diff --git a/EssentialsDocs/install/Hosted-Windows-Server-Essentials.md b/EssentialsDocs/install/Hosted-Windows-Server-Essentials.md
index ab57d0b99e..bc367bcdbb 100644
--- a/EssentialsDocs/install/Hosted-Windows-Server-Essentials.md
+++ b/EssentialsDocs/install/Hosted-Windows-Server-Essentials.md
@@ -23,7 +23,7 @@ This document includes information that is specific to hosters who intend to dep
## What is Windows Server Essentials?
Windows Server Essentials is a cross-premises small business solution, which incorporates best-of-breed, 64-bit product technologies to deliver a server environment well suited for the vast majority of small businesses. The following technologies are included in Windows Server Essentials.
- **Server Operating System:** Windows Server 2012 product technologies provide the core of Windows Server Essentials. For more information, visit the [Windows Server 2012 website](https://www.microsoft.com/en-us/server-cloud/products/windows-server-2012-r2/default.aspx#fbid=ZH0GD_CRAWh).
+ **Server Operating System:** Windows Server 2012 product technologies provide the core of Windows Server Essentials. For more information, visit the [Windows Server 2012 website](https://www.microsoft.com/server-cloud/products/windows-server-2012-r2/default.aspx#fbid=ZH0GD_CRAWh).
**Data Protection:** Windows Server Essentials leverages several new features available in Windows Server 2012 to provide greatly improved data protection capabilities. The [new Storage Spaces feature](https://technet.microsoft.com/library/hh831739.aspx) allows you to aggregate the physical storage capacity of disparate hard drives, dynamically add hard drives, and create data volumes with specified levels of resilience. Windows Server Essentials can perform complete system backups and bare-metal restores of the server itself as well as the client computers connected to the network ?now with support for volumes larger than 2 TB. New with Windows Server 2012, the [Windows Azure Online Backup](https://technet.microsoft.com/library/hh831419.aspx) can be used to protect files and folders in a cloud-based storage service that is managed by Microsoft. Windows Server Essentials also centrally manages and configures the File History feature of Windows 8.1 clients, helping users to recover from accidentally deleted or overwritten files without requiring administrator assistance.
diff --git a/EssentialsDocs/migrate/Prepare-your-Source-Server-for-Windows-Server-Essentials-migration.md b/EssentialsDocs/migrate/Prepare-your-Source-Server-for-Windows-Server-Essentials-migration.md
index b7c78d80b5..a65a025578 100644
--- a/EssentialsDocs/migrate/Prepare-your-Source-Server-for-Windows-Server-Essentials-migration.md
+++ b/EssentialsDocs/migrate/Prepare-your-Source-Server-for-Windows-Server-Essentials-migration.md
@@ -84,7 +84,7 @@ Complete the following preliminary steps to ensure that the settings and data on
###### To use the Windows Server Solutions BPA to analyze your Source Server
-1. Download and install the [Windows Server Solutions Best Practices Analyzer](https://www.microsoft.com/en-us/download/details.aspx?id=15556) at the Microsoft Download Center.
+1. Download and install the [Windows Server Solutions Best Practices Analyzer](https://www.microsoft.com/download/details.aspx?id=15556) at the Microsoft Download Center.
2. After the download is complete, click **Start**, point to **All Programs**, and then click **SBS Best Practices Analyzer Tool**.
diff --git a/ThirdPartyNotices b/ThirdPartyNotices
index faceb5a528..59c52f39d4 100644
--- a/ThirdPartyNotices
+++ b/ThirdPartyNotices
@@ -9,7 +9,7 @@ may be either trademarks or registered trademarks of Microsoft in the United Sta
The licenses for this project do not grant you rights to use any Microsoft names, logos, or trademarks.
Microsoft's general trademark guidelines can be found at https://go.microsoft.com/fwlink/?LinkID=254653.
-Privacy information can be found at https://privacy.microsoft.com/en-us/
+Privacy information can be found at https://privacy.microsoft.com
Microsoft and any contributors reserve all others rights, whether under their respective copyrights, patents,
or trademarks, whether by implication, estoppel or otherwise.
\ No newline at end of file
diff --git a/WindowsServerDocs/Windows-Server-2016.md b/WindowsServerDocs/Windows-Server-2016.md
index b1b8a40f50..e05774189c 100644
--- a/WindowsServerDocs/Windows-Server-2016.md
+++ b/WindowsServerDocs/Windows-Server-2016.md
@@ -97,7 +97,7 @@ Windows Server 2016 is available in Standard, Datacenter, and Essentials edition
|Shielded Virtual Machines| yes| no|
|Software Defined Networking Infrastructure (Network Controller, Software Load Balancer, and Multi-tenant Gateway)| yes| no|
-For more information, see [Pricing and licensing for Windows Server 2016](https://www.microsoft.com/en-us/cloud-platform/windows-server-pricing) and [Compare features in Windows Server versions](https://www.microsoft.com/en-us/cloud-platform/windows-server-comparison).
+For more information, see [Pricing and licensing for Windows Server 2016](https://www.microsoft.com/cloud-platform/windows-server-pricing) and [Compare features in Windows Server versions](https://www.microsoft.com/cloud-platform/windows-server-comparison).
## Installation options
diff --git a/WindowsServerDocs/administration/Linux-Package-Repository-for-Microsoft-Software.md b/WindowsServerDocs/administration/Linux-Package-Repository-for-Microsoft-Software.md
index df0502fc57..3c84435da7 100644
--- a/WindowsServerDocs/administration/Linux-Package-Repository-for-Microsoft-Software.md
+++ b/WindowsServerDocs/administration/Linux-Package-Repository-for-Microsoft-Software.md
@@ -21,7 +21,7 @@ Microsoft's Linux Software Repository is comprised of multiple sub-repositories:
- prod – The Production sub-repository is designated for packages intended for use in production. These packages are commercially supported by Microsoft under the terms of the applicable support agreement or program that you have with Microsoft.
- - mssql-server - These repositories contain packages for Microsoft SQL Server on Linux - See also: [SQL Server on Linux](https://www.microsoft.com/en-us/sql-server/sql-server-vnext-including-Linux).
+ - mssql-server - These repositories contain packages for Microsoft SQL Server on Linux - See also: [SQL Server on Linux](https://www.microsoft.com/sql-server/sql-server-vnext-including-Linux).
> [!Note]
> Packages in the Linux software repositories are subject to the license terms located in the packages. Please read the license terms prior to using the package. Your installation and use of the package constitutes your acceptance of these terms. If you do not agree with the license terms, do not use the package.
diff --git a/WindowsServerDocs/administration/performance-tuning/additional-resources.md b/WindowsServerDocs/administration/performance-tuning/additional-resources.md
index c4c08b3135..00c20056de 100644
--- a/WindowsServerDocs/administration/performance-tuning/additional-resources.md
+++ b/WindowsServerDocs/administration/performance-tuning/additional-resources.md
@@ -20,7 +20,7 @@ Use the links in this topic to learn more about the concepts that were discussed
- [Transaction Processing Performance Council](http://www.tpc.org/)
-- [Windows Assessment and Deployment Kit](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit)
+- [Windows Assessment and Deployment Kit](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit)
## Power Management Tuning Resources
@@ -28,7 +28,7 @@ Use the links in this topic to learn more about the concepts that were discussed
- [Using PowerCfg to Evaluate System Energy Efficiency](https://technet.microsoft.com/library/cc748940.aspx)
-- [Interrupt-Affinity Policy Tool](https://support.microsoft.com/en-us/kb/252867)
+- [Interrupt-Affinity Policy Tool](https://support.microsoft.com/kb/252867)
## Networking Subsystem Tuning Resources
diff --git a/WindowsServerDocs/administration/performance-tuning/role/active-directory-server/capacity-planning-for-active-directory-domain-services.md b/WindowsServerDocs/administration/performance-tuning/role/active-directory-server/capacity-planning-for-active-directory-domain-services.md
index c617fcb75d..c5bc6d53d8 100644
--- a/WindowsServerDocs/administration/performance-tuning/role/active-directory-server/capacity-planning-for-active-directory-domain-services.md
+++ b/WindowsServerDocs/administration/performance-tuning/role/active-directory-server/capacity-planning-for-active-directory-domain-services.md
@@ -255,8 +255,8 @@ The only recommendation for consideration is to ensure that 110% of the NTDS.dit
The first and most important consideration is evaluating how large the NTDS.dit and SYSVOL will be. These measurements will lead into sizing both fixed disk and RAM allocation. Due to the (relatively) low cost of these components, the math does not need to be rigorous and precise. Content about how to evaluate this for both existing and new environments can be found in the [Data Storage](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-2000-server/cc961771(v=technet.10)) series of articles. Specifically, refer to the following articles:
-- **For existing environments –** The section titled “To activate logging of disk space that is freed by defragmentation” in the article [Storage Limits](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc961769(v=technet.10)).
-- **For new environments –** The article titled [Growth Estimates for Active Directory Users and Organizational Units](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc961779(v=technet.10)).
+- **For existing environments –** The section titled “To activate logging of disk space that is freed by defragmentation” in the article [Storage Limits](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-2000-server/cc961769(v=technet.10)).
+- **For new environments –** The article titled [Growth Estimates for Active Directory Users and Organizational Units](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-2000-server/cc961779(v=technet.10)).
> [!NOTE]
> The articles are based on data size estimates made at the time of the release of Active Directory in Windows 2000. Use object sizes that reflect the actual size of objects in your environment.
@@ -407,7 +407,7 @@ Unfortunately, due to the huge variability of client applications that leverage
As mentioned previously, when planning capacity for an entire site, the goal is to target a design with an *N* + 1 capacity design, such that failure of one system during the peak period will allow for continuation of service at a reasonable level of quality. That means that in an “*N*” scenario, load across all the boxes should be less than 100% (better yet, less than 80%) during the peak periods.
-Additionally, if the applications and clients in the site are using best practices for locating domain controllers (that is, using the [DsGetDcName function](http://msdn.microsoft.com/en-us/library/windows/desktop/ms675983(v=vs.85).aspx)), the clients should be relatively evenly distributed with minor transient spikes due to any number of factors.
+Additionally, if the applications and clients in the site are using best practices for locating domain controllers (that is, using the [DsGetDcName function](http://msdn.microsoft.com/library/windows/desktop/ms675983(v=vs.85).aspx)), the clients should be relatively evenly distributed with minor transient spikes due to any number of factors.
In the next example, the following assumptions are made:
@@ -456,7 +456,7 @@ At maximum load, lsass consumes about 485% of one CPU, or 4.85 CPUs running at 1
### When to tune LDAP weights
-There are several scenarios where tuning [LdapSrvWeight](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc957291(v=technet.10)) should be considered. Within the context of capacity planning, this would be done when the application or user loads are not evenly balanced, or the underlying systems are not evenly balanced in terms of capability. Reasons to do so beyond capacity planning are outside of the scope of this article.
+There are several scenarios where tuning [LdapSrvWeight](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-2000-server/cc957291(v=technet.10)) should be considered. Within the context of capacity planning, this would be done when the application or user loads are not evenly balanced, or the underlying systems are not evenly balanced in terms of capability. Reasons to do so beyond capacity planning are outside of the scope of this article.
There are two common reasons to tune LDAP Weights:
@@ -643,9 +643,9 @@ Returning to the driving analogy used earlier in this section:
This is why the long term averages for capacity conservatively estimated at 40% allows for head room for abnormal spikes in load, whether said spikes transitory (such as poorly coded queries that run for a few minutes) or abnormal bursts in general load (the morning of the first day after a long weekend).
The above statement regards % Processor Time calculation being the same as the Utilization Law is a bit of a simplification for the ease of the general reader. For those more mathematically rigorous:
-- Translating the [PERF_100NSEC_TIMER_INV](https://docs.microsoft.com/en-us/previous-versions/windows/embedded/ms901169(v=msdn.10))
- - *B* = The number of 100-ns intervals “Idle” thread spends on the logical processor. The change in the “*X*” variable in the [PERF_100NSEC_TIMER_INV](https://docs.microsoft.com/en-us/previous-versions/windows/embedded/ms901169(v=msdn.10)) calculation
- - *T* = the total number of 100-ns intervals in a given time range. The change in the “*Y*” variable in the [PERF_100NSEC_TIMER_INV](https://docs.microsoft.com/en-us/previous-versions/windows/embedded/ms901169(v=msdn.10)) calculation.
+- Translating the [PERF_100NSEC_TIMER_INV](https://docs.microsoft.com/previous-versions/windows/embedded/ms901169(v=msdn.10))
+ - *B* = The number of 100-ns intervals “Idle” thread spends on the logical processor. The change in the “*X*” variable in the [PERF_100NSEC_TIMER_INV](https://docs.microsoft.com/previous-versions/windows/embedded/ms901169(v=msdn.10)) calculation
+ - *T* = the total number of 100-ns intervals in a given time range. The change in the “*Y*” variable in the [PERF_100NSEC_TIMER_INV](https://docs.microsoft.com/previous-versions/windows/embedded/ms901169(v=msdn.10)) calculation.
- *U* k = The utilization percentage of the logical processor by the “Idle Thread” or % Idle Time.
- Working out the math:
- *U* k = 1 – %Processor Time
diff --git a/WindowsServerDocs/administration/software-inventory-logging/manage-software-inventory-logging.md b/WindowsServerDocs/administration/software-inventory-logging/manage-software-inventory-logging.md
index 69307c9389..e478e7f78e 100644
--- a/WindowsServerDocs/administration/software-inventory-logging/manage-software-inventory-logging.md
+++ b/WindowsServerDocs/administration/software-inventory-logging/manage-software-inventory-logging.md
@@ -25,20 +25,20 @@ The Software Inventory Logging feature can also be added to two versions of Wind
- **Windows Server 2012 (Standard or Datacenter Edition)**
> [!NOTE]
-> Make sure you have [WMF 4.0](https://www.microsoft.com/en-us/download/details.aspx?id=40855) installed before applying the update package below.
+> Make sure you have [WMF 4.0](https://www.microsoft.com/download/details.aspx?id=40855) installed before applying the update package below.
-- WMF 4.0 Update package for Windows Server 2012: [KB 3119938](https://support.microsoft.com/en-us/kb/3119938)
+- WMF 4.0 Update package for Windows Server 2012: [KB 3119938](https://support.microsoft.com/kb/3119938)
- **Windows Server 2008 R2 SP1**
> [!NOTE]
-> Make sure you have [WMF 4.0](https://www.microsoft.com/en-us/download/details.aspx?id=40855) installed before applying the update package below.
+> Make sure you have [WMF 4.0](https://www.microsoft.com/download/details.aspx?id=40855) installed before applying the update package below.
-- Requires [.NET Framework 4.5](https://www.microsoft.com/en-us/download/details.aspx?id=30653)
+- Requires [.NET Framework 4.5](https://www.microsoft.com/download/details.aspx?id=30653)
-- WMF 4.0 Update package for Windows Server 2008 R2: [KB 3109118](https://support.microsoft.com/en-us/kb/3109118)
+- WMF 4.0 Update package for Windows Server 2008 R2: [KB 3109118](https://support.microsoft.com/kb/3109118)
There are two primary methods for inventorying using this feature:
diff --git a/WindowsServerDocs/administration/software-inventory-logging/software-inventory-logging-aggregator.md b/WindowsServerDocs/administration/software-inventory-logging/software-inventory-logging-aggregator.md
index 8494a2ec91..60f5bbf943 100644
--- a/WindowsServerDocs/administration/software-inventory-logging/software-inventory-logging-aggregator.md
+++ b/WindowsServerDocs/administration/software-inventory-logging/software-inventory-logging-aggregator.md
@@ -21,7 +21,7 @@ ms.date: 10/16/2017
## What is Software Inventory Logging Aggregator?
Software Inventory Logging Aggregator (SILA) receives, aggregates, and produces basic reports of the number and types of Microsoft enterprise software installed on Windows Servers in a data center.
-SILA is software that you install on Windows Server, but is not included in the Windows Server installation. To install the software, first download it for free from the Windows Download Center: [Software Inventory Logging Aggregator 1.0 for Windows Server](https://www.microsoft.com/en-us/download/details.aspx?id=49046)
+SILA is software that you install on Windows Server, but is not included in the Windows Server installation. To install the software, first download it for free from the Windows Download Center: [Software Inventory Logging Aggregator 1.0 for Windows Server](https://www.microsoft.com/download/details.aspx?id=49046)
The Software Inventory Logging framework is intended to reduce the operational costs of inventorying Microsoft software deployed across many servers in an IT environment. This framework consists of two components, this SIL Aggregator, and the Windows Server feature, introduced in Windows Server 2012 R2, Software Inventory Logging (SIL). This Software Inventory Logging Aggregator 1.0 will install on one server and receive inventory data from any Windows Server configured to forward data to it via SIL. The design allows data center administrators to enable SIL in master Windows Server images intended for wide distribution across their environment. This software package is the target point and intended for customers to install on their premises for easy logging of inventory data over time. This software also allows for periodic creation of basic inventory reports in Microsoft Excel. Software Inventory Logging Aggregator 1.0 reports include counts of installations of Windows Server, System Center, and SQL Server.
@@ -588,7 +588,7 @@ When you want to start inventorying servers in your environment with a different
- While it is possible to add Windows Server 2008 R2 and Windows Server 2012 hosts to the polling host list, this version (1.0) of SIL Aggregator only supports polling Windows Server 2012 R2, for Windows/Hyper-V based hosts, to have success with all features and functionality. In particular, it is known that when polling Windows Server 2008 R2 hosts, virtual machines and hosts may not match up in the SIL Aggregator reports.
