Merge remote-tracking branch 'refs/remotes/origin/master' into jd-sandbox

browsers/internet-explorer/TOC.md

@@ -23,23 +23,23 @@
 ###[What is Enterprise Mode?](ie11-deploy-guide/what-is-enterprise-mode.md)
 ###[Set up Enterprise Mode logging and data collection](ie11-deploy-guide/set-up-enterprise-mode-logging-and-data-collection.md)
 ###[Turn on Enterprise Mode and use a site list](ie11-deploy-guide/turn-on-enterprise-mode-and-use-a-site-list.md)
-###[Enterprise Mode schema v.2 guidance for Windows 10 devices](ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md)
-###[Enterprise Mode schema v.1 guidance for Windows 7 and Windows 8.1 devices](ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md)
+###[Enterprise Mode schema v.2 guidance](ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md)
+###[Enterprise Mode schema v.1 guidance](ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md)
 ###[Check for a new Enterprise Mode site list xml file](ie11-deploy-guide/check-for-new-enterprise-mode-site-list-xml-file.md)
 ###[Turn on local control and logging for Enterprise Mode](ie11-deploy-guide/turn-on-local-control-and-logging-for-enterprise-mode.md)
-###[Use the Enterprise Mode Site List Manager tool](ie11-deploy-guide/use-the-enterprise-mode-site-list-manager.md)
-####[Add sites to the Enterprise Mode site list using the Windows 10 Enterprise Mode Site List Manager tool](ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md)
-####[Add sites to the Enterprise Mode site list using the Windows 7 and Windows 8.1 Enterprise Mode Site List Manager tool](ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md)
-####[Add multiple sites to the Enterprise Mode site list using a file and the Windows 10 Enterprise Mode Site List Manager tool](ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md)
-####[Add multiple sites to the Enterprise Mode site list using a file and the Windows 7 and Windows 8.1 Enterprise Mode Site List Manager tool](ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md)
-####[Edit the Enterprise Mode site list using the Enterprise Mode Site List Manager tool](ie11-deploy-guide/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md)
-####[Fix validation problems using the Enterprise Mode Site List Manager tool](ie11-deploy-guide/fix-validation-problems-using-the-enterprise-mode-site-list-manager.md)
-####[Search your Enterprise Mode site list in the Enterprise Mode Site List Manager tool](ie11-deploy-guide/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md)
-####[Save your site list to XML in the Enterprise Mode Site List Manager tool](ie11-deploy-guide/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md)
-####[Export your Enterprise Mode site list from the Enterprise Mode Site List Manager tool](ie11-deploy-guide/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md)
-####[Import your Enterprise Mode site list to the Enterprise Mode Site List Manager tool](ie11-deploy-guide/import-into-the-enterprise-mode-site-list-manager.md)
-####[Delete sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager tool](ie11-deploy-guide/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md)
-####[Remove all sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager tool](ie11-deploy-guide/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md)
+###[Use the Enterprise Mode Site List Manager](ie11-deploy-guide/use-the-enterprise-mode-site-list-manager.md)
+####[Add single sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.2)](ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md)
+####[Add single sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.1)](ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md)
+####[Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2)](ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md)
+####[Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md)
+####[Edit the Enterprise Mode site list using the Enterprise Mode Site List Manager](ie11-deploy-guide/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md)
+####[Fix validation problems using the Enterprise Mode Site List Manager](ie11-deploy-guide/fix-validation-problems-using-the-enterprise-mode-site-list-manager.md)
+####[Search your Enterprise Mode site list in the Enterprise Mode Site List Manager](ie11-deploy-guide/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md)
+####[Save your site list to XML in the Enterprise Mode Site List Manager](ie11-deploy-guide/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md)
+####[Export your Enterprise Mode site list from the Enterprise Mode Site List Manager](ie11-deploy-guide/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md)
+####[Import your Enterprise Mode site list to the Enterprise Mode Site List Manager](ie11-deploy-guide/import-into-the-enterprise-mode-site-list-manager.md)
+####[Delete sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager](ie11-deploy-guide/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md)
+####[Remove all sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager](ie11-deploy-guide/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md)
 ###[Using IE7 Enterprise Mode or IE8 Enterprise Mode](ie11-deploy-guide/using-enterprise-mode.md)
 ###[Fix web compatibility issues using document modes and the Enterprise Mode site list](ie11-deploy-guide/fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md)
 ###[Remove sites from a local Enterprise Mode site list](ie11-deploy-guide/remove-sites-from-a-local-enterprise-mode-site-list.md)

browsers/internet-explorer/ie11-deploy-guide/change-history-for-internet-explorer-11.md

@@ -14,6 +14,8 @@ This topic lists new and updated topics in the Internet Explorer 11 documentatio
 ## August 2016
 |New or changed topic | Description |
 |----------------------|-------------|
+|[Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md) |Updated to remove the IP range restrictions and to add code examples for both IPv4 and IPv6 addresses. |
+|[Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md) |Updated to remove the IP range restrictions and to add code examples for both IPv4 and IPv6 addresses. |
 |[Collect data using Enterprise Site Discovery](collect-data-using-enterprise-site-discovery.md)|Added the Understanding the returned reason codes section to the topic. |
 
 ## July 2016

browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md

@@ -15,8 +15,9 @@ ms.sitesec: library
 
 **Applies to:**
 
--   Windows 8.1
--   Windows 7
+- Windows 10
+- Windows 8.1
+- Windows 7
 
 Use the Enterprise Mode Site List Manager (schema v.1) to create and update your Enterprise Mode site list for devices running the v.1 version of the schema, or the Enterprise Mode Site List Manager (schema v.2) to create and update your Enterprise Mode site list for devices running the v.2 version of the schema. We strongly recommend moving to the new schema, v.2. For more info, see [Enterprise Mode schema v.2 guidance](enterprise-mode-schema-version-2-guidance.md). 
 
@@ -86,7 +87,19 @@ This table includes the elements used by the Enterprise Mode schema.
   <emie>
     <domain>contoso.com</domain>
   </emie>
-&lt;/rules>&gt;</pre></td>
+&lt;/rules&gt;</pre>
+<strong>-or-</strong>
+<p>For IPv6 ranges:<pre class="syntax">&lt;rules version="205"&gt;
+  &lt;emie&gt;
+    &lt;domain&gt;[10.122.34.99]:8080&lt;/domain&gt;
+  &lt;/emie&gt;
+  &lt;/rules&gt;</pre>
+<strong>-or-</strong>
+<p>For IPv4 ranges:<pre class="syntax">&lt;rules version="205"&gt;
+  &lt;emie&gt;
+    &lt;domain&gt;10.122.34.99:8080&lt;/domain&gt;
+  &lt;/emie&gt;
+  &lt;/rules&gt;</pre></td>
 <td>Internet Explorer 11 and Microsoft Edge</td>
 </tr>
 <tr>
@@ -191,7 +204,6 @@ For example, say you want all of the sites in the contoso.com domain to open usi
 We recommend that you not add any of the following items to your schema because they can make your compatibility list behave in unexpected ways:
 - Don’t use protocols. For example, `http://`, `https://`, or custom protocols. They break parsing.
 - Don’t use wildcards.
-- Don't use IP Addresses.
 - Don’t use query strings, ampersands break parsing.
 
 ## How to use trailing slashes
@@ -283,5 +295,4 @@ If you want to target specific sites in your organization.
 <li>contoso.com/about and everything underneath that node will load in Enterprise Mode, including contoso.com/about/business because the last rule is ignored.</li>
 </ul>
 </td></tr>
-</table>
-
+</table>

browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md

@@ -118,7 +118,15 @@ This table includes the elements used by the v.2 version of the Enterprise Mode
 <site url="contoso.com">
   <compat-mode>default</compat-mode>
   <open-in>none</open-in>
-&lt;/site&gt;</pre><p>
+&lt;/site&gt;</pre>
+<strong>-or-</strong>
+<p>For IPv4 ranges:<pre class="syntax">&lt;site url="10.122.34.99:8080"&gt;
+  &lt;compat-mode&gt;IE8Enterprise&lt;/compat-mode&gt;
+&lt;site&gt;</pre><p>
+<strong>-or-</strong>
+<p>For IPv6 ranges:<pre class="syntax">&lt;site url="[10.122.34.99]:8080"&gt;
+  &lt;compat-mode&gt;IE8Enterprise&lt;/compat-mode&gt;
+&lt;site&gt;</pre><p>
 You can also use the self-closing version, &lt;url="contoso.com" /&gt;, which also sets:
 <ul>
   <li>&lt;compat-mode&gt;default&lt;/compat-mode&gt;</li>
@@ -133,7 +141,15 @@ You can also use the self-closing version, &lt;url="contoso.com" /&gt;, which al
 <pre class="syntax">
 &lt;site url="contoso.com"&gt;
   &lt;compat-mode&gt;IE8Enterprise&lt;/compat-mode&gt;
-&lt;/site&gt;</pre><p>
+&lt;/site&gt;</pre>
+<strong>-or-</strong>
+<p>For IPv4 ranges:<pre class="syntax">&lt;site url="10.122.34.99:8080"&gt;
+  &lt;compat-mode&gt;IE8Enterprise&lt;/compat-mode&gt;
+&lt;site&gt;</pre><p>
+<strong>-or-</strong>
+<p>For IPv6 ranges:<pre class="syntax">&lt;site url="[10.122.34.99]:8080"&gt;
+  &lt;compat-mode&gt;IE8Enterprise&lt;/compat-mode&gt;
+&lt;site&gt;</pre><p>
 Where:
 <ul>
   <li><b>IE8Enterprise.</b> Loads the site in IE8 Enterprise Mode.<br>This element is required for sites included in the <b>EmIE</b> section of the v.1 schema and is needed to load in IE8 Enterprise Mode.</li><p>
@@ -260,7 +276,6 @@ We recommend that you not add any of the following items to your schema because
 
 - Don’t use protocols. For example, http://, https://, or custom protocols. They break parsing.
 - Don’t use wildcards.
-- Don't use IP Addresses.
 - Don’t use query strings, ampersands break parsing.
 
 ## Related topics

windows/deploy/monitor-activation-client.md

@@ -8,6 +8,7 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: activation
 author: greg-lindsay
+localizationpriority: medium
 ---
 
 # Monitor activation

windows/keep-secure/TOC.md

@@ -32,7 +32,6 @@
 #### [Create and deploy a Windows Information Protection (WIP) policy using System Center Configuration Manager](create-wip-policy-using-sccm.md)
 #### [Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate](create-and-verify-an-efs-dra-certificate.md)
 ### [General guidance and best practices for Windows Information Protection (WIP)](guidance-and-best-practices-wip.md)
-#### [Windows Information Protection (WIP) overview](wip-enterprise-overview.md)
 #### [Mandatory tasks and settings required to turn on Windows Information Protection (WIP)](mandatory-settings-for-wip.md)
 #### [Enlightened apps for use with Windows Information Protection (WIP)](enlightened-microsoft-apps-and-wip.md)
 #### [Testing scenarios for Windows Information Protection (WIP)](testing-scenarios-for-wip.md)

windows/keep-secure/active-directory-security-groups.md

@@ -172,10 +172,10 @@ The following tables provide descriptions of the default groups that are located
 <thead>
 <tr class="header">
 <th>Default Security Group</th>
+<th>Windows Server 2016</th>
 <th>Windows Server 2012 R2</th>
 <th>Windows Server 2012</th>
 <th>Windows Server 2008 R2</th>
-<th>Windows Server 2008</th>
 </tr>
 </thead>
 <tbody>
@@ -183,7 +183,7 @@ The following tables provide descriptions of the default groups that are located
 <td><p>[Access Control Assistance Operators](#bkmk-acasstops)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
-<td><p></p></td>
+<td><p>Yes</p></td>
 <td><p></p></td>
 </tr>
 <tr class="even">
@@ -232,7 +232,7 @@ The following tables provide descriptions of the default groups that are located
 <td><p>[Cloneable Domain Controllers](#bkmk-cloneabledomaincontrollers)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
-<td><p></p></td>
+<td><p>Yes</p></td>
 <td><p></p></td>
 </tr>
 <tr class="odd">
@@ -327,7 +327,7 @@ The following tables provide descriptions of the default groups that are located
 <td><p>Yes</p></td>
 </tr>
 <tr class="even">
-<td><p>[Group Policy Creators Owners](#bkmk-gpcreatorsowners)</p></td>
+<td><p>[Group Policy Creator Owners](#bkmk-gpcreatorsowners)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
@@ -344,7 +344,7 @@ The following tables provide descriptions of the default groups that are located
 <td><p>[Hyper-V Administrators](#bkmk-hypervadministrators)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
-<td><p></p></td>
+<td><p>Yes</p></td>
 <td><p></p></td>
 </tr>
 <tr class="odd">
@@ -362,143 +362,164 @@ The following tables provide descriptions of the default groups that are located
 <td><p>Yes</p></td>
 </tr>
 <tr class="odd">
+<td><p>[Key Admins](#key-admins)</p></td>
+<td><p>Yes</p></td>
+<td><p></p></td>
+<td><p></p></td>
+<td><p></p></td>
+</tr>
+<tr class="even">
 <td><p>[Network Configuration Operators](#bkmk-networkcfgoperators)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 </tr>
-<tr class="even">
+<tr class="odd">
 <td><p>[Performance Log Users](#bkmk-perflogusers)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 </tr>
-<tr class="odd">
+<tr class="even">
 <td><p>[Performance Monitor Users](#bkmk-perfmonitorusers)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 </tr>
-<tr class="even">
+<tr class="odd">
 <td><p>[Pre–Windows 2000 Compatible Access](#bkmk-pre-ws2kcompataccess)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 </tr>
-<tr class="odd">
+<tr class="even">
 <td><p>[Print Operators](#bkmk-printoperators)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 </tr>
-<tr class="even">
+<tr class="odd">
 <td><p>[Protected Users](#bkmk-protectedusers)</p></td>
 <td><p>Yes</p></td>
+<td><p>Yes</p></td>
 <td><p></p></td>
 <td><p></p></td>
-<td><p></p></td>
 </tr>
-<tr class="odd">
+<tr class="even">
 <td><p>[RAS and IAS Servers](#bkmk-rasandias)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 </tr>
-<tr class="even">
+<tr class="odd">
 <td><p>[RDS Endpoint Servers](#bkmk-rdsendpointservers)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
-<td><p></p></td>
-<td><p></p></td>
-</tr>
-<tr class="odd">
-<td><p>[RDS Management Servers](#bkmk-rdsmanagementservers)</p></td>
 <td><p>Yes</p></td>
-<td><p>Yes</p></td>
-<td><p></p></td>
 <td><p></p></td>
 </tr>
 <tr class="even">
-<td><p>[RDS Remote Access Servers](#bkmk-rdsremoteaccessservers)</p></td>
+<td><p>[RDS Management Servers](#bkmk-rdsmanagementservers)</p></td>
+<td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
-<td><p></p></td>
 <td><p></p></td>
 </tr>
 <tr class="odd">
+<td><p>[RDS Remote Access Servers](#bkmk-rdsremoteaccessservers)</p></td>
+<td><p>Yes</p></td>
+<td><p>Yes</p></td>
+<td><p>Yes</p></td>
+<td><p></p></td>
+</tr>
+<tr class="even">
 <td><p>[Read-only Domain Controllers](#bkmk-rodc)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 </tr>
-<tr class="even">
+<tr class="odd">
 <td><p>[Remote Desktop Users](#bkmk-remotedesktopusers)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 </tr>
-<tr class="odd">
+<tr class="even">
 <td><p>[Remote Management Users](#bkmk-remotemanagementusers)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
-<td><p></p></td>
+<td><p>Yes</p></td>
 <td><p></p></td>
 </tr>
-<tr class="even">
+<tr class="odd">
 <td><p>[Replicator](#bkmk-replicator)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 </tr>
-<tr class="odd">
+<tr class="even">
 <td><p>[Schema Admins](#bkmk-schemaadmins)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 </tr>
-<tr class="even">
+<tr class="odd">
 <td><p>[Server Operators](#bkmk-serveroperators)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 </tr>
+<tr class="even">
+<td><p>[Storage Replica Administrators](#storage-replica-administrators)</p></td>
+<td><p>Yes</p></td>
+<td><p></p></td>
+<td><p></p></td>
+<td><p></p></td>
+</tr>
 <tr class="odd">
+<td><p>[System Managed Accounts Group](#system-managed-accounts-group)</p></td>
+<td><p>Yes</p></td>
+<td><p></p></td>
+<td><p></p></td>
+<td><p></p></td>
+</tr>
+<tr class="even">
 <td><p>[Terminal Server License Servers](#bkmk-terminalserverlic)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 </tr>
-<tr class="even">
+<tr class="odd">
 <td><p>[Users](#bkmk-users)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 </tr>
-<tr class="odd">
+<tr class="even">
 <td><p>[Windows Authorization Access Group](#bkmk-winauthaccess)</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 <td><p>Yes</p></td>
 </tr>
-<tr class="even">
+<tr class="odd">
 <td><p>[WinRMRemoteWMIUsers_](#bkmk-winrmremotewmiusers-)</p></td>
-<td><p>Yes</p></td>
-<td><p>Yes</p></td>
 <td><p></p></td>
+<td><p>Yes</p></td>
+<td><p>Yes</p></td>
 <td><p></p></td>
 </tr>
 </tbody>
@@ -2196,7 +2217,24 @@ This security group has not changed since Windows Server 2008.
 </tbody>
 </table>
 
- 
+### Key Admins
+
+Members of this group can perform administrative actions on key objects within the domain.
+
+The Key Admins group applies to versions of the Windows Server operating system listed in the [Active Directory Default Security Groups table](#bkmk-groupstable).
+
+| Attribute | Value |
+|-----------|-------|
+| Well-Known SID/RID | S-1-5-21-4195037842-338827918-94892514-526 |
+| Type | Global |
+| Default container | CN=Users, DC=&lt;domain&gt;, DC= |
+| Default members | None |
+| Default member of | None |
+| Protected by ADMINSDHOLDER? | No |
+| Safe to delegate management of this group to non-Service admins? | No |
+| Default User Rights | None |
+
+<!-- WHEN MORE INFO IS AVAILABLE, ADD LINES to the above table -- a line under the ADMINSDHOLDER line, "Safe to move out of default container?" -->
 
 ### <a href="" id="bkmk-networkcfgoperators"></a>Network Configuration Operators
 
@@ -2588,11 +2626,11 @@ Members of the Protected Users group are afforded additional protection against
 
 This security group is designed as part of a strategy to effectively protect and manage credentials within the enterprise. Members of this group automatically have non-configurable protection applied to their accounts. Membership in the Protected Users group is meant to be restrictive and proactively secure by default. The only method to modify the protection for an account is to remove the account from the security group.
 
-This domain-related, global group triggers non-configurable protection on devices and host computers running Windows Server 2012 R2 and Windows 8.1, and on domain controllers in domains with a primary domain controller running Windows Server 2012 R2. This greatly reduces the memory footprint of credentials when users sign in to computers on the network from a non-compromised computer.
+This domain-related, global group triggers non-configurable protection on devices and host computers, starting with the Windows Server 2012 R2 and Windows 8.1 operating systems. It also triggers non-configurable protection on domain controllers in domains with a primary domain controller running Windows Server 2012 R2 or Windows Server 2016. This greatly reduces the memory footprint of credentials when users sign in to computers on the network from a non-compromised computer.
 
 Depending on the account’s domain functional level, members of the Protected Users group are further protected due to behavior changes in the authentication methods that are supported in Windows.
 
--   Members of the Protected Users group cannot authenticate by using the following Security Support Providers (SSPs): NTLM, Digest Authentication, or CredSSP. Passwords are not cached on a device running Windows 8.1, so the device fails to authenticate to a domain when the account is a member of the Protected User group.
+-   Members of the Protected Users group cannot authenticate by using the following Security Support Providers (SSPs): NTLM, Digest Authentication, or CredSSP. Passwords are not cached on a device running Windows 8.1 or Windows 10, so the device fails to authenticate to a domain when the account is a member of the Protected User group.
 
 -   The Kerberos protocol will not use the weaker DES or RC4 encryption types in the preauthentication process. This means that the domain must be configured to support at least the AES cipher suite.
 
@@ -3299,7 +3337,44 @@ This security group has not changed since Windows Server 2008.
 </tbody>
 </table>
 
- 
+### Storage Replica Administrators
+
+Members of this group have complete and unrestricted access to all features of Storage Replica.
+
+The Storage Replica Administrators group applies to versions of the Windows Server operating system listed in the [Active Directory Default Security Groups table](#bkmk-groupstable).
+
+| Attribute | Value |
+|-----------|-------|
+| Well-Known SID/RID | S-1-5-32-582 |
+| Type | BuiltIn Local |
+| Default container | CN=BuiltIn, DC=&lt;domain&gt;, DC= |
+| Default members | None |
+| Default member of | None |
+| Protected by ADMINSDHOLDER? | No |
+| Safe to delegate management of this group to non-Service admins? | No |
+| Default User Rights | None |
+
+<!-- WHEN MORE INFO IS AVAILABLE, ADD LINES to the above table -- a line under the ADMINSDHOLDER line, "Safe to move out of default container?" -->
+
+### System Managed Accounts Group
+
+Members of this group are managed by the system.
+
+The System Managed Accounts group applies to versions of the Windows Server operating system listed in the [Active Directory Default Security Groups table](#bkmk-groupstable).
+
+
+| Attribute | Value |
+|-----------|-------|
+| Well-Known SID/RID | S-1-5-32-581 |
+| Type | BuiltIn Local |
+| Default container | CN=BuiltIn, DC=&lt;domain&gt;, DC= |
+| Default members | Users |
+| Default member of | None |
+| Protected by ADMINSDHOLDER? | No |
+| Safe to delegate management of this group to non-Service admins? | No |
+| Default User Rights | None |
+
+<!-- WHEN MORE INFO IS AVAILABLE, ADD LINES to the above table -- a line under the ADMINSDHOLDER line, "Safe to move out of default container?" -->
 
 ### <a href="" id="bkmk-terminalserverlic"></a>Terminal Server License Servers
 

windows/keep-secure/ad-ds-schema-extensions-to-support-tpm-backup.md

@@ -12,13 +12,17 @@ author: brianlic-msft
 # AD DS schema extensions to support TPM backup
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1511
+-   Windows 10, version 1507
+
+**Does not apply to**
+- Windows 10, version 1607 or later
 
 This topic provides more details about this change and provides template schema extensions that you can incorporate into your organization.
 
 ## Why a schema extension is needed
 
-The TPM owner authorization value is now stored in a separate object which is linked to the Computer object. This value was stored as a property in the Computer object itself for the default Windows Server 2008 R2 schemas. Windows Server 2012 domain controllers have the default schema to backup TPM owner authorization information in the separate object. If you are not upgrading your domain controller to Windows Server 2012 you need to extend the schema to support this change. If Active Directory backup of the TPM owner authorization value is enabled in a Windows Server 2008 R2 environment without extending the schema, the TPM provisioning will fail and the TPM will remain in a Not Ready state for computers running Windows 8. The following are the two schema extensions that you can use to bring your Windows Server 2008 R2 domain to parity with Windows Server 2012:
+The TPM owner authorization value is now stored in a separate object which is linked to the Computer object. This value was stored as a property in the Computer object itself for the default Windows Server 2008 R2 schema. Windows Server 2012 domain controllers have the default schema to backup TPM owner authorization information in the separate object. If you are not upgrading your domain controller to Windows Server 2012, you need to extend the schema to support this change. If Active Directory backup of the TPM owner authorization value is enabled in a Windows Server 2008 R2 environment without extending the schema, the TPM provisioning will fail and the TPM will remain in a Not Ready state for computers running Windows 8. The following are the two schema extensions that you can use to bring your Windows Server 2008 R2 domain to parity with Windows Server 2012:
 
 ### <a href="" id="tpmschemaextension-ldf-"></a>TpmSchemaExtension.ldf
 

windows/keep-secure/backup-tpm-recovery-information-to-ad-ds.md

@@ -12,7 +12,11 @@ author: brianlic-msft
 # Backup the TPM recovery Information to AD DS
 
 **Applies to**
--   Windows 10
+-   Windows 10, version 1511
+-   Windows 10, version 1507
+
+**Does not apply to**
+- Windows 10, version 1607 or later
 
 This topic for the IT professional describes how to back up a computer’s Trusted Platform Module (TPM) information to Active Directory Domain Services (AD DS) so that you can use AD DS to administer the TPM from a remote computer.
 

windows/keep-secure/bitlocker-recovery-guide-plan.md

@@ -410,10 +410,10 @@ You can use the following sample script to create a VBScript file to retrieve th
 ' Usage
 ' --------------------------------------------------------------------------------
 Sub ShowUsage
-   Wscript.Echo "USAGE: GetBitLockerKeyPackageAD [Path To Saved Key Package] [Optional Computer Name]"
+   Wscript.Echo "USAGE: GetBitLockerKeyPackageADDS [Path To Save Key Package] [Optional Computer Name]"
    Wscript.Echo "If no computer name is specified, the local computer is assumed."
    Wscript.Echo 
-   Wscript.Echo "Example: GetBitLockerKeyPackageAD E:\bitlocker-ad-key-package mycomputer"
+   Wscript.Echo "Example: GetBitLockerKeyPackageADDS E:\bitlocker-ad-key-package mycomputer"
    WScript.Quit
 End Sub
 ' --------------------------------------------------------------------------------
@@ -541,13 +541,23 @@ Function BinaryToString(Binary)
   BinaryToString = S
 End Function
 WScript.Quit
+```
+
 The following sample script exports a new key package from an unlocked, encrypted volume.
-To run this script, start by saving the code into a VBS file (for example, GetBitLockerKeyPackage.vbs). Then, open an administrator command prompt and use “cscript” to run the saved file (for example, type "cscript GetBitLockerKeyPackage.vbs  -?").
+
+**To run the sample key package retrieval script**
+
+1. Save the following sample script in a VBScript file. For example: GetBitLockerKeyPackage.vbs
+2. Open an administrator command prompt, type a command similar to the following:
+
+    **cscript GetBitLockerKeyPackage.vbs  -?**
+
+``` syntax
 ' --------------------------------------------------------------------------------
 ' Usage
 ' --------------------------------------------------------------------------------
 Sub ShowUsage
-   Wscript.Echo "USAGE: GetBitLockerKeyPackage [VolumeLetter/DriveLetter:] [Path To Saved Key Package]"
+   Wscript.Echo "USAGE: GetBitLockerKeyPackage [VolumeLetter/DriveLetter:] [Path To Save Key Package]"
    Wscript.Echo 
    Wscript.Echo "Example: GetBitLockerKeyPackage C: E:\bitlocker-backup-key-package"
    WScript.Quit

windows/keep-secure/change-history-for-keep-windows-10-secure.md

@@ -13,6 +13,8 @@ author: brianlic-msft
 This topic lists new and updated topics in the [Keep Windows 10 secure](index.md) documentation for [Windows 10 and Windows 10 Mobile](../index.md).
 
 ## August 2016
+- [Testing scenarios for Windows Information Protection (WIP)](testing-scenarios-for-wip.md) |Updated and added additional scenarios for testing. |
+- [Protect your enterprise data using Windows Information Protection (WIP)](protect-enterprise-data-using-wip.md) |Updated to include info from the original What's New and Overview topics. |
 - [Override Process Mitigation Options to help enforce app-related security policies](override-mitigation-options-for-app-related-security-policies.md) |New |
 
 ## RELEASE: Windows 10, version 1607

windows/keep-secure/change-the-tpm-owner-password.md

@@ -17,11 +17,13 @@ author: brianlic-msft
 This topic for the IT professional describes how to change the password or PIN for the owner of the Trusted Platform Module (TPM) that is installed on your system.
 
 ## About the TPM owner password
-The owner of the TPM is the user who possesses the owner password and is able to set it and change it. Only one owner password exists per TPM. The owner of the TPM can make full use of TPM capabilities. When an owner is set, no other user or software can claim ownership of the TPM. Only the TPM owner can enable, disable, or clear the TPM without having physical access to the computer, for example, by using the command-line tools remotely. Taking ownership of the TPM can be performed as part of the initialization process. Ownership can change when you share the password or clear your ownership of the TPM so someone else can initialize it.
+Starting with Windows 10, version 1607 , Windows will not retain the TPM owner password when provisioning the TPM.  The password will be set to a random high entropy value and then discarded.
 
-Applications, including BitLocker Drive Encryption, can automatically start the initialization process. If you enable BitLocker without manually initializing the TPM, the TPM owner password is automatically created and saved in the same location as the BitLocker recovery password.
-The TPM owner password can be saved as a file on a removable storage device, or on another computer. The password can also be printed. The TPM MMC gives the TPM owner the sole ability to choose the appropriate option to type the password or to use the saved password.
-As with any password, you should change your TPM owner password if you suspect that it has become compromised and is no longer a secret.
+In order to retain the TPM owner password, you will need to set the registry key 'HKLM\Software\Policies\Microsoft\TPM' [REG_DWORD] 'OSManagedAuthLevel' to 4.  The default value for this key is 2, and unless it is changed to 4 before the TPM is provisioned, the owner password will not be saved.  Microsoft strongly recommends that you do not change the default value of this registry key in order to retain the owner password.
+
+Only one owner password exists for each TPM. The TPM owner password allows the ability to enable, disable, or clear the TPM without having physical access to the computer, for example, by using the command-line tools remotely. The TPM owner password also allows manipulation of the TPM dictionary attack logic.  Taking ownership of the TPM is performed by Windows as part of the provisioning process on each boot. Ownership can change when you share the password or clear your ownership of the TPM so someone else can initialize it.
+
+Without the owner password you can still perform all the preceding actions by means of a physical presence confirmation from UEFI.
 
