checking in change

devices/surface-hub/prepare-your-environment-for-surface-hub.md

@@ -63,7 +63,7 @@ There are a few more item to consider before you start the [first-run program](f
 You can use provisioning packages to add certificates, customize settings and install apps. See [Create provisioning packages](provisioning-packages-for-certificates-surface-hub.md) for details. You can [install provisioning packages at first-run](first-run-program-surface-hub.md#first-page).
 
 ### Set up admin groups
-Every Surface Hub can be configured locally using the Settings app on the device. To prevent unauthorized users from changing settings, the Settings app requires admin credentials to open the app. See [Admin group management](admin-group-management-for-surface-hub.md) for details on how admin groups are set up and managed. You will [set up admins for the device at first run](first-run-program-surface-hub.md#setup-admins)).
+Every Surface Hub can be configured locally using the Settings app on the device. To prevent unauthorized users from changing settings, the Settings app requires admin credentials to open the app. See [Admin group management](admin-group-management-for-surface-hub.md) for details on how admin groups are set up and managed. You will [set up admins for the device at first run](first-run-program-surface-hub.md#setup-admins).
 
 ### Review and complete Surface Hub setup worksheet (optional)
 When you go through the first-run program for your Surface Hub, there's some information that you'll need to supply. The setup worksheet summarizes that info, and provides lists of environment-specific info that you'll need when you go through the first-run program. For more information, see [Setup worksheet](setup-worksheet-surface-hub.md).

devices/surface/TOC.md

@@ -1,22 +1,25 @@
 # [Surface](index.md)
-## [Advanced UEFI security features for Surface Pro 3](advanced-uefi-security-features-for-surface-pro-3.md)
+## [Deploy Surface devices](deploy.md)
-## [Customize the OOBE for Surface deployments](customize-the-oobe-for-surface-deployments.md)
+### [Deploy Windows 10 to Surface devices with MDT](deploy-windows-10-to-surface-devices-with-mdt.md)
+### [Upgrade Surface devices to Windows 10 with MDT](upgrade-surface-devices-to-windows-10-with-mdt.md)
+### [Customize the OOBE for Surface deployments](customize-the-oobe-for-surface-deployments.md)
+### [Ethernet adapters and Surface deployment](ethernet-adapters-and-surface-device-deployment.md)
+### [Surface Deployment Accelerator](microsoft-surface-deployment-accelerator.md)
+#### [Step by step: Surface Deployment Accelerator](step-by-step-surface-deployment-accelerator.md)
+#### [Using the Surface Deployment Accelerator deployment share](using-the-sda-deployment-share.md)
+## [Surface firmware and driver updates](update.md)
+### [Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)
+### [Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md)
+### [Manage Surface Dock firmware updates](manage-surface-dock-firmware-updates.md)
+### [Surface Dock Updater](surface-dock-updater.md)
 ## [Deploy Surface app with Windows Store for Business](deploy-surface-app-with-windows-store-for-business.md)
-## [Deploy Windows 10 to Surface devices with MDT](deploy-windows-10-to-surface-devices-with-mdt.md)
-## [Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)
 ## [Enable PEAP, EAP-FAST, and Cisco LEAP on Surface devices](enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md)
-## [Ethernet adapters and Surface deployment](ethernet-adapters-and-surface-device-deployment.md)
-## [Manage Surface Dock firmware updates](manage-surface-dock-firmware-updates.md)
-## [Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md)
 ## [Manage Surface UEFI settings](manage-surface-uefi-settings.md)
-## [Surface Data Eraser](microsoft-surface-data-eraser.md)
+### [Advanced UEFI security features for Surface Pro 3](advanced-uefi-security-features-for-surface-pro-3.md)
-## [Surface Deployment Accelerator](microsoft-surface-deployment-accelerator.md)
-### [Step by step: Surface Deployment Accelerator](step-by-step-surface-deployment-accelerator.md)
-### [Using the Surface Deployment Accelerator deployment share](using-the-sda-deployment-share.md)
-## [Surface Diagnostic Toolkit](surface-diagnostic-toolkit.md)
-## [Surface Dock Updater](surface-dock-updater.md)
 ## [Surface Enterprise Management Mode](surface-enterprise-management-mode.md)
 ### [Enroll and configure Surface devices with SEMM](enroll-and-configure-surface-devices-with-semm.md)
 ### [Unenroll Surface devices from SEMM](unenroll-surface-devices-from-semm.md)
-## [Upgrade Surface devices to Windows 10 with MDT](upgrade-surface-devices-to-windows-10-with-mdt.md)
+## [Surface Diagnostic Toolkit](surface-diagnostic-toolkit.md)
+## [Surface Data Eraser](microsoft-surface-data-eraser.md)
+
 

