diff --git a/education/windows/get-minecraft-device-promotion.md b/education/windows/get-minecraft-device-promotion.md
index 45c3a1d2d0..5bbd1a39a2 100644
--- a/education/windows/get-minecraft-device-promotion.md
+++ b/education/windows/get-minecraft-device-promotion.md
@@ -10,7 +10,7 @@ author: trudyha
 searchScope:
   - Store
 ms.author: trudyha
-ms.date: 07/27/2017
+ms.date: 06/05/2018
 ms.technology: Windows
 ---
 
@@ -20,6 +20,19 @@ ms.technology: Windows
 
 -   Windows 10  
 
+The **Minecraft: Education Edition** with Windows 10 device promotion ended January 31, 2018.
+
+Qualifying customers that received one-year subscriptions for Minecraft: Education Edition as part of this program and wish to continue using the game in their schools can purchase new subscriptions in Microsoft Store for Education. 
+For more information on purchasing Minecraft: Education Edition, see [Add Minecraft to your Store for Education](https://docs.microsoft.com/education/windows/school-get-minecraft?toc=/microsoft-store/education/toc.json). 
+
+>[!Note]
+>**Minecraft: Education Edition** with Windows 10 device promotion subscriptions are valid for 1 year from the time 
+of redemption. At the end of 1 year, the promotional subscriptions will expire and any people using these subscriptions will be reverted to a trial license of **Minecraft: Education Edition**. 
+
+To prevent being reverted to a trial license, admins or teachers need to purchase new **Minecraft: Education Edition** subscriptions from Store for Education, and assign licenses to users who used a promotional subscription. 
+
+
+<!---
 For qualifying customers, receive a one-year, single-user subscription for Minecraft: Education Edition for each Windows 10 device you purchase for your K-12 school. You’ll need your invoice or receipt, so be sure to keep track of that. For more information including terms of use, see [Minecraft: Education Edition promotion](https://info.microsoft.com/Minecraft-Education-Edition-Signup.html). 
 
 ## Requirements
@@ -72,4 +85,5 @@ After that, we’ll add the appropriate number of Minecraft: Education Edition l
 ## Distribute Minecraft: Education Edition licenses      
 Teachers or admins can distribute the licenses:
 - [Learn how teachers can distribute **Minecraft: Education Edition**](teacher-get-minecraft.md#distribute-minecraft)
-- [Learn how IT administrators can distribute **Minecraft: Education Edition**](school-get-minecraft.md#distribute-minecraft)
\ No newline at end of file
+- [Learn how IT administrators can distribute **Minecraft: Education Edition**](school-get-minecraft.md#distribute-minecraft)
+-->
\ No newline at end of file
diff --git a/windows/configuration/change-history-for-configure-windows-10.md b/windows/configuration/change-history-for-configure-windows-10.md
index 95e3da2dff..8b3d74ac3b 100644
--- a/windows/configuration/change-history-for-configure-windows-10.md
+++ b/windows/configuration/change-history-for-configure-windows-10.md
@@ -10,13 +10,19 @@ ms.localizationpriority: high
 author: jdeckerms
 ms.author: jdecker
 ms.topic: article
-ms.date: 05/31/2018
+ms.date: 06/05/2018
 ---
 
 # Change history for Configure Windows 10
 
 This topic lists new and updated topics in the [Configure Windows 10](index.md) documentation for Windows 10 and Windows 10 Mobile.
 
+## June 2018
+
+New or changed topic | Description
+--- | ---
+[Set up a kiosk or digital signage on Windows 10 Pro, Enterprise, or Education](setup-kiosk-digital-signage.md) and [Create a Windows 10 kiosk that runs multiple apps](lock-down-windows-10-to-specific-apps.md)  | Updated instructions for using Microsoft Intune to configure a kiosk.
+
 ## May 2018
 