 **Other TPM management options**
 
@@ -31,7 +33,7 @@ Instead of changing your owner password, you can also use the following options
 
     >**Important:**  Clearing the TPM can result in the loss of data. To avoid data loss, make sure you have a backup or recovery method for any data protected or encrypted by the TPM.
      
--   **Turn off the TPM**   If you want to keep all existing keys and data intact, and you want to disable the services that are provided by the TPM, you can turn it off. For more info, see [Initialize and Configure Ownership of the TPM](initialize-and-configure-ownership-of-the-tpm.md#bkmk-onoff).
+-   **Turn off the TPM**   If you want to keep all existing keys and data intact, and you want to disable the services that are provided by the TPM, you can turn it off. For more info, see [Initialize and Configure Ownership of the TPM](initialize-and-configure-ownership-of-the-tpm.md#bkmk-onoff). This option is only available for TPM 1.2.
 
 ## Change the TPM owner password
 
@@ -39,6 +41,8 @@ The following procedure provides the steps that are necessary to change the TPM
 
 **To change the TPM owner password**
 
+If you have opted specifically to preserve the TPM owner password, you can use the saved password to change to a new password.
+
 1.  Open the TPM MMC (tpm.msc). If the **User Account Control** dialog box appears, confirm that the action it displays is what you want, and then click **Yes**.
 2.  In the **Actions** pane, click **Change Owner Password**.
 3.  In the **Manage the TPM security hardware** dialog box, select a method to enter your current TPM owner password.

windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md

@@ -30,8 +30,15 @@ The WinHTTP configuration setting is independent of the Windows Internet (WinINe
 
 - Configure the proxy server manually using a static proxy
 
-## Configure the proxy server manually using a static proxy
-Configure a static proxy to allow only Windows Defender ATP sensor to report telemetry and communicate with Windows Defender ATP services if a computer is not be permitted to connect to the Internet.
+    - Auto-discovery methods:
+        - Transparent proxy
+
+    - Manual static proxy configuration
+      - WinHTTP configured using netsh command
+      -	Registry based configuration
+
+## Configure the proxy server manually using a registry-based static proxy
+Configure a registry-based static proxy to allow only Windows Defender ATP sensor to report telemetry and communicate with Windows Defender ATP services if a computer is not be permitted to connect to the Internet.
 
 The static proxy is configurable through Group Policy (GP). The group policy can be found under: **Administrative Templates > Windows Components > Data Collection and Preview Builds > Configure connected user experiences and telemetry**.
 
@@ -46,8 +53,26 @@ For example: 10.0.0.6:8080
 
 If the static proxy settings are configured after onboarding, then you must restart the PC to apply the proxy settings.
 
-## Enable access to Windows Defender ATP service URLs in the proxy server
+## Configure the proxy server manually using netsh command
 
+Use netsh to configure a system-wide static proxy.
+
+> [!NOTE]
+> This will affect all applications including Windows services which use WinHTTP with default proxy.
+
+1. Open an elevated command-line:
+
+    a. Go to **Start** and type **cmd**.
+
+    b. Right-click **Command prompt** and select **Run as administrator**.
+
+4. Enter the following command and press **Enter**:
+```
+netsh winhttp set proxy <proxy>:<port>
+```
+For example: netsh winhttp set proxy 10.0.0.6:8080
+
+## Enable access to Windows Defender ATP service URLs in the proxy server
 If a proxy or firewall is blocking all traffic by default and allowing only specific domains through, make sure that the following URLs are white-listed to permit communication with Windows Defender ATP service in port 80 and 443:
 
 Primary Domain Controller | .Microsoft.com DNS record
@@ -60,6 +85,10 @@ Primary Domain Controller | .Microsoft.com DNS record
  <br>
  If a proxy or firewall is blocking anonymous traffic, as Windows Defender ATP  sensor is connecting from system context, make sure anonymous traffic is permitted in the above listed URLs.
 
+ If you selected US as your region, you should permit anonymous traffic for URLs listed in both Central US and East US (2).
+
+ If you selected EU as your region, you should permit anonymous traffic for URLs listed in both West Europe and North Europe.
+
 
 ## Verify client connectivity to Windows Defender ATP service URLs
 

windows/keep-secure/create-vpn-and-wip-policy-using-intune.md

@@ -28,7 +28,7 @@ Follow these steps to create the VPN policy you want to use with WIP.
 
 2.  Go to **Windows**, click the **VPN Profile (Windows 10 Desktop and Mobile and later)**, click **Create and Deploy a Custom Policy**, and then click **Create Policy**.
 
-    ![Microsoft Intune: Create a new policy using the New Policy screen](images/intune-vpn-createpolicy.png)
+    ![Microsoft Intune, Create a new policy using the New Policy screen](images/intune-vpn-createpolicy.png)
 
 3.  Type *WIPModeID* into the **Name** box, along with an optional description for your policy into the **Description** box.
 
@@ -49,7 +49,7 @@ Follow these steps to create the VPN policy you want to use with WIP.
 5.  In the **Authentication** area, choose the authentication method that matches your VPN infrastructure, either **Username and Password** or **Certificates**.<p>
 It's your choice whether you check the box to **Remember the user credentials at each logon**.
 
-    ![Microsoft Intune: Choose the Authentication Method for your VPN system](images/intune-vpn-authentication.png)
+    ![Microsoft Intune, Choose the Authentication Method for your VPN system](images/intune-vpn-authentication.png)
 
 6.  You can leave the rest of the default or blank settings, and then click **Save Policy**.
 
@@ -77,7 +77,7 @@ The final step to making your VPN configuration work with WIP, is to link your t
 
 2.  Go to **Windows**, click the **Custom Configuration (Windows 10 Desktop and Mobile and later)**, click **Create and Deploy a Custom Policy**, and then click **Create Policy**.
 
-    ![Microsoft Intune: Create a new policy from the New Policy screen](images/intune-vpn-customconfig.png)
+    ![Microsoft Intune, Create a new policy from the New Policy screen](images/intune-vpn-customconfig.png)
 
 3.  Type a name (required) and an optional description for your policy into the **Name** and **Description** boxes.
 
@@ -106,6 +106,8 @@ The final step to making your VPN configuration work with WIP, is to link your t
 
 2.  In the left pane of the **Manage Deployment** box, click the employees or groups that should get the policy, and then click **Add**. The added people move to the **Selected Groups** list on the right-hand pane.
 
+    ![Microsoft Intune, Manage Deployment box used to deploy your linked VPN policy](images/intune-groupselection_vpnlink.png)
+
 3.  After you've picked all of the employees and groups that should get the policy, click **OK**. The policy is deployed to the selected users' devices.
 
 

windows/keep-secure/create-wip-policy-using-intune.md

@@ -411,12 +411,12 @@ There are no default locations included with WIP, you must add each of your netw
 
 4. Decide if you want to Windows to look for additional network settings:
 
+    ![Microsoft Intune, Choose if you want Windows to search for additinal proxy servers or IP ranges in your enterprise](images/intune-network-detection-boxes.png)
+
     - **Enterprise Proxy Servers list is authoritative (do not auto-detect).** Click this box if you want Windows to treat the proxy servers you specified in the network boundary definition as the complete list of proxy servers available on your network. If you clear this box, Windows will search for additional proxy servers in your immediate network.
 
 	- **Enterprise IP Ranges list is authoritative (do not auto-detect).** Click this box if you want Windows to treat the IP ranges you specified in the network boundary definition as the complete list of IP ranges available on your network. If you clear this box, Windows will search for additional IP ranges on any domain-joined devices connected to your network.
 
-	- **Show the Windows Information Protection icon overlay on your allowed apps that are WIP-unaware in the Windows Start menu and on corporate file icons in the File Explorer.** Click this box if you want the Windows Information Protection icon overlay to appear on corporate files or in the Start menu, on top the tiles for your unenlightened protected apps.
-
 5.	In the required **Upload a Data Recovery Agent (DRA) certificate to allow recovery of encrypted data** box, click **Browse** to add a data recovery certificate for your policy.
 
        ![Microsoft Intune, Add your Data Recovery Agent (DRA) certificate](images/intune-data-recovery.png)

windows/keep-secure/deploy-code-integrity-policies-policy-rules-and-file-rules.md

@@ -79,11 +79,6 @@ File rule levels allow administrators to specify the level at which they want to
 
 Each file rule level has its benefit and disadvantage. Use Table 3 to select the appropriate protection level for your available administrative resources and Device Guard deployment scenario.
 
-<!-- Need to confirm these updated table rows:
-    | **SignedVersion** | This combines the publisher rule with a version number. This option allows anything from the specified publisher, with a version at or above the specified version number, to run. |
-    | **FilePublisher** | This is a combination of the “FileName” attribute of the signed file, plus “Publisher” (PCA certificate with CN of leaf), plus a minimum version number. This option trusts specific files from the specified publisher, with a version at or above the specified version number. |
---> 
-
 Table 3. Code integrity policy - file rule levels
 
 | Rule level | Description |
@@ -100,7 +95,7 @@ Table 3. Code integrity policy - file rule levels
 | **WHQLPublisher** | This is a combination of the WHQL and the CN on the leaf certificate and is primarily for kernel binaries. |
 | **WHQLFilePublisher** | Specifies that the binaries are validated and signed by WHQL, with a specific publisher (WHQLPublisher), and that the binary is the specified version or newer. This is primarily for kernel binaries. |
 
-> **Note**&nbsp;&nbsp;When you create code integrity policies with the [New-CIPolicy](https://technet.microsoft.com/library/mt634473.aspx) cmdlet, you can specify a primary file rule level by including the **–Level** parameter. For discovered binaries that cannot be trusted based on the primary file rule criteria, use the **–Fallback** parameter. For example, if the primary file rule level is PCACertificate but you would like to trust the unsigned applications as well, using the Hash rule level as a fallback adds the hash values of binaries that did not have a signing certificate.
+> **Note**&nbsp;&nbsp;When you create code integrity policies with the [New-CIPolicy](https://technet.microsoft.com/library/mt634473.aspx) cmdlet, you can specify a primary file rule level by including the **-Level** parameter. For discovered binaries that cannot be trusted based on the primary file rule criteria, use the **-Fallback** parameter. For example, if the primary file rule level is PCACertificate but you would like to trust the unsigned applications as well, using the Hash rule level as a fallback adds the hash values of binaries that did not have a signing certificate.
 
 ## Related topics
 

windows/keep-secure/enable-pua-windows-defender-for-windows-10.md

@@ -31,13 +31,13 @@ These applications can increase the risk of your network being infected with mal
 
 Since the stakes are higher in an enterprise environment, the potential disaster and potential productivity and performance disruptions that PUA brings can be a cause of concern. Hence, it is important to deliver trusted protection in this field.
 
-##Enable PUA protection in SCCM and Intune
+##Enable PUA protection in System Center Configuration Manager and Intune
 
-The PUA feature is available for enterprise users who are running System Center Configuration Manager (SCCM) or Intune in their infrastructure.
+The PUA feature is available for enterprise users who are running System Center Configuration Manager or Intune in their infrastructure.
 
-###Configure PUA in SCCM
+###Configure PUA in System Center Configuration Manager
 
-For SCCM users, PUA is enabled by default. See the following topics for configuration details:
+For System Center Configuration Manager users, PUA is enabled by default. See the following topics for configuration details:
 
 If you are using these versions | See these topics
 :---|:---
@@ -45,7 +45,7 @@ System Center Configuration Manager (current branch) version 1606 | [Create a ne
 System Center 2012 R2 Endpoint Protection<br>System Center 2012 Configuration Manager<br>System Center 2012 Configuration Manager SP1<br>System Center 2012 Configuration Manager SP2<br>System Center 2012 R2 Configuration Manager<br>System Center 2012 Endpoint Protection SP1<br>System Center 2012 Endpoint Protection<br>System Center 2012 R2 Configuration Manager SP1| [How to Deploy Potentially Unwanted Application Protection Policy for Endpoint Protection in Configuration Manager](https://technet.microsoft.com/library/hh508770.aspx#BKMK_PUA)
 
 <br>
-###Use PUA audit mode in SCCM
+###Use PUA audit mode in System Center Configuration Manager
 
 You can use PowerShell to detect PUA without blocking them. In fact, you can run audit mode on individual machines. This feature is useful if your company is conducting an internal software security compliance check and you’d like to avoid any false positives.
 
@@ -59,10 +59,10 @@ You can use PowerShell to detect PUA without blocking them. In fact, you can run
 2. Enter the PowerShell command:
 
   ```text
-  et-mpPreference -puaprotection 2
+  set-mpPreference -puaprotection 2
   ```
 > [!NOTE]
-> PUA events are reported in the Windows Event Viewer and not in SCCM.  
+> PUA events are reported in the Windows Event Viewer and not in System Center Configuration Manager.  
 
 
 ###Configure PUA in Intune
@@ -86,12 +86,12 @@ You can use PowerShell to detect PUA without blocking them. In fact, you can run
 2. Enter the PowerShell command:
 
   ```text
-  et-mpPreference -puaprotection 1
+  set-mpPreference -puaprotection 1
   ```
 
 ##View PUA events
 
-PUA events are reported in the Windows Event Viewer and not in SCCM or Intune. To view PUA events:
+PUA events are reported in the Windows Event Viewer and not in System Center Configuration Manager or Intune. To view PUA events:
 
 1.  Open **Event Viewer**.
 2.  In the console tree, expand **Applications and Services Logs**, then **Microsoft**, then **Windows**, then **Windows Defender**.

windows/keep-secure/implement-microsoft-passport-in-your-organization.md

@@ -342,7 +342,6 @@ You’ll need this software to set Windows Hello for Business policies in your e
 <li>Azure AD subscription</li>
 <li>[Azure AD Connect](http://go.microsoft.com/fwlink/p/?LinkId=616792)</li>
 <li>AD CS with NDES</li>
-<<<<<<< HEAD
 <li>Configuration Manager for domain-joined certificate enrollment, or InTune for non-domain-joined devices, or a non-Microsoft MDM service that supports Passport for Work</li>
 </ul></td>
 </tr>

windows/keep-secure/initialize-and-configure-ownership-of-the-tpm.md

@@ -106,13 +106,13 @@ Some systems may have multiple TPMs and the active TPM may be toggled in the BIO
 
 ## <a href="" id="bkmk-onoff"></a>Turn on or turn off the TPM
 
-Normally, the TPM is turned on as part of the TPM initialization process. You do not normally need to turn the TPM on or off. However, if necessary you can do so by using the TPM MMC.
+Normally, the TPM is turned on as part of the TPM initialization process. You do not normally need to turn the TPM on or off. However, if necessary you can do so by using the TPM MMC. This option is only available with TPM 1.2 and does not apply to TPM 2.0.
 
 ### <a href="" id="turn-on-the-tpm-"></a>Turn on the TPM
 
 If the TPM has been initialized but has never been used, or if you want to use the TPM after you have turned it off, you can use the following procedure to turn on the TPM.
 
-**To turn on the TPM**
+**To turn on the TPM (TPM 1.2 Only)**
 
 1.  Open the TPM MMC (tpm.msc).
 2.  In the **Action** pane, click **Turn TPM On** to display the **Turn on the TPM Security Hardware** page. Read the instructions on this page.
@@ -125,7 +125,7 @@ If the TPM has been initialized but has never been used, or if you want to use t
 If you want to stop using the services that are provided by the TPM, you can use the TPM MMC to turn off the TPM. If you have the TPM owner password, physical access to the computer is not required to turn off the TPM. If you do not have the TPM owner password, you must have physical access to the 
 computer to turn off the TPM.
 
-**To turn off the TPM**
+**To turn off the TPM (TPM 1.2 only)**
 
 1.  Open the TPM MMC (tpm.msc).
 2.  In the **Action** pane, click **Turn TPM Off** to display the **Turn off the TPM security hardware** page.
@@ -156,13 +156,7 @@ Membership in the local Administrators group, or equivalent, is the minimum requ
     
     Clearing the TPM resets it to factory defaults and turns it off. You will lose all created keys and data that is protected by those keys.
      
-4.  In the **Clear the TPM security hardware** dialog box, select one of the following methods to enter your password and clear the TPM:
-    -   If you have the removable storage device with your saved TPM owner password, insert it, and click **I have the owner password file**. In the **Select backup file with the TPM owner password** dialog box, use **Browse** to navigate to the .tpm file that is saved on your removable storage device. Click **Open**, and then click **Clear TPM**.
-    -   If you do not have the removable storage device with your saved password, click **I want to enter the owner password**. In the **Type your TPM owner password** dialog box, type your password (including hyphens), and click **Clear TPM**.
-    -   If you do not know your TPM owner password, click **I don't have the TPM owner password**, and follow the instructions that are provided to clear the TPM without entering the password.
-    >**Note:**  If you have physical access to the computer, you can clear the TPM and perform a limited number of management tasks without entering the TPM owner password.
-     
-    The status of your TPM is displayed under **Status** in TPM MMC.
+4.  You will be prompted to restart the computer. During the restart, you will be prompted by the BIOS or UEFI to press a button to confirm you wish to clear the TPM.
 
 ## <a href="" id="bkmk-tpmcmdlets"></a>Use the TPM cmdlets
 

windows/keep-secure/manage-tpm-lockout.md

@@ -19,17 +19,21 @@ This topic for the IT professional describes how to manage the lockout feature f
 
 The TPM will lock itself to prevent tampering or malicious attacks. TPM lockout often lasts for a variable amount of time or until the computer is turned off. While the TPM is in lockout mode, it generally returns an error message when it receives commands that require an authorization value. One exception is that the TPM always allows the owner at least one attempt to reset the TPM lockout when it is in lockout mode.
 
-TPM ownership is commonly taken the first time BitLocker Drive Encryption is turned on for the computer. In this case, the TPM owner authorization password is saved with the BitLocker recovery key. When the BitLocker recovery key is saved to a file, BitLocker also saves a TPM owner password file (.tpm) with the TPM owner password hash value. When the BitLocker recovery key is printed, the TPM owner password is printed at the same time. You can also save your TPM owner password hash value to Active Directory Domain Services (AD DS) if your organization's Group Policy settings are configured to do so.
+TPM ownership is taken upon first boot by Windows. By default, Windows does not retain the TPM owner password.
 
 In some cases, encryption keys are protected by a TPM by requiring a valid authorization value to access the key. A common example is configuring BitLocker Drive Encryption to use the TPM plus PIN key protector. In this scenario, the user must type the correct PIN during the boot process to access the volume encryption key protected by the TPM. To prevent malicious users or software from discovering authorization values, TPMs implement protection logic. The protection logic is designed to slow or stop responses from the TPM if it detects that an entity might be trying to guess authorization values.
 
-The industry standards from the Trusted Computing Group (TCG) specify that TPM manufacturers must implement some form of protection logic in TPM 1.2 and TPM 2.0 chips. TPM manufacturers implement different protection mechanisms and behavior. The general guidance is for the TPM chip to take exponentially longer to respond if incorrect authorization values are sent to the TPM. Some TPM chips may not store failed attempts over time. Other TPM chips may store every failed attempt indefinitely. Therefore, some users may experience increasingly longer delays when they mistype an authorization value that is sent to the TPM. This can prevent them from using the TPM for a period of time.
+**TPM 1.2**
+The industry standards from the Trusted Computing Group (TCG) specify that TPM manufacturers must implement some form of protection logic in TPM 1.2 and TPM 2.0 chips. TPM 1.2 devices implement different protection mechanisms and behavior. In general, the TPM chip takes exponentially longer to respond if incorrect authorization values are sent to the TPM. Some TPM chips may not store failed attempts over time. Other TPM chips may store every failed attempt indefinitely. Therefore, some users may experience increasingly longer delays when they mistype an authorization value that is sent to the TPM. This can prevent them from using the TPM for a period of time.
+
+**TPM 2.0**
+ TPM 2.0 devices have standardized lockout behavior which is configured by Windows. TPM 2.0 devices have a maximum count threshold and a healing time. Windows configures the maximum count to be 32 and the healing time to be 2 hours. This means that every continuous two hours of powered on operation without an event which increases the counter will cause the counter to decrease by 1.
 
 If your TPM has entered lockout mode or is responding slowly to commands, you can reset the lockout value by using the following procedures. Resetting the TPM lockout requires the TPM owner’s authorization.
 
 ## Reset the TPM lockout by using the TPM MMC
 
-The following procedure explains the steps to reset the TPM lockout by using the TPM MMC.
+The following procedure explains the steps to reset the TPM lockout by using the TPM MMC.  Note that this procedure is only available if you have configured Windows to retain the TPM owner password. By default, this behavior is not available in Windows 10.
 
 **To reset the TPM lockout**
 
@@ -71,4 +75,4 @@ For details about the individual cmdlets, see [TPM Cmdlets in Windows PowerShell
 
 ## Additional resources
 
-For more info about TPM, see [TPM technology overview](trusted-platform-module-overview.md#bkmk-additionalresources).
+For more info about TPM, see [TPM technology overview](trusted-platform-module-overview.md#bkmk-additionalresources).

windows/keep-secure/microsoft-passport-guide.md

@@ -16,7 +16,10 @@ localizationpriority: high
 **Applies to**
 -   Windows 10
 
-This guide describes the new Windows Hello and Microsoft Passport technologies that are part of the Windows 10 operating system. It highlights specific capabilities of these technologies that help mitigate threats from conventional credentials and provides guidance about how to design and deploy these technologies as part of your Windows 10 rollout.
+This guide describes the new Windows Hello and Microsoft Passport technologies that are part of the Windows 10, version 1511 operating system. It highlights specific capabilities of these technologies that help mitigate threats from conventional credentials and provides guidance about how to design and deploy these technologies as part of your Windows 10 rollout.
+
+>[!NOTE]
+>For information about Windows Hello for Business in Windows 10, version 1607, see [Manage identity verification using Windows Hello for Business](manage-identity-verification-using-microsoft-passport.md).
 
 A fundamental assumption about information security is that a system can identify who’s using it. In identifying a user, the system can decide whether the user has identified himself or herself appropriately (a process known as authentication), and then determine what that properly authenticated user should be able to do (a process known as authorization). The overwhelming majority of computer systems deployed throughout the world depend on user credentials as a means of making authentication and authorization decisions, and that means that these systems depend on reusable, user-created passwords for their security. The oft-cited maxim that authentication can involve “something you know, something you have, or something you are” neatly highlights the issue: a reusable password is an authentication factor all by itself, so anyone who knows the password can impersonate the user who owns it.
 

windows/keep-secure/protect-enterprise-data-using-wip.md

@@ -2,7 +2,7 @@
 title: Protect your enterprise data using Windows Information Protection (WIP) (Windows 10)
 description: With the increase of employee-owned devices in the enterprise, there’s also an increasing risk of accidental data leak through apps and services, like email, social media, and the public cloud, which are outside of the enterprise’s control.
 ms.assetid: 6cca0119-5954-4757-b2bc-e0ea4d2c7032
-keywords: WIP, Windows Information Protection, EDP, Enterprise Data Protection
+keywords: WIP, Windows Information Protection, EDP, Enterprise Data Protection, DLP, data loss prevention, data leakage protection
 ms.prod: w10
 ms.mktglfcycl: explore
 ms.sitesec: library
@@ -16,6 +16,7 @@ localizationpriority: high
 
 -   Windows 10, version 1607
 -   Windows 10 Mobile
+>Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
 
 With the increase of employee-owned devices in the enterprise, there’s also an increasing risk of accidental data leak through apps and services, like email, social media, and the public cloud, which are outside of the enterprise’s control. For example, when an employee sends the latest engineering pictures from their personal email account, copies and pastes product info into a tweet, or saves an in-progress sales report to their public cloud storage.
 
@@ -28,6 +29,43 @@ You’ll need this software to run WIP in your enterprise:
 |-----------------|---------------------|
 |Windows 10, version 1607 | Microsoft Intune<br>-OR-<br>System Center Configuration Manager<br>-OR-<br>Your current company-wide 3rd party mobile device management (MDM) solution. For info about 3rd party MDM solutions, see the documentation that came with your product. If your 3rd party MDM does not have UI support for the policies, refer to the [EnterpriseDataProtection CSP](https://msdn.microsoft.com/en-us/library/windows/hardware/mt697634.aspx) documentation.|
 
+## What is enterprise data control?
+Effective collaboration means that you need to share data with others in your enterprise. This sharing can be from one extreme where everyone has access to everything without any security, all the way to the other extreme where people can’t share anything and it’s all highly secured. Most enterprises fall somewhere in between the two extremes, where success is balanced between providing the necessary access with the potential for improper data disclosure.
+
+As an admin, you can address the question of who gets access to your data by using access controls, such as employee credentials. However, just because someone has the right to access your data doesn’t guarantee that the data will remain within the secured locations of the enterprise. This means that while access controls are a great start, they’re not enough.
+
+In the end, all of these security measures have one thing in common: employees will tolerate only so much inconvenience before looking for ways around the security restrictions. For example, if you don’t allow employees to share files through a protected system, employees will turn to an outside app that more than likely lacks security controls.
+
+### Using data loss prevention systems
+To help address this security insufficiency, company’s developed data loss prevention (also known as DLP) systems. Data loss prevention systems require:
+- **A set of rules about how the system can identify and categorize the data that needs to be protected.** For example, a rule set might contain a rule that identifies credit card numbers and another rule that identifies Social Security numbers.
+
+- **A way to scan company data to see whether it matches any of your defined rules.** Currently, Microsoft Exchange Server and Exchange Online provide this service for email in transit, while Microsoft SharePoint and SharePoint Online provide this service for content stored in document libraries.
+
+- **The ability to specify what happens when data matches a rule, including whether employees can bypass enforcement.** For example, in Microsoft SharePoint and SharePoint Online, the Microsoft data loss prevention system lets you warn your employees that shared data includes sensitive info, and to share it anyway (with an optional audit log entry).
+
+Unfortunately, data loss prevention systems have their own problems. For example, the more detailed the rule set, the more false positives are created, leading employees to believe that the rules slow down their work and need to be bypassed in order to remain productive, potentially leading to data being incorrectly blocked or improperly released. Another major problem is that data loss prevention systems must be widely implemented to be effective. For example, if your company uses a data loss prevention system for email, but not for file shares or document storage, you might find that your data leaks through the unprotected channels. But perhaps the biggest problem with data loss preventions systems is that it provides a jarring experience that interrupts the employees’ natural workflow by blocking some operations (such as sending a message with an attachment that the system tags as sensitive) while allowing others, often according to subtle rules that the employee doesn’t see and can’t understand.
+
+### Using information rights management systems
+To help address the potential data loss prevention system problems, company’s developed information rights management (also known as IRM) systems. Information rights management systems embed protection directly into documents, so that when an employee creates a document, he or she determines what kind of protection to apply. For example, an employee can choose to stop the document from being forwarded, printed, shared outside of the organization, and so on. 
+
+After the type of protection is set, the creating app encrypts the document so that only authorized people can open it, and even then, only in compatible apps. After an employee opens the document, the app becomes responsible for enforcing the specified protections. Because protection travels with the document, if an authorized person sends it to an unauthorized person, the unauthorized person won’t be able to read or change it. However, for this to work effectively information rights management systems require you to deploy and set up both a server and client environment. And, because only compatible clients can work with protected documents, an employees’ work might be unexpectedly interrupted if he or she attempts to use a non-compatible app.
+
+### And what about when an employee leaves the company or unenrolls a device?
+Finally, there’s the risk of data leaking from your company when an employee leaves or unenrolls a device. Previously, you would simply erase all of the corporate data from the device, along with any other personal data on the device.
+
+## Benefits of WIP
+WIP provides:
+- Obvious separation between personal and corporate data, without requiring employees to switch environments or apps.
+
+- Additional data protection for existing line-of-business apps without a need to update the apps.
+
+- Ability to wipe corporate data from devices while leaving personal data alone.
+
+- Use of audit reports for tracking issues and remedial actions.
+
+- Integration with your existing management system (Microsoft Intune, System Center Configuration Manager 2016, or your current mobile device management (MDM) system) to configure, deploy, and manage WIP for your company.
+
 ## How WIP works
 WIP helps address your everyday challenges in the enterprise. Including:
 
@@ -39,16 +77,29 @@ WIP helps address your everyday challenges in the enterprise. Including:
 
 - Helping control the network and data access and data sharing for apps that aren’t enterprise aware
 
+### Enterprise scenarios
+WIP currently addresses these enterprise scenarios:
+- You can encrypt enterprise data on employee-owned and corporate-owned devices.
+
+- You can remotely wipe enterprise data off managed computers, including employee-owned computers, without affecting the personal data.
+
+- You can select specific apps that can access enterprise data, called "allowed apps" that are clearly recognizable to employees. You can also block non-protected apps from accessing enterprise data.
+
+- Your employees won't have their work otherwise interrupted while switching between personal and enterprise apps while the enterprise policies are in place. Switching environments or signing in multiple times isn’t required.
+
 ### WIP-protection modes
-You can set WIP to 1 of 4 protection and management modes:
+Enterprise data is automatically encrypted after it’s loaded on a device from an enterprise source or if an employee marks the data as corporate. Then, when the enterprise data is written to disk, WIP uses the Windows-provided Encrypting File System (EFS) to protect it and associate it with your enterprise identity.
+
+Your WIP policy includes a list of trusted apps that are allowed to access and process corporate data. This list of apps is implemented through the [AppLocker](applocker-overview.md) functionality, controlling what apps are allowed to run and letting the Windows operating system know that the apps can edit corporate data. Apps included on this list don’t have to be modified to open corporate data because their presence on the list allows Windows to determine whether to grant them access. However, new for Windows 10, app developers can use a new set of application programming interfaces (APIs) to create *enlightened* apps that can use and edit both enterprise and personal data. A huge benefit to working with enlightened apps is that dual-use apps, like Microsoft Word, can be used with less concern about encrypting personal data by mistake because the APIs allow the app to determine whether data is owned by the enterprise or if it’s personally owned.
+
+You can set your WIP policy to use 1 of 4 protection and management modes:
 
 |Mode|Description|
 |----|-----------|
 |Block |WIP looks for inappropriate data sharing practices and stops the employee from completing the action. This can include sharing enterprise data to non-enterprise-protected apps in addition to sharing enterprise data between apps or attempting to share outside of your organization’s network.|
 |Override |WIP looks for inappropriate data sharing, warning employees if they do something deemed potentially unsafe. However, this management mode lets the employee override the policy and share the data, logging the action to your audit log, accessible through the [Reporting CSP](http://go.microsoft.com/fwlink/p/?LinkID=746459). |
 |Silent |WIP runs silently, logging inappropriate data sharing, without blocking anything that would’ve been prompted for employee interaction while in Override mode. Unallowed actions, like apps inappropriately trying to access a network resource or WIP-protected data, are still blocked.|
-|Off |WIP is turned off and doesn't help to protect or audit your data.<p>After you turn off WIP, an attempt is made to decrypt any closed WIP-tagged files on the locally attached drives. |
-<p>**Note**<br>For more info about setting your WIP-protection modes, see either [Create a Windows Information Protection (WIP) policy using Intune](create-wip-policy-using-intune.md) or [Create and deploy a Windows Information Protection (WIP) policy using Configuration Manager](create-wip-policy-using-sccm.md), depending on your management solution.
+|Off |WIP is turned off and doesn't help to protect or audit your data.<p>After you turn off WIP, an attempt is made to decrypt any closed WIP-tagged files on the locally attached drives.<p>**Note**<br>For more info about setting your WIP-protection modes, see either [Create a Windows Information Protection (WIP) policy using Intune](create-wip-policy-using-intune.md) or [Create and deploy a Windows Information Protection (WIP) policy using Configuration Manager](create-wip-policy-using-sccm.md), depending on your management solution. |
 
 ## Why use WIP?
 WIP gives you a new way to manage data policy enforcement for apps and documents, along with the ability to remove access to enterprise data from both enterprise and personal devices (after enrollment in an enterprise management solution, like Intune).
@@ -75,9 +126,13 @@ WIP gives you a new way to manage data policy enforcement for apps and documents
 
     -   **Helping prevent accidental data disclosure to removable media.** WIP helps prevent enterprise data from leaking when it's copied or transferred to removable media. For example, if an employee puts enterprise data on a Universal Serial Bus (USB) drive that also has personal data, the enterprise data remains encrypted while the personal data doesn’t.
 
--   **Remove access to enterprise data from enterprise-protected devices.** WIP gives admins the ability to revoke enterprise data from one or many MDM-enrolled devices, while leaving personal data alone. This is a benefit when an employee leaves your company, or in the case of a stolen device. After determining that the data access needs to be removed, you can use Microsoft Intune to unenroll the device so when it connects to the network, the user's encryption key for the device is revoked and the enterprise data becomes unreadable.<p>**Note**<br>System Center Configuration Manager also allows you to revoke enterprise data. However, it does it by performing a factory reset of the device.
+-   **Remove access to enterprise data from enterprise-protected devices.** WIP gives admins the ability to revoke enterprise data from one or many MDM-enrolled devices, while leaving personal data alone. This is a benefit when an employee leaves your company, or in the case of a stolen device. After determining that the data access needs to be removed, you can use Microsoft Intune to unenroll the device so when it connects to the network, the user's encryption key for the device is revoked and the enterprise data becomes unreadable.
+    > **Note**<br>System Center Configuration Manager also allows you to revoke enterprise data. However, it does it by performing a factory reset of the device.
+
+## Turn off WIP
+You can turn off all Windows Information Protection and restrictions, reverting to where you were pre-WIP, with no data loss. However, turning off WIP isn't recommended. If you choose to turn it off, you can always turn it back on, but WIP won't retain your decryption and policies info.
 
 ## Next steps
 After deciding to use WIP in your enterprise, you need to:
 
--   [Create a Windows Information Protection (WIP) policy](overview-create-wip-policy.md)
+-   [Create a Windows Information Protection (WIP) policy](overview-create-wip-policy.md)

windows/keep-secure/testing-scenarios-for-wip.md

@@ -1,6 +1,6 @@
 ---
 title: Testing scenarios for Windows Information Protection (WIP) (Windows 10)
-description: We've come up with a list of suggested testing scenarios that you can use to test Windows Information Protection (WIP) in your company.
+description: A list of suggested testing scenarios that you can use to test Windows Information Protection (WIP) in your company.
 ms.assetid: 53db29d2-d99d-4db6-b494-90e2b3962ca2
 keywords: WIP, Windows Information Protection, EDP, Enterprise Data Protection
 ms.prod: w10
@@ -22,16 +22,145 @@ We've come up with a list of suggested testing scenarios that you can use to tes
 ## Testing scenarios
 You can try any of the processes included in these scenarios, but you should focus on the ones that you might encounter in your organization.
 
-|Scenario |Processes |
-|---------|----------|
-|Automatically encrypt files from enterprise apps |<ol><li>Start an unmodified (for example, WIP-unaware) line-of-business app that's on your allowed apps list and then create, edit, write, and save files.</li><li>Make sure that all of the files you worked with from the WIP-unaware app are encrypted to your configured Enterprise Identity. In some cases, you might need to close the file and wait a few moments for it to be automatically encrypted.</li><li>Open File Explorer and make sure your modified files are appearing with a **Lock** icon.<p>**Note**<br>Some file types, like .exe and .dll, along with some file paths, like `%windir%` and `%programfiles%`, are excluded from automatic encryption.</li></ol> |
-|Block enterprise data from non-enterprise apps |<ol><li>Start an app that doesn't appear on your allowed apps list, and then try to open an enterprise-encrypted file.<p>The app shouldn't be able to access the file.</li><li>Try double-clicking or tapping on the enterprise-encrypted file.<p>If your default app association is an app not on your allowed apps list, you should get an **Access Denied** error message.</li></ol> |
-|Copy and paste from enterprise apps to non-enterprise apps |<ol><li>Copy (CTRL+C) content from an app on your allowed apps list, and then try to paste (CTRL+V) the content into an app that doesn't appear on your allowed apps list.<p>You should see a WIP-related warning box, asking you to click either **Got it** or **Cancel**.</li><li>Click **Cancel**.<p>The content isn't pasted into the non-enterprise app.</li><li>Repeat Step 1, but this time click **Got it**, and try to paste the content again.<p>The content is pasted into the non-enterprise app.</li><li>Try copying and pasting content between apps on your allowed apps list.<p>The content should copy and paste between apps without any warning messages.</li></ol> |
-|Drag and drop from enterprise apps to non-enterprise apps |<ol><li>Drag content from an app on your allowed apps list, and then try to drop the content into an app that doesn't appear on your allowed apps list.<p>You should see a WIP-related warning box, asking you to click either **Drag Anyway** or **Cancel**.</li><li>Click **Cancel**.<p>The content isn't dropped into the non-enterprise app.</li><li>Repeat Step 1, but this time click **Drag Anyway**, and try to drop the content again.<p>The content is dropped into the non-enterprise app.</li><li>Try dragging and dropping content between apps on your allowed apps list.<p>The content should move between the apps without any warning messages.</li></ol> |
-|Share between enterprise apps and non-enterprise apps |<ol><li>Open an app on your allowed apps list, like Microsoft Photos, and try to share content with an app that doesn't appear on your allowed apps list, like Facebook.<p>You should see a WIP-related warning box, asking you to click either **Share Anyway** or **Cancel**.</li><li>Click **Cancel**.<p>The content isn't shared into Facebook.</li><li>Repeat Step 1, but this time click **Share Anyway**, and try to share the content again.<p>The content is shared into Facebook.</li><li>Try sharing content between apps on your allowed apps list.<p>The content should share between the apps without any warning messages.</li></ol> | 
-|Use the **Encrypt to** functionality |<ol><li>Open File Explorer on the desktop, right-click a decrypted file, and then click **Encrypt to** from the **Encrypt to** menu.<p>WIP should encrypt the file to your Enterprise Identity.</li><li>Make sure that the newly encrypted file has a **Lock** icon.</li><li>In the **Encrypted to** column of File Explorer on the desktop, look for the enterprise ID value.</li><li>Right-click the encrypted file, and then click **Not encrypted** from the **Encrypt to** menu.<p>The file should be decrypted and the **Lock** icon should disappear.</li></ol> |
-|Verify that Windows system components can use WIP |<ol><li>Start Windows Journal and Internet Explorer 11, creating, editing, and saving files in both apps.</li><li>Make sure that all of the files you worked with are encrypted to your configured Enterprise Identity. In some cases, you might need to close the file and wait a few moments for it to be automatically encrypted.</li><li>Open File Explorer and make sure your modified files are appearing with a **Lock** icon</li><li>Try copying and pasting, dragging and dropping, and sharing using these apps with other apps that appear both on and off the allowed apps list.<p>**Note**<br>Most Windows-signed components like Windows Explorer (when running in the user’s context), should have access to enterprise data.<p>A few notable exceptions include some of the user-facing in-box apps, like Wordpad, Notepad, and Microsoft Paint. These apps don't have access by default, but can be added to your allowed apps list.</li></ol> |
-|Use WIP on FAT/exFAT systems |<ol><li>Start an app that uses the FAT or exFAT file system and appears on your allowed apps list.</li><li>Create, edit, write, save, and move files.<p>Basic file and folder operations like copy, move, rename, delete, and so on, should work properly on encrypted files.</li><li>Try copying and moving files or folders between apps that use NTFS, FAT and exFAT file systems.</li></ol> |
-|Use WIP on NTFS systems |<ol><li>Start an app that uses the NTFS file system and appears on your allowed apps list.</li><li>Create, edit, write, save, and move files.<p>Basic file and folder operations like copy, move, rename, delete, and so on, should work properly on encrypted files.</li><li>Try copying and moving files or folders between apps that use NTFS, FAT and exFAT file systems.</li></ol> |
-|Unenroll client devices from WIP |<ul><li>Unenroll a device from WIP by going to **Settings**, click **Accounts**, click **Work**, click the name of the device you want to unenroll, and then click **Remove**.<p>The device should be removed and all of the enterprise content for that managed account should be gone.<p>**Important**<br>Unenrolling a device revokes and erases all of the enterprise data for the managed account.</li></ul> |
-|Verify that app content is protected when a Windows 10 Mobile phone is locked |<ul><li>Check that protected app data doesn't appear on the **Lock** screen of a Windows 10 Mobile phone</li></ul> |
+<table>
+    <tr>
+        <th>Scenario</th>
+        <th>Processes</th>
+    </tr>
+    <tr>
+        <td>Encrypt and decrypt files using File Explorer.</td>
+        <td><strong>For desktop:</strong><p>
+            <ol>
+                <li>Open File Explorer, right-click a work document, and then click <strong>Work</strong> from the <strong>File Ownership</strong> menu.<br>Make sure the file is encrypted by right-clicking the file again, clicking <strong>Advanced</strong> from the <strong>General</strong> tab, and then clicking <strong>Details</strong> from the <strong>Compress or Encrypt attributes</strong> area. The file should show up under the heading, <strong>This enterprise domain can remove or revoke access:</strong> <em>&lt;your_enterprise_identity&gt;</em>. For example, contoso.com.</li>
+                <li>In File Explorer, right-click the same document, and then click <strong>Personal</strong> from the <strong>File Ownership</strong> menu.<br>Make sure the file is decrypted by right-clicking the file again, clicking <strong>Advanced</strong> from the <strong>General</strong> tab, and then verifying that the <strong>Details</strong> button is unavailable.</li>
+            </ol>
+            <strong>For mobile:</strong><p>
+            <ol>
+                <li>Open the File Explorer app, browse to a file location, click the elipsis (...), and then click <strong>Select</strong> to mark at least one file as work-related.</li>
+                <li>Click the elipsis (...) again, click <strong>File ownership</strong> from the drop down menu, and then click <strong>Work</strong>.<br>Make sure the file is encrypted, by locating the <strong>Briefcase</strong> icon next to the file name.</li>
+                <li>Select the same file, click <strong>File ownership</strong> from the drop down menu, and then click <strong>Personal</strong>.<br>Make sure the file is decrypted and that you're no longer seeing the <strong>Briefcase</strong> icon next to file name.</li>
+            </ol>
+        </td>
+    </tr>
+    <tr>
+        <td>Create work documents in enterprise-allowed apps.</td>
+        <td><strong>For desktop:</strong><p>
+            <ul>
+                <li>Start an unenlightened but allowed app, such as a line-of-business app, and then create a new document, saving your changes.<br>Make sure the document is encrypted to your Enterprise Identity. This might take a few minutes and require you to close and re-open the file.<p><strong>Important</strong><br>Certain file types like <code>.exe</code> and <code>.dll</code>, along with certain file paths, such as <code>%windir%</code> and <code>%programfiles%</code> are excluded from automatic encryption.<p>For more info about your Enterprise Identity and adding apps to your allowed apps list, see either [Create a Windows Information Protection (WIP) policy using Microsoft Intune](create-wip-policy-using-intune.md) or [Create a Windows Information Protection (WIP) policy using Microsoft System Center Configuration Manager](create-wip-policy-using-sccm.md), based on your deployment system.</li>
+            </ul>
+            <strong>For mobile:</strong><p>
+            <ol>
+                <li>Start an allowed mobile app, such as Word Mobile, create a new document, and then save your changes as <strong>Work</strong> to a local, work-related location.<br>Make sure the document is encrypted, by locating the <strong>Briefcase</strong> icon next to the file name.</li>
+                <li>Open the same document and attempt to save it to a non-work-related location.<br>WIP should stop you from saving the file to this location.</li>
+                <li>Open the same document one last time, make a change to the contents, and then save it again using the <strong>Personal</strong> option.<br>Make sure the file is decrypted and that you're no longer seeing the <strong>Briefcase</strong> icon next to file name.</li>
+            </ol>
+        </td>        
+    </tr>
+    <tr>
+        <td>Block enterprise data from non-enterprise apps.</td>
+        <td>
+            <ol>
+                <li>Start an app that doesn't appear on your allowed apps list, and then try to open a work-encrypted file.<br>The app shouldn't be able to access the file.</li>
+                <li>Try double-clicking or tapping on the work-encrypted file.<br>If your default app association is an app not on your allowed apps list, you should get an <strong>Access Denied</strong> error message.</li>
+            </ol>
+        </td>
+    </tr>
+    <tr>
+        <td>Copy and paste from enterprise apps to non-enterprise apps.</td>
+        <td>
+            <ol>
+                <li>Copy (CTRL+C) content from an app on your allowed apps list, and then try to paste (CTRL+V) the content into an app that doesn't appear on your allowed apps list.<br>You should see a WIP-related warning box, asking you to click either <strong>Change to personal</strong> or <strong>Keep at work</strong>.</li>
+                <li>Click <strong>Keep at work</strong>.<br>The content isn't pasted into the non-enterprise app.</li>
+                <li>Repeat Step 1, but this time click <strong>Change to personal</strong>, and try to paste the content again.<br>The content is pasted into the non-enterprise app.</li>
+                <li>Try copying and pasting content between apps on your allowed apps list.<br>The content should copy and paste between apps without any warning messages.</li>
+            </ol>
+        </td>
+    </tr>
+    <tr>
+        <td>Drag and drop from enterprise apps to non-enterprise apps.</td>
+        <td>
+            <ol>
+                <li>Drag content from an app on your allowed apps list, and then try to drop the content into an app that doesn't appear on your allowed apps list.<br>You should see a WIP-related warning box, asking you to click either <strong>Keep at work</strong> or <strong>Change to personal</strong>.</li>
+                <li>Click <strong>Keep at work</strong>.<br>The content isn't dropped into the non-enterprise app.</li>
+                <li>Repeat Step 1, but this time click <strong>Change to personal</strong>, and try to drop the content again.<br>The content is dropped into the non-enterprise app.</li>
+                <li>Try dragging and dropping content between apps on your allowed apps list.<br>The content should move between the apps without any warning messages.</li>
+            </ol>
+        </td>
+    </tr>
+    <tr>
+        <td>Share between enterprise apps and non-enterprise apps.</td>
+        <td>
+            <ol>
+                <li>Open an app on your allowed apps list, like Microsoft Photos, and try to share content with an app that doesn't appear on your allowed apps list, like Facebook.<br>You should see a WIP-related warning box, asking you to click either <strong>Keep at work</strong> or <strong>Change to personal</strong>.</li>
+                <li>Click <strong>Keep at work</strong>.<br>The content isn't shared into Facebook.</li>
+                <li>Repeat Step 1, but this time click <strong>Change to personal</strong>, and try to share the content again.<br>The content is shared into Facebook.</li>
+                <li>Try sharing content between apps on your allowed apps list.<br>The content should share between the apps without any warning messages.</li>
+            </ol>
+        </td>
+    </tr>
+    <tr>
+        <td>Verify that Windows system components can use WIP.</td>
+        <td>
+            <ol>
+                <li>Start Windows Journal and Internet Explorer 11, creating, editing, and saving files in both apps.<br>Make sure that all of the files you worked with are encrypted to your configured Enterprise Identity. In some cases, you might need to close the file and wait a few moments for it to be automatically encrypted.</li>
+                <li>Open File Explorer and make sure your modified files are appearing with a <strong>Lock</strong> icon.</li>
+                <li>Try copying and pasting, dragging and dropping, and sharing using these apps with other apps that appear both on and off the allowed apps list.<p><strong>Note</strong><br>Most Windows-signed components like File Explorer (when running in the user’s context), should have access to enterprise data.<p>A few notable exceptions include some of the user-facing in-box apps, like Wordpad, Notepad, and Microsoft Paint. These apps don't have access by default, but can be added to your allowed apps list.</li>
+            </ol>
+        </td>
+    </tr>
+    <tr>
+        <td>Use WIP on NTFS, FAT, and exFAT systems.</td>
+        <td>
+            <ol>
+                <li>Start an app that uses the FAT or exFAT file system (for example a SD card or USB flash drive), and appears on your allowed apps list.</li>
+                <li>Create, edit, write, save, copy, and move files.<br>Basic file and folder operations like copy, move, rename, delete, and so on, should work properly on encrypted files.</li>
+            </ol>
+        </td>
+    </tr>
+    <tr>
+        <td>Verify your shared files can use WIP.</td>
+        <td>
+            <ol>
+                <li>Download a file from a protected file share, making sure the file is encrypted by locating the <strong>Briefcase</strong> icon next to the file name.</li>
+                <li>Open the same file, make a change, save it and then try to upload it back to the file share. Again, this should work without any warnings.</li>
+                <li>Open an app that doesn't appear on your allowed apps list and attempt to access a file on the WIP-enabled file share.<br>The app shouldn't be able to access the file share.</li>
+            </ol>
+        </td>
+    </tr>
+    <tr>
+        <td>Verify your cloud resources can use WIP.</td>
+        <td>
+            <ol>
+                <li>Add both Internet Explorer 11 and Microsoft Edge to your allowed apps list.</li>
+                <li>Open SharePoint (or another cloud resource that's part of your policy) and access a WIP-enabled resource by using both IE11 and Microsoft Edge.<br>Both browsers should respect the enterprise and personal boundary.</li>
+                <li>Remove Internet Explorer 11 from your allowed app list and then try to access an intranet site or enterprise-related cloud resource.<br>IE11 shouldn't be able to access the sites.<p><strong>Note</strong><br>Any file downloaded from your work SharePoint site, or any other WIP-enabled cloud resource, is automatically marked as <strong>Work</strong>.</li>
+            </ol>
+        </td>
+    </tr>
+    <tr>
+        <td>Verify your Virtual Private Network (VPN) can be auto-triggered.</td>
+        <td>
+            <ol>
+                <li>Set up your VPN network to start based on the <strong>WIPModeID</strong> setting.<br>For specific info about how to do this, see the [Create and deploy a VPN policy for Windows Information Protection (WIP) using Microsoft Intune](create-wip-policy-using-intune.md) topic.</li>
+                <li>Start an app from your allowed apps list.<br>The VPN network should automatically start.</li>
+                <li>Disconnect from your network and then start an app that isn't on your allowed apps list.<br>The VPN shouldn't start and the app shouldn't be able to access your enterprise network.</li>
+            </ol>
+        </td>
+    </tr>
+    <tr>
+        <td>Unenroll client devices from WIP.</td>
+        <td>
+            <ul>
+                <li>Unenroll a device from WIP by going to <strong>Settings</strong>, click <strong>Accounts</strong>, click <strong>Work</strong>, click the name of the device you want to unenroll, and then click <strong>Remove</strong>.<br>The device should be removed and all of the enterprise content for that managed account should be gone.<p><strong>Important</strong><br>On desktop devices, the data isn't removed and can be recovered, so you must make sure they content is marked as <strong>Revoked</strong> and that access is denied for the employee. On mobile devices, the data is removed.</li>
+            </ul>
+        </td>
+    </tr>
+    <tr>
+        <td>Verify that app content is protected when a Windows 10 Mobile phone is locked.</td>
+        <td>
+            <ul>
+                <li>Check that protected app data doesn't appear on the Lock screen of a Windows 10 Mobile phone.</li>
+            </ul>
+        </td>
+    </tr>
+</table>    

windows/keep-secure/trusted-platform-module-services-group-policy-settings.md

@@ -22,16 +22,16 @@ The TPM Services Group Policy settings are located at:
 
 **Computer Configuration\\Administrative Templates\\System\\Trusted Platform Module Services\\**
 
-| Setting | Windows 10 | Windows Server 2012 R2, Windows 8.1 and Windows RT | Windows Server 2012, Windows 8 and Windows RT | Windows Server 2008 R2 and Windows 7 | Windows Server 2008 and Windows Vista |
+| Setting | Windows 10, version 1607 | Windows 10, version 1511 and Windows 10, version 1507 | Windows Server 2012 R2, Windows 8.1 and Windows RT | Windows Server 2012, Windows 8 and Windows RT | Windows Server 2008 R2 and Windows 7 | Windows Server 2008 and Windows Vista |
 | - | - | - | - | - | - |
-| [Turn on TPM backup to Active Directory Domain Services](#bkmk-tpmgp-addsbu) | X| X| X| X| X| 
-| [Configure the list of blocked TPM commands](#bkmk-tpmgp-clbtc)| X| X| X| X| X| 
-| [Ignore the default list of blocked TPM commands](#bkmk-tpmgp-idlb) | X| X| X| X| X| 
-| [Ignore the local list of blocked TPM commands](#bkmk-tpmgp-illb) | X| X| X| X| X| 
-| [Configure the level of TPM owner authorization information available to the operating system](#bkmk-tpmgp-oauthos)| X| X| X|||  
-| [Standard User Lockout Duration](#bkmk-tpmgp-suld)| X| X| X|||  
-| [Standard User Individual Lockout Threshold](#bkmk-tpmgp-suilt)| X| X| X|||  
-| [Standard User Total Lockout Threshold](#bkmk-tpmgpsutlt)| X| X| X||||
+| [Turn on TPM backup to Active Directory Domain Services](#bkmk-tpmgp-addsbu) | | X| X| X| X| X| 
+| [Configure the list of blocked TPM commands](#bkmk-tpmgp-clbtc)| X| X| X| X| X| X| 
+| [Ignore the default list of blocked TPM commands](#bkmk-tpmgp-idlb) | X| X| X| X| X| X| 
+| [Ignore the local list of blocked TPM commands](#bkmk-tpmgp-illb) | X| X| X| X| X| X| 
+| [Configure the level of TPM owner authorization information available to the operating system](#bkmk-tpmgp-oauthos)| | X| X| X|||  
+| [Standard User Lockout Duration](#bkmk-tpmgp-suld)| X| X| X| X|||  
+| [Standard User Individual Lockout Threshold](#bkmk-tpmgp-suilt)| X| X| X| X|||  
+| [Standard User Total Lockout Threshold](#bkmk-tpmgpsutlt)| X| X| X| X||||
  
 ### <a href="" id="bkmk-tpmgp-addsbu"></a>Turn on TPM backup to Active Directory Domain Services
 
@@ -41,9 +41,7 @@ This policy setting allows you to manage the Active Directory Domain Services (A
  
 TPM owner information includes a cryptographic hash of the TPM owner password. Certain TPM commands can be run only by the TPM owner. This hash authorizes the TPM to run these commands.
 
->**Important:**  To back up TPM owner information from a computer running Windows 10, Windows 8.1, or Windows 8, you might need to first set up appropriate schema extensions and access control settings on the domain so that the AD DS backup can succeed. Windows Server 2012 R2 and Windows Server 2012 include the required schema extensions by default. For more information, see [AD DS schema extensions to support TPM backup](ad-ds-schema-extensions-to-support-tpm-backup.md).
- 
-The TPM cannot be used to provide enhanced security features for BitLocker Drive Encryption and other applications without first setting an owner. To take ownership of the TPM with an owner password, on a local computer at the command prompt, type **tpm.msc** to open the TPM Management Console and select the action to **Initialize TPM**. If the TPM owner information is lost or is not available, limited TPM management is possible by running **tpm.msc**.
+>**Important:**  To back up TPM owner information from a computer running Windows 10, Windows 8.1, or Windows 8, you might need to first set up appropriate schema extensions and access control settings on the domain so that the AD DS backup can succeed. Windows Server 2012 R2 and Windows Server 2012 include the required schema extensions by default. For more information, see [AD DS schema extensions to support TPM backup](ad-ds-schema-extensions-to-support-tpm-backup.md). This functionality is discontinued starting with Windows 10, version 1607.
 
 If you enable this policy setting, TPM owner information will be automatically and silently backed up to AD DS when you use Windows to set or change a TPM owner password. When this policy setting is enabled, a TPM owner password cannot be set or changed unless the computer is connected to the domain and the AD DS backup succeeds.
 
@@ -99,10 +97,10 @@ This policy setting configures how much of the TPM owner authorization informati
 There are three TPM owner authentication settings that are managed by the Windows operating system. You can choose a value of **Full**, **Delegate**, or **None**.
 
 -   **Full**   This setting stores the full TPM owner authorization, the TPM administrative delegation blob, and the TPM user delegation blob in the local registry. With this setting, you can use the TPM without requiring remote or external storage of the TPM owner authorization value. This setting is appropriate for scenarios that do not require you to reset the TPM anti-hammering logic or change the TPM owner authorization value. Some TPM-based applications may require that this setting is changed before features that depend on the TPM anti-hammering logic can be used.
--   **Delegated**   This setting stores only the TPM administrative delegation blob and the TPM user delegation blob in the local registry. This setting is appropriate for use with TPM-based applications that depend on the TPM antihammering logic. When you use this setting, we recommend using external or remote storage for the full TPM owner authorization value—for example, backing up the value in Active Directory Domain Services (AD DS).
+-   **Delegated**   This setting stores only the TPM administrative delegation blob and the TPM user delegation blob in the local registry. This setting is appropriate for use with TPM-based applications that depend on the TPM antihammering logic. This is the default setting in Windows.
 -   **None**   This setting provides compatibility with previous operating systems and applications. You can also use it for scenarios when TPM owner authorization cannot be stored locally. Using this setting might cause issues with some TPM-based applications.
 
->**Note:**  If the operating system managed TPM authentication setting is changed from **Full** to **Delegated**, the full TPM owner authorization value will be regenerated, and any copies of the previously set TPM owner authorization value will be invalid. If you are backing up the TPM owner authorization value to AD DS, the new owner authorization value is automatically backed up to AD DS when it is changed.
+>**Note:**  If the operating system managed TPM authentication setting is changed from **Full** to **Delegated**, the full TPM owner authorization value will be regenerated, and any copies of the previously set TPM owner authorization value will be invalid.
  
 **Registry information**
 
@@ -132,8 +130,6 @@ authorization to the TPM.
  
 The TPM is designed to protect itself against password guessing attacks by entering a hardware lockout mode when it receives too many commands with an incorrect authorization value. When the TPM enters a lockout mode, it is global for all users (including administrators) and for Windows features such as BitLocker Drive Encryption.
 
-The number of authorization failures that a TPM allows and how long it stays locked vary by TPM manufacturer. Some TPMs may enter lockout mode for successively longer periods of time, with fewer authorization failures, depending on past failures. Some TPMs may require a system restart to exit the lockout mode. Other TPMs may require that the system is on so enough clock cycles elapse before the TPM exits the lockout mode.
-
 This setting helps administrators prevent the TPM hardware from entering a lockout mode by slowing the speed at which standard users can send commands that require authorization to the TPM.
 
 For each standard user, two thresholds apply. Exceeding either threshold prevents the user from sending a command that requires authorization to the TPM. Use the following policy settings to set the lockout duration:
@@ -176,8 +172,6 @@ For each standard user two thresholds apply. Exceeding either threshold will pre
 The TPM is designed to protect itself against password guessing attacks by entering a hardware lockout mode when it receives too many commands with an incorrect authorization value. When the TPM enters a lockout mode, it is global for all users (including administrators) and for Windows features 
 such as BitLocker Drive Encryption..
 
