Merge pull request #6534 from MicrosoftDocs/aljupudi-5864419-cspimprovement-part6

CSP Improvement Updates- part6
2025-05-12 21:37:22 +00:00 · 2022-06-10 14:32:57 -07:00 · 2022-06-10 14:32:57 -07:00 · dee5669222
commit dee5669222
parent dcc378e40d 944bace49f
30 changed files with 249 additions and 156 deletions
--- a/windows/client-management/mdm/policy-csp-admx-eaime.md
+++ b/windows/client-management/mdm/policy-csp-admx-eaime.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_EAIME
-description: Policy CSP - ADMX_EAIME
+description: Learn about the Policy CSP - ADMX_EAIME.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -698,3 +698,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-encryptfilesonmove.md
+++ b/windows/client-management/mdm/policy-csp-admx-encryptfilesonmove.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_EncryptFilesonMove
-description: Policy CSP - ADMX_EncryptFilesonMove
+description: Learn about the Policy CSP - ADMX_EncryptFilesonMove.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -64,9 +64,9 @@ manager: dansimp
 <!--Description-->
 This policy setting prevents File Explorer from encrypting files that are moved to an encrypted folder.
-If you enable this policy setting, File Explorer will not automatically encrypt files that are moved to an encrypted folder.
+If you enable this policy setting, File Explorer won't automatically encrypt files that are moved to an encrypted folder.
-If you disable or do not configure this policy setting, File Explorer automatically encrypts files that are moved to an encrypted folder.
+If you disable or don't configure this policy setting, File Explorer automatically encrypts files that are moved to an encrypted folder.
 This setting applies only to files moved within a volume. When files are moved to other volumes, or if you create a new file in an encrypted folder, File Explorer encrypts those files automatically.
@ -87,3 +87,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-enhancedstorage.md
+++ b/windows/client-management/mdm/policy-csp-admx-enhancedstorage.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_EnhancedStorage
-description: Policy CSP - ADMX_EnhancedStorage
+description: Learn about the Policy CSP - ADMX_EnhancedStorage.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -77,7 +77,7 @@ manager: dansimp
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to configure a list of Enhanced Storage devices by manufacturer and product ID that are usable on your computer.
+This policy setting allows you to configure a list of Enhanced Storage devices that contain a manufacturer and product ID that are usable on your computer.
 If you enable this policy setting, only Enhanced Storage devices that contain a manufacturer and product ID specified in this policy are usable on your computer.
@ -123,7 +123,7 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to create a list of IEEE 1667 silos, compliant with the Institute of Electrical and Electronics Engineers, Inc. (IEEE) 1667 specification, that are usable on your computer.
+This policy setting allows you to create a list of IEEE 1667 silos, compliant with the Institute of Electrical and Electronics Engineers, Inc. (IEEE) 1667 specification, that is usable on your computer.
 If you enable this policy setting, only IEEE 1667 silos that match a silo type identifier specified in this policy are usable on your computer.
@ -263,7 +263,8 @@ ADMX Info:
 <!--Description-->
 This policy setting locks Enhanced Storage devices when the computer is locked.
-This policy setting is supported in Windows Server SKUs only.
+>[!Note]
 >This policy setting is supported in Windows Server SKUs only.
 If you enable this policy setting, the Enhanced Storage device remains locked when the computer is locked.
@ -330,3 +331,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-errorreporting.md
+++ b/windows/client-management/mdm/policy-csp-admx-errorreporting.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_ErrorReporting
-description: Policy CSP - ADMX_ErrorReporting
+description: Learn about the Policy CSP - ADMX_ErrorReporting.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -252,11 +252,14 @@ To create a list of applications for which Windows Error Reporting never reports
 If you enable this policy setting, you can create a list of applications that are always included in error reporting. To add applications to the list, click Show under the Report errors for applications on this list setting, and edit the list of application file names in the Show Contents dialog box. The file names must include the .exe file name extension (for example, notepad.exe). Errors that are generated by applications on this list are always reported, even if the Default dropdown in the Default application reporting policy setting is set to report no application errors.
-If the Report all errors in Microsoft applications or Report all errors in Windows components check boxes in the Default Application Reporting policy setting are filled, Windows Error Reporting reports errors as if all applications in these categories were added to the list in this policy setting. (Note: The Microsoft applications category includes the Windows components category.)
+If the Report all errors in Microsoft applications or Report all errors in Windows components check boxes in the Default Application Reporting policy setting are filled, Windows Error Reporting reports errors as if all applications in these categories were added to the list in this policy setting.
 >[!Note]
 >The Microsoft applications category includes the Windows components category.
 If you disable this policy setting or don't configure it, the Default application reporting settings policy setting takes precedence.
-Also see the "Default Application Reporting" and "Application Exclusion List" policies.
+Also, see the "Default Application Reporting" and "Application Exclusion List" policies.
 This setting will be ignored if the 'Configure Error Reporting' setting is disabled or not configured.
@ -311,22 +314,17 @@ This policy setting doesn't enable or disable Windows Error Reporting. To turn W
 If you enable this policy setting, the setting overrides any user changes made to Windows Error Reporting settings in Control Panel, and default values are applied for any Windows Error Reporting policy settings that aren't configured (even if users have changed settings by using Control Panel). If you enable this policy setting, you can configure the following settings in the policy setting:
 - "Do not display links to any Microsoft ‘More information’ websites": Select this option if you don't want error dialog boxes to display links to Microsoft websites.
 - "Do not collect additional files": Select this option if you don't want extra files to be collected and included in error reports.
 - "Do not collect additional computer data": Select this option if you don't want additional information about the computer to be collected and included in error reports.
 - "Force queue mode for application errors": Select this option if you don't want users to report errors. When this option is selected, errors are stored in a queue directory, and the next administrator to sign in to the computer can send the error reports to Microsoft.
 - "Corporate file path": Type a UNC path to enable Corporate Error Reporting.  All errors are stored at the specified location instead of being sent directly to Microsoft, and the next administrator to sign in to the computer can send the error reports to Microsoft.
 - "Replace instances of the word ‘Microsoft’ with":  You can specify text with which to customize your error report dialog boxes.  The word ""Microsoft"" is replaced with the specified text.
 If you don't configure this policy setting, users can change Windows Error Reporting settings in Control Panel. By default, these settings are Enable Reporting on computers that are running Windows XP, and Report to Queue on computers that are running Windows Server 2003.
 If you disable this policy setting, configuration settings in the policy setting are left blank.
-See related policy settings Display Error Notification (same folder as this policy setting), and Turn off Windows Error Reporting in Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication settings.
