Merged PR 2507: revised Explain text

revised Explain text

windows/device-security/security-policy-settings/accounts-administrator-account-status.md

@@ -18,18 +18,17 @@ Describes the best practices, location, values, and security considerations for
 
 ## Reference
 
-This security setting determines whether the local administrator account is enabled or disabled.
+This security setting determines whether the local Administrator account is enabled or disabled.
 
-If you try to enable the administrator account after it has been disabled, and if the current administrator password does not meet the password requirements, you cannot enable the account. In this case, an alternative member of the Administrators group must reset the password on the administrator account.
+The following conditions prevent disabling the Administrator account, even if this security setting is disabled.
 
-If you disable this policy setting, and one of the following conditions exists on the computer, the administrator account is not disabled.
-1.  No other local administrator account exists
-2.  The administrator account is currently in use
-3.  All other local administrator accounts are:
+1.  The administrator account is currently in use
+2.  The Administrators group has no other members
+3.  All other members of the Administrator group are:
     1.  Disabled
     2.  Listed in the [Deny log on locally](deny-log-on-locally.md) User Rights Assignment
 
-If the current administrator password does not meet the password requirements, you will not be able to enable the administrator account again after it has been disabled. In this case, another member of the Administrators group must set the password on the administrator account.
+If the Administrator account is disabled, you cannot enable it if the password does not meet requirements. In this case, another member of the Administrators group must reset the password.
 
 ### Possible values
 -   Enabled
@@ -51,12 +50,14 @@ Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Sec
 The following table lists the actual and effective default values for this policy. Default values are also listed on the policy’s property page.
 
 | Server type or GPO | Default value |
+| - | - |
 | Default Domain Policy | Not defined |
 | Default Domain Controller Policy |Not defined |
 | Stand-Alone Server Default Settings | Enabled |
 | DC Effective Default Settings | Enabled |
 | Member Server Effective Default Settings | Enabled |
 | Client Computer Effective Default Settings | Disabled |
+
  
 ## Policy management
 

windows/device-security/security-policy-settings/security-options.md

@@ -53,7 +53,8 @@ For info about setting security policies, see [Configure security policy setting
 | [Domain member: Maximum machine account password age](domain-member-maximum-machine-account-password-age.md) |Describes the best practices, location, values, and security considerations for the **Domain member: Maximum machine account password age** security policy setting.|
 |[Domain member: Require strong (Windows 2000 or later) session key](domain-member-require-strong-windows-2000-or-later-session-key.md)| Describes the best practices, location, values, and security considerations for the **Domain member: Require strong (Windows 2000 or later) session key** security policy setting. |
 | [Interactive logon: Display user information when the session is locked](interactive-logon-display-user-information-when-the-session-is-locked.md)| Describes the best practices, location, values, and security considerations for the **Interactive logon: Display user information when the session is locked** security policy setting. |
-| [Interactive logon: Do not display last user name](interactive-logon-do-not-display-last-user-name.md)| Describes the best practices, location, values, and security considerations for the **Interactive logon: Do not display last user name** security policy setting.| 
+| [Interactive logon: Don't display last signed-in](interactive-logon-do-not-display-last-user-name.md)| Describes the best practices, location, values, and security considerations for the **Interactive logon: Don't display last signed-in** security policy setting.| 
+| [Interactive logon: Don't display username at sign-in](interactive-logon-dont-display-username-at-sign-in.md)| Describes the best practices, location, values, and security considerations for the **Interactive logon: Do not display username at sign-in** security policy setting.| 
 | [Interactive logon: Do not require CTRL+ALT+DEL](interactive-logon-do-not-require-ctrl-alt-del.md)| Describes the best practices, location, values, and security considerations for the **Interactive logon: Do not require CTRL+ALT+DEL** security policy setting.| 
 | [Interactive logon: Machine account lockout threshold](interactive-logon-machine-account-lockout-threshold.md) | Describes the best practices, location, values, management, and security considerations for the **Interactive logon: Machine account lockout threshold** security policy setting.| 
 | [Interactive logon: Machine inactivity limit](interactive-logon-machine-inactivity-limit.md)| Describes the best practices, location, values, management, and security considerations for the **Interactive logon: Machine inactivity limit** security policy setting.| 

windows/device-security/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md

@@ -9,7 +9,7 @@ ms.pagetype: security
 author: brianlic-msft
 ---
 
-# Shutdown: Clear virtual memory pagefile - security policy setting
+# Shutdown: Clear virtual memory pagefile 
 
 **Applies to**
 -   Windows 10