-The number of authorization failures a TPM allows and how long it stays locked out vary by TPM manufacturer. Some TPMs may enter lockout mode for successively longer periods of time with fewer authorization failures depending on past failures. Some TPMs may require a system restart to exit the lockout mode. Other TPMs may require the system to be on so enough clock cycles elapse before the TPM exits the lockout mode.
-
 An administrator with the TPM owner password can fully reset the TPM's hardware lockout logic by using the TPM Management Console (tpm.msc). Each time an administrator resets the TPM's hardware lockout logic, all prior standard user TPM authorization failures are ignored. This allows standard users to immediately use the TPM normally.
 
 If you do not configure this policy setting, a default value of 9 is used. A value of zero means that the operating system will not allow standard users to send commands to the TPM, which might cause an authorization failure.

windows/keep-secure/windows-10-mobile-security-guide.md

@@ -14,8 +14,6 @@ author: AMeeus
 
 *Applies to Windows 10 Mobile, version 1511 and Windows Mobile, version 1607*
 
-<span style="color:#ED1C24;">[Some information relates to pre-released product, which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]</span>
-
 >This guide provides a detailed description of the most important security features in the Windows 10 Mobile operating system—identity access and control, data protection, malware resistance, and app platform security.
 
 Smartphones now serve as a primary productivity tool for business workers and, just like desktops or laptops, need to be secured against malware and data theft. Protecting these devices can be challenging due to the wide range of device operating systems and configurations and the fact that many employees use their own personal devices. IT needs to secure corporate assets on every device, but also ensure the privacy of the user’s personal apps and data. 

windows/keep-secure/windows-defender-advanced-threat-protection.md

@@ -15,7 +15,7 @@ localizationpriority: high
 
 **Applies to:**
 
-- Windows 10 Enterprise
+- Windows 10 Enterprise, let's change back
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education

windows/keep-secure/wip-enterprise-overview.md

@@ -1,78 +1,5 @@
 ---
 title: Windows Information Protection overview (Windows 10)
 description: Conceptual info about Windows Information Protection (WIP), formerly known as Windows Information Protection (WIP).
-ms.prod: w10
-ms.mktglfcycl: explore
-ms.sitesec: library
-ms.pagetype: security
-localizationpriority: high
+redirect_url:  https://technet.microsoft.com/itpro/windows/keep-secure/protect-enterprise-data-using-wip
 ---
-
-# Windows Information Protection (WIP) overview
-
-**Applies to:**
-
--   Windows 10
--   Windows 10 Mobile
-
-With the increase of employee-owned devices in the enterprise, there’s also an increasing risk of accidental data leak through apps and services, like email, social media, and the public cloud, which are outside of the enterprise’s control. For example, when an employee sends the latest engineering pictures from their personal email account, copies and pastes product info into a tweet, or saves an in-progress sales report to their public cloud storage.
-
-Windows Information Protection (WIP), formerly known as enterprise data protection (EDP), helps to protect against this potential data leakage without otherwise interfering with the employee experience. WIP also helps to protect enterprise apps and data against accidental data leak on enterprise-owned devices and personal devices that employees bring to work without requiring changes to your environment or other apps.
-
-
-## Benefits of WIP
-
-WIP provides:
-- Obvious separation between personal and corporate data, without requiring employees to switch environments or apps.
-
-- Additional data protection for existing line-of-business apps without a need to update the apps.
-
-- Ability to wipe corporate data from devices while leaving personal data alone.
-
-- Use of audit reports for tracking issues and remedial actions.
-
-- Integration with your existing management system (Microsoft Intune, System Center Configuration Manager 2016, or your current mobile device management (MDM) system) to configure, deploy, and manage WIP for your company.
-
-## Enterprise scenarios
-WIP currently addresses these enterprise scenarios:
-- You can encrypt enterprise data on employee-owned and corporate-owned devices.
-
-- You can remotely wipe enterprise data off managed computers, including employee-owned computers, without affecting the personal data.
-
-- You can select specific apps that can access enterprise data, called "allowed apps" that are clearly recognizable to employees. You can also block non-protected apps from accessing enterprise data.
-
-- Your employees won't have their work otherwise interrupted while switching between personal and enterprise apps while the enterprise policies are in place. Switching environments or signing in multiple times isn’t required.
-
-## Why use WIP?
-WIP gives you a new way to manage data policy enforcement for apps and documents, along with the ability to remove access to enterprise data from both enterprise and personal devices (after enrollment in an enterprise management solution, like Intune).
-
-- **Change the way you think about data policy enforcement.** As an enterprise admin, you need to maintain compliance in your data policy and data access. WIP helps make sure that your enterprise data is protected on both corporate and employee-owned devices, even when the employee isn’t using the device. When employees create content on an enterprise-protected device, they can choose to save it as a work document. If it's a work document, it becomes locally-maintained as enterprise data.
-
-- **Manage your enterprise documents, apps, and encryption modes.**
-
-    - **Copying or downloading enterprise data.** When an employee or an app downloads content from a location like SharePoint, a network share, or an enterprise web location, while using an WIP-protected device, WIP encrypts the data on the device.
-
-    - **Using allowed apps.** Managed apps (apps that you've included on the allowed apps list in your WIP policy) are allowed to access your enterprise data and will interact differently when used with unallowed, non-enterprise aware, or personal-only apps. For example, if WIP management is set to **Block**, your employees can copy and paste from one protected app to another protected app, but not to personal apps. Imagine an HR person wants to copy a job description from a protected app to the internal career website, an enterprise-protected location, but goofs and tries to paste into a personal app instead. The paste action fails and a notification pops up, saying that the app couldn’t paste because of a policy restriction. The HR person then correctly pastes to the career website without a problem.
-
-    - **Managed apps and restrictions.** With WIP you can control which apps can access and use your enterprise data. After adding an app to your protected apps list, the app is trusted with enterprise data. All apps not on this list are blocked from accessing your enterprise data, depending on your WIP management-mode.
-    
-    You don’t have to modify line-of-business apps that never touch personal data to list them as protected apps; just include them in your protected apps list.
-
-    - **Deciding your level of data access.** WIP lets you block, allow overrides, or audit employees' data sharing actions. Blocking the action stops it immediately. Allowing overrides let the employee know there's a risk, but lets him or her continue to share the data while recording and auditing the action. Silent just logs the action without blocking anything that the employee could've overridden while using that setting; collecting info that can help you to see patterns of inappropriate sharing so you can take educative action or find apps that should be added to your protected apps list.
-
-    - **Data encryption at rest.** WIP helps protect enterprise data on local files and on removable media.
-    
-    Apps such as Microsoft Word work with WIP to help continue your data protection across local files and removable media. These apps are being referred to as, enterprise aware. For example, if an employee opens WIP-encrypted content from Word, edits the content, and then tries to save the edited version with a different name, Word automatically applies WIP to the new document.
-
-    - **Helping prevent accidental data disclosure to public spaces.** WIP helps protect your enterprise data from being accidentally shared to public spaces, such as public cloud storage. For example, if Dropbox™ isn’t on your protected apps list, employees won’t be able to sync encrypted files to their personal cloud storage. Instead, if the employee stores the content to an app on your protected apps list, like Microsoft OneDrive for Business, the encrypted files can sync freely to the business cloud, while maintaining the encryption locally.
-
-    - **Helping prevent accidental data disclosure to removable media.** WIP helps prevent enterprise data from leaking when it's copied or transferred to removable media. For example, if an employee puts enterprise data on a Universal Serial Bus (USB) drive that also has personal data, the enterprise data remains encrypted while the personal data doesn’t.
-
-    - **Remove access to enterprise data from enterprise-protected devices.** WIP gives admins the ability to revoke enterprise data from one or many MDM-enrolled devices, while leaving personal data alone. This is a benefit when an employee leaves your company, or in the case of a stolen device. After determining that the data access needs to be removed, you can unenroll the device so when it connects to the network, the user's encryption key for the device is revoked and the enterprise data becomes unreadable.
-
-## Turn off WIP
-
-You can turn off all Windows Information Protection and restrictions, reverting to where you were pre-WIP, with no data loss. However, turning off WIP isn't recommended. If you choose to turn it off, you can always turn it back on, but WIP won't retain your decryption and policies info.
-
-## Related topics
-- [Protect your enterprise data using Windows Information Protection (WIP)](protect-enterprise-data-using-edp.md)

windows/manage/TOC.md

@@ -110,18 +110,18 @@
 ##### [How to Convert a Package Created in a Previous Version of App-V](appv-convert-a-package-created-in-a-previous-version-of-appv.md)
 #### [Maintaining App-V](appv-maintaining-appv.md)
 ##### [How to Move the App-V Server to Another Computer](appv-move-the-appv-server-to-another-computer.md)
-#### [Administering App-V by Using PowerShell](appv-administering-appv-with-powershell.md)
-##### [How to Load the PowerShell Cmdlets and Get Cmdlet Help ](appv-load-the-powershell-cmdlets-and-get-cmdlet-help.md)
-##### [How to Manage App-V Packages Running on a Stand-Alone Computer by Using PowerShell](appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md)
-##### [How to Manage Connection Groups on a Stand-alone Computer by Using PowerShell](appv-manage-connection-groups-on-a-stand-alone-computer-with-powershell.md)
-##### [How to Modify Client Configuration by Using PowerShell](appv-modify-client-configuration-with-powershell.md)
+#### [Administering App-V by Using Windows PowerShell](appv-administering-appv-with-powershell.md)
+##### [How to Load the Windows PowerShell Cmdlets for App-V and Get Cmdlet Help ](appv-load-the-powershell-cmdlets-and-get-cmdlet-help.md)
+##### [How to Manage App-V Packages Running on a Stand-Alone Computer by Using Windows PowerShell](appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md)
+##### [How to Manage Connection Groups on a Stand-alone Computer by Using Windows PowerShell](appv-manage-connection-groups-on-a-stand-alone-computer-with-powershell.md)
+##### [How to Modify Client Configuration by Using Windows PowerShell](appv-modify-client-configuration-with-powershell.md)
 ##### [How to Configure the Client to Receive Package and Connection Groups Updates From the Publishing Server](appv-configure-the-client-to-receive-updates-from-the-publishing-server.md)
-##### [How to Apply the User Configuration File by Using PowerShell](appv-apply-the-user-configuration-file-with-powershell.md)
-##### [How to Apply the Deployment Configuration File by Using PowerShell](appv-apply-the-deployment-configuration-file-with-powershell.md)
-##### [How to Sequence a Package  by Using PowerShell ](appv-sequence-a-package-with-powershell.md)
-##### [How to Create a Package Accelerator by Using PowerShell](appv-create-a-package-accelerator-with-powershell.md)
-##### [How to Enable Reporting on the App-V Client by Using PowerShell](appv-enable-reporting-on-the-appv-client-with-powershell.md)
-##### [How to Install the App-V Databases and Convert the Associated Security Identifiers  by Using PowerShell](appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md)
+##### [How to Apply the User Configuration File by Using Windows PowerShell](appv-apply-the-user-configuration-file-with-powershell.md)
+##### [How to Apply the Deployment Configuration File by Using Windows PowerShell](appv-apply-the-deployment-configuration-file-with-powershell.md)
+##### [How to Sequence a Package  by Using Windows PowerShell ](appv-sequence-a-package-with-powershell.md)
+##### [How to Create a Package Accelerator by Using Windows PowerShell](appv-create-a-package-accelerator-with-powershell.md)
+##### [How to Enable Reporting on the App-V Client by Using Windows PowerShell](appv-enable-reporting-on-the-appv-client-with-powershell.md)
+##### [How to Install the App-V Databases and Convert the Associated Security Identifiers  by Using Windows PowerShell](appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md)
 ### [Troubleshooting App-V](appv-troubleshooting.md)
 ### [Technical Reference for App-V](appv-technical-reference.md)
 #### [Performance Guidance for Application Virtualization](appv-performance-guidance.md)
@@ -154,7 +154,6 @@
 #### [Sync Trigger Events for UE-V](uev-sync-trigger-events.md)
 #### [Synchronizing Microsoft Office with UE-V](uev-synchronizing-microsoft-office-with-uev.md)
 #### [Application Template Schema Reference for UE-V](uev-application-template-schema-reference.md)
-#### [Accessibility for UE-V](uev-accessibility.md)
 #### [Security Considerations for UE-V](uev-security-considerations.md)
 ## [Windows Store for Business](windows-store-for-business.md)
 ### [Sign up and get started](sign-up-windows-store-for-business-overview.md)

windows/manage/appv-about-appv.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # What's new in App-V
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Microsoft Application Virtualization (App-V) enables organizations to deliver Win32 applications to users as virtual applications. Virtual applications are installed on centrally managed servers and delivered to users as a service – in real time and on as as-needed basis. Users launch virtual applications from familiar access points and interact with them as if they were installed locally. 
 
@@ -28,7 +29,7 @@ The changes in App-V for Windows 10, version 1607 impact already existing implem
 
 -   The App-V client is installed on user devices automatically with Windows 10, version 1607, and no longer has to be deployed separately. Performing an in-place upgrade to Windows 10, version 1607, on user devices automatically installs the App-V client.
 
--   The App-V application sequencer is available from the [Windows 10 Assessment and Deployment Kit (ADK)](http://go.microsoft.com/fwlink/p/?LinkId=526740). In previous releases of App-V, the application sequencer was included in the Microsoft Desktop Optimization Pack. Although you’ll need to use the new application sequencer to create new virtualized applications, existing virtualized applications will continue to work. 
+-   The App-V application sequencer is available from the [Windows 10 Assessment and Deployment Kit (ADK)](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit). In previous releases of App-V, the application sequencer was included in the Microsoft Desktop Optimization Pack. Although you’ll need to use the new application sequencer to create new virtualized applications, existing virtualized applications will continue to work. 
 
 >**Note**<br>If you're already using App-V 5.x, you don't need to re-deploy the App-V server components as they haven't changed since App-V 5.0 was released. 
 
@@ -45,19 +46,9 @@ App-V supports System Center 2016 and System Center 2012 R2 Configuration Manage
 
 ## Have a suggestion for App-V?
 
-
-Add or vote on suggestions at [Microsoft Application Virtualization](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
 
 [Release Notes for App-V](appv-release-notes-for-appv-for-windows.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-add-or-remove-an-administrator-with-the-management-console.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # How to Add or Remove an Administrator by Using the Management Console
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Use the following procedures to add or remove an administrator on the Microsoft Application Virtualization (App-V) server.
 
@@ -29,18 +30,10 @@ Use the following procedures to add or remove an administrator on the Microsoft
 
 2.  Right-click the account to be removed from the list of administrators and select **Remove**.
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+## Have a suggestion for App-V?
+
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Operations for App-V](appv-operations.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-add-or-upgrade-packages-with-the-management-console.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # How to Add or Upgrade Packages by Using the Management Console
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 You can the following procedure to add or upgrade a package to the App-V Management Console. To upgrade a package that already exists in the Management Console, use the following steps and import the upgraded package using the same package **Name**.
 
@@ -38,18 +39,10 @@ You can the following procedure to add or upgrade a package to the App-V Managem
 
 5.  Click **Close** to close the **Add or Upgrade Packages** page.
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+## Have a suggestion for App-V?
+
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Operations for App-V](appv-operations.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-administering-appv-with-powershell.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # Administering App-V by Using Windows PowerShell
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Microsoft Application Virtualization (App-V) provides Windows PowerShell cmdlets, which can help administrators perform various App-V tasks. The following sections provide more information about using Windows PowerShell with App-V.
 
@@ -33,15 +34,15 @@ Use the following Windows PowerShell procedures to perform various App-V tasks.
 </thead>
 <tbody>
 <tr class="odd">
-<td align="left"><p>[How to Load the PowerShell Cmdlets and Get Cmdlet Help](appv-load-the-powershell-cmdlets-and-get-cmdlet-help.md)</p></td>
+<td align="left"><p>[How to Load the Windows PowerShell Cmdlets for App-V and Get Cmdlet Help](appv-load-the-powershell-cmdlets-and-get-cmdlet-help.md)</p></td>
 <td align="left"><p>Describes how to install the Windows PowerShell cmdlets and find cmdlet help and examples.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p>[How to Manage App-V Packages Running on a Stand-Alone Computer by Using PowerShell](appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md)</p></td>
+<td align="left"><p>[How to Manage App-V Packages Running on a Stand-Alone Computer by Using Windows PowerShell](appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md)</p></td>
 <td align="left"><p>Describes how to manage the client package lifecycle on a stand-alone computer by using Windows PowerShell.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p>[How to Manage Connection Groups on a Stand-alone Computer by Using PowerShell](appv-manage-connection-groups-on-a-stand-alone-computer-with-powershell.md)</p></td>
+<td align="left"><p>[How to Manage Connection Groups on a Stand-alone Computer by Using Windows PowerShell](appv-manage-connection-groups-on-a-stand-alone-computer-with-powershell.md)</p></td>
 <td align="left"><p>Describes how to manage connection groups by using Windows PowerShell.</p></td>
 </tr>
 <tr class="even">
@@ -49,27 +50,27 @@ Use the following Windows PowerShell procedures to perform various App-V tasks.
 <td align="left"><p>Describes how to modify the client by using Windows PowerShell.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p>[How to Apply the User Configuration File by Using PowerShell](appv-apply-the-user-configuration-file-with-powershell.md)</p></td>
+<td align="left"><p>[How to Apply the User Configuration File by Using Windows PowerShell](appv-apply-the-user-configuration-file-with-powershell.md)</p></td>
 <td align="left"><p>Describes how to apply a user configuration file by using Windows PowerShell.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p>[How to Apply the Deployment Configuration File by Using PowerShell](appv-apply-the-deployment-configuration-file-with-powershell.md)</p></td>
+<td align="left"><p>[How to Apply the Deployment Configuration File by Using Windows PowerShell](appv-apply-the-deployment-configuration-file-with-powershell.md)</p></td>
 <td align="left"><p>Describes how to apply a deployment configuration file by using Windows PowerShell.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p>[How to Sequence a Package by Using PowerShell](appv-sequence-a-package-with-powershell.md)</p></td>
+<td align="left"><p>[How to Sequence a Package by Using Windows PowerShell](appv-sequence-a-package-with-powershell.md)</p></td>
 <td align="left"><p>Describes how to create a new package by using Windows PowerShell.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p>[How to Create a Package Accelerator by Using PowerShell](appv-create-a-package-accelerator-with-powershell.md)</p></td>
+<td align="left"><p>[How to Create a Package Accelerator by Using Windows PowerShell](appv-create-a-package-accelerator-with-powershell.md)</p></td>
 <td align="left"><p>Describes how to create a package accelerator by using Windows PowerShell. You can use package accelerators automatically sequence large, complex applications.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p>[How to Enable Reporting on the App-V Client by Using PowerShell](appv-enable-reporting-on-the-appv-client-with-powershell.md)</p></td>
+<td align="left"><p>[How to Enable Reporting on the App-V Client by Using Windows PowerShell](appv-enable-reporting-on-the-appv-client-with-powershell.md)</p></td>
 <td align="left"><p>Describes how to enable the computer running the App-V to send reporting information.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p>[How to Install the App-V Databases and Convert the Associated Security Identifiers by Using PowerShell](appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md)</p></td>
+<td align="left"><p>[How to Install the App-V Databases and Convert the Associated Security Identifiers by Using Windows PowerShell](appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md)</p></td>
 <td align="left"><p>Describes how to take an array of account names and to convert each of them to the corresponding SID in standard and hexadecimal formats.</p></td>
 </tr>
 <tr class="odd">
@@ -90,7 +91,7 @@ Make sure that any script you execute with your App-V packages matches the execu
 ## Windows PowerShell Error Handling
 
 
-Use the following table for information about App-V PowerShell error handling.
+Use the following table for information about Windows PowerShell error handling for App-V.
 
 <table>
 <colgroup>
@@ -116,8 +117,8 @@ Use the following table for information about App-V PowerShell error handling.
 </tr>
 <tr class="even">
 <td align="left"><p>Package name contains <strong>$</strong></p></td>
-<td align="left"><p>If a package name contains the character ( <strong>$</strong> ), you must use a single-quote ( <strong>‘</strong> ), for example,</p>
-<p><strong>Add-AppvClientPackage ‘Contoso$App.appv’</strong></p></td>
+<td align="left"><p>If a package name contains the character ( <strong>$</strong> ), you must use a single-quote ( <strong>'</strong> ), for example,</p>
+<p><strong>Add-AppvClientPackage 'Contoso$App.appv'</strong></p></td>
 </tr>
 </tbody>
 </table>
@@ -127,7 +128,7 @@ Use the following table for information about App-V PowerShell error handling.
 ## Have a suggestion for App-V?
 
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-administering-virtual-applications-with-the-management-console.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # Administering App-V Virtual Applications by Using the Management Console
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Use the Microsoft Application Virtualization (App-V) management server to manage packages, connection groups, and package access in your environment. The server publishes application icons, shortcuts, and file type associations to authorized computers that run the App-V client. One or more management servers typically share a common data store for configuration and package information.
 
@@ -95,7 +96,7 @@ JavaScript must be enabled on the browser that opens the Web Management Console.
 ## Have a suggestion for App-V?
 
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## <a href="" id="other-resources-for-this-app-v-5-1-deployment-"></a>Other resources for this App-V deployment
 

windows/manage/appv-allow-administrators-to-enable-connection-groups.md

@@ -11,21 +11,20 @@ ms.prod: w10
 
 # How to Allow Only Administrators to Enable Connection Groups
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 You can configure the App-V client so that only administrators (not end users) can enable or disable connection groups. In earlier versions of App-V, you could not prevent end users from performing these tasks.
 
-**Note**  
-**This feature is supported starting in App-V 5.0 SP3.**
-
- 
+**Note**<br>
+This feature is supported starting in App-V 5.0 SP3.
 
 Use one of the following methods to allow only administrators to enable or disable connection groups.
 
 <table>
 <colgroup>
-<col width="50%" />
-<col width="50%" />
+<col width="30%" />
+<col width="70%" />
 </colgroup>
 <thead>
 <tr class="header">
@@ -40,32 +39,22 @@ Use one of the following methods to allow only administrators to enable or disab
 <p><strong>Computer Configuration &gt; Administrative Templates &gt; System &gt; App-V &gt; Publishing</strong></p></td>
 </tr>
 <tr class="even">
-<td align="left"><p>PowerShell cmdlet</p></td>
-<td align="left"><p>Run the <strong>Set-AppvClientConfiguration</strong> cmdlet with the <strong>–RequirePublishAsAdmin</strong> parameter.</p>
+<td align="left"><p>Windows PowerShell cmdlet</p></td>
+<td align="left"><p>Run the <strong>Set-AppvClientConfiguration</strong> cmdlet with the <strong>-RequirePublishAsAdmin</strong> parameter.</p>
 <p>Parameter values:</p>
 <ul>
 <li><p>0 - False</p></li>
 <li><p>1 - True</p></li>
 </ul>
-<p><strong>Example:</strong>: Set-AppvClientConfiguration –RequirePublishAsAdmin1</p></td>
+<p>Example: <strong>Set-AppvClientConfiguration -RequirePublishAsAdmin 1</strong></p></td>
 </tr>
 </tbody>
 </table>
 
- 
+## Have a suggestion for App-V?
 
-**Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Managing Connection Groups](appv-managing-connection-groups.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-application-publishing-and-client-interaction.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # Application Publishing and Client Interaction
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 This article provides technical information about common App-V client operations and their integration with the local operating system.
 
@@ -66,9 +67,7 @@ The Sequencer creates App-V packages and produces a virtualized application. The
 </tbody>
 </table>
 
- 
-
-For information about sequencing, see [How to Sequence a New Application with App-V](https://technet.microsoft.com/itpro/windows/manage/appv-sequence-a-new-application).
+For information about sequencing, see [How to Sequence a New Application with App-V](appv-sequence-a-new-application.md).
 
 ## What’s in the appv file?
 
@@ -233,7 +232,7 @@ The Package Store contains a pristine copy of the package files that have been s
 
 ### COW roaming
 
-The COW Roaming location described above stores changes to files and directories that are targeted to the typical %AppData% location or \\Users\\*<username>*\\AppData\\Roaming location. These directories and files are then roamed based on the operating system settings.
+The COW Roaming location described above stores changes to files and directories that are targeted to the typical %AppData% location or \\Users\\*&lt;username&gt;*\\AppData\\Roaming location. These directories and files are then roamed based on the operating system settings.
 
 ### COW local
 
@@ -384,7 +383,7 @@ App-V Packages are staged upon addition to the computer with the App-V Client. T
 
 ### Mounting packages
 
-Packages can be explicitly loaded using the PowerShell `Mount-AppVClientPackage` or by using the **App-V Client UI** to download a package. This operation completely loads the entire package into the package store.
+Packages can be explicitly loaded using the Windows PowerShell `Mount-AppVClientPackage` or by using the **App-V Client UI** to download a package. This operation completely loads the entire package into the package store.
 
 ### Streaming packages
 
@@ -442,7 +441,7 @@ These settings affect the behavior of streaming App-V package assets to the clie
 
 ### Background streaming
 
-The PowerShell cmdlet `Get-AppvClientConfiguration` can be used to determine the current mode for background streaming with the AutoLoad setting and modified with the cmdlet Set-AppvClientConfiguration or from the registry (HKLM\\SOFTWARE\\Microsoft\\AppV\\ClientStreaming key). Background streaming is a default setting where the Autoload setting is set to download previously used packages. The behavior based on default setting (value=1) downloads App-V data blocks in the background after the application has been launched. This setting can be disabled all together (value=0) or enabled for all packages (value=2), whether they have been launched.
+The Windows PowerShell cmdlet `Get-AppvClientConfiguration` can be used to determine the current mode for background streaming with the AutoLoad setting and modified with the cmdlet Set-AppvClientConfiguration or from the registry (HKLM\\SOFTWARE\\Microsoft\\AppV\\ClientStreaming key). Background streaming is a default setting where the Autoload setting is set to download previously used packages. The behavior based on default setting (value=1) downloads App-V data blocks in the background after the application has been launched. This setting can be disabled all together (value=0) or enabled for all packages (value=2), whether they have been launched.
 
 ### Optimized streaming
 
@@ -458,7 +457,7 @@ App-V Packages require updating throughout the lifecycle of the application. App
 
 ### Package removal
 
-The behavior of the App-V Client when packages are removed depends on the method used for removal. Using an App-V full infrastructure to unpublish the application, the user catalog files (machine catalog for globally published applications) are removed, but retains the package store location and COW locations. When the PowerShell cmdlet `Remove-AppVClientPackge` is used to remove an App-V Package, the package store location is cleaned. Remember that unpublishing an App-V Package from the Management Server does not perform a Remove operation. Neither operation will remove the Package Store package files.
+The behavior of the App-V Client when packages are removed depends on the method used for removal. Using an App-V full infrastructure to unpublish the application, the user catalog files (machine catalog for globally published applications) are removed, but retains the package store location and COW locations. When the Windows PowerShell cmdlet `Remove-AppVClientPackge` is used to remove an App-V Package, the package store location is cleaned. Remember that unpublishing an App-V Package from the Management Server does not perform a Remove operation. Neither operation will remove the Package Store package files.
 
 ## <a href="" id="bkmk-roaming-reg-data"></a>Roaming registry and data
 
@@ -599,11 +598,11 @@ This process will re-create both the local and network locations for AppData and
 ## App-V client application lifecycle management
 
 
-In an App-V Full Infrastructure, after applications are sequenced they are managed and published to users or computers via the App-V Management and Publishing servers. This section details the operations that occur during the common App-V application lifecycle operations (Add, publishing, launch, upgrade, and removal) and the file and registry locations that are changed and modified from the App-V Client perspective. The App-V Client operations are performed as a series of PowerShell commands initiated on the computer running the App-V Client.
+In an App-V Full Infrastructure, after applications are sequenced they are managed and published to users or computers via the App-V Management and Publishing servers. This section details the operations that occur during the common App-V application lifecycle operations (Add, publishing, launch, upgrade, and removal) and the file and registry locations that are changed and modified from the App-V Client perspective. The App-V Client operations are performed as a series of Windows PowerShell commands initiated on the computer running the App-V Client.
 
 This document focuses on App-V Full Infrastructure solutions. For specific information on App-V Integration with Configuration Manager 2012, see [Integrating Virtual Application Management with App-V 5 and Configuration Manager 2012 SP1](https://www.microsoft.com/en-us/download/details.aspx?id=38177).
 
