Merge branch 'main' into do_docs_12_22

windows/deployment/do/mcc-isp-faq.yml

@@ -28,12 +28,18 @@ sections:
       - question: What are the prerequisites and hardware requirements?
         answer: | 
          - Azure subscription  
-         - Hardware to host Microsoft Connected Cache:   
+         - Hardware to host Microsoft Connected Cache
+         - Ubuntu 20.04 LTS on a physical server or VM of your choice. 
+         
+         > [!NOTE]
+         > The Microsoft Connected Cache is deployed and managed using Azure IoT Edge and Ubuntu 20.04 is an [Azure IoT Edge Tier 1 operating system](/azure/iot-edge/support?view=iotedge-2020-11#tier-1). Additionally, the Microsoft Connected Cache module is optimized for Ubuntu 20.04 LTS. 
+         
+         The following are recommended hardware configurations:   
           
           <!--Using include file, mcc-prerequisites.md, for shared content on DO monitoring-->
           [!INCLUDE [Microsoft Connected Cache Prerequisites](includes/mcc-prerequisites.md)]
 
-         We have one customer who is able to achieve 40-Gbps egress rate using the following hardware specification:  
+         We have one customer who is able to achieve mid-30s Gbps egress rate using the following hardware specification:  
           - Dell PowerEdge R330  
           - 2 x Intel(R) Xeon(R) CPU E5-2630 v3 @ 2.40 GHz, total 32 core  
           - 48 GB, Micron Technology 18ASF1G72PDZ-2G1A1, Speed: 2133 MT/s  

windows/deployment/do/waas-delivery-optimization-reference.md

@@ -64,7 +64,7 @@ In MDM, the same settings are under **.Vendor/MSFT/Policy/Config/DeliveryOptimiz
 | [Delay foreground download cache server fallback (in secs)](#delay-foreground-download-cache-server-fallback-in-secs) | DelayCacheServerFallbackForeground | 1903 |
 | [Delay background download cache server fallback (in secs)](#delay-background-download-cache-server-fallback-in-secs) | DelayCacheServerFallbackBackground | 1903 |
 | [Cache Server Hostname](#cache-server-hostname) | DOCacheHost | 1809  |
-| [Cache Server Hostname Source](#cache-server-hostname-source) | DOCacheHostSource | 1809  |
+| [Cache Server Hostname Source](#cache-server-hostname-source) | DOCacheHostSource | 2004 |
 | [Maximum Foreground Download Bandwidth (in KB/s)](#maximum-background-download-bandwidth-in-kbs)         | DOMaxForegroundDownloadBandwidth | 2004 |
 | [Maximum Background Download Bandwidth (in KB/s)](#maximum-background-download-bandwidth-in-kbs) | DOMaxBackgroundDownloadBandwidth | 2004 |
 

windows/deployment/do/waas-delivery-optimization-setup.md

@@ -91,8 +91,6 @@ To do this with MDM, go to **./Device/Vendor/MSFT/Policy/Config/DeliveryOptimiza
 
 Many devices now come with large internal drives. You can set Delivery Optimization to take better advantage of this space (especially if you have large numbers of devices) by changing the minimum file size to cache. If you have more than 30 devices in your local network or group, change it from the default 50 MB to 10 MB. If you have more than 100 devices (and are running Windows 10, version 1803 or later), set this value to 1 MB.
 
-[//]: # (default of 50 aimed at consumer)
-
 To do this in Group Policy, go to **Computer Configuration\Administrative Templates\Windows Components\Delivery Optimization** and set **Minimum Peer Caching Content File Size** to 10 (if you have more than 30 devices) or 1 (if you have more than 100 devices).
 
 To do this with MDM, go to **./Device/Vendor/MSFT/Policy/Config/DeliveryOptimization/** and set [DOMinFileSizeToCache](/windows/client-management/mdm/policy-csp-deliveryoptimization#dominfilesizetocache) to 100 (if you have more than 30 devices) or 1 (if you have more than 100 devices).

windows/deployment/update/servicing-stack-updates.md

@@ -21,6 +21,7 @@ ms.date: 12/31/2017
 
 -   Windows 10
 -   Windows 11
+-   Windows Server
 
 ## What is a servicing stack update?
 Servicing stack updates provide fixes to the servicing stack, the component that installs Windows updates. Additionally, it contains the "component-based servicing stack" (CBS), which is a key underlying component for several elements of Windows deployment, such as DISM, SFC, changing Windows features or roles, and repairing components. The CBS is a small component that typically does not have updates released every month.
@@ -61,3 +62,5 @@ Typically, the improvements are reliability and performance improvements that do
 ## Simplifying on-premises deployment of servicing stack updates
 
 With the Windows Update experience, servicing stack updates and cumulative updates are deployed together to the device. The update stack automatically orchestrates the installation, so both are applied correctly. Starting in February 2021, the cumulative update will include the latest servicing stack updates, to provide a single cumulative update payload to both Windows Server Update Services (WSUS) and Microsoft Catalog. If you use an endpoint management tool backed by WSUS, such as Configuration Manager, you will only have to select and deploy the monthly cumulative update. The latest servicing stack updates will automatically be applied correctly. Release notes and file information for cumulative updates, including those related to the servicing stack, will be in a single KB article. The combined monthly cumulative update will be available on Windows 10, version 2004 and later starting with the 2021 2C release, KB4601382.
+
+

windows/deployment/update/waas-wu-settings.md

@@ -10,7 +10,7 @@ ms.topic: article
 ms.collection: highpri
 date: 09/22/2022
 ms.technology: itpro-updates
-ms.date: 12/31/2017
+ms.date: 01/06/2023
 ---
 
 # Manage additional Windows Update settings
@@ -156,7 +156,7 @@ Enables the IT admin to manage automatic update behavior to scan, download, and
 
 #### Configuring Automatic Updates by using Group Policy
 
-Under **Computer Configuration\Administrative Templates\Windows Components\Windows update\Configure Automatic Updates**, you must select one of the four options:
+Under **Computer Configuration\Administrative Templates\Windows Components\Windows update\Configure Automatic Updates**, you must select one of the following options:
 
 **2 - Notify for download and auto install** -  When Windows finds updates that apply to this device, users will be notified that updates are ready to be downloaded. After going to **Settings > Update & security > Windows Update**, users can download and install any available updates.
 
@@ -164,11 +164,13 @@ Under **Computer Configuration\Administrative Templates\Windows Components\Windo
 
 **4 - Auto download and schedule the install** - Specify the schedule using the options in the Group Policy Setting. For more information about this setting, see [Schedule update installation](waas-restart.md#schedule-update-installation).
 
-**5 - Allow local admin to choose setting** - With this option, local administrators will be allowed to use the settings app to select a configuration option of their choice. Local administrators will not be allowed to disable the configuration for Automatic Updates.
+**5 - Allow local admin to choose setting** - With this option, local administrators will be allowed to use the settings app to select a configuration option of their choice. Local administrators will not be allowed to disable the configuration for Automatic Updates. This option is not available in any Windows 10 or later versions. 
 
-If this setting is set to *Disabled*, any updates that are available on Windows Update must be downloaded and installed manually. To do this, users must go to **Settings > Update & security > Windows Update**.
+**7 - Notify for install and notify for restart** (Windows Server 2016 and later only) - With this option, when Windows finds updates that apply to this device, they will be downloaded, then users will be notified that updates are ready to be installed. Once updates are installed, a notification will be displayed to users to restart the device. 
 
-If this setting is set to *Not Configured*, an administrator can still configure Automatic Updates through the settings app, under **Settings > Update & security > Windows Update > Advanced options**.
+If this setting is set to **Disabled**, any updates that are available on Windows Update must be downloaded and installed manually. To do this, users must go to **Settings > Update & security > Windows Update**.
+
+If this setting is set to **Not Configured**, an administrator can still configure Automatic Updates through the settings app, under **Settings > Update & security > Windows Update > Advanced options**.
 
 #### Configuring Automatic Updates by editing the registry
 
@@ -205,6 +207,10 @@ To do this, follow these steps:
 
      * **4**: Automatically download and scheduled installation.
 
+     * **5**: Allow local admin to select the configuration mode. This option is not available for Windows 10 or later versions.
+
+     * **7**:  Notify for install and notify for restart. (Windows Server 2016 and later only)
+
    * ScheduledInstallDay (REG_DWORD):
 
      * **0**: Every day.

windows/deployment/update/wufb-reports-configuration-intune.md

@@ -8,7 +8,7 @@ author: mestew
 ms.author: mstewart
 ms.localizationpriority: medium
 ms.topic: article
-ms.date: 12/05/2022
+ms.date: 12/22/2022
 ms.technology: itpro-updates
 ---
 
@@ -27,7 +27,7 @@ This article is targeted at configuring devices enrolled to [Microsoft Intune](/
 
 ## Create a configuration profile
 
-Create a configuration profile that will set the required policies for Windows Update for Business reports. There are two profile types that can be used to create a configuration profile for Windows Update for Business reports:
+Create a configuration profile that will set the required policies for Windows Update for Business reports. There are two profile types that can be used to create a configuration profile for Windows Update for Business reports (select one):
 - The [settings catalog](#settings-catalog)
 - [Template](#custom-oma-uri-based-profile) for a custom OMA URI-based profile
 