devices/surface/deploy.md

@@ -0,0 +1,43 @@
+---
+title: Deploy Surface devices (Surface)
+description: Get deployment guidance for your Surface devices including information about MDT, OOBE customization, Ethernet adaptors, and Surface Deployment Accelerator.
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.pagetype: surface, devices
+ms.sitesec: library
+author: heatherpoulsen
+---
+
+# Deploy Surface devices
+
+Get deployment guidance for your Surface devices including information about MDT, OOBE customization, Ethernet adaptors, and Surface Deployment Accelerator.
+
+## In this section
+
+| Topic | Description |
+| --- | --- |
+| [Deploy Windows 10 to Surface devices with MDT](deploy-windows-10-to-surface-devices-with-mdt.md) | Walk through the recommended process of how to deploy Windows 10 to your Surface devices with the Microsoft Deployment Toolkit.|
+| [Upgrade Surface devices to Windows 10 with MDT](upgrade-surface-devices-to-windows-10-with-mdt.md)| Find out how to perform a Windows 10 upgrade deployment to your Surface devices. |
+| [Customize the OOBE for Surface deployments](customize-the-oobe-for-surface-deployments.md)| Walk through the process of customizing the Surface out-of-box experience for end users in your organization.|
+| [Ethernet adapters and Surface deployment](ethernet-adapters-and-surface-device-deployment.md)| Get guidance and answers to help you perform a network deployment to Surface devices.|
+| [Surface Deployment Accelerator](microsoft-surface-deployment-accelerator.md)| See how Microsoft Surface Deployment Accelerator provides a quick and simple deployment mechanism for organizations to reimage Surface devices. |
+
+
+
+ 
+
+## Related topics
+
+
+[Surface TechCenter](https://technet.microsoft.com/windows/surface)
+
+[Surface for IT pros blog](http://blogs.technet.com/b/surface/)
+
+ 
+
+ 
+
+
+
+
+

devices/surface/index.md

@@ -12,96 +12,28 @@ author: heatherpoulsen
 # Surface
 
 
-## Purpose
-
-
 This library provides guidance to help you deploy Windows on Surface devices, keep those devices up to date, and easily manage and support Surface devices in your organization.
 
 For more information on planning for, deploying, and managing Surface devices in your organization, see the [Surface TechCenter](https://technet.microsoft.com/en-us/windows/surface).
 
 ## In this section
 
+| Topic | Description |
+| --- | --- |
+| [Deploy Surface devices](deploy.md) | Get deployment guidance for your Surface devices including information about MDT, OOBE customization, Ethernet adaptors, and Surface Deployment Accelerator. |
+| [Surface firmware and driver updates](update.md) | Find out how to download and manage the latest firmware and driver updates for your Surface device. |
+| [Deploy Surface app with Windows Store for Business](deploy-surface-app-with-windows-store-for-business.md) | Find out how to add and download Surface app with Windows Store for Business, as well as install Surface app with PowerShell and MDT. |
+| [Enable PEAP, EAP-FAST, and Cisco LEAP on Surface devices](enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md) | Find out how to enable support for PEAP, EAP-FAST, or Cisco LEAP protocols on your Surface device. |
+| [Manage Surface UEFI settings](manage-surface-uefi-settings.md) | Use Surface UEFI settings to enable or disable devices, configure security settings, and adjust Surface device boot settings. |
+| [Surface Enterprise Management Mode](surface-enterprise-management-mode.md) | See how this feature of Surface devices with Surface UEFI allows you to secure and manage firmware settings within your organization. |
+| [Surface Diagnostic Toolkit](surface-diagnostic-toolkit.md) | Find out how you can use the Microsoft Surface Diagnostic Toolkit to test the hardware of your Surface device. |
+| [Surface Data Eraser](microsoft-surface-data-eraser.md) | Find out how the Microsoft Surface Data Eraser tool can help you securely wipe data from your Surface devices. |
+
+
+
+
 