 New or changed topic | Description
diff --git a/windows/configuration/lock-down-windows-10-to-specific-apps.md b/windows/configuration/lock-down-windows-10-to-specific-apps.md
index f1cc7e5caa..7610e6fe75 100644
--- a/windows/configuration/lock-down-windows-10-to-specific-apps.md
+++ b/windows/configuration/lock-down-windows-10-to-specific-apps.md
@@ -9,7 +9,7 @@ ms.sitesec: library
 ms.pagetype: edu, security
 author: jdeckerms
 ms.localizationpriority: high
-ms.date: 04/30/2018
+ms.date: 06/05/2018
 ms.author: jdecker
 ms.topic: article
 ---
@@ -38,9 +38,6 @@ You can configure multi-app kiosks using [Microsoft Intune](#intune) or a [provi
 <span id="intune"/>
 ## Configure a kiosk in Microsoft Intune
 
-Watch how to use Intune to configure a multi-app kiosk.
-
->[!VIDEO https://www.microsoft.com/videoplayer/embed/ce9992ab-9fea-465d-b773-ee960b990c4a?autoplay=false]
 
 1. [Generate the Start layout for the kiosk device.](#startlayout)
 2. In the Microsoft Azure portal, search for **Intune** or go to **More services** > **Intune**.
@@ -49,14 +46,15 @@ Watch how to use Intune to configure a multi-app kiosk.
 5. Select **Create profile**.
 6. Enter a friendly name for the profile.
 7. Select **Windows 10 and later** for the platform.
-8. Select **Device restrictions** for the profile type.
-9. Select **Kiosk**.
-10. In **Kiosk Mode**, select **Multi app kiosk**.
-11. Select **Add** to define a configuration, which specifies the apps that will run and the layout for the Start menu.
+8. Select **Kiosk (Preview)** for the profile type.
+9. Select **Kiosk - 1 setting available**.
+10. Select **Add** to define a configuration, which specifies the apps that will run and the layout for the Start menu.
 12. Enter a friendly name for the configuration.
-13. Select an app type, either **Win32 App** for a classic desktop application or **UWP App** for a Universal Windows Platform app.
-  - For **Win32 App**, enter the fully qualified pathname of the executable, with respect to the device.
-  - For **UWP App**, enter the Application User Model ID for an installed app.
+10. In **Kiosk Mode**, select **Multi app kiosk**.
+13. Select an app type.
+  - For **Add Win32 app**, enter the **App Name** and **Identifier**.
+  - For **Add managed apps**, select an app that you manage through Intune.
+  - For **Add app by AUMID**, enter the Application User Model ID (AUMID) for an installed UWP app.
 14. Select whether to enable the taskbar.
 15. Browse to and select the Start layout XML file that you generated in step 1.
 16. Add one or more accounts. When the account signs in, only the apps defined in the configuration will be available.
diff --git a/windows/configuration/setup-kiosk-digital-signage.md b/windows/configuration/setup-kiosk-digital-signage.md
index a2b8efc53b..36581a3438 100644
--- a/windows/configuration/setup-kiosk-digital-signage.md
+++ b/windows/configuration/setup-kiosk-digital-signage.md
@@ -10,7 +10,7 @@ author: jdeckerms
 ms.author: jdecker
 ms.topic: article
 ms.localizationpriority: high
-ms.date: 05/25/2018
+ms.date: 06/05/2018
 ---
 
 # Set up a kiosk or digital signage on Windows 10 Pro, Enterprise, or Education
@@ -268,11 +268,11 @@ The following steps explain how to configure a kiosk in Microsoft Intune. For ot
 5. Select **Create profile**.
 6. Enter a friendly name for the profile.
 7. Select **Windows 10 and later** for the platform.
-8. Select **Device restrictions** for the profile type.
-9. Select **Kiosk**.
-10. In **Kiosk Mode**, select **Single app kiosk**.
-1. Enter the user account (Azure AD or a local standard user account).
-11. Enter the Application User Model ID for an installed app.
+8. Select **Kiosk (Preview)** for the profile type.
+9. Enter a friendly name for the kiosk configuration.
+10. In **Kiosk Mode**, select **Single full-screen app kiosk**.
+10. Select either **Select a managed app** to choose a kiosk app that is managed by Intune, or **Enter UWP app AUMID** to specify the kiosk app by AUMID, and then select the app or enter the AUMID as appropriate.
+1. For the user account, select either **Autologon** to create a user account for the kiosk that will sign in automatically, or **Local user account** to configure an existing user account to run the kiosk. **Local user account** can be a local standard user account on the device or an Azure Active Directory account.
 14. Select **OK**, and then select **Create**.
 18. Assign the profile to a device group to configure the devices in that group as kiosks.
 