@@ -45,9 +45,12 @@ Create a configuration profile that will set the required policies for Windows U
         - **Value**: Basic (*Basic is the minimum value, but it can be safely set to a higher value*)
         - **Setting**: Allow Update Compliance Processing
         - **Value**: Enabled
+    1. Recommended settings, but not required:
+        - **Setting**: Configure Telemetry Opt In Settings Ux
+        - **Value**: Disabled (*By turning this setting on you are disabling the ability for a user to potentially override the diagnostic data level of devices such that data won't be available for those devices in Windows Update for Business reports*)
         - **Setting**: Configure Telemetry Opt In Change Notification
-    1. (*Recommended, but not required*) Allow device name to be sent in Windows Diagnostic Data. If this policy is disabled, the device name won't be sent and won't be visible in Windows Update for Business reports:
-        - **Setting**: Allow device name to be sent in Windows diagnostic data
+        - **Value**: Disabled (*By turning this setting on you are disabling notifications of diagnostic data changes*)
+        - **Setting**: Allow device name to be sent in Windows diagnostic data (*If this policy is disabled, the device name won't be sent and won't be visible in Windows Update for Business reports*)
         - **Value**: Allowed
 
 1. Continue through the next set of tabs **Scope tags**, **Assignments**, and **Applicability Rules** to assign the configuration profile to devices you wish to enroll.

windows/deployment/usmt/usmt-scanstate-syntax.md

@@ -203,6 +203,7 @@ The following table indicates which command-line options aren't compatible with
 |**/encrypt**|Required*|X|X||
 |**/keyfile**|N/A||X||
 |**/l**|||||
+|**/listfiles**|||X||
 |**/progress**|||X||
 |**/r**|||X||
 |**/w**|||X||

windows/deployment/windows-10-subscription-activation.md

@@ -40,7 +40,7 @@ This article covers the following information:
 For more information on how to deploy Enterprise licenses, see [Deploy Windows Enterprise licenses](deploy-enterprise-licenses.md).
 
 > [!NOTE]
-> Organizations that use the Subscription Activation feature to enable users to upgrade from one version of Windows to another might want to exclude the Universal Store Service APIs and Web Application, AppID 45a330b1-b1ec-4cc1-9161-9f03992aa49f, from their device compliance policy.
+> Organizations that use the Subscription Activation feature to enable users to upgrade from one version of Windows to another and use Conditional Access policies to control access need to exclude the Universal Store Service APIs and Web Application, AppID 45a330b1-b1ec-4cc1-9161-9f03992aa49f, from their device compliance policy using **Select Excluded Cloud Apps**.
 
 ## Subscription activation for Enterprise
 

windows/deployment/windows-autopatch/TOC.yml

@@ -22,6 +22,8 @@
           items:
             - name: Fix issues found by the Readiness assessment tool
               href: prepare/windows-autopatch-fix-issues.md
+            - name: Submit a tenant enrollment support request
+              href: prepare/windows-autopatch-enrollment-support-request.md
     - name: Deploy
       href: 
       items:
@@ -103,5 +105,7 @@
     - name: What's new
       href:
       items: 
+        - name: What's new 2023
+          href: whats-new/windows-autopatch-whats-new-2023.md
         - name: What's new 2022
           href: whats-new/windows-autopatch-whats-new-2022.md

windows/deployment/windows-autopatch/deploy/windows-autopatch-admin-contacts.md

@@ -17,9 +17,9 @@ msreviewer: hathind
 There are several ways that Windows Autopatch service communicates with customers. To streamline communication and ensure we're checking with the right people when you [submit a support request](../operate/windows-autopatch-support-request.md), you must provide a set of admin contacts when you onboard with Windows Autopatch.
 
 > [!IMPORTANT]
-> You might have already added these contacts in the Microsoft Endpoint Manager admin center during the enrollment process. If so, take a moment now to double-check that the contact list is accurate, since the Windows Autopatch Service Engineering Team must be able to reach them if a severe incident occurs.
+> You might have already added these contacts in the Microsoft Endpoint Manager admin center during the [enrollment process](../prepare/windows-autopatch-enroll-tenant.md#step-4-enroll-your-tenant), or if you've [submitted a tenant enrollment support request](../prepare/windows-autopatch-enrollment-support-request.md). However, take a moment to double-check that the contact list is accurate, since the Windows Autopatch Service Engineering Team must be able to reach them if a severe incident occurs.
 
-You must have an admin contact for each specified area of focus. The Windows Autopatch Service Engineering Team will contact these individuals for assistance with troubleshooting your support request. Admin contacts should be the best person or group that can answer questions and make decisions for different [areas of focus](#area-of-focus).
+You must have an admin contact for each specified area of focus. The Windows Autopatch Service Engineering Team will contact these individuals for assistance with your support request. Admin contacts should be the best person or group that can answer questions and make decisions for different [areas of focus](#area-of-focus).
 