-The App-V application lifecycle tasks are triggered at user login (default), machine startup, or as background timed operations. The settings for the App-V Client operations, including Publishing Servers, refresh intervals, package script enablement, and others, are configured during setup of the client or post-setup with PowerShell commands. See [Enable the App-V desktop client](appv-enable-the-app-v-desktop-client.md) or use Windows PowerShell:
+The App-V application lifecycle tasks are triggered at user login (default), machine startup, or as background timed operations. The settings for the App-V Client operations, including Publishing Servers, refresh intervals, package script enablement, and others, are configured during setup of the client or post-setup with Windows PowerShell commands. See [Enable the App-V desktop client](appv-enable-the-app-v-desktop-client.md) or use Windows PowerShell:
 
 ``` syntax
 get-command *appv*
@@ -611,7 +610,7 @@ get-command *appv*
 
 ### Publishing refresh
 
-The publishing refresh process is comprised of several smaller operations that are performed on the App-V Client. Since App-V is an application virtualization technology and not a task scheduling technology, the Windows Task Scheduler is utilized to enable the process at user logon, machine startup, and at scheduled intervals. The configuration of the client during setup listed above is the preferred method when distributing the client to a large group of computers with the correct settings. These client settings can be configured with the following PowerShell cmdlets:
+The publishing refresh process is comprised of several smaller operations that are performed on the App-V Client. Since App-V is an application virtualization technology and not a task scheduling technology, the Windows Task Scheduler is utilized to enable the process at user logon, machine startup, and at scheduled intervals. The configuration of the client during setup listed above is the preferred method when distributing the client to a large group of computers with the correct settings. These client settings can be configured with the following Windows PowerShell cmdlets:
 
 -   **Add-AppVPublishingServer:** Configures the client with an App-V Publishing Server that provides App-V packages.
 
@@ -629,7 +628,7 @@ The focus of the following sections is to detail the operations that occur durin
 
 ### Adding an App-V package
 
-Adding an App-V package to the client is the first step of the publishing refresh process. The end result is the same as the `Add-AppVClientPackage` cmdlet in PowerShell, except during the publishing refresh add process, the configured publishing server is contacted and passes a high-level list of applications back to the client to pull more detailed information and not a single package add operation. The process continues by configuring the client for package or connection group additions or updates, then accesses the appv file. Next, the contents of the appv file are expanded and placed on the local operating system in the appropriate locations. The following is a detailed workflow of the process, assuming the package is configured for Fault Streaming.
+Adding an App-V package to the client is the first step of the publishing refresh process. The end result is the same as the `Add-AppVClientPackage` cmdlet in Windows PowerShell, except during the publishing refresh add process, the configured publishing server is contacted and passes a high-level list of applications back to the client to pull more detailed information and not a single package add operation. The process continues by configuring the client for package or connection group additions or updates, then accesses the appv file. Next, the contents of the appv file are expanded and placed on the local operating system in the appropriate locations. The following is a detailed workflow of the process, assuming the package is configured for Fault Streaming.
 
 **How to add an App-V package**
 
@@ -1182,7 +1181,7 @@ App-V Packages contain the Manifest file inside of the appv package file, which
 
 ### Example for dynamic configuration files
 
-The example below shows the combination of the Manifest, Deployment Configuration and User Configuration files after publishing and during normal operation. These examples are abbreviated examples of each of the files. The purpose is show the combination of the files only and not to be a complete description of the specific categories available in each of the files. For more information review the App-V Sequencing Guide at: [http://go.microsoft.com/fwlink/?LinkID=269810](http://go.microsoft.com/fwlink/?LinkID=269810).
+The example below shows the combination of the Manifest, Deployment Configuration and User Configuration files after publishing and during normal operation. These examples are abbreviated examples of each of the files. The purpose is show the combination of the files only and not to be a complete description of the specific categories available in each of the files. For more information, download the [App-V Sequencing Guide](https://www.microsoft.com/en-us/download/details.aspx?id=27760).
 
 **Manifest**
 
@@ -1289,4 +1288,4 @@ There are three specific categories of events recorded described below.
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).

windows/manage/appv-apply-the-deployment-configuration-file-with-powershell.md

@@ -1,6 +1,6 @@
 ---
-title: How to Apply the Deployment Configuration File by Using PowerShell (Windows 10)
-description: How to Apply the Deployment Configuration File by Using PowerShell
+title: How to Apply the Deployment Configuration File by Using Windows PowerShell (Windows 10)
+description: How to Apply the Deployment Configuration File by Using Windows PowerShell
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
@@ -9,9 +9,10 @@ ms.prod: w10
 ---
 
 
-# How to Apply the Deployment Configuration File by Using PowerShell
+# How to Apply the Deployment Configuration File by Using Windows PowerShell
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 The dynamic deployment configuration file is applied when a package is added or set to a computer running the App-V client before the package has been published. The file configures the default settings for package for all users on the computer running the App-V client. This section describes the steps used to use a deployment configuration file. The procedure is based on the following example and assumes the following package and configuration files exist on a computer:
 
@@ -19,31 +20,22 @@ The dynamic deployment configuration file is applied when a package is added or
 
 **c:\\Packages\\Contoso\\DynamicConfigurations\\deploymentconfig.xml**
 
-**To Apply the Deployment Configuration File Using PowerShell**
+**To Apply the Deployment Configuration File Using Windows PowerShell**
 
--   To specify a new default set of configurations for all users who will run the package on a specific computer, using a PowerShell console type the following:
+-   To specify a new default set of configurations for all users who will run the package on a specific computer, in a Windows PowerShell console, type the following:
 
-    **Add-AppVClientPackage –Path c:\\Packages\\Contoso\\MyApp.appv -DynamicDeploymentConfiguration c:\\Packages\\Contoso\\DynamicConfigurations\\deploymentconfig.xml**
+    `Add-AppVClientPackage -Path c:\Packages\Contoso\MyApp.appv -DynamicDeploymentConfiguration c:\Packages\Contoso\DynamicConfigurations\deploymentconfig.xml`
 
-    **Note**  
+    **Note**<br>
     This command captures the resulting object into $pkg. If the package is already present on the computer, the **Set-AppVclientPackage** cmdlet can be used to apply the deployment configuration document:
 
-    **Set-AppVClientPackage –Name Myapp –Path c:\\Packages\\Contoso\\MyApp.appv -DynamicDeploymentConfiguration c:\\Packages\\Contoso\\DynamicConfigurations\\deploymentconfig.xml**
+    `Set-AppVClientPackage -Name Myapp -Path c:\Packages\Contoso\MyApp.appv -DynamicDeploymentConfiguration c:\Packages\Contoso\DynamicConfigurations\deploymentconfig.xml`
 
      
+## Have a suggestion for App-V?
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Operations for App-V](appv-operations.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-apply-the-user-configuration-file-with-powershell.md

@@ -1,6 +1,6 @@
 ---
-title: How to Apply the User Configuration File by Using PowerShell (Windows 10)
-description: How to Apply the User Configuration File by Using PowerShell
+title: How to Apply the User Configuration File by Using Windows PowerShell (Windows 10)
+description: How to Apply the User Configuration File by Using Windows PowerShell
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
@@ -9,9 +9,10 @@ ms.prod: w10
 ---
 
 
-# How to Apply the User Configuration File by Using PowerShell
+# How to Apply the User Configuration File by Using Windows PowerShell
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 The dynamic user configuration file is applied when a package is published to a specific user and determines how the package will run.
 
@@ -21,26 +22,19 @@ Use the following procedure to specify a user-specific configuration file. The f
 
 **To apply a user Configuration file**
 
-1.  To add the package to the computer using the PowerShell console type the following command:
+1.  To add the package to the computer using the Windows PowerShell console, type the following command:
 
-    **Add-AppVClientPackage c:\\Packages\\Contoso\\MyApp.appv**.
+    `Add-AppVClientPackage c:\Packages\Contoso\MyApp.appv`
 
 2.  Use the following command to publish the package to the user and specify the updated the dynamic user configuration file:
 
-    **Publish-AppVClientPackage $pkg –DynamicUserConfigurationPath c:\\Packages\\Contoso\\config.xml**
+    `Publish-AppVClientPackage $pkg -DynamicUserConfigurationPath c:\Packages\Contoso\config.xml`
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+
+## Have a suggestion for App-V?
+
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Operations for App-V](appv-operations.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-capacity-planning.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # App-V Capacity Planning
 
-Applies to: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, and Windows Server 2008 R2
+**Applies to**
+-   Windows Server 2016
 
 The following recommendations can be used as a baseline to help determine capacity planning information that is appropriate to your organization’s App-V infrastructure.
 
@@ -27,8 +28,8 @@ Before you design the App-V infrastructure, determine the project’s scope. The
 
 <table>
 <colgroup>
-<col width="50%" />
-<col width="50%" />
+<col width="30%" />
+<col width="70%" />
 </colgroup>
 <thead>
 <tr class="header">
@@ -930,7 +931,7 @@ Although there are a number of fault-tolerance strategies and technologies avail
 ## Have a suggestion for App-V?
 
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-client-configuration-settings.md

@@ -10,7 +10,8 @@ ms.prod: w10
 
 # About Client Configuration Settings
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 The Microsoft Application Virtualization (App-V) client stores its configuration in the registry. You can gather some useful information about the client if you understand the format of data in the registry. You can also configure many client actions by changing registry entries. This topic lists the App-V Client configuration settings and explains their uses. You can use Windows PowerShell to modify the client configuration settings. For more information about using Windows PowerShell and App-V see [Administering App-V by Using Windows PowerShell](appv-administering-appv-with-powershell.md).
 
@@ -20,45 +21,45 @@ You can use Group Policy to configure App-V client settings by using the Group P
 
 The following table provides information about App-V client configuration settings that can be configured through Windows PowerShell cmdlets:
 
-| **Name of option in Windows PowerShell**<br>Type  | Description  | Cmdlet or cmdlets for setting  | Disabled Policy State Keys and Values |
+| Windows PowerShell cmdlet or cmdlets,<br>**Option**<br>Type  | Description  | Disabled Policy State Keys and Values |
 |------------|------------|------------|------------|
-| **PackageInstallationRoot**<br>String  | Specifies directory where all new applications and updates will be installed.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **PackageSourceRoot**<br>String  | Overrides source location for downloading package content.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **AllowHighCostLaunch**<br>True (enabled); False (Disabled state)  | This setting controls whether virtualized applications are launched on Windows 10 machines connected via a metered network connection (For example, 4G).  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | 0 |
-| **ReestablishmentRetries**<br>Integer (0-99)  | Specifies the number of times to retry a dropped session.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **ReestablishmentInterval**<br>Integer (0-3600)  | Specifies the number of seconds between attempts to reestablish a dropped session.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **LocationProvider**<br>String  | Specifies the CLSID for a compatible implementation of the IAppvPackageLocationProvider interface.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **CertFilterForClientSsl**<br>String  | Specifies the path to a valid certificate in the certificate store.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **VerifyCertificateRevocationList**<br>True(enabled); False(Disabled state)  | Verifies Server certificate revocation status before steaming using HTTPS.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | 0 |
-| **SharedContentStoreMode**<br>True(enabled); False(Disabled state)  | Specifies that streamed package contents will be not be saved to the local hard disk.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | 0 |
-| **Name**<br>String  | Displays the name of publishing server.  | Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **URL**<br>String  | Displays the URL of publishing server.  | Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **GlobalRefreshEnabled**<br>True(enabled); False(Disabled state)  | Enables global publishing refresh (Boolean)  | Set-AppvPublishingServer  | False |
-| **GlobalRefreshOnLogon**<br>True(enabled); False(Disabled state)  | Triggers a global publishing refresh on logon. ( Boolean)  | Set-AppvPublishingServer  | False |
-| **GlobalRefreshInterval**<br>Integer (0-744)  | Specifies the publishing refresh interval using the GlobalRefreshIntervalUnit. To disable package refresh, select 0.  | Set-AppvPublishingServer  | 0 |
-| **GlobalRefreshIntervalUnit** <br>0 for hour, 1 for day  | Specifies the interval unit (Hour 0-23, Day 0-31).  | Set-AppvPublishingServer  | 1 |
-| **UserRefreshEnabled**<br>True(enabled); False(Disabled state)  | Enables user publishing refresh (Boolean)  | Set-AppvPublishingServer  | False |
-| **UserRefreshOnLogon**<br>True(enabled); False(Disabled state)  | Triggers a user publishing refresh onlogon. ( Boolean)Word count (with spaces): 60  | Set-AppvPublishingServer  | False |
-| **UserRefreshInterval**<br>Word count (with spaces): 85Integer (0-744 Hours)  | Specifies the publishing refresh interval using the UserRefreshIntervalUnit. To disable package refresh, select 0.  | Set-AppvPublishingServer  | 0 |
-| **UserRefreshIntervalUnit**<br>0 for hour, 1 for day  | Specifies the interval unit (Hour 0-23, Day 0-31).  | Set-AppvPublishingServer  | 1 |
-| **MigrationMode**<br>True(enabled state); False (disabled state)  | Migration mode allows the App-V client to modify shortcuts and FTA’s for packages created using a previous version of App-V.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | |
-| **EnablePackageScripts**<br>True(enabled); False(Disabled state)  | Enables scripts defined in the package manifest of configuration files that should run.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | |
-| **RoamingFileExclusions**<br>String  | Specifies the file paths relative to %userprofile% that do not roam with a user's profile. Example usage: /ROAMINGFILEEXCLUSIONS='desktop;my pictures'  | Set-AppvClientConfiguration  | |
-| **RoamingRegistryExclusions**<br>String  | Specifies the registry paths that do not roam with a user profile. Example usage: /ROAMINGREGISTRYEXCLUSIONS=software\\classes;software\\clients  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **IntegrationRootUser**<br>String  | Specifies the location to create symbolic links associated with the current version of a per-user published package. all virtual application extensions, for example shortcuts and file type associations, will point to this path. If you do not specify a path, symbolic links will not be used when you publish the package. For example: %localappdata%\\Microsoft\\AppV\\Client\\Integration.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **IntegrationRootGlobal**<br>String  | Specifies the location to create symbolic links associated with the current version of a globally published package. all virtual application extensions, for example shortcuts and file type associations, will point to this path. If you do not specify a path, symbolic links will not be used when you publish the package. For example: %allusersprofile%\\Microsoft\\AppV\\Client\\Integration  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **VirtualizableExtensions**<br>String  | A comma -delineated list of file name extensions that can be used to determine if a locally installed application can be run in the virtual environment. When shortcuts, FTAs, and other extension points are created during publishing, App-V will compare the file name extension to the list if the application that is associated with the extension point is locally installed. If the extension is located, the **RunVirtual** command line parameter will be added, and the application will run virtually. For more information about the **RunVirtual** parameter, see [Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications](https://microsoft.sharepoint.com/teams/osg_core_dcp/cpub/partner/Shared%20Documents/APPV&UEV-for-Windows-RS1/App-V/App-V%20updated%20topics%20from%20JAN%20-%20PM%20reviews/appv-running-locally-installed-applications-inside-a-virtual-environment.md).  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written |
-| **ReportingEnabled**<br>True (enabled); False (Disabled state)  | Enables the client to return information to a reporting server.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | False |
-| **ReportingServerURL**<br>String  | Specifies the location on the reporting server where client information is saved.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **ReportingDataCacheLimit**<br>Integer \[0-1024\]  | Specifies the maximum size in megabytes (MB) of the XML cache for storing reporting information. The size applies to the cache in memory. When the limit is reached, the log file will roll over. Set between 0 and 1024.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **ReportingDataBlockSize**<br>Integer \[1024 - Unlimited\]  | Specifies the maximum size in bytes to transmit to the server for reporting upload requests. This can help avoid permanent transmission failures when the log has reached a significant size. Set between 1024 and unlimited.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **ReportingStartTime**<br>Integer (0 – 23)  | Specifies the time to initiate the client to send data to the reporting server. You must specify a valid integer between 0-23 corresponding to the hour of the day. By default the **ReportingStartTime** will start on the current day at 10 P.M.or 22.<br>**Note** You should configure this setting to a time when computers running the App-V client are least likely to be offline.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **ReportingInterval**<br>Integer  | Specifies the retry interval that the client will use to resend data to the reporting server.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **ReportingRandomDelay**<br>Integer \[0 - ReportingRandomDelay\]  | Specifies the maximum delay (in minutes) for data to be sent to the reporting server. When the scheduled task is started, the client generates a random delay between 0 and **ReportingRandomDelay** and will wait the specified duration before sending data. This can help to prevent collisions on the server.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Policy value not written (same as Not Configured) |
-| **EnableDynamicVirtualization<br>**1 (Enabled), 0 (Disabled)  | Enables supported Shell Extensions, Browser Helper Objects, and Active X controls to be virtualized and run with virtual applications.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | |
-| **EnablePublishingRefreshUI**<br>1 (Enabled), 0 (Disabled)  | Enables the publishing refresh progress bar for the computer running the App-V Client.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | |
-| **HidePublishingRefreshUI**<br>1 (Enabled), 0 (Disabled)  | Hides the publishing refresh progress bar.  | Sync-AppvPublishingServer  | |
-| **ProcessesUsingVirtualComponents**<br>String  | Specifies a list of process paths (that may contain wildcards), which are candidates for using dynamic virtualization (supported shell extensions, browser helper objects, and ActiveX controls). Only processes whose full path matches one of these items can use dynamic virtualization.  | Set-AppvClientConfiguration,<br>Set-AppvPublishingServer  | Empty string. |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-PackageInstallationRoot**<br>String  | Specifies directory where all new applications and updates will be installed.  | Policy value not written (same as Not Configured) |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-PackageSourceRoot**<br>String  | Overrides source location for downloading package content.  | Policy value not written (same as Not Configured) |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-AllowHighCostLaunch**<br>True (enabled); False (Disabled state)  | This setting controls whether virtualized applications are launched on Windows 10 machines connected via a metered network connection (For example, 4G).  | 0 |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-ReestablishmentRetries**<br>Integer (0-99)  | Specifies the number of times to retry a dropped session.  | Policy value not written (same as Not Configured) |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-ReestablishmentInterval**<br>Integer (0-3600)  | Specifies the number of seconds between attempts to reestablish a dropped session.  | Policy value not written (same as Not Configured) |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-LocationProvider**<br>String  | Specifies the CLSID for a compatible implementation of the IAppvPackageLocationProvider interface.  | Policy value not written (same as Not Configured) |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-CertFilterForClientSsl**<br>String  | Specifies the path to a valid certificate in the certificate store.  | Policy value not written (same as Not Configured) |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-VerifyCertificateRevocationList**<br>True(enabled); False(Disabled state)  | Verifies Server certificate revocation status before steaming using HTTPS.  | 0 |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-SharedContentStoreMode**<br>True(enabled); False(Disabled state)  | Specifies that streamed package contents will be not be saved to the local hard disk.  | 0 |
+| Set-AppvPublishingServer<br><br>**-Name**<br>String  | Displays the name of publishing server.  | Policy value not written (same as Not Configured) |
+| Set-AppvPublishingServer<br><br>**-URL**<br>String  | Displays the URL of publishing server.  | Policy value not written (same as Not Configured) |
+| Set-AppvPublishingServer<br><br>**-GlobalRefreshEnabled**<br>True(enabled); False(Disabled state)  | Enables global publishing refresh (Boolean)  | False |
+| Set-AppvPublishingServer<br><br>**-GlobalRefreshOnLogon**<br>True(enabled); False(Disabled state)  | Triggers a global publishing refresh on logon. ( Boolean)  | False |
+| Set-AppvPublishingServer<br><br>**-GlobalRefreshInterval**<br>Integer (0-744)  | Specifies the publishing refresh interval using the GlobalRefreshIntervalUnit. To disable package refresh, select 0.  | 0 |
+| Set-AppvPublishingServer<br><br>**-GlobalRefreshIntervalUnit** <br>0 for hour, 1 for day  | Specifies the interval unit (Hour 0-23, Day 0-31).  | 1 |
+| Set-AppvPublishingServer<br><br>**-UserRefreshEnabled**<br>True(enabled); False(Disabled state)  | Enables user publishing refresh (Boolean)  | False |
+| Set-AppvPublishingServer<br><br>**-UserRefreshOnLogon**<br>True(enabled); False(Disabled state)  | Triggers a user publishing refresh onlogon. ( Boolean)Word count (with spaces): 60  | False |
+| Set-AppvPublishingServer<br><br>**-UserRefreshInterval**<br>Word count (with spaces): 85Integer (0-744 Hours)  | Specifies the publishing refresh interval using the UserRefreshIntervalUnit. To disable package refresh, select 0.  | 0 |
+| Set-AppvPublishingServer<br><br>**-UserRefreshIntervalUnit**<br>0 for hour, 1 for day  | Specifies the interval unit (Hour 0-23, Day 0-31).  | 1 |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-MigrationMode**<br>True(enabled state); False (disabled state)  | Migration mode allows the App-V client to modify shortcuts and FTA’s for packages created using a previous version of App-V.  | |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-EnablePackageScripts**<br>True(enabled); False(Disabled state)  | Enables scripts defined in the package manifest of configuration files that should run.  | |
+| Set-AppvClientConfiguration<br><br>**-RoamingFileExclusions**<br>String  | Specifies the file paths relative to %userprofile% that do not roam with a user's profile. Example usage: /ROAMINGFILEEXCLUSIONS='desktop;my pictures'  | |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-RoamingRegistryExclusions**<br>String  | Specifies the registry paths that do not roam with a user profile. Example usage: /ROAMINGREGISTRYEXCLUSIONS=software\\classes;software\\clients  | Policy value not written (same as Not Configured) |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-IntegrationRootUser**<br>String  | Specifies the location to create symbolic links associated with the current version of a per-user published package. all virtual application extensions, for example shortcuts and file type associations, will point to this path. If you do not specify a path, symbolic links will not be used when you publish the package. For example: %localappdata%\\Microsoft\\AppV\\Client\\Integration.  | Policy value not written (same as Not Configured) |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-IntegrationRootGlobal**<br>String  | Specifies the location to create symbolic links associated with the current version of a globally published package. all virtual application extensions, for example shortcuts and file type associations, will point to this path. If you do not specify a path, symbolic links will not be used when you publish the package. For example: %allusersprofile%\\Microsoft\\AppV\\Client\\Integration  | Policy value not written (same as Not Configured) |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-VirtualizableExtensions**<br>String  | A comma -delineated list of file name extensions that can be used to determine if a locally installed application can be run in the virtual environment. When shortcuts, FTAs, and other extension points are created during publishing, App-V will compare the file name extension to the list if the application that is associated with the extension point is locally installed. If the extension is located, the **RunVirtual** command line parameter will be added, and the application will run virtually. For more information about the **RunVirtual** parameter, see [Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications](appv-running-locally-installed-applications-inside-a-virtual-environment.md).  | Policy value not written |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-ReportingEnabled**<br>True (enabled); False (Disabled state)  | Enables the client to return information to a reporting server.  | False |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-ReportingServerURL**<br>String  | Specifies the location on the reporting server where client information is saved.  | Policy value not written (same as Not Configured) |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-ReportingDataCacheLimit**<br>Integer \[0-1024\]  | Specifies the maximum size in megabytes (MB) of the XML cache for storing reporting information. The size applies to the cache in memory. When the limit is reached, the log file will roll over. Set between 0 and 1024.  | Policy value not written (same as Not Configured) |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-ReportingDataBlockSize**<br>Integer \[1024 - Unlimited\]  | Specifies the maximum size in bytes to transmit to the server for reporting upload requests. This can help avoid permanent transmission failures when the log has reached a significant size. Set between 1024 and unlimited.  | Policy value not written (same as Not Configured) |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-ReportingStartTime**<br>Integer (0 – 23)  | Specifies the time to initiate the client to send data to the reporting server. You must specify a valid integer between 0-23 corresponding to the hour of the day. By default the **ReportingStartTime** will start on the current day at 10 P.M.or 22.<br>**Note** You should configure this setting to a time when computers running the App-V client are least likely to be offline.  | Policy value not written (same as Not Configured) |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-ReportingInterval**<br>Integer  | Specifies the retry interval that the client will use to resend data to the reporting server.  | Policy value not written (same as Not Configured) |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-ReportingRandomDelay**<br>Integer \[0 - ReportingRandomDelay\]  | Specifies the maximum delay (in minutes) for data to be sent to the reporting server. When the scheduled task is started, the client generates a random delay between 0 and **ReportingRandomDelay** and will wait the specified duration before sending data. This can help to prevent collisions on the server.  | Policy value not written (same as Not Configured) |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-EnableDynamicVirtualization<br>**1 (Enabled), 0 (Disabled)  | Enables supported Shell Extensions, Browser Helper Objects, and Active X controls to be virtualized and run with virtual applications.  | |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-EnablePublishingRefreshUI**<br>1 (Enabled), 0 (Disabled)  | Enables the publishing refresh progress bar for the computer running the App-V Client.  | |
+| Sync-AppvPublishingServer<br><br>**-HidePublishingRefreshUI**<br>1 (Enabled), 0 (Disabled)  | Hides the publishing refresh progress bar.  | |
+| Set-AppvClientConfiguration,<br>Set-AppvPublishingServer<br><br>**-ProcessesUsingVirtualComponents**<br>String  | Specifies a list of process paths (that may contain wildcards), which are candidates for using dynamic virtualization (supported shell extensions, browser helper objects, and ActiveX controls). Only processes whose full path matches one of these items can use dynamic virtualization.  | Empty string. |
 
 ## App-V Client Configuration Settings: Registry Keys
 
@@ -106,7 +107,7 @@ The following table provides information about App-V client configuration settin
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-configure-access-to-packages-with-the-management-console.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # How to Configure Access to Packages by Using the Management Console
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Before you deploy an App-V virtualized package, you must configure the Active Directory Domain Services (AD DS) security groups that will be allowed to access and run the applications. The security groups may contain computers or users. Entitling a package to a computer group publishes the package globally to all computers in the group.
 
@@ -56,18 +57,10 @@ Use the following procedure to configure access to virtualized packages.
 
 3.  To close the **AD ACCESS** page, click **Close**.
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+## Have a suggestion for App-V?
+
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Operations for App-V](appv-operations.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-configure-connection-groups-to-ignore-the-package-version.md

@@ -11,95 +11,53 @@ ms.prod: w10
 
 # How to Make a Connection Group Ignore the Package Version
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
-Microsoft Application Virtualization (App-V) lets you configure a connection group to use any version of a package, which simplifies package upgrades and reduces the number of connection groups you need to create.
+Application Virtualization (App-V) lets you configure a connection group to use any version of a package, which simplifies package upgrades and reduces the number of connection groups you need to create.
 
-To upgrade a package in some earlier versions of App-V, you had to perform several steps, including disabling the connection group and modifying the connection group’s XML definition file.
+You can configure a connection group to accept any version of a package, which enables you to upgrade the package without having to disable the connection group:
 
-<table>
-<colgroup>
-<col width="50%" />
-<col width="50%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th align="left">Task description with App-V</th>
-<th align="left">How to perform the task with App-V</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td align="left"><p>You can configure a connection group to accept any version of a package, which enables you to upgrade the package without having to disable the connection group.</p>
-<p><strong>How the feature works:</strong></p>
-<ul>
-<li><p>If the connection group has access to multiple versions of a package, the latest version is used.</p></li>
-<li><p>If the connection group contains an optional package that has an incorrect version, the package is ignored and won’t block the connection group’s virtual environment from being created.</p></li>
-<li><p>If the connection group contains a non-optional package that has an incorrect version, the connection group’s virtual environment cannot be created.</p></li>
-</ul></td>
-<td align="left"><table>
-<colgroup>
-<col width="50%" />
-<col width="50%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th align="left">Method</th>
-<th align="left">Steps</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td align="left"><p>App-V Server – Management Console</p></td>
-<td align="left"><ol>
-<li><p>In the Management Console, select <strong>CONNECTION GROUPS</strong>.</p></li>
-<li><p>Select the correct connection group from the Connection Groups library.</p></li>
-<li><p>Click <strong>EDIT</strong> in the CONNECTED PACKAGES pane.</p></li>
-<li><p>Select <strong>Use Any Version</strong> check box next to the package name, and click <strong>Apply</strong>.</p></li>
-</ol>
-<p>For more about adding or upgrading packages, see [How to Add or Upgrade Packages by Using the Management Console](appv-add-or-upgrade-packages-with-the-management-console.md).</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>App-V Client on a Stand-alone computer</p></td>
-<td align="left"><ol>
-<li><p>Create the connection group XML document.</p></li>
-<li><p>For the package to be upgraded, set the <strong>Package</strong> tag attribute <strong>VersionID</strong> to an asterisk (<strong>*</strong>).</p></li>
-<li><p>Use the following cmdlet to add the connection group, and include the path to the connection group XML document:</p>
-<p><strong>Add-AppvClientConnectionGroup</strong></p></li>
-<li><p>When you upgrade a package, use the following cmdlets to remove the old package, add the upgraded package, and publish the upgraded package:</p>
-<ul>
-<li><p>RemoveAppvClientPackage</p></li>
-<li><p>Add-AppvClientPackage</p></li>
-<li><p>Publish-AppvClientPackage</p></li>
-</ul></li>
-</ol>
-<p>For more information, see [How to Manage App-V Packages Running on a Stand-Alone Computer by Using PowerShell](appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md).</p>
-</td>
-</tr>
-</tbody>
-</table>
-<p> </p></td>
-</tr>
-</tbody>
-</table>
+- If the connection group has access to multiple versions of a package, the latest version is used.
 
- 
+- If the connection group contains an optional package that has an incorrect version, the package is ignored and won’t block the connection group’s virtual environment from being created.
+
+- If the connection group contains a non-optional package that has an incorrect version, the connection group’s virtual environment cannot be created.
+
+## To make a connection group ignore the package version by using the App-V Server Management Console
+
+1. In the Management Console, select **CONNECTION GROUPS**.
+
+2. Select the correct connection group from the Connection Groups library.
+
+3. Click **EDIT** in the CONNECTED PACKAGES pane.
+
+4. Select **Use Any Version** check box next to the package name, and click **Apply**.
+
+For more about adding or upgrading packages, see [How to Add or Upgrade Packages by Using the Management Console](appv-add-or-upgrade-packages-with-the-management-console.md).
+
+##  To make a connection group ignore the package version from the App-V client on a stand-alone computer
+
+1. Create the connection group XML document.
+
+2. For the package to be upgraded, set the **Package** tag attribute **VersionID** to an asterisk (<strong>*</strong>).
+
+3. Use the following cmdlet to add the connection group, and include the path to the connection group XML document:
+
+    `Add-AppvClientConnectionGroup`
+    
+4. When you upgrade a package, use the following cmdlets to remove the old package, add the upgraded package, and publish the upgraded package:
+
+    - RemoveAppvClientPackage
+    - Add-AppvClientPackage
+    - Publish-AppvClientPackage
+
+For more information, see [How to Manage App-V Packages Running on a Stand-Alone Computer by Using Windows PowerShell](appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md).
 
 ## Have a suggestion for App-V?
 
-
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Managing Connection Groups](appv-managing-connection-groups.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-configure-the-client-to-receive-updates-from-the-publishing-server.md

@@ -11,13 +11,14 @@ ms.prod: w10
 
 # How to Configure the Client to Receive Package and Connection Groups Updates From the Publishing Server
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Deploying packages and connection groups using the App-V publishing server is helpful because it offers single-point management and high scalability.
 
 Use the following steps to configure the App-V client to receive updates from the publishing server.
 
-**Note**  
+**Note**<br>
 For the following procedures the management server was installed on a computer named **MyMgmtSrv**, and the publishing server was installed on a computer named **MyPubSrv**.
 
  
@@ -28,56 +29,37 @@ For the following procedures the management server was installed on a computer n
 
 2.  To open the management console click the following link, open a browser and type the following: http://MyMgmtSrv/AppvManagement/Console.html in a web browser, and import, publish, and entitle all the packages and connection groups which will be necessary for a particular set of users.
 
-3.  On the computer running the App-V client, open an elevated PowerShell command prompt, run the following command:
+3.  On the computer running the App-V client, open an elevated Windows PowerShell command prompt, and run the following command:
 
-    **Add-AppvPublishingServer  -Name  ABC  -URL  http:// MyPubSrv/AppvPublishing**
+    `Add-AppvPublishingServer -Name ABC -URL http://MyPubSrv/AppvPublishing`
 
     This command will configure the specified publishing server. You should see output similar to the following:
-
+    
+    ```
     Id                        : 1
-
     SetByGroupPolicy          : False
-
     Name                      : ABC
-
     URL                       : http:// MyPubSrv/AppvPublishing
-
     GlobalRefreshEnabled      : False
-
     GlobalRefreshOnLogon      : False
-
     GlobalRefreshInterval     : 0
-
     GlobalRefreshIntervalUnit : Day
-
     UserRefreshEnabled        : True
-
     UserRefreshOnLogon        : True
-
     UserRefreshInterval       : 0
-
     UserRefreshIntervalUnit   : Day
+    ```
 
-    The returned Id – in this case 1
+4.  On the computer running the App-V client, open a Windows PowerShell command prompt, and type the following command:
 
-4.  On the computer running the App-V client, open a PowerShell command prompt, and type the following command:
-
-    **Sync-AppvPublishingServer  -ServerId  1**
+    `Sync-AppvPublishingServer -ServerId 1`
 
     The command will query the publishing server for the packages and connection groups that need to be added or removed for this particular client based on the entitlements for the packages and connection groups as configured on the management server.
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+## Have a suggestion for App-V?
+
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Operations for App-V](appv-operations.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-connect-to-the-management-console.md

@@ -10,19 +10,20 @@ ms.prod: w10
 
 # How to Connect to the Management Console
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Use the following procedure to connect to the App-V Management Console.
 
 **To connect to the App-V Management Console**
 
-1.  Open Internet Explorer browser and type the address for the App-V. For example, **http://\<_management server name_\>:\<_management service port number_\>/console.html**.
+1.  Open Internet Explorer browser and type the address for the App-V Management server. For example, **http://\<_management server name_\>:\<_management service port number_\>/console.html**.
 
 2.  To view different sections of the console, click the desired section in the navigation pane.
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-connection-group-file.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # About the Connection Group File
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 **In this topic:**
 
@@ -202,91 +203,64 @@ The virtual application Microsoft Outlook is running in virtual environment **XY
 
 ## <a href="" id="bkmk-va-conn-configs"></a>Supported virtual application connection configurations
 
+The following application connection configurations are supported.
 
-<table>
-<colgroup>
-<col width="50%" />
-<col width="50%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th align="left">Configuration</th>
-<th align="left">Example scenario</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td align="left"><p>An. exe file and plug-in (.dll)</p></td>
-<td align="left"><ul>
-<li><p>You want to distribute Microsoft Office to all users, but distribute a Microsoft Excel plug-in to only a subset of users.</p></li>
-<li><p>Enable the connection group for the appropriate users.</p></li>
-<li><p>Update each package individually as required.</p></li>
-</ul></td>
-</tr>
-<tr class="even">
-<td align="left"><p>An. exe file and a middleware application</p></td>
-<td align="left"><ul>
-<li><p>You have an application requires a middleware application, or several applications that all depend on the same middleware runtime version.</p></li>
-<li><p>All computers that require one or more of the applications receive the connection groups with the application and middleware application runtime.</p></li>
-<li><p>You can optionally combine multiple middleware applications into a single connection group.</p>
-<table>
-<colgroup>
-<col width="50%" />
-<col width="50%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th align="left">Example</th>
