trying rs2 again

browsers/internet-explorer/ie11-deploy-guide/change-history-for-internet-explorer-11.md

@@ -11,6 +11,11 @@ ms.sitesec: library
 # Change history for Internet Explorer 11
 This topic lists new and updated topics in the Internet Explorer 11 documentation for both Windows 10 and Windows 10 Mobile.
 
+## March 2017
+|New or changed topic | Description |
+|----------------------|-------------|
+|[New group policy settings for Internet Explorer 11](new-group-policy-settings-for-ie11.md) |Updated to include 2 new Group Policies that were added with Internet Explorer 11. |
+
 ## November 2016
 |New or changed topic | Description |
 |----------------------|-------------|

browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md

@@ -16,63 +16,33 @@ Internet Explorer 11 gives you some new Group Policy settings to help you manag
 
 |Policy |Category Path |Supported on |Explanation |
 |-------|--------------|-------------|------------|
-|Turn off loading websites and content in the background to optimize performance |Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page |IE11 on Windows 10 |This policy setting determines whether Internet Explorer preemptively loads websites and content in the background, speeding up performance such that when the user clicks a hyperlink, the background page seamlessly switches into view.<p>If you enable this policy setting, IE doesn't load any websites or content in the background.<p>If you disable this policy setting, IE preemptively loads websites and content in the background.<p>If you don’t configure this policy setting, users can turn this behavior on or off, using IE settings. This feature is turned on by default. |
-|Allow Microsoft services to provide enhanced suggestions as the user types in the Address bar |Administrative Templates\Windows Components\Internet Explorer |IE11 on Windows 10 |This policy setting allows IE to provide enhanced suggestions as the user types in the Address bar. To provide enhanced suggestions, the user’s keystrokes are sent to Microsoft through Microsoft services.<p>If you enable this policy setting, users receive enhanced suggestions while typing in the Address bar. In addition, users won’t be able to change the **Suggestions** setting on the **Settings** charm.<p>If you disable this policy setting, users won’t receive enhanced suggestions while typing in the Address bar. In addition, users won’t be able to change the **Suggestions** setting on the **Settings** charm.<p>If you don’t configure this policy setting, users can change the **Suggestions** setting on the **Settings** charm. |
-|Turn off phone number detection |Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Browsing |IE11 on Windows 10 |This policy setting determines whether phone numbers are recognized and turned into hyperlinks, which can be used to invoke the default phone application on the system.<p>If you enable this policy setting, phone number detection is turned off. Users won’t be able to modify this setting.<p>If you disable this policy setting, phone number detection is turned on. Users won’t be able to modify this setting.<p>If you don't configure this policy setting, users can turn this behavior on or off, using IE settings. The default is on. |
-|Allow IE to use the SPDY/3 network protocol |Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page |IE11 on Windows 10 |This policy setting determines whether Internet Explorer uses the SPDY/3 network protocol. SPDY/3 works with HTTP requests to optimize the latency of network requests through compression, multiplexing and prioritization.<p>If you enable this policy setting, Internet Explorer uses the SPDY/3 network protocol.<p>If you disable this policy setting, Internet Explorer won't use the SPDY/3 network protocol.<p>If you don't configure this policy setting, users can turn this behavior on or off, on the **Advanced* tab of the **Internet Options** dialog box. The default is on.<p>**Note**<br>We've replaced the SPDY/3 protocol with the HTTP2 protocol in Windows 10. You can configure the HTTP2 protocol by using the **Allow IE to use the HTTP2 network protocol** setting. |
 |Allow IE to use the HTTP2 network protocol |Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page |IE11 on Windows 10 |This policy setting determines whether IE uses the HTTP2 network protocol. HTTP2 works with HTTP requests to optimize the latency of network requests through compression, multiplexing, and prioritization.<p>If you enable this policy setting, IE uses the HTTP2 network protocol.<p>If you disable this policy setting, IE won't use the HTTP2 network protocol.<p>If you don't configure this policy setting, users can turn this behavior on or off, using the **Internet Explorer Advanced Internet Options** settings. The default is on. |
+|Allow IE to use the SPDY/3 network protocol |Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page |IE11 on Windows 10 |This policy setting determines whether Internet Explorer uses the SPDY/3 network protocol. SPDY/3 works with HTTP requests to optimize the latency of network requests through compression, multiplexing and prioritization.<p>If you enable this policy setting, Internet Explorer uses the SPDY/3 network protocol.<p>If you disable this policy setting, Internet Explorer won't use the SPDY/3 network protocol.<p>If you don't configure this policy setting, users can turn this behavior on or off, on the **Advanced* tab of the **Internet Options** dialog box. The default is on.<p>**Note**<br>We've replaced the SPDY/3 protocol with the HTTP2 protocol in Windows 10. You can configure the HTTP2 protocol by using the **Allow IE to use the HTTP2 network protocol** setting. |
+|Allow Microsoft services to provide enhanced suggestions as the user types in the Address bar |Administrative Templates\Windows Components\Internet Explorer |IE11 on Windows 10 |This policy setting allows IE to provide enhanced suggestions as the user types in the Address bar. To provide enhanced suggestions, the user’s keystrokes are sent to Microsoft through Microsoft services.<p>If you enable this policy setting, users receive enhanced suggestions while typing in the Address bar. In addition, users won’t be able to change the **Suggestions** setting on the **Settings** charm.<p>If you disable this policy setting, users won’t receive enhanced suggestions while typing in the Address bar. In addition, users won’t be able to change the **Suggestions** setting on the **Settings** charm.<p>If you don’t configure this policy setting, users can change the **Suggestions** setting on the **Settings** charm. |
+|Allow only approved domains to use the TDC ActiveX control |<ul><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone</li></ul> |IE11 in Windows 10 |This policy setting determines whether users can run the Tabular Data Control (TDC) ActiveX control, based on security zone. By default, the TDC ActiveX Control is disabled in the **Internet** and **Restricted Sites** security zones.<p>If you enable this policy setting, users won’t be able to run the TDC ActiveX control from all sites in the specified zone.<p>If you disable this policy setting, users can run the TDC Active X control from all sites in the specified zone. |
+|Allow SSL3 Fallback |Administrative Templates\Windows Components\Internet Explorer\Security Features |Internet Explorer 11 on Windows 10 |This policy setting allows you to stop websites from falling back to using Secure Socket Layer (SSL) 3.0 or lower, if Transport Layer Security (TLS) 1.0 or higher, fails. This setting doesn’t affect which security protocols are enabled.<p>If you enable this policy setting and a website fails while using the TLS 1.0 or higher security protocols, Internet Explorer will try to fallback and use SSL 3.0 or lower security protocols.<p>If you disable or don’t configure this setting, Internet Explorer uses the default system protocols.<p>**Important:**<br>By default, SSL 3.0 is disabled. If you choose to enable SSL 3.0, we recommend that you disable or don't configure this setting to help mitigate potential man-in-the-middle attacks. |
+|Allow VBScript to run in Internet Explorer|<ul><li> Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Internet Zone</li><li> Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Intranet Zone</li><li> Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Local Machine Zone</li><li> Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Locked-Down Internet Zone</li><li> Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Locked-Down Intranet Zone</li><li> Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Locked-Down Local Machine Zone</li><li> Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Locked-Down Restricted Sites Zone</li><li> Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Locked-Down Trusted Sites Zone</li><li> Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Restricted Sites Zone</li><li> Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone/Trusted Sites Zone</li></ul> |Internet Explorer 11|This policy setting lets you decide whether VBScript can run on pages in specific Internet Explorer zones.<p>If you enable this policy setting (default), you must also pick one of the following options from the Options box:<ul><li>Enable. VBScript runs on pages in specific zones, without any interaction.</li><li>Prompt. Employees are prompted whether to allow VBScript to run in the zone.</li><li>Disable. VBScript is prevented from running in the zone.</li></ul><p>If you disable or don’t configure this policy setting, VBScript runs without any interaction in the specified zone.|
+|Always send Do Not Track header |Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page |At least Internet Explorer 10 |This policy setting allows you to configure how IE sends the Do Not Track (DNT) header.<p>If you enable this policy setting, IE sends a `DNT:1` header with all HTTP and HTTPS requests. The `DNT:1` header signals to the servers not to track the user.<p>**In Internet Explorer 9 and 10:**<br>If you disable this policy setting, IE only sends the Do Not Track header if a Tracking Protection List is enabled or inPrivate Browsing mode is used.<p>**In at least IE11:**<br>If you disable this policy setting, IE only sends the Do Not Track header if inPrivate Browsing mode is used.<p>If you don't configure the policy setting, users can select the **Always send Do Not Track header** option on the **Advanced* tab of the **Internet Options** dialog box. By selecting this option, IE sends a `DNT:1` header with all HTTP and HTTPS requests; unless the user grants a site-specific exception, in which case IE sends a `DNT:0` header. By default, this option is enabled. |
 |Don't run antimalware programs against ActiveX controls<br>(Internet, Restricted Zones) |<ul><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone</li></ul> |IE11 on Windows 10 |This policy setting determines whether IE runs antimalware programs against ActiveX controls, to check if they're safe to load on pages.<p>If you enable this policy setting, IE won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control.<p>If you disable this policy setting, IE always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control.<p>If you don't configure this policy setting, IE always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using the Internet Explorer's **Security** settings. |
 |Don't run antimalware programs against ActiveX controls<br>(Intranet, Trusted, Local Machine Zones) |<ul><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone</li></ul> |IE11 on Windows 10 |This policy setting determines whether IE runs antimalware programs against ActiveX controls, to check if they're safe to load on pages.<p>If you enable this policy setting, IE won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control.<p>If you disable this policy setting, IE always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control.<p>If you don't configure this policy setting, IE won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using Internet Explorer's **Security** settings. |
-|Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows |Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page |IE11 on Windows 10 |This policy setting determines whether IE11 uses 64-bit processes (for greater security) or 32-bit processes (for greater compatibility) when running in Enhanced Protected Mode on 64-bit versions of Windows.<p>If you enable this policy setting, IE11 will use 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows.<p>If you disable this policy setting, IE11 will use 32-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows.<p>If you don't configure this policy setting, users can turn this feature on or off using IE settings. This feature is turned off by default.<p>**Important**<br>When using 64-bit processes, some ActiveX controls and toolbars might not be available. |
+|Hide the button (next to the New Tab button) that opens Microsoft Edge |User Configuration\Administrative Templates\Windows Components/Internet Explorer\Internet Settings\Advanced Settings\Browsing\ |IE11 on Windows 10, Windows Insider Program |This policy setting lets you decide whether employees can see the open Microsoft Edge button, which appears next to the New Tab button.<p>If you enable this policy setting, the button to open Microsoft Edge from Internet Explorer will be hidden.<p>If you disable this policy setting, the button to open Microsoft Edge from Internet Explorer appears.<p>If you don't configure this policy setting, the button to open Microsoft Edge from Internet Explorer can be configured by your employees. |
-|Turn off sending UTF-8 query strings for URLs |Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page |IE11 on Windows 10 |This policy setting determines whether IE uses 8-bit Unicode Transformation Format (UTF-8) to encode query strings in URLs before sending them to servers or to proxy servers.<p>If you enable this policy setting, you must specify when to use UTF-8 to encode query strings:<ul><li>**0.** Never encode query strings.</li><li>**1.** Only encode query strings for URLs that aren't in the Intranet zone.</li><li>**2.** Only encode query strings for URLs that are in the Intranet zone.</li><li>**3.** Always encode query strings.</li></ul><p>If you disable or don't configure this policy setting, users can turn this behavior on or off, using IE Advanced Options settings. The default is to encode all query strings in UTF-8. |
+|Let users turn on and use Enterprise Mode from the **Tools** menu |Administrative Templates\Windows Components\Internet Explorer |IE11 on Windows 10 |This policy setting lets you decide whether users can turn on Enterprise Mode for websites with compatibility issues. Optionally, this policy also lets you specify where to get reports (through post messages) about the websites for which users turn on Enterprise Mode using the **Tools** menu.<p>If you enable this policy setting, users can see and use the **Enterprise Mode** option from the **Tools** menu. If you enable this setting, but don’t specify a report location, Enterprise Mode will still be available to your users, but you won’t get any reports.<p>If you disable or don’t configure this policy setting, the menu option won’t appear and users won’t be able to turn on Enterprise Mode locally. |
-|Turn off sending URL path as UTF-8 |User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\URL Encoding |At least Windows Internet Explorer 7 |This policy setting determines whether to let IE send the path portion of a URL using the UTF-8 standard. This standard defines characters so they're readable in any language and lets you exchange Internet addresses (URLs) with characters included in any language.<p>If you enable this policy setting, UTF-8 is not allowed. Users won't be able to change this setting.<p>If you disable this policy setting, UTF-8 is allowed. Users won't be able to change this setting.<p>If you don't configure this policy setting, users can turn this behavior on or off. |
-|Turn off the flip ahead with page prediction feature |Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page |At least Internet Explorer 10 on Windows 8 |This policy setting determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website.<p>If you enable this policy setting, flip ahead with page prediction is turned off and the next webpage isn’t loaded into the background.<p>If you disable this policy setting, flip ahead with page prediction is turned on and the next webpage is loaded into the background.<p>If you don’t configure this setting, users can turn this behavior on or off, using the **Settings** charm.<p>**Note**<br>Microsoft collects your browsing history to improve how flip ahead with page prediction works. This feature isn’t available for Internet Explorer for the desktop. |
-|Prevent deleting ActiveX Filtering, Tracking Protection and Do Not Track data |Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History |At least Windows Internet Explorer 9 |**In Internet Explorer 9 and Internet Explorer 10:**<br>This policy setting prevents users from deleting ActiveX Filtering and Tracking Protection data, which includes the list of websites for which the user has chosen to disable ActiveX Filtering or Tracking Protection. In addition, Tracking Protection data is also collected if users turn on the **Personalized Tracking Protection List**, which blocks third-party items while the user is browsing.<p>**In IE11:**<br>This policy setting prevents users from deleting ActiveX Filtering, Tracking Protection data, and Do Not Track exceptions, stored in the **Delete Browsing History** dialog box, for visited websites.<p>If you enable this policy setting, ActiveX Filtering, Tracking Protection and Do Not Track data is preserved when the user clicks **Delete**.<p>If you disable this policy setting, ActiveX Filtering, Tracking Protection and Do Not Track data is deleted when the user clicks **Delete**.<p>If you don’t configure this policy setting, users can turn this feature on and off, determining whether to delete ActiveX Filtering, Tracking Protection, and Do Not Track data when clicking **Delete**. |
-|Always send Do Not Track header |Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page |At least Internet Explorer 10 |This policy setting allows you to configure how IE sends the Do Not Track (DNT) header.<p>If you enable this policy setting, IE sends a `DNT:1` header with all HTTP and HTTPS requests. The `DNT:1` header signals to the servers not to track the user.<p>**In Internet Explorer 9 and 10:**<br>If you disable this policy setting, IE only sends the Do Not Track header if a Tracking Protection List is enabled or inPrivate Browsing mode is used.<p>**In at least IE11:**<br>If you disable this policy setting, IE only sends the Do Not Track header if inPrivate Browsing mode is used.<p>If you don't configure the policy setting, users can select the **Always send Do Not Track header** option on the **Advanced* tab of the **Internet Options** dialog box. By selecting this option, IE sends a `DNT:1` header with all HTTP and HTTPS requests; unless the user grants a site-specific exception, in which case IE sends a `DNT:0` header. By default, this option is enabled. |
-|Turn off the ability to launch report site problems using a menu option |Administrative Templates\Windows Components\Internet Explorer\Browser menus |Internet Explorer 11 |This policy setting allows you to manage whether users can start the **eport Site Problems** dialog box from the **Internet Explorer** settings area or from the **Tools** menu.<p>If you enable this policy setting, users won’t be able to start the **Report Site Problems** dialog box from the Internet Explorer settings or the Tools menu.<p>If you disable or don’t configure this policy setting, users will be able to start the **Report Site Problems** dialog box from the **Internet Explorer** settings area or from the **Tools** menu. |
-|Allow only approved domains to use the TDC ActiveX control |<ul><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone</li></ul> |IE11 in Windows 10 |This policy setting determines whether users can run the Tabular Data Control (TDC) ActiveX control, based on security zone. By default, the TDC ActiveX Control is disabled in the **Internet** and **Restricted Sites** security zones.<p>If you enable this policy setting, users won’t be able to run the TDC ActiveX control from all sites in the specified zone.<p>If you disable this policy setting, users can run the TDC Active X control from all sites in the specified zone. |
-|Turn on Site Discovery XML output |Administrative Templates\Windows Components\Internet Explorer |At least Internet Explorer 8 |This policy setting allows you to manage the XML output functionality of the Internet Explorer Site Discovery Toolkit.<p>If you enable this policy setting, the Internet Explorer Site Discovery Toolkit will log its collected data to an XML file, stored in your specified location.<p>If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit won’t log its collected data to an XML file.<p>**Note:**<br>Enabling or disabling this setting won’t impact any other output methods available to the Internet Explorer Site Discovery Toolkit. |
-|Turn on Site Discovery WMI output |Administrative Templates\Windows Components\Internet Explorer |At least Internet Explorer 8 |This policy setting allows you to manage the WMI output functionality of the Internet Explorer Site Discovery Toolkit.<p>If you enable this policy setting, the Internet Explorer Site Discovery Toolkit will log its collected data to an WMI class, which can be aggregated by using a client-management solution, such as System Center Configuration Manager.<p>If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit won’t log its collected data to an WMI class.<p>**Note:**<br>Enabling or disabling this setting won’t impact any other output methods available to the Internet Explorer Site Discovery Toolkit. |
 |Limit Site Discovery output by Domain |Administrative Templates\Windows Components\Internet Explorer |At least Internet Explorer 8 |This policy setting allows you to control which domains are included in the discovery function of the Internet Explorer Site Discovery Toolkit.<p>If you enable this policy setting, the Internet Explorer Site Discovery Toolkit collects data from all sites in your specified domains, configured by adding one domain per line to the included text box.<p>If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit collects data from all sites in all domains.<p>**Note:**<br>You can use this setting in conjunction with the other settings that control the Internet Explorer Site Discovery Toolkit. |
 |Limit Site Discovery output by Zone |Administrative Templates\Windows Components\Internet Explorer |At least Internet Explorer 8 |This policy setting allows you to control which zones are included in the discovery function of the Internet Explorer Site Discovery Toolkit.<p>If you enable this policy setting, the Internet Explorer Site Discovery Toolkit collects data from all specified security zones.<p>If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit collects data from all sites in all security zones.<p>To specify which zones can collect data, you must include a binary number that represents your selected zones, based on this order:<ul><li>0 – Restricted Sites zone</li><li>0 – Internet zone</li><li>0 – Trusted Sites zone</li><li>0 – Local Intranet zone</li><li>0 – Local Machine zone</li></ul><br>**Example 1:** Include only the Local Intranet zone (binary representation: 00010), based on:<br><ul><li>0 – Restricted Sites zone</li><li>0 – Internet zone</li><li>0 – Trusted Sites zone</li><li>1 – Local Intranet zone</li><li>0 – Local Machine zone</li></ul><br>**Example 2:** Include only the Restricted Sites, Trusted Sites, and Local Intranet zones (binary representation: 10110), based on:<br><ul><li>1 – Restricted Sites zone</li><li>0 – Internet zone</li><li>1 – Trusted Sites zone</li><li>1 – Local Intranet zone</li><li>1 – Local Machine zone</li></ul><p>**Note:**<br>You can use this setting in conjunction with the other settings that control the Internet Explorer Site Discovery Toolkit. |
-|Allow SSL3 Fallback |Administrative Templates\Windows Components\Internet Explorer\Security Features |Internet Explorer 11 on Windows 10 |This policy setting allows you to stop websites from falling back to using Secure Socket Layer (SSL) 3.0 or lower, if Transport Layer Security (TLS) 1.0 or higher, fails. This setting doesn’t affect which security protocols are enabled.<p>If you enable this policy setting and a website fails while using the TLS 1.0 or higher security protocols, Internet Explorer will try to fallback and use SSL 3.0 or lower security protocols.<p>If you disable or don’t configure this setting, Internet Explorer uses the default system protocols.**Important:**<br>By default, SSL 3.0 is disabled. If you choose to enable SSL 3.0, we recommend that you disable or don't configure this setting to help mitigate potential man-in-the-middle attacks. |
+|Prevent deleting ActiveX Filtering, Tracking Protection and Do Not Track data |Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History |At least Windows Internet Explorer 9 |**In Internet Explorer 9 and Internet Explorer 10:**<br>This policy setting prevents users from deleting ActiveX Filtering and Tracking Protection data, which includes the list of websites for which the user has chosen to disable ActiveX Filtering or Tracking Protection. In addition, Tracking Protection data is also collected if users turn on the **Personalized Tracking Protection List**, which blocks third-party items while the user is browsing.<p>**In IE11:**<br>This policy setting prevents users from deleting ActiveX Filtering, Tracking Protection data, and Do Not Track exceptions, stored in the **Delete Browsing History** dialog box, for visited websites.<p>If you enable this policy setting, ActiveX Filtering, Tracking Protection and Do Not Track data is preserved when the user clicks **Delete**.<p>If you disable this policy setting, ActiveX Filtering, Tracking Protection and Do Not Track data is deleted when the user clicks **Delete**.<p>If you don’t configure this policy setting, users can turn this feature on and off, determining whether to delete ActiveX Filtering, Tracking Protection, and Do Not Track data when clicking **Delete**. |
-|Turn off automatic download of the ActiveX VersionList |Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management |At least Windows Internet Explorer 8 |This policy setting allows you to decide whether Internet Explorer automatically downloads updated versions of Microsoft's VersionList.XML file. This file tells Internet Explorer whether to stop specific ActiveX controls from loading.<p>If you enable this policy setting, Internet Explorer stops automatically downloading updated versions of the VersionList.XML file.<p>If you disable or don’t configure this setting, Internet Explorer continues to download updated versions of the VersionList.XML file.<p>**Important:**<br>Stopping this file from updating breaks the out-of-date ActiveX control blocking feature, potentially compromising the security of the device. For more info, see the Out-of-Date ActiveX Control Blocking (https://technet.microsoft.com/en-us/itpro/internet-explorer/ie11-deploy-guide/out-of-date-activex-control-blocking) topic. |
-|Let users turn on and use Enterprise Mode from the **Tools** menu |Administrative Templates\Windows Components\Internet Explorer |IE11 on Windows 10 |This policy setting lets you decide whether users can turn on Enterprise Mode for websites with compatibility issues. Optionally, this policy also lets you specify where to get reports (through post messages) about the websites for which users turn on Enterprise Mode using the **Tools** menu.<p>If you enable this policy setting, users can see and use the **Enterprise Mode** option from the **Tools** menu. If you enable this setting, but don’t specify a report location, Enterprise Mode will still be available to your users, but you won’t get any reports.<p>If you disable or don’t configure this policy setting, the menu option won’t appear and users won’t be able to turn on Enterprise Mode locally. |
-|Use the Enterprise Mode IE website list |Administrative Templates\Windows Components\Internet Explorer |IE11 on Windows 10, version 1511 |This policy setting lets you specify where to find the list of websites you want opened using Enterprise Mode, instead of Standard mode, because of compatibility issues. Users can’t edit this list.<p>If you enable this policy setting, Internet Explorer downloads the Enterprise Mode website list from the `HKEY_CURRENT_USER or HKEY_LOCAL_MACHINE`\Software\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode hive, opening all included websites using Enterprise Mode. We recommend storing and downloading your list from a secure web server `(https://)`, to help protect against data tampering.<p>If you disable or don’t configure this policy setting, Internet Explorer opens all websites using **Standard** mode. |
 |Send all sites not included in the Enterprise Mode Site List to Microsoft Edge |Administrative Templates\Windows Components\Internet Explorer |IE11 on Windows 10, version 1607 |This policy setting lets you decide whether to open all sites that aren’t specified to open in IE11 by the Enterprise Mode site list, to open in Microsoft Edge.<p>If you enable this policy setting, you must also enable the Administrative Templates\Windows Components\Internet Explorer\Use the Enterprise Mode IE website list policy setting and you must include at least one site in the Enterprise Mode site list.<p>If you disable or don't configure this policy setting, all sites will open based on the currently active browser.<p>**Note:**<br>If you’ve also enabled the Administrative Templates\Windows Components\Microsoft Edge\Send all intranet sites to Internet Explorer 11 policy setting, then all intranet sites will continue to open in Internet Explorer 11. |
 |Show message when opening sites in Microsoft Edge using Enterprise Mode |Administrative Templates\Windows Components\Internet Explorer |IE11 on Windows 10, version 1607 |This policy setting lets you decide whether employees see an additional page in Internet Explorer 11, stating that a site has been opened using Microsoft Edge with Enterprise Mode.<p>If you enable this policy setting, employees see an additional page in Internet Explorer 11, stating that a site has been opened using Microsoft Edge with Enterprise Mode.<p>If you disable or don't configure this policy setting, the default app behavior occurs and no additional page appears. |
-
+|Turn off automatic download of the ActiveX VersionList |Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management |At least Windows Internet Explorer 8 |This policy setting allows you to decide whether Internet Explorer automatically downloads updated versions of Microsoft's VersionList.XML file. This file tells Internet Explorer whether to stop specific ActiveX controls from loading.<p>If you enable this policy setting, Internet Explorer stops automatically downloading updated versions of the VersionList.XML file.<p>If you disable or don’t configure this setting, Internet Explorer continues to download updated versions of the VersionList.XML file.<p>**Important:**<br>Stopping this file from updating breaks the out-of-date ActiveX control blocking feature, potentially compromising the security of the device. For more info, see the Out-of-Date ActiveX Control Blocking (https://technet.microsoft.com/en-us/itpro/internet-explorer/ie11-deploy-guide/out-of-date-activex-control-blocking) topic. |
-
+|Turn off loading websites and content in the background to optimize performance |Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page |IE11 on Windows 10 |This policy setting determines whether Internet Explorer preemptively loads websites and content in the background, speeding up performance such that when the user clicks a hyperlink, the background page seamlessly switches into view.<p>If you enable this policy setting, IE doesn't load any websites or content in the background.<p>If you disable this policy setting, IE preemptively loads websites and content in the background.<p>If you don’t configure this policy setting, users can turn this behavior on or off, using IE settings. This feature is turned on by default. |
-
+|Turn off phone number detection |Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Browsing |IE11 on Windows 10 |This policy setting determines whether phone numbers are recognized and turned into hyperlinks, which can be used to invoke the default phone application on the system.<p>If you enable this policy setting, phone number detection is turned off. Users won’t be able to modify this setting.<p>If you disable this policy setting, phone number detection is turned on. Users won’t be able to modify this setting.<p>If you don't configure this policy setting, users can turn this behavior on or off, using IE settings. The default is on. |
-
+|Turn off sending URL path as UTF-8 |User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\URL Encoding |At least Windows Internet Explorer 7 |This policy setting determines whether to let IE send the path portion of a URL using the UTF-8 standard. This standard defines characters so they're readable in any language and lets you exchange Internet addresses (URLs) with characters included in any language.<p>If you enable this policy setting, UTF-8 is not allowed. Users won't be able to change this setting.<p>If you disable this policy setting, UTF-8 is allowed. Users won't be able to change this setting.<p>If you don't configure this policy setting, users can turn this behavior on or off. |
-
+|Turn off sending UTF-8 query strings for URLs |Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page |IE11 on Windows 10 |This policy setting determines whether IE uses 8-bit Unicode Transformation Format (UTF-8) to encode query strings in URLs before sending them to servers or to proxy servers.<p>If you enable this policy setting, you must specify when to use UTF-8 to encode query strings:<ul><li>**0.** Never encode query strings.</li><li>**1.** Only encode query strings for URLs that aren't in the Intranet zone.</li><li>**2.** Only encode query strings for URLs that are in the Intranet zone.</li><li>**3.** Always encode query strings.</li></ul><p>If you disable or don't configure this policy setting, users can turn this behavior on or off, using IE Advanced Options settings. The default is to encode all query strings in UTF-8. |
-
+|Turn off the ability to launch report site problems using a menu option |Administrative Templates\Windows Components\Internet Explorer\Browser menus |Internet Explorer 11 |This policy setting allows you to manage whether users can start the **eport Site Problems** dialog box from the **Internet Explorer** settings area or from the **Tools** menu.<p>If you enable this policy setting, users won’t be able to start the **Report Site Problems** dialog box from the Internet Explorer settings or the Tools menu.<p>If you disable or don’t configure this policy setting, users will be able to start the **Report Site Problems** dialog box from the **Internet Explorer** settings area or from the **Tools** menu. |
-
+|Turn off the flip ahead with page prediction feature |Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page |At least Internet Explorer 10 on Windows 8 |This policy setting determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website.<p>If you enable this policy setting, flip ahead with page prediction is turned off and the next webpage isn’t loaded into the background.<p>If you disable this policy setting, flip ahead with page prediction is turned on and the next webpage is loaded into the background.<p>If you don’t configure this setting, users can turn this behavior on or off, using the **Settings** charm.<p>**Note**<br>Microsoft collects your browsing history to improve how flip ahead with page prediction works. This feature isn’t available for Internet Explorer for the desktop. |
-
+|Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows |Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page |IE11 on Windows 10 |This policy setting determines whether IE11 uses 64-bit processes (for greater security) or 32-bit processes (for greater compatibility) when running in Enhanced Protected Mode on 64-bit versions of Windows.<p>If you enable this policy setting, IE11 will use 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows.<p>If you disable this policy setting, IE11 will use 32-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows.<p>If you don't configure this policy setting, users can turn this feature on or off using IE settings. This feature is turned off by default.<p>**Important**<br>When using 64-bit processes, some ActiveX controls and toolbars might not be available. |
-
+|Turn on Site Discovery WMI output |Administrative Templates\Windows Components\Internet Explorer |At least Internet Explorer 8 |This policy setting allows you to manage the WMI output functionality of the Internet Explorer Site Discovery Toolkit.<p>If you enable this policy setting, the Internet Explorer Site Discovery Toolkit will log its collected data to an WMI class, which can be aggregated by using a client-management solution, such as System Center Configuration Manager.<p>If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit won’t log its collected data to an WMI class.<p>**Note:**<br>Enabling or disabling this setting won’t impact any other output methods available to the Internet Explorer Site Discovery Toolkit. |
-
+|Turn on Site Discovery XML output |Administrative Templates\Windows Components\Internet Explorer |At least Internet Explorer 8 |This policy setting allows you to manage the XML output functionality of the Internet Explorer Site Discovery Toolkit.<p>If you enable this policy setting, the Internet Explorer Site Discovery Toolkit will log its collected data to an XML file, stored in your specified location.<p>If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit won’t log its collected data to an XML file.<p>**Note:**<br>Enabling or disabling this setting won’t impact any other output methods available to the Internet Explorer Site Discovery Toolkit. |
-
+|Use the Enterprise Mode IE website list |Administrative Templates\Windows Components\Internet Explorer |IE11 on Windows 10, version 1511 |This policy setting lets you specify where to find the list of websites you want opened using Enterprise Mode, instead of Standard mode, because of compatibility issues. Users can’t edit this list.<p>If you enable this policy setting, Internet Explorer downloads the Enterprise Mode website list from the `HKEY_CURRENT_USER or HKEY_LOCAL_MACHINE`\Software\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode hive, opening all included websites using Enterprise Mode. We recommend storing and downloading your list from a secure web server `(https://)`, to help protect against data tampering.<p>If you disable or don’t configure this policy setting, Internet Explorer opens all websites using **Standard** mode. |
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
 