 > [!IMPORTANT]
 > Whoever you choose as admin contacts, they must have the knowledge and authority to make decisions for your Windows Autopatch environment. The Windows Autopatch Service Engineering Team will contact these admin contacts for questions involving support requests.

windows/deployment/windows-autopatch/deploy/windows-autopatch-post-reg-readiness-checks.md

@@ -30,7 +30,7 @@ Device readiness in Windows Autopatch is divided into two different scenarios:
 | Scenario | Description |
 | ----- | ----- |
 | Prerequisite checks | Ensures devices follow software-based requirements before being registered with the service. |
-| Post-device registration readiness checks | Provides continuous monitoring of device health for registered devices.<p>IT admins can easily detect and remediate configuration mismatches in their environments or issues that prevent devices from having one or more software update workloads (Windows quality, feature updates, Microsoft Office, Microsoft Teams, or Microsoft Edge) fully managed by the Windows Autopatch service. Configuration mismatches can leave devices in a vulnerable state, out of compliance and exposed to security threats.</p>|
+| Post-device registration readiness checks | Provides continuous monitoring of device health for registered devices.<br><p>IT admins can easily detect and remediate configuration mismatches in their environments or issues that prevent devices from having one or more software update workloads fully managed by the Windows Autopatch service. Software workloads include:<ul><li>Windows quality updates</li><li>Feature updates</li><li>Microsoft Office</li><li>Microsoft Teams</li><li> Microsoft Edge</li></ul><p>Configuration mismatches can leave devices in a vulnerable state, out of compliance and exposed to security threats.</p></p>|
 
 ### Device readiness checks available for each scenario
 
@@ -42,14 +42,19 @@ The status of each post-device registration readiness check is shown in the Wind
 
 ## About the three tabs in the Devices blade
 
-You deploy software updates to secure your environment, but these deployments only reach healthy and active devices. Unhealthy or not ready devices affect the overall software update compliance. Figuring out device health can be challenging and disruptive to the end user when IT can’t obtain proactive data sent by the device to the service for IT admins to proactively detect, troubleshoot, and fix issues.
+You deploy software updates to secure your environment, but these deployments only reach healthy and active devices. Unhealthy or not ready devices affect the overall software update compliance.
 
-Windows Autopatch has three tabs within its Devices blade. Each tab is designed to provide a different set of device readiness statuses so IT admins know where to go to monitor, and troubleshoot potential device health issues:
+Figuring out device health can be challenging and disruptive to the end user when IT admins can't:
+
+- Obtain proactive data sent by the device to the service, or
+- Proactively detect and remediate issues
+
+Windows Autopatch has three tabs within its Devices blade. Each tab is designed to provide a different set of device readiness statuses so IT admins know where to go to monitor, and remediate potential device health issues:
 
 | Tab | Description |
 | ----- | ----- |
 | Ready | This tab only lists devices with the **Active** status. Devices with the **Active** status successfully:<ul><li>Passed the prerequisite checks.</li><li>Registered with Windows Autopatch.</li></ul>This tab also lists devices that have passed all postdevice registration readiness checks. |
-| Not ready | This tab only lists devices with the **Readiness failed** and **Inactive** status.<ul><li>**Readiness failed status**: Devices that didn’t pass one or more post-device registration readiness checks.</li><li>**Inactive**: Devices that haven’t communicated with the Microsoft Intune service in the last 28 days.</li></ul> |
+| Not ready | This tab only lists devices with the **Readiness failed** and **Inactive** status.<ul><li>**Readiness failed status**: Devices that didn’t pass one or more post-device registration readiness checks.</li><li>**Inactive**: Devices that haven't communicated with the Microsoft Intune service in the last 28 days.</li></ul> |
 | Not registered | Only lists devices with the **Prerequisite failed** status in it. Devices with the **Prerequisite failed** status didn’t pass one or more prerequisite checks during the device registration process. |
 
 ## Details about the post-device registration readiness checks
@@ -60,7 +65,7 @@ A healthy or active device in Windows Autopatch is:
 - Actively sending data
 - Passes all post-device registration readiness checks
 
-The post-device registration readiness checks are powered by the **Microsoft Cloud Managed Desktop Extension**. It's installed right after devices are successfully registered with Windows Autopatch. The **Microsoft Cloud Managed Desktop Extension** has the Device Readiness Check Plugin. The Device Readiness Check Plugin is responsible for performing the readiness checks and reporting the results back to the service. The **Microsoft Cloud Managed Desktop Extension** is a subcomponent of the overall Windows Autopatch service.
+The post-device registration readiness checks are powered by the **Microsoft Cloud Managed Desktop Extension**. It's installed right after devices are successfully registered with Windows Autopatch. The **Microsoft Cloud Managed Desktop Extension** has the Device Readiness Check Plugin. The Device Readiness Check Plugin is responsible for performing the readiness checks and reporting the results back to the service. The **Microsoft Cloud Managed Desktop Extension** is a sub-component of the overall Windows Autopatch service.
 
