Merge remote-tracking branch 'refs/remotes/origin/master' into jdsb

windows/client-management/mdm/configuration-service-provider-reference.md

@@ -2745,11 +2745,13 @@ The following list shows the configuration service providers supported in Window
 - [DMClient CSP](dmclient-csp.md)
 - [EnterpriseAppManagement CSP](enterpriseappmanagement-csp.md)
 - [HealthAttestation CSP](healthattestation-csp.md)
+- [NetworkProxy CSP](networkproxy-csp.md)
 - [Policy CSP](policy-configuration-service-provider.md)
 - [Provisioning CSP (Provisioning only)](provisioning-csp.md)
 - [Reboot CSP](reboot-csp.md)
 - [RemoteWipe CSP](remotewipe-csp.md) 1
 - [RootCATrustedCertificates CSP](rootcacertificates-csp.md)
+- [UnifiedWriteFilter CSP](unifiedwritefilter-csp.md)
 - [Update CSP](update-csp.md)
 - [VPNv2 CSP](vpnv2-csp.md)
 - [WiFi CSP](wifi-csp.md)

windows/client-management/mdm/firewall-csp.md

@@ -332,11 +332,11 @@ Sample syncxml to provision the firewall settings to evaluate
 <p style="margin-left: 20px">Value type is bool. Supported operations are Add, Get, Replace, and Delete.</p>
 
 <a href="" id="localuserauthorizedlist"></a>**FirewallRules/_FirewallRuleName_/LocalUserAuthorizationList**
-<p style="margin-left: 20px">Specifies the list of authorized local users for the app container. This is a string in Security Descriptor Definition Language (SDDL) format.</p>
+<p style="margin-left: 20px">Specifies the list of authorized local users for this rule. This is a string in Security Descriptor Definition Language (SDDL) format.</p>
 <p style="margin-left: 20px">Value type is string. Supported operations are Add, Get, Replace, and Delete.</p>
 
 <a href="" id="status"></a>**FirewallRules/_FirewallRuleName_/Status**
-<p style="margin-left: 20px">Provides information about the specific verrsion of the rule in deployment for monitoring purposes.</p>
+<p style="margin-left: 20px">Provides information about the specific version of the rule in deployment for monitoring purposes.</p>
 <p style="margin-left: 20px">Value type is string. Supported operation is Get.</p>
 
 <a href="" id="name"></a>**FirewallRules/_FirewallRuleName_/Name**

windows/configuration/stop-employees-from-using-microsoft-store.md

@@ -25,6 +25,9 @@ ms.date: 4/16/2018
 
 IT pros can configure access to Microsoft Store for client computers in their organization. For some organizations, business policies require blocking access to Microsoft Store.
 
+> [!Important]
+> All executable code including Microsoft Store applications should have an update and maintenance plan.  Organizations that use Microsoft Store applications should ensure that the applications can be updated through the Microsoft Store over the internet, through the [Private Store](/microsoft-store/distribute-apps-from-your-private-store), or [distributed offline](/microsoft-store/distribute-offline-apps) to keep the applications up to date.
+
 ## Options to configure access to Microsoft Store
 
 
@@ -82,7 +85,6 @@ You can also use Group Policy to manage access to Microsoft Store.
 > [!Important]
 > Enabling **Turn off Store application** policy turns off app updates from Microsoft Store.  
 
-
 ## <a href="" id="block-store-mdm"></a>Block Microsoft Store using management tool
 
 

windows/deployment/windows-autopilot/existing-devices.md

@@ -1,5 +1,5 @@
 ---
-title: Rip and Replace
+title: Autopilot for existing devices
 description: Listing of Autopilot scenarios
 keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune
 ms.prod: w10
@@ -9,11 +9,11 @@ ms.sitesec: library
 ms.pagetype: deploy
 author: greg-lindsay
 ms.author: greglin
-ms.date: 06/01/2018
+ms.date: 10/11/2018
 ---
 