diff --git a/windows/configuration/windows-10-accessibility-for-ITPros.md b/windows/configuration/windows-10-accessibility-for-ITPros.md
index 62dae40b01..53991256e5 100644
--- a/windows/configuration/windows-10-accessibility-for-ITPros.md
+++ b/windows/configuration/windows-10-accessibility-for-ITPros.md
@@ -1,9 +1,11 @@
 ---
 title: Windows 10 accessibility information for IT Pros (Windows 10)
-description:  
+description:  Lists the various accessibility features available in Windows 10 with links to detailed guidance on how to set them
+keywords: accessibility, settings, vision, hearing, physical, cognition, assistive
 ms.prod: W10
 ms.mktglfcycl: manage
 ms.sitesec: library
+ms.author: jaimeo
 author: jaimeo
 ms.localizationpriority: high
 ms.date: 01/12/2018
diff --git a/windows/deployment/update/WIP4Biz-intro.md b/windows/deployment/update/WIP4Biz-intro.md
index 08b8659f6e..c6fc16db14 100644
--- a/windows/deployment/update/WIP4Biz-intro.md
+++ b/windows/deployment/update/WIP4Biz-intro.md
@@ -1,6 +1,7 @@
 ---
 title: Introduction to the Windows Insider Program for Business
 description: Introduction to the Windows Insider Program for Business and why IT Pros should join it 
+keywords: updates, servicing, current, deployment, semi-annual channel, feature, quality, rings, insider, WiP4Biz, enterprise, rings, flight
 ms.prod: w10
 ms.mktglfcycl: manage
 ms.sitesec: library
diff --git a/windows/deployment/update/device-health-get-started.md b/windows/deployment/update/device-health-get-started.md
index b1dd75c4e5..81a57be6d4 100644
--- a/windows/deployment/update/device-health-get-started.md
+++ b/windows/deployment/update/device-health-get-started.md
@@ -8,6 +8,8 @@ ms.sitesec: library
 ms.date: 03/20/2018
 ms.pagetype: deploy
 author: jaimeo
+ms.author: jaimeo
+ms.localizationpriority: high
 ---
 
 # Get started with Device Health
diff --git a/windows/deployment/update/device-health-monitor.md b/windows/deployment/update/device-health-monitor.md
index 96aec57103..6e78e96a31 100644
--- a/windows/deployment/update/device-health-monitor.md
+++ b/windows/deployment/update/device-health-monitor.md
@@ -9,6 +9,7 @@ ms.localizationpriority: medium
 ms.date: 11/14/2017
 ms.pagetype: deploy
 author: jaimeo
+ms.author: jaimeo
 ---
 
 # Monitor the health of devices with Device Health
diff --git a/windows/deployment/update/device-health-using.md b/windows/deployment/update/device-health-using.md
index 19e2365401..3e28db2683 100644
--- a/windows/deployment/update/device-health-using.md
+++ b/windows/deployment/update/device-health-using.md
@@ -3,10 +3,13 @@ title: Using Device Health
 description: Explains how to begin usihg Device Health.
 ms.prod: w10
 ms.mktglfcycl: deploy
+keywords: oms, operations management suite, wdav, health, log analytics
 ms.sitesec: library
 ms.date: 03/30/2018
 ms.pagetype: deploy
 author: jaimeo
+ms.author: jaimeo
+ms.localizationpriority: medium
 ---
 
 # Using Device Health
diff --git a/windows/deployment/update/olympia/olympia-enrollment-guidelines.md b/windows/deployment/update/olympia/olympia-enrollment-guidelines.md
index dea0940ed3..65cd936797 100644
--- a/windows/deployment/update/olympia/olympia-enrollment-guidelines.md
+++ b/windows/deployment/update/olympia/olympia-enrollment-guidelines.md
@@ -1,30 +1,31 @@
 ---
 title: Olympia Corp enrollment guidelines
 description: Olympia Corp enrollment guidelines
-ms.author: nibr
+ms.author: jaimeo
 ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: jaimeo
 ms.date: 03/02/2018
+keywords: insider, trial, enterprise, lab, corporation, test
 ---
 