-<table>
-<colgroup>
-<col width="50%" />
-<col width="50%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>Topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td><p>[Advanced UEFI security features for Surface Pro 3](advanced-uefi-security-features-for-surface-pro-3.md)</p></td>
-<td><p>Find out how to install and configure the v3.11.760.0 UEFI update to enable additional security options for Surface Pro 3 devices.</p></td>
-</tr>
-<tr class="even">
-<td><p>[Customize the OOBE for Surface deployments](customize-the-oobe-for-surface-deployments.md)</p></td>
-<td><p>Walk through the process of customizing the Surface out-of-box experience for end users in your organization.</p></td>
-</tr>
-<tr class="odd">
-<td><p>[Deploy Surface app with Windows Store for Business](deploy-surface-app-with-windows-store-for-business.md)</p></td>
-<td><p>Find out how to add and download Surface app with Windows Store for Business, as well as install Surface app with PowerShell and MDT.</p></td>
-</tr>
-<tr class="even">
-<td><p>[Deploy Windows 10 to Surface devices with MDT](deploy-windows-10-to-surface-devices-with-mdt.md)</p></td>
-<td><p>Walk through the recommended process of how to deploy Windows 10 to your Surface devices with the Microsoft Deployment Toolkit.</p></td>
-</tr>
-<tr class="odd">
-<td><p>[Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)</p></td>
-<td><p>Get a list of the available downloads for Surface devices and links to download the drivers and firmware for your device.</p></td>
-</tr>
-<tr class="even">
-<td><p>[Enable PEAP, EAP-FAST, and Cisco LEAP on Surface devices](enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md)</p></td>
-<td><p>Find out how to enable support for PEAP, EAP-FAST, or Cisco LEAP protocols on your Surface device.</p></td>
-</tr>
-<tr class="odd">
-<td><p>[Ethernet adapters and Surface deployment](ethernet-adapters-and-surface-device-deployment.md)</p></td>
-<td><p>Get guidance and answers to help you perform a network deployment to Surface devices.</p></td>
-</tr>
-<tr class="even">
-<td><p>[Manage Surface Dock firmware updates](manage-surface-dock-firmware-updates.md)</p></td>
-<td><p>Read about the different methods you can use to manage the process of Surface Dock firmware updates.</p></td>
-</tr>
-<tr class="odd">
-<td><p>[Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md)</p></td>
-<td><p>Explore the available options to manage firmware and driver updates for Surface devices.</p></td>
-</tr>
-<tr class="even">
-<td><p>[Manage Surface UEFI settings](manage-surface-uefi-settings.md)<p></td>
-<td><p>Use Surface UEFI settings to enable or disable devices, configure security settings, and adjust Surface device boot settings.</p></td>
-</tr>
-<tr class="odd">
-<td><p>[Surface Data Eraser](microsoft-surface-data-eraser.md)</p></td>
-<td><p>Find out how the Microsoft Surface Data Eraser tool can help you securely wipe data from your Surface devices.</p></td>
-</tr>
-<tr class="even">
-<td><p>[Surface Deployment Accelerator](microsoft-surface-deployment-accelerator.md)</p></td>
-<td><p>See how Microsoft Surface Deployment Accelerator provides a quick and simple deployment mechanism for organizations to reimage Surface devices.</p></td>
-</tr>
-<tr class="odd">
-<td><p>[Surface Diagnostic Toolkit](surface-diagnostic-toolkit.md)</p></td>
-<td><p>Find out how you can use the Microsoft Surface Diagnostic Toolkit to test the hardware of your Surface device.</p></td>
-</tr>
-<tr class="even">
-<td><p>[Surface Dock Updater](surface-dock-updater.md)</p></td>
-<td><p>Get a detailed walkthrough of Microsoft Surface Dock Updater.</p></td>
-</tr>
-<tr class="odd">
-<td><p>[Surface Enterprise Management Mode](surface-enterprise-management-mode.md)</p></td>
-<td><p>See how this feature of Surface devices with Surface UEFI allows you to secure and manage firmware settings within your organization.
-</p></td>
-</tr>
-<tr class="even">
-<td><p>[Upgrade Surface devices to Windows 10 with MDT](upgrade-surface-devices-to-windows-10-with-mdt.md)</p></td>
-<td><p>Find out how to perform a Windows 10 upgrade deployment to your Surface devices.</p></td>
-</tr>
 
