment status
+After you deploy the feature update(s), you can monitor the deployment status. Use the following procedure to monitor the deployment status:
+
+1.	In the Configuration Manager console, navigate to **Monitoring > Overview > Deployments**. 
+2.	Click the software update group or software update for which you want to monitor the deployment status. 
+3.	On the **Home** tab, in the **Deployment** group, click **View Status**. 

windows/deployment/update/feature-update-mission-critical.md

@@ -0,0 +1,39 @@
+---
+title: Best practices and recommendations for deploying Windows 10 Feature updates to mission critical devices
+description: Learn how to deploy feature updates to your mission critical devices
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: mcureton
+ms.localizationpriority: medium
+ms.author: mikecure
+ms.date: 07/10/2018
+---
+
+# Best practices and recommendations for deploying Windows 10 Feature updates to mission critical devices
+
+**Applies to**: Windows 10
+
+Managing an environment with devices that provide mission critical services 24 hours a day, 7 days a week, can present challenges in keeping these devices current with Windows 10 feature updates. The processes that you use to keep regular devices current with Windows 10 feature updates, often aren’t the most effective to service mission critical devices. This whitepaper will focus on the recommended approach of using the System Center Configuration Manager (current branch) software updates feature to deploy Windows 10 semi-annual feature updates. 
+
+For simplicity, we will outline the steps to deploy a feature update manually. If you prefer an automated approach, please see [Using Windows 10 servicing plans to deploy Windows 10 feature updates](waas-manage-updates-configuration-manager.md#use-windows-10-servicing-plans-to-deploy-windows-10-feature-updates). 
+
+Devices and shared workstations that are online and available 24 hours a day, 7 days a week, can be serviced via one of two primary methods:
+
+- **Service during maintenance windows** – Devices that have established maintenance windows will need to have feature updates scheduled to fit within these windows.
+- **Service only when manually initiated** – Devices that need physical verification of the availability to update will need to have updates manually initiated by a technician.
+
+You can use Configuration Manager to deploy feature updates to Windows 10 devices in two ways. The first option is to use the software updates feature. The second option is to use a task sequence to deploy feature updates. There are times when deploying a Windows 10 feature update requires the use of a task sequence—for example:
+
+- **LTSC feature updates.** With the LTSC servicing branch, feature updates are never provided to the Windows clients themselves. Instead, feature updates must be installed like a traditional in-place upgrade.
+- **Additional required tasks.** When deploying a feature update requires additional steps (e.g., suspending disk encryption, updating applications), you can use task sequences to orchestrate the additional steps. Software updates do not have the ability to add steps to their deployments.
+- **Language pack installs.** When deploying a feature update requires the installation of additional language packs, you can use task sequences to orchestrate the installation. Software updates do not have the ability to natively install language packs.
+
+If you need to leverage a task sequence to deploy feature updates, please see [Using a task sequence to deploy Windows 10 updates](waas-manage-updates-configuration-manager.md#use-a-task-sequence-to-deploy-windows-10-updates) for more information. If you find that your requirement for a task sequence is based solely on the need to run additional tasks preformed pre-install or pre-commit, please see the new [run custom actions](https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-setup-enable-custom-actions) functionality first introduced with Windows 10, version 1803. You may be able to leverage this functionality with the software updates deployment method. 
+
+Use the following information:
+
+
+- [Deploy feature updates during maintenance windows](feature-update-maintenance-window.md)
+- [Deploy feature updates for user-initiated installations](feature-update-user-install.md)
+- [Conclusion](feature-update-conclusion.md)