 # Olympia Corp
 
 ## What is Windows Insider Lab for Enterprise and Olympia Corp?
 
-Windows Insider Lab for Enterprise is intended for Windows Insiders who want to try new experimental and pre-release Enterprise Privacy and Security features. To get the complete experience of these Enterprise features, Olympia Corp, a virtual corporation has been set up to reflect the IT infrastructure of real world business. Selected customers are invited to join Olympia Corp and try these features.
+Windows Insider Lab for Enterprise is intended for Windows Insiders who want to try new experimental and pre-release enterprise privacy and security features. To get the complete experience of these enterprise features, Olympia Corp, a virtual corporation has been set up to reflect the IT infrastructure of real world business. Selected customers are invited to join Olympia Corp and try these features.
 
 As an Olympia user, you will have an opportunity to: 
 
--   Use various Enterprise features like Windows Information Protection (WIP), Advanced Threat Protection (ATP), windows Defender Application Guard (WDAG), and Application Virtualization (APP-V).
+-   Use various enterprise features like Windows Information Protection (WIP), Advanced Threat Protection (ATP), windows Defender Application Guard (WDAG), and Application Virtualization (APP-V).
 -   Learn how Microsoft is preparing for GDPR, as well as enabling enterprise customers to prepare for their own readiness.
 -   Validate and test pre-release software in your environment.
 -   Provide feedback.
 -   Interact with engineering team members through a variety of communication channels.
 
 >[!Note]
->Enterprise features might have reduced or different security, privacy, accessibility, availability, and reliability standards relative to commercially provided services and software. We may change or discontinue any of the Enterprise features at any time without notice.
+>Enterprise features might have reduced or different security, privacy, accessibility, availability, and reliability standards relative to commercially provided services and software. We may change or discontinue any of the enterprise features at any time without notice.
 
 For more information about Olympia Corp, see [https://olympia.windows.com/Info/FAQ](https://olympia.windows.com/Info/FAQ).
 
diff --git a/windows/deployment/update/update-compliance-delivery-optimization.md b/windows/deployment/update/update-compliance-delivery-optimization.md
index dce1b56274..213f047db8 100644
--- a/windows/deployment/update/update-compliance-delivery-optimization.md
+++ b/windows/deployment/update/update-compliance-delivery-optimization.md
@@ -8,6 +8,8 @@ ms.pagetype: deploy
 author: jaimeo
 ms.author: jaimeo
 ms.date: 03/27/2018
+keywords: oms, operations management suite, optimization, downloads, updates, log analytics
+ms.localizationpriority: high
 ---
 
 # Delivery Optimization in Update Compliance
diff --git a/windows/deployment/update/update-compliance-get-started.md b/windows/deployment/update/update-compliance-get-started.md
index d5059b3973..6cfecd1c73 100644
--- a/windows/deployment/update/update-compliance-get-started.md
+++ b/windows/deployment/update/update-compliance-get-started.md
@@ -9,6 +9,7 @@ ms.pagetype: deploy
 author: Jaimeo
 ms.author: jaimeo
 ms.date: 03/15/2018
+ms.localizationpriority: high
 ---
 
 # Get started with Update Compliance
diff --git a/windows/deployment/update/update-compliance-monitor.md b/windows/deployment/update/update-compliance-monitor.md
index b5fe1d1337..d992899639 100644
--- a/windows/deployment/update/update-compliance-monitor.md
+++ b/windows/deployment/update/update-compliance-monitor.md
@@ -9,6 +9,7 @@ ms.pagetype: deploy
 author: Jaimeo
 ms.author: jaimeo
 ms.date: 02/09/2018
+ms.localizationpriority: high
 ---
 
 # Monitor Windows Updates and Windows Defender Antivirus with Update Compliance
diff --git a/windows/deployment/update/update-compliance-using.md b/windows/deployment/update/update-compliance-using.md
index f2ecc2a75b..eac7d97530 100644
--- a/windows/deployment/update/update-compliance-using.md
+++ b/windows/deployment/update/update-compliance-using.md
@@ -1,6 +1,7 @@
 ---
 title: Using Update Compliance (Windows 10)
 description: Explains how to begin usihg Update Compliance.
+keywords: oms, operations management suite, wdav, updates, upgrades, antivirus, antimalware, signature, log analytics
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
@@ -8,6 +9,7 @@ ms.pagetype: deploy
 author: jaimeo
 ms.author: jaimeo
 ms.date: 10/13/2017
+ms.localizationpriority: high
 ---
 