 The following list of post-device registration readiness checks is performed in Windows Autopatch:
 

windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md

@@ -86,7 +86,7 @@ For more information, see [Windows Autopatch Prerequisites](../prepare/windows-a
 
 ## About the Ready, Not ready and Not registered tabs
 
-Windows Autopatch has three tabs within its device blade. Each tab is designed to provide a different set of device readiness status so IT admin knows where to go to monitor, and troubleshoot potential device health issues.
+Windows Autopatch has three tabs within its device blade. Each tab is designed to provide a different set of device readiness statuses so IT admin knows where to go to monitor, and fix potential device health issues.
 
 | Device blade tab | Purpose | Expected device readiness status |
 | ----- | ----- | ----- |

windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md

@@ -31,7 +31,7 @@ For a device to be eligible for Windows feature updates as a part of Windows Aut
 | Internet connectivity | Devices must have a steady internet connection, and access to Windows [update endpoints](../prepare/windows-autopatch-configure-network.md). |
 | Windows edition | Devices must be on a Windows edition supported by Windows Autopatch. For more information, see [Prerequisites](../prepare/windows-autopatch-prerequisites.md). |
 | Mobile device management (MDM) policy conflict | Devices must not have deployed any policies that would prevent device management. For more information, see [Conflicting and unsupported policies](../operate/windows-autopatch-wqu-unsupported-policies.md). |
-| Group policy conflict | Devices must not have group policies deployed which would prevent device management. For more information, see [Group policy](windows-autopatch-wqu-unsupported-policies.md#group-policy-and-other-policy-managers) |
+| Group policy conflict | Devices must not have group policies deployed which would prevent device management. For more information, see [Group policy](windows-autopatch-wqu-unsupported-policies.md#group-policy-and-other-policy-managers). |
 
 ## Windows feature update releases
 
@@ -101,6 +101,6 @@ Windows Autopatch doesn't support the rollback of feature updates.
 
 ## Incidents and outages
 
-If devices in your tenant aren't meeting the [service level objective](#service-level-objective) for Windows feature updates, Autopatch will raise an incident will be raised. The Windows Autopatch Service Engineering Team will work to bring those devices onto the latest version of Windows.
+If devices in your tenant don't meet the [service level objective](#service-level-objective) for Windows feature updates, Autopatch will raise an incident will be raised. The Windows Autopatch Service Engineering Team will work to bring those devices onto the latest version of Windows.
 
 If you're experiencing other issues related to Windows feature updates, [submit a support request](../operate/windows-autopatch-support-request.md).

windows/deployment/windows-autopatch/operate/windows-autopatch-support-request.md

@@ -1,7 +1,7 @@
 ---
 title: Submit a support request
 description: Details how to contact the Windows Autopatch Service Engineering Team and submit support requests
-ms.date: 05/30/2022
+ms.date: 01/06/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: how-to
@@ -15,11 +15,11 @@ msreviewer: hathind
 # Submit a support request
 
 > [!IMPORTANT]
-> Make sure you've [added and verified your admin contacts](../deploy/windows-autopatch-admin-contacts.md). The Windows Autopatch Service Engineering Team will contact these individuals for assistance with troubleshooting issues.
+> Make sure you've [added and verified your admin contacts](../deploy/windows-autopatch-admin-contacts.md). The Windows Autopatch Service Engineering Team will contact these individuals for assistance with remediating issues.
 
 You can submit support tickets to Microsoft using the Windows Autopatch admin center. Email is the recommended approach to interact with the Windows Autopatch Service Engineering Team.
 
-## Submit a new support request  
+## Submit a new support request
 
 Support requests are triaged and responded to as they're received.
 
@@ -32,6 +32,23 @@ Support requests are triaged and responded to as they're received.
 1. Review all the information you provided for accuracy.
 1. When you're ready, select **Create**.
 
+### Premier and Unified support options
+
+If you have a **Premier** or **Unified** support contract, when you submit a new request, or edit an active support request, you can:
+
+- Specify the severity of your issue
+- Schedule a support callback for a specific day and time
+
+Depending on your support contract, the following severity options are available:
+
+> [!NOTE]
+> Selecting either severity **A** or **Critical** issue limits you to a phone support case. This is the fastest support option.
+
+| Support contract | Severity options |
+| ----- | ----- |
+| Premier | Severity A, B or C |
+| Unified | Critical or non-critical |
+
 ## Manage an active support request
 
 The primary contact for the support request will receive email notifications when a case is created, assigned to a service engineer to investigate, and mitigated. If, at any point, you have a question about the case, the best way to get in touch is to reply directly to one of those emails. If we have questions about your request or need more details, we'll email the primary contact listed on the support requests.

windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-communications.md

@@ -12,7 +12,7 @@ manager: dougeby
 msreviewer: hathind
 ---
 
-# Windows quality update communications
+# Windows quality and feature update communications
 
