diff --git a/windows/client-management/declared-configuration-extensibility.md b/windows/client-management/declared-configuration-extensibility.md
new file mode 100644
index 0000000000..3121be77f0
--- /dev/null
+++ b/windows/client-management/declared-configuration-extensibility.md
@@ -0,0 +1,251 @@
+---
+title: Declared configuration extensibility
+description: Learn more about declared configuration extensibility through native WMI providers.
+ms.date: 09/26/2023
+ms.topic: how-to
+---
+
+# Declared configuration extensibility providers
+
+The declared configuration enrollment, which supports the declared configuration client stack, offers extensibility through native WMI providers. This feature instantiates and interfaces with a Windows Management Instrumentation (WMI) provider that has implemented a management infrastructure (MI) interface. The interface must implement GetTargetResource, TestTargetResource, and SetTargetResource methods, and may implement any number of string properties.
+
+> [!NOTE]
+> Only string properties are currently supported by extensibility providers.
+
+```mof
+[static, Description ("Get resource state based on input configuration file." )]
+uint32 GetTargetResource(
+ [in, EmbeddedInstance ("MSFT_FileDirectoryConfiguration"), Description ("Configuration document that is to be applied.")]
+ string InputResource,
+ [in, Description ("Flags passed to the provider. Reserved for future use." )]
+ uint32 Flags,
+ [out, EmbeddedInstance ("MSFT_FileDirectoryConfiguration"), Description ("The current state of the specified configuration resources." )]
+ string OutputResource
+);
+
+[static, Description ("Test resource state based on input configuration file." )]
+uint32 TestTargetResource(
+ [in, EmbeddedInstance("MSFT_FileDirectoryConfiguration"), Description ("Configuration document to be applied." )]
+ string InputResource,
+ [in, Description ("Flags passed to the provider. reserved for future use." )]
+ uint32 Flags,
+ [out, Description ("True if identical. False otherwise." )]
+ boolean Result,
+ [out, Description ("Context information the provider can use to optimize the set. This is optional." )]
+ uint64 ProviderContext
+);
+
+[static, Description ("Set resource state based on input configuration file." )]
+uint32 SetTargetResource(
+ [in, EmbeddedInstance ("MSFT_FileDirectoryConfiguration"),
+ Description ("Configuration document to be applied." )]
+ string InputResource,
+ [in, Description ("Context information the provider can use to optimize the set from SetTargetResource. This is optional." )]
+ uint64 ProviderContext,
+ [in, Description ("Flags passed to the provider. reserved for future use." )]
+ uint32 Flags
+);
+```
+
+## Author desired state configuration resources
+
+To create a native WMI provider, follow the steps outlined in [How to implement an MI provider](/previous-versions/windows/desktop/wmi_v2/how-to-implement-an-mi-provider). These steps include how to generate the source code for an MI interface using the `Convert-MofToProvider.exe` tool to generate the DLL and prepare it for placement.
+
+1. Create a MOF file that defines the schema for the desired state configuration resource including parameters and methods. This file includes the required parameters for the resource.
+2. Copy the schema MOF file along with any required files into the provider tools directory, for example: ProviderGenerationTool.
+3. Edit the required files and include the correct file names and class names.
+4. Invoke the provider generator tool to generate the provider's project files.
+5. Copy the generated files into the provider's project folder.
+6. Start the development process.
+
+## Example
+
+This example provides more details about each step to demonstrate how to implement a sample native resource named `MSFT_FileDirectoryConfiguration`.
+
+### Step 1: Create the resource schema MOF file
+
+Create a sample schema MOF file used to generate the initial source code for the `MSFT_FileDirectoryConfiguration` native resource. Place it in the project directory named `MSFT_FileDirectoryConfiguration`.
+
+```mof
+#pragma include ("cim_schema_2.26.0.mof")
+#pragma include ("OMI_BaseResource.mof")
+#pragma include ("MSFT_Credential.mof")
+
+[ClassVersion("1.0.0"), Description("The configuration provider for files and directories.")]
+class MSFT_FileDirectoryConfiguration : OMI_BaseResource
+{
+ [Key, Description("File name and path on target node to copy or create.")]
+ string DestinationPath;
+
+ [Write, Description("The name and path of the file to copy from.")]
+ string SourcePath;
+
+ [Write, Description("Contains a string that represents the contents of the file. To create an empty file, the string must be empty. The contents will be written and compared using UTF-8 character encoding.")]
+ string Contents;
+
+ [static, Description ("Get resource states based on input configuration file." )]
+ uint32 GetTargetResource(
+ [in, EmbeddedInstance ("MSFT_FileDirectoryConfiguration"), Description ("Configuration document that is to be applied." )]
+ string InputResource,
+
+ [in,Description ("Flags passed to the providers. Reserved for future use." )]
+ uint32 Flags,
+
+ [out, EmbeddedInstance ("MSFT_FileDirectoryConfiguration"), Description ("The current state of the specified configuration resources." )]
+ string OutputResource
+ );
+
+ [static, Description ("Test resource states based on input configuration file." )]
+ uint32 TestTargetResource(
+ [in, EmbeddedInstance("MSFT_FileDirectoryConfiguration"), Description ("Configuration document that to be applied." )]
+ string InputResource,
+
+ [in, Description ("Flags passed to the providers. reserved for future use." )]
+ uint32 Flags,
+
+ [out, Description ("True if identical. False otherwise." )]
+ boolean Result,
+
+ [out, Description ("Context information that the provider can use to optimize the set, This is optional." )]
+ uint64 ProviderContext
+ );
+
+ [static, Description ("Set resource states based on input configuration file." )]
+ uint32 SetTargetResource(
+ [in, EmbeddedInstance ("MSFT_FileDirectoryConfiguration"), Description ("Configuration document that to be applied." )]
+ string InputResource,
+
+ [in, Description ("Context information that the provider can use to optimize the set from TestTargetResource, This is optional." )]
+ uint64 ProviderContext,
+
+ [in, Description ("Flags passed to the providers. reserved for future use." )]
+ uint32 Flags
+ );
+};
+```
+
+> [!NOTE]
+>
+> - The class name and DLL file name should be the same, as defined in the `Provider.DEF` file.
+> - The type qualifier `[Key]` on a property indicates that it uniquely identifies the resource instance. At least one `[Key]` property is required.
+> - The `[Required]` qualifier indicates that the property is required. In other words, a value must be specified in any configuration script that uses this resource.
+> - The `[write]` qualifier indicates that the property is optional when using the custom resource in a configuration script. The `[read]` qualifier indicates that a property can't be set by a configuration, and is for reporting purposes only.
+> - The `[Values]` qualifier restricts the values that can be assigned to the property. Define the list of allowed values in `[ValueMap]`. For more information, see [ValueMap and value qualifiers](/windows/win32/wmisdk/value-map).
+> - Any new MOF file should include the following lines at the top of the file:
+>
+> ```mof
+> #pragma include ("cim_schema_2.26.0.mof")
+> #pragma include ("OMI_BaseResource.mof")
+> #pragma include ("MSFT_Credential.mof")
+> ```
+>
+> - Method names and its parameters should be same for every resource. Change `MSFT_FileDirectoryConfiguration` from EmbeddedInstance value to the class name of the desired provider. There should be only one provider per MOF file.
+
+### Step 2: Copy the schema MOF files
+
+Copy these required files and folders to the project directory you created in step 1:
+
+- `CIM-2.26.0`
+- `codegen.cmd`
+- `Convert-MofToProvider.exe`
+- `MSFT_Credential.mof`
+- `MSFT_DSCResource.mof`
+- `OMI_BaseResource.mof`
+- `OMI_Errors.mof`
+- `Provider.DEF`
+- `wmicodegen.dll`
+
+For more information on how to obtain the required files, see [How to implement an MI provider](/previous-versions/windows/desktop/wmi_v2/how-to-implement-an-mi-provider).
+
+### Step 3: Edit the required files
+
+Modify the following files in the project directory:
+
+- `MSFT_FileDirectoryConfiguration.mof`: You created this file in step 1.
+- `Provider.DEF`: This file contains the DLL name, for example, `MSFT_FileDirectoryConfiguration.dll`.
+- `codegen.cmd`: This file contains the command to invoke `convert-moftoprovider.exe`.
+
+ ```cmd
+ "convert-moftoprovider.exe" ^
+ -MofFile MSFT_FileDirectoryConfiguration.mof ^
+ MSFT_DSCResource.mof ^
+ OMI_Errors.mof ^
+ -ClassList MSFT_FileDirectoryConfiguration ^
+ -IncludePath CIM-2.26.0 ^
+ -ExtraClass OMI_Error ^
+ MSFT_DSCResource ^
+ -OutPath temp
+ ```
+
+### Step 4: Run the provider generator tool
+
+Run `codegen.cmd`, which runs the `convert-moftoprovider.exe` command. Alternatively, you can run the command directly.
+
+### Step 5: Copy the generated source files
+
+The command in step 3 specifies the `-OutPath` parameter, which in this example is a folder named `temp`. When you run the tool in step 4, it creates new files in this folder. Copy the generated files from this `temp` folder to the project directory. You created the project directory in step 1, which in this example is `MSFT_FileDirectoryConfiguration`.
+
+> [!NOTE]
+> Any time you update the schema MOF file, run the `codegen.cmd` script to regenerate the source files. Rerunning the generator tool overwrites any existing the source files. To prevent this behavior, this example uses a temporary folder. Minimize updates to the schema MOF file since the main implementation should be merged with the most recent auto-generated source files.
+
+### About the `MSFT_FileDirectoryConfiguration` resource
+
+After you run the provider generator tool, it creates several source and header files:
+
+- `MSFT_FileDirectoryConfiguration.c`
+- `MSFT_FileDirectoryConfiguration.h`
+- `module.c`
+- `schema.c`
+- `WMIAdapter.c`
+
+From this list, you only need to modify `MSFT_FileDirectoryConfiguration.c` and `MSFT_FileDirectoryConfiguration.h`. You can also change the extension for the source files from `.c` to `.cpp`, which is the case for this resource. The business logic for this resource is implemented in `MSFT_FileDirectoryConfigurationImp.cpp` and `MSFT_FileDirectoryConfigurationImp.h`. These new files are added to the `MSFT_FileDirectoryConfiguration` project directory after you run the provider generator tool.
+
+For a native desired state configuration resource, you have to implement three autogenerated functions in `MSFT_FileDirectoryConfiguration.cpp`:
+
+- `MSFT_FileDirectoryConfiguration_Invoke_GetTargetResource`
+- `MSFT_FileDirectoryConfiguration_Invoke_TestTargetResource`
+- `MSFT_FileDirectoryConfiguration_Invoke_SetTargetResource`
+
+From these three functions, only `MSFT_FileDirectoryConfiguration_Invoke_GetTargetResource` is required for a Get scenario. `MSFT_FileDirectoryConfiguration_Invoke_TestTargetResource` and `MSFT_FileDirectoryConfiguration_Invoke_SetTargetResource` are used when remediation is needed.
+
+There are several other autogenerated functions in `MSFT_FileDirectoryConfiguration.cpp` that don't need implementation for a native desired state configuration resource. You don't need to modify the following functions:
+
+- `MSFT_FileDirectoryConfiguration_Load`
+- `MSFT_FileDirectoryConfiguration_Unload`
+- `MSFT_FileDirectoryConfiguration_EnumerateInstances`
+- `MSFT_FileDirectoryConfiguration_GetInstance`
+- `MSFT_FileDirectoryConfiguration_CreateInstance`
+- `MSFT_FileDirectoryConfiguration_ModifyInstance`
+- `MSFT_FileDirectoryConfiguration_DeleteInstance`
+
+### About `MSFT_FileDirectoryConfiguration_Invoke_GetTargetResource`
+
+The `MSFT_FileDirectoryConfiguration_Invoke_GetTargetResource` function does the following steps to complete its task:
+
+1. Validate the input resource.
+1. Ensure the keys and required parameters are present.
+1. Create a resource instance that is used as the output of the Get method. This instance is of type `MSFT_FileDirectoryConfiguration`, which is derived from `MI_Instance`.
+1. Create the output resource instance from the modified resource instance and return it to the MI client by calling these functions:
+
+ - `MSFT_FileDirectoryConfiguration_GetTargetResource_Construct`
+ - `MSFT_FileDirectoryConfiguration_GetTargetResource_SetPtr_OutputResource`
+ - `MSFT_FileDirectoryConfiguration_GetTargetResource_Set_MIReturn`
+ - `MSFT_FileDirectoryConfiguration_GetTargetResource_Post`
+ - `MSFT_FileDirectoryConfiguration_GetTargetResource_Destruct`
+
+1. Clean up resources, for example, free allocated memory.
+
+## MI implementation references
+
+- [Introducing the management infrastructure (MI) API](/archive/blogs/wmi/introducing-new-management-infrastructure-mi-api)
+- [Implementing MI provider (1) - Overview](/archive/blogs/wmi/implementing-mi-provider-1-overview)
+- [Implementing MI provider (2) - Define schema](/archive/blogs/wmi/implementing-mi-provider-2-define-schema)
+- [Implementing MI provider (3) - Generate code](/archive/blogs/wmi/implementing-mi-provider-3-generate-code)
+- [Implementing MI provider (4) - Generate code (continue)](/archive/blogs/wmi/implementing-mi-provider-4-generate-code-continute)
+- [Implementing MI provider (5) - Implement](/archive/blogs/wmi/implementing-mi-provider-5-implement)
+- [Implementing MI provider (6) - Build, register, and debug](/archive/blogs/wmi/implementing-mi-provider-6-build-register-and-debug)
+- [MI interfaces](/previous-versions/windows/desktop/wmi_v2/mi-interfaces)
+- [MI datatypes](/previous-versions/windows/desktop/wmi_v2/mi-datatypes)
+- [MI structures and unions](/previous-versions/windows/desktop/wmi_v2/mi-structures-and-unions)
+- [MI_Result enumeration (mi.h)](/windows/win32/api/mi/ne-mi-mi_result)
+- [MI_Type enumeration (mi.h)](/windows/win32/api/mi/ne-mi-mi_type)
diff --git a/windows/client-management/declared-configuration.md b/windows/client-management/declared-configuration.md
new file mode 100644
index 0000000000..f655d1ae19
--- /dev/null
+++ b/windows/client-management/declared-configuration.md
@@ -0,0 +1,65 @@
+---
+title: Declared configuration protocol
+description: Learn more about using declared configuration protocol for desired state management of Windows devices.
+ms.date: 09/26/2023
+ms.topic: overview
+---
+
+# What is the declared configuration protocol
+
+The declared configuration protocol is based on a desired state device configuration model, though it still uses the underlying OMA-DM Syncml protocol. Through a dedicated OMA-DM server, it provides all the settings in a single batch through this protocol. The device's declared configuration client stack can reason over the settings to achieve the desired scenario in the most efficient and reliable manner.
+
+The declared configuration protocol requires that a device has a separate [OMA-DM enrollment](mdm-overview.md), which is dependent on the device being enrolled with the primary OMA-DM server. The desired state model is a different model from the current model where the server is responsible for the device's desire state. This dual enrollment is only allowed if the device is already enrolled into a primary MDM server. This other enrollment separates the desired state management functionality from the primary functionality. The declared configuration enrollment's first desired state management model feature is called [extensibility](declared-configuration-extensibility.md).
+
+:::image type="content" source="images/declared-configuration-model.png" alt-text="Diagram illustrating the declared configuration model.":::
+
+With the [Declared Configuration CSP](mdm/declaredconfiguration-csp.md), the OMA-DM server can provide the device with the complete collection of setting names and associated values based on a specified scenario. The declared configuration stack on the device is responsible for handling the configuration request, and maintaining its state including updates to the scenario.
+
+The benefit of the declared configuration desired state model is that it's efficient and accurate, especially since it's the responsibility of the declared configuration client to configure the device. The efficiency of declared configuration is because the client can asynchronously process batches of scenario settings, which free up the server resources to do other work. Thus the declared configuration protocol has low latency. As for configuration quality and accuracy, the declared configuration client stack has detailed knowledge of the configuration surface area of the device. This behavior includes the proper handling of continuous device updates that affect the configuration scenario.
+
+## Declared configuration enrollment
+
+[Mobile Device Enrollment Protocol version 2](/openspecs/windows_protocols/ms-mde2/4d7eadd5-3951-4f1c-8159-c39e07cbe692) describes enrollment including discovery, which covers the primary and declared configuration enrollments. The device uses the following new [DMClient CSP](mdm/dmclient-csp.md) policies for declared configuration dual enrollment:
+
+- [LinkedEnrollment/Enroll](mdm/dmclient-csp.md#deviceproviderprovideridlinkedenrollmentenroll)
+- [LinkedEnrollment/Unenroll](mdm/dmclient-csp.md#deviceproviderprovideridlinkedenrollmentunenroll)
+- [LinkedEnrollment/EnrollStatus](mdm/dmclient-csp.md#deviceproviderprovideridlinkedenrollmentenrollstatus)
+- [LinkedEnrollment/LastError](mdm/dmclient-csp.md#deviceproviderprovideridlinkedenrollmentlasterror)
+- [LinkedEnrollment/DiscoveryEndpoint](mdm/dmclient-csp.md#deviceproviderprovideridlinkedenrollmentdiscoveryendpoint)
+
+The following SyncML example sets **LinkedEnrolment/DiscoveryEndpoint** and triggers **LinkedEnrollment/Enroll**:
+
+```xml
+
+
+
+ 2
+
+
+ ./Device/Vendor/MSFT/DMClient/Provider/MS%20DM%20SERVER/LinkedEnrollment/DiscoveryEndpoint
+
+ https://discovery.dm.microsoft.com/EnrollmentConfiguration?api-version=1.0
+
+
+
+
+
+
+
+
+
+ 2
+
+
+ ./Device/Vendor/MSFT/DMClient/Provider/MS%20DM%20SERVER/LinkedEnrollment/Enroll
+
+
+
+
+
+
+```
+
+## Related content
+
+- [Declared Configuration extensibility](declared-configuration-extensibility.md)
diff --git a/windows/client-management/images/declared-configuration-model.png b/windows/client-management/images/declared-configuration-model.png
new file mode 100644
index 0000000000..7708eedf57
Binary files /dev/null and b/windows/client-management/images/declared-configuration-model.png differ
diff --git a/windows/client-management/mdm/declaredconfiguration-csp.md b/windows/client-management/mdm/declaredconfiguration-csp.md
new file mode 100644
index 0000000000..ac422bfdcc
--- /dev/null
+++ b/windows/client-management/mdm/declaredconfiguration-csp.md
@@ -0,0 +1,1049 @@
+---
+title: DeclaredConfiguration CSP
+description: Learn more about the DeclaredConfiguration CSP.
+author: vinaypamnani-msft
+manager: aaroncz
+ms.author: vinpa
+ms.date: 09/27/2023
+ms.localizationpriority: medium
+ms.prod: windows-client
+ms.technology: itpro-manage
+ms.topic: reference
+---
+
+
+
+
+# DeclaredConfiguration CSP
+
+[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
+
+
+
+The primary MDM model is one where the MDM server is solely responsible for orchestration and continuous maintenance of the state of the device for configuration scenarios. This behavior results in intensive network traffic and high network latency due to the synchronous configuration model based on the OMA-DM Syncml standard. It's also error-prone given that the server needs deep knowledge of the client.
+
+The declared configuration device management model requires the server to deliver all the setting values to the device for the scenario configuration. The server sends them asynchronously in batches through the client declared configuration CSP.
+
+- During the client-initiated OMA-DM session, the declared configuration server sends a configuration or an inventory declared configuration document to the client through the [Declared Configuration CSP URI](#declared-configuration-oma-uri). If the device verifies the syntax of the document is correct, the client stack pushes the request to its orchestrator to process the request asynchronously. The client stack then exits, and returns control back to the declared configuration service. This behavior allows the device to asynchronously process the request.
+
+- On the client, if there are any requests in process or completed, it sends a [generic alert](#declared-configuration-generic-alert) to the server. This alert summarizes each document's status, state, and progress. Every client HTTPS request to the declared configuration OMA-DM server includes this summary.
+
+- The declared configuration server uses the generic alert to determine which requests are completed successfully or with errors. The server can then synchronously retrieve the declared configuration document process results through the [Declared Configuration CSP URI](#declared-configuration-oma-uri).
+
+
+
+The following list shows the DeclaredConfiguration configuration service provider nodes:
+
+- ./Device/Vendor/MSFT/DeclaredConfiguration
+ - [Host](#host)
+ - [Complete](#hostcomplete)
+ - [Documents](#hostcompletedocuments)
+ - [{DocID}](#hostcompletedocumentsdocid)
+ - [Document](#hostcompletedocumentsdociddocument)
+ - [Properties](#hostcompletedocumentsdocidproperties)
+ - [Abandoned](#hostcompletedocumentsdocidpropertiesabandoned)
+ - [Results](#hostcompleteresults)
+ - [{DocID}](#hostcompleteresultsdocid)
+ - [Document](#hostcompleteresultsdociddocument)
+ - [Inventory](#hostinventory)
+ - [Documents](#hostinventorydocuments)
+ - [{DocID}](#hostinventorydocumentsdocid)
+ - [Document](#hostinventorydocumentsdociddocument)
+ - [Results](#hostinventoryresults)
+ - [{DocID}](#hostinventoryresultsdocid)
+ - [Document](#hostinventoryresultsdociddocument)
+
+
+
+## Host
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host
+```
+
+
+
+
+The Host internal node indicates that the target of the configuration request or inventory request is the host OS. This node is for scope in case enclaves are ever targeted for configuration.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `node` |
+| Access Type | Add, Delete, Get |
+
+
+
+
+
+
+
+
+
+### Host/Complete
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete
+```
+
+
+
+
+This internal node indicates that the configuration has discrete settings values and is self-contained with complete setting and value pairs that don't contain placeholders that the need to be resolved later with additional data. The request is ready to be processed as is.
+
+
+
+
+The server to client flow of the **Complete** request is the same as an **Inventory** request.
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `node` |
+| Access Type | Add, Delete, Get |
+
+
+
+
+
+
+
+
+
+#### Host/Complete/Documents
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Documents
+```
+
+
+
+
+The Documents node indicates that the configuration is in the form of a document, which is a collection of settings used to configure a scenario by the Declared Configuration stack.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `node` |
+| Access Type | Add, Delete, Get |
+
+
+
+
+
+
+
+
+
+##### Host/Complete/Documents/{DocID}
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Documents/{DocID}
+```
+
+
+
+
+Uniquely identifies the configuration document. No other document can have this id. The Id should be a GUID.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `node` |
+| Access Type | Add, Delete, Get |
+| Dynamic Node Naming | ServerGeneratedUniqueIdentifier |
+| Allowed Values | Regular Expression: `[0-9A-Fa-f]{8}\-[0-9A-Fa-f]{4}\-[0-9A-Fa-f]{4}\-[0-9A-Fa-f]{4}\-[0-9A-Fa-f]{12}` |
+
+
+
+
+
+
+
+
+
+###### Host/Complete/Documents/{DocID}/Document
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Documents/{DocID}/Document
+```
+
+
+
+
+The Document node's value is an XML based document containing a collection of settings and values to configure the specified scenario. The Declared Configuration stack verifies the syntax of the document, the stack marks the document to be processed asynchronously by the client. The stack then returns control back to the OMA-DM service. The stack, in turn, asynchronously processes the request. Below is an example of a specified desired state configuration using the Declared Configuration URI ./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Documents/27FEA311-68. B9-4320-9. FC4-296. F6FDFAFE2/Document.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `chr` (string) |
+| Access Type | Add, Delete, Get, Replace |
+
+
+
+
+
+
+
+
+
+###### Host/Complete/Documents/{DocID}/Properties
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Documents/{DocID}/Properties
+```
+
+
+
+
+The Properties node encapsulates the list of properties that apply to the specified document referenced by [DocID].
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `node` |
+| Access Type | Add, Delete, Get |
+
+
+
+
+
+
+
+
+
+###### Host/Complete/Documents/{DocID}/Properties/Abandoned
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Documents/{DocID}/Properties/Abandoned
+```
+
+
+
+
+The Abandoned node allows the OMA-DM server to indicate that the document is no longer managed.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `int` |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value | 0 |
+
+
+
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 (Default) | The document is no longer managed. |
+| 1 | The document is managed. |
+
+
+
+
+
+
+
+
+
+#### Host/Complete/Results
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Results
+```
+
+
+
+
+The Results node indicates that this is part of the URI path that will return an XML document containing the results of the configuration request.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `node` |
+| Access Type | Get |
+
+
+
+
+
+
+
+
+
+##### Host/Complete/Results/{DocID}
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Results/{DocID}
+```
+
+
+
+
+Uniquely identifies the configuration document in which results of the configuration request will be returned.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `node` |
+| Access Type | Get |
+| Dynamic Node Naming | ClientInventory |
+
+
+
+
+
+
+
+
+
+###### Host/Complete/Results/{DocID}/Document
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Results/{DocID}/Document
+```
+
+
+
+
+The Document node's value is an XML based document containing a collection of setting results from the configuration request specified by [DocId].
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `chr` (string) |
+| Access Type | Get |
+
+
+
+
+
+
+
+
+
+### Host/Inventory
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Inventory
+```
+
+
+
+
+The Inventory internal node indicates that this is an inventory request. The setting values to be retrieved are specified in an XML document through the Document leaf node.
+
+
+
+
+The server to client flow of the **Inventory** request is the same as the **Complete** request.
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `node` |
+| Access Type | Add, Delete, Get |
+
+
+
+
+
+
+
+
+
+#### Host/Inventory/Documents
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Inventory/Documents
+```
+
+
+
+
+The Documents node indicates that the inventory request is in the form of a document, which is a collection of settings used to retrieve their values.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `node` |
+| Access Type | Add, Delete, Get |
+
+
+
+
+
+
+
+
+
+##### Host/Inventory/Documents/{DocID}
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Inventory/Documents/{DocID}
+```
+
+
+
+
+Uniquely identifies the inventory document. No other document can have this id. The Id should be a GUID.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `node` |
+| Access Type | Add, Delete, Get |
+| Dynamic Node Naming | ServerGeneratedUniqueIdentifier |
+| Allowed Values | Regular Expression: `[0-9A-Fa-f]{8}\-[0-9A-Fa-f]{4}\-[0-9A-Fa-f]{4}\-[0-9A-Fa-f]{4}\-[0-9A-Fa-f]{12}` |
+
+
+
+
+
+
+
+
+
+###### Host/Inventory/Documents/{DocID}/Document
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Inventory/Documents/{DocID}/Document
+```
+
+
+
+
+The Document node's value is an XML based document containing a collection of settings that will be used to retrieve their values. The Declared Configuration stack verifies the syntax of the document, the stack marks the document to be processed asynchronously by the client. The stack then returns control back to the OMA-DM service. The stack, in turn, asynchronously processes the request. Below is an example of a specified desired state configuration using the Declared Configuration URI ./Device/Vendor/MSFT/DeclaredConfiguration/Host/Inventory/Documents/27FEA311-68. B9-4320-9. FC4-296. F6FDFAFE2/Document.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `chr` (string) |
+| Access Type | Add, Delete, Get, Replace |
+
+
+
+
+
+
+
+
+
+#### Host/Inventory/Results
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Inventory/Results
+```
+
+
+
+
+The Results node indicates that this is part of the URI path that will return an XML document containing the results of the inventory request.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `node` |
+| Access Type | Get |
+
+
+
+
+
+
+
+
+
+##### Host/Inventory/Results/{DocID}
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Inventory/Results/{DocID}
+```
+
+
+
+
+Uniquely identifies the inventory document. No other document can have this id. The Id should be a GUID.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `node` |
+| Access Type | Get |
+| Dynamic Node Naming | ClientInventory |
+
+
+
+
+
+
+
+
+
+###### Host/Inventory/Results/{DocID}/Document
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DeclaredConfiguration/Host/Inventory/Results/{DocID}/Document
+```
+
+
+
+
+The Document node's value is an XML based document containing a collection of setting results from the inventory request specified by [DocId].
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `chr` (string) |
+| Access Type | Get |
+
+
+
+
+
+
+
+
+
+
+## Declared configuration OMA URI
+
+A declared configuration request is sent using an OMA-URI similar to `./Device/Vendor/MSFT/DeclaredConfiguration/Host/[Complete|Inventory]/Documents/{DocID}/Document`.
+
+- The URI is prefixed with a targeted scope. The target of the scenario settings can only be device wide for extensibility. The scope should be `Device`.
+- `{DocID}` is a unique identifier for the desired state of the configuration scenario. Every document must have an ID, which must be a GUID.
+- The request can be a **Configuration**, **Inventory**, or **Complete** request.
+
+The following URI is an example of a **Complete** request: `./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Documents/27FEA311-68B9-4320-9FC4-296F6FDFAFE2/Document`
+
+## DeclaredConfiguration document XML
+
+The value of the leaf node `Document` is an XML document that describes the request. The actual processing of the request pivots around the `osdefinedscenario` tag:
+
+- `MSFTExtensibilityMIProviderConfig`: Used to configure MI provider settings.
+- `MSFTExtensibilityMIProviderInventory`: Used to retrieve MI provider setting values.
+
+The DeclaredConfiguration CSP synchronously validates the batch of settings described by the `` element, which represents the declared configuration document. It checks for correct syntax based on the declared configuration XML schema. If there's a syntax error, the CSP returns an error immediately back to the server as part of the current OMA-DM session. If the syntax check passes, then the request is passed on to a Windows service. The Windows service asynchronously attempts the desired state configuration of the specified scenario. This process frees up the server to do other work thus the low latency of this declared configuration protocol. The Windows client service, the orchestrator, is responsible for driving the configuration of the device based on the server supplied desire state. The service also maintains this state throughout its lifetime, until the server removes or modifies it.
+
+The following example uses the built-in, native MI provider `MSFT_FileDirectoryConfiguration` with the OS-defined scenario `MSFTExtensibilityMIProviderConfig`:
+
+```xml
+
+
+ c:\data\test\bin\ut_extensibility.tmp
+ TestFileContentBlah
+
+
+```
+
+The standard OMA-DM SyncML syntax is used to specify the DeclaredConfiguration CSP operations such as **Replace**, **Set**, and **Delete**. The payload of the SyncML's `` element must be XML-encoded. For this XML encoding, there are various online encoders that you can use. To avoid encoding the payload, you can use [CDATA Section](https://www.w3.org/TR/REC-xml/#sec-cdata-sect) as shown in the following example:
+
+```xml
+
+
+
+
+ 14
+
+
+ ./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Documents/99988660-9080-3433-96e8-f32e85011999/Document
+
+
+
+
+ c:\data\test\bin\ut_extensibility.tmp
+ TestFileContentBlah
+
+ ]]>
+
+
+
+
+
+
+```
+
+### DeclaredConfiguration XML document tags
+
+Both `MSFTExtensibilityMIProviderConfig` and `MSFTExtensibilityMIProviderInventory` are OS-defined scenarios that require the same tags and attributes.
+
+- The `` XML tag specifies the details of the declared configuration document to process. The document could be part of a configuration request or an inventory request. The DeclaredConfiguration CSP has two URIs to allow the specification of a configuration or an inventory request.
+
+ This tag has the following attributes:
+
+ | Attribute | Description |
+ |--|--|
+ | `schema` | The schema version of the xml. Currently `1.0`. |
+ | `context` | States that this document is targeting the device. The value should be `Device`. |
+ | `id` | The unique identifier of the document set by the server. This value should be a GUID. |
+ | `checksum` | This value is the server-supplied version of the document. |
+ | `osdefinedscenario` | The named scenario that the client should configure with the given configuration data. For extensibility, the scenario is either `MSFTExtensibilityMIProviderConfig` or `MSFTExtensibilityMIProviderInventory`. |
+
+- The `` XML tag describes the targeted WMI provider expressed by a namespace and class name along with the values either to be applied to the device or queried by the MI provider.
+
+ This tag has the following attributes:
+
+ | Attribute | Description |
+ |--|--|
+ | `namespace` | Specifies the targeted MI provider namespace. |
+ | `classname` | The targeted MI provider. |
+
+- The `` XML tag describes the required parameter name and value. It only needs a value for configuration. The name is an attribute and the value is `` content.
+
+ This tag has the following attributes:
+
+ | Attribute | Description |
+ |--|--|
+ | `name` | Specifies the name of an MI provider parameter. |
+
+- The `` XML tag describes the optional parameter name and value. It only needs a value for configuration. The name is an attribute and the value is `` content.
+
+ This tag has the following attributes:
+
+ | Attribute | Description |
+ |--|--|
+ | `name` | Specifies the name of an MI provider parameter. |
+
+## Declared configuration generic alert
+
+On every client response to the server's request, the client constructs a declared configuration alert. This alert summarizes the state of each of the documents that the Windows service has processed. The following XML is an example alert:
+
+```xml
+
+ 1
+ 1224
+
+
+ com.microsoft.mdm.declaredconfigurationdocuments
+
+
+
+
+
+
+
+
+```
+
+In this example, there's one declared configuration document listed in the alert summary. The alert summary lists every document that the client stack is processing, either a configuration or inventory request. It describes the context of the document that specifies the scope of how the document is applied. The **context** value should be `Device`.
+
+The **state** attribute has a value of `60`, which indicates that the document was processed successfully. The following class defines the other state values:
+
+```csharp
+enum class DCCSPURIState :unsigned long
+{
+ NotDefined = 0, // transient
+ ConfigRequest = 1, // transient
+ ConfigInprogress = 2, // transient
+ ConfigInProgressAsyncPending = 3, // transient: Async operation is performed but pending results
+ DeleteRequest = 10, // transient
+ DeleteInprogress = 11, // transient
+
+ GetRequest = 20, // transient
+ GetInprogress = 21, // transient
+
+ ConstructURIStorageSuccess = 40, // transient
+
+ ConfigCompletedSuccess = 60, // permanent
+ ConfigCompletedError = 61, // permanent
+ ConfigInfraError = 62, // permanent
+ ConfigCompletedSuccessNoRefresh = 63, // permanent
+
+ DeleteCompletedSuccess = 70, // permanent
+ DeleteCompletedError = 71, // permanent
+ DeleteInfraError = 72, // permanent
+
+ GetCompletedSuccess = 80, // permanent
+ GetCompletedError = 81, // permanent
+ GetInfraError = 82 // permanent
+};
+```
+
+## SyncML examples
+
+- Retrieve the results of a configuration or inventory request:
+
+ ```xml
+
+
+
+ 2
+
+
+ chr
+ text/plain
+
+
+ ./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Results/27FEA311-68B9-4320-9FC4-296F6FDFAFE2/Document
+
+
+
+
+
+
+ ```
+
+ ```xml
+
+ 2
+ 1
+ 2
+ Get
+ 200
+
+
+ 3
+ 1
+ 2
+
+
+ ./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Results/27FEA311-68B9-4320-9FC4-296F6FDFAFE2/Document
+
+
+
+
+
+
+
+
+
+
+
+ ```
+
+- Replace a configuration or inventory request
+
+ ```xml
+
+
+
+ 14
+
+
+ ./Device/Vendor/MSFT/DeclaredConfiguration/Host/Inventory/Documents/27FEA311-68B9-4320-9FC4-296F6FDFAFE2/Document
+
+
+
+
+ c:/temp/foobar.tmp
+
+
+ ]]>
+
+
+
+
+
+
+ ```
+
+ ```xml
+
+ 2
+ 1
+ 2
+ Get
+ 200
+
+ 3
+ 1
+ 2
+
+
+ ./Device/Vendor/MSFT/DeclaredConfiguration/Host/Inventory/Results/99998660-9080-3433-96e8-f32e85019999/Document
+
+
+
+
+ c:/temp/foobar.tmp
+ TestFileContent
+
+
+
+
+
+ ```
+
+- Abandon a configuration or inventory request. This process results in the client tracking the document but not reapplying it. The alert has the `Abandoned` property set to `1`, which indicates that the document is no longer managed by the declared configuration server.
+
+ ```xml
+
+
+
+ 2
+
+
+ int
+ text/plain
+
+
+ ./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Documents/27FEA311-68B9-4320-9FC4-296F6FDFAFE2/Properties/Abandoned
+
+ 1
+
+
+
+
+
+ ```
+
+- Deletion of configuration or inventory request. The SyncML deletion of the document only removes the document but any extensibility settings persist on the device (tattoo).
+
+ ```xml
+
+
+
+
+ 2
+
+
+ ./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Documents/27FEA311-68B9-4320-9FC4-296F6FDFAFE2/Document
+
+
+
+
+
+
+ ```
+
+
+
+
+## Related articles
+
+[Configuration service provider reference](configuration-service-provider-reference.md)
diff --git a/windows/client-management/mdm/declaredconfiguration-ddf-file.md b/windows/client-management/mdm/declaredconfiguration-ddf-file.md
new file mode 100644
index 0000000000..8f17e34ba0
--- /dev/null
+++ b/windows/client-management/mdm/declaredconfiguration-ddf-file.md
@@ -0,0 +1,482 @@
+---
+title: DeclaredConfiguration DDF file
+description: View the XML file containing the device description framework (DDF) for the DeclaredConfiguration configuration service provider.
+author: vinaypamnani-msft
+manager: aaroncz
+ms.author: vinpa
+ms.date: 09/27/2023
+ms.localizationpriority: medium
+ms.prod: windows-client
+ms.technology: itpro-manage
+ms.topic: reference
+---
+
+
+
+# DeclaredConfiguration DDF file
+
+The following XML file contains the device description framework (DDF) for the DeclaredConfiguration configuration service provider.
+
+```xml
+
+]>
+
+ 1.2
+
+
+
+ DeclaredConfiguration
+ ./Device/Vendor/MSFT
+
+
+
+
+ The Declared Configuration CSP (Configuration Service Provider) allows the OMA-DM server to provide the device with the complete collection of setting names and associated values based on a specified scenario. The Declared Configuration stack on the device is responsible for handling the configuration request along with maintaining its state including updates to the scenario. It also provides the means to retrieve a scenario’s settings from the device. The configuration request and settings retrieval request are performed asynchronously, freeing up the server’s worker thread to do other useful work. The subsequent results can be retrieved through Declared Configuration’s result nodes.
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 99.9.99999
+ 9.9
+ 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;
+
+
+
+ Host
+
+
+
+
+
+
+ The Host internal node indicates that the target of the configuration request or inventory request is the host OS. This node is for scope in case enclaves are ever targeted for configuration.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Complete
+
+
+
+
+
+
+ This internal node indicates that the configuration has discrete settings values and is self-contained with complete setting and value pairs that do not contain placeholders that the need to be resolved later with additional data. The request is ready to be processed as is.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Documents
+
+
+
+
+
+
+ The Documents node indicates that the configuration is in the form of a document, which is a collection of settings used to configure a scenario by the Declared Configuration stack.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Uniquely identifies the configuration document. No other document can have this id. The Id should be a GUID.
+
+
+
+
+
+
+
+
+
+ DocID
+
+
+
+
+
+
+
+ [0-9A-Fa-f]{8}\-[0-9A-Fa-f]{4}\-[0-9A-Fa-f]{4}\-[0-9A-Fa-f]{4}\-[0-9A-Fa-f]{12}
+
+
+
+ Document
+
+
+
+
+
+
+
+ The Document node's value is an XML based document containing a collection of settings and values to configure the specified scenario. The Declared Configuration stack verifies the syntax of the document, the stack marks the document to be processed asynchronously by the client. The stack then returns control back to the OMA-DM service. The stack, in turn, asynchronously processes the request. Below is an example of a specified desired state configuration using the Declared Configuration URI ./Device/Vendor/MSFT/DeclaredConfiguration/Host/Complete/Documents/27FEA311-68B9-4320-9FC4-296F6FDFAFE2/Document
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Properties
+
+
+
+
+
+
+ The Properties node encapsulates the list of properties that apply to the specified document referenced by [DocID].
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Abandoned
+
+
+
+
+
+
+
+ 0
+ The Abandoned node allows the OMA-DM server to indicate that the document is no longer managed.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 0
+ The document is no longer managed.
+
+
+ 1
+ The document is managed.
+
+
+
+
+
+
+
+
+ Results
+
+
+
+
+ The Results node indicates that this is part of the URI path that will return an XML document containing the results of the configuration request.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Uniquely identifies the configuration document in which results of the configuration request will be returned.
+
+
+
+
+
+
+
+
+
+ DocID
+
+
+
+
+
+
+
+
+ Document
+
+
+
+
+ The Document node's value is an XML based document containing a collection of setting results from the configuration request specified by [DocId].
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Inventory
+
+
+
+
+
+
+ The Inventory internal node indicates that this is an inventory request. The setting values to be retrieved are specified in an XML document through the Document leaf node.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Documents
+
+
+
+
+
+
+ The Documents node indicates that the inventory request is in the form of a document, which is a collection of settings used to retrieve their values.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Uniquely identifies the inventory document. No other document can have this id. The Id should be a GUID.
+
+
+
+
+
+
+
+
+
+ DocID
+
+
+
+
+
+
+
+ [0-9A-Fa-f]{8}\-[0-9A-Fa-f]{4}\-[0-9A-Fa-f]{4}\-[0-9A-Fa-f]{4}\-[0-9A-Fa-f]{12}
+
+
+
+ Document
+
+
+
+
+
+
+
+ The Document node's value is an XML based document containing a collection of settings that will be used to retrieve their values. The Declared Configuration stack verifies the syntax of the document, the stack marks the document to be processed asynchronously by the client. The stack then returns control back to the OMA-DM service. The stack, in turn, asynchronously processes the request. Below is an example of a specified desired state configuration using the Declared Configuration URI ./Device/Vendor/MSFT/DeclaredConfiguration/Host/Inventory/Documents/27FEA311-68B9-4320-9FC4-296F6FDFAFE2/Document
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Results
+
+
+
+
+ The Results node indicates that this is part of the URI path that will return an XML document containing the results of the inventory request.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Uniquely identifies the inventory document. No other document can have this id. The Id should be a GUID.
+
+
+
+
+
+
+
+
+
+ DocID
+
+
+
+
+
+
+
+
+ Document
+
+
+
+
+ The Document node's value is an XML based document containing a collection of setting results from the inventory request specified by [DocId].
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+```
+
+## Related articles
+
+[DeclaredConfiguration configuration service provider reference](declaredconfiguration-csp.md)
diff --git a/windows/client-management/mdm/dmclient-csp.md b/windows/client-management/mdm/dmclient-csp.md
index 7c11cf5f09..80b8fa7703 100644
--- a/windows/client-management/mdm/dmclient-csp.md
+++ b/windows/client-management/mdm/dmclient-csp.md
@@ -4,7 +4,7 @@ description: Learn more about the DMClient CSP.
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa
-ms.date: 08/10/2023
+ms.date: 09/27/2023
ms.localizationpriority: medium
ms.prod: windows-client
ms.technology: itpro-manage
@@ -80,10 +80,10 @@ The following list shows the DMClient configuration service provider nodes:
- [HelpWebsite](#deviceproviderprovideridhelpwebsite)
- [HWDevID](#deviceproviderprovideridhwdevid)
- [LinkedEnrollment](#deviceproviderprovideridlinkedenrollment)
+ - [DiscoveryEndpoint](#deviceproviderprovideridlinkedenrollmentdiscoveryendpoint)
- [Enroll](#deviceproviderprovideridlinkedenrollmentenroll)
- [EnrollStatus](#deviceproviderprovideridlinkedenrollmentenrollstatus)
- [LastError](#deviceproviderprovideridlinkedenrollmentlasterror)
- - [Priority](#deviceproviderprovideridlinkedenrollmentpriority)
- [Unenroll](#deviceproviderprovideridlinkedenrollmentunenroll)
- [ManagementServerAddressList](#deviceproviderprovideridmanagementserveraddresslist)
- [ManagementServerToUpgradeTo](#deviceproviderprovideridmanagementservertoupgradeto)
@@ -2411,6 +2411,45 @@ The interior node for linked enrollment.
+
+##### Device/Provider/{ProviderID}/LinkedEnrollment/DiscoveryEndpoint
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/DMClient/Provider/{ProviderID}/LinkedEnrollment/DiscoveryEndpoint
+```
+
+
+
+
+Endpoint Discovery is the process where a specific URL (the "discovery endpoint") is accessed, which returns a directory of endpoints for using the system including enrollment. On Get, if the endpoint isn't set, client will return an rmpty string with S_OK.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `chr` (string) |
+| Access Type | Add, Delete, Get, Replace |
+
+
+
+
+
+
+
+
##### Device/Provider/{ProviderID}/LinkedEnrollment/Enroll
@@ -2428,12 +2467,12 @@ The interior node for linked enrollment.
-Trigger to enroll for the Linked Enrollment.
+This is an execution node and will trigger a silent Declared Configuration unenroll, there is no user interaction needed. On un-enrollment, all the settings/resources set by Declared Configuration will be rolled back (rollback details will be covered later).
-This is an execution node and will trigger a silent MMP-C enrollment, using the Azure Active Directory device token pulled from the Azure AD-joined device. There is no user interaction needed.
+This is an execution node and will trigger a silent Declared Configuration enrollment, using the AAD device token pulled from the Azure AD-joined device. There is no user interaction needed. When the **DiscoveryEndpoint** is not set, the Enroll node will fail with `ERROR_FILE_NOT_FOUND (0x80070002)` and there is no scheduled task created for dual enrollment.
@@ -2468,7 +2507,7 @@ This is an execution node and will trigger a silent MMP-C enrollment, using the
-Returns the current enrollment or un-enrollment status of the linked enrollment.
+Returns the current enrollment or un-enrollment status of the linked enrollment. Supports Get only.
@@ -2523,7 +2562,7 @@ Returns the current enrollment or un-enrollment status of the linked enrollment.
-return the last error for enroll/unenroll.
+Supports Get Only. Returns the HRESULT for the last error when enroll/unenroll fails.
@@ -2545,54 +2584,6 @@ return the last error for enroll/unenroll.
-
-##### Device/Provider/{ProviderID}/LinkedEnrollment/Priority
-
-
-| Scope | Editions | Applicable OS |
-|:--|:--|:--|
-| ✅ Device ❌ User | ✅ Pro ✅ Enterprise ✅ Education ✅ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 10, version 2009 [10.0.19042.2193] and later ✅ Windows 10, version 21H1 [10.0.19043.2193] and later ✅ Windows 10, version 21H2 [10.0.19044.2193] and later ✅ Windows 11, version 21H2 [10.0.22000.918] and later ✅ Windows 11, version 22H2 [10.0.22621] and later |
-
-
-
-```Device
-./Device/Vendor/MSFT/DMClient/Provider/{ProviderID}/LinkedEnrollment/Priority
-```
-
-
-
-
-Optional. Allowed value is 0 or 1. 0 means the main enrollment has authority for MDM settings and resources, 1 means the linked enrollment has authority.
-
-
-
-
-
-
-
-**Description framework properties**:
-
-| Property name | Property value |
-|:--|:--|
-| Format | `int` |
-| Access Type | Add, Delete, Get, Replace |
-
-
-
-**Allowed values**:
-
-| Value | Description |
-|:--|:--|
-| 0 | The main enrollment has priority over linked enrollment. |
-| 1 | The linked enrollment has priority over the main enrollment. |
-
-
-
-
-
-
-
-
##### Device/Provider/{ProviderID}/LinkedEnrollment/Unenroll
@@ -2615,7 +2606,7 @@ Trigger Unenroll for the Linked Enrollment.
-This is an execution node and will trigger a silent MMP-C unenroll, there is no user interaction needed. On un-enrollment, all the settings/resources set by MMPC will be rolled back.
+This is an execution node and will trigger a silent Declared Configuration unenroll, without any user interaction. On un-enrollment, all the settings/resources set by Declared Configuration will be rolled back.
@@ -3973,7 +3964,7 @@ The following SyncML shows how to remotely unenroll the device. This command sho
./Vendor/MSFT/DMClient/Provider//Unenroll
- chr
+ chr
TestMDMServer
diff --git a/windows/client-management/mdm/dmclient-ddf-file.md b/windows/client-management/mdm/dmclient-ddf-file.md
index 8940dcd7f9..f47fafa391 100644
--- a/windows/client-management/mdm/dmclient-ddf-file.md
+++ b/windows/client-management/mdm/dmclient-ddf-file.md
@@ -4,7 +4,7 @@ description: View the XML file containing the device description framework (DDF)
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa
-ms.date: 06/02/2023
+ms.date: 09/27/2023
ms.localizationpriority: medium
ms.prod: windows-client
ms.technology: itpro-manage
@@ -2548,47 +2548,13 @@ The following XML file contains the device description framework (DDF) for the D
1.6
-
- Priority
-
-
-
-
-
-
-
- Optional. Allowed value is 0 or 1. 0 means the main enrollment has authority for mdm settings and resources, 1 means the linked enrollment has authority.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- 0
- The main enrollment has priority over linked enrollment.
-
-
- 1
- The linked enrollment has priority over the main enrollment.
-
-
-
- LastError
- return the last error for enroll/unenroll.
+ Supports Get Only. Returns the HRESULT for the last error when enroll/unenroll fails.
@@ -2609,7 +2575,7 @@ The following XML file contains the device description framework (DDF) for the D
- Returns the current enrollment or un-enrollment status of the linked enrollment.
+ Returns the current enrollment or un-enrollment status of the linked enrollment. Supports Get only.
@@ -2668,7 +2634,7 @@ The following XML file contains the device description framework (DDF) for the D
- Trigger to enroll for the Linked Enrollment
+ This is an execution node and will trigger a silent Declared Configuration unenroll, there is no user interaction needed. On un-enrollment, all the settings/resources set by Declared Configuration will be rolled back (rollback details will be covered later).
@@ -2704,6 +2670,36 @@ The following XML file contains the device description framework (DDF) for the D
+
+ DiscoveryEndpoint
+
+
+
+
+
+
+
+ Endpoint Discovery is the process where a specific URL (the "discovery endpoint") is accessed, which returns a directory of endpoints for using the system including enrollment. On Get, if the endpoint is not set, client will return an rmpty string with S_OK.
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 99.9.99999
+ 9.9
+
+
+
+
+ MultipleSession
diff --git a/windows/client-management/mdm/includes/mdm-insider-csp-note.md b/windows/client-management/mdm/includes/mdm-insider-csp-note.md
index 5c8c70b1fe..bc1fc814b6 100644
--- a/windows/client-management/mdm/includes/mdm-insider-csp-note.md
+++ b/windows/client-management/mdm/includes/mdm-insider-csp-note.md
@@ -7,4 +7,4 @@ ms.date: 05/09/2023
---
> [!IMPORTANT]
-> This CSP contains preview policies that are under development and only applicable for [Windows Insider Preview builds](/windows-insider/). These policies are subject to change and may have dependencies on other features or services in preview.
+> This CSP contains some settings that are under development and only applicable for [Windows Insider Preview builds](/windows-insider/). These settings are subject to change and may have dependencies on other features or services in preview.
diff --git a/windows/client-management/mdm/toc.yml b/windows/client-management/mdm/toc.yml
index 9125eb9388..2ca71c81c0 100644
--- a/windows/client-management/mdm/toc.yml
+++ b/windows/client-management/mdm/toc.yml
@@ -29,6 +29,15 @@ items:
href: ../structure-of-oma-dm-provisioning-files.md
- name: Server requirements for OMA DM
href: ../server-requirements-windows-mdm.md
+ - name: Declared Configuration protocol
+ href: ../declared-configuration.md
+ items:
+ - name: Declared Configuration extensibility
+ href: ../declared-configuration-extensibility.md
+ - name: DeclaredConfiguration CSP
+ href: declaredconfiguration-csp.md
+ - name: DMClient CSP
+ href: dmclient-csp.md
- name: Configuration service providers (CSPs)
expanded: true
items:
@@ -652,6 +661,11 @@ items:
items:
- name: CustomDeviceUI DDF file
href: customdeviceui-ddf.md
+ - name: DeclaredConfiguration
+ href: declaredconfiguration-csp.md
+ items:
+ - name: DeclaredConfiguration DDF file
+ href: declaredconfiguration-ddf-file.md
- name: Defender
href: defender-csp.md
items: