deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-28 13:17:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/Microsoft/win-cpub-itpro-docs into VSTS8867491

Browse Source
This commit is contained in:
Justinha 2016-09-19 16:51:30 -07:00
commit 78cde9f2d9
9 changed files with 104 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CONTRIBUTING.md
View File

@ -30,7 +30,7 @@ We've tried to make editing an existing, public file as simple as possible.
![GitHub Web, showing the Pencil icon in the red box](images/pencil-icon.png)
4. Using markdown language, make your changes to the topic. For info about how to edit content using markdown, see:
4. Using Markdown language, make your changes to the topic. For info about how to edit content using Markdown, see:
- **If you're linked to the Microsoft organization in GitHub:** [Windows Open Publishing Guide Home](http://aka.ms/windows-op-guide)
- **If you're external to Microsoft:** [Mastering Markdown](https://guides.github.com/features/mastering-markdown/)

5
devices/surface-hub/create-a-device-account-using-office-365.md
View File

@ -54,7 +54,7 @@ If you prefer to use a graphical user interface, you can create a device account
![assign license for Skype for Business online.](images/setupdeviceaccto365-07.png)
From the list, uncheck **Skype for Business Online (plan 2)** (this license may vary depending on your organization), and click **SAVE**.
From the list, select **Skype for Business Online (Plan 2)**, and then click **SAVE**. The license may vary depending on your organization (for example, you might have Plan 2, or Plan 3).
### <a href="" id="create-device-acct-o365-mbx-policy"></a>Create a mobile device mailbox (ActiveSync) policy from the Exchange Admin Center
@ -133,8 +133,7 @@ In order to run cmdlets used by these PowerShell scripts, the following must be
5. Finally, to connect to Exchange Online Services, run:
``` syntax
$exchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri
"https://outlook.office365.com/powershell-liveid/" -Credential $cred -Authentication "Basic" AllowRedirection
$exchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri"https://outlook.office365.com/powershell-liveid/" -Credential $cred -Authentication "Basic" AllowRedirection
```
![Image showing PowerShell cmdlet.](images/setupdeviceaccto365-21.png)

BIN
devices/surface-hub/images/setupdeviceaccto365-07.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 23 KiB

After

Width:  |  Height:  |  Size: 28 KiB

2
education/windows/TOC.md
View File

@ -1,5 +1,4 @@
# [Windows 10 for Education](index.md)
## [Change history for Windows 10 for Education](change-history-edu.md)
## [Windows 10 editions for education customers](windows-editions-for-education-customers.md)
## [Setup options for Windows 10](set-up-windows-10.md)
### [Use the Set up School PCs app ](use-set-up-school-pcs-app.md)
@ -18,3 +17,4 @@
## [Deploy Windows 10 in a school](deploy-windows-10-in-a-school.md)
## [Deploy Windows 10 in a school district](deploy-windows-10-in-a-school-district.md)
## [Chromebook migration guide](chromebook-migration-guide.md)
## [Change history for Windows 10 for Education](change-history-edu.md)

36
windows/deploy/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md
View File

@ -36,13 +36,12 @@ This section will show you how to import some network and storage drivers for Wi
5. On the **Select drivers to include in the boot image** page, select the **Zero Touch WinPE x64** boot image. Also select the **Update distribution points when finished** check box, and click **Next** twice.
![figure 21](images/fig21-add-drivers.png)
![Add drivers to Windows PE](images/fig21-add-drivers.png "Add drivers to Windows PE")
Figure 21. Add drivers to Windows PE.
**Note**  
The Updating Boot Image part of the wizard will appear to hang when displaying Done. It will complete in a minute or two.
*Figure 21. Add drivers to Windows PE*
>[!NOTE]  
>The Updating Boot Image part of the wizard will appear to hang when displaying Done. It will complete in a minute or two.
 
## <a href="" id="sec02"></a>Add drivers for Windows 10
@ -56,31 +55,28 @@ This section illustrates how to add drivers for Windows 10 through an example in
3. On the **Specify the details for the imported driver** page, click **Categories**, create a category named Windows 10 x64 - HP EliteBook 8560w, and then click **Next**.
![figure 22](images/fig22-createcategories.png)
![Create driver categories](images/fig22-createcategories.png "Create driver categories")
Figure 22. Create driver categories.
*Figure 22. Create driver categories*
4. On the **Select the packages to add the imported driver** page, click **New Package**, use the following settings for the package, and then click **Next**:
1. Name: Windows 10 x64 - HP EliteBook 8560w
* Name: Windows 10 x64 - HP EliteBook 8560w
2. Path: \\\\CM01\\Sources$\\OSD\\DriverPackages\\Windows 10 x64\\HP EliteBook 8560w
**Note**  
The package path does not yet exist, so you have to type it in. The wizard will create the new package in that folder.
* Path: \\\\CM01\\Sources$\\OSD\\DriverPackages\\Windows 10 x64\\HP EliteBook 8560w
>[!NOTE]  
>The package path does not yet exist, so you have to type it in. The wizard will create the new package in that folder.
 
5. On the **Select drivers to include in the boot image** page, do not select anything, and click **Next** twice. After the package has been created, click **Close**.
**Note**  
If you want to monitor the driver import process more closely, you can open the SMSProv.log file during driver import.
 
![figure 23](images/mdt-06-fig26.png)
Figure 23. Drivers imported and a new driver package created.
>[!NOTE]  
>If you want to monitor the driver import process more closely, you can open the SMSProv.log file during driver import.
![Drivers imported and a new driver package created](images/mdt-06-fig26.png "Drivers imported and a new driver package created")
*Figure 23. Drivers imported and a new driver package created*
## Related topics

90
windows/deploy/create-a-task-sequence-with-configuration-manager-and-mdt.md
View File

@ -25,7 +25,7 @@ For the purposes of this topic, we will use two machines: DC01 and CM01. DC01 is
## <a href="" id="sec01"></a>Create a task sequence using the MDT Integration Wizard
This section will walk you through the process of creating a System Center 2012 R2 Configuration Manager task sequence for production use.
This section walks you through the process of creating a System Center 2012 R2 Configuration Manager task sequence for production use.
1. On CM01, using the Configuration Manager Console, in the Software Library workspace, expand **Operating Systems**, right-click **Task Sequences**, and select **Create MDT Task Sequence**.
@ -33,27 +33,27 @@ This section will walk you through the process of creating a System Center 2012
3. On the **General** page, assign the following settings and then click **Next**:
1. Task sequence name: Windows 10 Enterprise x64 RTM
* Task sequence name: Windows 10 Enterprise x64 RTM
2. Task sequence comments: Production image with Office 2013
* Task sequence comments: Production image with Office 2013
4. On the **Details** page, assign the following settings and then click **Next**:
1. Join a Domain
* Join a Domain
2. Domain: contoso.com
* Domain: contoso.com
1. Account: CONTOSO\\CM\_JD
* Account: CONTOSO\\CM\_JD
2. Password: Passw0rd!
* Password: Passw0rd!
3. Windows Settings
* Windows Settings
1. User name: Contoso
* User name: Contoso
2. Organization name: Contoso
* Organization name: Contoso
3. Product key: &lt;blank&gt;
* Product key: &lt;blank&gt;
5. On the **Capture Settings** page, accept the default settings, and click **Next**.
@ -88,12 +88,10 @@ After you create the task sequence, we recommend that you configure the task seq
2. In the **Install** group, select the **Set Variable for Drive Letter** action and configure the following:
- OSDPreserveDriveLetter: True
**Note**  
If you don't change this value, your Windows installation will end up in E:\\Windows.
 
* OSDPreserveDriveLetter: True
>[!NOTE]  
>If you don't change this value, your Windows installation will end up in E:\\Windows.
3. In the **Post Install** group, select **Apply Network Settings**, and configure the Domain OU value to use the **Contoso / Workstations** OU (browse for values).
@ -103,57 +101,55 @@ After you create the task sequence, we recommend that you configure the task seq
6. After the **Post Install / Drivers** group, add an **Apply Driver Package** action with the following settings:
1. Name: HP EliteBook 8560w
* Name: HP EliteBook 8560w
2. Driver Package: Windows 10 x64 - HP EliteBook 8560w
* Driver Package: Windows 10 x64 - HP EliteBook 8560w
3. Options: Task Sequence Variable: Model equals HP EliteBook 8560w
**Note**  
You also can add a Query WMI condition with the following query: SELECT \* FROM Win32\_ComputerSystem WHERE Model LIKE '%HP EliteBook 8560w%'
 
![figure 24](images/fig27-driverpackage.png)
Figure 24. The driver package options.
* Options: Task Sequence Variable: Model equals HP EliteBook 8560w
>[!NOTE]  
>You also can add a Query WMI condition with the following query: SELECT \* FROM Win32\_ComputerSystem WHERE Model LIKE '%HP EliteBook 8560w%'
![Driver package options](images/fig27-driverpackage.png "Driver package options")
*Figure 24. The driver package options*
7. In the **State Restore / Install Applications** group, select the **Install Application** action.
8. Select the **Install the following applications** option, and add the OSD / Adobe Reader XI - OSD Install application to the list.
![figure 25](images/fig28-addapp.png)
![Add an application to the task sequence](images/fig28-addapp.png "Add an application to the task sequence")
Figure 25. Add an application to the Configuration Manager task sequence.
*Figure 25. Add an application to the Configuration Manager task sequence*
9. In the **State Restore** group, after the **Set Status 5** action, add a **Request State Store** action with the following settings:
1. Restore state from another computer
* Restore state from another computer
2. If computer account fails to connect to state store, use the Network Access account
* If computer account fails to connect to state store, use the Network Access account
3. Options: Continue on error
* Options: Continue on error
4. Options / Condition:
1. Task Sequence Variable
2. USMTLOCAL not equals True
* Options / Condition:
* Task Sequence Variable
* USMTLOCAL not equals True
10. In the **State Restore** group, after the **Restore User State** action, add a **Release State Store** action with the following settings:
1. Options: Continue on error
* Options: Continue on error
2. Options / Condition:
1. Task Sequence Variable
2. USMTLOCAL not equals True
* Options / Condition:
* Task Sequence Variable
* USMTLOCAL not equals True
11. Click **OK**.
**Note**  
The Request State Store and Release State Store actions need to be added for common computer replace scenarios.
>[!NOTE]  
>The Request State Store and Release State Store actions need to be added for common computer replace scenarios.
 

34
windows/deploy/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md
View File

@ -22,15 +22,13 @@ Microsoft System Center 2012 R2 Configuration Manager supports deploying applica
For the purposes of this topic, we will use CM01, a machine running Windows Server 2012 R2 Standard that is a member of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
**Note**  
Even though the new application model is fully supported to deploy via the task sequence, the most reliable way to deploy software via the task sequence is still the legacy packages, especially if you deploy many applications.
 
>[!NOTE]  
>Even though the new application model is fully supported to deploy via the task sequence, the most reliable way to deploy software via the task sequence is still the legacy packages, especially if you deploy many applications.
## Example: Create the Adobe Reader XI application
The steps below show you how to create the Adobe Reader XI application. This section assumes that you have downloaded the MSI version of Adobe Reader XI to the C:\\Setup\\Adobe Reader XI folder on CM01.
The following steps show you how to create the Adobe Reader XI application. This section assumes that you have downloaded the MSI version of Adobe Reader XI to the C:\\Setup\\Adobe Reader XI folder on CM01.
1. On CM01, using File Explorer, copy the **C:\\Setup\\Adobe Reader XI** folder to the **E:\\Sources\\Software\\Adobe** folder.
@ -42,17 +40,17 @@ The steps below show you how to create the Adobe Reader XI application. This sec
5. In the Create Application Wizard, on the **General** page, use the following settings:
1. Automatically detect information about this application from installation files
* Automatically detect information about this application from installation files
2. Type: Windows Installer (\*.msi file)
* Type: Windows Installer (\*.msi file)
3. Location: \\\\CM01\\Sources$\\Software\\Adobe\\Adobe Reader XI
* Location: \\\\CM01\\Sources$\\Software\\Adobe\\Adobe Reader XI
4. \\AdbeRdr11000\_en\_US.msi
* \\AdbeRdr11000\_en\_US.msi
![figure 19](images/mdt-06-fig20.png)
![The Create Application Wizard](images/mdt-06-fig20.png "The Create Application Wizard")
Figure 19. The Create Application Wizard.
*Figure 19. The Create Application Wizard*
6. Click **Next**, and wait while Configuration Manager parses the MSI file.
@ -60,14 +58,12 @@ The steps below show you how to create the Adobe Reader XI application. This sec
8. On the **General Information** page, name the application Adobe Reader XI - OSD Install, click **Next** twice, and then click **Close**.
**Note**  
Since it is not possible to reference an application deployment type in the task sequence, you should have a single deployment type for applications deployed by the task sequence. If you are deploying applications via both the task sequence and normal application deployment, and you have multiple deployment types, you should have two applications of the same software. In this section, you add the "OSD Install" suffix to applications that are deployed via the task sequence. If using packages, you can still reference both package and program in the task sequence.
 
![figure 20](images/mdt-06-fig21.png)
Figure 20. Add the "OSD Install" suffix to the application name.
>[!NOTE]
>Because it is not possible to reference an application deployment type in the task sequence, you should have a single deployment type for applications deployed by the task sequence. If you are deploying applications via both the task sequence and normal application deployment, and you have multiple deployment types, you should have two applications of the same software. In this section, you add the "OSD Install" suffix to applications that are deployed via the task sequence. If using packages, you can still reference both package and program in the task sequence.
![Add the OSD Install suffix to the application name](images/mdt-06-fig21.png "Add the OSD Install suffix to the application name")
*Figure 20. Add the "OSD Install" suffix to the application name*
9. In the **Applications** node, select the Adobe Reader XI - OSD Install application, and click **Properties** on the ribbon bar.

48
windows/keep-secure/bitlocker-how-to-enable-network-unlock.md
View File

@ -146,12 +146,12 @@ To create a self-signed certificate, you can either use the New-SelfSignedCertif
Windows PowerShell example:
```syntax
New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -Subject "CN=BitLocker Network Unlock certificate" -Provider "Microsoft Software Key Storage Provider" -KeyUsage KeyEncipherment -KeyUsageProperty Decrypt -KeyLength 2048 -HashAlgorithm sha512 -TextExtension @("1.3.6.1.4.1.311.21.10={text}OID=1.3.6.1.4.1.311.67.1.1","2.5.29.37={text}1.3.6.1.4.1.311.67.1.1")
New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -Subject "CN=BitLocker Network Unlock certificate" -Provider "Microsoft Software Key Storage Provider" -KeyUsage KeyEncipherment -KeyUsageProperty Decrypt,Sign -KeyLength 2048 -HashAlgorithm sha512 -TextExtension @("1.3.6.1.4.1.311.21.10={text}OID=1.3.6.1.4.1.311.67.1.1","2.5.29.37={text}1.3.6.1.4.1.311.67.1.1")
```
Certreq example:
1. Create a text file with an .inf extension. For example, notepad.exe BitLocker-NetworkUnlock.inf
1. Create a text file with an .inf extension. For example, notepad.exe BitLocker-NetworkUnlock.inf.
2. Add the following contents to the previously created file:
``` syntax
@ -162,7 +162,7 @@ Certreq example:
Exportable=true
RequestType=Cert
KeyUsage="CERT_KEY_ENCIPHERMENT_KEY_USAGE"
KeyUsageProperty="NCRYPT_ALLOW_DECRYPT_FLAG"
KeyUsageProperty="NCRYPT_ALLOW_DECRYPT_FLAG | NCRYPT_ALLOW_SIGNING_FLAG"
KeyLength=2048
SMIME=FALSE
HashAlgorithm=sha512
@ -179,9 +179,9 @@ Certreq example:
certreq -new BitLocker-NetworkUnlock.inf BitLocker-NetworkUnlock.cer
```
4. Verify the previous command properly created the certificate by confirming the .cer file exists
5. Launch the Certificate Manager by running **certmgr.msc**
6. Create a .pfx file by opening the **Certificates Current User\\Personal\\Certificates** path in the navigation pane, right-clicking the previously imported certificate, selecting **All Tasks**, then **Export**. Follow through the wizard to create the .pfx file.
4. Verify the previous command properly created the certificate by confirming the .cer file exists.
5. Launch Certificates - Local Machine by running **certlm.msc**.
6. Create a .pfx file by opening the **Certificates Local Computer\\Personal\\Certificates** path in the navigation pane, right-clicking the previously imported certificate, selecting **All Tasks**, then **Export**. Follow through the wizard to create the .pfx file.
### <a href="" id="bkmk-stepfive"></a>Step Five: Deploy the private key and certificate to the WDS server
@ -192,27 +192,27 @@ With the certificate and key created, deploy them to the infrastructure to prope
3. In the **File to Import** dialog, choose the .pfx file created previously.
4. Enter the password used to create the .pfx and complete the wizard.
### Step Six: Configure Group Policy settings for Network Unlock
### <a href="" id="bkmk-stepsix"></a>Step Six: Configure Group Policy settings for Network Unlock
With certificate and key deployed to the WDS server for Network Unlock, the final step is to use Group Policy settings to deploy the public key certificate to computers that you want to be able to unlock using the Network Unlock key. Group Policy settings for BitLocker can be found under **\\Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption** using the Local Group Policy Editor or the Microsoft Management Console.
The following steps describe how to enable the Group Policy setting that is a requirement for configuring Network Unlock.
1. Open Group Policy Management Console (gpmc.msc)
2. Enable the policy **Require additional authentication at startup** and select the **Require startup PIN with TPM** option
3. Turn on BitLocker with TPM+PIN protectors on all domain-joined computers
1. Open Group Policy Management Console (gpmc.msc).
2. Enable the policy **Require additional authentication at startup** and select the **Require startup PIN with TPM** option.
3. Turn on BitLocker with TPM+PIN protectors on all domain-joined computers.
The following steps describe how to deploy the required Group Policy setting:
>**Note:**  The Group Policy settings **Allow network unlock at startup** and **Add Network Unlock Certificate** were introduced in Windows Server 2012.
 
1. Copy the .cer file created for Network Unlock to the domain controller
2. On the domain controller, launch Group Policy Management Console (gpmc.msc)
1. Copy the .cer file created for Network Unlock to the domain controller.
2. On the domain controller, launch Group Policy Management Console (gpmc.msc).
3. Create a new Group Policy Object or modify an existing object to enable the **Allow network unlock at startup** setting.
4. Deploy the public certificate to clients
4. Deploy the public certificate to clients:
1. Within Group Policy Management Console, navigate to the following location: **Computer Configuration\\Policies\\Windows Settings\\Security Settings\\Public Key Policies\\BitLocker Drive Encryption Network Unlock Certificate**
2. Right-click the folder and choose **Add Network Unlock Certificate**
1. Within Group Policy Management Console, navigate to the following location: **Computer Configuration\\Policies\\Windows Settings\\Security Settings\\Public Key Policies\\BitLocker Drive Encryption Network Unlock Certificate**.
2. Right-click the folder and choose **Add Network Unlock Certificate**.
3. Follow the wizard steps and import the .cer file that was copied earlier.
>**Note:**  Only one network unlock certificate can be available at a time. If a new certificate is required, delete the current certificate before deploying a new one. The Network Unlock certificate is located in the **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\SystemCertificates\\FVE\_NKP** key on the client computer.
@ -221,16 +221,16 @@ The following steps describe how to deploy the required Group Policy setting:
An additional step is for enterprises to use TPM+PIN protectors for an extra level of security. To require TPM+PIN protectors in an environment, do the following:
1. Open Group Policy Management Console (gpmc.msc)
2. Enable the policy **Require additional authentication at startup** and select the **Require startup PIN with TPM** option
3. Turn on BitLocker with TPM+PIN protectors on all domain-joined computers
1. Open Group Policy Management Console (gpmc.msc).
2. Enable the policy **Require additional authentication at startup** and select the **Require startup PIN with TPM** option.
3. Turn on BitLocker with TPM+PIN protectors on all domain-joined computers.
### <a href="" id="bkmk-createcerttmpl"></a>Create the certificate template for Network Unlock
The following steps detail how to create a certificate template for use with BitLocker Network Unlock. A properly configured Active Directory Services Certification Authority can use this certificate to create and issue Network Unlock certificates.
1. Open the Certificates Template snap-in (certtmpl.msc).
2. Locate the User template. Right-click the template name and select **Duplicate Template**
2. Locate the User template. Right-click the template name and select **Duplicate Template**.
3. On the **Compatibility** tab, change the **Certification Authority** and **Certificate recipient** fields to Windows Server 2012 and Windows 8respectively. Ensure the **Show resulting changes** dialog box is selected.
4. Select the **General** tab of the template. The **Template display name** and **Template name** should clearly identify that the template will be used for Network Unlock. Clear the checkbox for the **Publish certificate in Active Directory** option.
5. Select the **Request Handling** tab. Select **Encryption** from the **Purpose** drop down menu. Ensure the **Allow private key to be exported** option is selected.
@ -246,9 +246,9 @@ The following steps detail how to create a certificate template for use with Bit
- **Name:** **BitLocker Network Unlock**
- **Object Identifier:** **1.3.6.1.4.1.311.67.1.1**
14. Select the newly created **BitLocker Network Unlock** application policy and select **OK**
14. Select the newly created **BitLocker Network Unlock** application policy and select **OK**.
15. With the **Extensions** tab still open, select the **Edit Key Usage Extension** dialog, select the **Allow key exchange only with key encryption (key encipherment)** option. Select the **Make this extension critical** option.
16. Select the **Security** tab. Confirm that the **Domain Admins** group has been granted **Enroll** permission
16. Select the **Security** tab. Confirm that the **Domain Admins** group has been granted **Enroll** permission.
17. Select **OK** to complete configuration of the template.
To add the Network Unlock template to the Certification Authority, open the Certification Authority snap-in (certsrv.msc). Right-click the **Certificate Templates** item and choose **New, Certificate Template to issue**. Select the previously created BitLocker Network Unlock certificate.
@ -328,8 +328,8 @@ Files to gather when troubleshooting BitLocker Network Unlock include:
In the right pane, click **Enable Log**.
2. The DHCP subnet configuration file (if one exists).
3. The output of the BitLocker status on the volume, this can be gathered into a text file using **manage-bde -status** or **Get-BitLockerVolume** in Windows PowerShell
4. Network Monitor capture on the server hosting the WDS role, filtered by client IP address
3. The output of the BitLocker status on the volume, this can be gathered into a text file using **manage-bde -status** or **Get-BitLockerVolume** in Windows PowerShell.
4. Network Monitor capture on the server hosting the WDS role, filtered by client IP address.
## <a href="" id="bkmk-unsupportedsystems"></a>Configure Network Unlock Group Policy settings on earlier versions
@ -346,7 +346,7 @@ The following steps can be used to configure Network Unlock on these older syste
3. [Step Three: Install the Network Unlock feature](#bkmk-stepthree)
4. [Step Four: Create the Network Unlock certificate](#bkmk-stepfour)
5. [Step Five: Deploy the private key and certificate to the WDS server](#bkmk-stepfive)
6. **Step Six: Configure registry settings for Network Unlock**
6. [Step Six: Configure registry settings for Network Unlock](#bkmk-stepsix)
Apply the registry settings by running the following certutil script on each computer running any of the client operating systems designated in the **Applies To** list at the beginning of this topic.
certutil -f -grouppolicy -addstore FVE_NKP BitLocker-NetworkUnlock.cer

4
windows/whats-new/contribute-to-a-topic.md
View File

@ -31,7 +31,7 @@ You've already completed this step.
![GitHub Web, showing the Pencil icon in the red box](images/pencil-icon.png)
5. Using markdown language, make your changes to the topic. For info about how to edit content using markdown, see:
5. Using Markdown language, make your changes to the topic. For info about how to edit content using Markdown, see:
- **If you're linked to the Microsoft organization in GitHub:** [Windows Open Publishing Guide Home](http://aka.ms/windows-op-guide)
- **If you're external to Microsoft:** [Mastering Markdown](https://guides.github.com/features/mastering-markdown/)
@ -68,4 +68,4 @@ You've already completed this step.
- [Surface](https://technet.microsoft.com/itpro/surface)
- [Surface Hub](https://technet.microsoft.com/itpro/surface-hub)
- [Windows 10 for Education](https://technet.microsoft.com/edu/windows)
- [Microsoft Desktop Optimization Pack](https://technet.microsoft.com/itpro/mdop)
- [Microsoft Desktop Optimization Pack](https://technet.microsoft.com/itpro/mdop)