## See Also
-[Software Inventory Logging Aggregator 1.0 for Windows Server](https://www.microsoft.com/en-us/download/details.aspx?id=49046)
+[Software Inventory Logging Aggregator 1.0 for Windows Server](https://www.microsoft.com/download/details.aspx?id=49046)
[SIL Aggregator PowerShell cmdlets](https://technet.microsoft.com/library/mt548455.aspx)
[SIL PowerShell cmdlets](https://technet.microsoft.com/library/dn283390.aspx)
[An Overview of SIL](https://technet.microsoft.com/library/dn268301.aspx)
diff --git a/WindowsServerDocs/administration/windows-commands/cleanmgr.md b/WindowsServerDocs/administration/windows-commands/cleanmgr.md
index 5febe30fbe..b2cab70d20 100644
--- a/WindowsServerDocs/administration/windows-commands/cleanmgr.md
+++ b/WindowsServerDocs/administration/windows-commands/cleanmgr.md
@@ -83,4 +83,4 @@ cleanmgr /tuneup:1
## Additional references
-[Free up drive space in Windows 10](https://support.microsoft.com/en-us/help/12425/windows-10-free-up-drive-space)
+[Free up drive space in Windows 10](https://support.microsoft.com/help/12425/windows-10-free-up-drive-space)
diff --git a/WindowsServerDocs/administration/windows-server-update-services/deploy/express-update-delivery-isv-support.md b/WindowsServerDocs/administration/windows-server-update-services/deploy/express-update-delivery-isv-support.md
index 35d060adee..89bbe21a12 100644
--- a/WindowsServerDocs/administration/windows-server-update-services/deploy/express-update-delivery-isv-support.md
+++ b/WindowsServerDocs/administration/windows-server-update-services/deploy/express-update-delivery-isv-support.md
@@ -47,7 +47,7 @@ ISVs can use WSUS and the WU client to support Express update delivery. Microsof
3. [**Set up an ISV client agent to direct WU client operations**](#BKMK_3)
>[!NOTE]
->Requires Cumulative Update for Windows 10 Version 1607 release in (or after) January 2017 ([KB3213986 (OS Build 14393.693)](https://support.microsoft.com/en-us/help/4009938/january-10-2017-kb3213986-os-build-14393-693) to be installed.
+>Requires Cumulative Update for Windows 10 Version 1607 release in (or after) January 2017 ([KB3213986 (OS Build 14393.693)](https://support.microsoft.com/help/4009938/january-10-2017-kb3213986-os-build-14393-693) to be installed.
- The ISV client agent determines which updates to approve, and when do download and install updates
- The WU client determines byte ranges to download and initiates the download request
diff --git a/WindowsServerDocs/administration/windows-server-update-services/manage/wid-to-sql-migration.md b/WindowsServerDocs/administration/windows-server-update-services/manage/wid-to-sql-migration.md
index c23d303c56..3d7aae3294 100644
--- a/WindowsServerDocs/administration/windows-server-update-services/manage/wid-to-sql-migration.md
+++ b/WindowsServerDocs/administration/windows-server-update-services/manage/wid-to-sql-migration.md
@@ -156,7 +156,7 @@ The **NT AUTHORITY\NETWORK SERVICE** account should be listed.
### Edit the registry to point WSUS to the SQL Server Instance
> [!IMPORTANT]
-> Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, [back up the registry for restoration](https://support.microsoft.com/en-us/help/322756) in case problems occur.
+> Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, [back up the registry for restoration](https://support.microsoft.com/help/322756) in case problems occur.
1. Click **Start**, click **Run**, type **regedit**, and then click **OK**.
2. Locate the following key: **HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\UpdateServices\Server\Setup\SqlServerName**
diff --git a/WindowsServerDocs/failover-clustering/cluster-aware-updating-plug-ins.md b/WindowsServerDocs/failover-clustering/cluster-aware-updating-plug-ins.md
index 4ade790d87..775750ffc9 100644
--- a/WindowsServerDocs/failover-clustering/cluster-aware-updating-plug-ins.md
+++ b/WindowsServerDocs/failover-clustering/cluster-aware-updating-plug-ins.md
@@ -42,10 +42,10 @@ By using the CAU PowerShell cmdlets that are listed in the following table, you
|Cmdlet|Description|
|----------|---------------|
-|[Add-CauClusterRole](https://docs.microsoft.com/en-us/powershell/module/clusterawareupdating/add-cauclusterrole)|Adds the CAU clustered role that provides the self\-updating functionality to the specified cluster.|
-|[Invoke-CauRun](https://docs.microsoft.com/en-us/powershell/module/clusterawareupdating/invoke-caurun)|Performs a scan of cluster nodes for applicable updates and installs those updates through an Updating Run on the specified cluster.|
-|[Invoke-CauScan](https://docs.microsoft.com/en-us/powershell/module/clusterawareupdating/invoke-causcan)|Performs a scan of cluster nodes for applicable updates and returns a list of the initial set of updates that would be applied to each node in the specified cluster.|
-|[Set-CauClusterRole](https://docs.microsoft.com/en-us/powershell/module/clusterawareupdating/set-cauclusterrole)|Sets configuration properties for the CAU clustered role on the specified cluster.|
+|[Add-CauClusterRole](https://docs.microsoft.com/powershell/module/clusterawareupdating/add-cauclusterrole)|Adds the CAU clustered role that provides the self\-updating functionality to the specified cluster.|
+|[Invoke-CauRun](https://docs.microsoft.com/powershell/module/clusterawareupdating/invoke-caurun)|Performs a scan of cluster nodes for applicable updates and installs those updates through an Updating Run on the specified cluster.|
+|[Invoke-CauScan](https://docs.microsoft.com/powershell/module/clusterawareupdating/invoke-causcan)|Performs a scan of cluster nodes for applicable updates and returns a list of the initial set of updates that would be applied to each node in the specified cluster.|
+|[Set-CauClusterRole](https://docs.microsoft.com/powershell/module/clusterawareupdating/set-cauclusterrole)|Sets configuration properties for the CAU clustered role on the specified cluster.|
If you do not specify a CAU plug\-in parameter by using these cmdlets, the default is the plug\-in **Microsoft.WindowsUpdatePlugin**.
@@ -77,9 +77,9 @@ The plug\-ins that CAU installs \(**Microsoft.WindowsUpdatePlugin** and **Micros
|Cmdlet|Description|
|----------|---------------|
-|[Get-CauPlugin](https://docs.microsoft.com/en-us/powershell/module/clusterawareupdating/get-cauplugin)|Retrieves information about one or more software updating plug\-ins that are registered on the local computer.|
-|[Register-CauPlugin]((https://docs.microsoft.com/en-us/powershell/module/clusterawareupdating/register-cauplugin))|Registers a CAU software updating plug\-in on the local computer.|
-|[Unregister-CauPlugin](https://docs.microsoft.com/en-us/powershell/module/clusterawareupdating/unregister-cauplugin)|Removes a software updating plug\-in from the list of plug\-ins that can be used by CAU. **Note:** The plug\-ins that are installed with CAU \(**Microsoft.WindowsUpdatePlugin** and the **Microsoft.HotfixPlugin**\) cannot be unregistered.|
+|[Get-CauPlugin](https://docs.microsoft.com/powershell/module/clusterawareupdating/get-cauplugin)|Retrieves information about one or more software updating plug\-ins that are registered on the local computer.|
+|[Register-CauPlugin]((https://docs.microsoft.com/powershell/module/clusterawareupdating/register-cauplugin))|Registers a CAU software updating plug\-in on the local computer.|
+|[Unregister-CauPlugin](https://docs.microsoft.com/powershell/module/clusterawareupdating/unregister-cauplugin)|Removes a software updating plug\-in from the list of plug\-ins that can be used by CAU. **Note:** The plug\-ins that are installed with CAU \(**Microsoft.WindowsUpdatePlugin** and the **Microsoft.HotfixPlugin**\) cannot be unregistered.|
## Using the Microsoft.WindowsUpdatePlugin
@@ -400,7 +400,7 @@ You must enable the **File Server Remote Management \(SMB\-in\)** rule in Window
- [Cluster-Aware Updating Overview](cluster-aware-updating.md)
-- [Cluster-Aware Updating Windows PowerShell Cmdlets](https://docs.microsoft.com/en-us/powershell/module/clusterawareupdating)
+- [Cluster-Aware Updating Windows PowerShell Cmdlets](https://docs.microsoft.com/powershell/module/clusterawareupdating)
- [Cluster-Aware Updating Plug-in Reference](https://msdn.microsoft.com/library/hh418084.aspx)
diff --git a/WindowsServerDocs/get-started-19/servicing-channels-19.md b/WindowsServerDocs/get-started-19/servicing-channels-19.md
index 5b26676437..a6bd134a96 100644
--- a/WindowsServerDocs/get-started-19/servicing-channels-19.md
+++ b/WindowsServerDocs/get-started-19/servicing-channels-19.md
@@ -30,7 +30,7 @@ The Semi-Annual Channel is perfect for customers who are innovating quickly to t
Most of the features introduced in the Semi-Annual Channel will be rolled up into the next Long-Term Servicing Channel release of Windows Server. The editions, functionality, and supporting content might vary from release to release depending on customer feedback.
-The Semi-Annual Channel is available to volume-licensed customers with [Software Assurance](https://www.microsoft.com/en-us/licensing/licensing-programs/software-assurance-default.aspx), as well as via the Azure Marketplace or other cloud/hosting service providers and loyalty programs such as Visual Studio Subscriptions.
+The Semi-Annual Channel is available to volume-licensed customers with [Software Assurance](https://www.microsoft.com/licensing/licensing-programs/software-assurance-default.aspx), as well as via the Azure Marketplace or other cloud/hosting service providers and loyalty programs such as Visual Studio Subscriptions.
> [!Note]
> **The current Semi-Annual Channel release is Windows Server, version 1903**. If you want to put servers in this channel, you should install Windows Server, version 1903, which can be installed in Server Core mode or as Nano Server run in a container. In-place upgrades from a long-term servicing channel release aren't supported because they are in **different release channels**. Semi-Annual Channel releases aren't updates – it's the next Windows Server release in the Semi-Annual Channel.
@@ -78,9 +78,9 @@ You've likely already chosen to use at least one of these options based on your
Semi-Annual Channel releases should be installed as a clean installation.
-- Volume Licensing Service Center (VLSC): Volume-licensed customers with [Software Assurance](https://www.microsoft.com/en-us/licensing/licensing-programs/software-assurance-default.aspx) can obtain this release by going to the [Volume Licensing Service Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx) and clicking **Sign In**. Then click **Downloads and Keys** and search for this release.
+- Volume Licensing Service Center (VLSC): Volume-licensed customers with [Software Assurance](https://www.microsoft.com/licensing/licensing-programs/software-assurance-default.aspx) can obtain this release by going to the [Volume Licensing Service Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx) and clicking **Sign In**. Then click **Downloads and Keys** and search for this release.
-- Semi-Annual Channel releases are also available in [Microsoft Azure](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/Microsoft.WindowsServer?tab=Overview).
+- Semi-Annual Channel releases are also available in [Microsoft Azure](https://azuremarketplace.microsoft.com/marketplace/apps/Microsoft.WindowsServer?tab=Overview).
- Visual Studio Subscriptions: Visual Studio Subscribers can obtain Semi-Annual Channel releases by downloading them from the [Visual Studio Subscriber download page](https://my.visualstudio.com/downloads?pid=2347). If you are not already a subscriber, go to [Visual Studio Subscriptions](https://www.visualstudio.com/subscriptions/) to sign up, and then visit the [Visual Studio Subscriber download page](https://my.visualstudio.com/downloads?pid=2347) as above. Releases obtained through Visual Studio Subscriptions are for development and testing only.
diff --git a/WindowsServerDocs/get-started/Deploy-Nano-Server.md b/WindowsServerDocs/get-started/Deploy-Nano-Server.md
index 2ae2b7736e..4d87122005 100644
--- a/WindowsServerDocs/get-started/Deploy-Nano-Server.md
+++ b/WindowsServerDocs/get-started/Deploy-Nano-Server.md
@@ -26,9 +26,9 @@ This topic covers information you need to deploy Nano Server images that are mor
The Nano Server Image Builder is a tool that helps you create a custom Nano Server image and bootable USB media with the aid of a graphical interface. Based on the inputs you provide, it generates reusable PowerShell scripts that allow you easily automate consistent installations of Nano Server running either Windows Server 2016 Datacenter or Standard editions.
-Obtain the tool from the [Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=54065).
+Obtain the tool from the [Download Center](https://www.microsoft.com/download/details.aspx?id=54065).
-The tool also requires [Windows Assessment and Deployment Kit (ADK)](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit).
+The tool also requires [Windows Assessment and Deployment Kit (ADK)](https://developer.microsoft.comwindows/hardware/windows-assessment-deployment-kit).
Nano Server Image Builder creates customized Nano Server images in VHD, VHDX or ISO formats and can create bootable USB media to deploy Nano server or detect the hardware configuration of a server. It also can do the following:
@@ -603,7 +603,7 @@ Put this Unattend.xml file into the C:\NanoServer folder, and then use the follo
**dism\dismmedia:.\mountdir /Apply-Unattend:.\unattend.xml**
-Create a "Panther" folder (used by Windows systems for storing files during setup; see [Windows 7, Windows Server 2008 R2, and Windows Vista setup log file locations](https://support.microsoft.com/en-us/kb/927521) if you're curious), copy the Unattend.xml file to it, and then unmount the VHD with these commands:
+Create a "Panther" folder (used by Windows systems for storing files during setup; see [Windows 7, Windows Server 2008 R2, and Windows Vista setup log file locations](https://support.microsoft.com/kb/927521) if you're curious), copy the Unattend.xml file to it, and then unmount the VHD with these commands:
**md .\mountdir\windows\panther**
diff --git a/WindowsServerDocs/get-started/Developing-PowerShell-Cmdlets-for-Nano-Server.md b/WindowsServerDocs/get-started/Developing-PowerShell-Cmdlets-for-Nano-Server.md
index 10b167859b..a47d832ce6 100644
--- a/WindowsServerDocs/get-started/Developing-PowerShell-Cmdlets-for-Nano-Server.md
+++ b/WindowsServerDocs/get-started/Developing-PowerShell-Cmdlets-for-Nano-Server.md
@@ -145,7 +145,7 @@ The module "Microsoft.PowerShell.NanoServer.SDK" is available in the [PowerShell
The PowerShell Core SDK module exposes cmdlets to set up the correct CoreCLR and PowerShell Core reference assemblies, create a C# project in Visual Studio 2015 targeting those reference assemblies, and set up the remote debugger on a Nano Server machine so that developers can debug their .NET cmdlets running on Nano Server remotely in Visual Studio 2015.
-The PowerShell Core SDK module requires Visual Studio 2015 Update 2. If you do not have Visual Studio 2015 installed, you can install [Visual Studio Community 2015](https://www.visualstudio.com/en-us/products/visual-studio-community-vs.aspx).
+The PowerShell Core SDK module requires Visual Studio 2015 Update 2. If you do not have Visual Studio 2015 installed, you can install [Visual Studio Community 2015](https://www.visualstudio.com/products/visual-studio-community-vs.aspx).
The SDK module also depends on the following feature to be installed in Visual Studio 2015:
diff --git a/WindowsServerDocs/get-started/Getting-Started-with-Nano-Server.md b/WindowsServerDocs/get-started/Getting-Started-with-Nano-Server.md
index b301cbd20c..17622e7599 100644
--- a/WindowsServerDocs/get-started/Getting-Started-with-Nano-Server.md
+++ b/WindowsServerDocs/get-started/Getting-Started-with-Nano-Server.md
@@ -52,7 +52,7 @@ Because Nano Server is optimized as a lightweight operating system for running
- Nano Server is supported only on the Current Branch for Business (CBB) model--there is no Long-Term Servicing Branch (LTSB) release for Nano Server at this time. See the following subsection for more information.
### Current Branch for Business
-Nano Server is serviced with a more active model, called Current Branch for Business (CBB), in order to support customers who are moving at a “cloud cadence," using rapid development cycles. In this model, feature update releases of Nano Server are expected two to three times per year. This model requires [Software Assurance](https://www.microsoft.com/en-us/licensing/licensing-programs/software-assurance-default.aspx) for Nano Servers deployed and operated in production. To maintain support, administrators must stay no more than two CBB releases behind. However, these releases do not auto-update existing deployments; administrators perform manual installation of a new CBB release at their convenience. For some additional information, see [Windows Server 2016 new Current Branch for Business servicing option](https://blogs.technet.microsoft.com/windowsserver/2016/07/12/windows-server-2016-new-current-branch-for-business-servicing-option/).
+Nano Server is serviced with a more active model, called Current Branch for Business (CBB), in order to support customers who are moving at a “cloud cadence," using rapid development cycles. In this model, feature update releases of Nano Server are expected two to three times per year. This model requires [Software Assurance](https://www.microsoft.com/licensing/licensing-programs/software-assurance-default.aspx) for Nano Servers deployed and operated in production. To maintain support, administrators must stay no more than two CBB releases behind. However, these releases do not auto-update existing deployments; administrators perform manual installation of a new CBB release at their convenience. For some additional information, see [Windows Server 2016 new Current Branch for Business servicing option](https://blogs.technet.microsoft.com/windowsserver/2016/07/12/windows-server-2016-new-current-branch-for-business-servicing-option/).
The Server Core and Server with Desktop Experience installation options are still serviced on the [Long-Term Servicing Branch (LTSB) model](https://support.microsoft.com/lifecycle#gp%2Fgp_msl_policy), comprising 5 years of mainstream support and 5 years of extended support.
diff --git a/WindowsServerDocs/get-started/KMSclientkeys.md b/WindowsServerDocs/get-started/KMSclientkeys.md
index f578661742..321226609b 100644
--- a/WindowsServerDocs/get-started/KMSclientkeys.md
+++ b/WindowsServerDocs/get-started/KMSclientkeys.md
@@ -31,9 +31,9 @@ prompt on the client, type **slmgr /ipk \** and then press **Enter**
| If you want to… | …use these resources |
|--------------------|------------------------|
| Activate Windows outside of a volume-activation scenario (that is, you're trying to activate a retail version of Windows), **these keys will not work**. | Use these links for retail versions of Windows: |
-| Fix this error that you get when you try to activate a Windows 8.1, Windows Server 2012 R2 or newer system: “Error: 0xC004F050 The Software Licensing Service reported that the product key is invalid”… | [Install this update](https://support.microsoft.com/en-us/help/3172614/july-2016-update-rollup-for-windows-8-1-and-windows-server-2012-r2) on the KMS host if it is running Windows 8.1, Windows Server 2012 R2, Windows 8, or Windows Server 2012. |
+| Fix this error that you get when you try to activate a Windows 8.1, Windows Server 2012 R2 or newer system: “Error: 0xC004F050 The Software Licensing Service reported that the product key is invalid”… | [Install this update](https://support.microsoft.com/help/3172614/july-2016-update-rollup-for-windows-8-1-and-windows-server-2012-r2) on the KMS host if it is running Windows 8.1, Windows Server 2012 R2, Windows 8, or Windows Server 2012. |
-- [Get Windows 10](https://www.microsoft.com/en-us/windows/get-windows-10)
+- [Get Windows 10](https://www.microsoft.com/windows/get-windows-10)
- [Get a new Windows product key](https://support.microsoft.com/help/10749/windows-product-key)
@@ -71,7 +71,7 @@ prompt on the client, type **slmgr /ipk \** and then press **Enter**
## Windows 10, all supported Semi-Annual Channel versions
-See the [Windows lifecycle fact sheet](https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet) for information about supported versions and end of service dates.