 ## Removed Group Policy settings
 IE11 no longer supports these Group Policy settings:

windows/configure/lockdown-xml.md

@@ -381,7 +381,7 @@ For a list of the settings and quick actions that you can allow or block, see [S
  [Learn about effective pixel width (epx) for different device size classes.](https://go.microsoft.com/fwlink/p/?LinkId=733340)
  
  
- ## Configure additional roles
+## Configure additional roles
  
  You can add custom configurations by role. In addition to the role configuration, you must also install a login application on the device. The app displays a list of available roles on the device; the user taps a role, such as "Manager"; the configuration defined for the "Manager" role is applied.
  

windows/deploy/TOC.md

@@ -18,25 +18,25 @@
 ### [Deploy Windows 10 in a test lab using System Center Configuration Manager](windows-10-poc-sc-config-mgr.md)
 ## [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md)
 ### [Get started with the Microsoft Deployment Toolkit (MDT)](get-started-with-the-microsoft-deployment-toolkit.md)
-#### [Key features in MDT 2013 Update 2](key-features-in-mdt-2013.md)
+#### [Key features in MDT](key-features-in-mdt.md)
-#### [MDT 2013 Update 2 Lite Touch components](mdt-2013-lite-touch-components.md)
+#### [MDT Lite Touch components](mdt-lite-touch-components.md)
-#### [Prepare for deployment with MDT 2013 Update 2](prepare-for-windows-deployment-with-mdt-2013.md)
+#### [Prepare for deployment with MDT](prepare-for-windows-deployment-with-mdt.md)
 ### [Create a Windows 10 reference image](create-a-windows-10-reference-image.md)
-### [Deploy a Windows 10 image using MDT 2013 Update 2](deploy-a-windows-10-image-using-mdt.md)
+### [Deploy a Windows 10 image using MDT](deploy-a-windows-10-image-using-mdt.md)
 ### [Build a distributed environment for Windows 10 deployment](build-a-distributed-environment-for-windows-10-deployment.md)
 ### [Refresh a Windows 7 computer with Windows 10](refresh-a-windows-7-computer-with-windows-10.md)
 ### [Replace a Windows 7 computer with a Windows 10 computer](replace-a-windows-7-computer-with-a-windows-10-computer.md)
-### [Configure MDT settings](configure-mdt-2013-settings.md)
+### [Configure MDT settings](configure-mdt-settings.md)
-#### [Set up MDT for BitLocker](set-up-mdt-2013-for-bitlocker.md)
+#### [Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md)
 #### [Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
-#### [Configure MDT for UserExit scripts](configure-mdt-2013-for-userexit-scripts.md)
+#### [Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md)
 #### [Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
 #### [Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
-#### [Assign applications using roles in MDT](assign-applications-using-roles-in-mdt-2013.md)
+#### [Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md)
-#### [Use web services in MDT](use-web-services-in-mdt-2013.md)
+#### [Use web services in MDT](use-web-services-in-mdt.md)
-#### [Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt-2013.md)
+#### [Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt.md)
 ## [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](deploy-windows-10-with-system-center-2012-r2-configuration-manager.md)
-### [Integrate Configuration Manager with MDT 2013 Update 2](integrate-configuration-manager-with-mdt-2013.md)
+### [Integrate Configuration Manager with MDT](integrate-configuration-manager-with-mdt.md)
 ### [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
 ### [Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md)
 ### [Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md)

windows/deploy/add-a-windows-10-operating-system-image-using-configuration-manager.md

@@ -48,7 +48,7 @@ For the purposes of this topic, we will use CM01, a machine running Windows Serv
 ## Related topics
 
 
-[Integrate Configuration Manager with MDT 2013 Update 2](integrate-configuration-manager-with-mdt-2013.md)
+[Integrate Configuration Manager with MDT](integrate-configuration-manager-with-mdt.md)
 
 [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
 

windows/deploy/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md

@@ -81,7 +81,7 @@ This section illustrates how to add drivers for Windows 10 through an example in
 ## Related topics
 
 
-[Integrate Configuration Manager with MDT 2013 Update 2](integrate-configuration-manager-with-mdt-2013.md)
+[Integrate Configuration Manager with MDT](integrate-configuration-manager-with-mdt.md)
 
 [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
 

windows/deploy/assign-applications-using-roles-in-mdt-2013.md

@@ -1,132 +1,7 @@
 ---
 title: Assign applications using roles in MDT (Windows 10)
-description: This topic will show you how to add applications to a role in the MDT database and then assign that role to a computer.
+redirect_url: assign-applications-using-roles-in-mdt
-ms.assetid: d82902e4-de9c-4bc4-afe0-41d649b83ce7
-keywords: settings, database, deploy
-ms.prod: w10
-ms.mktglfcycl: deploy
-localizationpriority: high
-ms.sitesec: library
-ms.pagetype: mdt
-author: mtniehaus
 ---
 
-# Assign applications using roles in MDT
-
-This topic will show you how to add applications to a role in the MDT database and then assign that role to a computer. For the purposes of this topic, the application we are adding is Adobe Reader XI. In addition to using computer-specific entries in the database, you can use roles in MDT to group settings together.
-
-## <a href="" id="sec01"></a>Create and assign a role entry in the database
-
-1.  On MDT01, using Deployment Workbench, in the MDT Production deployment share, expand **Advanced Configuration** and then expand **Database**.
-2.  In the **Database** node, right-click **Role**, select **New**, and create a role entry with the following settings:
-    1.  Role name: Standard PC
-    2.  Applications / Lite Touch Applications:
-    3.  Install - Adobe Reader XI - x86
-
-![figure 12](images/mdt-09-fig12.png)
-
-Figure 12. The Standard PC role with the application added
-
-## <a href="" id="sec02"></a>Associate the role with a computer in the database
-
-After creating the role, you can associate it with one or more computer entries.
-1.  Using Deployment Workbench, expand **MDT Production**, expand **Advanced Configuration**, expand **Database**, and select **Computers**.
-2.  In the **Computers** node, double-click the **PC00075** entry, and add the following setting:
-    -   Roles: Standard PC
-
-![figure 13](images/mdt-09-fig13.png)
-
-Figure 13. The Standard PC role added to PC00075 (having ID 1 in the database).
-
-## <a href="" id="sec03"></a>Verify database access in the MDT simulation environment
-
-When the database is populated, you can use the MDT simulation environment to simulate a deployment. The applications are not installed, but you can see which applications would be installed if you did a full deployment of the computer.
-1.  On PC0001, log on as **CONTOSO\\MDT\_BA**.
-2.  Modify the C:\\MDT\\CustomSettings.ini file to look like the following:
-
-    ``` syntax
-    [Settings]
-    Priority=CSettings, CRoles, RApplications, Default
-    [Default]
-    _SMSTSORGNAME=Contoso
-    OSInstall=Y
-    UserDataLocation=AUTO
-    TimeZoneName=Pacific Standard Time 
-    AdminPassword=P@ssw0rd
-    JoinDomain=contoso.com
-    DomainAdmin=CONTOSO\MDT_JD
-    DomainAdminPassword=P@ssw0rd
-    MachineObjectOU=OU=Workstations,OU=Computers,OU=Contoso,DC=contoso,DC=com
-    SLShare=\\MDT01\Logs$
-    ScanStateArgs=/ue:*\* /ui:CONTOSO\*
-    USMTMigFiles001=MigApp.xml
-    USMTMigFiles002=MigUser.xml
-    HideShell=YES
-    ApplyGPOPack=NO
-    SkipAppsOnUpgrade=NO
-    SkipAdminPassword=YES
-    SkipProductKey=YES
-    SkipComputerName=NO
-    SkipDomainMembership=YES
-    SkipUserData=NO
-    SkipLocaleSelection=YES
-    SkipTaskSequence=NO
-    SkipTimeZone=YES
-    SkipApplications=NO
-    SkipBitLocker=YES
-    SkipSummary=YES
-    SkipCapture=YES
-    SkipFinalSummary=NO
-    EventService=http://MDT01:9800
-    [CSettings]
-    SQLServer=MDT01
-    Instance=SQLEXPRESS
-    Database=MDT
-    Netlib=DBNMPNTW
-    SQLShare=Logs$
-    Table=ComputerSettings
-    Parameters=UUID, AssetTag, SerialNumber, MacAddress
-    ParameterCondition=OR
-    [CRoles]
-    SQLServer=MDT01
-    Instance=SQLEXPRESS
-    Database=MDT
-    Netlib=DBNMPNTW
-    SQLShare=Logs$
-    Table=ComputerRoles
-    Parameters=UUID, AssetTag, SerialNumber, MacAddress
-    ParameterCondition=OR
-    [RApplications]
-    SQLServer=MDT01
-    Instance=SQLEXPRESS
-    Database=MDT
-    Netlib=DBNMPNTW
-    SQLShare=Logs$
-    Table=RoleApplications
-    Parameters=Role
-    Order=Sequence
-    ```
-
-3.  Using an elevated Windows PowerShell prompt (run as Administrator), run the following commands. Press **Enter** after each command:
-
-    ``` syntax
-    Set-Location C:\MDT
-    .\Gather.ps1
-
-    ```
-
-![figure 14](images/mdt-09-fig14.png)
-
-Figure 14. ZTIGather.log displaying the application GUID belonging to the Adobe Reader XI application that would have been installed if you deployed this machine.
-
-## Related topics
-
-[Set up MDT for BitLocker](set-up-mdt-2013-for-bitlocker.md)
-<BR>[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
-<BR>[Configure MDT for UserExit scripts](configure-mdt-2013-for-userexit-scripts.md)
-<BR>[Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
-<BR>[Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
-<BR>[Use web services in MDT](use-web-services-in-mdt-2013.md)
-<BR>[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt-2013.md)
  
  

windows/deploy/assign-applications-using-roles-in-mdt.md

@@ -0,0 +1,132 @@
+---
+title: Assign applications using roles in MDT (Windows 10)
+description: This topic will show you how to add applications to a role in the MDT database and then assign that role to a computer.
+ms.assetid: d82902e4-de9c-4bc4-afe0-41d649b83ce7
+keywords: settings, database, deploy
+ms.prod: w10
+ms.mktglfcycl: deploy
+localizationpriority: high
+ms.sitesec: library
+ms.pagetype: mdt
+author: mtniehaus
+---
+
+# Assign applications using roles in MDT
+
+This topic will show you how to add applications to a role in the MDT database and then assign that role to a computer. For the purposes of this topic, the application we are adding is Adobe Reader XI. In addition to using computer-specific entries in the database, you can use roles in MDT to group settings together.
+
+## <a href="" id="sec01"></a>Create and assign a role entry in the database
+
+1.  On MDT01, using Deployment Workbench, in the MDT Production deployment share, expand **Advanced Configuration** and then expand **Database**.
+2.  In the **Database** node, right-click **Role**, select **New**, and create a role entry with the following settings:
+    1.  Role name: Standard PC
+    2.  Applications / Lite Touch Applications:
+    3.  Install - Adobe Reader XI - x86
+
+![figure 12](images/mdt-09-fig12.png)
+
+Figure 12. The Standard PC role with the application added
+
+## <a href="" id="sec02"></a>Associate the role with a computer in the database
+
+After creating the role, you can associate it with one or more computer entries.
+1.  Using Deployment Workbench, expand **MDT Production**, expand **Advanced Configuration**, expand **Database**, and select **Computers**.
+2.  In the **Computers** node, double-click the **PC00075** entry, and add the following setting:
+    -   Roles: Standard PC
+
+![figure 13](images/mdt-09-fig13.png)
+
+Figure 13. The Standard PC role added to PC00075 (having ID 1 in the database).
+
+## <a href="" id="sec03"></a>Verify database access in the MDT simulation environment
+
+When the database is populated, you can use the MDT simulation environment to simulate a deployment. The applications are not installed, but you can see which applications would be installed if you did a full deployment of the computer.
+1.  On PC0001, log on as **CONTOSO\\MDT\_BA**.
+2.  Modify the C:\\MDT\\CustomSettings.ini file to look like the following:
+
+    ``` syntax
+    [Settings]
+    Priority=CSettings, CRoles, RApplications, Default
+    [Default]
+    _SMSTSORGNAME=Contoso
+    OSInstall=Y
+    UserDataLocation=AUTO
+    TimeZoneName=Pacific Standard Time 
+    AdminPassword=P@ssw0rd
+    JoinDomain=contoso.com
+    DomainAdmin=CONTOSO\MDT_JD
+    DomainAdminPassword=P@ssw0rd
+    MachineObjectOU=OU=Workstations,OU=Computers,OU=Contoso,DC=contoso,DC=com
+    SLShare=\\MDT01\Logs$
+    ScanStateArgs=/ue:*\* /ui:CONTOSO\*
+    USMTMigFiles001=MigApp.xml
+    USMTMigFiles002=MigUser.xml
+    HideShell=YES
+    ApplyGPOPack=NO
+    SkipAppsOnUpgrade=NO
+    SkipAdminPassword=YES
+    SkipProductKey=YES
+    SkipComputerName=NO
+    SkipDomainMembership=YES
+    SkipUserData=NO
+    SkipLocaleSelection=YES
+    SkipTaskSequence=NO
+    SkipTimeZone=YES
+    SkipApplications=NO
+    SkipBitLocker=YES
+    SkipSummary=YES
+    SkipCapture=YES
+    SkipFinalSummary=NO
+    EventService=http://MDT01:9800
+    [CSettings]
+    SQLServer=MDT01
+    Instance=SQLEXPRESS
+    Database=MDT
+    Netlib=DBNMPNTW
+    SQLShare=Logs$
+    Table=ComputerSettings
+    Parameters=UUID, AssetTag, SerialNumber, MacAddress
+    ParameterCondition=OR
+    [CRoles]
+    SQLServer=MDT01
+    Instance=SQLEXPRESS
+    Database=MDT
+    Netlib=DBNMPNTW
+    SQLShare=Logs$
+    Table=ComputerRoles
+    Parameters=UUID, AssetTag, SerialNumber, MacAddress
+    ParameterCondition=OR
+    [RApplications]
+    SQLServer=MDT01
+    Instance=SQLEXPRESS
+    Database=MDT
+    Netlib=DBNMPNTW
+    SQLShare=Logs$
+    Table=RoleApplications
+    Parameters=Role
+    Order=Sequence
+    ```
+
+3.  Using an elevated Windows PowerShell prompt (run as Administrator), run the following commands. Press **Enter** after each command:
+
+    ``` syntax
+    Set-Location C:\MDT
+    .\Gather.ps1
+
+    ```
+
+![figure 14](images/mdt-09-fig14.png)
+
+Figure 14. ZTIGather.log displaying the application GUID belonging to the Adobe Reader XI application that would have been installed if you deployed this machine.
+
+## Related topics
+
+[Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md)
+<BR>[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
+<BR>[Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md)
+<BR>[Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
+<BR>[Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
+<BR>[Use web services in MDT](use-web-services-in-mdt.md)
+<BR>[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt.md)
+ 
+ 

windows/deploy/build-a-distributed-environment-for-windows-10-deployment.md

@@ -26,12 +26,12 @@ Figure 1. The machines used in this topic.
 
 ## <a href="" id="sec01"></a>Replicate deployment shares
 
-Replicating the content between MDT01 (New York) and MDT02 (Stockholm) can be done in a number of different ways. The most common content replication solutions with Microsoft Deployment Toolkit (MDT) 2013 use either the Linked Deployment Shares (LDS) feature or Distributed File System Replication (DFS-R). Some organizations have used a simple robocopy script for replication of the content.
+Replicating the content between MDT01 (New York) and MDT02 (Stockholm) can be done in a number of different ways. The most common content replication solutions with Microsoft Deployment Toolkit (MDT) use either the Linked Deployment Shares (LDS) feature or Distributed File System Replication (DFS-R). Some organizations have used a simple robocopy script for replication of the content.
 
 **Note**  
 Robocopy has options that allow for synchronization between folders. It has a simple reporting function; it supports transmission retry; and, by default, it will only copy/remove files from the source that are newer than files on the target.
  
-### Linked deployment shares in MDT 2013 Update 2
+### Linked deployment shares in MDT
 
 LDS is a built-in feature in MDT for replicating content. However, LDS works best with strong connections such as LAN connections with low latency. For most WAN links, DFS-R is the better option.
 
@@ -211,15 +211,14 @@ Now you should have a solution ready for deploying the Windows 10 client to the
 
 [Get started with the Microsoft Deployment Toolkit (MDT)](get-started-with-the-microsoft-deployment-toolkit.md)
 
-
 [Create a Windows 10 reference image](create-a-windows-10-reference-image.md)
 
-[Deploy a Windows 10 image using MDT 2013 Update 2](deploy-a-windows-10-image-using-mdt.md)
+[Deploy a Windows 10 image using MDT](deploy-a-windows-10-image-using-mdt.md)
 
 [Refresh a Windows 7 computer with Windows 10](refresh-a-windows-7-computer-with-windows-10.md)
 
 [Replace a Windows 7 computer with a Windows 10 computer](replace-a-windows-7-computer-with-a-windows-10-computer.md)
 
-[Configure MDT settings](configure-mdt-2013-settings.md)
+[Configure MDT settings](configure-mdt-settings.md)
  
  

windows/deploy/configure-mdt-2013-for-userexit-scripts.md

@@ -1,69 +1,4 @@
 ---
 title: Configure MDT for UserExit scripts (Windows 10)
-description: In this topic, you will learn how to configure the MDT rules engine to use a UserExit script to generate computer names based on a prefix and the computer MAC Address.
+redirect_url: configure-mdt-for-userexit-scripts
-ms.assetid: 29a421d1-12d2-414e-86dc-25b62f5238a7
-keywords: rules, script
-ms.prod: w10
-ms.mktglfcycl: deploy
-localizationpriority: high
-ms.sitesec: library
-ms.pagetype: mdt
-author: mtniehaus
 ---
-
-# Configure MDT for UserExit scripts
-
-In this topic, you will learn how to configure the MDT rules engine to use a UserExit script to generate computer names based on a prefix and the computer MAC Address. MDT supports calling external VBScripts as part of the Gather process; these scripts are referred to as UserExit scripts. The script also removes the colons in the MAC Address.
-
-## Configure the rules to call a UserExit script
-
-You can call a UserExit by referencing the script in your rules. Then you can configure a property to be set to the result of a function of the VBScript. In this example, we have a VBScript named Setname.vbs (provided in the book sample files, in the UserExit folder).
-
-``` syntax
-[Settings]
-Priority=Default
-[Default]
-OSINSTALL=YES
-UserExit=Setname.vbs
-OSDComputerName=#SetName("%MACADDRESS%")#
-```
-
-The UserExit=Setname.vbs calls the script and then assigns the computer name to what the SetName function in the script returns. In this sample the %MACADDRESS% variable is passed to the script
-
-## The Setname.vbs UserExit script
-
-The Setname.vbs script takes the MAC Address passed from the rules. The script then does some string manipulation to add a prefix (PC) and remove the semicolons from the MAC Address.
-
-``` syntax
-Function UserExit(sType, sWhen, sDetail, bSkip) 
-  UserExit = Success 
-End Function 
-Function SetName(sMac)
-  Dim re
-  Set re = new RegExp
-  re.IgnoreCase = true
-  re.Global = true
-  re.Pattern = ":"
-  SetName = "PC" & re.Replace(sMac, "")
-End Function
-```
-The first three lines of the script make up a header that all UserExit scripts have. The interesting part is the lines between Function and End Function. Those lines add a prefix (PC), remove the colons from the MAC Address, and return the value to the rules by setting the SetName value.
-
-**Note**  
-The purpose of this sample is not to recommend that you use the MAC Address as a base for computer naming, but to show you how to take a variable from MDT, pass it to an external script, make some changes to it, and then return the new value to the deployment process.
- 
-## Related topics
-
-[Set up MDT for BitLocker](set-up-mdt-2013-for-bitlocker.md)
-
-[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
-
-[Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
-
-[Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
-
-[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt-2013.md)
-
-[Use web services in MDT](use-web-services-in-mdt-2013.md)
-
-[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt-2013.md)

windows/deploy/configure-mdt-2013-settings.md

@@ -1,46 +1,5 @@
 ---
 title: Configure MDT settings (Windows 10)
-description: One of the most powerful features in Microsoft Deployment Toolkit (MDT) 2013 is its extension capabilities; there is virtually no limitation to what you can do in terms of customization.
+redirect_url: configure-mdt-settings
-ms.assetid: d3e1280c-3d1b-4fad-8ac4-b65dc711f122
-keywords: customize, customization, deploy, features, tools
-ms.prod: w10
-ms.mktglfcycl: deploy
-localizationpriority: high
-ms.sitesec: library
-ms.pagetype: mdt
-author: mtniehaus
 ---
 
-# Configure MDT settings
-
-One of the most powerful features in Microsoft Deployment Toolkit (MDT) 2013 is its extension capabilities; there is virtually no limitation to what you can do in terms of customization. In this topic, you learn about configuring customizations for your environment.
-For the purposes of this topic, we will use four machines: DC01, MDT01, HV01, and PC0001. DC01 is a domain controller, MDT01 is a Windows Server 2012 R2 Standard server, and PC0001 is a Windows 10 Enterprise x64 client used for the MDT simulation environment. OR01 has Microsoft System Center 2012 R2 Orchestrator installed. MDT01, OR01, and PC0001 are members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md#proof).
-
-![figure 1](images/mdt-09-fig01.png)
-
-Figure 1. The machines used in this topic.
-
-## In this section
-
--   [Set up MDT for BitLocker](set-up-mdt-2013-for-bitlocker.md)
--   [Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
--   [Configure MDT for UserExit scripts](configure-mdt-2013-for-userexit-scripts.md)
--   [Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
--   [Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
--   [Assign applications using roles in MDT](assign-applications-using-roles-in-mdt-2013.md)
--   [Use web services in MDT](use-web-services-in-mdt-2013.md)
--   [Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt-2013.md)
-
-## Related topics
-
-[Get started with the Microsoft Deployment Toolkit (MDT)](get-started-with-the-microsoft-deployment-toolkit.md)
-
-[Create a Windows 10 reference image](create-a-windows-10-reference-image.md)
-
-[Deploy a Windows 10 image using MDT 2013 Update 2](deploy-a-windows-10-image-using-mdt.md)
-
-[Build a distributed environment for Windows 10 deployment](build-a-distributed-environment-for-windows-10-deployment.md)
-
-[Refresh a Windows 7 computer with Windows 10](refresh-a-windows-7-computer-with-windows-10.md)
-
-[Replace a Windows 7 computer with a Windows 10 computer](replace-a-windows-7-computer-with-a-windows-10-computer.md)

windows/deploy/configure-mdt-deployment-share-rules.md

@@ -106,16 +106,16 @@ MachineObjectOU=OU=Laptops,OU=Contoso,DC=contoso,DC=com
 
 ## Related topics
 
-[Set up MDT for BitLocker](set-up-mdt-2013-for-bitlocker.md)
+[Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md)
 
-[Configure MDT for UserExit scripts](configure-mdt-2013-for-userexit-scripts.md)
+[Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md)
 
 [Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
 
 [Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
 
-[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt-2013.md)
+[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md)
 
-[Use web services in MDT](use-web-services-in-mdt-2013.md)
+[Use web services in MDT](use-web-services-in-mdt.md)
 