windows/deployment/update/feature-update-user-install.md

@@ -0,0 +1,235 @@
+---
+title: Best practices - deploy feature updates for user-initiated installations 
+description: Learn how to manually deploy feature updates
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: mcureton
+ms.localizationpriority: medium
+ms.author: mikecure
+ms.date: 07/10/2018
+---
+
+# Deploy feature updates for user-initiated installations (during a fixed service window)
+
+**Applies to**: Windows 10
+
+Use the following steps to deploy a feature update for a user-initiated installation.
+
+## Get ready to deploy feature updates
+
+### Step 1: Enable Peer Cache
+Use **Peer Cache** to help manage deployment of content to clients in remote locations. Peer Cache is a built-in Configuration Manager solution that enables clients to share content with other clients directly from their local cache.
+
+[Enable Configuration Manager client in full OS to share content](https://docs.microsoft.com/sccm/core/clients/deploy/about-client-settings#enable-configuration-manager-client-in-full-os-to-share-content) if you have clients in remote locations that would benefit from downloading feature update content from a peer instead of downloading it from a distribution point (or Microsoft Update). 
+
+### Step 2: Override the default Windows setup priority (Windows 10, version 1709 and later)
+
+If you’re deploying **Feature update to Windows 10, version 1709** or later, by default, portions of setup are configured to run at a lower priority. This can result in a longer total install time for the feature update. When deploying within a maintenance window, we recommend that you override this default behavior to benefit from faster total install times. To override the default priority, create a file called SetupConfig.ini on each machine to be upgraded in the below location containing the single section noted. 
+
+%systemdrive%\Users\Default\AppData\Local\Microsoft\Windows\WSUS\SetupConfig.ini
+
+```
+[SetupConfig]
+Priority=Normal
+```
+
+You can use the new [Run Scripts](https://docs.microsoft.com/sccm/apps/deploy-use/create-deploy-scripts) feature to run a PowerShell script like the sample below to create the SetupConfig.ini on target devices. 
+
+```
+#Parameters
+Param(
+  [string] $PriorityValue = "Normal"
+  )
+
+#Variable for ini file path
+$iniFilePath = "$env:SystemDrive\Users\Default\AppData\Local\Microsoft\Windows\WSUS\SetupConfig.ini"
+
+#Variables for SetupConfig
+$iniSetupConfigSlogan = "[SetupConfig]"
+$iniSetupConfigKeyValuePair =@{"Priority"=$PriorityValue;}
+
+#Init SetupConfig content
+$iniSetupConfigContent = @"
+$iniSetupConfigSlogan
+"@
+
+#Build SetupConfig content with settings
+foreach ($k in $iniSetupConfigKeyValuePair.Keys) 
+{
+    $val = $iniSetupConfigKeyValuePair[$k]
+    
+    $iniSetupConfigContent = $iniSetupConfigContent.Insert($iniSetupConfigContent.Length, "`r`n$k=$val")
+}
+
+#Write content to file 
+New-Item $iniFilePath -ItemType File -Value $iniSetupConfigContent -Force
+
+Disclaimer 
+Sample scripts are not supported under any Microsoft standard support program or service. The sample scripts is 
+provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without 
+limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk 
+arising out of the use or performance of the sample script and documentation remains with you. In no event shall 
+Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable 
+for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, 
+loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample script 
+or documentation, even if Microsoft has been advised of the possibility of such damages.
+```
+
+>[!NOTE] 
+>If you elect not to override the default setup priority, you will need to increase the [maximum run time](https://docs.microsoft.com/sccm/sum/get-started/manage-settings-for-software-updates#BKMK_SetMaxRunTime) value for Feature Update to Windows 10, version 1709 or higher from the default of 60 minutes. A value of 240 minutes may be required. Remember to ensure that your maintenance window duration is larger than your defined maximum run time value. 
+
+## Manually deploy feature updates in a user-initiated installation
+
+The following sections provide the steps to manually deploy a feature update.
+
+### Step 1: Specify search criteria for feature updates
+There are potentially a thousand or more feature updates displayed in the Configuration Manager console. The first step in the workflow for manually deploying a feature update is to identify the feature updates that you want to deploy. 
+
+1.	In the Configuration Manager console, click **Software Library**. 
+2.	In the Software Library workspace, expand **Windows 10 Servicing**, and click **All Windows 10 Updates**. The synchronized feature updates are displayed. 
+3.	In the search pane, filter to identify the feature updates that you need by using one or both of the following steps:
+   - In the **search** text box, type a search string that will filter the feature updates. For example, type the version number for a specific feature update, or enter a string that would appear in the title of the feature update. 
+   - Click **Add Criteria**, select the criteria that you want to use to filter software updates, click **Add**, and then provide the values for the criteria. For example, Title contains 1803, **Required** is greater than or equal to 1, and **Language** equals English.
+
+4.	Save the search for future use. 
+
+### Step 2: Download the content for the feature update(s)
+Before you deploy the feature updates, you can download the content as a separate step. Do this so you can verify that the content is available on the distribution points before you deploy the feature updates. This will help you to avoid any unexpected issues with the content delivery. Use the following procedure to download the content for feature updates before creating the deployment. 
+
+1.	In the Configuration Manager console, navigate to **Software Library > Windows 10 Servicing**. 
+2.	Choose the feature update(s) to download by using your saved search criteria. Select one or more of the feature updates returned, right click, and select **Download**.
+
+   The **Download Software Updates Wizard** opens. 
+3.	On the **Deployment Package** page, configure the following settings: 
+   **Create a new deployment package**: Select this setting to create a new deployment package for the software updates that are in the deployment. Configure the following settings: 
+      - **Name**: Specifies the name of the deployment package. The package must have a unique name that briefly describes the package content. It is limited to 50 characters. 
+      - **Description**: Specifies the description of the deployment package. The package description provides information about the package contents and is limited to 127 characters. 
+      - **Package source**: Specifies the location of the feature update source files. Type a network path for the source location, for example, \\\server\sharename\path, or click **Browse** to find the network location. You must create the shared folder for the deployment package source files before you proceed to the next page. 
+
+      >[!NOTE] 
+      >The deployment package source location that you specify cannot be used by another software deployment package. 
+
+      >[!IMPORTANT] 
+      >The SMS Provider computer account and the user that is running the wizard to download the feature updates must both have Write NTFS permissions on the download location. You should carefully restrict access to the download location to reduce the risk of attackers tampering with the feature update source files. 
+
+      >[!IMPORTANT] 
+      >You can change the package source location in the deployment package properties after Configuration Manager creates the deployment package. But if you do so, you must first copy the content from the original package source to the new package source location. 
+
+   Click **Next**. 