 There are three categories of communication that are sent out during a Windows quality and feature update:
 
@@ -29,8 +29,8 @@ Communications are posted to Message center, Service health dashboard, and the W
 | Communication | Location | Timing | Description |
 | ----- | ----- |  ----- | ----- |
 | Release schedule | <ul><li>Message center</li><li>Messages blade</li><li>Email sent to your specified [admin contacts](../deploy/windows-autopatch-admin-contacts.md)</li><ul> | At least seven days prior to the second Tuesday of the month| Notification of the planned release window for each ring. |
-| Release start | Same as release schedule | The second Tuesday of every month | Notification that the update is now being released into your environment. |
-| Release summary | Same as release schedule | The fourth Tuesday of every month | Informs you of the percentage of eligible devices that were patched during the release. |
+| Release start | Same as release schedule | The second Tuesday of every month. | Notification that the update is now being released into your environment. |
+| Release summary | Same as release schedule | The fourth Tuesday of every month. | Informs you of the percentage of eligible devices that were patched during the release. |
 
 ## Communications during release
 

windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-overview.md

@@ -73,7 +73,7 @@ For each [deployment ring](windows-autopatch-update-management.md#windows-autopa
 
 Threat and vulnerability information about a new revision of Windows becomes available on the second Tuesday of each month. Windows Autopatch assesses that information shortly afterwards. If the service determines that it's critical to security, it may be expedited. The quality update is also evaluated on an ongoing basis throughout the release and Windows Autopatch may choose to expedite at any time during the release.
 
-When running an expedited release, the regular goal of 95% of devices in 21 days no longer applies. Instead, Windows Autopatch greatly accelerates the release schedule of the release to update the environment more quickly. This approach requires an updated schedule for all devices outside of the Test ring since those devices are already getting the update as quickly.
+When running an expedited release, the regular goal of 95% of devices in 21 days no longer applies. Instead, Windows Autopatch greatly accelerates the release schedule of the release to update the environment more quickly. This approach requires an updated schedule for all devices outside of the Test ring since those devices are already getting the update quickly.
 
 | Release type | Group | Deferral | Deadline | Grace period |
 | ----- | ----- | ----- | ----- | ----- |
@@ -84,7 +84,7 @@ When running an expedited release, the regular goal of 95% of devices in 21 days
 
 Windows Autopatch provides the option to turn off of service-driven expedited quality updates.
 
-By default, the service expedites quality updates as needed. For those organizations seeking greater control, you can disable expedited quality updates for Microsoft Managed Desktop-enrolled devices using Microsoft Intune.
+By default, the service expedites quality updates as needed. For those organizations seeking greater control, you can disable expedited quality updates for Windows Autopatch-enrolled devices using Microsoft Intune.
 
 **To turn off service-driven expedited quality updates:**
 
@@ -116,8 +116,8 @@ There are two statuses associated with paused quality updates, **Service Paused*
 
 | Status | Description |
 | ----- | ------ |
-| Service Paused | If the Microsoft Managed Desktop service has paused an update, the release will have the **Service Paused** status. You must [submit a support request](windows-autopatch-support-request.md) to resume the update. |
-| Customer Paused | If you've paused an update, the release will have the **Customer Paused** status. The Microsoft Managed Desktop service can't overwrite a customer-initiated pause. You must select **Resume** to resume the update. |
+| Service Paused | If the Windows Autopatch service has paused an update, the release will have the **Service Paused** status. You must [submit a support request](windows-autopatch-support-request.md) to resume the update. |
+| Customer Paused | If you've paused an update, the release will have the **Customer Paused** status. The Windows Autopatch service can't overwrite a customer-initiated pause. You must select **Resume** to resume the update. |
 
 ## Incidents and outages
 

windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-signals.md

@@ -22,7 +22,7 @@ If there's a scenario that is critical to your business, which isn't monitored b
 
 Before being released to the Test ring, Windows Autopatch reviews several data sources to determine if we need to send any customer advisories or need to pause the update. Situations where Windows Autopatch doesn't release an update to the Test ring are seldom occurrences.
 