-[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt-2013.md)
+[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt.md)

windows/deploy/configure-mdt-for-userexit-scripts.md

@@ -0,0 +1,69 @@
+---
+title: Configure MDT for UserExit scripts (Windows 10)
+description: In this topic, you will learn how to configure the MDT rules engine to use a UserExit script to generate computer names based on a prefix and the computer MAC Address.
+ms.assetid: 29a421d1-12d2-414e-86dc-25b62f5238a7
+keywords: rules, script
+ms.prod: w10
+ms.mktglfcycl: deploy
+localizationpriority: high
+ms.sitesec: library
+ms.pagetype: mdt
+author: mtniehaus
+---
+
+# Configure MDT for UserExit scripts
+
+In this topic, you will learn how to configure the MDT rules engine to use a UserExit script to generate computer names based on a prefix and the computer MAC Address. MDT supports calling external VBScripts as part of the Gather process; these scripts are referred to as UserExit scripts. The script also removes the colons in the MAC Address.
+
+## Configure the rules to call a UserExit script
+
+You can call a UserExit by referencing the script in your rules. Then you can configure a property to be set to the result of a function of the VBScript. In this example, we have a VBScript named Setname.vbs (provided in the book sample files, in the UserExit folder).
+
+``` syntax
+[Settings]
+Priority=Default
+[Default]
+OSINSTALL=YES
+UserExit=Setname.vbs
+OSDComputerName=#SetName("%MACADDRESS%")#
+```
+
+The UserExit=Setname.vbs calls the script and then assigns the computer name to what the SetName function in the script returns. In this sample the %MACADDRESS% variable is passed to the script
+
+## The Setname.vbs UserExit script
+
+The Setname.vbs script takes the MAC Address passed from the rules. The script then does some string manipulation to add a prefix (PC) and remove the semicolons from the MAC Address.
+
+``` syntax
+Function UserExit(sType, sWhen, sDetail, bSkip) 
+  UserExit = Success 
+End Function 
+Function SetName(sMac)
+  Dim re
+  Set re = new RegExp
+  re.IgnoreCase = true
+  re.Global = true
+  re.Pattern = ":"
+  SetName = "PC" & re.Replace(sMac, "")
+End Function
+```
+The first three lines of the script make up a header that all UserExit scripts have. The interesting part is the lines between Function and End Function. Those lines add a prefix (PC), remove the colons from the MAC Address, and return the value to the rules by setting the SetName value.
+
+**Note**  
+The purpose of this sample is not to recommend that you use the MAC Address as a base for computer naming, but to show you how to take a variable from MDT, pass it to an external script, make some changes to it, and then return the new value to the deployment process.
+ 
+## Related topics
+
+[Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md)
+
+[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
+
+[Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
+
+[Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
+
+[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md)
+
+[Use web services in MDT](use-web-services-in-mdt.md)
+
+[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt.md)

windows/deploy/configure-mdt-settings.md

@@ -0,0 +1,46 @@
+---
+title: Configure MDT settings (Windows 10)
+description: One of the most powerful features in Microsoft Deployment Toolkit (MDT) is its extension capabilities; there is virtually no limitation to what you can do in terms of customization.
+ms.assetid: d3e1280c-3d1b-4fad-8ac4-b65dc711f122
+keywords: customize, customization, deploy, features, tools
+ms.prod: w10
+ms.mktglfcycl: deploy
+localizationpriority: high
+ms.sitesec: library
+ms.pagetype: mdt
+author: mtniehaus
+---
+
+# Configure MDT settings
+
+One of the most powerful features in Microsoft Deployment Toolkit (MDT) is its extension capabilities; there is virtually no limitation to what you can do in terms of customization. In this topic, you learn about configuring customizations for your environment.
+For the purposes of this topic, we will use four machines: DC01, MDT01, HV01, and PC0001. DC01 is a domain controller, MDT01 is a Windows Server 2012 R2 Standard server, and PC0001 is a Windows 10 Enterprise x64 client used for the MDT simulation environment. OR01 has Microsoft System Center 2012 R2 Orchestrator installed. MDT01, OR01, and PC0001 are members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md#proof).
+
+![figure 1](images/mdt-09-fig01.png)
+
+Figure 1. The machines used in this topic.
+
+## In this section
+
+-   [Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md)
+-   [Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
+-   [Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md)
+-   [Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
+-   [Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
+-   [Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md)
+-   [Use web services in MDT](use-web-services-in-mdt.md)
+-   [Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt.md)
+
+## Related topics
+
+[Get started with the Microsoft Deployment Toolkit (MDT)](get-started-with-the-microsoft-deployment-toolkit.md)
+
+[Create a Windows 10 reference image](create-a-windows-10-reference-image.md)
+
+[Deploy a Windows 10 image using MDT](deploy-a-windows-10-image-using-mdt.md)
+
+[Build a distributed environment for Windows 10 deployment](build-a-distributed-environment-for-windows-10-deployment.md)
+
+[Refresh a Windows 7 computer with Windows 10](refresh-a-windows-7-computer-with-windows-10.md)
+
+[Replace a Windows 7 computer with a Windows 10 computer](replace-a-windows-7-computer-with-a-windows-10-computer.md)

windows/deploy/create-a-custom-windows-pe-boot-image-with-configuration-manager.md

@@ -17,7 +17,7 @@ author: mtniehaus
 
 -   Windows 10
 
-In Microsoft System Center 2012 R2 Configuration Manager, you can create custom Windows Preinstallation Environment (Windows PE) boot images that include extra components and features. This topic shows you how to create a custom Windows PE 5.0 boot image with the Microsoft Deployment Toolkit (MDT) 2013 Update 2 wizard. You can also add the Microsoft Diagnostics and Recovery Toolset (DaRT) 10 to the boot image as part of the boot image creation process.
+In Microsoft System Center 2012 R2 Configuration Manager, you can create custom Windows Preinstallation Environment (Windows PE) boot images that include extra components and features. This topic shows you how to create a custom Windows PE 5.0 boot image with the Microsoft Deployment Toolkit (MDT) wizard. You can also add the Microsoft Diagnostics and Recovery Toolset (DaRT) 10 to the boot image as part of the boot image creation process.
 
 For the purposes of this topic, we will use two machines: DC01 and CM01. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard. Both are members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
 
@@ -86,7 +86,7 @@ By using the MDT wizard to create the boot image in Configuration Manager, you g
 ## Related topics
 
 
-[Integrate Configuration Manager with MDT 2013 Update 2](integrate-configuration-manager-with-mdt-2013.md)
+[Integrate Configuration Manager with MDT](integrate-configuration-manager-with-mdt.md)
 
 [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
 

windows/deploy/create-a-task-sequence-with-configuration-manager-and-mdt.md

@@ -59,9 +59,9 @@ This section walks you through the process of creating a System Center 2012 R2 C
 
 6.  On the **Boot Image** page, browse and select the **Zero Touch WinPE x64** boot image package. Then click **Next**.
 
-7.  On the **MDT Package** page, select **Create a new Microsoft Deployment Toolkit Files package**, and in the **Package source folder to be created (UNC Path):** text box, type **\\\\CM01\\Sources$\\OSD\\MDT\\MDT 2013**. Then click **Next**.
+7.  On the **MDT Package** page, select **Create a new Microsoft Deployment Toolkit Files package**, and in the **Package source folder to be created (UNC Path):** text box, type **\\\\CM01\\Sources$\\OSD\\MDT\\MDT**. Then click **Next**.
 
-8.  On the **MDT Details** page, assign the name **MDT 2013** and click **Next**.
+8.  On the **MDT Details** page, assign the name **MDT** and click **Next**.
 
 9.  On the **OS Image** page, browse and select the **Windows 10 Enterprise x64 RTM** package. Then click **Next**.
 
@@ -160,14 +160,14 @@ While creating the task sequence with the MDT wizard, a few operating system dep
 
 1.  On CM01, using the Configuration Manager Console, in the Software Library workspace, expand **Application Management**, and then select **Packages**.
 
-2.  Select the **MDT 2013** and **Windows 10 x64 Settings** packages, right-click and select **Move**.
+2.  Select the **MDT** and **Windows 10 x64 Settings** packages, right-click and select **Move**.
 
 3.  In the **Move Selected Items** dialog box, select the **OSD** folder, and click **OK**.
 
 ## Related topics
 
 
-[Integrate Configuration Manager with MDT 2013 Update 2](integrate-configuration-manager-with-mdt-2013.md)
+[Integrate Configuration Manager with MDT](integrate-configuration-manager-with-mdt.md)
 
 [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
 

windows/deploy/create-a-windows-10-reference-image.md

@@ -16,7 +16,7 @@ author: mtniehaus
 **Applies to**
 -   Windows 10
 
-Creating a reference image is important because that image serves as the foundation for the devices in your organization. In this topic, you will learn how to create a Windows 10 reference image using the Microsoft Deployment Toolkit (MDT) 2013 Update 2. You will create a deployment share, configure rules and settings, and import all the applications and operating system files required to build a Windows 10 reference image. After completing the steps outlined in this topic, you will have a Windows 10 reference image that can be used in your deployment solution.
+Creating a reference image is important because that image serves as the foundation for the devices in your organization. In this topic, you will learn how to create a Windows 10 reference image using the Microsoft Deployment Toolkit (MDT). You will create a deployment share, configure rules and settings, and import all the applications and operating system files required to build a Windows 10 reference image. After completing the steps outlined in this topic, you will have a Windows 10 reference image that can be used in your deployment solution.
 For the purposes of this topic, we will use four machines: DC01, MDT01, HV01, and PC0001. DC01 is a domain controller, PC0001 is a Windows 10 Enterprise x64 client, and MDT01 is a Windows Server 2012 R2 standard server. HV01 is a Hyper-V host server, but HV01 could be replaced by PC0001 as long as PC0001 has enough memory and is capable of running Hyper-V. MDT01, HV01, and PC0001 are members of the domain contoso.com for the fictitious Contoso Corporation.
 
 **Note**  
@@ -69,11 +69,11 @@ Figure 3. Permissions configured for the MDT\_BA user.
 
 ## <a href="" id="sec02"></a>Add the setup files
 
-This section will show you how to populate the MDT 2013 Update 2 deployment share with the Windows 10 operating system source files, commonly referred to as setup files, which will be used to create a reference image. Setup files are used during the reference image creation process and are the foundation for the reference image.
+This section will show you how to populate the MDT deployment share with the Windows 10 operating system source files, commonly referred to as setup files, which will be used to create a reference image. Setup files are used during the reference image creation process and are the foundation for the reference image.
 
 ### Add the Windows 10 installation files
 
-MDT 2013 supports adding both full source Windows 10 DVDs (ISOs) and custom images that you have created. In this case, you create a reference image, so you add the full source setup files from Microsoft.
+MDT supports adding both full source Windows 10 DVDs (ISOs) and custom images that you have created. In this case, you create a reference image, so you add the full source setup files from Microsoft.
 
 **Note**  
 Due to the Windows limits on path length, we are purposely keeping the operating system destination directory short, using the folder name W10EX64RTM rather than a more descriptive name like Windows 10 Enterprise x64 RTM.
@@ -124,7 +124,7 @@ You can customize Office 2013. In the volume license versions of Office 2013, th
 
 ### Add the Microsoft Office Professional Plus 2013 x86 installation files
 
-After adding the Microsoft Office Professional Plus 2013 x86 application, you then automate its setup by running the Office Customization Tool. In fact, MDT 2013 detects that you added the Office Professional Plus 2013 x86 application and creates a shortcut for doing this.
+After adding the Microsoft Office Professional Plus 2013 x86 application, you then automate its setup by running the Office Customization Tool. In fact, MDT detects that you added the Office Professional Plus 2013 x86 application and creates a shortcut for doing this.
 You also can customize the Office installation using a Config.xml file. But we recommend that you use the Office Customization Tool as described in the following steps, as it provides a much richer way of controlling Office 2013 settings.
 1.  Using the Deployment Workbench in the MDT Build Lab deployment share, expand the **Applications / Microsoft** node, and double-click **Install - Microsoft Office 2013 Pro Plus x86**.
 2.  In the **Office Products** tab, click **Office Customization Tool**, and click **OK** in the **Information** dialog box.
@@ -633,7 +633,7 @@ After some time, you will have a Windows 10 Enterprise x64 image that is fully
 
 [Get started with the Microsoft Deployment Toolkit (MDT)](get-started-with-the-microsoft-deployment-toolkit.md)
 
-[Deploy a Windows 10 image using MDT 2013 Update 2](deploy-a-windows-10-image-using-mdt.md)
+[Deploy a Windows 10 image using MDT](deploy-a-windows-10-image-using-mdt.md)
 
 [Build a distributed environment for Windows 10 deployment](build-a-distributed-environment-for-windows-10-deployment.md)
 
@@ -641,4 +641,4 @@ After some time, you will have a Windows 10 Enterprise x64 image that is fully
 
 [Replace a Windows 7 computer with a Windows 10 computer](replace-a-windows-7-computer-with-a-windows-10-computer.md)
 
-[Configure MDT settings](configure-mdt-2013-settings.md)
+[Configure MDT settings](configure-mdt-settings.md)

windows/deploy/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md

@@ -71,7 +71,7 @@ The following steps show you how to create the Adobe Reader XI application. This
 ## Related topics
 
 
-[Integrate Configuration Manager with MDT 2013 Update 2](integrate-configuration-manager-with-mdt-2013.md)
+[Integrate Configuration Manager with MDT](integrate-configuration-manager-with-mdt.md)
 
 [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
 

windows/deploy/deploy-a-windows-10-image-using-mdt.md

@@ -1,6 +1,6 @@
 ---
-title: Deploy a Windows 10 image using MDT 2013 Update 2 (Windows 10)
+title: Deploy a Windows 10 image using MDT (Windows 10)
-description: This topic will show you how to take your reference image for Windows 10, and deploy that image to your environment using the Microsoft Deployment Toolkit (MDT), and MDT 2013 Update 2 specifically.
+description: This topic will show you how to take your reference image for Windows 10, and deploy that image to your environment using the Microsoft Deployment Toolkit (MDT).
 ms.assetid: 1d70a3d8-1b1d-4051-b656-c0393a93f83c
 keywords: deployment, automate, tools, configure
 ms.prod: w10
@@ -11,12 +11,12 @@ ms.pagetype: mdt
 author: mtniehaus
 ---
 
-# Deploy a Windows 10 image using MDT 2013 Update 2
+# Deploy a Windows 10 image using MDT
 
 **Applies to**
 -   Windows 10
 
-This topic will show you how to take your reference image for Windows 10, and deploy that image to your environment using the Microsoft Deployment Toolkit (MDT), and MDT 2013 Update 2 specifically. You will prepare for this by creating a MDT deployment share that is used solely for image deployment. Separating the processes of creating reference images from the processes used to deploy them in production allows greater control of on both processes. You will then configure the deployment share, create a new task sequence, add applications, add drivers, add rules, and configure Active Directory permissions for deployment.
+This topic will show you how to take your reference image for Windows 10, and deploy that image to your environment using the Microsoft Deployment Toolkit (MDT). You will prepare for this by creating a MDT deployment share that is used solely for image deployment. Separating the processes of creating reference images from the processes used to deploy them in production allows greater control of on both processes. You will then configure the deployment share, create a new task sequence, add applications, add drivers, add rules, and configure Active Directory permissions for deployment.
 
 For the purposes of this topic, we will use three machines: DC01, MDT01, and PC0005. DC01 is a domain controller, MDT01 is a Windows Server 2012 R2 standard server, and PC0005 is a blank machine to which you deploy Windows 10. MDT01 and PC0005 are members of the domain contoso.com for the fictitious Contoso Corporation.
 
@@ -119,7 +119,7 @@ Figure 3. The Adobe Reader application added to the Deployment Workbench.
 
 ## <a href="" id="sec05"></a>Step 5: Prepare the drivers repository
 
-In order to deploy Windows 10 with MDT 2013 Update 2 successfully, you need drivers for the boot images and for the actual operating system. This section will show you how to add drivers for the boot image and operating system, using the following hardware models as examples:
+In order to deploy Windows 10 with MDT successfully, you need drivers for the boot images and for the actual operating system. This section will show you how to add drivers for the boot image and operating system, using the following hardware models as examples:
 -   Lenovo ThinkPad T420
 -   Dell Latitude E6440
 -   HP EliteBook 8560w
@@ -131,7 +131,7 @@ You should only add drivers to the Windows PE images if the default drivers don'
  
 ### Create the driver source structure in the file system
 
-The key to successful management of drivers for MDT 2013 Update 2, as well as for any other deployment solution, is to have a really good driver repository. From this repository, you import drivers into MDT for deployment, but you should always maintain the repository for future use.
+The key to successful management of drivers for MDT, as well as for any other deployment solution, is to have a really good driver repository. From this repository, you import drivers into MDT for deployment, but you should always maintain the repository for future use.
 
 1.  On MDT01, using File Explorer, create the **E:\\Drivers** folder.
 2.  In the **E:\\Drivers** folder, create the following folder structure:
@@ -151,9 +151,9 @@ The key to successful management of drivers for MDT 2013 Update 2, as well as fo
 **Note**  
 Even if you are not going to use both x86 and x64 boot images, we still recommend that you add the support structure for future use.
  
-### Create the logical driver structure in MDT 2013 Update 2
+### Create the logical driver structure in MDT
 
-When you import drivers to the MDT 2013 Update 2 driver repository, MDT creates a single instance folder structure based on driver class names. However, you can, and should, mimic the driver structure of your driver source repository in the Deployment Workbench. This is done by creating logical folders in the Deployment Workbench.
+When you import drivers to the MDT driver repository, MDT creates a single instance folder structure based on driver class names. However, you can, and should, mimic the driver structure of your driver source repository in the Deployment Workbench. This is done by creating logical folders in the Deployment Workbench.
 1.  On MDT01, using Deployment Workbench, select the **Out-of-Box Drivers** node.
 2.  In the **Out-Of-Box Drivers** node, create the following folder structure:
     1.  WinPE x86
@@ -450,7 +450,7 @@ troubleshoot MDT deployments, as well as troubleshoot Windows itself.
 
 ### Add DaRT 10 to the boot images
 
-If you have licensing for MDOP and DaRT, you can add DaRT to the boot images using the steps in this section. If you do not have DaRT licensing, or don't want to use it, simply skip to the next section, [Update the Deployment Share](#bkmk-update-deployment). To enable the remote connection feature in MDT 2013 Update 2, you need to do the following:
+If you have licensing for MDOP and DaRT, you can add DaRT to the boot images using the steps in this section. If you do not have DaRT licensing, or don't want to use it, simply skip to the next section, [Update the Deployment Share](#bkmk-update-deployment). To enable the remote connection feature in MDT, you need to do the following:
 -   Install DaRT 10 (part of MDOP 2015 R1).
 -   Copy the two tools CAB files (Toolsx86.cab and Toolsx64.cab) to the deployment share.
 -   Configure the deployment share to add DaRT.
@@ -519,7 +519,7 @@ At this point, you should have a solution ready for deploying the Windows 10 cl
     2.  Installs the added application.
     3.  Updates the operating system via your local Windows Server Update Services (WSUS) server.
 
-### Use the MDT 2013 monitoring feature
+### Use the MDT monitoring feature
 
 Now that you have enabled the monitoring on the MDT Production deployment share, you can follow your deployment of PC0005 via the monitoring node.
 
@@ -545,7 +545,7 @@ Multicast deployment allows for image deployment with reduced network load durin
 
 ### Requirements
 
-Multicast requires that Windows Deployment Services (WDS) is running on Windows Server 2008 or later. In addition to the core MDT 2013 setup for multicast, the network needs to be configured to support multicast. In general, this means involving the organization networking team to make sure that 
+Multicast requires that Windows Deployment Services (WDS) is running on Windows Server 2008 or later. In addition to the core MDT setup for multicast, the network needs to be configured to support multicast. In general, this means involving the organization networking team to make sure that 
 Internet Group Management Protocol (IGMP) snooping is turned on and that the network is designed for multicast traffic. The multicast solution uses IGMPv3.
 
 ### Set up MDT for multicast
@@ -651,4 +651,4 @@ Figure 14. The partitions when deploying an UEFI-based machine.
 
 [Replace a Windows 7 computer with a Windows 10 computer](replace-a-windows-7-computer-with-a-windows-10-computer.md)
 
-[Configure MDT settings](configure-mdt-2013-settings.md)
+[Configure MDT settings](configure-mdt-settings.md)

windows/deploy/deploy-windows-10-using-pxe-and-configuration-manager.md

@@ -40,7 +40,7 @@ Figure 32. Typing in the computer name.
 ## Related topics
 
 
-[Integrate Configuration Manager with MDT 2013 Update 2](integrate-configuration-manager-with-mdt-2013.md)
+[Integrate Configuration Manager with MDT](integrate-configuration-manager-with-mdt.md)
 
 [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
 

windows/deploy/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md

@@ -17,7 +17,7 @@ author: mtniehaus
 
 -   Windows 10
 
-If you have Microsoft System Center 2012 R2 Configuration Manager in your environment, you will most likely want to use it to deploy Windows 10. This topic will show you how to set up Configuration Manager for operating system deployment and how to integrate Configuration Manager with the Microsoft Deployment Toolkit (MDT) or, more specifically, MDT 2013 Update 2.
+If you have Microsoft System Center 2012 R2 Configuration Manager in your environment, you will most likely want to use it to deploy Windows 10. This topic will show you how to set up Configuration Manager for operating system deployment and how to integrate Configuration Manager with the Microsoft Deployment Toolkit (MDT).
 
 For the purposes of this topic, we will use four machines: DC01, CM01, PC0003, and PC0004. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 standard. PC0003 and PC0004 are machines with Windows 7 SP1, on which Windows 10 will be deployed via both refresh and replace scenarios. In addition to these four ready-made machines, you could also include a few blank virtual machines to be used for bare-metal deployments. DC01, CM01, PC003, and PC0004 are all members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
 
@@ -28,7 +28,7 @@ Figure 1. The machines used in this topic.
 ## In this section
 
 
--   [Integrate Configuration Manager with MDT 2013 Update 2](integrate-configuration-manager-with-mdt-2013.md)
+-   [Integrate Configuration Manager with MDT](integrate-configuration-manager-with-mdt.md)
 
 -   [Prepare for Zero Touch Installation of Windows with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
 
@@ -69,11 +69,11 @@ Operating system deployment with Configuration Manager is part of the normal sof
 
 -   **Operating system images.** The operating system image package contains only one file, the custom .wim image. This is typically the production deployment image.
 
--   **Operating system installers.** The operating system installers were originally added to create reference images using Configuration Manager. Instead, we recommend that you use MDT 2013 Update 2 Lite Touch to create your reference images. For more information on how to create a reference image, see [Create a Windows 10 reference image](create-a-windows-10-reference-image.md).
+-   **Operating system installers.** The operating system installers were originally added to create reference images using Configuration Manager. Instead, we recommend that you use MDT Lite Touch to create your reference images. For more information on how to create a reference image, see [Create a Windows 10 reference image](create-a-windows-10-reference-image.md).
 
--   **Drivers.** Like MDT 2013 Update 2 Lite Touch, Configuration Manager also provides a repository (catalog) of managed device drivers.
+-   **Drivers.** Like MDT Lite Touch, Configuration Manager also provides a repository (catalog) of managed device drivers.
 
--   **Task sequences.** The task sequences in Configuration Manager look and feel pretty much like the sequences in MDT 2013 Update 2 Lite Touch, and they are used for the same purpose. However, in Configuration Manager the task sequence is delivered to the clients as a policy via the Management Point (MP). MDT 2013 Update 2 provides additional task sequence templates to Configuration Manager.
+-   **Task sequences.** The task sequences in Configuration Manager look and feel pretty much like the sequences in MDT Lite Touch, and they are used for the same purpose. However, in Configuration Manager the task sequence is delivered to the clients as a policy via the Management Point (MP). MDT provides additional task sequence templates to Configuration Manager.
 
     **Note**  Configuration Manager SP1 along with the Windows Assessment and Deployment Kit (ADK) for Windows 10 are required to support management and deployment of Windows 10.
 

windows/deploy/deploy-windows-10-with-the-microsoft-deployment-toolkit.md

@@ -1,6 +1,6 @@
 ---
 title: Deploy Windows 10 with the Microsoft Deployment Toolkit (Windows 10)
-description: This guide will walk you through the process of deploying Windows 10 in an enterprise environment using the Microsoft Deployment Toolkit (MDT), and MDT 2013 Update 2 specifically.
+description: This guide will walk you through the process of deploying Windows 10 in an enterprise environment using the Microsoft Deployment Toolkit (MDT).
 ms.assetid: 837f009c-617e-4b3f-9028-2246067ee0fb
 keywords: deploy, tools, configure, script
 ms.prod: w10
@@ -16,10 +16,10 @@ ms.pagetype: mdt
 **Applies to**
 -   Windows 10
 
-This guide will walk you through the process of deploying Windows 10 in an enterprise environment using the Microsoft Deployment Toolkit (MDT), and MDT 2013 Update 2 specifically.
+This guide will walk you through the process of deploying Windows 10 in an enterprise environment using the Microsoft Deployment Toolkit (MDT).
 
 The Microsoft Deployment Toolkit is a unified collection of tools, processes, and guidance for automating desktop and server deployment. In addition to reducing deployment time and standardizing desktop and server images, MDT enables you to more easily manage security and ongoing configurations. MDT builds on top of the core deployment tools in the Windows Assessment and Deployment Kit (Windows ADK) with additional guidance and features designed to reduce the complexity and time required for deployment in an enterprise environment.
-MDT 2013 Update 2 supports the deployment of Windows 10, as well as Windows 7, Windows 8, Windows 8.1, and Windows Server 2012 R2. It also includes support for zero-touch installation (ZTI) with Microsoft System Center 2012 R2 Configuration Manager.
+MDT supports the deployment of Windows 10, as well as Windows 7, Windows 8, Windows 8.1, and Windows Server 2012 R2. It also includes support for zero-touch installation (ZTI) with Microsoft System Center 2012 R2 Configuration Manager.
 
 To download the latest version of MDT, visit the [MDT resource page](https://go.microsoft.com/fwlink/p/?LinkId=618117).
 
@@ -27,11 +27,11 @@ To download the latest version of MDT, visit the [MDT resource page](https://go.
 
 -   [Get started with the Microsoft Deployment Toolkit (MDT)](get-started-with-the-microsoft-deployment-toolkit.md)
 -   [Create a Windows 10 reference image](create-a-windows-10-reference-image.md)
--   [Deploy a Windows 10 image using MDT 2013 Update 2](deploy-a-windows-10-image-using-mdt.md)
+-   [Deploy a Windows 10 image using MDT](deploy-a-windows-10-image-using-mdt.md)
 -   [Build a distributed environment for Windows 10 deployment](build-a-distributed-environment-for-windows-10-deployment.md)
 -   [Refresh a Windows 7 computer with Windows 10](refresh-a-windows-7-computer-with-windows-10.md)
 -   [Replace a Windows 7 computer with a Windows 10 computer](replace-a-windows-7-computer-with-a-windows-10-computer.md)
--   [Configure MDT settings](configure-mdt-2013-settings.md)
+-   [Configure MDT settings](configure-mdt-settings.md)
 
 ## <a href="" id="proof"></a>Proof-of-concept environment
 

windows/deploy/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md

@@ -138,7 +138,7 @@ This sections provides steps to help you create a deployment for the task sequen
 ## <a href="" id="sec06"></a>Configure Configuration Manager to prompt for the computer name during deployment (optional)
 
 
-You can have Configuration Manager prompt you for a computer name or you can use rules to generate a computer name. For more details on how to do this, see [Configure MDT settings](configure-mdt-2013-settings.md).
+You can have Configuration Manager prompt you for a computer name or you can use rules to generate a computer name. For more details on how to do this, see [Configure MDT settings](configure-mdt-settings.md).
 
 This section provides steps to help you configure the All Unknown Computers collection to have Configuration Manager prompt for computer names.
 