+See the [Windows lifecycle fact sheet](https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet) for information about supported versions and end of service dates.
| Operating system edition | KMS Client Setup Key |
|-----------------------------------|-------------------------------|
diff --git a/WindowsServerDocs/get-started/Recommendations-moving-to-Server2016.md b/WindowsServerDocs/get-started/Recommendations-moving-to-Server2016.md
index bbe55b0ef1..387e9ff1af 100644
--- a/WindowsServerDocs/get-started/Recommendations-moving-to-Server2016.md
+++ b/WindowsServerDocs/get-started/Recommendations-moving-to-Server2016.md
@@ -23,8 +23,8 @@ ms.localizationpriority: medium
|If you are running:|Windows Server 2012 R2 or Windows Server 2012|Windows Server 2008 R2 or Windows Server 2008|
|-------------------|----------|--------------|--------------|---------------------------------------|
|**Windows Server role infrastructure**|Choose either upgrade or migration depending on [specific role guidance](https://technet.microsoft.com/windowsserver/jj554790).|- To take advantage of new features in Windows Server 2016, deploy new hardware, or install Windows Server 2016 in a virtual machine on an existing host. Some new features work best on a Windows Server 2016 physical host running Hyper-V.
- Follow [specific role guidance](https://technet.microsoft.com/windowsserver/jj554790).|
-|**Microsoft server management and application workloads**|- Application upgrades should include *migration* to Windows Server 2016. See the [compatibility list](Server-Application-Compatibility.md).
- Upgrades to Windows Server 2016 only (i.e., without upgrading applications) should use application-specific guidance.|- To take advantage of new features in Windows Server 2016, deploy new hardware, or install Windows Server 2016 in a virtual machine on an existing host. Some new features work best on a Windows Server 2016 physical host running Hyper-V. Follow migration guides as applicable.
- Or, remain on your current OS and run in a virtual machine running on a Windows Server 2016 host, or Microsoft Azure. Contact your EA reseller, TAM, or Microsoft for extended support options through [Software Assurance](https://www.microsoft.com/en-us/Licensing/licensing-programs/software-assurance-default.aspx).|
-|**ISV application workloads**|- Upgrades to Windows Server 2016 should use application-specific guidance.
- For more information on Windows Server compatibility with non-Microsoft applications, visit the [Windows Server Logo Certification portal](https://msdn.microsoft.com/enterprisecloudcertified).|- To take advantage of new features in Windows Server 2016, deploy new hardware, or install Windows Server 2016 in a virtual machine on an existing host. Some new features work best on a Windows Server 2016 physical host running Hyper-V. Follow migration guides as applicable.
- Or, remain on your current OS and run in a virtual machine running on a Windows Server 2016 host, or Microsoft Azure. Contact your EA reseller, TAM, or Microsoft for extended support options through [Software Assurance](https://www.microsoft.com/en-us/Licensing/licensing-programs/software-assurance-default.aspx).|
+|**Microsoft server management and application workloads**|- Application upgrades should include *migration* to Windows Server 2016. See the [compatibility list](Server-Application-Compatibility.md).
- Upgrades to Windows Server 2016 only (i.e., without upgrading applications) should use application-specific guidance.|- To take advantage of new features in Windows Server 2016, deploy new hardware, or install Windows Server 2016 in a virtual machine on an existing host. Some new features work best on a Windows Server 2016 physical host running Hyper-V. Follow migration guides as applicable.
- Or, remain on your current OS and run in a virtual machine running on a Windows Server 2016 host, or Microsoft Azure. Contact your EA reseller, TAM, or Microsoft for extended support options through [Software Assurance](https://www.microsoft.com/Licensing/licensing-programs/software-assurance-default.aspx).|
+|**ISV application workloads**|- Upgrades to Windows Server 2016 should use application-specific guidance.
- For more information on Windows Server compatibility with non-Microsoft applications, visit the [Windows Server Logo Certification portal](https://msdn.microsoft.com/enterprisecloudcertified).|- To take advantage of new features in Windows Server 2016, deploy new hardware, or install Windows Server 2016 in a virtual machine on an existing host. Some new features work best on a Windows Server 2016 physical host running Hyper-V. Follow migration guides as applicable.
- Or, remain on your current OS and run in a virtual machine running on a Windows Server 2016 host, or Microsoft Azure. Contact your EA reseller, TAM, or Microsoft for extended support options through [Software Assurance](https://www.microsoft.com/Licensing/licensing-programs/software-assurance-default.aspx).|
|**Custom application workloads**|- Consult with application developers on compatibility with Windows Server 2016 and upgrade guidance.
- Leverage Microsoft Azure to test application on Windows Server 2016 prior to switch.
- See complete options in the next section.|- Consult with your application developers on compatibility with Windows Server 2016 and upgrade guidance.
- Leverage Microsoft Azure to test your application on Windows Server 2016 prior to switch.
- To take advantage of new features in Windows Server 2016, deploy new hardware, or install Windows Server 2016 in a virtual machine on an existing host. Some new features work best on a Windows Server 2016 physical host running Hyper-V.
- See complete options in the next section.|
## Complete options for moving servers running custom or "in-house" applications on older versions of Windows Server to Windows Server 2016
@@ -43,7 +43,7 @@ There are more options than ever before to help you and your customers take adva
- If you already have Software Assurance for Windows Server, save money by deploying with the [Azure Hybrid Use Benefit](https://azure.microsoft.com/pricing/hybrid-use-benefit/).
-- The [Software Assurance](https://www.microsoft.com/en-us/Licensing/licensing-programs/software-assurance-default.aspx) program for Windows Server provides new version rights benefits. Along with a list of other benefits, servers with Software Assurance can be upgraded to the latest version of Window Server when the time is right, without having to purchase a new license.
+- The [Software Assurance](https://www.microsoft.com/Licensing/licensing-programs/software-assurance-default.aspx) program for Windows Server provides new version rights benefits. Along with a list of other benefits, servers with Software Assurance can be upgraded to the latest version of Window Server when the time is right, without having to purchase a new license.
## Additional resources
diff --git a/WindowsServerDocs/get-started/Server-Application-Compatibility.md b/WindowsServerDocs/get-started/Server-Application-Compatibility.md
index 42ede01af3..e984971c7a 100644
--- a/WindowsServerDocs/get-started/Server-Application-Compatibility.md
+++ b/WindowsServerDocs/get-started/Server-Application-Compatibility.md
@@ -27,7 +27,7 @@ For customers and software vendor partners looking for more information on Windo
|-------------------------------------|--------------------------------------------|-------------------|
|Microsoft SQL Server 2012|Yes| [Hardware and Software Requirements for Installing SQL Server 2012](https://msdn.microsoft.com/library/ms143506(v=sql.110).aspx)|
|Microsoft SQL Server 2014|Yes|[Hardware and Software Requirements for Installing SQL Server 2014](https://msdn.microsoft.com/library/ms143506(SQL.120).aspx)|
-|Microsoft SQL Server 2016| Yes| [SQL Server 2016](https://www.microsoft.com/en-us/cloud-platform/sql-server)|
+|Microsoft SQL Server 2016| Yes| [SQL Server 2016](https://www.microsoft.com/cloud-platform/sql-server)|
|Microsoft System Center Virtual Machine Manager 2016| Yes| [What's New in System Center](https://technet.microsoft.com/system-center-docs/get-started/what-s-new-in-system-center)|
|Microsoft System Center Operations Manager 2016| Yes| [What's New in System Center](https://technet.microsoft.com/system-center-docs/get-started/what-s-new-in-system-center)|
|Microsoft System Center Data Protection Manager 2016| Yes| [What's New in System Center](https://technet.microsoft.com/system-center-docs/get-started/what-s-new-in-system-center)|
@@ -35,7 +35,7 @@ For customers and software vendor partners looking for more information on Windo
|SharePoint Server 2016| Yes| [Hardware and software requirements for SharePoint Server 2016](https://technet.microsoft.com/library/cc262485(v=office.16).aspx)|
|Project Server 2016| Yes| [Software requirements for Project Server 2016](https://technet.microsoft.com/library/ee683978(v=office.16).aspx)|
|Exchange Server 2016| Yes| [Updates for Exchange 2016](https://technet.microsoft.com/library/jj907309(v=exchg.160).aspx)|
-|Biztalk Server 2016| Yes| [Microsoft BizTalk Server](https://www.microsoft.com/en-us/cloud-platform/biztalk)|
+|Biztalk Server 2016| Yes| [Microsoft BizTalk Server](https://www.microsoft.com/cloud-platform/biztalk)|
|Host Integration Server 2016| Yes| [What's New in HIS 2016](https://msdn.microsoft.com/library/mt670807.aspx)|
|Visual Studio Team Foundation Server 2017| Yes| [Team Foundation Server 2017](https://www.visualstudio.com/news/releasenotes/tfs2017-relnotes)|
|Skype for Business Server 2015| Yes| [How to install Skype for Business Server 2015 on Windows Server 2016](https://support.microsoft.com/en-gb/help/4015888/how-to-install-skype-for-business-server-2015-on-windows-server-2016)|
diff --git a/WindowsServerDocs/get-started/Update-Nano-Server.md b/WindowsServerDocs/get-started/Update-Nano-Server.md
index 721198df90..b5816ec6ee 100644
--- a/WindowsServerDocs/get-started/Update-Nano-Server.md
+++ b/WindowsServerDocs/get-started/Update-Nano-Server.md
@@ -24,7 +24,7 @@ Nano Server offers a variety of methods for staying up to date. Compared to othe
> [!NOTE]
> If you install an optional Nano Server package from media or online repository, it won't have recent security fixes included. To avoid a version mismatch between the optional packages and base operating system, you should install the latest cumulative update immediately after installing any optional packages and **before** restarting the server.
-In the case of the Cumulative Update for Windows Server 2016: September 26, 2016 ([KB3192366](https://support.microsoft.com/en-us/kb/3192366)), you should first install the latest Servicing Stack Update for Windows 10 Version 1607: August 23, 2016 as a prerequisite ([KB3176936](https://support.microsoft.com/en-us/kb/3176936)). For most of the options below, you need the .msu files containing the .cab update packages. Visit the Microsoft Update Catalog to download each of these update packages:
+In the case of the Cumulative Update for Windows Server 2016: September 26, 2016 ([KB3192366](https://support.microsoft.com/kb/3192366)), you should first install the latest Servicing Stack Update for Windows 10 Version 1607: August 23, 2016 as a prerequisite ([KB3176936](https://support.microsoft.com/kb/3176936)). For most of the options below, you need the .msu files containing the .cab update packages. Visit the Microsoft Update Catalog to download each of these update packages:
- [https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB3192366](https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB3192366)
- [https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB3176936](https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB3176936)
@@ -44,7 +44,7 @@ After downloading the .msu files from the Microsoft Update Catalog, save them to
Now you can use the extracted .cab files to apply the updates to a Nano Server image in a few different ways, depending on your needs. The following options are presented in no particular order of preference - use the option that makes the most sense for your environment.
> [!NOTE]
-> When using the DISM tools to service Nano Server, you must use a version of DISM that is the same as or newer than the version of Nano Server you're servicing. You can achieve this by running DISM from a matching version of Windows, installing a matching version of the [Windows Asssessment and Deployment Kit (ADK)](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit), or running DISM on Nano Server itself.
+> When using the DISM tools to service Nano Server, you must use a version of DISM that is the same as or newer than the version of Nano Server you're servicing. You can achieve this by running DISM from a matching version of Windows, installing a matching version of the [Windows Asssessment and Deployment Kit (ADK)](https://developer.microsoft.comwindows/hardware/windows-assessment-deployment-kit), or running DISM on Nano Server itself.
## Option 1: Integrate a cumulative update into a new image
If you are building a new Nano Server image, you can integrate the latest cumulative update directly into the image so that it's fully patched on first boot.
diff --git a/WindowsServerDocs/get-started/Windows-Server-2016-GA-Release-Notes.md b/WindowsServerDocs/get-started/Windows-Server-2016-GA-Release-Notes.md
index ca80b7a51f..4ab12047d5 100644
--- a/WindowsServerDocs/get-started/Windows-Server-2016-GA-Release-Notes.md
+++ b/WindowsServerDocs/get-started/Windows-Server-2016-GA-Release-Notes.md
@@ -36,7 +36,7 @@ To avoid this, after the first boot, set the print spooler to disabled.
## Containers
[comment]: # (ID: 371; Submitter: taylorb; state: signed off)
-- Before you use containers, install [Servicing stack update for Windows 10 Version 1607: August 23, 2016](https://support.microsoft.com/en-us/kb/3176936) or any later updates that are available. Otherwise, a number of problems can occur, including failures in building, starting, or running containers, and errors similar to "CreateProcess failed in Win32: The RPC server is unavailable."
+- Before you use containers, install [Servicing stack update for Windows 10 Version 1607: August 23, 2016](https://support.microsoft.com/kb/3176936) or any later updates that are available. Otherwise, a number of problems can occur, including failures in building, starting, or running containers, and errors similar to "CreateProcess failed in Win32: The RPC server is unavailable."
[comment]: # (ID: 373; Submitter: plang; state: signed off)
- The NanoServerPackage OneGet provider does not work in Windows Containers. To work around this, use Find-NanoServerPackage and Save-NanoServerPackage on a different computer (not a container) to download the needed package. Then copy the packages into the container and install them.
diff --git a/WindowsServerDocs/get-started/activation-error-codes.md b/WindowsServerDocs/get-started/activation-error-codes.md
index 6ecd13bb24..ec0082e866 100644
--- a/WindowsServerDocs/get-started/activation-error-codes.md
+++ b/WindowsServerDocs/get-started/activation-error-codes.md
@@ -22,7 +22,7 @@ For more information about volume activation, see [Plan for volume activation](h
For more information about volume activation for current and recent versions of Windows, see [Volume Activation [client]](https://docs.microsoft.com/windows/deployment/volume-activation/volume-activation-windows-10).
-For more information about volume activation for older versions of Windows, see KB 929712, [Volume Activation information for Windows Vista, Windows Server 2008, Windows Server 2008 R2 and Windows 7](https://support.microsoft.com/en-us/help/929712/volume-activation-information-for-windows-vista-windows-server-2008-wi).
+For more information about volume activation for older versions of Windows, see KB 929712, [Volume Activation information for Windows Vista, Windows Server 2008, Windows Server 2008 R2 and Windows 7](https://support.microsoft.com/help/929712/volume-activation-information-for-windows-vista-windows-server-2008-wi).
## Diagnostic tool
@@ -189,7 +189,7 @@ The MAK is not supported.
#### Resolution
-To troubleshoot this issue, verify that the MAK that you are using is the MAK that was provided by Microsoft. To verify that the MAK is valid, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/en-us/Licensing/existing-customer/activation-centers).
+To troubleshoot this issue, verify that the MAK that you are using is the MAK that was provided by Microsoft. To verify that the MAK is valid, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/Licensing/existing-customer/activation-centers).
### 0xC004C001 The activation server determined the specified product key is invalid
@@ -199,7 +199,7 @@ The MAK that you entered is not valid.
#### Resolution
-Verify that the key is the MAK that was provided by Microsoft. For additional assistance, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/en-us/Licensing/existing-customer/activation-centers).
+Verify that the key is the MAK that was provided by Microsoft. For additional assistance, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/Licensing/existing-customer/activation-centers).
### 0xC004C003 The activation server determined the specified product key is blocked
@@ -209,7 +209,7 @@ The MAK is blocked on the activation server.
#### Resolution
-To obtain a new MAK, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/en-us/Licensing/existing-customer/activation-centers). After you obtain the new MAK, try installing and activating Windows again.
+To obtain a new MAK, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/Licensing/existing-customer/activation-centers). After you obtain the new MAK, try installing and activating Windows again.
### 0xC004C008 The activation server determined that the specified product key could not be used
@@ -219,7 +219,7 @@ The KMS key has exceeded its activation limit. A KMS host key can be activated u
#### Resolution
-If you require additional activations, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/en-us/Licensing/existing-customer/activation-centers).
+If you require additional activations, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/Licensing/existing-customer/activation-centers).
### 0xC004C020 The activation server reported that the Multiple Activation Key has exceeded its limit
@@ -229,7 +229,7 @@ The MAK has exceeded its activation limit. By design, MAKs can be activated a li
#### Resolution
-If you require additional activations, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/en-us/Licensing/existing-customer/activation-centers).
+If you require additional activations, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/Licensing/existing-customer/activation-centers).
### 0xC004C021 The activation server reported that the Multiple Activation Key extension limit has been exceeded
@@ -239,7 +239,7 @@ The MAK has exceeded its activation limit. By design, MAKs activate a limited nu
#### Resolution
-If you need additional activations, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/en-us/Licensing/existing-customer/activation-centers).
+If you need additional activations, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/Licensing/existing-customer/activation-centers).
### 0xC004F009 The Software Protection Service reported that the grace period expired
@@ -249,7 +249,7 @@ The grace period expired before the system was activated. Now, the system is in
#### Resolution
-For assistance, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/en-us/Licensing/existing-customer/activation-centers).
+For assistance, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/Licensing/existing-customer/activation-centers).
### 0xC004F00F The Software Licensing Server reported that the hardware ID binding is beyond level of tolerance
@@ -306,7 +306,7 @@ In order to activate, you need to do one of the following:
> If you receive error 0x80072ee2 when you attempt to activate, use the phone activation method that follows instead.
- Activate by phone by following these steps:
1. Run **slmgr /dti** and then record the value of the Installation ID.
- 1. Contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/en-us/Licensing/existing-customer/activation-centers) and provide the Installation ID in order to receive a Confirmation ID.
+ 1. Contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/Licensing/existing-customer/activation-centers) and provide the Installation ID in order to receive a Confirmation ID.
1. To activate by using the Confirmation ID, run **slmgr /atp <Confirmation ID>**.
### 0xC004F038 The count reported by your Key Management Service (KMS) is insufficient
@@ -388,7 +388,7 @@ Windows Activation Tools (WAT) has determined that the system is not genuine.
#### Resolution
-For assistance, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/en-us/Licensing/existing-customer/activation-centers).
+For assistance, contact the [Microsoft Licensing Activation Centers](https://www.microsoft.com/Licensing/existing-customer/activation-centers).
### 0xC004F065 The Software Protection Service reported that the application is running within the valid non-genuine period
diff --git a/WindowsServerDocs/get-started/common-troubleshooting-procedures-kms-dns.md b/WindowsServerDocs/get-started/common-troubleshooting-procedures-kms-dns.md
index 0748ecf8bd..cbf0d3d8ee 100644
--- a/WindowsServerDocs/get-started/common-troubleshooting-procedures-kms-dns.md
+++ b/WindowsServerDocs/get-started/common-troubleshooting-procedures-kms-dns.md
@@ -84,7 +84,7 @@ Verify basic IP connectivity to the DNS server by using the ping command. To do
Check the registry of the KMS host server to determine whether it is registering with DNS. By default, a KMS host server dynamically registers a DNS SRV record one time every 24 hours.