-| Text | Text |
+| Pre-release signal | Description |
 | ----- | ----- |
 | Windows Payload Review | The contents of the B release are reviewed to help focus your update testing on areas that have changed. If any relevant changes are detected, a [customer advisory](../operate/windows-autopatch-wqu-communications.md#communications-during-release) will be sent out. |
 | C-Release Review - Internal Signals | Windows Autopatch reviews active incidents associated with the previous C release to understand potential risks in the B release. |
@@ -50,12 +50,12 @@ Autopatch monitors the following reliability signals:
 
 | Device reliability signal | Description |
 | ----- | ----- |
-| Blue screens | These events are highly disruptive to end users so are closely watched. |
+| Blue screens | These events are highly disruptive to end users. These events are closely monitored. |
 | Overall app reliability | Tracks the total number of app crashes and freezes on a device. A known limitation with this measure is that if one app becomes 10% more reliable and another becomes 10% less reliable then it shows up as a flat line in the measure. |
 | Microsoft Office reliability | Tracks the number of Office crashes and freezes per application per device. |
 | Microsoft Edge reliability | Tracks the number of Microsoft Edge crashes and freezes per device. |
 | Microsoft Teams reliability | Tracks the number of Microsoft Teams crashes and freezes per device. |
 
-When the update is released to the First ring, the service crosses the 500 device threshold. Therefore, Autopatch is able to detect regressions, which are common to all customers. At this point in the release, we'll decide if we need to change the release schedule or pause for all customers.
+When the update is released to the First ring, the service crosses the 500 device threshold. Therefore, Autopatch can to detect regressions, which are common to all customers. At this point in the release, we'll decide if we need to change the release schedule or pause for all customers.
 
 Once your tenant reaches 500 devices, Windows Autopatch starts generating recommendations specific to your devices. Based on this information, the service starts developing insights specific to your tenant allowing a customized response to what's happening in your environment.

windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml

@@ -88,7 +88,7 @@ sections:
           - Microsoft Teams: Windows Autopatch allows eligible devices to benefit from the standard automatic update channels and will provide support for issues with Teams updates.
       - question: What does Windows Autopatch do to ensure updates are done successfully?
         answer: |
-          For Windows quality updates, updates are applied to devices in the Test ring first. The devices are evaluated, and then rolled out to the First, Fast then Broad rings. There's an evaluation period at each progression. This process is dependent on customer testing and verification of all updates during these rollout stages. The outcome is to ensure that registered devices are always up to date and disruption to business operations is minimized to free up your IT department from that ongoing task.
+          For Windows quality and feature updates, updates are applied to devices in the Test ring first. The devices are evaluated, and then rolled out to the First, Fast then Broad rings. There's an evaluation period at each progression. This process is dependent on customer testing and verification of all updates during these rollout stages. The outcome is to ensure that registered devices are always up to date and disruption to business operations is minimized to free up your IT department from that ongoing task.
       - question: What happens if there's an issue with an update?
         answer: |
           Autopatch relies on the following capabilities to help resolve update issues:

windows/deployment/windows-autopatch/prepare/windows-autopatch-enrollment-support-request.md

@@ -0,0 +1,40 @@
+---
+title: Submit a tenant enrollment support request
+description: This article details how to submit a tenant enrollment support request
+ms.date: 01/13/2023
+ms.prod: windows-client
+ms.technology: itpro-updates
+ms.topic: how-to
+ms.localizationpriority: medium
+author: tiaraquan
+ms.author: tiaraquan
+manager: dougeby
+msreviewer: hathind
+---
+
+# Submit a tenant enrollment support request
+
+If you need more assistance with tenant enrollment, you can submit support requests to the Windows Autopatch Service Engineering Team in the Windows Autopatch enrollment tool. Email is the recommended approach to interact with the Windows Autopatch Service Engineering Team.
+
+> [!NOTE]
+> After you've successfully enrolled your tenant, this feature will no longer be accessible. You must [submit a support request through the Tenant administration menu](../operate/windows-autopatch-support-request.md).
+
+**To submit a new tenant enrollment support request:**
+
+1. Go to Management settings > View details > select a **readiness check result**. The **Contact Support** button will be available below remediation instructions in the fly-in-pane.
+2. Enter your question(s) and/or a description of the issue.
+3. Enter your primary contact information. Windows Autopatch will work directly with the contact listed to resolve the support request.
+4. Review all the information for accuracy.
+5. Select **Create**.
+
+## Manage an active tenant enrollment support request
+
+The primary contact for the support request will receive email notifications when a case is created, assigned to a service engineer to investigate, and mitigated.
+
+If you have a question about the case, the best way to get in touch is to reply directly to one of the emails. If we have questions about your request or need more details, we'll email the primary contact listed in the support request.
+
+**To view all your active tenant enrollment support requests:**
+
+1. Sign into the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) and navigate to the **Tenant Administration** menu.
+1. In the **Windows Autopatch** section, select **Tenant Enrollment**.
+1. Select the **Support history** tab. You can view the list of all support cases, or select an individual case to view the details.

windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md

@@ -1,7 +1,7 @@
 ---
 title: Fix issues found by the Readiness assessment tool
-description: This article details how to fix issues found by the Readiness assessment tool
-ms.date: 11/17/2022
+description: This article details how to fix issues found by the Readiness assessment tool.
+ms.date: 01/12/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: how-to
@@ -16,6 +16,9 @@ msreviewer: hathind
 
 Seeing issues with your tenant? This article details how to remediate issues found with your tenant.
 