@@ -162,7 +162,7 @@ This section provides steps to help you configure the All Unknown Computers coll
 ## Related topics
 
 
-[Integrate Configuration Manager with MDT 2013 Update 2](integrate-configuration-manager-with-mdt-2013.md)
+[Integrate Configuration Manager with MDT](integrate-configuration-manager-with-mdt.md)
 
 [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
 

windows/deploy/get-started-with-the-microsoft-deployment-toolkit.md

@@ -1,6 +1,6 @@
 ---
 title: Get started with the Microsoft Deployment Toolkit (MDT) (Windows 10)
-description: This topic will help you gain a better understanding of how to use the Microsoft Deployment Toolkit (MDT), and MDT 2013 Update 2 in particular, as part of a Windows operating system deployment.
+description: This topic will help you gain a better understanding of how to use the Microsoft Deployment Toolkit (MDT), as part of a Windows operating system deployment.
 ms.assetid: a256442c-be47-4bb9-a105-c831f58ce3ee
 keywords: deploy, image, feature, install, tools
 ms.prod: w10
@@ -16,9 +16,9 @@ author: mtniehaus
 **Applies to**
 -   Windows 10
 
-This topic will help you gain a better understanding of how to use the Microsoft Deployment Toolkit (MDT), and MDT 2013 Update 2 in particular, as part of a Windows operating system deployment. MDT is one of the most important tools available to IT professionals today. You can use it to create reference images or as a complete deployment solution. MDT 2013 Update 2 also can be used to extend the operating system deployment features available in Microsoft System Center 2012 R2 Configuration Manager.
+This topic will help you gain a better understanding of how to use the Microsoft Deployment Toolkit (MDT), as part of a Windows operating system deployment. MDT is one of the most important tools available to IT professionals today. You can use it to create reference images or as a complete deployment solution. MDT also can be used to extend the operating system deployment features available in Microsoft System Center 2012 R2 Configuration Manager.
 
-In addition to familiarizing you with the features and options available in MDT 2013 Update 2, this topic will walk you through the process of preparing for deploying Windows 10 using MDT by configuring Active Directory, creating an organizational unit (OU) structure, creating service accounts, configuring log files and folders, and installing the tools needed to view the logs and continue with the deployment process.
+In addition to familiarizing you with the features and options available in MDT, this topic will walk you through the process of preparing for deploying Windows 10 using MDT by configuring Active Directory, creating an organizational unit (OU) structure, creating service accounts, configuring log files and folders, and installing the tools needed to view the logs and continue with the deployment process.
 
 For the purposes of this topic, we will use two machines: DC01 and MDT01. DC01 is a domain controller and MDT01 is a Windows Server 2012 R2 standard server. MDT01 is a member of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see 
 [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md#proof).
@@ -29,9 +29,9 @@ Figure 1. The machines used in this topic.
 
 ## In this section
 
--   [Key features in MDT 2013 Update 2](key-features-in-mdt-2013.md)
+-   [Key features in MDT](key-features-in-mdt.md)
--   [MDT 2013 Update 2 Lite Touch components](mdt-2013-lite-touch-components.md)
+-   [MDT Lite Touch components](mdt-lite-touch-components.md)
--   [Prepare for deployment with MDT 2013 Update 2](prepare-for-windows-deployment-with-mdt-2013.md)
+-   [Prepare for deployment with MDT](prepare-for-windows-deployment-with-mdt.md)
 
 ## Related topics
 
@@ -39,7 +39,7 @@ Figure 1. The machines used in this topic.
 
 [Create a Windows 10 reference image](create-a-windows-10-reference-image.md)
 
-[Deploy a Windows 10 image using MDT 2013 Update 2](deploy-a-windows-10-image-using-mdt.md)
+[Deploy a Windows 10 image using MDT](deploy-a-windows-10-image-using-mdt.md)
 
 [Build a distributed environment for Windows 10 deployment](build-a-distributed-environment-for-windows-10-deployment.md)
 
@@ -47,4 +47,4 @@ Figure 1. The machines used in this topic.
 
 [Replace a Windows 7 computer with a Windows 10 computer](replace-a-windows-7-computer-with-a-windows-10-computer.md)
 
-[Configure MDT settings](configure-mdt-2013-settings.md)
+[Configure MDT settings](configure-mdt-settings.md)

windows/deploy/index.md

@@ -19,9 +19,9 @@ Learn about deploying Windows 10 for IT professionals.
 |[Windows 10 deployment scenarios](windows-10-deployment-scenarios.md) |To successfully deploy the Windows 10 operating system in your organization, it is important to understand the different ways that it can be deployed, especially now that there are new scenarios to consider. Choosing among these scenarios, and understanding the key capabilities and limitations of each, is a key task. |
 |[Manage Windows upgrades with Upgrade Readiness](manage-windows-upgrades-with-upgrade-readiness.md) |With Upgrade Readiness, enterprises now have the tools to plan and manage the upgrade process end to end, allowing them to adopt new Windows releases more quickly. With Windows telemetry enabled, Upgrade Readiness collects system, application, and driver data for analysis. We then identify compatibility issues that can block an upgrade and suggest fixes when they are known to Microsoft. The Upgrade Readiness workflow steps you through the discovery and rationalization process until you have a list of computers that are ready to be upgraded. | 
 |[Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md) |This guide contains instructions to configure a proof of concept (PoC) environment requiring a minimum amount of resources. The guide makes extensive use of Windows PowerShell and Hyper-V. Subsequent companion guides contain steps to deploy Windows 10 using the PoC environment. After completing this guide, see the following Windows 10 PoC deployment guides: [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md), [Deploy Windows 10 in a test lab using System Center Configuration Manager](windows-10-poc-sc-config-mgr.md). |
-|[Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md) |This guide will walk you through the process of deploying Windows 10 in an enterprise environment using the Microsoft Deployment Toolkit (MDT), and MDT 2013 Update 2 specifically. |
+|[Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md) |This guide will walk you through the process of deploying Windows 10 in an enterprise environment using the Microsoft Deployment Toolkit (MDT). |
-|[Deploy Windows 10 with System Center 2012 R2 Configuration Manager](deploy-windows-10-with-system-center-2012-r2-configuration-manager.md) |If you have Microsoft System Center 2012 R2 Configuration Manager in your environment, you will most likely want to use it to deploy Windows 10. This topic will show you how to set up Configuration Manager for operating system deployment and how to integrate Configuration Manager with the Microsoft Deployment Toolkit (MDT) or, more specifically, MDT 2013 Update 2. |
+|[Deploy Windows 10 with System Center 2012 R2 Configuration Manager](deploy-windows-10-with-system-center-2012-r2-configuration-manager.md) |If you have Microsoft System Center 2012 R2 Configuration Manager in your environment, you will most likely want to use it to deploy Windows 10. This topic will show you how to set up Configuration Manager for operating system deployment and how to integrate Configuration Manager with the Microsoft Deployment Toolkit (MDT) or. |
-|[Upgrade to Windows 10 with the Microsoft Deployment Toolkit](upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md) |The simplest path to upgrade PCs that are currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a Microsoft Deployment Toolkit (MDT) 2013 Update 2 task sequence to completely automate the process. |
+|[Upgrade to Windows 10 with the Microsoft Deployment Toolkit](upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md) |The simplest path to upgrade PCs that are currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a Microsoft Deployment Toolkit (MDT) task sequence to completely automate the process. |
 |[Upgrade to Windows 10 with System Center Configuration Manager](upgrade-to-windows-10-with-system-center-configuraton-manager.md) |The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a System Center Configuration Manager task sequence to completely automate the process. |
 |[Resolve Windows 10 upgrade errors](resolve-windows-10-upgrade-errors.md) |This topic provides a brief introduction to Windows 10 installation processes, and provides resolution procedures that IT administrators can use to resolve issues with Windows 10 upgrade. |
 |[Convert MBR partition to GPT](mbr-to-gpt.md) |This topic provides detailed instructions for using the MBR2GPT partition conversion tool. |

windows/deploy/integrate-configuration-manager-with-mdt-2013.md

@@ -1,116 +1,4 @@
 ---
 title: Integrate Configuration Manager with MDT 2013 Update 2 (Windows 10)
-description: This topic will help you understand the benefits of integrating the Microsoft Deployment Toolkit with Microsoft System Center 2012 R2 Configuration Manager SP1 when you deploy a new or updated version of the Windows operating system.
+redirect_url: integrate-configuration-manager-with-mdt
-ms.assetid: 3bd1cf92-81e5-48dc-b874-0f5d9472e5a5
-ms.pagetype: mdt
-keywords: deploy, image, customize, task sequence
-ms.prod: w10
-localizationpriority: high
-ms.mktglfcycl: deploy
-ms.sitesec: library
-author: mtniehaus
 ---
-
-# Integrate Configuration Manager with MDT 2013 Update 2
-
-**Applies to**
--   Windows 10
-
-This topic will help you understand the benefits of integrating the Microsoft Deployment Toolkit with Microsoft System Center 2012 R2 Configuration Manager SP1 when you deploy a new or updated version of the Windows operating system.
-MDT 2013 is a free, supported download from Microsoft that adds approximately 280 enhancements to Windows operating system deployment with System Center 2012 R2 Configuration Manager SP1. It is, therefore, recommended that you utilize MDT when deploying the Windows operating system with Configuration Manager SP1. In addition to integrating MDT with Configuration Manager, we also recommend using MDT Lite Touch to create the Windows 10 reference images used in Configuration Manager. For more information on how to create a reference image, see [Create a Windows 10 reference image](create-a-windows-10-reference-image.md).
-
-## <a href="" id="sec01"></a>Why integrate MDT 2013 Update 2 with Configuration Manager
-
-As noted above, MDT adds many enhancements to Configuration Manager. While these enhancements are called Zero Touch, that name does not reflect how deployment is conducted. The following sections provide a few samples of the 280 enhancements that MDT 2013 Update 2 adds to Configuration Manager.
-
-### MDT enables dynamic deployment
-
-When MDT is integrated with Configuration Manager, the task sequence takes additional instructions from the MDT rules. In its most simple form, these settings are stored in a text file, the CustomSettings.ini file, but you can store the settings in Microsoft SQL Server databases, or have Microsoft Visual Basic Scripting Edition (VBScripts) or web services provide the settings used.
-
-The task sequence uses instructions that allow you to reduce the number of task sequences in Configuration Manager and instead store settings outside the task sequence. Here are a few examples:
--   The following settings instruct the task sequence to install the HP Hotkeys package, but only if the hardware is a HP EliteBook 8570w. Note that you don't have to add the package to the task sequence.
-
-    ``` syntax
-    [Settings] 
-    Priority=Model
-    [HP EliteBook 8570w] 
-    Packages001=PS100010:Install HP Hotkeys
-    ```
--   The following settings instruct the task sequence to put laptops and desktops in different organizational units (OUs) during deployment, assign different computer names, and finally have the task sequence install the Cisco VPN client, but only if the machine is a laptop.
-
-    ``` syntax
-    [Settings]
-    Priority= ByLaptopType, ByDesktopType
-    [ByLaptopType]
-    Subsection=Laptop-%IsLaptop%
-    [ByDesktopType]
-    Subsection=Desktop-%IsDesktop%
-    [Laptop-True]
-    Packages001=PS100012:Install Cisco VPN Client
-    OSDComputerName=LT-%SerialNumber%
-    MachineObjectOU=ou=laptops,ou=Contoso,dc=contoso,dc=com
-    [Desktop-True]
-    OSDComputerName=DT-%SerialNumber%
-    MachineObjectOU=ou=desktops,ou=Contoso,dc=contoso,dc=com
-    ```
-
-![figure 2](images/fig2-gather.png)
-
-Figure 2. The Gather action in the task sequence is reading the rules.
-
-### MDT adds an operating system deployment simulation environment
-
-When testing a deployment, it is important to be able to quickly test any changes you make to the deployment without needing to run through an entire deployment. MDT rules can be tested very quickly, saving significant testing time in a deployment project. For more information, see [Configure MDT settings](configure-mdt-2013-settings.md).
-
-![figure 3](images/mdt-06-fig03.png)
-
-Figure 3. The folder that contains the rules, a few scripts from MDT, and a custom script (Gather.ps1).
-
-### MDT adds real-time monitoring
-
-With MDT integration, you can follow your deployments in real time, and if you have access to Microsoft Diagnostics and Recovery Toolkit (DaRT), you can even remote into Windows Preinstallation Environment (Windows PE) during deployment. The real-time monitoring data can be viewed from within the MDT Deployment Workbench, via a web browser, Windows PowerShell, the Event Viewer, or Microsoft Excel 2013. In fact, any script or app that can read an Open Data (OData) feed can read the information.
-
-![figure 4](images/mdt-06-fig04.png)
-
-Figure 4. View the real-time monitoring data with PowerShell.
-
-### MDT adds an optional deployment wizard
-
-For some deployment scenarios, you may need to prompt the user for information during deployment such as the computer name, the correct organizational unit (OU) for the computer, or which applications should be installed by the task sequence. With MDT integration, you can enable the User-Driven Installation (UDI) wizard to gather the required information, and customize the wizard using the UDI Wizard Designer.
-
-![figure 5](images/mdt-06-fig05.png)
-
-Figure 5. The optional UDI wizard open in the UDI Wizard Designer.
-
-MDT Zero Touch simply extends Configuration Manager with many useful built-in operating system deployment components. By providing well-established, supported solutions, MDT reduces the complexity of deployment in Configuration Manager.
-
-## <a href="" id="sec02"></a>Why use MDT Lite Touch to create reference images
-
-You can create reference images for Configuration Manager in Configuration Manager, but in general we recommend creating them in MDT Lite Touch for the following reasons:
--   In a deployment project, it is typically much faster to create a reference image using MDT Lite Touch than Configuration Manager.
--   You can use the same image for every type of operating system deployment - Microsoft Virtual Desktop Infrastructure (VDI), Microsoft System Center 2012 R2 Virtual Machine Manager (SCVMM), MDT, Configuration Manager, Windows Deployment Services (WDS), and more.
--   Microsoft System Center 2012 R2 performs deployment in the LocalSystem context. This means that you cannot configure the Administrator account with all of the settings that you would like to be included in the image. MDT runs in the context of the Local Administrator, which means you can configure the look and feel of the configuration and then use the CopyProfile functionality to copy these changes to the default user during deployment.
--   The Configuration Manager task sequence does not suppress user interface interaction.
--   MDT Lite Touch supports a Suspend action that allows for reboots, which is useful when you need to perform a manual installation or check the reference image before it is automatically captured.
--   MDT Lite Touch does not require any infrastructure and is easy to delegate.
-
-## Related topics
-
-[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
-
-[Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md)
-
-[Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md)
-
-[Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md)
-
-[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md)
-
-[Create a task sequence with Configuration Manager and MDT](create-a-task-sequence-with-configuration-manager-and-mdt.md)
-
-[Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-10-using-pxe-and-configuration-manager.md)
-
-
-[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md)
-
-[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md) 

windows/deploy/integrate-configuration-manager-with-mdt.md

@@ -0,0 +1,116 @@
+---
+title: Integrate Configuration Manager with MDT (Windows 10)
+description: This topic will help you understand the benefits of integrating the Microsoft Deployment Toolkit with Microsoft System Center 2012 R2 Configuration Manager SP1 when you deploy a new or updated version of the Windows operating system.
+ms.assetid: 3bd1cf92-81e5-48dc-b874-0f5d9472e5a5
+ms.pagetype: mdt
+keywords: deploy, image, customize, task sequence
+ms.prod: w10
+localizationpriority: high
+ms.mktglfcycl: deploy
+ms.sitesec: library
+author: mtniehaus
+---
+
+# Integrate Configuration Manager with MDT
+
+**Applies to**
+-   Windows 10
+
+This topic will help you understand the benefits of integrating the Microsoft Deployment Toolkit with Microsoft System Center 2012 R2 Configuration Manager SP1 when you deploy a new or updated version of the Windows operating system.
+MDT is a free, supported download from Microsoft that adds approximately 280 enhancements to Windows operating system deployment with System Center 2012 R2 Configuration Manager SP1. It is, therefore, recommended that you utilize MDT when deploying the Windows operating system with Configuration Manager SP1. In addition to integrating MDT with Configuration Manager, we also recommend using MDT Lite Touch to create the Windows 10 reference images used in Configuration Manager. For more information on how to create a reference image, see [Create a Windows 10 reference image](create-a-windows-10-reference-image.md).
+
+## <a href="" id="sec01"></a>Why integrate MDT with Configuration Manager
+
+As noted above, MDT adds many enhancements to Configuration Manager. While these enhancements are called Zero Touch, that name does not reflect how deployment is conducted. The following sections provide a few samples of the 280 enhancements that MDT adds to Configuration Manager.
+
+### MDT enables dynamic deployment
+
+When MDT is integrated with Configuration Manager, the task sequence takes additional instructions from the MDT rules. In its most simple form, these settings are stored in a text file, the CustomSettings.ini file, but you can store the settings in Microsoft SQL Server databases, or have Microsoft Visual Basic Scripting Edition (VBScripts) or web services provide the settings used.
+
+The task sequence uses instructions that allow you to reduce the number of task sequences in Configuration Manager and instead store settings outside the task sequence. Here are a few examples:
+-   The following settings instruct the task sequence to install the HP Hotkeys package, but only if the hardware is a HP EliteBook 8570w. Note that you don't have to add the package to the task sequence.
+
+    ``` syntax
+    [Settings] 
+    Priority=Model
+    [HP EliteBook 8570w] 
+    Packages001=PS100010:Install HP Hotkeys
+    ```
+-   The following settings instruct the task sequence to put laptops and desktops in different organizational units (OUs) during deployment, assign different computer names, and finally have the task sequence install the Cisco VPN client, but only if the machine is a laptop.
+
+    ``` syntax
+    [Settings]
+    Priority= ByLaptopType, ByDesktopType
+    [ByLaptopType]
+    Subsection=Laptop-%IsLaptop%
+    [ByDesktopType]
+    Subsection=Desktop-%IsDesktop%
+    [Laptop-True]
+    Packages001=PS100012:Install Cisco VPN Client
+    OSDComputerName=LT-%SerialNumber%
+    MachineObjectOU=ou=laptops,ou=Contoso,dc=contoso,dc=com
+    [Desktop-True]
+    OSDComputerName=DT-%SerialNumber%
+    MachineObjectOU=ou=desktops,ou=Contoso,dc=contoso,dc=com
+    ```
+
+![figure 2](images/fig2-gather.png)
+
+Figure 2. The Gather action in the task sequence is reading the rules.
+
+### MDT adds an operating system deployment simulation environment
+
+When testing a deployment, it is important to be able to quickly test any changes you make to the deployment without needing to run through an entire deployment. MDT rules can be tested very quickly, saving significant testing time in a deployment project. For more information, see [Configure MDT settings](configure-mdt-settings.md).
+
+![figure 3](images/mdt-06-fig03.png)
+
+Figure 3. The folder that contains the rules, a few scripts from MDT, and a custom script (Gather.ps1).
+
+### MDT adds real-time monitoring
+
+With MDT integration, you can follow your deployments in real time, and if you have access to Microsoft Diagnostics and Recovery Toolkit (DaRT), you can even remote into Windows Preinstallation Environment (Windows PE) during deployment. The real-time monitoring data can be viewed from within the MDT Deployment Workbench, via a web browser, Windows PowerShell, the Event Viewer, or Microsoft Excel 2013. In fact, any script or app that can read an Open Data (OData) feed can read the information.
+
+![figure 4](images/mdt-06-fig04.png)
+
+Figure 4. View the real-time monitoring data with PowerShell.
+
+### MDT adds an optional deployment wizard
+
+For some deployment scenarios, you may need to prompt the user for information during deployment such as the computer name, the correct organizational unit (OU) for the computer, or which applications should be installed by the task sequence. With MDT integration, you can enable the User-Driven Installation (UDI) wizard to gather the required information, and customize the wizard using the UDI Wizard Designer.
+
+![figure 5](images/mdt-06-fig05.png)
+
+Figure 5. The optional UDI wizard open in the UDI Wizard Designer.
+
+MDT Zero Touch simply extends Configuration Manager with many useful built-in operating system deployment components. By providing well-established, supported solutions, MDT reduces the complexity of deployment in Configuration Manager.
+
+## <a href="" id="sec02"></a>Why use MDT Lite Touch to create reference images
+
+You can create reference images for Configuration Manager in Configuration Manager, but in general we recommend creating them in MDT Lite Touch for the following reasons:
+-   In a deployment project, it is typically much faster to create a reference image using MDT Lite Touch than Configuration Manager.
+-   You can use the same image for every type of operating system deployment - Microsoft Virtual Desktop Infrastructure (VDI), Microsoft System Center 2012 R2 Virtual Machine Manager (SCVMM), MDT, Configuration Manager, Windows Deployment Services (WDS), and more.
+-   Microsoft System Center 2012 R2 performs deployment in the LocalSystem context. This means that you cannot configure the Administrator account with all of the settings that you would like to be included in the image. MDT runs in the context of the Local Administrator, which means you can configure the look and feel of the configuration and then use the CopyProfile functionality to copy these changes to the default user during deployment.
+-   The Configuration Manager task sequence does not suppress user interface interaction.
+-   MDT Lite Touch supports a Suspend action that allows for reboots, which is useful when you need to perform a manual installation or check the reference image before it is automatically captured.
+-   MDT Lite Touch does not require any infrastructure and is easy to delegate.
+
+## Related topics
+
+[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
+
+[Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md)
+
+[Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md)
+
+[Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md)
+
+[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md)
+
+[Create a task sequence with Configuration Manager and MDT](create-a-task-sequence-with-configuration-manager-and-mdt.md)
+
+[Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-10-using-pxe-and-configuration-manager.md)
+
+
+[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md)
+
+[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md) 

windows/deploy/key-features-in-mdt-2013.md

@@ -1,62 +1,4 @@
 ---
 title: Key features in MDT 2013 Update 2 (Windows 10)
-description: The Microsoft Deployment Toolkit (MDT) has been in existence since 2003, when it was first introduced as Business Desktop Deployment (BDD) 1.0.
+redirect_url: key-features-in-mdt
-ms.assetid: 858e384f-e9db-4a93-9a8b-101a503e4868
+---
-keywords: deploy, feature, tools, upgrade, migrate, provisioning
-ms.prod: w10
-ms.mktglfcycl: deploy
-localizationpriority: high
-ms.sitesec: library
-ms.pagetype: mdt
-author: mtniehaus
----
-
-# Key features in MDT 2013 Update 2
-
-**Applies to**
--   Windows 10
-
-The Microsoft Deployment Toolkit (MDT) has been in existence since 2003, when it was first introduced as Business Desktop Deployment (BDD) 1.0. The toolkit has evolved, both in functionality and popularity, and today it is considered fundamental to Windows operating system and enterprise application deployment.
-
-MDT 2013 has many useful features, the most important of which are:
--   **Windows Client support.** Supports Windows 7, Windows 8, Windows 8.1, and Windows 10.
--   **Windows Server support.** Supports Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2.
--   **Additional operating systems support.** Supports Windows Thin PC and Windows Embedded POSReady 7, as well as Windows 8.1 Embedded Industry.
--   **UEFI support.** Supports deployment to machines using Unified Extensible Firmware Interface (UEFI) version 2.3.1.
--   **GPT support.** Supports deployment to machines that require the new GUID (globally unique identifier) partition table (GPT) format. This is related to UEFI.
--   **Enhanced Windows PowerShell support.** Provides support for running PowerShell scripts.
-
-    ![figure 2](images/mdt-05-fig02.png)
-
-    Figure 2. The deployment share mounted as a standard PSDrive allows for administration using PowerShell.
-
--   **Add local administrator accounts.** Allows you to add multiple user accounts to the local Administrators group on the target computers, either via settings or the deployment wizard.
--   **Automated participation in CEIP and WER.** Provides configuration for participation in Windows Customer Experience Improvement Program (CEIP) and Windows Error Reporting (WER).
--   **Deploy Windows RE.** Enables deployment of a customized Windows Recovery Environment (Windows RE) as part of the task sequence.
--   **Deploy to VHD.** Provides ready-made task sequence templates for deploying Windows into a virtual hard disk (VHD) file.
--   **Improved deployment wizard.** Provides additional progress information and a cleaner UI for the Lite Touch Deployment Wizard.
--   **Monitoring.** Allows you to see the status of currently running deployments.
--   **Apply GPO Pack.** Allows you to deploy local group policy objects created by Microsoft Security Compliance Manager (SCM).
--   **Partitioning routines.** Provides improved partitioning routines to ensure that deployments work regardless of the current hard drive structure.
--   **Offline BitLocker.** Provides the capability to have BitLocker enabled during the Windows Preinstallation Environment (Windows PE) phase, thus saving hours of encryption time.
--   **USMT offline user-state migration.** Provides support for running the User State Migration Tool (USMT) capture offline, during the Windows PE phase of the deployment.
-
-    ![figure 3](images/mdt-05-fig03.png)
-
-    Figure 3. The offline USMT backup in action.
-
--   **Install or uninstall Windows roles or features.** Enables you to select roles and features as part of the deployment wizard. MDT also supports uninstall of roles and features.
--   **Microsoft System Center 2012 Orchestrator integration.** Provides the capability to use Orchestrator runbooks as part of the task sequence.
--   **Support for DaRT.** Supports optional integration of the DaRT components into the boot image.
--   **Support for Office 2013.** Provides added support for deploying Microsoft Office Professional Plus 2013.
--   **Support for Modern UI app package provisioning.** Provisions applications based on the new Windows app package standard, which is used in Windows 8 and later.
--   **Extensibility.** Provides the capability to extend MDT far beyond the built-in features by adding custom scripts, web services, System Center Orchestrator runbooks, PowerShell scripts, and VBScripts.
--   **Upgrade task sequence.** Provides a new upgrade task sequence template that you can use to upgrade existing Windows 7, Windows 8, and Windows 8.1 systems directly to Windows 10, automatically preserving all data, settings, applications, and drivers. For more information about using this new upgrade task sequence, refer to the [Microsoft Deployment Toolkit resource page](https://go.microsoft.com/fwlink/p/?LinkId=618117).
-
-## Related topics
-
-[Prepare for deployment with MDT 2013 Update 2](prepare-for-windows-deployment-with-mdt-2013.md)
-
-[MDT 2013 Update 2 Lite Touch components](mdt-2013-lite-touch-components.md)
- 
- 

