From c951da6935180a8763f202e6eef77676eaecdc9d Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Wed, 18 Apr 2018 16:43:05 -0700
Subject: [PATCH 01/74] Began Part 2 of revision

---
 ...ministrator-with-the-management-console.md |  30 ++--
 ...de-packages-with-the-management-console.md |  35 ++---
 ...appv-administering-appv-with-powershell.md | 136 ++++--------------
 ...pplications-with-the-management-console.md | 110 ++++----------
 4 files changed, 80 insertions(+), 231 deletions(-)

diff --git a/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md b/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md
index 7a031ea941..7867900bd3 100644
--- a/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md
+++ b/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md
@@ -1,6 +1,6 @@
 ---
 title: How to Add or Remove an Administrator by Using the Management Console (Windows 10)
-description: How to Add or Remove an Administrator by Using the Management Console
+description: How to add or remove an administrator by using the Management Console
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
@@ -8,33 +8,27 @@ ms.sitesec: library
 ms.prod: w10
 ms.date: 04/19/2017
 ---
+# How to add or remove an administrator by using the Management Console
 
-
-# How to Add or Remove an Administrator by Using the Management Console
-
-**Applies to**
--   Windows 10, version 1607
+>Applies to: Windows 10, version 1607
 
 Use the following procedures to add or remove an administrator on the Microsoft Application Virtualization (App-V) server.
 
-**To add an administrator using the Management Console**
+## Add an administrator using the Management Console
 
-1.  Open the Microsoft Application Virtualization (App-V) Management Console and click **Administrators** in the navigation pane. The navigation pane displays a list of Access Directory (AD) users and groups that currently have administrative access to the Microsoft Application Virtualization (App-V) server.
+1. Open the Microsoft Application Virtualization (App-V) Management Console and select **Administrators** in the navigation pane. The navigation pane will display a list of Access Directory (AD) users and groups that currently have administrative access to the Microsoft Application Virtualization (App-V) server.
+2. To add a new administrator, select **Add Administrator**. Enter the name of the administrator that you want to add in the **Active Directory Name** field. Make sure to also provide the associated user account domain name. For example, **Domain** \\ **UserName**.
+3. Select the account you want to add and select **Add**. The new account should now appear in the list of server administrators.
 
-2.  To add a new administrator, click **Add Administrator** Type the name of the administrator that you want to add in the **Active Directory Name** field. Ensure you provide the associated user account domain name. For example, **Domain** \\ **UserName**.
+## Remove an administrator using the Management Console
 
-3.  Select the account that you want to add and click **Add**. The new account is displayed in the list of server administrators.
-
-**To remove an administrator using the Management Console**
-
-1.  Open the Microsoft Application Virtualization (App-V) Management Console and click **Administrators** in the navigation pane. The navigation pane displays a list of AD users and groups that currently have administrative access to the Microsoft Application Virtualization (App-V) server.
-
-2.  Right-click the account to be removed from the list of administrators and select **Remove**.
+1. Open the Microsoft Application Virtualization (App-V) Management Console and click **Administrators** in the navigation pane. The navigation pane displays a list of AD users and groups that currently have administrative access to the Microsoft Application Virtualization (App-V) server.
+2. Right-click the account to be removed from the list of administrators and select **Remove**.
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
 
 ## Related topics
 
-[Operations for App-V](appv-operations.md)
+* [Operations for App-V](appv-operations.md)
diff --git a/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md b/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md
index 19131f8521..8c3b04234f 100644
--- a/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md
+++ b/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md
@@ -1,6 +1,6 @@
 ---
 title: How to Add or Upgrade Packages by Using the Management Console (Windows 10)
-description: How to Add or Upgrade Packages by Using the Management Console
+description: How to add or upgrade packages by using the Management Console
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
@@ -8,42 +8,37 @@ ms.sitesec: library
 ms.prod: w10
 ms.date: 04/19/2017
 ---
+# How to add or upgrade packages by using the Management Console
 
-
-# How to Add or Upgrade Packages by Using the Management Console
-
-**Applies to**
--   Windows 10, version 1607
+>Applies to: Windows 10, version 1607
 
 You can the following procedure to add or upgrade a package to the App-V Management Console. To upgrade a package that already exists in the Management Console, use the following steps and import the upgraded package using the same package **Name**.
 
-**To add a package to the Management Console**
+## Add a package to the Management Console
 
-1.  Click the **Packages** tab in the navigation pane of the Management Console display.
+1. Select the **Packages** tab in the navigation pane of the Management Console display.
 
     The console displays the list of packages that have been added to the server along with status information about each package. When a package is selected, detailed information about the package is displayed in the **PACKAGES** pane.
 
-    Click the **Ungrouped** drop-down list box and specify how the packages are to be displayed in the console. You can also click the associated column header to sort the packages.
+    Select the **Ungrouped** drop-down list box and specify how the packages are to be displayed in the console. You can also click the associated column header to sort the packages.
 
-2.  To specify the package you want to add, click **Add or Upgrade Packages**.
+2. Select **Add or Upgrade Packages** to specify which package you want to add.
 
-3.  Type the full path to the package that you want to add. Use the UNC or HTTP path format, for example **\\\\servername\\sharename\\foldername\\packagename.appv** or **https://server.1234/file.appv**, and then click **Add**.
+3. Enter the full path to the package that you want to add. Use the UNC or HTTP path format, for example **\\\\servername\\sharename\\foldername\\packagename.appv** or **http<span></span>://server.1234/file.appv**, and then click **Add**.
 
-    **Important**  
-    You must select a package with the **.appv** file name extension.
+    >[!IMPORTANT]
+    >You must select a package with the **.appv** file name extension.
 
-     
+4. The page displays the status message **Adding &lt;Packagename&gt;**. Select **IMPORT STATUS** to check the status of a package that you have imported.
 
-4.  The page displays the status message **Adding &lt;Packagename&gt;**. Click **IMPORT STATUS** to check the status of a package that you have imported.
+    Click **OK** to add the package and close the **Add Package** page. If there was an error during the import, select **Detail** on the **Package Import** page for more information. The newly added package is now available in the **PACKAGES** pane.
 
-    Click **OK** to add the package and close the **Add Package** page. If there was an error during the import, click **Detail** on the **Package Import** page for more information. The newly added package is now available in the **PACKAGES** pane.
-
-5.  Click **Close** to close the **Add or Upgrade Packages** page.
+5. Select **Close** to close the **Add or Upgrade Packages** page.
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
 
 ## Related topics
 
-[Operations for App-V](appv-operations.md)
+* [Operations for App-V](appv-operations.md)
diff --git a/windows/application-management/app-v/appv-administering-appv-with-powershell.md b/windows/application-management/app-v/appv-administering-appv-with-powershell.md
index a27ad2dd60..10327aa2e2 100644
--- a/windows/application-management/app-v/appv-administering-appv-with-powershell.md
+++ b/windows/application-management/app-v/appv-administering-appv-with-powershell.md
@@ -1,5 +1,5 @@
 ---
-title: Administering App-V by Using Windows PowerShell (Windows 10)
+title: Administering App-V by using Windows PowerShell (Windows 10)
 description: Administering App-V by Using Windows PowerShell
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
@@ -8,130 +8,46 @@ ms.sitesec: library
 ms.prod: w10
 ms.date: 04/19/2017
 ---
+# Administering App-V by using Windows PowerShell
 
-
-# Administering App-V by Using Windows PowerShell
-
-**Applies to**
--   Windows 10, version 1607
+>Applies to: Windows 10, version 1607
 
 Microsoft Application Virtualization (App-V) provides Windows PowerShell cmdlets, which can help administrators perform various App-V tasks. The following sections provide more information about using Windows PowerShell with App-V.
 
-## How to administer App-V by using Windows PowerShell
-
+## How to administer App-V with Windows PowerShell
 
 Use the following Windows PowerShell procedures to perform various App-V tasks.
 
-<table>
-<colgroup>
-<col width="50%" />
-<col width="50%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th align="left">Name</th>
-<th align="left">Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td align="left"><p>[How to Load the Windows PowerShell Cmdlets for App-V and Get Cmdlet Help](appv-load-the-powershell-cmdlets-and-get-cmdlet-help.md)</p></td>
-<td align="left"><p>Describes how to install the Windows PowerShell cmdlets and find cmdlet help and examples.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>[How to Manage App-V Packages Running on a Stand-Alone Computer by Using Windows PowerShell](appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md)</p></td>
-<td align="left"><p>Describes how to manage the client package lifecycle on a stand-alone computer by using Windows PowerShell.</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>[How to Manage Connection Groups on a Stand-alone Computer by Using Windows PowerShell](appv-manage-connection-groups-on-a-stand-alone-computer-with-powershell.md)</p></td>
-<td align="left"><p>Describes how to manage connection groups by using Windows PowerShell.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>[How to Modify Client Configuration by Using Windows PowerShell](appv-modify-client-configuration-with-powershell.md)</p></td>
-<td align="left"><p>Describes how to modify the client by using Windows PowerShell.</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>[How to Apply the User Configuration File by Using Windows PowerShell](appv-apply-the-user-configuration-file-with-powershell.md)</p></td>
-<td align="left"><p>Describes how to apply a user configuration file by using Windows PowerShell.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>[How to Apply the Deployment Configuration File by Using Windows PowerShell](appv-apply-the-deployment-configuration-file-with-powershell.md)</p></td>
-<td align="left"><p>Describes how to apply a deployment configuration file by using Windows PowerShell.</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>[How to Sequence a Package by Using Windows PowerShell](appv-sequence-a-package-with-powershell.md)</p></td>
-<td align="left"><p>Describes how to create a new package by using Windows PowerShell.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>[How to Create a Package Accelerator by Using Windows PowerShell](appv-create-a-package-accelerator-with-powershell.md)</p></td>
-<td align="left"><p>Describes how to create a package accelerator by using Windows PowerShell. You can use package accelerators automatically sequence large, complex applications.</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>[How to Enable Reporting on the App-V Client by Using Windows PowerShell](appv-enable-reporting-on-the-appv-client-with-powershell.md)</p></td>
-<td align="left"><p>Describes how to enable the computer running the App-V to send reporting information.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>[How to Install the App-V Databases and Convert the Associated Security Identifiers by Using Windows PowerShell](appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md)</p></td>
-<td align="left"><p>Describes how to take an array of account names and to convert each of them to the corresponding SID in standard and hexadecimal formats.</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>[How to Configure the Client to Receive Package and Connection Groups Updates From the Publishing Server](appv-configure-the-client-to-receive-updates-from-the-publishing-server.md)
-</p></td>
-<td align="left"><p>Describes how to use Windows PowerShell to configure a client after you deploy the App-V management and publishing servers, and add the required packages and connection groups.</p></td>
-</tr>
-</tbody>
-</table>
+|Name|Description|
+|---|---|
+|[How to load the Windows PowerShell cmdlets for App-V and get cmdlet help](appv-load-the-powershell-cmdlets-and-get-cmdlet-help.md)|Describes how to install the Windows PowerShell cmdlets and find cmdlet help and examples.|
+|[How to manage App-V packages running on a stand-alone computer by using Windows PowerShell](appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md)|Describes how to manage the client package lifecycle on a stand-alone computer with Windows PowerShell.|
+|[How to manage connection groups on a stand-alone computer by using Windows PowerShell](appv-manage-connection-groups-on-a-stand-alone-computer-with-powershell.md)|Describes how to manage connection groups with Windows PowerShell.|
+|[How to modify client configuration by using Windows PowerShell](appv-modify-client-configuration-with-powershell.md)|Describes how to modify the client with Windows PowerShell.|
+|[How to apply the user configuration file by using Windows PowerShell](appv-apply-the-user-configuration-file-with-powershell.md)|Describes how to apply a user configuration file with Windows PowerShell.|
+|[How to apply the deployment configuration file by using Windows PowerShell](appv-apply-the-deployment-configuration-file-with-powershell.md)|Describes how to apply a deployment configuration file with Windows PowerShell.|
+|[How to sequence a package by using Windows PowerShell](appv-sequence-a-package-with-powershell.md)|Describes how to create a new package with Windows PowerShell.|
+|[How to create a package accelerator by using Windows PowerShell](appv-create-a-package-accelerator-with-powershell.md)|Describes how to create a package accelerator with Windows PowerShell. You can use package accelerators automatically sequence large, complex applications.|
+|[How to enable reporting on the App-V client by using Windows PowerShell](appv-enable-reporting-on-the-appv-client-with-powershell.md)|Describes how to enable the computer running the App-V client to send reporting information.|
+|[How to install the App-V databases and convert the associated security identifiers by using Windows PowerShell](appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md)|Describes how to take an array of account names and to convert each of them to the corresponding SID in standard and hexadecimal formats.|
+|[How to configure the client to receive package and connection groups updates from the publishing server](appv-configure-the-client-to-receive-updates-from-the-publishing-server.md)|Describes how to use Windows PowerShell to configure a client after you deploy the App-V management and publishing servers, and add the required packages and connection groups.|
 
- 
-
-**Important**  
-Make sure that any script you execute with your App-V packages matches the execution policy that you have configured for Windows PowerShell.
-
- 
-
-## Windows PowerShell Error Handling
+>[!IMPORTANT]
+>Make sure that any script you execute with your App-V packages matches the execution policy that you have configured for Windows PowerShell.
 
+## Windows PowerShell error handling
 
 Use the following table for information about Windows PowerShell error handling for App-V.
 
-<table>
-<colgroup>
-<col width="50%" />
-<col width="50%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th align="left">Event</th>
-<th align="left">Action</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td align="left"><p>Using the RollbackOnError attribute with embedded scripts</p></td>
-<td align="left"><p>When you use the <strong>RollbackOnError</strong> attribute with embedded scripts, the attribute is ignored for the following events:</p>
-<ul>
-<li><p>Removing a package</p></li>
-<li><p>Unpublishing a package</p></li>
-<li><p>Terminating a virtual environment</p></li>
-<li><p>Terminating a process</p></li>
-</ul></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Package name contains <strong>$</strong></p></td>
-<td align="left"><p>If a package name contains the character ( <strong>$</strong> ), you must use a single-quote ( <strong>'</strong> ), for example,</p>
-<p><strong>Add-AppvClientPackage 'Contoso$App.appv'</strong></p></td>
-</tr>
-</tbody>
-</table>
-
- 
+|Event|Action|
+|---|---|
+|Using the **RollbackOnError** attribute with embedded scripts|When you use the **RollbackOnError** attribute with embedded scripts, the attribute is ignored for the following events:<br>- Removing a package<br>- Unpublishing a package<br>- Terminating a virtual environment<br>- Terminating a process|
+|Package name contains **$**|If a package name contains the character ( **$** ), you must use a single-quote ( **'** ), for example,<br>```Add-AppvClientPackage 'Contoso$App.appv'```|
 
 ## Have a suggestion for App-V?
 
-
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
 
 ## Related topics
 
-
-[Operations for App-V](appv-operations.md)
+* [Operations for App-V](appv-operations.md)
\ No newline at end of file
diff --git a/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md b/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md
index ff218061cc..915933fa98 100644
--- a/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md
+++ b/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md
@@ -8,12 +8,9 @@ ms.sitesec: library
 ms.prod: w10
 ms.date: 04/19/2017
 ---
-
-
 # Administering App-V Virtual Applications by Using the Management Console
 
-**Applies to**
--   Windows 10, version 1607
+>Applies to: Windows 10, version 1607
 
 Use the Microsoft Application Virtualization (App-V) management server to manage packages, connection groups, and package access in your environment. The server publishes application icons, shortcuts, and file type associations to authorized computers that run the App-V client. One or more management servers typically share a common data store for configuration and package information.
 
@@ -21,96 +18,43 @@ The management server uses Active Directory Domain Services (AD DS) groups to ma
 
 Because the management servers stream applications to end users on demand, these servers are ideally suited for system configurations that have reliable, high-bandwidth LANs. The management server consists of the following components:
 
--   Management Server – Use the management server to manage packages and connection groups.
-
--   Publishing Server – Use the publishing server to deploy packages to computers that run the App-V client.
-
--   Management Database - Use the management database to manage the package access and to publish the server’s synchronization with the management server.
+- Management Server—Use the management server to manage packages and connection groups.
+- Publishing Server—Use the publishing server to deploy packages to computers that run the App-V client.
+- Management Database—Use the management database to manage the package access and to publish the server’s synchronization with the management server.
 
 ## Management Console tasks
 
-
 The most common tasks that you can perform with the App-V Management console are:
 
--   [How to Connect to the Management Console](appv-connect-to-the-management-console.md)
-
--   [How to Add or Upgrade Packages by Using the Management Console](appv-add-or-upgrade-packages-with-the-management-console.md)
-
--   [How to Configure Access to Packages by Using the Management Console](appv-configure-access-to-packages-with-the-management-console.md)
-
--   [How to Publish a Package by Using the Management Console](appv-publish-a-packages-with-the-management-console.md)
-
--   [How to Delete a Package in the Management Console](appv-delete-a-package-with-the-management-console.md)
-
--   [How to Add or Remove an Administrator by Using the Management Console](appv-add-or-remove-an-administrator-with-the-management-console.md)
-
--   [How to Register and Unregister a Publishing Server by Using the Management Console](appv-register-and-unregister-a-publishing-server-with-the-management-console.md)
-
--   [How to Create a Custom Configuration File by Using the App-V Management Console](appv-create-a-custom-configuration-file-with-the-management-console.md)
-
--   [How to Transfer Access and Configurations to Another Version of a Package by Using the Management Console](appv-transfer-access-and-configurations-to-another-version-of-a-package-with-the-management-console.md)
-
--   [How to Customize Virtual Applications Extensions for a Specific AD Group by Using the Management Console](appv-customize-virtual-application-extensions-with-the-management-console.md)
-
--   [How to View and Configure Applications and Default Virtual Application Extensions by Using the Management Console](appv-view-and-configure-applications-and-default-virtual-application-extensions-with-the-management-console.md)
+- [How to connect to the Management Console](appv-connect-to-the-management-console.md)
+- [How to add or upgrade packages by using the Management Console](appv-add-or-upgrade-packages-with-the-management-console.md)
+- [How to configure access to packages by using the Management Console](appv-configure-access-to-packages-with-the-management-console.md)
+- [How to publish a package by using the Management Console](appv-publish-a-packages-with-the-management-console.md)
+- [How to delete a package in the Management Console](appv-delete-a-package-with-the-management-console.md)
+- [How to add or remove an administrator by using the Management Console](appv-add-or-remove-an-administrator-with-the-management-console.md)
+- [How to register and unregister a publishing server by using the Management Console](appv-register-and-unregister-a-publishing-server-with-the-management-console.md)
+- [How to create a custom configuration file by using the App-V Management Console](appv-create-a-custom-configuration-file-with-the-management-console.md)
+- [How to transfer access and configurations to another version of a package by using the Management Console](appv-transfer-access-and-configurations-to-another-version-of-a-package-with-the-management-console.md)
+- [How to customize virtual application extensions for a specific AD group by using the Management Console](appv-customize-virtual-application-extensions-with-the-management-console.md)
+- [How to view and configure applications and default virtual application extensions by using the Management Console](appv-view-and-configure-applications-and-default-virtual-application-extensions-with-the-management-console.md)
 
 The main elements of the App-V Management Console are:
 
-<table>
-<colgroup>
-<col width="50%" />
-<col width="50%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th align="left">Management Console tab</th>
-<th align="left">Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td align="left"><p>Packages tab</p></td>
-<td align="left"><p>Use the <strong>PACKAGES</strong> tab to add or upgrade packages.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Connection Groups tab</p></td>
-<td align="left"><p>Use the <strong>CONNECTION GROUPS</strong> tab to manage connection groups.</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>Servers tab</p></td>
-<td align="left"><p>Use the <strong>SERVERS</strong> tab to register a new server.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Administrators tab</p></td>
-<td align="left"><p>Use the <strong>ADMINISTRATORS</strong> tab to register, add, or remove administrators in your App-V environment.</p></td>
-</tr>
-</tbody>
-</table>
+|Management Console tab|Description|
+|---|---|
+|Packages tab|Use the **Packages** tab to add or upgrade packages.|
+|Connection Groups tab|Use the **Connection Groups** tab to manage connection groups.|
+|Servers tab|Use the **Servers** tab to register a new server.|
+|Administrators tab|Use the **Administrators** tab to register, add, or remove administrators in your App-V environment.|
 
- 
-
-**Important**  
-JavaScript must be enabled on the browser that opens the Web Management Console.
-
- 
+>[!IMPORTANT]
+>JavaScript must be enabled on the browser that opens the Web Management Console.
 
 ## Have a suggestion for App-V?
 
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
 
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
-
-## <a href="" id="other-resources-for-this-app-v-5-1-deployment-"></a>Other resources for this App-V deployment
-
-
--   [Application Virtualization (App-V) overview](appv-for-windows.md)
-
--   [Operations for App-V](appv-operations.md)
-
- 
-
- 
-
-
-
-
+## Other resources for this App-V deployment
 
+- [Application Virtualization (App-V) overview](appv-for-windows.md)
+- [Operations for App-V](appv-operations.md)
\ No newline at end of file

From cf74f93f4801ffd7c220d56d03de3bb337074338 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Thu, 19 Apr 2018 14:43:10 -0700
Subject: [PATCH 02/74] Formatting for application publishing and client
 interaction article

---
 ...inistrators-to-enable-connection-groups.md |  50 +-
 ...ation-publishing-and-client-interaction.md | 553 +++++++++---------
 2 files changed, 272 insertions(+), 331 deletions(-)

diff --git a/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md b/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md
index f97ca1f36d..d982f4b88b 100644
--- a/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md
+++ b/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md
@@ -8,54 +8,26 @@ ms.sitesec: library
 ms.prod: w10
 ms.date: 04/19/2017
 ---
+# How to allow only administrators to enable connection groups
 
+>Applies to: Windows 10, version 1607
 
-# How to Allow Only Administrators to Enable Connection Groups
+You can configure the App-V client so that only administrators, not users, can enable or disable connection groups. In earlier versions of App-V, there was no way to restrict access to disabling connection groups to users.
 
-**Applies to**
--   Windows 10, version 1607
-
-You can configure the App-V client so that only administrators (not end users) can enable or disable connection groups. In earlier versions of App-V, you could not prevent end users from performing these tasks.
-
-**Note**<br>
-This feature is supported starting in App-V 5.0 SP3.
+>[!NOTE]
+>This feature is supported starting in App-V 5.0 SP3.
 
 Use one of the following methods to allow only administrators to enable or disable connection groups.
 
-<table>
-<colgroup>
-<col width="30%" />
-<col width="70%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th align="left">Method</th>
-<th align="left">Steps</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td align="left"><p>Group Policy setting</p></td>
-<td align="left"><p>Enable the “Require publish as administrator” Group Policy setting, which is located in the following Group Policy Object node:</p>
-<p><strong>Computer Configuration &gt; Administrative Templates &gt; System &gt; App-V &gt; Publishing</strong></p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Windows PowerShell cmdlet</p></td>
-<td align="left"><p>Run the <strong>Set-AppvClientConfiguration</strong> cmdlet with the <strong>-RequirePublishAsAdmin</strong> parameter.</p>
-<p>Parameter values:</p>
-<ul>
-<li><p>0 - False</p></li>
-<li><p>1 - True</p></li>
-</ul>
-<p>Example: <strong>Set-AppvClientConfiguration -RequirePublishAsAdmin 1</strong></p></td>
-</tr>
-</tbody>
-</table>
+|Method|Steps|
+|---|---|
+|Group Policy setting|Enable the “Require publish as administrator” Group Policy setting, which is located in the following Group Policy Object node:<br><br>**Computer Configuration** > **Administrative Templates** > **System** > **App-V** > **Publishing**|
+|Windows PowerShell cmdlet|Run the **Set-AppvClientConfiguration** cmdlet with the *-RequirePublishAsAdmin* parameter. <br><br>Parameter values:<br>- **0** – False<br>- **1** – True<br><br>Example: ```Set-AppvClientConfiguration -RequirePublishAsAdmin 1```|
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
 
 ## Related topics
 
-[Managing Connection Groups](appv-managing-connection-groups.md)
+- [Managing Connection Groups](appv-managing-connection-groups.md)
diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 4674fddc02..79b0720209 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -1,6 +1,6 @@
 ---
 title: Application Publishing and Client Interaction (Windows 10)
-description: Application Publishing and Client Interaction
+description: Application publishing and client interaction.
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
@@ -8,20 +8,26 @@ ms.sitesec: library
 ms.prod: w10
 ms.date: 04/19/2017
 ---
+# Application publishing and client interaction
 
-
-# Application Publishing and Client Interaction
-
-**Applies to**
--   Windows 10, version 1607
+>Applies to: Windows 10, version 1607
 
 This article provides technical information about common App-V client operations and their integration with the local operating system.
 
 ## App-V package files created by the Sequencer
 
-
 The Sequencer creates App-V packages and produces a virtualized application. The sequencing process creates the following files:
 
+|File|Description|
+|---|---|
+|.appv|- The primary package file, which contains the captured assets and state information from the sequencing process.<br>- Architecture of the package file, publishing information, and registry in a tokenized form that can be reapplied to a machine and to a specific user upon delivery.|
+|.MSI|Executable deployment wrapper that you can use to deploy .appv files manually or by using a third-party deployment platform.|
+|_DeploymentConfig.XML|File used to customize the default publishing parameters for all applications in a package that is deployed globally to all users on a computer that is running the App-V client.|
+|_UserConfig.XML|File used to customize the publishing parameters for all applications in a package that is a deployed to a specific user on a computer that is running the App-V client.|
+|Report.xml|Summary of messages resulting from the sequencing process, including omitted drivers, files, and registry locations.|
+|.CAB|Optional: Package accelerator file used to automatically rebuild a previously sequenced virtual application package.|
+|.appvt|Optional: Sequencer template file used to retain commonly reused Sequencer settings.|
+
 <table>
 <colgroup>
 <col width="30%" />
@@ -72,7 +78,6 @@ For information about sequencing, see [How to Sequence a New Application with Ap
 
 ## What’s in the appv file?
 
-
 The appv file is a container that stores XML and non-XML files together in a single entity. This file is built from the AppX format, which is based on the Open Packaging Conventions (OPC) standard.
 
 To view the appv file contents, make a copy of the package, and then rename the copied file to a ZIP extension.
@@ -80,7 +85,7 @@ To view the appv file contents, make a copy of the package, and then rename the
 The appv file contains the following folder and files, which are used when creating and publishing a virtual application:
 
 | Name | Type | Description |
-| - | - | - |
+|---|---|---|
 | Root | File folder | Directory that contains the file system for the virtualized application that is captured during sequencing. |
 | [Content_Types].xml | XML File | List of the core content types in the appv file (e.g. DLL, EXE, BIN). |
 | AppxBlockMap.xml | XML File | Layout of the appv file, which uses File, Block, and BlockMap elements that enable location and validation of files in the App-V package.|
@@ -90,14 +95,12 @@ The appv file contains the following folder and files, which are used when creat
 | Registry.dat | DAT File | Registry keys and values captured during the sequencing process for the package.|
 | StreamMap.xml | XML File | List of files for the primary and publishing feature block. The publishing feature block contains the ICO files and required portions of files (EXE and DLL) for publishing the package. When present, the primary feature block includes files that have been optimized for streaming during the sequencing process.|
 
- 
-
 ## App-V client data storage locations
 
 The App-V client performs tasks to ensure that virtual applications run properly and work like locally installed applications. The process of opening and running virtual applications requires mapping from the virtual file system and registry to ensure the application has the required components of a traditional application expected by users. This section describes the assets that are required to run virtual applications and lists the location where App-V stores the assets.
 
 | Name | Location | Description |
-| - | - | - |
+|---|---|---|
 | Package Store | %ProgramData%\App-V| Default location for read only package files| 
 | Machine Catalog | %ProgramData%\Microsoft\AppV\Client\Catalog| Contains per-machine configuration documents| 
 | User Catalog | %AppData%\Microsoft\AppV\Client\Catalog| Contains per-user configuration documents| 
@@ -126,21 +129,26 @@ To change the default location of the package store during setup, see [Enable th
 
 If the App-V Client is configured in Shared Content Store mode, no data is written to disk when a stream fault occurs, which means that the packages require minimal local disk space (publishing data). The use of less disk space is highly desirable in VDI environments, where local storage can be limited, and streaming the applications from a high performance network location (such as a SAN) is preferable. For more information, see [Shared Content Store in Microsoft App-V 5.0 - Behind the Scenes](https://blogs.technet.microsoft.com/appv/2013/07/22/shared-content-store-in-microsoft-app-v-5-0-behind-the-scenes/).
 
-> [!NOTE]  
+> [!NOTE]
 > The machine and package store must be located on a local drive, even when you’re using Shared Content Store configurations for the App-V Client.
 
- 
-
 ### Package catalogs
 
 The App-V Client manages the following two file-based locations:
 
--   **Catalogs (user and machine).**
-
--   **Registry locations** - depends on how the package is targeted for publishing. There is a Catalog (data store) for the computer, and a catalog for each individual user. The Machine Catalog stores global information applicable to all users or any user, and the User Catalog stores information applicable to a specific user. The Catalog is a collection of Dynamic Configurations and manifest files; there is discrete data for both file and registry per package version. 
+- **Catalogs (user and machine).**
+- **Registry locations**—depends on how the package is targeted for publishing. There is a Catalog (data store) for the computer, and a catalog for each individual user. The Machine Catalog stores global information applicable to all users or any user, and the User Catalog stores information applicable to a specific user. The Catalog is a collection of Dynamic Configurations and manifest files; there is discrete data for both file and registry per package version. 
 
 ### Machine catalog
 
+|||
+|---|---|
+|Description|Stores package documents that are available to users on the machine, when packages are added and published. However, if a package is “global” at publishing time, the integrations are available to all users.<br></br>If a package is non-global, the integrations are published only for specific users, but there are still global resources that are modified and visible to anyone on the client computer (such as when the package directory is in a shared disk location).<br></br>If a package is available to a user on the computer (global or non-global), the manifest is stored in the Machine Catalog. When a package is published globally, there is a Dynamic Configuration file, stored in the Machine Catalog; therefore, the determination of whether a package is global is defined according to whether there is a policy file (UserDeploymentConfiguration file) in the Machine Catalog.|
+|Default storage location|```%programdata%\Microsoft\AppV\Client\Catalog\```<br></br>This location is not the same as the Package Store location. The Package Store is the golden or pristine copy of the package files.|
+|Files in the machine catalog|- Manifest.xml<br>- DeploymentConfiguration.xml<br>- UserManifest.xml (Globally Published Package)<br>- UserDeploymentConfiguration.xml (Globally Published Package)|
+|Additional machine catalog location, used when the package is part of a connection group|The following location is in addition to the specific package location mentioned previously as the default storage location:<br></br>```%programdata%\Microsoft\AppV\Client\Catalog\PackageGroups\ConGroupGUID\ConGroupVerGUID```|
+|Additional files in the machine catalog when the package is part of a connection group|- PackageGroupDescriptor.xml<br>- UserPackageGroupDescriptor.xml (globally published Connection Group)|
+
 <table>
 <colgroup>
 <col width="50%" />
@@ -182,10 +190,16 @@ The App-V Client manages the following two file-based locations:
 </tbody>
 </table>
 
- 
-
 ### User catalog
 
+|||
+|---|---|
+|Description|Created during the publishing process. Contains information used for publishing the package, and also used at launch to ensure that a package is provisioned to a specific user. Created in a roaming location and includes user-specific publishing information.<br></br>When a package is published for a user, the policy file is stored in the User Catalog. At the same time, a copy of the manifest is also stored in the User Catalog. When a package entitlement is removed for a user, the relevant package files are removed from the User Catalog. Looking at the user catalog, an administrator can view the presence of a Dynamic Configuration file, which indicates that the package is entitled for that user.<br></br>For roaming users, the User Catalog needs to be in a roaming or shared location to preserve the legacy App-V behavior of targeting users by default. Entitlement and policy are tied to a user, not a computer, so they should roam with the user once they are provisioned.|
+|Default storage location|```appdata\roaming\Microsoft\AppV\Client\Catalog\Packages\PkgGUID\VerGUID```|
+|Files in the user catalog|- UserManifest.xml<br>- DynamicConfiguration.xml or UserDeploymentConfiguration.xml|
+|Additional user catalog location, used when the package is part of a connection group|The following location is in addition to the specific package location mentioned above:<br></br>```appdata\roaming\Microsoft\AppV\Client\Catalog\PackageGroups\PkgGroupGUID\PkgGroupVerGUID```|
+|Additional file in the machine catalog when the package is part of a connection group|```UserPackageGroupDescriptor.xml```|
+
 <table>
 <colgroup>
 <col width="50%" />
@@ -221,11 +235,9 @@ The App-V Client manages the following two file-based locations:
 </tbody>
 </table>
 
- 
-
 ### Shortcut backups
 
-During the publishing process, the App-V Client backs up any shortcuts and integration points to `%AppData%\Microsoft\AppV\Client\Integration\ShortCutBackups.` This backup enables the restoration of these integration points to the previous versions when the package is unpublished.
+During the publishing process, the App-V Client backs up any shortcuts and integration points to ```%AppData%\Microsoft\AppV\Client\Integration\ShortCutBackups```. This backup enables the restoration of these integration points to the previous versions when the package is unpublished.
 
 ### Copy on Write files
 
@@ -239,17 +251,15 @@ The COW Roaming location described above stores changes to files and directories
 
 The COW Local location is similar to the roaming location, but the directories and files are not roamed to other computers, even if roaming support has been configured. The COW Local location described above stores changes applicable to typical windows and not the %AppData% location. The directories listed will vary but there will be two locations for any typical Windows locations (e.g. Common AppData and Common AppDataS). The **S** signifies the restricted location when the virtual service requests the change as a different elevated user from the logged on users. The non-**S** location stores user based changes.
 
-## <a href="" id="bkmk-pkg-registry"></a>Package registry
-
+## Package registry
 
 Before an application can access the package registry data, the App-V Client must make the package registry data available to the applications. The App-V Client uses the real registry as a backing store for all registry data.
 
-When a new package is added to the App-V Client, a copy of the REGISTRY.DAT file from the package is created at `%ProgramData%\Microsoft\AppV\Client\VREG\{Version GUID}.dat`. The name of the file is the version GUID with the .DAT extension. The reason this copy is made is to ensure that the actual hive file in the package is never in use, which would prevent the removal of the package at a later time.
+When a new package is added to the App-V Client, a copy of the REGISTRY.DAT file from the package is created at ```%ProgramData%\Microsoft\AppV\Client\VREG\{Version GUID}.dat```. The name of the file is the version GUID with the .DAT extension. The reason this copy is made is to ensure that the actual hive file in the package is never in use, which would prevent the removal of the package at a later time.
 
 **Registry.dat from Package Store** > **%ProgramData%\Microsoft\AppV\Client\Vreg\\{VersionGuid}.dat**
- 
 
-When the first application from the package is launched on the client, the client stages or copies the contents out of the hive file, re-creating the package registry data in an alternate location `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages\PackageGuid\Versions\VersionGuid\REGISTRY`. The staged registry data has two distinct types of machine data and user data. Machine data is shared across all users on the machine. User data is staged for each user to a userspecific location `HKCU\Software\Microsoft\AppV\Client\Packages\PackageGuid\Registry\User`. The machine data is ultimately removed at package removal time, and the user data is removed on a user unpublish operation.
+When the first application from the package is launched on the client, the client stages or copies the contents out of the hive file, re-creating the package registry data in an alternate location ```HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages\PackageGuid\Versions\VersionGuid\REGISTRY```. The staged registry data has two distinct types of machine data and user data. Machine data is shared across all users on the machine. User data is staged for each user to a userspecific location ```HKCU\Software\Microsoft\AppV\Client\Packages\PackageGuid\Registry\User```. The machine data is ultimately removed at package removal time, and the user data is removed on a user unpublish operation.
 
 ### Package registry staging vs. connection group registry staging
 
@@ -267,6 +277,12 @@ There are two package registry locations and two connection group locations wher
 
 **Single Package VReg:**
 
+|Location|Description|
+|---|---|
+|COW|- Machine Registry\Client\Packages\PkgGUID\REGISTRY (Only elevate process can write)<br>- User Registry\Client\Packages\PkgGUID\REGISTRY (User Roaming anything written under HKCU except Software\Classes<br>- User Registry Classes\Client\Packages\PkgGUID\REGISTRY (HKCU\Software\Classes writes and HKLM for non elevated process)|
+|Package|- Machine Registry\Client\Packages\PkgGUID\Versions\VerGuid\Registry\Machine<br>- User Registry Classes\Client\Packages\PkgGUID\Versions\VerGUID\Registry|
+|Native|- Native application registry location|
+
 <table>
 <colgroup>
 <col width="50%" />
@@ -301,12 +317,14 @@ There are two package registry locations and two connection group locations wher
 </tbody>
 </table>
 
- 
-
- 
-
 **Connection Group VReg:**
 
+|Location|Description|
+|---|---|
+|COW|- Machine Registry\Client\PackageGroups\GrpGUID\REGISTRY (only elevate process can write)<br>- User Registry\Client\PackageGroups\GrpGUID\REGISTRY (Anything written to HKCU except Software\Classes)<br>- User Registry Classes\Client\PackageGroups\GrpGUID\REGISTRY|
+|Package|- Machine Registry\Client\PackageGroups\GrpGUID\Versions\VerGUID\REGISTRY<br>- User Registry Classes\Client\PackageGroups\GrpGUID\Versions\VerGUID\REGISTRY|
+|Native|- Native application registry location|
+
 <table>
 <colgroup>
 <col width="50%" />
@@ -341,41 +359,36 @@ There are two package registry locations and two connection group locations wher
 </tbody>
 </table>
 
- 
-
- 
-
 There are two COW locations for HKLM; elevated and non-elevated processes. Elevated processes always write HKLM changes to the secure COW under HKLM. Non-elevated processes always write HKLM changes to the non-secure COW under HKCU\\Software\\Classes. When an application reads changes from HKLM, elevated processes will read changes from the secure COW under HKLM. Non-elevated reads from both, favoring the changes made in the unsecure COW first.
 
 ### Pass-through keys
 
-Pass-through keys enable an administrator to configure certain keys so they can only be read from the native registry, bypassing the Package and COW locations. Pass-through locations are global to the machine (not package specific) and can be configured by adding the path to the key, which should be treated as pass-through to the **REG\_MULTI\_SZ** value called **PassThroughPaths** of the key `HKLM\Software\Microsoft\AppV\Subsystem\VirtualRegistry`. Any key that appears under this multi-string value (and their children) will be treated as pass-through.
+Pass-through keys enable an administrator to configure certain keys so they can only be read from the native registry, bypassing the Package and COW locations. Pass-through locations are global to the machine (not package specific) and can be configured by adding the path to the key, which should be treated as pass-through to the **REG\_MULTI\_SZ** value called **PassThroughPaths** of the key ```HKLM\Software\Microsoft\AppV\Subsystem\VirtualRegistry```. Any key that appears under this multi-string value (and their children) will be treated as pass-through.
 
 The following locations are configured as pass-through locations by default:
 
--   HKEY\_CURRENT\_USER\\SOFTWARE\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel
+- HKEY\_CURRENT\_USER\\SOFTWARE\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel
 
--   HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel
+- HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Classes\\Local Settings\\Software\\Microsoft\\Windows\\CurrentVersion\\AppModel
 
--   HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT
+- HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT
 
--   HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\services\\eventlog\\Application
+- HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\services\\eventlog\\Application
 
--   HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger
+- HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger
 
--   HKEY\_CURRENT\_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings
+- HKEY\_CURRENT\_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings
 
--   HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Perflib
+- HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Perflib
 
--   HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies
+- HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies
 
--   HKEY\_CURRENT\_USER\\SOFTWARE\\Policies
+- HKEY\_CURRENT\_USER\\SOFTWARE\\Policies
 
 The purpose of Pass-through keys is to ensure that a virtual application does not write registry data in the VReg that is required for non-virtual applications for successful operation or integration. The Policies key ensures that Group Policy based settings set by the administrator are utilized and not per package settings. The AppModel key is required for integration with Windows Modern UI based applications. It is recommend that administers do not modify any of the default pass-through keys, but in some instances, based on application behavior may require adding additional pass-through keys.
 
 ## App-V package store behavior
 
-
 App-V manages the Package Store, which is the location where the expanded asset files from the appv file are stored. By default, this location is stored at %ProgramData%\\App-V, and is limited in terms of storage capabilities only by free disk space. The package store is organized by the GUIDs for the package and version as mentioned in the previous section.
 
 ### Add packages
@@ -384,11 +397,19 @@ App-V Packages are staged upon addition to the computer with the App-V Client. T
 
 ### Mounting packages
 
-Packages can be explicitly loaded using the Windows PowerShell `Mount-AppVClientPackage` or by using the **App-V Client UI** to download a package. This operation completely loads the entire package into the package store.
+Packages can be explicitly loaded by entering the  **Mount-AppVClientPackage** PowerShell cmdlet or by using the **App-V Client UI** to download a package. This operation completely loads the entire package into the package store.
 
 ### Streaming packages
 
-The App-V Client can be configured to change the default behavior of streaming. All streaming policies are stored under the following registry key: `HKEY_LOCAL_MACHINE\Software\Microsoft\AppV\Client\Streaming`. Policies are set using the Windows PowerShell cmdlet `Set-AppvClientConfiguration`. The following policies apply to Streaming:
+The App-V Client can be configured to change the default behavior of streaming. All streaming policies are stored under the following registry key: ```HKEY_LOCAL_MACHINE\Software\Microsoft\AppV\Client\Streaming```. Policies are set by entering the **Set-AppvClientConfiguration** PowerShell cmdlet. The following policies apply to streaming:
+
+|Policy|Description|
+|---|---|
+|AllowHighCostLaunch|Allows streaming over 3G and cellular networks|
+|AutoLoad|Specifies the Background Load setting:<br>**0** – Disabled<br>**1** – Previously Used Packages only<br>**2** – All Packages|
+|PackageInstallationRoot|The root folder for the package store in the local machine|
+|PackageSourceRoot|The root override where packages should be streamed from|
+|SharedContentStoreMode|Enables the use of Shared Content Store for VDI scenarios|
 
 <table>
 <colgroup>
@@ -428,21 +449,15 @@ The App-V Client can be configured to change the default behavior of streaming.
 </tbody>
 </table>
 
- 
-
- 
-
 These settings affect the behavior of streaming App-V package assets to the client. By default, App-V only downloads the assets required after downloading the initial publishing and primary feature blocks. There are three specific behaviors around streaming packages that must be explained:
 
--   Background Streaming
-
--   Optimized Streaming
-
--   Stream Faults
+- Background Streaming
+- Optimized Streaming
+- Stream Faults
 
 ### Background streaming
 
-The Windows PowerShell cmdlet `Get-AppvClientConfiguration` can be used to determine the current mode for background streaming with the AutoLoad setting and modified with the cmdlet Set-AppvClientConfiguration or from the registry (HKLM\\SOFTWARE\\Microsoft\\AppV\\ClientStreaming key). Background streaming is a default setting where the Autoload setting is set to download previously used packages. The behavior based on default setting (value=1) downloads App-V data blocks in the background after the application has been launched. This setting can be disabled all together (value=0) or enabled for all packages (value=2), whether they have been launched.
+The Windows PowerShell cmdlet ```Get-AppvClientConfiguration``` can be used to determine the current mode for background streaming with the AutoLoad setting and modified with the cmdlet Set-AppvClientConfiguration or from the registry (HKLM\\SOFTWARE\\Microsoft\\AppV\\ClientStreaming key). Background streaming is a default setting where the Autoload setting is set to download previously used packages. The behavior based on default setting (value=1) downloads App-V data blocks in the background after the application has been launched. This setting can be disabled all together (value=0) or enabled for all packages (value=2), whether they have been launched.
 
 ### Optimized streaming
 
@@ -454,36 +469,37 @@ After the initial stream of any publishing data and the primary feature block, r
 
 ### Package upgrades
 
-App-V Packages require updating throughout the lifecycle of the application. App-V Package upgrades are similar to the package publish operation, as each version will be created in its own PackageRoot location: `%ProgramData%\App-V\{PkgGUID}\{newVerGUID}`. The upgrade operation is optimized by creating hard links to identical- and streamed-files from other versions of the same package.
+App-V Packages require updating throughout the lifecycle of the application. App-V Package upgrades are similar to the package publish operation, as each version will be created in its own PackageRoot location: ```%ProgramData%\App-V\{PkgGUID}\{newVerGUID}```. The upgrade operation is optimized by creating hard links to identical- and streamed-files from other versions of the same package.
 
 ### Package removal
 
-The behavior of the App-V Client when packages are removed depends on the method used for removal. Using an App-V full infrastructure to unpublish the application, the user catalog files (machine catalog for globally published applications) are removed, but retains the package store location and COW locations. When the Windows PowerShell cmdlet `Remove-AppVClientPackge` is used to remove an App-V Package, the package store location is cleaned. Remember that unpublishing an App-V Package from the Management Server does not perform a Remove operation. Neither operation will remove the Package Store package files.
-
-## <a href="" id="bkmk-roaming-reg-data"></a>Roaming registry and data
+The behavior of the App-V Client when packages are removed depends on the method used for removal. Using an App-V full infrastructure to unpublish the application, the user catalog files (machine catalog for globally published applications) are removed, but retains the package store location and COW locations. When the Windows PowerShell cmdlet ```Remove-AppVClientPackge``` is used to remove an App-V Package, the package store location is cleaned. Remember that unpublishing an App-V Package from the Management Server does not perform a Remove operation. Neither operation will remove the Package Store package files.
 
+## Roaming registry and data
 
 App-V is able to provide a near-native experience when roaming, depending on how the application being used is written. By default, App-V roams AppData that is stored in the roaming location, based on the roaming configuration of the operating system. Other locations for storage of file-based data do not roam from computer to computer, since they are in locations that are not roamed.
 
-### <a href="" id="bkmk-clt-inter-roam-reqs"></a>Roaming requirements and user catalog data storage
+### Roaming requirements and user catalog data storage
 
 App-V stores data, which represents the state of the user’s catalog, in the form of:
 
--   Files under %appdata%\\Microsoft\\AppV\\Client\\Catalog
-
--   Registry settings under `HKEY_CURRENT_USER\Software\Microsoft\AppV\Client\Packages`
+- Files under %appdata%\\Microsoft\\AppV\\Client\\Catalog
+- Registry settings under `HKEY_CURRENT_USER\Software\Microsoft\AppV\Client\Packages`
 
 Together, these files and registry settings represent the user’s catalog, so either both must be roamed, or neither must be roamed for a given user. App-V does not support roaming %AppData%, but not roaming the user’s profile (registry), or vice versa.
 
-> [!NOTE]  
-> The **Repair-AppvClientPackage** cmdlet does not repair the publishing state of packages, where the user’s App-V state under `HKEY_CURRENT_USER` is missing or mismatched with the data in %appdata%.
-
- 
+>[!NOTE]
+>The **Repair-AppvClientPackage** cmdlet does not repair the publishing state of packages, where the user’s App-V state under `HKEY_CURRENT_USER` is missing or mismatched with the data in %appdata%.
 
 ### Registry-based data
 
 App-V registry roaming falls into two scenarios, as shown in the following table.
 
+|Scenario|Description|
+|---|---|
+|Applications that are run as standard users|When a standard user launches an App-V application, both HKLM and HKCU for App-V applications are stored in the HKCU hive on the machine. This presents as two distinct paths:<br>- HKLM: HKCU\SOFTWARE\Classes\AppV\Client\Packages\\{PkgGUID}\REGISTRY\MACHINE\SOFTWARE<br>- HKCU: HKCU\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\REGISTRY\USER\\{UserSID}\SOFTWARE<br>The locations are enabled for roaming based on the operating system settings.|
+|Applications that are run with elevation|When an application is launched with elevation:<br>- HKLM data is stored in the HKLM hive on the local computer<br>- HKCU data is stored in the User Registry location<br>In this scenario, these settings are not roamed with normal operating system roaming configurations, and the resulting registry keys and values are stored in the following location:<br>- HKLM\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\\{UserSID}\REGISTRY\MACHINE\SOFTWARE<br>- HKCU\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\\Registry\User\\{UserSID}\SOFTWARE|
+
 <table>
 <colgroup>
 <col width="25%" />
@@ -521,8 +537,6 @@ App-V registry roaming falls into two scenarios, as shown in the following table
 </tbody>
 </table>
 
- 
-
 ### App-V and folder redirection
 
 App-V supports folder redirection of the roaming AppData folder (%AppData%). When the virtual environment is started, the roaming AppData state from the user’s roaming AppData directory is copied to the local cache. Conversely, when the virtual environment is shut down, the local cache that is associated with a specific user’s roaming AppData is transferred to the actual location of that user’s roaming AppData directory.
@@ -532,7 +546,7 @@ A typical package has several locations mapped in the user’s backing store for
 The following table shows local and roaming locations, when folder redirection has not been implemented.
 
 | VFS directory in package | Mapped location of backing store |
-| - | - |
+|---|---|
 | ProgramFilesX86 | C:\Users\Local\AppData\Local\Microsoft\AppV\Client\VFS\\&lt;GUID&gt;\ProgramFilesX86 |
 | SystemX86 | C:\Users\username\AppData\Local\Microsoft\AppV\Client\VFS\\&lt;GUID&gt;\SystemX86 |
 | Windows | C:\Users\username\AppData\Local\Microsoft\AppV\Client\VFS\\&lt;GUID&gt;\Windows |
@@ -542,64 +556,48 @@ The following table shows local and roaming locations, when folder redirection h
 The following table shows local and roaming locations, when folder redirection has been implemented for %AppData%, and the location has been redirected (typically to a network location).
 
 | VFS directory in package | Mapped location of backing store |
-| - | - |
+|---|---|
 | ProgramFilesX86 | C:\Users\Local\AppData\Local\Microsoft\AppV\Client\VFS\\&lt;GUID&gt;\ProgramFilesX86 |
 | SystemX86 | C:\Users\Local\AppData\Local\Microsoft\AppV\Client\VFS\\&lt;GUID&gt;\SystemX86 |
 | Windows | C:\Users\Local\AppData\Local\Microsoft\AppV\Client\VFS\\&lt;GUID&gt;\Windows |
 | appv_ROOT | C:\Users\Local\AppData\Local\Microsoft\AppV\Client\VFS\\&lt;GUID&gt;\appv\_ROOT |
 | AppData | \\Fileserver\users\Local\roaming\Microsoft\AppV\Client\VFS\\&lt;GUID&gt;\AppData |
- 
 
 The current App-V Client VFS driver cannot write to network locations, so the App-V Client detects the presence of folder redirection and copies the data on the local drive during publishing and when the virtual environment starts. After the user closes the App-V application and the App-V Client closes the virtual environment, the local storage of the VFS AppData is copied back to the network, enabling roaming to additional machines, where the process will be repeated. The detailed steps of the processes are:
 
-1.  During publishing or virtual environment startup, the App-V Client detects the location of the AppData directory.
-
-2.  If the roaming AppData path is local or ino AppData\\Roaming location is mapped, nothing happens.
-
-3.  If the roaming AppData path is not local, the VFS AppData directory is mapped to the local AppData directory.
+1. During publishing or virtual environment startup, the App-V Client detects the location of the AppData directory.
+2. If the roaming AppData path is local or ino AppData\\Roaming location is mapped, nothing happens.
+3. If the roaming AppData path is not local, the VFS AppData directory is mapped to the local AppData directory.
 
 This process solves the problem of a non-local %AppData% that is not supported by the App-V Client VFS driver. However, the data stored in this new location is not roamed with folder redirection. All changes during the running of the application happen to the local AppData location and must be copied to the redirected location. The detailed steps of this process are:
 
-1.  App-V application is shut down, which shuts down the virtual environment.
-
-2.  The local cache of the roaming AppData location is compressed and stored in a ZIP file.
-
-3.  A timestamp at the end of the ZIP packaging process is used to name the file.
-
-4.  The timestamp is recorded in the registry: HKEY\_CURRENT\_USER\\Software\\Microsoft\\AppV\\Client\\Packages\\&lt;GUID&gt;\\AppDataTime as the last known AppData timestamp.
-
-5.  The folder redirection process is called to evaluate and initiate the ZIP file uploaded to the roaming AppData directory.
+1. App-V application is shut down, which shuts down the virtual environment.
+2. The local cache of the roaming AppData location is compressed and stored in a ZIP file.
+3. A timestamp at the end of the ZIP packaging process is used to name the file.
+4. The timestamp is recorded in the registry: HKEY\_CURRENT\_USER\\Software\\Microsoft\\AppV\\Client\\Packages\\&lt;GUID&gt;\\AppDataTime as the last known AppData timestamp.
+5. The folder redirection process is called to evaluate and initiate the ZIP file uploaded to the roaming AppData directory.
 
 The timestamp is used to determine a “last writer wins” scenario if there is a conflict and is used to optimize the download of the data when the App-V application is published or the virtual environment is started. Folder redirection will make the data available from any other clients covered by the supporting policy and will initiate the process of storing the AppData\\Roaming data to the local AppData location on the client. The detailed processes are:
 
-1.  The user starts the virtual environment by starting an application.
-
-2.  The application’s virtual environment checks for the most recent time stamped ZIP file, if present.
-
-3.  The registry is checked for the last known uploaded timestamp, if present.
-
-4.  The most recent ZIP file is downloaded unless the local last known upload timestamp is greater than or equal to the timestamp from the ZIP file.
-
-5.  If the local last known upload timestamp is earlier than that of the most recent ZIP file in the roaming AppData location, the ZIP file is extracted to the local temp directory in the user’s profile.
-
-6.  After the ZIP file is successfully extracted, the local cache of the roaming AppData directory is renamed and the new data is moved into place.
-
-7.  The renamed directory is deleted and the application opens with the most recently saved roaming AppData data.
+1. The user starts the virtual environment by starting an application.
+2. The application’s virtual environment checks for the most recent time stamped ZIP file, if present.
+3. The registry is checked for the last known uploaded timestamp, if present.
+4. The most recent ZIP file is downloaded unless the local last known upload timestamp is greater than or equal to the timestamp from the ZIP file.
+5. If the local last known upload timestamp is earlier than that of the most recent ZIP file in the roaming AppData location, the ZIP file is extracted to the local temp directory in the user’s profile.
+6. After the ZIP file is successfully extracted, the local cache of the roaming AppData directory is renamed and the new data is moved into place.
+7. The renamed directory is deleted and the application opens with the most recently saved roaming AppData data.
 