 # Use Update Compliance
diff --git a/windows/deployment/update/waas-delivery-optimization.md b/windows/deployment/update/waas-delivery-optimization.md
index 41ce8a4d4c..ca57e83882 100644
--- a/windows/deployment/update/waas-delivery-optimization.md
+++ b/windows/deployment/update/waas-delivery-optimization.md
@@ -1,6 +1,7 @@
 ---
 title: Configure Delivery Optimization for Windows 10 updates (Windows 10)
 description: Delivery Optimization is a new peer-to-peer distribution method in Windows 10
+keywords: oms, operations management suite, wdav, updates, downloads, log analytics
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
diff --git a/windows/deployment/update/waas-overview.md b/windows/deployment/update/waas-overview.md
index 11d7d0c708..0b511a264f 100644
--- a/windows/deployment/update/waas-overview.md
+++ b/windows/deployment/update/waas-overview.md
@@ -1,6 +1,7 @@
 ---
 title: Overview of Windows as a service (Windows 10)
 description: In Windows 10, Microsoft has streamlined servicing to make operating system updates simpler to test, manage, and deploy.
+keywords: updates, servicing, current, deployment, semi-annual channel, feature, quality, rings, insider, tools
 ms.prod: w10
 ms.mktglfcycl: manage
 ms.sitesec: library
diff --git a/windows/deployment/update/waas-quick-start.md b/windows/deployment/update/waas-quick-start.md
index 1f5292084f..6f359f57d0 100644
--- a/windows/deployment/update/waas-quick-start.md
+++ b/windows/deployment/update/waas-quick-start.md
@@ -1,6 +1,7 @@
 ---
 title: Quick guide to Windows as a service (Windows 10)
 description: In Windows 10, Microsoft has streamlined servicing to make operating system updates simpler to test, manage, and deploy.
+keywords: updates, servicing, current, deployment, semi-annual channel, feature, quality, rings, insider, tools
 ms.prod: w10
 ms.mktglfcycl: manage
 ms.sitesec: library
diff --git a/windows/deployment/update/waas-windows-insider-for-business.md b/windows/deployment/update/waas-windows-insider-for-business.md
index dc35477a1b..c414a89577 100644
--- a/windows/deployment/update/waas-windows-insider-for-business.md
+++ b/windows/deployment/update/waas-windows-insider-for-business.md
@@ -1,6 +1,7 @@
 ---
 title: Windows Insider Program for Business
 description: Overview of the Windows Insider Program for Business
+keywords: updates, servicing, current, deployment, semi-annual channel, feature, quality, rings, insider, WiP4Biz, enterprise, rings, flight
 ms.prod: w10
 ms.mktglfcycl: manage
 ms.sitesec: library
diff --git a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
index 6738eb3517..502f9bc451 100644
--- a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
+++ b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
@@ -9,6 +9,7 @@ ms.pagetype: deploy
 author: jaimeo
 ms.author: jaimeo
 ms.date: 05/02/2018
+ms.localizationpriority: high
 ---
 
 # Frequently asked questions and troubleshooting Windows Analytics
diff --git a/windows/deployment/update/windows-analytics-get-started.md b/windows/deployment/update/windows-analytics-get-started.md
index 143925ed43..380e966c13 100644
--- a/windows/deployment/update/windows-analytics-get-started.md
+++ b/windows/deployment/update/windows-analytics-get-started.md
@@ -9,6 +9,7 @@ ms.pagetype: deploy
 author: jaimeo
 ms.author: jaimeo
 ms.date: 03/08/2018
+ms.localizationpriority: high
 ---
 
 # Enrolling devices in Windows Analytics
diff --git a/windows/deployment/update/windows-analytics-overview.md b/windows/deployment/update/windows-analytics-overview.md
index d500f271dd..1173f5f64b 100644
--- a/windows/deployment/update/windows-analytics-overview.md
+++ b/windows/deployment/update/windows-analytics-overview.md
@@ -8,6 +8,8 @@ ms.sitesec: library
 ms.date: 03/09/2018
 ms.pagetype: deploy
 author: jaimeo
+ms.author: jaimeo
+ms.localizationpriority: high
 ---
 