windows/deploy/key-features-in-mdt.md

@@ -0,0 +1,62 @@
+---
+title: Key features in MDT (Windows 10)
+description: The Microsoft Deployment Toolkit (MDT) has been in existence since 2003, when it was first introduced as Business Desktop Deployment (BDD) 1.0.
+ms.assetid: 858e384f-e9db-4a93-9a8b-101a503e4868
+keywords: deploy, feature, tools, upgrade, migrate, provisioning
+ms.prod: w10
+ms.mktglfcycl: deploy
+localizationpriority: high
+ms.sitesec: library
+ms.pagetype: mdt
+author: mtniehaus
+---
+
+# Key features in MDT
+
+**Applies to**
+-   Windows 10
+
+The Microsoft Deployment Toolkit (MDT) has been in existence since 2003, when it was first introduced as Business Desktop Deployment (BDD) 1.0. The toolkit has evolved, both in functionality and popularity, and today it is considered fundamental to Windows operating system and enterprise application deployment.
+
+MDT has many useful features, the most important of which are:
+-   **Windows Client support.** Supports Windows 7, Windows 8, Windows 8.1, and Windows 10.
+-   **Windows Server support.** Supports Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2.
+-   **Additional operating systems support.** Supports Windows Thin PC and Windows Embedded POSReady 7, as well as Windows 8.1 Embedded Industry.
+-   **UEFI support.** Supports deployment to machines using Unified Extensible Firmware Interface (UEFI) version 2.3.1.
+-   **GPT support.** Supports deployment to machines that require the new GUID (globally unique identifier) partition table (GPT) format. This is related to UEFI.
+-   **Enhanced Windows PowerShell support.** Provides support for running PowerShell scripts.
+
+    ![figure 2](images/mdt-05-fig02.png)
+
+    Figure 2. The deployment share mounted as a standard PSDrive allows for administration using PowerShell.
+
+-   **Add local administrator accounts.** Allows you to add multiple user accounts to the local Administrators group on the target computers, either via settings or the deployment wizard.
+-   **Automated participation in CEIP and WER.** Provides configuration for participation in Windows Customer Experience Improvement Program (CEIP) and Windows Error Reporting (WER).
+-   **Deploy Windows RE.** Enables deployment of a customized Windows Recovery Environment (Windows RE) as part of the task sequence.
+-   **Deploy to VHD.** Provides ready-made task sequence templates for deploying Windows into a virtual hard disk (VHD) file.
+-   **Improved deployment wizard.** Provides additional progress information and a cleaner UI for the Lite Touch Deployment Wizard.
+-   **Monitoring.** Allows you to see the status of currently running deployments.
+-   **Apply GPO Pack.** Allows you to deploy local group policy objects created by Microsoft Security Compliance Manager (SCM).
+-   **Partitioning routines.** Provides improved partitioning routines to ensure that deployments work regardless of the current hard drive structure.
+-   **Offline BitLocker.** Provides the capability to have BitLocker enabled during the Windows Preinstallation Environment (Windows PE) phase, thus saving hours of encryption time.
+-   **USMT offline user-state migration.** Provides support for running the User State Migration Tool (USMT) capture offline, during the Windows PE phase of the deployment.
+
+    ![figure 3](images/mdt-05-fig03.png)
+
+    Figure 3. The offline USMT backup in action.
+
+-   **Install or uninstall Windows roles or features.** Enables you to select roles and features as part of the deployment wizard. MDT also supports uninstall of roles and features.
+-   **Microsoft System Center 2012 Orchestrator integration.** Provides the capability to use Orchestrator runbooks as part of the task sequence.
+-   **Support for DaRT.** Supports optional integration of the DaRT components into the boot image.
+-   **Support for Office 2013.** Provides added support for deploying Microsoft Office Professional Plus 2013.
+-   **Support for Modern UI app package provisioning.** Provisions applications based on the new Windows app package standard, which is used in Windows 8 and later.
+-   **Extensibility.** Provides the capability to extend MDT far beyond the built-in features by adding custom scripts, web services, System Center Orchestrator runbooks, PowerShell scripts, and VBScripts.
+-   **Upgrade task sequence.** Provides a new upgrade task sequence template that you can use to upgrade existing Windows 7, Windows 8, and Windows 8.1 systems directly to Windows 10, automatically preserving all data, settings, applications, and drivers. For more information about using this new upgrade task sequence, refer to the [Microsoft Deployment Toolkit resource page](https://go.microsoft.com/fwlink/p/?LinkId=618117).
+
+## Related topics
+
+[Prepare for deployment with MDT](prepare-for-windows-deployment-with-mdt.md)
+
+[MDT Lite Touch components](mdt-lite-touch-components.md)
+ 
+ 

windows/deploy/mdt-2013-lite-touch-components.md

@@ -1,119 +1,4 @@
 ---
 title: MDT 2013 Update 2 Lite Touch components (Windows 10)
-description: This topic provides an overview of the features in the Microsoft Deployment Toolkit (MDT) 2013 Update 2 that support Lite Touch Installation (LTI) for Windows 10.
+redirect_url: mdt-lite-touch-components
-ms.assetid: 7d6fc159-e338-439e-a2e6-1778d0da9089
+---
-keywords: deploy, install, deployment, boot, log, monitor
-ms.prod: w10
-ms.mktglfcycl: deploy
-localizationpriority: high
-ms.sitesec: library
-ms.pagetype: mdt
-author: mtniehaus
----
-
-# MDT 2013 Update 2 Lite Touch components
-
-**Applies to**
--   Windows 10
-
-This topic provides an overview of the features in the Microsoft Deployment Toolkit (MDT) 2013 Update 2 that support Lite Touch Installation (LTI) for Windows 10. An LTI deployment strategy requires very little infrastructure or user interaction, and can be used to deploy an operating system from a network share or from a physical media, such as a USB flash drive or disc.
-When deploying the Windows operating system using MDT, most of the administration and configuration is done through the Deployment Workbench, but you also can perform many of the tasks using Windows PowerShell. The easiest way to find out how to use PowerShell in MDT is to use the Deployment Workbench to perform an operation and at the end of that task, click View Script. That will give you the PowerShell command.
-
-![figure 4](images/mdt-05-fig04.png)
-
-Figure 4. If you click **View Script** on the right side, you will get the PowerShell code that was used to perform the task.
-
-## <a href="" id="sec01"></a>Deployment shares
-
-A deployment share is essentially a folder on the server that is shared and contains all the setup files and scripts needed for the deployment solution. It also holds the configuration files (called rules) that are gathered when a machine is deployed. These configuration files can reach out to other sources, like a database, external script, or web server to get additional settings for the deployment. For Lite Touch deployments, it is common to have two deployment shares: one for creating the reference images and one for deployment. For Zero Touch, it is common to have only the deployment share for creating reference images because Microsoft System Center 2012 R2 Configuration Manager deploys the image in the production environment.
-
-## <a href="" id="sec02"></a>Rules
-
-The rules (CustomSettings.ini and Bootstrap.ini) make up the brain of MDT. The rules control the Windows Deployment Wizard on the client and, for example, can provide the following settings to the machine being deployed:
--   Computer name
--   Domain to join, and organizational unit (OU) in Active Directory to hold the computer object
--   Whether to enable BitLocker
--   Regional settings
-You can manage hundreds of settings in the rules. For more information, see the [Microsoft Deployment Toolkit resource center](https://go.microsoft.com/fwlink/p/?LinkId=618117).
-
-![figure 5](images/mdt-05-fig05.png)
-
-Figure 5. Example of a MDT rule. In this example, the new computer name is being calculated based on PC- plus the first seven (Left) characters from the serial number
-
-## <a href="" id="sec03"></a>Boot images
-
-Boot images are the Windows Preinstallation Environment (Windows PE) images that are used to start the deployment. They can be started from a CD or DVD, an ISO file, a USB device, or over the network using a Pre-Boot Execution Environment (PXE) server. The boot images connect to the deployment 
-share on the server and start the deployment.
-
-## <a href="" id="sec04"></a>Operating systems
-
-Using the Deployment Workbench, you import the operating systems you want to deploy. You can import either the full source (like the full Windows 10 DVD/ISO) or a custom image that you have created. The full-source operating systems are primarily used to create reference images; however, they also can be used for normal deployments.
-
-## <a href="" id="sec05"></a>Applications
-
-Using the Deployment Workbench, you also add the applications you want to deploy. MDT supports virtually every executable Windows file type. The file can be a standard .exe file with command-line switches for an unattended install, a Microsoft Windows Installer (MSI) package, a batch file, or a VBScript. In fact, it can be just about anything that can be executed unattended. MDT also supports the new Universal Windows apps.
-
-## <a href="" id="sec06"></a>Driver repository
-
-You also use the Deployment Workbench to import the drivers your hardware needs into a driver repository that lives on the server, not in the image.
-
-## <a href="" id="sec07"></a>Packages
-
-With the Deployment Workbench, you can add any Microsoft packages that you want to use. The most commonly added packages are language packs, and the Deployment Workbench Packages node works well for those. You also can add security and other updates this way. However, we generally recommend that you use Windows Server Update Services (WSUS) for operating system updates. The rare exceptions are critical hotfixes that are not available via WSUS, packages for the boot image, or any other package that needs to be deployed before the WSUS update process starts.
-
-## <a href="" id="sec08"></a>Task sequences
-
-Task sequences are the heart and soul of the deployment solution. When creating a task sequence, you need to select a template. The templates are located in the Templates folder in the MDT installation directory, and they determine which default actions are present in the sequence.
-
-You can think of a task sequence as a list of actions that need to be executed in a certain order. Each action can also have conditions. Some examples of actions are as follows:
--   **Gather.** Reads configuration settings from the deployment server.
--   **Format and Partition.** Creates the partition(s) and formats them.
--   **Inject Drivers.** Finds out which drivers the machine needs and downloads them from the central driver repository.
--   **Apply Operating System.** Uses ImageX to apply the image.
--   **Windows Update.** Connects to a WSUS server and updates the machine.
-
-## <a href="" id="sec09"></a>Task sequence templates
-
-MDT comes with nine default task sequence templates. You can also create your own templates. As long as you store them in the Templates folder, they will be available when you create a new task sequence.
--   **Sysprep and Capture task sequence.** Used to run the System Preparation (Sysprep) tool and capture an image of a reference computer.
-
-    **Note**  
-    It is preferable to use a complete build and capture instead of the Sysprep and Capture task sequence. A complete build and capture can be automated, whereas Sysprep and Capture cannot.
-     
--   **Standard Client task sequence.** The most frequently used task sequence. Used for creating reference images and for deploying clients in production.
--   **Standard Client Replace task sequence.** Used to run User State Migration Tool (USMT) backup and the optional full Windows Imaging (WIM) backup action. Can also be used to do a secure wipe of a machine that is going to be decommissioned.
--   **Custom task sequence.** As the name implies, a custom task sequence with only one default action (one Install Application action).
--   **Standard Server task sequence.** The default task sequence for deploying operating system images to servers. The main difference between this template and the Standard Client task sequence template is that it does not contain any USMT actions because USMT is not supported on servers.
--   **Lite Touch OEM task sequence.** Used to preload operating systems images on the computer hard drive. Typically used by computer original equipment manufacturers (OEMs) but some enterprise organizations also use this feature.
--   **Post OS Installation task sequence.** A task sequence prepared to run actions after the operating system has been deployed. Very useful for server deployments but not often used for client deployments.
--   **Deploy to VHD Client task sequence.** Similar to the Standard Client task sequence template but also creates a virtual hard disk (VHD) file on the target computer and deploys the image to the VHD file.
--   **Deploy to VHD Server task sequence.** Same as the Deploy to VHD Client task sequence but for servers.
--   **Standard Client Upgrade task sequence.** A simple task sequence template used to perform an in-place upgrade from Windows 7, Windows 8, or Windows 8.1 directly to Windows 10, automatically preserving existing data, settings, applications, and drivers.
-
-## <a href="" id="sec10"></a>Selection profiles
-
-Selection profiles, which are available in the Advanced Configuration node, provide a way to filter content in the Deployment Workbench. Selection profiles are used for several purposes in the Deployment Workbench and in Lite Touch deployments. For example, they can be used to:
--   Control which drivers and packages are injected into the Lite Touch (and generic) boot images.
--   Control which drivers are injected during the task sequence.
--   Control what is included in any media that you create.
--   Control what is replicated to other deployment shares.
--   Filter which task sequences and applications are displayed in the Deployment Wizard.
-
-## <a href="" id="sec11"></a>Logging
-
-MDT uses many log files during operating system deployments. By default the logs are client side, but by configuring the deployment settings, you can have MDT store them on the server, as well.
-
-**Note**  
-The easiest way to view log files is to use Configuration Manager Trace (CMTrace), which is included in the [System Center 2012 R2 Configuration Manager Toolkit](https://go.microsoft.com/fwlink/p/?LinkId=734717).
- 
-## <a href="" id="sec12"></a>Monitoring
-
-On the deployment share, you also can enable monitoring. After you enable monitoring, you will see all running deployments in the Monitor node in the Deployment Workbench.
-
-## Related topics
-
-[Key features in MDT 2013 Update 2](key-features-in-mdt-2013.md)
-
-[Prepare for deployment with MDT 2013 Update 2](prepare-for-windows-deployment-with-mdt-2013.md)
- 
- 

windows/deploy/mdt-lite-touch-components.md

@@ -0,0 +1,117 @@
+---
+title: MDT Lite Touch components (Windows 10)
+description: This topic provides an overview of the features in the Microsoft Deployment Toolkit (MDT) that support Lite Touch Installation (LTI) for Windows 10.
+ms.assetid: 7d6fc159-e338-439e-a2e6-1778d0da9089
+keywords: deploy, install, deployment, boot, log, monitor
+ms.prod: w10
+ms.mktglfcycl: deploy
+localizationpriority: high
+ms.sitesec: library
+ms.pagetype: mdt
+author: mtniehaus
+---
+
+# MDT Lite Touch components
+
+**Applies to**
+-   Windows 10
+
+This topic provides an overview of the features in the Microsoft Deployment Toolkit (MDT) that support Lite Touch Installation (LTI) for Windows 10. An LTI deployment strategy requires very little infrastructure or user interaction, and can be used to deploy an operating system from a network share or from a physical media, such as a USB flash drive or disc.
+When deploying the Windows operating system using MDT, most of the administration and configuration is done through the Deployment Workbench, but you also can perform many of the tasks using Windows PowerShell. The easiest way to find out how to use PowerShell in MDT is to use the Deployment Workbench to perform an operation and at the end of that task, click View Script. That will give you the PowerShell command.
+
+![figure 4](images/mdt-05-fig04.png)
+
+Figure 4. If you click **View Script** on the right side, you will get the PowerShell code that was used to perform the task.
+
+## <a href="" id="sec01"></a>Deployment shares
+
+A deployment share is essentially a folder on the server that is shared and contains all the setup files and scripts needed for the deployment solution. It also holds the configuration files (called rules) that are gathered when a machine is deployed. These configuration files can reach out to other sources, like a database, external script, or web server to get additional settings for the deployment. For Lite Touch deployments, it is common to have two deployment shares: one for creating the reference images and one for deployment. For Zero Touch, it is common to have only the deployment share for creating reference images because Microsoft System Center 2012 R2 Configuration Manager deploys the image in the production environment.
+
+## <a href="" id="sec02"></a>Rules
+
+The rules (CustomSettings.ini and Bootstrap.ini) make up the brain of MDT. The rules control the Windows Deployment Wizard on the client and, for example, can provide the following settings to the machine being deployed:
+-   Computer name
+-   Domain to join, and organizational unit (OU) in Active Directory to hold the computer object
+-   Whether to enable BitLocker
+-   Regional settings
+You can manage hundreds of settings in the rules. For more information, see the [Microsoft Deployment Toolkit resource center](https://go.microsoft.com/fwlink/p/?LinkId=618117).
+
+![figure 5](images/mdt-05-fig05.png)
+
+Figure 5. Example of a MDT rule. In this example, the new computer name is being calculated based on PC- plus the first seven (Left) characters from the serial number
+
+## <a href="" id="sec03"></a>Boot images
+
+Boot images are the Windows Preinstallation Environment (Windows PE) images that are used to start the deployment. They can be started from a CD or DVD, an ISO file, a USB device, or over the network using a Pre-Boot Execution Environment (PXE) server. The boot images connect to the deployment 
+share on the server and start the deployment.
+
+## <a href="" id="sec04"></a>Operating systems
+
+Using the Deployment Workbench, you import the operating systems you want to deploy. You can import either the full source (like the full Windows 10 DVD/ISO) or a custom image that you have created. The full-source operating systems are primarily used to create reference images; however, they also can be used for normal deployments.
+
+## <a href="" id="sec05"></a>Applications
+
+Using the Deployment Workbench, you also add the applications you want to deploy. MDT supports virtually every executable Windows file type. The file can be a standard .exe file with command-line switches for an unattended install, a Microsoft Windows Installer (MSI) package, a batch file, or a VBScript. In fact, it can be just about anything that can be executed unattended. MDT also supports the new Universal Windows apps.
+
+## <a href="" id="sec06"></a>Driver repository
+
+You also use the Deployment Workbench to import the drivers your hardware needs into a driver repository that lives on the server, not in the image.
+
+## <a href="" id="sec07"></a>Packages
+
+With the Deployment Workbench, you can add any Microsoft packages that you want to use. The most commonly added packages are language packs, and the Deployment Workbench Packages node works well for those. You also can add security and other updates this way. However, we generally recommend that you use Windows Server Update Services (WSUS) for operating system updates. The rare exceptions are critical hotfixes that are not available via WSUS, packages for the boot image, or any other package that needs to be deployed before the WSUS update process starts.
+
+## <a href="" id="sec08"></a>Task sequences
+
+Task sequences are the heart and soul of the deployment solution. When creating a task sequence, you need to select a template. The templates are located in the Templates folder in the MDT installation directory, and they determine which default actions are present in the sequence.
+
+You can think of a task sequence as a list of actions that need to be executed in a certain order. Each action can also have conditions. Some examples of actions are as follows:
+-   **Gather.** Reads configuration settings from the deployment server.
+-   **Format and Partition.** Creates the partition(s) and formats them.
+-   **Inject Drivers.** Finds out which drivers the machine needs and downloads them from the central driver repository.
+-   **Apply Operating System.** Uses ImageX to apply the image.
+-   **Windows Update.** Connects to a WSUS server and updates the machine.
+
+## <a href="" id="sec09"></a>Task sequence templates
+
+MDT comes with nine default task sequence templates. You can also create your own templates. As long as you store them in the Templates folder, they will be available when you create a new task sequence.
+-   **Sysprep and Capture task sequence.** Used to run the System Preparation (Sysprep) tool and capture an image of a reference computer.
+
+    **Note**  
+    It is preferable to use a complete build and capture instead of the Sysprep and Capture task sequence. A complete build and capture can be automated, whereas Sysprep and Capture cannot.
+     
+-   **Standard Client task sequence.** The most frequently used task sequence. Used for creating reference images and for deploying clients in production.
+-   **Standard Client Replace task sequence.** Used to run User State Migration Tool (USMT) backup and the optional full Windows Imaging (WIM) backup action. Can also be used to do a secure wipe of a machine that is going to be decommissioned.
+-   **Custom task sequence.** As the name implies, a custom task sequence with only one default action (one Install Application action).
+-   **Standard Server task sequence.** The default task sequence for deploying operating system images to servers. The main difference between this template and the Standard Client task sequence template is that it does not contain any USMT actions because USMT is not supported on servers.
+-   **Lite Touch OEM task sequence.** Used to preload operating systems images on the computer hard drive. Typically used by computer original equipment manufacturers (OEMs) but some enterprise organizations also use this feature.
+-   **Post OS Installation task sequence.** A task sequence prepared to run actions after the operating system has been deployed. Very useful for server deployments but not often used for client deployments.
+-   **Deploy to VHD Client task sequence.** Similar to the Standard Client task sequence template but also creates a virtual hard disk (VHD) file on the target computer and deploys the image to the VHD file.
+-   **Deploy to VHD Server task sequence.** Same as the Deploy to VHD Client task sequence but for servers.
+-   **Standard Client Upgrade task sequence.** A simple task sequence template used to perform an in-place upgrade from Windows 7, Windows 8, or Windows 8.1 directly to Windows 10, automatically preserving existing data, settings, applications, and drivers.
+
+## <a href="" id="sec10"></a>Selection profiles
+
+Selection profiles, which are available in the Advanced Configuration node, provide a way to filter content in the Deployment Workbench. Selection profiles are used for several purposes in the Deployment Workbench and in Lite Touch deployments. For example, they can be used to:
+-   Control which drivers and packages are injected into the Lite Touch (and generic) boot images.
+-   Control which drivers are injected during the task sequence.
+-   Control what is included in any media that you create.
+-   Control what is replicated to other deployment shares.
+-   Filter which task sequences and applications are displayed in the Deployment Wizard.
+
+## <a href="" id="sec11"></a>Logging
+
+MDT uses many log files during operating system deployments. By default the logs are client side, but by configuring the deployment settings, you can have MDT store them on the server, as well.
+
+**Note**  
+The easiest way to view log files is to use Configuration Manager Trace (CMTrace), which is included in the [System Center 2012 R2 Configuration Manager Toolkit](https://go.microsoft.com/fwlink/p/?LinkId=734717).
+ 
+## <a href="" id="sec12"></a>Monitoring
+
+On the deployment share, you also can enable monitoring. After you enable monitoring, you will see all running deployments in the Monitor node in the Deployment Workbench.
+
+## Related topics
+
+[Key features in MDT](key-features-in-mdt.md)
+
+[Prepare for deployment with MDT](prepare-for-windows-deployment-with-mdt.md)

windows/deploy/monitor-windows-10-deployment-with-configuration-manager.md

@@ -52,7 +52,7 @@ To monitor an operating system deployment conducted through System Center 2012 R
 ## Related topics
 
 
-[Integrate Configuration Manager with MDT 2013 Update 2](integrate-configuration-manager-with-mdt-2013.md)
+[Integrate Configuration Manager with MDT](integrate-configuration-manager-with-mdt.md)
 
 [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
 

windows/deploy/prepare-for-windows-deployment-with-mdt-2013.md

@@ -1,122 +1,4 @@
 ---
 title: Prepare for deployment with MDT 2013 Update 2 (Windows 10)
-description: This topic will walk you through the steps necessary to create the server structure required to deploy the Windows 10 operating system using the Microsoft Deployment Toolkit (MDT) 2013 Update 2.
+redirect_url: prepare-for-windows-deployment-with-mdt
-ms.assetid: 5103c418-0c61-414b-b93c-a8e8207d1226
-keywords: deploy, system requirements
-ms.prod: w10
-ms.mktglfcycl: deploy
-localizationpriority: high
-ms.sitesec: library
-ms.pagetype: mdt
-author: mtniehaus
 ---
-
-# Prepare for deployment with MDT 2013 Update 2
-
-**Applies to**
--   Windows 10
-
-This topic will walk you through the steps necessary to create the server structure required to deploy the Windows 10 operating system using the Microsoft Deployment Toolkit (MDT) 2013 Update 2. It covers the installation of the necessary system prerequisites, the creation of shared folders and service accounts, and the configuration of security permissions in the files system and in Active Directory.
-
-For the purposes of this topic, we will use two machines: DC01 and MDT01. DC01 is a domain controller and MDT01 is a Windows Server 2012 R2 standard server. MDT01 is a member of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md#proof).
-
-## <a href="" id="sec01"></a>System requirements
-
-MDT 2013 Update 2 requires the following components:
--   Any of the following operating systems:
-    -   Windows 7
-    -   Windows 8
-    -   Windows 8.1
-    -   Windows 10
-    -   Windows Server 2008 R2
-    -   Windows Server 2012
-    -   Windows Server 2012 R2
--   Windows Assessment and Deployment Kit (ADK) for Windows 10
--   Windows PowerShell
--   Microsoft .NET Framework
-
-## <a href="" id="sec02"></a>Install Windows ADK for Windows 10
-
-These steps assume that you have the MDT01 member server installed and configured and that you have downloaded [Windows ADK for Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=526803) to the E:\\Downloads\\ADK folder.
-1.  On MDT01, log on as Administrator in the CONTOSO domain using a password of **P@ssw0rd**.
-2.  Start the **ADK Setup** (E:\\Downloads\\ADK\\adksetup.exe), and on the first wizard page, click **Continue**.
-3.  On the **Select the features you want to change** page, select the features below and complete the wizard using the default settings:
-    1.  Deployment Tools
-    2.  Windows Preinstallation Environment (Windows PE)
-    3.  User State Migration Tool (UMST)
-
-## <a href="" id="sec03"></a>Install MDT 2013 Update 2
-
-These steps assume that you have downloaded [MDT 2013 Update 2](https://go.microsoft.com/fwlink/p/?LinkId=618117 ) to the E:\\Downloads\\MDT 2013 folder on MDT01.
-
-1.  On MDT01, log on as Administrator in the CONTOSO domain using a password of **P@ssw0rd**.
-2.  Install **MDT** (E:\\Downloads\\MDT 2013\\MicrosoftDeploymentToolkit2013\_x64.msi) with the default settings.
-
-## <a href="" id="sec04"></a>Create the OU structure
-
-If you do not have an organizational unit (OU) structure in your Active Directory, you should create one. In this section, you create an OU structure and a service account for MDT 2013 Update 2.
-1.  On DC01, using Active Directory User and Computers, in the contoso.com domain level, create a top-level OU named **Contoso**.
-2.  In the **Contoso** OU, create the following OUs:
-    1.  Accounts
-    2.  Computers
-    3.  Groups
-3.  In the **Contoso / Accounts** OU, create the following underlying OUs:
-    1.  Admins
-    2.  Service Accounts
-    3.  Users
-4.  In the **Contoso / Computers** OU, create the following underlying OUs:
-    1.  Servers
-    2.  Workstations
-5.  In the **Contoso / Groups** OU, create the following OU:
-    -   Security Groups
-
-![figure 6](images/mdt-05-fig07.png)
-
-Figure 6. A sample of how the OU structure will look after all the OUs are created.
-
-## <a href="" id="sec05"></a>Create the MDT service account
-
-When creating a reference image, you need an account for MDT. The MDT Build Account is used for Windows Preinstallation Environment (Windows PE) to connect to MDT01.
-1.  On DC01, using Active Directory User and Computers, browse to **contoso.com / Contoso / Service Accounts**.
-2.  Select the **Service Accounts** OU and create the **MDT\_BA** account using the following settings:
-    1.  Name: MDT\_BA
-    2.  User logon name: MDT\_BA
-    3.  Password: P@ssw0rd
-    4.  User must change password at next logon: Clear
-    5.  User cannot change password: Selected
-    6.  Password never expires: Selected
-
-## <a href="" id="sec06"></a>Create and share the logs folder
-
-By default MDT stores the log files locally on the client. In order to capture a reference image, you will need to enable server-side logging and, to do that, you will need to have a folder in which to store the logs. For more information, see [Create a Windows 10 reference image](create-a-windows-10-reference-image.md).
-
-1.  On MDT01, log on as **CONTOSO\\Administrator**.
-2.  Create and share the **E:\\Logs** folder by running the following commands in an elevated Windows PowerShell prompt:
-
-    ``` syntax
-    New-Item -Path E:\Logs -ItemType directory
-    New-SmbShare -Name Logs$ -Path E:\Logs -ChangeAccess EVERYONE
-    icacls E:\Logs /grant '"MDT_BA":(OI)(CI)(M)'
-    ```
-
-![figure 7](images/mdt-05-fig08.png)
-
-Figure 7. The Sharing tab of the E:\\Logs folder after sharing it with PowerShell.
-
-## <a href="" id="sec07"></a>Use CMTrace to read log files (optional)
-
-The log files in MDT Lite Touch are formatted to be read by Configuration Manager Trace (CMTrace), which is available as part [of Microsoft System Center 2012 R2 Configuration Manager Toolkit](https://go.microsoft.com/fwlink/p/?LinkId=734717). You can use Notepad, but CMTrace formatting makes the logs easier to read.
-
-![figure 8](images/mdt-05-fig09.png)
-
-Figure 8. An MDT log file opened in Notepad.
-
-![figure 9](images/mdt-05-fig10.png)
-
-
-Figure 9. The same log file, opened in CMTrace, is much easier to read.
-## Related topics
-
-[Key features in MDT 2013 Update 2](key-features-in-mdt-2013.md)
-
-[MDT 2013 Update 2 Lite Touch components](mdt-2013-lite-touch-components.md)

windows/deploy/prepare-for-windows-deployment-with-mdt.md

@@ -0,0 +1,122 @@
+---
+title: Prepare for deployment with MDT (Windows 10)
+description: This topic will walk you through the steps necessary to create the server structure required to deploy the Windows 10 operating system using the Microsoft Deployment Toolkit (MDT).
+ms.assetid: 5103c418-0c61-414b-b93c-a8e8207d1226
+keywords: deploy, system requirements
+ms.prod: w10
+ms.mktglfcycl: deploy
+localizationpriority: high
+ms.sitesec: library
+ms.pagetype: mdt
+author: mtniehaus
+---
+
+# Prepare for deployment with MDT
+
+**Applies to**
+-   Windows 10
+
+This topic will walk you through the steps necessary to create the server structure required to deploy the Windows 10 operating system using the Microsoft Deployment Toolkit (MDT). It covers the installation of the necessary system prerequisites, the creation of shared folders and service accounts, and the configuration of security permissions in the files system and in Active Directory.
+
+For the purposes of this topic, we will use two machines: DC01 and MDT01. DC01 is a domain controller and MDT01 is a Windows Server 2012 R2 standard server. MDT01 is a member of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md#proof).
+
+## <a href="" id="sec01"></a>System requirements
+
+MDT requires the following components:
+-   Any of the following operating systems:
+    -   Windows 7
+    -   Windows 8
+    -   Windows 8.1
+    -   Windows 10
+    -   Windows Server 2008 R2
+    -   Windows Server 2012
+    -   Windows Server 2012 R2
+-   Windows Assessment and Deployment Kit (ADK) for Windows 10
+-   Windows PowerShell
+-   Microsoft .NET Framework
+
+## <a href="" id="sec02"></a>Install Windows ADK for Windows 10
+
+These steps assume that you have the MDT01 member server installed and configured and that you have downloaded [Windows ADK for Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=526803) to the E:\\Downloads\\ADK folder.
+1.  On MDT01, log on as Administrator in the CONTOSO domain using a password of **P@ssw0rd**.
+2.  Start the **ADK Setup** (E:\\Downloads\\ADK\\adksetup.exe), and on the first wizard page, click **Continue**.
+3.  On the **Select the features you want to change** page, select the features below and complete the wizard using the default settings:
+    1.  Deployment Tools
+    2.  Windows Preinstallation Environment (Windows PE)
+    3.  User State Migration Tool (UMST)
+
+## <a href="" id="sec03"></a>Install MDT
+
+These steps assume that you have downloaded [MDT](https://go.microsoft.com/fwlink/p/?LinkId=618117 ) to the E:\\Downloads\\MDT folder on MDT01.
+
+1.  On MDT01, log on as Administrator in the CONTOSO domain using a password of **P@ssw0rd**.
+2.  Install **MDT** (E:\\Downloads\\MDT\\MicrosoftDeploymentToolkit\_x64.msi) with the default settings.
+
+## <a href="" id="sec04"></a>Create the OU structure
+
+If you do not have an organizational unit (OU) structure in your Active Directory, you should create one. In this section, you create an OU structure and a service account for MDT.
+1.  On DC01, using Active Directory User and Computers, in the contoso.com domain level, create a top-level OU named **Contoso**.
+2.  In the **Contoso** OU, create the following OUs:
+    1.  Accounts
+    2.  Computers
+    3.  Groups
+3.  In the **Contoso / Accounts** OU, create the following underlying OUs:
+    1.  Admins
+    2.  Service Accounts
+    3.  Users
+4.  In the **Contoso / Computers** OU, create the following underlying OUs:
+    1.  Servers
+    2.  Workstations
+5.  In the **Contoso / Groups** OU, create the following OU:
+    -   Security Groups
+
+![figure 6](images/mdt-05-fig07.png)
+
+Figure 6. A sample of how the OU structure will look after all the OUs are created.
+
+## <a href="" id="sec05"></a>Create the MDT service account
+
+When creating a reference image, you need an account for MDT. The MDT Build Account is used for Windows Preinstallation Environment (Windows PE) to connect to MDT01.
+1.  On DC01, using Active Directory User and Computers, browse to **contoso.com / Contoso / Service Accounts**.
+2.  Select the **Service Accounts** OU and create the **MDT\_BA** account using the following settings:
+    1.  Name: MDT\_BA
+    2.  User logon name: MDT\_BA
+    3.  Password: P@ssw0rd
+    4.  User must change password at next logon: Clear
+    5.  User cannot change password: Selected
+    6.  Password never expires: Selected
+
+## <a href="" id="sec06"></a>Create and share the logs folder
+
+By default MDT stores the log files locally on the client. In order to capture a reference image, you will need to enable server-side logging and, to do that, you will need to have a folder in which to store the logs. For more information, see [Create a Windows 10 reference image](create-a-windows-10-reference-image.md).
+
+1.  On MDT01, log on as **CONTOSO\\Administrator**.
+2.  Create and share the **E:\\Logs** folder by running the following commands in an elevated Windows PowerShell prompt:
+
+    ``` syntax
+    New-Item -Path E:\Logs -ItemType directory
+    New-SmbShare -Name Logs$ -Path E:\Logs -ChangeAccess EVERYONE
+    icacls E:\Logs /grant '"MDT_BA":(OI)(CI)(M)'
+    ```
+
+![figure 7](images/mdt-05-fig08.png)
+
+Figure 7. The Sharing tab of the E:\\Logs folder after sharing it with PowerShell.
+
+## <a href="" id="sec07"></a>Use CMTrace to read log files (optional)
+
+The log files in MDT Lite Touch are formatted to be read by Configuration Manager Trace (CMTrace), which is available as part [of Microsoft System Center 2012 R2 Configuration Manager Toolkit](https://go.microsoft.com/fwlink/p/?LinkId=734717). You can use Notepad, but CMTrace formatting makes the logs easier to read.
+
+![figure 8](images/mdt-05-fig09.png)
+
+Figure 8. An MDT log file opened in Notepad.
+
+![figure 9](images/mdt-05-fig10.png)
+
+
+Figure 9. The same log file, opened in CMTrace, is much easier to read.
+## Related topics
+
+[Key features in MDT](key-features-in-mdt.md)
+
+[MDT Lite Touch components](mdt-lite-touch-components.md)

windows/deploy/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md

@@ -154,15 +154,15 @@ Figure 7. The E:\\Sources\\OSD folder structure.
 ## <a href="" id="sec04"></a>Integrate Configuration Manager with MDT
 
 
-To extend the Configuration Manager console with MDT 2013 Update 2 wizards and templates, you install MDT 2013 Update 2 in the default location and run the integration setup. In these steps, we assume you have downloaded MDT 2013 Update 2 to the C:\\Setup\\MDT2013 folder on CM01.
+To extend the Configuration Manager console with MDT wizards and templates, you install MDT in the default location and run the integration setup. In these steps, we assume you have downloaded MDT to the C:\\Setup\\MDT2013 folder on CM01.
 
 1.  On CM01, log on as Administrator in the CONTOSO domain using the password **P@ssw0rd**.
 
 2.  Make sure the Configuration Manager Console is closed before continuing.
 
-3.  Using File Explorer, navigate to the **C:\\Setup\\MDT 2013** folder.
+3.  Using File Explorer, navigate to the **C:\\Setup\\MDT** folder.
 
-4.  Run the MDT 2013 setup (MicrosoftDeploymentToolkit2013\_x64.msi), and use the default options in the setup wizard.
+4.  Run the MDT setup (MicrosoftDeploymentToolkit2013\_x64.msi), and use the default options in the setup wizard.
 
 5.  From the Start screen, run Configure ConfigManager Integration with the following settings:
 
@@ -172,7 +172,7 @@ To extend the Configuration Manager console with MDT 2013 Update 2 wizards and t
 
 ![figure 8](images/mdt-06-fig08.png)
 
-Figure 8. Set up the MDT 2013 Update 2 integration with Configuration Manager.
+Figure 8. Set up the MDT integration with Configuration Manager.
 
 ## <a href="" id="sec06"></a>Configure the client settings
 
@@ -248,7 +248,7 @@ Configuration Manager has many options for starting a deployment, but starting v
 ## Related topics
 
 
-[Integrate Configuration Manager with MDT 2013 Update 2](integrate-configuration-manager-with-mdt-2013.md)
+[Integrate Configuration Manager with MDT](integrate-configuration-manager-with-mdt.md)
 
 [Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md)
 

windows/deploy/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md

@@ -120,7 +120,7 @@ Now you can start the computer refresh on PC0003.
 ## Related topics
 
 
-[Integrate Configuration Manager with MDT 2013 Update 2](integrate-configuration-manager-with-mdt-2013.md)
+[Integrate Configuration Manager with MDT](integrate-configuration-manager-with-mdt.md)
 
 [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
 

windows/deploy/refresh-a-windows-7-computer-with-windows-10.md

@@ -1,6 +1,6 @@
 ---
 title: Refresh a Windows 7 computer with Windows 10 (Windows 10)
-description: This topic will show you how to use MDT 2013 Update 2 Lite Touch Installation (LTI) to upgrade a Windows 7 computer to a Windows 10 computer using the computer refresh process.
+description: This topic will show you how to use MDT Lite Touch Installation (LTI) to upgrade a Windows 7 computer to a Windows 10 computer using the computer refresh process.
 ms.assetid: 2866fb3c-4909-4c25-b083-6fc1f7869f6f
 keywords: reinstallation, customize, template, script, restore
 ms.prod: w10
@@ -16,7 +16,7 @@ author: mtniehaus
 **Applies to**
 -   Windows 10
 
-This topic will show you how to use MDT 2013 Update 2 Lite Touch Installation (LTI) to upgrade a Windows 7 computer to a Windows 10 computer using the computer refresh process. The refresh scenario, or computer refresh, is a reinstallation of an operating system on the same machine. You can refresh the machine to the same operating system as it is currently running, or to a later version.
+This topic will show you how to use MDT Lite Touch Installation (LTI) to upgrade a Windows 7 computer to a Windows 10 computer using the computer refresh process. The refresh scenario, or computer refresh, is a reinstallation of an operating system on the same machine. You can refresh the machine to the same operating system as it is currently running, or to a later version.
 
 For the purposes of this topic, we will use three machines: DC01, MDT01, and PC0001. DC01 is a domain controller and MDT01 is a Windows Server 2012 R2 Standard server. PC0001 is a machine with Windows 7 Service Pack 1 (SP1) that is going to be refreshed into a Windows 10 machine, with data and settings restored. MDT01 and PC0001 are members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md#proof).
 
@@ -119,10 +119,10 @@ Figure 2. Starting the computer refresh from the running Windows 7 SP1 client.
 
 [Create a Windows 10 reference image](create-a-windows-10-reference-image.md)
 
-[Deploy a Windows 10 image using MDT 2013 Update 2](deploy-a-windows-10-image-using-mdt.md)
+[Deploy a Windows 10 image using MDT](deploy-a-windows-10-image-using-mdt.md)
 
 [Build a distributed environment for Windows 10 deployment](build-a-distributed-environment-for-windows-10-deployment.md)
 
 [Replace a Windows 7 computer with a Windows 10 computer](replace-a-windows-7-computer-with-a-windows-10-computer.md)
 
-[Configure MDT settings](configure-mdt-2013-settings.md)
+[Configure MDT settings](configure-mdt-settings.md)

windows/deploy/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md

@@ -38,7 +38,7 @@ In this topic, you will create a backup-only task sequence that you run on PC000
 
 4.  On the **Boot Image** page, browse and select the **Zero Touch WinPE x64** boot image package. Then click **Next**.
 
-5.  On the **MDT Package** page, browse and select the **OSD / MDT 2013** package. Then click **Next**.
+5.  On the **MDT Package** page, browse and select the **OSD / MDT** package. Then click **Next**.
 
 6.  On the **USMT Package** page, browse and select the O**SD / Microsoft Corporation User State Migration Tool for Windows 8 10.0.10240.16384** package. Then click **Next**.
 
@@ -204,7 +204,7 @@ When the process is complete, you will have a new Windows 10 machine in your dom
 ## Related topics
 
 
-[Integrate Configuration Manager with MDT 2013 Update 2](integrate-configuration-manager-with-mdt-2013.md)
+[Integrate Configuration Manager with MDT](integrate-configuration-manager-with-mdt.md)
 
 [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
 

windows/deploy/replace-a-windows-7-computer-with-a-windows-10-computer.md

@@ -138,10 +138,10 @@ During a computer replace, these are the high-level steps that occur:
 
 [Create a Windows 10 reference image](create-a-windows-10-reference-image.md)
 
-[Deploy a Windows 10 image using MDT 2013 Update 2](deploy-a-windows-10-image-using-mdt.md)
+[Deploy a Windows 10 image using MDT](deploy-a-windows-10-image-using-mdt.md)
 
 [Build a distributed environment for Windows 10 deployment](build-a-distributed-environment-for-windows-10-deployment.md)
 
 [Refresh a Windows 7 computer with Windows 10](refresh-a-windows-7-computer-with-windows-10.md)
 
-[Configure MDT settings](configure-mdt-2013-settings.md)
+[Configure MDT settings](configure-mdt-settings.md)

windows/deploy/set-up-mdt-2013-for-bitlocker.md

@@ -1,159 +1,5 @@
 ---
 title: Set up MDT for BitLocker (Windows 10)
-ms.assetid: 386e6713-5c20-4d2a-a220-a38d94671a38
+redirect_url: set-up-mdt-for-bitlocker
-description: 
-keywords: disk, encryption, TPM, configure, secure, script
-ms.prod: w10
-ms.mktglfcycl: deploy
-localizationpriority: high
-ms.sitesec: library
-ms.pagetype: mdt
-author: mtniehaus
 ---
 
-# Set up MDT for BitLocker
-
-This topic will show you how to configure your environment for BitLocker, the disk volume encryption built into Windows 10 Enterprise and Windows 10 Pro, using MDT. BitLocker in Windows 10 has two requirements in regard to an operating system deployment:
--   A protector, which can either be stored in the Trusted Platform Module (TPM) chip, or stored as a password. Technically, you also can use a USB stick to store the protector, but it's not a practical approach as the USB stick can be lost or stolen. We, therefore, recommend that you instead use a TPM chip and/or a password.
--   Multiple partitions on the hard drive.
-
-To configure your environment for BitLocker, you will need to do the following:
-
-1.  Configure Active Directory for BitLocker.
-2.  Download the various BitLocker scripts and tools.
-3.  Configure the operating system deployment task sequence for BitLocker.
-4.  Configure the rules (CustomSettings.ini) for BitLocker.
-
-**Note**  
-Even though it is not a BitLocker requirement, we recommend configuring BitLocker to store the recovery key and TPM owner information in Active Directory. For additional information about these features, see [Backing Up BitLocker and TPM Recovery Information to AD DS](https://go.microsoft.com/fwlink/p/?LinkId=619548). If you have access to Microsoft BitLocker Administration and Monitoring (MBAM), which is part of Microsoft Desktop Optimization Pack (MDOP), you have additional management features for BitLocker.
- 
-For the purposes of this topic, we will use DC01, a domain controller that is a member of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md#proof).
-
-## <a href="" id="sec01"></a>Configure Active Directory for BitLocker
-
-To enable BitLocker to store the recovery key and TPM information in Active Directory, you need to create a Group Policy for it in Active Directory. For this section, we are running Windows Server 2012 R2, so you do not need to extend the Schema. You do, however, need to set the appropriate permissions in Active Directory.
-
-**Note**  
-Depending on the Active Directory Schema version, you might need to update the Schema before you can store BitLocker information in Active Directory.
- 
-In Windows Server 2012 R2 (as well as in Windows Server 2008 R2 and Windows Server 2012), you have access to the BitLocker Drive Encryption Administration Utilities features, which will help you manage BitLocker. When you install the features, the BitLocker Active Directory Recovery Password Viewer is included, and it extends Active Directory Users and Computers with BitLocker Recovery information.
-
-![figure 2](images/mdt-09-fig02.png)
-
-Figure 2. The BitLocker Recovery information on a computer object in the contoso.com domain.
-
-### Add the BitLocker Drive Encryption Administration Utilities
-
-The BitLocker Drive Encryption Administration Utilities are added as features via Server Manager (or Windows PowerShell):
-
-1.  On DC01, log on as **CONTOSO\\Administrator**, and, using Server Manager, click **Add roles and features**.
-2.  On the **Before you begin** page, click **Next**.
-3.  On the **Select installation type** page, select **Role-based or feature-based installation**, and click **Next**.
-4.  On the **Select destination server** page, select **DC01.contoso.com** and click **Next**.
-5.  On the **Select server roles** page, click **Next**.
-6.  On the **Select features** page, expand **Remote Server Administration Tools**, expand **Feature Administration Tools**, select the following features, and then click **Next**:
-    1.  BitLocker Drive Encryption Administration Utilities
-    2.  BitLocker Drive Encryption Tools
-    3.  BitLocker Recovery Password Viewer
-7.  On the **Confirm installation selections** page, click **Install** and then click **Close**.
-
-![figure 3](images/mdt-09-fig03.png)
-
-Figure 3. Selecting the BitLocker Drive Encryption Administration Utilities.
-
-### Create the BitLocker Group Policy
-
-Following these steps, you enable the backup of BitLocker and TPM recovery information to Active Directory. You also enable the policy for the TPM validation profile.
-1.  On DC01, using Group Policy Management, right-click the **Contoso** organizational unit (OU), and select **Create a GPO in this domain, and Link it here**.
-2.  Assign the name **BitLocker Policy** to the new Group Policy.
-3.  Expand the **Contoso** OU, right-click the **BitLocker Policy**, and select **Edit**. Configure the following policy settings:
-    Computer Configuration / Policies / Administrative Templates / Windows Components / BitLocker Drive Encryption / Operating System Drives
-    1.  Enable the **Choose how BitLocker-protected operating system drives can be recovered** policy, and configure the following settings:
-        1.  Allow data recovery agent (default)
-        2.  Save BitLocker recovery information to Active Directory Domain Services (default)
-        3.  Do not enable BitLocker until recovery information is stored in AD DS for operating system drives
-    2.  Enable the **Configure TPM platform validation profile for BIOS-based firmware configurations** policy.
-    3.  Enable the **Configure TPM platform validation profile for native UEFI firmware configurations** policy.
-        Computer Configuration / Policies / Administrative Templates / System / Trusted Platform Module Services
-    4.  Enable the **Turn on TPM backup to Active Directory Domain Services** policy.
-
-**Note**  
-If you consistently get the error "Windows BitLocker Drive Encryption Information. The system boot information has changed since BitLocker was enabled. You must supply a BitLocker recovery password to start this system." after encrypting a computer with BitLocker, you might have to change the various "Configure TPM platform validation profile" Group Policies, as well. Whether or not you need to do this will depend on the hardware you are using.
- 
-### Set permissions in Active Directory for BitLocker
-
-In addition to the Group Policy created previously, you need to configure permissions in Active Directory to be able to store the TPM recovery information. In these steps, we assume you have downloaded the [Add-TPMSelfWriteACE.vbs script](https://go.microsoft.com/fwlink/p/?LinkId=167133) from Microsoft to C:\\Setup\\Scripts on DC01.
-1.  On DC01, start an elevated PowerShell prompt (run as Administrator).
-2.  Configure the permissions by running the following command:
-
-    ``` syntax
-    cscript C:\Setup\Scripts\Add-TPMSelfWriteACE.vbs
-    ```
-
-![figure 4](images/mdt-09-fig04.png)
-
-Figure 4. Running the Add-TPMSelfWriteACE.vbs script on DC01.
-
-## <a href="" id="sec02"></a>Add BIOS configuration tools from Dell, HP, and Lenovo
-
-If you want to automate enabling the TPM chip as part of the deployment process, you need to download the vendor tools and add them to your task sequences, either directly or in a script wrapper.
-
-### Add tools from Dell
-
-The Dell tools are available via the Dell Client Configuration Toolkit (CCTK). The executable file from Dell is named cctk.exe. Here is a sample command to enable TPM and set a BIOS password using the cctk.exe tool:
-``` syntax
-cctk.exe --tpm=on --valsetuppwd=Password1234
-```
-### Add tools from HP
-
-The HP tools are part of HP System Software Manager. The executable file from HP is named BiosConfigUtility.exe. This utility uses a configuration file for the BIOS settings. Here is a sample command to enable TPM and set a BIOS password using the BiosConfigUtility.exe tool:
-
-``` syntax
-BIOSConfigUtility.EXE /SetConfig:TPMEnable.REPSET /NewAdminPassword:Password1234
-```
-And the sample content of the TPMEnable.REPSET file:
-
-``` syntax
-English
-Activate Embedded Security On Next Boot
-*Enable
-Embedded Security Activation Policy
-*No prompts
-F1 to Boot
-Allow user to reject
-Embedded Security Device Availability
-*Available
-```
-### Add tools from Lenovo
-
-The Lenovo tools are a set of VBScripts available as part of the Lenovo BIOS Setup using Windows Management Instrumentation Deployment Guide. Lenovo also provides a separate download of the scripts. Here is a sample command to enable TPM using the Lenovo tools:
-``` syntax
-cscript.exe SetConfig.vbs SecurityChip Active
-```
-## <a href="" id="sec03"></a>Configure the Windows 10 task sequence to enable BitLocker
-
-When configuring a task sequence to run any BitLocker tool, either directly or using a custom script, it is helpful if you also add some logic to detect whether the BIOS is already configured on the machine. In this task sequence, we are using a sample script (ZTICheckforTPM.wsf) from the Deployment Guys web page to check the status on the TPM chip. You can download this script from the Deployment Guys Blog post, [Check to see if the TPM is enabled](https://go.microsoft.com/fwlink/p/?LinkId=619549). In the following task sequence, we have added five actions:
--   **Check TPM Status.** Runs the ZTICheckforTPM.wsf script to determine if TPM is enabled. Depending on the status, the script will set the TPMEnabled and TPMActivated properties to either true or false.
--   **Configure BIOS for TPM.** Runs the vendor tools (in this case, HP, Dell, and Lenovo). To ensure this action is run only when necessary, add a condition so the action is run only when the TPM chip is not already activated. Use the properties from the ZTICheckforTPM.wsf.
-    **Note**  
-    It is common for organizations wrapping these tools in scripts to get additional logging and error handling.
-     
--   **Restart computer.** Self-explanatory, reboots the computer.
--   **Check TPM Status.** Runs the ZTICheckforTPM.wsf script one more time.
--   **Enable BitLocker.** Runs the built-in action to activate BitLocker.
-
-## Related topics
-
-[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
-
-[Configure MDT for UserExit scripts](configure-mdt-2013-for-userexit-scripts.md)
-
-[Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
-
-[Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
-
-[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt-2013.md)
-
-[Use web services in MDT](use-web-services-in-mdt-2013.md)
-
-[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt-2013.md)

windows/deploy/set-up-mdt-for-bitlocker.md

@@ -0,0 +1,159 @@
+---
+title: Set up MDT for BitLocker (Windows 10)
+ms.assetid: 386e6713-5c20-4d2a-a220-a38d94671a38
+description: 
+keywords: disk, encryption, TPM, configure, secure, script
+ms.prod: w10
+ms.mktglfcycl: deploy
+localizationpriority: high
+ms.sitesec: library
+ms.pagetype: mdt
+author: mtniehaus
+---
+
+# Set up MDT for BitLocker
+
+This topic will show you how to configure your environment for BitLocker, the disk volume encryption built into Windows 10 Enterprise and Windows 10 Pro, using MDT. BitLocker in Windows 10 has two requirements in regard to an operating system deployment:
+-   A protector, which can either be stored in the Trusted Platform Module (TPM) chip, or stored as a password. Technically, you also can use a USB stick to store the protector, but it's not a practical approach as the USB stick can be lost or stolen. We, therefore, recommend that you instead use a TPM chip and/or a password.
+-   Multiple partitions on the hard drive.
+
+To configure your environment for BitLocker, you will need to do the following:
+
+1.  Configure Active Directory for BitLocker.
+2.  Download the various BitLocker scripts and tools.
+3.  Configure the operating system deployment task sequence for BitLocker.
+4.  Configure the rules (CustomSettings.ini) for BitLocker.
+
+**Note**  
+Even though it is not a BitLocker requirement, we recommend configuring BitLocker to store the recovery key and TPM owner information in Active Directory. For additional information about these features, see [Backing Up BitLocker and TPM Recovery Information to AD DS](https://go.microsoft.com/fwlink/p/?LinkId=619548). If you have access to Microsoft BitLocker Administration and Monitoring (MBAM), which is part of Microsoft Desktop Optimization Pack (MDOP), you have additional management features for BitLocker.
+ 
+For the purposes of this topic, we will use DC01, a domain controller that is a member of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md#proof).
+
+## <a href="" id="sec01"></a>Configure Active Directory for BitLocker
+
+To enable BitLocker to store the recovery key and TPM information in Active Directory, you need to create a Group Policy for it in Active Directory. For this section, we are running Windows Server 2012 R2, so you do not need to extend the Schema. You do, however, need to set the appropriate permissions in Active Directory.
+
+**Note**  
+Depending on the Active Directory Schema version, you might need to update the Schema before you can store BitLocker information in Active Directory.
+ 
+In Windows Server 2012 R2 (as well as in Windows Server 2008 R2 and Windows Server 2012), you have access to the BitLocker Drive Encryption Administration Utilities features, which will help you manage BitLocker. When you install the features, the BitLocker Active Directory Recovery Password Viewer is included, and it extends Active Directory Users and Computers with BitLocker Recovery information.
+
+![figure 2](images/mdt-09-fig02.png)
+
+Figure 2. The BitLocker Recovery information on a computer object in the contoso.com domain.
+
+### Add the BitLocker Drive Encryption Administration Utilities
+
+The BitLocker Drive Encryption Administration Utilities are added as features via Server Manager (or Windows PowerShell):
+
+1.  On DC01, log on as **CONTOSO\\Administrator**, and, using Server Manager, click **Add roles and features**.
+2.  On the **Before you begin** page, click **Next**.
+3.  On the **Select installation type** page, select **Role-based or feature-based installation**, and click **Next**.
+4.  On the **Select destination server** page, select **DC01.contoso.com** and click **Next**.
+5.  On the **Select server roles** page, click **Next**.
+6.  On the **Select features** page, expand **Remote Server Administration Tools**, expand **Feature Administration Tools**, select the following features, and then click **Next**:
+    1.  BitLocker Drive Encryption Administration Utilities
+    2.  BitLocker Drive Encryption Tools
+    3.  BitLocker Recovery Password Viewer
+7.  On the **Confirm installation selections** page, click **Install** and then click **Close**.
+
+![figure 3](images/mdt-09-fig03.png)
+
+Figure 3. Selecting the BitLocker Drive Encryption Administration Utilities.
+
+### Create the BitLocker Group Policy
+
+Following these steps, you enable the backup of BitLocker and TPM recovery information to Active Directory. You also enable the policy for the TPM validation profile.
+1.  On DC01, using Group Policy Management, right-click the **Contoso** organizational unit (OU), and select **Create a GPO in this domain, and Link it here**.
+2.  Assign the name **BitLocker Policy** to the new Group Policy.
+3.  Expand the **Contoso** OU, right-click the **BitLocker Policy**, and select **Edit**. Configure the following policy settings:
+    Computer Configuration / Policies / Administrative Templates / Windows Components / BitLocker Drive Encryption / Operating System Drives
+    1.  Enable the **Choose how BitLocker-protected operating system drives can be recovered** policy, and configure the following settings:
+        1.  Allow data recovery agent (default)
+        2.  Save BitLocker recovery information to Active Directory Domain Services (default)
+        3.  Do not enable BitLocker until recovery information is stored in AD DS for operating system drives
+    2.  Enable the **Configure TPM platform validation profile for BIOS-based firmware configurations** policy.
+    3.  Enable the **Configure TPM platform validation profile for native UEFI firmware configurations** policy.
+        Computer Configuration / Policies / Administrative Templates / System / Trusted Platform Module Services
+    4.  Enable the **Turn on TPM backup to Active Directory Domain Services** policy.
+
+**Note**  
+If you consistently get the error "Windows BitLocker Drive Encryption Information. The system boot information has changed since BitLocker was enabled. You must supply a BitLocker recovery password to start this system." after encrypting a computer with BitLocker, you might have to change the various "Configure TPM platform validation profile" Group Policies, as well. Whether or not you need to do this will depend on the hardware you are using.
+ 
+### Set permissions in Active Directory for BitLocker
+
+In addition to the Group Policy created previously, you need to configure permissions in Active Directory to be able to store the TPM recovery information. In these steps, we assume you have downloaded the [Add-TPMSelfWriteACE.vbs script](https://go.microsoft.com/fwlink/p/?LinkId=167133) from Microsoft to C:\\Setup\\Scripts on DC01.
+1.  On DC01, start an elevated PowerShell prompt (run as Administrator).
+2.  Configure the permissions by running the following command:
+
+    ``` syntax
+    cscript C:\Setup\Scripts\Add-TPMSelfWriteACE.vbs
+    ```
+
+![figure 4](images/mdt-09-fig04.png)
+
+Figure 4. Running the Add-TPMSelfWriteACE.vbs script on DC01.
+
+## <a href="" id="sec02"></a>Add BIOS configuration tools from Dell, HP, and Lenovo
+
+If you want to automate enabling the TPM chip as part of the deployment process, you need to download the vendor tools and add them to your task sequences, either directly or in a script wrapper.
+
+### Add tools from Dell
+
+The Dell tools are available via the Dell Client Configuration Toolkit (CCTK). The executable file from Dell is named cctk.exe. Here is a sample command to enable TPM and set a BIOS password using the cctk.exe tool:
+``` syntax
+cctk.exe --tpm=on --valsetuppwd=Password1234
+```
+### Add tools from HP
+
+The HP tools are part of HP System Software Manager. The executable file from HP is named BiosConfigUtility.exe. This utility uses a configuration file for the BIOS settings. Here is a sample command to enable TPM and set a BIOS password using the BiosConfigUtility.exe tool:
+
+``` syntax
+BIOSConfigUtility.EXE /SetConfig:TPMEnable.REPSET /NewAdminPassword:Password1234
+```
+And the sample content of the TPMEnable.REPSET file:
+
+``` syntax
+English
+Activate Embedded Security On Next Boot
+*Enable
+Embedded Security Activation Policy
+*No prompts
+F1 to Boot
+Allow user to reject
+Embedded Security Device Availability
+*Available
+```
+### Add tools from Lenovo
+
+The Lenovo tools are a set of VBScripts available as part of the Lenovo BIOS Setup using Windows Management Instrumentation Deployment Guide. Lenovo also provides a separate download of the scripts. Here is a sample command to enable TPM using the Lenovo tools:
+``` syntax
+cscript.exe SetConfig.vbs SecurityChip Active
+```
+## <a href="" id="sec03"></a>Configure the Windows 10 task sequence to enable BitLocker
+
+When configuring a task sequence to run any BitLocker tool, either directly or using a custom script, it is helpful if you also add some logic to detect whether the BIOS is already configured on the machine. In this task sequence, we are using a sample script (ZTICheckforTPM.wsf) from the Deployment Guys web page to check the status on the TPM chip. You can download this script from the Deployment Guys Blog post, [Check to see if the TPM is enabled](https://go.microsoft.com/fwlink/p/?LinkId=619549). In the following task sequence, we have added five actions:
+-   **Check TPM Status.** Runs the ZTICheckforTPM.wsf script to determine if TPM is enabled. Depending on the status, the script will set the TPMEnabled and TPMActivated properties to either true or false.
+-   **Configure BIOS for TPM.** Runs the vendor tools (in this case, HP, Dell, and Lenovo). To ensure this action is run only when necessary, add a condition so the action is run only when the TPM chip is not already activated. Use the properties from the ZTICheckforTPM.wsf.
+    **Note**  
+    It is common for organizations wrapping these tools in scripts to get additional logging and error handling.
+     
+-   **Restart computer.** Self-explanatory, reboots the computer.
+-   **Check TPM Status.** Runs the ZTICheckforTPM.wsf script one more time.
+-   **Enable BitLocker.** Runs the built-in action to activate BitLocker.
+
+## Related topics
+
+[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
+
+[Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md)
+
+[Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
+
+[Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
+
+[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md)
+
+[Use web services in MDT](use-web-services-in-mdt.md)
+
+[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt.md)