> [!IMPORTANT]
-> Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, [back up the registry for restoration](https://support.microsoft.com/en-us/help/322756) in case problems occur.
+> Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, [back up the registry for restoration](https://support.microsoft.com/help/322756) in case problems occur.
To check this setting, follow these steps:
1. Start Registry Editor. To do this, right-click **Start**, select **Run**, type **regedit**, and then press Enter.
diff --git a/WindowsServerDocs/get-started/whats-new-in-windows-server-2016.md b/WindowsServerDocs/get-started/whats-new-in-windows-server-2016.md
index d8752398bb..9737acf061 100644
--- a/WindowsServerDocs/get-started/whats-new-in-windows-server-2016.md
+++ b/WindowsServerDocs/get-started/whats-new-in-windows-server-2016.md
@@ -189,7 +189,7 @@ Three new features are added in Microsoft Windows 10 and Windows Server 2016:
- The DSN name limit is enlarged from 256 bytes to 3072 bytes. See [IDtcToXaHelperFactory::Create](https://msdn.microsoft.com/library/ms686861(v=vs.85).aspx), [IDtcToXaHelperSinglePipe::XARMCreate](https://msdn.microsoft.com/library/ms679248(v=vs.85).aspx), or [IDtcToXaMapper::RequestNewResourceManager](https://msdn.microsoft.com/library/ms680310(v=vs.85).aspx) for details.
-- Improved tracing allowing you to set a registry key to include an image file path in the trace log file name so you can tell which trace log file to check. See [How to enable diagnostic tracing for MS DTC on a Windows-based computer](https://support.microsoft.com/en-us/kb/926099) for details on configuring tracing for MSDTC.
+- Improved tracing allowing you to set a registry key to include an image file path in the trace log file name so you can tell which trace log file to check. See [How to enable diagnostic tracing for MS DTC on a Windows-based computer](https://support.microsoft.com/kb/926099) for details on configuring tracing for MSDTC.
diff --git a/WindowsServerDocs/get-started/windows-server-1803-removed-features.md b/WindowsServerDocs/get-started/windows-server-1803-removed-features.md
index a9e9d2c025..b67c1973b5 100644
--- a/WindowsServerDocs/get-started/windows-server-1803-removed-features.md
+++ b/WindowsServerDocs/get-started/windows-server-1803-removed-features.md
@@ -27,7 +27,7 @@ We've removed the following features and functionalities from the installed prod
| Feature | Instead you can use... |
| ----------- | -------------------- |
-| [File Replication Service](https://support.microsoft.com/en-us/help/4025991/windows-server-version-1709-no-longer-supports-frs)|File Replication Services, introduced in Windows Server 2003 R2, has been replaced by DFS Replication. You need to [migrate any domain controllers that user FRS to DFS Replication with SYSVOL](https://blogs.technet.microsoft.com/filecab/2014/06/25/streamlined-migration-of-frs-to-dfsr-sysvol/). |
+| [File Replication Service](https://support.microsoft.com/help/4025991/windows-server-version-1709-no-longer-supports-frs)|File Replication Services, introduced in Windows Server 2003 R2, has been replaced by DFS Replication. You need to [migrate any domain controllers that user FRS to DFS Replication with SYSVOL](https://blogs.technet.microsoft.com/filecab/2014/06/25/streamlined-migration-of-frs-to-dfsr-sysvol/). |
| Hyper-V Network Virtualization (HNV)|[Network Virtualization](../networking/sdn/technologies/hyper-v-network-virtualization/whats-new-hyperv-network-virtualization-windows-server.md) is now included in Windows Server as part of the [Software Defined Networking](../networking/sdn/software-defined-networking.md) (SDN) solution, which also includes the Network Controller, Software Load Balancing, User-Defined Routing, and Access Control Lists. |
## Features we're no longer developing
diff --git a/WindowsServerDocs/hyperconverged/TOC.md b/WindowsServerDocs/hyperconverged/TOC.md
index 4a942b370e..d79e3126c0 100644
--- a/WindowsServerDocs/hyperconverged/TOC.md
+++ b/WindowsServerDocs/hyperconverged/TOC.md
@@ -6,4 +6,4 @@
## [Windows Admin Center](../manage/windows-admin-center/overview.md)
## [Connect to Azure](../azure-hybrid-services/index.md)
## [Azure Stack HCI](https://docs.microsoft.com/azure-stack/operator/azure-stack-hci-overview)
-## [Windows Server Software-Defined (WSSD)](https://www.microsoft.com/en-us/cloud-platform/software-defined-datacenter)
+## [Windows Server Software-Defined (WSSD)](https://www.microsoft.com/cloud-platform/software-defined-datacenter)
diff --git a/WindowsServerDocs/identity/ad-ds/manage/Appendix-M--Document-Links-and-Recommended-Reading.md b/WindowsServerDocs/identity/ad-ds/manage/Appendix-M--Document-Links-and-Recommended-Reading.md
index 4e78daefe8..3dd2acc282 100644
--- a/WindowsServerDocs/identity/ad-ds/manage/Appendix-M--Document-Links-and-Recommended-Reading.md
+++ b/WindowsServerDocs/identity/ad-ds/manage/Appendix-M--Document-Links-and-Recommended-Reading.md
@@ -49,7 +49,7 @@ The following table contains a list of links to external documents and their URL
|[Personal Virtual Desktops](https://technet.microsoft.com/library/dd759174.aspx)|[https://technet.microsoft.com/library/dd759174.aspx](https://technet.microsoft.com/library/dd759174.aspx)|
|[Read-Only Domain Controller Planning and Deployment Guide](https://go.microsoft.com/fwlink/?LinkID=135993)|[https://technet.microsoft.com/library/cc771744(WS.10).aspx](https://technet.microsoft.com/library/cc771744(WS.10).aspx)|
|[Running Domain Controllers in Hyper-V](https://technet.microsoft.com/library/dd363553(v=ws.10).aspx)|[https://technet.microsoft.com/library/dd363553(v=ws.10).aspx](https://technet.microsoft.com/library/dd363553(v=ws.10).aspx)|
-|[Hyper-V Security Guide](https://www.microsoft.com/download/details.aspx?id=16650)|[https://www.microsoft.com/download/details.aspx?id=16650](https://www.microsoft.com/en-us/download/details.aspx?id=16650)|
+|[Hyper-V Security Guide](https://www.microsoft.com/download/details.aspx?id=16650)|[https://www.microsoft.com/download/details.aspx?id=16650](https://www.microsoft.com/download/details.aspx?id=16650)|
|[Ask the Directory Services Team](http://blogs.technet.com/b/askds/archive/2011/09/12/managing-rid-pool-depletion.aspx)|[http://blogs.technet.com/b/askds/archive/2011/09/12/managing-rid-pool-depletion.aspx](http://blogs.technet.com/b/askds/archive/2011/09/12/managing-rid-pool-depletion.aspx)|
|[How to configure a firewall for domains and trusts](https://support.microsoft.com/kb/179442)|[https://support.microsoft.com/kb/179442](https://support.microsoft.com/kb/179442)|
|[2009 Verizon Data Breach Report](http://www.verizonbusiness.com/resources/security/reports/2009_databreach_rp.pdf)|[http://www.verizonbusiness.com/resources/security/reports/2009_databreach_rp.pdf](http://www.verizonbusiness.com/resources/security/reports/2009_databreach_rp.pdf)|
@@ -159,7 +159,7 @@ The following table contains a list of links to external documents and their URL
|[Applying the Principle of Least Privilege to User Accounts on Windows](https://www.microsoft.com/download/details.aspx?id=4868)|[https://www.microsoft.com/download/details.aspx?id=4868](https://www.microsoft.com/download/details.aspx?id=4868)|
|[The Administrator Accounts Security Planning Guide](https://www.microsoft.com/download/details.aspx?id=19406)|[https://www.microsoft.com/download/details.aspx?id=19406](https://www.microsoft.com/download/details.aspx?id=19406)|
|[Best Practice Guide for Securing Active Directory Installations](https://www.microsoft.com/download/details.aspx?id=16755) for Windows Server 2003|[https://www.microsoft.com/download/details.aspx?id=16755](https://www.microsoft.com/download/details.aspx?id=16755)|
-|[Best Practices for Delegating Active Directory Administration](https://www.microsoft.com/download/details.aspx?id=21678) for Windows Server 2003|[https://www.microsoft.com/en-us/download/details.aspx?id=21678](https://www.microsoft.com/download/details.aspx?id=21678)|
+|[Best Practices for Delegating Active Directory Administration](https://www.microsoft.com/download/details.aspx?id=21678) for Windows Server 2003|[https://www.microsoft.com/download/details.aspx?id=21678](https://www.microsoft.com/download/details.aspx?id=21678)|
|[Microsoft Support Lifecycle](https://support.microsoft.com/lifecycle/)|[https://support.microsoft.com/common/international.aspx?RDPATH=%2flifecycle%2fdefault.aspx](https://support.microsoft.com/common/international.aspx?RDPATH=%2flifecycle%2fdefault.aspx)|
|[Active Directory Technical Specification](https://msdn.microsoft.com/library/cc223122(v=prot.20).aspx)|[https://msdn.microsoft.com/library/cc223122(v=prot.20).aspx](https://msdn.microsoft.com/library/cc223122(v=prot.20).aspx)|
|[Error message when nonadministrator users who have been delegated control try to join computers to a Windows Server 2003-based or a Windows Server 2008-based domain controller: "Access is denied"](https://support.microsoft.com/kb/932455)|[https://support.microsoft.com/kb/932455](https://support.microsoft.com/kb/932455)|
diff --git a/WindowsServerDocs/identity/ad-fs/deployment/Best-Practices-Securing-AD-FS.md b/WindowsServerDocs/identity/ad-fs/deployment/Best-Practices-Securing-AD-FS.md
index 745e44e827..6b10419a1e 100644
--- a/WindowsServerDocs/identity/ad-fs/deployment/Best-Practices-Securing-AD-FS.md
+++ b/WindowsServerDocs/identity/ad-fs/deployment/Best-Practices-Securing-AD-FS.md
@@ -60,7 +60,7 @@ TCP|49443 (TCP)|Used for certificate authentication.
For additional information on required ports and protocols required for hybrid deployments see the document [here](https://azure.microsoft.com/documentation/articles/active-directory-aadconnect-ports/).
-For detailed information about ports and protocols required for an Azure AD and Office 365 deployment, see the document [here](https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US).
+For detailed information about ports and protocols required for an Azure AD and Office 365 deployment, see the document [here](https://support.office.com/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US).
### Endpoints enabled
diff --git a/WindowsServerDocs/identity/ad-fs/deployment/Updates-for-Active-Directory-Federation-Services-AD-FS.md b/WindowsServerDocs/identity/ad-fs/deployment/Updates-for-Active-Directory-Federation-Services-AD-FS.md
index 934d8d67e2..b690d6c6c0 100644
--- a/WindowsServerDocs/identity/ad-fs/deployment/Updates-for-Active-Directory-Federation-Services-AD-FS.md
+++ b/WindowsServerDocs/identity/ad-fs/deployment/Updates-for-Active-Directory-Federation-Services-AD-FS.md
@@ -28,7 +28,7 @@ Updates for Windows Server 2016 are delivered monthly via Windows Update and are
|[4489889 (OS Build 14393.2879)](https://support.microsoft.com/help/4489889/windows-10-update-kb4489889) | Addresses an issue in Active Directory Federation Services (AD FS) that causes a duplicate relying party trust to appear in the AD FS management console. This occurs when you create or view relying party trusts using the AD FS management console. Addresses a high Active Directory Federation Services (ADFS) Web Application Proxy (WAP) latency issue (over 10,000ms) that occurs while Extranet Smart Lockout (ESL) is enabled on AD FS 2016. This security update addresses the vulnerability described in [CVE-2018-16794](https://nvd.nist.gov/vuln/detail/CVE-2018-16794). |March 2019|
|[4487006 (OS Build 14393.2828)](https://support.microsoft.com/help/4487006/windows-10-update-kb4487006) | Addresses an issue that causes updates to a relying party trust to fail when using PowerShell or the Active Directory Federation Services (AD FS) management console. This issue occurs if you configure a relying party trust to use an online metadata URL that publishes more than one PassiveRequestorEndpoint. The error is, “MSIS7615: The trusted endpoints specified in a relying party trust must be unique for that relying party trust.” Addresses an issue that displays a specific error message for external complexity password changes because of Azure Password Protection policies. |February 2019|
|[4462928 (OS Build 14393.2580)](https://support.microsoft.com/help/4462928/windows-10-update-kb4462928)|Addresses interoperation issues between Active Directory Federation Services (ADFS) Extranet Smart Lockout (ESL) and Alternate Login ID. When Alternate Login ID is enabled, calls to AD FS Powershell cmdlets, Get-AdfsAccountActivity and Reset-AdfsAccountLockout, return "Account not found" errors. When Set-AdfsAccountActivity is called, a new entry is added instead of editing an existing one.|October 2018|
-|[4343884 (OS Build 14393.2457)](https://support.microsoft.com/en-us/help/4343884/windows-10-update-kb4343884)|Addresses an Active Directory Federation Services (AD FS) issue where Multi-Factor Authentication does not work correctly with mobile devices that use custom culture definitions. Addresses an issue in Windows Hello for Business that causes a significant delay (15 seconds) in new user enrollment. This issue occurs when a hardware security module is used to store an ADFS Registration Authority (RA) certificate.|August 2018|
+|[4343884 (OS Build 14393.2457)](https://support.microsoft.com/help/4343884/windows-10-update-kb4343884)|Addresses an Active Directory Federation Services (AD FS) issue where Multi-Factor Authentication does not work correctly with mobile devices that use custom culture definitions. Addresses an issue in Windows Hello for Business that causes a significant delay (15 seconds) in new user enrollment. This issue occurs when a hardware security module is used to store an ADFS Registration Authority (RA) certificate.|August 2018|
|[4338822 (OS Build 14393.2395)](https://support.microsoft.com/help/4338822/windows-10-update-kb4338822)|Addresses an issue in AD FS that shows a duplicate Relying Party trust in the AD FS management console when creating or viewing Relying Party Trusts from the console.Addresses an issue in ADFS that causes Windows Hello for Business to fail. The issue occurs when there are two claim providers. PIN registration will fail with, "400 Internal Server Error: Unable to obtain device identifier." Addresses a WAP issue related to inactive connections that never end. This leads to system resource leaks (e.g., a memory leak) and to a WAP service that is no longer responsive. Addresses an AD FS issue that prevents users from selecting a different login option. This occurs when users choose to log in using Certificate Based Authentication, but it has not been configured. This also occurs if users select Certificate Based Authentication and then try to select another login option. If this happens, users will be redirected to the Certificate Based Authentication page until they close the browser.|July 2018|
|[4103720 (OS Build 14393.2273)](https://support.microsoft.com/help/4103720/windows-10-update-kb4103720)|Addresses an issue with ADFS that causes an IdP-initiated login to a SAML relying party to fail when PreventTokenReplays is enabled. Addresses an ADFS issue that occurs when OAUTH authenticates from a device or browser application. A user password change generates a failure and requires the user to exit the app or browser to log in. Addresses an issue where enabling Extranet Smart Lockout in UTC +1 and higher (Europe and Asia) did not work. Additionally, it causes normal Extranet Lockout to fail with the following error: Get-AdfsAccountActivity: DateTime values that are greater than DateTime.MaxValue or smaller than DateTime.MinValue when converted to UTC cannot be serialized to JSON.Addresses an ADFS Windows Hello for business issue in which new users are not able to provision their PIN. This occurs when no MFA provider is configured.|May 2018|
|[4093120 (OS Build 14393.2214)](https://support.microsoft.com/help/4093120/windows-10-update-kb4093120)| Addresses an unhandled refresh token validation issue. It generates the following error: “Microsoft.IdentityServer.Web.Protocols.OAuth.Exceptions.OAuthInvalidRefreshTokenException: MSIS9312: Received invalid OAuth refresh token. The refresh token was received earlier than the permitted time in the token.” |April 2018|
diff --git a/WindowsServerDocs/identity/ad-fs/development/ad-fs-openid-connect-oauth-concepts.md b/WindowsServerDocs/identity/ad-fs/development/ad-fs-openid-connect-oauth-concepts.md
index 0cc25a2cb1..ea5515a78c 100644
--- a/WindowsServerDocs/identity/ad-fs/development/ad-fs-openid-connect-oauth-concepts.md
+++ b/WindowsServerDocs/identity/ad-fs/development/ad-fs-openid-connect-oauth-concepts.md
@@ -52,7 +52,7 @@ While registering a resource in AD FS, scopes can be configured to allow AD FS t
- aza - If using [OAuth 2.0 Protocol Extensions for Broker Clients](https://docs.microsoft.com/openspecs/windows_protocols/ms-oapxbc/2f7d8875-0383-4058-956d-2fb216b44706) and if the scope parameter contains the scope "aza", the server issues a new primary refresh token and sets it in the refresh_token field of the response, as well as setting the refresh_token_expires_in field to the lifetime of the new primary refresh token if one is enforced.
- openid - Allows application to request use of the OpenID Connect authorization protocol.
-- logon_cert - The logon_cert scope allows an application to request logon certificates, which can be used to interactively logon authenticated users. The AD FS server omits the access_token parameter from the response and instead provides a base64-encoded CMS certificate chain or a CMC full PKI response. More details available [here](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-oapx/32ce8878-7d33-4c02-818b-6c9164cc731e).
+- logon_cert - The logon_cert scope allows an application to request logon certificates, which can be used to interactively logon authenticated users. The AD FS server omits the access_token parameter from the response and instead provides a base64-encoded CMS certificate chain or a CMC full PKI response. More details available [here](https://docs.microsoft.com/openspecs/windows_protocols/ms-oapx/32ce8878-7d33-4c02-818b-6c9164cc731e).
- user_impersonation - The user_impersonation scope is necessary to successfully request an on-behalf-of access token from AD FS. For details on how to use this scope refer to [Build a multi-tiered application using On-Behalf-Of (OBO) using OAuth with AD FS 2016](ad-fs-on-behalf-of-authentication-in-windows-server.md).
- allatclaims – The allatclaims scope allows the application to request claims in access token to be added in the ID Token as well.
