revised reg info

windows/device-security/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md

@@ -56,7 +56,7 @@ This less restrictive default allows for testing the impact of enabling restrict
 |   |   |
 |----|---|
 | Policy Name | Network access: Restrict clients allowed to make remote calls to SAM |
-| Location | `Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Option` |
+| Location | Computer Configuration\|Windows Settings\|Security Settings\|Local Policies\|Security Option |
 | Possible values | <br>- Not defined <br>- Defined, along with the security descriptor for users and groups who are allowed or denied to use SAMRPC to remotely access either the local SAM or Active Directory. |
 | Registry location | `HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\RestrictRemoteSam` |
 | Registry type | REG_SZ |
@@ -97,8 +97,8 @@ Audit only mode configures the SAMRPC protocol to do the access check against th
 
 |Registry|Details|
 |---|---|
-|Path|`HKEY_LOCAL_MACHINE|SYSTEM|CurrentControlSet|Control|Lsa`|
-|Setting|`RestrictRemoteSamAuditOnlyMode`|
+|Path|HKEY_LOCAL_MACHINE\|SYSTEM\|CurrentControlSet\|Control\|Lsa|
+|Setting|RestrictRemoteSamAuditOnlyMode|
 |Data Type|REG_DWORD|
 |Value|1|
 |Notes|This setting cannot be added or removed by using predefined Group Policy settings. <br> Administrators may create a custom policy to set the registry value if needed. <br>                               SAM responds dynamically to changes in this registry value without a reboot. <br> You can use the [Events 16962 - 16969 Reader](https://gallery.technet.microsoft.com/Events-16962-16969-Reader-2eae5f1d) script to parse the event logs, as explained in the next section.|