 This completes the successful roaming of application settings that are present in AppData\\Roaming locations. The only other condition that must be addressed is a package repair operation. The details of the process are:
 
-1.  During repair, detect if the path to the user’s roaming AppData directory is not local.
-
-2.  Map the non-local roaming AppData path targets are recreated the expected roaming and local AppData locations.
-
-3.  Delete the timestamp stored in the registry, if present.
+1. During repair, detect if the path to the user’s roaming AppData directory is not local.
+2. Map the non-local roaming AppData path targets are recreated the expected roaming and local AppData locations.
+3. Delete the timestamp stored in the registry, if present.
 
 This process will re-create both the local and network locations for AppData and remove the registry record of the timestamp.
 
 ## App-V client application lifecycle management
 
-
-In an App-V Full Infrastructure, after applications are sequenced they are managed and published to users or computers via the App-V Management and Publishing servers. This section details the operations that occur during the common App-V application lifecycle operations (Add, publishing, launch, upgrade, and removal) and the file and registry locations that are changed and modified from the App-V Client perspective. The App-V Client operations are performed as a series of Windows PowerShell commands initiated on the computer running the App-V Client.
+In an App-V Full Infrastructure, after applications are sequenced they are managed and published to users or computers through the App-V Management and Publishing servers. This section details the operations that occur during the common App-V application lifecycle operations (Add, publishing, launch, upgrade, and removal) and the file and registry locations that are changed and modified from the App-V Client perspective. The App-V Client operations are performed as a series of Windows PowerShell commands initiated on the computer running the App-V Client.
 
 This document focuses on App-V Full Infrastructure solutions. For specific information on App-V Integration with Configuration Manager 2012, see [Integrating Virtual Application Management with App-V 5 and Configuration Manager 2012 SP1](https://www.microsoft.com/en-us/download/details.aspx?id=38177).
 
@@ -609,19 +607,15 @@ The App-V application lifecycle tasks are triggered at user login (default), mac
 
 The publishing refresh process is comprised of several smaller operations that are performed on the App-V Client. Since App-V is an application virtualization technology and not a task scheduling technology, the Windows Task Scheduler is utilized to enable the process at user logon, machine startup, and at scheduled intervals. The configuration of the client during setup listed above is the preferred method when distributing the client to a large group of computers with the correct settings. These client settings can be configured with the following Windows PowerShell cmdlets:
 
--   **Add-AppVPublishingServer:** Configures the client with an App-V Publishing Server that provides App-V packages.
-
--   **Set-AppVPublishingServer:** Modifies the current settings for the App-V Publishing Server.
-
--   **Set-AppVClientConfiguration:** Modifies the currents settings for the App-V Client.
-
--   **Sync-AppVPublishingServer:** Initiates an App-V Publishing Refresh process manually. This is also utilized in the scheduled tasks created during configuration of the publishing server.
+- **Add-AppVPublishingServer:** Configures the client with an App-V Publishing Server that provides App-V packages.
+- **Set-AppVPublishingServer:** Modifies the current settings for the App-V Publishing Server.
+- **Set-AppVClientConfiguration:** Modifies the currents settings for the App-V Client.
+- **Sync-AppVPublishingServer:** Initiates an App-V Publishing Refresh process manually. This is also utilized in the scheduled tasks created during configuration of the publishing server.
 
 The focus of the following sections is to detail the operations that occur during different phases of an App-V Publishing Refresh. The topics include:
 
--   Adding an App-V Package
-
--   Publishing an App-V Package
+- Adding an App-V Package
+- Publishing an App-V Package
 
 ### Adding an App-V package
 
@@ -629,65 +623,61 @@ Adding an App-V package to the client is the first step of the publishing refres
 
 **How to add an App-V package**
 
-1.  Manual initiation via Windows PowerShell or Task Sequence initiation of the Publishing Refresh process.
+1. Manual initiation via Windows PowerShell or Task Sequence initiation of the Publishing Refresh process.
 
-    1.  The App-V Client makes an HTTP connection and requests a list of applications based on the target. The Publishing refresh process supports targeting machines or users.
+    1. The App-V Client makes an HTTP connection and requests a list of applications based on the target. The Publishing refresh process supports targeting machines or users.
 
-    2.  The App-V Publishing Server uses the identity of the initiating target, user or machine, and queries the database for a list of entitled applications. The list of applications is provided as an XML response, which the client uses to send additional requests to the server for more information on a per package basis.
+    2. The App-V Publishing Server uses the identity of the initiating target, user or machine, and queries the database for a list of entitled applications. The list of applications is provided as an XML response, which the client uses to send additional requests to the server for more information on a per package basis.
 
-2.  The Publishing Agent on the App-V Client performs all actions below serialized.
+2. The Publishing Agent on the App-V Client performs all actions below serialized.
 
     Evaluate any connection groups that are unpublished or disabled, since package version updates that are part of the connection group cannot be processed.
 
-3.  Configure the packages by identifying an Add or Update operations.
+3. Configure the packages by identifying an Add or Update operations.
 
-    1.  The App-V Client utilizes the AppX API from Windows and accesses the appv file from the publishing server.
+    1. The App-V Client utilizes the AppX API from Windows and accesses the appv file from the publishing server.
 
-    2.  The package file is opened and the AppXManifest.xml and StreamMap.xml are downloaded to the Package Store.
+    2. The package file is opened and the AppXManifest.xml and StreamMap.xml are downloaded to the Package Store.
 
-    3.  Completely stream publishing block data defined in the StreamMap.xml. Stores the publishing block data in the Package Store\\PkgGUID\\VerGUID\\Root.
+    3. Completely stream publishing block data defined in the StreamMap.xml. Stores the publishing block data in the Package Store\\PkgGUID\\VerGUID\\Root.
 
-        -   Icons: Targets of extension points.
+        - Icons: Targets of extension points.
+        - Portable Executable Headers (PE Headers): Targets of extension points that contain the base information about the image need on disk, directly accessed or via file types.
+        - Scripts: Download scripts directory for use throughout the publishing process.
 
-        -   Portable Executable Headers (PE Headers): Targets of extension points that contain the base information about the image need on disk, directly accessed or via file types.
+    4. Populate the Package store:
 
-        -   Scripts: Download scripts directory for use throughout the publishing process.
+        1. Create sparse files on disk that represent the extracted package for any directories listed.
 
-    4.  Populate the Package store:
+        2. Stage top level files and directories under root.
 
-        1.  Create sparse files on disk that represent the extracted package for any directories listed.
+        3. All other files are created when the directory is listed as sparse on disk and streamed on demand.
 
-        2.  Stage top level files and directories under root.
+    5. Create the machine catalog entries. Create the Manifest.xml and DeploymentConfiguration.xml from the package files (if no DeploymentConfiguration.xml file in the package a placeholder is created).
 
-        3.  All other files are created when the directory is listed as sparse on disk and streamed on demand.
+    6. Create location of the package store in the registry HKLM\\Software\\Microsoft\\AppV\\Client\\Packages\\PkgGUID\\Versions\\VerGUID\\Catalog
 
-    5.  Create the machine catalog entries. Create the Manifest.xml and DeploymentConfiguration.xml from the package files (if no DeploymentConfiguration.xml file in the package a placeholder is created).
+    7. Create the Registry.dat file from the package store to %ProgramData%\\Microsoft\\AppV\\Client\\VReg\\{VersionGUID}.dat
 
-    6.  Create location of the package store in the registry HKLM\\Software\\Microsoft\\AppV\\Client\\Packages\\PkgGUID\\Versions\\VerGUID\\Catalog
+    8. Register the package with the App-V Kernal Mode Driver HKLM\\Microsoft\\Software\\AppV\\MAV
 
-    7.  Create the Registry.dat file from the package store to %ProgramData%\\Microsoft\\AppV\\Client\\VReg\\{VersionGUID}.dat
+    9. Invoke scripting from the AppxManifest.xml or DeploymentConfig.xml file for Package Add timing.
 
-    8.  Register the package with the App-V Kernal Mode Driver HKLM\\Microsoft\\Software\\AppV\\MAV
+4. Configure Connection Groups by adding and enabling or disabling.
 
-    9.  Invoke scripting from the AppxManifest.xml or DeploymentConfig.xml file for Package Add timing.
+5. Remove objects that are not published to the target (user or machine).
 
-4.  Configure Connection Groups by adding and enabling or disabling.
+    >[!NOTE]
+    >This will not perform a package deletion but rather remove integration points for the specific target (user or machine) and remove user catalog files (machine catalog files for globally published).
 
-5.  Remove objects that are not published to the target (user or machine).
+6. Invoke background load mounting based on client configuration.
 
-    > [!NOTE]  
-    > This will not perform a package deletion but rather remove integration points for the specific target (user or machine) and remove user catalog files (machine catalog files for globally published).
+7. Packages that already have publishing information for the machine or user are immediately restored.
 
-     
+    >[!NOTE]
+    >This condition occurs as a product of removal without unpublishing with background addition of the package.
 
-6.  Invoke background load mounting based on client configuration.
 
-7.  Packages that already have publishing information for the machine or user are immediately restored.
-
-    > [!NOTE]    
-    > This condition occurs as a product of removal without unpublishing with background addition of the package.
-
-     
 
 This completes an App-V package add of the publishing refresh process. The next step is publishing the package to the specific target (machine or user).
 
@@ -697,28 +687,28 @@ This completes an App-V package add of the publishing refresh process. The next
 
 During the Publishing Refresh operation, the specific publishing operation (Publish-AppVClientPackage) adds entries to the user catalog, maps entitlement to the user, identifies the local store, and finishes by completing any integration steps. The following are the detailed steps.
 
-**How to publish and App-V package**
+#### How to publish an App-V package
 
-1.  Package entries are added to the user catalog
+1. Package entries are added to the user catalog
 
-    1.  User targeted packages: the UserDeploymentConfiguration.xml and UserManifest.xml are placed on the machine in the User Catalog
+    1. User targeted packages: the UserDeploymentConfiguration.xml and UserManifest.xml are placed on the machine in the User Catalog
 
-    2.  Machine targeted (global) packages: the UserDeploymentConfiguration.xml is placed in the Machine Catalog
+    2. Machine targeted (global) packages: the UserDeploymentConfiguration.xml is placed in the Machine Catalog
 
-2.  Register the package with the kernel mode driver for the user at HKLM\\Software\\Microsoft\\AppV\\MAV
+2. Register the package with the kernel mode driver for the user at HKLM\\Software\\Microsoft\\AppV\\MAV
 
-3.  Perform integration tasks.
+3. Perform integration tasks.
 
-    1.  Create extension points.
+    1. Create extension points.
 
-    2.  Store backup information in the user’s registry and roaming profile (Shortcut Backups).
+    2. Store backup information in the user’s registry and roaming profile (Shortcut Backups).
 
-        **Note**  
-        This enables restore extension points if the package is unpublished.
+        >[!NOTE]
+        >This enables restore extension points if the package is unpublished.
 
-         
 
-    3.  Run scripts targeted for publishing timing.
+
+    3. Run scripts targeted for publishing timing.
 
 Publishing an App-V Package that is part of a Connection Group is very similar to the above process. For connection groups, the path that stores the specific catalog information includes PackageGroups as a child of the Catalog Directory. Review the machine and users catalog information above for details.
 
@@ -728,25 +718,24 @@ Publishing an App-V Package that is part of a Connection Group is very similar t
 
 After the Publishing Refresh process, the user launches and subsequently re-launches an App-V application. The process is very simple and optimized to launch quickly with a minimum of network traffic. The App-V Client checks the path to the user catalog for files created during publishing. After rights to launch the package are established, the App-V Client creates a virtual environment, begins streaming any necessary data, and applies the appropriate manifest and deployment configuration files during virtual environment creation. With the virtual environment created and configured for the specific package and application, the application starts.
 
-**How to launch App-V applications**
+#### How to launch App-V applications
 
-1.  User launches the application by clicking on a shortcut or file type invocation.
+1. User launches the application by clicking on a shortcut or file type invocation.
 
-2.  The App-V Client verifies existence in the User Catalog for the following files
+2. The App-V Client verifies existence in the User Catalog for the following files
 
-    -   UserDeploymentConfiguration.xml
+    - UserDeploymentConfiguration.xml
+    - UserManifest.xml
 
-    -   UserManifest.xml
+3. If the files are present, the application is entitled for that specific user and the application will start the process for launch. There is no network traffic at this point.
 
-3.  If the files are present, the application is entitled for that specific user and the application will start the process for launch. There is no network traffic at this point.
+4. Next, the App-V Client checks that the path for the package registered for the App-V Client service is found in the registry.
 
-4.  Next, the App-V Client checks that the path for the package registered for the App-V Client service is found in the registry.
+5. Upon finding the path to the package store, the virtual environment is created. If this is the first launch, the Primary Feature Block downloads if present.
 
-5.  Upon finding the path to the package store, the virtual environment is created. If this is the first launch, the Primary Feature Block downloads if present.
+6. After downloading, the App-V Client service consumes the manifest and deployment configuration files to configure the virtual environment and all App-V subsystems are loaded.
 
-6.  After downloading, the App-V Client service consumes the manifest and deployment configuration files to configure the virtual environment and all App-V subsystems are loaded.
-
-7.  The Application launches. For any missing files in the package store (sparse files), App-V will stream fault the files on an as needed basis.
+7. The Application launches. For any missing files in the package store (sparse files), App-V will stream fault the files on an as needed basis.
 
     ![package add file and registry data - stream](images/packageaddfileandregistrydata-stream.png)
 
@@ -754,52 +743,52 @@ After the Publishing Refresh process, the user launches and subsequently re-laun
 
 The App-V package upgrade process differs from the older versions of App-V. App-V supports multiple versions of the same package on a machine entitled to different users. Package versions can be added at any time as the package store and catalogs are updated with the new resources. The only process specific to the addition of new version resources is storage optimization. During an upgrade, only the new files are added to the new version store location and hard links are created for unchanged files. This reduces the overall storage by only presenting the file on one disk location and then projecting it into all folders with a file location entry on the disk. The specific details of upgrading an App-V Package are as follows:
 
-**How to upgrade an App-V package**
+#### How to upgrade an App-V package
 
-1.  The App-V Client performs a Publishing Refresh and discovers a newer version of an App-V Package.
+1. The App-V Client performs a Publishing Refresh and discovers a newer version of an App-V Package.
 
-2.  Package entries are added to the appropriate catalog for the new version
+2. Package entries are added to the appropriate catalog for the new version
 
-    1.  User targeted packages: the UserDeploymentConfiguration.xml and UserManifest.xml are placed on the machine in the user catalog at appdata\\roaming\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID
+    1. User targeted packages: the UserDeploymentConfiguration.xml and UserManifest.xml are placed on the machine in the user catalog at appdata\\roaming\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID
 
-    2.  Machine targeted (global) packages: the UserDeploymentConfiguration.xml is placed in the machine catalog at %programdata%\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID
+    2. Machine targeted (global) packages: the UserDeploymentConfiguration.xml is placed in the machine catalog at %programdata%\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID
 
-3.  Register the package with the kernel mode driver for the user at HKLM\\Software\\Microsoft\\AppV\\MAV
+3. Register the package with the kernel mode driver for the user at HKLM\\Software\\Microsoft\\AppV\\MAV
 
-4.  Perform integration tasks.
+4. Perform integration tasks.
 
     1. Integrate extensions points (EP) from the Manifest and Dynamic Configuration files.
 
-    2.  File based EP data is stored in the AppData folder utilizing Junction Points from the package store.
+    2. File based EP data is stored in the AppData folder utilizing Junction Points from the package store.
 
-    3.  Version 1 EPs already exist when a new version becomes available.
+    3. Version 1 EPs already exist when a new version becomes available.
 
-    4.  The extension points are switched to the Version 2 location in machine or user catalogs for any newer or updated extension points.
+    4. The extension points are switched to the Version 2 location in machine or user catalogs for any newer or updated extension points.
 
-5.  Run scripts targeted for publishing timing.
+5. Run scripts targeted for publishing timing.
 
-6.  Install Side by Side assemblies as required.
+6. Install Side by Side assemblies as required.
 
 ### Upgrading an in-use App-V package
 
 If you try to upgrade a package that is in use by an end user, the upgrade task is placed in a pending state. The upgrade will run later, according to the following rules:
 
 | Task type | Applicable rule |
-| - | - |
-| User-based task, e.g., publishing a package to a user | The pending task will be performed after the user logs off and then logs back on. |
-| Globally based task, e.g., enabling a connection group globally | The pending task will be performed when the computer is shut down and then restarted. |
+|---|---|
+| User-based tasks, such as publishing a package to a user | The pending task will be performed after the user logs off and then logs back on. |
+| Globally based tasks, such as enabling a connection group globally | The pending task will be performed when the computer is shut down and then restarted. |
 
 When a task is placed in a pending state, the App-V client also generates a registry key for the pending task, as follows:
 
 | User-based or globally based task | Where the registry key is generated |
-| - | - |
+|---|---|
 | User-based tasks | HKEY\_CURRENT\_USER\Software\Microsoft\AppV\Client\PendingTasks |
 | Globally based tasks | HKEY\_LOCAL\_MACHINE\Software\Microsoft\AppV\Client\PendingTasks |
 
 The following operations must be completed before users can use the newer version of the package:
 
 | Task | Details |
-| - | - |
+|---|---|
 | Add the package to the computer | This task is computer specific and you can perform it at any time by completing the steps in the Package Add section above. |
 | Publish the package |  See the Package Publishing section above for steps. This process requires that you update extension points on the system. End users cannot be using the application when you complete this task. |
 
@@ -810,14 +799,12 @@ Use the following example scenarios as a guide for updating packages.
 | App-V package is not in use when you try to upgrade | None of the following components of the package can be in use: virtual application, COM server, or shell extensions.<br/><br/>The administrator publishes a newer version of the package and the upgrade works the next time a component or application inside the package is launched. The new version of the package is streamed and ran. |
 | App-V package is in use when the administrator publishes a newer version of the package | The upgrade operation is set to pending by the App-V Client, which means that it is queued and carried out later when the package is not in use.<br/><br/>If the package application is in use, the user shuts down the virtual application, after which the upgrade can occur.<br/><br/>If the package has shell extensions, which are permanently loaded by Windows Explorer, the user cannot be logged in. Users must log off and the log back in to initiate the App-V package upgrade.|
 
- 
-### Global vs user publishing
+### Global vs. user publishing
 
 App-V Packages can be published in one of two ways; User which entitles an App-V package to a specific user or group of users and Global which entitles the App-V package to the entire machine for all users of the machine. Once a package upgrade has been pended and the App-V package is not in use, consider the two types of publishing:
 
--   **Globally published**: the application is published to a machine; all users on that machine can use it. The upgrade will happen when the App-V Client Service starts, which effectively means a machine restart.
-
--   **User published**: the application is published to a user. If there are multiple users on the machine, the application can be published to a subset of the users. The upgrade will happen when the user logs in or when it is published again (periodically, ConfigMgr Policy refresh and evaluation, or an App-V periodic publishing/refresh, or explicitly via Windows PowerShell commands).
+- **Globally published**: the application is published to a machine; all users on that machine can use it. The upgrade will happen when the App-V Client Service starts, which effectively means a machine restart.
+- **User published**: the application is published to a user. If there are multiple users on the machine, the application can be published to a subset of the users. The upgrade will happen when the user logs in or when it is published again (periodically, ConfigMgr Policy refresh and evaluation, or an App-V periodic publishing/refresh, or explicitly via Windows PowerShell commands).
 
 ### Removing an App-V package
 
@@ -829,52 +816,37 @@ The repair operation is very simple but may affect many locations on the machine
 
 ## Integration of App-V packages
 
-
 The App-V Client and package architecture provides specific integration with the local operating system during the addition and publishing of packages. Three files define the integration or extension points for an App-V Package:
 
--   AppXManifest.xml: Stored inside of the package with fallback copies stored in the package store and the user profile. Contains the options created during the sequencing process.
-
--   DeploymentConfig.xml: Provides configuration information of computer and user based integration extension points.
-
--   UserConfig.xml: A subset of the Deploymentconfig.xml that only provides user- based configurations and only targets user-based extension points.
+- AppXManifest.xml: Stored inside of the package with fallback copies stored in the package store and the user profile. Contains the options created during the sequencing process.
+- DeploymentConfig.xml: Provides configuration information of computer and user based integration extension points.
+- UserConfig.xml: A subset of the Deploymentconfig.xml that only provides user- based configurations and only targets user-based extension points.
 
 ### Rules of integration
 
 When App-V applications are published to a computer with the App-V Client, some specific actions take place as described in the list below:
 
--   Global Publishing: Shortcuts are stored in the All Users profile location and other extension points are stored in the registry in the HKLM hive.
+- Global Publishing: Shortcuts are stored in the All Users profile location and other extension points are stored in the registry in the HKLM hive.
+- User Publishing: Shortcuts are stored in the current user account profile and other extension points are stored in the registry in the HKCU hive.
+- Backup and Restore: Existing native application data and registry (such as FTA registrations) are backed up during publishing.
 
--   User Publishing: Shortcuts are stored in the current user account profile and other extension points are stored in the registry in the HKCU hive.
-
--   Backup and Restore: Existing native application data and registry (such as FTA registrations) are backed up during publishing.
-
-    1.  App-V packages are given ownership based on the last integrated package where the ownership is passed to the newest published App-V application.
-
-    2.  Ownership transfers from one App-V package to another when the owning App-V package is unpublished. This will not initiate a restore of the data or registry.
-
-    3.  Restore the backed up data when the last package is unpublished or removed on a per extension point basis.
+    1. App-V packages are given ownership based on the last integrated package where the ownership is passed to the newest published App-V application.
+    2. Ownership transfers from one App-V package to another when the owning App-V package is unpublished. This will not initiate a restore of the data or registry.
+    3. Restore the backed up data when the last package is unpublished or removed on a per extension point basis.
 
 ### Extension points
 
 The App-V publishing files (manifest and dynamic configuration) provide several extension points that enable the application to integrate with the local operating system. These extension points perform typical application installation tasks, such as placing shortcuts, creating file type associations, and registering components. As these are virtualized applications that are not installed in the same manner a traditional application, there are some differences. The following is a list of extension points covered in this section:
 
--   Shortcuts
-
--   File Type Associations
-
--   Shell Extensions
-
--   COM
-
--   Software Clients
-
--   Application capabilities
-
--   URL Protocol Handler
-
--   AppPath
-
--   Virtual Application
+- Shortcuts
+- File Type Associations
+- Shell Extensions
+- COM
+- Software Clients
+- Application capabilities
+- URL Protocol Handler
+- AppPath
+- Virtual Application
 
 ### Shortcuts
 
@@ -882,7 +854,7 @@ The short cut is one of the basic elements of integration with the OS and is the
 
 From the package manifest and dynamic configuration XML files, the path to a specific application executable can be found in a section similar to the following:
 
-``` syntax
+```XML
 <Extension Category="AppV.Shortcut">
           <Shortcut>
             <File>[{Common Desktop}]\Adobe Reader.lnk</File>
@@ -902,7 +874,7 @@ As mentioned previously, the App-V shortcuts are placed by default in the user
 
 The App-V Client manages the local operating system File Type Associations during publishing, which enables users to use file type invocations or to open a file with a specifically registered extension (.docx) to start an App-V application. File type associations are present in the manifest and dynamic configuration files as represented in the example below:
 
-``` syntax
+```XML
 <Extension Category="AppV.FileTypeAssociation">
           <FileTypeAssociation>
             <FileExtension MimeAssociation="true">
@@ -939,48 +911,39 @@ The App-V Client manages the local operating system File Type Associations durin
         </Extension>
 ```
 
-**Note**  
-In this example:
-
--   `<Name>.xdp</Name>` is the extension
-
--   `<Name>AcroExch.XDPDoc</Name>` is the ProgId value (which points to the adjoining ProgId)
-
--   `<CommandLine>"[{AppVPackageRoot}]\Reader\AcroRd32.exe" "%1"</CommandLine>` is the command line, which points to the application executable
-
- 
+>[!NOTE]
+>In this example:
+>
+  >- `<Name>.xdp</Name>` is the extension
+  >- `<Name>AcroExch.XDPDoc</Name>` is the ProgId value (which points to the adjoining ProgId)
+  >- `<CommandLine>"[{AppVPackageRoot}]\Reader\AcroRd32.exe" "%1"</CommandLine>` is the command line, which points to the application executable
 
 ### Shell extensions
 
 Shell extensions are embedded in the package automatically during the sequencing process. When the package is published globally, the shell extension gives users the same functionality as if the application were locally installed. The application requires no additional setup or configuration on the client to enable the shell extension functionality.
 
-**Requirements for using shell extensions:**
+#### Requirements for using shell extensions
 
--   Packages that contain embedded shell extensions must be published globally.
+- Packages that contain embedded shell extensions must be published globally.
+- The “bitness” of the application, Sequencer, and App-V client must match, or the shell extensions won’t work. For example:
 
--   The “bitness” of the application, Sequencer, and App-V client must match, or the shell extensions won’t work. For example:
-
-    -   The version of the application is 64-bit.
-
-    -   The Sequencer is running on a 64-bit computer.
-
-    -   The package is being delivered to a 64-bit App-V client computer.
+    - The version of the application is 64-bit.
+    - The Sequencer is running on a 64-bit computer.
+    - The package is being delivered to a 64-bit App-V client computer.
 
 The following table displays the supported shell extensions.
 
 | Handler | Description |
-| - | - |
+|---|---|
 | Context menu handler | Adds menu items to the context menu. It is called before the context menu is displayed. |
 | Drag-and-drop handler | Controls the action upon right-click drag-and-drop and modifies the context menu that appears. |
 | Drop target handler | Controls the action after a data object is dragged-and-dropped over a drop target such as a file.|
 | Data object handler| Controls the action after a file is copied to the clipboard or dragged-and-dropped over a drop target. It can provide additional clipboard formats to the drop target.|
 | Property sheet handler| Replaces or adds pages to the property sheet dialog box of an object.|
-| Infotip handler| Allows retrieving flags and infotip information for an item and displaying it inside a popup tooltip upon mouse- hover.|
+| Infotip handler| Allows retrieving flags and infotip information for an item and displaying it inside a popup tooltip upon mouse-hover.|
 | Column handler| Allows creating and displaying custom columns in Windows Explorer *Details view*. It can be used to extend sorting and grouping.|
 | Preview handler| Enables a preview of a file to be displayed in the Windows Explorer Preview Pane.|
 
- 
-
 ### COM
 
 The App-V Client supports publishing applications with support for COM integration and virtualization. COM integration allows the App-V Client to register COM objects on the local operating system and virtualization of the objects. For the purposes of this document, the integration of COM objects requires additional detail.
@@ -995,7 +958,7 @@ App-V supports specific software clients and application capabilities extension
 
 Example of software client registration of an App-V based mail client.
 
-``` syntax
+```XML
     <SoftwareClients Enabled="true">
       <ClientConfiguration EmailEnabled="true" />
       <Extensions>
@@ -1035,16 +998,12 @@ Example of software client registration of an App-V based mail client.
     </SoftwareClients>
 ```
 
-**Note**  
+>[!NOTE]
 In this example:
-
--   `<ClientConfiguration EmailEnabled="true" />` is the overall Software Clients setting to integrate Email clients
-
--   `<EMail MakeDefault="true">` is the flag to set a particular Email client as the default Email client
-
--   `<MAPILibrary>[{ProgramFilesX86}]\Mozilla Thunderbird\mozMapi32_InUse.dll</MAPILibrary>` is the MAPI dll registration
-
- 
+>
+  >- `<ClientConfiguration EmailEnabled="true" />` is the overall Software Clients setting to integrate Email clients
+  >- `<EMail MakeDefault="true">` is the flag to set a particular Email client as the default Email client
+  >- `<MAPILibrary>[{ProgramFilesX86}]\Mozilla Thunderbird\mozMapi32_InUse.dll</MAPILibrary>` is the MAPI dll registration
 
 ### URL Protocol handler
 
@@ -1068,6 +1027,25 @@ The extension points described above are integrated into the operating system ba
 
 Extension points are not all published the same way, where some extension points will require global publishing and others require sequencing on the specific operating system and architecture where they are delivered. Below is a table that describes these two key rules.
 
+|Virtual Extension|Requires target OS Sequencing|Requires Global Publishing|
+|---|:---:|:---:|
+|Shortcut|||
+|File Type Association|||
+|URL Protocols|X||
+|AppPaths|X||
+|COM Mode|||
+|Software Client|X||
+|Application Capabilities|X|X|
+|Context Menu Handler|X|X|
+|Drag-and-drop Handler|X||
+|Data Object Handler|X||
+|Property Sheet Handler|X||
+|Infotip Handler|X||
+|Column Handler|X||
+|Shell Extensions|X||
+|Browser Helper Object|X|X|
+|Active X Object|X|X|
+
 <table>
 <colgroup>
 <col width="33%" />
@@ -1180,9 +1158,9 @@ App-V Packages contain the Manifest file inside of the appv package file, which
 
 The example below shows the combination of the Manifest, Deployment Configuration and User Configuration files after publishing and during normal operation. These examples are abbreviated examples of each of the files. The purpose is show the combination of the files only and not to be a complete description of the specific categories available in each of the files. For more information, download the [App-V Sequencing Guide](https://www.microsoft.com/en-us/download/details.aspx?id=27760).
 
-**Manifest**
+#### Manifest
 
-``` syntax
+```XML
 <appv:Extension Category="AppV.Shortcut">
      <appv:Shortcut>
           <appv:File>[{Common Programs}]\7-Zip\7-Zip File Manager.lnk</appv:File>
@@ -1192,9 +1170,9 @@ The example below shows the combination of the Manifest, Deployment Configuratio
 </appv:Extension>
 ```
 
-**Deployment Configuration**
+#### Deployment Configuration
 
-``` syntax
+```XML
 <MachineConfiguration>
      <Subsystems>
           <Registry>
@@ -1207,9 +1185,9 @@ The example below shows the combination of the Manifest, Deployment Configuratio
      </Subsystems>
 ```
 
-**User Configuration**
+#### User Configuration
 
-``` syntax
+```XML
 <UserConfiguration>
      <Subsystems>
 <appv:ExtensionCategory="AppV.Shortcut">
@@ -1248,41 +1226,32 @@ The example below shows the combination of the Manifest, Deployment Configuratio
 
 ## Side-by-side assemblies
 
+App-V supports the automatic packaging of side-by-side (SxS) assemblies during sequencing and deployment on the client during virtual application publishing. App-V supports capturing SxS assemblies during sequencing for assemblies not present on the sequencing machine. And for assemblies consisting of Visual C++ (Version 8 and newer) and/or MSXML run-time, the Sequencer will automatically detect and capture these dependencies even if they were not installed during monitoring. The side-by-side assemblies feature removes the limitations of previous versions of App-V, where the App-V Sequencer did not capture assemblies already present on the sequencing workstation, and privatizing the assemblies which limited to one bit version per package. This behavior resulted in deployed App-V applications to clients missing the required SxS assemblies, causing application launch failures. This forced the packaging process to document and then ensure that all assemblies required for packages were locally installed on the user’s client operating system to ensure support for the virtual applications. Based on the number of assemblies and the lack of application documentation for the required dependencies, this task was both a management and implementation challenge.
 
-App-V supports the automatic packaging of side-by-side (SxS) assemblies during sequencing and deployment on the client during virtual application publishing. App-V supports capturing SxS assemblies during sequencing for assemblies not present on the sequencing machine. And for assemblies consisting of Visual C++ (Version 8 and newer) and/or MSXML run-time, the Sequencer will automatically detect and capture these dependencies even if they were not installed during monitoring. The Side by Side assemblies feature removes the limitations of previous versions of App-V, where the App-V Sequencer did not capture assemblies already present on the sequencing workstation, and privatizing the assemblies which limited to one bit version per package. This behavior resulted in deployed App-V applications to clients missing the required SxS assemblies, causing application launch failures. This forced the packaging process to document and then ensure that all assemblies required for packages were locally installed on the user’s client operating system to ensure support for the virtual applications. Based on the number of assemblies and the lack of application documentation for the required dependencies, this task was both a management and implementation challenge.
+Side-by-side assembly support in App-V has the following features.
 
-Side by Side Assembly support in App-V has the following features.
-
--   Automatic captures of SxS assembly during Sequencing, regardless of whether the assembly was already installed on the sequencing workstation.
-
--   The App-V Client automatically installs required SxS assemblies to the client computer at publishing time when they are not present.
-
--   The Sequencer reports the VC run-time dependency in Sequencer reporting mechanism.
-
--   The Sequencer allows opting to not package the assemblies that are already installed on the Sequencer, supporting scenarios where the assemblies have previously been installed on the target computers.
+- Automatic captures of SxS assembly during Sequencing, regardless of whether the assembly was already installed on the sequencing workstation.
+- The App-V Client automatically installs required SxS assemblies to the client computer at publishing time when they are not present.
+- The Sequencer reports the VC run-time dependency in Sequencer reporting mechanism.
+- The Sequencer allows opting to not package the assemblies that are already installed on the Sequencer, supporting scenarios where the assemblies have previously been installed on the target computers.
 
 ### Automatic publishing of SxS assemblies
 
 During publishing of an App-V package with SxS assemblies the App-V Client will check for the presence of the assembly on the machine. If the assembly does not exist, the client will deploy the assembly to the machine. Packages that are part of connection groups will rely on the Side by Side assembly installations that are part of the base packages, as the connection group does not contain any information about assembly installation.
 
-> [!NOTE]  
-> Unpublishing or removing a package with an assembly does not remove the assemblies for that package.
-
- 
+>[!NOTE]
+>Unpublishing or removing a package with an assembly does not remove the assemblies for that package.
 
 ## Client logging
 
-
 The App-V client logs information to the Windows Event log in standard ETW format. The specific App-V events can be found in the event viewer, under Applications and Services Logs\\Microsoft\\AppV\\Client.
 
 There are three specific categories of events recorded described below.
 
-**Admin**: Logs events for configurations being applied to the App-V Client, and contains the primary warnings and errors.
-
-**Operational**: Logs the general App-V execution and usage of individual components creating an audit log of the App-V operations that have been completed on the App-V Client.
-
-**Virtual Application**: Logs virtual application launches and use of virtualization subsystems.
+- **Admin**: Logs events for configurations being applied to the App-V Client, and contains the primary warnings and errors.
+- **Operational**: Logs the general App-V execution and usage of individual components creating an audit log of the App-V operations that have been completed on the App-V Client.
+- **Virtual Application**: Logs virtual application launches and use of virtualization subsystems.
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).<br>For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv).
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
\ No newline at end of file

From 2cb3a88000fdbe2802b45a9b42fb1b403d9a22dc Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Thu, 19 Apr 2018 16:43:10 -0700
Subject: [PATCH 03/74] Began editorial text edits for article

---
 ...ation-publishing-and-client-interaction.md | 52 +++++++++----------
 1 file changed, 26 insertions(+), 26 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 79b0720209..3965e42334 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -86,11 +86,11 @@ The appv file contains the following folder and files, which are used when creat
 
 | Name | Type | Description |
 |---|---|---|
-| Root | File folder | Directory that contains the file system for the virtualized application that is captured during sequencing. |
-| [Content_Types].xml | XML File | List of the core content types in the appv file (e.g. DLL, EXE, BIN). |
+| Root | File folder | Directory that contains the file system for the virtualized application captured during sequencing. |
+| [Content_Types].xml | XML File | List of the core content types in the appv file (for example, DLL, EXE, BIN). |
 | AppxBlockMap.xml | XML File | Layout of the appv file, which uses File, Block, and BlockMap elements that enable location and validation of files in the App-V package.|
 | AppxManifest.xml | XML File | Metadata for the package that contains the required information for adding, publishing, and launching the package. Includes extension points (file type associations and shortcuts) and the names and GUIDs associated with the package.|
-| FilesystemMetadata.xml | XML File | List of the files captured during sequencing, including attributes (e.g., directories, files, opaque directories, empty directories,and long and short names). |
+| FilesystemMetadata.xml | XML File | List of the files captured during sequencing, including attributes (such as directories, files, opaque directories, empty directories, and long and short names). |
 | PackageHistory.xml | XML File | Information about the sequencing computer (operating system version, Internet Explorer version, .Net Framework version) and process (upgrade, package version).|
 | Registry.dat | DAT File | Registry keys and values captured during the sequencing process for the package.|
 | StreamMap.xml | XML File | List of files for the primary and publishing feature block. The publishing feature block contains the ICO files and required portions of files (EXE and DLL) for publishing the package. When present, the primary feature block includes files that have been optimized for streaming during the sequencing process.|
@@ -101,43 +101,43 @@ The App-V client performs tasks to ensure that virtual applications run properly
 
 | Name | Location | Description |
 |---|---|---|
-| Package Store | %ProgramData%\App-V| Default location for read only package files| 
-| Machine Catalog | %ProgramData%\Microsoft\AppV\Client\Catalog| Contains per-machine configuration documents| 
-| User Catalog | %AppData%\Microsoft\AppV\Client\Catalog| Contains per-user configuration documents| 
-| Shortcut Backups | %AppData%\Microsoft\AppV\Client\Integration\ShortCutBackups| Stores previous integration points that enable restore on package unpublish| 
-| Copy on Write (COW) Roaming | %AppData%\Microsoft\AppV\Client\VFS| Writeable roaming location for package modification| 
-| Copy on Write (COW) Local | %LocalAppData%\Microsoft\AppV\Client\VFS| Writeable non-roaming location for package modification| 
-| Machine Registry | HKLM\Software\Microsoft\AppV| Contains package state information, including VReg for machine or globally published packages (Machine hive)| 
-| User Registry | HKCU\Software\Microsoft\AppV| Contains user package state information including VReg| 
-| User Registry Classes | HKCU\Software\Classes\AppV| Contains additional user package state information| 
+| Package Store | %ProgramData%\App-V| Default location for read only package files|
+| Machine Catalog | %ProgramData%\Microsoft\AppV\Client\Catalog| Contains per-machine configuration documents|
+| User Catalog | %AppData%\Microsoft\AppV\Client\Catalog| Contains per-user configuration documents|
+| Shortcut Backups | %AppData%\Microsoft\AppV\Client\Integration\ShortCutBackups| Stores previous integration points that enable restore on package unpublish|
+| Copy on Write (COW) Roaming | %AppData%\Microsoft\AppV\Client\VFS| Writeable roaming location for package modification|
+| Copy on Write (COW) Local | %LocalAppData%\Microsoft\AppV\Client\VFS| Writeable non-roaming location for package modification|
+| Machine Registry | HKLM\Software\Microsoft\AppV| Contains package state information, including VReg for machine or globally published packages (Machine hive)|
+| User Registry | HKCU\Software\Microsoft\AppV| Contains user package state information including VReg|
+| User Registry Classes | HKCU\Software\Classes\AppV| Contains additional user package state information|
 
 Additional details for the table are provided in the section below and throughout the document.
 
 ### Package store
 
-The App-V Client manages the applications assets mounted in the package store. This default storage location is `%ProgramData%\App-V`, but you can configure it during or after setup by using the `Set-AppVClientConfiguration` Windows PowerShell cmdlet, which modifies the local registry (`PackageInstallationRoot` value under the `HKLM\Software\Microsoft\AppV\Client\Streaming` key). The package store must be located at a local path on the client operating system. The individual packages are stored in the package store in subdirectories named for the Package GUID and Version GUID.
+The App-V Client manages the applications assets mounted in the package store. This default storage location is `%ProgramData%\App-V`, but you can configure it during or after setup by using the **Set-AppVClientConfiguration** Windows PowerShell cmdlet, which modifies the local registry (`PackageInstallationRoot` value under the `HKLM\Software\Microsoft\AppV\Client\Streaming` key). The package store must be located at a local path on the client operating system. The individual packages are stored in the package store in subdirectories named after the Package GUID and Version GUID.
 
 Example of a path to a specific application:
 
