Merge branch 'master' into api-limit

2025-05-18 00:07:23 +00:00 · 2020-07-27 10:27:42 -07:00 · 2020-07-27 10:27:42 -07:00 · 7b5492fcbb
commit 7b5492fcbb
parent cfa87c669c c6bcc1df02
38 changed files with 973 additions and 772 deletions
--- a/.gitignore
+++ b/.gitignore
@ -5,7 +5,7 @@ obj/
 _site/
 Tools/NuGet/
 .optemp/
-Thumbs.db
+*.db
 .DS_Store
 *.ini
 _themes*/
--- a/.openpublishing.publish.config.json
+++ b/.openpublishing.publish.config.json
@ -432,5 +432,8 @@
    }
  },
  "need_generate_pdf": false,
-  "need_generate_intellisense": false
+  "need_generate_intellisense": false,
  "docs_build_engine": {
    "name": "docfx_v3"
  }
 }
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
--- a/images/sc-image402.png
+++ b/images/sc-image402.png
--- a/windows/application-management/msix-app-packaging-tool.md
+++ b/windows/application-management/msix-app-packaging-tool.md
@ -30,11 +30,11 @@ You can either run your installer interactively (through the UI) or create a pac
 - Windows 10, version 1809 (or later)
 - Participation in the Windows Insider Program (if you're using an Insider build)
- A valid Microsoft account (MSA) alias to access the app from the Microsoft Store 
+- A valid Microsoft work or school account to access the app from the Microsoft Store 
 - Admin privileges on your PC account 
 ### Get the app from the Microsoft Store
-1. Use the MSA login associated with your Windows Insider Program credentials in the [Microsoft Store](https://www.microsoft.com/store/r/9N5LW3JBCXKF). 
+1. Use the Microsoft work or school account login associated with your Windows Insider Program credentials in the [Microsoft Store](https://www.microsoft.com/store/r/9N5LW3JBCXKF). 
 2. Open the product description page.
 3. Click the install icon to begin installation.
--- a/windows/client-management/mdm/configuration-service-provider-reference.md
+++ b/windows/client-management/mdm/configuration-service-provider-reference.md
@ -2747,7 +2747,7 @@ The following list shows the CSPs supported in HoloLens devices:
 -   [Accounts CSP](accounts-csp.md)<sup>9</sup> **Note:** Support in Surface Hub is limited to **Domain\ComputerName**.
 -   [AccountManagement CSP](accountmanagement-csp.md)
 -   [APPLICATION CSP](application-csp.md)
-   [Bitlocker-csp](bitlocker-csp.md)<sup>9</sup> 
+-   [Bitlocker-CSP](bitlocker-csp.md)<sup>9</sup> 
 -   [CertificateStore CSP](certificatestore-csp.md)
 -   [ClientCertificateInstall CSP](clientcertificateinstall-csp.md)
 -   [Defender CSP](defender-csp.md)
@ -2759,7 +2759,7 @@ The following list shows the CSPs supported in HoloLens devices:
 -   [DMAcc CSP](dmacc-csp.md)
 -   [DMClient CSP](dmclient-csp.md)
 -   [EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md)
-   [Firewall-csp](firewall-csp.md)<sup>9</sup> 
+-   [Firewall-CSP](firewall-csp.md)<sup>9</sup> 
 -   [HealthAttestation CSP](healthattestation-csp.md)
 -   [NetworkQoSPolicy CSP](networkqospolicy-csp.md)
 -   [NodeCache CSP](nodecache-csp.md)
@ -2771,9 +2771,9 @@ The following list shows the CSPs supported in HoloLens devices:
 -   [RootCATrustedCertificates CSP](rootcacertificates-csp.md)
 -   [SurfaceHub CSP](surfacehub-csp.md)
 -   [UEFI CSP](uefi-csp.md)
-   [Wifi-csp](wifi-csp.md)<sup>9</sup> 
+-   [Wifi-CSP](wifi-csp.md)<sup>9</sup> 
 -   [WindowsAdvancedThreatProtection CSP](windowsadvancedthreatprotection-csp.md)
-   [Wirednetwork-csp](wirednetwork-csp.md)<sup>9</sup> 
+-   [Wirednetwork-CSP](wirednetwork-csp.md)<sup>9</sup> 
 ## <a href="" id="iotcoresupport"></a>CSPs supported in Windows 10 IoT Core
--- a/windows/client-management/mdm/policy-csps-supported-by-surface-hub.md
+++ b/windows/client-management/mdm/policy-csps-supported-by-surface-hub.md
@ -80,7 +80,8 @@ ms.date: 07/22/2020
 - [Wifi/AllowInternetSharing](policy-csp-wifi.md#wifi-allowinternetsharing)
 - [Wifi/AllowManualWiFiConfiguration](policy-csp-wifi.md#wifi-allowmanualwificonfiguration)
 - [Wifi/AllowWiFi](policy-csp-wifi.md#wifi-allowwifi)
- [WiFi/AllowWiFiHotSpotReporting]policy-csp-wifi.md#wifi-allowwifihotspotreporting)
+- [WiFi/AllowWiFiHotSpotReporting](policy-csp-wifi.md#wifi-allowwifihotspotreporting)
 - [WiFi/WLANScanMode](policy-csp-wifi.md#wifi-wlanscanmode)
 - [Wifi/AllowWiFiDirect](policy-csp-wifi.md#wifi-allowwifidirect)
 - [WirelessDisplay/AllowMdnsAdvertisement](policy-csp-wirelessdisplay.md#wirelessdisplay-allowmdnsadvertisement)
 - [WirelessDisplay/AllowMdnsDiscovery](policy-csp-wirelessdisplay.md#wirelessdisplay-allowmdnsdiscovery)
--- a/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md
+++ b/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md
@ -1,6 +1,6 @@
 ---
-title: Intro to configuration service providers for IT pros (Windows 10)
+title: Configuration service providers for IT pros (Windows 10)
-description: Configuration service providers (CSPs) expose device configuration settings in Windows 10. 
+description: Describes how IT pros and system administrators can use configuration service providers (CSPs) to configure devices. 
 ms.assetid: 25C1FDCA-0E10-42A1-A368-984FFDB2B7B6
 ms.reviewer: 
 manager: dansimp
@ -14,25 +14,23 @@ ms.localizationpriority: medium
 ms.date: 07/27/2017
 ---
-# Introduction to configuration service providers (CSPs) for IT pros
+# Configuration service providers for IT pros
 **Applies to**
 -   Windows 10
 -   Windows 10 Mobile
-Configuration service providers (CSPs) expose device configuration settings in Windows 10. This topic is written for people who have no experience with CSPs.
+This article explains how IT pros and system administrators can take advantage of many settings available through configuration service providers (CSPs) to configure devices running Windows 10 and Windows 10 Mobile in their organizations. CSPs expose device configuration settings in Windows 10. The CSPs are used by mobile device management (MDM) service providers and are documented in the [Hardware Dev Center](https://go.microsoft.com/fwlink/p/?LinkId=717390). 
-The CSPs are documented on the [Hardware Dev Center](https://go.microsoft.com/fwlink/p/?LinkId=717390) because CSPs are used by mobile device management (MDM) service providers. This topic explains how IT pros and system administrators can take advantage of many settings available through CSPs to configure devices running Windows 10 and Windows 10 Mobile in their organizations.
+> [!NOTE]
-
+> The information provided here about CSPs and CSP documentation also applies to Windows Mobile 5, Windows Mobile 6, Windows Phone 7, and Windows Phone 8, but links to current CSPs are for Windows 10 and Windows 10 Mobile.
 >[!NOTE]
 >This explanation of CSPs and CSP documentation also applies to Windows Mobile 5, Windows Mobile 6, Windows Phone 7, and Windows Phone 8, but links to current CSPs are for Windows 10 and Windows 10 Mobile.
 [See what's new for CSPs in Windows 10, version 1809.](https://docs.microsoft.com/windows/client-management/mdm/new-in-windows-mdm-enrollment-management#whatsnew1809)
 ## What is a CSP?
-A CSP is an interface in the client operating system, between configuration settings specified in a provisioning document, and configuration settings on the device. CSPs are similar to Group Policy client-side extensions, in that they provide an interface to read, set, modify, or delete configuration settings for a given feature. Typically, these settings map to registry keys, files or permissions. Some of these settings are configurable, and some are read-only.
+In the client operating system, a CSP is the interface between configuration settings that are specified in a provisioning document and configuration settings that are on the device. CSPs are similar to Group Policy client-side extensions in that they provide an interface to read, set, modify, or delete configuration settings for a given feature. Typically, these settings map to registry keys, files, or permissions. Some of these settings are configurable, and some are read-only.
 Starting with Windows Mobile 5.0, CSPs were used to manage Windows mobile devices. On the Windows 10 platform, the management approach for both desktop and mobile devices converges, taking advantage of the same CSPs to configure and manage all devices running Windows 10.