- vpn_cert - The vpn_cert scope allows an application to request VPN certificates, which can be used to establish VPN connections using EAP-TLS authentication. This is not supported anymore.
diff --git a/WindowsServerDocs/identity/ad-fs/development/msal/adfs-msal-native-app-web-api.md b/WindowsServerDocs/identity/ad-fs/development/msal/adfs-msal-native-app-web-api.md
index d1d4afde89..4316008069 100644
--- a/WindowsServerDocs/identity/ad-fs/development/msal/adfs-msal-native-app-web-api.md
+++ b/WindowsServerDocs/identity/ad-fs/development/msal/adfs-msal-native-app-web-api.md
@@ -23,7 +23,7 @@ Before reading this article, you should be familiar with the [AD FS concepts](..
-In this flow you add authentication to your Native App (public client), which can therefore sign in users and calls a Web API. To call a Web API from a Native App that signs in users, you can use MSAL's [AcquireTokenInteractive](https://docs.microsoft.com/en-us/dotnet/api/microsoft.identity.client.ipublicclientapplication.acquiretokeninteractive?view=azure-dotnet#Microsoft_Identity_Client_IPublicClientApplication_AcquireTokenInteractive_System_Collections_Generic_IEnumerable_System_String__) token acquisition method. To enable this interaction, MSAL leverages a web browser.
+In this flow you add authentication to your Native App (public client), which can therefore sign in users and calls a Web API. To call a Web API from a Native App that signs in users, you can use MSAL's [AcquireTokenInteractive](https://docs.microsoft.com/dotnet/api/microsoft.identity.client.ipublicclientapplication.acquiretokeninteractive?view=azure-dotnet#Microsoft_Identity_Client_IPublicClientApplication_AcquireTokenInteractive_System_Collections_Generic_IEnumerable_System_String__) token acquisition method. To enable this interaction, MSAL leverages a web browser.
To better understand how to configure a Native App in ADFS to acquire access token interactively, let's use a sample available [here](https://github.com/microsoft/adfs-sample-msal-dotnet-native-to-webapi) and walkthrough the app registration and code configuration steps.
diff --git a/WindowsServerDocs/identity/ad-fs/development/msal/adfs-msal-web-api-web-api.md b/WindowsServerDocs/identity/ad-fs/development/msal/adfs-msal-web-api-web-api.md
index 4ca5436cac..4bc450abcf 100644
--- a/WindowsServerDocs/identity/ad-fs/development/msal/adfs-msal-web-api-web-api.md
+++ b/WindowsServerDocs/identity/ad-fs/development/msal/adfs-msal-web-api-web-api.md
@@ -21,7 +21,7 @@ Before reading this article, you should be familiar with the [AD FS concepts](..
- A client (Web App) - not represented on the diagram below - calls a protected Web API and provides a JWT bearer token in its "Authorization" Http header.
-- The protected Web API validates the token and uses the MSAL [AcquireTokenOnBehalfOf](https://docs.microsoft.com/en-us/dotnet/api/microsoft.identitymodel.clients.activedirectory.authenticationcontext.acquiretokenasync?view=azure-dotnet#Microsoft_IdentityModel_Clients_ActiveDirectory_AuthenticationContext_AcquireTokenAsync_System_String_Microsoft_IdentityModel_Clients_ActiveDirectory_ClientCredential_Microsoft_IdentityModel_Clients_ActiveDirectory_UserAssertion_) method to request (from AD FS) another token so that it can, itself, call a second web API (named the downstream web API) on behalf of the user.
+- The protected Web API validates the token and uses the MSAL [AcquireTokenOnBehalfOf](https://docs.microsoft.com/dotnet/api/microsoft.identitymodel.clients.activedirectory.authenticationcontext.acquiretokenasync?view=azure-dotnet#Microsoft_IdentityModel_Clients_ActiveDirectory_AuthenticationContext_AcquireTokenAsync_System_String_Microsoft_IdentityModel_Clients_ActiveDirectory_ClientCredential_Microsoft_IdentityModel_Clients_ActiveDirectory_UserAssertion_) method to request (from AD FS) another token so that it can, itself, call a second web API (named the downstream web API) on behalf of the user.
- The protected web API uses this token to call a downstream API. It can also call AcquireTokenSilentlater to request tokens for other downstream APIs (but still on behalf of the same user). AcquireTokenSilent refreshes the token when needed.
diff --git a/WindowsServerDocs/identity/ad-fs/development/msal/adfs-msal-web-app-web-api.md b/WindowsServerDocs/identity/ad-fs/development/msal/adfs-msal-web-app-web-api.md
index 017b91ac50..50f2c731f5 100644
--- a/WindowsServerDocs/identity/ad-fs/development/msal/adfs-msal-web-app-web-api.md
+++ b/WindowsServerDocs/identity/ad-fs/development/msal/adfs-msal-web-app-web-api.md
@@ -22,7 +22,7 @@ Before reading this article, you should be familiar with the [AD FS concepts](..
-In this flow you add authentication to your Web App (Server App), which can therefore sign in users and calls a web API. From the Web App, to call the Web API, use MSAL's [AcquireTokenByAuthorizationCode](https://docs.microsoft.com/en-us/dotnet/api/microsoft.identity.client.acquiretokenbyauthorizationcodeparameterbuilder?view=azure-dotnet) token acquisition method. You'll use the Authorization code flow, storing the acquired token in the token cache. Then the controller will acquire tokens silently from the cache when needed. MSAL refreshes the token if needed.
+In this flow you add authentication to your Web App (Server App), which can therefore sign in users and calls a web API. From the Web App, to call the Web API, use MSAL's [AcquireTokenByAuthorizationCode](https://docs.microsoft.com/dotnet/api/microsoft.identity.client.acquiretokenbyauthorizationcodeparameterbuilder?view=azure-dotnet) token acquisition method. You'll use the Authorization code flow, storing the acquired token in the token cache. Then the controller will acquire tokens silently from the cache when needed. MSAL refreshes the token if needed.
Web Apps that calls Web APIs:
diff --git a/WindowsServerDocs/identity/ad-fs/operations/Access-Control-Policies-in-AD-FS-2.md b/WindowsServerDocs/identity/ad-fs/operations/Access-Control-Policies-in-AD-FS-2.md
index 96dd6bfbd6..94ca34b207 100644
--- a/WindowsServerDocs/identity/ad-fs/operations/Access-Control-Policies-in-AD-FS-2.md
+++ b/WindowsServerDocs/identity/ad-fs/operations/Access-Control-Policies-in-AD-FS-2.md
@@ -19,7 +19,7 @@ To enable client access policy, follow the steps below.
### Step 1: Install the Update Rollup 2 for AD FS 2.0 package on your AD FS servers
-Download the [Update Rollup 2 for Active Directory Federation Services (AD FS) 2.0](https://support.microsoft.com/en-us/help/2681584/description-of-update-rollup-2-for-active-directory-federation-services-ad-fs-2.0) package and install it on all federation server and federation server proxies.
+Download the [Update Rollup 2 for Active Directory Federation Services (AD FS) 2.0](https://support.microsoft.com/help/2681584/description-of-update-rollup-2-for-active-directory-federation-services-ad-fs-2.0) package and install it on all federation server and federation server proxies.
### Step 2: Add five claim rules to the Active Directory Claims Provider trust
diff --git a/WindowsServerDocs/identity/ad-fs/operations/Configure-Device-Based-Conditional-Access-on-Premises.md b/WindowsServerDocs/identity/ad-fs/operations/Configure-Device-Based-Conditional-Access-on-Premises.md
index 5ef1655abf..89787167bf 100644
--- a/WindowsServerDocs/identity/ad-fs/operations/Configure-Device-Based-Conditional-Access-on-Premises.md
+++ b/WindowsServerDocs/identity/ad-fs/operations/Configure-Device-Based-Conditional-Access-on-Premises.md
@@ -27,7 +27,7 @@ The following per-requisites are required before you can begin with on-premises
|-----|-----
|An Azure AD subscription with Azure AD Premium | To enable device write back for on premises conditional access - [a free trial is fine](https://azure.microsoft.com/trial/get-started-active-directory/)
|Intune subscription|only required for MDM integration for device compliance scenarios -[a free trial is fine](https://portal.office.com/Signup/Signup.aspx?OfferId=40BE278A-DFD1-470a-9EF7-9F2596EA7FF9&dl=INTUNE_A&ali=1#0)
-|Azure AD Connect|November 2015 QFE or later. Get the latest version [here](https://www.microsoft.com/en-us/download/details.aspx?id=47594).
+|Azure AD Connect|November 2015 QFE or later. Get the latest version [here](https://www.microsoft.com/download/details.aspx?id=47594).
|Windows Server 2016|Build 10586 or newer for AD FS
|Windows Server 2016 Active Directory schema|Schema level 85 or higher is required.
|Windows Server 2016 domain controller|This is only required for Hello For Business key-trust deployments. Additional information can be found at [here](https://aka.ms/whfbdocs).
diff --git a/WindowsServerDocs/identity/ad-fs/operations/Configure-User-Certificate-Authentication.md b/WindowsServerDocs/identity/ad-fs/operations/Configure-User-Certificate-Authentication.md
index d220303cf3..97f060d20c 100644
--- a/WindowsServerDocs/identity/ad-fs/operations/Configure-User-Certificate-Authentication.md
+++ b/WindowsServerDocs/identity/ad-fs/operations/Configure-User-Certificate-Authentication.md
@@ -106,7 +106,7 @@ For more information see [this link](ad-fs-prompt-login.md).
### Additional Troubleshooting
These are rare occurrences
-1) If your CRL lists are very long, it may hit a time out when attempting to download. In that case you need to update the ‘MaxFieldLength' and ‘MaxRequestByte' as per https://support.microsoft.com/en-us/help/820129/http-sys-registry-settings-for-windows
+1) If your CRL lists are very long, it may hit a time out when attempting to download. In that case you need to update the ‘MaxFieldLength' and ‘MaxRequestByte' as per https://support.microsoft.com/help/820129/http-sys-registry-settings-for-windows
diff --git a/WindowsServerDocs/identity/ad-fs/operations/Configuring-Alternate-Login-ID.md b/WindowsServerDocs/identity/ad-fs/operations/Configuring-Alternate-Login-ID.md
index 7ac12e50d0..c4f222ff22 100644
--- a/WindowsServerDocs/identity/ad-fs/operations/Configuring-Alternate-Login-ID.md
+++ b/WindowsServerDocs/identity/ad-fs/operations/Configuring-Alternate-Login-ID.md
@@ -95,7 +95,7 @@ If you are using alternate login id with Exchange and Skype for Business, the us
>[!NOTE]
>For the best end-user experience, Microsoft recommends using Hybrid Modern Authentication.
-or more information see, [Hybrid Modern Authentication Overview](https://support.office.com/en-us/article/Hybrid-Modern-Authentication-overview-and-prerequisites-for-using-it-with-on-premises-Skype-for-Business-and-Exchange-servers-ef753b32-7251-4c9e-b442-1a5aec14e58d)
+or more information see, [Hybrid Modern Authentication Overview](https://support.office.com/article/Hybrid-Modern-Authentication-overview-and-prerequisites-for-using-it-with-on-premises-Skype-for-Business-and-Exchange-servers-ef753b32-7251-4c9e-b442-1a5aec14e58d)
### Pre-requisites for Exchange and Skype for Business
The following are pre-requisites for achieving SSO with alternate ID.
diff --git a/WindowsServerDocs/identity/ad-fs/operations/ad-fs-single-sign-on-settings.md b/WindowsServerDocs/identity/ad-fs/operations/ad-fs-single-sign-on-settings.md
index 9063a57d6d..48998671bc 100644
--- a/WindowsServerDocs/identity/ad-fs/operations/ad-fs-single-sign-on-settings.md
+++ b/WindowsServerDocs/identity/ad-fs/operations/ad-fs-single-sign-on-settings.md
@@ -40,7 +40,7 @@ If the device is not registered but a user selects the “keep me signed in” o
As mentioned above, users on registered devices will always get a persistent SSO unless the persistent SSO is disabled. For un-registered devices, persistent SSO can be achieved by enabling the “keep me signed in” (KMSI) feature.
- For Windows Server 2012 R2, to enable PSSO for the “Keep me signed in” scenario, you need to install this [hotfix](https://support.microsoft.com/en-us/kb/2958298/) which is also part of the of [August 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2](https://support.microsoft.com/en-us/kb/2975719).
+ For Windows Server 2012 R2, to enable PSSO for the “Keep me signed in” scenario, you need to install this [hotfix](https://support.microsoft.com/kb/2958298/) which is also part of the of [August 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2](https://support.microsoft.com/kb/2975719).
Task | PowerShell | Description
------------ | ------------- | -------------
@@ -121,7 +121,7 @@ Set-AdfsProperties -PersistentSsoCutoffTime
```
## Enable PSSO for Office 365 users to access SharePoint Online
- Once PSSO is enabled and configured in AD FS, AD FS will write a persistent cookie after a user has authenticated. The next time the user comes in, if a persistent cookie is still valid, a user does not need to provide credentials to authenticate again. You can also avoid the additional authentication prompt for Office 365 and SharePoint Online users by configuring the following two claims rules in AD FS to trigger persistence at Microsoft Azure AD and SharePoint Online. To enable PSSO for Office 365 users to access SharePoint online, you need to install this [hotfix](https://support.microsoft.com/en-us/kb/2958298/) which is also part of the of [August 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2](https://support.microsoft.com/en-us/kb/2975719).
+ Once PSSO is enabled and configured in AD FS, AD FS will write a persistent cookie after a user has authenticated. The next time the user comes in, if a persistent cookie is still valid, a user does not need to provide credentials to authenticate again. You can also avoid the additional authentication prompt for Office 365 and SharePoint Online users by configuring the following two claims rules in AD FS to trigger persistence at Microsoft Azure AD and SharePoint Online. To enable PSSO for Office 365 users to access SharePoint online, you need to install this [hotfix](https://support.microsoft.com/kb/2958298/) which is also part of the of [August 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2](https://support.microsoft.com/kb/2975719).
An Issuance Transform rule to pass through the InsideCorporateNetwork claim
diff --git a/WindowsServerDocs/identity/ad-fs/operations/customize-http-security-headers-ad-fs.md b/WindowsServerDocs/identity/ad-fs/operations/customize-http-security-headers-ad-fs.md
index 3f690ee851..ad6f460d16 100644
--- a/WindowsServerDocs/identity/ad-fs/operations/customize-http-security-headers-ad-fs.md
+++ b/WindowsServerDocs/identity/ad-fs/operations/customize-http-security-headers-ad-fs.md
@@ -20,7 +20,7 @@ ms.technology: identity-adfs
To protect against common security vulnerabilities and provide administrators the ability to take advantage of the latest advancements in browser-based protection mechanisms, AD FS 2019 added the functionality to customize the HTTP security response headers sent by AD FS. This is accomplished through the introduction of two new cmdlets: `Get-AdfsResponseHeaders` and `Set-AdfsResponseHeaders`.
>[!NOTE]
->The functionality to customize the HTTP security response headers (except CORS Headers) using cmdlets: `Get-AdfsResponseHeaders` and `Set-AdfsResponseHeaders` was backported to AD FS 2016. You can add the functionality to your AD FS 2016 by installing [KB4493473](https://support.microsoft.com/en-us/help/4493473/windows-10-update-kb4493473) and [KB4507459](https://support.microsoft.com/en-us/help/4507459/windows-10-update-kb4507459).
+>The functionality to customize the HTTP security response headers (except CORS Headers) using cmdlets: `Get-AdfsResponseHeaders` and `Set-AdfsResponseHeaders` was backported to AD FS 2016. You can add the functionality to your AD FS 2016 by installing [KB4493473](https://support.microsoft.com/help/4493473/windows-10-update-kb4493473) and [KB4507459](https://support.microsoft.com/help/4507459/windows-10-update-kb4507459).
In this document we will discuss commonly used security response headers to demonstrate how to customize headers sent by AD FS 2019.
@@ -229,7 +229,7 @@ Use the following table and links to determine which web browsers are compatible
|-----|-----|
|HTTP Strict-Transport-Security (HSTS)|[HSTS browser compatibility](https://developer.mozilla.org/docs/Web/HTTP/Headers/Strict-Transport-Security#Browser_compatibility)|
|X-Frame-Options|[X-Frame-Options browser compatibility](https://developer.mozilla.org/docs/Web/HTTP/Headers/X-Frame-Options#Browser_compatibility)|
-|X-XSS-Protection|[X-XSS-Protection browser compatibility](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection#Browser_compatibility)|
+|X-XSS-Protection|[X-XSS-Protection browser compatibility](https://developer.mozilla.org/docs/Web/HTTP/Headers/X-XSS-Protection#Browser_compatibility)|
|Cross Origin Resource Sharing (CORS)|[CORS browser compatibility](https://developer.mozilla.org/docs/Web/HTTP/CORS#Browser_compatibility)
|Content Security Policy (CSP)|[CSP browser compatibility](https://developer.mozilla.org/docs/Web/HTTP/CSP#Browser_compatibility)
diff --git a/WindowsServerDocs/identity/ad-fs/technical-reference/GDPR-and-AD-FS-Compliance.md b/WindowsServerDocs/identity/ad-fs/technical-reference/GDPR-and-AD-FS-Compliance.md
index db07a87bfd..3d2c894feb 100644
--- a/WindowsServerDocs/identity/ad-fs/technical-reference/GDPR-and-AD-FS-Compliance.md
+++ b/WindowsServerDocs/identity/ad-fs/technical-reference/GDPR-and-AD-FS-Compliance.md
@@ -15,10 +15,10 @@ ms.technology: identity-adfs
>[!Note]
-> This article provides steps for how to delete personal data from the device and can be used to support your obligations under the GDPR. If you're looking for general info about GDPR, see the [GDPR section of the Service Trust Center](https://www.microsoft.com/en-us/TrustCenter/Privacy/gdpr/default.aspx).
+> This article provides steps for how to delete personal data from the device and can be used to support your obligations under the GDPR. If you're looking for general info about GDPR, see the [GDPR section of the Service Trust Center](https://www.microsoft.com/TrustCenter/Privacy/gdpr/default.aspx).
>[!Note]
->If you're interested in viewing or deleting personal data, please see the [Azure Data Subject Requests for the GDPR](https://docs.microsoft.com/microsoft-365/compliance/gdpr-dsr-azure) article. If you're looking for general info about GDPR, see the [GDPR section of the Service Trust Center](https://www.microsoft.com/en-us/TrustCenter/Privacy/gdpr/default.aspx).
+>If you're interested in viewing or deleting personal data, please see the [Azure Data Subject Requests for the GDPR](https://docs.microsoft.com/microsoft-365/compliance/gdpr-dsr-azure) article. If you're looking for general info about GDPR, see the [GDPR section of the Service Trust Center](https://www.microsoft.com/TrustCenter/Privacy/gdpr/default.aspx).