-<th align="left">Example description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td align="left"><p>Virtual application connection group for the financial division</p></td>
-<td align="left"><ul>
-<li><p>Middleware application 1</p></li>
-<li><p>Middleware application 2</p></li>
-<li><p>Middleware application 3</p></li>
-<li><p>Middleware application runtime</p></li>
-</ul></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Virtual application connection group for HR division</p></td>
-<td align="left"><ul>
-<li><p>Middleware application 5</p></li>
-<li><p>Middleware application 6</p></li>
-<li><p>Middleware application runtime</p></li>
-</ul></td>
-</tr>
-</tbody>
-</table>
-<p> </p></li>
-</ul></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>An. exe file and an .exe file</p></td>
-<td align="left"><p>You have an application that relies on another application, and you want to keep the packages separate for operational efficiencies, licensing restrictions, or rollout timelines.</p>
-<p><strong>Example:</strong></p>
-<p>If you are deploying Microsoft Lync 2010, you can use three packages:</p>
-<ul>
-<li><p>Microsoft Office 2010</p></li>
-<li><p>Microsoft Communicator 2007</p></li>
-<li><p>Microsoft Lync 2010</p></li>
-</ul>
-<p>You can manage the deployment using the following connection groups:</p>
-<ul>
-<li><p>Microsoft Office 2010 and Microsoft Communicator 2007</p></li>
-<li><p>Microsoft Office 2010 and Microsoft Lync 2010</p></li>
-</ul>
-<p>When the deployment has completed, you can either create a single new Microsoft Office 2010 + Microsoft Lync 2010 package, or keep and maintain them as separate packages and deploy them by using a connection group.</p></td>
-</tr>
-</tbody>
-</table>
+- **An. exe file and plug-in (.dll)**. For example, you might want to distribute Microsoft Office to all users, but distribute a Microsoft Excel plug-in to only a subset of users.
 
+    Enable the connection group for the appropriate users. Update each package individually as required.
+
+- **An. exe file and a middleware application**. You might have an application that requires a middleware application, or several applications that all depend on the same middleware runtime version.
+
+    All computers that require one or more of the applications receive the connection groups with the application and middleware application runtime. You can optionally combine multiple middleware applications into a single connection group.
+
+    <table>
+    <colgroup>
+    <col width="50%" />
+    <col width="50%" />
+    </colgroup>
+    <thead>
+    <tr class="header">
+    <th align="left">Example</th>
+    <th align="left">Example description</th>
+    </tr>
+    </thead>
+    <tbody>
+    <tr class="odd">
+    <td align="left"><p>Virtual application connection group for the financial division</p></td>
+    <td align="left"><ul>
+    <li><p>Middleware application 1</p></li>
+    <li><p>Middleware application 2</p></li>
+    <li><p>Middleware application 3</p></li>
+    <li><p>Middleware application runtime</p></li>
+    </ul></td>
+    </tr>
+    <tr class="even">
+    <td align="left"><p>Virtual application connection group for HR division</p></td>
+    <td align="left"><ul>
+    <li><p>Middleware application 5</p></li>
+    <li><p>Middleware application 6</p></li>
+    <li><p>Middleware application runtime</p></li>
+    </ul></td>
+    </tr>
+    </tbody>
+    </table>
+
+- **An. exe file and an .exe file**. You might have an application that relies on another application, and you want to keep the packages separate for operational efficiencies, licensing restrictions, or rollout timelines.
+
+    For example, if you are deploying Microsoft Lync 2010, you can use three packages:
+    - Microsoft Office 2010    
+    - Microsoft Communicator 2007
+    - Microsoft Lync 2010<br><br>
+    
+  You can manage the deployment using the following connection groups:
+    - Microsoft Office 2010 and Microsoft Communicator 2007
+    - Microsoft Office 2010 and Microsoft Lync 2010<br><br>
+    
+  When the deployment has completed, you can either create a single new Microsoft Office 2010 + Microsoft Lync 2010 package, or keep and maintain them as separate packages and deploy them by using a connection group.
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-connection-group-virtual-environment.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # About the Connection Group Virtual Environment
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 **In this topic:**
 
@@ -93,7 +94,7 @@ In the example above, when a virtualized application tries to find a specific fi
 ## Have a suggestion for App-V?
 
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-convert-a-package-created-in-a-previous-version-of-appv.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # How to Convert a Package Created in a Previous Version of App-V
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 You can use the package converter utility to upgrade virtual application packages that have been created with previous versions of App-V.
 
@@ -56,7 +57,7 @@ When you convert packages from App-V 4.6 to App-V for Windows 10, the App-V for
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-create-a-connection-group-with-user-published-and-globally-published-packages.md

@@ -11,15 +11,16 @@ ms.prod: w10
 
 # How to Create a Connection Group with User-Published and Globally Published Packages
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 You can create user-entitled connection groups that contain both user-published and globally published packages, using either of the following methods:
 
--   [How to use PowerShell cmdlets to create the user-entitled connection groups](#bkmk-posh-userentitled-cg)
+-   [How to use Windows PowerShell cmdlets to create user-entitled connection groups](#how-to-use-powershell-cmdlets-to-create-user-entitled-connection-groups)
 
--   [How to use the App-V Server to create the user-entitled connection groups](#bkmk-appvserver-userentitled-cg)
+-   [How to use the App-V Server to create user-entitled connection groups](#how-to-use-the-app-v-server-to-create-user-entitled-connection-groups)
 
-**What to know before you start:**
+## What to know before you start:
 
 <table>
 <colgroup>
@@ -47,27 +48,27 @@ You can create user-entitled connection groups that contain both user-published
 
  
 
-**How to use PowerShell cmdlets to create user-entitled connection groups**
+## How to use Windows PowerShell cmdlets to create user-entitled connection groups
 
 1.  Add and publish packages by using the following commands:
-
-    **Add-AppvClientPackage Pacakage1\_AppV\_file\_Path**
-
-    **Add-AppvClientPackage Pacakage2\_AppV\_file\_Path**
-
-    **Publish-AppvClientPackage -PackageId Package1\_ID -VersionId Package1\_Version ID -Global**
-
-    **Publish-AppvClientPackage -PackageId Package2\_ID -VersionId Package2\_ID**
+    
+    ```
+    Add-AppvClientPackage <Package1_AppV_file_Path>
+    Add-AppvClientPackage <Package2_AppV_file_Path>
+    Publish-AppvClientPackage -PackageId <Package1_ID> -VersionId <Package1_Version_ID> -Global
+    Publish-AppvClientPackage -PackageId <Package2_ID> -VersionId <Package2_Version_ID>
+    ```
 
 2.  Create the connection group XML file. For more information, see [About the Connection Group File](appv-connection-group-file.md).
 
 3.  Add and publish the connection group by using the following commands:
+    
+    ```
+    Add-AppvClientConnectionGroup <Connection_Group_XML_file_Path>
+    Enable-AppvClientConnectionGroup -GroupId <CG_Group_ID> -VersionId <CG_Version_ID>
+    ```
 
-    **Add-AppvClientConnectionGroup Connection\_Group\_XML\_file\_Path**
-
-    **Enable-AppvClientConnectionGroup  -GroupId CG\_Group\_ID -VersionId CG\_Version\_ID**
-
-**How to use the App-V Server to create user-entitled connection groups**
+## How to use the App-V Server to create user-entitled connection groups
 
 1.  Open the App-V Management Console.
 
@@ -75,7 +76,9 @@ You can create user-entitled connection groups that contain both user-published
 
 3.  Follow the instructions in [How to Create a Connection Group](appv-create-a-connection-group.md) to create the connection group, and add the user-published and globally published packages.
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+## Have a suggestion for App-V?
+
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-create-a-connection-group.md

@@ -11,9 +11,10 @@ ms.prod: w10
 
 # How to Create a Connection Group
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
-Use these steps to create a connection group by using the App-V Management Console. To use PowerShell to create connection groups, see [How to Manage Connection Groups on a Stand-alone Computer by Using PowerShell](appv-manage-connection-groups-on-a-stand-alone-computer-with-powershell.md).
+Use these steps to create a connection group by using the App-V Management Console. To use Windows PowerShell to create connection groups, see [How to Manage Connection Groups on a Stand-alone Computer by Using Windows PowerShell](appv-manage-connection-groups-on-a-stand-alone-computer-with-powershell.md).
 
 When you place packages in a connection group, their package root paths are merged. If you remove packages, only the remaining packages maintain the merged root.
 
@@ -33,27 +34,17 @@ When you place packages in a connection group, their package root paths are merg
 
     To reprioritize the applications in your connection group, use the arrows in the **PACKAGES IN** pane.
 
-    **Important**  
+    **Important**<br>
     By default, the Active Directory Domain Services access configurations that are associated with a specific application are not added to the connection group. To transfer the Active Directory access configuration, select **ADD PACKAGE ACCESS TO GROUP ACCESS**, which is located in the **PACKAGES IN** pane.
 
-     
-
 6.  After adding all the applications and configuring Active Directory access, click **Apply**.
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+## Have a suggestion for App-V?
+
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Operations for App-V](appv-operations.md)
 
 [Managing Connection Groups](appv-managing-connection-groups.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-create-a-custom-configuration-file-with-the-management-console.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # How to Create a Custom Configuration File by Using the App-V Management Console
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 You can use a dynamic configuration to customize an App-V package for a specific user. However, you must first create the dynamic user configuration (.xml) file or the dynamic deployment configuration file before you can use the files. Creation of the file is an advanced manual operation. For general information about dynamic user configuration files, see, [About App-V Dynamic Configuration](appv-dynamic-configuration.md).
 
@@ -30,20 +31,10 @@ Use the following procedure to create a Dynamic User Configuration file by using
     **Note**  
     To export a configuration while running on Windows Server, you must disable "IE Enhanced Security Configuration". If this is enabled and set to block downloads, you cannot download anything from the App-V Server.
 
-     
+## Have a suggestion for App-V?
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Operations for App-V](appv-operations.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-create-a-package-accelerator-with-powershell.md

@@ -1,6 +1,6 @@
 ---
-title: How to Create a Package Accelerator by Using PowerShell (Windows 10)
-description: How to Create a Package Accelerator by Using PowerShell
+title: How to Create a Package Accelerator by Using Windows PowerShell (Windows 10)
+description: How to Create a Package Accelerator by Using Windows PowerShell
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
@@ -9,9 +9,10 @@ ms.prod: w10
 ---
 
 
-# How to Create a Package Accelerator by Using PowerShell
+# How to Create a Package Accelerator by Using Windows PowerShell
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 App-V package accelerators automatically sequence large, complex applications. Additionally, when you apply an App-V package accelerator, you are not always required to manually install an application to create the virtualized package.
 
@@ -19,7 +20,7 @@ App-V package accelerators automatically sequence large, complex applications. A
 
 1.  Install the App-V sequencer. For more information about installing the sequencer see [How to Install the Sequencer](appv-install-the-sequencer.md).
 
-2.  To open a PowerShell console click **Start** and type **PowerShell**. Right-click **Windows PowerShell** and select **Run as Administrator**. Use the **New-AppvPackageAccelerator** cmdlet.
+2.  To open a Windows PowerShell console, click **Start** and type **PowerShell**. Right-click **Windows PowerShell** and select **Run as Administrator**. Use the **New-AppvPackageAccelerator** cmdlet.
 
 3.  To create a package accelerator, make sure that you have the .appv package to create an accelerator from, the installation media or installation files, and optionally a read me file for consumers of the accelerator to use. The following parameters are required to use the package accelerator cmdlet:
 
@@ -35,22 +36,14 @@ App-V package accelerators automatically sequence large, complex applications. A
 
     **New-AppvPackageAccelerator -InputPackagePath <path to the .appv file> -Installer <path to the installer executable> -Path <directory of the output path>**
 
-    Additional optional parameters that can be used with the **New-AppvPackageAccelerator** cmdlet are displayed in the following list:
+    An additional optional parameter that can be used with the **New-AppvPackageAccelerator** cmdlet is as follows:
 
     -   **AcceleratorDescriptionFile** - specifies the path to user created package accelerator instructions. The package accelerator instructions are **.txt** or **.rtf** description files that will be packaged with the package created using the package accelerator.
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+## Have a suggestion for App-V?
+
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Administering App-V by Using Windows PowerShell](appv-administering-appv-with-powershell.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-create-a-package-accelerator.md

@@ -11,67 +11,47 @@ ms.prod: w10
 
 # How to Create a Package Accelerator
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 App-V package accelerators automatically generate new virtual application packages.
 
-**Note**  
-You can use PowerShell to create a package accelerator. For more information see [How to Create a Package Accelerator by Using PowerShell](appv-create-a-package-accelerator-with-powershell.md).
-
- 
+>**Note**  You can use Windows PowerShell to create a package accelerator. For more information see [How to Create a Package Accelerator by Using Windows PowerShell](appv-create-a-package-accelerator-with-powershell.md).
 
 Use the following procedure to create a package accelerator.
 
-**Important**  
-Package Accelerators can contain password and user-specific information. Therefore you must save Package Accelerators and the associated installation media in a secure location, and you should digitally sign the Package Accelerator after you create it so that the publisher can be verified when the App-V Package Accelerator is applied.
+>**Important**
+> - Package Accelerators can contain password and user-specific information. Therefore you must save Package Accelerators and the associated installation media in a secure location, and you should digitally sign the Package Accelerator after you create it so that the publisher can be verified when the App-V Package Accelerator is applied.
+> - Before you begin the following procedure, perform the following:
+    -   Copy the virtual application package that you will use to create the package accelerator locally to the computer running the sequencer.
+    -   Copy all required installation files associated with the virtual application package to the computer running the sequencer.
+> - The App-V Sequencer does not grant any license rights to the software application you are using to create the Package Accelerator. You must abide by all end user license terms for the application you are using. It is your responsibility to make sure the software application’s license terms allow you to create a Package Accelerator using App-V Sequencer.
 
- 
+## To create a package accelerator
 
-**Important**  
-Before you begin the following procedure, you should perform the following:
-
--   Copy the virtual application package that you will use to create the package accelerator locally to the computer running the sequencer.
-
--   Copy all required installation files associated with the virtual application package to the computer running the sequencer.
-
- 
-
-**To create a package accelerator**
-
-1.  **Important**  
-    The App-V Sequencer does not grant any license rights to the software application you are using to create the Package Accelerator. You must abide by all end user license terms for the application you are using. It is your responsibility to make sure the software application’s license terms allow you to create a Package Accelerator using App-V Sequencer.
-
-     
-
-    To start the App-V sequencer, on the computer that is running the sequencer, click **Start** / **All Programs** / **Microsoft Application Virtualization** / **Microsoft Application Virtualization Sequencer**.
+1.  To start the App-V sequencer, on the computer that is running the sequencer, click **Start** / **All Programs** / **Microsoft Application Virtualization** / **Microsoft Application Virtualization Sequencer**.
 
 2.  To start the App-V **Create Package Accelerator** wizard, in the App-V sequencer console, click **Tools** / **Create Accelerator**.
 
 3.  On the **Select Package** page, to specify an existing virtual application package to use to create the Package Accelerator, click **Browse**, and locate the existing virtual application package (.appv file).
 
-    **Tip**  
+    **Tip**<br>
     Copy the files associated with the virtual application package you plan to use locally to the computer running the Sequencer.
-
-     
-
+    
     Click **Next**.
 
 4.  On the **Installation Files** page, to specify the folder that contains the installation files that you used to create the original virtual application package, click **Browse**, and then select the directory that contains the installation files.
 
-    **Tip**  
+    **Tip**<br>
     Copy the folder that contains the required installation files to the computer running the Sequencer.
 
-     
-
 5.  If the application is already installed on the computer running the sequencer, to specify the installation file, select **Files installed on local system**. To use this option, the application must already be installed in the default installation location.
 
 6.  On the **Gathering Information** page, review the files that were not found in the location specified on the **Installation Files** page of this wizard. If the files displayed are not required, select **Remove these files**, and then click **Next**. If the files are required, click **Previous** and copy the required files to the directory specified on the **Installation Files** page.
 
-    **Note**  
+    **Note**<br>
     You must either remove the unrequired files, or click **Previous** and locate the required files to advance to the next page of this wizard.
 
-     
-
 7.  On the **Select Files** page, carefully review the files that were detected, and clear any file that should be removed from the package accelerator. Select only files that are required for the application to run successfully, and then click **Next**.
 
 8.  On the **Verify Applications** page, confirm that all installation files that are required to build the package are displayed. When the Package Accelerator is used to create a new package, all installation files displayed in the **Applications** pane are required to create the package.
@@ -84,25 +64,15 @@ Before you begin the following procedure, you should perform the following:
 
 11. On the **Completion** page, to close the **Create Package Accelerator** wizard, click **Close**.
 
-    **Important**  
+    **Important**<br>
     To help ensure that the package accelerator is as secure as possible, and so that the publisher can be verified when the package accelerator is applied, you should always digitally sign the package accelerator.
 
-     
+## Have a suggestion for App-V?
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Operations for App-V](appv-operations.md)
 
 [How to Create a Virtual Application Package Using an App-V Package Accelerator](appv-create-a-virtual-application-package-package-accelerator.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-create-a-virtual-application-package-package-accelerator.md

@@ -11,63 +11,47 @@ ms.prod: w10
 
 # How to Create a Virtual Application Package Using an App-V Package Accelerator
 
-Applies to: Windows 10, version 1607
-
-**Important**  
-The App-V Sequencer does not grant any license rights to the software application that you use to create the Package Accelerator. You must abide by all end user license terms for the application that you use. It is your responsibility to make sure that the software application’s license terms allow you to create a Package Accelerator with the App-V Sequencer.
-
- 
+**Applies to**
+-   Windows 10, version 1607
 
 Use the following procedure to create a virtual application package with the App-V Package Accelerator.
 
-**Note**  
-Before you start this procedure, copy the required Package Accelerator locally to the computer that runs the App-V Sequencer. You should also copy all required installation files for the package to a local directory on the computer that runs the Sequencer. This is the directory that you have to specify in step 5 of this procedure.
-
- 
+> **Important**  The App-V Sequencer does not grant any license rights to the software application that you use to create the Package Accelerator. You must abide by all end user license terms for the application that you use. It is your responsibility to make sure that the software application’s license terms allow you to create a Package Accelerator with the App-V Sequencer.
 
 **To create a virtual application package with an App-V Package Accelerator**
 
-1.  To start the App-V Sequencer, on the computer that runs the App-V Sequencer, click **Start** / **All Programs** / **Microsoft Application Virtualization** / **Microsoft Application Virtualization Sequencer**.
+1. Be sure that the required Package Accelerator has been copied locally to the computer that runs the App-V Sequencer. Also copy all required installation files for the package to a local folder on the computer that runs the Sequencer. This is the folder that you have to specify in step 6 of this procedure.
 
-2.  To start the **Create New Package Wizard**, click **Create a New Virtual Application Package**. To create the package, select the **Create Package using a Package Accelerator** check box, and then click **Next**.
+2.  To start the App-V Sequencer, on the computer that runs the App-V Sequencer, click **Start** / **All Programs** / **Microsoft Application Virtualization** / **Microsoft Application Virtualization Sequencer**.
 
-3.  To specify the package accelerator that will be used to create the new virtual application package, click **Browse** on the **Select Package Accelerator** page. Click **Next**.
+3.  To start the **Create New Package Wizard**, click **Create a New Virtual Application Package**. To create the package, select the **Create Package using a Package Accelerator** check box, and then click **Next**.
 
-    **Important**  
-    If the publisher of the package accelerator cannot be verified and does not contain a valid digital signature, then before you click **Run**, you must confirm that you trust the source of the package accelerator. Confirm your choice in the **Security Warning** dialog box.
+4.  To specify the package accelerator that will be used to create the new virtual application package, click **Browse** on the **Select Package Accelerator** page. Click **Next**.
 
-     
+    > **Important**  If the publisher of the package accelerator cannot be verified and does not contain a valid digital signature, then before you click **Run**, you must confirm that you trust the source of the package accelerator. Confirm your choice in the **Security Warning** dialog box.
 
-4.  On the **Guidance** page, review the publishing guidance information that is displayed in the information pane. This information was added when the Package Accelerator was created and it contains guidance about how to create and publish the package. To export the guidance information to a text (.txt) file, click **Export** and specify the location where the file should be saved, and then click **Next**.
+5.  On the **Guidance** page, review the publishing guidance information that is displayed in the information pane. This information was added when the Package Accelerator was created and it contains guidance about how to create and publish the package. To export the guidance information to a text (.txt) file, click **Export** and specify the location where the file should be saved, and then click **Next**.
 
-5.  On the **Select Installation Files** page, click **Make New Folder** to create a local folder that contains all required installation files for the package, and specify where the folder should be saved. You must also specify a name to be assigned to the folder. You must then copy all required installation files to the location that you specified. If the folder that contains the installation files already exists on the computer that runs the Sequencer, click **Browse** to select the folder.
+6.  On the **Select Installation Files** page, click **Make New Folder** to create a local folder that contains all required installation files for the package, and specify where the folder should be saved. You must also specify a name to be assigned to the folder. You must then copy all required installation files to the location that you specified. If the folder that contains the installation files already exists on the computer that runs the Sequencer, click **Browse** to select the folder.
 
     Alternatively, if you have already copied the installation files to a directory on this computer, click **Make New Folder**, browse to the folder that contains the installation files, and then click **Next**.
 
-    **Note**  
-    You can specify the following types of supported installation files:
+    > **Note**  You can specify the following types of supported installation files:
+    > -   Windows Installer files (**.msi**)
+    > -   Cabinet files (.cab)
+    > -   Compressed files with a .zip file name extension
+    > -   The actual application files
+    > The following file types are not supported: **.msp** and **.exe** files. If you specify an **.exe** file, you must extract the installation files manually.
 
-    -   Windows Installer files (**.msi**)
+7.  If the package accelerator requires an application to be installed before you apply the Package Accelerator, and if you have already installed the required application, select **I have installed all applications**, and then click **Next** on the **Local Installation** page.
 
-    -   Cabinet files (.cab)
+8.  On the **Package Name** page, specify a name that will be associated with the package. The name that you specify identifies the package in the App-V Management Console. Click **Next**.
 
-    -   Compressed files with a .zip file name extension
+9.  On the **Create Package** page, provide comments that will be associated with the package. The comments should contain identifying information about the package that you are creating. To confirm the location where the package is created, review the information that is displayed in **Save Location**. To compress the package, select **Compress Package**. Select the **Compress Package** check box if the package will be streamed across the network, or when the package size exceeds 4 GB.
 
-    -   The actual application files
+10.  To create the package, click **Create**. After the package is created, click **Next**.
 
-    The following file types are not supported: **.msp** and **.exe** files. If you specify an **.exe** file, you must extract the installation files manually.
-
-     
-
-    If the package accelerator requires an application to be installed before you apply the Package Accelerator, and if you have already installed the required application, select **I have installed all applications**, and then click **Next** on the **Local Installation** page.
-
-6.  On the **Package Name** page, specify a name that will be associated with the package. The name that you specify identifies the package in the App-V Management Console. Click **Next**.
-
-7.  On the **Create Package** page, provide comments that will be associated with the package. The comments should contain identifying information about the package that you are creating. To confirm the location where the package is created, review the information that is displayed in **Save Location**. To compress the package, select **Compress Package**. Select the **Compress Package** check box if the package will be streamed across the network, or when the package size exceeds 4 GB.
-
-    To create the package, click **Create**. After the package is created, click **Next**.
-
-8.  On the **Configure Software** page, to enable the Sequencer to configure the applications that are contained in the package, select **Configure Software**. In this step you can configure any associated tasks that must be completed in order to run the application on the target computers. For example, you can configure any associated license agreements.
+11.  On the **Configure Software** page, to enable the Sequencer to configure the applications that are contained in the package, select **Configure Software**. In this step you can configure any associated tasks that must be completed in order to run the application on the target computers. For example, you can configure any associated license agreements.
 
     If you select **Configure Software**, the following items can be configured using the Sequencer as part of this step:
 
@@ -79,24 +63,16 @@ Before you start this procedure, copy the required Package Accelerator locally t
 
     -   **Primary Feature Block**. The Sequencer optimizes the package for streaming by rebuilding the primary feature block.
 
-    If you do not want to configure the applications, click **Skip this step**, and to go to step 9 of this procedure, and then click **Next**.
+    If you do not want to configure the applications, click **Skip this step**, and then click **Next**.
 
-9.  On the **Completion** page, after you review the information that is displayed in the **Virtual Application Package Report** pane, click **Close**.
+12.  On the **Completion** page, after you review the information that is displayed in the **Virtual Application Package Report** pane, click **Close**.
 
     The package is now available in the Sequencer. To edit the package properties, click **Edit \[Package Name\]**. For more information about how to modify a package, see [How to Modify an Existing Virtual Application Package](appv-modify-an-existing-virtual-application-package.md).
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+## Have a suggestion for App-V?
+
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Operations for App-V](appv-operations.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-create-and-use-a-project-template.md

@@ -11,14 +11,12 @@ ms.prod: w10
 
 # How to Create and Use a Project Template
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 You can use an App-V project template to save commonly applied settings associated with an existing virtual application package. These settings can then be applied when you create new virtual application packages in your environment. Using a project template can streamline the process of creating virtual application packages.
 
-**Note**  
-You can, and often should apply an App-V project template during a package upgrade. For example, if you sequenced an application with a custom exclusion list, it is recommended that an associated template is created and saved for later use while upgrading the sequenced application.
-
- 
+> **Note**  You can, and often should apply an App-V project template during a package upgrade. For example, if you sequenced an application with a custom exclusion list, it is recommended that an associated template is created and saved for later use while upgrading the sequenced application.
 
 App-V project templates differ from App-V Application Accelerators because App-V Application Accelerators are application-specific, and App-V project templates can be applied to multiple applications.
 
@@ -28,25 +26,19 @@ Use the following procedures to create and apply a new template.
 
 1.  To start the App-V sequencer, on the computer that is running the sequencer, click **Start** / **All Programs** / **Microsoft Application Virtualization** / **Microsoft Application Virtualization Sequencer**.
 
-2.  **Note**  
-    If the virtual application package is currently open in the App-V Sequencer console, skip to step 3 of this procedure.
+    > **Note**  If the virtual application package is currently open in the App-V Sequencer console, skip to step 3 of this procedure.
 
-     
-
-    To open the existing virtual application package that contains the settings you want to save with the App-V project template, click **File** / **Open**, and then click **Edit Package**. On the **Select Package** page, click **Browse** and locate the virtual application package that you want to open. Click **Edit**.
+2.  To open the existing virtual application package that contains the settings you want to save with the App-V project template, click **File** / **Open**, and then click **Edit Package**. On the **Select Package** page, click **Browse** and locate the virtual application package that you want to open. Click **Edit**.
 
 3.  In the App-V Sequencer console, to save the template file, click **File** / **Save As Template**. After you have reviewed the settings that will be saved with the new template, click **OK**. Specify a name that will be associated with the new App-V project template. Click Save.
 
-    The new App-V project template is saved in the directory specified in step 3 of this procedure.
+    The new App-V project template is saved in the folder you specified.
 
 **To apply a project template**
 
-1.  **Important**  
-    Creating a virtual application package using a project template in conjunction with a Package Accelerator is not supported.
+> **Important**  Creating a virtual application package using a project template in conjunction with a Package Accelerator is not supported.
 
-     
-
-    To start the App-V sequencer, on the computer that is running the sequencer, click **Start** / **All Programs** / **Microsoft Application Virtualization** / **Microsoft Application Virtualization Sequencer**.
+1.  To start the App-V sequencer, on the computer that is running the sequencer, click **Start** / **All Programs** / **Microsoft Application Virtualization** / **Microsoft Application Virtualization Sequencer**.
 
 2.  To create or upgrade a new virtual application package by using an App-V project template, click **File** / **New From Template**.
 
@@ -54,18 +46,10 @@ Use the following procedures to create and apply a new template.
 
     Create the new virtual application package. The settings saved with the specified template will be applied to the new virtual application package that you are creating.
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+## Have a suggestion for App-V?
+
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Operations for App-V](appv-operations.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-creating-and-managing-virtualized-applications.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # Creating and Managing App-V Virtualized Applications
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 After you have properly deployed the Microsoft Application Virtualization (App-V) sequencer, you can use it to monitor and record the installation and setup process for an application to be run as a virtualized application.
 
@@ -204,9 +205,10 @@ The App-V Sequencer can detect common sequencing issues during sequencing. The *
 
 You can also find additional information about sequencing errors using the Windows Event Viewer.
 
+## Have a suggestion for App-V?
 
-## <a href="" id="other-resources-for-the-app-v-5-1-sequencer-"></a>Other resources for the App-V sequencer
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
+## Related topics
 
 -   [Operations for App-V](appv-operations.md)
-

windows/manage/appv-customize-virtual-application-extensions-with-the-management-console.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # How to Customize Virtual Applications Extensions for a Specific AD Group by Using the Management Console
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Use the following procedure to customize the virtual application extensions for an Active Directory (AD) group.
 
@@ -29,18 +30,10 @@ Use the following procedure to customize the virtual application extensions for
 
 5.  To edit additional application extensions, modify the configuration file and click **Import and Overwrite this Configuration**. Select the modified file and click **Open**. In the dialog, click **Overwrite** to complete the process.
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+## Have a suggestion for App-V?
+
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Operations for App-V](appv-operations.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-delete-a-connection-group.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # How to Delete a Connection Group
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Use the following procedure to delete an existing App-V connection group.
 
@@ -21,20 +22,12 @@ Use the following procedure to delete an existing App-V connection group.
 
 2.  Right-click the connection group to be removed, and select **delete**.
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+## Have a suggestion for App-V?
+
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Operations for App-V](appv-operations.md)
 
 [Managing Connection Groups](appv-managing-connection-groups.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-delete-a-package-with-the-management-console.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # How to Delete a Package in the Management Console
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Use the following procedure to delete an App-V package.
 
@@ -21,18 +22,10 @@ Use the following procedure to delete an App-V package.
 
 2.  Click or right-click the package. Select **Delete** to remove the package.
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+## Have a suggestion for App-V?
+
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Operations for App-V](appv-operations.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-deploy-appv-databases-with-sql-scripts.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # How to Deploy the App-V Databases by Using SQL Scripts
 
-Applies to: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, and Windows Server 2008 R2
+**Applies to**
+-   Windows Server 2016
 
 Use the following instructions to use SQL scripts, rather than the Windows Installer, to:
 
@@ -177,7 +178,7 @@ Steps to install "AppVReporting" schema in SQL SERVER.
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-deploy-appv-packages-with-electronic-software-distribution-solutions.md

@@ -10,7 +10,8 @@ ms.prod: w10
 
 # How to deploy App-V packages using electronic software distribution
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 You can use an electronic software distribution (ESD) system to deploy App-V virtual applications to App-V clients.
 
@@ -22,7 +23,7 @@ Use one of the following methods to publish packages to App-V client computers w
 | - | - |
 | Functionality provided by a third-party ESD | Use the functionality in a third-party ESD.| 
 | Stand-alone Windows Installer | Install the application on the target client computer by using the associated Windows Installer (.msi) file that is created when you initially sequence an application. The Windows Installer file contains the associated App-V package file information used to configure a package and copies the required package files to the client. |
-| Windows PowerShell | Use Windows PowerShell cmdlets to deploy virtualized applications. For more information about using PowerShell and App-V, see [Administering App-V by using Windows PowerShell](appv-administering-appv-with-powershell.md).| 
+| Windows PowerShell | Use Windows PowerShell cmdlets to deploy virtualized applications. For more information about using Windows PowerShell and App-V, see [Administering App-V by using Windows PowerShell](appv-administering-appv-with-powershell.md).| 
 
  
 
@@ -36,7 +37,7 @@ Use one of the following methods to publish packages to App-V client computers w
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-deploy-the-appv-server.md

@@ -10,7 +10,8 @@ ms.prod: w10
 
 # How to Deploy the App-V Server (new installation)
 
-Applies to: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, and Windows Server 2008 R2
+**Applies to**
+-   Windows Server 2016
 
 >**Important**<br>If you're already using App-V 5.x, you don't need to re-deploy the App-V server components as they haven't changed since App-V 5.0 was released.
 
@@ -110,7 +111,7 @@ Applies to: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, an
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-deploying-appv.md

@@ -10,7 +10,8 @@ ms.prod: w10
 
 # Deploying App-V for Windows 10
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 App-V supports a number of different deployment options. Review this topic for information about the tasks that you must complete at different stages in your deployment.
 
@@ -46,4 +47,4 @@ App-V supports a number of different deployment options. Review this topic for i
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).

windows/manage/appv-deploying-microsoft-office-2010-wth-appv.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # Deploying Microsoft Office 2010 by Using App-V
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 You can create Office 2010 packages for Microsoft Application Virtualization (App-V) using one of the following methods:
 
@@ -88,7 +89,7 @@ You can deploy Office 2010 packages by using any of the following App-V deployme
 
 -   App-V server
 
--   Stand-alone through PowerShell commands
+-   Stand-alone through Windows PowerShell commands
 
 ## Office App-V package management and customization
 
@@ -281,14 +282,14 @@ The following table provides a full list of supported integration points for Off
 
 **Connection Groups**
 
-[Deploying Connection Groups in Microsoft App-V v5](https://blogs.technet.microsoft.com/appv/2012/11/06/deploying-connection-groups-in-microsoft-app-v-v5/)
-
 [Managing Connection Groups](appv-managing-connection-groups.md)
 
+[Connection groups on the App-V team blog](https://blogs.technet.microsoft.com/gladiatormsft/tag/connection-groups/)
+
 **Dynamic Configuration**
 
 [About App-V Dynamic Configuration](appv-dynamic-configuration.md)
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).

windows/manage/appv-deploying-microsoft-office-2013-with-appv.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # Deploying Microsoft Office 2013 by Using App-V
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Use the information in this article to use Microsoft Application Virtualization (App-V), or later versions, to deliver Microsoft Office 2013 as a virtualized application to computers in your organization. For information about using App-V to deliver Office 2010, see [Deploying Microsoft Office 2010 by Using App-V](appv-deploying-microsoft-office-2010-wth-appv.md). To successfully deploy Office 2013 with App-V, you need to be familiar with Office 2013 and App-V.
 
@@ -239,68 +240,10 @@ The XML file that is included in the Office Deployment Tool specifies the produc
         </Configuration>
