From 2519c1ad713f88723de150e3ccdb445c5027fa56 Mon Sep 17 00:00:00 2001
From: "Vinay Pamnani (from Dev Box)" <vinpa@microsoft.com>
Date: Thu, 12 Sep 2024 10:53:28 -0600
Subject: [PATCH] Feedback from Kevin

---
 .../declared-configuration-discovery.md       |  6 ++---
 .../declared-configuration-enrollment.md      |  2 +-
 .../declared-configuration-extensibility.md   |  6 ++---
 .../declared-configuration-resource-access.md |  4 +--
 .../declared-configuration.md                 | 27 ++++++++++++++++++-
 .../mdm/declaredconfiguration-csp.md          |  2 +-
 6 files changed, 36 insertions(+), 11 deletions(-)

diff --git a/windows/client-management/declared-configuration-discovery.md b/windows/client-management/declared-configuration-discovery.md
index 39961529d8..aabd1dd644 100644
--- a/windows/client-management/declared-configuration-discovery.md
+++ b/windows/client-management/declared-configuration-discovery.md
@@ -1,7 +1,7 @@
 ---
 title: Windows declared configuration discovery
 description: Learn more about configuring discovery for Windows declared configuration enrollment.
-ms.date: 08/16/2024
+ms.date: 09/12/2024
 ms.topic: how-to
 ---
 
@@ -21,7 +21,7 @@ This article outlines the schema structure for the HTTP request and response bod
 | `client-request-id: %s`          | No       | Request ID                        |
 | `Content-Type: application/json` | Yes      | HTTP Content-Type                 |
 
-### HTTP Request Body (JSON)
+### HTTP request body (JSON)
 
 | Field | Required | Description |
 |--|--|--|
@@ -32,7 +32,7 @@ This article outlines the schema structure for the HTTP request and response bod
 | `enrollmentType` | Entra joined: No <br>Entra registered: Yes | Enrollment type of the enrolled account. <br><br>Supported Values: <br>- `Device`: Indicates the parent enrollment type is Entra joined (DS response should specify "AuthPolicy": "Federated"). <br>- `User`: Indicates parent enrollment type is Entra registered (DS response should specify "AuthPolicy": "Certificate"). <br>- Legacy case (Entra joined only): If the `enrollmentType` parameter isn't included in the request body, the device should be treated as Entra joined. |
 | `osVersion` | Yes | OS version on the device. The DS can use the `osVersion` to determine if the client platform supports WinDC enrollment. Review [supported platforms](declared-configuration.md#supported-platforms) for details. |
 
-### HTTP DS Response Body (JSON)
+### HTTP DS response body (JSON)
 
 | Field                        | Required | Description                                                                                                                                |
 |------------------------------|----------|--------------------------------------------------------------------------------------------------------------------------------------------|
diff --git a/windows/client-management/declared-configuration-enrollment.md b/windows/client-management/declared-configuration-enrollment.md
index cfab485257..45ba4643d2 100644
--- a/windows/client-management/declared-configuration-enrollment.md
+++ b/windows/client-management/declared-configuration-enrollment.md
@@ -1,7 +1,7 @@
 ---
 title: Windows declared configuration enrollment
 description: Learn more about configuring enrollment for Windows declared configuration protocol.
-ms.date: 08/16/2024
+ms.date: 09/12/2024
 ms.topic: how-to
 ---
 
diff --git a/windows/client-management/declared-configuration-extensibility.md b/windows/client-management/declared-configuration-extensibility.md
index 6dcebc35b3..bb2faea5f1 100644
--- a/windows/client-management/declared-configuration-extensibility.md
+++ b/windows/client-management/declared-configuration-extensibility.md
@@ -1,11 +1,11 @@
 ---
 title: Windows declared configuration extensibility
 description: Learn more about Windows declared configuration extensibility through native WMI providers.
-ms.date: 08/16/2024
+ms.date: 09/12/2024
 ms.topic: how-to
 ---
 
-# Declared configuration extensibility providers
+# Declared configuration extensibility
 
 The Windows declared configuration (WinDC) enrollment offers extensibility through native WMI providers. This feature instantiates and interfaces with a Windows Management Instrumentation (WMI) provider that implements a management infrastructure (MI) interface. The interface must implement GetTargetResource, TestTargetResource, and SetTargetResource methods, and can implement any number of string properties.
 
@@ -58,7 +58,7 @@ To create a native WMI provider, follow the steps outlined in [How to implement
 5. Copy the generated files into the provider's project folder.
 6. Start the development process.
 
