deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 13:57:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'main' into patch-7

Browse Source
This commit is contained in:
Carmen Forsmann 2023-05-05 10:34:04 -06:00 committed by GitHub
commit 8e47f91b75
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 48 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-manage-autopatch-groups.md
View File

@ -1,7 +1,7 @@
---
title: Manage Windows Autopatch groups
description: This article explains how to manage Autopatch groups
ms.date: 05/03/2023
ms.date: 05/05/2023
ms.prod: windows-client
ms.technology: itpro-updates
ms.topic: how-to
@ -46,8 +46,8 @@ Before you start managing Autopatch groups, ensure youve met the following pr
- Windows Autopatch Ring2
- Windows Autopatch Ring3
- Windows Autopatch Last
- Additionally, **don't** modify the Azure AD group ownership of any of the groups above otherwise, Autopatch groups device registration process won't be able to add devices into these groups.
- For more information, see [assign an owner of member of a group in Azure AD](/azure/active-directory/privileged-identity-management/groups-assign-member-owner#assign-an-owner-or-member-of-a-group) on how to remediate Azure Azure AD group ownership.
- Additionally, **don't** modify the Azure AD group ownership of any of the groups above otherwise, Autopatch groups device registration process won't be able to add devices into these groups. If the ownership is modified, you must add the **Modern Workplace Management** Service Principal as the owner of these groups.
- For more information, see [assign an owner or member of a group in Azure AD](/azure/active-directory/privileged-identity-management/groups-assign-member-owner#assign-an-owner-or-member-of-a-group) for steps on how to add owners to Azure Azure AD groups.
- Make sure you have [app-only auth turned on in your Windows Autopatch tenant](../operate/windows-autopatch-maintain-environment.md#windows-autopatch-tenant-actions). Otherwise, the Autopatch groups functionality wont work properly. Autopatch uses app-only auth to:
- Read device attributes to successfully register devices.
- Manage all configurations related to the operation of the service.
@ -123,7 +123,11 @@ You **cant** delete the Default Autopatch group. However, you can delete a Cu
> [!CAUTION]
> You cant delete a Custom Autopatch group when its being used as part of one or more active or paused feature update releases. However, you can delete a Custom Autopatch group when the release for either Windows quality or feature updates have either the **Scheduled** or **Paused** statuses.
## Manage device conflict scenarios when Autopatch groups
## Manage device conflict scenarios when using Autopatch groups
> [!IMPORTANT]
> The Windows Autopatch groups functionaliy is in **public preview**. This feature is being actively developed and not all device conflict detection and resolution scenarios are working as expected.
> Fore more information on what to expect for this scenario during public preview, see [Known issues](#known-issues).
Overlap in device membership is a common scenario when working with device-based Azure AD groups since sometimes dynamic queries can be large in scope or the same assigned device membership can be used across different Azure AD groups.
@ -170,4 +174,42 @@ When you create or edit the Custom or Default Autopatch group, Windows Autopatch
#### Device conflict post device registration
Autopatch groups will keep monitoring for all device conflict scenarios listed in the [Manage device conflict scenarios when using Autopatch groups](#manage-device-conflict-scenarios-when-autopatch-groups) section even after devices were successfully registered with the service.
Autopatch groups will keep monitoring for all device conflict scenarios listed in the [Manage device conflict scenarios when using Autopatch groups](../deploy/windows-autopatch-groups-manage-autopatch-groups.md#manage-device-conflict-scenarios-when-using-autopatch-groups) section even after devices were successfully registered with the service.
## Known issues
This section lists known issues with Autopatch groups during its public preview.
### Device conflict scenarios when using Autopatch groups
- **Status: Active**
The Windows Autopatch team is aware that all device conflict scenarios listed below are currently being evaluated during the device registration process to make sure devices are properly registered with the service, and not evaluated post-device registration. The Windows Autopatch team is currently developing detection and resolution for the followin device conflict scenarios, and plan to make them available during public preview.
- Default to Custom Autopatch device conflict detection and resolution.
- Device conflict detection and resolution within an Autopatch group.
- Custom to Cstom Autopatch group device conflict detection.
### Autopatch group Azure AD group remediator
- **Status: Active**
The Windows Autopatch team is aware that the Windows Autopatch service isn't automatically restoring the Azure AD groups that get created during the Autopatch groups creation/editing process. If the following Azure AD groups, that belong to the Default Autopatch group and other Azure AD groups that get created with Custom Autopatch groups, are deleted or renamed, they won't be automatically remediated on your behalf yet:
- Windows Autopatch Test
- Windows Autopatch Ring1
- Windows Autopatch Ring2
- Windows Autopatch Ring3
- Windows Autopatch Last
The Windows Autopatch team is currently developing the Autopatch group Azure AD group remediator feature and plan to make it available during public preview.
> [!NOTE]
> The Autopatch group remediator won't remediate the service-based deployment rings:
>
> - Modern Workplace Devices-Windows Autopatch-Test
> - Modern Workplace Devices-Windows Autopatch-First
> - Modern Workplace Devices-Windows Autopatch-Fast
> - Modern Workplace Devices-Windows Autopatch-Broad
>
> Use the [Policy health feature](../operate/windows-autopatch-policy-health-and-remediation.md) to restore these groups, if needed. For more information, see [restore deployment groups](../operate/windows-autopatch-policy-health-and-remediation.md#restore-deployment-groups).

2
windows/deployment/windows-autopatch/operate/windows-autopatch-groups-manage-windows-feature-update-release.md
View File

@ -1,7 +1,7 @@
---
title: Manage Windows feature update releases
description: This article explains how you can manage Windows feature updates with Autopatch groups
ms.date: 05/01/2023
ms.date: 05/05/2023
ms.prod: windows-client
ms.technology: itpro-updates
ms.topic: conceptual