+4.	On the **Distribution Points** page, specify the distribution points or distribution point groups that will host the feature update files, and then click **Next**. For more information about distribution points, see [Distribution point configurations](https://docs.microsoft.com/sccm/core/servers/deploy/configure/install-and-configure-distribution-points#bkmk_configs). 
+
+   >[!NOTE]
+   >The Distribution Points page is available only when you create a new software update deployment package. 
+5.	On the **Distribution Settings** page, specify the following settings: 
+
+   - **Distribution priority**: Use this setting to specify the distribution priority for the deployment package. The distribution priority applies when the deployment package is sent to distribution points at child sites. Deployment packages are sent in priority order: **High**, **Medium**, or **Low**. Packages with identical priorities are sent in the order in which they were created. If there is no backlog, the package will process immediately regardless of its priority. By default, packages are sent using Medium priority. 
+   - **Enable for on-demand distribution**: Use this setting to enable on-demand content distribution to preferred distribution points. When this setting is enabled, the management point creates a trigger for the distribution manager to distribute the content to all preferred distribution points when a client requests the content for the package and the content is not available on any preferred distribution points. For more information about preferred distribution points and on-demand content, see [Content source location scenarios](https://docs.microsoft.com/sccm/core/plan-design/hierarchy/content-source-location-scenarios). 
+   - **Prestaged distribution point settings**: Use this setting to specify how you want to distribute content to prestaged distribution points. Choose one of the following options: 
+      - **Automatically download content when packages are assigned to distribution points**: Use this setting to ignore the prestage settings and distribute content to the distribution point. 
+      - **Download only content changes to the distribution point**: Use this setting to prestage the initial content to the distribution point, and then distribute content changes to the distribution point.
+      - **Manually copy the content in this package to the distribution point**: Use this setting to always prestage content on the distribution point. This is the default setting. 
+      
+      For more information about prestaging content to distribution points, see [Use Prestaged content](https://docs.microsoft.com/sccm/core/servers/deploy/configure/deploy-and-manage-content#bkmk_prestage). 
+   Click **Next**. 
+6.	On the **Download Location** page, specify location that Configuration Manager will use to download the software update source files. As needed, use the following options: 
+
+   - **Download software updates from the Internet**: Select this setting to download the software updates from the location on the Internet. This is the default setting.
+   - **Download software updates from a location on the local network**: Select this setting to download software updates from a local folder or shared network folder. Use this setting when the computer running the wizard does not have Internet access. 
+   
+      >[!NOTE] 
+      >When you use this setting, download the software updates from any computer with Internet access, and then copy the software updates to a location on the local network that is accessible from the computer running the wizard.
+
+   Click **Next**. 
+7.	On the **Language Selection** page, specify the languages for which the selected feature updates are to be downloaded, and then click **Next**. Ensure that your language selection matches the language(s) of the feature updates selected for download. For example, if you selected English and German based feature updates for download, select those same languages on the language selection page. 
+8.	On the **Summary** page, verify the settings that you selected in the wizard, and then click Next to download the software updates. 
+9.	On the **Completion** page, verify that the software updates were successfully downloaded, and then click **Close**. 
+
+#### To monitor content status
+1.	To monitor the content status for the feature updates, click **Monitoring** in the Configuration Manager console. 
+2.	In the Monitoring workspace, expand **Distribution Status**, and then click **Content Status**. 
+3.	Select the feature update package that you previously identified to download the feature updates. 
+4.	On the **Home** tab, in the Content group, click **View Status**.
+
+### Step 3: Deploy the feature update(s) 
+After you determine which feature updates you intend to deploy, you can manually deploy the feature update(s). Use the following procedure to manually deploy the feature update(s). 
+
+1.	In the Configuration Manager console, click **Software Library**. 
+2.	In the Software Library workspace, expand **Windows 10 Servicing**, and click **All Windows 10 Updates**. 
+3.	 Choose the feature update(s) to deploy by using your saved search criteria. Select one or more of the feature updates returned, right click, and select **Deploy**.
+
+   The **Deploy Software Updates Wizard** opens. 
+4.	On the General page, configure the following settings: 
+   - **Name**: Specify the name for the deployment. The deployment must have a unique name that describes the purpose of the deployment and differentiates it from other deployments in the Configuration Manager site. By default, Configuration Manager automatically provides a name for the deployment in the following format: **Microsoft Software Updates - \<date\>\<time\>** 
+   - **Description**: Specify a description for the deployment. The description provides an overview of the deployment and any other relevant information that helps to identify and differentiate the deployment among others in Configuration Manager site. The description field is optional, has a limit of 256 characters, and has a blank value by default. 
+   - **Software Update/Software Update Group**: Verify that the displayed software update group, or software update, is correct. 
+   - **Select Deployment Template**: Specify whether to apply a previously saved deployment template. You can configure a deployment template to contain multiple common software update deployment properties and then apply the template when you deploy subsequent software updates to ensure consistency across similar deployments and to save time. 
+   - **Collection**: Specify the collection for the deployment, as applicable. Members of the collection receive the feature updates that are defined in the deployment. 
+5.	On the Deployment Settings page, configure the following settings: 
+
+   - **Type of deployment**: Specify the deployment type for the software update deployment. Select **Required** to create a mandatory software update deployment in which the feature updates are automatically installed on clients before a configured installation deadline. 
+   
+      >[!IMPORTANT] 
+      > After you create the software update deployment, you cannot later change the type of deployment. 
+   
+      >[!NOTE] 
+      >A software update group deployed as **Required** will be downloaded in background and honor BITS settings, if configured.
+
+   - **Use Wake-on-LAN to wake up clients for required deployments**: Specify whether to enable Wake On LAN at the deadline to send wake-up packets to computers that require one or more software updates in the deployment. Any computers that are in sleep mode at the installation deadline time will be awakened so the software update installation can initiate. Clients that are in sleep mode that do not require any software updates in the deployment are not started. By default, this setting is not enabled and is available only when **Type of deployment** is set to **Required**. 
+
+      >[!WARNING] 
