update

education/windows/autopilot-reset.md

@@ -22,7 +22,7 @@ To enable Autopilot Reset, you must:
 
 ## Enable Autopilot Reset
 
-To use Autopilot Reset, [Windows Recovery Environment (WinRE) must be enabled on the device](#winre).
+To use Autopilot Reset, Windows Recovery Environment (WinRE) must be enabled on the device.
 
 **DisableAutomaticReDeploymentCredentials** is a policy that enables or disables the visibility of the credentials for Autopilot Reset. It's a policy node in the [Policy CSP](/windows/client-management/mdm/policy-csp-credentialproviders), **CredentialProviders/DisableAutomaticReDeploymentCredentials**. By default, this policy is set to 1 (Disable). This setting ensures that Autopilot Reset isn't triggered by accident.
 
@@ -58,9 +58,10 @@ You can set the policy using one of these methods:
     ![Configure student PC settings in Set up School PCs.](images/suspcs/suspc_configure_pc2.jpg)
 
 ## Trigger Autopilot Reset
-Autopilot Reset is a two-step process: trigger it and then authenticate. Once you've done these two steps, you can let the process execute and once it's done, the device is again ready for use. 
 
-**To trigger Autopilot Reset**
+Autopilot Reset is a two-step process: trigger it and then authenticate. Once you've done these two steps, you can let the process execute and once it's done, the device is again ready for use.
+]
+To trigger Autopilot Reset:
 
 1. From the Windows device lock screen, enter the keystroke: <kbd>CTRL</kbd> + <kbd>WIN</kbd> + <kbd>R</kbd>.
 
@@ -69,11 +70,11 @@ Autopilot Reset is a two-step process: trigger it and then authenticate. Once yo
    This keystroke opens up a custom sign-in screen for Autopilot Reset. The screen serves two purposes:
 
    1. Confirm/verify that the end user has the right to trigger Autopilot Reset
-   2. Notify the user in case a provisioning package, created using Windows Configuration Designer or Set up School PCs, will be used as part of the process.
+   1. Notify the user in case a provisioning package, created using Windows Configuration Designer or Set up School PCs, will be used as part of the process.
 
       ![Custom login screen for Autopilot Reset.](images/autopilot-reset-customlogin.png)
 
-2. Sign in with the admin account credentials. If you created a provisioning package, plug in the USB drive and trigger Autopilot Reset.
+1. Sign in with the admin account credentials. If you created a provisioning package, plug in the USB drive and trigger Autopilot Reset.
 
    > [!IMPORTANT]
    > To reestablish Wi-Fi connectivity after reset, make sure the **Connect automatically** box is checked for the device's wireless network connection. 

windows/security/identity-protection/smart-cards/smart-card-debugging-information.md

@@ -28,7 +28,7 @@ For a complete description of Certutil including examples that show how to use i
 
 ### List certificates available on the smart card
 
-To list certificates that are available on the smart card, type `certutil -scinfo`.
+To list certificates that are available on the smart card, type `certutil.exe -scinfo`.
 
 > [!NOTE]
 > Entering a PIN is not required for this operation. You can press ESC if you are prompted for a PIN.
@@ -37,9 +37,9 @@ To list certificates that are available on the smart card, type `certutil -scinf
 
 Each certificate is enclosed in a container. When you delete a certificate on the smart card, you're deleting the container for the certificate.
 
-To find the container value, type `certutil -scinfo`.
+To find the container value, type `certutil.exe -scinfo`.
 
-To delete a container, type `certutil -delkey -csp "Microsoft Base Smart Card Crypto Provider" "<ContainerValue>"`.
+To delete a container, type `certutil.exe -delkey -csp "Microsoft Base Smart Card Crypto Provider" "<ContainerValue>"`.
 