-``` syntax
-C:\ProgramData\App-V\PackGUID\VersionGUID 
+```syntax
+C:\ProgramData\App-V\PackGUID\VersionGUID
 ```
 
 To change the default location of the package store during setup, see [Enable the App-V desktop client](appv-enable-the-app-v-desktop-client.md).
 
 ### Shared Content Store
 
-If the App-V Client is configured in Shared Content Store mode, no data is written to disk when a stream fault occurs, which means that the packages require minimal local disk space (publishing data). The use of less disk space is highly desirable in VDI environments, where local storage can be limited, and streaming the applications from a high performance network location (such as a SAN) is preferable. For more information, see [Shared Content Store in Microsoft App-V 5.0 - Behind the Scenes](https://blogs.technet.microsoft.com/appv/2013/07/22/shared-content-store-in-microsoft-app-v-5-0-behind-the-scenes/).
+If the App-V Client is configured in Shared Content Store mode, no data is written to disk when a stream fault occurs, which means that the packages require minimal local disk space (publishing data). The use of less disk space is highly desirable in VDI environments, where local storage can be limited, and streaming the applications from a high-performance network location (such as a SAN) is preferable. For more information, see [Shared Content Store in Microsoft App-V 5.0 - Behind the Scenes](https://blogs.technet.microsoft.com/appv/2013/07/22/shared-content-store-in-microsoft-app-v-5-0-behind-the-scenes/).
 
-> [!NOTE]
-> The machine and package store must be located on a local drive, even when you’re using Shared Content Store configurations for the App-V Client.
+>[!NOTE]
+>The machine and package store must be located on a local drive, even when you’re using Shared Content Store configurations for the App-V Client.
 
 ### Package catalogs
 
 The App-V Client manages the following two file-based locations:
 
 - **Catalogs (user and machine).**
-- **Registry locations**—depends on how the package is targeted for publishing. There is a Catalog (data store) for the computer, and a catalog for each individual user. The Machine Catalog stores global information applicable to all users or any user, and the User Catalog stores information applicable to a specific user. The Catalog is a collection of Dynamic Configurations and manifest files; there is discrete data for both file and registry per package version. 
+- **Registry locations**—depends on how the package is targeted for publishing. There is a Catalog (data store) for the computer, and a catalog for each individual user. The Machine catalog stores global information applicable to all users or any specific user, and the User catalog stores information applicable to a specific user. The catalog is a collection of Dynamic Configurations and manifest files; there is discrete data for both file and registry per package version.
 
 ### Machine catalog
 
@@ -194,7 +194,7 @@ The App-V Client manages the following two file-based locations:
 
 |||
 |---|---|
-|Description|Created during the publishing process. Contains information used for publishing the package, and also used at launch to ensure that a package is provisioned to a specific user. Created in a roaming location and includes user-specific publishing information.<br></br>When a package is published for a user, the policy file is stored in the User Catalog. At the same time, a copy of the manifest is also stored in the User Catalog. When a package entitlement is removed for a user, the relevant package files are removed from the User Catalog. Looking at the user catalog, an administrator can view the presence of a Dynamic Configuration file, which indicates that the package is entitled for that user.<br></br>For roaming users, the User Catalog needs to be in a roaming or shared location to preserve the legacy App-V behavior of targeting users by default. Entitlement and policy are tied to a user, not a computer, so they should roam with the user once they are provisioned.|
+|Description|Created during the publishing process. Contains information used for publishing the package, and for making sure that a package is provisioned to a specific user at launch. Created in a roaming location and includes user-specific publishing information.<br></br>When a package is published for a user, the policy file is stored in the User Catalog. At the same time, a copy of the manifest is also stored in the User Catalog. When a package entitlement is removed for a user, the relevant package files are removed from the User Catalog. Looking at the user catalog, an administrator can view the presence of a Dynamic Configuration file, which indicates that the package is entitled for that user.<br></br>For roaming users, the User Catalog needs to be in a roaming or shared location to preserve the legacy App-V behavior of targeting users by default. Entitlement and policy are tied to a user, not a computer, so they should roam with the user once they are provisioned.|
 |Default storage location|```appdata\roaming\Microsoft\AppV\Client\Catalog\Packages\PkgGUID\VerGUID```|
 |Files in the user catalog|- UserManifest.xml<br>- DynamicConfiguration.xml or UserDeploymentConfiguration.xml|
 |Additional user catalog location, used when the package is part of a connection group|The following location is in addition to the specific package location mentioned above:<br></br>```appdata\roaming\Microsoft\AppV\Client\Catalog\PackageGroups\PkgGroupGUID\PkgGroupVerGUID```|
@@ -237,7 +237,7 @@ The App-V Client manages the following two file-based locations:
 
 ### Shortcut backups
 
-During the publishing process, the App-V Client backs up any shortcuts and integration points to ```%AppData%\Microsoft\AppV\Client\Integration\ShortCutBackups```. This backup enables the restoration of these integration points to the previous versions when the package is unpublished.
+During the publishing process, the App-V Client backs up any shortcuts and integration points to ```%AppData%\Microsoft\AppV\Client\Integration\ShortCutBackups```. This backup lets integration points restore to the previous versions when the package is unpublished.
 
 ### Copy on Write files
 
@@ -249,7 +249,7 @@ The COW Roaming location described above stores changes to files and directories
 
 ### COW local
 
-The COW Local location is similar to the roaming location, but the directories and files are not roamed to other computers, even if roaming support has been configured. The COW Local location described above stores changes applicable to typical windows and not the %AppData% location. The directories listed will vary but there will be two locations for any typical Windows locations (e.g. Common AppData and Common AppDataS). The **S** signifies the restricted location when the virtual service requests the change as a different elevated user from the logged on users. The non-**S** location stores user based changes.
+The COW Local location is similar to the roaming location, but the directories and files are not roamed to other computers, even if roaming support has been configured. The COW Local location described above stores changes applicable to typical windows and not the %AppData% location. The directories listed will vary but there will be two locations for any typical Windows locations (for example, Common AppData and Common AppDataS). The **S** signifies the restricted location when the virtual service requests the change as a different elevated user from the logged on users. The non-**S** location stores user based changes.
 
 ## Package registry
 
@@ -269,13 +269,13 @@ The staged registry persists the same way as in the single package case. Staged
 
 ### Virtual registry
 
-The purpose of the virtual registry (VREG) is to provide a single merged view of the package registry and the native registry to applications. It also provides copy-on-write (COW) functionality – that is any changes made to the registry from the context of a virtual process are made to a separate COW location. This means that the VREG must combine up to three separate registry locations into a single view based on the populated locations in the registry COW -&gt; package -&gt; native. When a request is made for a registry data it will locate in order until it finds the data it was requesting. Meaning if there is a value stored in a COW location it will not proceed to other locations, however, if there is no data in the COW location it will proceed to the Package and then Native location until it finds the appropriate data.
+The purpose of the virtual registry (VREG) is to provide a single merged view of the package registry and the native registry to applications. It also provides copy-on-write (COW) functionality—that is, any changes made to the registry from the context of a virtual process are made to a separate COW location. This means that the VREG must combine up to three separate registry locations into a single view based on the populated locations in the registry COW -&gt; package -&gt; native. When a request is made for a registry data it will locate in order until it finds the data it was requesting. Meaning if there is a value stored in a COW location it will not proceed to other locations, however, if there is no data in the COW location it will proceed to the Package and then Native location until it finds the appropriate data.
 
 ### Registry locations
 
 There are two package registry locations and two connection group locations where the App-V Client stores registry information, depending on whether the Package is published individually or as part of a connection group. There are three COW locations for packages and three for connection groups, which are created and managed by the VREG. Settings for packages and connection groups are not shared:
 
-**Single Package VReg:**
+#### Single Package VReg
 
 |Location|Description|
 |---|---|
@@ -317,7 +317,7 @@ There are two package registry locations and two connection group locations wher
 </tbody>
 </table>
 
-**Connection Group VReg:**
+#### Connection Group VReg
 
 |Location|Description|
 |---|---|
@@ -385,7 +385,7 @@ The following locations are configured as pass-through locations by default:
 
 - HKEY\_CURRENT\_USER\\SOFTWARE\\Policies
 
-The purpose of Pass-through keys is to ensure that a virtual application does not write registry data in the VReg that is required for non-virtual applications for successful operation or integration. The Policies key ensures that Group Policy based settings set by the administrator are utilized and not per package settings. The AppModel key is required for integration with Windows Modern UI based applications. It is recommend that administers do not modify any of the default pass-through keys, but in some instances, based on application behavior may require adding additional pass-through keys.
+The purpose of Pass-through keys is to ensure that a virtual application does not write registry data in the VReg that is required for non-virtual applications for successful operation or integration. The Policies key ensures that Group Policy-based settings set by the administrator are utilized and not per package settings. The AppModel key is required for integration with Windows Modern UI-based applications. Administers ideally should not modify any of the default pass-through keys, but in some instances, based on application behavior the admin may need to add additional pass-through keys.
 
 ## App-V package store behavior
 

From 5bc924ab867285d06ddf472881c9a3f6a1f394c6 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Fri, 20 Apr 2018 11:07:01 -0700
Subject: [PATCH 04/74] Continued updating text for app publishing and client
 interaction article

---
 ...ation-publishing-and-client-interaction.md | 20 +++++++++----------
 ...v-planning-folder-redirection-with-appv.md |  2 +-
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 3965e42334..8af9f4e472 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -80,7 +80,7 @@ For information about sequencing, see [How to Sequence a New Application with Ap
 
 The appv file is a container that stores XML and non-XML files together in a single entity. This file is built from the AppX format, which is based on the Open Packaging Conventions (OPC) standard.
 
-To view the appv file contents, make a copy of the package, and then rename the copied file to a ZIP extension.
+To view the appv file contents, make a copy of the package, and then rename the copied file to a .zip extension.
 
 The appv file contains the following folder and files, which are used when creating and publishing a virtual application:
 
@@ -385,7 +385,7 @@ The following locations are configured as pass-through locations by default:
 
 - HKEY\_CURRENT\_USER\\SOFTWARE\\Policies
 
-The purpose of Pass-through keys is to ensure that a virtual application does not write registry data in the VReg that is required for non-virtual applications for successful operation or integration. The Policies key ensures that Group Policy-based settings set by the administrator are utilized and not per package settings. The AppModel key is required for integration with Windows Modern UI-based applications. Administers ideally should not modify any of the default pass-through keys, but in some instances, based on application behavior the admin may need to add additional pass-through keys.
+The purpose of pass-through keys is to ensure that a virtual application does not write registry data in the VReg that is required for non-virtual applications for successful operation or integration. The Policies key ensures that Group Policy-based settings set by the administrator are utilized and not per package settings. The AppModel key is required for integration with Windows Modern UI-based applications. Administers ideally should not modify any of the default pass-through keys, but in some instances, based on application behavior the admin may need to add additional pass-through keys.
 
 ## App-V package store behavior
 
@@ -563,7 +563,7 @@ The following table shows local and roaming locations, when folder redirection h
 | appv_ROOT | C:\Users\Local\AppData\Local\Microsoft\AppV\Client\VFS\\&lt;GUID&gt;\appv\_ROOT |
 | AppData | \\Fileserver\users\Local\roaming\Microsoft\AppV\Client\VFS\\&lt;GUID&gt;\AppData |
 
-The current App-V Client VFS driver cannot write to network locations, so the App-V Client detects the presence of folder redirection and copies the data on the local drive during publishing and when the virtual environment starts. After the user closes the App-V application and the App-V Client closes the virtual environment, the local storage of the VFS AppData is copied back to the network, enabling roaming to additional machines, where the process will be repeated. The detailed steps of the processes are:
+The current App-V Client VFS driver can't write to network locations, so the App-V Client detects the presence of folder redirection and copies the data on the local drive during publishing and when the virtual environment starts. After the user closes the App-V application and the App-V Client closes the virtual environment, the local storage of the VFS AppData is copied back to the network, enabling roaming to additional machines, where the process will be repeated. The detailed steps of the processes are:
 
 1. During publishing or virtual environment startup, the App-V Client detects the location of the AppData directory.
 2. If the roaming AppData path is local or ino AppData\\Roaming location is mapped, nothing happens.
@@ -572,19 +572,19 @@ The current App-V Client VFS driver cannot write to network locations, so the Ap
 This process solves the problem of a non-local %AppData% that is not supported by the App-V Client VFS driver. However, the data stored in this new location is not roamed with folder redirection. All changes during the running of the application happen to the local AppData location and must be copied to the redirected location. The detailed steps of this process are:
 
 1. App-V application is shut down, which shuts down the virtual environment.
-2. The local cache of the roaming AppData location is compressed and stored in a ZIP file.
-3. A timestamp at the end of the ZIP packaging process is used to name the file.
+2. The local cache of the roaming AppData location is compressed and stored in a .zip file.
+3. A timestamp at the end of the .zip packaging process is used to name the file.
 4. The timestamp is recorded in the registry: HKEY\_CURRENT\_USER\\Software\\Microsoft\\AppV\\Client\\Packages\\&lt;GUID&gt;\\AppDataTime as the last known AppData timestamp.
-5. The folder redirection process is called to evaluate and initiate the ZIP file uploaded to the roaming AppData directory.
+5. The folder redirection process is called to evaluate and initiate the .zip file uploaded to the roaming AppData directory.
 
 The timestamp is used to determine a “last writer wins” scenario if there is a conflict and is used to optimize the download of the data when the App-V application is published or the virtual environment is started. Folder redirection will make the data available from any other clients covered by the supporting policy and will initiate the process of storing the AppData\\Roaming data to the local AppData location on the client. The detailed processes are:
 
 1. The user starts the virtual environment by starting an application.
-2. The application’s virtual environment checks for the most recent time stamped ZIP file, if present.
+2. The application’s virtual environment checks for the most recent time stamped .zip file, if present.
 3. The registry is checked for the last known uploaded timestamp, if present.
-4. The most recent ZIP file is downloaded unless the local last known upload timestamp is greater than or equal to the timestamp from the ZIP file.
-5. If the local last known upload timestamp is earlier than that of the most recent ZIP file in the roaming AppData location, the ZIP file is extracted to the local temp directory in the user’s profile.
-6. After the ZIP file is successfully extracted, the local cache of the roaming AppData directory is renamed and the new data is moved into place.
+4. The most recent .zip file is downloaded unless the local last known upload timestamp is greater than or equal to the timestamp from the .zip file.
+5. If the local last known upload timestamp is earlier than that of the most recent .zip file in the roaming AppData location, the .zip file is extracted to the local temp directory in the user’s profile.
+6. After the .zip file is successfully extracted, the local cache of the roaming AppData directory is renamed and the new data is moved into place.
 7. The renamed directory is deleted and the application opens with the most recently saved roaming AppData data.
 
 This completes the successful roaming of application settings that are present in AppData\\Roaming locations. The only other condition that must be addressed is a package repair operation. The details of the process are:
diff --git a/windows/application-management/app-v/appv-planning-folder-redirection-with-appv.md b/windows/application-management/app-v/appv-planning-folder-redirection-with-appv.md
index 28f695046f..7665805a14 100644
--- a/windows/application-management/app-v/appv-planning-folder-redirection-with-appv.md
+++ b/windows/application-management/app-v/appv-planning-folder-redirection-with-appv.md
@@ -33,7 +33,7 @@ To use %AppData% folder redirection, you must:
     * Files under %appdata%\Microsoft\AppV\Client\Catalog
     * Registry settings under HKEY_CURRENT_USER\Software\Microsoft\AppV\Client\Packages
 
-For more information, see [Application publishing and client interaction](appv-application-publishing-and-client-interaction.md#bkmk-clt-inter-roam-reqs).
+For more information, see [Application publishing and client interaction](appv-application-publishing-and-client-interaction.md#roaming-requirements-and-user-catalog-data-storage).
 
 ## Unsupported scenarios for App-V folder redirection
 

From ae8693a8e25def760c97b8d73394bbdd7113d405 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Tue, 24 Apr 2018 11:53:44 -0700
Subject: [PATCH 05/74] Continued article revision

---
 ...ation-publishing-and-client-interaction.md | 35 ++++++++-----------
 1 file changed, 15 insertions(+), 20 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 8af9f4e472..5263548ceb 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -573,17 +573,17 @@ This process solves the problem of a non-local %AppData% that is not supported b
 
 1. App-V application is shut down, which shuts down the virtual environment.
 2. The local cache of the roaming AppData location is compressed and stored in a .zip file.
-3. A timestamp at the end of the .zip packaging process is used to name the file.
-4. The timestamp is recorded in the registry: HKEY\_CURRENT\_USER\\Software\\Microsoft\\AppV\\Client\\Packages\\&lt;GUID&gt;\\AppDataTime as the last known AppData timestamp.
+3. A time stamp at the end of the .zip packaging process is used to name the file.
+4. The time stamp is recorded in the HKEY\_CURRENT\_USER\\Software\\Microsoft\\AppV\\Client\\Packages\\&lt;GUID&gt;\\AppDataTime registry as the last known AppData time stamp.
 5. The folder redirection process is called to evaluate and initiate the .zip file uploaded to the roaming AppData directory.
 
-The timestamp is used to determine a “last writer wins” scenario if there is a conflict and is used to optimize the download of the data when the App-V application is published or the virtual environment is started. Folder redirection will make the data available from any other clients covered by the supporting policy and will initiate the process of storing the AppData\\Roaming data to the local AppData location on the client. The detailed processes are:
+The time stamp is used to determine a “last writer wins” scenario if there is a conflict and is used to optimize the download of the data when the App-V application is published or the virtual environment is started. Folder redirection will make the data available from any other clients covered by the supporting policy and will initiate the process of storing the AppData\\Roaming data to the local AppData location on the client. The detailed processes are:
 
 1. The user starts the virtual environment by starting an application.
 2. The application’s virtual environment checks for the most recent time stamped .zip file, if present.
-3. The registry is checked for the last known uploaded timestamp, if present.
-4. The most recent .zip file is downloaded unless the local last known upload timestamp is greater than or equal to the timestamp from the .zip file.
-5. If the local last known upload timestamp is earlier than that of the most recent .zip file in the roaming AppData location, the .zip file is extracted to the local temp directory in the user’s profile.
+3. The registry is checked for the last known uploaded time stamp, if present.
+4. The most recent .zip file is downloaded unless the local last known upload time stamp is greater than or equal to the time stamp from the .zip file.
+5. If the local last known upload time stamp is earlier than that of the most recent .zip file in the roaming AppData location, the .zip file is extracted to the local temp directory in the user’s profile.
 6. After the .zip file is successfully extracted, the local cache of the roaming AppData directory is renamed and the new data is moved into place.
 7. The renamed directory is deleted and the application opens with the most recently saved roaming AppData data.
 
@@ -591,37 +591,34 @@ This completes the successful roaming of application settings that are present i
 
 1. During repair, detect if the path to the user’s roaming AppData directory is not local.
 2. Map the non-local roaming AppData path targets are recreated the expected roaming and local AppData locations.
-3. Delete the timestamp stored in the registry, if present.
+3. Delete the time stamp stored in the registry, if present.
 
-This process will re-create both the local and network locations for AppData and remove the registry record of the timestamp.
+This process will re-create both the local and network locations for AppData and remove the registry record of the time stamp.
 
 ## App-V client application lifecycle management
 
-In an App-V Full Infrastructure, after applications are sequenced they are managed and published to users or computers through the App-V Management and Publishing servers. This section details the operations that occur during the common App-V application lifecycle operations (Add, publishing, launch, upgrade, and removal) and the file and registry locations that are changed and modified from the App-V Client perspective. The App-V Client operations are performed as a series of Windows PowerShell commands initiated on the computer running the App-V Client.
+In an App-V Full Infrastructure, after applications are sequenced they are managed and published to users or computers through the App-V Management and Publishing servers. This section details the operations that occur during the common App-V application lifecycle operations (Add, publishing, launch, upgrade, and removal) and the file and registry locations that are changed and modified from the App-V Client perspective. The App-V Client operations are input as PowerShell commands on the computer running the App-V Client.
 
 This document focuses on App-V Full Infrastructure solutions. For specific information on App-V Integration with Configuration Manager 2012, see [Integrating Virtual Application Management with App-V 5 and Configuration Manager 2012 SP1](https://www.microsoft.com/en-us/download/details.aspx?id=38177).
 
-The App-V application lifecycle tasks are triggered at user login (default), machine startup, or as background timed operations. The settings for the App-V Client operations, including Publishing Servers, refresh intervals, package script enablement, and others, are configured (after the client is enabled) with Windows PowerShell commands. See [App-V Client Configuration Settings: Windows PowerShell](appv-client-configuration-settings.md#app-v-client-configuration-settings-windows-powershell).
+The App-V application lifecycle tasks are triggered at user sign in (default), machine startup, or as background timed operations. The settings for the App-V Client operations, including Publishing Servers, refresh intervals, package script enablement, and others, are configured (after the client is enabled) with Windows PowerShell commands. See [App-V Client Configuration Settings: Windows PowerShell](appv-client-configuration-settings.md#app-v-client-configuration-settings-windows-powershell).
 
 ### Publishing refresh
 
-The publishing refresh process is comprised of several smaller operations that are performed on the App-V Client. Since App-V is an application virtualization technology and not a task scheduling technology, the Windows Task Scheduler is utilized to enable the process at user logon, machine startup, and at scheduled intervals. The configuration of the client during setup listed above is the preferred method when distributing the client to a large group of computers with the correct settings. These client settings can be configured with the following Windows PowerShell cmdlets:
+The publishing refresh process comprises several smaller operations that are performed on the App-V Client. Since App-V is an application virtualization technology and not a task scheduling technology, the Windows Task Scheduler is utilized to enable the process when the user signs in, the machine turns on, and at scheduled intervals. The client configuration during setup listed in the previous section is the preferred method when distributing the client to a large group of computers with the correct settings. These client settings can be configured with the following Windows PowerShell cmdlets:
 
 - **Add-AppVPublishingServer:** Configures the client with an App-V Publishing Server that provides App-V packages.
 - **Set-AppVPublishingServer:** Modifies the current settings for the App-V Publishing Server.
 - **Set-AppVClientConfiguration:** Modifies the currents settings for the App-V Client.
 - **Sync-AppVPublishingServer:** Initiates an App-V Publishing Refresh process manually. This is also utilized in the scheduled tasks created during configuration of the publishing server.
 
-The focus of the following sections is to detail the operations that occur during different phases of an App-V Publishing Refresh. The topics include:
+The following sections will elaborate what goes on during the publishing refresh process.
 
-- Adding an App-V Package
-- Publishing an App-V Package
-
-### Adding an App-V package
+#### Adding an App-V package
 
 Adding an App-V package to the client is the first step of the publishing refresh process. The end result is the same as the `Add-AppVClientPackage` cmdlet in Windows PowerShell, except during the publishing refresh add process, the configured publishing server is contacted and passes a high-level list of applications back to the client to pull more detailed information and not a single package add operation. The process continues by configuring the client for package or connection group additions or updates, then accesses the appv file. Next, the contents of the appv file are expanded and placed on the local operating system in the appropriate locations. The following is a detailed workflow of the process, assuming the package is configured for Fault Streaming.
 
-**How to add an App-V package**
+#### How to add an App-V package
 
 1. Manual initiation via Windows PowerShell or Task Sequence initiation of the Publishing Refresh process.
 
@@ -677,13 +674,11 @@ Adding an App-V package to the client is the first step of the publishing refres
     >[!NOTE]
     >This condition occurs as a product of removal without unpublishing with background addition of the package.
 
-
-
 This completes an App-V package add of the publishing refresh process. The next step is publishing the package to the specific target (machine or user).
 
 ![package add file and registry data](images/packageaddfileandregistrydata.png)
 
-### Publishing an App-V package
+#### Publishing an App-V package
 
 During the Publishing Refresh operation, the specific publishing operation (Publish-AppVClientPackage) adds entries to the user catalog, maps entitlement to the user, identifies the local store, and finishes by completing any integration steps. The following are the detailed steps.
 

From 6c16e0aea013414c52b4e8da72812e864a7a0f70 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Tue, 24 Apr 2018 13:20:56 -0700
Subject: [PATCH 06/74] Continued editing

---
 .../app-v/appv-application-publishing-and-client-interaction.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 5263548ceb..7403663b3d 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -620,7 +620,7 @@ Adding an App-V package to the client is the first step of the publishing refres
 
 #### How to add an App-V package
 
-1. Manual initiation via Windows PowerShell or Task Sequence initiation of the Publishing Refresh process.
+1. Initiate installation manually through Windows PowerShell or Task Sequence initiation of the Publishing Refresh process.
 
     1. The App-V Client makes an HTTP connection and requests a list of applications based on the target. The Publishing refresh process supports targeting machines or users.
 

From 54a6ac6cf79807701c32c6b347109a6d5bf6c4ee Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Thu, 26 Apr 2018 15:38:26 -0700
Subject: [PATCH 07/74] Continued editorial changes

---
 ...ation-publishing-and-client-interaction.md | 68 +++++++++----------
 1 file changed, 34 insertions(+), 34 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 7403663b3d..137715003d 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -616,7 +616,9 @@ The following sections will elaborate what goes on during the publishing refresh
 
 #### Adding an App-V package
 
-Adding an App-V package to the client is the first step of the publishing refresh process. The end result is the same as the `Add-AppVClientPackage` cmdlet in Windows PowerShell, except during the publishing refresh add process, the configured publishing server is contacted and passes a high-level list of applications back to the client to pull more detailed information and not a single package add operation. The process continues by configuring the client for package or connection group additions or updates, then accesses the appv file. Next, the contents of the appv file are expanded and placed on the local operating system in the appropriate locations. The following is a detailed workflow of the process, assuming the package is configured for Fault Streaming.
+Adding an App-V package to the client is the first step of the publishing refresh process. The end result is the same as the **Add-AppVClientPackage** cmdlet in Windows PowerShell, except the publishing refresh add process contacts the configured publishing server and passes a high-level list of applications back to the client to pull more detailed information, rather than just doing a single package add operation.
+
+The process then configures the client for package or connection group additions or updates, then accesses the appv file. Next, the contents of the appv file are expanded and placed on the local operating system in the appropriate locations. The following is a detailed workflow of the process, assuming the package is configured for Fault Streaming.
 
 #### How to add an App-V package
 
@@ -624,41 +626,39 @@ Adding an App-V package to the client is the first step of the publishing refres
 
     1. The App-V Client makes an HTTP connection and requests a list of applications based on the target. The Publishing refresh process supports targeting machines or users.
 
-    2. The App-V Publishing Server uses the identity of the initiating target, user or machine, and queries the database for a list of entitled applications. The list of applications is provided as an XML response, which the client uses to send additional requests to the server for more information on a per package basis.
+    2. The App-V Publishing Server uses the identity of the initiating target, user or machine, and queries the database for a list of entitled applications. The list of applications is provided as an XML response, which the client uses to send additional requests to the server for more information on a per-package basis.
 
-2. The Publishing Agent on the App-V Client performs all actions below serialized.
+2. The Publishing Agent on the App-V Client will evaluate any connection groups that are unpublished or disabled, since package version updates that are part of the connection group cannot be processed.
 
-    Evaluate any connection groups that are unpublished or disabled, since package version updates that are part of the connection group cannot be processed.
-
-3. Configure the packages by identifying an Add or Update operations.
+3. Configure the packages by identifying the **Add** or **Update** operations.
 
     1. The App-V Client utilizes the AppX API from Windows and accesses the appv file from the publishing server.
 
-    2. The package file is opened and the AppXManifest.xml and StreamMap.xml are downloaded to the Package Store.
+    2. The package file is opened and the **AppXManifest.xml** and **StreamMap.xml** files are downloaded to the Package Store.
 
-    3. Completely stream publishing block data defined in the StreamMap.xml. Stores the publishing block data in the Package Store\\PkgGUID\\VerGUID\\Root.
+    3. Completely stream publishing block data defined in the **StreamMap.xml**. Publishing block data is stored in Package Store\\PkgGUID\\VerGUID\\Root.
 
         - Icons: Targets of extension points.
-        - Portable Executable Headers (PE Headers): Targets of extension points that contain the base information about the image need on disk, directly accessed or via file types.
+        - Portable Executable Headers (PE Headers): Targets of extension points that contain the base information about the image need on disk, accessed directly or through file types.
         - Scripts: Download scripts directory for use throughout the publishing process.
 
-    4. Populate the Package store:
+    4. Populate the Package store by doing the following:
 
         1. Create sparse files on disk that represent the extracted package for any directories listed.
 
-        2. Stage top level files and directories under root.
+        2. Stage top-level files and directories under root.
 
-        3. All other files are created when the directory is listed as sparse on disk and streamed on demand.
+        All other files are created when the directory is listed as sparse on disk and streamed on demand.
 
-    5. Create the machine catalog entries. Create the Manifest.xml and DeploymentConfiguration.xml from the package files (if no DeploymentConfiguration.xml file in the package a placeholder is created).
+    5. Create the machine catalog entries. Create the **Manifest.xml** and **DeploymentConfiguration.xml** from the package files (if no **DeploymentConfiguration.xml** file in the package a placeholder is created).
 
     6. Create location of the package store in the registry HKLM\\Software\\Microsoft\\AppV\\Client\\Packages\\PkgGUID\\Versions\\VerGUID\\Catalog
 
-    7. Create the Registry.dat file from the package store to %ProgramData%\\Microsoft\\AppV\\Client\\VReg\\{VersionGUID}.dat
+    7. Create the **Registry.dat** file from the package store to **%ProgramData%\\Microsoft\\AppV\\Client\\VReg\\{VersionGUID}.dat**
 
-    8. Register the package with the App-V Kernal Mode Driver HKLM\\Microsoft\\Software\\AppV\\MAV
+    8. Register the package with the App-V Kernal Mode Driver at HKLM\\Microsoft\\Software\\AppV\\MAV
 
-    9. Invoke scripting from the AppxManifest.xml or DeploymentConfig.xml file for Package Add timing.
+    9. Invoke scripting from the **AppxManifest.xml** or **DeploymentConfig.xml** file for Package Add timing.
 
 4. Configure Connection Groups by adding and enabling or disabling.
 
@@ -674,21 +674,21 @@ Adding an App-V package to the client is the first step of the publishing refres
     >[!NOTE]
     >This condition occurs as a product of removal without unpublishing with background addition of the package.
 
-This completes an App-V package add of the publishing refresh process. The next step is publishing the package to the specific target (machine or user).
+This completes an App-V package add for the publishing refresh process. The next step is publishing the package to a specific target (machine or user).
 
-![package add file and registry data](images/packageaddfileandregistrydata.png)
+![Package add file and registry data](images/packageaddfileandregistrydata.png)
 
 #### Publishing an App-V package
 
-During the Publishing Refresh operation, the specific publishing operation (Publish-AppVClientPackage) adds entries to the user catalog, maps entitlement to the user, identifies the local store, and finishes by completing any integration steps. The following are the detailed steps.
+During the Publishing Refresh operation, the specific publishing operation, **Publish-AppVClientPackage**, adds entries to the user catalog, maps entitlement to the user, identifies the local store, and finishes by completing any integration steps.
 
 #### How to publish an App-V package
 
 1. Package entries are added to the user catalog
 
-    1. User targeted packages: the UserDeploymentConfiguration.xml and UserManifest.xml are placed on the machine in the User Catalog
+    1. User targeted packages: the **UserDeploymentConfiguration.xml** and **UserManifest.xml** are placed on the machine in the User Catalog.
 
-    2. Machine targeted (global) packages: the UserDeploymentConfiguration.xml is placed in the Machine Catalog
+    2. Machine targeted (global) packages: the **UserDeploymentConfiguration.xml** is placed in the Machine Catalog.
 
 2. Register the package with the kernel mode driver for the user at HKLM\\Software\\Microsoft\\AppV\\MAV
 
@@ -705,7 +705,7 @@ During the Publishing Refresh operation, the specific publishing operation (Publ
 
     3. Run scripts targeted for publishing timing.
 
-Publishing an App-V Package that is part of a Connection Group is very similar to the above process. For connection groups, the path that stores the specific catalog information includes PackageGroups as a child of the Catalog Directory. Review the machine and users catalog information above for details.
+Publishing an App-V Package that is part of a Connection Group is very similar to the above process. For connection groups, the path that stores the specific catalog information includes PackageGroups as a child of the Catalog Directory. Review the machine and users catalog information in the preceding sections for details.
 
 ![package add file and registry data - global](images/packageaddfileandregistrydata-global.png)
 
@@ -719,8 +719,8 @@ After the Publishing Refresh process, the user launches and subsequently re-laun
 
 2. The App-V Client verifies existence in the User Catalog for the following files
 
-    - UserDeploymentConfiguration.xml
-    - UserManifest.xml
+    - **UserDeploymentConfiguration.xml**
+    - **UserManifest.xml**
 
 3. If the files are present, the application is entitled for that specific user and the application will start the process for launch. There is no network traffic at this point.
 
@@ -736,7 +736,7 @@ After the Publishing Refresh process, the user launches and subsequently re-laun
 
 ### Upgrading an App-V package
 
-The App-V package upgrade process differs from the older versions of App-V. App-V supports multiple versions of the same package on a machine entitled to different users. Package versions can be added at any time as the package store and catalogs are updated with the new resources. The only process specific to the addition of new version resources is storage optimization. During an upgrade, only the new files are added to the new version store location and hard links are created for unchanged files. This reduces the overall storage by only presenting the file on one disk location and then projecting it into all folders with a file location entry on the disk. The specific details of upgrading an App-V Package are as follows:
+The App-V package upgrade process in the current version of App-V differs from the older versions. App-V supports multiple versions of the same package on a machine entitled to different users. Package versions can be added at any time, as the package store and catalogs are updated with the new resources. The only process specific to the addition of new version resources is storage optimization. During an upgrade, only new files are added to the new version store location, and hard links are created for unchanged files. This reduces overall storage by only presenting the file on one disk location and then projecting it into all folders with a file location entry on the disk.
 
 #### How to upgrade an App-V package
 
@@ -744,9 +744,9 @@ The App-V package upgrade process differs from the older versions of App-V. App-
 
 2. Package entries are added to the appropriate catalog for the new version
 
-    1. User targeted packages: the UserDeploymentConfiguration.xml and UserManifest.xml are placed on the machine in the user catalog at appdata\\roaming\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID
+    1. User targeted packages: the **UserDeploymentConfiguration.xml** and **UserManifest.xml** are placed on the machine in the user catalog at appdata\\roaming\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID
 
-    2. Machine targeted (global) packages: the UserDeploymentConfiguration.xml is placed in the machine catalog at %programdata%\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID
+    2. Machine targeted (global) packages: the **UserDeploymentConfiguration.xml** is placed in the machine catalog at %programdata%\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID
 
 3. Register the package with the kernel mode driver for the user at HKLM\\Software\\Microsoft\\AppV\\MAV
 
@@ -762,11 +762,11 @@ The App-V package upgrade process differs from the older versions of App-V. App-
 
 5. Run scripts targeted for publishing timing.
 
-6. Install Side by Side assemblies as required.
+6. Install Side-by-Side assemblies as required.
 
 ### Upgrading an in-use App-V package
 
-If you try to upgrade a package that is in use by an end user, the upgrade task is placed in a pending state. The upgrade will run later, according to the following rules:
+If you try to upgrade a package that is currently in use, the upgrade task is placed in a pending state. The upgrade will run later, according to the following rules:
 
 | Task type | Applicable rule |
 |---|---|
@@ -784,19 +784,19 @@ The following operations must be completed before users can use the newer versio
 
 | Task | Details |
 |---|---|
-| Add the package to the computer | This task is computer specific and you can perform it at any time by completing the steps in the Package Add section above. |
-| Publish the package |  See the Package Publishing section above for steps. This process requires that you update extension points on the system. End users cannot be using the application when you complete this task. |
+| Add the package to the computer | This task is computer-specific and you can perform it at any time by completing the steps in [How to add an App-V package](#how-to-add-an-app-v-package). |
+| Publish the package |  See the Package Publishing section above for steps. This process requires that you update extension points on the system. You can't complete this task while the application is in use. |
 
 Use the following example scenarios as a guide for updating packages.
 
 | Scenario | Requirements |
-| - | - |
+|---|---|
 | App-V package is not in use when you try to upgrade | None of the following components of the package can be in use: virtual application, COM server, or shell extensions.<br/><br/>The administrator publishes a newer version of the package and the upgrade works the next time a component or application inside the package is launched. The new version of the package is streamed and ran. |
-| App-V package is in use when the administrator publishes a newer version of the package | The upgrade operation is set to pending by the App-V Client, which means that it is queued and carried out later when the package is not in use.<br/><br/>If the package application is in use, the user shuts down the virtual application, after which the upgrade can occur.<br/><br/>If the package has shell extensions, which are permanently loaded by Windows Explorer, the user cannot be logged in. Users must log off and the log back in to initiate the App-V package upgrade.|
+| App-V package is in use when the administrator publishes a newer version of the package | The App-V Client sets the operation to "pending," which means that it is queued and will be carried out later when the package is not in use.<br/><br/>If the package application is in use, the user shuts down the virtual application, after which the upgrade can occur.<br/><br/>If the package has shell extensions, which are permanently loaded by Windows Explorer, the user won't be able to sign in. Users must sign off and then sign back in to initiate the App-V package upgrade.|
 
 ### Global vs. user publishing
 
-App-V Packages can be published in one of two ways; User which entitles an App-V package to a specific user or group of users and Global which entitles the App-V package to the entire machine for all users of the machine. Once a package upgrade has been pended and the App-V package is not in use, consider the two types of publishing:
+App-V Packages can be published in one of two ways; as User, which entitles an App-V package to a specific user or group of users, or as Global, which entitles the App-V package to the entire machine for all users of the machine. Once a package upgrade has been pended and the App-V package is not in use, consider the two types of publishing:
 
 - **Globally published**: the application is published to a machine; all users on that machine can use it. The upgrade will happen when the App-V Client Service starts, which effectively means a machine restart.
 - **User published**: the application is published to a user. If there are multiple users on the machine, the application can be published to a subset of the users. The upgrade will happen when the user logs in or when it is published again (periodically, ConfigMgr Policy refresh and evaluation, or an App-V periodic publishing/refresh, or explicitly via Windows PowerShell commands).

From b5931aa815471b28b60dbba895ae37f2bb7e112a Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Thu, 26 Apr 2018 15:45:20 -0700
Subject: [PATCH 08/74] Continued editorial changes

---
 .../appv-application-publishing-and-client-interaction.md     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 137715003d..5e97160b6e 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -796,10 +796,10 @@ Use the following example scenarios as a guide for updating packages.
 
 ### Global vs. user publishing
 
-App-V Packages can be published in one of two ways; as User, which entitles an App-V package to a specific user or group of users, or as Global, which entitles the App-V package to the entire machine for all users of the machine. Once a package upgrade has been pended and the App-V package is not in use, consider the two types of publishing:
+App-V Packages can be published in one of two ways; as user, which entitles an App-V package to a specific user or group of users, or as global, which entitles the App-V package to the entire machine for all users of the machine. Once a package upgrade has been pended and the App-V package is not in use, consider the two types of publishing:
 
 - **Globally published**: the application is published to a machine; all users on that machine can use it. The upgrade will happen when the App-V Client Service starts, which effectively means a machine restart.
-- **User published**: the application is published to a user. If there are multiple users on the machine, the application can be published to a subset of the users. The upgrade will happen when the user logs in or when it is published again (periodically, ConfigMgr Policy refresh and evaluation, or an App-V periodic publishing/refresh, or explicitly via Windows PowerShell commands).
+- **User-published**: the application is published to a user. If there are multiple users on the machine, the application can be published to a subset of the users. The upgrade will happen when the user logs in or when it is published again (periodically, ConfigMgr Policy refresh and evaluation, or an App-V periodic publishing/refresh, or explicitly via Windows PowerShell commands).
 
 ### Removing an App-V package
 

From d420810616a5f6d4dd95a30029e12d4ad4c60b36 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Thu, 26 Apr 2018 16:37:37 -0700
Subject: [PATCH 09/74] Continued editorial changes

---
 ...-application-publishing-and-client-interaction.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 5e97160b6e..ddcc7b70aa 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -799,7 +799,7 @@ Use the following example scenarios as a guide for updating packages.
 App-V Packages can be published in one of two ways; as user, which entitles an App-V package to a specific user or group of users, or as global, which entitles the App-V package to the entire machine for all users of the machine. Once a package upgrade has been pended and the App-V package is not in use, consider the two types of publishing:
 
 - **Globally published**: the application is published to a machine; all users on that machine can use it. The upgrade will happen when the App-V Client Service starts, which effectively means a machine restart.
-- **User-published**: the application is published to a user. If there are multiple users on the machine, the application can be published to a subset of the users. The upgrade will happen when the user logs in or when it is published again (periodically, ConfigMgr Policy refresh and evaluation, or an App-V periodic publishing/refresh, or explicitly via Windows PowerShell commands).
+- **User-published**: the application is published to a user. If there are multiple users on the machine, the application can be published to a subset of the users. The upgrade will happen when the user signs in or when it is published again (periodically, ConfigMgr Policy refresh and evaluation, or an App-V periodic publishing/refresh, or explicitly through Windows PowerShell commands).
 
 ### Removing an App-V package
 
@@ -807,19 +807,19 @@ Removing App-V applications in a Full Infrastructure is an unpublish operation,
 
 ### Repairing an App-V package
 
-The repair operation is very simple but may affect many locations on the machine. The previously mentioned Copy on Write (COW) locations are removed, and extension points are de-integrated and then re-integrated. Please review the COW data placement locations by reviewing where they are registered in the registry. This operation is done automatically and there is no administrative control other than initiating a Repair operation from the App-V Client Console or via Windows PowerShell (Repair-AppVClientPackage).
+The repair operation is easy to do, but may affect many locations on the machine. The previously mentioned Copy on Write (COW) locations are removed, and extension points are deintegrated and then reintegrated. Before repairing, please review where the COW data placement locations are registered in the registry. To perform a Repair operation, all you need to do is initiate it from the App-V Client Console or through the **Repair-AppVClientPackage** PowerShell cmdlet. After that, the operation is completed automatically.
 
 ## Integration of App-V packages
 
 The App-V Client and package architecture provides specific integration with the local operating system during the addition and publishing of packages. Three files define the integration or extension points for an App-V Package:
 
-- AppXManifest.xml: Stored inside of the package with fallback copies stored in the package store and the user profile. Contains the options created during the sequencing process.
-- DeploymentConfig.xml: Provides configuration information of computer and user based integration extension points.
-- UserConfig.xml: A subset of the Deploymentconfig.xml that only provides user- based configurations and only targets user-based extension points.
+- **AppXManifest.xml**: Stored inside of the package with fallback copies stored in the package store and the user profile. Contains the options created during the sequencing process.
+- **DeploymentConfig.xml**: Provides configuration information of computer- and user-based integration extension points.
+- **UserConfig.xml**: A subset of the **Deploymentconfig.xml** that only provides user-based configurations and only targets user-based extension points.
 
 ### Rules of integration
 
-When App-V applications are published to a computer with the App-V Client, some specific actions take place as described in the list below:
+When App-V applications are published to a computer with the App-V Client, some specific actions take place as described in the following list:
 
 - Global Publishing: Shortcuts are stored in the All Users profile location and other extension points are stored in the registry in the HKLM hive.
 - User Publishing: Shortcuts are stored in the current user account profile and other extension points are stored in the registry in the HKCU hive.

From ad1619c6fb6a6dfe13cf6c30da1bc0e31b58b41f Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Mon, 7 May 2018 15:49:48 -0700
Subject: [PATCH 10/74] Continued updating article

---
 ...ation-publishing-and-client-interaction.md | 49 +++++++++----------
 1 file changed, 23 insertions(+), 26 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index ddcc7b70aa..4ffa37db03 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -834,18 +834,18 @@ When App-V applications are published to a computer with the App-V Client, some
 The App-V publishing files (manifest and dynamic configuration) provide several extension points that enable the application to integrate with the local operating system. These extension points perform typical application installation tasks, such as placing shortcuts, creating file type associations, and registering components. As these are virtualized applications that are not installed in the same manner a traditional application, there are some differences. The following is a list of extension points covered in this section:
 
 - Shortcuts
-- File Type Associations
-- Shell Extensions
+- File type associations
+- Shell extensions
 - COM
-- Software Clients
+- Software clients
 - Application capabilities
-- URL Protocol Handler
+- URL Protocol handler
 - AppPath
-- Virtual Application
+- Virtual application
 
 ### Shortcuts
 
-The short cut is one of the basic elements of integration with the OS and is the interface for direct user launch of an App-V application. During the publishing and unpublishing of App-V applications.
+The shortcut is one of the basic elements of integration with the OS and is the interface for direct user launch of an App-V application. During the publishing and unpublishing of App-V applications.
 
 From the package manifest and dynamic configuration XML files, the path to a specific application executable can be found in a section similar to the following:
 
@@ -908,10 +908,9 @@ The App-V Client manages the local operating system File Type Associations durin
 
 >[!NOTE]
 >In this example:
->
-  >- `<Name>.xdp</Name>` is the extension
-  >- `<Name>AcroExch.XDPDoc</Name>` is the ProgId value (which points to the adjoining ProgId)
-  >- `<CommandLine>"[{AppVPackageRoot}]\Reader\AcroRd32.exe" "%1"</CommandLine>` is the command line, which points to the application executable
+>- `<Name>.xdp</Name>` is the extension
+>- `<Name>AcroExch.XDPDoc</Name>` is the ProgId value (which points to the adjoining ProgId)
+>- `<CommandLine>"[{AppVPackageRoot}]\Reader\AcroRd32.exe" "%1"</CommandLine>` is the command line, which points to the application executable
 
 ### Shell extensions
 
@@ -921,10 +920,9 @@ Shell extensions are embedded in the package automatically during the sequencing
 
 - Packages that contain embedded shell extensions must be published globally.
 - The “bitness” of the application, Sequencer, and App-V client must match, or the shell extensions won’t work. For example:
-
-    - The version of the application is 64-bit.
-    - The Sequencer is running on a 64-bit computer.
-    - The package is being delivered to a 64-bit App-V client computer.
+  - The version of the application is 64-bit.
+  - The Sequencer is running on a 64-bit computer.
+  - The package is being delivered to a 64-bit App-V client computer.
 
 The following table displays the supported shell extensions.
 
@@ -943,15 +941,15 @@ The following table displays the supported shell extensions.
 
 The App-V Client supports publishing applications with support for COM integration and virtualization. COM integration allows the App-V Client to register COM objects on the local operating system and virtualization of the objects. For the purposes of this document, the integration of COM objects requires additional detail.
 
-App-V supports registering COM objects from the package to the local operating system with two process types: Out-of-process and in-process. Registering COM objects is accomplished with one or a combination of multiple modes of operation for a specific App-V package that includes off, Isolated, and Integrated. The integrated mode is configured for either the out-of-process or in-process type. Configuration of COM modes and types is accomplished with dynamic configuration files (deploymentconfig.xml or userconfig.xml).
+App-V supports registering COM objects from the package to the local operating system with two process types: Out-of-process and In-process. Registering COM objects is accomplished with one or a combination of multiple modes of operation for a specific App-V package that includes Off, Isolated, and Integrated. Integrated mode is configured for either the Out-of-process or In-process type. Configuration of COM modes and types is accomplished with dynamic configuration files (**deploymentconfig.xml** or **userconfig.xml**).
 
 For details on App-V integration, see [Microsoft Application Virtualization 5.0 Integration](https://blogs.technet.microsoft.com/appv/2013/01/03/microsoft-application-virtualization-5-0-integration).
 
 ### Software clients and application capabilities
 
-App-V supports specific software clients and application capabilities extension points that enable virtualized applications to be registered with the software client of the operating system. This enables users to select default programs for operations like email, instant messaging, and media player. This operation is performed in the control panel with the Set Program Access and Computer Defaults, and configured during sequencing in the manifest or dynamic configuration files. Application capabilities are only supported when the App-V applications are published globally.
+App-V supports specific software clients and application capabilities extension points that enable virtualized applications to be registered with the software client of the operating system. This enables users to select default programs for operations like email, instant messaging, and using the media player. This operation is performed in the control panel with **Set Program Access** and **Computer Defaults**, and configured during sequencing in the manifest or dynamic configuration files. Application capabilities are only supported when the App-V applications are published globally.
 
-Example of software client registration of an App-V based mail client.
+The following is an example of software client registration of an App-V-based mail client.
 