+      >Before you can use this option, computers and networks must be configured for Wake On LAN. 
+
+   - **Detail level**: Specify the level of detail for the state messages that are reported by client computers. 
+6.	On the Scheduling page, configure the following settings:
+
+   - **Schedule evaluation**: Specify whether the available time and installation deadline times are evaluated according to UTC or the local time of the computer running the Configuration Manager console. 
+   
+   - **Software available time**: Select **Specific time** to specify when the software updates will be available to clients:
+      - **Specific time**: Select this setting to make the feature update in the deployment available to clients at a specific date and time. Specify a date and time that corresponds with the start of your fixed servicing window. When the deployment is created, the client policy is updated and clients are made aware of the deployment at their next client policy polling cycle. However, the feature update in the deployment is not available for installation until after the specified date and time are reached and the required content has been downloaded.
+ 
+   - **Installation deadline**: Select **Specific time** to specify the installation deadline for the software updates in the deployment. 
+   
+      >[!NOTE] 
+      >You can configure the installation deadline setting only when **Type of deployment** is set to **Required** on the Deployment Settings page. 
+
+      - **Specific time**: Select this setting to automatically install the software updates in the deployment at a specific date and time. However, for the purposes of the fixed servicing window, set the installation deadline date and time to a future value, well beyond the fixed servicing window. 
+
+      Required deployments for software updates can benefit from functionality called advanced download. When the software available time is reached, clients will start downloading the content based on a randomized time. The feature update will not be displayed in Software Center for installation until the content is fully downloaded. This ensures that the feature update installation will start immediately when initiated.
+
+7.	On the User Experience page, configure the following settings: 
+   - **User notifications**: Specify **Display in Software Center and show all notifications**. 
+   - **Deadline behavior**: Available only when **Type of deployment** is set to **Required** on the Deployment Settings page. Specify the behavior that is to occur when the deadline is reached for the software update deployment. Specify whether to install the software updates in the deployment. Also specify whether to perform a system restart after software update installation regardless of a configured maintenance window. 
+      >[!NOTE] 
+      >Remember that the installation deadline date and time will be well into the future to allow plenty of time for the user-initiated install during a fixed servicing window.
+   - **Device restart behavior**: Available only when **Type of deployment** is set to **Required** on the Deployment Settings page. Specify whether to suppress a system restart on servers and workstations after software updates are installed and a system restart is required to complete the installation. 
+
+      >[!IMPORTANT]
+      >Suppressing system restarts can be useful in server environments or for cases in which you do not want the computers that are installing the software updates to restart by default. However, doing so can leave computers in an insecure state, whereas allowing a forced restart helps to ensure immediate completion of the software update installation.
+   - **Write filter handling for Windows Embedded devices**: When you deploy software updates to Windows Embedded devices that are write filter enabled, you can specify to install the software update on the temporary overlay and either commit changes later or commit the changes at the installation deadline or during a maintenance window. When you commit changes at the installation deadline or during a maintenance window, a restart is required and the changes persist on the device. 
+
+      >[!NOTE] 
+      >When you deploy a software update to a Windows Embedded device, make sure that the device is a member of a collection that has a configured maintenance window. 
+   - **Software updates deployment re-evaluation behavior upon restart**: Starting in Configuration Manager version 1606, select this setting to configure software updates deployments to have clients run a software updates compliance scan immediately after a client installs software updates and restarts. This enables the client to check for additional software updates that become applicable after the client restarts, and to then install them (and become compliant) during the same maintenance window. 
+8.	On the Alerts page, configure how Configuration Manager and System Center Operations Manager will generate alerts for this deployment. You can configure alerts only when **Type of deployment** is set to **Required** on the Deployment Settings page. 
+
+   >[!NOTE]
+   >You can review recent software updates alerts from the **Software Updates** node in the **Software Library** workspace. 
+9.	On the Download Settings page, configure the following settings: 
+   - Specify whether the client will download and install the software updates when a client is connected to a slow network or is using a fallback content location. 
+   - Specify whether to have the client download and install the software updates from a fallback distribution point when the content for the software updates is not available on a preferred distribution point. 
+   - **Allow clients to share content with other clients on the same subnet**: Specify whether to enable the use of BranchCache for content downloads. For more information about BranchCache, see [Fundamental concepts for content management](https://docs.microsoft.com/sccm/core/plan-design/hierarchy/fundamental-concepts-for-content-management#branchcache). 
+   - **If software updates are not available on distribution point in current, neighbor or site groups, download content from Microsoft Updates**: Select this setting to have clients that are connected to the intranet download software updates from Microsoft Update if software updates are not available on distribution points. Internet-based clients can always go to Microsoft Update for software updates content.
+   - Specify whether to allow clients to download after an installation deadline when they use metered Internet connections. Internet providers sometimes charge by the amount of data that you send and receive when you are on a metered Internet connection. 
+
+      >[!NOTE]
+      >Clients request the content location from a management point for the software updates in a deployment. The download behavior depends upon how you have configured the distribution point, the deployment package, and the settings on this page. For more information, see [Content source location scenarios](https://docs.microsoft.com/sccm/core/plan-design/hierarchy/content-source-location-scenarios). 
+10.	On the Summary page, review the settings. To save the settings to a deployment template, click **Save As Template**, enter a name and select the settings that you want to include in the template, and then click **Save**. To change a configured setting, click the associated wizard page and change the setting. 
+11.	Click **Next** to deploy the feature update(s). 
+
+### Step 4: Monitor the deployment status
+After you deploy the feature update(s), you can monitor the deployment status. Use the following procedure to monitor the deployment status:
+
+1.	In the Configuration Manager console, navigate to **Monitoring > Overview > Deployments**. 
+2.	Click the software update group or software update for which you want to monitor the deployment status. 
+3.	On the **Home** tab, in the **Deployment** group, click **View Status**. 

windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md

@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 04/30/2018
+ms.date: 07/10/2018
 
 ---
 
@@ -68,9 +68,7 @@ See [How to create and deploy antimalware policies: Scan settings]( https://docs
 
 **Use Microsoft Intune to configure scanning options**
 
-
+See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
-
-See [Help secure Windows PCs with Endpoint Protection for Microsoft Intune: Scan options](https://docs.microsoft.com/en-us/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#specify-scan-options-settings) and [Windows Defender policy settings in Windows 10](https://docs.microsoft.com/en-us/intune/deploy-use/windows-10-policy-settings-in-microsoft-intune#windows-defender-1) for more details.
 
 
 

windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md

@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 04/30/2018
+ms.date: 07/10/2018
 ---
 
 # Configure and validate exclusions based on file extension and folder location
@@ -186,8 +186,7 @@ See [How to create and deploy antimalware policies: Exclusion settings](https://
 
 **Use Microsoft Intune to configure file name, folder, or file extension exclusions:**
 
-
+See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
-See [Help secure Windows PCs with Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/en-us/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune) and [Windows Defender policy settings in Windows 10](https://docs.microsoft.com/en-us/intune/deploy-use/windows-10-policy-settings-in-microsoft-intune#windows-defender-1) for more details.
 
 
 **Use the Windows Defender Security Center app to configure file name, folder, or file extension exclusions:**

windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md

@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 04/30/2018
+ms.date: 07/10/2018
 ---
 
 # Configure exclusions for files opened by processes
@@ -142,8 +142,7 @@ See [How to create and deploy antimalware policies: Exclusion settings](https://
 
 **Use Microsoft Intune to exclude files that have been opened by specified processes from scans:**
 
-
+See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
-See [Help secure Windows PCs with Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/en-us/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune) and [Windows Defender policy settings in Windows 10](https://docs.microsoft.com/en-us/intune/deploy-use/windows-10-policy-settings-in-microsoft-intune#windows-defender-1) for more details.
 
 
 **Use the Windows Defender Security Center app to exclude files that have been opened by specified processes from scans:**
@@ -173,7 +172,7 @@ Environment variables | The defined variable will be populated as a path when th
 <a id="review"></a>
 ## Review the list of exclusions
 
-You can retrieve the items in the exclusion list with PowerShell, [System Center Configuration Manager](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings), [Intune](https://docs.microsoft.com/en-us/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune), or the [Windows Defender Security Center app](windows-defender-security-center-antivirus.md#exclusions).
+You can retrieve the items in the exclusion list with PowerShell, [System Center Configuration Manager](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-antimalware-policies#exclusion-settings), [Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-configure), or the [Windows Defender Security Center app](windows-defender-security-center-antivirus.md#exclusions).
 
 If you use PowerShell, you can retrieve the list in two ways:
 

windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md

@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 04/30/2018
+ms.date: 07/10/2018
 ---
 
 
@@ -35,7 +35,7 @@ ms.date: 04/30/2018
 
 When Windows Defender Antivirus runs a scan, it will attempt to remediate or remove threats that it finds. You can configure how Windows Defender AV should react to certain threats, whether it should create a restore point before remediating, and when it should remove remediated threats.
 
-This topic describes how to configure these settings with Group Policy, but you can also use [System Center Configuration Manager](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-antimalware-policies#threat-overrides-settings) and [Microsoft Intune](https://docs.microsoft.com/en-us/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#choose-default-actions-settings).
+This topic describes how to configure these settings with Group Policy, but you can also use [System Center Configuration Manager](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-antimalware-policies#threat-overrides-settings) and [Microsoft Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-configure).
 
