Merge branch 'main' of github.com:MicrosoftDocs/windows-docs-pr into pm-20230224-edu-managed-installer

2025-06-15 10:23:37 +00:00 · 2023-04-05 17:09:38 -04:00
parent b42f3e217e e1a4d99ab7
commit 5b0ff11d90
450 changed files with 9646 additions and 3410 deletions
--- a/education/windows/autopilot-reset.md
+++ b/education/windows/autopilot-reset.md
@ -15,7 +15,7 @@ ms.collection:

 IT admins or technical teachers can use Autopilot Reset to quickly remove personal files, apps, and settings, and reset Windows 10 devices from the lock screen anytime and apply original settings and management enrollment (Azure Active Directory and device management) so the devices are ready to use. With Autopilot Reset, devices are returned to a fully configured or known IT-approved state.

-To enable Autopilot Reset in Windows 10, version 1709 (Fall Creators Update), you must:
+To enable Autopilot Reset you must:

 1. [Enable the policy for the feature](#enable-autopilot-reset)
 2. [Trigger a reset for each device](#trigger-autopilot-reset)
--- a/education/windows/change-home-to-edu.md
+++ b/education/windows/change-home-to-edu.md
@ -10,8 +10,6 @@ manager: jeffbu
 ms.collection:
  - tier3
  - education
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---

 # Upgrade Windows Home to Windows Education on student-owned devices
--- a/education/windows/configure-aad-google-trust.md
+++ b/education/windows/configure-aad-google-trust.md
@ -1,8 +1,9 @@
 ---
 title: Configure federation between Google Workspace and Azure AD
 description: Configuration of a federated trust between Google Workspace and Azure AD, with Google Workspace acting as an identity provider (IdP) for Azure AD.
-ms.date: 02/24/2023
+ms.date: 04/04/2023
 ms.topic: how-to
+appliesto:
 ---

 # Configure federation between Google Workspace and Azure AD
@ -71,51 +72,56 @@ The configuration of Azure AD consists of changing the authentication method for
 Using the **IdP metadata** XML file downloaded from Google Workspace, modify the *$DomainName* variable of the following script to match your environment, and then run it in an elevated PowerShell session. When prompted to authenticate to Azure AD, use the credentials of an account with the *Global Administrator* role.

 ```powershell
-Install-Module -Name MSOnline
-Import-Module MSOnline
+Install-Module Microsoft.Graph
+Import-Module Microsoft.Graph

-$DomainName = "<your domain name>"
+$domainId = "<your domain name>"

 $xml = [Xml](Get-Content GoogleIDPMetadata.xml)

 $cert = -join $xml.EntityDescriptor.IDPSSODescriptor.KeyDescriptor.KeyInfo.X509Data.X509Certificate.Split()
 $issuerUri = $xml.EntityDescriptor.entityID
-$logOnUri = $xml.EntityDescriptor.IDPSSODescriptor.SingleSignOnService | ? { $_.Binding.Contains('Redirect') } | % { $_.Location }
-$LogOffUri = "https://accounts.google.com/logout"
-$brand = "Google Workspace Identity"
-Connect-MsolService
-$DomainAuthParams = @{
-    DomainName = $DomainName
-    Authentication = "Federated"
-    IssuerUri = $issuerUri
-    FederationBrandName = $brand
-    ActiveLogOnUri = $logOnUri
-    PassiveLogOnUri = $logOnUri
-    LogOffUri = $LogOffUri
-    SigningCertificate = $cert
-    PreferredAuthenticationProtocol = "SAMLP"
+$signinUri = $xml.EntityDescriptor.IDPSSODescriptor.SingleSignOnService | ? { $_.Binding.Contains('Redirect') } | % { $_.Location }
+$signoutUri = "https://accounts.google.com/logout"
+$displayName = "Google Workspace Identity"
+Connect-MGGraph -Scopes "Domain.ReadWrite.All", "Directory.AccessAsUser.All"
+
+$domainAuthParams = @{
+  DomainId = $domainId
+  IssuerUri = $issuerUri
+  DisplayName = $displayName
+  ActiveSignInUri = $signinUri
+  PassiveSignInUri = $signinUri
+  SignOutUri = $signoutUri
+  SigningCertificate = $cert
+  PreferredAuthenticationProtocol = "saml"
+  federatedIdpMfaBehavior = "acceptIfMfaDoneByFederatedIdp"
 }
-Set-MsolDomainAuthentication @DomainAuthParams
+
+New-MgDomainFederationConfiguration @domainAuthParams
 ```

 To verify that the configuration is correct, you can use the following PowerShell command:

 ```powershell
-Get-MsolDomainFederationSettings -DomainName $DomainName
+Get-MgDomainFederationConfiguration -DomainId $domainId |fl
 ```

 ```output
-ActiveLogOnUri                         : https://accounts.google.com/o/saml2/idp?<GUID>
-DefaultInteractiveAuthenticationMethod : 
-FederationBrandName                    : Google Workspace Identity
-IssuerUri                              : https://accounts.google.com/o/saml2?idpid=<GUID>
-LogOffUri                              : https://accounts.google.com/logout
-MetadataExchangeUri                    : 
-NextSigningCertificate                 : 
-OpenIdConnectDiscoveryEndpoint         : 
-PassiveLogOnUri                        : https://accounts.google.com/o/saml2/idp?idpid=<GUID>
-SigningCertificate                     : <BASE64 encoded certificate>
-SupportsMfa                            : 
+ActiveSignInUri                       : https://accounts.google.com/o/saml2/idp?idpid=<GUID>
+DisplayName                           : Google Workspace Identity
+FederatedIdpMfaBehavior               : acceptIfMfaDoneByFederatedIdp
+Id                                    : 3f600dce-ab37-4798-9341-ffd34b147f70
+IsSignedAuthenticationRequestRequired :
+IssuerUri                             : https://accounts.google.com/o/saml2?idpid=<GUID>
+MetadataExchangeUri                   :
+NextSigningCertificate                :
+PassiveSignInUri                      : https://accounts.google.com/o/saml2/idp?idpid=<GUID>
+PreferredAuthenticationProtocol       : saml
+PromptLoginBehavior                   :
+SignOutUri                            : https://accounts.google.com/logout
+SigningCertificate                    : <BASE64 encoded certificate>
+AdditionalProperties                  : {}
 ```

 ## Verify federated authentication between Google Workspace and Azure AD
--- a/education/windows/edu-take-a-test-kiosk-mode.md
+++ b/education/windows/edu-take-a-test-kiosk-mode.md
@ -3,8 +3,6 @@ title: Configure Take a Test in kiosk mode
 description: Learn how to configure Windows to execute the Take a Test app in kiosk mode, using Intune and provisioning packages.
 ms.date: 09/30/2022
 ms.topic: how-to
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---

 # Configure Take a Test in kiosk mode
--- a/education/windows/edu-themes.md
+++ b/education/windows/edu-themes.md
@ -5,6 +5,7 @@ ms.date: 09/15/2022
 ms.topic: how-to
 appliesto:
  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>
+  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11 SE</a>
 ---

 # Configure education themes for Windows 11
--- a/education/windows/federated-sign-in.md
+++ b/education/windows/federated-sign-in.md
@ -1,10 +1,11 @@
 ---
 title: Configure federated sign-in for Windows devices
 description: Description of federated sign-in feature for the Education SKUs of Windows 11 and how to configure it via Intune or provisioning packages.
-ms.date: 03/15/2023
+ms.date: 04/04/2023
 ms.topic: how-to
 appliesto:
  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>
+  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11 SE</a>
 ms.collection:
  - highpri
  - tier1
--- a/education/windows/get-minecraft-for-education.md
+++ b/education/windows/get-minecraft-for-education.md
@ -3,8 +3,6 @@ title: Get and deploy Minecraft Education
 description: Learn how to obtain and distribute Minecraft Education to Windows devices.
 ms.topic: how-to
 ms.date: 02/23/2023
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ms.collection:
  - highpri
  - education
--- a/education/windows/includes/intune-custom-settings-1.md
+++ b/education/windows/includes/intune-custom-settings-1.md
@ -1,6 +1,4 @@
 ---
-author: paolomatarazzo
-ms.author: paoloma
 ms.date: 02/22/2022
 ms.topic: include
 ---
--- a/education/windows/includes/intune-custom-settings-2.md
+++ b/education/windows/includes/intune-custom-settings-2.md
@ -1,6 +1,4 @@
 ---
-author: paolomatarazzo
-ms.author: paoloma
 ms.date: 11/08/2022
 ms.topic: include
 ---
--- a/education/windows/includes/intune-custom-settings-info.md
+++ b/education/windows/includes/intune-custom-settings-info.md
@ -1,6 +1,4 @@
 ---
-author: paolomatarazzo
-ms.author: paoloma
 ms.date: 11/08/2022
 ms.topic: include
 ---
--- a/education/windows/set-up-school-pcs-whats-new.md
+++ b/education/windows/set-up-school-pcs-whats-new.md
@ -3,8 +3,6 @@ title: What's new in the Windows Set up School PCs app
 description: Find out about app updates and new features in Set up School PCs.
 ms.topic: whats-new
 ms.date: 08/10/2022
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---  

 # What's new in Set up School PCs
--- a/education/windows/take-a-test-app-technical.md
+++ b/education/windows/take-a-test-app-technical.md
@ -1,10 +1,8 @@
 ---
 title: Take a Test app technical reference
 description: List of policies and settings applied by the Take a Test app.
-ms.date: 09/30/2022
+ms.date: 03/31/2023
 ms.topic: reference
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---

 # Take a Test app technical reference
--- a/education/windows/take-tests-in-windows.md
+++ b/education/windows/take-tests-in-windows.md
@ -1,10 +1,8 @@
 ---
 title: Take tests and assessments in Windows
 description: Learn about the built-in Take a Test app for Windows and how to use it.
-ms.date: 09/30/2022
+ms.date: 03/31/2023
 ms.topic: conceptual
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---

 # Take tests and assessments in Windows
--- a/education/windows/tutorial-school-deployment/configure-device-apps.md
+++ b/education/windows/tutorial-school-deployment/configure-device-apps.md
@ -3,8 +3,6 @@ title: Configure applications with Microsoft Intune
 description: Learn how to configure applications with Microsoft Intune in preparation for device deployment.
 ms.date: 03/08/2023
 ms.topic: tutorial
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---

 # Configure applications with Microsoft Intune
--- a/education/windows/tutorial-school-deployment/configure-device-settings.md
+++ b/education/windows/tutorial-school-deployment/configure-device-settings.md
@ -3,8 +3,6 @@ title: Configure and secure devices with Microsoft Intune
 description: Learn how to configure policies with Microsoft Intune in preparation for device deployment.
 ms.date: 08/31/2022
 ms.topic: tutorial
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---

 # Configure and secure devices with Microsoft Intune
--- a/education/windows/tutorial-school-deployment/configure-devices-overview.md
+++ b/education/windows/tutorial-school-deployment/configure-devices-overview.md
@ -3,8 +3,6 @@ title: Configure devices with Microsoft Intune
 description: Learn how to configure policies and applications in preparation for device deployment.
 ms.date: 08/31/2022
 ms.topic: tutorial
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---

 # Configure settings and applications with Microsoft Intune
--- a/education/windows/tutorial-school-deployment/enroll-aadj.md
+++ b/education/windows/tutorial-school-deployment/enroll-aadj.md
@ -3,8 +3,6 @@ title: Enrollment in Intune with standard out-of-box experience (OOBE)
 description: Learn how to join devices to Azure AD from OOBE and automatically get them enrolled in Intune.
 ms.date: 08/31/2022
 ms.topic: tutorial
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---
 # Automatic Intune enrollment via Azure AD join

--- a/education/windows/tutorial-school-deployment/enroll-autopilot.md
+++ b/education/windows/tutorial-school-deployment/enroll-autopilot.md
@ -3,8 +3,6 @@ title: Enrollment in Intune with Windows Autopilot
 description: Learn how to join Azure AD and enroll in Intune using Windows Autopilot.
 ms.date: 03/08/2023
 ms.topic: tutorial
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---

 # Windows Autopilot
--- a/education/windows/tutorial-school-deployment/enroll-overview.md
+++ b/education/windows/tutorial-school-deployment/enroll-overview.md
@ -3,8 +3,6 @@ title: Device enrollment overview
 description: Learn about the different options to enroll Windows devices in Microsoft Intune
 ms.date: 08/31/2022
 ms.topic: overview
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---

 # Device enrollment overview
--- a/education/windows/tutorial-school-deployment/enroll-package.md
+++ b/education/windows/tutorial-school-deployment/enroll-package.md
@ -3,8 +3,6 @@ title: Enrollment of Windows devices with provisioning packages
 description: Learn about how to enroll Windows devices with provisioning packages using SUSPCs and Windows Configuration Designer.
 ms.date: 08/31/2022
 ms.topic: tutorial
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---

 # Enrollment with provisioning packages
--- a/education/windows/tutorial-school-deployment/index.md
+++ b/education/windows/tutorial-school-deployment/index.md
@ -3,8 +3,6 @@ title: Introduction to the tutorial deploy and manage Windows devices in a schoo
 description: Introduction to deployment and management of Windows devices in education environments.
 ms.date: 08/31/2022
 ms.topic: conceptual
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---

 # Tutorial: deploy and manage Windows devices in a school
--- a/education/windows/tutorial-school-deployment/manage-overview.md
+++ b/education/windows/tutorial-school-deployment/manage-overview.md
@ -3,8 +3,6 @@ title: Manage devices with Microsoft Intune
 description: Overview of device management capabilities in Intune for Education, including remote actions, remote assistance and inventory/reporting.
 ms.date: 08/31/2022
 ms.topic: tutorial
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---

 # Manage devices with Microsoft Intune
--- a/education/windows/tutorial-school-deployment/reset-wipe.md
+++ b/education/windows/tutorial-school-deployment/reset-wipe.md
@ -3,8 +3,6 @@ title: Reset and wipe Windows devices
 description: Learn about the reset and wipe options for Windows devices using Intune for Education, including scenarios when to delete devices.
 ms.date: 08/31/2022
 ms.topic: tutorial
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---

 # Device reset options
--- a/education/windows/tutorial-school-deployment/set-up-azure-ad.md
+++ b/education/windows/tutorial-school-deployment/set-up-azure-ad.md
@ -3,6 +3,7 @@ title: Set up Azure Active Directory
 description: Learn how to create and prepare your Azure AD tenant for an education environment.
 ms.date: 08/31/2022
 ms.topic: tutorial
+appliesto:
 ---

 # Set up Azure Active Directory
--- a/education/windows/tutorial-school-deployment/set-up-microsoft-intune.md
+++ b/education/windows/tutorial-school-deployment/set-up-microsoft-intune.md
@ -3,6 +3,7 @@ title: Set up device management
 description: Learn how to configure the Intune service and set up the environment for education.
 ms.date: 08/31/2022
 ms.topic: tutorial
+appliesto:
 ---

 # Set up Microsoft Intune
--- a/education/windows/tutorial-school-deployment/troubleshoot-overview.md
+++ b/education/windows/tutorial-school-deployment/troubleshoot-overview.md
@ -3,8 +3,6 @@ title: Troubleshoot Windows devices
 description: Learn how to troubleshoot Windows devices from Intune and contact Microsoft Support for issues related to Intune and other services.
 ms.date: 08/31/2022
 ms.topic: tutorial
-appliesto:
-  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
 ---

 # Troubleshoot Windows devices