windows/deploy/simulate-a-windows-10-deployment-in-a-test-environment.md

@@ -50,16 +50,16 @@ Figure 7. The ZTIGather.log file from PC0001, displaying some of its hardware ca
 
 ## Related topics
 
-[Set up MDT for BitLocker](set-up-mdt-2013-for-bitlocker.md)
+[Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md)
 
 [Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
 
-[Configure MDT for UserExit scripts](configure-mdt-2013-for-userexit-scripts.md)
+[Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md)
 
 [Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
 
-[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt-2013.md)
+[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md)
 
-[Use web services in MDT](use-web-services-in-mdt-2013.md)
+[Use web services in MDT](use-web-services-in-mdt.md)
 
-[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt-2013.md)
+[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt.md)

windows/deploy/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md

@@ -28,7 +28,7 @@ Figure 1. The machines used in this topic.
 
 ## Set up the upgrade task sequence
 
-MDT 2013 Update 2 adds support for Windows 10 deployment, including a new in-place upgrade task sequence template that makes the process really simple.
+MDT adds support for Windows 10 deployment, including a new in-place upgrade task sequence template that makes the process really simple.
 
 ## Create the MDT production deployment share
 

windows/deploy/use-orchestrator-runbooks-with-mdt-2013.md

@@ -1,174 +1,4 @@
 ---
 title: Use Orchestrator runbooks with MDT (Windows 10)
-description: This topic will show you how to integrate Microsoft System Center 2012 R2 Orchestrator with MDT to replace the existing web services that are used in deployment solutions.
+redirect_url: use-orchestrator-runbooks-with-mdt
-ms.assetid: 68302780-1f6f-4a9c-9407-b14371fdce3f
-keywords: web services, database
-ms.prod: w10
-ms.mktglfcycl: deploy
-localizationpriority: high
-ms.sitesec: library
-ms.pagetype: mdt
-author: mtniehaus
 ---
-
-# Use Orchestrator runbooks with MDT
-
-This topic will show you how to integrate Microsoft System Center 2012 R2 Orchestrator with MDT to replace the existing web services that are used in deployment solutions.
-MDT can integrate with System Center 2012 R2 Orchestrator, which is a component that ties the Microsoft System Center products together, as well as other products from both Microsoft and third-party vendors. The difference between using Orchestrator and "normal" web services, is that with Orchestrator you have a rich drag-and-drop style interface when building the solution, and little or no coding is required.
-
-**Note**  
-If you are licensed to use Orchestrator, we highly recommend that you start using it. To find out more about licensing options for System Center 2012 R2 and Orchestrator, visit the [System Center 2012 R2](https://go.microsoft.com/fwlink/p/?LinkId=619553) website.
- 
-## <a href="" id="sec01"></a>Orchestrator terminology
-
-Before diving into the core details, here is a quick course in Orchestrator terminology:
--   **Orchestrator Server.** This is a server that executes runbooks.
--   **Runbooks.** A runbook is similar to a task sequence; it is a series of instructions based on conditions. Runbooks consist of workflow activities; an activity could be Copy File, Get User from Active Directory, or even Write to Database.
--   **Orchestrator Designer.** This is where you build the runbooks. In brief, you do that by creating an empty runbook, dragging in the activities you need, and then connecting them in a workflow with conditions and subscriptions.
--   **Subscriptions.** These are variables that come from an earlier activity in the runbook. So if you first execute an activity in which you type in a computer name, you can then subscribe to that value in the next activity. All these variables are accumulated during the execution of the runbook.
--   **Orchestrator Console.** This is the Microsoft Silverlight-based web page you can use interactively to execute runbooks. The console listens to TCP port 81 by default.
--   **Orchestrator web services.** These are the web services you use in the Microsoft Deployment Toolkit to execute runbooks during deployment. The web services listen to TCP port 82 by default.
--   **Integration packs.** These provide additional workflow activities you can import to integrate with other products or solutions, like the rest of Active Directory, other System Center 2012 R2 products, or Microsoft Exchange Server, to name a few.
-
-**Note**  
-To find and download additional integration packs, see [Integration Packs for System Center 2012 - Orchestrator](https://go.microsoft.com/fwlink/p/?LinkId=619554).
- 
-## <a href="" id="sec02"></a>Create a sample runbook
-
-This section assumes you have Orchestrator 2012 R2 installed on a server named OR01. In this section, you create a sample runbook, which is used to log some of the MDT deployment information into a text file on OR01.
-
-1.  On OR01, using File Explorer, create the **E:\\Logfile** folder, and grant Users modify permissions (NTFS).
-2.  In the **E:\\Logfile** folder, create the DeployLog.txt file.
-    **Note**  
-    Make sure File Explorer is configured to show known file extensions so the file is not named DeployLog.txt.txt.
-     
-    ![figure 23](images/mdt-09-fig23.png)
-
-    Figure 23. The DeployLog.txt file.
-
-3.  Using System Center 2012 R2 Orchestrator Runbook Designer, in the **Runbooks** node, create the **1.0 MDT** folder.
-
-    ![figure 24](images/mdt-09-fig24.png)
-
-    Figure 24. Folder created in the Runbooks node.
-
-4.  In the **Runbooks** node, right-click the **1.0 MDT** folder, and select **New / Runbook**.
-5.  On the ribbon bar, click **Check Out**.
-6.  Right-click the **New Runbook** label, select **Rename**, and assign the name **MDT Sample**.
-7.  Add (using a drag-and-drop operation) the following items from the **Activities** list to the middle pane:
-    1.  Runbook Control / Initialize Data
-    2.  Text File Management / Append Line
-8.  Connect **Initialize Data** to **Append Line**.
-
-    ![figure 25](images/mdt-09-fig25.png)
-
-    Figure 25. Activities added and connected.
-
-9.  Right-click the **Initialize Data** activity, and select **Properties**
-10. On **the Initialize Data Properties** page, click **Add**, change **Parameter 1** to **OSDComputerName**, and then click **Finish**.
-
-    ![figure 26](images/mdt-09-fig26.png)
-
-    Figure 26. The Initialize Data Properties window.
-
-11. Right-click the **Append Line** activity, and select **Properties**.
-12. On the **Append Line Properties** page, in the **File** text box, type **E:\\Logfile\\DeployLog.txt**.
-13. In the **File** encoding drop-down list, select **ASCII**.
-14. In the **Append** area, right-click inside the **Text** text box and select **Expand**.
-
-    ![figure 27](images/mdt-09-fig27.png)
-
-    Figure 27. Expanding the Text area.
-
-15. In the blank text box, right-click and select **Subscribe / Published Data**.
-
-    ![figure 28](images/mdt-09-fig28.png)
-
-    Figure 28. Subscribing to data.
-
-16. In the **Published Data** window, select the **OSDComputerName** item, and click **OK**.
-17. After the **{OSDComputerName from "Initialize Data"}** text, type in **has been deployed at** and, once again, right-click and select **Subscribe / Published Data**.
-18. In the **Published Data** window, select the **Show common Published Data** check box, select the **Activity end time** item, and click **OK**.
-
-    ![figure 29](images/mdt-09-fig29.png)
-
-    Figure 29. The expanded text box after all subscriptions have been added.
-
-19. On the **Append Line Properties** page, click **Finish**.
-## <a href="" id="sec03"></a>Test the demo MDT runbook
-After the runbook is created, you are ready to test it.
-1.  On the ribbon bar, click **Runbook Tester**.
-2.  Click **Run**, and in the **Initialize Data Parameters** dialog box, use the following setting and then click **OK**:
-    -   OSDComputerName: PC0010
-3.  Verify that all activities are green (for additional information, see each target).
-4.  Close the **Runbook Tester**.
-5.  On the ribbon bar, click **Check In**.
-
-![figure 30](images/mdt-09-fig30.png)
-
-Figure 30. All tests completed.
-
-## Use the MDT demo runbook from MDT
-
-1.  On MDT01, using the Deployment Workbench, in the MDT Production deployment share, select the **Task Sequences** node, and create a folder named **Orchestrator**.
-2.  Right-click the **Orchestrator** node, and select **New Task Sequence**. Use the following settings for the New Task Sequence Wizard:
-    1.  Task sequence ID: OR001
-    2.  Task sequence name: Orchestrator Sample
-    3.  Task sequence comments: &lt;blank&gt;
-    4.  Template: Custom Task Sequence
-3.  In the **Orchestrator** node, double-click the **Orchestrator Sample** task sequence, and then select the **Task Sequence** tab.
-4.  Remove the default **Application Install** action.
-5.  Add a **Gather** action and select the **Gather only local data (do not process rules)** option.
-6.  After the **Gather** action, add a **Set Task Sequence Variable** action with the following settings:
-    1.  Name: Set Task Sequence Variable
-    2.  Task Sequence Variable: OSDComputerName
-    3.  Value: %hostname%
-7.  After the **Set Task Sequence Variable** action, add a new **Execute Orchestrator Runbook** action with the following settings:
-    1.  Orchestrator Server: OR01.contoso.com
-    2.  Use Browse to select **1.0 MDT / MDT Sample**.
-8.  Click **OK**.
-
-![figure 31](images/mdt-09-fig31.png)
-
-Figure 31. The ready-made task sequence.
-
-## Run the orchestrator sample task sequence
-
-Since this task sequence just starts a runbook, you can test this on the PC0001 client that you used for the MDT simulation environment.
-**Note**  
-Make sure the account you are using has permissions to run runbooks on the Orchestrator server. For more information about runbook permissions, see [Runbook Permissions](https://go.microsoft.com/fwlink/p/?LinkId=619555).
- 
-1.  On PC0001, log on as **CONTOSO\\MDT\_BA**.
-2.  Using an elevated command prompt (run as Administrator), type the following command:
-
-    ``` syntax
-    cscript \\MDT01\MDTProduction$\Scripts\Litetouch.vbs
-    ```
-3.  Complete the Windows Deployment Wizard using the following information:
-    1.  Task Sequence: Orchestrator Sample
-    2.  Credentials:
-        1.  User Name: MDT\_BA
-        2.  Password: P@ssw0rd
-        3.  Domain: CONTOSO
-4.  Wait until the task sequence is completed and then verify that the DeployLog.txt file in the E:\\Logfile folder on OR01 was updated.
-
-![figure 32](images/mdt-09-fig32.png)
-
-Figure 32. The ready-made task sequence.
-
-## Related topics
-
-[Set up MDT for BitLocker](set-up-mdt-2013-for-bitlocker.md)
-
-[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
-
-[Configure MDT for UserExit scripts](configure-mdt-2013-for-userexit-scripts.md)
-
-[Simulate a Windows10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
-
-[Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
-
-
-[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt-2013.md)
-
-[Use web services in MDT](use-web-services-in-mdt-2013.md)

windows/deploy/use-orchestrator-runbooks-with-mdt.md

@@ -0,0 +1,174 @@
+---
+title: Use Orchestrator runbooks with MDT (Windows 10)
+description: This topic will show you how to integrate Microsoft System Center 2012 R2 Orchestrator with MDT to replace the existing web services that are used in deployment solutions.
+ms.assetid: 68302780-1f6f-4a9c-9407-b14371fdce3f
+keywords: web services, database
+ms.prod: w10
+ms.mktglfcycl: deploy
+localizationpriority: high
+ms.sitesec: library
+ms.pagetype: mdt
+author: mtniehaus
+---
+
+# Use Orchestrator runbooks with MDT
+
+This topic will show you how to integrate Microsoft System Center 2012 R2 Orchestrator with MDT to replace the existing web services that are used in deployment solutions.
+MDT can integrate with System Center 2012 R2 Orchestrator, which is a component that ties the Microsoft System Center products together, as well as other products from both Microsoft and third-party vendors. The difference between using Orchestrator and "normal" web services, is that with Orchestrator you have a rich drag-and-drop style interface when building the solution, and little or no coding is required.
+
+**Note**  
+If you are licensed to use Orchestrator, we highly recommend that you start using it. To find out more about licensing options for System Center 2012 R2 and Orchestrator, visit the [System Center 2012 R2](https://go.microsoft.com/fwlink/p/?LinkId=619553) website.
+ 
+## <a href="" id="sec01"></a>Orchestrator terminology
+
+Before diving into the core details, here is a quick course in Orchestrator terminology:
+-   **Orchestrator Server.** This is a server that executes runbooks.
+-   **Runbooks.** A runbook is similar to a task sequence; it is a series of instructions based on conditions. Runbooks consist of workflow activities; an activity could be Copy File, Get User from Active Directory, or even Write to Database.
+-   **Orchestrator Designer.** This is where you build the runbooks. In brief, you do that by creating an empty runbook, dragging in the activities you need, and then connecting them in a workflow with conditions and subscriptions.
+-   **Subscriptions.** These are variables that come from an earlier activity in the runbook. So if you first execute an activity in which you type in a computer name, you can then subscribe to that value in the next activity. All these variables are accumulated during the execution of the runbook.
+-   **Orchestrator Console.** This is the Microsoft Silverlight-based web page you can use interactively to execute runbooks. The console listens to TCP port 81 by default.
+-   **Orchestrator web services.** These are the web services you use in the Microsoft Deployment Toolkit to execute runbooks during deployment. The web services listen to TCP port 82 by default.
+-   **Integration packs.** These provide additional workflow activities you can import to integrate with other products or solutions, like the rest of Active Directory, other System Center 2012 R2 products, or Microsoft Exchange Server, to name a few.
+
+**Note**  
+To find and download additional integration packs, see [Integration Packs for System Center 2012 - Orchestrator](https://go.microsoft.com/fwlink/p/?LinkId=619554).
+ 
+## <a href="" id="sec02"></a>Create a sample runbook
+
+This section assumes you have Orchestrator 2012 R2 installed on a server named OR01. In this section, you create a sample runbook, which is used to log some of the MDT deployment information into a text file on OR01.
+
+1.  On OR01, using File Explorer, create the **E:\\Logfile** folder, and grant Users modify permissions (NTFS).
+2.  In the **E:\\Logfile** folder, create the DeployLog.txt file.
+    **Note**  
+    Make sure File Explorer is configured to show known file extensions so the file is not named DeployLog.txt.txt.
+     
+    ![figure 23](images/mdt-09-fig23.png)
+
+    Figure 23. The DeployLog.txt file.
+
+3.  Using System Center 2012 R2 Orchestrator Runbook Designer, in the **Runbooks** node, create the **1.0 MDT** folder.
+
+    ![figure 24](images/mdt-09-fig24.png)
+
+    Figure 24. Folder created in the Runbooks node.
+
+4.  In the **Runbooks** node, right-click the **1.0 MDT** folder, and select **New / Runbook**.
+5.  On the ribbon bar, click **Check Out**.
+6.  Right-click the **New Runbook** label, select **Rename**, and assign the name **MDT Sample**.
+7.  Add (using a drag-and-drop operation) the following items from the **Activities** list to the middle pane:
+    1.  Runbook Control / Initialize Data
+    2.  Text File Management / Append Line
+8.  Connect **Initialize Data** to **Append Line**.
+
+    ![figure 25](images/mdt-09-fig25.png)
+
+    Figure 25. Activities added and connected.
+
+9.  Right-click the **Initialize Data** activity, and select **Properties**
+10. On **the Initialize Data Properties** page, click **Add**, change **Parameter 1** to **OSDComputerName**, and then click **Finish**.
+
+    ![figure 26](images/mdt-09-fig26.png)
+
+    Figure 26. The Initialize Data Properties window.
+
+11. Right-click the **Append Line** activity, and select **Properties**.
+12. On the **Append Line Properties** page, in the **File** text box, type **E:\\Logfile\\DeployLog.txt**.
+13. In the **File** encoding drop-down list, select **ASCII**.
+14. In the **Append** area, right-click inside the **Text** text box and select **Expand**.
+
+    ![figure 27](images/mdt-09-fig27.png)
+
+    Figure 27. Expanding the Text area.
+
+15. In the blank text box, right-click and select **Subscribe / Published Data**.
+
+    ![figure 28](images/mdt-09-fig28.png)
+
+    Figure 28. Subscribing to data.
+
+16. In the **Published Data** window, select the **OSDComputerName** item, and click **OK**.
+17. After the **{OSDComputerName from "Initialize Data"}** text, type in **has been deployed at** and, once again, right-click and select **Subscribe / Published Data**.
+18. In the **Published Data** window, select the **Show common Published Data** check box, select the **Activity end time** item, and click **OK**.
+
+    ![figure 29](images/mdt-09-fig29.png)
+
+    Figure 29. The expanded text box after all subscriptions have been added.
+
+19. On the **Append Line Properties** page, click **Finish**.
+## <a href="" id="sec03"></a>Test the demo MDT runbook
+After the runbook is created, you are ready to test it.
+1.  On the ribbon bar, click **Runbook Tester**.
+2.  Click **Run**, and in the **Initialize Data Parameters** dialog box, use the following setting and then click **OK**:
+    -   OSDComputerName: PC0010
+3.  Verify that all activities are green (for additional information, see each target).
+4.  Close the **Runbook Tester**.
+5.  On the ribbon bar, click **Check In**.
+
+![figure 30](images/mdt-09-fig30.png)
+
+Figure 30. All tests completed.
+
+## Use the MDT demo runbook from MDT
+
+1.  On MDT01, using the Deployment Workbench, in the MDT Production deployment share, select the **Task Sequences** node, and create a folder named **Orchestrator**.
+2.  Right-click the **Orchestrator** node, and select **New Task Sequence**. Use the following settings for the New Task Sequence Wizard:
+    1.  Task sequence ID: OR001
+    2.  Task sequence name: Orchestrator Sample
+    3.  Task sequence comments: &lt;blank&gt;
+    4.  Template: Custom Task Sequence
+3.  In the **Orchestrator** node, double-click the **Orchestrator Sample** task sequence, and then select the **Task Sequence** tab.
+4.  Remove the default **Application Install** action.
+5.  Add a **Gather** action and select the **Gather only local data (do not process rules)** option.
+6.  After the **Gather** action, add a **Set Task Sequence Variable** action with the following settings:
+    1.  Name: Set Task Sequence Variable
+    2.  Task Sequence Variable: OSDComputerName
+    3.  Value: %hostname%
+7.  After the **Set Task Sequence Variable** action, add a new **Execute Orchestrator Runbook** action with the following settings:
+    1.  Orchestrator Server: OR01.contoso.com
+    2.  Use Browse to select **1.0 MDT / MDT Sample**.
+8.  Click **OK**.
+
+![figure 31](images/mdt-09-fig31.png)
+
+Figure 31. The ready-made task sequence.
+
+## Run the orchestrator sample task sequence
+
+Since this task sequence just starts a runbook, you can test this on the PC0001 client that you used for the MDT simulation environment.
+**Note**  
+Make sure the account you are using has permissions to run runbooks on the Orchestrator server. For more information about runbook permissions, see [Runbook Permissions](https://go.microsoft.com/fwlink/p/?LinkId=619555).
+ 
+1.  On PC0001, log on as **CONTOSO\\MDT\_BA**.
+2.  Using an elevated command prompt (run as Administrator), type the following command:
+
+    ``` syntax
+    cscript \\MDT01\MDTProduction$\Scripts\Litetouch.vbs
+    ```
+3.  Complete the Windows Deployment Wizard using the following information:
+    1.  Task Sequence: Orchestrator Sample
+    2.  Credentials:
+        1.  User Name: MDT\_BA
+        2.  Password: P@ssw0rd
+        3.  Domain: CONTOSO
+4.  Wait until the task sequence is completed and then verify that the DeployLog.txt file in the E:\\Logfile folder on OR01 was updated.
+
+![figure 32](images/mdt-09-fig32.png)
+
+Figure 32. The ready-made task sequence.
+
+## Related topics
+
+[Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md)
+
+[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
+
+[Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md)
+
+[Simulate a Windows10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
+
+[Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
+
+
+[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md)
+
+[Use web services in MDT](use-web-services-in-mdt.md)

windows/deploy/use-the-mdt-database-to-stage-windows-10-deployment-information.md

@@ -77,16 +77,16 @@ Figure 11. Adding the PC00075 computer to the database.
 