 You can also use the [`Set-MpPreference` PowerShell cmdlet](https://technet.microsoft.com/itpro/powershell/windows/defender/set-mppreference) or [`MSFT_MpPreference` WMI class](https://msdn.microsoft.com/en-us/library/dn439477(v=vs.85).aspx) to configure these settings.
 

windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md

@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 11/20/2017
+ms.date: 07/10/2018
 ---
 
 # Detect and block Potentially Unwanted Applications
@@ -107,8 +107,7 @@ See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use
 
 **Use Intune to configure the PUA protection feature**
 
-See [Help secure Windows PCs with Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/en-us/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune) and [Windows Defender policy settings in Windows 10](https://docs.microsoft.com/en-us/intune/deploy-use/windows-10-policy-settings-in-microsoft-intune#windows-defender-1) for more details.
+See [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-configure) and [Windows Defender Antivirus device restriction settings for Windows 10 in Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-windows-10#windows-defender-antivirus) for more details.
-
 
 
 ## Related topics

windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md

@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 04/30/2018
+ms.date: 07/10/2018
 ---
 
 # Enable cloud-delivered protection in Windows Defender AV
@@ -108,24 +108,21 @@ See the following for more information and allowed parameters:
 
 **Use Intune to enable cloud-delivered protection**
 
-1.  Open the [Microsoft Intune administration console](https://manage.microsoft.com/), and navigate to the associated policy you want to configure.
+1. Sign in to the [Azure portal](https://portal.azure.com).
-2.  Under the **Endpoint Protection** setting, scroll down to the **Endpoint Protection Service** section set the **Submit files automatically when further analysis is required** setting to either of the following:
+2. Select **All services > Intune**.
-    1. **Send samples automatically**
+3. In the **Intune** pane, select **Device configuration > Profiles**, and then select the **Device restrictions** profile type you want to configure. If you haven't yet created a **Device restrictions** profile type, or if you want to create a new one, see [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-configure).
-    1. **Send all samples automatically**
+4. Select **Properties**, select **Settings: Configure**, and then select **Windows Defender Antivirus**.
+5. On the **Cloud-delivered protection** switch, select **Enable**.
+6. In the **Prompt users before sample submission** dropdown, select **Send all data without prompting**. 
+7. In the **Submit samples consent** dropdown, select one of the following:
+    1. **Send safe samples automatically**
+    2. **Send all samples automatically**
 
         > [!WARNING]
         > Setting to **Always Prompt** will lower the protection state of the device. Setting to **Never send** means the [Block at First Sight](configure-block-at-first-sight-windows-defender-antivirus.md) feature will not function.
-5. Scroll down to the **Microsoft Active Protection Service** section and set the following settings:
+8. Click **OK** to exit the **Windows Defender Antivirus** settings pane, click **OK** to exit the **Device restrictions** pane, and then click **Save** to save the changes to your **Device restrictions** profile.
 
-   Setting | Set to
+For more information about Intune device profiles, including how to create and configure their settings, see [What are Microsoft Intune device profiles?](https://docs.microsoft.com/en-us/intune/device-profiles)
-    --|--
-    Join Microsoft Active Protection Service | Yes
-    Membership level | Advanced
-    Receive dynamic definitions based on Microsoft Active Protection Service reports | Yes
-  
-3.  Save and [deploy the policy as usual](https://docs.microsoft.com/en-us/intune/deploy-use/common-windows-pc-management-tasks-with-the-microsoft-intune-computer-client).
-
-See [Help secure Windows PCs with Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/en-us/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune) for more details.
   
 **Enable cloud-delivered protection on individual clients with the Windows Defender Security Center app**
 > [!NOTE]

windows/security/threat-protection/windows-defender-antivirus/report-monitor-windows-defender-antivirus.md

@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 04/30/2018
+ms.date: 07/10/2018
 ---
 
 # Report on Windows Defender Antivirus protection
@@ -28,7 +28,7 @@ There are a number of ways you can review protection status and alerts, dependin
 
 
 
-You can use System Center Configuration Manager to [monitor Windows Defender AV protection](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/monitor-endpoint-protection) or [create email alerts](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-configure-alerts), or you can also monitor protection using the [Microsoft Intune console](https://docs.microsoft.com/en-us/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#monitor-endpoint-protection).  
+You can use System Center Configuration Manager to [monitor Windows Defender AV protection](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/monitor-endpoint-protection) or [create email alerts](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-configure-alerts), or you can also monitor protection using [Microsoft Intune](https://docs.microsoft.com/en-us/intune/introduction-intune).  
 
 Microsoft Operations Management Suite has an [Update Compliance add-in](/windows/deployment/update/update-compliance-get-started) that reports on key Windows Defender AV issues, including protection updates and real-time protection settings.
 

windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md

@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 08/26/2017
+ms.date: 07/10/2018
 ---
 
 # Review Windows Defender AV scan results
@@ -83,7 +83,9 @@ Use the [**Get** method of the **MSFT_MpThreat** and **MSFT_MpThreatDetection**]
 
 **Use Microsoft Intune to review Windows Defender AV scan results:**
 
-See [Help secure Windows PCs with Endpoint Protection for Microsoft Intune: Monitor Endpoint Protection](https://docs.microsoft.com/en-us/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#monitor-endpoint-protection).
+1. In Intune, go to **Devices > All Devices** and select the device you want to scan.
+
+2. Click the scan results in **Device actions status**.
 
 
 

windows/security/threat-protection/windows-defender-antivirus/run-scan-windows-defender-antivirus.md

@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 08/26/2017
+ms.date: 07/10/2018
 ---
 
 
@@ -98,8 +98,9 @@ See the following for more information and allowed parameters:
 
 **Use Microsoft Intune to run a scan:**
 
+1. In Intune, go to **Devices > All Devices** and select the device you want to scan.
 