         ```
 
-        **Note**  
+        **Note**<br>
         The configuration XML is a sample XML file. The file includes lines that are commented out. You can “uncomment” these lines to customize additional settings with the file.
 
-         
-
-        The above XML configuration file specifies that Office 2013 ProPlus 32-bit edition, including Visio ProPlus, will be downloaded in English to the \\\\server\\Office 2013, which is the location where Office applications will be saved to. Note that the Product ID of the applications will not affect the final licensing of Office. Office 2013 App-V packages with various licensing can be created from the same applications through specifying licensing in a later stage. The table below summarizes the customizable attributes and elements of XML file:
-
-        <table>
-        <colgroup>
-        <col width="33%" />
-        <col width="33%" />
-        <col width="33%" />
-        </colgroup>
-        <thead>
-        <tr class="header">
-        <th align="left">Input</th>
-        <th align="left">Description</th>
-        <th align="left">Example</th>
-        </tr>
-        </thead>
-        <tbody>
-        <tr class="odd">
-        <td align="left"><p>Add element</p></td>
-        <td align="left"><p>Specifies the products and languages to include in the package.</p></td>
-        <td align="left"><p>N/A</p></td>
-        </tr>
-        <tr class="even">
-        <td align="left"><p>OfficeClientEdition (attribute of Add element)</p></td>
-        <td align="left"><p>Specifies the edition of Office 2013 product to use: 32-bit or 64-bit. The operation fails if <strong>OfficeClientEdition</strong> is not set to a valid value.</p></td>
-        <td align="left"><p><strong>OfficeClientEdition</strong>=&quot;32&quot;</p>
-        <p><strong>OfficeClientEdition</strong>=&quot;64&quot;</p></td>
-        </tr>
-        <tr class="odd">
-        <td align="left"><p>Product element</p></td>
-        <td align="left"><p>Specifies the application. Project 2013 and Visio 2013 must be specified here as an added product to be included in the applications.</p></td>
-        <td align="left"><p><code>Product ID =&quot;O365ProPlusRetail &quot;</code></p>
-        <p><code>Product ID =&quot;VisioProRetail&quot;</code></p>
-        <p><code>Product ID =&quot;ProjectProRetail&quot;</code></p>
-        <p><code>Product ID =&quot;ProPlusVolume&quot;</code></p>
-        <p><code>Product ID =&quot;VisioProVolume&quot;</code></p>
-        <p><code>Product ID = &quot;ProjectProVolume&quot;</code></p></td>
-        </tr>
-        <tr class="even">
-        <td align="left"><p>Language element</p></td>
-        <td align="left"><p>Specifies the language supported in the applications</p></td>
-        <td align="left"><p><code>Language ID=&quot;en-us&quot;</code></p></td>
-        </tr>
-        <tr class="odd">
-        <td align="left"><p>Version (attribute of Add element)</p></td>
-        <td align="left"><p>Optional. Specifies a build to use for the package</p>
-        <p>Defaults to latest advertised build (as defined in v32.CAB at the Office source).</p></td>
-        <td align="left"><p><code>15.1.2.3</code></p></td>
-        </tr>
-        <tr class="even">
-        <td align="left"><p>SourcePath (attribute of Add element)</p></td>
-        <td align="left"><p>Specifies the location in which the applications will be saved to.</p></td>
-        <td align="left"><p><code>Sourcepath = &quot;\\Server\Office2013”</code></p></td>
-        </tr>
-        </tbody>
-        </table>
-
-         
+        The above XML configuration file specifies that Office 2013 ProPlus 32-bit edition, including Visio ProPlus, will be downloaded in English to the \\\\server\\Office 2013, which is the location where Office applications will be saved to. Note that the Product ID of the applications will not affect the final licensing of Office. Office 2013 App-V packages with various licensing can be created from the same applications through specifying licensing in a later stage. For more information, see [Customizable attributes and elements of the XML file](#customizable-attributes-and-elements-of-the-XML-file), later in this topic.
 
         After editing the configuration.xml file to specify the desired product, languages, and also the location which the Office 2013 applications will be saved onto, you can save the configuration file, for example, as Customconfig.xml.
 
@@ -319,25 +262,72 @@ The XML file that is included in the Office Deployment Tool specifies the produc
     </colgroup>
     <tbody>
     <tr class="odd">
-    <td align="left"><p><strong>\\server\Office2013</strong></p></td>
+    <td align="left"><p><code>\\server\Office2013</code></p></td>
     <td align="left"><p>is the network share location that contains the Office Deployment Tool and the custom Configuration.xml file, Customconfig.xml.</p></td>
     </tr>
     <tr class="even">
-    <td align="left"><p><strong>Setup.exe</strong></p></td>
+    <td align="left"><p><code>setup.exe</code></p></td>
     <td align="left"><p>is the Office Deployment Tool.</p></td>
     </tr>
     <tr class="odd">
-    <td align="left"><p><strong>/download</strong></p></td>
+    <td align="left"><p><code>/download</code></p></td>
     <td align="left"><p>downloads the Office 2013 applications that you specify in the customConfig.xml file. These bits can be later converted in an Office 2013 App-V package with Volume Licensing.</p></td>
     </tr>
     <tr class="even">
-    <td align="left"><p><strong>\\server\Office2013\Customconfig.xml</strong></p></td>
+    <td align="left"><p><code>\\server\Office2013\Customconfig.xml</code></p></td>
     <td align="left"><p>passes the XML configuration file required to complete the download process, in this example, customconfig.xml. After using the download command, Office applications should be found in the location specified in the configuration xml file, in this example \\Server\Office2013.</p></td>
     </tr>
     </tbody>
     </table>
 
-     
+#### Customizable attributes and elements of the XML file
+
+<table>
+<colgroup>
+<col width="50%" />
+<col width="50%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th align="left">Input and description</th>
+<th align="left">Example</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td align="left"><p>Add element:<br>Specifies the products and languages to include in the package.</p></td>
+<td align="left"><p>N/A</p></td>
+</tr>
+<tr class="even">
+<td align="left"><p>OfficeClientEdition (attribute of Add element):<br>Specifies the edition of Office 2013 product to use: 32-bit or 64-bit. The operation fails if <strong>OfficeClientEdition</strong> is not set to a valid value.</p></td>
+<td align="left"><p><code>OfficeClientEdition=&quot;32&quot;</code></p>
+<p><code>OfficeClientEdition=&quot;64&quot;</code></p></td>
+</tr>
+<tr class="odd">
+<td align="left"><p>Product element:<br>Specifies the application. Project 2013 and Visio 2013 must be specified here as an added product to be included in the applications.</p></td>
+<td align="left"><p><code>Product ID =&quot;O365ProPlusRetail &quot;</code></p>
+<p><code>Product ID =&quot;VisioProRetail&quot;</code></p>
+<p><code>Product ID =&quot;ProjectProRetail&quot;</code></p>
+<p><code>Product ID =&quot;ProPlusVolume&quot;</code></p>
+<p><code>Product ID =&quot;VisioProVolume&quot;</code></p>
+<p><code>Product ID = &quot;ProjectProVolume&quot;</code></p></td>
+</tr>
+<tr class="even">
+<td align="left"><p>Language element:<br>Specifies the language supported in the applications.</p></td>
+<td align="left"><p><code>Language ID=&quot;en-us&quot;</code></p></td>
+</tr>
+<tr class="odd">
+<td align="left"><p>Version (attribute of Add element):<br>Optional. Specifies a build to use for the package. Defaults to latest advertised build (as defined in v32.CAB at the Office source).</p></td>
+<td align="left"><p><code>15.1.2.3</code></p></td>
+</tr>
+<tr class="even">
+<td align="left"><p>SourcePath (attribute of Add element):<br>Specifies the location in which the applications will be saved to.</p></td>
+<td align="left"><p><code>Sourcepath = &quot;\\Server\Office2013”</code></p></td>
+</tr>
+</tbody>
+</table>
+
+   
 
 ### Convert the Office applications into an App-V package
 
@@ -389,122 +379,58 @@ After you download the Office 2013 applications through the Office Deployment To
 </tbody>
 </table>
 
- 
-
-**How to convert the Office applications into an App-V package**
+#### How to convert the Office applications into an App-V package
 
 1.  In Notepad, reopen the CustomConfig.xml file, and make the following changes to the file:
 
-    <table>
-    <colgroup>
-    <col width="50%" />
-    <col width="50%" />
-    </colgroup>
-    <thead>
-    <tr class="header">
-    <th align="left">Parameter</th>
-    <th align="left">What to change the value to</th>
-    </tr>
-    </thead>
-    <tbody>
-    <tr class="odd">
-    <td align="left"><p>SourcePath</p></td>
-    <td align="left"><p>Point to the Office applications downloaded earlier.</p></td>
-    </tr>
-    <tr class="even">
-    <td align="left"><p>ProductID</p></td>
-    <td align="left"><p>Specify the type of licensing, as shown in the following examples:</p>
-    <ul>
-    <li><p>Subscription Licensing</p>
-    <pre class="syntax" space="preserve"><code>&lt;Configuration&gt;
-       &lt;Add SourcePath= &quot;\\server\Office 2013&quot; OfficeClientEdition=&quot;32&quot; &gt;
-        &lt;Product ID=&quot;O365ProPlusRetail&quot;&gt;
-          &lt;Language ID=&quot;en-us&quot; /&gt;
-        &lt;/Product&gt;
-        &lt;Product ID=&quot;VisioProRetail&quot;&gt;
-          &lt;Language ID=&quot;en-us&quot; /&gt;
-        &lt;/Product&gt;
-      &lt;/Add&gt;  
-    &lt;/Configuration&gt; </code></pre>
-    <p>In this example, the following changes were made to create a package with Subscription licensing:</p>
-    <table>
-    <colgroup>
-    <col width="50%" />
-    <col width="50%" />
-    </colgroup>
-    <tbody>
-    <tr class="odd">
-    <td align="left"><p><strong>SourcePath</strong></p></td>
-    <td align="left"><p>is the path, which was changed to point to the Office applications that were downloaded earlier.</p></td>
-    </tr>
-    <tr class="even">
-    <td align="left"><p><strong>Product ID</strong></p></td>
-    <td align="left"><p>for Office was changed to <code>O365ProPlusRetail</code>.</p></td>
-    </tr>
-    <tr class="odd">
-    <td align="left"><p><strong>Product ID</strong></p></td>
-    <td align="left"><p>for Visio was changed to <code>VisioProRetail</code>.</p></td>
-    </tr>
-    </tbody>
-    </table>
-    <p> </p>
-    <p></p></li>
-    <li><p>Volume Licensing</p>
-    <pre class="syntax" space="preserve"><code>&lt;Configuration&gt;
-       &lt;Add SourcePath= &quot;\\Server\Office2013&quot; OfficeClientEdition=&quot;32&quot; &gt;
-        &lt;Product ID=&quot;ProPlusVolume&quot;&gt;
-          &lt;Language ID=&quot;en-us&quot; /&gt;
-        &lt;/Product&gt;
-        &lt;Product ID=&quot;VisioProVolume&quot;&gt;
-          &lt;Language ID=&quot;en-us&quot; /&gt;
-        &lt;/Product&gt;
-      &lt;/Add&gt;  
-    &lt;/Configuration&gt;</code></pre>
-    <p>In this example, the following changes were made to create a package with Volume licensing:</p>
-    <table>
-    <colgroup>
-    <col width="50%" />
-    <col width="50%" />
-    </colgroup>
-    <tbody>
-    <tr class="odd">
-    <td align="left"><p><strong>SourcePath</strong></p></td>
-    <td align="left"><p>is the path, which was changed to point to the Office applications that were downloaded earlier.</p></td>
-    </tr>
-    <tr class="even">
-    <td align="left"><p><strong>Product ID</strong></p></td>
-    <td align="left"><p>for Office was changed to <code>ProPlusVolume</code>.</p></td>
-    </tr>
-    <tr class="odd">
-    <td align="left"><p><strong>Product ID</strong></p></td>
-    <td align="left"><p>for Visio was changed to <code>VisioProVolume</code>.</p></td>
-    </tr>
-    </tbody>
-    </table>
-    <p> </p>
-    <p></p></li>
-    </ul></td>
-    </tr>
-    <tr class="odd">
-    <td align="left"><p>ExcludeApp (optional)</p></td>
-    <td align="left"><p>Lets you specify Office programs that you don’t want included in the App-V package that the Office Deployment Tool creates. For example, you can exclude Access and InfoPath.</p></td>
-    </tr>
-    <tr class="even">
-    <td align="left"><p>PACKAGEGUID (optional)</p></td>
-    <td align="left"><p>By default, all App-V packages created by the Office Deployment Tool share the same App-V Package ID. You can use PACKAGEGUID to specify a different package ID for each package, which allows you to publish multiple App-V packages, created by the Office Deployment Tool, and manage them by using the App-V Server.</p>
-    <p>An example of when to use this parameter is if you create different packages for different users. For example, you can create a package with just Office 2013 for some users, and create another package with Office 2013 and Visio 2013 for another set of users.</p>
-    <div class="alert">
-    <strong>Note</strong>  
-    <p>Even if you use unique package IDs, you can still deploy only one App-V package to a single device.</p>
-    </div>
-    <div>
-     
-    </div></td>
-    </tr>
-    </tbody>
-    </table>
-
-     
+    - **SourcePath**: Point to the Office applications downloaded earlier.
+    
+    - **ProductID**: Specify the type of licensing, as shown in the following examples:
+        - Subscription Licensing:
+        ```
+<Configuration>
+   <Add SourcePath= "\\server\Office 2013" OfficeClientEdition="32" >
+    <Product ID="O365ProPlusRetail">
+      <Language ID="en-us" />
+    </Product>
+    <Product ID="VisioProRetail">
+      <Language ID="en-us" />
+    </Product>
+  </Add>  
+</Configuration> 
+        ```
+        In this example, the following changes were made to create a package with Subscription licensing:
+        
+        **SourcePath** is the path, which was changed to point to the Office applications that were downloaded earlier.<br>
+        **Product ID** for Office was changed to `O365ProPlusRetail`.<br>
+        **Product ID** for Visio was changed to `VisioProRetail`.
+        
+        - Volume Licensing
+        ```
+<Configuration>
+   <Add SourcePath= "\\Server\Office2013" OfficeClientEdition="32" >
+    <Product ID="ProPlusVolume">
+      <Language ID="en-us" />
+    </Product>
+    <Product ID="VisioProVolume">
+      <Language ID="en-us" />
+    </Product>
+  </Add>  
+</Configuration>
+        ```
+        In this example, the following changes were made to create a package with Volume licensing:
+        
+        **SourcePath** is the path, which was changed to point to the Office applications that were downloaded earlier.<br>
+        **Product ID** for Office was changed to `ProPlusVolume`.<br>
+        **Product ID** for Visio was changed to `VisioProVolume`.
+    
+    - **ExcludeApp** (optional): Lets you specify Office programs that you don’t want included in the App-V package that the Office Deployment Tool creates. For example, you can exclude Access and InfoPath.
+    
+    - **PACKAGEGUID** (optional): By default, all App-V packages created by the Office Deployment Tool share the same App-V Package ID. You can use PACKAGEGUID to specify a different package ID for each package, which allows you to publish multiple App-V packages, created by the Office Deployment Tool, and manage them by using the App-V Server.
+        
+        An example of when to use this parameter is if you create different packages for different users. For example, you can create a package with just Office 2013 for some users, and create another package with Office 2013 and Visio 2013 for another set of users.
+        
+        **Note**&nbsp;&nbsp;Even if you use unique package IDs, you can still deploy only one App-V package to a single device.
 
 2.  Use the /packager command to convert the Office applications to an Office 2013 App-V package.
 
@@ -523,40 +449,33 @@ After you download the Office 2013 applications through the Office Deployment To
     </colgroup>
     <tbody>
     <tr class="odd">
-    <td align="left"><p><strong>\\server\Office2013</strong></p></td>
+    <td align="left"><p><code>\\server\Office2013</code></p></td>
     <td align="left"><p>is the network share location that contains the Office Deployment Tool and the custom Configuration.xml file, Customconfig.xml.</p></td>
     </tr>
     <tr class="even">
-    <td align="left"><p><strong>Setup.exe</strong></p></td>
+    <td align="left"><p><code>setup.exe</code></p></td>
     <td align="left"><p>is the Office Deployment Tool.</p></td>
     </tr>
     <tr class="odd">
-    <td align="left"><p><strong>/packager</strong></p></td>
+    <td align="left"><p><code>/packager</code></p></td>
     <td align="left"><p>creates the Office 2013 App-V package with Volume Licensing as specified in the customConfig.xml file.</p></td>
     </tr>
     <tr class="even">
-    <td align="left"><p><strong>\\server\Office2013\Customconfig.xml</strong></p></td>
+    <td align="left"><p><code>\\server\Office2013\Customconfig.xml</code></p></td>
     <td align="left"><p>passes the configuration XML file (in this case customConfig) that has been prepared for the packaging stage.</p></td>
     </tr>
     <tr class="odd">
-    <td align="left"><p><strong>\\server\share\Office 2013AppV</strong></p></td>
+    <td align="left"><p><code>\\server\share\Office2013AppV</code></p></td>
     <td align="left"><p>specifies the location of the newly created Office App-V package.</p></td>
     </tr>
     </tbody>
     </table>
 
-     
-
     After you run the **/packager** command, the following folders appear up in the directory where you specified the package should be saved:
-
-    -   **App-V Packages** – contains an Office 2013 App-V package and two deployment configuration files.
-
-    -   **WorkingDir**
-
-    **Note**  
-    To troubleshoot any issues, see the log files in the %temp% directory (default).
-
-     
+    **App-V Packages** – contains an Office 2013 App-V package and two deployment configuration files.<br>
+    **WorkingDir**
+    
+    **Note**&nbsp;&nbsp;To troubleshoot any issues, see the log files in the %temp% directory (default).
 
 3.  Verify that the Office 2013 App-V package works correctly:
 
@@ -577,7 +496,7 @@ Deploy the App-V package for Office 2013 by using the same methods you use for a
 
 -   App-V Server
 
--   Stand-alone through PowerShell commands
+-   Stand-alone through Windows PowerShell commands
 
 ### Publishing prerequisites and requirements
 
@@ -594,9 +513,9 @@ Deploy the App-V package for Office 2013 by using the same methods you use for a
 </thead>
 <tbody>
 <tr class="odd">
-<td align="left"><p>Enable PowerShell scripting on the App-V clients</p></td>
+<td align="left"><p>Enable Windows PowerShell scripting on the App-V clients</p></td>
 <td align="left"><p>To publish Office 2013 packages, you must run a script.</p>
-<p>Package scripts are disabled by default on App-V clients. To enable scripting, run the following PowerShell command:</p>
+<p>Package scripts are disabled by default on App-V clients. To enable scripting, run the following Windows PowerShell command:</p>
 <pre class="syntax" space="preserve"><code>Set-AppvClientConfiguration –EnablePackageScripts 1</code></pre></td>
 </tr>
 <tr class="even">
@@ -640,20 +559,17 @@ Use the steps in this section to enable Office plug-ins with your Office package
 
 **To enable plug-ins for Office App-V packages**
 
-1.  Add a Connection Group through App-V Server, System Center Configuration Manager, or a PowerShell cmdlet.
+1.  Add a Connection Group through App-V Server, System Center Configuration Manager, or a Windows PowerShell cmdlet.
 
 2.  Sequence your plug-ins using the App-V Sequencer. Ensure that Office 2013 is installed on the computer being used to sequence the plug-in. It is recommended you use Office 365 ProPlus(non-virtual) on the sequencing computer when you sequence Office 2013 plug-ins.
 
 3.  Create an App-V package that includes the desired plug-ins.
 
-4.  Add a Connection Group through App-V server, System Center Configuration Manager, or a PowerShell cmdlet.
+4.  Add a Connection Group through App-V server, System Center Configuration Manager, or a Windows PowerShell cmdlet.
 
 5.  Add the Office 2013 App-V package and the plug-ins package you sequenced to the Connection Group you created.
 
-    **Important**  
-    The order of the packages in the Connection Group determines the order in which the package contents are merged. In your Connection group descriptor file, add the Office 2013 App-V package first, and then add the plug-in App-V package.
-
-     
+    **Important**&nbsp;&nbsp;The order of the packages in the Connection Group determines the order in which the package contents are merged. In your Connection group descriptor file, add the Office 2013 App-V package first, and then add the plug-in App-V package.
 
 6.  Ensure that both packages are published to the target computer and that the plug-in package is published globally to match the global settings of the published Office 2013 App-V package.
 
@@ -794,7 +710,11 @@ An Office 2013 App-V Package with your chosen licensing will be successfully dep
 
 ### <a href="" id="bkmk-deploy-visio-project"></a>Deploying Visio 2013 and Project 2013 with Office
 
-The following table describes the requirements and options for deploying Visio 2013 and Project 2013 with Office.
+This section describes the requirements and options for deploying Visio 2013 and Project 2013 with Office.
+
+- **To package and publish Visio 2013 and Project 2013 with Office**: Include Visio 2013 and Project 2013 in the same package with Office. If you aren’t deploying Office, you can create a package that contains Visio and/or Project.
+
+- **To deploy Visio 2013 and Project 2013 to specific users**: Use one of the following methods:
 
 <table>
 <colgroup>
@@ -803,28 +723,8 @@ The following table describes the requirements and options for deploying Visio 2
 </colgroup>
 <thead>
 <tr class="header">
-<th align="left">Task</th>
-<th align="left">Details</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td align="left"><p>How do I package and publish Visio 2013 and Project 2013 with Office?</p></td>
-<td align="left"><p>You must include Visio 2013 and Project 2013 in the same package with Office.</p>
-<p>If you aren’t deploying Office, you can create a package that contains Visio and/or Project.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>How can I deploy Visio 2013 and Project 2013 to specific users?</p></td>
-<td align="left"><p>Use one of the following methods:</p>
-<table>
-<colgroup>
-<col width="50%" />
-<col width="50%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th align="left">If you want to...</th>
-<th align="left">...then use this method</th>
+<th align="left">Goal</th>
+<th align="left">Method</th>
 </tr>
 </thead>
 <tbody>
@@ -842,17 +742,11 @@ The following table describes the requirements and options for deploying Visio 2
 <ol>
 <li><p>Create a package that contains Office, Visio, and Project.</p></li>
 <li><p>Deploy the package to all users.</p></li>
-<li><p>Use [AppLocker](https://technet.microsoft.com/en-us/itpro/windows/keep-secure/applocker-overview) to prevent specific users from using Visio and Project.</p></li>
+<li><p>Use [AppLocker](https://technet.microsoft.com/itpro/windows/keep-secure/applocker-overview) to prevent specific users from using Visio and Project.</p></li>
 </ol></td>
 </tr>
 </tbody>
 </table>
-<p> </p></td>
-</tr>
-</tbody>
-</table>
-
- 
 
 ## Additional resources
 
@@ -873,14 +767,14 @@ The following table describes the requirements and options for deploying Visio 2
 
 **Connection Groups**
 
-[Deploying Connection Groups in Microsoft App-V v5](https://blogs.technet.microsoft.com/appv/2012/11/06/deploying-connection-groups-in-microsoft-app-v-v5/)
-
 [Managing Connection Groups](appv-managing-connection-groups.md)
 
+[Connection groups on the App-V team blog](https://blogs.technet.microsoft.com/gladiatormsft/tag/connection-groups/)
+
 **Dynamic Configuration**
 
 [About App-V Dynamic Configuration](appv-dynamic-configuration.md)
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).

windows/manage/appv-deploying-packages-with-electronic-software-distribution-solutions.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # Deploying App-V Packages by Using Electronic Software Distribution (ESD)
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 You can deploy App-V packages using an Electronic Software Distribution (ESD) solution. For information about planning to deploy App-V packages with an ESD, see [Planning to Deploy App-V with an Electronic Software Distribution System](appv-planning-to-deploy-appv-with-electronic-software-distribution-solutions.md).
 
@@ -34,7 +35,7 @@ Explains how to configure the App-V client to enable only administrators to publ
 ## Have a suggestion for App-V?
 
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Other resources for using an ESD and App-V
 

windows/manage/appv-deploying-the-appv-sequencer-and-client.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # Deploying the App-V Sequencer and Configuring the Client
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 The App-V Sequencer and client enable administrators to virtualize and run virtualized applications.
 
@@ -92,4 +93,4 @@ You can use the App-V Sequencer log information to help troubleshoot the Sequenc
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).

windows/manage/appv-deploying-the-appv-server.md

@@ -10,9 +10,10 @@ ms.prod: w10
 
 # Deploying the App-V server
 
-Applies to: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, and Windows Server 2008 R2
+**Applies to**
+-   Windows Server 2016
 
->**Note** If you plan to use the App-V server components in your deployment, note that they reference App-V 5.x. This is because the App-V server components have not changed in App-V for Windows 10. 
+>**Note**<br>If you plan to use the App-V server components in your deployment, note that they reference App-V 5.x. This is because the App-V server components have not changed in App-V for Windows 10. 
 
 You can install the Application Virtualization (App-V) server components using different deployment configurations, which are described in this topic. Before you install the server features, review the server section of [App-V Security Considerations](appv-security-considerations.md). 
 
@@ -102,10 +103,10 @@ The reporting information will be maintained until it is successfully sent to th
 
 If you want to retrieve report information, you must use Microsoft SQL Server Reporting Services (SSRS) which is available with Microsoft SQL. SSRS is not installed when you install the App-V reporting server and it must be deployed separately to generate the associated reports.
 
-For more information, see [About App-V Reporting](appv-reporting.md) and [How to Enable Reporting on the App-V Client by Using PowerShell](appv-enable-reporting-on-the-appv-client-with-powershell.md).
+For more information, see [About App-V Reporting](appv-reporting.md) and [How to Enable Reporting on the App-V Client by Using Windows PowerShell](appv-enable-reporting-on-the-appv-client-with-powershell.md).
 
 ## Other resources for the App-V server
 - [Deploying App-V](appv-deploying-appv.md)
 
 ## Have a suggestion for App-V?
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).

windows/manage/appv-deployment-checklist.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # App-V Deployment Checklist
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 This checklist can be used to help you during an App-V deployment.
 
@@ -70,7 +71,7 @@ This checklist outlines the recommended steps and items to consider when deployi
 ## Have a suggestion for App-V?
 
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-dynamic-configuration.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # About App-V Dynamic Configuration
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 You can use the dynamic configuration to customize an App-V package for a user. Use the following information to create or edit an existing dynamic configuration file.
 
@@ -733,12 +734,12 @@ To create the file manually, the information above in previous sections can be c
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-[How to Apply the Deployment Configuration File by Using PowerShell](appv-apply-the-deployment-configuration-file-with-powershell.md)
+[How to Apply the Deployment Configuration File by Using Windows PowerShell](appv-apply-the-deployment-configuration-file-with-powershell.md)
 
-[How to Apply the User Configuration File by Using PowerShell](appv-apply-the-user-configuration-file-with-powershell.md)
+[How to Apply the User Configuration File by Using Windows PowerShell](appv-apply-the-user-configuration-file-with-powershell.md)
 
 [Operations for App-V](appv-operations.md)

windows/manage/appv-enable-administrators-to-publish-packages-with-electronic-software-distribution-solutions.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # How to Enable Only Administrators to Publish Packages by Using an ESD
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Starting in App-V 5.0 SP3, you can configure the App-V client so that only administrators (not end users) can publish or unpublish packages. In earlier versions of App-V, you could not prevent end users from performing these tasks.
 
@@ -23,15 +24,8 @@ Starting in App-V 5.0 SP3, you can configure the App-V client so that only admin
 
 2.  Enable the **Require publish as administrator** Group Policy setting.
 
-    To alternatively use PowerShell to set this item, see [How to Manage App-V Packages Running on a Stand-Alone Computer by Using PowerShell](appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md#bkmk-admins-pub-pkgs).
-
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
-
- 
-
- 
-
-
-
+    To instead use Windows PowerShell to set this item, see [How to Manage App-V Packages Running on a Stand-Alone Computer by Using Windows PowerShell](appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md#bkmk-admins-pub-pkgs).
 
+## Have a suggestion for App-V?
 
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).

windows/manage/appv-enable-reporting-on-the-appv-client-with-powershell.md

@@ -1,6 +1,6 @@
 ---
-title: How to Enable Reporting on the App-V Client by Using PowerShell (Windows 10)
-description: How to Enable Reporting on the App-V Client by Using PowerShell
+title: How to Enable Reporting on the App-V Client by Using Windows PowerShell (Windows 10)
+description: How to Enable Reporting on the App-V Client by Using Windows PowerShell
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
@@ -9,9 +9,10 @@ ms.prod: w10
 ---
 
 
-# How to Enable Reporting on the App-V Client by Using PowerShell
+# How to Enable Reporting on the App-V Client by Using Windows PowerShell
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Use the following procedure to configure the App-V for reporting.
 
@@ -19,7 +20,7 @@ Use the following procedure to configure the App-V for reporting.
 
 1.  Enable the App-V client. For more information, see [Enable the App-V desktop client](appv-enable-the-app-v-desktop-client.md).
 
-2.  After you have enabled the App-V client, use the **Set-AppvClientConfiguration** PowerShell to configure appropriate Reporting Configuration settings:
+2.  After you have enabled the App-V client, use the **Set-AppvClientConfiguration** cmdlet to configure appropriate Reporting Configuration settings:
 
     <table>
     <colgroup>
@@ -75,12 +76,12 @@ Use the following procedure to configure the App-V for reporting.
 
 3.  After the appropriate settings have been configured, the computer running the App-V client will automatically collect data and will send the data back to the reporting server.
 
-    Additionally, administrators can manually send the data back in an on-demand manner using the **Send-AppvClientReport** PowerShell cmdlet.
+    Additionally, administrators can manually send the data back in an on-demand manner using the **Send-AppvClientReport** cmdlet.
 
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-enable-the-app-v-desktop-client.md

@@ -10,7 +10,8 @@ ms.prod: w10
 
 # Enable the App-V in-box client
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 The App-V client is the component that runs virtualized applications on user devices. The client enables users to interact with icons and file names to start virtualized applications. The client can also get virtual application content from the management server.
 
@@ -49,4 +50,4 @@ For information about configuring the App-V client, see:
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).

windows/manage/appv-evaluating-appv.md

@@ -11,13 +11,14 @@ ms.prod: w10
 
 # Evaluating App-V
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Before you deploy App-V into a production environment, you should evaluate it in a lab environment. You can use the information in this topic to set up App-V in a lab environment for evaluation purposes only.
 
 ## Configure lab computers for App-V Evaluation
 
-Use the following link for information about setting up the App-V sequencer on a computer in your lab environment.
+Use the following links for information about setting up the App-V sequencer on a computer in your lab environment.
 
 ### Installing the App-V Sequencer and Creating Packages
 
@@ -37,7 +38,7 @@ Use the following links for information about setting up the App-V server in you
 
 ### Enabling the App-V Client
 
-Use the following link for more information about creating and managing virtualized packages in your lab environment.
+Use the following links for more information about creating and managing virtualized packages in your lab environment.
 
 -   [Enable the App-V desktop client](appv-enable-the-app-v-desktop-client.md)
 
@@ -45,7 +46,7 @@ Use the following link for more information about creating and managing virtuali
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-for-windows.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # Application Virtualization (App-V) for Windows 10 overview
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 The topics in this section provide information and step-by-step procedures to help you administer App-V and its components. This information will be valuable for system administrators who manage large installations with many servers and clients and for support personnel who interact directly with the computers or the end users.
 
@@ -20,7 +21,6 @@ The topics in this section provide information and step-by-step procedures to he
 - [What's new in App-V](appv-about-appv.md)
 - [Evaluating App-V](appv-evaluating-appv.md)
 - [High Level Architecture for App-V](appv-high-level-architecture.md)
-- [Accessibility for App-V](appv-accessibility.md)
 
 [Planning for App-V](appv-planning-for-appv.md)  
 
@@ -58,6 +58,6 @@ The topics in this section provide information and step-by-step procedures to he
 - [Viewing App-V Server Publishing Metadata](appv-viewing-appv-server-publishing-metadata.md)
 - [Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications](appv-running-locally-installed-applications-inside-a-virtual-environment.md)
 
-### Have a suggestion for App-V?
+## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).

windows/manage/appv-getting-started.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # Getting Started with App-V for Windows 10
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Microsoft Application Virtualization (App-V) for Windows 10 enables organizations to deliver Win32 applications to users as virtual applications. Virtual applications are installed on centrally managed servers and delivered to users as a service – in real time and on as as-needed basis. Users launch virtual applications from familiar access points and interact with them as if they were installed locally.
 
@@ -34,7 +35,7 @@ To start using App-V to deliver virtual applications to users, you’ll need to
 |------------|--|------|
 | App-V server components         | App-V offers five server components that work together to allow you to host and publish virtual applications, generate usage reports, and manage your App-V environment. For information about the server components, see [Deploying the App-V Server](appv-deploying-the-appv-server.md).<br><br>**Note** If you're already using App-V 5.x, you don't need to re-deploy the App-V server components as they haven't changed since App-V 5.0 was released. | The App-V server components are included in the Microsoft Desktop Optimization Pack (MDOP) 2015 ISO package, which can be downloaded from:<br><br> - The [MSDN (Microsoft Developer Network) subscriptions site](https://msdn.microsoft.com/en-us/subscriptions/downloads/default.aspx#FileId=65215). You must have a MSDN subscription to download the MDOP ISO package from the MSDN subscriptions site.<br><br> -  The [Volume Licensing Service Center](https://www.microsoft.com/en-us/licensing/default.aspx) if you're using [Windows 10 for Enterprise or Education](https://www.microsoft.com/en-us/WindowsForBusiness/windows-product-home).<br><br>See [Deploying the App-V Server](appv-deploying-the-appv-server.md) for more information about installing and using the server components. 
 | App-V client and App-V Remote Desktop Services (RDS) client       | The App-V client is the component that runs virtualized applications on user devices. The client enables users to interact with icons and file names to start virtualized applications. | The App-V client is automatically installed with Windows 10, version 1607. <br><br>For information about enabling the client, see [Enable the App-V desktop client](appv-enable-the-app-v-desktop-client.md).           |
-| App-V sequencer      | Use the App-V sequencer to convert Win32 applications into virtual packages for deployment to user devices. Devices must be running the App-V client to allow users to interact with virtual applications.    | Installed with the [Windows Assessment and Deployment kit (ADK) for Windows 10, version 1607](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit).  |
+| App-V sequencer      | Use the App-V sequencer to convert Win32 applications into virtual packages for deployment to user devices. Devices must be running the App-V client to allow users to interact with virtual applications.    | Installed with the [Windows Assessment and Deployment kit (ADK) for Windows 10, version 1607](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit).  |
 
 For more information about these components, see [High Level Architecture for App-V](appv-high-level-architecture.md).
 
@@ -55,10 +56,6 @@ If you are new to this product, we recommend that you read the documentation tho
 
     Provides a description of the App-V features and how they work together.
 
--   [Accessibility for App-V](appv-accessibility.md)
-
-    Provides information about features and services that make this product and its corresponding documentation more accessible for people with disabilities.
-
 ## <a href="" id="other-resources-for-this-product-"></a>Other resources for this product
 
 
@@ -76,5 +73,5 @@ If you are new to this product, we recommend that you read the documentation tho
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 

windows/manage/appv-high-level-architecture.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # High Level Architecture for App-V
 
-Applies to: Windows 10, version 1607
+**Applies to**
+-   Windows 10, version 1607
 
 Use the following information to help you simplify you Microsoft Application Virtualization (App-V) deployment.
 
@@ -22,8 +23,8 @@ A typical App-V implementation consists of the following elements.
 
 <table>
 <colgroup>
-<col width="50%" />
-<col width="50%" />
+<col width="30%" />
+<col width="70%" />
 </colgroup>
 <thead>
 <tr class="header">
@@ -66,7 +67,7 @@ If you are using App-V with Electronic Software Distribution (ESD) you are not r
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md

@@ -1,6 +1,6 @@
 ---
-title: How to Install the App-V Databases and Convert the Associated Security Identifiers by Using PowerShell (Windows 10)
-description: How to Install the App-V Databases and Convert the Associated Security Identifiers by Using PowerShell
+title: How to Install the App-V Databases and Convert the Associated Security Identifiers by Using Windows PowerShell (Windows 10)
+description: How to Install the App-V Databases and Convert the Associated Security Identifiers by Using Windows PowerShell
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
@@ -9,11 +9,12 @@ ms.prod: w10
 ---
 
 
-# How to Install the App-V Databases and Convert the Associated Security Identifiers by Using PowerShell
+# How to Install the App-V Databases and Convert the Associated Security Identifiers by Using Windows PowerShell
 
-Applies to: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, and Windows Server 2008 R2
+**Applies to**
+-   Windows Server 2016
 
-Use the following PowerShell procedure to convert any number of Active Directory Domain Services (AD DS) user or machine accounts into formatted Security Identifiers (SIDs) both in the standard format and in the hexadecimal format used by Microsoft SQL Server when running SQL scripts.
+Use the following Windows PowerShell procedure to convert any number of Active Directory Domain Services (AD DS) user or machine accounts into formatted Security Identifiers (SIDs) both in the standard format and in the hexadecimal format used by Microsoft SQL Server when running SQL scripts.
 
 Before attempting this procedure, you should read and understand the information and examples displayed in the following list:
 
@@ -33,336 +34,97 @@ Before attempting this procedure, you should read and understand the information
 
 **To convert any number of Active Directory Domain Services (AD DS) user or machine accounts into formatted Security Identifiers (SIDs)**
 
-1.  Copy the following script into a text editor and save it as a PowerShell script file, for example **ConvertToSIDs.ps1**.
+1.  Copy the following script into a text editor and save it as a Windows PowerShell script file, for example **ConvertToSIDs.ps1**.
 
-2.  To open a PowerShell console click **Start** and type **PowerShell**. Right-click **Windows PowerShell** and select **Run as Administrator**.
+2.  To open a Windows PowerShell console, click **Start** and type **PowerShell**. Right-click **Windows PowerShell** and select **Run as Administrator**.
 
     ``` syntax
     <#
-    ```
-
-    ``` syntax
     .SYNOPSIS
-    ```
-
-    ``` syntax
-    This PowerShell script will take an array of account names and try to convert each of them to the corresponding SID in standard and hexadecimal formats.
-    ```
-
-    ``` syntax
+    This Windows PowerShell script will take an array of account names and try to convert each of them to the corresponding SID in standard and hexadecimal formats.
     .DESCRIPTION
-    ```
-
-    ``` syntax
-    This is a PowerShell script that converts any number of Active Directory (AD) user or machine accounts into formatted Security Identifiers (SIDs) both in the standard format and in the hexadecimal format used by SQL server when running SQL scripts.
-    ```
-
-    ``` syntax
+    This is a Windows PowerShell script that converts any number of Active Directory (AD) user or machine accounts into formatted Security Identifiers (SIDs) both in the standard format and in the hexadecimal format used by SQL server when running SQL scripts.
     .INPUTS
-    ```
-
-    ``` syntax
     The account(s) to convert to SID format. This can be a single account name or an array of account names. Please see examples below.
-    ```
-
-    ``` syntax
     .OUTPUTS
-    ```
-
-    ``` syntax
     A list of account names with the corresponding SID in standard and hexadecimal formats
-    ```
-
-    ``` syntax
     .EXAMPLE
-    ```
-
-    ``` syntax
     .\ConvertToSID.ps1 DOMAIN\user_account1 DOMAIN\machine_account1$ DOMAIN\user_account2 | Format-List
-    ```
-
-    ``` syntax
     .EXAMPLE
-    ```
-
-    ``` syntax
     $accountsArray = @("DOMAIN\user_account1", "DOMAIN\machine_account1$", "DOMAIN_user_account2")
-    ```
-
-    ``` syntax
     .\ConvertToSID.ps1 $accountsArray | Write-Output -FilePath .\SIDs.txt -Width 200
-    ```
-
-    ``` syntax
-#>
-    ```
-
-    ``` syntax
-    ```
+    #>
 