 ## Related topics
 
-[Set up MDT for BitLocker](set-up-mdt-2013-for-bitlocker.md)
+[Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md)
 
 [Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
 
-[Configure MDT for UserExit scripts](configure-mdt-2013-for-userexit-scripts.md)
+[Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md)
 
 [Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
 
-[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt-2013.md)
+[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md)
 
-[Use web services in MDT](use-web-services-in-mdt-2013.md)
+[Use web services in MDT](use-web-services-in-mdt.md)
 
-[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt-2013.md)
+[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt.md)

windows/deploy/use-web-services-in-mdt-2013.md

@@ -1,132 +1,6 @@
 ---
 title: Use web services in MDT (Windows 10)
-description: In this topic, you will learn how to create a simple web service that generates computer names and then configure MDT to use that service during your Windows 10 deployment.
+redirect_url: use-web-services-in-mdt
-ms.assetid: 8f47535e-0551-4ccb-8f02-bb97539c6522
-keywords: deploy, web apps
-ms.prod: w10
-ms.mktglfcycl: deploy
-localizationpriority: high
-ms.pagetype: mdt
-ms.sitesec: library
-author: mtniehaus
 ---
 
-# Use web services in MDT
-
-In this topic, you will learn how to create a simple web service that generates computer names and then configure MDT to use that service during your Windows 10 deployment. Web services provide a powerful way to assign settings during a deployment. Simply put, web services are web applications that run code on the server side, and MDT has built-in functions to call these web services.
-Using a web service in MDT is straightforward, but it does require that you have enabled the Web Server (IIS) role on the server. Developing web services involves a little bit of coding, but for most web services used with MDT, you can use the free Microsoft Visual Studio Express 2013 for Web.
-
-## <a href="" id="sec01"></a>Create a sample web service
-
-In these steps we assume you have installed Microsoft Visual Studio Express 2013 for Web on PC0001 (the Windows 10 client) and downloaded the [MDT Sample Web Service](https://go.microsoft.com/fwlink/p/?LinkId=619363) from the Microsoft Download Center and extracted it to C:\\Projects.
-1.  On PC0001, using Visual Studio Express 2013 for Web, open the C:\\Projects\\MDTSample\\ MDTSample.sln solution file.
-2.  On the ribbon bar, verify that Release is selected.
-3.  In the **Debug** menu, select the **Build MDTSample** action.
-4.  On MDT01, create a folder structure for **E:\\MDTSample\\bin**.
-5.  From PC0001, copy the C:\\Projects\\MDTSample\\obj\\Release\\MDTSample.dll file to the **E:\\MDTSample\\bin** folder on MDT01.
-6.  From PC0001, copy the following files from C:\\Projects\\MDTSample file to the **E:\\MDTSample** folder on MDT01:
-    1.  Web.config
-    2.  mdtsample.asmx
-
-![figure 15](images/mdt-09-fig15.png)
-
-Figure 15. The sample project in Microsoft Visual Studio Express 2013 for Web.
-
-## <a href="" id="sec02"></a>Create an application pool for the web service
-
-This section assumes that you have enabled the Web Server (IIS) role on MDT01.
-1.  On MDT01, using Server Manager, install the **IIS Management Console** role (available under Web Server (IIS) / Management Tools).
-2.  Using Internet Information Services (IIS) Manager, expand the **MDT01 (CONTOSO\\Administrator)** node. If prompted with the "Do you want to get started with Microsoft Web Platform?" question, select the **Do not show this message** check box and then click **No**.
-3.  Right-click **Application Pools**, select **Add Application Pool**, and configure the new application pool with the following settings:
-    1.  Name: MDTSample
-    2.  .NET Framework version: .NET Framework 4.0.30319
-    3.  Manage pipeline mode: Integrated
-    4.  Select the **Start application pool immediately** check box.
-    5.  Click **OK**.
-
-![figure 16](images/mdt-09-fig16.png)
-
-Figure 16. The new MDTSample application.
-
-## <a href="" id="sec03"></a>Install the web service
-
-1.  On MDT01, using Internet Information Services (IIS) Manager, expand **Sites**, right-click **Default Web Site**, and select **Add Application**. Use the following settings for the application:
-    1.  Alias: MDTSample
-    2.  Application pool: MDTSample
-    3.  Physical Path: E:\\MDTSample
-
-    ![figure 17](images/mdt-09-fig17.png)
-
-    Figure 17. Adding the MDTSample web application.
-
-2.  In the **Default Web Site** node, select the MDTSample web application, and in the right pane, double-click **Authentication**. Use the following settings for the **Authentication** dialog box:
-    1.  Anonymous Authentication: Enabled
-    2.  ASP.NET Impersonation: Disabled
-
-![figure 18](images/mdt-09-fig18.png)
-
-Figure 18. Configuring Authentication for the MDTSample web service.
-
-## <a href="" id="sec04"></a>Test the web service in Internet Explorer
-
-1.  On PC0001, using Internet Explorer, navigate to: **http://MDT01/MDTSample/mdtsample.asmx**.
-2.  Click the **GetComputerName** link.
-
-    ![figure 19](images/mdt-09-fig19.png)
-
-    Figure 19. The MDT Sample web service.
-3.  On the **GetComputerName** page, type in the following settings, and click **Invoke**:
-    1.  Model: Hewlett-Packard
-    2.  SerialNumber: 123456789
-
-![figure 20](images/mdt-09-fig20.png)
-
-Figure 20. The result from the MDT Sample web service.
-
-## <a href="" id="sec05"></a>Test the web service in the MDT simulation environment
-
-After verifying the web service using Internet Explorer, you are ready to do the same test in the MDT simulation environment.
-
-1.  On PC0001, edit the CustomSettings.ini file in the **C:\\MDT** folder to look like the following:
-    ``` syntax
-    [Settings]
-    Priority=Default, GetComputerName
-    [Default]
-    OSInstall=YES
-    [GetComputerName]
-    WebService=http://mdt01/MDTSample/mdtsample.asmx/GetComputerName
-    Parameters=Model,SerialNumber
-    OSDComputerName=string
-    ```
-    ![figure 21](images/mdt-09-fig21.png)
-
-    Figure 21. The updated CustomSettings.ini file.
-
-2.  Save the CustomSettings.ini file.
-3.  Using an elevated Windows PowerShell prompt (run as Administrator), run the following commands. Press **Enter** after each command:
-    ``` syntax
-    Set-Location C:\MDT
-    .\Gather.ps1
-    ```
-4.  Review the ZTIGather.log in the **C:\\MININT\\SMSOSD\\OSDLOGS** folder.
-
-![figure 22](images/mdt-09-fig22.png)
-
-Figure 22. The OSDCOMPUTERNAME value obtained from the web service.
-
-## Related topics
-
-[Set up MDT for BitLocker](set-up-mdt-2013-for-bitlocker.md)
-
-[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
-
-[Configure MDT for UserExit scripts](configure-mdt-2013-for-userexit-scripts.md)
-
-[Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
-
-[Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
-
-[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt-2013.md)
-
-[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt-2013.md)
  

windows/deploy/use-web-services-in-mdt.md

@@ -0,0 +1,132 @@
+---
+title: Use web services in MDT (Windows 10)
+description: In this topic, you will learn how to create a simple web service that generates computer names and then configure MDT to use that service during your Windows 10 deployment.
+ms.assetid: 8f47535e-0551-4ccb-8f02-bb97539c6522
+keywords: deploy, web apps
+ms.prod: w10
+ms.mktglfcycl: deploy
+localizationpriority: high
+ms.pagetype: mdt
+ms.sitesec: library
+author: mtniehaus
+---
+
+# Use web services in MDT
+
+In this topic, you will learn how to create a simple web service that generates computer names and then configure MDT to use that service during your Windows 10 deployment. Web services provide a powerful way to assign settings during a deployment. Simply put, web services are web applications that run code on the server side, and MDT has built-in functions to call these web services.
+Using a web service in MDT is straightforward, but it does require that you have enabled the Web Server (IIS) role on the server. Developing web services involves a little bit of coding, but for most web services used with MDT, you can use the free Microsoft Visual Studio Express 2013 for Web.
+
+## <a href="" id="sec01"></a>Create a sample web service
+
+In these steps we assume you have installed Microsoft Visual Studio Express 2013 for Web on PC0001 (the Windows 10 client) and downloaded the [MDT Sample Web Service](https://go.microsoft.com/fwlink/p/?LinkId=619363) from the Microsoft Download Center and extracted it to C:\\Projects.
+1.  On PC0001, using Visual Studio Express 2013 for Web, open the C:\\Projects\\MDTSample\\ MDTSample.sln solution file.
+2.  On the ribbon bar, verify that Release is selected.
+3.  In the **Debug** menu, select the **Build MDTSample** action.
+4.  On MDT01, create a folder structure for **E:\\MDTSample\\bin**.
+5.  From PC0001, copy the C:\\Projects\\MDTSample\\obj\\Release\\MDTSample.dll file to the **E:\\MDTSample\\bin** folder on MDT01.
+6.  From PC0001, copy the following files from C:\\Projects\\MDTSample file to the **E:\\MDTSample** folder on MDT01:
+    1.  Web.config
+    2.  mdtsample.asmx
+
+![figure 15](images/mdt-09-fig15.png)
+
+Figure 15. The sample project in Microsoft Visual Studio Express 2013 for Web.
+
+## <a href="" id="sec02"></a>Create an application pool for the web service
+
+This section assumes that you have enabled the Web Server (IIS) role on MDT01.
+1.  On MDT01, using Server Manager, install the **IIS Management Console** role (available under Web Server (IIS) / Management Tools).
+2.  Using Internet Information Services (IIS) Manager, expand the **MDT01 (CONTOSO\\Administrator)** node. If prompted with the "Do you want to get started with Microsoft Web Platform?" question, select the **Do not show this message** check box and then click **No**.
+3.  Right-click **Application Pools**, select **Add Application Pool**, and configure the new application pool with the following settings:
+    1.  Name: MDTSample
+    2.  .NET Framework version: .NET Framework 4.0.30319
+    3.  Manage pipeline mode: Integrated
+    4.  Select the **Start application pool immediately** check box.
+    5.  Click **OK**.
+
+![figure 16](images/mdt-09-fig16.png)
+
+Figure 16. The new MDTSample application.
+
+## <a href="" id="sec03"></a>Install the web service
+
+1.  On MDT01, using Internet Information Services (IIS) Manager, expand **Sites**, right-click **Default Web Site**, and select **Add Application**. Use the following settings for the application:
+    1.  Alias: MDTSample
+    2.  Application pool: MDTSample
+    3.  Physical Path: E:\\MDTSample
+
+    ![figure 17](images/mdt-09-fig17.png)
+
+    Figure 17. Adding the MDTSample web application.
+
+2.  In the **Default Web Site** node, select the MDTSample web application, and in the right pane, double-click **Authentication**. Use the following settings for the **Authentication** dialog box:
+    1.  Anonymous Authentication: Enabled
+    2.  ASP.NET Impersonation: Disabled
+
+![figure 18](images/mdt-09-fig18.png)
+
+Figure 18. Configuring Authentication for the MDTSample web service.
+
+## <a href="" id="sec04"></a>Test the web service in Internet Explorer
+
+1.  On PC0001, using Internet Explorer, navigate to: **http://MDT01/MDTSample/mdtsample.asmx**.
+2.  Click the **GetComputerName** link.
+
+    ![figure 19](images/mdt-09-fig19.png)
+
+    Figure 19. The MDT Sample web service.
+3.  On the **GetComputerName** page, type in the following settings, and click **Invoke**:
+    1.  Model: Hewlett-Packard
+    2.  SerialNumber: 123456789
+
+![figure 20](images/mdt-09-fig20.png)
+
+Figure 20. The result from the MDT Sample web service.
+
+## <a href="" id="sec05"></a>Test the web service in the MDT simulation environment
+
+After verifying the web service using Internet Explorer, you are ready to do the same test in the MDT simulation environment.
+
+1.  On PC0001, edit the CustomSettings.ini file in the **C:\\MDT** folder to look like the following:
+    ``` syntax
+    [Settings]
+    Priority=Default, GetComputerName
+    [Default]
+    OSInstall=YES
+    [GetComputerName]
+    WebService=http://mdt01/MDTSample/mdtsample.asmx/GetComputerName
+    Parameters=Model,SerialNumber
+    OSDComputerName=string
+    ```
+    ![figure 21](images/mdt-09-fig21.png)
+
+    Figure 21. The updated CustomSettings.ini file.
+
+2.  Save the CustomSettings.ini file.
+3.  Using an elevated Windows PowerShell prompt (run as Administrator), run the following commands. Press **Enter** after each command:
+    ``` syntax
+    Set-Location C:\MDT
+    .\Gather.ps1
+    ```
+4.  Review the ZTIGather.log in the **C:\\MININT\\SMSOSD\\OSDLOGS** folder.
+
+![figure 22](images/mdt-09-fig22.png)
+
+Figure 22. The OSDCOMPUTERNAME value obtained from the web service.
+
+## Related topics
+
+[Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md)
+
+[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
+
+[Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md)
+
+[Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
+
+[Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
+
+[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md)
+
+[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt.md)
+ 

windows/deploy/windows-10-poc-mdt.md

@@ -636,7 +636,7 @@ Also see [Resolve Windows 10 upgrade errors](resolve-windows-10-upgrade-errors.m
 ## Related Topics
 
 [Microsoft Deployment Toolkit](https://technet.microsoft.com/en-US/windows/dn475741)<BR>
-[Prepare for deployment with MDT 2013](prepare-for-windows-deployment-with-mdt-2013.md)
+[Prepare for deployment with MDT](prepare-for-windows-deployment-with-mdt.md)
 
  
 

windows/deploy/windows-10-upgrade-paths.md

@@ -21,9 +21,7 @@ This topic provides a summary of available upgrade paths to Windows 10. You can
 
 >**Windows 10 LTSB**: The upgrade paths displayed below do not apply to Windows 10 LTSB. In-place upgrade from Windows 7 or Windows 8.1 to Windows 10 LTSB is not supported.  (Note that Windows 10 LTSB 2015 did not block this upgrade path.  This was corrected in the Windows 10 LTSB 2016 release, which will now only allow data-only and clean install options.)
 
->**Windows N/KN**: Windows "N" and "KN" editions follow the same upgrade paths shown below. If the pre-upgrade and post-upgrade editions are not the same type (e.g. Windows 8.1 Pro N to Windows 10 Pro), personal data will be kept but applications and settings will be removed during the upgrade process.  
+>**Windows N/KN**: Windows "N" and "KN" editions follow the same upgrade paths shown below. If the pre-upgrade and post-upgrade editions are not the same type (e.g. Windows 8.1 Pro N to Windows 10 Pro), personal data will be kept but applications and settings will be removed during the upgrade process.
-
->**Free upgrade**: The Windows 10 free upgrade offer expired on July 29, 2016. For more information, see [Free upgrade paths](#free-upgrade-paths).
 
 ✔ = Full upgrade is supported including personal data, settings, and applications.<BR>
 D = Edition downgrade; personal data is maintained, applications and settings are removed.
@@ -334,77 +332,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
     </tr>
 </table>
 
-## Free upgrade paths
-
-Windows 10 is offered as a free upgrade for the first year after launch of Windows 10, with the following restrictions: 
-- The offer expires on July 29th, 2016.
-- The offer applies to devices connected to the Internet with Windows Update enabled.
-- Upgrading to Windows 10 Pro requires a computer running the Pro or Ultimate version of Windows 7/8/8.1.
-- Windows Phone 8.0 users must update to Windows 8.1 before upgrading to Windows 10 Mobile<sup>1</sup>. 
-- Editions that are excluded from the free upgrade offer include: Windows 7 Enterprise, Windows 8/8.1 Enterprise, and Windows RT/RT 8.1<sup>2</sup>. 
-
-><sup>1</sup>The availability of Windows 10 Mobile for Windows 8.1 devices will vary by device manufacturer, device model, country or region, mobile operator or service provider, hardware limitations, and other factors. For a list of eligible phones and important info about the upgrade and Windows 10 Mobile, see [Windows 10 specifications](http://windows.com/specsmobile).
-
-><sup>2</sup>Active Software Assurance customers in volume licensing have the benefit to upgrade to Windows 10 Enterprise outside of this offer. Windows 10 is not supported on devices running the RT versions of Windows 8.
-
-The following table summarizes the free upgrade paths to Windows 10. For a list of frequently asked questions about the free upgrade to Windows 10, see [Upgrade to Windows 10: FAQ](http://windows.microsoft.com/en-us/windows-10/upgrade-to-windows-10-faq).
-
-<table border="1" cellpadding="3">
-    <tr>
-        <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
-        <td>From</td>
-        <td>To</td>
-    </tr>
-    <tr>
-        <td BGCOLOR="#a0e4fa" colspan="3">Windows 7</td>
-    </tr>
-    <tr>
-        <td></td>
-        <td>Windows 7 Starter</td>
-        <td rowspan="3">Windows 10 Home</td>
-    </tr>
-    <tr>
-        <td>&nbsp;</td>
-        <td>Windows 7 Home Basic</td>
-    </tr>
-    <tr>
-        <td>&nbsp;</td>
-        <td>Windows 7 Home Premium</td>
-    </tr>
-    <tr>
-        <td></td>
-        <td>Windows 7 Professional</td>
-        <td rowspan="2">Windows 10 Pro</td>
-    </tr>
-    <tr>
-        <td>&nbsp;</td>
-        <td>Windows 7 Ultimate</td>
-    </tr>
-        <tr>
-	        <td BGCOLOR="#a0e4fa" colspan="3">Windows 8/8.1</td>
-	    </tr>
-	    <tr>
-	        <td></td>
-	        <td>Windows Phone 8.1</td>
-	        <td>Windows 10 Mobile</td>
-       </tr>
-	    <tr>
-	        <td></td>
-	        <td>Windows 8/8.1</td>
-	        <td>Windows 10 Home</td>
-       </tr>
-    <tr>
-        <td></td>
-        <td>Windows 8/8.1 Pro</td>
-        <td rowspan="2">Windows 10 Pro</td>
-    </tr>
-    <tr>
-        <td>&nbsp;</td>
-        <td>Windows 8/8.1 Pro for Students</td>
-    </tr>
-
-</table>
-
 ## Related Topics
 
 [Windows 10 deployment scenarios](windows-10-deployment-scenarios.md)<BR>

windows/deploy/windows-deployment-scenarios-and-tools.md

@@ -14,7 +14,7 @@ author: mtniehaus
 
 To successfully deploy the Windows 10 operating system and applications for your organization, it is essential that you know about the available tools to help with the process. In this topic, you will learn about the most commonly used tools for Windows 10 deployment.
 
-Microsoft provides many tools, services, and solutions. These tools include Windows Deployment Services (WDS), the Volume Activation Management Tool (VAMT), the User State Migration Tool (USMT), Windows System Image Manager (Windows SIM), Windows Preinstallation Environment (Windows PE), and Windows Recovery Environment (Windows RE). Keep in mind that these are just tools and not a complete solution on their own. It’s when you combine these tools with solutions like [Microsoft Deployment Toolkit (MDT) 2013 Update 1](deploy-windows-10-with-the-microsoft-deployment-toolkit.md) or [Microsoft System Center 2012 R2 Configuration Manager](deploy-windows-10-with-system-center-2012-r2-configuration-manager.md) that you get the complete deployment solution.
+Microsoft provides many tools, services, and solutions. These tools include Windows Deployment Services (WDS), the Volume Activation Management Tool (VAMT), the User State Migration Tool (USMT), Windows System Image Manager (Windows SIM), Windows Preinstallation Environment (Windows PE), and Windows Recovery Environment (Windows RE). Keep in mind that these are just tools and not a complete solution on their own. It’s when you combine these tools with solutions like [Microsoft Deployment Toolkit (MDT)](deploy-windows-10-with-the-microsoft-deployment-toolkit.md) or [Microsoft System Center 2012 R2 Configuration Manager](deploy-windows-10-with-system-center-2012-r2-configuration-manager.md) that you get the complete deployment solution.
 
 In this topic, you also learn about different types of reference images that you can build, and why reference images are beneficial for most organizations
 
@@ -184,23 +184,23 @@ Also, there are a few new features related to TFTP performance:
 
 Figure 10. TFTP changes are now easy to perform.
 
-## <a href="" id="sec09"></a>Microsoft Deployment Toolkit 2013 Update 1
+## <a href="" id="sec09"></a>Microsoft Deployment Toolkit
 
 
-MDT 2013 Update 1 is a free deployment solution from Microsoft. It provides end-to-end guidance, best practices, and tools for planning, building, and deploying Windows operating systems. MDT builds on top of the core deployment tools in the Windows ADK by contributing guidance, reducing complexity, and adding critical features for an enterprise-ready deployment solution.
+MDT is a free deployment solution from Microsoft. It provides end-to-end guidance, best practices, and tools for planning, building, and deploying Windows operating systems. MDT builds on top of the core deployment tools in the Windows ADK by contributing guidance, reducing complexity, and adding critical features for an enterprise-ready deployment solution.
 
-MDT 2013 Update 1 has two main parts: the first is Lite Touch, which is a stand-alone deployment solution; the second is Zero Touch, which is an extension to System Center 2012 R2 Configuration Manager.
+MDT has two main parts: the first is Lite Touch, which is a stand-alone deployment solution; the second is Zero Touch, which is an extension to System Center 2012 R2 Configuration Manager.
 
 **Note**  
-Lite Touch and Zero Touch are marketing names for the two solutions that MDT 2013 supports, and the naming has nothing to do with automation. You can fully automate the stand-alone MDT 2013 Update 1 solution (Lite Touch), and you can configure the solution integration with Configuration Manager to prompt for information.
+Lite Touch and Zero Touch are marketing names for the two solutions that MDT supports, and the naming has nothing to do with automation. You can fully automate the stand-alone MDT solution (Lite Touch), and you can configure the solution integration with Configuration Manager to prompt for information.
 
  
 
 ![figure 11](images/mdt-11-fig13.png)
 
-Figure 11. The Deployment Workbench in MDT 2013, showing a task sequence.
+Figure 11. The Deployment Workbench in, showing a task sequence.
 
-For more information on MDT 2013 Update 1, see the [Microsoft Deployment Toolkit](https://go.microsoft.com/fwlink/p/?LinkId=618117) resource center.
+For more information on MDT, see the [Microsoft Deployment Toolkit](https://go.microsoft.com/fwlink/p/?LinkId=618117) resource center.
 
 ## <a href="" id="sec10"></a>Microsoft Security Compliance Manager 2013
 

windows/keep-secure/types-of-attacks-for-volume-encryption-keys.md

@@ -14,7 +14,7 @@ author: brianlic-msft
 **Applies to**
 -   Windows 10
 
-There are many ways Windows helps protect your organization from attacks, including Unified Extensible Firmware Interface (UEFI) secure boot, Trusted Platform Module (TPM), Group Policy, complex passwords, and account lockouts.
+There are many ways Windows helps protect your organization from attacks, including Unified Extensible Firmware Interface (UEFI) Secure Boot, Trusted Platform Module (TPM), Group Policy, complex passwords, and account lockouts.
 
 The next few sections describe each type of attack that could be used to compromise a volume encryption key, whether for BitLocker or a non-Microsoft encryption solution. After an attacker has compromised a volume encryption key, the attacker can read data from your system drive or even install malware while Windows is offline. Each section begins with a graphical overview of the attack’s strengths and weaknesses as well as suggested mitigations.
 
@@ -40,7 +40,7 @@ Although password protection of the UEFI configuration is important for protecti
 
 For this reason, when BitLocker is configured on devices that include a TPM, the TPM and its PCRs are always used to secure and confirm the integrity of the pre–operating system environment before making encrypted volumes accessible.
 
-Any changes to the UEFI configuration invalidates the PCR7 and require the user to enter the BitLocker recovery key. Because of this feature, it’s not critical to password-protect your UEFI configuration. If an attacker successfully turns off Secure Boot or otherwise changes the UEFI configuration, they will need to enter the BitLocker recovery key, but UEFI password protection is a best practice and is still required for systems not using a TPM (such as non-Microsoft alternatives).
+Any change to the UEFI configuration invalidates the PCR7 and requires the user to enter the BitLocker recovery key. Because of this feature, it’s not critical to password-protect your UEFI configuration. But UEFI password protection is a best practice and is still required for systems not using a TPM (such as non-Microsoft alternatives).
 
 ### Brute-force Sign-in Attacks
 

windows/manage/cortana-at-work-scenario-7.md

@@ -1,38 +0,0 @@
----
-title: Test scenario 7 - Use Cortana and Windows Information Protection (WIP) to help protect your organization’s data on a device (Windows 10)
-description: An optional test scenario about how to use Cortana at work with Windows Information Protection (WIP).
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-author: eross-msft
-localizationpriority: high
----
-
-# Test scenario 7 - Use Cortana and Windows Information Protection (WIP) to help protect your organization’s data on a device
-
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
-
->[!IMPORTANT]
->The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering.
-
-This optional scenario helps you to protect your organization’s data on a device, based on an inspection by Cortana.
-
-## Use Cortana and WIP to protect your organization’s data 
-
-1.	Create and deploy an WIP policy to your organization. For info about how to do this, see [Protect your enterprise data using Windows Information Protection (WIP)](../keep-secure/protect-enterprise-data-using-wip.md).
-
-2.	Create a new email from a non-protected or personal mailbox, including the text _I’ll send you that presentation tomorrow_.
-
-3.	Wait up to 2 hours to make sure everything has updated, click the **Cortana** icon in the taskbar, and then click in the **Search** bar.
-
-    Cortana automatically pulls your commitment to sending the presentation out of your email, showing it to you.
-
-4.	Create a new email from a protected mailbox, including the same text as above, _I’ll send you that presentation tomorrow_.
-
-5.	Wait until everything has updated again, click the **Cortana** icon in the taskbar, and then click in the **Search** bar.
-
-    Because it was in an WIP-protected email, the presentation info isn’t pulled out and it isn’t shown to you.

windows/whats-new/whats-new-windows-10-version-1703.md

@@ -48,11 +48,11 @@ The following new Group Policy and mobile device management (MDM) settings are a
 
 ### Kiosk mode for Windows 10 Mobile
 
-In Windows 10 Mobile, version 1703, [Apps Corner](https://support.microsoft.com/instantanswers/7959c547-aa80-5ff1-9097-1784b6894845/set-up-apps-corner) is removed. Enterprises can use [Enterprise Assigned Access to configure kiosk experiences](../configure/set-up-a-kiosk-for-windows-10-for-mobile-edition.md) on devices running Windows 10 Mobile. 
+In Windows 10 Mobile, version 1703, [Apps Corner](https://support.microsoft.com/instantanswers/7959c547-aa80-5ff1-9097-1784b6894845/set-up-apps-corner) is removed. Enterprises can use [Enterprise Assigned Access to configure kiosk experiences](../configure/set-up-a-kiosk-for-windows-10-for-mobile-edition.md) on devices running Windows 10 Mobile.
 
 ### Start and taskbar layout
 
-Enterprises can apply a customized Start and tasbkar layout to devices running Windows 10 Pro, version 1703. 
+Enterprises can apply a customized Start and tasbkar layout to devices running Windows 10 Pro, version 1703.
 
 Additional MDM policy settings are available for Start and taskbar layout. For details, see [Manage Windows 10 Start and taskbar layout](../configure/windows-10-start-layout-options-and-policies.md).
 
@@ -68,6 +68,53 @@ The GPT partition format is newer and enables the use of larger and more disk pa
 
 For details, see [MBR2GPT.EXE](../deploy/mbr-to-gpt.md).
 
+### Cortana at work
+
+Cortana is Microsoft’s personal digital assistant, who helps busy people get things done, even while at work. Cortana has powerful configuration options, specifically optimized for your business. By signing in with an Azure Active Directory (Azure AD) account, your employees can give Cortana access to their enterprise/work identity, while getting all the functionality Cortana provides to them outside of work.
+
+Using Azure AD also means that you can remove an employee’s profile (for example, when an employee leaves your organization) while respecting Windows Information Protection (WIP) policies and ignoring enterprise content, such as emails, calendar items, and people lists that are marked as enterprise data.
+
+## Security
+
+### Windows Defender Advanced Threat Protection (Windows Defender ATP)
+The following features have been added to Windows Defender ATP in Windows 10, version 1703.
+
+- **Response**<br>
+  When detecting an attack, security response teams can now take immediate action to contain a breach:
+  - [Take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md) - Quickly respond to detected attacks by isolating machines or collecting an investigation package.
+    - [Isolate machines from the network](respond-machine-alerts-windows-defender-advanced-threat-protection.md#isolate-machines-from-the-network)
+    - [Undo machine isolation](respond-machine-alerts-windows-defender-advanced-threat-protection.md#undo-machine-isolation)
+    - [Collect investigation package](respond-machine-alerts-windows-defender-advanced-threat-protection.md#collect-investigation-package-from-machines)
+
+  - [Take response actions on a file](respond-file-alerts-windows-defender-advanced-threat-protection.md) - Quickly respond to detected attacks by stopping and quarantining files or blocking a file.
+    - [Stop and quarantine files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#stop-and-quarantine-files-in-your-network)
+    - [Remove file from quarantine](respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-quarantine)
+    - [Block files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#block-files-in-your-network)
+
+- **Investigation**<br>
+  Enterprise customers can now take advantage of the entire Windows security stack with Windows Defender Antivirus detections and Device Guard blocks being surfaced in the Windows Defender ATP portal.
+
+  Other investigation capabilities include:
+
+    - [Investigate a user account](investigate-user-windows-defender-advanced-threat-protection.md) - Identify user accounts with the most active alerts and investigate cases of potential compromised credentials.
+    - [Alert process tree](investigate-alerts-windows-defender-advanced-threat-protection.md#alert-process-tree) - Aggregates multiple detections and related events into a single view to reduce case resolution time.
+
+- **Detection**<br>
+  Windows Creators Update improves OS memory and kernel sensors to enable detection of attackers who are using in-memory and kernel-level attacks.
+
+  Other detection capabilities include:
+  - [Use the threat intelligence API to create custom alerts](use-custom-ti-windows-defender-advanced-threat-protection.md) - Understand threat intelligence concepts, enable the threat intel application, and create custom threat intelligence alerts for your organization.
+  
+
+### Device Guard and Credential Guard
+
+Additional security qualifications for Device Guard and Credential Guard help protect vulnerabilities in UEFI runtime. 
+For more information, see [Device Guard Requirements](../keep-secure/requirements-and-deployment-planning-guidelines-for-device-guard.md#device-guard-requirements-for-improved-security) and [Credential Guard Security Considerations](../keep-secure/credential-guard.md#security-considerations).
+
+### Group Policy Security Options
+
+The security setting [**Interactive logon: Display user information when the session is locked**](../keep-secure/interactive-logon-display-user-information-when-the-session-is-locked.md) has been updated to work in conjunction with the **Privacy** setting in **Settings** > **Accounts** > **Sign-in options**. 
+
 ## Learn more
 
 - [Windows 10 release information](https://technet.microsoft.com/en-us/windows/release-info)