 ## Debugging and tracing using WPP
 
@@ -50,14 +50,14 @@ WPP simplifies tracing the operation of the trace provider. It provides a mechan
 Using WPP, use one of the following commands to enable tracing:
 
 ```cmd
-tracelog.exe -kd -rt -start <FriendlyName> -guid \<GUID> -f .\\<LogFileName*>.etl -flags <flags> -ft 1
-logman start <FriendlyName> -ets -p {<GUID>} -<Flags> -ft 1 -rt -o .\\<LogFileName><em>.etl -mode 0x00080000</em>
+tracelog.exe -kd -rt -start <FriendlyName> -guid \<GUID> -f .\<LogFileName*>.etl -flags <flags> -ft 1
+logman start <FriendlyName> -ets -p {<GUID>} -<Flags> -ft 1 -rt -o .\<LogFileName><em>.etl -mode 0x00080000</em>
 ```
 
 You can use the parameters in the following table.
 
 | Friendly name | GUID | Flags |
-|-------------------|--------------------------------------|-----------|
+|--|--|--|
 | `scardsvr` | 13038e47-ffec-425d-bc69-5707708075fe | 0xffff |
 | `winscard` | 3fce7c5f-fb3b-4bce-a9d8-55cc0ce1cf01 | 0xffff |
 | `basecsp` | 133a980d-035d-4e2d-b250-94577ad8fced | 0x7 |
@@ -73,14 +73,14 @@ You can use the parameters in the following table.
 To enable tracing for the SCardSvr service:
 
 ```cmd
-tracelog.exe -kd -rt -start scardsvr -guid \#13038e47-ffec-425d-bc69-5707708075fe -f .\\scardsvr.etl -flags 0xffff -ft 1
-logman start scardsvr -ets -p {13038e47-ffec-425d-bc69-5707708075fe} 0xffff -ft 1 -rt -o .\\scardsvr.etl -mode 0x00080000
+tracelog.exe -kd -rt -start scardsvr -guid \#13038e47-ffec-425d-bc69-5707708075fe -f .\scardsvr.etl -flags 0xffff -ft 1
+logman start scardsvr -ets -p {13038e47-ffec-425d-bc69-5707708075fe} 0xffff -ft 1 -rt -o .\scardsvr.etl -mode 0x00080000
 ```
 
 To enable tracing for `scfilter.sys`:
 
 ```cmd
-tracelog.exe -kd -rt -start scfilter -guid \#eed7f3c9-62ba-400e-a001-658869df9a91 -f .\\scfilter.etl -flags 0xffff -ft 1
+tracelog.exe -kd -rt -start scfilter -guid \#eed7f3c9-62ba-400e-a001-658869df9a91 -f .\scfilter.etl -flags 0xffff -ft 1
 ```
 
 ### Stop the trace
@@ -115,7 +115,7 @@ To begin tracing, you can use `Tracelog`. Different components use different con
 To enable tracing for NTLM authentication, run the following command on the command line:
 
 ```cmd
-tracelog.exe -kd -rt -start ntlm -guid \#5BBB6C18-AA45-49b1-A15F-085F7ED0AA90 -f .\\ntlm.etl -flags 0x15003 -ft 1
+tracelog.exe -kd -rt -start ntlm -guid \#5BBB6C18-AA45-49b1-A15F-085F7ED0AA90 -f .\ntlm.etl -flags 0x15003 -ft 1
 ```
 
 To stop tracing for NTLM authentication, run this command:
@@ -129,7 +129,7 @@ tracelog -stop ntlm
 To enable tracing for Kerberos authentication, run this command:
 
 ```cmd
-tracelog.exe -kd -rt -start kerb -guid \#6B510852-3583-4e2d-AFFE-A67F9F223438 -f .\\kerb.etl -flags 0x43 -ft 1
+tracelog.exe -kd -rt -start kerb -guid \#6B510852-3583-4e2d-AFFE-A67F9F223438 -f .\kerb.etl -flags 0x43 -ft 1
 ```
 
 To stop tracing for Kerberos authentication, run this command:
@@ -143,7 +143,7 @@ tracelog.exe -stop kerb
 To enable tracing for the KDC, run the following command on the command line:
 
 ```cmd
-tracelog.exe -kd -rt -start kdc -guid \#1BBA8B19-7F31-43c0-9643-6E911F79A06B -f .\\kdc.etl -flags 0x803 -ft 1
+tracelog.exe -kd -rt -start kdc -guid \#1BBA8B19-7F31-43c0-9643-6E911F79A06B -f .\kdc.etl -flags 0x803 -ft 1
 ```
 