-# Rip and replace
+# Autopilot for existing devices
 
 **Applies to: Windows 10**
 
-DO NOT PUBLISH.  Just a placeholder for now, coming with 1809.
+Placeholder. Content coming.

windows/deployment/windows-autopilot/user-driven-aad.md

@@ -9,11 +9,11 @@ ms.sitesec: library
 ms.pagetype: deploy
 author: greg-lindsay
 ms.author: greglin
-ms.date: 06/01/2018
+ms.date: 10/11/2018
 ---
 
 # Windows Autopilot user-driven mode for Azure Active Directory
 
 **Applies to: Windows 10**
 
-DO NOT PUBLISH.  This eventually will contain the AAD-specific instuctions currently in user-driven.md.
+Placeholder. Content coming.

windows/deployment/windows-autopilot/user-driven-hybrid.md

@@ -9,7 +9,7 @@ ms.sitesec: library
 ms.pagetype: deploy
 author: greg-lindsay
 ms.author: greglin
-ms.date: 06/01/2018
+ms.date: 10/11/2018
 ---
 
 
@@ -17,4 +17,4 @@ ms.date: 06/01/2018
 
 **Applies to: Windows 10**
 
-DO NOT PUBLISH.  This eventually will contain the AD-specific (hybrid) instuctions.  This will be in preview at a later point in time.
+Placeholder. Content coming.

windows/hub/index.md

@@ -71,10 +71,12 @@ The Windows 10 operating system introduces a new way to build, deploy, and servi
 These improvements focus on maximizing customer involvement in Windows development, simplifying the deployment and servicing of Windows client computers, and leveling out the resources needed to deploy and maintain Windows over time.
   
 - [Read more about Windows as a Service](/windows/deployment/update/waas-overview)
+- [Read how much space does Windows 10 take](https://www.microsoft.com/en-us/windows/windows-10-specifications)
 
 ## Related topics
 [Windows 10 TechCenter](https://go.microsoft.com/fwlink/?LinkId=620009)
 
+
  
 
 

windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md

@@ -9,7 +9,7 @@ ms.sitesec: library
 ms.pagetype: security
 author: justinha
 ms.localizationpriority: medium
-ms.date: 10/05/2018
+ms.date: 10/11/2018
 ---
 
 # List of enlightened Microsoft apps for use with Windows Information Protection (WIP)
@@ -32,7 +32,7 @@ Apps can be enlightened or unenlightened:
 
     -   Windows **Save As** experiences only allow you to save your files as enterprise.
 
-- **WIP-work only apps** are unenlightened line-of-business apps that have been tested and deemed safe for use in an enterprise with WIP and Mobile App Management (MAM) solutions.
+- **WIP-work only apps** are unenlightened line-of-business apps that have been tested and deemed safe for use in an enterprise with WIP and Mobile App Management (MAM) solutions without device enrollment. Unenlightened apps that are targeted by WIP without enrollment run under personal mode. 
 
 ## List of enlightened Microsoft apps
 Microsoft has made a concerted effort to enlighten several of our more popular apps, including the following:

windows/security/threat-protection/security-policy-settings/account-lockout-policy.md

@@ -8,7 +8,7 @@ ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
 author: brianlic-msft
-ms.date: 04/19/2017
+ms.date: 10/11/2018
 ---
 
 # Account Lockout Policy
@@ -22,6 +22,9 @@ Someone who attempts to use more than a few unsuccessful passwords while trying
 
 The following topics provide a discussion of each policy setting's implementation and best practices considerations, policy location, default values for the server type or Group Policy Object (GPO), relevant differences in operating system versions, and security considerations (including the possible vulnerabilities of each policy setting), countermeasures that you can implement, and the potential impact of implementing the countermeasures.
 
+>[!NOTE]
+>Account lockout settings for remote access clients can be configured separately by editing the Registry on the server that manages the remote access. For more information, see [How to configure remote access client account lockout](https://support.microsoft.com/help/816118/how-to-configure-remote-access-client-account-lockout-in-windows-serve).
+
 ## In this section
 
 | Topic | Description |