-</tbody>
-</table>
 
  
 

devices/surface/manage-surface-uefi-settings.md

@@ -14,7 +14,8 @@ author: miladCA
 
 Current and future generations of Surface devices, including Surface Pro 4 and Surface Book, use a unique UEFI firmware engineered by Microsoft specifically for these devices. This firmware allows for significantly greater control of the device’s operation over firmware versions in earlier generation Surface devices, including the support for touch, mouse, and keyboard operation. By using the Surface UEFI settings you can easily enable or disable internal devices or components, configure security to protect UEFI settings from being changed, and adjust the Surface device boot settings. 
 
->**Note:**  Surface Pro 3, Surface 3, Surface Pro 2, Surface 2, Surface Pro, and Surface do not use the Surface UEFI and instead use firmware provided by third-party manufacturers, such as AMI.
+>[!NOTE]
+>Surface Pro 3, Surface 3, Surface Pro 2, Surface 2, Surface Pro, and Surface do not use the Surface UEFI and instead use firmware provided by third-party manufacturers, such as AMI.
 
 You can enter the Surface UEFI settings on your Surface device by pressing the **Volume Up** button and the **Power** button simultaneously. Hold the **Volume Up** button until the Surface logo is displayed, which indicates that the device has begun to boot. 
 
@@ -137,3 +138,7 @@ Use the **Restart Now** button on the **Exit** page to exit UEFI settings, as sh
 ![Exit Surface UEFI and restart the device](images/manage-surface-uefi-fig8.png "Exit Surface UEFI and restart the device")
 
 *Figure 8. Click Restart Now to exit Surface UEFI and restart the device*
+
+## Related topics
+
+[Advanced UEFI security features for Surface Pro 3](advanced-uefi-security-features-for-surface-pro-3.md)

devices/surface/microsoft-surface-deployment-accelerator.md

@@ -115,6 +115,10 @@ This version is the original release of SDA. This version of SDA includes suppor
 * Windows 8.1
 
 
-
+## Related topics
+
+[Step by step: Surface Deployment Accelerator](step-by-step-surface-deployment-accelerator.md)
+
+[Using the Surface Deployment Accelerator deployment share](using-the-sda-deployment-share.md)
 
 

devices/surface/surface-enterprise-management-mode.md

@@ -13,7 +13,8 @@ author: jobotto
 
 Microsoft Surface Enterprise Management Mode (SEMM) is a feature of Surface devices with Surface UEFI that allows you to secure and manage firmware settings within your organization. With SEMM, IT professionals can prepare configurations of UEFI settings and install them on a Surface device. In addition to the ability to configure UEFI settings, SEMM also uses a certificate to protect the configuration from unauthorized tampering or removal.
 
->**Note**:  SEMM is only available on devices with Surface UEFI firmware, such as Surface Pro 4 and Surface Book. For more information about Surface UEFI, see [Manage Surface UEFI Settings](https://technet.microsoft.com/en-us/itpro/surface/manage-surface-uefi-settings).
+>[!NOTE]
+>SEMM is only available on devices with Surface UEFI firmware, such as Surface Pro 4 and Surface Book. For more information about Surface UEFI, see [Manage Surface UEFI Settings](https://technet.microsoft.com/itpro/surface/manage-surface-uefi-settings).
 
 When Surface devices are configured by SEMM and secured with the SEMM certificate, they are considered *enrolled* in SEMM. When the SEMM certificate is removed and control of UEFI settings is returned to the user of the device, the Surface device is considered *unenrolled* in SEMM.
 
@@ -25,7 +26,8 @@ The primary workspace of SEMM is Microsoft Surface UEFI Configurator, as shown i
 
 *Figure 1. Microsoft Surface UEFI Configurator*
 
->**Note**:  Windows 10 is required to run Microsoft Surface UEFI Configurator
+>[!NOTE]
+>Windows 10 is required to run Microsoft Surface UEFI Configurator
 
 You can use the Microsoft Surface UEFI Configurator tool in three modes:
 
@@ -36,7 +38,7 @@ You can use the Microsoft Surface UEFI Configurator tool in three modes:
 
 #### Download Microsoft Surface UEFI Configurator
 
-You can download Microsoft Surface UEFI Configurator from the [Surface Tools for IT](https://www.microsoft.com/en-us/download/details.aspx?id=46703) page in the Microsoft Download Center.
+You can download Microsoft Surface UEFI Configurator from the [Surface Tools for IT](https://www.microsoft.com/download/details.aspx?id=46703) page in the Microsoft Download Center.
 
 ### Configuration package
 
@@ -48,7 +50,8 @@ Surface UEFI configuration packages are the primary mechanism to implement and m
 
 See the [Surface Enterprise Management Mode certificate requirements](#surface-enterprise-management-mode-certificate-requirements) section of this article for more information about the requirements for the SEMM certificate.
 
->**Note**:  You can also specify a UEFI password with SEMM that is required to view the **Security**, **Devices**, **Boot Configuration**, or **Enterprise Management** pages of Surface UEFI.
+>[!NOTE]
+>You can also specify a UEFI password with SEMM that is required to view the **Security**, **Devices**, **Boot Configuration**, or **Enterprise Management** pages of Surface UEFI.
 
 After a device is enrolled in SEMM, the configuration file is read and the settings specified in the file are applied to UEFI. When you run a configuration package on a device that is already enrolled in SEMM, the signature of the configuration file is checked against the certificate that is stored in the device firmware. If the signature does not match, no changes are applied to the device.
 
@@ -85,7 +88,8 @@ You can configure the following advanced settings with SEMM:
 * Display of the Surface UEFI **Devices** page
 * Display of the Surface UEFI **Boot** page
 
->**Note**:  When you create a SEMM configuration package, two characters are shown on the **Successful** page, as shown in Figure 5.
+>[!NOTE]
+>When you create a SEMM configuration package, two characters are shown on the **Successful** page, as shown in Figure 5.
 
 ![Certificate thumbprint display](images\surface-ent-mgmt-fig5-success.png "Certificate thumbprint display")
 
@@ -113,11 +117,13 @@ In some scenarios, it may be impossible to use a Surface UEFI reset package. (Fo
 
 When you use the process on the **Enterprise Management** page to reset SEMM on a Surface device, you are provided with a Reset Request. This Reset Request can be saved as a file to a USB drive, copied as text, or read as a QR Code with a mobile device to be easily emailed or messaged. Use the Microsoft Surface UEFI Configurator Reset Request option to load a Reset Request file or enter the Reset Request text or QR Code. Microsoft Surface UEFI Configurator will generate a verification code that can be entered on the Surface device. If you enter the code on the Surface device and click **Restart**, the device will be unenrolled from SEMM. 
 
->**Note**:  A Reset Request expires two hours after it is created.
+>[!NOTE]
+>A Reset Request expires two hours after it is created.
 
 ## Surface Enterprise Management Mode certificate requirements
 
->**Note**:  The SEMM certificate is required to perform any modification to SEMM or Surface UEFI settings on enrolled Surface devices. If the SEMM certificate is corrupted or lost, SEMM cannot be removed or reset. Manage your SEMM certificate accordingly with an appropriate solution for backup and recovery.
+>[!NOTE]
+>The SEMM certificate is required to perform any modification to SEMM or Surface UEFI settings on enrolled Surface devices. If the SEMM certificate is corrupted or lost, SEMM cannot be removed or reset. Manage your SEMM certificate accordingly with an appropriate solution for backup and recovery.
 
 Packages created with the Microsoft Surface UEFI Configurator tool are signed with a certificate. This certificate ensures that after a device is enrolled in SEMM, only packages created with the approved certificate can be used to modify the settings of UEFI. The following settings are recommended for the SEMM certificate:
 
@@ -132,8 +138,9 @@ Packages created with the Microsoft Surface UEFI Configurator tool are signed wi
 
 It is also recommended that the SEMM certificate be authenticated in a two-tier public key infrastructure (PKI) architecture where the intermediate certification authority (CA) is dedicated to SEMM, enabling certificate revocation. For more information about a two-tier PKI configuration, see [Test Lab Guide: Deploying an AD CS Two-Tier PKI Hierarchy](https://technet.microsoft.com/library/hh831348).
 
->**Note**:  You can use the following PowerShell script to create a self-signed certificate for use in proof-of-concept scenarios.
+>[!NOTE]
-  To use this script, copy the following text into Notepad and save the file as a PowerShell script (.ps1). This script creates a certificate with a password of `12345678`.<br/><br/>The certificate generated by this script is not recommended for production environments.
+>You can use the following PowerShell script to create a self-signed certificate for use in proof-of-concept scenarios.
+ > To use this script, copy the following text into Notepad and save the file as a PowerShell script (.ps1). This script creates a certificate with a password of `12345678`.<br/><br/>The certificate generated by this script is not recommended for production environments.
   
    ```
 if (-not (Test-Path "Demo Certificate"))  { New-Item -ItemType Directory -Force -Path "Demo Certificate" }
@@ -160,4 +167,11 @@ $TestUefiV2 | Export-PfxCertificate -Password $pw -FilePath "Demo Certificate\Te
 
 For use with SEMM and Microsoft Surface UEFI Configurator, the certificate must be exported with the private key and with password protection. Microsoft Surface UEFI Configurator will prompt you to select the SEMM certificate file (.pfx) and certificate password when it is required.
 
->**Note**:&nbsp;&nbsp;For organizations that use an offline root in their PKI infrastructure, Microsoft Surface UEFI Configurator must be run in an environment connected to the root CA to authenticate the SEMM certificate. The packages generated by Microsoft Surface UEFI Configurator can be transferred as files and therefore can be transferred outside the offline network environment with removable storage, such as a USB stick.
+>[!NOTE]
+>For organizations that use an offline root in their PKI infrastructure, Microsoft Surface UEFI Configurator must be run in an environment connected to the root CA to authenticate the SEMM certificate. The packages generated by Microsoft Surface UEFI Configurator can be transferred as files and therefore can be transferred outside the offline network environment with removable storage, such as a USB stick.
+
+## Related topics
+
+[Enroll and configure Surface devices with SEMM](enroll-and-configure-surface-devices-with-semm.md)
+
+[Unenroll Surface devices from SEMM](unenroll-surface-devices-from-semm.md)

devices/surface/update.md

@@ -0,0 +1,38 @@
+---
+title: Surface firmware and driver updates (Surface)
+description: Find out how to download and manage the latest firmware and driver updates for your Surface device.
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.pagetype: surface, devices
+ms.sitesec: library
+author: heatherpoulsen
+---
+
+# Surface firmware and driver updates
+
+Find out how to download and manage the latest firmware and driver updates for your Surface device.
+
+## In this section
+
+| Topic | Description |
+| --- | --- |
+| [Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)| Get a list of the available downloads for Surface devices and links to download the drivers and firmware for your device.| 
+| [Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md)| Explore the available options to manage firmware and driver updates for Surface devices.|
+| [Manage Surface Dock firmware updates](manage-surface-dock-firmware-updates.md)| Read about the different methods you can use to manage the process of Surface Dock firmware updates.|
+| [Surface Dock Updater](surface-dock-updater.md)| Get a detailed walkthrough of Microsoft Surface Dock Updater.|
+ 
+
+## Related topics
+
+[Surface TechCenter](https://technet.microsoft.com/windows/surface)
+
+[Surface for IT pros blog](http://blogs.technet.com/b/surface/)
+
+ 
+
+ 
+
+
+
+
+