## Next steps
* [Review the Microsoft Privacy policy on Trust Center](https://www.microsoft.com/trustcenter)
diff --git a/WindowsServerDocs/identity/securing-privileged-access/privileged-access-workstations.md b/WindowsServerDocs/identity/securing-privileged-access/privileged-access-workstations.md
index 482457d7e7..65069d8710 100644
--- a/WindowsServerDocs/identity/securing-privileged-access/privileged-access-workstations.md
+++ b/WindowsServerDocs/identity/securing-privileged-access/privileged-access-workstations.md
@@ -30,7 +30,7 @@ In order to provide the greatest security, PAWs should always run the most up-to
> [!NOTE]
> Organizations without access to Windows 10 Enterprise can use Windows 10 Pro, which includes many of the critical foundational technologies for PAWs, including Trusted Boot, BitLocker, and Remote Desktop. Education customers can use Windows 10 Education. Windows 10 Home should not be used for a PAW.
>
-> For a comparison matrix of the different editions of Windows 10, read [this article](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
+> For a comparison matrix of the different editions of Windows 10, read [this article](https://www.microsoft.com/WindowsForBusiness/Compare).
The PAW security controls are focused on mitigating high impact and high probability risks of compromise. These include mitigating attacks on the environment and risks that can decrease the effectiveness of PAW controls over time:
@@ -46,7 +46,7 @@ The PAW security controls are focused on mitigating high impact and high probabi
>
> For more information on response and recovery guidance, see the "Respond to suspicious activity" and "Recover from a breach" sections of [Mitigating Pass-the-Hash and Other Credential Theft](https://aka.ms/pth), version 2.
>
-> Visit [Microsoft's Incident Response and Recovery services](https://www.microsoft.com/en-us/microsoftservices/campaigns/cybersecurity-protection.aspx) page for more information.
+> Visit [Microsoft's Incident Response and Recovery services](https://www.microsoft.com/microsoftservices/campaigns/cybersecurity-protection.aspx) page for more information.
### PAW hardware profiles
@@ -92,7 +92,7 @@ In this configuration, daily work that does not require administrative privilege
To configure this, follow the instructions in this guidance for the PAW host, add Client Hyper-V features, create a User VM, and then install a Windows 10 corporate image on the User VM.
-Read [Client Hyper-V](https://docs.microsoft.com/virtualization/hyper-v-on-windows/index) article for more information about this capability. Please note that the operating system in guest virtual machines will need to be licensed per [Microsoft product licensing](https://www.microsoft.com/en-us/Licensing/product-licensing/products.aspx), also described [here](https://download.microsoft.com/download/9/8/D/98D6A56C-4D79-40F4-8462-DA3ECBA2DC2C/Licensing_Windows_Desktop_OS_for_Virtual_Machines.pdf).
+Read [Client Hyper-V](https://docs.microsoft.com/virtualization/hyper-v-on-windows/index) article for more information about this capability. Please note that the operating system in guest virtual machines will need to be licensed per [Microsoft product licensing](https://www.microsoft.com/Licensing/product-licensing/products.aspx), also described [here](https://download.microsoft.com/download/9/8/D/98D6A56C-4D79-40F4-8462-DA3ECBA2DC2C/Licensing_Windows_Desktop_OS_for_Virtual_Machines.pdf).
#### Simultaneous use - Adding RemoteApp, RDP, or a VDI
@@ -286,7 +286,7 @@ See the [Tier model page](https://aka.ms/tiermodel) for more information on the
This guidance contains the detailed instructions for the PAW configuration for the scenarios as noted above. If you have requirements for the other scenarios, you can adapt the instructions based on this guidance yourself or hire a professional services organization like Microsoft to assist with it.
-For more information on engaging Microsoft services to design a PAW tailored for your environment, contact your Microsoft representative or visit [this page](https://www.microsoft.com/en-us/microsoftservices/campaigns/cybersecurity-protection.aspx).
+For more information on engaging Microsoft services to design a PAW tailored for your environment, contact your Microsoft representative or visit [this page](https://www.microsoft.com/microsoftservices/campaigns/cybersecurity-protection.aspx).
## PAW Phased implementation
@@ -341,7 +341,7 @@ Phase 1 includes the following steps:
4. **Acquire and validate the required Windows 10 Enterprise Edition and application software**. Obtain the software required for PAW and validate it using the guidance in [Clean Source for installation media](https://aka.ms/cleansource).
* Windows 10 Enterprise Edition
- * [Remote Server Administration Tools](https://www.microsoft.com/en-us/download/details.aspx?id=45520) for Windows 10
+ * [Remote Server Administration Tools](https://www.microsoft.com/download/details.aspx?id=45520) for Windows 10
* [Windows 10 Security Baselines](https://aka.ms/win10baselines)
> [!NOTE]
@@ -656,7 +656,7 @@ In this section, we will configure group policies to prevent privileged administ
2. Set a unique complex password for the local Administrator account. Do not use a password that has been used for any other account in the environment.
> [!NOTE]
- > Microsoft recommends using [Local Administrator Password Solution (LAPS)](https://www.microsoft.com/en-us/download/details.aspx?id=46899) to manage the local Administrator password for all workstations, including PAWs. If you use LAPS, ensure that you only grant the PAW Maintenance group the right to read LAPS-managed passwords for the PAWs.
+ > Microsoft recommends using [Local Administrator Password Solution (LAPS)](https://www.microsoft.com/download/details.aspx?id=46899) to manage the local Administrator password for all workstations, including PAWs. If you use LAPS, ensure that you only grant the PAW Maintenance group the right to read LAPS-managed passwords for the PAWs.
3. Install Remote Server Administration Tools for Windows 10 using the clean source installation media.
4. Configure Windows Defender Exploit Guard
@@ -781,7 +781,7 @@ Enable this feature on your existing servers and workstations, then enforce the
> [!NOTE]
> You will need to update the *proxy.pac* file after downloading to ensure that it is up-to-date and complete.
- > Microsoft publishes all current Office 365 and Azure URLs in the Office [Support Center](https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US). These instructions assume that you will be using Internet Explorer (or Microsoft Edge) for administration of Office 365, Azure, and other cloud services. Microsoft recommends configuring similar restrictions for any 3rd party browsers that you require for administration. Web browsers on PAWs should only be used for administration of cloud services, and never for general web browsing.
+ > Microsoft publishes all current Office 365 and Azure URLs in the Office [Support Center](https://support.office.com/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US). These instructions assume that you will be using Internet Explorer (or Microsoft Edge) for administration of Office 365, Azure, and other cloud services. Microsoft recommends configuring similar restrictions for any 3rd party browsers that you require for administration. Web browsers on PAWs should only be used for administration of cloud services, and never for general web browsing.
>
> You may need to add other valid Internet destinations to add to this list for other IaaS provider, but do not add productivity, entertainment, news, or search sites to this list.
>
@@ -1073,7 +1073,7 @@ Once the template disk and shielding data file are ready, you can deploy an admi
## Related topics
-[Engaging Microsoft Cybersecurity Services](https://www.microsoft.com/en-us/microsoftservices/campaigns/cybersecurity-protection.aspx)
+[Engaging Microsoft Cybersecurity Services](https://www.microsoft.com/microsoftservices/campaigns/cybersecurity-protection.aspx)
[Taste of Premier: How to Mitigate Pass-the-Hash and Other Forms of Credential Theft](https://channel9.msdn.com/Blogs/Taste-of-Premier/Taste-of-Premier-How-to-Mitigate-Pass-the-Hash-and-Other-Forms-of-Credential-Theft)
@@ -1093,7 +1093,7 @@ Once the template disk and shielding data file are ready, you can deploy an admi
[Mitigating Credential Theft using the Windows 10 Isolated User Mode (Channel 9)](https://channel9.msdn.com/Blogs/Seth-Juarez/Mitigating-Credential-Theft-using-the-Windows-10-Isolated-User-Mode)
-[Enabling Strict KDC Validation in Windows Kerberos](https://www.microsoft.com/en-us/download/details.aspx?id=6382)
+[Enabling Strict KDC Validation in Windows Kerberos](https://www.microsoft.com/download/details.aspx?id=6382)
[What's New in Kerberos Authentication for Windows Server 2012](https://technet.microsoft.com/library/hh831747.aspx)
diff --git a/WindowsServerDocs/identity/securing-privileged-access/securing-privileged-access-reference-material.md b/WindowsServerDocs/identity/securing-privileged-access/securing-privileged-access-reference-material.md
index e81782169b..feac48b4a7 100644
--- a/WindowsServerDocs/identity/securing-privileged-access/securing-privileged-access-reference-material.md
+++ b/WindowsServerDocs/identity/securing-privileged-access/securing-privileged-access-reference-material.md
@@ -363,7 +363,7 @@ Help Desk and user support organizations perform support for end users (which do
- **Primary** - "Over the shoulder" support can be provided with no tools.
- **Forbidden** - Logging on with domain account administrative credentials is not allowed in this scenario. Switch to desk-side workstation support if administrative privileges are required.
- **Remote user support** - The Tier 2 support personnel is physically remote to the user.
- - **Primary** - Remote Assistance, Skype for Business, or similar user-screen sharing may be used. For more information, see [What is Windows Remote Assistance?](https://windows.microsoft.com/en-us/windows/what-is-windows-remote-assistance)
+ - **Primary** - Remote Assistance, Skype for Business, or similar user-screen sharing may be used. For more information, see [What is Windows Remote Assistance?](https://windows.microsoft.com/windows/what-is-windows-remote-assistance)
- **Forbidden** - Logging on with domain account administrative credentials is not allowed in this scenario. Switch to workstation support if administrative privileges are required.
- **Workstation support** - Tasks include performing workstation maintenance or troubleshooting that requires access to a system for viewing logs, installing software, updating drivers, and so on.
- **Desk-side workstation support** - The Tier 2 support personnel is physically at the user's workstation.
@@ -520,7 +520,7 @@ An administrative forest design should include the following considerations:
- Attack surface analysis to prevent introduction of new attack vectors to Windows during installation of new software.
> [!NOTE]
- > Use of tools such as the [Attack Surface Analyzer (ASA)](https://www.microsoft.com/en-us/download/details.aspx?id=24487) will help assess configuration settings on a host and identify attack vectors introduced by software or configuration changes.
+ > Use of tools such as the [Attack Surface Analyzer (ASA)](https://www.microsoft.com/download/details.aspx?id=24487) will help assess configuration settings on a host and identify attack vectors introduced by software or configuration changes.
- Account hardening
- Multi-factor authentication should be configured for all accounts in the admin forest, except one account. At least one administrative account should be password based to ensure access will work in case the multi-factor authentication process breaks. This account should be protected by a stringent physical control process.
diff --git a/WindowsServerDocs/manage/windows-admin-center/extend/guides/extension-discovery-banner.md b/WindowsServerDocs/manage/windows-admin-center/extend/guides/extension-discovery-banner.md
index 6720eab21d..2239b84714 100644
--- a/WindowsServerDocs/manage/windows-admin-center/extend/guides/extension-discovery-banner.md
+++ b/WindowsServerDocs/manage/windows-admin-center/extend/guides/extension-discovery-banner.md
@@ -23,7 +23,7 @@ When Windows Admin Center is launched, it will connect to the registered extensi
## How to implement the extension discovery banner
-The "tags" metadata in the .nuspec file is used to declare which hardware manufacturer and/or models your extension supports. Tags are delimited by spaces and you can add either a manufacturer or model tag, or both to declare the supported manufacturer and/or models. The tag format is ``"[value type]_[value condition]"`` where [value type] is either "Manufacturer" or "Model" (case sensitive), and [value condition] is a [Javascript regular expression](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions) defining the manufacturer or model string, and [value type] and [value condition] are separated by an underscore. This string is then encoded using URI encoding and added to the .nuspec "tags" metadata string.
+The "tags" metadata in the .nuspec file is used to declare which hardware manufacturer and/or models your extension supports. Tags are delimited by spaces and you can add either a manufacturer or model tag, or both to declare the supported manufacturer and/or models. The tag format is ``"[value type]_[value condition]"`` where [value type] is either "Manufacturer" or "Model" (case sensitive), and [value condition] is a [Javascript regular expression](https://developer.mozilla.org/docs/Web/JavaScript/Guide/Regular_Expressions) defining the manufacturer or model string, and [value type] and [value condition] are separated by an underscore. This string is then encoded using URI encoding and added to the .nuspec "tags" metadata string.
### Example
diff --git a/WindowsServerDocs/manage/windows-admin-center/includes/support-policy.md b/WindowsServerDocs/manage/windows-admin-center/includes/support-policy.md
index eaabffe1b2..b196a95ca5 100644
--- a/WindowsServerDocs/manage/windows-admin-center/includes/support-policy.md
+++ b/WindowsServerDocs/manage/windows-admin-center/includes/support-policy.md
@@ -1,3 +1,3 @@
Windows Admin Center (non-preview) releases are supported continuously, based on Microsoft's [Modern Lifecycle Policy](https://support.microsoft.com/help/30881/modern-lifecycle-policy). This means that only the latest version of Windows Admin Center is serviced and supported, and users must stay current by upgrading to the latest Windows Admin Center release within 30 days of availability to remain supported. This policy applies to both the Windows Admin Center platform itself, as well as any released (non-preview) Microsoft extensions published in the Windows Admin Center extension feed. Note that some extensions may be updated more frequently than others, between Windows Admin Center releases.
-For info about Windows Admin Center Preview releases, see [Windows Insider Preview releases](https://www.microsoft.com/en-us/software-download/windowsinsiderpreviewserver).
\ No newline at end of file
+For info about Windows Admin Center Preview releases, see [Windows Insider Preview releases](https://www.microsoft.com/software-download/windowsinsiderpreviewserver).
\ No newline at end of file
diff --git a/WindowsServerDocs/manage/windows-admin-center/plan/installation-options.md b/WindowsServerDocs/manage/windows-admin-center/plan/installation-options.md
index b33aa0cf93..a3008bde51 100644
--- a/WindowsServerDocs/manage/windows-admin-center/plan/installation-options.md
+++ b/WindowsServerDocs/manage/windows-admin-center/plan/installation-options.md
@@ -66,7 +66,7 @@ You can **manage** the following Windows operating systems using Windows Admin C
> Type `$PSVersiontable` in PowerShell to verify that WMF is installed,
> and that the version is 5.1 or higher.
>
-> If WMF is not installed, you can [download WMF 5.1](https://www.microsoft.com/en-us/download/details.aspx?id=54616).
+> If WMF is not installed, you can [download WMF 5.1](https://www.microsoft.com/download/details.aspx?id=54616).
## High availability
diff --git a/WindowsServerDocs/manage/windows-admin-center/support/known-issues.md b/WindowsServerDocs/manage/windows-admin-center/support/known-issues.md
index 9cd132eea0..136f82c730 100644
--- a/WindowsServerDocs/manage/windows-admin-center/support/known-issues.md
+++ b/WindowsServerDocs/manage/windows-admin-center/support/known-issues.md
@@ -75,7 +75,7 @@ Remote Desktop, PowerShell, and Events modules in Windows Admin Center utilize t
Type `$PSVersiontable` in PowerShell to verify that WMF is installed,
and that the version is 5.1 or higher.
-If it is not installed, you can [download and install WMF 5.1](https://www.microsoft.com/en-us/download/details.aspx?id=54616).
+If it is not installed, you can [download and install WMF 5.1](https://www.microsoft.com/download/details.aspx?id=54616).
## Role Based Access Control (RBAC)
diff --git a/WindowsServerDocs/manage/windows-admin-center/understand/faq.md b/WindowsServerDocs/manage/windows-admin-center/understand/faq.md
index 0a5e1e6a63..41a8ef50e0 100644
--- a/WindowsServerDocs/manage/windows-admin-center/understand/faq.md
+++ b/WindowsServerDocs/manage/windows-admin-center/understand/faq.md
@@ -80,7 +80,7 @@ Yes! the [Showscript feature](../use/get-started.md#view-powershell-scripts-used
## Are there any plans for Windows Admin Center to manage Windows Server 2008 R2 or earlier?
-Windows Admin Center now supports **limited** functionality to manage Windows Server 2008 R2. Windows Admin Center relies on PowerShell capabilities and platform technologies that don't exist in Windows Server 2008 R2 and earlier, making full support infeasible. Windows Server 2008/2008 R2 are approaching end of support in January 2020 so Microsoft recommends customers [move to Azure or upgrade to the latest version of Windows Server](https://www.microsoft.com/en-us/cloud-platform/windows-server-2008).
+Windows Admin Center now supports **limited** functionality to manage Windows Server 2008 R2. Windows Admin Center relies on PowerShell capabilities and platform technologies that don't exist in Windows Server 2008 R2 and earlier, making full support infeasible. Windows Server 2008/2008 R2 are approaching end of support in January 2020 so Microsoft recommends customers [move to Azure or upgrade to the latest version of Windows Server](https://www.microsoft.com/cloud-platform/windows-server-2008).
## Are there any plans for Windows Admin Center to manage Linux connections?
@@ -144,7 +144,7 @@ There are two versions of Windows Admin Center available for download:
### Windows Admin Center Preview
* For IT admins who want the latest and greatest features on a regular cadence, this version is for you. Our intent is to provide subsequent update releases every month or so. The core platform continues to be production-ready and the license provides production use rights. However, note that you will see the introduction of new tools and capabilities which are clearly marked as PREVIEW and are suitable for evaluation and testing.
-* To get the latest Insider Preview release, registered Insiders may download Windows Admin Center Preview directly from the [Windows Server Insider Preview download page](https://www.microsoft.com/en-us/software-download/windowsinsiderpreviewserver), under the Additional Downloads dropdown. If you have not yet registered as an Insider, see [Getting Started with Windows Server](https://insider.windows.com/en-us/for-business-getting-started-server/) on the Windows Insiders for Business portal.
+* To get the latest Insider Preview release, registered Insiders may download Windows Admin Center Preview directly from the [Windows Server Insider Preview download page](https://www.microsoft.com/software-download/windowsinsiderpreviewserver), under the Additional Downloads dropdown. If you have not yet registered as an Insider, see [Getting Started with Windows Server](https://insider.windows.com/en-us/for-business-getting-started-server/) on the Windows Insiders for Business portal.