-## Example MI Provider
+## Example MI provider
 
 This example provides more details about each step to demonstrate how to implement a sample native resource named `MSFT_FileDirectoryConfiguration`.
 
diff --git a/windows/client-management/declared-configuration-resource-access.md b/windows/client-management/declared-configuration-resource-access.md
index db8eac3115..d414e05b95 100644
--- a/windows/client-management/declared-configuration-resource-access.md
+++ b/windows/client-management/declared-configuration-resource-access.md
@@ -1,7 +1,7 @@
 ---
 title: Windows declared configuration resource access
 description: Learn more about configuring resource access using Windows declared Configuration.
-ms.date: 08/16/2024
+ms.date: 09/12/2024
 ms.topic: how-to
 ---
 
@@ -287,7 +287,7 @@ This example demonstrates how to use `<Delete>` to remove the configuration requ
 </SyncML>
 ```
 
-## Resource Ownership
+## Resource ownership
 
 MDM-managed resources, such as a VPN profile, are transferred/migrated to WinDC management when a WinDC document is sent to the device for the same resource. This resource stays under WinDC management until the WinDC document is [deleted](mdm/declaredconfiguration-csp.md#delete-a-windc-document) or [abandoned](mdm/declaredconfiguration-csp.md#abandon-a-windc-document). Otherwise, when MDM tries to manage the same resource via the legacy MDM channel using SyncML, it fails with error 0x86000031.
 
diff --git a/windows/client-management/declared-configuration.md b/windows/client-management/declared-configuration.md
index ac73cd5e28..a0a28f91ae 100644
--- a/windows/client-management/declared-configuration.md
+++ b/windows/client-management/declared-configuration.md
@@ -1,7 +1,7 @@
 ---
 title: Windows declared configuration protocol
 description: Learn more about using Windows declared configuration (WinDC) protocol for desired state management of Windows devices.
-ms.date: 08/16/2024
+ms.date: 09/12/2024
 ms.topic: overview
 ---
 
@@ -105,3 +105,28 @@ To identify, adjust or remove the refresh schedule, use the **RefreshInterval**
       </SyncBody>
     </SyncML>
     ```
+
+## Troubleshooting
+
+If the processing of declared configuration document fails, the errors are logged to Windows event logs:
+
+- Admin events: `Application and Service Logs\Microsoft\Windows\DeviceManagement-Enterprise-Diagnostics-Provider\Admin`.
+- Operational events: `Application and Service Logs\Microsoft\Windows\DeviceManagement-Enterprise-Diagnostics-Provider\Operational`.
+
+### Common errors
+
+- If the `<LocURI>` uses **Device** scope, while DeclaredConfiguration document specifies **User** context, Admin event log shows an error message similar to:
+
+    `MDM ConfigurationManager: Command failure status. Configuration Source ID: (DAD70CC2-365B-450D-A8AB-2EB23F4300CC), Enrollment Name: (MicrosoftManagementPlatformCloud), Provider Name: (DeclaredConfiguration), Command Type: (SetValue: from Replace), CSP URI: (./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Documents/DCA000B5-397D-40A1-AABF-40B25078A7F9/Document), Result: (The system cannot find the file specified.)`
+
+- If the Document ID doesn't match between the `<LocURI>` and inside DeclaredConfiguration document, Admin event log shows an error message similar to:
+
+    `MDM Declared Configuration: End document parsing from CSP: Document Id: (DCA000B5-397D-40A1-AABF-40B25078A7F91), Scenario: (MSFTVPN), Version: (A0), Enrollment Id: (DAD70CC2-365B-450D-A8AB-2EB23F4300CC), Current User: (S-1-5-21-3436249567-4017981746-3373817415-1001), Schema: (1.0), Download URL: (), Scope: (0x1), Enroll Type: (0x1A), File size: (0xDE2), CSP Count: (0x1), URI Count: (0xF), Action Requested: (0x0), Model: (0x1), Result:(0x8000FFFF) Catastrophic failure.`
+
+- Any typo in the OMA-URI results in a failure. In this example, `TrafficFilterList` is specified instead of `TrafficFilterLists`, and Admin event log shows an error message similar to:
+
+    `MDM ConfigurationManager: Command failure status. Configuraton Source ID: (DAD70CC2-365B-450D-A8AB-2EB23F4300CC), Enrollment Type: (MicrosoftManagementPlatformCloud), CSP Name: (vpnv2), Command Type: (Add: from Replace or Add), CSP URI: (./user/vendor/msft/vpnv2/Test_SonicWall/TrafficFilterLists), Result: (Unknown Win32 Error code: 0x86000002).`
+
+    There's also another warning message in operational channel:
+
+    `MDM Declared Configuration: Function (DeclaredConfigurationExtension_PolicyCSPConfigureGivenCurrentDoc) operation (ErrorAtDocLevel: one or more CSPs failed) failed with (Unknown Win32 Error code: 0x82d00007)`
\ No newline at end of file
diff --git a/windows/client-management/mdm/declaredconfiguration-csp.md b/windows/client-management/mdm/declaredconfiguration-csp.md
index fc40da1810..4251c9ab44 100644
--- a/windows/client-management/mdm/declaredconfiguration-csp.md
+++ b/windows/client-management/mdm/declaredconfiguration-csp.md
@@ -1,7 +1,7 @@
 ---
 title: DeclaredConfiguration CSP
 description: Learn more about the DeclaredConfiguration CSP.
-ms.date: 08/16/2024
+ms.date: 09/12/2024
 ---
 
 <!-- Auto-Generated CSP Document -->