 # Windows Analytics overview
diff --git a/windows/deployment/update/windows-analytics-privacy.md b/windows/deployment/update/windows-analytics-privacy.md
index 89e9d3bc49..3085c9102a 100644
--- a/windows/deployment/update/windows-analytics-privacy.md
+++ b/windows/deployment/update/windows-analytics-privacy.md
@@ -9,6 +9,7 @@ ms.pagetype: deploy
 author: jaimeo
 ms.author: jaimeo
 ms.date: 04/05/2018
+ms.localizationpriority: high
 ---
 
 # Windows Analytics and privacy
diff --git a/windows/deployment/upgrade/upgrade-readiness-get-started.md b/windows/deployment/upgrade/upgrade-readiness-get-started.md
index 8468224bf5..e80d01d273 100644
--- a/windows/deployment/upgrade/upgrade-readiness-get-started.md
+++ b/windows/deployment/upgrade/upgrade-readiness-get-started.md
@@ -1,12 +1,15 @@
 ---
 title: Get started with Upgrade Readiness (Windows 10)
 description: Explains how to get started with Upgrade Readiness.
+keywords: windows analytics, oms, operations management suite, prerequisites, requirements, upgrades, log analytics, 
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: deploy
 author: jaimeo
+ms.author: jaimeo
 ms.date: 03/20/2018
+ms.localizationpriority: high
 ---
 
 # Get started with Upgrade Readiness
diff --git a/windows/deployment/upgrade/upgrade-readiness-requirements.md b/windows/deployment/upgrade/upgrade-readiness-requirements.md
index 9e68e3b157..21dfb741d1 100644
--- a/windows/deployment/upgrade/upgrade-readiness-requirements.md
+++ b/windows/deployment/upgrade/upgrade-readiness-requirements.md
@@ -1,9 +1,12 @@
 ---
 title: Upgrade Readiness requirements (Windows 10)
 description: Provides requirements for Upgrade Readiness.
+keywords: windows analytics, oms, operations management suite, prerequisites, requirements, upgrades, log analytics, 
 ms.prod: w10
 author: jaimeo
+ms.author:
 ms.date: 03/15/2018
+ms.localizationpriority: high
 ---
 
 # Upgrade Readiness requirements
diff --git a/windows/deployment/upgrade/upgrade-readiness-resolve-issues.md b/windows/deployment/upgrade/upgrade-readiness-resolve-issues.md
index 58ffa25e69..1433901e8b 100644
--- a/windows/deployment/upgrade/upgrade-readiness-resolve-issues.md
+++ b/windows/deployment/upgrade/upgrade-readiness-resolve-issues.md
@@ -1,9 +1,12 @@
 ---
 title: Upgrade Readiness - Resolve application and driver issues (Windows 10)
 description: Describes how to resolve application and driver issues that can occur during an upgrade with Upgrade Readiness.
+keywords: windows analytics, oms, operations management suite, prerequisites, requirements, upgrades, log analytics, 
 ms.prod: w10
 author: jaimeo
+ms.author: jaimeo
 ms.date: 08/31/2017
+ms.localizationpriority: high
 ---
 
 # Upgrade Readiness - Step 2: Resolve app and driver issues
diff --git a/windows/deployment/upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md b/windows/deployment/upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md
index f0f332312c..6f66364a62 100644
--- a/windows/deployment/upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md
+++ b/windows/deployment/upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md
@@ -1,8 +1,11 @@
 ---
 title: Use Upgrade Readiness to manage Windows upgrades (Windows 10)
 description: Describes how to use Upgrade Readiness to manage Windows upgrades.
+keywords: windows analytics, oms, operations management suite, prerequisites, requirements, upgrades, log analytics, 
+ms.localizationpriority: high
 ms.prod: w10
 author: jaimeo
+ms.author: jaimeo
 ms.date: 08/30/2017
 ---
 
diff --git a/windows/privacy/index.yml b/windows/privacy/index.yml
index 8c3307e588..b600667ee2 100644
--- a/windows/privacy/index.yml
+++ b/windows/privacy/index.yml
@@ -46,7 +46,7 @@ sections:
 
     items:
 