+> [!NOTE]
+> If you need more assistance with tenant enrollment, you can [submit a tenant enrollment support request](../prepare/windows-autopatch-enrollment-support-request.md).
+
 ## Check results
 
 For each check, the tool will report one of four possible results:

windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md

@@ -51,7 +51,7 @@ Windows Autopatch Service Engineering Team is in the United States, India and Ro
 
 ## Microsoft Windows 10/11 diagnostic data
 
-Windows Autopatch uses [Windows 10/11 Enhanced diagnostic data](/windows/privacy/windows-diagnostic-data) to keep Windows secure, up to date, troubleshoot problems, and make product improvements.
+Windows Autopatch uses [Windows 10/11 Enhanced diagnostic data](/windows/privacy/windows-diagnostic-data) to keep Windows secure, up to date, fix problems, and make product improvements.
 
 The enhanced diagnostic data setting includes more detailed information about the devices enrolled in Windows Autopatch and their settings, capabilities, and device health. When enhanced diagnostic data is selected, data, including required diagnostic data, are collected. For more information, see [Changes to Windows diagnostic data collection](/windows/privacy/changes-to-windows-diagnostic-data-collection) about the Windows 10 diagnostic data setting and data collection.
 
@@ -79,7 +79,7 @@ Windows Autopatch creates and uses guest accounts using just-in-time access func
 | Account name | Usage | Mitigating controls |
 | ----- | ----- | -----|
 | MsAdmin@tenantDomain.onmicrosoft.com | <ul><li>This account is a limited-service account with administrator privileges. This account is used as an Intune and User administrator to define and configure the tenant for Windows Autopatch devices.</li><li>This account doesn't have interactive sign-in permissions. The account performs operations only through the service.</li></ul> | Audited sign-ins |
-| MsAdminInt@tenantDomain.onmicrosoft.com |<ul><li>This account is an Intune and User administrator account used to define and configure the tenant for Windows Autopatch devices.</li><li>This account is used for interactive login to the customer’s tenant.</li><li>The use of this account is limited as most operations are exclusively through MsAdmin (non-interactive) account.</li></ul> | <ul><li>Restricted to be accessed only from defined secure access workstations (SAWs) through a conditional access policy</li><li>Audited sign-ins</li</ul> |
+| MsAdminInt@tenantDomain.onmicrosoft.com |<ul><li>This account is an Intune and User administrator account used to define and configure the tenant for Windows Autopatch devices.</li><li>This account is used for interactive login to the customer’s tenant.</li><li>The use of this account is limited as most operations are exclusively through MsAdmin (non-interactive) account.</li></ul> | <ul><li>Restricted to be accessed only from defined secure access workstations (SAWs) through a conditional access policy</li><li>Audited sign-ins</li></ul> |
 | MsTest@tenantDomain.onmicrosoft.com | This account is a standard account used as a validation account for initial configuration and roll out of policy, application, and device compliance settings. | Audited sign-ins |
 
 ## Microsoft Windows Update for Business

windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md

@@ -1,10 +1,10 @@
 ---
-title: What's new
-description: This article lists the new feature releases and any corresponding Message center post numbers.
+title: What's new 2022
+description: This article lists the 2022 feature releases and any corresponding Message center post numbers.
 ms.date: 12/09/2022
 ms.prod: windows-client
 ms.technology: itpro-updates
-ms.topic: how-to
+ms.topic: whats-new
 ms.localizationpriority: medium
 author: tiaraquan
 ms.author: tiaraquan

windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md

@@ -0,0 +1,34 @@
+---
+title: What's new 2023
+description: This article lists the 2023 feature releases and any corresponding Message center post numbers.
+ms.date: 01/09/2023
+ms.prod: windows-client
+ms.technology: itpro-updates
+ms.topic: whats-new
+ms.localizationpriority: medium
+author: tiaraquan
+ms.author: tiaraquan
+manager: dougeby
+msreviewer: hathind
+---
+
+# What's new 2023
+
+This article lists new and updated feature releases, and service releases, with their corresponding Message center post numbers (if applicable).
+
+Minor corrections such as typos, style, or formatting issues aren't listed.
+
+## January 2023
+
+### January feature releases or updates
+
+| Article | Description |
+| ----- | ----- |
+| [Submit a tenant enrollment support request](../prepare/windows-autopatch-enrollment-support-request.md) | Added the Submit a tenant enrollment support request section. You can submit a tenant enrollment support request through the Tenant enrollment tool if you're running into issues with enrollment. |
+| [Submit a support request](../operate/windows-autopatch-support-request.md) | Added Premier and Unified support options section |
+
+### January service release
+
+| Message center post number | Description |
+| ----- | ----- |
+| [MC494386](https://admin.microsoft.com/adminportal/home#/MessageCenter) | January 2023 (2023.01 B) Windows quality update deployment |