 ```XML
     <SoftwareClients Enabled="true">
@@ -994,15 +992,14 @@ Example of software client registration of an App-V based mail client.
 ```
 
 >[!NOTE]
-In this example:
->
-  >- `<ClientConfiguration EmailEnabled="true" />` is the overall Software Clients setting to integrate Email clients
-  >- `<EMail MakeDefault="true">` is the flag to set a particular Email client as the default Email client
-  >- `<MAPILibrary>[{ProgramFilesX86}]\Mozilla Thunderbird\mozMapi32_InUse.dll</MAPILibrary>` is the MAPI dll registration
+>In this example:
+>- `<ClientConfiguration EmailEnabled="true" />` is the overall Software Clients setting to integrate Email clients.
+>- `<EMail MakeDefault="true">` is the flag to set a particular Email client as the default Email client.
+>- `<MAPILibrary>[{ProgramFilesX86}]\Mozilla Thunderbird\mozMapi32_InUse.dll</MAPILibrary>` is the MAPI dll registration.
 
 ### URL Protocol handler
 
-Applications do not always specifically called virtualized applications utilizing file type invocation. For, example, in an application that supports embedding a mailto: link inside a document or web page, the user clicks on a mailto: link and expects to get their registered mail client. App-V supports URL Protocol handlers that can be registered on a per-package basis with the local operating system. During sequencing, the URL protocol handlers are automatically added to the package.
+Virtual applications don't always specifically utilize file type invocation. For, example, in an application that supports embedding a mailto: link inside a document or web page, the user selects the link expecting to access their registered mail client. App-V supports URL Protocol handlers that can be registered on a per-package basis with the local operating system. During sequencing, the URL Protocol handlers are automatically added to the package.
 
 For situations where there is more than one application that could register the specific URL Protocol handler, the dynamic configuration files can be utilized to modify the behavior and suppress or disable this feature for an application that should not be the primary application launched.
 
@@ -1014,15 +1011,15 @@ The AppPath extension point is configured either in the manifest or in the dynam
 
 ### Virtual application
 
-This subsystem provides a list of applications captured during sequencing which is usually consumed by other App-V components. Integration of extension points belonging to a particular application can be disabled using dynamic configuration files. For example, if a package contains two applications, it is possible to disable all extension points belonging to one application, in order to allow only integration of extension points of other application.
+This subsystem provides a list of applications captured during sequencing which is usually consumed by other App-V components. Integration of extension points belonging to a particular application can be disabled using dynamic configuration files. For example, if a package contains two applications, you can disable all extension points belonging to one application to only allow integration of extension points for the other application.
 
 ### Extension point rules
 
-The extension points described above are integrated into the operating system based on how the packages has been published. Global publishing places extension points in public machine locations, where user publishing places extension points in user locations. For example a shortcut that is created on the desktop and published globally will result in the file data for the shortcut (%Public%\\Desktop) and the registry data (HKLM\\Software\\Classes). The same shortcut would have file data (%UserProfile%\\Desktop) and registry data (HKCU\\Software\\Classes).
+The previously described extension points are integrated into the operating system based on how the packages has been published. Global publishing places extension points in public machine locations, where user publishing places extension points in user locations. For example a shortcut that is created on the desktop and published globally will result in the file data for the shortcut (%Public%\\Desktop) and the registry data (HKLM\\Software\\Classes). The same shortcut would have file data (%UserProfile%\\Desktop) and registry data (HKCU\\Software\\Classes).
 
 Extension points are not all published the same way, where some extension points will require global publishing and others require sequencing on the specific operating system and architecture where they are delivered. Below is a table that describes these two key rules.
 
-|Virtual Extension|Requires target OS Sequencing|Requires Global Publishing|
+|Virtual Extension|Requires target OS sequencing|Requires global publishing|
 |---|:---:|:---:|
 |Shortcut|||
 |File Type Association|||

From 02a04c43352cc265466ed79c82a93a8a9860b794 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Tue, 8 May 2018 11:01:46 -0700
Subject: [PATCH 11/74] Continued text revision

---
 ...plication-publishing-and-client-interaction.md | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 4ffa37db03..2bcdae3587 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -1135,20 +1135,17 @@ Extension points are not all published the same way, where some extension points
 </tbody>
 </table>
 
- 
+## Dynamic configuration processing
 
-## <a href="" id="bkmk-dynamic-config"></a>Dynamic configuration processing
+Deploying App-V packages to a single machine or user is very simple. However, as organizations deploy App-V applications across business lines and geographic and political boundaries, it becomes impossible to sequence all applications with the same settings. App-V was designed to overcome this problem by capturing specific settings and configurations during sequencing in the Manifest file while also supporting modification with Dynamic Configuration files.
 
+App-V dynamic configuration lets you specify a package policy at either the machine or user levels. Dynamic Configuration files enable sequencing engineers to modify the configuration of a package post-sequencing to address the needs of individual groups of users or machines. In some instances, it may be necessary to modify the application to provide proper functionality within the App-V environment. For example, you may need to modify the \_\*config.xml files to allow certain actions to be performed at a specified time while executing the application, like disabling a mailto extension to prevent a virtualized application from overwriting that extension from another application.
 
-Deploying App-V packages to one machine or user is very simple. However, as organizations deploy AppV applications across business lines and geographic and political boundaries, the ability to sequence an application one time with one set of settings becomes impossible. App-V was designed for this scenario, as it captures specific settings and configurations during sequencing in the Manifest file, but also supports modification with Dynamic Configuration files.
-
-App-V dynamic configuration allows for specifying a policy for a package either at the machine level or at the user level. The Dynamic Configuration files enable sequencing engineers to modify the configuration of a package, post-sequencing, to address the needs of individual groups of users or machines. In some instances it may be necessary to make modifications to the application to provide proper functionality within the App-V environment. For example, it may be necessary to make modifications to the \_\*config.xml files to allow certain actions to be performed at a specified time during the execution of the application, like disabling a mailto extension to prevent a virtualized application from overwriting that extension from another application.
-
-App-V Packages contain the Manifest file inside of the appv package file, which is representative of sequencing operations and is the policy of choice unless Dynamic Configuration files are assigned to a specific package. Post-sequencing, the Dynamic Configuration files can be modified to allow the publishing of an application to different desktops or users with different extension points. The two Dynamic Configuration Files are the Dynamic Deployment Configuration (DDC) and Dynamic User Configuration (DUC) files. This section focuses on the combination of the manifest and dynamic configuration files.
+App-V packages contain the Manifest file inside of the appv package file, which is representative of sequencing operations and is the policy of choice unless Dynamic Configuration files are assigned to a specific package. Post-sequencing, the Dynamic Configuration files can be modified to allow an application to be published to different desktops or users with different extension points. The two Dynamic Configuration Files are the Dynamic Deployment Configuration (DDC) and Dynamic User Configuration (DUC) files. This section focuses on the combination of the manifest and dynamic configuration files.
 
 ### Example for dynamic configuration files
 
-The example below shows the combination of the Manifest, Deployment Configuration and User Configuration files after publishing and during normal operation. These examples are abbreviated examples of each of the files. The purpose is show the combination of the files only and not to be a complete description of the specific categories available in each of the files. For more information, download the [App-V Sequencing Guide](https://www.microsoft.com/en-us/download/details.aspx?id=27760).
+The following example shows the combination of the Manifest, Deployment Configuration, and User Configuration files after publishing and during normal operation. These examples are abbreviated examples of each of the files. The purpose is show the combination of the files only, not to be a complete description of the specific categories available in each file. For more information, download the [App-V Sequencing Guide](https://www.microsoft.com/en-us/download/details.aspx?id=27760).
 
 #### Manifest
 
@@ -1218,7 +1215,7 @@ The example below shows the combination of the Manifest, Deployment Configuratio
 
 ## Side-by-side assemblies
 
-App-V supports the automatic packaging of side-by-side (SxS) assemblies during sequencing and deployment on the client during virtual application publishing. App-V supports capturing SxS assemblies during sequencing for assemblies not present on the sequencing machine. And for assemblies consisting of Visual C++ (Version 8 and newer) and/or MSXML run-time, the Sequencer will automatically detect and capture these dependencies even if they were not installed during monitoring. The side-by-side assemblies feature removes the limitations of previous versions of App-V, where the App-V Sequencer did not capture assemblies already present on the sequencing workstation, and privatizing the assemblies which limited to one bit version per package. This behavior resulted in deployed App-V applications to clients missing the required SxS assemblies, causing application launch failures. This forced the packaging process to document and then ensure that all assemblies required for packages were locally installed on the user’s client operating system to ensure support for the virtual applications. Based on the number of assemblies and the lack of application documentation for the required dependencies, this task was both a management and implementation challenge.
+App-V supports automatic packaging of side-by-side (SxS) assemblies during sequencing and deployment on the client during virtual application publishing. App-V supports capturing SxS assemblies during sequencing for assemblies not present on the sequencing machine. For assemblies consisting of Visual C++ (Version 8 and newer) or MSXML run-time, the Sequencer will automatically detect and capture these dependencies even if they weren't installed during monitoring. The side-by-side assemblies feature removes the limitations of previous versions of App-V, where the App-V Sequencer did not capture assemblies already present on the sequencing workstation, and privatizing the assemblies which limited to one bit version per package. This behavior resulted in App-V applications deployed to clients missing the required SxS assemblies, causing application launch failures. This forced the packaging process to document and then ensure that all assemblies required for packages were locally installed on the user’s client operating system to ensure support for the virtual applications. Based on the number of assemblies and the lack of application documentation for the required dependencies, this task was both a management and implementation challenge.
 
 Side-by-side assembly support in App-V has the following features.
 

From 5197bec938d16e628db56b04dc7c210dc4f6ed3c Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Tue, 8 May 2018 13:40:48 -0700
Subject: [PATCH 12/74] Finished first sweep of text edits.

---
 ...ation-publishing-and-client-interaction.md | 20 +++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 2bcdae3587..198ee44fd2 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -1215,30 +1215,30 @@ The following example shows the combination of the Manifest, Deployment Configur
 
 ## Side-by-side assemblies
 
-App-V supports automatic packaging of side-by-side (SxS) assemblies during sequencing and deployment on the client during virtual application publishing. App-V supports capturing SxS assemblies during sequencing for assemblies not present on the sequencing machine. For assemblies consisting of Visual C++ (Version 8 and newer) or MSXML run-time, the Sequencer will automatically detect and capture these dependencies even if they weren't installed during monitoring. The side-by-side assemblies feature removes the limitations of previous versions of App-V, where the App-V Sequencer did not capture assemblies already present on the sequencing workstation, and privatizing the assemblies which limited to one bit version per package. This behavior resulted in App-V applications deployed to clients missing the required SxS assemblies, causing application launch failures. This forced the packaging process to document and then ensure that all assemblies required for packages were locally installed on the user’s client operating system to ensure support for the virtual applications. Based on the number of assemblies and the lack of application documentation for the required dependencies, this task was both a management and implementation challenge.
+App-V supports automatic packaging of side-by-side assemblies during sequencing and deployment on the client during virtual application publishing. App-V also supports capturing side-by-side assemblies during sequencing for assemblies not present on the sequencing machine. For assemblies consisting of Visual C++ (Version 8 and newer) or MSXML run-time, the Sequencer will automatically detect and capture these dependencies even if they weren't installed during monitoring. The side-by-side assemblies feature removes the limitations of previous versions of App-V, where the App-V Sequencer did not capture assemblies already present on the sequencing workstation, and privatizing the assemblies which limited to one bit version per package. This behavior resulted in App-V applications deployed to clients missing the required side-by-side assemblies, causing application launch failures. This forced the packaging process to document and then ensure that all assemblies required for packages were locally installed on the user’s client operating system to ensure support for the virtual applications. Based on the number of assemblies and the lack of application documentation for the required dependencies, this task was both a management and implementation challenge.
 
-Side-by-side assembly support in App-V has the following features.
+Side-by-side assembly support in App-V has the following features:
 
-- Automatic captures of SxS assembly during Sequencing, regardless of whether the assembly was already installed on the sequencing workstation.
-- The App-V Client automatically installs required SxS assemblies to the client computer at publishing time when they are not present.
+- Automatic captures of side-by-side assembly during Sequencing, regardless of whether the assembly was already installed on the sequencing workstation.
+- The App-V Client automatically installs required side-by-side assemblies to the client computer at publishing time if they aren't already installed.
 - The Sequencer reports the VC run-time dependency in Sequencer reporting mechanism.
 - The Sequencer allows opting to not package the assemblies that are already installed on the Sequencer, supporting scenarios where the assemblies have previously been installed on the target computers.
 
-### Automatic publishing of SxS assemblies
+### Automatic publishing of side-by-side assemblies
 
-During publishing of an App-V package with SxS assemblies the App-V Client will check for the presence of the assembly on the machine. If the assembly does not exist, the client will deploy the assembly to the machine. Packages that are part of connection groups will rely on the Side by Side assembly installations that are part of the base packages, as the connection group does not contain any information about assembly installation.
+During publishing of an App-V package with side-by-side assemblies, the App-V Client will check for the presence of the assembly on the machine. If the assembly does not exist, the client will deploy the assembly to the machine. Packages that are part of connection groups will rely on the side-by-side assembly installations in the base packages, as the connection groups don't contain any information about assembly installation.
 
 >[!NOTE]
 >Unpublishing or removing a package with an assembly does not remove the assemblies for that package.
 
 ## Client logging
 
-The App-V client logs information to the Windows Event log in standard ETW format. The specific App-V events can be found in the event viewer, under Applications and Services Logs\\Microsoft\\AppV\\Client.
+The App-V client logs information to the Windows Event log in standard ETW format. The specific App-V events can be found in the event viewer under **Applications and Services Logs\\Microsoft\\AppV\\Client**.
 
-There are three specific categories of events recorded described below.
+There are three specific categories of events recorded:
 
-- **Admin**: Logs events for configurations being applied to the App-V Client, and contains the primary warnings and errors.
-- **Operational**: Logs the general App-V execution and usage of individual components creating an audit log of the App-V operations that have been completed on the App-V Client.
+- **Admin**: Logs events for configurations applied to the App-V Client, and also contains the primary warnings and errors.
+- **Operational**: Logs the general App-V execution and usage of individual components, creating an audit log of the App-V client's completed App-V operations.
 - **Virtual Application**: Logs virtual application launches and use of virtualization subsystems.
 
 ## Have a suggestion for App-V?

From 30288a4b9ff49a3334f04dd433bee0f908b31f56 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Tue, 8 May 2018 14:45:45 -0700
Subject: [PATCH 13/74] Consistent client capitalization

---
 ...ation-publishing-and-client-interaction.md | 30 +++++++++----------
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 198ee44fd2..e8393bccb7 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -12,7 +12,7 @@ ms.date: 04/19/2017
 
 >Applies to: Windows 10, version 1607
 
-This article provides technical information about common App-V client operations and their integration with the local operating system.
+This article provides technical information about common App-V Client operations and their integration with the local operating system.
 
 ## App-V package files created by the Sequencer
 
@@ -22,8 +22,8 @@ The Sequencer creates App-V packages and produces a virtualized application. The
 |---|---|
 |.appv|- The primary package file, which contains the captured assets and state information from the sequencing process.<br>- Architecture of the package file, publishing information, and registry in a tokenized form that can be reapplied to a machine and to a specific user upon delivery.|
 |.MSI|Executable deployment wrapper that you can use to deploy .appv files manually or by using a third-party deployment platform.|
-|_DeploymentConfig.XML|File used to customize the default publishing parameters for all applications in a package that is deployed globally to all users on a computer that is running the App-V client.|
-|_UserConfig.XML|File used to customize the publishing parameters for all applications in a package that is a deployed to a specific user on a computer that is running the App-V client.|
+|_DeploymentConfig.XML|File used to customize the default publishing parameters for all applications in a package that is deployed globally to all users on a computer that is running the App-V Client.|
+|_UserConfig.XML|File used to customize the publishing parameters for all applications in a package that is a deployed to a specific user on a computer that is running the App-V Client.|
 |Report.xml|Summary of messages resulting from the sequencing process, including omitted drivers, files, and registry locations.|
 |.CAB|Optional: Package accelerator file used to automatically rebuild a previously sequenced virtual application package.|
 |.appvt|Optional: Sequencer template file used to retain commonly reused Sequencer settings.|
@@ -53,11 +53,11 @@ The Sequencer creates App-V packages and produces a virtualized application. The
 </tr>
 <tr class="odd">
 <td align="left"><p>_DeploymentConfig.XML</p></td>
-<td align="left"><p>File used to customize the default publishing parameters for all applications in a package that is deployed globally to all users on a computer that is running the App-V client.</p></td>
+<td align="left"><p>File used to customize the default publishing parameters for all applications in a package that is deployed globally to all users on a computer that is running the App-V Client.</p></td>
 </tr>
 <tr class="even">
 <td align="left"><p>_UserConfig.XML</p></td>
-<td align="left"><p>File used to customize the publishing parameters for all applications in a package that is a deployed to a specific user on a computer that is running the App-V client.</p></td>
+<td align="left"><p>File used to customize the publishing parameters for all applications in a package that is a deployed to a specific user on a computer that is running the App-V Client.</p></td>
 </tr>
 <tr class="odd">
 <td align="left"><p>Report.xml</p></td>
@@ -95,9 +95,9 @@ The appv file contains the following folder and files, which are used when creat
 | Registry.dat | DAT File | Registry keys and values captured during the sequencing process for the package.|
 | StreamMap.xml | XML File | List of files for the primary and publishing feature block. The publishing feature block contains the ICO files and required portions of files (EXE and DLL) for publishing the package. When present, the primary feature block includes files that have been optimized for streaming during the sequencing process.|
 
-## App-V client data storage locations
+## App-V Client data storage locations
 
-The App-V client performs tasks to ensure that virtual applications run properly and work like locally installed applications. The process of opening and running virtual applications requires mapping from the virtual file system and registry to ensure the application has the required components of a traditional application expected by users. This section describes the assets that are required to run virtual applications and lists the location where App-V stores the assets.
+The App-V Client performs tasks to ensure that virtual applications run properly and work like locally installed applications. The process of opening and running virtual applications requires mapping from the virtual file system and registry to ensure the application has the required components of a traditional application expected by users. This section describes the assets that are required to run virtual applications and lists the location where App-V stores the assets.
 
 | Name | Location | Description |
 |---|---|---|
@@ -469,11 +469,11 @@ After the initial stream of any publishing data and the primary feature block, r
 
 ### Package upgrades
 
-App-V Packages require updating throughout the lifecycle of the application. App-V Package upgrades are similar to the package publish operation, as each version will be created in its own PackageRoot location: ```%ProgramData%\App-V\{PkgGUID}\{newVerGUID}```. The upgrade operation is optimized by creating hard links to identical- and streamed-files from other versions of the same package.
+App-V Packages require updating throughout the lifecycle of the application. App-V Package upgrades are similar to the package publish operation, as each version will be created in its own PackageRoot location: ```%ProgramData%\App-V\{PkgGUID}\{newVerGUID}```. The upgrade operation is optimized by creating hard links to identical and streamed files from other versions of the same package.
 
 ### Package removal
 
-The behavior of the App-V Client when packages are removed depends on the method used for removal. Using an App-V full infrastructure to unpublish the application, the user catalog files (machine catalog for globally published applications) are removed, but retains the package store location and COW locations. When the Windows PowerShell cmdlet ```Remove-AppVClientPackge``` is used to remove an App-V Package, the package store location is cleaned. Remember that unpublishing an App-V Package from the Management Server does not perform a Remove operation. Neither operation will remove the Package Store package files.
+The App-V Client's behavior when packages are removed depends on the package removal method. Using an App-V full infrastructure to unpublish the application, the user catalog files (machine catalog for globally published applications) are removed, but retains the package store location and COW locations. When the Windows PowerShell cmdlet ```Remove-AppVClientPackge``` is used to remove an App-V Package, the package store location is cleaned. Remember that unpublishing an App-V Package from the Management Server does not perform a Remove operation. Neither operation will remove the Package Store package files.
 
 ## Roaming registry and data
 
@@ -595,7 +595,7 @@ This completes the successful roaming of application settings that are present i
 
 This process will re-create both the local and network locations for AppData and remove the registry record of the time stamp.
 
-## App-V client application lifecycle management
+## App-V Client application lifecycle management
 
 In an App-V Full Infrastructure, after applications are sequenced they are managed and published to users or computers through the App-V Management and Publishing servers. This section details the operations that occur during the common App-V application lifecycle operations (Add, publishing, launch, upgrade, and removal) and the file and registry locations that are changed and modified from the App-V Client perspective. The App-V Client operations are input as PowerShell commands on the computer running the App-V Client.
 
@@ -773,7 +773,7 @@ If you try to upgrade a package that is currently in use, the upgrade task is pl
 | User-based tasks, such as publishing a package to a user | The pending task will be performed after the user logs off and then logs back on. |
 | Globally based tasks, such as enabling a connection group globally | The pending task will be performed when the computer is shut down and then restarted. |
 
-When a task is placed in a pending state, the App-V client also generates a registry key for the pending task, as follows:
+When a task is placed in a pending state, the App-V Client also generates a registry key for the pending task, as follows:
 
 | User-based or globally based task | Where the registry key is generated |
 |---|---|
@@ -919,10 +919,10 @@ Shell extensions are embedded in the package automatically during the sequencing
 #### Requirements for using shell extensions
 
 - Packages that contain embedded shell extensions must be published globally.
-- The “bitness” of the application, Sequencer, and App-V client must match, or the shell extensions won’t work. For example:
+- The “bitness” of the application, Sequencer, and App-V Client must match, or the shell extensions won’t work. For example:
   - The version of the application is 64-bit.
   - The Sequencer is running on a 64-bit computer.
-  - The package is being delivered to a 64-bit App-V client computer.
+  - The package is being delivered to a 64-bit App-V Client computer.
 
 The following table displays the supported shell extensions.
 
@@ -1233,12 +1233,12 @@ During publishing of an App-V package with side-by-side assemblies, the App-V Cl
 
 ## Client logging
 
-The App-V client logs information to the Windows Event log in standard ETW format. The specific App-V events can be found in the event viewer under **Applications and Services Logs\\Microsoft\\AppV\\Client**.
+The App-V Client logs information to the Windows Event log in standard ETW format. The specific App-V events can be found in the event viewer under **Applications and Services Logs\\Microsoft\\AppV\\Client**.
 
 There are three specific categories of events recorded:
 
 - **Admin**: Logs events for configurations applied to the App-V Client, and also contains the primary warnings and errors.
-- **Operational**: Logs the general App-V execution and usage of individual components, creating an audit log of the App-V client's completed App-V operations.
+- **Operational**: Logs the general App-V execution and usage of individual components, creating an audit log of the App-V Client's completed App-V operations.
 - **Virtual Application**: Logs virtual application launches and use of virtualization subsystems.
 
 ## Have a suggestion for App-V?

From 2e4bc8a09387770d2ffdb1e5fddaa1b4c05dc311 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Tue, 8 May 2018 16:14:01 -0700
Subject: [PATCH 14/74] Continued text edit

---
 .../app-v/appv-application-publishing-and-client-interaction.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index e8393bccb7..846ca41788 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -20,7 +20,7 @@ The Sequencer creates App-V packages and produces a virtualized application. The
 
 |File|Description|
 |---|---|
-|.appv|- The primary package file, which contains the captured assets and state information from the sequencing process.<br>- Architecture of the package file, publishing information, and registry in a tokenized form that can be reapplied to a machine and to a specific user upon delivery.|
+|.appv|- The primary package file, which contains captured assets and state information from the sequencing process.<br>- Architecture of the package file, publishing information, and registry in a tokenized form that can be reapplied to a machine and to a specific user upon delivery.|
 |.MSI|Executable deployment wrapper that you can use to deploy .appv files manually or by using a third-party deployment platform.|
 |_DeploymentConfig.XML|File used to customize the default publishing parameters for all applications in a package that is deployed globally to all users on a computer that is running the App-V Client.|
 |_UserConfig.XML|File used to customize the publishing parameters for all applications in a package that is a deployed to a specific user on a computer that is running the App-V Client.|

From 831d50b821c2a56d1b44dd6fd5fc52e52d6f8bbc Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Wed, 9 May 2018 14:19:32 -0700
Subject: [PATCH 15/74] Continued updating text

---
 ...ation-publishing-and-client-interaction.md | 146 +-----------------
 1 file changed, 6 insertions(+), 140 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 846ca41788..741a277cee 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -497,45 +497,8 @@ App-V registry roaming falls into two scenarios, as shown in the following table
 
 |Scenario|Description|
 |---|---|
-|Applications that are run as standard users|When a standard user launches an App-V application, both HKLM and HKCU for App-V applications are stored in the HKCU hive on the machine. This presents as two distinct paths:<br>- HKLM: HKCU\SOFTWARE\Classes\AppV\Client\Packages\\{PkgGUID}\REGISTRY\MACHINE\SOFTWARE<br>- HKCU: HKCU\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\REGISTRY\USER\\{UserSID}\SOFTWARE<br>The locations are enabled for roaming based on the operating system settings.|
-|Applications that are run with elevation|When an application is launched with elevation:<br>- HKLM data is stored in the HKLM hive on the local computer<br>- HKCU data is stored in the User Registry location<br>In this scenario, these settings are not roamed with normal operating system roaming configurations, and the resulting registry keys and values are stored in the following location:<br>- HKLM\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\\{UserSID}\REGISTRY\MACHINE\SOFTWARE<br>- HKCU\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\\Registry\User\\{UserSID}\SOFTWARE|
-
-<table>
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th align="left">Scenario</th>
-<th align="left">Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td align="left"><p>Applications that are run as standard users</p></td>
-<td align="left"><p>When a standard user launches an App-V application, both HKLM and HKCU for App-V applications are stored in the HKCU hive on the machine. This presents as two distinct paths:</p>
-<ul>
-<li><p>HKLM: HKCU\SOFTWARE\Classes\AppV\Client\Packages\\{PkgGUID}\REGISTRY\MACHINE\SOFTWARE</p></li>
-<li><p>HKCU: HKCU\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\REGISTRY\USER\\{UserSID}\SOFTWARE</p></li>
-</ul>
-<p>The locations are enabled for roaming based on the operating system settings.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Applications that are run with elevation</p></td>
-<td align="left"><p>When an application is launched with elevation:</p>
-<ul>
-<li><p>HKLM data is stored in the HKLM hive on the local computer</p></li>
-<li><p>HKCU data is stored in the User Registry location</p></li>
-</ul>
-<p>In this scenario, these settings are not roamed with normal operating system roaming configurations, and the resulting registry keys and values are stored in the following location:</p>
-<ul>
-<li><p>HKLM\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\\{UserSID}\REGISTRY\MACHINE\SOFTWARE</p></li>
-<li><p>HKCU\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\\Registry\User\\{UserSID}\SOFTWARE</p></li>
-</ul></td>
-</tr>
-</tbody>
-</table>
+|Applications that are run as standard users|When a standard user launches an App-V application, both HKLM and HKCU for App-V applications are stored in the HKCU hive on the machine. This presents as two distinct paths:<br><br>- HKLM's location is  HKCU\SOFTWARE\Classes\AppV\Client\Packages\\{PkgGUID}\REGISTRY\MACHINE\SOFTWARE<br>- HKCU's location is HKCU\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\REGISTRY\USER\\{UserSID}\SOFTWARE<br><br>The locations are enabled for roaming based on the operating system settings.|
+|Applications that are run with elevation|When an application is launched with elevation:<br><br>- HKLM data is stored in the HKLM hive on the local computer<br>- HKCU data is stored in the User Registry location<br><br>In this scenario, these settings are not roamed with normal operating system roaming configurations, and the resulting registry keys and values are stored in the following locations:<br><br>- HKLM's location is HKLM\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\\{UserSID}\REGISTRY\MACHINE\SOFTWARE<br>- HKCU's location is  HKCU\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\\Registry\User\\{UserSID}\SOFTWARE|
 
 ### App-V and folder redirection
 
@@ -607,10 +570,10 @@ The App-V application lifecycle tasks are triggered at user sign in (default), m
 
 The publishing refresh process comprises several smaller operations that are performed on the App-V Client. Since App-V is an application virtualization technology and not a task scheduling technology, the Windows Task Scheduler is utilized to enable the process when the user signs in, the machine turns on, and at scheduled intervals. The client configuration during setup listed in the previous section is the preferred method when distributing the client to a large group of computers with the correct settings. These client settings can be configured with the following Windows PowerShell cmdlets:
 
-- **Add-AppVPublishingServer:** Configures the client with an App-V Publishing Server that provides App-V packages.
-- **Set-AppVPublishingServer:** Modifies the current settings for the App-V Publishing Server.
-- **Set-AppVClientConfiguration:** Modifies the currents settings for the App-V Client.
-- **Sync-AppVPublishingServer:** Initiates an App-V Publishing Refresh process manually. This is also utilized in the scheduled tasks created during configuration of the publishing server.
+- **Add-AppVPublishingServer** configures the client with an App-V Publishing Server that provides App-V packages.
+- **Set-AppVPublishingServer** modifies the current settings for the App-V Publishing Server.
+- **Set-AppVClientConfiguration** modifies the currents settings for the App-V Client.
+- **Sync-AppVPublishingServer** initiates an App-V Publishing Refresh process manually. This is also utilized in the scheduled tasks created during configuration of the publishing server.
 
 The following sections will elaborate what goes on during the publishing refresh process.
 
@@ -1038,103 +1001,6 @@ Extension points are not all published the same way, where some extension points
 |Browser Helper Object|X|X|
 |Active X Object|X|X|
 
-<table>
-<colgroup>
-<col width="33%" />
-<col width="33%" />
-<col width="33%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th align="left">Virtual Extension</th>
-<th align="left">Requires target OS Sequencing</th>
-<th align="left">Requires Global Publishing</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td align="left"><p>Shortcut</p></td>
-<td align="left"><p></p></td>
-<td align="left"><p></p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>File Type Association</p></td>
-<td align="left"><p></p></td>
-<td align="left"><p></p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>URL Protocols</p></td>
-<td align="left"><p>X</p></td>
-<td align="left"><p></p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>AppPaths</p></td>
-<td align="left"><p>X</p></td>
-<td align="left"><p></p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>COM Mode</p></td>
-<td align="left"><p></p></td>
-<td align="left"><p></p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Software Client</p></td>
-<td align="left"><p>X</p></td>
-<td align="left"><p></p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>Application Capabilities</p></td>
-<td align="left"><p>X</p></td>
-<td align="left"><p>X</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Context Menu Handler</p></td>
-<td align="left"><p>X</p></td>
-<td align="left"><p>X</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>Drag-and-drop Handler</p></td>
-<td align="left"><p>X</p></td>
-<td align="left"><p></p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Data Object Handler</p></td>
-<td align="left"><p>X</p></td>
-<td align="left"><p></p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>Property Sheet Handler</p></td>
-<td align="left"><p>X</p></td>
-<td align="left"><p></p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Infotip Handler</p></td>
-<td align="left"><p>X</p></td>
-<td align="left"><p></p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>Column Handler</p></td>
-<td align="left"><p>X</p></td>
-<td align="left"><p></p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Shell Extensions</p></td>
-<td align="left"><p>X</p></td>
-<td align="left"><p></p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>Browser Helper Object</p></td>
-<td align="left"><p>X</p></td>
-<td align="left"><p>X</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Active X Object</p></td>
-<td align="left"><p>X</p></td>
-<td align="left"><p>X</p></td>
-</tr>
-</tbody>
-</table>
-
 ## Dynamic configuration processing
 
 Deploying App-V packages to a single machine or user is very simple. However, as organizations deploy App-V applications across business lines and geographic and political boundaries, it becomes impossible to sequence all applications with the same settings. App-V was designed to overcome this problem by capturing specific settings and configurations during sequencing in the Manifest file while also supporting modification with Dynamic Configuration files.

From 04a40479f931832f07c91c28fc5004f5e16eaace Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Thu, 10 May 2018 12:29:40 -0700
Subject: [PATCH 16/74] Continued edits, deleted old duplicate HTML tables

---
 ...ation-publishing-and-client-interaction.md | 130 +-----------------
 1 file changed, 4 insertions(+), 126 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 741a277cee..9cd1577d1f 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -28,53 +28,7 @@ The Sequencer creates App-V packages and produces a virtualized application. The
 |.CAB|Optional: Package accelerator file used to automatically rebuild a previously sequenced virtual application package.|
 |.appvt|Optional: Sequencer template file used to retain commonly reused Sequencer settings.|
 
-<table>
-<colgroup>
-<col width="30%" />
-<col width="70%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th align="left">File</th>
-<th align="left">Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td align="left"><p>.appv</p></td>
-<td align="left"><ul>
-<li><p>The primary package file, which contains the captured assets and state information from the sequencing process.</p></li>
-<li><p>Architecture of the package file, publishing information, and registry in a tokenized form that can be reapplied to a machine and to a specific user upon delivery.</p></li>
-</ul></td>
-</tr>
-<tr class="even">
-<td align="left"><p>.MSI</p></td>
-<td align="left"><p>Executable deployment wrapper that you can use to deploy .appv files manually or by using a third-party deployment platform.</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>_DeploymentConfig.XML</p></td>
-<td align="left"><p>File used to customize the default publishing parameters for all applications in a package that is deployed globally to all users on a computer that is running the App-V Client.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>_UserConfig.XML</p></td>
-<td align="left"><p>File used to customize the publishing parameters for all applications in a package that is a deployed to a specific user on a computer that is running the App-V Client.</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>Report.xml</p></td>
-<td align="left"><p>Summary of messages resulting from the sequencing process, including omitted drivers, files, and registry locations.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>.CAB</p></td>
-<td align="left"><p><em>Optional:</em> Package accelerator file used to automatically rebuild a previously sequenced virtual application package.</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>.appvt</p></td>
-<td align="left"><p><em>Optional:</em> Sequencer template file used to retain commonly reused Sequencer settings.</p></td>
-</tr>
-</tbody>
-</table>
-
-For information about sequencing, see [How to Sequence a New Application with App-V](appv-sequence-a-new-application.md).
+To learn more about sequencing, see [How to Sequence a New Application with App-V](appv-sequence-a-new-application.md).
 
 ## What’s in the appv file?
 
@@ -149,47 +103,6 @@ The App-V Client manages the following two file-based locations:
 |Additional machine catalog location, used when the package is part of a connection group|The following location is in addition to the specific package location mentioned previously as the default storage location:<br></br>```%programdata%\Microsoft\AppV\Client\Catalog\PackageGroups\ConGroupGUID\ConGroupVerGUID```|
 |Additional files in the machine catalog when the package is part of a connection group|- PackageGroupDescriptor.xml<br>- UserPackageGroupDescriptor.xml (globally published Connection Group)|
 
-<table>
-<colgroup>
-<col width="50%" />
-<col width="50%" />
-</colgroup>
-<tbody>
-<tr class="odd">
-<td align="left"><p>Description</p></td>
-<td align="left"><p>Stores package documents that are available to users on the machine, when packages are added and published. However, if a package is “global” at publishing time, the integrations are available to all users.</p>
-<p>If a package is non-global, the integrations are published only for specific users, but there are still global resources that are modified and visible to anyone on the client computer (e.g., the package directory is in a shared disk location).</p>
-<p>If a package is available to a user on the computer (global or non-global), the manifest is stored in the Machine Catalog. When a package is published globally, there is a Dynamic Configuration file, stored in the Machine Catalog; therefore, the determination of whether a package is global is defined according to whether there is a policy file (UserDeploymentConfiguration file) in the Machine Catalog.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Default storage location</p></td>
-<td align="left"><p><code>%programdata%\Microsoft\AppV\Client\Catalog\</code></p>
-<p>This location is not the same as the Package Store location. The Package Store is the golden or pristine copy of the package files.</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>Files in the machine catalog</p></td>
-<td align="left"><ul>
-<li><p>Manifest.xml</p></li>
-<li><p>DeploymentConfiguration.xml</p></li>
-<li><p>UserManifest.xml (Globally Published Package)</p></li>
-<li><p>UserDeploymentConfiguration.xml (Globally Published Package)</p></li>
-</ul></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Additional machine catalog location, used when the package is part of a connection group</p></td>
-<td align="left"><p>The following location is in addition to the specific package location mentioned above:</p>
-<p><code>%programdata%\Microsoft\AppV\Client\Catalog\PackageGroups\ConGroupGUID\ConGroupVerGUID</code></p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>Additional files in the machine catalog when the package is part of a connection group</p></td>
-<td align="left"><ul>
-<li><p>PackageGroupDescriptor.xml</p></li>
-<li><p>UserPackageGroupDescriptor.xml (globally published Connection Group)</p></li>
-</ul></td>
-</tr>
-</tbody>
-</table>
-
 ### User catalog
 
 |||
@@ -200,41 +113,6 @@ The App-V Client manages the following two file-based locations:
 |Additional user catalog location, used when the package is part of a connection group|The following location is in addition to the specific package location mentioned above:<br></br>```appdata\roaming\Microsoft\AppV\Client\Catalog\PackageGroups\PkgGroupGUID\PkgGroupVerGUID```|
 |Additional file in the machine catalog when the package is part of a connection group|```UserPackageGroupDescriptor.xml```|
 
-<table>
-<colgroup>
-<col width="50%" />
-<col width="50%" />
-</colgroup>
-<tbody>
-<tr class="odd">
-<td align="left"><p>Description</p></td>
-<td align="left"><p>Created during the publishing process. Contains information used for publishing the package, and also used at launch to ensure that a package is provisioned to a specific user. Created in a roaming location and includes user-specific publishing information.</p>
-<p>When a package is published for a user, the policy file is stored in the User Catalog. At the same time, a copy of the manifest is also stored in the User Catalog. When a package entitlement is removed for a user, the relevant package files are removed from the User Catalog. Looking at the user catalog, an administrator can view the presence of a Dynamic Configuration file, which indicates that the package is entitled for that user.</p>
-<p>For roaming users, the User Catalog needs to be in a roaming or shared location to preserve the legacy App-V behavior of targeting users by default. Entitlement and policy are tied to a user, not a computer, so they should roam with the user once they are provisioned.</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Default storage location</p></td>
-<td align="left"><p><code>appdata\roaming\Microsoft\AppV\Client\Catalog\Packages\PkgGUID\VerGUID</code></p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>Files in the user catalog</p></td>
-<td align="left"><ul>
-<li><p>UserManifest.xml</p></li>
-<li><p>DynamicConfiguration.xml or UserDeploymentConfiguration.xml</p></li>
-</ul></td>
-</tr>
-<tr class="even">
-<td align="left"><p>Additional user catalog location, used when the package is part of a connection group</p></td>
-<td align="left"><p>The following location is in addition to the specific package location mentioned above:</p>
-<p><code>appdata\roaming\Microsoft\AppV\Client\Catalog\PackageGroups\PkgGroupGUID\PkgGroupVerGUID</code></p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>Additional file in the machine catalog when the package is part of a connection group</p></td>
-<td align="left"><p><code>UserPackageGroupDescriptor.xml</code></p></td>
-</tr>
-</tbody>
-</table>
-
 ### Shortcut backups
 
 During the publishing process, the App-V Client backs up any shortcuts and integration points to ```%AppData%\Microsoft\AppV\Client\Integration\ShortCutBackups```. This backup lets integration points restore to the previous versions when the package is unpublished.
@@ -1103,9 +981,9 @@ The App-V Client logs information to the Windows Event log in standard ETW forma
 
 There are three specific categories of events recorded:
 
-- **Admin**: Logs events for configurations applied to the App-V Client, and also contains the primary warnings and errors.
-- **Operational**: Logs the general App-V execution and usage of individual components, creating an audit log of the App-V Client's completed App-V operations.
-- **Virtual Application**: Logs virtual application launches and use of virtualization subsystems.
+- **Admin** logs events for configurations applied to the App-V Client and also contains the primary warnings and errors.
+- **Operational** logs the general App-V execution and usage of individual components, creating an audit log of the App-V Client's completed App-V operations.
+- **Virtual Application** logs virtual application launches and use of virtualization subsystems.
 
 ## Have a suggestion for App-V?
 

From 606a4e2716e3ae89bdcfab0664cfa603c8e963c3 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Fri, 11 May 2018 17:00:01 -0700
Subject: [PATCH 17/74] Removing HTML tables and sweeping for passive voice

---
 ...de-packages-with-the-management-console.md |   2 +-
 ...appv-administering-appv-with-powershell.md |  14 +--
 ...pplications-with-the-management-console.md |  18 +--
 ...ation-publishing-and-client-interaction.md | 118 +-----------------
 4 files changed, 23 insertions(+), 129 deletions(-)

diff --git a/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md b/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md
index 8c3b04234f..97631d1114 100644
--- a/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md
+++ b/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md
@@ -12,7 +12,7 @@ ms.date: 04/19/2017
 
 >Applies to: Windows 10, version 1607
 
-You can the following procedure to add or upgrade a package to the App-V Management Console. To upgrade a package that already exists in the Management Console, use the following steps and import the upgraded package using the same package **Name**.
+You can use the following procedure to add or upgrade a package to the App-V Management Console. To upgrade a package that already exists in the Management Console, use the following steps and import the upgraded package using the same package **Name**.
 
 ## Add a package to the Management Console
 
diff --git a/windows/application-management/app-v/appv-administering-appv-with-powershell.md b/windows/application-management/app-v/appv-administering-appv-with-powershell.md
index 10327aa2e2..1a003ccf5c 100644
--- a/windows/application-management/app-v/appv-administering-appv-with-powershell.md
+++ b/windows/application-management/app-v/appv-administering-appv-with-powershell.md
@@ -12,11 +12,11 @@ ms.date: 04/19/2017
 
 >Applies to: Windows 10, version 1607
 
-Microsoft Application Virtualization (App-V) provides Windows PowerShell cmdlets, which can help administrators perform various App-V tasks. The following sections provide more information about using Windows PowerShell with App-V.
+Microsoft Application Virtualization (App-V) supports Windows PowerShell cmdlets that give administrators a quick and easy way to manage App-V. The following sections will tell you more about how to use Windows PowerShell with App-V.
 
 ## How to administer App-V with Windows PowerShell
 
-Use the following Windows PowerShell procedures to perform various App-V tasks.
+The following table lists articles that will tell you more about how to use PowerShell for App-V.
 
 |Name|Description|
 |---|---|
@@ -27,22 +27,22 @@ Use the following Windows PowerShell procedures to perform various App-V tasks.
 |[How to apply the user configuration file by using Windows PowerShell](appv-apply-the-user-configuration-file-with-powershell.md)|Describes how to apply a user configuration file with Windows PowerShell.|
 |[How to apply the deployment configuration file by using Windows PowerShell](appv-apply-the-deployment-configuration-file-with-powershell.md)|Describes how to apply a deployment configuration file with Windows PowerShell.|
 |[How to sequence a package by using Windows PowerShell](appv-sequence-a-package-with-powershell.md)|Describes how to create a new package with Windows PowerShell.|
-|[How to create a package accelerator by using Windows PowerShell](appv-create-a-package-accelerator-with-powershell.md)|Describes how to create a package accelerator with Windows PowerShell. You can use package accelerators automatically sequence large, complex applications.|
-|[How to enable reporting on the App-V client by using Windows PowerShell](appv-enable-reporting-on-the-appv-client-with-powershell.md)|Describes how to enable the computer running the App-V client to send reporting information.|
+|[How to create a package accelerator by using Windows PowerShell](appv-create-a-package-accelerator-with-powershell.md)|Describes how to create a package accelerator with Windows PowerShell. You can use package accelerators to automatically sequence large, complex applications.|
+|[How to enable reporting on the App-V client by using Windows PowerShell](appv-enable-reporting-on-the-appv-client-with-powershell.md)|Describes how to enable the computer running the App-V Client to send reporting information.|
 |[How to install the App-V databases and convert the associated security identifiers by using Windows PowerShell](appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md)|Describes how to take an array of account names and to convert each of them to the corresponding SID in standard and hexadecimal formats.|
-|[How to configure the client to receive package and connection groups updates from the publishing server](appv-configure-the-client-to-receive-updates-from-the-publishing-server.md)|Describes how to use Windows PowerShell to configure a client after you deploy the App-V management and publishing servers, and add the required packages and connection groups.|
+|[How to configure the client to receive package and connection groups updates from the publishing server](appv-configure-the-client-to-receive-updates-from-the-publishing-server.md)|Describes how to use Windows PowerShell to configure a client after you have deployed the App-V management and publishing servers and added the required packages and connection groups.|
 
 >[!IMPORTANT]
 >Make sure that any script you execute with your App-V packages matches the execution policy that you have configured for Windows PowerShell.
 
 ## Windows PowerShell error handling
 
-Use the following table for information about Windows PowerShell error handling for App-V.
+The following table describes Windows PowerShell error handling for App-V.
 
 |Event|Action|
 |---|---|
 |Using the **RollbackOnError** attribute with embedded scripts|When you use the **RollbackOnError** attribute with embedded scripts, the attribute is ignored for the following events:<br>- Removing a package<br>- Unpublishing a package<br>- Terminating a virtual environment<br>- Terminating a process|
-|Package name contains **$**|If a package name contains the character ( **$** ), you must use a single-quote ( **'** ), for example,<br>```Add-AppvClientPackage 'Contoso$App.appv'```|
+|Package name contains **$**|If a package name contains the character \$\, you must use a single-quote ( **'** ). <br>For example:<br>```Add-AppvClientPackage 'Contoso$App.appv'```|
 
 ## Have a suggestion for App-V?
 
diff --git a/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md b/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md
index 915933fa98..58e54b4527 100644
--- a/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md
+++ b/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md
@@ -1,6 +1,6 @@
 ---
-title: Administering App-V Virtual Applications by Using the Management Console (Windows 10)
-description: Administering App-V Virtual Applications by Using the Management Console
+title: Administering App-V Virtual Applications by using the Management Console (Windows 10)
+description: Administering App-V Virtual Applications by using the Management Console
 author: MaggiePucciEvans
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
@@ -8,23 +8,23 @@ ms.sitesec: library
 ms.prod: w10
 ms.date: 04/19/2017
 ---
-# Administering App-V Virtual Applications by Using the Management Console
+# Administering App-V Virtual Applications by using the Management Console
 
 >Applies to: Windows 10, version 1607
 
-Use the Microsoft Application Virtualization (App-V) management server to manage packages, connection groups, and package access in your environment. The server publishes application icons, shortcuts, and file type associations to authorized computers that run the App-V client. One or more management servers typically share a common data store for configuration and package information.
+Use the Microsoft Application Virtualization (App-V) management server to manage packages, connection groups, and package access in your environment. The server publishes application icons, shortcuts, and file type associations to authorized computers running the App-V client. One or more management servers typically share a common data store for configuration and package information.
 
 The management server uses Active Directory Domain Services (AD DS) groups to manage user authorization and has SQL Server installed to manage the database and data store.
 
 Because the management servers stream applications to end users on demand, these servers are ideally suited for system configurations that have reliable, high-bandwidth LANs. The management server consists of the following components:
 
-- Management Server—Use the management server to manage packages and connection groups.
-- Publishing Server—Use the publishing server to deploy packages to computers that run the App-V client.
-- Management Database—Use the management database to manage the package access and to publish the server’s synchronization with the management server.
+- The **management server** manages packages and connection groups.
+- The **publishing server** deploys packages to computers running the App-V Client.
+- The **management database** manages the package access publishes the server’s synchronization with the management server.
 
 ## Management Console tasks
 
-The most common tasks that you can perform with the App-V Management console are:
+Here are some articles that can show you how to perform the most common tasks that the App-V Management Console is used for:
 
 - [How to connect to the Management Console](appv-connect-to-the-management-console.md)
 - [How to add or upgrade packages by using the Management Console](appv-add-or-upgrade-packages-with-the-management-console.md)
@@ -48,7 +48,7 @@ The main elements of the App-V Management Console are:
 |Administrators tab|Use the **Administrators** tab to register, add, or remove administrators in your App-V environment.|
 
 >[!IMPORTANT]
->JavaScript must be enabled on the browser that opens the Web Management Console.
+>JavaScript must be enabled on the browser you use to open the Web Management Console.
 
 ## Have a suggestion for App-V?
 
diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 9cd1577d1f..7d6b629a30 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -161,40 +161,6 @@ There are two package registry locations and two connection group locations wher
 |Package|- Machine Registry\Client\Packages\PkgGUID\Versions\VerGuid\Registry\Machine<br>- User Registry Classes\Client\Packages\PkgGUID\Versions\VerGUID\Registry|
 |Native|- Native application registry location|
 
-<table>
-<colgroup>
-<col width="50%" />
-<col width="50%" />
-</colgroup>
-<tbody>
-<tr class="odd">
-<td align="left"><p><strong>Location</strong></p></td>
-<td align="left"><p><strong>Description</strong></p></td>
-</tr>
-<tr class="even">
-<td align="left"><p><strong>COW</strong></p></td>
-<td align="left"><ul>
-<li><p>Machine Registry\Client\Packages\PkgGUID\REGISTRY (Only elevate process can write)</p></li>
-<li><p>User Registry\Client\Packages\PkgGUID\REGISTRY (User Roaming anything written under HKCU except Software\Classes</p></li>
-<li><p>User Registry Classes\Client\Packages\PkgGUID\REGISTRY (HKCU\Software\Classes writes and HKLM for non elevated process)</p></li>
-</ul></td>
-</tr>
-<tr class="odd">
-<td align="left"><p><strong>Package</strong></p></td>
-<td align="left"><ul>
-<li><p>Machine Registry\Client\Packages\PkgGUID\Versions\VerGuid\Registry\Machine</p></li>
-<li><p>User Registry Classes\Client\Packages\PkgGUID\Versions\VerGUID\Registry</p></li>
-</ul></td>
-</tr>
-<tr class="even">
-<td align="left"><p><strong>Native</strong></p></td>
-<td align="left"><ul>
-<li><p>Native application registry location</p></li>
-</ul></td>
-</tr>
-</tbody>
-</table>
-
 #### Connection Group VReg
 
 |Location|Description|
@@ -203,45 +169,11 @@ There are two package registry locations and two connection group locations wher
 |Package|- Machine Registry\Client\PackageGroups\GrpGUID\Versions\VerGUID\REGISTRY<br>- User Registry Classes\Client\PackageGroups\GrpGUID\Versions\VerGUID\REGISTRY|
 |Native|- Native application registry location|
 
-<table>
-<colgroup>
-<col width="50%" />
-<col width="50%" />
-</colgroup>
-<tbody>
-<tr class="odd">
-<td align="left"><p><strong>Location</strong></p></td>
-<td align="left"><p><strong>Description</strong></p></td>
-</tr>
-<tr class="even">
-<td align="left"><p><strong>COW</strong></p></td>
-<td align="left"><ul>
-<li><p>Machine Registry\Client\PackageGroups\GrpGUID\REGISTRY (only elevate process can write)</p></li>
-<li><p>User Registry\Client\PackageGroups\GrpGUID\REGISTRY (Anything written to HKCU except Software\Classes</p></li>
-<li><p>User Registry Classes\Client\PackageGroups\GrpGUID\REGISTRY</p></li>
-</ul></td>
-</tr>
-<tr class="odd">
-<td align="left"><p><strong>Package</strong></p></td>
-<td align="left"><ul>
-<li><p>Machine Registry\Client\PackageGroups\GrpGUID\Versions\VerGUID\REGISTRY</p></li>
-<li><p>User Registry Classes\Client\PackageGroups\GrpGUID\Versions\VerGUID\REGISTRY</p></li>
-</ul></td>
-</tr>
-<tr class="even">
-<td align="left"><p><strong>Native</strong></p></td>
-<td align="left"><ul>
-<li><p>Native application registry location</p></li>
-</ul></td>
-</tr>
-</tbody>
-</table>
-
-There are two COW locations for HKLM; elevated and non-elevated processes. Elevated processes always write HKLM changes to the secure COW under HKLM. Non-elevated processes always write HKLM changes to the non-secure COW under HKCU\\Software\\Classes. When an application reads changes from HKLM, elevated processes will read changes from the secure COW under HKLM. Non-elevated reads from both, favoring the changes made in the unsecure COW first.
+There are two COW locations for HKLM: elevated and non-elevated processes. Elevated processes always write HKLM changes to the secure COW under HKLM. Non-elevated processes always write HKLM changes to the non-secure COW under HKCU\\Software\\Classes. When an application reads changes from HKLM, elevated processes will read changes from the secure COW under HKLM. Non-elevated reads from both, favoring the changes made in the unsecure COW first.
 
 ### Pass-through keys
 
-Pass-through keys enable an administrator to configure certain keys so they can only be read from the native registry, bypassing the Package and COW locations. Pass-through locations are global to the machine (not package specific) and can be configured by adding the path to the key, which should be treated as pass-through to the **REG\_MULTI\_SZ** value called **PassThroughPaths** of the key ```HKLM\Software\Microsoft\AppV\Subsystem\VirtualRegistry```. Any key that appears under this multi-string value (and their children) will be treated as pass-through.
+Pass-through keys enable an administrator to configure certain keys so they can only be read from the native registry, bypassing the Package and COW locations. Pass-through locations are global to the machine (not package-specific) and can be configured by adding the path to the key, which should be treated as pass-through to the **REG\_MULTI\_SZ** value called **PassThroughPaths** of the key ```HKLM\Software\Microsoft\AppV\Subsystem\VirtualRegistry```. Any key that appears under this multi-string value (and their children) will be treated as pass-through.
 
 The following locations are configured as pass-through locations by default:
 
@@ -263,7 +195,7 @@ The following locations are configured as pass-through locations by default:
 
 - HKEY\_CURRENT\_USER\\SOFTWARE\\Policies
 
-The purpose of pass-through keys is to ensure that a virtual application does not write registry data in the VReg that is required for non-virtual applications for successful operation or integration. The Policies key ensures that Group Policy-based settings set by the administrator are utilized and not per package settings. The AppModel key is required for integration with Windows Modern UI-based applications. Administers ideally should not modify any of the default pass-through keys, but in some instances, based on application behavior the admin may need to add additional pass-through keys.
+The purpose of pass-through keys is to ensure that a virtual application does not write registry data in the VReg that is required for non-virtual applications for successful operation or integration. The Policies key ensures that Group Policy-based settings set by the administrator are utilized and not per package settings. The AppModel key is required for integration with Windows Modern UI-based applications. Administers ideally should not modify any of the default pass-through keys, but in some instances, the admin may need to add additional pass-through keys to adjust application behavior.
 
 ## App-V package store behavior
 
@@ -271,7 +203,7 @@ App-V manages the Package Store, which is the location where the expanded asset
 
 ### Add packages
 
-App-V Packages are staged upon addition to the computer with the App-V Client. The App-V Client provides on-demand staging. During publishing or a manual Add-AppVClientPackage, the data structure is built in the package store (c:\\programdata\\App-V\\{PkgGUID}\\{VerGUID}). The package files identified in the publishing block defined in the StreamMap.xml are added to the system and the top level folders and child files staged to ensure proper application assets exist at launch.
+App-V Packages are staged upon addition to the computer with the App-V Client. The App-V Client provides on-demand staging. When publishing or manually entering the **Add-AppVClientPackage** cmdlet, the data structure is built in the package store (C:\\programdata\\App-V\\{PkgGUID}\\{VerGUID}). The package files identified in the publishing block defined in the **StreamMap.xml** file are added to the system, and the top level folders and child files are staged to ensure proper application assets exist at launch.
 
 ### Mounting packages
 
@@ -289,45 +221,7 @@ The App-V Client can be configured to change the default behavior of streaming.
 |PackageSourceRoot|The root override where packages should be streamed from|
 |SharedContentStoreMode|Enables the use of Shared Content Store for VDI scenarios|
 
-<table>
-<colgroup>
-<col width="50%" />
-<col width="50%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th align="left">Policy</th>
-<th align="left">Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td align="left"><p>AllowHighCostLaunch</p></td>
-<td align="left"><p>Allows streaming over 3G and cellular networks</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>AutoLoad</p></td>
-<td align="left"><p>Specifies the Background Load setting:</p>
-<p><strong>0</strong> - Disabled</p>
-<p><strong>1</strong> – Previously Used Packages only</p>
-<p><strong>2</strong> – All Packages</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>PackageInstallationRoot</p></td>
-<td align="left"><p>The root folder for the package store in the local machine</p></td>
-</tr>
-<tr class="even">
-<td align="left"><p>PackageSourceRoot</p></td>
-<td align="left"><p>The root override where packages should be streamed from</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>SharedContentStoreMode</p></td>
-<td align="left"><p>Enables the use of Shared Content Store for VDI scenarios</p></td>
-</tr>
-</tbody>
-</table>
-
-These settings affect the behavior of streaming App-V package assets to the client. By default, App-V only downloads the assets required after downloading the initial publishing and primary feature blocks. There are three specific behaviors around streaming packages that must be explained:
+These settings affect the behavior of streaming App-V package assets to the client. By default, App-V only downloads the assets required after downloading the initial publishing and primary feature blocks. There are three specific behaviors in streaming packages that it's particularly important to understand:
 
 - Background Streaming
 - Optimized Streaming
@@ -335,7 +229,7 @@ These settings affect the behavior of streaming App-V package assets to the clie
 
 ### Background streaming
 
-The Windows PowerShell cmdlet ```Get-AppvClientConfiguration``` can be used to determine the current mode for background streaming with the AutoLoad setting and modified with the cmdlet Set-AppvClientConfiguration or from the registry (HKLM\\SOFTWARE\\Microsoft\\AppV\\ClientStreaming key). Background streaming is a default setting where the Autoload setting is set to download previously used packages. The behavior based on default setting (value=1) downloads App-V data blocks in the background after the application has been launched. This setting can be disabled all together (value=0) or enabled for all packages (value=2), whether they have been launched.
+The Windows PowerShell cmdlet ```Get-AppvClientConfiguration``` can be used to determine the current mode for background streaming with the AutoLoad setting and modified with either the **Set-AppvClientConfiguration** cmdlet or from the registry (HKLM\\SOFTWARE\\Microsoft\\AppV\\ClientStreaming key). Background streaming is a default setting where the Autoload setting is set to download previously used packages. The behavior based on default setting (value=1) downloads App-V data blocks in the background after the application has been launched. This setting can either be disabled altogether (value=0) or enabled for all packages (value=2), regardless of whether they have been launched.
 
 ### Optimized streaming
 

From 234bab4303fb9ee7641925e995ee27e58923add6 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Mon, 14 May 2018 11:13:12 -0700
Subject: [PATCH 18/74] Editorial changes continued

---
 .../appv-application-publishing-and-client-interaction.md   | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 7d6b629a30..b59475bc77 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -245,7 +245,7 @@ App-V Packages require updating throughout the lifecycle of the application. App
 
 ### Package removal
 
-The App-V Client's behavior when packages are removed depends on the package removal method. Using an App-V full infrastructure to unpublish the application, the user catalog files (machine catalog for globally published applications) are removed, but retains the package store location and COW locations. When the Windows PowerShell cmdlet ```Remove-AppVClientPackge``` is used to remove an App-V Package, the package store location is cleaned. Remember that unpublishing an App-V Package from the Management Server does not perform a Remove operation. Neither operation will remove the Package Store package files.
+The App-V Client's behavior when packages are removed depends on the package removal method. Using an App-V full infrastructure to unpublish the application, the user catalog files (machine catalog for globally published applications) are removed, but retains the package store location and COW locations. When the **Remove-AppVClientPackge** Windows PowerShell cmdlet is used to remove an App-V Package, the package store location is cleaned. Remember that unpublishing an App-V Package from the Management Server does not perform a Remove operation. Neither operation will remove the Package Store package files.
 
 ## Roaming registry and data
 
@@ -306,7 +306,7 @@ The current App-V Client VFS driver can't write to network locations, so the App
 
 This process solves the problem of a non-local %AppData% that is not supported by the App-V Client VFS driver. However, the data stored in this new location is not roamed with folder redirection. All changes during the running of the application happen to the local AppData location and must be copied to the redirected location. The detailed steps of this process are:
 
-1. App-V application is shut down, which shuts down the virtual environment.
+1. The App-V application is shut down, which shuts down the virtual environment.
 2. The local cache of the roaming AppData location is compressed and stored in a .zip file.
 3. A time stamp at the end of the .zip packaging process is used to name the file.
 4. The time stamp is recorded in the HKEY\_CURRENT\_USER\\Software\\Microsoft\\AppV\\Client\\Packages\\&lt;GUID&gt;\\AppDataTime registry as the last known AppData time stamp.
@@ -324,7 +324,7 @@ The time stamp is used to determine a “last writer wins” scenario if there i
 
 This completes the successful roaming of application settings that are present in AppData\\Roaming locations. The only other condition that must be addressed is a package repair operation. The details of the process are:
 
-1. During repair, detect if the path to the user’s roaming AppData directory is not local.
+1. During repair, detect if the path to the user’s roaming AppData directory isn't local.
 2. Map the non-local roaming AppData path targets are recreated the expected roaming and local AppData locations.
 3. Delete the time stamp stored in the registry, if present.
 

From c556663ed203d2169c443b71d3a9040fe17bdbe3 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Mon, 14 May 2018 11:19:42 -0700
Subject: [PATCH 19/74] Removed unnecessary hyphen

---
 .../appv-application-publishing-and-client-interaction.md     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index b59475bc77..e1f6e45eab 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -325,10 +325,10 @@ The time stamp is used to determine a “last writer wins” scenario if there i
 This completes the successful roaming of application settings that are present in AppData\\Roaming locations. The only other condition that must be addressed is a package repair operation. The details of the process are:
 
 1. During repair, detect if the path to the user’s roaming AppData directory isn't local.
-2. Map the non-local roaming AppData path targets are recreated the expected roaming and local AppData locations.
+2. Map the non-local roaming AppData path targets, recreating the expected roaming and local AppData locations.
 3. Delete the time stamp stored in the registry, if present.
 
-This process will re-create both the local and network locations for AppData and remove the registry record of the time stamp.
+This process will recreate both the local and network locations for AppData and remove the registry record of the time stamp.
 
 ## App-V Client application lifecycle management
 

From cc50450d9cbd7297e3a5c764ef6c8c30bb71973f Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Mon, 14 May 2018 16:43:32 -0700
Subject: [PATCH 20/74] Continued editorial changes

---
 ...-application-publishing-and-client-interaction.md | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index e1f6e45eab..3f37c1d810 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -436,17 +436,15 @@ During the Publishing Refresh operation, the specific publishing operation, **Pu
         >[!NOTE]
         >This enables restore extension points if the package is unpublished.
 
-
-
     3. Run scripts targeted for publishing timing.
 
-Publishing an App-V Package that is part of a Connection Group is very similar to the above process. For connection groups, the path that stores the specific catalog information includes PackageGroups as a child of the Catalog Directory. Review the machine and users catalog information in the preceding sections for details.
+Publishing an App-V Package that is part of a Connection Group is very similar to the above process. For connection groups, the path that stores the specific catalog information includes PackageGroups as a child of the Catalog Directory. Review the Machine and User Catalog information in the preceding sections for details.
 
 ![package add file and registry data - global](images/packageaddfileandregistrydata-global.png)
 
 ### Application launch
 
-After the Publishing Refresh process, the user launches and subsequently re-launches an App-V application. The process is very simple and optimized to launch quickly with a minimum of network traffic. The App-V Client checks the path to the user catalog for files created during publishing. After rights to launch the package are established, the App-V Client creates a virtual environment, begins streaming any necessary data, and applies the appropriate manifest and deployment configuration files during virtual environment creation. With the virtual environment created and configured for the specific package and application, the application starts.
+After the Publishing Refresh process, the user launches and then relaunches an App-V application. The App-V Client checks the path to the user catalog for files created during publishing. After establishing rights to launch the package, the App-V Client creates a virtual environment, begins streaming any necessary data, and applies the appropriate manifest and deployment configuration files during virtual environment creation. Once the virtual environment created and configured for the specific package and application, the application starts. This might seem like a lot, but the process in action is actually quite fast, and is optimized to minimize network traffic.
 
 #### How to launch App-V applications
 
@@ -471,7 +469,7 @@ After the Publishing Refresh process, the user launches and subsequently re-laun
 
 ### Upgrading an App-V package
 
-The App-V package upgrade process in the current version of App-V differs from the older versions. App-V supports multiple versions of the same package on a machine entitled to different users. Package versions can be added at any time, as the package store and catalogs are updated with the new resources. The only process specific to the addition of new version resources is storage optimization. During an upgrade, only new files are added to the new version store location, and hard links are created for unchanged files. This reduces overall storage by only presenting the file on one disk location and then projecting it into all folders with a file location entry on the disk.
+The current version of App-V's package upgrade process differs from the older versions in its storage optimization. App-V supports multiple versions of the same package on a machine entitled to different users. Package versions can be added at any time, as the package store and catalogs are updated with the new resources. During an upgrade in the new version, only new files are added to the new version store location, and hard links are created for unchanged files. This reduces overall storage by only presenting the file on one disk location, then projecting it into all folders with a file location entry on the disk.
 
 #### How to upgrade an App-V package
 
@@ -602,7 +600,7 @@ As mentioned previously, the App-V shortcuts are placed by default in the user
 
 ### File type associations
 
-The App-V Client manages the local operating system File Type Associations during publishing, which enables users to use file type invocations or to open a file with a specifically registered extension (.docx) to start an App-V application. File type associations are present in the manifest and dynamic configuration files as represented in the example below:
+The App-V Client manages the local operating system File Type Associations during publishing, which enables users to use file type invocations or to open a file with a specifically registered extension (.docx) to start an App-V application. File type associations are present in the manifest and dynamic configuration files, as represented in the following example:
 
 ```XML
 <Extension Category="AppV.FileTypeAssociation">
@@ -654,7 +652,7 @@ Shell extensions are embedded in the package automatically during the sequencing
 #### Requirements for using shell extensions
 
 - Packages that contain embedded shell extensions must be published globally.
-- The “bitness” of the application, Sequencer, and App-V Client must match, or the shell extensions won’t work. For example:
+- The “bitness” of the application, Sequencer, and App-V Client must match, or the shell extensions won’t work. The following example configuration fuflills the matching requirement:
   - The version of the application is 64-bit.
   - The Sequencer is running on a 64-bit computer.
   - The package is being delivered to a 64-bit App-V Client computer.

From d4a48f591e776362d548b6e0bfca73b4a73551e4 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Tue, 15 May 2018 11:14:55 -0700
Subject: [PATCH 21/74] Continued editorial changes

---
 .../appv-application-publishing-and-client-interaction.md   | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 3f37c1d810..6d9f2a6201 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -738,7 +738,7 @@ For situations where there is more than one application that could register the
 
 ### AppPath
 
-The AppPath extension point supports calling App-V applications directly from the operating system. This is typically accomplished from the Run or Start Screen, depending on the operating system, which enables administrators to provide access to App-V applications from operating system commands or scripts without calling the specific path to the executable. It therefore avoids modifying the system path environment variable on all systems, as it is accomplished during publishing.
+The AppPath extension point supports calling App-V applications directly from the operating system. Administrators can provide access to App-V applications from operating system commands or scripts without calling the specific path to the executable from either the Run or Start Screen, depending on the operating system. It therefore avoids modifying the system path environment variable on all systems, as it is accomplished during publishing.
 
 The AppPath extension point is configured either in the manifest or in the dynamic configuration files and is stored in the registry on the local machine during publishing for the user. For additional information on AppPath review: [App Paths - A Virtual Application Extension in App-V 5.0](https://blogs.technet.microsoft.com/virtualworld/2012/12/12/app-paths-a-virtual-application-extension-in-app-v-5-0/).
 
@@ -777,9 +777,9 @@ Deploying App-V packages to a single machine or user is very simple. However, as
 
 App-V dynamic configuration lets you specify a package policy at either the machine or user levels. Dynamic Configuration files enable sequencing engineers to modify the configuration of a package post-sequencing to address the needs of individual groups of users or machines. In some instances, it may be necessary to modify the application to provide proper functionality within the App-V environment. For example, you may need to modify the \_\*config.xml files to allow certain actions to be performed at a specified time while executing the application, like disabling a mailto extension to prevent a virtualized application from overwriting that extension from another application.
 
-App-V packages contain the Manifest file inside of the appv package file, which is representative of sequencing operations and is the policy of choice unless Dynamic Configuration files are assigned to a specific package. Post-sequencing, the Dynamic Configuration files can be modified to allow an application to be published to different desktops or users with different extension points. The two Dynamic Configuration Files are the Dynamic Deployment Configuration (DDC) and Dynamic User Configuration (DUC) files. This section focuses on the combination of the manifest and dynamic configuration files.
+App-V packages contain the Manifest file inside of the App-V Package file, which is representative of sequencing operations and is the policy of choice unless Dynamic Configuration files are assigned to a specific package. Post-sequencing, the Dynamic Configuration files can be modified to allow an application to be published to different desktops or users with different extension points. The two Dynamic Configuration files are the Dynamic Deployment Configuration (DDC) and Dynamic User Configuration (DUC) files. This section focuses on the combination of the manifest and dynamic configuration files.
 
-### Example for dynamic configuration files
+### Examples of dynamic configuration files
 
 The following example shows the combination of the Manifest, Deployment Configuration, and User Configuration files after publishing and during normal operation. These examples are abbreviated examples of each of the files. The purpose is show the combination of the files only, not to be a complete description of the specific categories available in each file. For more information, download the [App-V Sequencing Guide](https://www.microsoft.com/en-us/download/details.aspx?id=27760).
 

From fede32b1fef6f16fa7b7628e764dd627ad373ef2 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Tue, 15 May 2018 13:21:49 -0700
Subject: [PATCH 22/74] Replaced unnecessary uses of "enabled"

---
 ...ation-publishing-and-client-interaction.md | 20 ++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 6d9f2a6201..e4747adc38 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -173,7 +173,7 @@ There are two COW locations for HKLM: elevated and non-elevated processes. Eleva
 
 ### Pass-through keys
 
-Pass-through keys enable an administrator to configure certain keys so they can only be read from the native registry, bypassing the Package and COW locations. Pass-through locations are global to the machine (not package-specific) and can be configured by adding the path to the key, which should be treated as pass-through to the **REG\_MULTI\_SZ** value called **PassThroughPaths** of the key ```HKLM\Software\Microsoft\AppV\Subsystem\VirtualRegistry```. Any key that appears under this multi-string value (and their children) will be treated as pass-through.
+An administrator can use pass-through keys to configure certain keys to only be read from the native registry, bypassing the Package and COW locations. Pass-through locations are global to the machine (not package-specific) and can be configured by adding the path to the key, which should be treated as pass-through to the **REG\_MULTI\_SZ** value called **PassThroughPaths** of the key ```HKLM\Software\Microsoft\AppV\Subsystem\VirtualRegistry```. Any key that appears under this multi-string value (and their children) will be treated as pass-through.
 