-See [Help secure Windows PCs with Endpoint Protection for Microsoft Intune: Run a malware scan](https://docs.microsoft.com/en-us/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune#run-a-malware-scan-or-update-malware-definitions-on-a-computer) and [Windows Defender policy settings in Windows 10](https://docs.microsoft.com/en-us/intune/deploy-use/windows-10-policy-settings-in-microsoft-intune#windows-defender-1) for more details.
+2. Select **...More** and then select **Quick Scan** or **Full Scan**.
 
 
 ## Related topics

windows/security/threat-protection/windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md

@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 04/30/2018
+ms.date: 07/10/2018
 ---
 
 
@@ -43,7 +43,7 @@ In addition to always-on real-time protection and [on-demand](run-scan-windows-d
 
 You can configure the type of scan, when the scan should occur, and if the scan should occur after a [protection update](manage-protection-updates-windows-defender-antivirus.md) or if the endpoint is being used. You can also specify when special scans to complete remediation should occur.
 
-This topic describes how to configure scheduled scans with Group Policy, PowerShell cmdlets, and WMI. You can also configure schedules scans with [System Center Configuration Manager](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-antimalware-policies#scheduled-scans-settings) or [Microsoft Intune](https://docs.microsoft.com/en-us/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intunespecify-scan-schedule-settings).
+This topic describes how to configure scheduled scans with Group Policy, PowerShell cmdlets, and WMI. You can also configure schedules scans with [System Center Configuration Manager](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/endpoint-antimalware-policies#scheduled-scans-settings) or [Microsoft Intune](https://docs.microsoft.com/en-us/intune/device-restrictions-configure).
 
 To configure the Group Policy settings described in this topic:
 

windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md

@@ -6,7 +6,7 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.localizationpriority: medium
 author: jsuther1974
-ms.date: 06/14/2018
+ms.date: 07/10/2018
 ---
 
 # Microsoft recommended block rules
@@ -78,7 +78,7 @@ For October 2017, we are announcing an update to system.management.automation.dl
 
 Microsoft recommends that you block the following Microsoft-signed applications and PowerShell files by merging the following policy into your existing policy to add these deny rules using the Merge-CIPolicy cmdlet:
 
-```
+```xml
 <?xml version="1.0" encoding="utf-8" ?> 
   <SiPolicy xmlns="urn:schemas-microsoft-com:sipolicy">
   <VersionEx>10.0.0.0</VersionEx> 
@@ -655,6 +655,32 @@ Microsoft recommends that you block the following Microsoft-signed applications
   <Deny ID="ID_DENY_D_554" FriendlyName="PowerShellShell 554" Hash="CBD19FDB6338DB02299A3F3FFBBEBF216B18013B3377D1D31E51491C0C5F074C"/>
   <Deny ID="ID_DENY_D_555" FriendlyName="PowerShellShell 555" Hash="3A316A0A470744EB7D18339B76E786564D1E96130766A9895B2222C4066CE820"/>
   <Deny ID="ID_DENY_D_556" FriendlyName="PowerShellShell 556" Hash="68A4A1E8F4E1B903408ECD24608659B390B9E7154EB380D94ADE7FEB5EA470E7"/>
+  <Deny ID="ID_DENY_D_557" FriendlyName="PowerShellShell 556" Hash="45F948AF27F4E698A8546027717901B5F70368EE"/>
+  <Deny ID="ID_DENY_D_558" FriendlyName="PowerShellShell 556" Hash="2D63C337961C6CF2660C5DB906D9070CA38BCE828584874680EC4F5097B82E30"/>
+  <Deny ID="ID_DENY_D_559" FriendlyName="PowerShellShell 556" Hash="DA4CD4B0158B774CE55721718F77ED91E3A42EB3"/>
+  <Deny ID="ID_DENY_D_560" FriendlyName="PowerShellShell 556" Hash="7D181BB7A4A0755FF687CCE34949FC6BD6FBC377E6D4883698E8B45DCCBEA140"/>
+  <Deny ID="ID_DENY_D_561" FriendlyName="PowerShellShell 556" Hash="C67D7B12BBFFD5FBD15FBD892955EA48E6F4B408"/>
+  <Deny ID="ID_DENY_D_562" FriendlyName="PowerShellShell 556" Hash="1DCAD0BBCC036B85875CC0BAF1B65027933624C1A29BE336C79BCDB00FD5467A"/>
+  <Deny ID="ID_DENY_D_563" FriendlyName="PowerShellShell 556" Hash="7D8CAB8D9663926E29CB810B42C5152E8A1E947E"/>
+  <Deny ID="ID_DENY_D_564" FriendlyName="PowerShellShell 556" Hash="2E0203370E6E5437CE2CE1C20895919F806B4E5FEBCBE31F16CB06FC5934F010"/>
+  <Deny ID="ID_DENY_D_565" FriendlyName="PowerShellShell 556" Hash="20E7156E348912C20D35BD4BE2D52C996BF5535E"/>
+  <Deny ID="ID_DENY_D_566" FriendlyName="PowerShellShell 556" Hash="EB26078544BDAA34733AA660A1A2ADE98523DAFD9D58B3995919C0E524F2FFC3"/>
+  <Deny ID="ID_DENY_D_567" FriendlyName="PowerShellShell 556" Hash="B9DD16FC0D02EA34613B086307C9DBEAC30546AF"/>
+  <Deny ID="ID_DENY_D_568" FriendlyName="PowerShellShell 556" Hash="DE5B012C4DC3FE3DD432AF9339C36EFB8D54E8864493EA2BA151F0ADBF3E338C"/>
+  <Deny ID="ID_DENY_D_569" FriendlyName="PowerShellShell 556" Hash="6397AB5D664CDB84A867BC7E22ED0789060C6276"/>
+  <Deny ID="ID_DENY_D_570" FriendlyName="PowerShellShell 556" Hash="B660F6CA0788DA18375602537095C378990E8229B11B57B092AC8A550E9C61E8"/>
+  <Deny ID="ID_DENY_D_571" FriendlyName="PowerShellShell 556" Hash="3BF717645AC3986AAD0B4EA9D196B18D05199DA9"/>
+  <Deny ID="ID_DENY_D_572" FriendlyName="PowerShellShell 556" Hash="364C227F9E57C72F9BFA652B8C1DE738AB4747D0DB68A7B899CA3EE51D802439"/>
+  <Deny ID="ID_DENY_D_573" FriendlyName="PowerShellShell 556" Hash="3A1B06680F119C03C60D12BAC682853ABE430D21"/>
+  <Deny ID="ID_DENY_D_574" FriendlyName="PowerShellShell 556" Hash="850759BCE4B66997CF84E84683A2C1980D4B498821A8AB9C3568EB298B824AE3"/>
+  <Deny ID="ID_DENY_D_575" FriendlyName="PowerShellShell 556" Hash="654C54AA3F2C74FBEB55B961FB1924A7B2737E61"/>
+  <Deny ID="ID_DENY_D_576" FriendlyName="PowerShellShell 556" Hash="B7EA81960C6EECFD2FF385890F158F5B1CB3D1E100C7157AB161B3D23DCA0389"/>
+  <Deny ID="ID_DENY_D_577" FriendlyName="PowerShellShell 556" Hash="496F793112B6BCF4B6EA16E8B2F8C3F5C1FEEB52"/>
+  <Deny ID="ID_DENY_D_578" FriendlyName="PowerShellShell 556" Hash="E430485B577774825CEF53E5125B618A2608F7BE3657BB28383E9A34FCA162FA"/>
+  <Deny ID="ID_DENY_D_579" FriendlyName="PowerShellShell 556" Hash="6EA8CEEA0D2879989854E8C86CECA26EF79F7B19"/>
+  <Deny ID="ID_DENY_D_580" FriendlyName="PowerShellShell 556" Hash="8838FE3D8E2505F3D3D8B98C64739115838A0B443BBBBFB487342F1EE7801360"/>
+  <Deny ID="ID_DENY_D_581" FriendlyName="PowerShellShell 556" Hash="28C5E53DE197E872F7E4772BF40F728F56FE3ACC"/>
+  <Deny ID="ID_DENY_D_582" FriendlyName="PowerShellShell 556" Hash="3493DAEC6EC03E56ECC4A15432C750735F75F9CB38D8779C7783B4DA956BF037"/>
 