 To stop tracing for the KDC, run the following command on the command line:
@@ -152,30 +152,34 @@ To stop tracing for the KDC, run the following command on the command line:
 tracelog.exe -stop kdc
 ```
 
-To stop tracing from a remote computer, run this command: logman.exe -s *<ComputerName>*.
+To stop tracing from a remote computer, run this command:
+
+```cmd
+logman.exe -s <ComputerName>
+```
 
 > [!NOTE]
-> The default location for logman.exe is %systemroot%system32\\. Use the **-s** option to supply a computer name.
+> The default location for logman.exe is %systemroot%system32\. Use the **-s** option to supply a computer name.
 
 ### Configure tracing with the registry
 
 You can also configure tracing by editing the Kerberos registry values shown in the following table.
 
 | Element | Registry Key Setting |
-|-------------|----------------------------------------------------|
-| NTLM        | HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1\_0<br>Value name: NtLmInfoLevel<br>Value type: DWORD<br>Value data: c0015003          |
-| Kerberos    | HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Lsa\\Kerberos<br>Value name: LogToFile<br>Value type: DWORD<br>Value data: 00000001<br><br>HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Lsa\\Kerberos\\Parameters<br>Value name: KerbDebugLevel<br>Value type: DWORD<br>Value data: c0000043<br><br>HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Lsa\\Kerberos\\Parameters<br>Value name: LogToFile<br>Value type: DWORD<br>Value data: 00000001 |
-| KDC         | HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Kdc<br>Value name: KdcDebugLevel<br>Value type: DWORD<br>Value data: c0000803                  |
+|--|--|
+| NTLM | HKEY_LOCAL_MACHINESYSTEM\CurrentControlSet\Control\Lsa\MSV1_0<br>Value name: NtLmInfoLevel<br>Value type: DWORD<br>Value data: c0015003 |
+| Kerberos | HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos<br>Value name: LogToFile<br>Value type: DWORD<br>Value data: 00000001<br><br>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters<br>Value name: KerbDebugLevel<br>Value type: DWORD<br>Value data: c0000043<br><br>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters<br>Value name: LogToFile<br>Value type: DWORD<br>Value data: 00000001 |
+| KDC | HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Kdc<br>Value name: KdcDebugLevel<br>Value type: DWORD<br>Value data: c0000803 |
 
 If you used `Tracelog`, look for the following log file in your current directory: `kerb.etl/kdc.etl/ntlm.etl`.
 
 If you used the registry key settings shown in the previous table, look for the trace log files in the following locations:
 
-- NTLM: %systemroot%\\tracing\\msv1\_0
-- Kerberos: %systemroot%\\tracing\\kerberos
-- KDC: %systemroot%\\tracing\\kdcsvc
+- NTLM: `%systemroot%\tracing\msv1_0`
+- Kerberos: `%systemroot%\tracing\kerberos`
+- KDC: `%systemroot%\tracing\kdcsvc`
 
-To decode event trace files, you can use `Tracefmt` (tracefmt.exe). `Tracefmt` is a command-line tool that formats and displays trace messages from an event trace log file (.etl) or a real-time trace session. `Tracefmt` can display the messages in the Command Prompt window or save them in a text file. It is located in the \\tools\\tracing subdirectory of the Windows Driver Kit (WDK). For more information, see [`Tracefmt`](/windows-hardware/drivers/devtest/tracefmt).
+To decode event trace files, you can use `Tracefmt` (tracefmt.exe). `Tracefmt` is a command-line tool that formats and displays trace messages from an event trace log file (.etl) or a real-time trace session. `Tracefmt` can display the messages in the Command Prompt window or save them in a text file. It is located in the \tools\tracing subdirectory of the Windows Driver Kit (WDK). For more information, see [`Tracefmt`](/windows-hardware/drivers/devtest/tracefmt).
 
 ## Smart Card service