-    - href: \windows\privacy\gdpr-win10-whitepaper
+    - href: \windows\privacy\gdpr-it-guidance
 
       html: <p>Learn about GDPR and how Microsoft helps you get started towards compliance</p>
 
@@ -54,7 +54,7 @@ sections:
 
         src: https://docs.microsoft.com/media/common/i_advanced.svg
 
-      title: Begin your GDPR journey
+      title: Start with GDPR basics
 
     - href: \windows\privacy\configure-windows-diagnostic-data-in-your-organization
 
diff --git a/windows/security/identity-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md b/windows/security/identity-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md
index 8880188072..aa3448684e 100644
--- a/windows/security/identity-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md
+++ b/windows/security/identity-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md
@@ -218,7 +218,7 @@ Windows PowerShell
 
 ``` syntax
 New-NetFirewallRule -DisplayName “Allow Inbound Telnet” -Direction Inbound -Program %SystemRoot%\System32\tlntsvr.exe -RemoteAddress LocalSubnet -Action Allow –Group “Telnet Management”
-New-NetFirewallRule -DisplayName “Block Outbound Telnet” -Direction Inbound -Program %SystemRoot%\System32\tlntsvr.exe -RemoteAddress LocalSubnet -Action Allow –Group “Telnet Management”
+New-NetFirewallRule -DisplayName “Block Outbound Telnet” -Direction Outbound -Program %SystemRoot%\System32\tlntsvr.exe -RemoteAddress LocalSubnet -Action Allow –Group “Telnet Management”
 ```
 
 If the group is not specified at rule creation time, the rule can be added to the rule group using dot notation in Windows PowerShell. You cannot specify the group using `Set-NetFirewallRule` since the command allows querying by rule group.
diff --git a/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md b/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md
index 0fbd75a787..eed67e922b 100644
--- a/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md
+++ b/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md
@@ -7,7 +7,7 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 author: brianlic-msft
-ms.date: 04/19/2017
+ms.date: 06/04/2018
 ---
 
 # Prepare your organization for BitLocker: Planning and policies
@@ -157,18 +157,13 @@ Full drive encryption means that the entire drive will be encrypted, regardless
 
 ## <a href="" id="bkmk-addscons"></a>Active Directory Domain Services considerations
 
-BitLocker integrates with Active Directory Domain Services (AD DS) to provide centralized key management. By default, no recovery information is backed up to Active Directory. Administrators can configure Group Policy settings to enable backup of BitLocker or TPM recovery information. Before configuring these settings verify that access permissions have been granted to perform the backup.
+BitLocker integrates with Active Directory Domain Services (AD DS) to provide centralized key management. By default, no recovery information is backed up to Active Directory. Administrators can configure the following Group Policy setting to enable backup of BitLocker recovery information:
 
-By default, domain administrators are the only users that will have access to BitLocker recovery information. When you plan your support process, define what parts of your organization need access to BitLocker recovery information. Use this information to define how the appropriate rights will be delegated in your AD DS environment.
+Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption\\Turn on BitLocker backup to Active Directory Domain Services
 
-It is a best practice to require backup of recovery information for both the TPM and BitLocker to AD DS. You can implement this practice by configuring the Group Policy settings below for your BitLocker-protected computers.
+By default, only Domain Admins have access to BitLocker recovery information, but [access can be delegated to others](https://blogs.technet.microsoft.com/craigf/2011/01/26/delegating-access-in-ad-to-bitlocker-recovery-information/). 
 
-| BitLocker Group Policy setting | Configuration |
-| - | - |
-| BitLocker Drive Encryption: Turn on BitLocker backup to Active Directory Domain Services| Require BitLocker backup to AD DS (Passwords and key packages)| 
-| Trusted Platform Module Services: Turn on TPM backup to Active Directory Domain Services | Require TPM backup to AD DS|
- 
-The following recovery data will be saved for each computer object:
+The following recovery data is saved for each computer object:
 
 -   **Recovery password**
 
@@ -178,51 +173,6 @@ The following recovery data will be saved for each computer object:
 
     With this key package and the recovery password, you will be able decrypt portions of a BitLocker-protected volume if the disk is severely damaged. Each key package will only work with the volume it was created on, which can be identified by the corresponding volume ID.
 