+See related policy settings Display Error Notification (same folder as this policy setting), and turn off Windows Error Reporting in Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication settings.
 <!--/Description-->
@ -927,13 +925,9 @@ This policy setting determines the consent behavior of Windows Error Reporting f
 If you enable this policy setting, you can add specific event types to a list by clicking Show, and typing event types in the Value Name column of the Show Contents dialog box. Event types are those types meant for generic, non-fatal errors: crash, no response, and kernel fault errors. For each specified event type, you can set a consent level of 0, 1, 2, 3, or 4.
 - 0 (Disable): Windows Error Reporting sends no data to Microsoft for this event type.
 - 1 (Always ask before sending data): Windows prompts the user for consent to send reports.
 - 2 (Send parameters): Windows Error Reporting automatically sends the minimum data required to check for an existing solution, and Windows prompts the user for consent to send more data requested by Microsoft.
 - 3 (Send parameters and safe extra data): Windows Error Reporting automatically sends the minimum data required to check for an existing solution, and data which Windows has determined (within a high probability) doesn't contain personally identifiable data, and prompts the user for consent to send more data requested by Microsoft.
 - 4 (Send all data): Any data requested by Microsoft is sent automatically.
 If you disable or don't configure this policy setting, then the default consent settings that are applied are those settings specified by the user in Control Panel, or in the Configure Default Consent policy setting.
@ -1074,13 +1068,10 @@ This policy setting determines the default consent behavior of Windows Error Rep
 If you enable this policy setting, you can set the default consent handling for error reports. The following list describes the Consent level settings that are available in the pull-down menu in this policy setting:
- Always ask before sending data: Windows prompts users for consent to send reports.
+- **Always ask before sending data**: Windows prompts users for consent to send reports.
-
+- **Send parameters**: Only the minimum data that is required to check for an existing solution is sent automatically, and Windows prompts users for consent to send more data that is requested by Microsoft.
- Send parameters: Only the minimum data that is required to check for an existing solution is sent automatically, and Windows prompts users for consent to send more data that is requested by Microsoft.
+- **Send parameters and safe extra data**: the minimum data that is required to check for an existing solution, along with data which Windows has determined (within a high probability) doesn't contain personally identifiable information is sent automatically, and Windows prompts the user for consent to send more data that is requested by Microsoft.
-
+- **Send all data**: any error reporting data requested by Microsoft is sent automatically.
 - Send parameters and safe extra data: the minimum data that is required to check for an existing solution, along with data which Windows has determined (within a high probability) doesn't contain personally identifiable information is sent automatically, and Windows prompts the user for consent to send more data that is requested by Microsoft.
 - Send all data: any error reporting data requested by Microsoft is sent automatically.
 If this policy setting is disabled or not configured, then the consent level defaults to the highest-privacy setting: Always ask before sending data.
@ -1128,13 +1119,10 @@ This policy setting determines the default consent behavior of Windows Error Rep
 If you enable this policy setting, you can set the default consent handling for error reports. The following list describes the Consent level settings that are available in the pull-down menu in this policy setting:
- Always ask before sending data: Windows prompts users for consent to send reports.
+- **Always ask before sending data**: Windows prompts users for consent to send reports.
-
+- **Send parameters**: Only the minimum data that is required to check for an existing solution is sent automatically, and Windows prompts users for consent to send more data that is requested by Microsoft.
- Send parameters: Only the minimum data that is required to check for an existing solution is sent automatically, and Windows prompts users for consent to send more data that is requested by Microsoft.
+- **Send parameters and safe extra data**: the minimum data that is required to check for an existing solution, along with data which Windows has determined (within a high probability) doesn't contain personally identifiable information is sent automatically, and Windows prompts the user for consent to send more data that is requested by Microsoft.
-
+- **Send all data**: any error reporting data requested by Microsoft is sent automatically.
 - Send parameters and safe extra data: the minimum data that is required to check for an existing solution, along with data which Windows has determined (within a high probability) doesn't contain personally identifiable information is sent automatically, and Windows prompts the user for consent to send more data that is requested by Microsoft.
 - Send all data: any error reporting data requested by Microsoft is sent automatically.
 If this policy setting is disabled or not configured, then the consent level defaults to the highest-privacy setting: Always ask before sending data.
@ -1526,3 +1514,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-eventforwarding.md
+++ b/windows/client-management/mdm/policy-csp-admx-eventforwarding.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_EventForwarding
-description: Policy CSP - ADMX_EventForwarding
+description: Learn about the Policy CSP - ADMX_EventForwarding.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -124,11 +124,11 @@ If you enable this policy setting, you can configure the Source Computer to cont
 Use the following syntax when using the HTTPS protocol:  
 ``` syntax
 Server=https://<FQDN of the collector>:5986/wsman/SubscriptionManager/WEC,Refresh=<Refresh interval in seconds>,IssuerCA=<Thumb print of the client authentication certificate>.
 ```
-When using the HTTP protocol, use port 5985.
+>[!Note]
 > When using the HTTP protocol, use port 5985.
 If you disable or don't configure this policy setting, the Event Collector computer won't be specified.
@ -148,3 +148,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-eventlog.md
+++ b/windows/client-management/mdm/policy-csp-admx-eventlog.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_EventLog
-description: Policy CSP - ADMX_EventLog
+description: Learn about the Policy CSP - ADMX_EventLog.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -126,7 +126,10 @@ This policy setting turns on logging.
 If you enable or don't configure this policy setting, then events can be written to this log.
-If the policy setting is disabled, then no new events can be logged. Events can always be read from the log, regardless of this policy setting.
+If the policy setting is disabled, then no new events can be logged. 
 >[!Note]
 > Events can always be read from the log, regardless of this policy setting.
 <!--/Description-->
@ -984,7 +987,8 @@ If you enable this policy setting and a log file reaches its maximum size, new e
 If you disable or don't configure this policy setting and a log file reaches its maximum size, new events overwrite old events.
-Note: Old events may or may not be retained according to the "Backup log automatically when full" policy setting.
+>[!Note]
 > Old events may or may not be retained according to the "Backup log automatically when full" policy setting.
 <!--/Description-->
@ -1032,7 +1036,8 @@ If you enable this policy setting and a log file reaches its maximum size, new e
 If you disable or don't configure this policy setting and a log file reaches its maximum size, new events overwrite old events.
-Note: Old events may or may not be retained according to the "Backup log automatically when full" policy setting.
+>[!Note]
 > Old events may or may not be retained according to the "Backup log automatically when full" policy setting.
 <!--/Description-->
@ -1081,7 +1086,8 @@ If you enable this policy setting and a log file reaches its maximum size, new e
 If you disable or don't configure this policy setting and a log file reaches its maximum size, new events overwrite old events.
-Note: Old events may or may not be retained according to the "Backup log automatically when full" policy setting.
+>[!Note]
 > Old events may or may not be retained according to the "Backup log automatically when full" policy setting.
 <!--/Description-->
@ -1098,3 +1104,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-eventlogging.md
+++ b/windows/client-management/mdm/policy-csp-admx-eventlogging.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_EventLogging
-description: Policy CSP - ADMX_EventLogging
+description: Learn about the Policy CSP - ADMX_EventLogging.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -64,11 +64,11 @@ manager: dansimp
 <!--Description-->
 This policy setting lets you configure Protected Event Logging.  
- If you enable this policy setting, components that support it will use the certificate you supply to encrypt potentially sensitive event log data before writing it to the event log. Data will be encrypted using the Cryptographic Message Syntax (CMS) standard and the public key you provide. 
+If you enable this policy setting, components that support it will use the certificate you supply to encrypt potentially sensitive event log data before writing it to the event log. Data will be encrypted using the Cryptographic Message Syntax (CMS) standard and the public key you provide. 
-You can use the Unprotect-CmsMessage PowerShell cmdlet to decrypt these encrypted messages, if you have access to the private key corresponding to the public key that they were encrypted with.  
+You can use the `Unprotect-CmsMessage` PowerShell cmdlet to decrypt these encrypted messages, if you have access to the private key corresponding to the public key that they were encrypted with.  
- If you disable or don't configure this policy setting, components won't encrypt event log messages before writing them to the event log.
+If you disable or don't configure this policy setting, components won't encrypt event log messages before writing them to the event log.
 <!--/Description-->
@ -86,3 +86,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-eventviewer.md
+++ b/windows/client-management/mdm/policy-csp-admx-eventviewer.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_EventViewer
-description: Policy CSP - ADMX_EventViewer
+description: Learn about the Policy CSP - ADMX_EventViewer.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -154,8 +154,8 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 This URL is the one that will be passed to the Description area in the Event Properties dialog box.
 Change this value if you want to use a different Web server to handle event information requests.
 Change this value if you want to use a different Web server to handle event information requests.
 <!--/Description--> 
@ -173,3 +173,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-explorer.md
+++ b/windows/client-management/mdm/policy-csp-admx-explorer.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_Explorer
-description: Policy CSP - ADMX_Explorer
+description: Learn about the Policy CSP - ADMX_Explorer.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -74,7 +74,7 @@ manager: dansimp
 <!--/Scope-->
 <!--Description-->
-Sets the target of the More Information link that will be displayed when the user attempts to run a program that is blocked by policy.
+This policy setting sets the target of the More Information link that will be displayed when the user attempts to run a program that is blocked by policy.
 <!--/Description-->
@ -166,7 +166,7 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
-This policy setting allows administrators who have configured roaming profile in conjunction with Delete Cached Roaming Profile Group Policy setting to ensure that Explorer won't reinitialize default program associations and other settings to default values.
+This policy setting allows administrators who have configured roaming profile with Delete Cached Roaming Profile Group Policy setting to ensure that Explorer won't reinitialize default program associations and other settings to default values.
 If you enable this policy setting on a machine that doesn't contain all programs installed in the same manner as it was on the machine on which the user had last logged on, unexpected behavior could occur.
@ -210,14 +210,14 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
-This policy setting allows administrators to prevent users from adding new items such as files or folders to the root of their Users Files folder in File Explorer.
+This policy setting allows administrators to prevent users from adding new items, such as files or folders to the root of their Users Files folder in File Explorer.
-If you enable this policy setting, users will no longer be able to add new items such as files or folders to the root of their Users Files folder in File Explorer.
+If you enable this policy setting, users will no longer be able to add new items, such as files or folders to the root of their Users Files folder in File Explorer.
 If you disable or don't configure this policy setting, users will be able to add new items such as files or folders to the root of their Users Files folder in File Explorer.
 > [!NOTE]
-> Enabling this policy setting doesn't prevent the user from being able to add new items such as files and folders to their actual file system profile folder at %userprofile%.
+> Enabling this policy setting doesn't prevent the user from being able to add new items, such as files and folders to their actual file system profile folder at %userprofile%.
 <!--/Description-->
@ -259,7 +259,9 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
-This policy is similar to settings directly available to computer users.  Disabling animations can improve usability for users with some visual disabilities, and also improve performance and battery life in some scenarios.
+This policy is similar to settings directly available to computer users. 
 Disabling animations can improve usability for users with some visual disabilities, and also improve performance and battery life in some scenarios.
 <!--/Description-->
@ -275,3 +277,7 @@ ADMX Info:
 <hr/>
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-externalboot.md
+++ b/windows/client-management/mdm/policy-csp-admx-externalboot.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_ExternalBoot
-description: Policy CSP - ADMX_ExternalBoot
+description: Learn about the Policy CSP - ADMX_ExternalBoot.
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10
@ -72,9 +72,9 @@ manager: dansimp
 <!--Description-->
 This policy specifies whether the PC can use the hibernation sleep state (S4) when started from a Windows To Go workspace.  
- If you enable this setting, Windows, when started from a Windows To Go workspace, can hibernate the PC.  
+If you enable this setting, Windows, when started from a Windows To Go workspace, can hibernate the PC.  
- If you disable or don't configure this setting, Windows, when started from a Windows To Go workspace, and can't hibernate the PC.
+If you disable or don't configure this setting, Windows, when started from a Windows To Go workspace, and can't hibernate the PC.
 <!--/Description-->
@ -168,9 +168,9 @@ ADMX Info:
 <!--Description-->
 This policy setting controls whether the PC will boot to Windows To Go if a USB device containing a Windows To Go workspace is connected, and controls whether users can make changes using the Windows To Go Startup Options Control Panel item.  
- If you enable this setting, booting to Windows To Go when a USB device is connected will be enabled, and users won't be able to make changes using the Windows To Go Startup Options Control Panel item.  
+If you enable this setting, booting to Windows To Go when a USB device is connected will be enabled, and users won't be able to make changes using the Windows To Go Startup Options Control Panel item.  
- If you disable this setting, booting to Windows To Go when a USB device is connected won't be enabled unless a user configures the option manually in the BIOS or other boot order configuration.  
+If you disable this setting, booting to Windows To Go when a USB device is connected won't be enabled unless a user configures the option manually in the BIOS or other boot order configuration.  
 If you don't configure this setting, users who are members of the Administrators group can make changes using the Windows To Go Startup Options Control Panel item.
@ -188,3 +188,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-filerecovery.md
+++ b/windows/client-management/mdm/policy-csp-admx-filerecovery.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_FileRecovery
-description: Policy CSP - ADMX_FileRecovery
+description: Learn about the Policy CSP - ADMX_FileRecovery.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -75,3 +75,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-filerevocation.md
+++ b/windows/client-management/mdm/policy-csp-admx-filerevocation.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_FileRevocation
-description: Policy CSP - ADMX_FileRevocation
+description: Learn about the Policy CSP - ADMX_FileRevocation.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -61,9 +61,9 @@ manager: dansimp
 Windows Runtime applications can protect content that has been associated with an enterprise identifier (EID), but can only revoke access to content it protected. To allow an application to revoke access to all content on the device that is protected by a particular enterprise, add an entry to the list on a new line that contains the enterprise identifier, separated by a comma, and the Package Family Name of the application. The EID must be an internet domain belonging to the enterprise in standard international domain name format.   
 Example value: `Contoso.com,ContosoIT.HumanResourcesApp_m5g0r7arhahqy` 
- If you enable this policy setting, the application identified by the Package Family Name will be permitted to revoke access to all content protected using the specified EID on the device.    
+If you enable this policy setting, the application identified by the Package Family Name will be permitted to revoke access to all content protected using the specified EID on the device.    
- If you disable or don't configure this policy setting, the only Windows Runtime applications that can revoke access to all enterprise-protected content on the device are Windows Mail and the user-selected mailto protocol handler app.  
+If you disable or don't configure this policy setting, the only Windows Runtime applications that can revoke access to all enterprise-protected content on the device are Windows Mail and the user-selected mailto protocol handler app.  
 Any other Windows Runtime application will only be able to revoke access to content it protected.  
@ -86,3 +86,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-fileservervssprovider.md
+++ b/windows/client-management/mdm/policy-csp-admx-fileservervssprovider.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_FileServerVSSProvider
-description: Policy CSP - ADMX_FileServerVSSProvider
+description: Learn about the Policy CSP - ADMX_FileServerVSSProvider.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -87,3 +87,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-filesys.md
+++ b/windows/client-management/mdm/policy-csp-admx-filesys.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_FileSys
-description: Policy CSP - ADMX_FileSys
+description: Learn about the Policy CSP - ADMX_FileSys.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -100,7 +100,6 @@ ADMX Info:
 <!--Policy-->
 <a href="" id="admx-filesys-disabledeletenotification"></a>**ADMX_FileSys/DisableDeleteNotification**  
 |Edition|Windows 10|Windows 11|
 |--- |--- |--- |
 |Home|No|No|
@ -167,8 +166,9 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
-Encryption can add to the processing overhead of filesystem operations. Enabling this setting will prevent access to and creation of encrypted files.
+Encryption can add to the processing overhead of filesystem operations. 
 Enabling this setting will prevent access to and creation of encrypted files.
 <!--ADMXBacked-->
 ADMX Info:  
@ -206,7 +206,9 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
-Encrypting the page file prevents malicious users from reading data that has been paged to disk, but also adds processing overhead for filesystem operations. Enabling this setting will cause the page files to be encrypted.
+Encrypting the page file prevents malicious users from reading data that has been paged to disk, but also adds processing overhead for filesystem operations. 
 Enabling this setting will cause the page files to be encrypted.
 <!--/Description-->
@ -246,7 +248,9 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
-Enabling Win32 long paths will allow manifested win32 applications and Windows Store applications to access paths beyond the normal 260 character limit per node on file systems that support it. Enabling this setting will cause the long paths to be accessible within the process.
+Enabling Win32 long paths will allow manifested win32 applications and Windows Store applications to access paths beyond the normal 260 character limit per node on file systems that support it. 
 Enabling this setting will cause the long paths to be accessible within the process.
 <!--/Description-->
@ -288,7 +292,9 @@ ADMX Info:
 <!--Description-->
 This policy setting provides control over whether or not short names are generated during file creation. Some applications require short names for compatibility, but short names have a negative performance impact on the system.
-If you enable short names on all volumes, then short names will always be generated. If you disable them on all volumes, then they'll never be generated. If you set short name creation to be configurable on a per volume basis, then an on-disk flag will determine whether or not short names are created on a given volume. If you disable short name creation on all data volumes, then short names will only be generated for files created on the system volume.
+If you enable short names on all volumes, then short names will always be generated. If you disable them on all volumes, then they'll never be generated. If you set short name creation to be configurable on a per volume basis, then an on-disk flag will determine whether or not short names are created on a given volume. 
 If you disable short name creation on all data volumes, then short names will only be generated for files created on the system volume.
 <!--/Description-->
@ -398,3 +404,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-folderredirection.md
+++ b/windows/client-management/mdm/policy-csp-admx-folderredirection.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_FolderRedirection
-description: Policy CSP - ADMX_FolderRedirection
+description: Learn about the Policy CSP - ADMX_FolderRedirection.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -402,3 +402,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-framepanes.md
+++ b/windows/client-management/mdm/policy-csp-admx-framepanes.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_FramePanes
-description: Policy CSP - ADMX_FramePanes
+description: Learn about the Policy CSP - ADMX_FramePanes.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -64,14 +64,14 @@ manager: dansimp
 <!--Description-->
 This policy setting shows or hides the Details Pane in File Explorer.  
- If you enable this policy setting and configure it to hide the pane, the Details Pane in File Explorer is hidden and can't be turned on by the user.  
+If you enable this policy setting and configure it to hide the pane, the Details Pane in File Explorer is hidden and can't be turned on by the user.  
- If you enable this policy setting and configure it to show the pane, the Details Pane is always visible and can't be hidden by the user. 
+If you enable this policy setting and configure it to show the pane, the Details Pane is always visible and can't be hidden by the user. 
 > [!NOTE]
 > This has a side effect of not being able to toggle to the Preview Pane since the two can't be displayed at the same time.  
- If you disable, or don't configure this policy setting, the Details Pane is hidden by default and can be displayed by the user.
+If you disable, or don't configure this policy setting, the Details Pane is hidden by default and can be displayed by the user.
 This setting is the default policy setting.
@ -116,9 +116,9 @@ ADMX Info:
 <!--Description-->
 Hides the Preview Pane in File Explorer.  
- If you enable this policy setting, the Preview Pane in File Explorer is hidden and can't be turned on by the user.  
+If you enable this policy setting, the Preview Pane in File Explorer is hidden and can't be turned on by the user.  
- If you disable, or don't configure this setting, the Preview Pane is hidden by default and can be displayed by the user.
+If you disable, or don't configure this setting, the Preview Pane is hidden by default and can be displayed by the user.
 <!--/Description-->
@ -134,3 +134,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-fthsvc.md
+++ b/windows/client-management/mdm/policy-csp-admx-fthsvc.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_FTHSVC
-description: Policy CSP - ADMX_FTHSVC
+description: Learn about the Policy CSP - ADMX_FTHSVC.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -63,12 +63,14 @@ manager: dansimp
 <!--Description-->
 This policy setting permits or prohibits the Diagnostic Policy Service (DPS) from automatically resolving any heap corruption problems.  
- If you enable this policy setting, the DPS detects, troubleshoots, and attempts to resolve automatically any heap corruption problems.  
+If you enable this policy setting, the DPS detects, troubleshoots, and attempts to resolve automatically any heap corruption problems.  
- If you disable this policy setting, Windows cannot detect, troubleshoot, and attempt to resolve automatically any heap corruption problems that are handled by the DPS.  
+If you disable this policy setting, Windows can't detect, troubleshoot, and attempt to resolve automatically any heap corruption problems that are handled by the DPS. 
-If you do not configure this policy setting, the DPS enables Fault Tolerant Heap for resolution by default.  
+
-This policy setting takes effect only if the diagnostics-wide scenario execution policy is not configured.  
+If you don't configure this policy setting, the DPS enables Fault Tolerant Heap for resolution by default.  
-This policy setting takes effect only when the Diagnostic Policy Service is in the running state. When the service is stopped or disabled, diagnostic scenarios are not executed. 
+
 This policy setting takes effect only if the diagnostics-wide scenario execution policy isn't configured.  
 This policy setting takes effect only when the Diagnostic Policy Service is in the running state. When the service is stopped or disabled, diagnostic scenarios aren't executed. 
 The DPS can be configured with the Services snap-in to the Microsoft Management Console.  
 No system restart or service restart is required for this policy setting to take effect: changes take effect immediately.
@ -88,3 +90,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-globalization.md
+++ b/windows/client-management/mdm/policy-csp-admx-globalization.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_Globalization
-description: Policy CSP - ADMX_Globalization
+description: Learn about the Policy CSP - ADMX_Globalization.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -135,9 +135,9 @@ This policy prevents automatic copying of user input methods to the system accou
 This confinement doesn't affect the availability of user input methods on the lock screen or with the UAC prompt.
-If the policy is Enabled, then the user will get input methods enabled for the system account on the sign-in page.
+If the policy is enabled, then the user will get input methods enabled for the system account on the sign-in page.
-If the policy is Disabled or Not Configured, then the user will be able to use input methods enabled for their user account on the sign-in page.
+If the policy is disabled or not configured, then the user will be able to use input methods enabled for their user account on the sign-in page.
 <!--/Description-->
@ -498,7 +498,7 @@ Automatic learning enables the collection and storage of text and ink written by
 > [!NOTE]
 > Automatic learning of both text and ink might not be available for all languages, even when handwriting personalization is available. For more information, see Tablet PC Help.
-If you enable this policy setting, automatic learning stops and any stored data is deleted. Users can't configure this setting in Control Panel.
+If you enable this policy setting, automatic learning stops and any stored data are deleted. Users can't configure this setting in Control Panel.
 If you disable this policy setting, automatic learning is turned on. Users can't configure this policy setting in Control Panel. Collected data is only used for handwriting recognition, if handwriting personalization is turned on.
@ -558,7 +558,7 @@ Automatic learning enables the collection and storage of text and ink written by
 > [!NOTE]
 > Automatic learning of both text and ink might not be available for all languages, even when handwriting personalization is available. For more information, see Tablet PC Help.
-If you enable this policy setting, automatic learning stops and any stored data is deleted. Users can't configure this setting in Control Panel.
+If you enable this policy setting, automatic learning stops and any stored data are deleted. Users can't configure this setting in Control Panel.
 If you disable this policy setting, automatic learning is turned on. Users can't configure this policy setting in Control Panel. Collected data is only used for handwriting recognition, if handwriting personalization is turned on.
@ -1119,9 +1119,9 @@ This policy turns off the autocorrect misspelled words option. This turn off doe
 The autocorrect misspelled words option controls whether or not errors in typed text will be automatically corrected.
-If the policy is Enabled, then the option will be locked to not autocorrect misspelled words.
+If the policy is enabled, then the option will be locked to not autocorrect misspelled words.
-If the policy is Disabled or Not Configured, then the user will be free to change the setting according to their preference.
+If the policy is disabled or not configured, then the user will be free to change the setting according to their preference.
 The availability and function of this setting is dependent on supported languages being enabled.
 <!--/Description-->
@ -1168,9 +1168,9 @@ This policy turns off the highlight misspelled words option. This turn off doesn
 The highlight misspelled words option controls whether or next spelling errors in typed text will be highlighted.
-If the policy is Enabled, then the option will be locked to not highlight misspelled words.
+If the policy is enabled, then the option will be locked to not highlight misspelled words.
-If the policy is Disabled or Not Configured, then the user will be free to change the setting according to their preference.
+If the policy is disabled or not configured, then the user will be free to change the setting according to their preference.
 The availability and function of this setting is dependent on supported languages being enabled.
@ -1218,9 +1218,9 @@ This policy turns off the insert a space after selecting a text prediction optio
 The insert a space after selecting a text prediction option controls whether or not a space will be inserted after the user selects a text prediction candidate when using the on-screen keyboard.
-If the policy is Enabled, then the option will be locked to not insert a space after selecting a text prediction.
+If the policy is enabled, then the option will be locked to not insert a space after selecting a text prediction.
-If the policy is Disabled or Not Configured, then the user will be free to change the setting according to their preference.
+If the policy is disabled or not configured, then the user will be free to change the setting according to their preference.
 The availability and function of this setting is dependent on supported languages being enabled.
 <!--/Description-->
@ -1267,9 +1267,9 @@ This policy turns off the offer text predictions as I type option. This turn off
 The offer text predictions as I type option controls whether or not text prediction suggestions will be presented to the user on the on-screen keyboard.
-If the policy is Enabled, then the option will be locked to not offer text predictions.
+If the policy is enabled, then the option will be locked to not offer text predictions.
-If the policy is Disabled or Not Configured, then the user will be free to change the setting according to their preference.
+If the policy is disabled or not configured, then the user will be free to change the setting according to their preference.
 The availability and function of this setting is dependent on supported languages being enabled.
@ -1337,3 +1337,7 @@ ADMX Info:
 <hr/>
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-grouppolicy.md
+++ b/windows/client-management/mdm/policy-csp-admx-grouppolicy.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_GroupPolicy
-description: Policy CSP - ADMX_GroupPolicy
+description: Learn about the Policy CSP - ADMX_GroupPolicy.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -1735,7 +1735,7 @@ In addition to background updates, Group Policy for the computer is always updat
 By default, computer Group Policy is updated in the background every 90 minutes, with a random offset of 0 to 30 minutes.
-If you enable this setting, you can specify an update rate from 0 to 64,800 minutes (45 days). If you select 0 minutes, the computer tries to update Group Policy every 7 seconds. However, because updates might interfere with users' work and increase network traffic, very short update intervals aren't appropriate for most installations.
+If you enable this setting, you can specify an update rate from 0 to 64,800 minutes (45 days). If you select 0 minutes, the computer tries to update Group Policy every 7 seconds. However, because updates might interfere with users' work and increase network traffic, short update intervals aren't appropriate for most installations.
 If you disable this setting, Group Policy is updated every 90 minutes (the default). To specify that Group Policy should never be updated while the computer is in use, select the "Turn off background refresh of Group Policy" policy.
@ -1793,7 +1793,7 @@ This policy setting specifies how often Group Policy is updated on domain contro
 By default, Group Policy on the domain controllers is updated every five minutes.
-If you enable this setting, you can specify an update rate from 0 to 64,800 minutes (45 days). If you select 0 minutes, the domain controller tries to update Group Policy every 7 seconds. However, because updates might interfere with users' work and increase network traffic, very short update intervals aren't appropriate for most installations.
+If you enable this setting, you can specify an update rate from 0 to 64,800 minutes (45 days). If you select 0 minutes, the domain controller tries to update Group Policy every 7 seconds. However, because updates might interfere with users' work and increase network traffic, short update intervals aren't appropriate for most installations.
 If you disable or don't configure this setting, the domain controller updates Group Policy every 5 minutes (the default). To specify that Group Policies for users should never be updated while the computer is in use, select the "Turn off background refresh of Group Policy" setting.
@ -1849,7 +1849,7 @@ In addition to background updates, Group Policy for users is always updated when
 By default, user Group Policy is updated in the background every 90 minutes, with a random offset of 0 to 30 minutes.
-If you enable this setting, you can specify an update rate from 0 to 64,800 minutes (45 days). If you select 0 minutes, the computer tries to update user Group Policy every 7 seconds. However, because updates might interfere with users' work and increase network traffic, very short update intervals aren't appropriate for most installations.
+If you enable this setting, you can specify an update rate from 0 to 64,800 minutes (45 days). If you select 0 minutes, the computer tries to update user Group Policy every 7 seconds. However, because updates might interfere with users' work and increase network traffic, short update intervals aren't appropriate for most installations.
 If you disable this setting, user Group Policy is updated every 90 minutes (the default). To specify that Group Policy for users should never be updated while the computer is in use, select the "Turn off background refresh of Group Policy" setting.
@ -2061,7 +2061,6 @@ By default, when you edit a Group Policy Object (GPO) using the Group Policy Obj
 This edit-option leads to the following behavior:
 - If you originally created the GPO with, for example, an English system, the GPO contains English ADM files.
 - If you later edit the GPO from a different-language system, you get the English ADM files as they were in the GPO.
 You can change this behavior by using this setting.
@ -2070,7 +2069,7 @@ If you enable this setting, the Group Policy Object Editor snap-in always uses l
 This pattern leads to the following behavior:
- If you had originally created the GPO with an English system, and then you edit the GPO with a Japanese system, the Group Policy Object Editor snap-in uses the local Japanese ADM files, and you see the text in Japanese under Administrative Templates.
+If you had originally created the GPO with an English system, and then you edit the GPO with a Japanese system, the Group Policy Object Editor snap-in uses the local Japanese ADM files, and you see the text in Japanese under Administrative Templates.
 If you disable or don't configure this setting, the Group Policy Object Editor snap-in always loads all ADM files from the actual GPO.
@ -2121,21 +2120,15 @@ ADMX Info:
 <!--Description-->
 This security feature provides a means to override individual process MitigationOptions settings. This security feature can be used to enforce many security policies specific to applications. The application name is specified as the Value name, including extension. The Value is specified as a bit field with a series of flags in particular positions. Bits can be set to either 0 (setting is forced off), 1 (setting is forced on), or ? (setting retains its existing value prior to GPO evaluation). The recognized bit locations are:
-PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE (0x00000001)
+PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE (0x00000001): Enables data execution prevention (DEP) for the child process
 Enables data execution prevention (DEP) for the child process
-PROCESS_CREATION_MITIGATION_POLICY_DEP_ATL_THUNK_ENABLE (0x00000002)
+PROCESS_CREATION_MITIGATION_POLICY_DEP_ATL_THUNK_ENABLE (0x00000002): Enables DEP-ATL thunk emulation for the child process. DEP-ATL thunk emulation causes the system to intercept NX faults that originate from the Active Template Library (ATL) thunk layer.
 Enables DEP-ATL thunk emulation for the child process. DEP-ATL thunk emulation causes the system to intercept NX faults that originate from the Active Template Library (ATL) thunk layer.
-PROCESS_CREATION_MITIGATION_POLICY_SEHOP_ENABLE (0x00000004)
+PROCESS_CREATION_MITIGATION_POLICY_SEHOP_ENABLE (0x00000004): Enables structured exception handler overwrite protection (SEHOP) for the child process. SEHOP blocks exploits that use the structured exception handler (SEH) overwrite technique.
 Enables structured exception handler overwrite protection (SEHOP) for the child process. SEHOP blocks exploits that use the structured exception handler (SEH) overwrite technique.
-PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON (0x00000100)
+PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON (0x00000100): The force Address Space Layout Randomization (ASLR) policy forcibly rebases images that aren't dynamic base compatible by acting as though an image base collision happened at load time. If relocations are required, images that don't have a base relocation section won't be loaded.
 The force Address Space Layout Randomization (ASLR) policy forcibly rebases images that aren't dynamic base compatible by acting as though an image base collision happened at load time. If relocations are required, images that don't have a base relocation section won't be loaded.
-PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_ON (0x00010000)
+PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_ON (0x00010000),PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_OFF (0x00020000): The bottom-up randomization policy, which includes stack randomization options, causes a random location to be used as the lowest user address.
 PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_OFF (0x00020000)
 The bottom-up randomization policy, which includes stack randomization options, causes a random location to be used as the lowest user address.
 For instance, to enable PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE and PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON, disable PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_OFF, and to leave all other options at their default values, specify a value of:
 ???????????????0???????1???????1
@ -2434,13 +2427,12 @@ ADMX Info:
 <!--Description-->
 This policy setting directs the system to apply the set of Group Policy objects for the computer to any user who signs in to a computer affected by this setting. It's intended for special-use computers, such as those in public places, laboratories, and classrooms, where you must modify the user setting based on the computer that is being used.
-By default, the user's Group Policy Objects determine which user settings apply. If this setting is enabled, then, when a user signs in to this computer, the computer's Group Policy Objects determine which set of Group Policy Objects applies.
+By default, the user's Group Policy Objects determine which user settings apply. If this setting is enabled, then when a user signs in to this computer, the computer's Group Policy Objects determine which set of Group Policy Objects applies.
 If you enable this setting, you can select one of the following modes from the Mode box:
-"Replace" indicates that the user settings defined in the computer's Group Policy Objects replace the user settings normally applied to the user.
+- "Replace" indicates that the user settings defined in the computer's Group Policy Objects replace the user settings normally applied to the user.
-
+- "Merge" indicates that the user settings defined in the computer's Group Policy Objects and the user settings normally applied to the user are combined. If the settings conflict, the user settings in the computer's Group Policy Objects take precedence over the user's normal settings.
 "Merge" indicates that the user settings defined in the computer's Group Policy Objects and the user settings normally applied to the user are combined. If the settings conflict, the user settings in the computer's Group Policy Objects take precedence over the user's normal settings.
 If you disable this setting or don't configure it, the user's Group Policy Objects determines which user settings apply.
@ -2463,3 +2455,7 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-help.md
+++ b/windows/client-management/mdm/policy-csp-admx-help.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_Help
-description: Policy CSP - ADMX_Help
+description: Learn about the Policy CSP - ADMX_Help.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -22,7 +22,7 @@ manager: dansimp
 <hr/>
-<!--Policies--
+<!--Policies-->
 ## ADMX_Help policies  
 <dl>
@ -83,7 +83,7 @@ If you disable or don't configure this policy setting, DEP is turned on for HTML
 <!--ADMXBacked-->
 ADMX Info:  
-   GP Friendly name: *Turn off Data Execution Prevention for HTML Help Executible*
+-   GP Friendly name: *Turn off Data Execution Prevention for HTML Help Executable*
 -   GP name: *DisableHHDEP*
 -   GP path: *System*
 -   GP ADMX file name: *Help.admx*
@ -260,3 +260,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-helpandsupport.md
+++ b/windows/client-management/mdm/policy-csp-admx-helpandsupport.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_HelpAndSupport
-description: Policy CSP - ADMX_HelpAndSupport
+description: Learn about the Policy CSP - ADMX_HelpAndSupport.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -72,9 +72,9 @@ manager: dansimp
 <!--Description-->
 This policy setting specifies whether active content links in trusted assistance content are rendered. By default, the Help viewer renders trusted assistance content with active elements such as ShellExecute links and Guided Help links.
-If you enable this policy setting, active content links are not rendered. The text is displayed, but there are no clickable links for these elements.
+If you enable this policy setting, active content links aren't rendered. The text is displayed, but there are no clickable links for these elements.
-If you disable or do not configure this policy setting, the default behavior applies (Help viewer renders trusted assistance content with active elements).
+If you disable or don't configure this policy setting, the default behavior applies (Help viewer renders trusted assistance content with active elements).
 <!--/Description-->
@ -119,9 +119,9 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether users can provide ratings for Help content.
-If you enable this policy setting, ratings controls are not added to Help content.
+If you enable this policy setting, ratings controls aren't added to Help content.
-If you disable or do not configure this policy setting, ratings controls are added to Help topics.
+If you disable or don't configure this policy setting, ratings controls are added to Help topics.
 Users can use the control to provide feedback on the quality and usefulness of the Help and Support content.
@ -167,9 +167,9 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether users can participate in the Help Experience Improvement program. The Help Experience Improvement program collects information about how customers use Windows Help so that Microsoft can improve it.
-If you enable this policy setting, users cannot participate in the Help Experience Improvement program.
+If you enable this policy setting, users can't participate in the Help Experience Improvement program.
-If you disable or do not configure this policy setting, users can turn on the Help Experience Improvement program feature from the Help and Support settings page.
+If you disable or don't configure this policy setting, users can turn on the Help Experience Improvement program feature from the Help and Support settings page.
 <!--/Description-->
@ -216,7 +216,7 @@ This policy setting specifies whether users can search and view content from Win
 If you enable this policy setting, users are prevented from accessing online assistance content from Windows Online.
-If you disable or do not configure this policy setting, users can access online assistance if they have a connection to the Internet and have not disabled Windows Online from the Help and Support Options page.
+If you disable or don't configure this policy setting, users can access online assistance if they have a connection to the Internet and haven't disabled Windows Online from the Help and Support Options page.
 <!--/Description-->
@ -236,3 +236,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-hotspotauth.md
+++ b/windows/client-management/mdm/policy-csp-admx-hotspotauth.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_HotSpotAuth
-description: Policy CSP - ADMX_HotSpotAuth
+description: Learn about the Policy CSP - ADMX_HotSpotAuth.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -67,9 +67,9 @@ This policy setting defines whether WLAN hotspots are probed for Wireless Intern
 - If authentication is successful, users will be connected automatically on subsequent attempts. Credentials can also be configured by network operators.  
- If you enable this policy setting, or if you do not configure this policy setting, WLAN hotspots are automatically probed for WISPR protocol support.  
+- If you enable this policy setting, or if you don't configure this policy setting, WLAN hotspots are automatically probed for WISPR protocol support.  
- If you disable this policy setting, WLAN hotspots are not probed for WISPr protocol support, and users can only authenticate with WLAN hotspots using a web browser.
+- If you disable this policy setting, WLAN hotspots aren't probed for WISPr protocol support, and users can only authenticate with WLAN hotspots using a web browser.
 <!--/Description-->
@ -88,3 +88,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-icm.md
+++ b/windows/client-management/mdm/policy-csp-admx-icm.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_ICM
-description: Policy CSP - ADMX_ICM
+description: Learn about the Policy CSP - ADMX_ICM.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -1410,3 +1410,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-iis.md
+++ b/windows/client-management/mdm/policy-csp-admx-iis.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_IIS
-description: Policy CSP - ADMX_IIS
+description: Learn about the Policy CSP - ADMX_IIS.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -63,11 +63,11 @@ manager: dansimp
 <!--Description-->
 This policy setting prevents installation of Internet Information Services (IIS) on this computer. 
- If you enable this policy setting, Internet Information Services (IIS) can't be installed, and you'll not be able to install Windows components or applications that require IIS. Users installing Windows components or applications that require IIS might not receive a warning that IIS can't be installed because of this Group Policy setting. 
+If you enable this policy setting, Internet Information Services (IIS) can't be installed, and you'll not be able to install Windows components or applications that require IIS. Users installing Windows components or applications that require IIS might not receive a warning that IIS can't be installed because of this Group Policy setting. 
-Enabling this setting won't have any effect on IIS if IIS is already installed on the computer. 
+Enabling this setting won't have any effect on IIS, if IIS is already installed on the computer. 
- If you disable or don't configure this policy setting, IIS can be installed, and all the programs and applications that require IIS to run."
+If you disable or don't configure this policy setting, IIS can be installed, and all the programs and applications that require IIS to run."
 <!--/Description-->
@ -87,3 +87,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-iscsi.md
+++ b/windows/client-management/mdm/policy-csp-admx-iscsi.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_iSCSI
-description: Policy CSP - ADMX_iSCSI
+description: Learn about the Policy CSP - ADMX_iSCSI.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -178,3 +178,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-kdc.md
+++ b/windows/client-management/mdm/policy-csp-admx-kdc.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_kdc
-description: Policy CSP - ADMX_kdc
+description: Learn about the Policy CSP - ADMX_kdc.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -13,6 +13,7 @@ manager: dansimp
 ---
 # Policy CSP - ADMX_kdc
 >[!TIP]
 > These are ADMX-backed policies and require a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
 > 
@ -107,7 +108,7 @@ Impact on domain controller performance when this policy setting is enabled:
 - Secure Kerberos domain capability discovery is required, resulting in more message exchanges.
 - Claims and compound authentication for Dynamic Access Control increase the size and complexity of the data in the message, which results in more processing time and greater Kerberos service ticket size.
- Kerberos armoring fully encrypts Kerberos messages and signs Kerberos errors, which results in increased processing time, but doesn't change the service ticket size.
+- Kerberos armoring fully encrypts Kerberos messages and signs Kerberos errors, which result in increased processing time, but doesn't change the service ticket size.
 <!--/Description-->
@ -378,3 +379,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-kerberos.md
+++ b/windows/client-management/mdm/policy-csp-admx-kerberos.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_Kerberos
-description: Policy CSP - ADMX_Kerberos
+description: Learn about the Policy CSP - ADMX_Kerberos.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -13,6 +13,7 @@ manager: dansimp
 ---
 # Policy CSP - ADMX_Kerberos
 >[!TIP]
 > These are ADMX-backed policies and require a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
 > 
@ -457,3 +458,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-lanmanserver.md
+++ b/windows/client-management/mdm/policy-csp-admx-lanmanserver.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_LanmanServer
-description: Policy CSP - ADMX_LanmanServer
+description: Learn about the Policy CSP - ADMX_LanmanServer.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -13,6 +13,7 @@ manager: dansimp
 ---
 # Policy CSP - ADMX_LanmanServer
 >[!TIP]
 > These are ADMX-backed policies and require a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
 > 
@ -202,9 +203,7 @@ This policy setting specifies whether the BranchCache hash generation service su
 If you specify only one version that is supported, content information for that version is the only type that is generated by BranchCache, and it's the only type of content information that can be retrieved by client computers. For example, if you enable support for V1 hashes, BranchCache generates only V1 hashes and client computers can retrieve only V1 hashes.
-Policy configuration
+For policy configuration, select one of the following options:
 Select one of the following options:
 - Not Configured. With this selection, BranchCache settings aren't applied to client computers by this policy setting. In this circumstance, which is the default, both V1 and V2 hash generation and retrieval are supported.
 - Enabled. With this selection, the policy setting is applied and the hash version(s) that are specified in "Hash version supported" are generated and retrieved.
@ -286,3 +285,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-lanmanworkstation.md
+++ b/windows/client-management/mdm/policy-csp-admx-lanmanworkstation.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_LanmanWorkstation
-description: Policy CSP - ADMX_LanmanWorkstation
+description: Learn about the Policy CSP - ADMX_LanmanWorkstation.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -13,6 +13,7 @@ manager: dansimp
 ---
 # Policy CSP - ADMX_LanmanWorkstation
 >[!TIP]
 > These are ADMX-backed policies and require a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
 > 
@ -211,3 +212,7 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
--- a/windows/client-management/mdm/policy-csp-admx-leakdiagnostic.md
+++ b/windows/client-management/mdm/policy-csp-admx-leakdiagnostic.md
@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_LeakDiagnostic
-description: Policy CSP - ADMX_LeakDiagnostic
+description: Learn about the Policy CSP - ADMX_LeakDiagnostic.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@ -63,13 +63,13 @@ manager: dansimp
 <!--Description-->
 This policy setting substitutes custom alert text in the disk diagnostic message shown to users when a disk reports a S.M.A.R.T. fault.  
- If you enable this policy setting, Windows displays custom alert text in the disk diagnostic message. The custom text may not exceed 512 characters.  
+If you enable this policy setting, Windows displays custom alert text in the disk diagnostic message. The custom text may not exceed 512 characters.  
- If you disable or do not configure this policy setting, Windows displays the default alert text in the disk diagnostic message.  
+If you disable or don't configure this policy setting, Windows displays the default alert text in the disk diagnostic message.  
 No reboots or service restarts are required for this policy setting to take effect: changes take effect immediately.  
-This policy setting only takes effect if the Disk Diagnostic scenario policy setting  is enabled or not configured and the Diagnostic Policy Service (DPS) is in the running state. When the service is stopped or disabled, diagnostic scenarios are not executed. 
+This policy setting only takes effect if the Disk Diagnostic scenario policy setting  is enabled or not configured and the Diagnostic Policy Service (DPS) is in the running state. When the service is stopped or disabled, diagnostic scenarios aren't executed. 
 The DPS can be configured with the Services snap-in to the Microsoft Management Console.  
@ -95,3 +95,6 @@ ADMX Info:
 <!--/Policies-->
 ## Related topics
 [ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)