Merge branch 'main' into patch-2

windows/application-management/docfx.json

@@ -34,6 +34,7 @@
     "externalReference": [],
     "globalMetadata": {
       "recommendations": true,
+      "adobe-target": true,
       "breadcrumb_path": "/windows/resources/breadcrumb/toc.json",
       "ms.collection": [
         "tier2"

windows/client-management/connect-to-remote-aadj-pc.md

@@ -22,8 +22,8 @@ ms.technology: itpro-manage
 From its release, Windows has supported remote connections to devices joined to Active Directory using Remote Desktop Protocol (RDP). Windows 10, version 1607 added the ability to connect to a device that is joined to Azure Active Directory (Azure AD) using RDP.
 
 - Starting in Windows 10, version 1809, you can [use biometrics to authenticate to a remote desktop session](/windows/whats-new/whats-new-windows-10-version-1809#remote-desktop-with-biometrics).
-- Starting in Windows 10/11, with 2022-09 preview update installed, you can [use Azure AD authentication to connect to the remote Azure AD device](#connect-with-azure-ad-authentication).
-
+- Starting in Windows 10/11, with 2022-10 update installed, you can [use Azure AD authentication to connect to the remote Azure AD device](#connect-with-azure-ad-authentication).
+ 
 ## Prerequisites
 
 - Both devices (local and remote) must be running a supported version of Windows.
@@ -34,28 +34,35 @@ From its release, Windows has supported remote connections to devices joined to
 
 ## Connect with Azure AD Authentication
 
-Azure AD Authentication can be used on the following operating systems:
-
-- Windows 11 with [2022-09 Cumulative Updates for Windows 11 Preview (KB5017383)](https://support.microsoft.com/kb/KB5017383) or later installed.
-- Windows 10, version 20H2 or later with [2022-09 Cumulative Updates for Windows 10 Preview (KB5017380)](https://support.microsoft.com/kb/KB5017380) or later installed.
-- Windows Server 2022 with [2022-09 Cumulative Update for Microsoft server operating system preview (KB5017381)](https://support.microsoft.com/kb/KB5017381) or later installed.
+Azure AD Authentication can be used on the following operating systems for both the local and remote device:
 
+- Windows 11 with [2022-10 Cumulative Updates for Windows 11 (KB5018418)](https://support.microsoft.com/kb/KB5018418) or later installed.
+- Windows 10, version 20H2 or later with [2022-10 Cumulative Updates for Windows 10 (KB5018410)](https://support.microsoft.com/kb/KB5018410) or later installed.
+- Windows Server 2022 with [2022-10 Cumulative Update for Microsoft server operating system (KB5018421)](https://support.microsoft.com/kb/KB5018421) or later installed.
+   
 There's no requirement for the local device to be joined to a domain or Azure AD. As a result, this method allows you to connect to the remote Azure AD joined device from:
 
 - [Azure AD joined](/azure/active-directory/devices/concept-azure-ad-join) or [Hybrid Azure AD joined](/azure/active-directory/devices/concept-azure-ad-join-hybrid) device.
 - Active Directory joined device.
 - Workgroup device.
+ 
+Azure AD authentication can also be used to connect to Hybrid Azure AD joined devices.
 
 To connect to the remote computer:
 
 - Launch **Remote Desktop Connection** from Windows Search, or by running `mstsc.exe`.
-- Specify the name of the remote computer.
 - Select **Use a web account to sign in to the remote computer** option in the **Advanced** tab. This option is equivalent to the `enablerdsaadauth` RDP property. For more information, see [Supported RDP properties with Remote Desktop Services](/windows-server/remote/remote-desktop-services/clients/rdp-files).
+- Specify the name of the remote computer and select **Connect**. 
+
+    > [!NOTE]
+    > IP address cannot be used when **Use a web account to sign in to the remote computer** option is used.
+    > The name must match the hostname of the remote device in Azure AD and be network addressable, resolving to the IP address of the remote device.
+
 - When prompted for credentials, specify your user name in `user@domain.com` format.
 - You're then prompted to allow the remote desktop connection when connecting to a new PC. Azure AD remembers up to 15 hosts for 30 days before prompting again. If you see this dialogue, select **Yes** to connect.
 
 > [!IMPORTANT]
-> If your organization has configured and is using [Azure AD Conditional Access](/azure/active-directory/conditional-access/overview), your device must satisfy the conditional access requirements to allow connection to the remote computer.
+> If your organization has configured and is using [Azure AD Conditional Access](/azure/active-directory/conditional-access/overview), your device must satisfy the conditional access requirements to allow connection to the remote computer. Conditional Access policies with [grant controls](/azure/active-directory/conditional-access/concept-conditional-access-grant) and [session controls](/azure/active-directory/conditional-access/howto-conditional-access-session-lifetime) may be applied to the application **Microsoft Remote Desktop (a4a365df-50f1-4397-bc59-1a1564b8bb9c)** for controlled access.
 
 ### Disconnection when the session is locked
 
@@ -87,7 +94,7 @@ To connect to the remote computer:
 
 ### Supported configurations
 
-This table lists the supported configurations for remotely connecting to an Azure AD joined device:
+This table lists the supported configurations for remotely connecting to an Azure AD joined device without using Azure AD authentication:
 
 | **Criteria**                               | **Client operating system**       | **Supported credentials**                                          |
 |--------------------------------------------|-----------------------------------|--------------------------------------------------------------------|
@@ -99,7 +106,7 @@ This table lists the supported configurations for remotely connecting to an Azur
 > If the RDP client is running Windows Server 2016 or Windows Server 2019, to be able to connect to Azure AD joined devices, it must [allow Public Key Cryptography Based User-to-User (PKU2U) authentication requests to use online identities](/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities).
 