--   **TPM owner authorization password hash**
-
-    When ownership of the TPM is taken a hash of the ownership password can be taken and stored in AD DS. This information can then be used to reset ownership of the TPM.
-
-Starting in Windows 8, a change to how the TPM owner authorization value is stored in AD DS was implemented in the AD DS schema. The TPM owner authorization value is now stored in a separate object which is linked to the Computer object. This value was stored as a property in the Computer object itself for the default Windows Server 2008 R2 and later schemas.
-
-To take advantage of this integration, you must upgrade your domain controllers to Windows Server 2012 or extend the Active Directory schema and configure BitLocker-specific Group Policy objects.
-
->**Note:**  The account that you use to update the Active Directory schema must be a member of the Schema Admins group.
- 
-Windows Server 2012 domain controllers have the default schema to backup TPM owner authorization information in the separate object. If you are not upgrading your domain controller to Windows Server 2012 you need to extend the schema to support this change.
-
-**To support Windows 8 and later computers that are managed by a Windows Server 2003 or Windows 2008 domain controller**
-
-There are two schema extensions that you can copy down and add to your AD DS schema:
-
--   **TpmSchemaExtension.ldf**
-
-    This schema extension brings parity with the Windows Server 2012 schema. With this change, the TPM owner authorization information is stored in a separate TPM object linked to the corresponding computer object. Only the Computer object that has created the TPM object can update it. This means that any subsequent updates to the TPM objects will not succeed in dual boot scenarios or scenarios where the computer is reimaged resulting in a new AD computer object being created. To support such scenarios, an update to the schema was created.
-
--   **TpmSchemaExtensionACLChanges.ldf**
-
-    This schema update modifies the ACLs on the TPM object to be less restrictive so that any subsequent operating system which takes ownership of the computer object can update the owner authorization value in AD DS. However, this is less secure as any computer in the domain can now update the OwnerAuth of the TPM object (although it cannot read the OwnerAuth) and DOS attacks can be made from within the enterprise. The recommended mitigation in such a scenario is to do regular backup of TPM objects and enable auditing to track changes for these objects.
-
-To download the schema extensions, see [AD DS schema extensions to support TPM backup](https://technet.microsoft.com/library/jj635854.aspx).
-
-If you have a Windows Server 2012 domain controller in your environment, the schema extensions are already in place and do not need to be updated.
-
->**Caution:**  To configure Group Policy objects to backup TPM and BitLocker information in AD DS at least one of the domain controllers in your forest must be running at least Windows Server 2008 R2.
-If Active Directory backup of the TPM owner authorization value is enabled in an environment without the required schema extensions, the TPM provisioning will fail and the TPM will remain in a Not Ready state for computers running Windows 8 and later.
- 
-**Setting the correct permissions in AD DS**
-
-To initialize the TPM successfully so that you can turn on BitLocker requires that the correct permissions for the SELF account in be set in AD DS for the **ms-TPMOwnerInformation** attribute. The following steps detail setting these permissions as required by BitLocker:
-
-1.  Open **Active Directory Users and Computers**.
-2.  Select the organizational unit (OU) which contains the computer accounts that will have BitLocker turned on.
-3.  Right-click the OU and click **Delegate Control** to open the **Delegation of Control** wizard.
-4.  Click **Next** to go to the **Users or Groups** page and then click **Add**.
-5.  In the **Select Users, Computers, or Groups** dialog box, type **SELF** as the object name and then click **OK** Once the object has been validated you will be returned to the **Users or Groups** wizard page and the SELF account will be listed. Click **Next**.
-6.  On the **Tasks to Delegate** page, choose **Create a custom task to delegate** and then click **Next**.
-7.  On the **Active Directory Object Type** page, choose **Only the following objects in the folder** and then check **Computer Objects** and then click **Next**.
-8.  On the **Permissions** page, for **Show these permissions**, check **General**, **Property-specific**, and **Creation/deletion of specific child objects**. Scroll down the **Permissions** list and check both **Write msTPM-OwnerInformation** and **Write msTPM-TpmInformationForComputer** then click **Next**.
-9.  Click **Finish** to apply the permissions settings.
-
 ## <a href="" id="bkmk-fipssupport"></a>FIPS support for recovery password protector
 
 Functionality introduced in Windows Server 2012 R2 and Windows 8.1, allows BitLocker to be fully functional in FIPS mode.