 The following locations are configured as pass-through locations by default:
 
@@ -564,7 +564,7 @@ When App-V applications are published to a computer with the App-V Client, some
 
 ### Extension points
 
-The App-V publishing files (manifest and dynamic configuration) provide several extension points that enable the application to integrate with the local operating system. These extension points perform typical application installation tasks, such as placing shortcuts, creating file type associations, and registering components. As these are virtualized applications that are not installed in the same manner a traditional application, there are some differences. The following is a list of extension points covered in this section:
+The App-V publishing files (manifest and dynamic configuration) provide several extension points to integrate the application with the local operating system. These extension points perform typical application installation tasks, such as placing shortcuts, creating file type associations, and registering components. As these are virtualized applications that are not installed in the same manner a traditional application, there are some differences. The following is a list of extension points covered in this section:
 
 - Shortcuts
 - File type associations
@@ -600,7 +600,7 @@ As mentioned previously, the App-V shortcuts are placed by default in the user
 
 ### File type associations
 
-The App-V Client manages the local operating system File Type Associations during publishing, which enables users to use file type invocations or to open a file with a specifically registered extension (.docx) to start an App-V application. File type associations are present in the manifest and dynamic configuration files, as represented in the following example:
+Users can use file type invocations or open a file with a specifically registered extension (.docx) to start an App-V application because the App-V Client manages the local operating system File Type Associations during publishing. File type associations are present in the manifest and dynamic configuration files, as shown in the following example:
 
 ```XML
 <Extension Category="AppV.FileTypeAssociation">
@@ -680,7 +680,7 @@ For details on App-V integration, see [Microsoft Application Virtualization 5.0
 
 ### Software clients and application capabilities
 
-App-V supports specific software clients and application capabilities extension points that enable virtualized applications to be registered with the software client of the operating system. This enables users to select default programs for operations like email, instant messaging, and using the media player. This operation is performed in the control panel with **Set Program Access** and **Computer Defaults**, and configured during sequencing in the manifest or dynamic configuration files. Application capabilities are only supported when the App-V applications are published globally.
+App-V supports specific software clients and application capabilities extension points to register virtualized applications with the operating system's software client. This means users can select default programs for operations like email, instant messaging, and using the media player. This operation is performed in the control panel with **Set Program Access** and **Computer Defaults**, and configured during sequencing in the manifest or dynamic configuration files. Application capabilities are only supported when the App-V applications are published globally.
 
 The following is an example of software client registration of an App-V-based mail client.
 
@@ -775,7 +775,7 @@ Extension points are not all published the same way, where some extension points
 
 Deploying App-V packages to a single machine or user is very simple. However, as organizations deploy App-V applications across business lines and geographic and political boundaries, it becomes impossible to sequence all applications with the same settings. App-V was designed to overcome this problem by capturing specific settings and configurations during sequencing in the Manifest file while also supporting modification with Dynamic Configuration files.
 
-App-V dynamic configuration lets you specify a package policy at either the machine or user levels. Dynamic Configuration files enable sequencing engineers to modify the configuration of a package post-sequencing to address the needs of individual groups of users or machines. In some instances, it may be necessary to modify the application to provide proper functionality within the App-V environment. For example, you may need to modify the \_\*config.xml files to allow certain actions to be performed at a specified time while executing the application, like disabling a mailto extension to prevent a virtualized application from overwriting that extension from another application.
+App-V dynamic configuration lets you specify a package policy at either the machine or user levels. Sequencing engineers can use Dynamic Configuration files to modify the configuration of a package post-sequencing to address the needs of individual groups of users or machines. In some instances, it may be necessary to modify the application to provide proper functionality within the App-V environment. For example, you may need to modify the \_\*config.xml files to allow certain actions to be performed at a specified time while executing the application, like disabling a mailto extension to prevent a virtualized application from overwriting that extension from another application.
 
 App-V packages contain the Manifest file inside of the App-V Package file, which is representative of sequencing operations and is the policy of choice unless Dynamic Configuration files are assigned to a specific package. Post-sequencing, the Dynamic Configuration files can be modified to allow an application to be published to different desktops or users with different extension points. The two Dynamic Configuration files are the Dynamic Deployment Configuration (DDC) and Dynamic User Configuration (DUC) files. This section focuses on the combination of the manifest and dynamic configuration files.
 
@@ -851,18 +851,20 @@ The following example shows the combination of the Manifest, Deployment Configur
 
 ## Side-by-side assemblies
 
-App-V supports automatic packaging of side-by-side assemblies during sequencing and deployment on the client during virtual application publishing. App-V also supports capturing side-by-side assemblies during sequencing for assemblies not present on the sequencing machine. For assemblies consisting of Visual C++ (Version 8 and newer) or MSXML run-time, the Sequencer will automatically detect and capture these dependencies even if they weren't installed during monitoring. The side-by-side assemblies feature removes the limitations of previous versions of App-V, where the App-V Sequencer did not capture assemblies already present on the sequencing workstation, and privatizing the assemblies which limited to one bit version per package. This behavior resulted in App-V applications deployed to clients missing the required side-by-side assemblies, causing application launch failures. This forced the packaging process to document and then ensure that all assemblies required for packages were locally installed on the user’s client operating system to ensure support for the virtual applications. Based on the number of assemblies and the lack of application documentation for the required dependencies, this task was both a management and implementation challenge.
+App-V supports automatic packaging of side-by-side assemblies during sequencing and deployment on the client during virtual application publishing. App-V also supports capturing side-by-side assemblies during sequencing for assemblies not present on the sequencing machine. For assemblies consisting of Visual C++ (Version 8 and newer) or MSXML run-time, the Sequencer will automatically detect and capture these dependencies even if they weren't installed during monitoring.
+
+The side-by-side assemblies feature removes the limitations of previous versions of App-V, where the App-V Sequencer did not capture assemblies already present on the sequencing workstation, and privatized the assemblies, which limited it to one bit version per package. This behavior resulted in App-V applications being deployed to clients missing the required side-by-side assemblies, which led to application launch failures. This forced the packaging process to document and ensure that all assemblies required for packages were locally installed on the user’s client operating system. This task was both a management and implementation challenge due to the number of assemblies and the lack of application documentation for the required dependencies.
 
 Side-by-side assembly support in App-V has the following features:
 
-- Automatic captures of side-by-side assembly during Sequencing, regardless of whether the assembly was already installed on the sequencing workstation.
+- Automatic captures of side-by-side assembly during sequencing, regardless of whether the assembly was already installed on the sequencing workstation.
 - The App-V Client automatically installs required side-by-side assemblies to the client computer at publishing time if they aren't already installed.
 - The Sequencer reports the VC run-time dependency in Sequencer reporting mechanism.
-- The Sequencer allows opting to not package the assemblies that are already installed on the Sequencer, supporting scenarios where the assemblies have previously been installed on the target computers.
+- The Sequencer allows opting to not package assemblies already installed on the Sequencer, supporting scenarios where the assemblies have previously been installed on the target computers.
 
 ### Automatic publishing of side-by-side assemblies
 
-During publishing of an App-V package with side-by-side assemblies, the App-V Client will check for the presence of the assembly on the machine. If the assembly does not exist, the client will deploy the assembly to the machine. Packages that are part of connection groups will rely on the side-by-side assembly installations in the base packages, as the connection groups don't contain any information about assembly installation.
+During publishing of an App-V package with side-by-side assemblies, the App-V Client will check for the presence of the assembly on the machine. If it doesn't detect an assembly, the client will deploy the assembly to the machine. Packages that are part of connection groups will rely on the side-by-side assembly installations in the base packages, as the connection groups don't contain any information about assembly installation.
 
 >[!NOTE]
 >Unpublishing or removing a package with an assembly does not remove the assemblies for that package.

From c8ae649193550e8e3301156dccb723d9a58127db Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Tue, 15 May 2018 13:49:41 -0700
Subject: [PATCH 23/74] Editorial changes

---
 ...istering-virtual-applications-with-the-management-console.md | 2 +-
 .../app-v/appv-application-publishing-and-client-interaction.md | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md b/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md
index 58e54b4527..5abc5df2bd 100644
--- a/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md
+++ b/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md
@@ -48,7 +48,7 @@ The main elements of the App-V Management Console are:
 |Administrators tab|Use the **Administrators** tab to register, add, or remove administrators in your App-V environment.|
 
 >[!IMPORTANT]
->JavaScript must be enabled on the browser you use to open the Web Management Console.
+>The browser you're using to open the Web Management Console must have JavaScript enabled.
 
 ## Have a suggestion for App-V?
 
diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index e4747adc38..5bedf07e80 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -51,7 +51,7 @@ The appv file contains the following folder and files, which are used when creat
 
 ## App-V Client data storage locations
 
-The App-V Client performs tasks to ensure that virtual applications run properly and work like locally installed applications. The process of opening and running virtual applications requires mapping from the virtual file system and registry to ensure the application has the required components of a traditional application expected by users. This section describes the assets that are required to run virtual applications and lists the location where App-V stores the assets.
+The App-V Client performs tasks to keep virtual applications running properly and working like locally installed applications. The process of opening and running virtual applications requires mapping from the virtual file system and registry to ensure the application has the required components of a traditional application expected by users. This section describes the assets that are required to run virtual applications and lists the location where App-V stores the assets.
 
 | Name | Location | Description |
 |---|---|---|

From 089059c61a9cb1c19bbbce1f776a855bc6c1f6a2 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Tue, 15 May 2018 14:30:07 -0700
Subject: [PATCH 24/74] Error fix sweep

---
 ...ation-publishing-and-client-interaction.md | 28 +++++++++----------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 5bedf07e80..9902296574 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -55,15 +55,15 @@ The App-V Client performs tasks to keep virtual applications running properly an
 
 | Name | Location | Description |
 |---|---|---|
-| Package Store | %ProgramData%\App-V| Default location for read only package files|
-| Machine Catalog | %ProgramData%\Microsoft\AppV\Client\Catalog| Contains per-machine configuration documents|
-| User Catalog | %AppData%\Microsoft\AppV\Client\Catalog| Contains per-user configuration documents|
-| Shortcut Backups | %AppData%\Microsoft\AppV\Client\Integration\ShortCutBackups| Stores previous integration points that enable restore on package unpublish|
-| Copy on Write (COW) Roaming | %AppData%\Microsoft\AppV\Client\VFS| Writeable roaming location for package modification|
-| Copy on Write (COW) Local | %LocalAppData%\Microsoft\AppV\Client\VFS| Writeable non-roaming location for package modification|
-| Machine Registry | HKLM\Software\Microsoft\AppV| Contains package state information, including VReg for machine or globally published packages (Machine hive)|
-| User Registry | HKCU\Software\Microsoft\AppV| Contains user package state information including VReg|
-| User Registry Classes | HKCU\Software\Classes\AppV| Contains additional user package state information|
+| Package Store | %ProgramData%\App-V| Default location for read-only package files.|
+| Machine Catalog | %ProgramData%\Microsoft\AppV\Client\Catalog| Contains per-machine configuration documents.|
+| User Catalog | %AppData%\Microsoft\AppV\Client\Catalog| Contains per-user configuration documents.|
+| Shortcut Backups | %AppData%\Microsoft\AppV\Client\Integration\ShortCutBackups| Stores previous integration points that enable restore on package unpublish.|
+| Copy on Write (COW) Roaming | %AppData%\Microsoft\AppV\Client\VFS| Writeable roaming location for package modification.|
+| Copy on Write (COW) Local | %LocalAppData%\Microsoft\AppV\Client\VFS| Writeable non-roaming location for package modification.|
+| Machine Registry | HKLM\Software\Microsoft\AppV| Contains package state information, including VReg for machine or globally published packages (Machine hive).|
+| User Registry | HKCU\Software\Microsoft\AppV| Contains user package state information including VReg.|
+| User Registry Classes | HKCU\Software\Classes\AppV| Contains additional user package state information.|
 
 Additional details for the table are provided in the section below and throughout the document.
 
@@ -97,7 +97,7 @@ The App-V Client manages the following two file-based locations:
 
 |||
 |---|---|
-|Description|Stores package documents that are available to users on the machine, when packages are added and published. However, if a package is “global” at publishing time, the integrations are available to all users.<br></br>If a package is non-global, the integrations are published only for specific users, but there are still global resources that are modified and visible to anyone on the client computer (such as when the package directory is in a shared disk location).<br></br>If a package is available to a user on the computer (global or non-global), the manifest is stored in the Machine Catalog. When a package is published globally, there is a Dynamic Configuration file, stored in the Machine Catalog; therefore, the determination of whether a package is global is defined according to whether there is a policy file (UserDeploymentConfiguration file) in the Machine Catalog.|
+|Description|Stores package documents that are available to users on the machine when packages are added and published. However, if a package is “global” at publishing time, the integrations are available to all users.<br></br>If a package is non-global, the integrations are published only for specific users, but there are still global resources that are modified and visible to anyone on the client computer (such as when the package directory is in a shared disk location).<br></br>If a package is available to a user on the computer (global or non-global), the manifest is stored in the Machine Catalog. When a package is published globally, there is a Dynamic Configuration file, stored in the Machine Catalog; therefore, the determination of whether a package is global is defined according to whether there is a policy file (UserDeploymentConfiguration file) in the Machine Catalog.|
 |Default storage location|```%programdata%\Microsoft\AppV\Client\Catalog\```<br></br>This location is not the same as the Package Store location. The Package Store is the golden or pristine copy of the package files.|
 |Files in the machine catalog|- Manifest.xml<br>- DeploymentConfiguration.xml<br>- UserManifest.xml (Globally Published Package)<br>- UserDeploymentConfiguration.xml (Globally Published Package)|
 |Additional machine catalog location, used when the package is part of a connection group|The following location is in addition to the specific package location mentioned previously as the default storage location:<br></br>```%programdata%\Microsoft\AppV\Client\Catalog\PackageGroups\ConGroupGUID\ConGroupVerGUID```|
@@ -119,7 +119,7 @@ During the publishing process, the App-V Client backs up any shortcuts and integ
 
 ### Copy on Write files
 
-The Package Store contains a pristine copy of the package files that have been streamed from the publishing server. During normal operation of an App-V application, the user or service may require changes to the files. These changes are not made in the package store in order to preserve your ability to repair the application, which removes these changes. These locations, called Copy on Write (COW), support both roaming and non-roaming locations. The location where the modifications are stored depends where the application has been programmed to write changes to in a native experience.
+The Package Store contains a pristine copy of the package files that have been streamed from the publishing server. During normal operation of an App-V application, the user or service may require changes to the files. However, these changes aren't made in the package store to preserve your ability to repair the application, which removes these changes. These locations, called Copy on Write (COW), support both roaming and non-roaming locations. The location where the modifications are stored depends where the application has been programmed to write changes to in a native experience.
 
 ### COW roaming
 
@@ -127,7 +127,7 @@ The COW Roaming location described above stores changes to files and directories
 
 ### COW local
 
-The COW Local location is similar to the roaming location, but the directories and files are not roamed to other computers, even if roaming support has been configured. The COW Local location described above stores changes applicable to typical windows and not the %AppData% location. The directories listed will vary but there will be two locations for any typical Windows locations (for example, Common AppData and Common AppDataS). The **S** signifies the restricted location when the virtual service requests the change as a different elevated user from the logged on users. The non-**S** location stores user based changes.
+The COW Local location is similar to the roaming location, but the directories and files are not roamed to other computers, even if roaming support has been configured. The COW Local location described above stores changes applicable to typical windows and not the %AppData% location. The directories listed will vary but there will be two locations for any typical Windows locations (for example, Common AppData and Common AppDataS). The **S** signifies the restricted location when the virtual service requests the change as a different elevated user from the signed-in users. The non-**S** location stores user-based changes.
 
 ## Package registry
 
@@ -137,7 +137,7 @@ When a new package is added to the App-V Client, a copy of the REGISTRY.DAT file
 
 **Registry.dat from Package Store** > **%ProgramData%\Microsoft\AppV\Client\Vreg\\{VersionGuid}.dat**
 
-When the first application from the package is launched on the client, the client stages or copies the contents out of the hive file, re-creating the package registry data in an alternate location ```HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages\PackageGuid\Versions\VersionGuid\REGISTRY```. The staged registry data has two distinct types of machine data and user data. Machine data is shared across all users on the machine. User data is staged for each user to a userspecific location ```HKCU\Software\Microsoft\AppV\Client\Packages\PackageGuid\Registry\User```. The machine data is ultimately removed at package removal time, and the user data is removed on a user unpublish operation.
+When the first application from the package is launched on the client, the client stages or copies the contents out of the hive file, re-creating the package registry data in an alternate location ```HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages\PackageGuid\Versions\VersionGuid\REGISTRY```. The staged registry data has two distinct types of machine data and user data. Machine data is shared across all users on the machine. User data is staged for each user to a user-specific location ```HKCU\Software\Microsoft\AppV\Client\Packages\PackageGuid\Registry\User```. The machine data is ultimately removed at package removal time, and the user data is removed on a user unpublish operation.
 
 ### Package registry staging vs. connection group registry staging
 
@@ -157,7 +157,7 @@ There are two package registry locations and two connection group locations wher
 
 |Location|Description|
 |---|---|
-|COW|- Machine Registry\Client\Packages\PkgGUID\REGISTRY (Only elevate process can write)<br>- User Registry\Client\Packages\PkgGUID\REGISTRY (User Roaming anything written under HKCU except Software\Classes<br>- User Registry Classes\Client\Packages\PkgGUID\REGISTRY (HKCU\Software\Classes writes and HKLM for non elevated process)|
+|COW|- Machine Registry\Client\Packages\PkgGUID\REGISTRY (Only elevate process can write)<br>- User Registry\Client\Packages\PkgGUID\REGISTRY (User Roaming anything written under HKCU except Software\Classes<br>- User Registry Classes\Client\Packages\PkgGUID\REGISTRY (HKCU\Software\Classes writes and HKLM for non-elevated process)|
 |Package|- Machine Registry\Client\Packages\PkgGUID\Versions\VerGuid\Registry\Machine<br>- User Registry Classes\Client\Packages\PkgGUID\Versions\VerGUID\Registry|
 |Native|- Native application registry location|
 

From 5ef357a7eb359dffbf24dc9e50c20d74bd7a2d98 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Tue, 15 May 2018 15:47:55 -0700
Subject: [PATCH 25/74] Passive voice & editorial changes

---
 ...ation-publishing-and-client-interaction.md | 24 +++++++++----------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 9902296574..cf5a6a46e8 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -147,7 +147,7 @@ The staged registry persists the same way as in the single package case. Staged
 
 ### Virtual registry
 
-The purpose of the virtual registry (VREG) is to provide a single merged view of the package registry and the native registry to applications. It also provides copy-on-write (COW) functionality—that is, any changes made to the registry from the context of a virtual process are made to a separate COW location. This means that the VREG must combine up to three separate registry locations into a single view based on the populated locations in the registry COW -&gt; package -&gt; native. When a request is made for a registry data it will locate in order until it finds the data it was requesting. Meaning if there is a value stored in a COW location it will not proceed to other locations, however, if there is no data in the COW location it will proceed to the Package and then Native location until it finds the appropriate data.
+The purpose of the virtual registry (VREG) is to provide a single merged view of the package registry and the native registry to applications. It also provides copy-on-write (COW) functionality—that is, any changes made to the registry from the context of a virtual process are made to a separate COW location. This means that the VREG must combine up to three separate registry locations into a single view based on the populated locations in the **registry COW** > **package** > **native**. When a request is made for a registry data it will locate in order until it finds the data it was requesting. Meaning if there is a value stored in a COW location it will not proceed to other locations, however, if there is no data in the COW location it will proceed to the Package and then Native location until it finds the appropriate data.
 
 ### Registry locations
 
@@ -241,11 +241,11 @@ After the initial stream of any publishing data and the primary feature block, r
 
 ### Package upgrades
 
-App-V Packages require updating throughout the lifecycle of the application. App-V Package upgrades are similar to the package publish operation, as each version will be created in its own PackageRoot location: ```%ProgramData%\App-V\{PkgGUID}\{newVerGUID}```. The upgrade operation is optimized by creating hard links to identical and streamed files from other versions of the same package.
+App-V Packages require updating throughout the lifecycle of the application. App-V Package upgrades are like the package publish operation, as each version will be created in its own PackageRoot location: ```%ProgramData%\App-V\{PkgGUID}\{newVerGUID}```. The upgrade operation is optimized by creating hard links to identical and streamed files from other versions of the same package.
 
 ### Package removal
 
-The App-V Client's behavior when packages are removed depends on the package removal method. Using an App-V full infrastructure to unpublish the application, the user catalog files (machine catalog for globally published applications) are removed, but retains the package store location and COW locations. When the **Remove-AppVClientPackge** Windows PowerShell cmdlet is used to remove an App-V Package, the package store location is cleaned. Remember that unpublishing an App-V Package from the Management Server does not perform a Remove operation. Neither operation will remove the Package Store package files.
+The App-V Client's behavior when packages are removed depends on the package removal method. Using an App-V full infrastructure to unpublish the application, the user catalog files (machine catalog for globally published applications) are removed, but the package store location and COW locations remain. When the **Remove-AppVClientPackge** Windows PowerShell cmdlet is used to remove an App-V Package, the package store location is cleaned. Remember that unpublishing an App-V Package from the Management Server does not perform a Remove operation. Neither operation will remove the Package Store package files.
 
 ## Roaming registry and data
 
@@ -306,20 +306,20 @@ The current App-V Client VFS driver can't write to network locations, so the App
 
 This process solves the problem of a non-local %AppData% that is not supported by the App-V Client VFS driver. However, the data stored in this new location is not roamed with folder redirection. All changes during the running of the application happen to the local AppData location and must be copied to the redirected location. The detailed steps of this process are:
 
-1. The App-V application is shut down, which shuts down the virtual environment.
-2. The local cache of the roaming AppData location is compressed and stored in a .zip file.
-3. A time stamp at the end of the .zip packaging process is used to name the file.
-4. The time stamp is recorded in the HKEY\_CURRENT\_USER\\Software\\Microsoft\\AppV\\Client\\Packages\\&lt;GUID&gt;\\AppDataTime registry as the last known AppData time stamp.
-5. The folder redirection process is called to evaluate and initiate the .zip file uploaded to the roaming AppData directory.
+1. Shut down the App-V application, which also shuts down the virtual environment.
+2. Compress the local cache of the roaming AppData location and store it in a .zip file.
+3. Use the time stamp at the end of the .zip packaging process to name the file.
+4. Record the time stamp in the HKEY\_CURRENT\_USER\\Software\\Microsoft\\AppV\\Client\\Packages\\&lt;GUID&gt;\\AppDataTime registry as the last known AppData time stamp.
+5. Call the folder redirection process to evaluate and initiate the .zip file uploaded to the roaming AppData directory.
 
-The time stamp is used to determine a “last writer wins” scenario if there is a conflict and is used to optimize the download of the data when the App-V application is published or the virtual environment is started. Folder redirection will make the data available from any other clients covered by the supporting policy and will initiate the process of storing the AppData\\Roaming data to the local AppData location on the client. The detailed processes are:
+The time stamp is used to determine a “last writer wins” scenario if there is a conflict and is used to optimize the download of the data when the App-V application is published, or the virtual environment is started. Folder redirection will make the data available from any other clients covered by the supporting policy and will initiate the process of storing the AppData\\Roaming data to the local AppData location on the client. The detailed processes are:
 
-1. The user starts the virtual environment by starting an application.
+1. The user starts an application, which also starts the virtual environment.
 2. The application’s virtual environment checks for the most recent time stamped .zip file, if present.
-3. The registry is checked for the last known uploaded time stamp, if present.
+3. The virtual environment checks the registry for the last known uploaded time stamp, if present.
 4. The most recent .zip file is downloaded unless the local last known upload time stamp is greater than or equal to the time stamp from the .zip file.
 5. If the local last known upload time stamp is earlier than that of the most recent .zip file in the roaming AppData location, the .zip file is extracted to the local temp directory in the user’s profile.
-6. After the .zip file is successfully extracted, the local cache of the roaming AppData directory is renamed and the new data is moved into place.
+6. After the .zip file is successfully extracted, the local cache of the roaming AppData directory is renamed and the new data moved into place.
 7. The renamed directory is deleted and the application opens with the most recently saved roaming AppData data.
 
 This completes the successful roaming of application settings that are present in AppData\\Roaming locations. The only other condition that must be addressed is a package repair operation. The details of the process are:

From 1774417a72ce5b1166608d4ef6d60d40601fc87d Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Wed, 16 May 2018 10:18:54 -0700
Subject: [PATCH 26/74] Editorial changes

---
 ...ation-publishing-and-client-interaction.md | 28 +++++++++----------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index cf5a6a46e8..969d5c7296 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -298,35 +298,35 @@ The following table shows local and roaming locations, when folder redirection h
 | appv_ROOT | C:\Users\Local\AppData\Local\Microsoft\AppV\Client\VFS\\&lt;GUID&gt;\appv\_ROOT |
 | AppData | \\Fileserver\users\Local\roaming\Microsoft\AppV\Client\VFS\\&lt;GUID&gt;\AppData |
 
-The current App-V Client VFS driver can't write to network locations, so the App-V Client detects the presence of folder redirection and copies the data on the local drive during publishing and when the virtual environment starts. After the user closes the App-V application and the App-V Client closes the virtual environment, the local storage of the VFS AppData is copied back to the network, enabling roaming to additional machines, where the process will be repeated. The detailed steps of the processes are:
+The current App-V Client VFS driver can't write to network locations, so the App-V Client detects the presence of folder redirection and copies the data on the local drive during publishing and when the virtual environment starts. After the user closes the App-V application and the App-V Client closes the virtual environment, the local storage of the VFS AppData is copied back to the network, enabling roaming to additional machines, where the process will be repeated. Here's what happens during the process:
 
 1. During publishing or virtual environment startup, the App-V Client detects the location of the AppData directory.
 2. If the roaming AppData path is local or ino AppData\\Roaming location is mapped, nothing happens.
 3. If the roaming AppData path is not local, the VFS AppData directory is mapped to the local AppData directory.
 
-This process solves the problem of a non-local %AppData% that is not supported by the App-V Client VFS driver. However, the data stored in this new location is not roamed with folder redirection. All changes during the running of the application happen to the local AppData location and must be copied to the redirected location. The detailed steps of this process are:
+This process solves the problem of a non-local %AppData% that is not supported by the App-V Client VFS driver. However, the data stored in this new location is not roamed with folder redirection. All changes during the running of the application happen to the local AppData location and must be copied to the redirected location. The process does the following things:
 
-1. Shut down the App-V application, which also shuts down the virtual environment.
-2. Compress the local cache of the roaming AppData location and store it in a .zip file.
-3. Use the time stamp at the end of the .zip packaging process to name the file.
-4. Record the time stamp in the HKEY\_CURRENT\_USER\\Software\\Microsoft\\AppV\\Client\\Packages\\&lt;GUID&gt;\\AppDataTime registry as the last known AppData time stamp.
-5. Call the folder redirection process to evaluate and initiate the .zip file uploaded to the roaming AppData directory.
+1. Shuts down the App-V application, which also shuts down the virtual environment.
+2. Compresses the local cache of the roaming AppData location and store it in a .zip file.
+3. Uses the time stamp at the end of the .zip packaging process to name the file.
+4. Records the time stamp in the HKEY\_CURRENT\_USER\\Software\\Microsoft\\AppV\\Client\\Packages\\&lt;GUID&gt;\\AppDataTime registry as the last known AppData time stamp.
+5. Calls the folder redirection process to evaluate and initiate the .zip file uploaded to the roaming AppData directory.
 
-The time stamp is used to determine a “last writer wins” scenario if there is a conflict and is used to optimize the download of the data when the App-V application is published, or the virtual environment is started. Folder redirection will make the data available from any other clients covered by the supporting policy and will initiate the process of storing the AppData\\Roaming data to the local AppData location on the client. The detailed processes are:
+The time stamp is used to determine a “last writer wins” scenario if there is a conflict and is used to optimize the download of the data when the App-V application is published, or the virtual environment is started. Folder redirection will make the data available from any other clients covered by the supporting policy and will initiate the process of storing the AppData\\Roaming data to the local AppData location on the client. Here's what happens during the process:
 
 1. The user starts an application, which also starts the virtual environment.
 2. The application’s virtual environment checks for the most recent time stamped .zip file, if present.
 3. The virtual environment checks the registry for the last known uploaded time stamp, if present.
-4. The most recent .zip file is downloaded unless the local last known upload time stamp is greater than or equal to the time stamp from the .zip file.
-5. If the local last known upload time stamp is earlier than that of the most recent .zip file in the roaming AppData location, the .zip file is extracted to the local temp directory in the user’s profile.
+4. The virtual environment downloads the most recent .zip file unless the local last known upload time stamp is greater than or equal to the time stamp from the .zip file.
+5. If the local last known upload time stamp is earlier than that of the most recent .zip file in the roaming AppData location, the virtual environment extracts the .zip file to the local temp directory in the user’s profile.
 6. After the .zip file is successfully extracted, the local cache of the roaming AppData directory is renamed and the new data moved into place.
 7. The renamed directory is deleted and the application opens with the most recently saved roaming AppData data.
 
-This completes the successful roaming of application settings that are present in AppData\\Roaming locations. The only other condition that must be addressed is a package repair operation. The details of the process are:
+This completes the successful roaming of application settings that are present in AppData\\Roaming locations. The only other condition that must be addressed is a package repair operation. The process does the following things:
 
-1. During repair, detect if the path to the user’s roaming AppData directory isn't local.
-2. Map the non-local roaming AppData path targets, recreating the expected roaming and local AppData locations.
-3. Delete the time stamp stored in the registry, if present.
+1. During repair, detects if the path to the user’s roaming AppData directory isn't local.
+2. Maps the non-local roaming AppData path targets, recreating the expected roaming and local AppData locations.
+3. Deletes the time stamp stored in the registry, if present.
 
 This process will recreate both the local and network locations for AppData and remove the registry record of the time stamp.
 

From c4a086a4747f4e1eb12e973917e927554a786233 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Fri, 18 May 2018 15:20:29 -0700
Subject: [PATCH 27/74] Editorial changes

---
 ...ministrator-with-the-management-console.md |  2 +-
 ...de-packages-with-the-management-console.md |  4 +--
 ...ation-publishing-and-client-interaction.md | 32 +++++++++----------
 3 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md b/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md
index 7867900bd3..a7c0447d3e 100644
--- a/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md
+++ b/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md
@@ -22,7 +22,7 @@ Use the following procedures to add or remove an administrator on the Microsoft
 
 ## Remove an administrator using the Management Console
 
-1. Open the Microsoft Application Virtualization (App-V) Management Console and click **Administrators** in the navigation pane. The navigation pane displays a list of AD users and groups that currently have administrative access to the Microsoft Application Virtualization (App-V) server.
+1. Open the Microsoft Application Virtualization (App-V) Management Console and select **Administrators** in the navigation pane. The navigation pane displays a list of AD users and groups that currently have administrative access to the Microsoft Application Virtualization (App-V) server.
 2. Right-click the account to be removed from the list of administrators and select **Remove**.
 
 ## Have a suggestion for App-V?
diff --git a/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md b/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md
index 97631d1114..5f03b7e815 100644
--- a/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md
+++ b/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md
@@ -24,14 +24,14 @@ You can use the following procedure to add or upgrade a package to the App-V Man
 
 2. Select **Add or Upgrade Packages** to specify which package you want to add.
 
-3. Enter the full path to the package that you want to add. Use the UNC or HTTP path format, for example **\\\\servername\\sharename\\foldername\\packagename.appv** or **http<span></span>://server.1234/file.appv**, and then click **Add**.
+3. Enter the full path to the package that you want to add. Use the UNC or HTTP path format, for example **\\\\servername\\sharename\\foldername\\packagename.appv** or **http<span></span>://server.1234/file.appv**, and then select **Add**.
 
     >[!IMPORTANT]
     >You must select a package with the **.appv** file name extension.
 
 4. The page displays the status message **Adding &lt;Packagename&gt;**. Select **IMPORT STATUS** to check the status of a package that you have imported.
 
-    Click **OK** to add the package and close the **Add Package** page. If there was an error during the import, select **Detail** on the **Package Import** page for more information. The newly added package is now available in the **PACKAGES** pane.
+    Select **OK** to add the package and close the **Add Package** page. If there was an error during the import, select **Detail** on the **Package Import** page for more information. The newly added package is now available in the **PACKAGES** pane.
 
 5. Select **Close** to close the **Add or Upgrade Packages** page.
 
diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 969d5c7296..80495b4c66 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -387,11 +387,11 @@ The process then configures the client for package or connection group additions
 
     5. Create the machine catalog entries. Create the **Manifest.xml** and **DeploymentConfiguration.xml** from the package files (if no **DeploymentConfiguration.xml** file in the package a placeholder is created).
 
-    6. Create location of the package store in the registry HKLM\\Software\\Microsoft\\AppV\\Client\\Packages\\PkgGUID\\Versions\\VerGUID\\Catalog
+    6. Create location of the package store in the registry **HKLM\\Software\\Microsoft\\AppV\\Client\\Packages\\PkgGUID\\Versions\\VerGUID\\Catalog**.
 
-    7. Create the **Registry.dat** file from the package store to **%ProgramData%\\Microsoft\\AppV\\Client\\VReg\\{VersionGUID}.dat**
+    7. Create the **Registry.dat** file from the package store to **%ProgramData%\\Microsoft\\AppV\\Client\\VReg\\{VersionGUID}.dat**.
 
-    8. Register the package with the App-V Kernal Mode Driver at HKLM\\Microsoft\\Software\\AppV\\MAV
+    8. Register the package with the App-V Kernal Mode Driver at **HKLM\\Microsoft\\Software\\AppV\\MAV**.
 
     9. Invoke scripting from the **AppxManifest.xml** or **DeploymentConfig.xml** file for Package Add timing.
 
@@ -425,7 +425,7 @@ During the Publishing Refresh operation, the specific publishing operation, **Pu
 
     2. Machine targeted (global) packages: the **UserDeploymentConfiguration.xml** is placed in the Machine Catalog.
 
-2. Register the package with the kernel mode driver for the user at HKLM\\Software\\Microsoft\\AppV\\MAV
+2. Register the package with the kernel mode driver for the user at **HKLM\\Software\\Microsoft\\AppV\\MAV**.
 
 3. Perform integration tasks.
 
@@ -448,7 +448,7 @@ After the Publishing Refresh process, the user launches and then relaunches an A
 
 #### How to launch App-V applications
 
-1. User launches the application by clicking on a shortcut or file type invocation.
+1. User launches the application by selecting a shortcut or file type invocation.
 
 2. The App-V Client verifies existence in the User Catalog for the following files
 
@@ -477,11 +477,11 @@ The current version of App-V's package upgrade process differs from the older ve
 
 2. Package entries are added to the appropriate catalog for the new version
 
-    1. User targeted packages: the **UserDeploymentConfiguration.xml** and **UserManifest.xml** are placed on the machine in the user catalog at appdata\\roaming\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID
+    1. User targeted packages: the **UserDeploymentConfiguration.xml** and **UserManifest.xml** are placed on the machine in the user catalog at **appdata\\roaming\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID**.
 
-    2. Machine targeted (global) packages: the **UserDeploymentConfiguration.xml** is placed in the machine catalog at %programdata%\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID
+    2. Machine targeted (global) packages: the **UserDeploymentConfiguration.xml** is placed in the machine catalog at **%programdata%\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID**.
 
-3. Register the package with the kernel mode driver for the user at HKLM\\Software\\Microsoft\\AppV\\MAV
+3. Register the package with the kernel mode driver for the user at **HKLM\\Software\\Microsoft\\AppV\\MAV**.
 
 4. Perform integration tasks.
 
@@ -536,11 +536,11 @@ App-V Packages can be published in one of two ways; as user, which entitles an A
 
 ### Removing an App-V package
 
-Removing App-V applications in a Full Infrastructure is an unpublish operation, and does not perform a package removal. The process is the same as the publish process above, but instead of adding the removal process reverses the changes that have been made for App-V Packages.
+Removing App-V applications in a Full Infrastructure is an unpublish operation and does not perform a package removal. The process is the same as the publish process above, but instead of adding the removal process reverses the changes that have been made for App-V Packages.
 
 ### Repairing an App-V package
 
-The repair operation is easy to do, but may affect many locations on the machine. The previously mentioned Copy on Write (COW) locations are removed, and extension points are deintegrated and then reintegrated. Before repairing, please review where the COW data placement locations are registered in the registry. To perform a Repair operation, all you need to do is initiate it from the App-V Client Console or through the **Repair-AppVClientPackage** PowerShell cmdlet. After that, the operation is completed automatically.
+The repair operation is easy to do but may affect many locations on the machine. The previously mentioned Copy on Write (COW) locations are removed, and extension points are deintegrated and then reintegrated. Before repairing, please review where the COW data placement locations are registered in the registry. To perform a Repair operation, all you need to do is initiate it from the App-V Client Console or through the **Repair-AppVClientPackage** PowerShell cmdlet. After that, the operation is completed automatically.
 
 ## Integration of App-V packages
 
@@ -560,7 +560,7 @@ When App-V applications are published to a computer with the App-V Client, some
 
     1. App-V packages are given ownership based on the last integrated package where the ownership is passed to the newest published App-V application.
     2. Ownership transfers from one App-V package to another when the owning App-V package is unpublished. This will not initiate a restore of the data or registry.
-    3. Restore the backed up data when the last package is unpublished or removed on a per extension point basis.
+    3. Restore the backed-up data when the last package is unpublished or removed on a per-extension point basis.
 
 ### Extension points
 
@@ -580,7 +580,7 @@ The App-V publishing files (manifest and dynamic configuration) provide several
 
 The shortcut is one of the basic elements of integration with the OS and is the interface for direct user launch of an App-V application. During the publishing and unpublishing of App-V applications.
 
-From the package manifest and dynamic configuration XML files, the path to a specific application executable can be found in a section similar to the following:
+From the package manifest and dynamic configuration XML files, the path to a specific application executable can be found in a section like the following:
 
 ```XML
 <Extension Category="AppV.Shortcut">
@@ -652,7 +652,7 @@ Shell extensions are embedded in the package automatically during the sequencing
 #### Requirements for using shell extensions
 
 - Packages that contain embedded shell extensions must be published globally.
-- The “bitness” of the application, Sequencer, and App-V Client must match, or the shell extensions won’t work. The following example configuration fuflills the matching requirement:
+- The “bitness” of the application, Sequencer, and App-V Client must match, or the shell extensions won’t work. The following example configuration fulfills the matching requirement:
   - The version of the application is 64-bit.
   - The Sequencer is running on a 64-bit computer.
   - The package is being delivered to a 64-bit App-V Client computer.
@@ -663,7 +663,7 @@ The following table displays the supported shell extensions.
 |---|---|
 | Context menu handler | Adds menu items to the context menu. It is called before the context menu is displayed. |
 | Drag-and-drop handler | Controls the action upon right-click drag-and-drop and modifies the context menu that appears. |
-| Drop target handler | Controls the action after a data object is dragged-and-dropped over a drop target such as a file.|
+| Drop target handler | Controls the action after a data object is dragged-and-dropped over a drop target, such as a file.|
 | Data object handler| Controls the action after a file is copied to the clipboard or dragged-and-dropped over a drop target. It can provide additional clipboard formats to the drop target.|
 | Property sheet handler| Replaces or adds pages to the property sheet dialog box of an object.|
 | Infotip handler| Allows retrieving flags and infotip information for an item and displaying it inside a popup tooltip upon mouse-hover.|
@@ -744,11 +744,11 @@ The AppPath extension point is configured either in the manifest or in the dynam
 
 ### Virtual application
 
-This subsystem provides a list of applications captured during sequencing which is usually consumed by other App-V components. Integration of extension points belonging to a particular application can be disabled using dynamic configuration files. For example, if a package contains two applications, you can disable all extension points belonging to one application to only allow integration of extension points for the other application.
+This subsystem provides a list of applications captured during sequencing which is usually consumed by other App-V components. Integration of extension points belonging to a specific application can be disabled using dynamic configuration files. For example, if a package contains two applications, you can disable all extension points belonging to one application to only allow integration of extension points for the other application.
 
 ### Extension point rules
 
-The previously described extension points are integrated into the operating system based on how the packages has been published. Global publishing places extension points in public machine locations, where user publishing places extension points in user locations. For example a shortcut that is created on the desktop and published globally will result in the file data for the shortcut (%Public%\\Desktop) and the registry data (HKLM\\Software\\Classes). The same shortcut would have file data (%UserProfile%\\Desktop) and registry data (HKCU\\Software\\Classes).
+The previously described extension points are integrated into the operating system based on how the packages has been published. Global publishing places extension points in public machine locations, where user publishing places extension points in user locations. For example, a shortcut created on the desktop and published globally will result in the file data for the shortcut (%Public%\\Desktop) and the registry data (HKLM\\Software\\Classes). The same shortcut would have file data (%UserProfile%\\Desktop) and registry data (HKCU\\Software\\Classes).
 
 Extension points are not all published the same way, where some extension points will require global publishing and others require sequencing on the specific operating system and architecture where they are delivered. Below is a table that describes these two key rules.
 

From 9589c5d157cea9f66222e11f289dd6c797389f6c Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Mon, 4 Jun 2018 16:49:34 -0700
Subject: [PATCH 28/74] Removing unnecessary monospace formatting

---
 ...ation-publishing-and-client-interaction.md | 30 +++++++++----------
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 80495b4c66..a3563907c0 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -69,7 +69,7 @@ Additional details for the table are provided in the section below and throughou
 
 ### Package store
 
-The App-V Client manages the applications assets mounted in the package store. This default storage location is `%ProgramData%\App-V`, but you can configure it during or after setup by using the **Set-AppVClientConfiguration** Windows PowerShell cmdlet, which modifies the local registry (`PackageInstallationRoot` value under the `HKLM\Software\Microsoft\AppV\Client\Streaming` key). The package store must be located at a local path on the client operating system. The individual packages are stored in the package store in subdirectories named after the Package GUID and Version GUID.
+The App-V Client manages the applications assets mounted in the package store. This default storage location is %ProgramData%\App-V, but you can configure it during or after setup by using the **Set-AppVClientConfiguration** Windows PowerShell cmdlet, which modifies the local registry (`PackageInstallationRoot` value under the HKLM\Software\Microsoft\AppV\Client\Streaming key). The package store must be located at a local path on the client operating system. The individual packages are stored in the package store in subdirectories named after the Package GUID and Version GUID.
 
 Example of a path to a specific application:
 
@@ -98,9 +98,9 @@ The App-V Client manages the following two file-based locations:
 |||
 |---|---|
 |Description|Stores package documents that are available to users on the machine when packages are added and published. However, if a package is “global” at publishing time, the integrations are available to all users.<br></br>If a package is non-global, the integrations are published only for specific users, but there are still global resources that are modified and visible to anyone on the client computer (such as when the package directory is in a shared disk location).<br></br>If a package is available to a user on the computer (global or non-global), the manifest is stored in the Machine Catalog. When a package is published globally, there is a Dynamic Configuration file, stored in the Machine Catalog; therefore, the determination of whether a package is global is defined according to whether there is a policy file (UserDeploymentConfiguration file) in the Machine Catalog.|
-|Default storage location|```%programdata%\Microsoft\AppV\Client\Catalog\```<br></br>This location is not the same as the Package Store location. The Package Store is the golden or pristine copy of the package files.|
+|Default storage location|%programdata%\Microsoft\AppV\Client\Catalog\<br></br>This location is not the same as the Package Store location. The Package Store is the golden or pristine copy of the package files.|
 |Files in the machine catalog|- Manifest.xml<br>- DeploymentConfiguration.xml<br>- UserManifest.xml (Globally Published Package)<br>- UserDeploymentConfiguration.xml (Globally Published Package)|
-|Additional machine catalog location, used when the package is part of a connection group|The following location is in addition to the specific package location mentioned previously as the default storage location:<br></br>```%programdata%\Microsoft\AppV\Client\Catalog\PackageGroups\ConGroupGUID\ConGroupVerGUID```|
+|Additional machine catalog location, used when the package is part of a connection group|The following location is in addition to the specific package location mentioned previously as the default storage location:<br></br>%programdata%\Microsoft\AppV\Client\Catalog\PackageGroups\ConGroupGUID\ConGroupVerGUID|
 |Additional files in the machine catalog when the package is part of a connection group|- PackageGroupDescriptor.xml<br>- UserPackageGroupDescriptor.xml (globally published Connection Group)|
 
 ### User catalog
@@ -108,14 +108,14 @@ The App-V Client manages the following two file-based locations:
 |||
 |---|---|
 |Description|Created during the publishing process. Contains information used for publishing the package, and for making sure that a package is provisioned to a specific user at launch. Created in a roaming location and includes user-specific publishing information.<br></br>When a package is published for a user, the policy file is stored in the User Catalog. At the same time, a copy of the manifest is also stored in the User Catalog. When a package entitlement is removed for a user, the relevant package files are removed from the User Catalog. Looking at the user catalog, an administrator can view the presence of a Dynamic Configuration file, which indicates that the package is entitled for that user.<br></br>For roaming users, the User Catalog needs to be in a roaming or shared location to preserve the legacy App-V behavior of targeting users by default. Entitlement and policy are tied to a user, not a computer, so they should roam with the user once they are provisioned.|
-|Default storage location|```appdata\roaming\Microsoft\AppV\Client\Catalog\Packages\PkgGUID\VerGUID```|
+|Default storage location|appdata\roaming\Microsoft\AppV\Client\Catalog\Packages\PkgGUID\VerGUID|
 |Files in the user catalog|- UserManifest.xml<br>- DynamicConfiguration.xml or UserDeploymentConfiguration.xml|
-|Additional user catalog location, used when the package is part of a connection group|The following location is in addition to the specific package location mentioned above:<br></br>```appdata\roaming\Microsoft\AppV\Client\Catalog\PackageGroups\PkgGroupGUID\PkgGroupVerGUID```|
-|Additional file in the machine catalog when the package is part of a connection group|```UserPackageGroupDescriptor.xml```|
+|Additional user catalog location, used when the package is part of a connection group|The following location is in addition to the specific package location mentioned above:<br></br>appdata\roaming\Microsoft\AppV\Client\Catalog\PackageGroups\PkgGroupGUID\PkgGroupVerGUID|
+|Additional file in the machine catalog when the package is part of a connection group|**UserPackageGroupDescriptor.xml**|
 
 ### Shortcut backups
 
-During the publishing process, the App-V Client backs up any shortcuts and integration points to ```%AppData%\Microsoft\AppV\Client\Integration\ShortCutBackups```. This backup lets integration points restore to the previous versions when the package is unpublished.
+During the publishing process, the App-V Client backs up any shortcuts and integration points to %AppData%\Microsoft\AppV\Client\Integration\ShortCutBackups. This backup lets integration points restore to the previous versions when the package is unpublished.
 
 ### Copy on Write files
 
@@ -133,11 +133,11 @@ The COW Local location is similar to the roaming location, but the directories a
 
 Before an application can access the package registry data, the App-V Client must make the package registry data available to the applications. The App-V Client uses the real registry as a backing store for all registry data.
 
-When a new package is added to the App-V Client, a copy of the REGISTRY.DAT file from the package is created at ```%ProgramData%\Microsoft\AppV\Client\VREG\{Version GUID}.dat```. The name of the file is the version GUID with the .DAT extension. The reason this copy is made is to ensure that the actual hive file in the package is never in use, which would prevent the removal of the package at a later time.
+When a new package is added to the App-V Client, a copy of the REGISTRY.DAT file from the package is created at %ProgramData%\Microsoft\AppV\Client\VREG\{Version GUID}.dat. The name of the file is the version GUID with the .DAT extension. The reason this copy is made is to ensure that the actual hive file in the package is never in use, which would prevent the removal of the package at a later time.
 
 **Registry.dat from Package Store** > **%ProgramData%\Microsoft\AppV\Client\Vreg\\{VersionGuid}.dat**
 
-When the first application from the package is launched on the client, the client stages or copies the contents out of the hive file, re-creating the package registry data in an alternate location ```HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages\PackageGuid\Versions\VersionGuid\REGISTRY```. The staged registry data has two distinct types of machine data and user data. Machine data is shared across all users on the machine. User data is staged for each user to a user-specific location ```HKCU\Software\Microsoft\AppV\Client\Packages\PackageGuid\Registry\User```. The machine data is ultimately removed at package removal time, and the user data is removed on a user unpublish operation.
+When the first application from the package is launched on the client, the client stages or copies the contents out of the hive file, re-creating the package registry data in an alternate location under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages\PackageGuid\Versions\VersionGuid\REGISTRY. The staged registry data has two distinct types of machine data and user data. Machine data is shared across all users on the machine. User data is staged for each user to a user-specific location HKCU\Software\Microsoft\AppV\Client\Packages\PackageGuid\Registry\User. The machine data is ultimately removed at package removal time, and the user data is removed on a user unpublish operation.
 
 ### Package registry staging vs. connection group registry staging
 
@@ -173,7 +173,7 @@ There are two COW locations for HKLM: elevated and non-elevated processes. Eleva
 
 ### Pass-through keys
 
-An administrator can use pass-through keys to configure certain keys to only be read from the native registry, bypassing the Package and COW locations. Pass-through locations are global to the machine (not package-specific) and can be configured by adding the path to the key, which should be treated as pass-through to the **REG\_MULTI\_SZ** value called **PassThroughPaths** of the key ```HKLM\Software\Microsoft\AppV\Subsystem\VirtualRegistry```. Any key that appears under this multi-string value (and their children) will be treated as pass-through.
+An administrator can use pass-through keys to configure certain keys to only be read from the native registry, bypassing the Package and COW locations. Pass-through locations are global to the machine (not package-specific) and can be configured by adding the path to the key, which should be treated as pass-through to the **REG\_MULTI\_SZ** value called **PassThroughPaths** of the key HKLM\Software\Microsoft\AppV\Subsystem\VirtualRegistry. Any key that appears under this multi-string value (and their children) will be treated as pass-through.
 
 The following locations are configured as pass-through locations by default:
 
@@ -211,7 +211,7 @@ Packages can be explicitly loaded by entering the  **Mount-AppVClientPackage** P
 
 ### Streaming packages
 
-The App-V Client can be configured to change the default behavior of streaming. All streaming policies are stored under the following registry key: ```HKEY_LOCAL_MACHINE\Software\Microsoft\AppV\Client\Streaming```. Policies are set by entering the **Set-AppvClientConfiguration** PowerShell cmdlet. The following policies apply to streaming:
+The App-V Client can be configured to change the default behavior of streaming. All streaming policies are stored under the following registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\AppV\Client\Streaming. Policies are set by entering the **Set-AppvClientConfiguration** PowerShell cmdlet. The following policies apply to streaming:
 
 |Policy|Description|
 |---|---|
@@ -229,7 +229,7 @@ These settings affect the behavior of streaming App-V package assets to the clie
 
 ### Background streaming
 
-The Windows PowerShell cmdlet ```Get-AppvClientConfiguration``` can be used to determine the current mode for background streaming with the AutoLoad setting and modified with either the **Set-AppvClientConfiguration** cmdlet or from the registry (HKLM\\SOFTWARE\\Microsoft\\AppV\\ClientStreaming key). Background streaming is a default setting where the Autoload setting is set to download previously used packages. The behavior based on default setting (value=1) downloads App-V data blocks in the background after the application has been launched. This setting can either be disabled altogether (value=0) or enabled for all packages (value=2), regardless of whether they have been launched.
+The Windows PowerShell cmdlet **Get-AppvClientConfiguration** can be used to determine the current mode for background streaming with the AutoLoad setting and modified with either the **Set-AppvClientConfiguration** cmdlet or from the registry (HKLM\\SOFTWARE\\Microsoft\\AppV\\ClientStreaming key). Background streaming is a default setting where the Autoload setting is set to download previously used packages. The behavior based on default setting (value=1) downloads App-V data blocks in the background after the application has been launched. This setting can either be disabled altogether (value=0) or enabled for all packages (value=2), regardless of whether they have been launched.
 
 ### Optimized streaming
 
@@ -241,7 +241,7 @@ After the initial stream of any publishing data and the primary feature block, r
 
 ### Package upgrades
 
-App-V Packages require updating throughout the lifecycle of the application. App-V Package upgrades are like the package publish operation, as each version will be created in its own PackageRoot location: ```%ProgramData%\App-V\{PkgGUID}\{newVerGUID}```. The upgrade operation is optimized by creating hard links to identical and streamed files from other versions of the same package.
+App-V Packages require updating throughout the lifecycle of the application. App-V Package upgrades are like the package publish operation, as each version will be created in its own PackageRoot location: %ProgramData%\App-V\{PkgGUID}\{newVerGUID}. The upgrade operation is optimized by creating hard links to identical and streamed files from other versions of the same package.
 
 ### Package removal
 
@@ -256,12 +256,12 @@ App-V is able to provide a near-native experience when roaming, depending on how
 App-V stores data, which represents the state of the user’s catalog, in the form of:
 
 - Files under %appdata%\\Microsoft\\AppV\\Client\\Catalog
-- Registry settings under `HKEY_CURRENT_USER\Software\Microsoft\AppV\Client\Packages`
+- Registry settings under HKEY_CURRENT_USER\Software\Microsoft\AppV\Client\Packages
 
 Together, these files and registry settings represent the user’s catalog, so either both must be roamed, or neither must be roamed for a given user. App-V does not support roaming %AppData%, but not roaming the user’s profile (registry), or vice versa.
 
 >[!NOTE]
->The **Repair-AppvClientPackage** cmdlet does not repair the publishing state of packages, where the user’s App-V state under `HKEY_CURRENT_USER` is missing or mismatched with the data in %appdata%.
+>The **Repair-AppvClientPackage** cmdlet does not repair the publishing state of packages, where the user’s App-V state under HKEY_CURRENT_USER is missing or mismatched with the data in %appdata%.
 
 ### Registry-based data
 

From 2a16e70b02edbd90add739e161521e77da1c66b7 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Tue, 5 Jun 2018 10:18:28 -0700
Subject: [PATCH 29/74] Removed monospace, added little location disclaimers
 before some tables

---
 ...pplication-publishing-and-client-interaction.md | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index a3563907c0..bd399c1e22 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -69,7 +69,7 @@ Additional details for the table are provided in the section below and throughou
 
 ### Package store
 
-The App-V Client manages the applications assets mounted in the package store. This default storage location is %ProgramData%\App-V, but you can configure it during or after setup by using the **Set-AppVClientConfiguration** Windows PowerShell cmdlet, which modifies the local registry (`PackageInstallationRoot` value under the HKLM\Software\Microsoft\AppV\Client\Streaming key). The package store must be located at a local path on the client operating system. The individual packages are stored in the package store in subdirectories named after the Package GUID and Version GUID.
+The App-V Client manages the applications assets mounted in the package store. This default storage location is %ProgramData%\App-V, but you can configure it during or after setup by using the **Set-AppVClientConfiguration** Windows PowerShell cmdlet, which modifies the local registry (**PackageInstallationRoot** value under the HKLM\Software\Microsoft\AppV\Client\Streaming key). The package store must be located at a local path on the client operating system. The individual packages are stored in the package store in subdirectories named after the Package GUID and Version GUID.
 
 Example of a path to a specific application:
 
@@ -95,6 +95,8 @@ The App-V Client manages the following two file-based locations:
 
 ### Machine catalog
 
+The locations described in this table can be found in the %programdata%\Microsoft\AppV\Client\Catalog\ folder.
+
 |||
 |---|---|
 |Description|Stores package documents that are available to users on the machine when packages are added and published. However, if a package is “global” at publishing time, the integrations are available to all users.<br></br>If a package is non-global, the integrations are published only for specific users, but there are still global resources that are modified and visible to anyone on the client computer (such as when the package directory is in a shared disk location).<br></br>If a package is available to a user on the computer (global or non-global), the manifest is stored in the Machine Catalog. When a package is published globally, there is a Dynamic Configuration file, stored in the Machine Catalog; therefore, the determination of whether a package is global is defined according to whether there is a policy file (UserDeploymentConfiguration file) in the Machine Catalog.|
@@ -105,6 +107,8 @@ The App-V Client manages the following two file-based locations:
 
 ### User catalog
 
+The locations described in this table can be found in the appdata\roaming\Microsoft\AppV\Client\Catalog\ folder.
+
 |||
 |---|---|
 |Description|Created during the publishing process. Contains information used for publishing the package, and for making sure that a package is provisioned to a specific user at launch. Created in a roaming location and includes user-specific publishing information.<br></br>When a package is published for a user, the policy file is stored in the User Catalog. At the same time, a copy of the manifest is also stored in the User Catalog. When a package entitlement is removed for a user, the relevant package files are removed from the User Catalog. Looking at the user catalog, an administrator can view the presence of a Dynamic Configuration file, which indicates that the package is entitled for that user.<br></br>For roaming users, the User Catalog needs to be in a roaming or shared location to preserve the legacy App-V behavior of targeting users by default. Entitlement and policy are tied to a user, not a computer, so they should roam with the user once they are provisioned.|
@@ -155,6 +159,8 @@ There are two package registry locations and two connection group locations wher
 
 #### Single Package VReg
 
+The registries in the following table are located in the Registry\Client\Packages\PkgGUID\ folder.
+
 |Location|Description|
 |---|---|
 |COW|- Machine Registry\Client\Packages\PkgGUID\REGISTRY (Only elevate process can write)<br>- User Registry\Client\Packages\PkgGUID\REGISTRY (User Roaming anything written under HKCU except Software\Classes<br>- User Registry Classes\Client\Packages\PkgGUID\REGISTRY (HKCU\Software\Classes writes and HKLM for non-elevated process)|
@@ -163,6 +169,8 @@ There are two package registry locations and two connection group locations wher
 
 #### Connection Group VReg
 
+The registries in the following table are located in the Machine Registry\Client\PackageGroups\GrpGUID\ and User Registry Classes\Client\PackageGroups\GrpGUID\ folders.
+
 |Location|Description|
 |---|---|
 |COW|- Machine Registry\Client\PackageGroups\GrpGUID\REGISTRY (only elevate process can write)<br>- User Registry\Client\PackageGroups\GrpGUID\REGISTRY (Anything written to HKCU except Software\Classes)<br>- User Registry Classes\Client\PackageGroups\GrpGUID\REGISTRY|
@@ -278,7 +286,7 @@ App-V supports folder redirection of the roaming AppData folder (%AppData%). Whe
 
 A typical package has several locations mapped in the user’s backing store for settings in both AppData\\Local and AppData\\Roaming. These locations are the Copy on Write locations that are stored per user in the user’s profile, and that are used to store changes made to the package VFS directories and to protect the default package VFS.
 
-The following table shows local and roaming locations, when folder redirection has not been implemented.
+The following table shows local and roaming locations when folder redirection has not been implemented.
 
 | VFS directory in package | Mapped location of backing store |
 |---|---|
@@ -288,7 +296,7 @@ The following table shows local and roaming locations, when folder redirection h
 | appv\_ROOT | C:\Users\username\AppData\Local\Microsoft\AppV\Client\VFS\\&lt;GUID&gt;\appv_ROOT|
 | AppData | C:\Users\username\AppData\Local\Microsoft\AppV\Client\VFS\\&lt;GUID&gt;\AppData |
 
-The following table shows local and roaming locations, when folder redirection has been implemented for %AppData%, and the location has been redirected (typically to a network location).
+The following table shows local and roaming locations when folder redirection has been implemented for %AppData% and the location has been redirected (typically to a network location).
 
 | VFS directory in package | Mapped location of backing store |
 |---|---|

From 2811c27e80881aab34a292e8c825187dcbe3e055 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Tue, 5 Jun 2018 16:37:56 -0700
Subject: [PATCH 30/74] Editorial change and added caption to image

---
 .../appv-application-publishing-and-client-interaction.md      | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index bd399c1e22..e30c2e41a4 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -269,7 +269,7 @@ App-V stores data, which represents the state of the user’s catalog, in the fo
 Together, these files and registry settings represent the user’s catalog, so either both must be roamed, or neither must be roamed for a given user. App-V does not support roaming %AppData%, but not roaming the user’s profile (registry), or vice versa.
 
 >[!NOTE]
->The **Repair-AppvClientPackage** cmdlet does not repair the publishing state of packages, where the user’s App-V state under HKEY_CURRENT_USER is missing or mismatched with the data in %appdata%.
+>The **Repair-AppvClientPackage** cmdlet doesn't repair the publishing state of packages where the user’s App-V state under HKEY_CURRENT_USER is missing or mismatched with the data in %appdata%.
 
 ### Registry-based data
 
@@ -420,6 +420,7 @@ The process then configures the client for package or connection group additions
 This completes an App-V package add for the publishing refresh process. The next step is publishing the package to a specific target (machine or user).
 
 ![Package add file and registry data](images/packageaddfileandregistrydata.png)
+**Package add file and registry data**
 
 #### Publishing an App-V package
 

From cbc89d418794aad278a69f017b7657b5d5921e37 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Tue, 5 Jun 2018 16:58:26 -0700
Subject: [PATCH 31/74] Caption

---
 .../app-v/appv-application-publishing-and-client-interaction.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index e30c2e41a4..48f6a6768a 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -450,6 +450,7 @@ During the Publishing Refresh operation, the specific publishing operation, **Pu
 Publishing an App-V Package that is part of a Connection Group is very similar to the above process. For connection groups, the path that stores the specific catalog information includes PackageGroups as a child of the Catalog Directory. Review the Machine and User Catalog information in the preceding sections for details.
 
 ![package add file and registry data - global](images/packageaddfileandregistrydata-global.png)
+**Package add file and registry data—global**
 
 ### Application launch
 
@@ -475,6 +476,7 @@ After the Publishing Refresh process, the user launches and then relaunches an A
 7. The Application launches. For any missing files in the package store (sparse files), App-V will stream fault the files on an as needed basis.
 
     ![package add file and registry data - stream](images/packageaddfileandregistrydata-stream.png)
+    **Package add file and registry data—stream**
 
 ### Upgrading an App-V package
 

From 7149176ecded8d3f5d6a886f23ac47747dc59216 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Wed, 6 Jun 2018 09:17:15 -0700
Subject: [PATCH 32/74] Spacing fix for captions

---
 .../appv-application-publishing-and-client-interaction.md      | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 48f6a6768a..b4a36706c2 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -420,6 +420,7 @@ The process then configures the client for package or connection group additions
 This completes an App-V package add for the publishing refresh process. The next step is publishing the package to a specific target (machine or user).
 
 ![Package add file and registry data](images/packageaddfileandregistrydata.png)
+
 **Package add file and registry data**
 
 #### Publishing an App-V package
@@ -450,6 +451,7 @@ During the Publishing Refresh operation, the specific publishing operation, **Pu
 Publishing an App-V Package that is part of a Connection Group is very similar to the above process. For connection groups, the path that stores the specific catalog information includes PackageGroups as a child of the Catalog Directory. Review the Machine and User Catalog information in the preceding sections for details.
 
 ![package add file and registry data - global](images/packageaddfileandregistrydata-global.png)
+
 **Package add file and registry data—global**
 
 ### Application launch
@@ -476,6 +478,7 @@ After the Publishing Refresh process, the user launches and then relaunches an A
 7. The Application launches. For any missing files in the package store (sparse files), App-V will stream fault the files on an as needed basis.
 
     ![package add file and registry data - stream](images/packageaddfileandregistrydata-stream.png)
+    
     **Package add file and registry data—stream**
 
 ### Upgrading an App-V package

From 3e32a4ad06b78423b140c43515ba57a9d099131f Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Wed, 6 Jun 2018 09:50:13 -0700
Subject: [PATCH 33/74] Editorial changes

---
 .../appv-application-publishing-and-client-interaction.md   | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index b4a36706c2..d4937d1ba9 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -71,7 +71,7 @@ Additional details for the table are provided in the section below and throughou
 
 The App-V Client manages the applications assets mounted in the package store. This default storage location is %ProgramData%\App-V, but you can configure it during or after setup by using the **Set-AppVClientConfiguration** Windows PowerShell cmdlet, which modifies the local registry (**PackageInstallationRoot** value under the HKLM\Software\Microsoft\AppV\Client\Streaming key). The package store must be located at a local path on the client operating system. The individual packages are stored in the package store in subdirectories named after the Package GUID and Version GUID.
 
-Example of a path to a specific application:
+The following is an example of a path to a specific application:
 
 ```syntax
 C:\ProgramData\App-V\PackGUID\VersionGUID
@@ -81,7 +81,7 @@ To change the default location of the package store during setup, see [Enable th
 
 ### Shared Content Store
 
-If the App-V Client is configured in Shared Content Store mode, no data is written to disk when a stream fault occurs, which means that the packages require minimal local disk space (publishing data). The use of less disk space is highly desirable in VDI environments, where local storage can be limited, and streaming the applications from a high-performance network location (such as a SAN) is preferable. For more information, see [Shared Content Store in Microsoft App-V 5.0 - Behind the Scenes](https://blogs.technet.microsoft.com/appv/2013/07/22/shared-content-store-in-microsoft-app-v-5-0-behind-the-scenes/).
+If the App-V Client is configured in Shared Content Store mode, no data is written to disk when a stream fault occurs, which means that the packages require minimal local disk space (publishing data). In VDI environments where local storage can be limited, it's important to use as little disk space as possible. You can minimize disk space usage by streaming applications from a high-performance network location (such as a SAN). For more information, see [Shared Content Store in Microsoft App-V 5.0 - Behind the Scenes](https://blogs.technet.microsoft.com/appv/2013/07/22/shared-content-store-in-microsoft-app-v-5-0-behind-the-scenes/).
 
 >[!NOTE]
 >The machine and package store must be located on a local drive, even when you’re using Shared Content Store configurations for the App-V Client.
@@ -478,7 +478,7 @@ After the Publishing Refresh process, the user launches and then relaunches an A
 7. The Application launches. For any missing files in the package store (sparse files), App-V will stream fault the files on an as needed basis.
 
     ![package add file and registry data - stream](images/packageaddfileandregistrydata-stream.png)
-    
+
     **Package add file and registry data—stream**
 
 ### Upgrading an App-V package

From 0b4c9314e0d565eee454fd195f4d55b85a14a1b0 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Wed, 6 Jun 2018 10:41:44 -0700
Subject: [PATCH 34/74] Editorial changes

---
 ...-application-publishing-and-client-interaction.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index d4937d1ba9..28c6a826f2 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -139,9 +139,9 @@ Before an application can access the package registry data, the App-V Client mus
 
 When a new package is added to the App-V Client, a copy of the REGISTRY.DAT file from the package is created at %ProgramData%\Microsoft\AppV\Client\VREG\{Version GUID}.dat. The name of the file is the version GUID with the .DAT extension. The reason this copy is made is to ensure that the actual hive file in the package is never in use, which would prevent the removal of the package at a later time.
 
-**Registry.dat from Package Store** > **%ProgramData%\Microsoft\AppV\Client\Vreg\\{VersionGuid}.dat**
+**Registry.dat from Package Store** > **%ProgramData%\Microsoft\AppV\Client\Vreg\\{VersionGUID}.dat**
 
-When the first application from the package is launched on the client, the client stages or copies the contents out of the hive file, re-creating the package registry data in an alternate location under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages\PackageGuid\Versions\VersionGuid\REGISTRY. The staged registry data has two distinct types of machine data and user data. Machine data is shared across all users on the machine. User data is staged for each user to a user-specific location HKCU\Software\Microsoft\AppV\Client\Packages\PackageGuid\Registry\User. The machine data is ultimately removed at package removal time, and the user data is removed on a user unpublish operation.
+When the first application from the package is launched on the client, the client stages or copies the contents out of the hive file, re-creating the package registry data in an alternate location under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages\PackageGuid\Versions\VersionGUID\REGISTRY. The staged registry data has two distinct types of machine data and user data. Machine data is shared across all users on the machine. User data is staged for each user to a user-specific location HKCU\Software\Microsoft\AppV\Client\Packages\PackageGUID\Registry\User. The machine data is ultimately removed at package removal time, and the user data is removed on a user unpublish operation.
 
 ### Package registry staging vs. connection group registry staging
 
@@ -278,7 +278,7 @@ App-V registry roaming falls into two scenarios, as shown in the following table
 |Scenario|Description|
 |---|---|
 |Applications that are run as standard users|When a standard user launches an App-V application, both HKLM and HKCU for App-V applications are stored in the HKCU hive on the machine. This presents as two distinct paths:<br><br>- HKLM's location is  HKCU\SOFTWARE\Classes\AppV\Client\Packages\\{PkgGUID}\REGISTRY\MACHINE\SOFTWARE<br>- HKCU's location is HKCU\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\REGISTRY\USER\\{UserSID}\SOFTWARE<br><br>The locations are enabled for roaming based on the operating system settings.|
-|Applications that are run with elevation|When an application is launched with elevation:<br><br>- HKLM data is stored in the HKLM hive on the local computer<br>- HKCU data is stored in the User Registry location<br><br>In this scenario, these settings are not roamed with normal operating system roaming configurations, and the resulting registry keys and values are stored in the following locations:<br><br>- HKLM's location is HKLM\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\\{UserSID}\REGISTRY\MACHINE\SOFTWARE<br>- HKCU's location is  HKCU\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\\Registry\User\\{UserSID}\SOFTWARE|
+|Applications that are run with elevation|When an application is launched with elevation:<br><br>- HKLM data is stored in the HKLM hive on the local computer<br>- HKCU data is stored in the User Registry location<br><br>In this scenario, these settings are not roamed with normal operating system roaming configurations, and the resulting registry keys and values are stored in the following locations:<br><br>- HKLM's location is HKLM\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\\{UserSID}\REGISTRY\MACHINE\SOFTWARE<br>- HKCU's location is HKCU\SOFTWARE\Microsoft\AppV\Client\Packages\\{PkgGUID}\\Registry\User\\{UserSID}\SOFTWARE|
 
 ### App-V and folder redirection
 
@@ -475,7 +475,7 @@ After the Publishing Refresh process, the user launches and then relaunches an A
 
 6. After downloading, the App-V Client service consumes the manifest and deployment configuration files to configure the virtual environment and all App-V subsystems are loaded.
 
-7. The Application launches. For any missing files in the package store (sparse files), App-V will stream fault the files on an as needed basis.
+7. The Application launches. For any missing files in the package store (sparse files), App-V will stream fault the files on an as-needed basis.
 
     ![package add file and registry data - stream](images/packageaddfileandregistrydata-stream.png)
 
@@ -489,7 +489,7 @@ The current version of App-V's package upgrade process differs from the older ve
 
 1. The App-V Client performs a Publishing Refresh and discovers a newer version of an App-V Package.
 
-2. Package entries are added to the appropriate catalog for the new version
+2. Package entries are added to the appropriate catalog for the new version.
 
     1. User targeted packages: the **UserDeploymentConfiguration.xml** and **UserManifest.xml** are placed on the machine in the user catalog at **appdata\\roaming\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID**.
 
@@ -694,7 +694,7 @@ For details on App-V integration, see [Microsoft Application Virtualization 5.0
 
 ### Software clients and application capabilities
 
-App-V supports specific software clients and application capabilities extension points to register virtualized applications with the operating system's software client. This means users can select default programs for operations like email, instant messaging, and using the media player. This operation is performed in the control panel with **Set Program Access** and **Computer Defaults**, and configured during sequencing in the manifest or dynamic configuration files. Application capabilities are only supported when the App-V applications are published globally.
+App-V supports specific software clients and application capabilities extension points to register virtualized applications with the operating system's software client. This means users can select default programs for operations like email, instant messaging, and using the media player. This operation is performed in the control panel with **Set Program Access** and **Computer Defaults**, and is configured during sequencing in the manifest or dynamic configuration files. Application capabilities are only supported when the App-V applications are published globally.
 
 The following is an example of software client registration of an App-V-based mail client.
 

From dc3f7282d55e3c222c3753008b307a6eb505f9ba Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Fri, 8 Jun 2018 10:25:27 -0700
Subject: [PATCH 35/74] Editorial and formatting changes

---
 ...ation-publishing-and-client-interaction.md | 26 +++++++++----------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 28c6a826f2..0eecec1c8d 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -115,7 +115,7 @@ The locations described in this table can be found in the appdata\roaming\Micros
 |Default storage location|appdata\roaming\Microsoft\AppV\Client\Catalog\Packages\PkgGUID\VerGUID|
 |Files in the user catalog|- UserManifest.xml<br>- DynamicConfiguration.xml or UserDeploymentConfiguration.xml|
 |Additional user catalog location, used when the package is part of a connection group|The following location is in addition to the specific package location mentioned above:<br></br>appdata\roaming\Microsoft\AppV\Client\Catalog\PackageGroups\PkgGroupGUID\PkgGroupVerGUID|
-|Additional file in the machine catalog when the package is part of a connection group|**UserPackageGroupDescriptor.xml**|
+|Additional file in the machine catalog when the package is part of a connection group|UserPackageGroupDescriptor.xml|
 
 ### Shortcut backups
 
@@ -211,7 +211,7 @@ App-V manages the Package Store, which is the location where the expanded asset
 
 ### Add packages
 
-App-V Packages are staged upon addition to the computer with the App-V Client. The App-V Client provides on-demand staging. When publishing or manually entering the **Add-AppVClientPackage** cmdlet, the data structure is built in the package store (C:\\programdata\\App-V\\{PkgGUID}\\{VerGUID}). The package files identified in the publishing block defined in the **StreamMap.xml** file are added to the system, and the top level folders and child files are staged to ensure proper application assets exist at launch.
+App-V Packages are staged upon addition to the computer with the App-V Client. The App-V Client provides on-demand staging. When publishing or manually entering the **Add-AppVClientPackage** cmdlet, the data structure is built in the package store (C:\\programdata\\App-V\\{PkgGUID}\\{VerGUID}). The package files identified in the publishing block defined in the StreamMap.xml file are added to the system, and the top level folders and child files are staged to ensure proper application assets exist at launch.
 
 ### Mounting packages
 
@@ -224,7 +224,7 @@ The App-V Client can be configured to change the default behavior of streaming.
 |Policy|Description|
 |---|---|
 |AllowHighCostLaunch|Allows streaming over 3G and cellular networks|
-|AutoLoad|Specifies the Background Load setting:<br>**0** – Disabled<br>**1** – Previously Used Packages only<br>**2** – All Packages|
+|AutoLoad|Specifies the Background Load setting:<br>0 – Disabled<br>1 – Previously Used Packages only<br>2 – All Packages|
 |PackageInstallationRoot|The root folder for the package store in the local machine|
 |PackageSourceRoot|The root override where packages should be streamed from|
 |SharedContentStoreMode|Enables the use of Shared Content Store for VDI scenarios|
@@ -379,7 +379,7 @@ The process then configures the client for package or connection group additions
 
     2. The package file is opened and the **AppXManifest.xml** and **StreamMap.xml** files are downloaded to the Package Store.
 
-    3. Completely stream publishing block data defined in the **StreamMap.xml**. Publishing block data is stored in Package Store\\PkgGUID\\VerGUID\\Root.
+    3. Completely stream publishing block data defined in the **StreamMap.xml** file. Publishing block data is stored in Package Store\\PkgGUID\\VerGUID\\Root.
 
         - Icons: Targets of extension points.
         - Portable Executable Headers (PE Headers): Targets of extension points that contain the base information about the image need on disk, accessed directly or through file types.
@@ -393,7 +393,7 @@ The process then configures the client for package or connection group additions
 
         All other files are created when the directory is listed as sparse on disk and streamed on demand.
 
-    5. Create the machine catalog entries. Create the **Manifest.xml** and **DeploymentConfiguration.xml** from the package files (if no **DeploymentConfiguration.xml** file in the package a placeholder is created).
+    5. Create the machine catalog entries. Create the **Manifest.xml** and **DeploymentConfiguration.xml** files from the package files (if no **DeploymentConfiguration.xml** file in the package a placeholder is created).
 
     6. Create location of the package store in the registry **HKLM\\Software\\Microsoft\\AppV\\Client\\Packages\\PkgGUID\\Versions\\VerGUID\\Catalog**.
 
@@ -431,7 +431,7 @@ During the Publishing Refresh operation, the specific publishing operation, **Pu
 
 1. Package entries are added to the user catalog
 
-    1. User targeted packages: the **UserDeploymentConfiguration.xml** and **UserManifest.xml** are placed on the machine in the User Catalog.
+    1. User targeted packages: the **UserDeploymentConfiguration.xml** and **UserManifest.xml** files are placed on the machine in the User Catalog.
 
     2. Machine targeted (global) packages: the **UserDeploymentConfiguration.xml** is placed in the Machine Catalog.
 
@@ -491,7 +491,7 @@ The current version of App-V's package upgrade process differs from the older ve
 
 2. Package entries are added to the appropriate catalog for the new version.
 
-    1. User targeted packages: the **UserDeploymentConfiguration.xml** and **UserManifest.xml** are placed on the machine in the user catalog at **appdata\\roaming\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID**.
+    1. User targeted packages: the **UserDeploymentConfiguration.xml** and **UserManifest.xml** files are placed on the machine in the user catalog at **appdata\\roaming\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID**.
 
     2. Machine targeted (global) packages: the **UserDeploymentConfiguration.xml** is placed in the machine catalog at **%programdata%\\Microsoft\\AppV\\Client\\Catalog\\Packages\\PkgGUID\\VerGUID**.
 
@@ -545,8 +545,8 @@ Use the following example scenarios as a guide for updating packages.
 
 App-V Packages can be published in one of two ways; as user, which entitles an App-V package to a specific user or group of users, or as global, which entitles the App-V package to the entire machine for all users of the machine. Once a package upgrade has been pended and the App-V package is not in use, consider the two types of publishing:
 
-- **Globally published**: the application is published to a machine; all users on that machine can use it. The upgrade will happen when the App-V Client Service starts, which effectively means a machine restart.
-- **User-published**: the application is published to a user. If there are multiple users on the machine, the application can be published to a subset of the users. The upgrade will happen when the user signs in or when it is published again (periodically, ConfigMgr Policy refresh and evaluation, or an App-V periodic publishing/refresh, or explicitly through Windows PowerShell commands).
+- Global publishing is when the application is published to a machine; all users on that machine can use it. The upgrade will happen when the App-V Client Service starts, which effectively means a machine restart.
+- User publishing is when the application is published to a user. If there are multiple users on the machine, the application can be published to a subset of the users. The upgrade will happen when the user signs in or when it is published again (periodically, ConfigMgr Policy refresh and evaluation, or an App-V periodic publishing/refresh, or explicitly through Windows PowerShell commands).
 
 ### Removing an App-V package
 
@@ -560,9 +560,9 @@ The repair operation is easy to do but may affect many locations on the machine.
 
 The App-V Client and package architecture provides specific integration with the local operating system during the addition and publishing of packages. Three files define the integration or extension points for an App-V Package:
 
-- **AppXManifest.xml**: Stored inside of the package with fallback copies stored in the package store and the user profile. Contains the options created during the sequencing process.
-- **DeploymentConfig.xml**: Provides configuration information of computer- and user-based integration extension points.
-- **UserConfig.xml**: A subset of the **Deploymentconfig.xml** that only provides user-based configurations and only targets user-based extension points.
+- AppXManifest.xml is stored inside of the package with fallback copies stored in the package store and the user profile. Contains the options created during the sequencing process.
+- DeploymentConfig.xml provides configuration information of computer- and user-based integration extension points.
+- UserConfig.xml is a subset of the Deploymentconfig.xml file that only provides user-based configurations and only targets user-based extension points.
 
 ### Rules of integration
 
@@ -688,7 +688,7 @@ The following table displays the supported shell extensions.
 
 The App-V Client supports publishing applications with support for COM integration and virtualization. COM integration allows the App-V Client to register COM objects on the local operating system and virtualization of the objects. For the purposes of this document, the integration of COM objects requires additional detail.
 
-App-V supports registering COM objects from the package to the local operating system with two process types: Out-of-process and In-process. Registering COM objects is accomplished with one or a combination of multiple modes of operation for a specific App-V package that includes Off, Isolated, and Integrated. Integrated mode is configured for either the Out-of-process or In-process type. Configuration of COM modes and types is accomplished with dynamic configuration files (**deploymentconfig.xml** or **userconfig.xml**).
+App-V supports registering COM objects from the package to the local operating system with two process types: Out-of-process and In-process. Registering COM objects is accomplished with one or a combination of multiple modes of operation for a specific App-V package that includes Off, Isolated, and Integrated. Integrated mode is configured for either the Out-of-process or In-process type. Configuration of COM modes and types is accomplished with dynamic configuration files (deploymentconfig.xml or userconfig.xml).
 
 For details on App-V integration, see [Microsoft Application Virtualization 5.0 Integration](https://blogs.technet.microsoft.com/appv/2013/01/03/microsoft-application-virtualization-5-0-integration).
 

From 07e75322189926cea008b7e0b39989bc8dfbfc22 Mon Sep 17 00:00:00 2001
From: Heidi Lohr <helohr@microsoft.com>
Date: Fri, 8 Jun 2018 10:26:50 -0700
Subject: [PATCH 36/74] Updated date metadata

---
 windows/application-management/app-v/appv-about-appv.md         | 2 +-
 ...dd-or-remove-an-administrator-with-the-management-console.md | 2 +-
 .../appv-add-or-upgrade-packages-with-the-management-console.md | 2 +-
 .../app-v/appv-administering-appv-with-powershell.md            | 2 +-
 ...istering-virtual-applications-with-the-management-console.md | 2 +-
 .../appv-allow-administrators-to-enable-connection-groups.md    | 2 +-
 .../app-v/appv-application-publishing-and-client-interaction.md | 2 +-
 7 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/windows/application-management/app-v/appv-about-appv.md b/windows/application-management/app-v/appv-about-appv.md
index c2421f0918..f0f2f8eb1a 100644
--- a/windows/application-management/app-v/appv-about-appv.md
+++ b/windows/application-management/app-v/appv-about-appv.md
@@ -6,7 +6,7 @@ ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/18/2018
+ms.date: 06/08/2018
 ---
 # What's new in App-V for Windows 10, version 1703 and earlier
 
diff --git a/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md b/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md
index a7c0447d3e..c5a7ad334d 100644
--- a/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md
+++ b/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md
@@ -6,7 +6,7 @@ ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/19/2017
+ms.date: 06/08/2018
 ---
 # How to add or remove an administrator by using the Management Console
 
diff --git a/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md b/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md
index 5f03b7e815..0ae1a703c8 100644
--- a/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md
+++ b/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md
@@ -6,7 +6,7 @@ ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/19/2017
+ms.date: 06/08/2018
 ---
 # How to add or upgrade packages by using the Management Console
 
diff --git a/windows/application-management/app-v/appv-administering-appv-with-powershell.md b/windows/application-management/app-v/appv-administering-appv-with-powershell.md
index 1a003ccf5c..b6cf8bf3d3 100644
--- a/windows/application-management/app-v/appv-administering-appv-with-powershell.md
+++ b/windows/application-management/app-v/appv-administering-appv-with-powershell.md
@@ -6,7 +6,7 @@ ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/19/2017
+ms.date: 06/08/2018
 ---
 # Administering App-V by using Windows PowerShell
 
diff --git a/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md b/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md
index 5abc5df2bd..a7662c1689 100644
--- a/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md
+++ b/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md
@@ -6,7 +6,7 @@ ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/19/2017
+ms.date: 06/08/2018
 ---
 # Administering App-V Virtual Applications by using the Management Console
 
diff --git a/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md b/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md
index d982f4b88b..36c4204881 100644
--- a/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md
+++ b/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md
@@ -6,7 +6,7 @@ ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/19/2017
+ms.date: 06/08/2018
 ---
 # How to allow only administrators to enable connection groups
 
diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 0eecec1c8d..9ef9c0bee3 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -6,7 +6,7 @@ ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.prod: w10
-ms.date: 04/19/2017
+ms.date: 06/08/2018
 ---
 # Application publishing and client interaction
 

From bbc1d059e3433ff07bb022d18d5afcc803d719a8 Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Fri, 8 Jun 2018 12:33:06 -0700
Subject: [PATCH 37/74] added finder

---
 .../microsoft-recommended-block-rules.md                         | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
index b3f44ab315..9ccc601294 100644
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
@@ -59,6 +59,7 @@ Unless your use scenarios explicitly require them, Microsoft recommends that you
 |Alex Ionescu | @aionescu|
 |Lee Christensen|@tifkin_|
 |Vladas Bulavas | Kaspersky Lab |
+|Lasse Trolle Borup | Langkjaer Cyber Defence |
 
 <br />
 

From 4191e823361608e891d59daa22d1afd022a68efb Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Fri, 8 Jun 2018 12:40:44 -0700
Subject: [PATCH 38/74] added finder

---
 .../microsoft-recommended-block-rules.md                        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
index 9ccc601294..ae37d52989 100644
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
@@ -6,7 +6,7 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.localizationpriority: high
 author: jsuther1974
-ms.date: 05/03/2018
+ms.date: 06/08/2018
 ---
 
 # Microsoft recommended block rules

From 204035dad996656cec2d0d76dd0104035c29a6f8 Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Fri, 8 Jun 2018 14:14:16 -0700
Subject: [PATCH 39/74] fixed issue

---
 windows/whats-new/whats-new-windows-10-version-1803.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/whats-new/whats-new-windows-10-version-1803.md b/windows/whats-new/whats-new-windows-10-version-1803.md
index 180c949a49..fad1f39565 100644
--- a/windows/whats-new/whats-new-windows-10-version-1803.md
+++ b/windows/whats-new/whats-new-windows-10-version-1803.md
@@ -169,7 +169,7 @@ In the Feedback and Settings page under Privacy Settings you can now delete the
 
 ### Security Baselines
 
-A draft of the new [security baseline for Windows 10 version 1803](https://blogs.technet.microsoft.com/secguide/2018/03/27/security-baseline-for-windows-10-v1803-redstone-4-draft/) has been published. 
+The new [security baseline for Windows 10 version 1803](https://docs.microsoft.com/windows/security/threat-protection/security-compliance-toolkit-10) has been published. 
 
 ### Windows Defender Antivirus
 

From f7a9d43d7439d8df9e87541e0b9a5779a4211a0b Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Fri, 8 Jun 2018 14:16:28 -0700
Subject: [PATCH 40/74] fixed issue

---
 windows/whats-new/whats-new-windows-10-version-1803.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/whats-new/whats-new-windows-10-version-1803.md b/windows/whats-new/whats-new-windows-10-version-1803.md
index fad1f39565..8107213fac 100644
--- a/windows/whats-new/whats-new-windows-10-version-1803.md
+++ b/windows/whats-new/whats-new-windows-10-version-1803.md
@@ -6,7 +6,7 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 author: greg-lindsay
-ms.date: 05/10/2018
+ms.date: 06/08/2018
 ms.localizationpriority: high
 ---
 

From 7ebd39f45254da85432b45ae1d1bdba0861f2817 Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Fri, 8 Jun 2018 14:23:19 -0700
Subject: [PATCH 41/74] removed note about autdit mode not available

---
 .../applocker/configure-an-applocker-policy-for-audit-only.md   | 2 --
 1 file changed, 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md
index 58bfcf7ebb..1127619715 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md
@@ -21,8 +21,6 @@ This topic for IT professionals describes how to set AppLocker policies to **Aud
 After AppLocker rules are created within the rule collection, you can configure the enforcement setting to **Enforce rules** or **Audit only**.
 
 When AppLocker policy enforcement is set to **Enforce rules**, rules are enforced for the rule collection and all events are audited. When AppLocker policy enforcement is set to **Audit only**, rules are only evaluated but all events generated from that evaluation are written to the AppLocker log.
-
->**Note:**  There is no audit mode for the DLL rule collection. DLL rules affect specific apps. Therefore, test the impact of these rules first before deploying them to production. To enable the DLL rule collection, see [Enable the DLL rule collection](enable-the-dll-rule-collection.md).
  
 You can perform this task by using the Group Policy Management Console for an AppLocker policy in a Group Policy Object (GPO) or by using the Local Security Policy snap-in for an AppLocker policy on a local computer or in a security template. For info how to use these MMC snap-ins to administer AppLocker, see [Administer AppLocker](administer-applocker.md#bkmk-using-snapins).
 

From 4c978edb61c62ef01c0c1be07be776ee33cc34e8 Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Fri, 8 Jun 2018 14:26:22 -0700
Subject: [PATCH 42/74] removed note about audit mode not available

---
 .../applocker/configure-an-applocker-policy-for-audit-only.md   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md
index 1127619715..3330eda208 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md
@@ -7,7 +7,7 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 author: brianlic-msft
-ms.date: 09/21/2017
+ms.date: 06/08/2018
 ---
 
 # Configure an AppLocker policy for audit only

From 3bbc5d43d1cc7184c3bb393f94bae28b831b811c Mon Sep 17 00:00:00 2001
From: Dune Desormeaux <dudeso@microsoft.com>
Date: Fri, 8 Jun 2018 16:14:11 -0700
Subject: [PATCH 43/74] Clarify WDATP + WDAV compatibility wording

WDAV won't always be in passive mode if WDATP is enabled. Clarifying this.
---
 .../windows-defender-antivirus-compatibility.md                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
index 6d409e7449..eae5b16c1e 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
@@ -71,7 +71,7 @@ Passive mode | Windows Defender AV will not be used as the antivirus app, and th
 Automatic disabled mode | Windows Defender AV will not be used as the antivirus app. Files will not be scanned and threats will not be remediated. | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark no](images/svg/check-no.svg)]] 
 Active mode | Windows Defender AV is used as the antivirus app on the machine. All configuration made with Configuration Manager, Group Policy, Intune, or other management products will apply. Files will be scanned and threats remediated, and detection information will be reported in your configuration tool (such as Configuration Manager or the Windows Defender AV app on the machine itself). | [!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)]
 
-Passive mode is enabled if you are enrolled in Windows Defender ATP because [the service requires common information sharing from the Windows Defender AV service](../windows-defender-atp/defender-compatibility-windows-defender-advanced-threat-protection.md) in order to properly monitor your devices and network for intrusion attempts and attacks. 
+Passive mode is enabled if you are enrolled in Windows Defender ATP and you are using a third party antimalware product because [the service requires common information sharing from the Windows Defender AV service](../windows-defender-atp/defender-compatibility-windows-defender-advanced-threat-protection.md) in order to properly monitor your devices and network for intrusion attempts and attacks. 
 
 Automatic disabled mode is enabled so that if the protection offered by a third-party antivirus product expires or otherwise stops providing real-time protection from viruses, malware or other threats, Windows Defender AV will automatically enable itself to ensure antivirus protection is maintained on the endpoint. It also allows you to enable [limited periodic scanning](limited-periodic-scanning-windows-defender-antivirus.md), which uses the Windows Defender AV engine to periodically check for threats in addition to your main antivirus app.
     

From 983cfd76af8cfa48f920e94c4b499a19668d1409 Mon Sep 17 00:00:00 2001
From: Dani Halfin <daniha@microsoft.com>
Date: Fri, 8 Jun 2018 23:19:00 +0000
Subject: [PATCH 44/74] Merged PR 8950: small formatting fix

---
 windows/privacy/manage-windows-endpoints.md | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/windows/privacy/manage-windows-endpoints.md b/windows/privacy/manage-windows-endpoints.md
index d0be3c4145..e43a9ddff4 100644
--- a/windows/privacy/manage-windows-endpoints.md
+++ b/windows/privacy/manage-windows-endpoints.md
@@ -502,8 +502,7 @@ In addition to the endpoints listed for Windows 10 Enterprise, the following end
 | *.search.msn.com | TLSv1.2 | Used to retrieve Windows Spotlight metadata. |
 | *.wac.edgecastcdn.net | TLSv1.2 | Used by the Verizon Content Delivery Network to perform Windows updates. |
 | *.wns.windows.com | TLSv1.2 | Used for the Windows Push Notification Services (WNS). |
-| *prod.do.dsp.mp.microsoft.com | TLSv1.2/
-HTTPS | Used for Windows Update downloads of apps and OS updates. |
+| *prod.do.dsp.mp.microsoft.com | TLSv1.2\/HTTPS | Used for Windows Update downloads of apps and OS updates. |
 | .g.akamaiedge.net | HTTP | Used to check for updates to maps that have been downloaded for offline use. |
 | telecommand.telemetry.microsoft.com | HTTPS | Used by Windows Error Reporting. |
 | 2.dl.delivery.mp.microsoft.com | HTTP | Enables connections to Windows Update. |
@@ -594,8 +593,7 @@ TLSv1.2 | Used to check for updates to maps that have been downloaded for offlin
 | *.wac.edgecastcdn.net | TLSv1.2 | Used by the Verizon Content Delivery Network to perform Windows updates. |
 | *.wac.phicdn.net | HTTP | Used by the Verizon Content Delivery Network to perform Windows updates. |
 | *.wns.windows.com | TLSv1.2 | Used for the Windows Push Notification Services (WNS). |
-| *prod.do.dsp.mp.microsoft.com | TLSv1.2/
-HTTPS | Used for Windows Update downloads of apps and OS updates. |
+| *prod.do.dsp.mp.microsoft.com | TLSv1.2\/HTTPS | Used for Windows Update downloads of apps and OS updates. |
 | 3.dl.delivery.mp.microsoft.com | HTTPS | Enables connections to Windows Update. |
 | 3.dl.delivery.mp.microsoft.com.c.footprint.net | HTTP | Enables connections to Windows Update. |
 | 3.tlu.dl.delivery.mp.microsoft.com | HTTP | Enables connections to Windows Update. |

From 41d5e00c6a519f9c7eedd5553f7addd3706135bc Mon Sep 17 00:00:00 2001
From: Dune Desormeaux <dudeso@microsoft.com>
Date: Fri, 8 Jun 2018 16:20:59 -0700
Subject: [PATCH 45/74] Dudeso-dd clarity

Switch to active voice
---
 .../windows-defender-antivirus-compatibility.md                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
index eae5b16c1e..47d5189976 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
@@ -71,7 +71,7 @@ Passive mode | Windows Defender AV will not be used as the antivirus app, and th
 Automatic disabled mode | Windows Defender AV will not be used as the antivirus app. Files will not be scanned and threats will not be remediated. | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark no](images/svg/check-no.svg)]] 
 Active mode | Windows Defender AV is used as the antivirus app on the machine. All configuration made with Configuration Manager, Group Policy, Intune, or other management products will apply. Files will be scanned and threats remediated, and detection information will be reported in your configuration tool (such as Configuration Manager or the Windows Defender AV app on the machine itself). | [!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)]
 
-Passive mode is enabled if you are enrolled in Windows Defender ATP and you are using a third party antimalware product because [the service requires common information sharing from the Windows Defender AV service](../windows-defender-atp/defender-compatibility-windows-defender-advanced-threat-protection.md) in order to properly monitor your devices and network for intrusion attempts and attacks. 
+If you are enrolled in Windows Defender ATP and you are using a third party antimalware product then passive mode is enabled because [the service requires common information sharing from the Windows Defender AV service](../windows-defender-atp/defender-compatibility-windows-defender-advanced-threat-protection.md) in order to properly monitor your devices and network for intrusion attempts and attacks. 
 
 Automatic disabled mode is enabled so that if the protection offered by a third-party antivirus product expires or otherwise stops providing real-time protection from viruses, malware or other threats, Windows Defender AV will automatically enable itself to ensure antivirus protection is maintained on the endpoint. It also allows you to enable [limited periodic scanning](limited-periodic-scanning-windows-defender-antivirus.md), which uses the Windows Defender AV engine to periodically check for threats in addition to your main antivirus app.
     

From a72487a8239474b30943e627227b6294e4c3cf50 Mon Sep 17 00:00:00 2001
From: Yuhang Zhu <yuhangz@microsoft.com>
Date: Mon, 11 Jun 2018 12:51:50 +0000
Subject: [PATCH 46/74] Merged PR 8963: Remove a statement from
 MicrosoftNetworkClient policy.

This a real edit change. Thanks.
---
 .../policy-configuration-service-provider.md  |  16 +
 ...policy-csp-localpoliciessecurityoptions.md | 365 +++++++++++++++---
 2 files changed, 317 insertions(+), 64 deletions(-)

diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index 403a5e2cb4..921e2c246d 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -2048,12 +2048,18 @@ The following diagram shows the Policy configuration service provider in tree fo
   <dd>
     <a href="./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-interactivelogon-smartcardremovalbehavior" id="localpoliciessecurityoptions-interactivelogon-smartcardremovalbehavior">LocalPoliciesSecurityOptions/InteractiveLogon_SmartCardRemovalBehavior</a>
   </dd>
+  <dd>
+    <a href="./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-microsoftnetworkclient-digitallysigncommunicationsalways" id="localpoliciessecurityoptions-microsoftnetworkclient-digitallysigncommunicationsalways">LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsAlways</a>
+  </dd>
   <dd>
     <a href="./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-microsoftnetworkclient-digitallysigncommunicationsifserveragrees" id="localpoliciessecurityoptions-microsoftnetworkclient-digitallysigncommunicationsifserveragrees">LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsIfServerAgrees</a>
   </dd>
   <dd>
     <a href="./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-microsoftnetworkclient-sendunencryptedpasswordtothirdpartysmbservers" id="localpoliciessecurityoptions-microsoftnetworkclient-sendunencryptedpasswordtothirdpartysmbservers">LocalPoliciesSecurityOptions/MicrosoftNetworkClient_SendUnencryptedPasswordToThirdPartySMBServers</a>
   </dd>
+  <dd>
+    <a href="./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-microsoftnetworkserver-amountofidletimerequiredbeforesuspendingsession" id="localpoliciessecurityoptions-microsoftnetworkserver-amountofidletimerequiredbeforesuspendingsession">LocalPoliciesSecurityOptions/MicrosoftNetworkServer_AmountOfIdleTimeRequiredBeforeSuspendingSession</a>
+  </dd>
   <dd>
     <a href="./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-microsoftnetworkserver-digitallysigncommunicationsalways" id="localpoliciessecurityoptions-microsoftnetworkserver-digitallysigncommunicationsalways">LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsAlways</a>
   </dd>
@@ -2075,6 +2081,9 @@ The following diagram shows the Policy configuration service provider in tree fo
   <dd>
     <a href="./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networkaccess-restrictclientsallowedtomakeremotecallstosam" id="localpoliciessecurityoptions-networkaccess-restrictclientsallowedtomakeremotecallstosam">LocalPoliciesSecurityOptions/NetworkAccess_RestrictClientsAllowedToMakeRemoteCallsToSAM</a>
   </dd>
+  <dd>
+    <a href="./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networksecurity-allowlocalsystemtousecomputeridentityforntlm" id="localpoliciessecurityoptions-networksecurity-allowlocalsystemtousecomputeridentityforntlm">LocalPoliciesSecurityOptions/NetworkSecurity_AllowLocalSystemToUseComputerIdentityForNTLM</a>
+  </dd>
   <dd>
     <a href="./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networksecurity-allowpku2uauthenticationrequests" id="localpoliciessecurityoptions-networksecurity-allowpku2uauthenticationrequests">LocalPoliciesSecurityOptions/NetworkSecurity_AllowPKU2UAuthenticationRequests</a>
   </dd>
@@ -2084,6 +2093,9 @@ The following diagram shows the Policy configuration service provider in tree fo
   <dd>
     <a href="./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networksecurity-lanmanagerauthenticationlevel" id="localpoliciessecurityoptions-networksecurity-lanmanagerauthenticationlevel">LocalPoliciesSecurityOptions/NetworkSecurity_LANManagerAuthenticationLevel</a>
   </dd>
+  <dd>
+    <a href="./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedclients" id="localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedclients">LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedClients</a>
+  </dd>
   <dd>
     <a href="./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedservers" id="localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedservers">LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedServers</a>
   </dd>
@@ -4407,17 +4419,21 @@ The following diagram shows the Policy configuration service provider in tree fo
 -   [LocalPoliciesSecurityOptions/InteractiveLogon_MessageTextForUsersAttemptingToLogOn](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-interactivelogon-messagetextforusersattemptingtologon)
 -   [LocalPoliciesSecurityOptions/InteractiveLogon_MessageTitleForUsersAttemptingToLogOn](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-interactivelogon-messagetitleforusersattemptingtologon)
 -   [LocalPoliciesSecurityOptions/InteractiveLogon_SmartCardRemovalBehavior](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-interactivelogon-smartcardremovalbehavior)
+-   [LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsAlways](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-microsoftnetworkclient-digitallysigncommunicationsalways)
 -   [LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsIfServerAgrees](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-microsoftnetworkclient-digitallysigncommunicationsifserveragrees)
 -   [LocalPoliciesSecurityOptions/MicrosoftNetworkClient_SendUnencryptedPasswordToThirdPartySMBServers](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-microsoftnetworkclient-sendunencryptedpasswordtothirdpartysmbservers)
+-   [LocalPoliciesSecurityOptions/MicrosoftNetworkServer_AmountOfIdleTimeRequiredBeforeSuspendingSession](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-microsoftnetworkserver-amountofidletimerequiredbeforesuspendingsession)
 -   [LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsAlways](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-microsoftnetworkserver-digitallysigncommunicationsalways)
 -   [LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsIfClientAgrees](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-microsoftnetworkserver-digitallysigncommunicationsifclientagrees)
 -   [LocalPoliciesSecurityOptions/NetworkAccess_DoNotAllowAnonymousEnumerationOfSAMAccounts](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networkaccess-donotallowanonymousenumerationofsamaccounts)
 -   [LocalPoliciesSecurityOptions/NetworkAccess_DoNotAllowAnonymousEnumerationOfSamAccountsAndShares](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networkaccess-donotallowanonymousenumerationofsamaccountsandshares)
 -   [LocalPoliciesSecurityOptions/NetworkAccess_RestrictAnonymousAccessToNamedPipesAndShares](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networkaccess-restrictanonymousaccesstonamedpipesandshares)
 -   [LocalPoliciesSecurityOptions/NetworkAccess_RestrictClientsAllowedToMakeRemoteCallsToSAM](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networkaccess-restrictclientsallowedtomakeremotecallstosam)
+-   [LocalPoliciesSecurityOptions/NetworkSecurity_AllowLocalSystemToUseComputerIdentityForNTLM](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networksecurity-allowlocalsystemtousecomputeridentityforntlm)
 -   [LocalPoliciesSecurityOptions/NetworkSecurity_AllowPKU2UAuthenticationRequests](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networksecurity-allowpku2uauthenticationrequests)
 -   [LocalPoliciesSecurityOptions/NetworkSecurity_DoNotStoreLANManagerHashValueOnNextPasswordChange](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networksecurity-donotstorelanmanagerhashvalueonnextpasswordchange)
 -   [LocalPoliciesSecurityOptions/NetworkSecurity_LANManagerAuthenticationLevel](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networksecurity-lanmanagerauthenticationlevel)
+-   [LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedClients](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedclients)
 -   [LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedServers](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedservers)
 -   [LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_AddRemoteServerExceptionsForNTLMAuthentication](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networksecurity-restrictntlm-addremoteserverexceptionsforntlmauthentication)
 -   [LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_AuditIncomingNTLMTraffic](./policy-csp-localpoliciessecurityoptions.md#localpoliciessecurityoptions-networksecurity-restrictntlm-auditincomingntlmtraffic)
diff --git a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
index 49a48f512a..ce338ff2ae 100644
--- a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
+++ b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
@@ -6,11 +6,14 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: MariciaAlforque
-ms.date: 04/06/2018
+ms.date: 06/05/2018
 ---
 
 # Policy CSP - LocalPoliciesSecurityOptions
 
+> [!WARNING]
+> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+
 
 <hr/>
 
@@ -81,12 +84,18 @@ ms.date: 04/06/2018
   <dd>
     <a href="#localpoliciessecurityoptions-interactivelogon-smartcardremovalbehavior">LocalPoliciesSecurityOptions/InteractiveLogon_SmartCardRemovalBehavior</a>
   </dd>
+  <dd>
+    <a href="#localpoliciessecurityoptions-microsoftnetworkclient-digitallysigncommunicationsalways">LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsAlways</a>
+  </dd>
   <dd>
     <a href="#localpoliciessecurityoptions-microsoftnetworkclient-digitallysigncommunicationsifserveragrees">LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsIfServerAgrees</a>
   </dd>
   <dd>
     <a href="#localpoliciessecurityoptions-microsoftnetworkclient-sendunencryptedpasswordtothirdpartysmbservers">LocalPoliciesSecurityOptions/MicrosoftNetworkClient_SendUnencryptedPasswordToThirdPartySMBServers</a>
   </dd>
+  <dd>
+    <a href="#localpoliciessecurityoptions-microsoftnetworkserver-amountofidletimerequiredbeforesuspendingsession">LocalPoliciesSecurityOptions/MicrosoftNetworkServer_AmountOfIdleTimeRequiredBeforeSuspendingSession</a>
+  </dd>
   <dd>
     <a href="#localpoliciessecurityoptions-microsoftnetworkserver-digitallysigncommunicationsalways">LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsAlways</a>
   </dd>
@@ -108,6 +117,9 @@ ms.date: 04/06/2018
   <dd>
     <a href="#localpoliciessecurityoptions-networkaccess-restrictclientsallowedtomakeremotecallstosam">LocalPoliciesSecurityOptions/NetworkAccess_RestrictClientsAllowedToMakeRemoteCallsToSAM</a>
   </dd>
+  <dd>
+    <a href="#localpoliciessecurityoptions-networksecurity-allowlocalsystemtousecomputeridentityforntlm">LocalPoliciesSecurityOptions/NetworkSecurity_AllowLocalSystemToUseComputerIdentityForNTLM</a>
+  </dd>
   <dd>
     <a href="#localpoliciessecurityoptions-networksecurity-allowpku2uauthenticationrequests">LocalPoliciesSecurityOptions/NetworkSecurity_AllowPKU2UAuthenticationRequests</a>
   </dd>
@@ -117,6 +129,9 @@ ms.date: 04/06/2018
   <dd>
     <a href="#localpoliciessecurityoptions-networksecurity-lanmanagerauthenticationlevel">LocalPoliciesSecurityOptions/NetworkSecurity_LANManagerAuthenticationLevel</a>
   </dd>
+  <dd>
+    <a href="#localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedclients">LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedClients</a>
+  </dd>
   <dd>
     <a href="#localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedservers">LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedServers</a>
   </dd>
@@ -838,15 +853,6 @@ GP Info:
 -   GP path: *Windows Settings/Security Settings/Local Policies/Security Options*
 
 <!--/RegistryMapped-->
-<!--SupportedValues-->
-
-<!--/SupportedValues-->
-<!--Example-->
-
-<!--/Example-->
-<!--Validation-->
-
-<!--/Validation-->
 <!--/Policy-->
 
 <hr/>
@@ -914,15 +920,6 @@ GP Info:
 -   GP path: *Windows Settings/Security Settings/Local Policies/Security Options*
 
 <!--/RegistryMapped-->
-<!--SupportedValues-->
-
-<!--/SupportedValues-->
-<!--Example-->
-
-<!--/Example-->
-<!--Validation-->
-
-<!--/Validation-->
 <!--/Policy-->
 
 <hr/>
@@ -985,15 +982,6 @@ GP Info:
 -   GP path: *Windows Settings/Security Settings/Local Policies/Security Options*
 
 <!--/RegistryMapped-->
-<!--SupportedValues-->
-
-<!--/SupportedValues-->
-<!--Example-->
-
-<!--/Example-->
-<!--Validation-->
-
-<!--/Validation-->
 <!--/Policy-->
 
 <hr/>
@@ -1495,6 +1483,83 @@ GP Info:
 
 <hr/>
 
+<!--Policy-->
+<a href="" id="localpoliciessecurityoptions-microsoftnetworkclient-digitallysigncommunicationsalways"></a>**LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsAlways**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+	<th>Home</th>
+	<th>Pro</th>
+	<th>Business</th>
+	<th>Enterprise</th>
+	<th>Education</th>
+	<th>Mobile</th>
+	<th>Mobile Enterprise</th>
+</tr>
+<tr>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td></td>
+	<td></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Microsoft network client: Digitally sign communications (always)
+
+This security setting determines whether packet signing is required by the SMB client component.
+
+The server message block (SMB) protocol provides the basis for Microsoft file and print sharing and many other networking operations, such as remote Windows administration. To prevent man-in-the-middle attacks that modify SMB packets in transit, the SMB protocol supports the digital signing of SMB packets. This policy setting determines whether SMB packet signing must be negotiated before further communication with an SMB server is permitted.
+
+If this setting is enabled, the Microsoft network client will not communicate with a Microsoft network server unless that server agrees to perform SMB packet signing. If this policy is disabled, SMB packet signing is negotiated between the client and server.
+
+Default: Disabled.
+
+
+Notes
+
+All Windows operating systems support both a client-side SMB component and a server-side SMB component. On Windows 2000 and later operating systems, enabling or requiring packet signing for client and server-side SMB components is controlled by the following four policy settings:
+Microsoft network client: Digitally sign communications (always) - Controls whether or not the client-side SMB component requires packet signing.
+Microsoft network client: Digitally sign communications (if server agrees) - Controls whether or not the client-side SMB component has packet signing enabled.
+Microsoft network server: Digitally sign communications (always) - Controls whether or not the server-side SMB component requires packet signing.
+Microsoft network server: Digitally sign communications (if client agrees) - Controls whether or not the server-side SMB component has packet signing enabled.
+SMB packet signing can significantly degrade SMB performance, depending on dialect version, OS version, file sizes, processor offloading capabilities, and application IO behaviors.
+For more information, reference: https://go.microsoft.com/fwlink/?LinkID=787136.
+
+<!--/Description-->
+<!--RegistryMapped-->
+GP Info:  
+-   GP English name: *Microsoft network client: Digitally sign communications (always)*
+-   GP path: *Windows Settings/Security Settings/Local Policies/Security Options*
+
+<!--/RegistryMapped-->
+<!--SupportedValues-->
+
+<!--/SupportedValues-->
+<!--Example-->
+
+<!--/Example-->
+<!--Validation-->
+
+<!--/Validation-->
+<!--/Policy-->
+
+<hr/>
+
 <!--Policy-->
 <a href="" id="localpoliciessecurityoptions-microsoftnetworkclient-digitallysigncommunicationsifserveragrees"></a>**LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsIfServerAgrees**  
 
@@ -1618,6 +1683,72 @@ GP Info:
 
 <hr/>
 
+<!--Policy-->
+<a href="" id="localpoliciessecurityoptions-microsoftnetworkserver-amountofidletimerequiredbeforesuspendingsession"></a>**LocalPoliciesSecurityOptions/MicrosoftNetworkServer_AmountOfIdleTimeRequiredBeforeSuspendingSession**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+	<th>Home</th>
+	<th>Pro</th>
+	<th>Business</th>
+	<th>Enterprise</th>
+	<th>Education</th>
+	<th>Mobile</th>
+	<th>Mobile Enterprise</th>
+</tr>
+<tr>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td></td>
+	<td></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Microsoft network server: Amount of idle time required before suspending a session
+
+This security setting determines the amount of continuous idle time that must pass in a Server Message Block (SMB) session before the session is suspended due to inactivity.
+
+Administrators can use this policy to control when a computer suspends an inactive SMB session. If client activity resumes, the session is automatically reestablished.
+
+For this policy setting, a value of 0 means to disconnect an idle session as quickly as is reasonably possible. The maximum value is 99999, which is 208 days; in effect, this value disables the policy.
+
+Default:This policy is not defined, which means that the system treats it as 15 minutes for servers and undefined for workstations.
+
+<!--/Description-->
+<!--RegistryMapped-->
+GP Info:  
+-   GP English name: *Microsoft network server: Amount of idle time required before suspending session*
+-   GP path: *Windows Settings/Security Settings/Local Policies/Security Options*
+
+<!--/RegistryMapped-->
+<!--SupportedValues-->
+
+<!--/SupportedValues-->
+<!--Example-->
+
+<!--/Example-->
+<!--Validation-->
+
+<!--/Validation-->
+<!--/Policy-->
+
+<hr/>
+
 <!--Policy-->
 <a href="" id="localpoliciessecurityoptions-microsoftnetworkserver-digitallysigncommunicationsalways"></a>**LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsAlways**  
 
@@ -2051,6 +2182,78 @@ GP Info:
 
 <hr/>
 
+<!--Policy-->
+<a href="" id="localpoliciessecurityoptions-networksecurity-allowlocalsystemtousecomputeridentityforntlm"></a>**LocalPoliciesSecurityOptions/NetworkSecurity_AllowLocalSystemToUseComputerIdentityForNTLM**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+	<th>Home</th>
+	<th>Pro</th>
+	<th>Business</th>
+	<th>Enterprise</th>
+	<th>Education</th>
+	<th>Mobile</th>
+	<th>Mobile Enterprise</th>
+</tr>
+<tr>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td></td>
+	<td></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Network security: Allow Local System to use computer identity for NTLM
+
+This policy setting allows Local System services that use Negotiate to use the computer identity when reverting to NTLM authentication.
+
+If you enable this policy setting, services running as Local System that use Negotiate will use the computer identity. This might cause some authentication requests between Windows operating systems to fail and log an error.
+
+If you disable this policy setting, services running as Local System that use Negotiate when reverting to NTLM authentication will authenticate anonymously.
+
+By default, this policy is enabled on Windows 7 and above.
+
+By default, this policy is disabled on Windows Vista.
+
+This policy is supported on at least Windows Vista or Windows Server 2008.
+
+Note: Windows Vista or Windows Server 2008 do not expose this setting in Group Policy.
+
+<!--/Description-->
+<!--RegistryMapped-->
+GP Info:  
+-   GP English name: *Network security: Allow Local System to use computer identity for NTLM*
+-   GP path: *Windows Settings/Security Settings/Local Policies/Security Options*
+
+<!--/RegistryMapped-->
+<!--SupportedValues-->
+
+<!--/SupportedValues-->
+<!--Example-->
+
+<!--/Example-->
+<!--Validation-->
+
+<!--/Validation-->
+<!--/Policy-->
+
+<hr/>
+
 <!--Policy-->
 <a href="" id="localpoliciessecurityoptions-networksecurity-allowpku2uauthenticationrequests"></a>**LocalPoliciesSecurityOptions/NetworkSecurity_AllowPKU2UAuthenticationRequests**  
 
@@ -2246,6 +2449,75 @@ GP Info:
 
 <hr/>
 
+<!--Policy-->
+<a href="" id="localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedclients"></a>**LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedClients**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+	<th>Home</th>
+	<th>Pro</th>
+	<th>Business</th>
+	<th>Enterprise</th>
+	<th>Education</th>
+	<th>Mobile</th>
+	<th>Mobile Enterprise</th>
+</tr>
+<tr>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+	<td></td>
+	<td></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Network security: Minimum session security for NTLM SSP based (including secure RPC) clients
+
+This security setting allows a client to require the negotiation of 128-bit encryption and/or NTLMv2 session security. These values are dependent on the LAN Manager Authentication Level security setting value. The options are:
+
+Require NTLMv2 session security: The connection will fail if NTLMv2 protocol is not negotiated.
+Require 128-bit encryption: The connection will fail if strong encryption (128-bit) is not negotiated.
+
+Default:
+
+Windows XP, Windows Vista, Windows 2000 Server, Windows Server 2003, and Windows Server 2008: No requirements.
+
+Windows 7 and Windows Server 2008 R2: Require 128-bit encryption
+
+<!--/Description-->
+<!--RegistryMapped-->
+GP Info:  
+-   GP English name: *Network security: Minimum session security for NTLM SSP based (including secure RPC) clients*
+-   GP path: *Windows Settings/Security Settings/Local Policies/Security Options*
+
+<!--/RegistryMapped-->
+<!--SupportedValues-->
+
+<!--/SupportedValues-->
+<!--Example-->
+
+<!--/Example-->
+<!--Validation-->
+
+<!--/Validation-->
+<!--/Policy-->
+
+<hr/>
+
 <!--Policy-->
 <a href="" id="localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedservers"></a>**LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedServers**  
 
@@ -2359,15 +2631,6 @@ GP Info:
 -   GP path: *Windows Settings/Security Settings/Local Policies/Security Options*
 
 <!--/RegistryMapped-->
-<!--SupportedValues-->
-
-<!--/SupportedValues-->
-<!--Example-->
-
-<!--/Example-->
-<!--Validation-->
-
-<!--/Validation-->
 <!--/Policy-->
 
 <hr/>
@@ -2429,15 +2692,6 @@ GP Info:
 -   GP path: *Windows Settings/Security Settings/Local Policies/Security Options*
 
 <!--/RegistryMapped-->
-<!--SupportedValues-->
-
-<!--/SupportedValues-->
-<!--Example-->
-
-<!--/Example-->
-<!--Validation-->
-
-<!--/Validation-->
 <!--/Policy-->
 
 <hr/>
@@ -2499,15 +2753,6 @@ GP Info:
 -   GP path: *Windows Settings/Security Settings/Local Policies/Security Options*
 
 <!--/RegistryMapped-->
-<!--SupportedValues-->
-
-<!--/SupportedValues-->
-<!--Example-->
-
-<!--/Example-->
-<!--Validation-->
-
-<!--/Validation-->
 <!--/Policy-->
 
 <hr/>
@@ -2569,15 +2814,6 @@ GP Info:
 -   GP path: *Windows Settings/Security Settings/Local Policies/Security Options*
 
 <!--/RegistryMapped-->
-<!--SupportedValues-->
-
-<!--/SupportedValues-->
-<!--Example-->
-
-<!--/Example-->
-<!--Validation-->
-
-<!--/Validation-->
 <!--/Policy-->
 
 <hr/>
@@ -3406,6 +3642,7 @@ Footnote:
 -   2 - Added in Windows 10, version 1703.
 -   3 - Added in Windows 10, version 1709.
 -   4 - Added in Windows 10, version 1803.
+-   5 - Added in the next major release of Windows 10.
 
 <!--/Policies-->
 

From df4de51f2c1c9ff924c6b3b2938d26838430f9e4 Mon Sep 17 00:00:00 2001
From: Jeanie Decker <jdecker@microsoft.com>
Date: Mon, 11 Jun 2018 13:08:15 +0000
Subject: [PATCH 47/74] Merged PR 8966: Remove outdated wifi requirement

---
 devices/hololens/hololens-setup.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/devices/hololens/hololens-setup.md b/devices/hololens/hololens-setup.md
index 8850ba0f96..0f62fc2e6e 100644
--- a/devices/hololens/hololens-setup.md
+++ b/devices/hololens/hololens-setup.md
@@ -19,7 +19,6 @@ Before you get started setting up your HoloLens, make sure you have a Wi-Fi netw
 The first time you use your HoloLens, you'll be guided through connecting to a Wi-Fi network. You need to connect HoloLens to a Wi-Fi network with Internet connectivity so that the user account can be authenticated.
 
 - It can be an open Wi-Fi or password-protected Wi-Fi network.
-- The Wi-Fi network cannot require you to navigate to a webpage to connect.
 - The Wi-Fi network cannot require certificates to connect.
 - The Wi-Fi network does not need to provide access to enterprise resources or intranet sites. 
 

From 37e2e1acf6109387995f304f8b7521386ea843ec Mon Sep 17 00:00:00 2001
From: Jeanie Decker <jdecker@microsoft.com>
Date: Mon, 11 Jun 2018 18:42:11 +0000
Subject: [PATCH 48/74] Merged PR 8974: add link for how to update HoloLens
 directly; update Intune kiosk profile

---
 devices/hololens/hololens-microsoft-layout-app.md            | 2 +-
 devices/hololens/hololens-updates.md                         | 2 +-
 .../configuration/lock-down-windows-10-to-specific-apps.md   | 5 +++--
 windows/configuration/setup-kiosk-digital-signage.md         | 4 +++-
 4 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/devices/hololens/hololens-microsoft-layout-app.md b/devices/hololens/hololens-microsoft-layout-app.md
index d2357ed2ee..4f5540e858 100644
--- a/devices/hololens/hololens-microsoft-layout-app.md
+++ b/devices/hololens/hololens-microsoft-layout-app.md
@@ -25,7 +25,7 @@ Microsoft Layout works with a HoloLens, or with a Windows Mixed Reality headset
 
 | OS requirements                   | Details                                                    |
 |:----------------------------------|:-----------------------------------------------------------|
-| Build 10.0.17134.77 or above | See [Manage updates to HoloLens](hololens-updates.md) for instructions on upgrading to this build. |
+| Build 10.0.17134.77 or above | See [Update HoloLens](https://support.microsoft.com/help/12643/hololens-update-hololens) for instructions on upgrading to this build. |
 
 #### Windows Mixed Reality headset requirements
 
diff --git a/devices/hololens/hololens-updates.md b/devices/hololens/hololens-updates.md
index 0b91b6f361..e10552862b 100644
--- a/devices/hololens/hololens-updates.md
+++ b/devices/hololens/hololens-updates.md
@@ -12,7 +12,7 @@ ms.date: 04/30/2018
 
 # Manage updates to HoloLens
 
-
+>**Looking for how to get the latest update? See [Update HoloLens](https://support.microsoft.com/help/12643/hololens-update-hololens).**
 
 Windows 10, version 1803, is the first feature update to Windows Holographic for Business since its release in Windows 10, version 1607. As with desktop devices, administrators can manage updates to the HoloLens operating system using [Windows Update for Business](https://docs.microsoft.com/windows/deployment/update/waas-manage-updates-wufb).
 
diff --git a/windows/configuration/lock-down-windows-10-to-specific-apps.md b/windows/configuration/lock-down-windows-10-to-specific-apps.md
index 7610e6fe75..34225059f4 100644
--- a/windows/configuration/lock-down-windows-10-to-specific-apps.md
+++ b/windows/configuration/lock-down-windows-10-to-specific-apps.md
@@ -52,7 +52,7 @@ You can configure multi-app kiosks using [Microsoft Intune](#intune) or a [provi
 12. Enter a friendly name for the configuration.
 10. In **Kiosk Mode**, select **Multi app kiosk**.
 13. Select an app type.
-  - For **Add Win32 app**, enter the **App Name** and **Identifier**.
+  - For **Add Win32 app**, enter a friendly name for the app in **App Name**, and enter the path to the app executable in **Identifier**.
   - For **Add managed apps**, select an app that you manage through Intune.
   - For **Add app by AUMID**, enter the Application User Model ID (AUMID) for an installed UWP app.
 14. Select whether to enable the taskbar.
@@ -61,7 +61,8 @@ You can configure multi-app kiosks using [Microsoft Intune](#intune) or a [provi
 17. Select **OK**. You can add additional configurations or finish.
 18. Assign the profile to a device group to configure the devices in that group as kiosks.
 
-
+>[!NOTE]
+>Managed apps are apps that are in the Microsoft Store for Business that is synced with your Intune subscription.
 
 
 
diff --git a/windows/configuration/setup-kiosk-digital-signage.md b/windows/configuration/setup-kiosk-digital-signage.md
index 36581a3438..a2442ee9fb 100644
--- a/windows/configuration/setup-kiosk-digital-signage.md
+++ b/windows/configuration/setup-kiosk-digital-signage.md
@@ -270,7 +270,9 @@ The following steps explain how to configure a kiosk in Microsoft Intune. For ot
 7. Select **Windows 10 and later** for the platform.
 8. Select **Kiosk (Preview)** for the profile type.
 9. Enter a friendly name for the kiosk configuration.
-10. In **Kiosk Mode**, select **Single full-screen app kiosk**.
+10. Select **Kiosk - 1 setting available**.
+10. Select **Add** to add a kiosk configuration.
+10. Enter a friendly name for the kiosk configuration, and then in **Kiosk Mode**, select **Single full-screen app kiosk**.
 10. Select either **Select a managed app** to choose a kiosk app that is managed by Intune, or **Enter UWP app AUMID** to specify the kiosk app by AUMID, and then select the app or enter the AUMID as appropriate.
 1. For the user account, select either **Autologon** to create a user account for the kiosk that will sign in automatically, or **Local user account** to configure an existing user account to run the kiosk. **Local user account** can be a local standard user account on the device or an Azure Active Directory account.
 14. Select **OK**, and then select **Create**.

From 8acf5994725441506f024dc89773edb32bd39547 Mon Sep 17 00:00:00 2001
From: danhwang1 <40180973+danhwang1@users.noreply.github.com>
Date: Mon, 11 Jun 2018 11:45:40 -0700
Subject: [PATCH 49/74] Update supl-ddf-file.md

We have recently made a change in our Location Platform pertaining to SUPL to increase the max number of root certificates from 3 to 6 (as mandated). As a result, we will need to update the necessary public documentation here:  https://docs.microsoft.com/en-us/windows/client-management/mdm/supl-ddf-file
---
 .../client-management/mdm/supl-ddf-file.md    | 198 +++++++++++++++++-
 1 file changed, 197 insertions(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/supl-ddf-file.md b/windows/client-management/mdm/supl-ddf-file.md
index e6ed98d713..4ee4e4ad1d 100644
--- a/windows/client-management/mdm/supl-ddf-file.md
+++ b/windows/client-management/mdm/supl-ddf-file.md
@@ -171,7 +171,7 @@ The XML below is the current version for this CSP.
                 </DFProperties>
               </Node>
               <Node>
-                <NodeName>MCCMNPairs</NodeName>
+                <NodeName>MCCMNCPairs</NodeName>
                 <DFProperties>
                   <AccessType>
                     <Get />
@@ -482,6 +482,201 @@ The XML below is the current version for this CSP.
             </Node>
           </Node>
         </Node>
+        <Node>
+          <NodeName>RootCertificate4</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <Description>Required. Specifies the root certificate for the H-SLP server. Windows Phone does not support a non-secure mode. If this node is not included, the configuration service provider will fail but may not return a specific error.</Description>
+            <DFFormat>
+              <node />
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <DDFName></DDFName>
+            </DFType>
+          </DFProperties>
+          <Node>
+            <NodeName>Name</NodeName>
+            <DFProperties>
+              <AccessType>
+                <Get />
+                <Replace />
+              </AccessType>
+              <Description>Specifies the name of the H-SLP root certificate as a string, in the format name.cer.</Description>
+              <DFFormat>
+                <chr />
+              </DFFormat>
+              <Occurrence>
+                <One />
+              </Occurrence>
+              <Scope>
+                <Permanent />
+              </Scope>
+              <DFType>
+                <MIME>text/plain</MIME>
+              </DFType>
+            </DFProperties>
+          </Node>
+          <Node>
+            <NodeName>Data</NodeName>
+            <DFProperties>
+              <AccessType>
+                <Get />
+                <Replace />
+              </AccessType>
+              <Description>The base 64 encoded blob of the H-SLP root certificate.</Description>
+              <DFFormat>
+                <b64 />
+              </DFFormat>
+              <Occurrence>
+                <One />
+              </Occurrence>
+              <Scope>
+                <Permanent />
+              </Scope>
+              <DFType>
+                <DDFName></DDFName>
+              </DFType>
+            </DFProperties>
+          </Node>
+        </Node>
+        <Node>
+          <NodeName>RootCertificate5</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <Description>Required. Specifies the root certificate for the H-SLP server. Windows Phone does not support a non-secure mode. If this node is not included, the configuration service provider will fail but may not return a specific error.</Description>
+            <DFFormat>
+              <node />
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <DDFName></DDFName>
+            </DFType>
+          </DFProperties>
+          <Node>
+            <NodeName>Name</NodeName>
+            <DFProperties>
+              <AccessType>
+                <Get />
+                <Replace />
+              </AccessType>
+              <Description>Specifies the name of the H-SLP root certificate as a string, in the format name.cer.</Description>
+              <DFFormat>
+                <chr />
+              </DFFormat>
+              <Occurrence>
+                <One />
+              </Occurrence>
+              <Scope>
+                <Permanent />
+              </Scope>
+              <DFType>
+                <MIME>text/plain</MIME>
+              </DFType>
+            </DFProperties>
+          </Node>
+          <Node>
+            <NodeName>Data</NodeName>
+            <DFProperties>
+              <AccessType>
+                <Get />
+                <Replace />
+              </AccessType>
+              <Description>The base 64 encoded blob of the H-SLP root certificate.</Description>
+              <DFFormat>
+                <b64 />
+              </DFFormat>
+              <Occurrence>
+                <One />
+              </Occurrence>
+              <Scope>
+                <Permanent />
+              </Scope>
+              <DFType>
+                <DDFName></DDFName>
+              </DFType>
+            </DFProperties>
+          </Node>
+        </Node>
+        <Node>
+          <NodeName>RootCertificate6</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <Description>Required. Specifies the root certificate for the H-SLP server. Windows Phone does not support a non-secure mode. If this node is not included, the configuration service provider will fail but may not return a specific error.</Description>
+            <DFFormat>
+              <node />
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <DDFName></DDFName>
+            </DFType>
+          </DFProperties>
+          <Node>
+            <NodeName>Name</NodeName>
+            <DFProperties>
+              <AccessType>
+                <Get />
+                <Replace />
+              </AccessType>
+              <Description>Specifies the name of the H-SLP root certificate as a string, in the format name.cer.</Description>
+              <DFFormat>
+                <chr />
+              </DFFormat>
+              <Occurrence>
+                <One />
+              </Occurrence>
+              <Scope>
+                <Permanent />
+              </Scope>
+              <DFType>
+                <MIME>text/plain</MIME>
+              </DFType>
+            </DFProperties>
+          </Node>
+          <Node>
+            <NodeName>Data</NodeName>
+            <DFProperties>
+              <AccessType>
+                <Get />
+                <Replace />
+              </AccessType>
+              <Description>The base 64 encoded blob of the H-SLP root certificate.</Description>
+              <DFFormat>
+                <b64 />
+              </DFFormat>
+              <Occurrence>
+                <One />
+              </Occurrence>
+              <Scope>
+                <Permanent />
+              </Scope>
+              <DFType>
+                <DDFName></DDFName>
+              </DFType>
+            </DFProperties>
+          </Node>
+        </Node>
         <Node>
           <NodeName>V2UPL1 </NodeName>
           <DFProperties>
@@ -662,6 +857,7 @@ The XML below is the current version for this CSP.
         </Node>
       </Node>
 </MgmtTree>
+
 ```
 
  

From c763226d7779d7c9452a8b6611e0a731e6a067e6 Mon Sep 17 00:00:00 2001
From: Peter Lewis <peter@peterlew.is>
Date: Tue, 12 Jun 2018 12:01:16 +0100
Subject: [PATCH 50/74] Fix spelling mistake

Corrected 'ois' to 'is'
---
 devices/surface-hub/manage-windows-updates-for-surface-hub.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/devices/surface-hub/manage-windows-updates-for-surface-hub.md b/devices/surface-hub/manage-windows-updates-for-surface-hub.md
index c769840d86..a01bbdbab3 100644
--- a/devices/surface-hub/manage-windows-updates-for-surface-hub.md
+++ b/devices/surface-hub/manage-windows-updates-for-surface-hub.md
@@ -44,7 +44,7 @@ Microsoft publishes two types of Surface Hub releases broadly on an ongoing basi
 
 In order to improve release quality and simplify deployments, all new releases that Microsoft publishes for Windows 10, including Surface Hub, will be cumulative. This means new feature updates and quality updates will contain the payloads of all previous releases (in an optimized form to reduce storage and networking requirements), and installing the release on a device will bring it completely up to date. Also, unlike earlier versions of Windows, you cannot install a subset of the contents of a Windows 10 quality update. For example, if a quality update contains fixes for three security vulnerabilities and one reliability issue, deploying the update will result in the installation of all four fixes.
 
-The Surface Hub operating system receives updates on the [Semi-Annual Channel](https://docs.microsoft.com/windows/deployment/update/waas-overview#naming-changes). Like other editions of Windows 10, the servicing lifetime ois finite. You must install new feature updates on machines running these branches in order to continue receiving quality updates.
+The Surface Hub operating system receives updates on the [Semi-Annual Channel](https://docs.microsoft.com/windows/deployment/update/waas-overview#naming-changes). Like other editions of Windows 10, the servicing lifetime is finite. You must install new feature updates on machines running these branches in order to continue receiving quality updates.
 
 For more information on Windows as a Service, see [Overview of Windows as a service](https://technet.microsoft.com/itpro/windows/manage/waas-overview).
 

From f762fd133f9936e4f6aafadca5b82cc089fdf059 Mon Sep 17 00:00:00 2001
From: Patti Short <patti.short@microsoft.com>
Date: Tue, 12 Jun 2018 06:14:26 -0700
Subject: [PATCH 51/74] changed the GP path to the policy

---
 browsers/edge/emie-to-improve-compatibility.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/browsers/edge/emie-to-improve-compatibility.md b/browsers/edge/emie-to-improve-compatibility.md
index fc8a612b80..b6c34c4968 100644
--- a/browsers/edge/emie-to-improve-compatibility.md
+++ b/browsers/edge/emie-to-improve-compatibility.md
@@ -43,14 +43,14 @@ Microsoft Edge doesn't support ActiveX controls, Browser Helper Objects, VBScrip
 
 ### Set up Microsoft Edge to use the Enterprise Mode site list
 
-You must turn on the **Use Enterprise Mode Site List** Group Policy setting before Microsoft Edge can use the Enterprise Mode site list. This Group Policy applies to both Microsoft Edge and IE11, letting Microsoft Edge switch to IE11 as needed, based on the Enterprise Mode site list. For more info about IE11 and Enterprise Mode, see [Enterprise Mode for Internet Explorer 11 (IE11)](https://go.microsoft.com/fwlink/p/?linkid=618377).
+You must turn on the **Configure the Enterprise Mode Site List** Group Policy setting before Microsoft Edge can use the Enterprise Mode site list. This Group Policy applies to both Microsoft Edge and IE11, letting Microsoft Edge switch to IE11 as needed, based on the Enterprise Mode site list. For more info about IE11 and Enterprise Mode, see [Enterprise Mode for Internet Explorer 11 (IE11)](https://go.microsoft.com/fwlink/p/?linkid=618377).
 
 > **Note**<br>
 > If there’s an .xml file in the cache container, IE waits 65 seconds and then checks the local cache for a newer version of the file from the server, based on standard caching rules. If the server file has a different version number than the version in the cache container, the server file is used and stored in the cache container.<p>If you’re already using a site list, enterprise mode continues to work during the 65 second wait; it just uses your existing site list instead of your new one.
 
 **To turn on Enterprise Mode using Group Policy**
 
-1.  Open your Group Policy editor and go to the **Administrative Templates\\Windows Components\\Microsoft Edge\\Allows you to configure the Enterprise Mode Site list** setting.<p>Turning this setting on also requires you to create and store a site list.<p>![Local Group Policy Editor for using a site list](images/edge-emie-grouppolicysitelist.png)
+1.  Open your Group Policy editor and go to the **Administrative Templates\\Windows Components\\Microsoft Edge\\Configure the Enterprise Mode Site List** policy.<p>Turning this setting on also requires you to create and store a site list.<p>![Local Group Policy Editor for using a site list](images/edge-emie-grouppolicysitelist.png)
 
 2.  Click **Enabled**, and then in the **Options** area, type the location to your site list.
 

From 96c9a3a425f765ffd432d28053dca331103a068d Mon Sep 17 00:00:00 2001
From: Jeanie Decker <jdecker@microsoft.com>
Date: Tue, 12 Jun 2018 13:45:04 +0000
Subject: [PATCH 52/74] Merged PR 8996: fix broken link for Surface Hub
 download

---
 devices/surface-hub/surface-hub-downloads.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/devices/surface-hub/surface-hub-downloads.md b/devices/surface-hub/surface-hub-downloads.md
index 257bc6b58b..8ddafa924a 100644
--- a/devices/surface-hub/surface-hub-downloads.md
+++ b/devices/surface-hub/surface-hub-downloads.md
@@ -18,7 +18,7 @@ This topic provides links to useful Surface Hub documents, such as product datas
 | --- | --- |
 | [Surface Hub Site Readiness Guide (PDF)](http://download.microsoft.com/download/3/8/8/3883E991-DFDB-4E70-8D28-20B26045FC5B/Surface-Hub-Site-Readiness-Guide_EN.pdf)  | Make sure your site is ready for Surface Hub, including structural and power requirements, and get technical specs for Surface Hub. [Watch the video (opens in a pop-up media player)](http://compass.xbox.com/assets/27/aa/27aa7dd7-7cb7-40ea-9bd6-c7de0795f68c.mov?n=04.07.16_installation_video_01_site_readiness.mov)  |
 | [Surface Hub Setup Guide (English, French, Spanish) (PDF)](http://download.microsoft.com/download/0/1/6/016363A4-8602-4F01-8281-9BE5C814DC78/Setup-Guide_EN-FR-SP.pdf) | Get a quick overview of how to set up the environment for your new Surface Hub. |
-| [Surface Hub Quick Reference Guide (PDF)](http://download.microsoft.com/download/9/E/E/9EE660F8-3FC6-4909-969E-89EA648F06DB/Surface Hub Quick Reference Guide_en-us.pdf)  | Use this quick reference guide to get information about key features and functions of the Surface Hub. |
+| [Surface Hub Quick Reference Guide (PDF)](http://download.microsoft.com/download/9/E/E/9EE660F8-3FC6-4909-969E-89EA648F06DB/Surface%20Hub%20Quick%20Reference%20Guide_en-us.pdf)  | Use this quick reference guide to get information about key features and functions of the Surface Hub. |
 | [Surface Hub User Guide (PDF)](http://download.microsoft.com/download/3/6/B/36B6331E-0C63-4E71-A05D-EE88D05081F8/surface-hub-user-guide-en-us.pdf) | Learn how to use Surface Hub in scheduled or ad-hoc meetings. Invite remote participants, use the built-in tools, save data from your meeting, and more. |
 | [Surface Hub Replacement PC Drivers](https://www.microsoft.com/download/details.aspx?id=52210) | The Surface Hub Replacement PC driver set is available for those customers who have chosen to disable the Surface Hub’s internal PC and use an external computer with their 84” or 55” Surface Hub. This download is meant to be used with the Surface Hub Admin Guide , which contains further details on configuring a Surface Hub Replacement PC.  |
 | [Surface Hub SSD Replacement Guide (PDF)](http://download.microsoft.com/download/1/F/2/1F202254-7156-459F-ABD2-39CF903A25DE/surface-hub-ssd-replacement-guide_en-us.pdf) | Learn how to replace the solid state drive (SSD) for the 55- and 84-inch Surface Hub. |

From 0b0dedb2b287abddf0ba8ddc7d423e3e39d94522 Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Tue, 12 Jun 2018 10:19:28 -0700
Subject: [PATCH 53/74] added links to how to set startup auth

---
 .../information-protection/bitlocker/bitlocker-security-faq.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/information-protection/bitlocker/bitlocker-security-faq.md b/windows/security/information-protection/bitlocker/bitlocker-security-faq.md
index db335bddd1..a1988d5ced 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-security-faq.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-security-faq.md
@@ -27,7 +27,7 @@ The recommended practice for BitLocker configuration on an operating system driv
 
 ## What are the implications of using the sleep or hibernate power management options?
 
-BitLocker on operating system drives in its basic configuration (with a TPM but without advanced authentication) provides additional security for the hibernate mode. However, BitLocker provides greater security when it is configured to use an advanced authentication mode (TPM+PIN, TPM+USB, or TPM+PIN+USB) with the hibernate mode. This method is more secure because returning from hibernation requires BitLocker authentication. As a best practice, we recommend that sleep mode be disabled and that you use TPM+PIN for the authentication method.
+BitLocker on operating system drives in its basic configuration (with a TPM but without advanced authentication) provides additional security for the hibernate mode. However, BitLocker provides greater security when it is configured to use an advanced authentication mode (TPM+PIN, TPM+USB, or TPM+PIN+USB) with the hibernate mode. This method is more secure because returning from hibernation requires authentication. As a best practice, we recommend that sleep mode be disabled and that you use TPM+PIN for the authentication method. Startup authentication can be configured by using [Group Policy](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#a-href-idbkmk-unlockpol1arequire-additional-authentication-at-startup) or Mobile Device Management with the [Bitlocker CSP](https://docs.microsoft.com/windows/client-management/mdm/bitlocker-csp). 
 
 ## What are the advantages of a TPM?
 

From 691fcc8adcef630ede24ab5336814e0586e0a4ba Mon Sep 17 00:00:00 2001
From: jaimeo <jaimeo@microsoft.com>
Date: Tue, 12 Jun 2018 10:23:42 -0700
Subject: [PATCH 54/74] first pass fixing links to dead OMS marketing page

---
 .../update/device-health-get-started.md           | 13 ++++++++-----
 .../update/update-compliance-get-started.md       |  8 ++++++--
 .../upgrade/upgrade-readiness-get-started.md      | 15 +++++++++------
 .../upgrade/upgrade-readiness-requirements.md     | 14 +++++++-------
 4 files changed, 30 insertions(+), 20 deletions(-)

diff --git a/windows/deployment/update/device-health-get-started.md b/windows/deployment/update/device-health-get-started.md
index 81a57be6d4..5b3a7b3474 100644
--- a/windows/deployment/update/device-health-get-started.md
+++ b/windows/deployment/update/device-health-get-started.md
@@ -5,7 +5,7 @@ keywords: Device Health, oms, operations management suite, prerequisites, requir
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
-ms.date: 03/20/2018
+ms.date: 06/12/2018
 ms.pagetype: deploy
 author: jaimeo
 ms.author: jaimeo
@@ -24,13 +24,16 @@ Steps are provided in sections that follow the recommended setup process:
 
 
 
-## Add Device Health to Microsoft Operations Management Suite
+## Add Device Health to Microsoft Operations Management Suite or Azure Log Analytics
 
-Device Health is offered as a solution in the Microsoft Operations Management Suite (OMS), a collection of cloud-based servicing for monitoring and automating your on-premise and cloud environments. For more information about OMS, see [Operations Management Suite overview](https://azure.microsoft.com/en-us/documentation/articles/operations-management-suite-overview/). 
+Device Health is offered as a solution in the Microsoft Operations Management Suite (OMS) and Azure Log Analytics, a collection of cloud-based servicing for monitoring and automating your on-premise and cloud environments. For more information about OMS, see [Operations Management Suite overview](https://azure.microsoft.com/en-us/documentation/articles/operations-management-suite-overview/) or the Azure [Log Analytics overview](https://azure.microsoft.com/services/log-analytics/).
 
-**If you are already using Windows Analytics**, you should use the same Azure Log Analytics workspace you're already using. find Device Health in the Solutions Gallery. Select the **Device Health** tile in the gallery and then click **Add** on the solution's details page. Device Health is now visible in your workspace. While you're in the Solutions Gallery, you should consider installing the [Upgrade Readiness](../upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md)  and [Update Compliance](update-compliance-monitor.md) solutions as well, if you haven't already.
+**If you are already using Windows Analytics**, you should use the same Azure Log Analytics workspace you're already using. Find Device Health in the Solutions Gallery. Select the **Device Health** tile in the gallery and then click **Add** on the solution's details page. Device Health is now visible in your workspace. While you're in the Solutions Gallery, you should consider installing the [Upgrade Readiness](../upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md)  and [Update Compliance](update-compliance-monitor.md) solutions as well, if you haven't already.
 
-**If you are not yet using Windows Analytics or Azure Log Analytics**, use the following steps to subscribe:
+>[!NOTE]
+>If you are already using OMS, you can also follow [this link](https://portal.mms.microsoft.com/#Workspace/ipgallery/details/details/index?IPId=DeviceHealthProd) to go directly to the Device Health solution and add it to your workspace.
+
+**If you are not yet using Windows Analytics or Azure Log Analytics**, follow these steps to subscribe:
 
 1.	Go to [Operations Management Suite](https://www.microsoft.com/en-us/cloud-platform/operations-management-suite) on Microsoft.com and click **Sign in**.
    [![Operations Management Suite bar with sign-in button](images/uc-02a.png)](images/uc-02.png)
diff --git a/windows/deployment/update/update-compliance-get-started.md b/windows/deployment/update/update-compliance-get-started.md
index 6cfecd1c73..9887546277 100644
--- a/windows/deployment/update/update-compliance-get-started.md
+++ b/windows/deployment/update/update-compliance-get-started.md
@@ -23,12 +23,16 @@ Steps are provided in sections that follow the recommended setup process:
 
 
 
-## Add Update Compliance to Microsoft Operations Management Suite
+## Add Update Compliance to Microsoft Operations Management Suite or Azure Log Analytics
 
-Update Compliance is offered as a solution in the Microsoft Operations Management Suite (OMS), a collection of cloud-based servicing for monitoring and automating your on-premise and cloud environments. For more information about OMS, see [Operations Management Suite overview](https://azure.microsoft.com/en-us/documentation/articles/operations-management-suite-overview/). 
+Update Compliance is offered as a solution in the Microsoft Operations Management Suite (OMS), a collection of cloud-based servicing for monitoring and automating your on-premise and cloud environments. For more information about OMS, see [Operations Management Suite overview](https://azure.microsoft.com/en-us/documentation/articles/operations-management-suite-overview/) or the Azure [Log Analytics overview](https://azure.microsoft.com/services/log-analytics/).
 
 If you are already using OMS, skip to step **6** to add Update Compliance to your workspace.
 
+>[!NOTE]
+>If you are already using OMS, you can also follow [this link](https://portal.mms.microsoft.com/#Workspace/ipgallery/details/details/index?IPId=WaaSUpdateInsights) to go directly to the Device Health solution and add it to your workspace.
+
+
 If you are not yet using OMS, use the following steps to subscribe to OMS Update Compliance:
 
 1.	Go to [Operations Management Suite](https://www.microsoft.com/en-us/cloud-platform/operations-management-suite) on Microsoft.com and click **Sign in**.   
diff --git a/windows/deployment/upgrade/upgrade-readiness-get-started.md b/windows/deployment/upgrade/upgrade-readiness-get-started.md
index e80d01d273..3ee8a1a528 100644
--- a/windows/deployment/upgrade/upgrade-readiness-get-started.md
+++ b/windows/deployment/upgrade/upgrade-readiness-get-started.md
@@ -8,7 +8,7 @@ ms.sitesec: library
 ms.pagetype: deploy
 author: jaimeo
 ms.author: jaimeo
-ms.date: 03/20/2018
+ms.date: 06/12/2018
 ms.localizationpriority: high
 ---
 
@@ -35,7 +35,7 @@ When you are ready to begin using Upgrade Readiness, perform the following steps
 
 To enable system, application, and driver data to be shared with Microsoft, you must configure user computers to send data. For information about what diagnostic data Microsoft collects and how that data is used and protected by Microsoft, see the following topics, refer to [Frequently asked questions and troubleshooting Windows Analytics](https://docs.microsoft.com/windows/deployment/update/windows-analytics-FAQ-troubleshooting), which discusses the issues and provides links to still more detailed information.
 
-## Add Upgrade Readiness to Operations Management Suite
+## Add Upgrade Readiness to Operations Management Suite or Azure Log Analytics
 
 Upgrade Readiness is offered as a solution in the Microsoft Operations Management Suite (OMS), a collection of cloud based services for managing your on-premises and cloud environments. For more information about OMS, see [Operations Management Suite overview](http://azure.microsoft.com/documentation/articles/operations-management-suite-overview/).
 
@@ -44,11 +44,14 @@ Upgrade Readiness is offered as a solution in the Microsoft Operations Managemen
 
 If you are already using OMS, you’ll find Upgrade Readiness in the Solutions Gallery. Select the **Upgrade Readiness** tile in the gallery and then click **Add** on the solution's details page. Upgrade Readiness is now visible in your workspace. While you have this dialog open, you should also consider adding the [Device Health](../update/device-health-monitor.md) and [Update Compliance](../update/update-compliance-monitor.md) solutions as well, if you haven't already. To do so, just select the check boxes for those solutions.
 
-If you are not using OMS:
+>[!NOTE]
+>If you are already using OMS, you can also follow [this link](https://portal.mms.microsoft.com/#Workspace/ipgallery/details/details/index?IPId=CompatibilityAssessment) to go directly to the Upgrade Readiness solution and add it to your workspace.
 
-1.  Go to the [Upgrade Readiness page on Microsoft.com](https://go.microsoft.com/fwlink/?LinkID=799190&clcid=0x409) and select **New Customers >** to start the process.
-2.  Sign in to Operations Management Suite (OMS). You can use either a Microsoft Account or a Work or School account to create a workspace. If your company is already using Azure Active Directory (Azure AD), use a Work or School account when you sign in to OMS. Using a Work or School account allows you to use identities from your Azure AD to manage permissions in OMS.
-3.  Create a new OMS workspace. Enter a name for the workspace, select the workspace region, and provide the email address that you want associated with this workspace. Select **Create**.
+If you are not using OMS or Azure Log Analytics:
+
+1.  Go to [Log Analytics](https://azure.microsoft.com/services/log-analytics/) on Microsoft.com and select **Start free** to start the setup process. During the process, you’ll create a workspace and add the Upgrade Readiness solution to it.
+2.  Sign in to Operations Management Suite (OMS or Azure Log Analytics You can use either a Microsoft Account or a Work or School account to create a workspace. If your company is already using Azure Active Directory (Azure AD), use a Work or School account when you sign in to OMS. Using a Work or School account allows you to use identities from your Azure AD to manage permissions in OMS.
+3.  Create a new workspace. Enter a name for the workspace, select the workspace region, and provide the email address that you want associated with this workspace. Select **Create**.
 4.  If your organization already has an Azure subscription, you can link it to your workspace. Note that you may need to request access from your organization’s Azure administrator.
 
     > If your organization does not have an Azure subscription, create a new one or select the default OMS Azure subscription from the list. Your workspace opens.
diff --git a/windows/deployment/upgrade/upgrade-readiness-requirements.md b/windows/deployment/upgrade/upgrade-readiness-requirements.md
index 21dfb741d1..538d13cb2a 100644
--- a/windows/deployment/upgrade/upgrade-readiness-requirements.md
+++ b/windows/deployment/upgrade/upgrade-readiness-requirements.md
@@ -5,7 +5,7 @@ keywords: windows analytics, oms, operations management suite, prerequisites, re
 ms.prod: w10
 author: jaimeo
 ms.author:
-ms.date: 03/15/2018
+ms.date: 06/12/2018
 ms.localizationpriority: high
 ---
 
@@ -32,19 +32,19 @@ See [Windows 10 Specifications](http://www.microsoft.com/en-US/windows/windows-1
 ### Windows 10
 
 Keeping Windows 10 up to date involves deploying a feature update, and Upgrade Readiness tools help you prepare and plan for these Windows updates.
-The latest cumulative updates must be installed on Windows 10 computers to make sure that the required compatibility updates are installed.  You can find the latest cumulative update on the [Microsoft Update Catalog](https://catalog.update.microsoft.com). 
+The latest cumulative updates must be installed on Windows 10 computers to make sure that the required compatibility updates are installed. You can find the latest cumulative update on the [Microsoft Update Catalog](https://catalog.update.microsoft.com). 
 
 While Upgrade Readiness can be used to assist with updating devices from Windows 10 Long-Term Servicing Channel (LTSC) to Windows 10 Semi-Annual Channel, Upgrade Readiness does not support updates to Windows 10 LTSC. The Long-Term Servicing Channel of Windows 10 is not intended for general deployment, and does not receive feature updates, therefore it is not a supported target with Upgrade Readiness. See [Windows as a service overview](../update/waas-overview.md#long-term-servicing-channel) to understand more about LTSC.
 
-## Operations Management Suite
+## Operations Management Suite or Azure Log Analytics
 
-Upgrade Readiness is offered as a solution in the Microsoft Operations Management Suite (OMS), a collection of cloud based services for managing on premise and cloud computing environments. For more information about OMS, see [Operations Management Suite overview](http://azure.microsoft.com/en-us/documentation/articles/operations-management-suite-overview/).
+Upgrade Readiness is offered as a solution in Microsoft Operations Management Suite (OMS) and Azure Log Analytics, a collection of cloud based services for managing on premise and cloud computing environments. For more information about OMS, see [Operations Management Suite overview](http://azure.microsoft.com/en-us/documentation/articles/operations-management-suite-overview/) or the Azure [Log Analytics overview](https://azure.microsoft.com/services/log-analytics/).
 
-If you’re already using OMS, you’ll find Upgrade Readiness in the Solutions Gallery. Click the Upgrade Readiness tile in the gallery and then click Add on the solution’s details page. Upgrade Readiness is now visible in your workspace.
+If you’re already using OMS or Azure Log Analytics, you’ll find Upgrade Readiness in the Solutions Gallery. Click the **Upgrade Readiness** tile in the gallery and then click **Add** on the solution’s details page. Upgrade Readiness is now visible in your workspace. You can also 
 
-If you are not using OMS, go to the [Upgrade Readiness page](https://www.microsoft.com/en-us/windowsforbusiness/simplified-updates) on Microsoft.com and select **Sign up** to kick off the OMS onboarding process. During the onboarding process, you’ll create an OMS workspace and add the Upgrade Readiness solution to it.
+If you are not using OMS or Azure Log Analytics, go to [Log Analytics](https://azure.microsoft.com/services/log-analytics/) on Microsoft.com and select **Start free** to start the setup process. During the process, you’ll create a workspace and add the Upgrade Readiness solution to it.
 
-Important: You can use either a Microsoft Account or a Work or School account to create a workspace. If your company is already using Azure Active Directory, use a Work or School account when you sign in to OMS. Using a Work or School account allows you to use identities from your Azure AD to manage permissions in OMS. You also need an Azure subscription to link to your OMS workspace.  The account you used to create the workspace must have administrator permissions on the Azure subscription in order to link the workspace to the Azure account.  Once the link has been established, you can revoke the administrator permissions.
+>[!IMPORTANT] You can use either a Microsoft Account or a Work or School account to create a workspace. If your company is already using Azure Active Directory, use a Work >or School account when you sign in to OMS. Using a Work or School account allows you to use identities from your Azure AD to manage permissions in OMS. You also need an Azure subscription to link to your OMS workspace. The account you used to create the workspace must have administrator permissions on the Azure subscription in order to link the workspace to the Azure account. Once the link has been established, you can revoke the administrator permissions.
 
 ## System Center Configuration Manager integration
 

From ff9f493205532351390043b00a4859451d2f2bbf Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Tue, 12 Jun 2018 10:24:27 -0700
Subject: [PATCH 55/74] added links to how to set startup auth

---
 .../bitlocker/bitlocker-security-faq.md                       | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/information-protection/bitlocker/bitlocker-security-faq.md b/windows/security/information-protection/bitlocker/bitlocker-security-faq.md
index a1988d5ced..13ee71372a 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-security-faq.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-security-faq.md
@@ -8,7 +8,7 @@ ms.sitesec: library
 ms.pagetype: security
 localizationpriority: high
 author: brianlic-msft
-ms.date: 05/03/2018
+ms.date: 06/12/2018
 ---
 
 # BitLocker Security FAQ
@@ -27,7 +27,7 @@ The recommended practice for BitLocker configuration on an operating system driv
 
 ## What are the implications of using the sleep or hibernate power management options?
 
-BitLocker on operating system drives in its basic configuration (with a TPM but without advanced authentication) provides additional security for the hibernate mode. However, BitLocker provides greater security when it is configured to use an advanced authentication mode (TPM+PIN, TPM+USB, or TPM+PIN+USB) with the hibernate mode. This method is more secure because returning from hibernation requires authentication. As a best practice, we recommend that sleep mode be disabled and that you use TPM+PIN for the authentication method. Startup authentication can be configured by using [Group Policy](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#a-href-idbkmk-unlockpol1arequire-additional-authentication-at-startup) or Mobile Device Management with the [Bitlocker CSP](https://docs.microsoft.com/windows/client-management/mdm/bitlocker-csp). 
+BitLocker on operating system drives in its basic configuration (with a TPM but without additional startup authentication) provides additional security for the hibernate mode. However, BitLocker provides greater security when it is configured to use an additional startup authentication factor (TPM+PIN, TPM+USB, or TPM+PIN+USB) with the hibernate mode. This method is more secure because returning from hibernation requires authentication. For increased security, we recommend that sleep mode be disabled and that you use TPM+PIN for the authentication method. Startup authentication can be configured by using [Group Policy](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#a-href-idbkmk-unlockpol1arequire-additional-authentication-at-startup) or Mobile Device Management with the [Bitlocker CSP](https://docs.microsoft.com/windows/client-management/mdm/bitlocker-csp). 
 
 ## What are the advantages of a TPM?
 

From 274ecc83c3c8159d5ab5c48dcd920bdfe64b0ac0 Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Tue, 12 Jun 2018 10:26:33 -0700
Subject: [PATCH 56/74] added links to how to set startup auth

---
 .../information-protection/bitlocker/bitlocker-security-faq.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/information-protection/bitlocker/bitlocker-security-faq.md b/windows/security/information-protection/bitlocker/bitlocker-security-faq.md
index 13ee71372a..6aac433261 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-security-faq.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-security-faq.md
@@ -27,7 +27,7 @@ The recommended practice for BitLocker configuration on an operating system driv
 
 ## What are the implications of using the sleep or hibernate power management options?
 
-BitLocker on operating system drives in its basic configuration (with a TPM but without additional startup authentication) provides additional security for the hibernate mode. However, BitLocker provides greater security when it is configured to use an additional startup authentication factor (TPM+PIN, TPM+USB, or TPM+PIN+USB) with the hibernate mode. This method is more secure because returning from hibernation requires authentication. For increased security, we recommend that sleep mode be disabled and that you use TPM+PIN for the authentication method. Startup authentication can be configured by using [Group Policy](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#a-href-idbkmk-unlockpol1arequire-additional-authentication-at-startup) or Mobile Device Management with the [Bitlocker CSP](https://docs.microsoft.com/windows/client-management/mdm/bitlocker-csp). 
+BitLocker on operating system drives in its basic configuration (with a TPM but without additional startup authentication) provides additional security for the hibernate mode. However, BitLocker provides greater security when it is configured to use an additional startup authentication factor (TPM+PIN, TPM+USB, or TPM+PIN+USB) with the hibernate mode. This method is more secure because returning from hibernation requires authentication. For improved security, we recommend that sleep mode be disabled and that you use TPM+PIN for the authentication method. Startup authentication can be configured by using [Group Policy](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#a-href-idbkmk-unlockpol1arequire-additional-authentication-at-startup) or Mobile Device Management with the [Bitlocker CSP](https://docs.microsoft.com/windows/client-management/mdm/bitlocker-csp). 
 
 ## What are the advantages of a TPM?
 

From b83f8f41c34bc5136e6e2a2678d355293f3affe3 Mon Sep 17 00:00:00 2001
From: "Andrea Bichsel (Aquent LLC)" <v-anbic@microsoft.com>
Date: Tue, 12 Jun 2018 11:26:02 -0700
Subject: [PATCH 57/74] Add new functionality for existing ASR rule.

---
 .../attack-surface-reduction-exploit-guard.md                 | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
index 5fcdb543ec..344fe9385a 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
@@ -11,7 +11,7 @@ ms.pagetype: security
 localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 05/30/2018
+ms.date: 06/12/2018
 ---
 
 
@@ -127,6 +127,8 @@ Office apps, such as Word or Excel, will not be allowed to create child processe
 
 This is a typical malware behavior, especially for macro-based attacks that attempt to use Office apps to launch or download malicious executables.
 
+In Windows 10, version 1803 and later, this rule also blocks suspicious apps from being launched through Outlook or Access. 
+
 ### Rule: Block Office applications from creating executable content
 
 This rule targets typical behaviors used by suspicious and malicious add-ons and scripts (extensions) that create or launch executable files. This is a typical malware technique.

From 9b80f217466ba7935adef9e180a6bf591f3f77ef Mon Sep 17 00:00:00 2001
From: "Andrea Bichsel (Aquent LLC)" <v-anbic@microsoft.com>
Date: Tue, 12 Jun 2018 11:47:21 -0700
Subject: [PATCH 58/74] Add reviewer changes.

---
 .../attack-surface-reduction-exploit-guard.md                 | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
index 344fe9385a..4085972ad5 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
@@ -123,12 +123,10 @@ This rule blocks the following file types from being run or launched from an ema
 
 ### Rule: Block Office applications from creating child processes
 
-Office apps, such as Word or Excel, will not be allowed to create child processes. 
+Office apps will not be allowed to create child processes. This includes Word, Excel, PowerPoint, OneNote, Outlook, and Access.
 
 This is a typical malware behavior, especially for macro-based attacks that attempt to use Office apps to launch or download malicious executables.
 
-In Windows 10, version 1803 and later, this rule also blocks suspicious apps from being launched through Outlook or Access. 
-
 ### Rule: Block Office applications from creating executable content
 
 This rule targets typical behaviors used by suspicious and malicious add-ons and scripts (extensions) that create or launch executable files. This is a typical malware technique.

From 267d6b1e42cb7642f7a1b5605075a2cac7d8cdb3 Mon Sep 17 00:00:00 2001
From: Jeanie Decker <jdecker@microsoft.com>
Date: Tue, 12 Jun 2018 19:44:52 +0000
Subject: [PATCH 59/74] Merged PR 9009: fix link

---
 devices/hololens/hololens-provisioning.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/devices/hololens/hololens-provisioning.md b/devices/hololens/hololens-provisioning.md
index 86631b4976..c1a90edadb 100644
--- a/devices/hololens/hololens-provisioning.md
+++ b/devices/hololens/hololens-provisioning.md
@@ -22,7 +22,7 @@ Some of the HoloLens configurations that you can apply in a provisioning package
 - Set up a Wi-Fi connection
 - Apply certificates to the device
 
-To create provisioning packages, you must install Windows Configuration Designer [from Microsoft Store]((https://www.microsoft.com/store/apps/9nblggh4tx22)) or [from the Windows Assessment and Deployment Kit (ADK) for Windows 10](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit). If you install Windows Configurations Designer from the Windows ADK, select **Configuration Designer** from the **Select the features you want to install** dialog box.
+To create provisioning packages, you must install Windows Configuration Designer [from Microsoft Store](https://www.microsoft.com/store/apps/9nblggh4tx22) or [from the Windows Assessment and Deployment Kit (ADK) for Windows 10](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit). If you install Windows Configurations Designer from the Windows ADK, select **Configuration Designer** from the **Select the features you want to install** dialog box.
 
 
 

From 26a9473445983b5435f5f1ff17a105b4f4a6b8da Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Tue, 12 Jun 2018 13:03:25 -0700
Subject: [PATCH 60/74] added new topic for isg

---
 .../TOC.md                                    |   1 +
 ...control-with-intelligent-security-graph.md | 142 ++++++++++++++++++
 2 files changed, 143 insertions(+)
 create mode 100644 windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md

diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.md b/windows/security/threat-protection/windows-defender-application-control/TOC.md
index 4bf7c5ff89..1d9c033045 100644
--- a/windows/security/threat-protection/windows-defender-application-control/TOC.md
+++ b/windows/security/threat-protection/windows-defender-application-control/TOC.md
@@ -18,6 +18,7 @@
 ### [Merge WDAC policies](merge-windows-defender-application-control-policies.md)
 ### [Enforce WDAC policies](enforce-windows-defender-application-control-policies.md)
 ### [Deploy WDAC with a managed installer](use-windows-defender-application-control-with-managed-installer.md)
+### [Deploy WDAC with Intelligent Security Graph (ISG)](use-windows-defender-application-control-with-intelligent-security-graph.md)
 ### [Deploy WDAC policies using Group Policy](deploy-windows-defender-application-control-policies-using-group-policy.md)
 ### [Deploy WDAC policies using Intune](deploy-windows-defender-application-control-policies-using-intune.md)
 ### [Use code signing to simplify application control for classic Windows applications](use-code-signing-to-simplify-application-control-for-classic-windows-applications.md)
diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
new file mode 100644
index 0000000000..57f5838a42
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
@@ -0,0 +1,142 @@
+---
+title: Deploy Windows Defender Application Control with Intelligent Security Graph (ISG) (Windows 10)
+description: Automatically authorize applications that Microsoft’s ISG recognizes as having known good reputation.
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.localizationpriority: high
+author: mdsakibMSFT
+ms.date: 03/01/2018
+---
+
+# Use Windows Defender Application Control (WDAC) with the Microsoft Intelligent Security Graph 
+
+**Applies to:**
+
+-   Windows 10
+-   Windows Server 2016
+
+
+```code
+<Rules> 
+    <Rule> 
+      <Option><b>Enabled:Unsigned System Integrity Policy</b></Option> 
+    </Rule> 
+    <Rule> 
+      <Option>Enabled:Advanced Boot Options Menu</Option> 
+    </Rule> 
+    <Rule> 
+      <Option>Required:Enforce Store Applications</Option> 
+    </Rule> 
+    <Rule> 
+      <Option>Enabled:UMCI</Option> 
+    </Rule> 
+    <Rule> 
+      <Option>Enabled:Managed Installer</Option> 
+    </Rule> 
+    <Rule> 
+      <Option>Enabled:Intelligent Security Graph Authorization</Option> 
+    </Rule> 
+    <Rule> 
+      <Option>Enabled:Invalidate EAs on Reboot</Option> 
+    </Rule> 
+</Rules> 
+```
+
+## Enable service enforcement in AppLocker policy
+
+Since many installation processes rely on services, it is typically necessary to enable tracking of services. 
+Correct tracking of services requires the presence of at least one rule in the rule collection – a simple audit only rule will suffice. 
+For example:
+
+```code
+<RuleCollection Type="Dll" EnforcementMode="AuditOnly" >
+    <FilePathRule Id="86f235ad-3f7b-4121-bc95-ea8bde3a5db5" Name="Dummy Rule" Description="" UserOrGroupSid="S-1-1-0" Action="Deny">
+      <Conditions>
+        <FilePathCondition Path="%OSDRIVE%\ThisWillBeBlocked.dll" />
+      </Conditions>
+    </FilePathRule>
+    <RuleCollectionExtensions>
+      <ThresholdExtensions>
+        <Services EnforcementMode="Enabled" />
+      </ThresholdExtensions>
+      <RedstoneExtensions>
+        <SystemApps Allow="Enabled"/>
+      </RedstoneExtensions>
+    </RuleCollectionExtensions>
+  </RuleCollection>
+  <RuleCollection Type="Exe" EnforcementMode="AuditOnly">
+    <FilePathRule Id="9420c496-046d-45ab-bd0e-455b2649e41e" Name="Dummy Rule" Description="" UserOrGroupSid="S-1-1-0" Action="Deny">
+      <Conditions>
+        <FilePathCondition Path="%OSDRIVE%\ThisWillBeBlocked.exe" />
+      </Conditions>
+    </FilePathRule>
+    <RuleCollectionExtensions>
+      <ThresholdExtensions>
+        <Services EnforcementMode="Enabled" />
+      </ThresholdExtensions>
+      <RedstoneExtensions>
+        <SystemApps Allow="Enabled"/>
+      </RedstoneExtensions>
+    </RuleCollectionExtensions>
+  </RuleCollection>
+```
+
+### Enable the managed installer option in WDAC policy
+
+In order to enable trust for the binaries laid down by managed installers, the Allow: Managed Installer option must be specified in your WDAC policy.
+This can be done by using the [Set-RuleOption cmdlet](https://docs.microsoft.com/powershell/module/configci/set-ruleoption). 
+An example of the managed installer option being set in policy is shown below.
+
+```code
+<Rules>  
+    <Rule>  
+      <Option>Enabled:Unsigned System Integrity Policy</Option>  
+    </Rule>  
+    <Rule>  
+      <Option>Enabled:Advanced Boot Options Menu</Option>  
+    </Rule>  
+    <Rule>  
+      <Option>Enabled:UMCI</Option>  
+    </Rule>  
+    <Rule>  
+      <Option>Enabled:Inherit Default Policy</Option>  
+    </Rule>
+    <Rule>  
+      <Option>Enabled:Managed Installer </Option>  
+    </Rule>  
+  </Rules>  
+```
+
+## Security considerations with managed installer
+
+Since managed installer is a heuristic-based mechanism, it does not provide the same security guarantees that explicit allow or deny rules do. 
+It is best suited for deployment to systems where each user is configured as a standard user and where all software is deployed and installed by a software distribution solution, such as System Center Configuration Manager. 
+
+Users with administrator privileges or malware running as an administrator user on the system may be able to circumvent the intent of Windows Defender Application Control when the managed installer option is allowed. 
+If the authorized managed installer process performs installations in the context of a user with standard privileges, then it is possible that standard users or malware running as standard user may be able to circumvent the intent of Windows Defender Application Control. 
+Some application installers include an option to automatically run the application at the end of the installation process. If this happens when the installer is run by a managed installer, then the managed installer's heuristic tracking and authorization may continue to apply to all files created during the first run of the application. This could result in over-authorization for executables that were not intended.
+To avoid this, ensure that the application deployment solution being used as a managed installer limits running applications as part of installation.   
+
+## Known limitations with managed installer
+
+- Application execution control based on managed installer does not support applications that self-update. 
+If an application deployed by a managed installer subsequently updates itself, the updated application files will no longer include the managed installer origin information and will not be authorized to run. 
+Enterprises should deploy and install all application updates using the managed installer. 
+In some cases, it may be possible to also designate an application binary that performs the self-updates as a managed installer. 
+Proper review for functionality and security should be performed for the application before using this method. 
+
+- Although WDAC policies can be deployed in both audit and enforced mode, the managed installer option is currently only recommended for use with policies set to enforced except in lab environments. 
+Using the managed installer option with WDAC policies set to audit only may result in unexpected behavior if the policy is subsequently changed to enforced mode. 
+
+- Modern apps deployed through a managed installer will not be tracked by the managed installer heuristic and will need to be separately authorized in your WDAC policy.
+
+- Executables that extract files and then attempt to execute may not be allowed by the managed installer heuristic. 
+In some cases, it may be possible to also designate an application binary that performs such an operation as a managed installer. 
+Proper review for functionality and security should be performed for the application before using this method.
+
+- The managed installer heuristic does not authorize drivers. 
+The WDAC policy must have rules that allow the necessary drivers to run.  
+
+- In some cases, the code integrity logs where WDAC errors and warnings are written will contain error events for native images generated for .NET assemblies. 
+Typically, the error is functionally benign as a blocked native image will result in the corresponding assembly being re-interpreted. 
+Review for functionality and performance for the related applications using the native images maybe necessary in some cases. 

From 1b3717b4e850e9916028733b3cf8cd0f2e666b80 Mon Sep 17 00:00:00 2001
From: jaimeo <jaimeo@microsoft.com>
Date: Tue, 12 Jun 2018 13:27:24 -0700
Subject: [PATCH 61/74] fixing some typos

---
 windows/deployment/update/update-compliance-get-started.md   | 2 +-
 windows/deployment/upgrade/upgrade-readiness-get-started.md  | 2 +-
 windows/deployment/upgrade/upgrade-readiness-requirements.md | 5 +++--
 3 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/windows/deployment/update/update-compliance-get-started.md b/windows/deployment/update/update-compliance-get-started.md
index 9887546277..9d1b01ce0f 100644
--- a/windows/deployment/update/update-compliance-get-started.md
+++ b/windows/deployment/update/update-compliance-get-started.md
@@ -30,7 +30,7 @@ Update Compliance is offered as a solution in the Microsoft Operations Managemen
 If you are already using OMS, skip to step **6** to add Update Compliance to your workspace.
 
 >[!NOTE]
->If you are already using OMS, you can also follow [this link](https://portal.mms.microsoft.com/#Workspace/ipgallery/details/details/index?IPId=WaaSUpdateInsights) to go directly to the Device Health solution and add it to your workspace.
+>If you are already using OMS, you can also follow [this link](https://portal.mms.microsoft.com/#Workspace/ipgallery/details/details/index?IPId=WaaSUpdateInsights) to go directly to the Update Compliance solution and add it to your workspace.
 
 
 If you are not yet using OMS, use the following steps to subscribe to OMS Update Compliance:
diff --git a/windows/deployment/upgrade/upgrade-readiness-get-started.md b/windows/deployment/upgrade/upgrade-readiness-get-started.md
index 3ee8a1a528..2972c0ff9c 100644
--- a/windows/deployment/upgrade/upgrade-readiness-get-started.md
+++ b/windows/deployment/upgrade/upgrade-readiness-get-started.md
@@ -50,7 +50,7 @@ If you are already using OMS, you’ll find Upgrade Readiness in the Solutions G
 If you are not using OMS or Azure Log Analytics:
 
 1.  Go to [Log Analytics](https://azure.microsoft.com/services/log-analytics/) on Microsoft.com and select **Start free** to start the setup process. During the process, you’ll create a workspace and add the Upgrade Readiness solution to it.
-2.  Sign in to Operations Management Suite (OMS or Azure Log Analytics You can use either a Microsoft Account or a Work or School account to create a workspace. If your company is already using Azure Active Directory (Azure AD), use a Work or School account when you sign in to OMS. Using a Work or School account allows you to use identities from your Azure AD to manage permissions in OMS.
+2.  Sign in to Operations Management Suite (OMS) or Azure Log Analytics. You can use either a Microsoft Account or a Work or School account to create a workspace. If your company is already using Azure Active Directory (Azure AD), use a Work or School account when you sign in to OMS. Using a Work or School account allows you to use identities from your Azure AD to manage permissions in OMS.
 3.  Create a new workspace. Enter a name for the workspace, select the workspace region, and provide the email address that you want associated with this workspace. Select **Create**.
 4.  If your organization already has an Azure subscription, you can link it to your workspace. Note that you may need to request access from your organization’s Azure administrator.
 
diff --git a/windows/deployment/upgrade/upgrade-readiness-requirements.md b/windows/deployment/upgrade/upgrade-readiness-requirements.md
index 538d13cb2a..7695e28a28 100644
--- a/windows/deployment/upgrade/upgrade-readiness-requirements.md
+++ b/windows/deployment/upgrade/upgrade-readiness-requirements.md
@@ -21,7 +21,7 @@ To perform an in-place upgrade, user computers must be running the latest versio
 
 The compatibility update that sends diagnostic data from user computers to Microsoft data centers works with Windows 7 SP1 and Windows 8.1 only. Upgrade Readiness cannot evaluate Windows XP or Windows Vista for upgrade eligibility.
 
-<!--With Windows 10, edition 1607, the compatibility update KB is installed automatically.-->
+<!--With Windows 10, edition 1607, the compatibility update is installed automatically.-->
 
 If you need to update user computers to Windows 7 SP1 or Windows 8.1, use Windows Update or download and deploy the applicable package from the Microsoft Download Center.
 
@@ -44,7 +44,8 @@ If you’re already using OMS or Azure Log Analytics, you’ll find Upgrade Read
 
 If you are not using OMS or Azure Log Analytics, go to [Log Analytics](https://azure.microsoft.com/services/log-analytics/) on Microsoft.com and select **Start free** to start the setup process. During the process, you’ll create a workspace and add the Upgrade Readiness solution to it.
 
->[!IMPORTANT] You can use either a Microsoft Account or a Work or School account to create a workspace. If your company is already using Azure Active Directory, use a Work >or School account when you sign in to OMS. Using a Work or School account allows you to use identities from your Azure AD to manage permissions in OMS. You also need an Azure subscription to link to your OMS workspace. The account you used to create the workspace must have administrator permissions on the Azure subscription in order to link the workspace to the Azure account. Once the link has been established, you can revoke the administrator permissions.
+>[!IMPORTANT]
+>You can use either a Microsoft Account or a Work or School account to create a workspace. If your company is already using Azure Active Directory, use a Work or School account when you sign in to OMS. Using a Work or School account allows you to use identities from your Azure AD to manage permissions in OMS. You also need an Azure subscription to link to your OMS workspace. The account you used to create the workspace must have administrator permissions on the Azure subscription in order to link the workspace to the Azure account. Once the link has been established, you can revoke the administrator permissions.
 
 ## System Center Configuration Manager integration
 

From 99c0736647e9edddff7cbc6cfaec77009de4bbaa Mon Sep 17 00:00:00 2001
From: Martin Adler <1208749+EagleIJoe@users.noreply.github.com>
Date: Wed, 13 Jun 2018 12:51:37 +0200
Subject: [PATCH 62/74] Corrected examples XML syntax

Upper case boolean values caused parser error
Ending XML closing tag invalidates file
---
 .../app-v/appv-auto-batch-updating.md         | 92 +++++++++----------
 1 file changed, 45 insertions(+), 47 deletions(-)

diff --git a/windows/application-management/app-v/appv-auto-batch-updating.md b/windows/application-management/app-v/appv-auto-batch-updating.md
index 1d96b18fb8..ff99b0273a 100644
--- a/windows/application-management/app-v/appv-auto-batch-updating.md
+++ b/windows/application-management/app-v/appv-auto-batch-updating.md
@@ -41,29 +41,28 @@ Updating multiple apps at the same time requires that you create a **ConfigFile*
         **Example:**
         ```XML
         <?xml version="1.0"?>
-            <Applications>
-                <Application>
-                    <AppName>Skype for Windows Update</AppName>
-                    <InstallerFolder>D:\Install\Update\SkypeforWindows</InstallerFolder>
-                    <Installer>SkypeSetup.exe</Installer>
-                    <InstallerOptions>/S</InstallerOptions>
-                    <Package>C:\App-V_Package\Microsoft_Apps\skypeupdate.appv</Package>
-                    <TimeoutInMinutes>20</TimeoutInMinutes>
-                    <Cmdlet>True</Cmdlet>
-                    <Enabled>True</Enabled>
-                </Application>
-                <Application>
-                    <AppName>Microsoft Power BI Update</AppName>
-                    <InstallerFolder>D:\Install\Update\PowerBI</InstallerFolder>
-                    <Installer>PBIDesktop.msi</Installer>
-                    <InstallerOptions>/S</InstallerOptions>
-                    <Package>C:\App-V_Package\MS_Apps\powerbiupdate.appv</Package>
-                    <TimeoutInMinutes>20</TimeoutInMinutes>
-                    <Cmdlet>True</Cmdlet>
-                    <Enabled>True</Enabled>
-                </Application>
-            </Applications>
-        </xml>
+        <Applications>
+            <Application>
+                <AppName>Skype for Windows Update</AppName>
+                <InstallerFolder>D:\Install\Update\SkypeforWindows</InstallerFolder>
+                <Installer>SkypeSetup.exe</Installer>
+                <InstallerOptions>/S</InstallerOptions>
+                <Package>C:\App-V_Package\Microsoft_Apps\skypeupdate.appv</Package>
+                <TimeoutInMinutes>20</TimeoutInMinutes>
+                <Cmdlet>true</Cmdlet>
+                <Enabled>true</Enabled>
+            </Application>
+            <Application>
+                <AppName>Microsoft Power BI Update</AppName>
+                <InstallerFolder>D:\Install\Update\PowerBI</InstallerFolder>
+                <Installer>PBIDesktop.msi</Installer>
+                <InstallerOptions>/S</InstallerOptions>
+                <Package>C:\App-V_Package\MS_Apps\powerbiupdate.appv</Package>
+                <TimeoutInMinutes>20</TimeoutInMinutes>
+                <Cmdlet>true</Cmdlet>
+                <Enabled>true</Enabled>
+            </Application>
+        </Applications>
         ```
 
 3. Save your completed file under the name **ConfigFile**.
@@ -101,29 +100,28 @@ Updating multipe apps at the same time requires that you create a **ConfigFile**
 
         ```XML
         <?xml version="1.0"?>
-            <Applications>
-                <Application>
-                    <AppName>Skype for Windows Update</AppName>
-                    <InstallerFolder>D:\Install\Update\SkypeforWindows</InstallerFolder>
-                    <Installer>SkypeSetup.exe</Installer>
-                    <InstallerOptions>/S</InstallerOptions>
-                    <Package>C:\App-V_Package\Microsoft_Apps\skypeupdate.appv</Package>
-                    <TimeoutInMinutes>20</TimeoutInMinutes>
-                    <Cmdlet>False</Cmdlet>
-                    <Enabled>True</Enabled>
-                </Application>
-                <Application>
-                    <AppName>Microsoft Power BI Update</AppName>
-                    <InstallerFolder>D:\Install\Update\PowerBI</InstallerFolder>
-                    <Installer>PBIDesktop.msi</Installer>
-                    <InstallerOptions>/S</InstallerOptions>
-                    <Package>C:\App-V_Package\MS_Apps\powerbiupdate.appv</Package>
-                    <TimeoutInMinutes>20</TimeoutInMinutes>
-                    <Cmdlet>False</Cmdlet>
-                    <Enabled>True</Enabled>
-                </Application>
-            </Applications>
-        </xml>
+        <Applications>
+            <Application>
+                <AppName>Skype for Windows Update</AppName>
+                <InstallerFolder>D:\Install\Update\SkypeforWindows</InstallerFolder>
+                <Installer>SkypeSetup.exe</Installer>
+                <InstallerOptions>/S</InstallerOptions>
+                <Package>C:\App-V_Package\Microsoft_Apps\skypeupdate.appv</Package>
+                <TimeoutInMinutes>20</TimeoutInMinutes>
+                <Cmdlet>false</Cmdlet>
+                <Enabled>true</Enabled>
+            </Application>
+            <Application>
+                <AppName>Microsoft Power BI Update</AppName>
+                <InstallerFolder>D:\Install\Update\PowerBI</InstallerFolder>
+                <Installer>PBIDesktop.msi</Installer>
+                <InstallerOptions>/S</InstallerOptions>
+                <Package>C:\App-V_Package\MS_Apps\powerbiupdate.appv</Package>
+                <TimeoutInMinutes>20</TimeoutInMinutes>
+                <Cmdlet>false</Cmdlet>
+                <Enabled>true</Enabled>
+            </Application>
+        </Applications>
         ```   
 
 ### Start the App-V Sequencer interface and app installation process
@@ -157,4 +155,4 @@ There are three types of log files that occur when you sequence multiple apps at
 
 ## Have a suggestion for App-V?
 
-Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
\ No newline at end of file
+Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).

From 9ab71bdb870712272a40959d82dff6fa8c1d547b Mon Sep 17 00:00:00 2001
From: Frank Gorgenyi <Frank.Gorgenyi@microsoft.com>
Date: Wed, 13 Jun 2018 12:37:34 +0000
Subject: [PATCH 63/74] Merged PR 9015: Change Quick Pair to Swift Pair.

Change Quick Pair to Swift Pair.
---
 windows/client-management/mdm/policy-csp-bluetooth.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-bluetooth.md b/windows/client-management/mdm/policy-csp-bluetooth.md
index 519bdfeb1f..1fb3b009d6 100644
--- a/windows/client-management/mdm/policy-csp-bluetooth.md
+++ b/windows/client-management/mdm/policy-csp-bluetooth.md
@@ -236,14 +236,14 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Added in Windows 10, version 1803. This policy allows the IT admin to block users on these managed devices from using Quick Pair and other proximity based scenarios.
+Added in Windows 10, version 1803. This policy allows the IT admin to block users on these managed devices from using Swift Pair and other proximity based scenarios.
 
 <!--/Description-->
 <!--SupportedValues-->
 The following list shows the supported values:  
 
--   0 - Disallow. Block users on these managed devices from using Quick Pair and other proximity based scenarios
--   1 - Allow. Allow users on these managed devices to use Quick Pair and other proximity based scenarios
+-   0 - Disallow. Block users on these managed devices from using Swift Pair and other proximity based scenarios
+-   1 - Allow. Allow users on these managed devices to use Swift Pair and other proximity based scenarios
 
 <!--/SupportedValues-->
 <!--/Policy-->

From 18f3d7f9b13a10de950050a888ccd3deb47c0780 Mon Sep 17 00:00:00 2001
From: Christopher McClister <christopher.mcclister@gmail.com>
Date: Wed, 13 Jun 2018 08:26:54 -0700
Subject: [PATCH 64/74] Added ms.collection meta data to Education hub per
 Lauren Moynihan

---
 education/index.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/education/index.md b/education/index.md
index 424b52680d..c78b456b9e 100644
--- a/education/index.md
+++ b/education/index.md
@@ -6,6 +6,7 @@ description: Learn about product documentation and resources available for schoo
 author: CelesteDG
 ms.topic: hub-page
 ms.author: celested
+ms.collection: ITAdminEDU
 ms.date: 10/30/2017
 ---
 <div id="main" class="v2">

From 436fe714e3178bc5f9be0c3b65482a4cacdac780 Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Wed, 13 Jun 2018 09:56:48 -0700
Subject: [PATCH 65/74] added bold to code snippet

---
 ...control-with-intelligent-security-graph.md | 151 ++++++------------
 1 file changed, 53 insertions(+), 98 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
index 57f5838a42..c5c738cc8e 100644
--- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
+++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
@@ -15,11 +15,39 @@ ms.date: 03/01/2018
 -   Windows 10
 -   Windows Server 2016
 
+Application execution control can be difficult to implement in enterprises that do not have processes to effectively control the deployment of applications centrally through an IT managed system. 
+In such environments, users are empowered to acquire the applications they need for work, making accounting for all the applications that would need to be authorized for execution control a daunting task.  
 
-```code
+Windows 10, version 1709 (also known as the Windows 10 Fall Creators Update) provides a new option, known as Intelligent Security Graph (ISG) authorization, that allows IT administrators to automatically authorize applications that Microsoft’s ISG recognizes as having known good reputation. The ISG option helps IT organizations take a significant first step towards going from having no application control at all to a simple means of preventing the execution of unknown and known bad software.
+
+## How does the integration between WDAC and the Intelligent Security Graph work? 
+
+The ISG relies on Microsoft’s vast security intelligence and machine learning analytics to help classify applications as having known good reputation. When users download applications on a system with WDAC enabled with the ISG authorization option specified, the reputation of the downloaded file, commonly an installer, is used to determine whether to run the installer and then that original reputation information is passed along to any files that were written by the installer. When any of these files try to execute after they are installed the reputation data is used to help make the right policy authorization decision.   
+
+After that initial download and installation, the WDAC component will check for the presence of the positive reputation information when evaluating other application execution control rules specified in the policy. If there are no deny rules present for the file, it will be authorized based on the known good reputation classification.  
+
+The reputation data on the client is rechecked periodically and enterprises can also specify that any cached reputation results are flushed on reboot.    
+
+>[!NOTE]
+>Admins needs to ensure that there is a WDAC policy in place to allow the system to boot and run any other authorized applications that may not be classified as being known good by the Intelligent Security Graph, for example custom line-of-business (LOB) apps. Since the Intelligent Security Graph is powered by global prevalence data, internal LOB apps may not be recognized as being known good. Other mechanisms like managed installer and explicit rules will help cover internal applications. Both System Center Configuration Manager (SCCM) and Microsoft Intune can be used to create and push a WDAC policy to your client machines.  
+
+Other examples of WDAC policies are available in C:\Windows\schemas\CodeIntegrity\ExamplePolicies and can help authorize Windows OS components, WHQL signed drivers and all Store apps. Admins can reference and customize them as needed for their Windows Defender Application Control deployment or [create a custom WDAC policy](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy). 
+
+## Configuring Intelligent Security Graph authorization for Windows Defender Application Control 
+
+Setting up the ISG authorization is easy regardless of what management solution you use. Configuring the ISG option involves these basic steps: 
+
+- [Ensure that the ISG option is enabled in the WDAC policy XML](#ensure-that-the-intelligent-security-graph-option-is-enabled-in-the-wdac-policy-xml) 
+- [Enable the necessary services to allow WDAC to use the ISG correctly on the client](#enable-the-necessary-services-to-allow-wdac-to-use-the-isg-correctly-on-the-client) 
+
+### Ensure that the Intelligent Security Graph option is enabled in the WDAC policy XML 
+
+In order to enable trust for executables based on classifications in the ISG, the Enabled: Intelligent Security Graph authorization option must be specified in the WDAC policy. This can be done with the Set-RuleOption cmdlet. In addition it is recommended from a security perspective to also enable the Enabled:Invalidate EAs on Reboot option to invalidate the cached ISG results on reboot to force rechecking of applications against the ISG. Caution is advised if devices will regularly transition to and from environments that may not be able to access the ISG. An example of both options being set is shown below. 
+
+<pre>
 <Rules> 
     <Rule> 
-      <Option><b>Enabled:Unsigned System Integrity Policy</b></Option> 
+      <Option>Enabled:Unsigned System Integrity Policy</Option> 
     </Rule> 
     <Rule> 
       <Option>Enabled:Advanced Boot Options Menu</Option> 
@@ -27,12 +55,12 @@ ms.date: 03/01/2018
     <Rule> 
       <Option>Required:Enforce Store Applications</Option> 
     </Rule> 
-    <Rule> 
-      <Option>Enabled:UMCI</Option> 
-    </Rule> 
-    <Rule> 
-      <Option>Enabled:Managed Installer</Option> 
-    </Rule> 
+    <b><Rule></b> 
+      <b><Option>Enabled:UMCI</Option></b> 
+    <b></Rule></b> 
+    <b><Rule></b> 
+      <b><Option>Enabled:Managed Installer</Option></b> 
+    <b></Rule></b> 
     <Rule> 
       <Option>Enabled:Intelligent Security Graph Authorization</Option> 
     </Rule> 
@@ -40,103 +68,30 @@ ms.date: 03/01/2018
       <Option>Enabled:Invalidate EAs on Reboot</Option> 
     </Rule> 
 </Rules> 
+</pre>
+
+### Enable the necessary services to allow WDAC to use the ISG correctly on the client
+
+In order for the heuristics used by the ISG to function properly, a number of component in Windows need to be enabled. The easiest way to do this is to run the appidtel executable in c:\windows\system32.
+
+```
+appidtel start
 ```
 
-## Enable service enforcement in AppLocker policy
+For WDAC policies deployed over MDM using the AppLocker CSP this step is not required as the CSP will enable the necessary components. ISG enabled through the SCCM WDAC UX will not need this step but if custom policies are being deployed outside of the WDAC UX through SCCM then this step is required.   
 
-Since many installation processes rely on services, it is typically necessary to enable tracking of services. 
-Correct tracking of services requires the presence of at least one rule in the rule collection – a simple audit only rule will suffice. 
-For example:
+## Security considerations with using the Intelligent Security Graph 
 
-```code
-<RuleCollection Type="Dll" EnforcementMode="AuditOnly" >
-    <FilePathRule Id="86f235ad-3f7b-4121-bc95-ea8bde3a5db5" Name="Dummy Rule" Description="" UserOrGroupSid="S-1-1-0" Action="Deny">
-      <Conditions>
-        <FilePathCondition Path="%OSDRIVE%\ThisWillBeBlocked.dll" />
-      </Conditions>
-    </FilePathRule>
-    <RuleCollectionExtensions>
-      <ThresholdExtensions>
-        <Services EnforcementMode="Enabled" />
-      </ThresholdExtensions>
-      <RedstoneExtensions>
-        <SystemApps Allow="Enabled"/>
-      </RedstoneExtensions>
-    </RuleCollectionExtensions>
-  </RuleCollection>
-  <RuleCollection Type="Exe" EnforcementMode="AuditOnly">
-    <FilePathRule Id="9420c496-046d-45ab-bd0e-455b2649e41e" Name="Dummy Rule" Description="" UserOrGroupSid="S-1-1-0" Action="Deny">
-      <Conditions>
-        <FilePathCondition Path="%OSDRIVE%\ThisWillBeBlocked.exe" />
-      </Conditions>
-    </FilePathRule>
-    <RuleCollectionExtensions>
-      <ThresholdExtensions>
-        <Services EnforcementMode="Enabled" />
-      </ThresholdExtensions>
-      <RedstoneExtensions>
-        <SystemApps Allow="Enabled"/>
-      </RedstoneExtensions>
-    </RuleCollectionExtensions>
-  </RuleCollection>
-```
+Since the ISG is a heuristic-based mechanism, it does not provide the same security guarantees that explicit allow or deny rules do. It is best suited for deployment to systems where each user is configured as a standard user and there are other monitoring systems in place like Windows Defender Advanced Threat Protection to help provide optics into what users are doing. 
 
-### Enable the managed installer option in WDAC policy
+Users with administrator privileges or malware running as an administrator user on the system may be able to circumvent the intent of WDAC when the ISG option is allowed by circumventing or corrupting the heuristics used to assign reputation to application executables. The ISG option uses the same heuristic tracking as managed installer and so for application installers that include an option to automatically run the application at the end of the installation process the heuristic may over-authorize.  
 
-In order to enable trust for the binaries laid down by managed installers, the Allow: Managed Installer option must be specified in your WDAC policy.
-This can be done by using the [Set-RuleOption cmdlet](https://docs.microsoft.com/powershell/module/configci/set-ruleoption). 
-An example of the managed installer option being set in policy is shown below.
+## Known limitations with using the Intelligent Security Graph
 
-```code
-<Rules>  
-    <Rule>  
-      <Option>Enabled:Unsigned System Integrity Policy</Option>  
-    </Rule>  
-    <Rule>  
-      <Option>Enabled:Advanced Boot Options Menu</Option>  
-    </Rule>  
-    <Rule>  
-      <Option>Enabled:UMCI</Option>  
-    </Rule>  
-    <Rule>  
-      <Option>Enabled:Inherit Default Policy</Option>  
-    </Rule>
-    <Rule>  
-      <Option>Enabled:Managed Installer </Option>  
-    </Rule>  
-  </Rules>  
-```
+Since the ISG relies on identifying executables as being known good there are cases where it may classify legitimate executables as unknown leading to blocks that need to be resolved either with a rule in the WDAC policy, a catalog signed by a certificate trusted in WDAC policy or by deployment through a WDAC managed installer. Typically this is due to an installer or application using a dynamic file as part of execution. These files do not tend to build up known good reputation. Auto-updating applications have also been observed using this mechanism and may be flagged by the ISG.  
 
-## Security considerations with managed installer
+Modern apps are not supported with the ISG heuristic and will need to be separately authorized in your WDAC policy. As modern apps are signed by the Microsoft Store and Microsoft Store for Business it is straightforward to authorize modern apps with signer rules in the WDAC policy.
 
-Since managed installer is a heuristic-based mechanism, it does not provide the same security guarantees that explicit allow or deny rules do. 
-It is best suited for deployment to systems where each user is configured as a standard user and where all software is deployed and installed by a software distribution solution, such as System Center Configuration Manager. 
+The ISG heuristic does not authorize kernel mode drivers. The WDAC policy must have rules that allow the necessary drivers to run.  
 
-Users with administrator privileges or malware running as an administrator user on the system may be able to circumvent the intent of Windows Defender Application Control when the managed installer option is allowed. 
-If the authorized managed installer process performs installations in the context of a user with standard privileges, then it is possible that standard users or malware running as standard user may be able to circumvent the intent of Windows Defender Application Control. 
-Some application installers include an option to automatically run the application at the end of the installation process. If this happens when the installer is run by a managed installer, then the managed installer's heuristic tracking and authorization may continue to apply to all files created during the first run of the application. This could result in over-authorization for executables that were not intended.
-To avoid this, ensure that the application deployment solution being used as a managed installer limits running applications as part of installation.   
-
-## Known limitations with managed installer
-
-- Application execution control based on managed installer does not support applications that self-update. 
-If an application deployed by a managed installer subsequently updates itself, the updated application files will no longer include the managed installer origin information and will not be authorized to run. 
-Enterprises should deploy and install all application updates using the managed installer. 
-In some cases, it may be possible to also designate an application binary that performs the self-updates as a managed installer. 
-Proper review for functionality and security should be performed for the application before using this method. 
-
-- Although WDAC policies can be deployed in both audit and enforced mode, the managed installer option is currently only recommended for use with policies set to enforced except in lab environments. 
-Using the managed installer option with WDAC policies set to audit only may result in unexpected behavior if the policy is subsequently changed to enforced mode. 
-
-- Modern apps deployed through a managed installer will not be tracked by the managed installer heuristic and will need to be separately authorized in your WDAC policy.
-
-- Executables that extract files and then attempt to execute may not be allowed by the managed installer heuristic. 
-In some cases, it may be possible to also designate an application binary that performs such an operation as a managed installer. 
-Proper review for functionality and security should be performed for the application before using this method.
-
-- The managed installer heuristic does not authorize drivers. 
-The WDAC policy must have rules that allow the necessary drivers to run.  
-
-- In some cases, the code integrity logs where WDAC errors and warnings are written will contain error events for native images generated for .NET assemblies. 
-Typically, the error is functionally benign as a blocked native image will result in the corresponding assembly being re-interpreted. 
-Review for functionality and performance for the related applications using the native images maybe necessary in some cases. 
+In some cases, the code integrity logs where WDAC errors and warnings are written will contain error events for native images generated for .NET assemblies. Typically, the error is functionally benign as a blocked native image will result in the corresponding assembly being re-interpreted. Review for functionality and performance for the related applications using the native images maybe necessary in some cases. 
\ No newline at end of file

From a33af7a063e817c9dd78174e6b196fd2c63e774d Mon Sep 17 00:00:00 2001
From: "Andrea Bichsel (Aquent LLC)" <v-anbic@microsoft.com>
Date: Wed, 13 Jun 2018 13:32:24 -0700
Subject: [PATCH 66/74] Corrected ASR rule functions.

---
 .../attack-surface-reduction-exploit-guard.md                  | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
index 4085972ad5..ef39fda490 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
@@ -11,7 +11,7 @@ ms.pagetype: security
 localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 06/12/2018
+ms.date: 06/13/2018
 ---
 
 
@@ -174,7 +174,6 @@ This rule attempts to block Office files that contain macro code that is capable
 This rule blocks the following file types from being run or launched unless they meet prevalence or age criteria set by admins, or they are in a trusted list or exclusion list:
  
 - Executable files (such as .exe, .dll, or .scr) 
-- Script files (such as a PowerShell .ps, VisualBasic .vbs, or JavaScript .js file)
  
 ### Rule: Use advanced protection against ransomware
  

From e7903a90bbcc957f988d2d36f2e6274084f47ae4 Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Wed, 13 Jun 2018 13:52:18 -0700
Subject: [PATCH 67/74] fixed formatting

---
 ...control-with-intelligent-security-graph.md | 24 +++++++++----------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
index c5c738cc8e..f5dfca7d37 100644
--- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
+++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
@@ -22,7 +22,7 @@ Windows 10, version 1709 (also known as the Windows 10 Fall Creators Update) pro
 
 ## How does the integration between WDAC and the Intelligent Security Graph work? 
 
-The ISG relies on Microsoft’s vast security intelligence and machine learning analytics to help classify applications as having known good reputation. When users download applications on a system with WDAC enabled with the ISG authorization option specified, the reputation of the downloaded file, commonly an installer, is used to determine whether to run the installer and then that original reputation information is passed along to any files that were written by the installer. When any of these files try to execute after they are installed the reputation data is used to help make the right policy authorization decision.   
+The ISG relies on Microsoft’s vast security intelligence and machine learning analytics to help classify applications as having known good reputation. When users download applications on a system with WDAC enabled with the ISG authorization option specified, the reputation of the downloaded file, commonly an installer, is used to determine whether to run the installer and then that original reputation information is passed along to any files that were written by the installer. When any of these files try to execute after they are installed, the reputation data is used to help make the right policy authorization decision.   
 
 After that initial download and installation, the WDAC component will check for the presence of the positive reputation information when evaluating other application execution control rules specified in the policy. If there are no deny rules present for the file, it will be authorized based on the known good reputation classification.  
 
@@ -42,9 +42,9 @@ Setting up the ISG authorization is easy regardless of what management solution
 
 ### Ensure that the Intelligent Security Graph option is enabled in the WDAC policy XML 
 
-In order to enable trust for executables based on classifications in the ISG, the Enabled: Intelligent Security Graph authorization option must be specified in the WDAC policy. This can be done with the Set-RuleOption cmdlet. In addition it is recommended from a security perspective to also enable the Enabled:Invalidate EAs on Reboot option to invalidate the cached ISG results on reboot to force rechecking of applications against the ISG. Caution is advised if devices will regularly transition to and from environments that may not be able to access the ISG. An example of both options being set is shown below. 
+In order to enable trust for executables based on classifications in the ISG, the **Enabled: Intelligent Security Graph authorization** option must be specified in the WDAC policy. This can be done with the Set-RuleOption cmdlet. In addition, it is recommended from a security perspective to also enable the **Enabled:Invalidate EAs on Reboot** option to invalidate the cached ISG results on reboot to force rechecking of applications against the ISG. Caution is advised if devices will regularly transition to and from environments that may not be able to access the ISG. The following example shows both options being set. 
 
-<pre>
+```code
 <Rules> 
     <Rule> 
       <Option>Enabled:Unsigned System Integrity Policy</Option> 
@@ -55,12 +55,12 @@ In order to enable trust for executables based on classifications in the ISG, th
     <Rule> 
       <Option>Required:Enforce Store Applications</Option> 
     </Rule> 
-    <b><Rule></b> 
-      <b><Option>Enabled:UMCI</Option></b> 
-    <b></Rule></b> 
-    <b><Rule></b> 
-      <b><Option>Enabled:Managed Installer</Option></b> 
-    <b></Rule></b> 
+    <Rule>
+      <Option>Enabled:UMCI</Option>
+    </Rule>
+    <Rule>
+      <Option>Enabled:Managed Installer</Option> 
+    </Rule>
     <Rule> 
       <Option>Enabled:Intelligent Security Graph Authorization</Option> 
     </Rule> 
@@ -68,7 +68,7 @@ In order to enable trust for executables based on classifications in the ISG, th
       <Option>Enabled:Invalidate EAs on Reboot</Option> 
     </Rule> 
 </Rules> 
-</pre>
+```
 
 ### Enable the necessary services to allow WDAC to use the ISG correctly on the client
 
@@ -88,9 +88,9 @@ Users with administrator privileges or malware running as an administrator user
 
 ## Known limitations with using the Intelligent Security Graph
 
-Since the ISG relies on identifying executables as being known good there are cases where it may classify legitimate executables as unknown leading to blocks that need to be resolved either with a rule in the WDAC policy, a catalog signed by a certificate trusted in WDAC policy or by deployment through a WDAC managed installer. Typically this is due to an installer or application using a dynamic file as part of execution. These files do not tend to build up known good reputation. Auto-updating applications have also been observed using this mechanism and may be flagged by the ISG.  
+Since the ISG relies on identifying executables as being known good, there are cases where it may classify legitimate executables as unknown, leading to blocks that need to be resolved either with a rule in the WDAC policy, a catalog signed by a certificate trusted in the WDAC policy or by deployment through a WDAC managed installer. Typically, this is due to an installer or application using a dynamic file as part of execution. These files do not tend to build up known good reputation. Auto-updating applications have also been observed using this mechanism and may be flagged by the ISG.  
 
-Modern apps are not supported with the ISG heuristic and will need to be separately authorized in your WDAC policy. As modern apps are signed by the Microsoft Store and Microsoft Store for Business it is straightforward to authorize modern apps with signer rules in the WDAC policy.
+Modern apps are not supported with the ISG heuristic and will need to be separately authorized in your WDAC policy. As modern apps are signed by the Microsoft Store and Microsoft Store for Business. it is straightforward to authorize modern apps with signer rules in the WDAC policy.
 
 The ISG heuristic does not authorize kernel mode drivers. The WDAC policy must have rules that allow the necessary drivers to run.  
 

From a84f2885449ccb019c65048e9c19d06cf8b925ca Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Wed, 13 Jun 2018 13:56:08 -0700
Subject: [PATCH 68/74] fixed formatting

---
 ...ndows-defender-application-control-with-managed-installer.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-managed-installer.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-managed-installer.md
index efb071bcb1..badaf77f39 100644
--- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-managed-installer.md
+++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-managed-installer.md
@@ -6,7 +6,7 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.localizationpriority: high
 author: mdsakibMSFT
-ms.date: 03/01/2018
+ms.date: 06/13/2018
 ---
 
 # Deploy Managed Installer for Windows Defender Application Control

From 1650ac230c4b901630c9680ebb31c309a2e57356 Mon Sep 17 00:00:00 2001
From: "Andrea Bichsel (Aquent LLC)" <v-anbic@microsoft.com>
Date: Wed, 13 Jun 2018 14:01:22 -0700
Subject: [PATCH 69/74] Incorp review

---
 .../attack-surface-reduction-exploit-guard.md                | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
index 4085972ad5..c1ad13b4dd 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
@@ -11,7 +11,7 @@ ms.pagetype: security
 localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 06/12/2018
+ms.date: 06/13/2018
 ---
 
 
@@ -187,6 +187,9 @@ Local Security Authority Subsystem Service (LSASS) authenticates users who log i
 >[!IMPORTANT]
 >[Exclusions do not apply to this rule](customize-attack-surface-reduction.md#exclude-files-and-folders).
  
+ >[!NOTE]
+ >Some apps are coded to enumerate all running processes and to attempt opening them with exhaustive permissions. This results in the app accessing LSASS even when it's not necessary. ASR will deny the app's process open action and log the details to the security event log. Entry in the event log for access denial by itself is not an indication of the presence of a malicious threat.
+
 ### Rule: Block process creations originating from PSExec and WMI commands
  
 This rule blocks processes through PsExec and WMI commands from running, to prevent remote code execution that can spread malware attacks.

From facc92390c2c008d60e772efc1edc7fe874b90ec Mon Sep 17 00:00:00 2001
From: Zane <34351912+zburtondbrs@users.noreply.github.com>
Date: Wed, 13 Jun 2018 16:02:17 -0500
Subject: [PATCH 70/74] Update set-the-default-browser-using-group-policy.md

The KB does not specify that this is a computer policy. Since there is not an equivalent user policy, I think that this should be explicitly stated.
---
 .../set-the-default-browser-using-group-policy.md               | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/browsers/internet-explorer/ie11-deploy-guide/set-the-default-browser-using-group-policy.md b/browsers/internet-explorer/ie11-deploy-guide/set-the-default-browser-using-group-policy.md
index 899c3da6e3..900f6cbb17 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/set-the-default-browser-using-group-policy.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/set-the-default-browser-using-group-policy.md
@@ -17,7 +17,7 @@ You can use the Group Policy setting, **Set a default associations configuration
 
  **To set the default browser as Internet Explorer 11**
 
-1.  Open your Group Policy editor and go to the **Administrative Templates\\Windows Components\\File Explorer\\Set a default associations configuration file** setting.<p>
+1.  Open your Group Policy editor and go to the **Computer Configuration\\Policies\\Administrative Templates\\Windows Components\\File Explorer\\Set a default associations configuration file** setting.<p>
 Turning this setting on also requires you to create and store a default associations configuration file, locally or on a network share. For more information about creating this file, see [Export or Import Default Application Associations]( https://go.microsoft.com/fwlink/p/?LinkId=618268).
 
     ![set default associations group policy setting](images/setdefaultbrowsergp.png)

From 3f87dc491dbdba52acb699e5b5c0926809cefd10 Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Wed, 13 Jun 2018 14:02:51 -0700
Subject: [PATCH 71/74] minor updates

---
 ...privacy-windows-defender-advanced-threat-protection.md | 6 +++---
 ...censing-windows-defender-advanced-threat-protection.md | 2 +-
 ...rements-windows-defender-advanced-threat-protection.md | 6 +++---
 ...ot-siem-windows-defender-advanced-threat-protection.md | 8 ++++----
 4 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-atp/data-storage-privacy-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/data-storage-privacy-windows-defender-advanced-threat-protection.md
index 7a7abff824..1f6735881b 100644
--- a/windows/security/threat-protection/windows-defender-atp/data-storage-privacy-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/data-storage-privacy-windows-defender-advanced-threat-protection.md
@@ -10,7 +10,7 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: high
-ms.date: 03/06/2018
+ms.date: 06/13/2018
 ---
 
 # Windows Defender ATP data storage and privacy
@@ -27,7 +27,7 @@ This section covers some of the most frequently asked questions regarding privac
 
 ## What data does Windows Defender ATP collect?
 
-Microsoft will collect and store information from your configured machines in a database specific to the service for administration, tracking, and reporting purposes.
+Windows Defender ATP will collect and store information from your configured machines in a customer dedicate and segregated tenant specific to the service for administration, tracking, and reporting purposes. 
 
 Information collected includes file data (such as file names, sizes, and hashes), process data (running processes, hashes), registry data, network connection data (host IPs and ports), and machine details (such as machine identifiers, names, and the operating system version).
 
@@ -51,7 +51,7 @@ In all scenarios, data is encrypted using 256-bit [AES encyption](https://en.wik
 
 ## Do I have the flexibility to select where to store my data?
 
-When onboarding the service for the first time, you can choose to store your data in Microsoft Azure datacenters in the United Kingdom, Europe, or in the United States. Once configured, you cannot change the location where your data is stored. This provides a convenient way to minimize compliance risk by actively selecting the geographic locations where your data will reside. Customer data in de-identified form may also be stored in the central storage and processing systems in the United States.
+When onboarding the service for the first time, you can choose to store your data in Microsoft Azure datacenters in the European Union, the United Kingdom, or the United States. Once configured, you cannot change the location where your data is stored. This provides a convenient way to minimize compliance risk by actively selecting the geographic locations where your data will reside. Customer data in de-identified form may also be stored in the central storage and processing systems in the United States.
 
 ## Is my data isolated from other customer data?
 Yes, your data is isolated through access authentication and logical segregation based on customer identifier. Each customer can only access data collected from its own organization and generic data that Microsoft provides.
diff --git a/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md
index e64acc561c..30c94ffd40 100644
--- a/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md
@@ -66,7 +66,7 @@ When accessing the [Windows Defender ATP portal](https://SecurityCenter.Windows.
 
 	You will need to set up your preferences for the Windows Defender ATP portal.
 
-3. When onboarding the service for the first time, you can choose to store your data in the Microsoft Azure datacenters in the United Kingdom, Europe, or The United States. Once configured, you cannot change the location where your data is stored. This provides a convenient way to minimize compliance risk by actively selecting the geographic locations where your data will reside. Microsoft will not transfer the data from the specified geolocation.
+3. When onboarding the service for the first time, you can choose to store your data in the Microsoft Azure datacenters in the European Union, the United Kingdom, or the United States. Once configured, you cannot change the location where your data is stored. This provides a convenient way to minimize compliance risk by actively selecting the geographic locations where your data will reside. Microsoft will not transfer the data from the specified geolocation.
 
 	> [!WARNING]
 	> This option cannot be changed without completely offboarding from Windows Defender ATP and completing a new enrollment process.
diff --git a/windows/security/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md
index c4a8127477..bd53b3a21d 100644
--- a/windows/security/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md
@@ -36,14 +36,14 @@ For more information, see [Windows 10 Enterprise edition](https://www.microsoft.
 ### Licensing requirements
 Windows Defender Advanced Threat Protection requires one of the following Microsoft Volume Licensing offers:
 
--	Windows 10 Enterprise E5
--	Windows 10 Education E5
+- Windows 10 Enterprise E5
+- Windows 10 Education E5
 - Microsoft 365 E5 (M365 E5) which includes Windows 10 Enterprise E5
 
 For more information, see [Windows 10 Licensing](https://www.microsoft.com/en-us/Licensing/product-licensing/windows10.aspx#tab=2).
 
 ### Network and data storage and configuration requirements
-When you run the onboarding wizard for the first time, you must choose where your Windows Defender Advanced Threat Protection-related information is stored: in the United Kingdom, Europe, or United States datacenter.
+When you run the onboarding wizard for the first time, you must choose where your Windows Defender Advanced Threat Protection-related information is stored: in the European Union, the United Kingdom, or the United States datacenter.
 
 > [!NOTE]
 > -   You cannot change your data storage location after the first-time setup.
diff --git a/windows/security/threat-protection/windows-defender-atp/troubleshoot-siem-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/troubleshoot-siem-windows-defender-advanced-threat-protection.md
index ba867a62e4..eb4b206317 100644
--- a/windows/security/threat-protection/windows-defender-atp/troubleshoot-siem-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/troubleshoot-siem-windows-defender-advanced-threat-protection.md
@@ -63,10 +63,10 @@ If you encounter an error when trying to get a refresh token when using the thre
     - For Threat intelligence API: `https://WindowsDefenderATPCustomerTiConnector`
 
 5. Add the following URL:
-   - For US:  `https://winatpmanagement-us.securitycenter.windows.com/UserAuthenticationCallback`.
-   - For Europe: `https://winatpmanagement-eu.securitycenter.windows.com/UserAuthenticationCallback`
-   - For United Kingdom: `https://winatpmanagement-uk.securitycenter.windows.com/UserAuthenticationCallback`
-
+  - For the European Union: `https://winatpmanagement-eu.securitycenter.windows.com/UserAuthenticationCallback`
+  - For the United Kingdom: `https://winatpmanagement-uk.securitycenter.windows.com/UserAuthenticationCallback`
+  - For the United States:  `https://winatpmanagement-us.securitycenter.windows.com/UserAuthenticationCallback`.
+ 
 6. Click **Save**.
 
 >Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-troubleshootsiem-belowfoldlink) 

From 71d2e1e786e30009f3965a6be272a1a3b8300ad6 Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Wed, 13 Jun 2018 14:17:05 -0700
Subject: [PATCH 72/74] typo

---
 ...orage-privacy-windows-defender-advanced-threat-protection.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-atp/data-storage-privacy-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/data-storage-privacy-windows-defender-advanced-threat-protection.md
index 1f6735881b..872a54ee9b 100644
--- a/windows/security/threat-protection/windows-defender-atp/data-storage-privacy-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/data-storage-privacy-windows-defender-advanced-threat-protection.md
@@ -27,7 +27,7 @@ This section covers some of the most frequently asked questions regarding privac
 
 ## What data does Windows Defender ATP collect?
 
-Windows Defender ATP will collect and store information from your configured machines in a customer dedicate and segregated tenant specific to the service for administration, tracking, and reporting purposes. 
+Windows Defender ATP will collect and store information from your configured machines in a customer dedicated and segregated tenant specific to the service for administration, tracking, and reporting purposes. 
 
 Information collected includes file data (such as file names, sizes, and hashes), process data (running processes, hashes), registry data, network connection data (host IPs and ports), and machine details (such as machine identifiers, names, and the operating system version).
 

From 3d417b579cb5b4eb36bb5138848946614ce23637 Mon Sep 17 00:00:00 2001
From: Patti Short <35278231+shortpatti@users.noreply.github.com>
Date: Wed, 13 Jun 2018 14:24:29 -0700
Subject: [PATCH 73/74] Revert "Update supl-ddf-file.md"

---
 .../client-management/mdm/supl-ddf-file.md    | 198 +-----------------
 1 file changed, 1 insertion(+), 197 deletions(-)

diff --git a/windows/client-management/mdm/supl-ddf-file.md b/windows/client-management/mdm/supl-ddf-file.md
index 4ee4e4ad1d..e6ed98d713 100644
--- a/windows/client-management/mdm/supl-ddf-file.md
+++ b/windows/client-management/mdm/supl-ddf-file.md
@@ -171,7 +171,7 @@ The XML below is the current version for this CSP.
                 </DFProperties>
               </Node>
               <Node>
-                <NodeName>MCCMNCPairs</NodeName>
+                <NodeName>MCCMNPairs</NodeName>
                 <DFProperties>
                   <AccessType>
                     <Get />
@@ -482,201 +482,6 @@ The XML below is the current version for this CSP.
             </Node>
           </Node>
         </Node>
-        <Node>
-          <NodeName>RootCertificate4</NodeName>
-          <DFProperties>
-            <AccessType>
-              <Get />
-            </AccessType>
-            <Description>Required. Specifies the root certificate for the H-SLP server. Windows Phone does not support a non-secure mode. If this node is not included, the configuration service provider will fail but may not return a specific error.</Description>
-            <DFFormat>
-              <node />
-            </DFFormat>
-            <Occurrence>
-              <One />
-            </Occurrence>
-            <Scope>
-              <Permanent />
-            </Scope>
-            <DFType>
-              <DDFName></DDFName>
-            </DFType>
-          </DFProperties>
-          <Node>
-            <NodeName>Name</NodeName>
-            <DFProperties>
-              <AccessType>
-                <Get />
-                <Replace />
-              </AccessType>
-              <Description>Specifies the name of the H-SLP root certificate as a string, in the format name.cer.</Description>
-              <DFFormat>
-                <chr />
-              </DFFormat>
-              <Occurrence>
-                <One />
-              </Occurrence>
-              <Scope>
-                <Permanent />
-              </Scope>
-              <DFType>
-                <MIME>text/plain</MIME>
-              </DFType>
-            </DFProperties>
-          </Node>
-          <Node>
-            <NodeName>Data</NodeName>
-            <DFProperties>
-              <AccessType>
-                <Get />
-                <Replace />
-              </AccessType>
-              <Description>The base 64 encoded blob of the H-SLP root certificate.</Description>
-              <DFFormat>
-                <b64 />
-              </DFFormat>
-              <Occurrence>
-                <One />
-              </Occurrence>
-              <Scope>
-                <Permanent />
-              </Scope>
-              <DFType>
-                <DDFName></DDFName>
-              </DFType>
-            </DFProperties>
-          </Node>
-        </Node>
-        <Node>
-          <NodeName>RootCertificate5</NodeName>
-          <DFProperties>
-            <AccessType>
-              <Get />
-            </AccessType>
-            <Description>Required. Specifies the root certificate for the H-SLP server. Windows Phone does not support a non-secure mode. If this node is not included, the configuration service provider will fail but may not return a specific error.</Description>
-            <DFFormat>
-              <node />
-            </DFFormat>
-            <Occurrence>
-              <One />
-            </Occurrence>
-            <Scope>
-              <Permanent />
-            </Scope>
-            <DFType>
-              <DDFName></DDFName>
-            </DFType>
-          </DFProperties>
-          <Node>
-            <NodeName>Name</NodeName>
-            <DFProperties>
-              <AccessType>
-                <Get />
-                <Replace />
-              </AccessType>
-              <Description>Specifies the name of the H-SLP root certificate as a string, in the format name.cer.</Description>
-              <DFFormat>
-                <chr />
-              </DFFormat>
-              <Occurrence>
-                <One />
-              </Occurrence>
-              <Scope>
-                <Permanent />
-              </Scope>
-              <DFType>
-                <MIME>text/plain</MIME>
-              </DFType>
-            </DFProperties>
-          </Node>
-          <Node>
-            <NodeName>Data</NodeName>
-            <DFProperties>
-              <AccessType>
-                <Get />
-                <Replace />
-              </AccessType>
-              <Description>The base 64 encoded blob of the H-SLP root certificate.</Description>
-              <DFFormat>
-                <b64 />
-              </DFFormat>
-              <Occurrence>
-                <One />
-              </Occurrence>
-              <Scope>
-                <Permanent />
-              </Scope>
-              <DFType>
-                <DDFName></DDFName>
-              </DFType>
-            </DFProperties>
-          </Node>
-        </Node>
-        <Node>
-          <NodeName>RootCertificate6</NodeName>
-          <DFProperties>
-            <AccessType>
-              <Get />
-            </AccessType>
-            <Description>Required. Specifies the root certificate for the H-SLP server. Windows Phone does not support a non-secure mode. If this node is not included, the configuration service provider will fail but may not return a specific error.</Description>
-            <DFFormat>
-              <node />
-            </DFFormat>
-            <Occurrence>
-              <One />
-            </Occurrence>
-            <Scope>
-              <Permanent />
-            </Scope>
-            <DFType>
-              <DDFName></DDFName>
-            </DFType>
-          </DFProperties>
-          <Node>
-            <NodeName>Name</NodeName>
-            <DFProperties>
-              <AccessType>
-                <Get />
-                <Replace />
-              </AccessType>
-              <Description>Specifies the name of the H-SLP root certificate as a string, in the format name.cer.</Description>
-              <DFFormat>
-                <chr />
-              </DFFormat>
-              <Occurrence>
-                <One />
-              </Occurrence>
-              <Scope>
-                <Permanent />
-              </Scope>
-              <DFType>
-                <MIME>text/plain</MIME>
-              </DFType>
-            </DFProperties>
-          </Node>
-          <Node>
-            <NodeName>Data</NodeName>
-            <DFProperties>
-              <AccessType>
-                <Get />
-                <Replace />
-              </AccessType>
-              <Description>The base 64 encoded blob of the H-SLP root certificate.</Description>
-              <DFFormat>
-                <b64 />
-              </DFFormat>
-              <Occurrence>
-                <One />
-              </Occurrence>
-              <Scope>
-                <Permanent />
-              </Scope>
-              <DFType>
-                <DDFName></DDFName>
-              </DFType>
-            </DFProperties>
-          </Node>
-        </Node>
         <Node>
           <NodeName>V2UPL1 </NodeName>
           <DFProperties>
@@ -857,7 +662,6 @@ The XML below is the current version for this CSP.
         </Node>
       </Node>
 </MgmtTree>
-
 ```
 
  

From 57d57e319c5160365e228cfcea219843476ecf32 Mon Sep 17 00:00:00 2001
From: Luis Masieri <32968351+lmasieri@users.noreply.github.com>
Date: Wed, 13 Jun 2018 14:29:15 -0700
Subject: [PATCH 74/74] Update whats-new-microsoft-store-business-education.md

---
 .../whats-new-microsoft-store-business-education.md             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/store-for-business/whats-new-microsoft-store-business-education.md b/store-for-business/whats-new-microsoft-store-business-education.md
index fc29d300b3..e2988a84c9 100644
--- a/store-for-business/whats-new-microsoft-store-business-education.md
+++ b/store-for-business/whats-new-microsoft-store-business-education.md
@@ -68,7 +68,7 @@ We’ve been working on bug fixes and performance improvements to provide you a
 - Bug fixes and performance improvements
 
 [October 2017](release-history-microsoft-store-business-education.md#october-2017)
-- Bug fixes and permformance improvements 
+- Bug fixes and performance improvements 
 
 [September 2017](release-history-microsoft-store-business-education.md#september-2017)
 - Manage Windows device deployment with Windows Autopilot Deployment