windows/keep-secure/create-wip-policy-using-intune.md

@@ -380,7 +380,7 @@ There are no default locations included with WIP, you must add each of your netw
             </tr>
             <tr>
                 <td>Enterprise Proxy Servers</td>
-                <td>proxy.contoso.com:80;proxy2.contoso.com:137</td>
+                <td>proxy.contoso.com:80;proxy2.contoso.com:443</td>
                 <td>Specify your externally-facing proxy server addresses, along with the port through which traffic is allowed and protected with WIP.<p>This list shouldn’t include any servers listed in the Enterprise Internal Proxy Servers list, which are used for WIP-protected traffic.<p>This setting is also required if you use a proxy in your network. If you don't have a proxy server, you might find that enterprise resources are unavailable when a client is behind a proxy, such as when you’re visiting another company and not on that company’s guest network.<p>If you have multiple resources, you must separate them using the ";" delimiter.</td>
             </tr>
             <tr>

windows/keep-secure/create-wip-policy-using-sccm.md

@@ -401,7 +401,7 @@ There are no default locations included with WIP, you must add each of your netw
         </tr>
         <tr>
             <td>Enterprise Proxy Servers</td>
-            <td>proxy.contoso.com:80;proxy2.contoso.com:137</td>
+            <td>proxy.contoso.com:80;proxy2.contoso.com:443</td>
             <td>Specify your externally-facing proxy server addresses, along with the port through which traffic is allowed and protected with WIP.<p>This list shouldn’t include any servers listed in the Enterprise Internal Proxy Servers list, which are used for WIP-protected traffic.<p>This setting is also required if you use a proxy in your network. If you don't have a proxy server, you might find that enterprise resources are unavailable when a client is behind a proxy, such as when you’re visiting another company and not on that company’s guest network.<p>If you have multiple resources, you must separate them using the ";" delimiter.</td>
         </tr>
         <tr>

windows/manage/manage-cortana-in-enterprise.md

@@ -56,7 +56,7 @@ Set up and manage Cortana by using the following Group Policy and mobile device
 |Computer Configuration\Administrative Templates\Windows Components\Search\AllowCortanaAboveLock |AboveLock/AllowCortanaAboveLock |Specifies whether an employee can interact with Cortana using voice commands when the system is locked.<p>**Note**<br>This setting only applies to Windows 10 for desktop devices. |
 |Computer Configuration\Administrative Templates\Control Panel\Regional and Language Options\Allow input personalization |Privacy/AllowInputPersonalization |Specifies whether an employee can use voice commands with Cortana in the enterprise.<p>**In Windows 10, version 1511**<br>Cortana won’t work if this setting is turned off (disabled).<p>**In Windows 10, version 1607 and later**<br>Cortana still works if this setting is turned off (disabled). |
 |None |System/AllowLocation |Specifies whether to allow app access to the Location service.<p>**In Windows 10, version 1511**<br>Cortana won’t work if this setting is turned off (disabled).<p>**In Windows 10, version 1607 and later**<br>Cortana still works if this setting is turned off (disabled). |
-|None |Accounts/AllowMicrosoftAccountConnection |Specifies whether to allow employees to sign in using a Microsoft account (MSA) from Windows apps.<p>Use this setting if you only want to support Azure AD in your organization. |
+|None |Accounts/AllowMicrosoftAccountConnection |Specifies whether to allow employees to sign in using a Microsoft account (MSA) from Windows apps. |
 |Computer Configuration\Administrative Templates\Windows Components\Search\Allow search and Cortana to use location |Search/AllowSearchToUseLocation |Specifies whether Cortana can use your current location during searches and for location reminders. |
 |Computer Configuration\Administrative Templates\Windows Components\Search\Set the SafeSearch setting for Search |Search/SafeSearchPermissions |Specifies what level of safe search (filtering adult content) is required.<p>**Note**<br>This setting only applies to Windows 10 Mobile. |
 |User Configuration\Administrative Templates\Windows Components\File Explorer\Turn off display of recent search entries in the File Explorer search box |None |Specifies whether the search box can suggest recent queries and prevent entries from being stored in the registry for future reference. |