## Why was "Windows Admin Center" chosen as the final name for "Project Honolulu"?
diff --git a/WindowsServerDocs/remote/remote-desktop-services/clients/remote-desktop-client-faq.md b/WindowsServerDocs/remote/remote-desktop-services/clients/remote-desktop-client-faq.md
index 42b66be348..af5b61dddb 100644
--- a/WindowsServerDocs/remote/remote-desktop-services/clients/remote-desktop-client-faq.md
+++ b/WindowsServerDocs/remote/remote-desktop-services/clients/remote-desktop-client-faq.md
@@ -61,7 +61,7 @@ Make note of the name of this PC under **How to connect to this PC**. You'll nee
You can grant permission for specific users to access this PC - to do that, click **Select users that can remotely access this PC**.
Members of the Administrators group automatically have access.
-For Windows 8.1, follow the instructions to allow remote connections in [Connect to another desktop using Remote Desktop Connections](https://support.microsoft.com/en-us/help/17463/windows-7-connect-to-another-computer-remote-desktop-connection#1TC=windows-8).
+For Windows 8.1, follow the instructions to allow remote connections in [Connect to another desktop using Remote Desktop Connections](https://support.microsoft.com/help/17463/windows-7-connect-to-another-computer-remote-desktop-connection#1TC=windows-8).
diff --git a/WindowsServerDocs/remote/remote-desktop-services/clients/remote-desktop-web-client-admin.md b/WindowsServerDocs/remote/remote-desktop-services/clients/remote-desktop-web-client-admin.md
index bebf9cf6bf..931c05b63b 100644
--- a/WindowsServerDocs/remote/remote-desktop-services/clients/remote-desktop-web-client-admin.md
+++ b/WindowsServerDocs/remote/remote-desktop-services/clients/remote-desktop-web-client-admin.md
@@ -22,7 +22,7 @@ Before getting started, keep the following things in mind:
* Make sure your [Remote Desktop deployment](../rds-deploy-infrastructure.md) has an RD Gateway, an RD Connection Broker, and RD Web Access running on Windows Server 2016 or 2019.
* Make sure your deployment is configured for [per-user client access licenses](../rds-client-access-license.md) (CALs) instead of per-device, otherwise all licenses will be consumed.
-* Install the [Windows 10 KB4025334 update](https://support.microsoft.com/en-us/help/4025334/windows-10-update-kb4025334) on the RD Gateway. Later cumulative updates may already contains this KB.
+* Install the [Windows 10 KB4025334 update](https://support.microsoft.com/help/4025334/windows-10-update-kb4025334) on the RD Gateway. Later cumulative updates may already contains this KB.
* Make sure public trusted certificates are configured for the RD Gateway and RD Web Access roles.
* Make sure that any computers your users will connect to are running one of the following OS versions:
* Windows 10
@@ -294,7 +294,7 @@ If that doesn't work, your server name in the web client URL might not match the
If the user reports that they can't connect with the web client even though they can see the resources listed, check the following things:
* Is the RD Gateway role properly configured to use a trusted public certificate?
-* Does the RD Gateway server have the required updates installed? Make sure that your server has [the KB4025334 update](https://support.microsoft.com/en-us/help/4025334/windows-10-update-kb4025334) installed.
+* Does the RD Gateway server have the required updates installed? Make sure that your server has [the KB4025334 update](https://support.microsoft.com/help/4025334/windows-10-update-kb4025334) installed.
If the user gets an "unexpected server authentication certificate was received" error message when they try to connect, then the message will show the certificate's thumbprint. Search the RD Broker server's certificate manager using that thumbprint to find the right certificate. Verify that the certificate is configured to be used for the RD Broker role in the Remote Desktop deployment properties page. After making sure the certificate hasn't expired, copy the certificate in .cer file format to the RD Web Access server and run the following command on the RD Web Access server with the bracketed value replaced by the certificate's file path:
diff --git a/WindowsServerDocs/remote/remote-desktop-services/rds-hosting-partners.md b/WindowsServerDocs/remote/remote-desktop-services/rds-hosting-partners.md
index c834ef46fb..38b5aa7e4d 100644
--- a/WindowsServerDocs/remote/remote-desktop-services/rds-hosting-partners.md
+++ b/WindowsServerDocs/remote/remote-desktop-services/rds-hosting-partners.md
@@ -23,7 +23,7 @@ If you are a Microsoft partner and want to be included in the list of partners w
1. Become a [Microsoft Partner](https://partner.microsoft.com/), if you're not already.
2. Watch the [Hosting Windows and Applications using Remote Desktop Services in Azure training session](https://mspartnerlp.partner.microsoft.com/LearningPath/LearningPath/DLPaths?trackId=2915&rowId=3603).
3. Take the [technical assessment](https://mspartnerlp.partner.microsoft.com/LearningPath/LearningPath/DLPaths?trackId=1660&rowId=2220&trackPathId=9871).
-4. Make sure you meet the [requirements for the Cloud Platform competency](https://partner.microsoft.com/en-us/membership/cloud-platform-competency).
+4. Make sure you meet the [requirements for the Cloud Platform competency](https://partner.microsoft.com/membership/cloud-platform-competency).
Already a Microsoft Partner and have questions? Contact the Remote Desktop team at .
diff --git a/WindowsServerDocs/remote/remote-desktop-services/rds-rdsh-performance-counters.md b/WindowsServerDocs/remote/remote-desktop-services/rds-rdsh-performance-counters.md
index 259736cfaf..6696392b78 100644
--- a/WindowsServerDocs/remote/remote-desktop-services/rds-rdsh-performance-counters.md
+++ b/WindowsServerDocs/remote/remote-desktop-services/rds-rdsh-performance-counters.md
@@ -134,7 +134,7 @@ Monitoring tools can consume this counter by using the [Perfmon API](https://msd
## Download Windows Server Insider software
-Registered Insiders can navigate directly to the [Windows Server Insider Preview download page](https://www.microsoft.com/en-us/software-download/windowsinsiderpreviewserver) to get the latest Insider software downloads. To learn how to register as an Insider, see [Getting started with Server](https://insider.windows.com/en-us/for-business-getting-started-server/).
+Registered Insiders can navigate directly to the [Windows Server Insider Preview download page](https://www.microsoft.com/software-download/windowsinsiderpreviewserver) to get the latest Insider software downloads. To learn how to register as an Insider, see [Getting started with Server](https://insider.windows.com/en-us/for-business-getting-started-server/).
## Share your feedback
diff --git a/WindowsServerDocs/remote/remote-desktop-services/rds-roles.md b/WindowsServerDocs/remote/remote-desktop-services/rds-roles.md
index 33b5cf3dbd..ebb59b1641 100644
--- a/WindowsServerDocs/remote/remote-desktop-services/rds-roles.md
+++ b/WindowsServerDocs/remote/remote-desktop-services/rds-roles.md
@@ -95,4 +95,4 @@ For more information, see the following articles:
* [License your RDS deployment with client access licenses (CALs)](rds-client-access-license.md)
* [Activate the Remote Desktop Services license server](rds-activate-license-server.md)
* [Track your Remote Desktop Services client access licenses (RDS CALs)](rds-track-cals.md)
-* [Microsoft Volume Licensing: licensing options for service providers](https://www.microsoft.com/en-us/Licensing/licensing-programs/spla-program.aspx)
\ No newline at end of file
+* [Microsoft Volume Licensing: licensing options for service providers](https://www.microsoft.com/Licensing/licensing-programs/spla-program.aspx)
\ No newline at end of file
diff --git a/WindowsServerDocs/remote/remote-desktop-services/troubleshoot/rdp-client-disconnects-cannot-reconnect-same-session.md b/WindowsServerDocs/remote/remote-desktop-services/troubleshoot/rdp-client-disconnects-cannot-reconnect-same-session.md
index df071ecb2c..500360cee0 100644
--- a/WindowsServerDocs/remote/remote-desktop-services/troubleshoot/rdp-client-disconnects-cannot-reconnect-same-session.md
+++ b/WindowsServerDocs/remote/remote-desktop-services/troubleshoot/rdp-client-disconnects-cannot-reconnect-same-session.md
@@ -35,7 +35,7 @@ This issue can also be fixed by reconfiguring your authentication and configurat
> [!NOTE]
> - When communications between clients and RD Session Host servers require the highest level of encryption, use FIPS-compliant encryption.
-> - Any encryption level settings you configure in Group Policy override the settings you configured using the Remote Desktop Services Configuration tool. Also, if you enable the [System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing](https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing) policy, this setting overrides the **Set client connection encryption level** policy. The system cryptography policy is in the **Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Security Options** folder.
+> - Any encryption level settings you configure in Group Policy override the settings you configured using the Remote Desktop Services Configuration tool. Also, if you enable the [System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing](https://docs.microsoft.com/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing) policy, this setting overrides the **Set client connection encryption level** policy. The system cryptography policy is in the **Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Security Options** folder.
> - When you change the encryption level, the new encryption level takes effect the next time a user signs in. If you require multiple levels of encryption on one server, install multiple network adapters and configure each adapter separately.
> - To verify your certificate has a corresponding private key, go to Remote Desktop Services Configuration, right-click the connection that you want to view the certificate for, select **General**, then select **Edit**. After that, select **View certificate**. When you go to the **General** tab, you should see the statement, "You have a private key that corresponds to this certificate" if there's a key. You can also view this information with the Certificates snap-in.
> - FIPS-compliant encryption (the **System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing** policy or the **FIPS Compliant** setting in Remote Desktop Server Configuration) encrypts and decrypts data sent between the server and client with the Federal Information Processing Standard (FIPS) 140-1 encryption algorithms that use Microsoft cryptographic modules. For more information, see [FIPS 140 Validation](https://docs.microsoft.com/windows/security/threat-protection/fips-140-validation).
diff --git a/WindowsServerDocs/sddc.md b/WindowsServerDocs/sddc.md
index cf5191ea76..437fdf0c73 100644
--- a/WindowsServerDocs/sddc.md
+++ b/WindowsServerDocs/sddc.md
@@ -27,7 +27,7 @@ Microsoft's implementation of the SDDC consists of the Windows Server technologi
The technologies built into Windows Server and System Center are the main building blocks of the Windows Server SDDC experience. But even though it's a virtualized platform, it still requires the right hardware underneath. Microsoft partners participating in the **Windows Server Software-Defined (WSSD) Solutions** and the **Azure Stack HCI Solutions** programs can help your enterprise acquire the right hardware and get it up and running on day zero.
-**[Watch a video to learn more about Microsoft's SDDC](https://mva.microsoft.com/en-US/training-courses/whats-new-in-windows-server-2016-16457?l=YcsJR6sXC_1006218965)**
+**[Watch a video to learn more about Microsoft's SDDC](https://mva.microsoft.com/training-courses/whats-new-in-windows-server-2016-16457?l=YcsJR6sXC_1006218965)**
**[Download a poster size .pdf file of this page](https://github.com/MicrosoftDocs/windowsserverdocs/blob/master/WindowsServerDocs/media/sddc/sddc_poster_0801417_ANSI-E.pdf)**
@@ -41,7 +41,7 @@ Microsoft partners offer an array of solutions that work with Window Server 2019
**[Learn more about Azure Stack HCI Solutions](https://azure.microsoft.com/overview/azure-stack/hci)**
-**[Learn more about WSSD Solutions](https://www.microsoft.com/en-us/cloud-platform/software-defined-datacenter)**
+**[Learn more about WSSD Solutions](https://www.microsoft.com/cloud-platform/software-defined-datacenter)**
## Windows Server virtualized technologies ##
@@ -65,7 +65,7 @@ Hyper-V is a hypervisor-based virtualization technology for Windows. The hypervi
-**[Learn more about Hyper-V Hypervisor](https://www.microsoft.com/en-us/cloud-platform/server-virtualization)**
+**[Learn more about Hyper-V Hypervisor](https://www.microsoft.com/cloud-platform/server-virtualization)**
### Guest clustering with shared VHDX
diff --git a/WindowsServerDocs/security/credentials-protection-and-management/protected-users-security-group.md b/WindowsServerDocs/security/credentials-protection-and-management/protected-users-security-group.md
index cd77a64e42..f81b9afe42 100644
--- a/WindowsServerDocs/security/credentials-protection-and-management/protected-users-security-group.md
+++ b/WindowsServerDocs/security/credentials-protection-and-management/protected-users-security-group.md
@@ -83,7 +83,7 @@ When the signed in user is a member of the Protected Users group the following p
- Beginning with Windows 8.1 and Windows Server 2012 R2, Windows Digest will not cache the user's plain text credentials even when Windows Digest is enabled.
> [!Note]
-> After installing [Microsoft Security Advisory 2871997](https://technet.microsoft.com/library/security/2871997) Windows Digest will continue to cache credentials until the registry key is configured. See [Microsoft Security Advisory: Update to improve credentials protection and management: May 13, 2014](https://support.microsoft.com/en-us/help/2871997/microsoft-security-advisory-update-to-improve-credentials-protection-a) for instructions.
+> After installing [Microsoft Security Advisory 2871997](https://technet.microsoft.com/library/security/2871997) Windows Digest will continue to cache credentials until the registry key is configured. See [Microsoft Security Advisory: Update to improve credentials protection and management: May 13, 2014](https://support.microsoft.com/help/2871997/microsoft-security-advisory-update-to-improve-credentials-protection-a) for instructions.
- NTLM will not cache the user's plain text credentials or NT one-way function (NTOWF).
diff --git a/WindowsServerDocs/security/gdpr/gdpr-winserver-whitepaper.md b/WindowsServerDocs/security/gdpr/gdpr-winserver-whitepaper.md
index 1d360b2e30..e0e96b3680 100644
--- a/WindowsServerDocs/security/gdpr/gdpr-winserver-whitepaper.md
+++ b/WindowsServerDocs/security/gdpr/gdpr-winserver-whitepaper.md
@@ -23,7 +23,7 @@ Microsoft and our customers are now on a journey to achieve the privacy goals of
We have outlined our commitment to the GDPR and how we are supporting our customers within the [Get GDPR compliant with the Microsoft Cloud](https://blogs.microsoft.com/on-the-issues/2017/02/15/get-gdpr-compliant-with-the-microsoft-cloud/#hv52B68OZTwhUj2c.99) blog post by our Chief Privacy Officer [Brendon Lynch](https://blogs.microsoft.com/on-the-issues/author/brendonlynch/) and the [Earning your trust with contractual commitments to the General Data Protection Regulation](https://blogs.microsoft.com/on-the-issues/2017/04/17/earning-trust-contractual-commitments-general-data-protection-regulation/#6QbqoGWXCLavGM63.99)” blog post by [Rich Sauer](https://blogs.microsoft.com/on-the-issues/author/rsauer/) - Microsoft Corporate Vice President & Deputy General Counsel.
-Although your journey to GDPR-compliance may seem challenging, we're here to help you. For specific information about the GDPR, our commitments and how to begin your journey, please visit the [GDPR section of the Microsoft Trust Center](https://www.microsoft.com/en-us/trustcenter/privacy/gdpr).
+Although your journey to GDPR-compliance may seem challenging, we're here to help you. For specific information about the GDPR, our commitments and how to begin your journey, please visit the [GDPR section of the Microsoft Trust Center](https://www.microsoft.com/trustcenter/privacy/gdpr).
## GDPR and its implications
The GDPR is a complex regulation that may require significant changes in how you gather, use and manage personal data. Microsoft has a long history of helping our customers comply with complex regulations, and when it comes to preparing for the GDPR, we are your partner on this journey.
@@ -75,7 +75,7 @@ Given how much is involved to become GDPR-compliant, we strongly recommend that
-For each of the steps, we've outlined example tools, resources, and features in various Microsoft solutions, which can be used to help you address the requirements of that step. While this article isn't a comprehensive “how-to” guide, we've included links for you to find out more details, and more info is available in the [GDPR section of the Microsoft Trust Center](https://www.microsoft.com/en-us/trustcenter/privacy/gdpr).
+For each of the steps, we've outlined example tools, resources, and features in various Microsoft solutions, which can be used to help you address the requirements of that step. While this article isn't a comprehensive “how-to” guide, we've included links for you to find out more details, and more info is available in the [GDPR section of the Microsoft Trust Center](https://www.microsoft.com/trustcenter/privacy/gdpr).
## Windows Server security and privacy
The GDPR requires you to implement appropriate technical and organizational security measures to protect personal data and processing systems. In the context of the GDPR, your physical and virtual server environments are potentially processing personal and sensitive data. Processing can mean any operation or set of operations, such as data collection, storage, and retrieval.
@@ -182,7 +182,7 @@ Imagine this scenario if the DNS admin's credentials were stolen. First, since t
In addition, many organizations use the free [Local Administrator Password Solution (LAPS)](http://aka.ms/laps) as a simple yet powerful JIT administration mechanism for their server and client systems. The LAPS capability provides management of local account passwords of domain joined computers. Passwords are stored in Active Directory (AD) and protected by and Access Control List (ACL) so only eligible users can read it or request its reset.
-As noted in the [Windows Credential Theft Mitigation Guide](https://www.microsoft.com/en-us/download/confirmation.aspx?id=54095),
+As noted in the [Windows Credential Theft Mitigation Guide](https://www.microsoft.com/download/confirmation.aspx?id=54095),
> “_the tools and techniques criminals use to carry out credential theft and reuse attacks improve, malicious attackers are finding it easier to achieve their goals. Credential theft often relies on operational practices or user credential exposure, so effective mitigations require a holistic approach that addresses people, processes, and technology. In addition, these attacks rely on the attacker stealing credentials after compromising a system to expand or persist access, so organizations must contain breaches rapidly by implementing strategies that prevent attackers from moving freely and undetected in a compromised network._”
diff --git a/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-create-a-shielded-vm-template.md b/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-create-a-shielded-vm-template.md
index b65fcde8a8..746171b2d5 100644
--- a/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-create-a-shielded-vm-template.md
+++ b/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-create-a-shielded-vm-template.md
@@ -54,7 +54,7 @@ Perform the following steps on a computer running Windows Server 2016, Windows 1
Install-WindowsFeature RSAT-Shielded-VM-Tools -Restart
- You can also administer the server from a client computer on which you have installed the [Windows 10 Remote Server Administration Tools](https://www.microsoft.com/en-us/download/details.aspx?id=45520).
+ You can also administer the server from a client computer on which you have installed the [Windows 10 Remote Server Administration Tools](https://www.microsoft.com/download/details.aspx?id=45520).