   <!-- pubprn.vbs
   --> 
@@ -1339,6 +1365,33 @@ Microsoft recommends that you block the following Microsoft-signed applications
   <FileRuleRef RuleID="ID_DENY_D_554"/>
   <FileRuleRef RuleID="ID_DENY_D_555"/>
   <FileRuleRef RuleID="ID_DENY_D_556"/>
+  <FileRuleRef RuleID="ID_DENY_D_557"/>
+  <FileRuleRef RuleID="ID_DENY_D_558"/>
+  <FileRuleRef RuleID="ID_DENY_D_559"/>
+  <FileRuleRef RuleID="ID_DENY_D_560"/>
+  <FileRuleRef RuleID="ID_DENY_D_561"/>
+  <FileRuleRef RuleID="ID_DENY_D_562"/>
+  <FileRuleRef RuleID="ID_DENY_D_563"/>
+  <FileRuleRef RuleID="ID_DENY_D_564"/>
+  <FileRuleRef RuleID="ID_DENY_D_565"/>
+  <FileRuleRef RuleID="ID_DENY_D_566"/>
+  <FileRuleRef RuleID="ID_DENY_D_567"/>
+  <FileRuleRef RuleID="ID_DENY_D_568"/>
+  <FileRuleRef RuleID="ID_DENY_D_569"/>
+  <FileRuleRef RuleID="ID_DENY_D_570"/>
+  <FileRuleRef RuleID="ID_DENY_D_571"/>
+  <FileRuleRef RuleID="ID_DENY_D_572"/>
+  <FileRuleRef RuleID="ID_DENY_D_573"/>
+  <FileRuleRef RuleID="ID_DENY_D_574"/>
+  <FileRuleRef RuleID="ID_DENY_D_575"/>
+  <FileRuleRef RuleID="ID_DENY_D_576"/>
+  <FileRuleRef RuleID="ID_DENY_D_577"/>
+  <FileRuleRef RuleID="ID_DENY_D_578"/>
+  <FileRuleRef RuleID="ID_DENY_D_579"/>
+  <FileRuleRef RuleID="ID_DENY_D_580"/>
+  <FileRuleRef RuleID="ID_DENY_D_581"/>
+  <FileRuleRef RuleID="ID_DENY_D_582"/>
+
   </FileRulesRef>
   </ProductSigners>
   </SigningScenario>