     []()  
 
     []()  
-
-    ``` syntax
     function ConvertSIDToHexFormat
-    ```
-
     {
-
-       param(\[System.Security.Principal.SecurityIdentifier\]$sidToConvert)
-
-    ``` syntax
-    ```
-
-    ``` syntax
+       param([System.Security.Principal.SecurityIdentifier]$sidToConvert)
        $sb = New-Object System.Text.StringBuilder
-    ```
-
-    ``` syntax
         [int] $binLength = $sidToConvert.BinaryLength
-    ```
-
-    ``` syntax
         [Byte[]] $byteArray = New-Object Byte[] $binLength
-    ```
-
-    ``` syntax
        $sidToConvert.GetBinaryForm($byteArray, 0)
-    ```
-
-    ``` syntax
        foreach($byte in $byteArray)
-    ```
-
-    ``` syntax
        {
-    ```
-
-    ``` syntax
        $sb.Append($byte.ToString("X2")) |Out-Null
-    ```
-
-    ``` syntax
        }
-    ```
-
-    ``` syntax
        return $sb.ToString()
-    ```
-
-    ``` syntax
     }
-    ```
-
-    ``` syntax
      [string[]]$myArgs = $args
-    ```
-
-    ``` syntax
     if(($myArgs.Length -lt 1) -or ($myArgs[0].CompareTo("/?") -eq 0))
-    ```
-
     {
-
-    ``` syntax
      [string]::Format("{0}====== Description ======{0}{0}" +
-    ```
-
-    ``` syntax
     "  Converts any number of user or machine account names to string and hexadecimal SIDs.{0}" +
-    ```
-
-    ``` syntax
                    "  Pass the account(s) as space separated command line parameters. (For example 'ConvertToSID.exe DOMAIN\\Account1 DOMAIN\\Account2 ...'){0}" +
-    ```
-
-    ``` syntax
                    "  The output is written to the console in the format 'Account name    SID as string   SID as hexadecimal'{0}" +
-    ```
-
-    ``` syntax
-                   "  And can be written out to a file using standard PowerShell redirection{0}" +
-    ```
-
-    ``` syntax
+                   "  And can be written out to a file using standard Windows PowerShell redirection{0}" +
                    "  Please specify user accounts in the format 'DOMAIN\username'{0}" + 
-    ```
-
-    ``` syntax
                    "  Please specify machine accounts in the format 'DOMAIN\machinename$'{0}" +
-    ```
-
-    ``` syntax
                    "  For more help content, please run 'Get-Help ConvertToSID.ps1'{0}" + 
-    ```
-
-    ``` syntax
                    "{0}====== Arguments ======{0}" +
-    ```
-
-    ``` syntax
                    "{0}  /?    Show this help message", [Environment]::NewLine) 
-    ```
-
-    ``` syntax
     {
-    ```
-
-    ``` syntax
     else
-    ```
-
-    ``` syntax
     {  
         #If an array was passed in, try to split it
-    ```
-
-    ``` syntax
         if($myArgs.Length -eq 1)
-    ```
-
-    ``` syntax
         {
-    ```
-
-    ``` syntax
             $myArgs = $myArgs.Split(' ')
-    ```
-
-    ``` syntax
         }
-    ```
-
-    ``` syntax
 
         #Parse the arguments for account names
-    ```
-
-    ``` syntax
         foreach($accountName in $myArgs)
-    ```
-
-    ``` syntax
         {    
-    ```
-
-    ``` syntax
             [string[]] $splitString = $accountName.Split('\')  # We're looking for the format "DOMAIN\Account" so anything that does not match, we reject
-    ```
-
-    ``` syntax
             if($splitString.Length -ne 2)
-    ```
-
-    ``` syntax
             {
-    ```
-
-    ``` syntax
                 $message = [string]::Format("{0} is not a valid account name. Expected format 'Domain\username' for user accounts or 'DOMAIN\machinename$' for machine accounts.", $accountName)
-    ```
-
-    ``` syntax
                 Write-Error -Message $message
-    ```
-
-    ``` syntax
                 continue
-    ```
-
-    ``` syntax
             }
-    ```
-
-    ``` syntax
-            
-    ```
-
-    ``` syntax
             #Convert any account names to SIDs
-    ```
-
-    ``` syntax
             try
-    ```
-
-    ``` syntax
             {
-    ```
-
-    ``` syntax
                 [System.Security.Principal.NTAccount] $account = New-Object System.Security.Principal.NTAccount($splitString[0], $splitString[1])
-    ```
-
-    ``` syntax
                 [System.Security.Principal.SecurityIdentifier] $SID = [System.Security.Principal.SecurityIdentifier]($account.Translate([System.Security.Principal.SecurityIdentifier]))
-    ```
-
-    ``` syntax
             }
-    ```
-
-    ``` syntax
             catch [System.Security.Principal.IdentityNotMappedException]
-    ```
-
-    ``` syntax
             {
-    ```
-
-    ``` syntax
                 $message = [string]::Format("Failed to translate account object '{0}' to a SID. Please verify that this is a valid user or machine account.", $account.ToString())
-    ```
-
-    ``` syntax
                 Write-Error -Message $message
-    ```
-
-    ``` syntax
                 continue
-    ```
-
-    ``` syntax
             }
-    ```
-
-    ``` syntax
 
             #Convert regular SID to binary format used by SQL
-    ```
-
-    ``` syntax
             $hexSIDString = ConvertSIDToHexFormat $SID
-    ```
-
-    ``` syntax
-            
             $SIDs = New-Object PSObject
-    ```
-
-    ``` syntax
             $SIDs | Add-Member NoteProperty Account $accountName
-    ```
-
-    ``` syntax
             $SIDs | Add-Member NoteProperty SID $SID.ToString()
-    ```
-
-    ``` syntax
             $SIDs | Add-Member NoteProperty Hexadecimal $hexSIDString
-    ```
-
-    ``` syntax
 
             Write-Output $SIDs
-    ```
-
-    ``` syntax
         }
-    ```
-
-    ``` syntax
     }
     ```
 
@@ -374,18 +136,10 @@ Before attempting this procedure, you should read and understand the information
 
     **.\\ConvertToSID.ps1 $accountsArray | Write-Output -FilePath .\\SIDs.txt -Width 200”**
 
-    **Have a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+## Have a suggestion for App-V?
+
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Administering App-V by Using Windows PowerShell](appv-administering-appv-with-powershell.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-install-the-management-and-reporting-databases-on-separate-computers.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # How to Install the Management and Reporting Databases on Separate Computers from the Management and Reporting Services
 
-Applies to: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, and Windows Server 2008 R2
+**Applies to**
+-   Windows Server 2016
 
 Use the following procedure to install the database server and management server on different computers. The computer you plan to install the database server on must be running a supported version of Microsoft SQL or the installation will fail.
 
@@ -85,24 +86,14 @@ After you complete the deployment, the **Microsoft SQL Server name**, **instance
 4.  For each database, copy the scripts to a share and modify them following the instructions in the readme file.
 
     **Note**  
-    For more information about modifying the required SIDs contained in the scripts see, [How to Install the App-V Databases and Convert the Associated Security Identifiers by Using PowerShell](appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md).     
+    For more information about modifying the required SIDs contained in the scripts see, [How to Install the App-V Databases and Convert the Associated Security Identifiers by Using Windows PowerShell](appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md).     
 
 5.  Run the scripts on the computer running Microsoft SQL Server.
 
 ## Have a suggestion for App-V? 
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
-
 [Deploying App-V](appv-deploying-appv.md)
-
- 
-
- 
-
-
-
-
-

windows/manage/appv-install-the-management-server-on-a-standalone-computer.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # How to install the Management Server on a Standalone Computer and Connect it to the Database
 
-Applies to: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, and Windows Server 2008 R2
+**Applies to**
+-   Windows Server 2016
 
 Use the following procedure to install the management server on a standalone computer and connect it to the database.
 
@@ -42,7 +43,7 @@ Use the following procedure to install the management server on a standalone com
 
 ## Have a suggestion for App-V?  
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-install-the-publishing-server-on-a-remote-computer.md

@@ -11,7 +11,8 @@ ms.prod: w10
 
 # How to Install the Publishing Server on a Remote Computer
 
-Applies to: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, and Windows Server 2008 R2
+**Applies to**
+-   Windows Server 2016
 
 Use the following procedure to install the publishing server on a separate computer. Before you perform the following procedure, ensure the database and management server are available.
 
@@ -67,7 +68,7 @@ Use the following procedure to install the publishing server on a separate compu
 
 ## Have a suggestion for App-V? 
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 

windows/manage/appv-install-the-reporting-server-on-a-standalone-computer.md

@@ -11,14 +11,12 @@ ms.prod: w10
 
 # How to install the Reporting Server on a Standalone Computer and Connect it to the Database
 
-Applies to: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, and Windows Server 2008 R2
+**Applies to**
+-   Windows Server 2016
 
 Use the following procedure to install the reporting server on a standalone computer and connect it to the database.
 
-**Important**  
-Before performing the following procedure you should read and understand [About App-V Reporting](appv-reporting.md).
-
- 
+> **Important**  Before performing the following procedure you should read and understand [About App-V Reporting](appv-reporting.md).
 
 **To install the reporting server on a standalone computer and connect it to the database**
 
@@ -47,7 +45,7 @@ Before performing the following procedure you should read and understand [About
 
 ## Have a suggestion for App-V? 
 
-Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
 
 ## Related topics
 
@@ -56,13 +54,4 @@ Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-micros
 
 [Deploying App-V](appv-deploying-appv.md)
 
-[How to Enable Reporting on the App-V Client by Using PowerShell](appv-enable-reporting-on-the-appv-client-with-powershell.md)
-
- 
-
- 
-
-
-
-
-
+[How to Enable Reporting on the App-V Client by Using Windows PowerShell](appv-enable-reporting-on-the-appv-client-with-powershell.md)