 > [!NOTE]
-> When an Azure AD group is added to the **Remote Desktop Users** group on a Windows device, it isn't honoured when the user that belongs to the Azure AD group logs in through RDP resulting in failure to establish the remote connection. In this scenario, Network Level Authentication should be disabled to allow the connection.
+> When an Azure AD group is added to the **Remote Desktop Users** group on a Windows device, it isn't honored when the user that belongs to the Azure AD group logs in through RDP, resulting in failure to establish the remote connection. In this scenario, Network Level Authentication should be disabled to allow the connection.
 
 ## Add users to Remote Desktop Users group
 
@@ -122,3 +129,5 @@ Remote Desktop Users group is used to grant users and groups permissions to remo
 ## Related articles
 
 [How to use Remote Desktop](https://support.microsoft.com/windows/how-to-use-remote-desktop-5fe128d5-8fb1-7a23-3b8a-41e636865e8c)
+
+

windows/client-management/docfx.json

@@ -34,6 +34,7 @@
     "externalReference": [],
     "globalMetadata": {
       "recommendations": true,
+      "adobe-target": true,
       "ms.collection": [
         "tier2"
       ],

windows/configuration/docfx.json

@@ -34,6 +34,7 @@
     "externalReference": [],
     "globalMetadata": {
       "recommendations": true,
+      "adobe-target": true,
       "ms.collection": [
         "tier2"
       ],

windows/deployment/TOC.yml

@@ -7,10 +7,10 @@
           href: deploy-whats-new.md
         - name: Windows client deployment scenarios
           href: windows-10-deployment-scenarios.md
-        - name: What is Windows as a service?
-          href: update/waas-quick-start.md
-        - name: Windows update fundamentals
-          href: update/waas-overview.md
+        - name: Quick guide to Windows as a service
+          href: update/waas-quick-start.md        
+        - name: Windows as a service overview
+          href: update/waas-overview.md      
         - name: Monthly quality updates
           href: update/quality-updates.md
         - name: Basics of Windows updates, channels, and tools
@@ -47,12 +47,12 @@
         - name: Define your servicing strategy
           href: update/plan-define-strategy.md
         - name: Delivery Optimization for Windows client updates
-          href: do/waas-delivery-optimization.md
+          href: do/waas-delivery-optimization.md?toc=/windows/deployment/toc.json&bc=/windows/deployment/breadcrumb/toc.json
           items:
             - name: Using a proxy with Delivery Optimization
-              href: do/delivery-optimization-proxy.md
+              href: do/delivery-optimization-proxy.md?toc=/windows/deployment/toc.json&bc=/windows/deployment/breadcrumb/toc.json
             - name: Delivery Optimization client-service communication
-              href: do/delivery-optimization-workflow.md
+              href: do/delivery-optimization-workflow.md?toc=/windows/deployment/toc.json&bc=/windows/deployment/breadcrumb/toc.json
         - name: Windows 10 deployment considerations
           href: planning/windows-10-deployment-considerations.md
         - name: Windows 10 infrastructure requirements
@@ -80,7 +80,7 @@
         - name: Update Baseline
           href: update/update-baseline.md
         - name: Set up Delivery Optimization for Windows client updates
-          href: do/index.yml
+          href: do/waas-delivery-optimization-setup.md?toc=/windows/deployment/toc.json&bc=/windows/deployment/breadcrumb/toc.json
         - name: Configure BranchCache for Windows client updates
           href: update/waas-branchcache.md
         - name: Prepare your deployment tools
@@ -339,7 +339,7 @@
         - name: Additional Windows Update settings
           href: update/waas-wu-settings.md
         - name: Delivery Optimization reference
-          href: do/waas-delivery-optimization-reference.md
+          href: do/waas-delivery-optimization-reference.md?toc=/windows/deployment/toc.json&bc=/windows/deployment/breadcrumb/toc.json
         - name: Windows client in S mode
           href: s-mode.md
         - name: Switch to Windows client Pro or Enterprise from S mode

windows/deployment/breadcrumb/toc.yml

@@ -46,3 +46,15 @@ items:
     - name: Deployment
       tocHref: /windows/client-management/mdm
       topicHref: /windows/deployment/     
+
+- name: Learn
+  tocHref: /
+  topicHref: /
+  items:
+  - name: Windows
+    tocHref: /windows/
+    topicHref: /windows/resources/
+    items:
+    - name: Deployment
+      tocHref: /windows/deployment/do
+      topicHref: /windows/deployment/

windows/deployment/do/TOC.yml

@@ -11,14 +11,12 @@
     href: waas-delivery-optimization-faq.yml    
   - name: Configure Delivery Optimization for Windows
     items:
-    - name: Windows Delivery Optimization settings
-      href: waas-delivery-optimization-setup.md#recommended-delivery-optimization-settings
+    - name: Set up Delivery Optimization for Windows
+      href: waas-delivery-optimization-setup.md
     - name: Configure Delivery Optimization settings using Microsoft Intune
       href: /mem/intune/configuration/delivery-optimization-windows
   - name: Resources for Delivery Optimization
     items:
-    - name: Set up Delivery Optimization for Windows
-      href: waas-delivery-optimization-setup.md
     - name: Delivery Optimization reference
       href: waas-delivery-optimization-reference.md
     - name: Delivery Optimization client-service communication

windows/deployment/docfx.json

@@ -34,6 +34,7 @@
     "externalReference": [],
     "globalMetadata": {
       "recommendations": true,
+      "adobe-target": true,
       "ms.collection": [
         "tier2"
       ],