@ -42,15 +40,15 @@ CSPs are behind many of the management tasks and policies for Windows 10, both i
 ![how intune maps to csp](../images/policytocsp.png)
-CSPs receive configuration policies in the XML-based SyncML format, pushed from an MDM-compliant management server, such as Microsoft Intune. Traditional enterprise management systems, such as Microsoft Endpoint Configuration Manager, can also target CSPs, by using a client-side WMI-to-CSP bridge.
+CSPs receive configuration policies in the XML-based Synchronization Markup Language (SyncML) format, pushed from an MDM-compliant management server, such as Microsoft Intune. Traditional enterprise management systems, such as Microsoft Endpoint Configuration Manager, can also target CSPs, by using a client-side Windows Management Instrumentation (WMI)-to-CSP Bridge.
 ### Synchronization Markup Language (SyncML)
-The Open Mobile Alliance Device Management (OMA-DM) protocol uses the XML-based Synchronization Markup Language (SyncML) for data exchange between compliant servers and clients. SyncML offers an open standard to use as an alternative to vendor-specific management solutions (such as WMI). The value for enterprises adopting industry standard management protocols is that it allows the management of a broader set of vendor devices using a single platform (such as Microsoft Intune). Device policies, including VPN connection profiles, are delivered to client devices formatted as in SyncML. The target CSP reads this information and applies the necessary configurations.
+The Open Mobile Alliance Device Management (OMA-DM) protocol uses the XML-based SyncML for data exchange between compliant servers and clients. SyncML offers an open standard to use as an alternative to vendor-specific management solutions (such as WMI). The value for enterprises adopting industry standard management protocols is that it allows the management of a broader set of vendor devices using a single platform (such as Microsoft Intune). Device policies, including VPN connection profiles, are delivered to client devices formatted as in SyncML. The target CSP reads this information and applies the necessary configurations.
 ### The WMI-to-CSP Bridge
-The WMI-to-CSP Bridge is a component allowing configuration of Windows 10 CSPs via scripts and traditional enterprise management software, such as Configuration Manager using Windows Management Instrumentation (WMI). The bridge is responsible for reading WMI commands and through a component called the common device configurator pass them to a CSP for application on the device.
+The WMI-to-CSP Bridge is a component allowing configuration of Windows 10 CSPs using scripts and traditional enterprise management software, such as Configuration Manager using WMI. The bridge is responsible for reading WMI commands and through a component called the common device configurator pass them to a CSP for application on the device.
 [Learn how to use the WMI Bridge Provider with PowerShell.](https://go.microsoft.com/fwlink/p/?LinkId=761090)
@ -60,7 +58,7 @@ Generally, enterprises rely on Group Policy or MDM to configure and manage devic
 In addition, you may have unmanaged devices, or a large number of devices that you want to configure before enrolling them in management. You may also want to apply custom settings that aren't available through your MDM service. The [CSP documentation](#bkmk-csp-doc) can help you understand the settings that can be configured or queried.
-Some of the topics in the [Windows 10 and Windows 10 Mobile](/windows/windows-10) library on Technet include links to applicable CSP reference topics, such as [Cortana integration in your business or enterprise](../cortana-at-work/cortana-at-work-overview.md), which links to the [Policy CSP](https://go.microsoft.com/fwlink/p/?LinkID=623244). In the CSP topics, you can learn about all of the available configuration settings.
+Some of the articles in the [Windows 10 and Windows 10 Mobile](/windows/windows-10) library on Technet include links to applicable CSP reference topics, such as [Cortana integration in your business or enterprise](../cortana-at-work/cortana-at-work-overview.md), which links to the [Policy CSP](https://go.microsoft.com/fwlink/p/?LinkID=623244). In the CSP topics, you can learn about all of the available configuration settings.
 ### CSPs in Windows Configuration Designer
@ -74,7 +72,7 @@ Many settings in Windows Configuration Designer will display documentation for t
 ### CSPs in MDM
-Most, if not all, CSPs are surfaced through your MDM service. If you see a CSP that provides a capability that you want to make use of and cannot find that capability in your MDM service, contact your MDM provider for assistance. It might simply be named differently than you expected. You can see the CSPs supported by MDM in the [Configuration service provider reference](https://go.microsoft.com/fwlink/p/?LinkId=717390).
+Most, if not all, CSPs are surfaced through your MDM service. If you see a CSP that provides a capability that you want to make use of and cannot find that capability in your MDM service, contact your MDM provider for assistance. It might be named differently than you expected. You can see the CSPs supported by MDM in the [Configuration service provider reference](https://go.microsoft.com/fwlink/p/?LinkId=717390).
 When a CSP is available but is not explicitly included in your MDM solution, you may be able to make use of the CSP by using OMA-URI settings. In Intune, for example, you can use [custom policy settings](https://go.microsoft.com/fwlink/p/?LinkID=616316) to deploy settings. Intune documents [a partial list of settings](https://go.microsoft.com/fwlink/p/?LinkID=616317) that you can enter in the **OMA-URI Settings** section of a custom policy, if your MDM service provides that extension. You'll notice that the list doesn't explain the meanings of the allowed and default values, so use the [CSP reference documentation](https://go.microsoft.com/fwlink/p/?LinkId=717390) to locate that information.
@ -116,13 +114,13 @@ The documentation for most CSPs will also include an XML example.
 ## CSP examples
-CSPs provide access to a number of settings useful to enterprises. This section introduces two CSPs that an enterprise might find particularly useful.
+CSPs provide access to a number of settings useful to enterprises. This section introduces the CSPs that an enterprise might find useful.
 -   [EnterpriseAssignedAccess CSP](https://go.microsoft.com/fwlink/p/?LinkID=618601)
-    The EnterpriseAssignedAccess configuration service provider allows IT administrators to configure settings on a Windows 10 Mobile device. An enterprise can make use of this CSP to create single-use or limited-use mobile devices, such as a handheld device that only runs a price-checking app.
+    The EnterpriseAssignedAccess CSP lets IT administrators configure settings on a Windows 10 Mobile device. An enterprise can make use of this CSP to create single-use or limited-use mobile devices, such as a handheld device that only runs a price-checking app.
-    In addition to lockscreen wallpaper, theme, time zone, and language, the EnterpriseAssignedAccess CSP includes AssignedAccessXml which can be used to lock down the device through the following settings:
+    In addition to lock screen wallpaper, theme, time zone, and language, the EnterpriseAssignedAccess CSP includes AssignedAccessXml that can be used to lock down the device through the following settings:
    -   Enabling or disabling the Action Center.
    -   Configuring the number of tile columns in the Start layout.
@ -132,27 +130,28 @@ CSPs provide access to a number of settings useful to enterprises. This section
    -   Restricting access to the context menu.
    -   Enabling or disabling tile manipulation.
    -   Creating role-specific configurations.
 -   [Policy CSP](https://go.microsoft.com/fwlink/p/?LinkID=623244)
-    The Policy configuration service provider enables the enterprise to configure policies on Windows 10 and Windows 10 Mobile. Some of these policy settings can also be applied using Group Policy, and the CSP documentation lists the equivalent Group Policy settings.
+    The Policy CSP enables the enterprise to configure policies on Windows 10 and Windows 10 Mobile. Some of these policy settings can also be applied using Group Policy, and the CSP documentation lists the equivalent Group Policy settings.
    Some of the settings available in the Policy CSP include the following:
-    -   **Accounts**, such as whether a non-Microsoft account can be added to the device
+    -   **Accounts**, such as whether a non-Microsoft account can be added to the device.
-    -   **Application management**, such as whether only Microsoft Store apps are allowed
+    -   **Application management**, such as whether only Microsoft Store apps are allowed.
-    -   **Bluetooth**, such as the services allowed to use it
+    -   **Bluetooth**, such as the services allowed to use it.
-    -   **Browser**, such as restricting InPrivate browsing
+    -   **Browser**, such as restricting InPrivate browsing.
-    -   **Connectivity**, such as whether the device can be connected to a computer by USB
+    -   **Connectivity**, such as whether the device can be connected to a computer by USB.
-    -   **Defender** (for desktop only), such as day and time to scan
+    -   **Defender** (for desktop only), such as day and time to scan.
-    -   **Device lock**, such as the type of PIN or password required to unlock the device
+    -   **Device lock**, such as the type of PIN or password required to unlock the device.
-    -   **Experience**, such as allowing Cortana
+    -   **Experience**, such as allowing Cortana.
-    -   **Security**, such as whether provisioning packages are allowed
+    -   **Security**, such as whether provisioning packages are allowed.
-    -   **Settings**, such as allowing the user to change VPN settings
+    -   **Settings**, such as enabling the user to change VPN settings.
-    -   **Start**, such as applying a standard Start layout
+    -   **Start**, such as applying a standard Start layout.
-    -   **System**, such as allowing the user to reset the device
+    -   **System**, such as allowing the user to reset the device.
-    -   **Text input**, such as allowing the device to send anonymized user text input data samples to Microsoft
+    -   **Text input**, such as allowing the device to send anonymized user text input data samples to Microsoft.
-    -   **Update**, such as specifying whether the device could use Microsoft Update, Windows Server Update Services (WSUS), or Microsoft Store
+    -   **Update**, such as whether the device can use Microsoft Update, Windows Server Update Services (WSUS), or Microsoft Store.
-    -   **WiFi**, such as whether to enable Internet sharing
+    -   **WiFi**, such as whether Internet sharing is enabled.
 Here is a list of CSPs supported on Windows 10 Enterprise, Windows 10 Mobile Enterprise, or both:
--- a/windows/deployment/index.yml
+++ b/windows/deployment/index.yml
@ -73,7 +73,6 @@ landingContent:
          - text: Overview of Windows Autopilot
            url:  windows-autopilot/windows-autopilot.md
  # Card
  - title: Support remote work
    linkLists:
--- a/windows/deployment/planning/windows-10-deprecated-features.md
+++ b/windows/deployment/planning/windows-10-deprecated-features.md
@ -45,7 +45,7 @@ The features described below are no longer being actively developed, and might b
 |Windows Help Viewer (WinHlp32.exe)|All Windows help information is [available online](https://support.microsoft.com/products/windows?os=windows-10). The Windows Help Viewer is no longer supported in Windows 10. If for any reason you see an error message about "help not supported," possibly when using a non-Microsoft application, read [this support article](https://support.microsoft.com/help/917607/error-opening-help-in-windows-based-programs-feature-not-included-or-h) for additional information and any next steps.| 1803 |
 |Contacts feature in File Explorer|We're no longer developing the Contacts feature or the corresponding [Windows Contacts API](https://msdn.microsoft.com/library/ff800913.aspx). Instead, you can use the People app in Windows 10 to maintain your contacts.| 1803 |
 |Phone Companion|Use the **Phone** page in the Settings app. In Windows 10, version 1709, we added the new **Phone** page to help you sync your mobile phone with your PC. It includes all the Phone Companion features.| 1803 |
-|IPv4/6 Transition Technologies (6to4, ISATAP, and Direct Tunnels)|6to4 has been disabled by default since Windows 10, version 1607 (the Anniversary Update), ISATAP has been disabled by default since Windows 10, version 1703 (the Creators Update), and Direct Tunnels has always been disabled by default. Please use native IPv6 support instead.| 1803 |
+|IPv4/6 Transition Technologies (6to4, ISATAP, Teredo, and Direct Tunnels)|6to4 has been disabled by default since Windows 10, version 1607 (the Anniversary Update), ISATAP has been disabled by default since Windows 10, version 1703 (the Creators Update), Teredo has been disabled since Windows 10, version 1803, and Direct Tunnels has always been disabled by default. Please use native IPv6 support instead.| 1803 |
 |[Layered Service Providers](https://msdn.microsoft.com/library/windows/desktop/bb513664)|Layered Service Providers has not been developed since Windows 8 and Windows Server 2012. Use the [Windows Filtering Platform](https://msdn.microsoft.com/library/windows/desktop/aa366510) instead. When you upgrade from an older version of Windows, any layered service providers you're using aren't migrated; you'll need to re-install them after upgrading.| 1803 |
 |Business Scanning| This feature is also called Distributed Scan Management (DSM) **(Added 05/03/2018)**<br>&nbsp;<br>The [Scan Management functionality](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd759124(v=ws.11)) was introduced in Windows 7 and enabled secure scanning and the management of scanners in an enterprise. We're no longer investing in this feature, and there are no devices available that support it.| 1803 |
 |IIS 6 Management Compatibility*  | We recommend that users use alternative scripting tools and a newer management console. | 1709 |
--- a/windows/deployment/update/windows-as-a-service.md
+++ b/windows/deployment/update/windows-as-a-service.md
@ -114,21 +114,4 @@ Secure your organization's deployment investment.
 ## Microsoft Ignite 2018
 <img src="images/ignite-land.jpg" alt="" width="640" height="320"/>
-Looking to learn more? These informative session replays from Microsoft Ignite 2018 (complete with downloadable slide decks) can provide some great insights on Windows as a service.
+Looking to learn more? These informative session replays from Microsoft Ignite 2018 (complete with downloadable slide decks) can provide some great insights on Windows as a service. See [MyIgnite - Session catalog](https://myignite.techcommunity.microsoft.com/sessions).
 [BRK3018: Deploying Windows 10 in the enterprise using traditional and modern techniques](https://myignite.techcommunity.microsoft.com/sessions/64509#ignite-html-anchor)
 [BRK3019: Delivery Optimization deep dive: How to reduce internet bandwidth impact on your network](https://myignite.techcommunity.microsoft.com/sessions/64510#ignite-html-anchor)
 [BRK3020: Using AI to automate Windows and Office update staging with Windows Update for Business](https://myignite.techcommunity.microsoft.com/sessions/64513#ignite-html-anchor)
 [BRK3027: Deploying Windows 10: Making the update experience smooth and seamless](https://myignite.techcommunity.microsoft.com/sessions/64612#ignite-html-anchor)
 [BRK3039: Windows 10 and Microsoft Microsoft 365 Apps for enterprise lifecycle and servicing update](https://myignite.techcommunity.microsoft.com/sessions/66763#ignite-html-anchor)
 [BRK3211: Ask the Experts: Successfully deploying, servicing, managing Windows 10](https://myignite.techcommunity.microsoft.com/sessions/65963#ignite-html-anchor)
 [THR2234: Windows servicing and delivery fundamentals](https://myignite.techcommunity.microsoft.com/sessions/66741#ignite-html-anchor)
 [THR3006: The pros and cons of LTSC in the enterprise](https://myignite.techcommunity.microsoft.com/sessions/64512#ignite-html-anchor)
--- a/windows/privacy/index.yml
+++ b/windows/privacy/index.yml
@ -14,7 +14,7 @@ metadata:
  author: danihalfin
  ms.author: daniha
  manager: dansimp
-  ms.date: 02/21/2019 #Required; mm/dd/yyyy format.
+  ms.date: 07/21/2020 #Required; mm/dd/yyyy format.
  ms.localizationpriority: high
 # highlightedContent section (optional)
@ -55,7 +55,7 @@ productDirectory:
    - title: Changes to Windows diagnostic data collection
      imageSrc: https://docs.microsoft.com/media/common/i_build.svg
      summary: See what changes Windows is making to align to the new data collection taxonomy
-      url: windows-diagnostic-data.md  
+      url: changes-to-windows-diagnostic-data-collection.md  
 # conceptualContent section (optional)
 # conceptualContent:
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@ -30,6 +30,7 @@ This article describes the network connections that Windows 10 components make t
 Microsoft provides a [Windows Restricted Traffic Limited Functionality Baseline](https://go.microsoft.com/fwlink/?linkid=828887) package that will allow your organization to quickly configure the settings covered in this document to restrict connections from Windows 10 to Microsoft. The Windows Restricted Traffic Limited Baseline is based on [Group Policy Administrative Template](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administra) functionality and the package you download contains further instructions on how to deploy to devices in your organization. Since some of the settings can reduce the functionality and security configuration of your device, **before deploying Windows Restricted Traffic Limited Functionality Baseline** make sure you **choose the right settings configuration for your environment** and **ensure that Windows and Windows Defender are fully up to date**. Failure to do so may result in errors or unexpected behavior. You should not extract this package to the windows\system32 folder because it will not apply correctly.
 >[!IMPORTANT]
 > - The downloadable Windows 10, version 1903 scripts/settings can be used on Windows 10, version 1909 devices.
 > - The Allowed Traffic endpoints are listed here: [Allowed Traffic](#bkmk-allowedtraffic)
 >     -   CRL (Certificate Revocation List) and OCSP (Online Certificate Status Protocol) network traffic cannot be disabled and will still show up in network traces. CRL and OCSP checks are made to the issuing certificate authorities. Microsoft is one of these authorities. There are many others such as DigiCert, Thawte, Google, Symantec, and VeriSign.
 > - For security reasons, it is important to take care in deciding which settings to configure as some of them may result in a less secure device. Examples of settings that can lead to a less secure device configuration include: Windows Update, Automatic Root Certificates Update, and Windows Defender. Accordingly, we do not recommend disabling any of these features.
--- a/windows/privacy/manage-windows-1909-endpoints.md
+++ b/windows/privacy/manage-windows-1909-endpoints.md
@ -8,8 +8,8 @@ ms.sitesec: library
 ms.localizationpriority: high
 audience: ITPro
 author: gental-giant
-ms.author: obezeajo
+ms.author: v-hakima
-manager: robsize
+manager: obezeajo
 ms.collection: M365-security-compliance
 ms.topic: article
 ms.date: 7/22/2020
--- a/windows/privacy/toc.yml
+++ b/windows/privacy/toc.yml
@ -43,6 +43,8 @@
          href: manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
        - name: Connection endpoints for Windows 10, version 2004
          href: manage-windows-2004-endpoints.md
        - name: Connection endpoints for Windows 10, version 1909
          href: manage-windows-1909-endpoints.md
        - name: Connection endpoints for Windows 10, version 1903
          href: manage-windows-1903-endpoints.md
        - name: Connection endpoints for Windows 10, version 1809
@ -53,6 +55,8 @@
          href: manage-windows-1709-endpoints.md
        - name: Connection endpoints for non-Enterprise editions of Windows 10, version 2004
          href: windows-endpoints-2004-non-enterprise-editions.md
        - name: Connection endpoints for non-Enterprise editions of Windows 10, version 1909
          href: windows-endpoints-1909-non-enterprise-editions.md
        - name: Connection endpoints for non-Enterprise editions of Windows 10, version 1903
          href: windows-endpoints-1903-non-enterprise-editions.md
        - name: Connection endpoints for non-Enterprise editions of Windows 10, version 1809
--- a/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md
+++ b/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md
@ -8,8 +8,8 @@ ms.sitesec: library
 ms.localizationpriority: high
 audience: ITPro
 author: gental-giant
-ms.author: obezeajo
+ms.author: v-hakima
-manager: robsize
+manager: obezeajo
 ms.collection: M365-security-compliance
 ms.topic: article
 ms.date: 7/22/2020
--- a/windows/release-information/resolved-issues-windows-10-1903.yml
+++ b/windows/release-information/resolved-issues-windows-10-1903.yml
@ -104,7 +104,7 @@ sections:
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='248msgdesc'></div><b>dGPU occasionally disappear from device manager on Surface Book 2</b><div>Microsoft has identified a compatibility issue on some Surface Book 2 devices configured with Nvidia discrete graphics processing units (dGPUs). After updating to Windows 10, version 1903 (the May 2019 Update), some apps or games that needs to perform graphics intensive operations may close or fail to open.</div><div>&nbsp;</div><div>To safeguard your update experience, we have applied a compatibility hold on Surface Book 2 devices with Nvidia dGPU from being offered Windows 10, version 1903 until&nbsp;this issue is resolved.</div><div>&nbsp;</div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolved:&nbsp;</strong>To resolve this issue, you will need to update the firmware of your Surface Book 2&nbsp;device. Please see the <a href=\"https://support.microsoft.com/help/4055398/surface-book-2-update-history\" target=\"_blank\">Surface Book 2 update history page</a><strong>&nbsp;</strong>for instructions on how to install the October 2019 updates on your device. There is no update for Windows needed for this issue.</div><div>&nbsp;</div><div>The safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903.</div><br><a href ='#248msg'>Back to top</a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>October 18, 2019 <br>04:33 PM PT<br><br>Opened:<br>July 12, 2019 <br>04:20 PM PT</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='255msgdesc'></div><b>Domain connected devices that use MIT Kerberos realms will not start up</b><div>Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of <a href='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a>. Devices that are domain controllers or domain members are both affected.</div><div><br></div><div>To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.</div><div><br></div><div><strong>Note </strong>If you are not sure if your device is affected, contact your administrator.&nbsp;Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -&gt; Policies -&gt; Administrative Templates &gt; System -&gt; Kerberos or check if this registry key exists:</div><pre class=\"ql-syntax\" spellcheck=\"false\">HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-</pre><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016</li></ul><div></div><div><strong>Resolution: </strong>This issue was resolved in <a href='https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a> and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.</div><br><a href ='#255msg'>Back to top</a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a></td><td>Resolved:<br>August 30, 2019 <br>10:00 AM PT<br><br>Opened:<br>July 25, 2019 <br>06:10 PM PT</td></tr>
+      </pre><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016</li></ul><div></div><div><strong>Resolution: </strong>This issue was resolved in <a href='https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a> and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.</div><br><a href ='#255msg'>Back to top</a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a></td><td>Resolved:<br>August 30, 2019 <br>10:00 AM PT<br><br>Opened:<br>July 25, 2019 <br>06:10 PM PT</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='254msgdesc'></div><b>Issues updating when certain versions of Intel storage drivers are installed</b><div>Intel and Microsoft have found incompatibility issues with certain versions of the Intel Rapid Storage Technology (Intel RST) drivers and the Windows 10 May 2019 Update (Windows 10, version 1903).&nbsp;&nbsp;</div><div><br></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with Intel RST&nbsp;drivers, versions<strong> 15.1.0.1002</strong>&nbsp;through version&nbsp;<strong>15.5.2.1053</strong>&nbsp;installed from installing or being offered Windows 10, version 1903 or Windows Server, version 1903, until the driver has been updated.</div><div><br></div><div>Versions&nbsp;<strong>15.5.2.1054 or later</strong>&nbsp;are compatible, and a device that has these drivers installed can install the Windows 10 May 2019 Update.&nbsp;For affected devices, the recommended version is <strong>15.9.8.1050</strong>.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Resolution: </strong>This issue was resolved in <a href='https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a> and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.</div><br><a href ='#254msg'>Back to top</a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a></td><td>Resolved:<br>August 30, 2019 <br>10:00 AM PT<br><br>Opened:<br>July 25, 2019 <br>06:10 PM PT</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='253msgdesc'></div><b>Initiating a Remote Desktop connection may result in black screen</b><div>When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen. Any version of Windows may encounter this issue when initiating a Remote Desktop connection to a Windows 10, version 1903 device which is running an affected display driver, including the drivers for the Intel 4 series chipset integrated GPU (iGPU).</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a>.</div><br><a href ='#253msg'>Back to top</a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a></td><td>Resolved:<br>August 30, 2019 <br>10:00 AM PT<br><br>Opened:<br>July 12, 2019 <br>04:42 PM PT</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='252msgdesc'></div><b>Devices starting using PXE from a WDS or Configuration Manager servers may fail to start</b><div>Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager might fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing <a href='https://support.microsoft.com/help/4503293' target='_blank'>KB4503293</a> on a WDS server.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a>.</div><br><a href ='#252msg'>Back to top</a></td><td>OS Build 18362.175<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503293' target='_blank'>KB4503293</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a></td><td>Resolved:<br>August 30, 2019 <br>10:00 AM PT<br><br>Opened:<br>July 10, 2019 <br>02:51 PM PT</td></tr>
--- a/windows/release-information/status-windows-10-1803.yml
+++ b/windows/release-information/status-windows-10-1803.yml
@ -21,8 +21,8 @@ sections:
      Find information on known issues for Windows 10, version 1803. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
      <table border = '0' class='box-info'><tr>
-<td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of November 12, 2019:</strong>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</div><div>Windows&nbsp;10,&nbsp;version&nbsp;1803&nbsp;(the April 2018 Update) Home and Pro editions have reached end of service. For&nbsp;Windows&nbsp;10&nbsp;devices that are at, or within several months of reaching end of service,&nbsp;Windows&nbsp;Update will automatically initiate a feature update (with users having the ability to choose a convenient time); keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.</div>
+      <td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of November 12, 2019:</strong>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</div><div>Windows&nbsp;10,&nbsp;version&nbsp;1803&nbsp;(the April 2018 Update) Home and Pro editions have reached end of service. For&nbsp;Windows&nbsp;10&nbsp;devices that are at, or within several months of reaching end of service,&nbsp;Windows&nbsp;Update will automatically initiate a feature update (with users having the ability to choose a convenient time); keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.</div>
-</td></tr></table>
+      </td></tr></table>
      " 
--- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
+++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
@ -21,8 +21,8 @@ sections:
      Find information on known issues for Windows 10, version 1809 and Windows Server 2019. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
      <table border = '0' class='box-info'><tr>
-<td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of November 12, 2019:</strong></div><div>Windows 10, version 1809 is designated for broad deployment. The recommended servicing status is Semi-Annual Channel.</div>
+      <td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of November 12, 2019:</strong></div><div>Windows 10, version 1809 is designated for broad deployment. The recommended servicing status is Semi-Annual Channel.</div>
-</td></tr></table>
+      </td></tr></table>
      " 
--- a/windows/release-information/status-windows-10-1903.yml
+++ b/windows/release-information/status-windows-10-1903.yml
@ -21,8 +21,8 @@ sections:
      Find information on known issues and the status of the rollout for Windows 10, version 1903 and Windows Server, version 1903. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
      <table border = '0' class='box-info'><tr>
-<td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of November 12, 2019:</strong>&nbsp;&nbsp;&nbsp;</div><div>Windows 10, version 1903 (the May 2019 Update) is designated ready for broad deployment for all users via Windows Update.</div><div><br></div><div>We recommend commercial customers running earlier versions of Windows 10 begin broad deployments of Windows 10, version 1903 in their organizations.</div><div><br></div><div><strong>Note </strong>Follow <a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a> to find out when new content is published to the release information dashboard.</div>
+      <td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of November 12, 2019:</strong>&nbsp;&nbsp;&nbsp;</div><div>Windows 10, version 1903 (the May 2019 Update) is designated ready for broad deployment for all users via Windows Update.</div><div><br></div><div>We recommend commercial customers running earlier versions of Windows 10 begin broad deployments of Windows 10, version 1903 in their organizations.</div><div><br></div><div><strong>Note </strong>Follow <a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a> to find out when new content is published to the release information dashboard.</div>
-</td></tr></table>
+      </td></tr></table>
      " 
--- a/windows/release-information/status-windows-10-1909.yml
+++ b/windows/release-information/status-windows-10-1909.yml
@ -21,8 +21,8 @@ sections:
      Find information on known issues and the status of the rollout for Windows 10, version 1909 and Windows Server, version 1909. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
      <table border = '0' class='box-info'><tr>
-<td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of January 21, 2020:</strong></div><div>Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.</div><div>&nbsp;</div><div>We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.&nbsp;Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.</div><div><br></div><div>For information on how users running Windows 10, version 1903 can update to&nbsp;Windows 10, version 1909 in a new, streamlined way, see <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1909-delivery-options/ba-p/1002660\" rel=\"noopener noreferrer\" target=\"_blank\">this post</a>.</div><div>&nbsp;</div><div><strong>Note </strong>follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;on Twitter to find out when new content is published to the release information dashboard.</div>
+      <td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of January 21, 2020:</strong></div><div>Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.</div><div>&nbsp;</div><div>We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.&nbsp;Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.</div><div><br></div><div>For information on how users running Windows 10, version 1903 can update to&nbsp;Windows 10, version 1909 in a new, streamlined way, see <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1909-delivery-options/ba-p/1002660\" rel=\"noopener noreferrer\" target=\"_blank\">this post</a>.</div><div>&nbsp;</div><div><strong>Note </strong>follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;on Twitter to find out when new content is published to the release information dashboard.</div>
-</td></tr></table>
+      </td></tr></table>
      " 
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@ -601,6 +601,7 @@
 ##### [Configure Micro Focus ArcSight to pull detections](microsoft-defender-atp/configure-arcsight.md)
 ##### [Microsoft Defender ATP detection fields](microsoft-defender-atp/api-portal-mapping.md)
 ##### [Pull detections using SIEM REST API](microsoft-defender-atp/pull-alerts-using-rest-api.md)
 ##### [Fetch alerts from customer tenant](microsoft-defender-atp/fetch-alerts-mssp.md)
 ##### [Troubleshoot SIEM tool integration issues](microsoft-defender-atp/troubleshoot-siem.md)
 #### [Partners & APIs]()
@ -615,7 +616,12 @@
 ###### [Using device groups](microsoft-defender-atp/machine-groups.md)
 ###### [Create and manage device tags](microsoft-defender-atp/machine-tags.md)
-#### [Configure managed security service provider (MSSP) integration](microsoft-defender-atp/configure-mssp-support.md)
+#### [Managed security service provider (MSSP) integration]()
 ##### [Configure managed security service provider integration](microsoft-defender-atp/configure-mssp-support.md)
 ##### [Grant MSSP access to the portal](microsoft-defender-atp/grant-mssp-access.md)
 ##### [Access the MSSP customer portal](microsoft-defender-atp/access-mssp-portal.md)
 ##### [Configure alert notifications](microsoft-defender-atp/configure-mssp-notifications.md)
 ##### [Get partner application access](microsoft-defender-atp/exposed-apis-create-app-partners.md)
 ### [Partner integration scenarios]()
 #### [Technical partner opportunities](microsoft-defender-atp/partner-integration.md)
@ -842,6 +848,8 @@
 ####### [Event 4689 S: A process has exited.](auditing/event-4689.md)
 ###### [Audit RPC Events](auditing/audit-rpc-events.md)
 ####### [Event 5712 S: A Remote Procedure Call, RPC, was attempted.](auditing/event-5712.md)
 ###### [Audit Token Right Adjusted](auditing/audit-token-right-adjusted.md)
 ####### [Event 4703 S: A user right was adjusted.](auditing/event-4703.md)
 ###### [Audit Detailed Directory Service Replication](auditing/audit-detailed-directory-service-replication.md)
 ####### [Event 4928 S, F: An Active Directory replica source naming context was established.](auditing/event-4928.md)
 ####### [Event 4929 S, F: An Active Directory replica source naming context was removed.](auditing/event-4929.md)
--- a/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md
@ -25,6 +25,9 @@ manager: dansimp
 This article describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you may encounter when using the Microsoft Defender AV.
 > [!NOTE]
 > As part of the investigation or response process, you can collect an investigation package from a device. Here's how: [Collect investigation package from devices](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts#collect-investigation-package-from-devices).
 On at least two devices that are experiencing the same issue, obtain the .cab diagnostic file by taking the following steps:
 1. Open an administrator-level version of the command prompt as follows:
--- a/windows/security/threat-protection/microsoft-defender-atp/access-mssp-portal.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/access-mssp-portal.md
@ -0,0 +1,56 @@
 ---
 title: Access the Microsoft Defender Security Center MSSP customer portal
 description: Access the Microsoft Defender Security Center MSSP customer portal
 keywords: managed security service provider, mssp, configure, integration
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Access the Microsoft Defender Security Center MSSP customer portal
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
 >[!NOTE] 
 >These set of steps are directed towards the MSSP. 
 By default, MSSP customers access their Microsoft Defender Security Center tenant through the following URL: `https://securitycenter.windows.com`.
 MSSPs however, will need to use a tenant-specific URL in the following format:  `https://securitycenter.windows.com?tid=customer_tenant_id` to access the MSSP customer portal. 
 In general, MSSPs will need to be added to each of the MSSP customer's Azure AD that they intend to manage.
 Use the following steps to obtain the MSSP customer tenant ID and then use the ID to access the tenant-specific URL:
 1. As an MSSP, login to Azure AD with your credentials. 
 2. Switch directory to the MSSP customer's tenant.
 3.  Select **Azure Active Directory > Properties**. You'll find the tenant ID in the Directory ID field. 
 4. Access the MSSP customer portal by replacing the `customer_tenant_id` value in the following URL: `https://securitycenter.windows.com?tid=customer_tenant_id`.
 ## Related topics
 - [Grant MSSP access to the portal](grant-mssp-access.md)
 - [Configure alert notifications](configure-mssp-notifications.md)
 - [Fetch alerts from customer tenant](fetch-alerts-mssp.md)
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-notifications.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-notifications.md
@ -0,0 +1,46 @@
 ---
 title: Configure alert notifications that are sent to MSSPs 
 description: Configure alert notifications that are sent to MSSPs
 keywords: managed security service provider, mssp, configure, integration
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Configure alert notifications that are sent to MSSPs 
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
 >[!NOTE]
 >This step can be done by either the MSSP customer or MSSP. MSSPs must be granted the appropriate permissions to configure this on behalf of the MSSP customer.
 After access the portal is granted, alert notification rules can to be created so that emails are sent to MSSPs when alerts associated with the tenant are created and set conditions are met.
 For more information, see [Create rules for alert notifications](configure-email-notifications.md#create-rules-for-alert-notifications).
 These check boxes must be checked:
 - **Include organization name** - The customer name will be added to email notifications
 - **Include tenant-specific portal link** - Alert link URL will have tenant specific parameter (tid=target_tenant_id) that allows direct access to target tenant portal
 ## Related topics
 - [Grant MSSP access to the portal](grant-mssp-access.md)
 - [Access the MSSP customer portal](access-mssp-portal.md)
 - [Fetch alerts from customer tenant](fetch-alerts-mssp.md)
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md
@ -1,8 +1,6 @@
 ---
 title: Configure managed security service provider support
 description: Take the necessary steps to configure the MSSP integration with Microsoft Defender ATP 
 keywords: managed security service provider, mssp, configure, integration
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@ -17,7 +15,6 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ms.date: 09/03/2018
 ---
 # Configure managed security service provider integration
@ -67,249 +64,11 @@ This action is taken by the MSSP. It allows MSSPs to fetch alerts in SIEM tools.
 This action is taken by the MSSP. It allows MSSPs to fetch alerts using APIs.
 ## Grant the MSSP access to the portal
 >[!NOTE] 
 > These set of steps are directed towards the MSSP customer. <br>
 > Access to the portal can only be done by the MSSP customer.
 As a MSSP customer, you'll need to take the following configuration steps to grant the MSSP access to Microsoft Defender Security Center. 
 Authentication and authorization of the MSSP user is built on top of Azure Active Directory (Azure AD) B2B functionality. 
 You'll need to take the following 2 steps:
 - Add MSSP user to your tenant as a guest user
 - Grant MSSP user access to Microsoft Defender Security Center
 ### Add MSSP user to your tenant as a guest user
 Add a user who is a member of the MSSP tenant to your tenant as a guest user.
 To grant portal access to the MSSP, you must add the MSSP user to your Azure AD as a guest user. For more information, see [Add Azure Active Directory B2B collaboration users in the Azure portal](https://docs.microsoft.com/azure/active-directory/b2b/add-users-administrator).
 ### Grant MSSP user access to Microsoft Defender Security Center
 Grant the guest user access and permissions to your Microsoft Defender Security Center tenant.
 Granting access to guest user is done the same way as granting access to a user who is a member of your tenant. 
 If you're using basic permissions to access the portal, the guest user must be assigned a Security Administrator role in **your** tenant. For more information, see [Use basic permissions to access the portal](basic-permissions.md).
 If you're using role-based access control (RBAC), the guest user must be to added to the appropriate group or groups in **your** tenant. Fore more information on RBAC in Microsoft Defender ATP, see [Manage portal access using RBAC](rbac.md).
 >[!NOTE]
 >There is no difference between the Member user and Guest user roles from RBAC perspective.
 It is recommended that groups are created for MSSPs to make authorization access more manageable.
 As a MSSP customer, you can always remove or modify the permissions granted to the MSSP by updating the Azure AD user groups. 
 ## Access the Microsoft Defender Security Center MSSP customer portal
 >[!NOTE] 
 >These set of steps are directed towards the MSSP. 
 By default, MSSP customers access their Microsoft Defender Security Center tenant through the following URL: `https://securitycenter.windows.com`.
 MSSPs however, will need to use a tenant-specific URL in the following format:  `https://securitycenter.windows.com?tid=customer_tenant_id` to access the MSSP customer portal. 
 In general, MSSPs will need to be added to each of the MSSP customer's Azure AD that they intend to manage.
 Use the following steps to obtain the MSSP customer tenant ID and then use the ID to access the tenant-specific URL:
 1. As an MSSP, login to Azure AD with your credentials. 
 2. Switch directory to the MSSP customer's tenant.
 3.  Select **Azure Active Directory > Properties**. You'll find the tenant ID in the Directory ID field. 
 4. Access the MSSP customer portal by replacing the `customer_tenant_id` value in the following URL: `https://securitycenter.windows.com?tid=customer_tenant_id`.
 ## Configure alert notifications that are sent to MSSPs 
 >[!NOTE]
 >This step can be done by either the MSSP customer or MSSP. MSSPs must be granted the appropriate permissions to configure this on behalf of the MSSP customer.
 After access the portal is granted, alert notification rules can to be created so that emails are sent to MSSPs when alerts associated with the tenant are created and set conditions are met.
 For more information, see [Create rules for alert notifications](configure-email-notifications.md#create-rules-for-alert-notifications).
 These check boxes must be checked:
 - **Include organization name** - The customer name will be added to email notifications
 - **Include tenant-specific portal link** - Alert link URL will have tenant specific parameter (tid=target_tenant_id) that allows direct access to target tenant portal
 ## Fetch alerts from MSSP customer's tenant into the SIEM system
 >[!NOTE]
 >This action is taken by the MSSP.
 To fetch alerts into your SIEM system you'll need to take the following steps:
 Step 1: Create a third-party application
 Step 2: Get access and refresh tokens from your customer's tenant
 Step 3: allow your application on Microsoft Defender Security Center
 ### Step 1: Create an application in Azure Active Directory (Azure AD)
 You'll need to create an application and grant it permissions to fetch alerts from your customer's Microsoft Defender ATP tenant.
 1. Sign in to the [Azure AD portal](https://aad.portal.azure.com/).
 2. Select **Azure Active Directory** > **App registrations**.
 3. Click **New registration**.
 4. Specify the following values:
    - Name: \<Tenant_name\> SIEM MSSP Connector (replace Tenant_name with the tenant display name)
    - Supported account types: Account in this organizational directory only 
    - Redirect URI: Select Web and type `https://<domain_name>/SiemMsspConnector`(replace <domain_name> with the tenant name)
 5. Click **Register**. The application is displayed in the list of applications you own.
 6. Select the application, then click **Overview**.
 7. Copy the value from the **Application (client) ID** field to a safe place, you will need this in the next step.
 8. Select **Certificate & secrets** in the new application panel.
 9. Click **New client secret**.
    - Description: Enter a description for the key.
    - Expires: Select **In 1 year**
 10. Click **Add**, copy the value of the client secret to a safe place, you will need this in the next step.
 ### Step 2: Get access and refresh tokens from your customer's tenant
 This section guides you on how to use a PowerShell script to get the tokens from your customer's tenant. This script uses the application from the previous step to get the access and refresh tokens using the OAuth Authorization Code Flow.
 After providing your credentials, you'll need to grant consent to the application so that the application is provisioned in the customer's tenant.
 1. Create a new folder and name it: `MsspTokensAcquisition`.
 2. Download the [LoginBrowser.psm1 module](https://github.com/shawntabrizi/Microsoft-Authentication-with-PowerShell-and-MSAL/blob/master/Authorization%20Code%20Grant%20Flow/LoginBrowser.psm1) and save it in the `MsspTokensAcquisition` folder.
    >[!NOTE]
    >In line 30, replace `authorzationUrl` with `authorizationUrl`.
 3. Create a file with the following content and save it with the name `MsspTokensAcquisition.ps1` in the folder:
    ```
    param (
        [Parameter(Mandatory=$true)][string]$clientId,
        [Parameter(Mandatory=$true)][string]$secret,
        [Parameter(Mandatory=$true)][string]$tenantId
    )
    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
    # Load our Login Browser Function
    Import-Module .\LoginBrowser.psm1
    # Configuration parameters
    $login = "https://login.microsoftonline.com"
    $redirectUri = "https://SiemMsspConnector"
    $resourceId = "https://graph.windows.net"
    Write-Host 'Prompt the user for his credentials, to get an authorization code'
    $authorizationUrl = ("{0}/{1}/oauth2/authorize?prompt=select_account&response_type=code&client_id={2}&redirect_uri={3}&resource={4}" -f
                        $login, $tenantId, $clientId, $redirectUri, $resourceId)
    Write-Host "authorzationUrl: $authorizationUrl"
    # Fake a proper endpoint for the Redirect URI
    $code = LoginBrowser $authorizationUrl $redirectUri
    # Acquire token using the authorization code
    $Body = @{
        grant_type = 'authorization_code'
        client_id = $clientId
        code = $code
        redirect_uri = $redirectUri
        resource = $resourceId
        client_secret = $secret
    }
    $tokenEndpoint = "$login/$tenantId/oauth2/token?"
    $Response = Invoke-RestMethod -Method Post -Uri $tokenEndpoint -Body $Body
    $token = $Response.access_token
    $refreshToken= $Response.refresh_token
    Write-Host " -----------------------------------  TOKEN ---------------------------------- "
    Write-Host $token
    Write-Host " -----------------------------------  REFRESH TOKEN ---------------------------------- "
    Write-Host $refreshToken 
    ```
 4. Open an elevated PowerShell command prompt in the `MsspTokensAcquisition` folder.
 5. Run the following command: 
   `Set-ExecutionPolicy -ExecutionPolicy Bypass`
 6. Enter the following commands: `.\MsspTokensAcquisition.ps1 -clientId <client_id> -secret <app_key> -tenantId <customer_tenant_id>`
    - Replace \<client_id\> with the **Application (client) ID** you got from the previous step.
    - Replace \<app_key\> with the **Client Secret** you created from the previous step.
    - Replace \<customer_tenant_id\> with your customer's **Tenant ID**. 
 7. You'll be asked to provide your credentials and consent. Ignore the page redirect.
 8. In the PowerShell window, you'll receive an access token and a refresh token. Save the refresh token to configure your SIEM connector. 
 ### Step 3: Allow your application on Microsoft Defender Security Center
 You'll need to allow the application you created in Microsoft Defender Security Center.
 You'll need to have **Manage portal system settings** permission to allow the application. Otherwise, you'll need to request your customer to allow the application for you.
 1. Go to `https://securitycenter.windows.com?tid=<customer_tenant_id>` (replace \<customer_tenant_id\> with the customer's tenant ID.
 2. Click **Settings** > **SIEM**. 
 3. Select the **MSSP** tab.
 4. Enter the **Application ID** from the first step and your **Tenant ID**.
 5. Click **Authorize application**. 
 You can now download the relevant configuration file for your SIEM and connect to the Microsoft Defender ATP API. For more information see, [Pull alerts to your SIEM tools](configure-siem.md).
 - In the ArcSight configuration file / Splunk Authentication Properties file  you will have to write your application key manually by settings the secret value.
 - Instead of acquiring a refresh token in the portal, use the script from the previous step to acquire a refresh token (or acquire it by other means).
 ## Fetch alerts from MSSP customer's tenant using APIs
 For information on how to fetch alerts using REST API, see [Pull alerts using REST API](pull-alerts-using-rest-api.md).
 ## Related topics
- [Use basic permissions to access the portal](basic-permissions.md)
+- [Grant MSSP access to the portal](grant-mssp-access.md)
- [Manage portal access using RBAC](rbac.md) 
+- [Access the MSSP customer portal](access-mssp-portal.md)
- [Pull alerts to your SIEM tools](configure-siem.md)
+- [Configure alert notifications](configure-mssp-notifications.md)
- [Pull alerts using REST API](pull-alerts-using-rest-api.md)
+- [Fetch alerts from customer tenant](fetch-alerts-mssp.md)
--- a/windows/security/threat-protection/microsoft-defender-atp/fetch-alerts-mssp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/fetch-alerts-mssp.md
@ -0,0 +1,196 @@
 ---
 title: Fetch alerts from MSSP customer tenant
 description: Learn how to fetch alerts from a customer tenant
 keywords: managed security service provider, mssp, configure, integration
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Fetch alerts from MSSP customer tenant
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
 >[!NOTE]
 >This action is taken by the MSSP.
 There are two ways you can fetch alerts:
 - Using the SIEM method
 - Using APIs
 ## Fetch alerts into your SIEM
 To fetch alerts into your SIEM system you'll need to take the following steps:
 Step 1: Create a third-party application
 Step 2: Get access and refresh tokens from your customer's tenant
 Step 3: allow your application on Microsoft Defender Security Center
 ### Step 1: Create an application in Azure Active Directory (Azure AD)
 You'll need to create an application and grant it permissions to fetch alerts from your customer's Microsoft Defender ATP tenant.
 1. Sign in to the [Azure AD portal](https://aad.portal.azure.com/).
 2. Select **Azure Active Directory** > **App registrations**.
 3. Click **New registration**.
 4. Specify the following values:
    - Name: \<Tenant_name\> SIEM MSSP Connector (replace Tenant_name with the tenant display name)
    - Supported account types: Account in this organizational directory only 
    - Redirect URI: Select Web and type `https://<domain_name>/SiemMsspConnector`(replace <domain_name> with the tenant name)
 5. Click **Register**. The application is displayed in the list of applications you own.
 6. Select the application, then click **Overview**.
 7. Copy the value from the **Application (client) ID** field to a safe place, you will need this in the next step.
 8. Select **Certificate & secrets** in the new application panel.
 9. Click **New client secret**.
    - Description: Enter a description for the key.
    - Expires: Select **In 1 year**
 10. Click **Add**, copy the value of the client secret to a safe place, you will need this in the next step.
 ### Step 2: Get access and refresh tokens from your customer's tenant
 This section guides you on how to use a PowerShell script to get the tokens from your customer's tenant. This script uses the application from the previous step to get the access and refresh tokens using the OAuth Authorization Code Flow.
 After providing your credentials, you'll need to grant consent to the application so that the application is provisioned in the customer's tenant.
 1. Create a new folder and name it: `MsspTokensAcquisition`.
 2. Download the [LoginBrowser.psm1 module](https://github.com/shawntabrizi/Microsoft-Authentication-with-PowerShell-and-MSAL/blob/master/Authorization%20Code%20Grant%20Flow/LoginBrowser.psm1) and save it in the `MsspTokensAcquisition` folder.
    >[!NOTE]
    >In line 30, replace `authorzationUrl` with `authorizationUrl`.
 3. Create a file with the following content and save it with the name `MsspTokensAcquisition.ps1` in the folder:
    ```
    param (
        [Parameter(Mandatory=$true)][string]$clientId,
        [Parameter(Mandatory=$true)][string]$secret,
        [Parameter(Mandatory=$true)][string]$tenantId
    )
    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
    # Load our Login Browser Function
    Import-Module .\LoginBrowser.psm1
    # Configuration parameters
    $login = "https://login.microsoftonline.com"
    $redirectUri = "https://SiemMsspConnector"
    $resourceId = "https://graph.windows.net"
    Write-Host 'Prompt the user for his credentials, to get an authorization code'
    $authorizationUrl = ("{0}/{1}/oauth2/authorize?prompt=select_account&response_type=code&client_id={2}&redirect_uri={3}&resource={4}" -f
                        $login, $tenantId, $clientId, $redirectUri, $resourceId)
    Write-Host "authorzationUrl: $authorizationUrl"
    # Fake a proper endpoint for the Redirect URI
    $code = LoginBrowser $authorizationUrl $redirectUri
    # Acquire token using the authorization code
    $Body = @{
        grant_type = 'authorization_code'
        client_id = $clientId
        code = $code
        redirect_uri = $redirectUri
        resource = $resourceId
        client_secret = $secret
    }
    $tokenEndpoint = "$login/$tenantId/oauth2/token?"
    $Response = Invoke-RestMethod -Method Post -Uri $tokenEndpoint -Body $Body
    $token = $Response.access_token
    $refreshToken= $Response.refresh_token
    Write-Host " -----------------------------------  TOKEN ---------------------------------- "
    Write-Host $token
    Write-Host " -----------------------------------  REFRESH TOKEN ---------------------------------- "
    Write-Host $refreshToken 
    ```
 4. Open an elevated PowerShell command prompt in the `MsspTokensAcquisition` folder.
 5. Run the following command: 
   `Set-ExecutionPolicy -ExecutionPolicy Bypass`
 6. Enter the following commands: `.\MsspTokensAcquisition.ps1 -clientId <client_id> -secret <app_key> -tenantId <customer_tenant_id>`
    - Replace \<client_id\> with the **Application (client) ID** you got from the previous step.
    - Replace \<app_key\> with the **Client Secret** you created from the previous step.
    - Replace \<customer_tenant_id\> with your customer's **Tenant ID**. 
 7. You'll be asked to provide your credentials and consent. Ignore the page redirect.
 8. In the PowerShell window, you'll receive an access token and a refresh token. Save the refresh token to configure your SIEM connector. 
 ### Step 3: Allow your application on Microsoft Defender Security Center
 You'll need to allow the application you created in Microsoft Defender Security Center.
 You'll need to have **Manage portal system settings** permission to allow the application. Otherwise, you'll need to request your customer to allow the application for you.
 1. Go to `https://securitycenter.windows.com?tid=<customer_tenant_id>` (replace \<customer_tenant_id\> with the customer's tenant ID.
 2. Click **Settings** > **SIEM**. 
 3. Select the **MSSP** tab.
 4. Enter the **Application ID** from the first step and your **Tenant ID**.
 5. Click **Authorize application**. 
 You can now download the relevant configuration file for your SIEM and connect to the Microsoft Defender ATP API. For more information see, [Pull alerts to your SIEM tools](configure-siem.md).
 - In the ArcSight configuration file / Splunk Authentication Properties file  you will have to write your application key manually by settings the secret value.
 - Instead of acquiring a refresh token in the portal, use the script from the previous step to acquire a refresh token (or acquire it by other means).
 ## Fetch alerts from MSSP customer's tenant using APIs
 For information on how to fetch alerts using REST API, see [Pull alerts using REST API](pull-alerts-using-rest-api.md).
 ## Related topics
 - [Grant MSSP access to the portal](grant-mssp-access.md)
 - [Access the MSSP customer portal](access-mssp-portal.md)
 - [Configure alert notifications](configure-mssp-notifications.md)
--- a/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md
@ -0,0 +1,136 @@
 ---
 title: Grant access to managed security service provider (MSSP)
 description: Take the necessary steps to configure the MSSP integration with Microsoft Defender ATP 
 keywords: managed security service provider, mssp, configure, integration
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Grant managed security service provider (MSSP) access (preview)
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
 >[!IMPORTANT] 
 >Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 To implement a multi-tenant delegated access solution, take the following steps:
 1. Enable [role-based access control](rbac.md) in Microsoft Defender ATP and connect with Active Directory (AD) groups.
 2. Configure [Governance Access Packages](https://docs.microsoft.com/azure/active-directory/governance/identity-governance-overview) for access request and provisioning.
 3. Manage access requests and audits in [Microsoft Myaccess](https://docs.microsoft.com/azure/active-directory/governance/entitlement-management-request-approve).
 ## Enable role-based access controls in Microsoft Defender ATP
 1. **Create access groups for MSSP resources in Customer AAD: Groups**
    These groups will be linked to the Roles you create in Microsoft Defender ATP. To do so, in the customer AD tenant, create three groups. In our example approach, we create the following groups:
    - Tier 1 Analyst 
    - Tier 2 Analyst 
    - MSSP Analyst Approvers  
 2. Create Microsoft Defender ATP roles for appropriate access levels in Customer Microsoft Defender ATP.
    To enable RBAC in the customer Microsoft Defender Security Center, access **Settings > Permissions > Roles** and "Turn on roles", from a user account with Global Administrator or Security Administrator rights.
    ![Image of MSSP access](images/mssp-access.png)
    Then, create RBAC roles to meet MSSP SOC Tier needs. Link these roles to the created user groups via “Assigned user groups”.
    Two possible roles:
    - **Tier 1 Analysts** <br>
      Perform all actions except for live response and manage security settings.
    - **Tier 2 Analysts** <br>
      Tier 1 capabilities with the addition to [live response](live-response.md)
    For more information, see [Use role-based access control](rbac.md).
 ## Configure Governance Access Packages
 1.	**Add MSSP as Connected Organization in Customer AAD: Identity Governance**
    Adding the MSSP as a connected organization will allow the MSSP to request and have accesses provisioned. 
    To do so, in the customer AD tenant, access Identity Governance: Connected organization. Add a new organization and search for your MSSP Analyst tenant via Tenant ID or Domain. We suggest creating a separate AD tenant for your MSSP Analysts.
 2. **Create a resource catalog in Customer AAD: Identity Governance**
    Resource catalogs are a logical collection of access packages, created in the customer AD tenant.
    To do so, in the customer AD tenant,  access Identity Governance: Catalogs, and add **New Catalog**. In our example, we will call it **MSSP Accesses**. 
    ![Image of new catalog](images/goverance-catalog.png)
    Further more information, see [Create a catalog of resources](https://docs.microsoft.com/azure/active-directory/governance/entitlement-management-catalog-create).
 3. **Create access packages for MSSP resources Customer AAD: Identity Governance**
    Access packages are the collection of rights and accesses that a requestor will be granted upon approval. 
    To do so, in the customer AD tenant, access Identity Governance: Access Packages, and add **New Access Package**. Create an access package for the MSSP approvers and each analyst tier. For example, the following Tier 1 Analyst configuration creates an access package that:
    - Requires a member of the AD group **MSSP Analyst Approvers** to authorize new requests
    - Has annual access reviews, where the SOC analysts can request an access extension
    - Can only be requested by users in the MSSP SOC Tenant
    - Access auto expires after 365 days
    ![Image of new access package](images/new-access-package.png)
    For more information, see [Create a new access package](https://docs.microsoft.com/azure/active-directory/governance/entitlement-management-access-package-create).
 4. **Provide access request link to MSSP resources from Customer AAD: Identity Governance**
    The My Access portal link is used by MSSP SOC analysts to request access via the access packages created. The link is durable, meaning the same link may be used over time for new analysts. The analyst request goes into a queue for approval by the **MSSP Analyst Approvers**.
    ![Image of access properties](images/access-properties.png)
    The link is located on the overview page of each access package.
 ## Manage access 
 1. Review and authorize access requests in Customer and/or MSSP myaccess.
    Access requests are managed in the customer My Access, by members of the MSSP Analyst Approvers group.
    To do so, access the customer’s myaccess using: 
    `https://myaccess.microsoft.com/@<Customer Domain >`. 
    Example:  `https://myaccess.microsoft.com/@M365x440XXX.onmicrosoft.com#/`   
 2. Approve or deny requests in the **Approvals** section of the UI.
    At this point, analyst access has been provisioned, and each analyst should be able to access the customer’s Microsoft Defender Security Center: `https://securitycenter.Microsoft.com/?tid=<CustomerTenantId>`
 ## Related topics
 - [Access the MSSP customer portal](access-mssp-portal.md)
 - [Configure alert notifications](configure-mssp-notifications.md)
 - [Fetch alerts from customer tenant](fetch-alerts-mssp.md)
--- a/windows/security/threat-protection/microsoft-defender-atp/images/access-properties.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/access-properties.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/goverance-catalog.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/goverance-catalog.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/mssp-access.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/mssp-access.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/new-access-package.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/new-access-package.png
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md
@ -27,6 +27,9 @@ ms.topic: article
 Investigate the details of an alert raised on a specific device to identify other behaviors or events that might be related to the alert or the potential scope of the breach.
 > [!NOTE]
 > As part of the investigation or response process, you can collect an investigation package from a device. Here's how: [Collect investigation package from devices](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts#collect-investigation-package-from-devices).
 You can click on affected devices whenever you see them in the portal to open a detailed report about that device. Affected devices are identified in the following areas:
 - [Devices list](investigate-machines.md)
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md
@ -19,6 +19,10 @@ ms.topic: conceptual
 # What's new in Microsoft Defender Advanced Threat Protection for Linux
 ## 101.03.48
 - Bug fixes
 ## 101.02.55
 - Fixed an issue where the product sometimes does not start following a reboot / upgrade
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
@ -86,7 +86,7 @@ ms.topic: conceptual
 - Fixed an issue where Microsoft Defender ATP for Mac was sometimes interfering with Time Machine
 - Added a new switch to the command-line utility for testing the connectivity with the backend service
  ```bash
-  $ mdatp --connectivity-test
+  mdatp --connectivity-test
  ```
 - Added ability to view the full threat history in the user interface (can be accessed from the **Protection history** view)
 - Performance improvements & bug fixes
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
@ -80,8 +80,8 @@ The following downloadable spreadsheet lists the services and their associated U
 Microsoft Defender ATP can discover a proxy server by using the following discovery methods:
- Proxy auto-config (PAC)
+- Proxy autoconfig (PAC)
- Web Proxy Auto-discovery Protocol (WPAD)
+- Web Proxy Autodiscovery Protocol (WPAD)
 - Manual static proxy configuration
 If a proxy or firewall is blocking anonymous traffic, make sure that anonymous traffic is permitted in the previously listed URLs.
@ -96,7 +96,7 @@ To test that a connection is not blocked, open [https://x.cp.wd.microsoft.com/ap
 If you prefer the command line, you can also check the connection by running the following command in Terminal:
 ```bash
-$ curl -w ' %{url_effective}\n' 'https://x.cp.wd.microsoft.com/api/report' 'https://cdn.x.cp.wd.microsoft.com/ping'
+curl -w ' %{url_effective}\n' 'https://x.cp.wd.microsoft.com/api/report' 'https://cdn.x.cp.wd.microsoft.com/ping'
 ```
 The output from this command should be similar to the following:
@ -110,7 +110,7 @@ The output from this command should be similar to the following:
 Once Microsoft Defender ATP is installed, connectivity can be validated by running the following command in Terminal:
 ```bash
-$ mdatp --connectivity-test
+mdatp --connectivity-test
 ```
 ## How to update Microsoft Defender ATP for Mac
--- a/windows/security/threat-protection/microsoft-defender-atp/preview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md
@ -49,9 +49,6 @@ Turn on the preview experience setting to be among the first to try upcoming fea
 The following features are included in the preview release:
 - [Microsoft Defender ATP for Android](microsoft-defender-atp-android.md) <br> Microsoft Defender ATP now adds support for Android. Learn how to install, configure, and use Microsoft Defender ATP for Android.
 - [Create indicators for certificates](manage-indicators.md) <br> Create indicators to allow or block certificates. 
 - [Threat & Vulnerability supported operating systems and platforms](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os) <BR> Ensure that you meet the operating system or platform requisites for Threat & Vulnerability Management so the activities in your devices are properly accounted for. Threat & Vulnerability Management supports Windows 7, Windows 10 1607-1703, Windows 10 1709+, Windows Server 2008R2, Windows Server 2012R2, Windows Server 2016, Windows Server 2019. <BR> <BR> Secure Configuration Assessment (SCA) supports Windows 10 1709+, Windows Server 2008R2, Windows Server 2012R2, Windows Server 2016, and Windows Server 2019.
 - [Threat & Vulnerability Management granular exploit details](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses) <BR> You can now see a comprehensive set of details on the vulnerabilities found in your device to give you informed decision on your next steps. The threat insights icon now shows more granular details, such as if the exploit is a part of an exploit kit, connected to specific advanced persistent campaigns or activity groups for which, Threat Analytics report links are provided that you can read, has associated zero-day exploitation news, disclosures, or related security advisories.
--- a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md
@ -36,6 +36,9 @@ For more information preview features, see [Preview features](https://docs.micro
 > ```
 ## July 2020
 - [Create indicators for certificates](manage-indicators.md) <br> Create indicators to allow or block certificates. 
 ## June 2020
 - [Microsoft Defender ATP for Linux](microsoft-defender-atp-linux.md) <br> Microsoft Defender ATP now adds support for Linux. Learn how to install, configure, update, and use Microsoft Defender ATP for Linux.