3. Obtain or create a certificate to sign the VSC for the VHDX that will become the template disk for new shielded VMs. Details about this certificate will be shown to tenants when they create their shielding data files and are authorizing disks they trust. Therefore, it is important to obtain this certificate from a certificate authority mutually trusted by you and your tenants. In enterprise scenarios where you are both the hoster and tenant, you might consider issuing this certificate from your PKI.
diff --git a/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-deploying-hgs-overview.md b/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-deploying-hgs-overview.md
index 58af99b29b..b975fd784c 100644
--- a/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-deploying-hgs-overview.md
+++ b/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-deploying-hgs-overview.md
@@ -18,7 +18,7 @@ One of the most important goals of providing a hosted environment is to guarante
## Video: Deploying a guarded fabric
-> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/dcd8e99f-36f1-4bc8-b3d2-9576da38d9f1?autoplay=false]
+> [!VIDEO https://www.microsoft.com/videoplayer/embed/dcd8e99f-36f1-4bc8-b3d2-9576da38d9f1?autoplay=false]
## Deployment tasks for guarded fabrics and shielded VMs
diff --git a/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-shielded-vm-planning-for-tenants.md b/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-shielded-vm-planning-for-tenants.md
index 82766dcc9c..ab88b379df 100644
--- a/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-shielded-vm-planning-for-tenants.md
+++ b/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-shielded-vm-planning-for-tenants.md
@@ -69,7 +69,7 @@ When creating a shielded or encryption-supported VM or converting an existing VM
**How many shielding data files do I need?** A single shielding data file can be used to create every shielded VM. If, however, a given shielded VM requires that any of the four items be different, then an additional shielding data file is necessary. For example, you might have one shielding data file for your IT department and a different shielding data file for the HR department because their initial administrator password and RDP certificates differed.
-While using separate shielding data files for each shielded VM is possible, it is not necessarily the optimal choice and should be done for the right reasons. For example, if every shielded VM needs to have a different administrator password, consider instead using a password management service or tool such as [Microsoft's Local Administrator Password Solution (LAPS)](https://www.microsoft.com/en-us/download/details.aspx?id=46899).
+While using separate shielding data files for each shielded VM is possible, it is not necessarily the optimal choice and should be done for the right reasons. For example, if every shielded VM needs to have a different administrator password, consider instead using a password management service or tool such as [Microsoft's Local Administrator Password Solution (LAPS)](https://www.microsoft.com/download/details.aspx?id=46899).
## Creating a shielded VM on a virtualization fabric
diff --git a/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-vm-shielding-helper-vhd.md b/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-vm-shielding-helper-vhd.md
index 3b1ecfcfcc..5c6975b3dd 100644
--- a/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-vm-shielding-helper-vhd.md
+++ b/WindowsServerDocs/security/guarded-fabric-shielded-vm/guarded-fabric-vm-shielding-helper-vhd.md
@@ -15,7 +15,7 @@ ms.date: 08/29/2018
>Applies to: Windows Server 2019, Windows Server (Semi-Annual Channel), Windows Server 2016
> [!IMPORTANT]
-> Before beginning these procedures, ensure that you have installed the latest cumulative update for Windows Server 2016 or are using the latest Windows 10 [Remote Server Administration Tools](https://www.microsoft.com/en-us/download/details.aspx?id=45520). Otherwise, the procedures will not work.
+> Before beginning these procedures, ensure that you have installed the latest cumulative update for Windows Server 2016 or are using the latest Windows 10 [Remote Server Administration Tools](https://www.microsoft.com/download/details.aspx?id=45520). Otherwise, the procedures will not work.
This section outlines steps performed by a hosting service provider to enable support for converting existing VMs to shielded VMs.
diff --git a/WindowsServerDocs/security/kerberos/preventing-kerberos-change-password-that-uses-rc4-secret-keys.md b/WindowsServerDocs/security/kerberos/preventing-kerberos-change-password-that-uses-rc4-secret-keys.md
index 7aa724b849..98caa8b40b 100644
--- a/WindowsServerDocs/security/kerberos/preventing-kerberos-change-password-that-uses-rc4-secret-keys.md
+++ b/WindowsServerDocs/security/kerberos/preventing-kerberos-change-password-that-uses-rc4-secret-keys.md
@@ -26,8 +26,8 @@ In the Windows operating systems designated in the Applies To list at the beginn
[!NOTE]
There is a known issue with disabling RC4 which can cause the system to restart. See the following hotfixes:
- - [Windows Server 2012 R2](https://support.microsoft.com/en-us/kb/3038261)
- - [Windows Server 2012](https://support.microsoft.com/en-us/kb/3086213)
+ - [Windows Server 2012 R2](https://support.microsoft.com/kb/3038261)
+ - [Windows Server 2012](https://support.microsoft.com/kb/3086213)
- No hotfix is available for earlier versions of Windows Server
- Deploy domains set to Windows Server 2012 R2 domain functional level or higher, and configure users as members of the Protected Users security group. Because this feature disrupts more than just RC4 usage in the Kerberos protocol, see resources in the following [See also](#see-also) section.
diff --git a/WindowsServerDocs/security/security-and-assurance-old.md b/WindowsServerDocs/security/security-and-assurance-old.md
index 80b92bbacb..c93dd5209c 100644
--- a/WindowsServerDocs/security/security-and-assurance-old.md
+++ b/WindowsServerDocs/security/security-and-assurance-old.md
@@ -105,11 +105,11 @@ Control Flow Guard provides built-in protection against some classes of memory c
### [Windows Defender](https://technet.microsoft.com/windows-server-docs/security/windows-defender/windows-defender-overview-windows-server)
Windows Defender provides active detection capabilities to block known malware. Windows Defender is turned on by default and is optimized to support the various server roles in Windows Server.
-## Detecting and Responding to Threats
+## Detecting and Responding to Threats
### [Security Threat Analysis Using Microsoft Operations Management Suite](https://channel9.msdn.com/events/ignite/2015/brk3464)
This Ignite presentation discusses how you can use Operational Insights to perform security threat analysis.
-### [Microsoft Operations Management Suite (OMS)](https://www.microsoft.com/en-us/server-cloud/operations-management-suite/overview.aspx)
+### [Microsoft Operations Management Suite (OMS)](https://www.microsoft.com/server-cloud/operations-management-suite/overview.aspx)
The Microsoft Operations Management Suite (OMS) Security and Audit solution processes security logs and firewall events from on-premises and cloud environments to analyze and detect malicious behavior.
### [OMS and Windows Server](https://www.youtube.com/watch?v=_SaDw1dRy2k)
diff --git a/WindowsServerDocs/storage/file-server/Troubleshoot/troubleshooting-smb.md b/WindowsServerDocs/storage/file-server/Troubleshoot/troubleshooting-smb.md
index 2116845b69..b6ba4d7dc8 100644
--- a/WindowsServerDocs/storage/file-server/Troubleshoot/troubleshooting-smb.md
+++ b/WindowsServerDocs/storage/file-server/Troubleshoot/troubleshooting-smb.md
@@ -153,7 +153,7 @@ Both SMB Client and SMB Server have a detailed event log structure, as shown in
## SMB-related system files
-This section lists the SMB-related system files. To keep the system files updated, make sure that the latest [update rollup](https://support.microsoft.com/en-us/help/4498140/windows-10-update-history) is installed.
+This section lists the SMB-related system files. To keep the system files updated, make sure that the latest [update rollup](https://support.microsoft.com/help/4498140/windows-10-update-history) is installed.
SMB Client binaries that are listed under **%windir%\\system32\\Drivers**:
diff --git a/WindowsServerDocs/storage/file-server/disk-cleanup.md b/WindowsServerDocs/storage/file-server/disk-cleanup.md
index 12854dbb47..89e171f389 100644
--- a/WindowsServerDocs/storage/file-server/disk-cleanup.md
+++ b/WindowsServerDocs/storage/file-server/disk-cleanup.md
@@ -71,6 +71,6 @@ To have Disk Cleanup button appear on a disk's Properties dialog, you will also
## Additional references
-[Free up drive space in Windows 10](https://support.microsoft.com/en-us/help/12425/windows-10-free-up-drive-space)
+[Free up drive space in Windows 10](https://support.microsoft.com/help/12425/windows-10-free-up-drive-space)
[cleanmgr](../../administration/windows-commands/cleanmgr.md)
diff --git a/WindowsServerDocs/storage/storage-replica/cluster-to-cluster-azure-cross-region.md b/WindowsServerDocs/storage/storage-replica/cluster-to-cluster-azure-cross-region.md
index 2f41001ab8..b71640e393 100644
--- a/WindowsServerDocs/storage/storage-replica/cluster-to-cluster-azure-cross-region.md
+++ b/WindowsServerDocs/storage/storage-replica/cluster-to-cluster-azure-cross-region.md
@@ -17,7 +17,7 @@ manager: mchad
You can configure Cluster to Cluster Storage Replicas for cross-region applications in Azure. In the examples below, we use a two-node cluster, but Cluster to Cluster storage replica isn't restricted to a two-node cluster. The illustration below is a two-node Storage Space Direct cluster that can communicate with each other, are in the same domain, and are cross-region.
Watch the video below for a complete walk-through of the process.
-> [!video https://www.microsoft.com/en-us/videoplayer/embed/RE26xeW]
+> [!video https://www.microsoft.com/videoplayer/embed/RE26xeW]
> [!IMPORTANT]
diff --git a/WindowsServerDocs/storage/storage-replica/cluster-to-cluster-azure-one-region.md b/WindowsServerDocs/storage/storage-replica/cluster-to-cluster-azure-one-region.md
index 34edb1cecb..474f8da725 100644
--- a/WindowsServerDocs/storage/storage-replica/cluster-to-cluster-azure-one-region.md
+++ b/WindowsServerDocs/storage/storage-replica/cluster-to-cluster-azure-one-region.md
@@ -19,10 +19,10 @@ You can configure cluster to cluster storage replication within the same region
Watch the videos below for a complete walk-through of the process.
Part one
-> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE26f2Y]
+> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE26f2Y]
Part two
-> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE269Pq]
+> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE269Pq]
> [!IMPORTANT]
diff --git a/WindowsServerDocs/storage/storage-spaces/Storage-Spaces-Fault-Tolerance.md b/WindowsServerDocs/storage/storage-spaces/Storage-Spaces-Fault-Tolerance.md
index 1e05b3258e..23b83459ef 100644
--- a/WindowsServerDocs/storage/storage-spaces/Storage-Spaces-Fault-Tolerance.md
+++ b/WindowsServerDocs/storage/storage-spaces/Storage-Spaces-Fault-Tolerance.md
@@ -50,7 +50,7 @@ Three-way mirroring can safely tolerate at least [two hardware problems (drive o
## Parity
-Parity encoding, often called 'erasure coding', provides fault tolerance using bitwise arithmetic, which can get [remarkably complicated](https://www.microsoft.com/en-us/research/wp-content/uploads/2016/02/LRC12-cheng20webpage.pdf). The way this works is less obvious than mirroring, and there are many great online resources (for example, this third-party [Dummies Guide to Erasure Coding](http://smahesh.com/blog/2012/07/01/dummies-guide-to-erasure-coding/)) that can help you get the idea. Sufficed to say it provides better storage efficiency without compromising fault tolerance.
+Parity encoding, often called 'erasure coding', provides fault tolerance using bitwise arithmetic, which can get [remarkably complicated](https://www.microsoft.com/research/wp-content/uploads/2016/02/LRC12-cheng20webpage.pdf). The way this works is less obvious than mirroring, and there are many great online resources (for example, this third-party [Dummies Guide to Erasure Coding](http://smahesh.com/blog/2012/07/01/dummies-guide-to-erasure-coding/)) that can help you get the idea. Sufficed to say it provides better storage efficiency without compromising fault tolerance.
In Windows Server 2016, Storage Spaces offers two flavors of parity – 'single' parity and 'dual' parity, the latter employing an advanced technique called 'local reconstruction codes' at larger scales.
@@ -209,7 +209,7 @@ Every link below is inline somewhere in the body of this topic.
- [Storage Spaces Direct in Windows Server 2016](storage-spaces-direct-overview.md)
- [Fault Domain Awareness in Windows Server 2016](../../failover-clustering/fault-domains.md)
-- [Erasure Coding in Azure by Microsoft Research](https://www.microsoft.com/en-us/research/publication/erasure-coding-in-windows-azure-storage/)
+- [Erasure Coding in Azure by Microsoft Research](https://www.microsoft.com/research/publication/erasure-coding-in-windows-azure-storage/)
- [Local Reconstruction Codes and Accelerating Parity Volumes](https://blogs.technet.microsoft.com/filecab/2016/09/06/volume-resiliency-and-efficiency-in-storage-spaces-direct/)
- [Volumes in the Storage Management API](https://blogs.technet.microsoft.com/filecab/2016/08/29/deep-dive-volumes-in-spaces-direct/)
- [Storage Efficiency Demo at Microsoft Ignite 2016](https://www.youtube.com/watch?v=-LK2ViRGbWs&t=36m55s)
diff --git a/WindowsServerDocs/storage/storage.md b/WindowsServerDocs/storage/storage.md
index 210a00e732..cbb7ebfd10 100644
--- a/WindowsServerDocs/storage/storage.md
+++ b/WindowsServerDocs/storage/storage.md
@@ -140,4 +140,4 @@ Storage in Windows Server provides new and improved features for software-define
## In Azure
* [Azure Storage](https://azure.microsoft.com/documentation/services/storage/)
-* [Azure StorSimple](https://www.microsoft.com/en-us/cloud-platform/azure-storsimple)
+* [Azure StorSimple](https://www.microsoft.com/cloud-platform/azure-storsimple)
diff --git a/WindowsServerDocs/troubleshoot/windows-server-support-solutions-old.md b/WindowsServerDocs/troubleshoot/windows-server-support-solutions-old.md
index 6c3a2443ae..821debeb8f 100644
--- a/WindowsServerDocs/troubleshoot/windows-server-support-solutions-old.md
+++ b/WindowsServerDocs/troubleshoot/windows-server-support-solutions-old.md
@@ -13,7 +13,7 @@ ms.author: elizapo
# Top support solutions for Windows Server 2016
-Microsoft regularly releases both updates and solutions for Windows Server. To ensure your servers can receive future updates, including security updates, it's important to keep your servers updated. Check out [Windows 10 and Windows Server 2016 update history](https://support.microsoft.com/en-us/help/4000825/windows-10-windows-server-2016-update-history) for a complete list of released updates.
+Microsoft regularly releases both updates and solutions for Windows Server. To ensure your servers can receive future updates, including security updates, it's important to keep your servers updated. Check out [Windows 10 and Windows Server 2016 update history](https://support.microsoft.com/help/4000825/windows-10-windows-server-2016-update-history) for a complete list of released updates.
These are the top Microsoft Support solutions for the most common issues experienced when using Windows Server 2016. The links below include links to KB articles, updates, and library articles.
@@ -23,9 +23,9 @@ These are the top Microsoft Support solutions for the most common issues experie
## Solutions for installing or upgrading Windows Server
- [Resolve Windows 10 upgrade errors : Technical information for IT Pros](https://docs.microsoft.com/windows/deployment/upgrade/resolve-windows-10-upgrade-errors)
-- [Servicing stack update for Windows 10 Version 1607 and Windows Server 2016: August 8, 2017](https://support.microsoft.com/en-US/help/4035631)
-- [Compatibility update for upgrading to Windows 10 Version 1607 and Windows Server 2016: August 3, 2017](https://support.microsoft.com/en-US/help/4033524)
-- [An in-place system upgrade is not supported on Windows-based Azure VMs](https://support.microsoft.com/en-US/help/4014997)
+- [Servicing stack update for Windows 10 Version 1607 and Windows Server 2016: August 8, 2017](https://support.microsoft.com/help/4035631)
+- [Compatibility update for upgrading to Windows 10 Version 1607 and Windows Server 2016: August 3, 2017](https://support.microsoft.com/help/4033524)
+- [An in-place system upgrade is not supported on Windows-based Azure VMs](https://support.microsoft.com/help/4014997)
- [Upgrade and conversion options for Windows Server 2016](../get-started/supported-upgrade-paths.md)
- [Server role upgrade and migration matrix for Windows Server 2016](../get-started/server-role-upgradeability-table.md)
- [Windows Server Installation and Upgrade](../get-started/installation-and-upgrade.md)
diff --git a/WindowsServerDocs/troubleshoot/windows-server-troubleshooting.md b/WindowsServerDocs/troubleshoot/windows-server-troubleshooting.md
index 316b708185..92447d2a44 100644
--- a/WindowsServerDocs/troubleshoot/windows-server-troubleshooting.md
+++ b/WindowsServerDocs/troubleshoot/windows-server-troubleshooting.md
@@ -16,7 +16,7 @@ ms.author: kaushika
>- [!TIP]
> Looking for information about older versions of Windows Server? Check out our other - [Windows Server libraries](/previous-versions/windows/) on docs.microsoft.com. You can also - [search this site](https://docs.microsoft.com/search/index?search=Windows+Server&dataSource=previousVersions) for specific information.
-Microsoft regularly releases both updates for Windows Server. To ensure your servers can receive future updates, including security updates, it's important to keep your servers updated. Check out - [Windows 10 and Windows Server 2016 update history](https://support.microsoft.com/en-us/help/4000825/windows-10-windows-server-2016-update-history) for a complete list of released updates.
+Microsoft regularly releases both updates for Windows Server. To ensure your servers can receive future updates, including security updates, it's important to keep your servers updated. Check out - [Windows 10 and Windows Server 2016 update history](https://support.microsoft.com/help/4000825/windows-10-windows-server-2016-update-history) for a complete list of released updates.
This section contains advanced troubleshooting topics and links to help you resolve issues with Windows Server. Additional topics will be added as they become available.
diff --git a/WindowsServerDocs/virtualization/hyper-v/Supported-Linux-and-FreeBSD-virtual-machines-for-Hyper-V-on-Windows.md b/WindowsServerDocs/virtualization/hyper-v/Supported-Linux-and-FreeBSD-virtual-machines-for-Hyper-V-on-Windows.md
index 451785e930..b52dba3fc0 100644
--- a/WindowsServerDocs/virtualization/hyper-v/Supported-Linux-and-FreeBSD-virtual-machines-for-Hyper-V-on-Windows.md
+++ b/WindowsServerDocs/virtualization/hyper-v/Supported-Linux-and-FreeBSD-virtual-machines-for-Hyper-V-on-Windows.md
@@ -25,7 +25,7 @@ For other Linux distributions LIS changes are regularly integrated into the oper
For older FreeBSD releases (before 10.0), Microsoft provides ports that contain the installable BIS drivers and corresponding daemons for FreeBSD virtual machines. For newer FreeBSD releases, BIS is built in to the FreeBSD operating system, and no separate download or installation is required except for a KVP ports download that is needed for FreeBSD 10.0.
> [!TIP]
-> - Download [Windows Server 2019](https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2019) from the Evaluation Center.
+> - Download [Windows Server 2019](https://www.microsoft.com/evalcenter/evaluate-windows-server-2019) from the Evaluation Center.
The goal of this content is to provide information that helps facilitate your Linux or FreeBSD deployment on Hyper-V. Specific details include: