From 327067999f6474745a6bdd93f60f4de0c7d7a20b Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Mon, 30 Jan 2023 16:53:06 -0500
Subject: [PATCH 01/98] Add new policy

---
 ...in-policy-csp-supported-by-group-policy.md |  3 +-
 .../mdm/policy-csp-search.md                  | 78 ++++++++++++++++---
 2 files changed, 70 insertions(+), 11 deletions(-)

diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
index b5b7fa8d91..e6748d67f8 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
@@ -4,7 +4,7 @@ description: Learn about the policies in Policy CSP supported by Group Policy.
 author: vinaypamnani-msft
 manager: aaroncz
 ms.author: vinpa
-ms.date: 01/18/2023
+ms.date: 01/30/2023
 ms.localizationpriority: medium
 ms.prod: windows-client
 ms.technology: itpro-manage
@@ -642,6 +642,7 @@ This article lists the policies in Policy CSP that have a group policy mapping.
 - [AllowCortanaInAAD](policy-csp-search.md)
 - [AllowFindMyFiles](policy-csp-search.md)
 - [AllowSearchHighlights](policy-csp-search.md)
+- [ConfigureSearchOnTaskbarMode](policy-csp-search.md)
 
 ## Security
 
diff --git a/windows/client-management/mdm/policy-csp-search.md b/windows/client-management/mdm/policy-csp-search.md
index a13b407ce0..aff14c3859 100644
--- a/windows/client-management/mdm/policy-csp-search.md
+++ b/windows/client-management/mdm/policy-csp-search.md
@@ -4,7 +4,7 @@ description: Learn more about the Search Area in Policy CSP.
 author: vinaypamnani-msft
 manager: aaroncz
 ms.author: vinpa
-ms.date: 01/09/2023
+ms.date: 01/30/2023
 ms.localizationpriority: medium
 ms.prod: windows-client
 ms.technology: itpro-manage
@@ -187,7 +187,7 @@ This policy controls whether the user can configure search to *Find My Files* mo
 
 | Value | Description |
 |:--|:--|
-| 1 (Default) | Find My Files feature can be toggled (still off by default), and the settings UI is present. |
+| 1 (Default) | , and the settings UI is present. |
 | 0 | Find My Files feature is turned off completely, and the settings UI is disabled. |
 <!-- AllowFindMyFiles-AllowedValues-End -->
 
@@ -480,7 +480,7 @@ This policy has been deprecated.
 This policy setting allows words that contain diacritic characters to be treated as separate words.
 - If you enable this policy setting, words that only differ in diacritics are treated as different words.
 - If you disable this policy setting, words with diacritics and words without diacritics are treated as identical words. This policy setting is not configured by default.
-- If you do not configure this policy setting, the local setting, configured through Control Panel, will be used
+- If you do not configure this policy setting, the local setting, configured through Control Panel, will be used.
 
 > [!NOTE]
 > By default, the Control Panel setting is set to treat words that differ only because of diacritics as the same word.
@@ -639,6 +639,68 @@ The most restrictive value is `0` to now allow automatic language detection.
 
 <!-- AlwaysUseAutoLangDetection-End -->
 
+<!-- ConfigureSearchOnTaskbarMode-Begin -->
+## ConfigureSearchOnTaskbarMode
+
+<!-- ConfigureSearchOnTaskbarMode-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows Insider Preview |
+<!-- ConfigureSearchOnTaskbarMode-Applicability-End -->
+
+<!-- ConfigureSearchOnTaskbarMode-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/Search/ConfigureSearchOnTaskbarMode
+```
+<!-- ConfigureSearchOnTaskbarMode-OmaUri-End -->
+
+<!-- ConfigureSearchOnTaskbarMode-Description-Begin -->
+<!-- Description-Source-DDF -->
+Configures search on the taskbar.
+- If you disable this policy setting or do not configure it, users can see and change this setting.
+<!-- ConfigureSearchOnTaskbarMode-Description-End -->
+
+<!-- ConfigureSearchOnTaskbarMode-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- ConfigureSearchOnTaskbarMode-Editable-End -->
+
+<!-- ConfigureSearchOnTaskbarMode-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 3 |
+<!-- ConfigureSearchOnTaskbarMode-DFProperties-End -->
+
+<!-- ConfigureSearchOnTaskbarMode-AllowedValues-Begin -->
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 | Hide. |
+| 1 | Search icon only. |
+| 2 | Search icon and label. |
+| 3 (Default) | Search box. |
+<!-- ConfigureSearchOnTaskbarMode-AllowedValues-End -->
+
+<!-- ConfigureSearchOnTaskbarMode-GpMapping-Begin -->
+**Group policy mapping**:
+
+| Name | Value |
+|:--|:--|
+| Name | ConfigureSearchOnTaskbarMode |
+| Path | Search > AT > WindowsComponents > Search |
+| Element Name | ConfigureSearchOnTaskbarMode_Dropdown |
+<!-- ConfigureSearchOnTaskbarMode-GpMapping-End -->
+
+<!-- ConfigureSearchOnTaskbarMode-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- ConfigureSearchOnTaskbarMode-Examples-End -->
+
+<!-- ConfigureSearchOnTaskbarMode-End -->
+
 <!-- DisableBackoff-Begin -->
 ## DisableBackoff
 
@@ -775,7 +837,7 @@ This policy setting configures whether or not locations on removable drives can
 <!-- DisableSearch-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 22H2 [10.0.22621] and later |
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows Insider Preview |
 <!-- DisableSearch-Applicability-End -->
 
 <!-- DisableSearch-OmaUri-Begin -->
@@ -1031,13 +1093,10 @@ If enabled, clients will be unable to query this computer's index remotely. Thus
 <!-- SafeSearchPermissions-Begin -->
 ## SafeSearchPermissions
 
-> [!NOTE]
-> This policy is deprecated and may be removed in a future release.
-
 <!-- SafeSearchPermissions-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :x: Pro <br> :x: Enterprise <br> :x: Education <br> :x: Windows SE | :heavy_check_mark: Windows 10, version 1607 [10.0.14393] and later |
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1607 [10.0.14393] and later |
 <!-- SafeSearchPermissions-Applicability-End -->
 
 <!-- SafeSearchPermissions-OmaUri-Begin -->
@@ -1047,8 +1106,7 @@ If enabled, clients will be unable to query this computer's index remotely. Thus
 <!-- SafeSearchPermissions-OmaUri-End -->
 
 <!-- SafeSearchPermissions-Description-Begin -->
-<!-- Description-Source-DDF -->
-This policy is deprecated.
+<!-- Description-Source-Not-Found -->
 <!-- SafeSearchPermissions-Description-End -->
 
 <!-- SafeSearchPermissions-Editable-Begin -->

From ef3cc5be8d77955b49b7556212c2ee6c9293f6ab Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Tue, 31 Jan 2023 09:33:50 -0800
Subject: [PATCH 02/98] Windows feature update..updates.

---
 .../operate/windows-autopatch-fu-overview.md  | 106 ++++++++----------
 .../overview/windows-autopatch-faq.yml        |  11 +-
 .../windows-autopatch-whats-new-2023.md       |   3 +-
 3 files changed, 53 insertions(+), 67 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index ef3dba90f8..146f1197cc 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -14,93 +14,75 @@ msreviewer: hathind
 
 # Windows feature updates
 
-## Service level objective
+Microsoft provides robust modern device management (MDM) solutions such as Microsoft Intune, Windows Update for Business, Configuration Manager etc. However, the administration of these solutions to keep Windows devices up to date with the latest Windows feature releases rests on your organization’s IT admins. The Windows feature update process is considered one of the most expensive and fundamental tasks by IT organizations because Windows feature updates provide:
 
-Windows Autopatch aims to keep at least 99% of eligible devices on a supported version of Windows so that they can continue receiving Windows feature updates.
+- Fixes for security vulnerabilities and known bugs to keep Windows devices protected against advanced malicious attacks.
+- New features to boost end-user productivity.
 
-## Device eligibility
+Windows Autopatch makes it easier and less expensive for you to keep your Windows devices up to date so you can focus on running your core businesses while Windows Autopatch runs update management on your behalf.
 
-For a device to be eligible for Windows feature updates as a part of Windows Autopatch it must meet the following criteria:
+Windows Autopatch feature update deployment provides:
 
-| Criteria | Description |
-| ----- | ----- |
-| Activity | Devices must have at least six hours of usage, with at least two hours being continuous since the start of the update. |
-| Intune sync | Devices must have checked with Intune within the last five days. |
-| Storage space | Devices must have more than one GB (GigaBytes) of free storage space. |
-| Deployed | Windows Autopatch doesn't update devices that haven't yet been deployed. |
-| Internet connectivity | Devices must have a steady internet connection, and access to Windows [update endpoints](../prepare/windows-autopatch-configure-network.md). |
-| Windows edition | Devices must be on a Windows edition supported by Windows Autopatch. For more information, see [Prerequisites](../prepare/windows-autopatch-prerequisites.md). |
-| Mobile device management (MDM) policy conflict | Devices must not have deployed any policies that would prevent device management. For more information, see [Conflicting and unsupported policies](../references/windows-autopatch-wqu-unsupported-policies.md). |
-| Group policy conflict | Devices must not have group policies deployed which would prevent device management. For more information, see [Group policy](../references/windows-autopatch-wqu-unsupported-policies.md#group-policy-and-other-policy-managers). |
+- A customer-driven and efficient Windows feature update deployment approach for Windows OS target versions and deployment cadence.
+- Proactive insights prior, during and after Windows Feature update deployments.
+- Options to [pause or resume Windows](#pausing-and-resuming-a-release) feature updates on behalf of your organization.
 
-## Windows feature update releases
+## Enforcing a minimum Windows OS version
 
-When the service decides to move to a new version of Windows, the following update schedule is indicative of the minimum amount of time between rings during a rollout.
+Once devices are registered with Windows Autopatch, they’re assigned to deployment rings. Each deployment ring has a set of Windows feature update policies assigned to them.
 
-The final release schedule is communicated prior to release and may vary a little from the following schedule to account for business weeks or other scheduling considerations. For example, Autopatch may decide to release to the Fast Ring after 62 days instead of 60, if 60 days after the release start was a weekend.  
+The policies:
 
-| Ring | Timeline |
-| ----- | ----- |
-| Test | Release start |
-| First | Release start + 30 days |
-| Fast | Release start + 60 days |
-| Broad | Release start + 90 days |
+- Contain the minimum Windows OS version being currently serviced by the Windows servicing channels. The current minimum OS version is **Windows 10 20H2**.
+- Set a bare minimum Windows OS version required by the service once devices are registered with the service.
+- Minimize unexpected Windows OS upgrades once new devices register with Windows Autopatch.
 
-:::image type="content" source="../media/windows-feature-release-process-timeline.png" alt-text="Windows feature release timeline" lightbox="../media/windows-feature-release-process-timeline.png":::
+If a device is registered with Windows Autopatch, and the device is:
 
-## New devices to Windows Autopatch
+- Below the service's currently targeted Windows feature update, that device will update to the service's target version when it meets the Windows OS upgrade eligibility criteria.
+- On, or above the currently targeted Windows feature update version, there won't be any Windows OS upgrades to that device.
 
-If a device is enrolled and it's below Autopatch's currently targeted Windows feature update, that device will update to the service's target version within five days of meeting eligibility criteria.  
+## Windows feature update policy configuration
 
-If a device is enrolled and it's on, or above the currently targeted Windows feature update, there won't be any change to that device.  
+If your tenant is enrolled with Windows Autopatch, you can see the following policies created by the service in the Microsoft Intune portal:
 
-## Feature update configuration
+| Policy name | Feature update version | Rollout options | First deployment ring availability | Final deployment ring availability | Day between deployment rings | Support end date |
+| ----- | ----- | ----- | ----- | ----- | ----- | ----- |
+| Windows Autopatch – DSS Policy [Test] | Windows 10 20H2 | Make update available as soon as possible | N/A | N/A | N/A | 5/8/2023, 7:00PM |
+| Windows Autopatch – DSS Policy [First] | Windows 10 20H2 | Make update available as soon as possible | N/A | N/A | N/A | 5/8/2023, 7:00PM |
+| Windows Autopatch – DSS Policy [Fast] | Windows 10 20H2 | Make update available as soon as possible | 12/14/2022 | 12/21/2022 | 1 | 5/8/2023, 7:00PM |
+| Windows Autopatch – DSS Policy [Broad] | Windows 10 20H2 | Make update available as soon as possible | 12/15/2022 | 12/29/2022 | 1 | 5/8/2023, 7:00PM |
 
-When releasing a feature update, there are two policies that are configured by the service to create the update schedule described in the previous section. You’ll see four of each of the following policies in your tenant, one for each ring:  
+## Test Windows 11 feature updates
 
-- **Modern Workplace DSS Policy**: This policy is used to control the target version of Windows.  
-- **Modern Workplace Update Policy**: This policy is used to control deferrals and deadlines for feature and quality updates.  
+You can test Windows 11 deployments by adding devices either through direct membership or by bulk importing them into the Modern Workplace - Windows 11 Pre-Release Test Devices Azure AD group. There’s a separate Windows feature update policy (**Modern Workplace DSS Policy [Windows 11]**) targeted to this Azure AD group, and its configuration is set as follows:
 
-| Ring | Target version (DSS) Policy | Feature update deferral | Feature update deadline | Feature update grace period |
-| ----- | ----- | ----- | ----- | ----- |
-| Test | 20H2 | 0 | 5 | 0 |
-| First | 20H2 | 0 | 5 | 2 |
-| Fast | 20H2 | 0 | 5 | 2 |
-| Broad | 20H2 | 0 | 5 | 2 |
+| Policy name | Feature update version | Rollout options | First deployment ring availability | Final deployment ring availability | Day between deployment rings | Support end date |
+| ----- | ----- | ----- | ----- | ----- | ----- | ----- |
+| Windows Autopatch – DSS Policy [Test] | Windows 11 22H2 | Make update available as soon as possible | N/A | N/A | N/A | 10/13/2025, 7:00PM |
 
-> [!NOTE]
-> Customers are not able to select a target version for their tenant.
+## Manage Windows feature update deployments
 
-During a release, the service modifies the Modern Workplace DSS policy to change the target version for a specific ring in Intune. That change is deployed to devices and updates the devices prior to the update deadline.  
+Windows Autopatch uses Microsoft Intune’s built-in solution, which uses configuration service providers (CSPs), for pausing and resuming both [Windows quality](windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release) and feature updates.
 
-To understand how devices will react to the change in the Modern Workplace DSS policy, it's important to understand how deferral, deadline, and grace periods affect devices.
-
-| Policy | Description |
-| ----- | ----- |
-| [Deferrals](/windows/client-management/mdm/policy-csp-update#update-deferqualityupdatesperiodindays) | The deferral policy determines how many days after a release the feature update is offered to a device. The service maximizes control over feature updates by creating individual DSS policies for each ring and modifying the ring's DSS policy to change the target update version. Therefore, the feature update deferral policy for all rings is set to zero days so that a change in the DSS policy is released as soon as possible.   |
-| [Deadlines](/windows/client-management/mdm/policy-csp-update#update-autorestartdeadlineperiodindays)    | Before the deadline, restarts can be scheduled by users or automatically scheduled outside of active hours. After the deadline passes, restarts will occur regardless of active hours and users won't be able to reschedule. The deadline for a specific device is set to be the specified number of days after the update is offered to the device.  |
-| [Grace periods](/windows/client-management/mdm/policy-csp-update#update-configuredeadlinegraceperiod) | This policy specifies a minimum number of days after an update is downloaded until the device is automatically restarted. This policy overrides the deadline policy so that if a user comes back from vacation, it prevents the device from forcing a restart to complete the update as soon as it comes online.  |
-
-> [!IMPORTANT]
-> Deploying deferral, deadline, or grace period policies which conflict with Autopatch's policies will render a device ineligible for management. Also, if any update related to group policy settings are detected, the device will also be ineligible for management.
-
-## Windows 11 testing
-
-To allow customers to test Windows 11 in their environment, there's a separate DSS policy that enables you to test Windows 11 before broadly adopting within your environment. When you add devices to the **Modern Workplace - Windows 11 Pre-Release Test Devices** group they'll update to Windows 11.  
-
-> [!IMPORTANT]
-> This group is intended for testing purposes only and shouldn't be used to broadly update to Windows 11 in your environment.
+Windows Autopatch provides a permanent pause of a Windows feature update deployment. The Windows Autopatch service automatically extends the 35 day pause limit (permanent pause) established by Microsoft Intune on your behalf. The deployment remains permanently paused until you decide to resume it.
 
 ## Pausing and resuming a release
 
-You can pause or resume a Windows feature update from the Release management tab in the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+**To pause or resume a feature update:**
+
+1. Go to the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+1. Select **Devices** from the left navigation menu.
+1. Under the **Windows Autopatch** section, select **Release management**.
+1. In the **Release management** blade, select either **Pause** or **Resume**.
 
 ## Rollback
 
-Windows Autopatch doesn't support the rollback of feature updates.
+Windows Autopatch doesn’t support the rollback of Windows Feature updates.
 
-## Incidents and outages
+> [!CAUTION]
+> It’s not recommended to use [Microsoft Intune’s capabilities](/mem/intune/protect/windows-10-update-rings#manage-your-windows-update-rings) to pause and rollback a Windows feature update. However, if you choose to pause, resume and/or roll back from Intune, Windows Autopatch is **not** responsible for any problems that arise from rolling back the feature update.
 
-If devices in your tenant don't meet the [service level objective](#service-level-objective) for Windows feature updates, Autopatch will raise an incident will be raised. The Windows Autopatch Service Engineering Team will work to bring those devices onto the latest version of Windows.
+## Contact support
 
-If you're experiencing other issues related to Windows feature updates, [submit a support request](../operate/windows-autopatch-support-request.md).
+If you’re experiencing issues related to Windows feature updates, you can [submit a support request](../operate/windows-autopatch-support-request.md). Email is the recommended approach to interact with the Windows Autopatch Service Engineering Team.
diff --git a/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml b/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
index e51bf1f82a..0c377a7e69 100644
--- a/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
+++ b/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
@@ -37,7 +37,7 @@ sections:
           Windows Autopatch is available for all Windows E3 customers using Azure commercial cloud. However, Autopatch isn't currently supported for government cloud (GCC) customers.
       - question: What if I enrolled into Windows Autopatch using the promo code? Will I still have access to the service?
         answer: |
-          Yes. For those who used the promo code to access Windows Autopatch during public preview, you'll continue to have access to Windows Autopatch even when the promo code expires. There is no additional action you have to take to continue using Windows Autopatch.
+          Yes. For those who used the promo code to access Windows Autopatch during public preview, you'll continue to have access to Windows Autopatch even when the promo code expires. There's no additional action you have to take to continue using Windows Autopatch.
   - name: Requirements
     questions:
       - question: What are the prerequisites for Windows Autopatch?
@@ -70,14 +70,14 @@ sections:
           No, Windows 365 Enterprise Cloud PC's support all features of Windows Autopatch. For more information, see [Virtual devices](/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices#virtual-devices).
       - question: Do my Cloud PCs appear any differently in the Windows Autopatch admin center?
         answer: |
-          Cloud PC displays the model as the license type you have provisioned. For more information, see [Windows Autopatch on Windows 365 Enterprise Workloads](/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices#windows-autopatch-on-windows-365-enterprise-workloads).
+          Cloud PC displays the model as the license type you've provisioned. For more information, see [Windows Autopatch on Windows 365 Enterprise Workloads](/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices#windows-autopatch-on-windows-365-enterprise-workloads).
       - question: Can I run Autopatch on my Windows 365 Business Workloads?
         answer: |
           No. Autopatch is only available on enterprise workloads. For more information, see [Windows Autopatch on Windows 365 Enterprise Workloads](/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices#windows-autopatch-on-windows-365-enterprise-workloads).
       - question: Can you change the policies and configurations created by Windows Autopatch?
         answer: |
           No. Don't change, edit, add to, or remove any of the configurations. Doing so might cause unintended configuration conflicts and impact the Windows Autopatch service. For more information about policies and configurations, see [Changes made at tenant enrollment](/windows/deployment/windows-autopatch/references/windows-autopatch-changes-to-tenant).
-  - name: Update Management
+  - name: Update management
     questions: 
       - question: What systems does Windows Autopatch update?
         answer: |
@@ -94,9 +94,12 @@ sections:
           Autopatch relies on the following capabilities to help resolve update issues:
           - Pausing and resuming: If Windows Autopatch detects an issue with a Windows quality release, we may decide that it's necessary to pause that release. Once the issue is resolved, the release will be resumed. For more information, see [Pausing and resuming a Windows quality release](../operate/windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release).
           - Rollback: If Windows Autopatch detects issues between versions of Microsoft 365 Apps for enterprise, we might force all devices to roll back to the previous version. For more information, see [Update controls for Microsoft 365 Apps for enterprise](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#update-controls).
+      - question: Can I permanently pause a Windows feature update deployment?
+        answer: |
+          Yes. Windows Autopatch provides a [permanent pause of either a feature update deployment](../operate/windows-autopatch-fu-overview.md#pausing-and-resuming-a-release).
       - question: Will Windows quality updates be released more quickly after vulnerabilities are identified, or what is the regular cadence of updates?
         answer: |
-          For zero-day threats, Autopatch will have an [expedited release cadence](../operate/windows-autopatch-wqu-overview.md#expedited-releases). For normal updates Autopatch uses a [regular release cadence](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases) starting with devices in the Test ring and completing with general rollout to the Broad ring.
+          For zero-day threats, Autopatch will have an [expedited release cadence](../operate/windows-autopatch-wqu-overview.md#expedited-releases). For normal updates Autopatch, uses a [regular release cadence](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases) starting with devices in the Test ring and completing with general rollout to the Broad ring.
       - question: Can customers configure when to move to the next ring or is it controlled by Windows Autopatch?
         answer: |
           The decision of when to move to the next ring is handled by Windows Autopatch; it isn't customer configurable.
diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
index cbc9b52878..966d0c3c43 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
@@ -1,7 +1,7 @@
 ---
 title: What's new 2023
 description: This article lists the 2023 feature releases and any corresponding Message center post numbers.
-ms.date: 01/09/2023
+ms.date: 01/31/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: whats-new
@@ -24,6 +24,7 @@ Minor corrections such as typos, style, or formatting issues aren't listed.
 
 | Article | Description |
 | ----- | ----- |
+| [Windows feature update](../operate/windows-autopatch-fu-overview.md) | Updated Windows feature update information |
 | [Submit a tenant enrollment support request](../prepare/windows-autopatch-enrollment-support-request.md) | Added the Submit a tenant enrollment support request section. You can submit a tenant enrollment support request through the Tenant enrollment tool if you're running into issues with enrollment. |
 | [Submit a support request](../operate/windows-autopatch-support-request.md) | Added Premier and Unified support options section |
 

From b67711e8bcb251e1658a5b5df4da7f29b9bdc449 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Tue, 31 Jan 2023 09:36:27 -0800
Subject: [PATCH 03/98] Tweak

---
 .../operate/windows-autopatch-fu-overview.md                  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index 146f1197cc..0714448dcc 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -1,7 +1,7 @@
 ---
 title: Windows feature updates
 description: This article explains how Windows feature updates are managed in Autopatch
-ms.date: 07/11/2022
+ms.date: 01/31/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: conceptual
@@ -9,7 +9,7 @@ ms.localizationpriority: medium
 author: tiaraquan
 ms.author: tiaraquan
 manager: dougeby
-msreviewer: hathind
+msreviewer: andredm7
 ---
 
 # Windows feature updates

From a2e02e31b7bd4cfe3b9eff3bad490efdf69e9520 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Tue, 31 Jan 2023 13:00:46 -0500
Subject: [PATCH 04/98] Fix AutoPilot to Autopilot

Fix AutoPilot to Autopilot
---
 windows/whats-new/whats-new-windows-10-version-1809.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/whats-new/whats-new-windows-10-version-1809.md b/windows/whats-new/whats-new-windows-10-version-1809.md
index 776e3fd5fe..5e8d923106 100644
--- a/windows/whats-new/whats-new-windows-10-version-1809.md
+++ b/windows/whats-new/whats-new-windows-10-version-1809.md
@@ -68,7 +68,7 @@ This new functionality is an update to the [BitLocker CSP](/windows/client-manag
 
 This feature will soon be enabled on Olympia Corp as an optional feature.
 
-#### Delivering BitLocker policy to AutoPilot devices during OOBE 
+#### Delivering BitLocker policy to Autopilot devices during OOBE 
 
 You can choose which encryption algorithm to apply to BitLocker encryption capable devices, rather than automatically having those devices encrypt themselves with the default algorithm. This option allows the encryption algorithm (and other BitLocker policies that must be applied prior to encryption), to be delivered before BitLocker encryption begins. 
 

From a9f54bc9d0ba94d76fd336454b6b4b5314a33eac Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Tue, 31 Jan 2023 13:25:13 -0500
Subject: [PATCH 05/98] Update metadata & remove video

Updated metadata and removed video that is no longer available
---
 .../whats-new/whats-new-windows-10-version-1809.md | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/windows/whats-new/whats-new-windows-10-version-1809.md b/windows/whats-new/whats-new-windows-10-version-1809.md
index 5e8d923106..8fd4016b72 100644
--- a/windows/whats-new/whats-new-windows-10-version-1809.md
+++ b/windows/whats-new/whats-new-windows-10-version-1809.md
@@ -3,14 +3,14 @@ title: What's new in Windows 10, version 1809
 ms.reviewer: 
 description: Learn about features for Windows 10, version 1809, including features and fixes included in previous cumulative updates to Windows 10, version 1803.
 ms.prod: windows-client
-author: aczechowski
-manager: dougeby
-ms.author: aaroncz
+author: mestew
+manager: aaroncz
+ms.author: mstewart
 ms.localizationpriority: medium
 ms.topic: article
 ROBOTS: NOINDEX
 ms.technology: itpro-fundamentals
-ms.date: 12/31/2017
+ms.date: 01/31/2023
 ---
 
 # What's new in Windows 10, version 1809 for IT Pros
@@ -19,12 +19,14 @@ ms.date: 12/31/2017
 
 In this article, we describe new and updated features of interest to IT Pros for Windows 10, version 1809. This update also contains all features and fixes included in previous cumulative updates to Windows 10, version 1803. 
 
+<!---
+
 The following 3-minute video summarizes some of the new features that are available for IT Pros in this release.
 
-&nbsp;
-
 > [!video https://www.youtube.com/embed/hAva4B-wsVA]
 
+--->
+
 ## Deployment
 
 ### Windows Autopilot self-deploying mode

From 2baba527e6457257065572e4321c5772700d4d63 Mon Sep 17 00:00:00 2001
From: Andre Della Monica <andredm@microsoft.com>
Date: Tue, 31 Jan 2023 14:26:02 -0600
Subject: [PATCH 06/98] Last feature update change

---
 .../operate/windows-autopatch-fu-overview.md                | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index 0714448dcc..e891b1534d 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -21,12 +21,6 @@ Microsoft provides robust modern device management (MDM) solutions such as Micro
 
 Windows Autopatch makes it easier and less expensive for you to keep your Windows devices up to date so you can focus on running your core businesses while Windows Autopatch runs update management on your behalf.
 
-Windows Autopatch feature update deployment provides:
-
-- A customer-driven and efficient Windows feature update deployment approach for Windows OS target versions and deployment cadence.
-- Proactive insights prior, during and after Windows Feature update deployments.
-- Options to [pause or resume Windows](#pausing-and-resuming-a-release) feature updates on behalf of your organization.
-
 ## Enforcing a minimum Windows OS version
 
 Once devices are registered with Windows Autopatch, they’re assigned to deployment rings. Each deployment ring has a set of Windows feature update policies assigned to them.

From e0c4798c977b18f7a1947cb14aaf21844052ad02 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Tue, 31 Jan 2023 15:26:27 -0500
Subject: [PATCH 07/98] Add new policy

---
 .../mdm/policy-csp-update.md                  | 72 ++++++++++++++++++-
 1 file changed, 71 insertions(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-csp-update.md b/windows/client-management/mdm/policy-csp-update.md
index 040028b422..7a183cb82b 100644
--- a/windows/client-management/mdm/policy-csp-update.md
+++ b/windows/client-management/mdm/policy-csp-update.md
@@ -4,7 +4,7 @@ description: Learn more about the Update Area in Policy CSP.
 author: vinaypamnani-msft
 manager: aaroncz
 ms.author: vinpa
-ms.date: 01/18/2023
+ms.date: 01/31/2023
 ms.localizationpriority: medium
 ms.prod: windows-client
 ms.technology: itpro-manage
@@ -23,6 +23,7 @@ ms.topic: reference
 Update CSP policies are listed below based on the group policy area:
 
 - [Windows Insider Preview](#windows-insider-preview)
+  - [AllowTemporaryEnterpriseFeatureControl](#allowtemporaryenterprisefeaturecontrol)
   - [ConfigureDeadlineNoAutoRebootForFeatureUpdates](#configuredeadlinenoautorebootforfeatureupdates)
   - [ConfigureDeadlineNoAutoRebootForQualityUpdates](#configuredeadlinenoautorebootforqualityupdates)
 - [Manage updates offered from Windows Update](#manage-updates-offered-from-windows-update)
@@ -103,6 +104,75 @@ Update CSP policies are listed below based on the group policy area:
 
 ## Windows Insider Preview
 
+<!-- AllowTemporaryEnterpriseFeatureControl-Begin -->
+### AllowTemporaryEnterpriseFeatureControl
+
+<!-- AllowTemporaryEnterpriseFeatureControl-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows Insider Preview |
+<!-- AllowTemporaryEnterpriseFeatureControl-Applicability-End -->
+
+<!-- AllowTemporaryEnterpriseFeatureControl-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/Update/AllowTemporaryEnterpriseFeatureControl
+```
+<!-- AllowTemporaryEnterpriseFeatureControl-OmaUri-End -->
+
+<!-- AllowTemporaryEnterpriseFeatureControl-Description-Begin -->
+<!-- Description-Source-ADMX -->
+Features introduced via servicing (outside of the annual feature update) are off by default for devices that have their Windows updates managed*.
+
+- If this policy is configured to "Enabled", then all features available in the latest monthly quality update installed will be on.
+
+- If this policy is set to "Not Configured" or "Disabled" then features that are shipped via a monthly quality update (servicing) will remain off until the feature update that includes these features is installed.
+
+*Windows update managed devices are those that have their Windows updates managed via policy; whether via the cloud using Windows Update for Business or on-premises with Windows Server Update Services (WSUS).
+<!-- AllowTemporaryEnterpriseFeatureControl-Description-End -->
+
+<!-- AllowTemporaryEnterpriseFeatureControl-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- AllowTemporaryEnterpriseFeatureControl-Editable-End -->
+
+<!-- AllowTemporaryEnterpriseFeatureControl-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 0 |
+<!-- AllowTemporaryEnterpriseFeatureControl-DFProperties-End -->
+
+<!-- AllowTemporaryEnterpriseFeatureControl-AllowedValues-Begin -->
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 (Default) | Not allowed. |
+| 1 | Allowed. |
+<!-- AllowTemporaryEnterpriseFeatureControl-AllowedValues-End -->
+
+<!-- AllowTemporaryEnterpriseFeatureControl-GpMapping-Begin -->
+**Group policy mapping**:
+
+| Name | Value |
+|:--|:--|
+| Name | AllowTemporaryEnterpriseFeatureControl |
+| Friendly Name | Enable features introduced via servicing that are off by default |
+| Location | Computer Configuration |
+| Path | Windows Components > Windows Update > Manage end user experience |
+| Registry Key Name | Software\Policies\Microsoft\Windows\WindowsUpdate |
+| Registry Value Name | AllowTemporaryEnterpriseFeatureControl |
+| ADMX File Name | WindowsUpdate.admx |
+<!-- AllowTemporaryEnterpriseFeatureControl-GpMapping-End -->
+
+<!-- AllowTemporaryEnterpriseFeatureControl-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- AllowTemporaryEnterpriseFeatureControl-Examples-End -->
+
+<!-- AllowTemporaryEnterpriseFeatureControl-End -->
+
 <!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Begin -->
 ### ConfigureDeadlineNoAutoRebootForFeatureUpdates
 

From 3c63370a4cb56eec34663be84827e9ec2e49b3d6 Mon Sep 17 00:00:00 2001
From: Andre Della Monica <andredm@microsoft.com>
Date: Tue, 31 Jan 2023 14:38:39 -0600
Subject: [PATCH 08/98] More changes

---
 .../operate/windows-autopatch-fu-overview.md                 | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index e891b1534d..e4120c6a27 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -69,6 +69,11 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 1. Select **Devices** from the left navigation menu.
 1. Under the **Windows Autopatch** section, select **Release management**.
 1. In the **Release management** blade, select either **Pause** or **Resume**.
+2. Choose the type of update you would like to either Pause or Resume.
+3. Choose a reason from the drop-down box.
+4. When resuming an update you have an option to only resume one or more specific Windows Autopatch deployment rings.
+4. Enter description text and click on **Okay**.
+
 
 ## Rollback
 

From 29504fb4dda83f9a6d0c197b5a2fad46d4ca7dc5 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 31 Jan 2023 12:52:21 -0800
Subject: [PATCH 09/98] Update windows-autopatch-fu-overview.md

Reworded/reviewed.
---
 .../operate/windows-autopatch-fu-overview.md     | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index e4120c6a27..91ef84c244 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -66,14 +66,16 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 **To pause or resume a feature update:**
 
 1. Go to the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
-1. Select **Devices** from the left navigation menu.
-1. Under the **Windows Autopatch** section, select **Release management**.
-1. In the **Release management** blade, select either **Pause** or **Resume**.
-2. Choose the type of update you would like to either Pause or Resume.
-3. Choose a reason from the drop-down box.
-4. When resuming an update you have an option to only resume one or more specific Windows Autopatch deployment rings.
-4. Enter description text and click on **Okay**.
+2. Select **Devices** from the left navigation menu.
+3. Under the **Windows Autopatch** section, select **Release management**.
+4. In the **Release management** blade, select either: **Pause** or **Resume**. When resuming an update, you can select one or more deployment rings.
+5. Select the update you would like to pause or resume.
+6. Select a reason from the dropdown menu.
+7. Optional. Enter details about why you're pausing or resuming the selected update.
+8. Select **Okay**.
 
+> [!CAUTION]
+> Pausing an update can take up to eight hours to deploy to devices.
 
 ## Rollback
 

From 4d99444eddb8411a27f24cf74e2211c4ba9a6c6f Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 31 Jan 2023 12:52:58 -0800
Subject: [PATCH 10/98] Update windows-autopatch-fu-overview.md

---
 .../windows-autopatch/operate/windows-autopatch-fu-overview.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index 91ef84c244..363ef7885c 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -74,7 +74,7 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 7. Optional. Enter details about why you're pausing or resuming the selected update.
 8. Select **Okay**.
 
-> [!CAUTION]
+> [!NOTE]
 > Pausing an update can take up to eight hours to deploy to devices.
 
 ## Rollback

From 92d9bdcac54528ef72a9185c502a0b9586c3162a Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 31 Jan 2023 12:54:36 -0800
Subject: [PATCH 11/98] Update windows-autopatch-fu-overview.md

---
 .../windows-autopatch/operate/windows-autopatch-fu-overview.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index 363ef7885c..f6c6ada5d0 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -69,7 +69,7 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 2. Select **Devices** from the left navigation menu.
 3. Under the **Windows Autopatch** section, select **Release management**.
 4. In the **Release management** blade, select either: **Pause** or **Resume**. When resuming an update, you can select one or more deployment rings.
-5. Select the update you would like to pause or resume.
+5. Select the update type you would like to pause or resume.
 6. Select a reason from the dropdown menu.
 7. Optional. Enter details about why you're pausing or resuming the selected update.
 8. Select **Okay**.

From ec0935731334a0d62a12b9588e56e77224e28ee7 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 31 Jan 2023 12:59:39 -0800
Subject: [PATCH 12/98] Update windows-autopatch-fu-overview.md

---
 .../operate/windows-autopatch-fu-overview.md                 | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index f6c6ada5d0..b00aad6290 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -68,11 +68,12 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 1. Go to the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
 2. Select **Devices** from the left navigation menu.
 3. Under the **Windows Autopatch** section, select **Release management**.
-4. In the **Release management** blade, select either: **Pause** or **Resume**. When resuming an update, you can select one or more deployment rings.
+4. In the **Release management** blade, select either: **Pause** or **Resume**.
 5. Select the update type you would like to pause or resume.
 6. Select a reason from the dropdown menu.
 7. Optional. Enter details about why you're pausing or resuming the selected update.
-8. Select **Okay**.
+8. If you're resuming an update, you can select one or more deployment rings.
+9. Select **Okay**.
 
 > [!NOTE]
 > Pausing an update can take up to eight hours to deploy to devices.

From 694a05ba33e8186d88c406c90c5324540ea633df Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Tue, 31 Jan 2023 14:41:28 -0800
Subject: [PATCH 13/98] Feature update tweak.

---
 .../windows-autopatch/operate/windows-autopatch-fu-overview.md | 3 +++
 .../whats-new/windows-autopatch-whats-new-2023.md              | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index b00aad6290..0875a29339 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -47,6 +47,9 @@ If your tenant is enrolled with Windows Autopatch, you can see the following pol
 | Windows Autopatch – DSS Policy [Fast] | Windows 10 20H2 | Make update available as soon as possible | 12/14/2022 | 12/21/2022 | 1 | 5/8/2023, 7:00PM |
 | Windows Autopatch – DSS Policy [Broad] | Windows 10 20H2 | Make update available as soon as possible | 12/15/2022 | 12/29/2022 | 1 | 5/8/2023, 7:00PM |
 
+> [!IMPORTANT]
+> If you’re ahead of the current minimum OS version enforced by Windows Autopatch in your organization, you can [edit Windows Autopatch’s default Windows feature update policy and select your desired targeted version](/mem/intune/protect/windows-10-feature-updates#create-and-assign-feature-updates-for-windows-10-and-later-policy).
+
 ## Test Windows 11 feature updates
 
 You can test Windows 11 deployments by adding devices either through direct membership or by bulk importing them into the Modern Workplace - Windows 11 Pre-Release Test Devices Azure AD group. There’s a separate Windows feature update policy (**Modern Workplace DSS Policy [Windows 11]**) targeted to this Azure AD group, and its configuration is set as follows:
diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
index 966d0c3c43..265777e93b 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
@@ -25,7 +25,7 @@ Minor corrections such as typos, style, or formatting issues aren't listed.
 | Article | Description |
 | ----- | ----- |
 | [Windows feature update](../operate/windows-autopatch-fu-overview.md) | Updated Windows feature update information |
-| [Submit a tenant enrollment support request](../prepare/windows-autopatch-enrollment-support-request.md) | Added the Submit a tenant enrollment support request section. You can submit a tenant enrollment support request through the Tenant enrollment tool if you're running into issues with enrollment. |
+| [Submit a tenant enrollment support request](../prepare/windows-autopatch-enrollment-support-request.md) | Added the Submit a tenant enrollment support request section. You can submit a tenant enrollment support request through the Tenant enrollment tool if you're running into issues with enrollment |
 | [Submit a support request](../operate/windows-autopatch-support-request.md) | Added Premier and Unified support options section |
 
 ### January service release

From af2b897a4d51f9feaaab6f7078d66896c609d9ec Mon Sep 17 00:00:00 2001
From: Andre Della Monica <andredm@microsoft.com>
Date: Tue, 31 Jan 2023 18:42:01 -0600
Subject: [PATCH 14/98] More changes

---
 .../operate/windows-autopatch-fu-overview.md        | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index 0875a29339..b46ae79d24 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -1,7 +1,7 @@
 ---
 title: Windows feature updates
 description: This article explains how Windows feature updates are managed in Autopatch
-ms.date: 01/31/2023
+ms.date: 02/01/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: conceptual
@@ -23,11 +23,11 @@ Windows Autopatch makes it easier and less expensive for you to keep your Window
 
 ## Enforcing a minimum Windows OS version
 
-Once devices are registered with Windows Autopatch, they’re assigned to deployment rings. Each deployment ring has a set of Windows feature update policies assigned to them.
+Once devices are registered with Windows Autopatch, they’re assigned to deployment rings. Each deployment ring has its Windows feature update policy assigned to them.
 
 The policies:
 
-- Contain the minimum Windows OS version being currently serviced by the Windows servicing channels. The current minimum OS version is **Windows 10 20H2**.
+- Contain the minimum Windows 10 OS version being currently serviced by the [Windows servicing channels](https://learn.microsoft.com/windows/release-health/release-information?msclkid=ee885719baa511ecb838e1a689da96d2). The current minimum OS version is **Windows 10 20H2**.
 - Set a bare minimum Windows OS version required by the service once devices are registered with the service.
 - Minimize unexpected Windows OS upgrades once new devices register with Windows Autopatch.
 
@@ -56,7 +56,7 @@ You can test Windows 11 deployments by adding devices either through direct memb
 
 | Policy name | Feature update version | Rollout options | First deployment ring availability | Final deployment ring availability | Day between deployment rings | Support end date |
 | ----- | ----- | ----- | ----- | ----- | ----- | ----- |
-| Windows Autopatch – DSS Policy [Test] | Windows 11 22H2 | Make update available as soon as possible | N/A | N/A | N/A | 10/13/2025, 7:00PM |
+| Modern Workplace DSS Policy [Windows 11] | Windows 11 22H2 | Make update available as soon as possible | N/A | N/A | N/A | 10/13/2025, 7:00PM |
 
 ## Manage Windows feature update deployments
 
@@ -78,8 +78,9 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 8. If you're resuming an update, you can select one or more deployment rings.
 9. Select **Okay**.
 
-> [!NOTE]
-> Pausing an update can take up to eight hours to deploy to devices.
+> [!TIP]
+> Pausing an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch leverages Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.
+	> See [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](https://learn.microsoft.com/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned) for more details.
 
 ## Rollback
 

From 0348c52803a345884d743a09fd52bf4363fd0349 Mon Sep 17 00:00:00 2001
From: Andre Della Monica <andredm@microsoft.com>
Date: Tue, 31 Jan 2023 18:45:04 -0600
Subject: [PATCH 15/98] More changes

---
 .../windows-autopatch/operate/windows-autopatch-fu-overview.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index b46ae79d24..e901982064 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -27,7 +27,7 @@ Once devices are registered with Windows Autopatch, they’re assigned to deploy
 
 The policies:
 
-- Contain the minimum Windows 10 OS version being currently serviced by the [Windows servicing channels](https://learn.microsoft.com/windows/release-health/release-information?msclkid=ee885719baa511ecb838e1a689da96d2). The current minimum OS version is **Windows 10 20H2**.
+- Contain the minimum Windows 10 version being currently serviced by the [Windows servicing channels](https://learn.microsoft.com/windows/release-health/release-information?msclkid=ee885719baa511ecb838e1a689da96d2). The current minimum OS version is **Windows 10 20H2**.
 - Set a bare minimum Windows OS version required by the service once devices are registered with the service.
 - Minimize unexpected Windows OS upgrades once new devices register with Windows Autopatch.
 

From 1dc5d1f12440efa7056dea145d12a3ac40af1c64 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 31 Jan 2023 17:10:32 -0800
Subject: [PATCH 16/98] Update windows-autopatch-fu-overview.md

---
 .../operate/windows-autopatch-fu-overview.md                  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index e901982064..a832ff3449 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -27,7 +27,7 @@ Once devices are registered with Windows Autopatch, they’re assigned to deploy
 
 The policies:
 
-- Contain the minimum Windows 10 version being currently serviced by the [Windows servicing channels](https://learn.microsoft.com/windows/release-health/release-information?msclkid=ee885719baa511ecb838e1a689da96d2). The current minimum OS version is **Windows 10 20H2**.
+- Contain the minimum Windows 10 version being currently serviced by the [Windows servicing channels](/windows/release-health/release-information?msclkid=ee885719baa511ecb838e1a689da96d2). The current minimum OS version is **Windows 10 20H2**.
 - Set a bare minimum Windows OS version required by the service once devices are registered with the service.
 - Minimize unexpected Windows OS upgrades once new devices register with Windows Autopatch.
 
@@ -80,7 +80,7 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 
 > [!TIP]
 > Pausing an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch leverages Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.
-	> See [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](https://learn.microsoft.com/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned) for more details.
+	> See [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned) for more details.
 
 ## Rollback
 

From f4d666a9e67a0ee5e6e745e5c4fc24fe213e0eb5 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 31 Jan 2023 17:15:06 -0800
Subject: [PATCH 17/98] Update windows-autopatch-fu-overview.md

---
 .../windows-autopatch/operate/windows-autopatch-fu-overview.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index a832ff3449..c18f523c0a 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -79,8 +79,7 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 9. Select **Okay**.
 
 > [!TIP]
-> Pausing an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch leverages Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.
-	> See [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned) for more details.
+> Pausing an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch leverages Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned) for more details.</p>
 
 ## Rollback
 

From 4051d3c31325e8df597d2c66fc7599c3d529e4db Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 31 Jan 2023 17:16:18 -0800
Subject: [PATCH 18/98] Update windows-autopatch-fu-overview.md

---
 .../windows-autopatch/operate/windows-autopatch-fu-overview.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index c18f523c0a..60d77714ac 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -79,7 +79,7 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 9. Select **Okay**.
 
 > [!TIP]
-> Pausing an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch leverages Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned) for more details.</p>
+> Pausing an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch uses Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned) for more details.</p>
 
 ## Rollback
 

From 731ad4f526bca64a351a0ddb419367eaefc4f4ff Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Tue, 31 Jan 2023 18:12:17 -0800
Subject: [PATCH 19/98] Tweak toc.

---
 windows/deployment/windows-autopatch/TOC.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/windows-autopatch/TOC.yml b/windows/deployment/windows-autopatch/TOC.yml
index 5bc21c33d2..c16dff950a 100644
--- a/windows/deployment/windows-autopatch/TOC.yml
+++ b/windows/deployment/windows-autopatch/TOC.yml
@@ -50,7 +50,7 @@
                 - name: Windows quality updates
                   href: operate/windows-autopatch-wqu-overview.md
                   items:
-                    - name: Windows quality end user experience
+                    - name: Windows quality update end user experience
                       href: operate/windows-autopatch-wqu-end-user-exp.md
                     - name: Windows quality update signals
                       href: operate/windows-autopatch-wqu-signals.md
@@ -70,7 +70,7 @@
                 - name: Windows feature updates
                   href: operate/windows-autopatch-fu-overview.md
                   items:
-                    - name: Windows feature end user experience
+                    - name: Windows feature update end user experience
                       href: operate/windows-autopatch-fu-end-user-exp.md
                 - name: Windows quality and feature update communications
                   href: operate/windows-autopatch-wqu-communications.md

From 7d2d674760474d734763f29676b183f1fcd28483 Mon Sep 17 00:00:00 2001
From: Andre Della Monica <andredm@microsoft.com>
Date: Tue, 31 Jan 2023 20:20:49 -0600
Subject: [PATCH 20/98] Device registration updates

---
 .../deploy/windows-autopatch-register-devices.md    | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
index 47e7d10902..ba4d431052 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
@@ -111,12 +111,19 @@ A role defines the set of permissions granted to users assigned to that role. Yo
 
 - Azure AD Global Administrator
 - Intune Service Administrator
-- Modern Workplace Intune Administrator
 
 For more information, see [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference) and [Role-based access control (RBAC) with Microsoft Intune](/mem/intune/fundamentals/role-based-access-control).
 
-> [!NOTE]
-> The Modern Workplace Intune Admin role is a custom created role during the Windows Autopatch tenant enrollment process. This role can assign administrators to Intune roles, and allows you to create and configure custom Intune roles.
+If you want to assign less-privileged user accounts to perform specific tasks in the Windows Autopatch portal, such as register devices with the service, you can add these user accounts into one of the two Azure AD groups created during the tenant enrollment process:
+
+| Role | Discover devices | Modify columns | Refresh device list | Export to .CSV | Device actions |
+| ----- | ----- | ----- | ----- | ----- | ----- |
+| Modern Workplace Roles - Service Administrator | Yes | Yes | Yes | Yes | Yes |
+| Modern Workplace Roles - Service Reader | No | Yes | Yes | Yes | No |
+
+> [!TIP]
+> If adding less-privileged user accounts into the **Modern Workplace Roles - Service Administrator** Azure AD group, it's also recommended to add the same users as owners of the **Windows Autopatch Device Registration** Azure AD group so these user accounts can add new devices as members of the group for registration purposes.
+> See [assign an owner of member of a group in Azure AD](https://learn.microsoft.com/azure/active-directory/privileged-identity-management/groups-assign-member-owner#assign-an-owner-or-member-of-a-group) for more details.
 
 ## Details about the device registration process
 

From eac2d1b8ed10f95284ba722b87ef6cfb32fac79e Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 31 Jan 2023 19:28:01 -0800
Subject: [PATCH 21/98] Update windows-autopatch-fu-overview.md

---
 .../windows-autopatch/operate/windows-autopatch-fu-overview.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index 60d77714ac..1bfeaa20e7 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -79,7 +79,7 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 9. Select **Okay**.
 
 > [!TIP]
-> Pausing an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch uses Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned) for more details.</p>
+> Pausing an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch uses Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
 
 ## Rollback
 

From 941f432ea03876c520802837f272eb4a4fe00166 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 31 Jan 2023 19:30:26 -0800
Subject: [PATCH 22/98] Update windows-autopatch-register-devices.md

---
 .../deploy/windows-autopatch-register-devices.md             | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
index ba4d431052..d79e596da9 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
@@ -114,7 +114,7 @@ A role defines the set of permissions granted to users assigned to that role. Yo
 
 For more information, see [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference) and [Role-based access control (RBAC) with Microsoft Intune](/mem/intune/fundamentals/role-based-access-control).
 
-If you want to assign less-privileged user accounts to perform specific tasks in the Windows Autopatch portal, such as register devices with the service, you can add these user accounts into one of the two Azure AD groups created during the tenant enrollment process:
+If you want to assign less-privileged user accounts to perform specific tasks in the Windows Autopatch portal, such as register devices with the service, you can add these user accounts into one of the two Azure AD groups created during the [tenant enrollment](../prepare/windows-autopatch-enroll-tenant.md)process:
 
 | Role | Discover devices | Modify columns | Refresh device list | Export to .CSV | Device actions |
 | ----- | ----- | ----- | ----- | ----- | ----- |
@@ -122,8 +122,7 @@ If you want to assign less-privileged user accounts to perform specific tasks in
 | Modern Workplace Roles - Service Reader | No | Yes | Yes | Yes | No |
 
 > [!TIP]
-> If adding less-privileged user accounts into the **Modern Workplace Roles - Service Administrator** Azure AD group, it's also recommended to add the same users as owners of the **Windows Autopatch Device Registration** Azure AD group so these user accounts can add new devices as members of the group for registration purposes.
-> See [assign an owner of member of a group in Azure AD](https://learn.microsoft.com/azure/active-directory/privileged-identity-management/groups-assign-member-owner#assign-an-owner-or-member-of-a-group) for more details.
+> If you're adding less-privileged user accounts into the **Modern Workplace Roles - Service Administrator** Azure AD group, it's recommended to add the same users as owners of the **Windows Autopatch Device Registration** Azure AD group. Owners of the **Windows Autopatch Device Registration** Azure AD group can add new devices as members of the group for registration purposes.<p>For more information, see [assign an owner of member of a group in Azure AD](https://learn.microsoft.com/azure/active-directory/privileged-identity-management/groups-assign-member-owner#assign-an-owner-or-member-of-a-group).</p>
 
 ## Details about the device registration process
 

From 4381235b338390d4fe8df16021ebf55a9e7536da Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 31 Jan 2023 19:31:20 -0800
Subject: [PATCH 23/98] Update windows-autopatch-fu-overview.md

---
 .../windows-autopatch/operate/windows-autopatch-fu-overview.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index 1bfeaa20e7..451a64865c 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -78,7 +78,7 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 8. If you're resuming an update, you can select one or more deployment rings.
 9. Select **Okay**.
 
-> [!TIP]
+> [!NOTE]
 > Pausing an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch uses Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
 
 ## Rollback

From 44ef591d51c2e2ee825a26df57036a123abaef90 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 31 Jan 2023 19:34:11 -0800
Subject: [PATCH 24/98] Update windows-autopatch-register-devices.md

---
 .../deploy/windows-autopatch-register-devices.md                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
index d79e596da9..28a153cbc5 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
@@ -122,7 +122,7 @@ If you want to assign less-privileged user accounts to perform specific tasks in
 | Modern Workplace Roles - Service Reader | No | Yes | Yes | Yes | No |
 
 > [!TIP]
-> If you're adding less-privileged user accounts into the **Modern Workplace Roles - Service Administrator** Azure AD group, it's recommended to add the same users as owners of the **Windows Autopatch Device Registration** Azure AD group. Owners of the **Windows Autopatch Device Registration** Azure AD group can add new devices as members of the group for registration purposes.<p>For more information, see [assign an owner of member of a group in Azure AD](https://learn.microsoft.com/azure/active-directory/privileged-identity-management/groups-assign-member-owner#assign-an-owner-or-member-of-a-group).</p>
+> If you're adding less-privileged user accounts into the **Modern Workplace Roles - Service Administrator** Azure AD group, it's recommended to add the same users as owners of the **Windows Autopatch Device Registration** Azure AD group. Owners of the **Windows Autopatch Device Registration** Azure AD group can add new devices as members of the group for registration purposes.<p>For more information, see [assign an owner of member of a group in Azure AD](/azure/active-directory/privileged-identity-management/groups-assign-member-owner#assign-an-owner-or-member-of-a-group).</p>
 
 ## Details about the device registration process
 

From af1b438a7376d5dccdaf01dd32ee977bc2a63b48 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 31 Jan 2023 19:35:37 -0800
Subject: [PATCH 25/98] Update windows-autopatch-register-devices.md

---
 .../deploy/windows-autopatch-register-devices.md                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
index 28a153cbc5..2a1201f79a 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
@@ -114,7 +114,7 @@ A role defines the set of permissions granted to users assigned to that role. Yo
 
 For more information, see [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference) and [Role-based access control (RBAC) with Microsoft Intune](/mem/intune/fundamentals/role-based-access-control).
 
-If you want to assign less-privileged user accounts to perform specific tasks in the Windows Autopatch portal, such as register devices with the service, you can add these user accounts into one of the two Azure AD groups created during the [tenant enrollment](../prepare/windows-autopatch-enroll-tenant.md)process:
+If you want to assign less-privileged user accounts to perform specific tasks in the Windows Autopatch portal, such as register devices with the service, you can add these user accounts into one of the two Azure AD groups created during the [tenant enrollment](../prepare/windows-autopatch-enroll-tenant.md) process:
 
 | Role | Discover devices | Modify columns | Refresh device list | Export to .CSV | Device actions |
 | ----- | ----- | ----- | ----- | ----- | ----- |

From 1f6362411232fb947fcd1e2ed69587d7fe265d21 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 1 Feb 2023 06:37:04 -0800
Subject: [PATCH 26/98] Updated with RBAC change

---
 .../whats-new/windows-autopatch-whats-new-2023.md         | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
index 265777e93b..9bed5c29cd 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
@@ -18,6 +18,14 @@ This article lists new and updated feature releases, and service releases, with
 
 Minor corrections such as typos, style, or formatting issues aren't listed.
 
+## February 2023
+
+### February feature releases or updates
+
+| Article | Description |
+| ----- | ----- |
+| [Register your devices](../deploy/windows-autopatch-register-devices.md) |<ul><li>Removed Modern Workplace Intune Administrator role from the Built-in roles required for registration section.</li><li>Added more information about assigning less-privileged user accounts</li></ul> |
+
 ## January 2023
 
 ### January feature releases or updates

From ac116e4791a59d16ad5f4ac0835f0bda26b330fe Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Wed, 1 Feb 2023 06:52:49 -0800
Subject: [PATCH 27/98] Update windows-autopatch-whats-new-2023.md

---
 .../whats-new/windows-autopatch-whats-new-2023.md               | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
index 9bed5c29cd..31b0c56041 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
@@ -24,7 +24,7 @@ Minor corrections such as typos, style, or formatting issues aren't listed.
 
 | Article | Description |
 | ----- | ----- |
-| [Register your devices](../deploy/windows-autopatch-register-devices.md) |<ul><li>Removed Modern Workplace Intune Administrator role from the Built-in roles required for registration section.</li><li>Added more information about assigning less-privileged user accounts</li></ul> |
+| [Register your devices](../deploy/windows-autopatch-register-devices.md) |<ul><li>Updated the Built-in roles required for registration section.</li><li>Added more information about assigning less-privileged user accounts</li></ul> |
 
 ## January 2023
 

From 864ef0edd6b47719353601996b2b2ea2d682ad46 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Wed, 1 Feb 2023 10:46:50 -0500
Subject: [PATCH 28/98] Update policy description

---
 .../mdm/policy-csp-search.md                  | 25 ++++++++++++++-----
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-search.md b/windows/client-management/mdm/policy-csp-search.md
index aff14c3859..f9417a9616 100644
--- a/windows/client-management/mdm/policy-csp-search.md
+++ b/windows/client-management/mdm/policy-csp-search.md
@@ -4,7 +4,7 @@ description: Learn more about the Search Area in Policy CSP.
 author: vinaypamnani-msft
 manager: aaroncz
 ms.author: vinpa
-ms.date: 01/30/2023
+ms.date: 02/01/2023
 ms.localizationpriority: medium
 ms.prod: windows-client
 ms.technology: itpro-manage
@@ -655,9 +655,18 @@ The most restrictive value is `0` to now allow automatic language detection.
 <!-- ConfigureSearchOnTaskbarMode-OmaUri-End -->
 
 <!-- ConfigureSearchOnTaskbarMode-Description-Begin -->
-<!-- Description-Source-DDF -->
-Configures search on the taskbar.
-- If you disable this policy setting or do not configure it, users can see and change this setting.
+<!-- Description-Source-ADMX-Forced -->
+This policy setting allows you to configure search on the taskbar.
+
+- If you enable this policy setting and set it to hide, search on taskbar will be hidden by default. Users cannot change it in Settings.
+
+- If you enable this policy setting and set it to search icon only, the search icon will be displayed on the taskbar by default. Users cannot change it in Settings.
+
+- If you enable this policy setting and set it to search icon and label, the search icon and label will be displayed on the taskbar by default. Users cannot change it in Settings.
+
+- If you enable this policy setting and set it to search box, the search box will be displayed on the taskbar by default. Users cannot change it in Settings.
+
+- If you disable or do not configure this policy setting, search on taskbar will be configured according to the defaults for your Windows edition. Users will be able to change search on taskbar in Settings.
 <!-- ConfigureSearchOnTaskbarMode-Description-End -->
 
 <!-- ConfigureSearchOnTaskbarMode-Editable-Begin -->
@@ -691,8 +700,12 @@ Configures search on the taskbar.
 | Name | Value |
 |:--|:--|
 | Name | ConfigureSearchOnTaskbarMode |
-| Path | Search > AT > WindowsComponents > Search |
-| Element Name | ConfigureSearchOnTaskbarMode_Dropdown |
+| Friendly Name | Configures search on the taskbar |
+| Element Name | Search on the taskbar |
+| Location | Computer Configuration |
+| Path | Windows Components > Search |
+| Registry Key Name | Software\Policies\Microsoft\Windows\Windows Search |
+| ADMX File Name | Search.admx |
 <!-- ConfigureSearchOnTaskbarMode-GpMapping-End -->
 
 <!-- ConfigureSearchOnTaskbarMode-Examples-Begin -->

From 1b47600fc4509ab30b6a36db1c18e68901073b19 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 1 Feb 2023 09:22:50 -0800
Subject: [PATCH 29/98] Updated Changes made at tenant enrollment to reflect
 new Feature update policies.

---
 .../windows-autopatch-fu-end-user-exp.md       |  8 ++++----
 .../windows-autopatch-changes-to-tenant.md     | 18 +++++++++---------
 2 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-end-user-exp.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-end-user-exp.md
index dec4bcff3a..858f6b8c7a 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-end-user-exp.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-end-user-exp.md
@@ -29,11 +29,11 @@ In this section we'll review what an end user would see in the following three s
 
 ### Typical update experience
 
-In this example, we'll be discussing a device in the First ring. The Autopatch service updates the First ring’s DSS policy to target the next version of Windows 30 days after the start of the release. When the policy is applied to the device, the device will download the update, and notify end users that the new version of Windows is ready to install. The end user can either:
+In this example, we'll be discussing a device in the First ring. When the policy is applied to the device, the device will download the update, and notify end users that the new version of Windows is ready to install. The end user can either:
 
-1. Restart immediately to install the updates
-1. Schedule the installation, or
-1. Snooze (the device will attempt to install outside of active hours.)
+1. Restart immediately to install the updates.
+2. Schedule the installation.
+3. Snooze (the device will attempt to install outside of active hours).
 
 In the following example, the user schedules the restart and is notified 15 minutes prior to the scheduled restart time. The user can reschedule, if necessary, but isn't able to reschedule past the deadline.
 
diff --git a/windows/deployment/windows-autopatch/references/windows-autopatch-changes-to-tenant.md b/windows/deployment/windows-autopatch/references/windows-autopatch-changes-to-tenant.md
index 3b6cc306de..5155521cf1 100644
--- a/windows/deployment/windows-autopatch/references/windows-autopatch-changes-to-tenant.md
+++ b/windows/deployment/windows-autopatch/references/windows-autopatch-changes-to-tenant.md
@@ -78,18 +78,18 @@ Windows Autopatch will create Azure Active Directory groups that are required to
 
 ## Feature update policies
 
-- Modern Workplace DSS Policy [Test]
-- Modern Workplace DSS Policy [First]
-- Modern Workplace DSS Policy [Fast]
-- Modern Workplace DSS Policy [Broad]
-- Modern Workplace DSS Policy [Windows 11]
+- Windows Autopatch - DSS Policy [Test]
+- Windows Autopatch - DSS Policy [First]
+- Windows Autopatch - DSS Policy [Fast]
+- Windows Autopatch - DSS Policy [Broad]
+- Windows Autopatch - DSS Policy [Windows 11]
 
 | Policy name | Policy description | Value |
 | ----- | ----- | ----- |
-| Modern Workplace DSS Policy [Test] | DSS policy for Test device group | Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li></ul><br>Exclude from:<ul><li>Modern Workplace - Windows 11 Pre-Release Test Devices</li></ul>|
-| Modern Workplace DSS Policy [First] | DSS policy for First device group | Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace - Windows 11 Pre-Release Test Devices</li> |
-| Modern Workplace DSS Policy [Fast] | DSS policy for Fast device group | Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Fast</li></ul><br>Exclude from:<ul><li>Modern Workplace - Windows 11 Pre-Release Test Devices</li></ul> |
-| Modern Workplace DSS Policy [Broad] | DSS policy for Broad device group | Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul><br>Exclude from:<ul><li>Modern Workplace - Windows 11 Pre-Release Test Devices</li></ul>|
+| Windows Autopatch - DSS Policy [Test] | DSS policy for Test device group | Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li></ul><br>Exclude from:<ul><li>Modern Workplace - Windows 11 Pre-Release Test Devices</li></ul>|
+| Windows Autopatch - DSS Policy [First] | DSS policy for First device group | Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace - Windows 11 Pre-Release Test Devices</li> |
+| Windows Autopatch - DSS Policy [Fast] | DSS policy for Fast device group | Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Fast</li></ul><br>Exclude from:<ul><li>Modern Workplace - Windows 11 Pre-Release Test Devices</li></ul> |
+| Windows Autopatch - Policy [Broad] | DSS policy for Broad device group | Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul><br>Exclude from:<ul><li>Modern Workplace - Windows 11 Pre-Release Test Devices</li></ul>|
 | Modern Workplace DSS Policy [Windows 11] | Windows 11 DSS policy | Assigned to:<ul><li>Modern Workplace - Windows 11 Pre-Release Test Devices</li></ul>|
 
 ## Microsoft Office update policies

From c19495ec0e5ab87045eece70af0a6cbfbcbfa163 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 1 Feb 2023 09:26:40 -0800
Subject: [PATCH 30/98] Updated Whats new with new DSS policies

---
 .../whats-new/windows-autopatch-whats-new-2023.md                | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
index 31b0c56041..5f09e58ac0 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
@@ -24,6 +24,7 @@ Minor corrections such as typos, style, or formatting issues aren't listed.
 
 | Article | Description |
 | ----- | ----- |
+| [Changes made at tenant enrollment](../references/windows-autopatch-changes-to-tenant.md) | Updated Feature update policies section with Windows Autopatch - DSS Policy [deployment ring] |
 | [Register your devices](../deploy/windows-autopatch-register-devices.md) |<ul><li>Updated the Built-in roles required for registration section.</li><li>Added more information about assigning less-privileged user accounts</li></ul> |
 
 ## January 2023

From c1f500dfbe51afb1c427321822581787ec030f5f Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Wed, 1 Feb 2023 14:25:48 -0500
Subject: [PATCH 31/98] Add preview note

---
 windows/client-management/mdm/policy-csp-search.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/client-management/mdm/policy-csp-search.md b/windows/client-management/mdm/policy-csp-search.md
index f9417a9616..00120ee4f2 100644
--- a/windows/client-management/mdm/policy-csp-search.md
+++ b/windows/client-management/mdm/policy-csp-search.md
@@ -16,6 +16,9 @@ ms.topic: reference
 <!-- Search-Begin -->
 # Policy CSP - Search
 
+> [!IMPORTANT]
+> This CSP contains preview policies that are under development and only applicable for [Windows Insider Preview builds](/windows-insider/). These policies are subject to change and may have dependencies on other features or services in preview.
+
 <!-- Search-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- Search-Editable-End -->

From dce7d54d3cd5d7ab17bb57071860b3cc57d03923 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 1 Feb 2023 11:32:51 -0800
Subject: [PATCH 32/98] Tweaks based on feedback

---
 windows/deployment/windows-autopatch/TOC.yml          |  4 ++--
 .../operate/windows-autopatch-fu-end-user-exp.md      | 11 ++++++++++-
 .../operate/windows-autopatch-wqu-communications.md   |  4 ++--
 .../operate/windows-autopatch-wqu-signals.md          |  2 +-
 4 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/windows/deployment/windows-autopatch/TOC.yml b/windows/deployment/windows-autopatch/TOC.yml
index c16dff950a..718c174a5f 100644
--- a/windows/deployment/windows-autopatch/TOC.yml
+++ b/windows/deployment/windows-autopatch/TOC.yml
@@ -54,6 +54,8 @@
                       href: operate/windows-autopatch-wqu-end-user-exp.md
                     - name: Windows quality update signals
                       href: operate/windows-autopatch-wqu-signals.md
+                    - name: Windows quality update communications
+                      href: operate/windows-autopatch-wqu-communications.md
                     - name: Windows quality update reports
                       href: operate/windows-autopatch-wqu-reports-overview.md
                       items:
@@ -72,8 +74,6 @@
                   items:
                     - name: Windows feature update end user experience
                       href: operate/windows-autopatch-fu-end-user-exp.md
-                - name: Windows quality and feature update communications
-                  href: operate/windows-autopatch-wqu-communications.md
             - name: Microsoft 365 Apps for enterprise
               href: operate/windows-autopatch-microsoft-365-apps-enterprise.md
             - name: Microsoft Edge
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-end-user-exp.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-end-user-exp.md
index 858f6b8c7a..65e90a8a96 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-end-user-exp.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-end-user-exp.md
@@ -51,7 +51,16 @@ The deadline specified in the update policy is five days. Therefore, once this d
 
 In the following example, the user is on holiday and the device is offline beyond the feature update deadline. The user then returns to work and the device is turned back on.
 
-Since the deadline has already passed, the device is granted a two-day grace period to install the update and restart. The user will be notified of a pending installation and given options to choose from. Once the two-day grace period has expired, the user is forced to restart with a 15-minute warning notification.
+The grace period to install the update and restart depends on the deployment ring the device is assigned to:
+
+| Deployment ring | Grace period (in days) |
+| ----- | ----- |
+| Test | Zero days |
+| First | Two days |
+| Fast | Two days |
+| Broad | Two days |
+
+The user will be notified of a pending installation and given options to choose from. Once the grace period has expired, the user is forced to restart with a 15-minute warning notification.
 
 :::image type="content" source="../media/windows-feature-update-grace-period.png" alt-text="Windows feature update grace period" lightbox="../media/windows-feature-update-grace-period.png":::
 
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-communications.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-communications.md
index e0b5a5f133..2670ca8b39 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-communications.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-communications.md
@@ -1,5 +1,5 @@
 ---
-title: Windows quality and feature update communications
+title: Windows quality update communications
 description: This article explains Windows quality update communications
 ms.date: 05/30/2022
 ms.prod: windows-client
@@ -12,7 +12,7 @@ manager: dougeby
 msreviewer: hathind
 ---
 
-# Windows quality and feature update communications
+# Windows quality update communications
 
 There are three categories of communication that are sent out during a Windows quality and feature update:
 
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-signals.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-signals.md
index b27a0d0447..c715c4e960 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-signals.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-signals.md
@@ -56,4 +56,4 @@ Autopatch monitors the following reliability signals:
 | Microsoft Edge reliability | Tracks the number of Microsoft Edge crashes and freezes per device. |
 | Microsoft Teams reliability | Tracks the number of Microsoft Teams crashes and freezes per device. |
 
-When the update is released to the First ring, the service crosses the 500 device threshold. Therefore, Autopatch can to detect regressions, which are common to all customers. At this point in the release, we'll decide if we need to change the release schedule or pause for all customers.
+When the update is released to the First ring, the service crosses the 500 device threshold. Therefore, Autopatch can detect regressions that are common to all customers. At this point in the release, we'll decide if we need to change the release schedule or pause for all customers.

From fa4d66cc729c873df724278c96e5a4925a2cf88b Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 1 Feb 2023 11:38:40 -0800
Subject: [PATCH 33/98] Tweak.

---
 .../operate/windows-autopatch-wqu-communications.md       | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-communications.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-communications.md
index 2670ca8b39..9fc28bcbbb 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-communications.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-communications.md
@@ -20,7 +20,11 @@ There are three categories of communication that are sent out during a Windows q
 - [Communications during release](#communications-during-release)
 - [Incident communications](#incident-communications)
 
-Communications are posted to Message center, Service health dashboard, and the Windows Autopatch messages section of the Microsoft Endpoint Manager admin center as appropriate for the type of communication.  
+Communications are posted to, as appropriate for the type of communication, to the:
+
+- Message center
+- Service health dashboard
+- Windows Autopatch messages section of the Microsoft Endpoint Manager admin center 
 
 :::image type="content" source="../media/update-communications.png" alt-text="Update communications timeline" lightbox="../media/update-communications.png":::
 
@@ -42,4 +46,4 @@ For example, new threat intelligence may require us to expedite a release, or we
 
 ## Incident communications
 
-Despite the best intentions, every service should plan for failure and success. When there's an incident, timely and transparent communication is key to building and maintaining your trust. If insufficient numbers of devices have been updated to meet the service level objective, devices will experience an interruption to productivity and an incident will be raised. Microsoft will update the status of the incident at least once every 24 hours.
+Despite the best intentions, every service should plan for failure and success. When there's an incident, timely and transparent communication is key to building and maintaining your trust. If insufficient numbers of devices have been updated to meet the service level objective, devices will experience an interruption to productivity, and an incident will be raised. Microsoft will update the status of the incident at least once every 24 hours.

From 90a492de59b80a276b30b4759bf67125efdf9224 Mon Sep 17 00:00:00 2001
From: Andre Della Monica <andredm@microsoft.com>
Date: Wed, 1 Feb 2023 15:32:55 -0600
Subject: [PATCH 34/98] More updates

---
 .../operate/windows-autopatch-fu-overview.md  | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index 451a64865c..c29fcd0299 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -14,22 +14,21 @@ msreviewer: andredm7
 
 # Windows feature updates
 
-Microsoft provides robust modern device management (MDM) solutions such as Microsoft Intune, Windows Update for Business, Configuration Manager etc. However, the administration of these solutions to keep Windows devices up to date with the latest Windows feature releases rests on your organization’s IT admins. The Windows feature update process is considered one of the most expensive and fundamental tasks by IT organizations because Windows feature updates provide:
+Microsoft provides robust mobile device management (MDM) solutions such as Microsoft Intune, Windows Update for Business, Configuration Manager etc. However, the administration of these solutions to keep Windows devices up to date with the latest Windows feature releases rests on your organization’s IT admins. The Windows feature update process is considered one of the most expensive and time consuming tasks for IT since it requires incremental rollout and validation.
 
-- Fixes for security vulnerabilities and known bugs to keep Windows devices protected against advanced malicious attacks.
+- Fixes known bugs to keep Windows devices protected against behavioral issues.
 - New features to boost end-user productivity.
 
 Windows Autopatch makes it easier and less expensive for you to keep your Windows devices up to date so you can focus on running your core businesses while Windows Autopatch runs update management on your behalf.
 
 ## Enforcing a minimum Windows OS version
 
-Once devices are registered with Windows Autopatch, they’re assigned to deployment rings. Each deployment ring has its Windows feature update policy assigned to them.
+Once devices are registered with Windows Autopatch, they’re assigned to deployment rings. Each of the four deployment rings have its Windows feature update policy assigned to them. This is intended to minimize unexpected Windows OS upgrades once new devices register with the service.
 
 The policies:
 
 - Contain the minimum Windows 10 version being currently serviced by the [Windows servicing channels](/windows/release-health/release-information?msclkid=ee885719baa511ecb838e1a689da96d2). The current minimum OS version is **Windows 10 20H2**.
 - Set a bare minimum Windows OS version required by the service once devices are registered with the service.
-- Minimize unexpected Windows OS upgrades once new devices register with Windows Autopatch.
 
 If a device is registered with Windows Autopatch, and the device is:
 
@@ -50,17 +49,23 @@ If your tenant is enrolled with Windows Autopatch, you can see the following pol
 > [!IMPORTANT]
 > If you’re ahead of the current minimum OS version enforced by Windows Autopatch in your organization, you can [edit Windows Autopatch’s default Windows feature update policy and select your desired targeted version](/mem/intune/protect/windows-10-feature-updates#create-and-assign-feature-updates-for-windows-10-and-later-policy).
 
+> [!NOTE]
+> The four minimum Windows 10 OS version feature update policies were introduced in Windows Autopatch in the 2212 release milestone. Its creation automatically unassigns the previous four feature update policies targeting Windows 10 21H2 from all four Windows Autopatch deployment rings:<p>**Modern Workplace DSS Policy [Test]**</p><p>**Modern Workplace DSS Policy [First]**</p><p>**Modern Workplace DSS Policy [Fast]**</p><p>**Modern Workplace DSS Policy [Broad]**</p><p>Since the new feature update policies setting the minimum Windows 10 OS version are in place, the policies above can be removed from your tenant.</p>
+
 ## Test Windows 11 feature updates
 
-You can test Windows 11 deployments by adding devices either through direct membership or by bulk importing them into the Modern Workplace - Windows 11 Pre-Release Test Devices Azure AD group. There’s a separate Windows feature update policy (**Modern Workplace DSS Policy [Windows 11]**) targeted to this Azure AD group, and its configuration is set as follows:
+You can test Windows 11 deployments by adding devices either through direct membership or by bulk importing them into the **Modern Workplace - Windows 11 Pre-Release Test Devices** Azure AD group. There’s a separate Windows feature update policy (**Modern Workplace DSS Policy [Windows 11]**) targeted to this Azure AD group, and its configuration is set as follows:
 
 | Policy name | Feature update version | Rollout options | First deployment ring availability | Final deployment ring availability | Day between deployment rings | Support end date |
 | ----- | ----- | ----- | ----- | ----- | ----- | ----- |
 | Modern Workplace DSS Policy [Windows 11] | Windows 11 22H2 | Make update available as soon as possible | N/A | N/A | N/A | 10/13/2025, 7:00PM |
 
+> [!IMPORTANT]
+> Windows Autopatch neither applies its deployment ring distribution, nor configure [Windows Update for Business gradual rollout settings](https://learn.microsoft.com/mem/intune/protect/windows-update-rollout-options) in the Feature update policy **Modern Workplace DSS Policy [Windows 11]**.<p>Once devices are added into the **Modern Workplace - Windows 11 Pre-Release Test Devices** Azure AD group, they can all apply the Windows 11 22H2 feature update with no gradual rollout or deployment ring capabilities.</p>
+
 ## Manage Windows feature update deployments
 
-Windows Autopatch uses Microsoft Intune’s built-in solution, which uses configuration service providers (CSPs), for pausing and resuming both [Windows quality](windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release) and feature updates.
+Windows Autopatch uses Microsoft Intune’s built-in solution, which uses configuration service providers (CSPs), for pausing and resuming both [Windows quality and feature updates](windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release).
 
 Windows Autopatch provides a permanent pause of a Windows feature update deployment. The Windows Autopatch service automatically extends the 35 day pause limit (permanent pause) established by Microsoft Intune on your behalf. The deployment remains permanently paused until you decide to resume it.
 
@@ -86,7 +91,7 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 Windows Autopatch doesn’t support the rollback of Windows Feature updates.
 
 > [!CAUTION]
-> It’s not recommended to use [Microsoft Intune’s capabilities](/mem/intune/protect/windows-10-update-rings#manage-your-windows-update-rings) to pause and rollback a Windows feature update. However, if you choose to pause, resume and/or roll back from Intune, Windows Autopatch is **not** responsible for any problems that arise from rolling back the feature update.
+> It’s not recommended to use [Microsoft Intune’s capabilities](/mem/intune/protect/windows-10-update-rings#manage-your-windows-update-rings) to pause and rollback a Windows feature update. However, if you choose to pause, resume and/or roll back from Intune, Windows Autopatch is **not** responsible for any problems that arise from rolling back the Windows feature update.
 
 ## Contact support
 

From 0d5112966455ae88d50e37a42ff8ece18c3ae782 Mon Sep 17 00:00:00 2001
From: Andre Della Monica <andredm@microsoft.com>
Date: Wed, 1 Feb 2023 15:46:24 -0600
Subject: [PATCH 35/98] More updates

---
 .../operate/windows-autopatch-fu-overview.md                | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index c29fcd0299..12c9c732f1 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -50,7 +50,7 @@ If your tenant is enrolled with Windows Autopatch, you can see the following pol
 > If you’re ahead of the current minimum OS version enforced by Windows Autopatch in your organization, you can [edit Windows Autopatch’s default Windows feature update policy and select your desired targeted version](/mem/intune/protect/windows-10-feature-updates#create-and-assign-feature-updates-for-windows-10-and-later-policy).
 
 > [!NOTE]
-> The four minimum Windows 10 OS version feature update policies were introduced in Windows Autopatch in the 2212 release milestone. Its creation automatically unassigns the previous four feature update policies targeting Windows 10 21H2 from all four Windows Autopatch deployment rings:<p>**Modern Workplace DSS Policy [Test]**</p><p>**Modern Workplace DSS Policy [First]**</p><p>**Modern Workplace DSS Policy [Fast]**</p><p>**Modern Workplace DSS Policy [Broad]**</p><p>Since the new feature update policies setting the minimum Windows 10 OS version are in place, the policies above can be removed from your tenant.</p>
+> The four minimum Windows 10 OS version feature update policies were introduced in Windows Autopatch in the 2212 release milestone. Its creation automatically unassigns the previous four feature update policies targeting Windows 10 21H2 from all four Windows Autopatch deployment rings:<p>**Modern Workplace DSS Policy [Test]**</p><p>**Modern Workplace DSS Policy [First]**</p><p>**Modern Workplace DSS Policy [Fast]**</p><p>**Modern Workplace DSS Policy [Broad]**</p><p>Since the new feature update policies setting the minimum Windows 10 OS version are already in place, the policies above can be safely removed from your tenant.</p>
 
 ## Test Windows 11 feature updates
 
@@ -67,7 +67,7 @@ You can test Windows 11 deployments by adding devices either through direct memb
 
 Windows Autopatch uses Microsoft Intune’s built-in solution, which uses configuration service providers (CSPs), for pausing and resuming both [Windows quality and feature updates](windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release).
 
-Windows Autopatch provides a permanent pause of a Windows feature update deployment. The Windows Autopatch service automatically extends the 35 day pause limit (permanent pause) established by Microsoft Intune on your behalf. The deployment remains permanently paused until you decide to resume it.
+Windows Autopatch provides a permanent pause of a Windows feature update deployment. The Windows Autopatch service automatically extends the 35-day pause limit (permanent pause) established by Microsoft Intune on your behalf. The deployment remains permanently paused until you decide to resume it.
 
 ## Pausing and resuming a release
 
@@ -84,7 +84,7 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 9. Select **Okay**.
 
 > [!NOTE]
-> Pausing an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch uses Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
+> Pausing or resuming an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch uses Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
 
 ## Rollback
 

From 12f09b4ff04b32078eee6485480b9adf1ec3fa36 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Wed, 1 Feb 2023 14:03:50 -0800
Subject: [PATCH 36/98] Update windows-autopatch-fu-overview.md

---
 .../operate/windows-autopatch-fu-overview.md                | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index 12c9c732f1..b8c1b604fe 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -50,7 +50,7 @@ If your tenant is enrolled with Windows Autopatch, you can see the following pol
 > If you’re ahead of the current minimum OS version enforced by Windows Autopatch in your organization, you can [edit Windows Autopatch’s default Windows feature update policy and select your desired targeted version](/mem/intune/protect/windows-10-feature-updates#create-and-assign-feature-updates-for-windows-10-and-later-policy).
 
 > [!NOTE]
-> The four minimum Windows 10 OS version feature update policies were introduced in Windows Autopatch in the 2212 release milestone. Its creation automatically unassigns the previous four feature update policies targeting Windows 10 21H2 from all four Windows Autopatch deployment rings:<p>**Modern Workplace DSS Policy [Test]**</p><p>**Modern Workplace DSS Policy [First]**</p><p>**Modern Workplace DSS Policy [Fast]**</p><p>**Modern Workplace DSS Policy [Broad]**</p><p>Since the new feature update policies setting the minimum Windows 10 OS version are already in place, the policies above can be safely removed from your tenant.</p>
+> The four minimum Windows 10 OS version feature update policies were introduced in Windows Autopatch in the 2212 release milestone. Its creation automatically unassigns the previous four feature update policies targeting Windows 10 21H2 from all four Windows Autopatch deployment rings:<ul><li>**Modern Workplace DSS Policy [Test]**</li><li>**Modern Workplace DSS Policy [First]**</li><li>**Modern Workplace DSS Policy [Fast]**</li><li>**Modern Workplace DSS Policy [Broad]**</li><p>Since the new Windows feature update policies that set the minimum Windows 10 OS version are already in place, the Modern Workplace DSS policies can be safely removed from your tenant.</p>
 
 ## Test Windows 11 feature updates
 
@@ -61,11 +61,11 @@ You can test Windows 11 deployments by adding devices either through direct memb
 | Modern Workplace DSS Policy [Windows 11] | Windows 11 22H2 | Make update available as soon as possible | N/A | N/A | N/A | 10/13/2025, 7:00PM |
 
 > [!IMPORTANT]
-> Windows Autopatch neither applies its deployment ring distribution, nor configure [Windows Update for Business gradual rollout settings](https://learn.microsoft.com/mem/intune/protect/windows-update-rollout-options) in the Feature update policy **Modern Workplace DSS Policy [Windows 11]**.<p>Once devices are added into the **Modern Workplace - Windows 11 Pre-Release Test Devices** Azure AD group, they can all apply the Windows 11 22H2 feature update with no gradual rollout or deployment ring capabilities.</p>
+> Windows Autopatch neither applies its deployment ring distribution, nor configures the [Windows Update for Business gradual rollout settings](/mem/intune/protect/windows-update-rollout-options) in the **Modern Workplace DSS Policy [Windows 11]** policy.<p>Once devices are added to the **Modern Workplace - Windows 11 Pre-Release Test Devices** Azure AD group, the devices can be offered the Windows 11 22H2 feature update at the same time.</p>
 
 ## Manage Windows feature update deployments
 
-Windows Autopatch uses Microsoft Intune’s built-in solution, which uses configuration service providers (CSPs), for pausing and resuming both [Windows quality and feature updates](windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release).
+Windows Autopatch uses Microsoft Intune’s built-in solution, which uses configuration service providers (CSPs), for pausing and resuming both [Windows quality](windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release).
 
 Windows Autopatch provides a permanent pause of a Windows feature update deployment. The Windows Autopatch service automatically extends the 35-day pause limit (permanent pause) established by Microsoft Intune on your behalf. The deployment remains permanently paused until you decide to resume it.
 

From fd3a80d1d5652335e0c8e3741fe2eb538dd192e1 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Wed, 1 Feb 2023 14:09:03 -0800
Subject: [PATCH 37/98] Update windows-autopatch-fu-overview.md

---
 .../operate/windows-autopatch-fu-overview.md                | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
index b8c1b604fe..64f6442d2d 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
@@ -14,10 +14,10 @@ msreviewer: andredm7
 
 # Windows feature updates
 
-Microsoft provides robust mobile device management (MDM) solutions such as Microsoft Intune, Windows Update for Business, Configuration Manager etc. However, the administration of these solutions to keep Windows devices up to date with the latest Windows feature releases rests on your organization’s IT admins. The Windows feature update process is considered one of the most expensive and time consuming tasks for IT since it requires incremental rollout and validation.
+Microsoft provides robust mobile device management (MDM) solutions such as Microsoft Intune, Windows Update for Business, Configuration Manager etc. However, the administration of these solutions to keep Windows devices up to date with the latest Windows feature releases rests on your organization’s IT admins. The Windows feature update process is considered one of the most expensive and time consuming tasks for IT since it requires incremental rollout and validation. Windows feature updates:
 
-- Fixes known bugs to keep Windows devices protected against behavioral issues.
-- New features to boost end-user productivity.
+- Keep Windows devices protected against behavioral issues.
+- Provide new features to boost end-user productivity.
 
 Windows Autopatch makes it easier and less expensive for you to keep your Windows devices up to date so you can focus on running your core businesses while Windows Autopatch runs update management on your behalf.
 

From 88ca572ece1a27f46b1590e7dd81fcdff59dee41 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 1 Feb 2023 14:39:00 -0800
Subject: [PATCH 38/98] Tweak from Harman.

---
 .../prepare/windows-autopatch-fix-issues.md                 | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md b/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md
index 8e9d0f1a63..776fb296c0 100644
--- a/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md
+++ b/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md
@@ -45,13 +45,13 @@ This setting must be turned on to avoid a "lack of permissions" error when we in
 | ----- | ----- |
 | Not ready | Allow access to unlicensed admins should be turned on. Without this setting enabled, errors can occur when we try to access your Azure AD organization for service. You can safely enable this setting without worrying about security implications. The scope of access is defined by the roles assigned to users, including our operations staff.<p><p>For more information, see [Unlicensed admins](/mem/intune/fundamentals/unlicensed-admins). |
 
-### Deployment rings for Windows 10 or later
+### Windows 10 and later update rings
 
-Your "Windows 10 deployment ring" policy in Intune must not target any Windows Autopatch devices.
+Your "Windows 10 and later update ring" policy in Intune must not target any Windows Autopatch devices.
 
 | Result | Meaning |
 | ----- | ----- |
-| Not ready | You have an "update ring" policy that targets all devices, all users, or both.<p>To resolve, change the policy to use an assignment that targets a specific Azure Active Directory (AD) group that doesn't include any Windows Autopatch devices.</p><p>For more information, see [Manage Windows 10 software updates in Intune](/mem/intune/protect/windows-update-for-business-configure).</p> |
+| Not ready | You have an "update ring" policy that targets all devices, all users, or both.<p>To resolve, change the policy to use an assignment that targets a specific Azure Active Directory (AD) group that doesn't include any Windows Autopatch devices.</p><p>For more information, see [Manage Windows 10 and later software updates in Intune](/mem/intune/protect/windows-update-for-business-configure).</p> |
 | Advisory | Both the **Modern Workplace Devices - All** and **Modern Workplace - All** Azure AD groups are groups that we create after you enroll in Windows Autopatch.<p>You can continue with enrollment. However, you must resolve the advisory prior to deploying your first device. To resolve the advisory, see [Maintain the Windows Autopatch environment](../operate/windows-autopatch-maintain-environment.md).</p>|
 
 ## Azure Active Directory settings

From b7ad1499d9eeb181607a09a8ec1a06da83c0dcc4 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 1 Feb 2023 17:18:53 -0800
Subject: [PATCH 39/98] Removed silly period

---
 .../whats-new/windows-autopatch-whats-new-2023.md               | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
index 5f09e58ac0..13f228bf15 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
@@ -25,7 +25,7 @@ Minor corrections such as typos, style, or formatting issues aren't listed.
 | Article | Description |
 | ----- | ----- |
 | [Changes made at tenant enrollment](../references/windows-autopatch-changes-to-tenant.md) | Updated Feature update policies section with Windows Autopatch - DSS Policy [deployment ring] |
-| [Register your devices](../deploy/windows-autopatch-register-devices.md) |<ul><li>Updated the Built-in roles required for registration section.</li><li>Added more information about assigning less-privileged user accounts</li></ul> |
+| [Register your devices](../deploy/windows-autopatch-register-devices.md) |<ul><li>Updated the Built-in roles required for registration section</li><li>Added more information about assigning less-privileged user accounts</li></ul> |
 
 ## January 2023
 

From 05a787077c858c12fa864bf93d475caa063f8f17 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 1 Feb 2023 17:28:50 -0800
Subject: [PATCH 40/98] Tweaks

---
 .openpublishing.redirection.json                       | 10 ++++++++++
 windows/deployment/windows-autopatch/TOC.yml           |  4 ++--
 ...> windows-autopatch-feature-update-end-user-exp.md} |  0
 ...md => windows-autopatch-feature-update-overview.md} |  0
 4 files changed, 12 insertions(+), 2 deletions(-)
 rename windows/deployment/windows-autopatch/operate/{windows-autopatch-fu-end-user-exp.md => windows-autopatch-feature-update-end-user-exp.md} (100%)
 rename windows/deployment/windows-autopatch/operate/{windows-autopatch-fu-overview.md => windows-autopatch-feature-update-overview.md} (100%)

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 711942e1d6..7e4e331ff7 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -20449,6 +20449,16 @@
       "source_path": "windows/security/identity-protection/hello-for-business/hello-event-300.md",
       "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-faq",
       "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md",
+      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-feature-update-overview",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-fu-end-user-exp.md",
+      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-feature-update-end-user-exp",
+      "redirect_document_id": true
     }
   ]
 }
diff --git a/windows/deployment/windows-autopatch/TOC.yml b/windows/deployment/windows-autopatch/TOC.yml
index 718c174a5f..7c75aa20cb 100644
--- a/windows/deployment/windows-autopatch/TOC.yml
+++ b/windows/deployment/windows-autopatch/TOC.yml
@@ -70,10 +70,10 @@
                         - name: Ineligible devices report—historical
                           href: operate/windows-autopatch-wqu-ineligible-devices-historical-report.md
                 - name: Windows feature updates
-                  href: operate/windows-autopatch-fu-overview.md
+                  href: operate/windows-autopatch-feature-update-overview.md
                   items:
                     - name: Windows feature update end user experience
-                      href: operate/windows-autopatch-fu-end-user-exp.md
+                      href: operate/windows-autopatch-feature-update-end-user-exp.md
             - name: Microsoft 365 Apps for enterprise
               href: operate/windows-autopatch-microsoft-365-apps-enterprise.md
             - name: Microsoft Edge
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-end-user-exp.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-feature-update-end-user-exp.md
similarity index 100%
rename from windows/deployment/windows-autopatch/operate/windows-autopatch-fu-end-user-exp.md
rename to windows/deployment/windows-autopatch/operate/windows-autopatch-feature-update-end-user-exp.md
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-feature-update-overview.md
similarity index 100%
rename from windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md
rename to windows/deployment/windows-autopatch/operate/windows-autopatch-feature-update-overview.md

From 10dac852930a2bcd0507e63d64447ce0a437cfc2 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 1 Feb 2023 17:58:38 -0800
Subject: [PATCH 41/98] Fixing broken links due to file renaming

---
 .openpublishing.redirection.json              | 59 ++++++++++++++++++-
 windows/deployment/windows-autopatch/TOC.yml  | 24 ++++----
 .../windows-autopatch-update-management.md    |  4 +-
 ...ch-windows-feature-update-end-user-exp.md} |  0
 ...opatch-windows-feature-update-overview.md} |  2 +-
 ...y-update-all-devices-historical-report.md} |  0
 ...dows-quality-update-all-devices-report.md} |  0
 ...-windows-quality-update-communications.md} |  0
 ...ate-eligible-devices-historical-report.md} |  0
 ...ch-windows-quality-update-end-user-exp.md} |  0
 ...e-ineligible-devices-historical-report.md} |  0
 ...opatch-windows-quality-update-overview.md} |  8 +--
 ...indows-quality-update-reports-overview.md} | 14 ++---
 ...topatch-windows-quality-update-signals.md} |  0
 ...ndows-quality-update-summary-dashboard.md} |  0
 .../overview/windows-autopatch-faq.yml        | 10 ++--
 .../overview/windows-autopatch-overview.md    |  6 +-
 ...ch-windows-update-unsupported-policies.md} |  0
 18 files changed, 91 insertions(+), 36 deletions(-)
 rename windows/deployment/windows-autopatch/operate/{windows-autopatch-feature-update-end-user-exp.md => windows-autopatch-windows-feature-update-end-user-exp.md} (100%)
 rename windows/deployment/windows-autopatch/operate/{windows-autopatch-feature-update-overview.md => windows-autopatch-windows-feature-update-overview.md} (97%)
 rename windows/deployment/windows-autopatch/operate/{windows-autopatch-wqu-all-devices-historical-report.md => windows-autopatch-windows-quality-update-all-devices-historical-report.md} (100%)
 rename windows/deployment/windows-autopatch/operate/{windows-autopatch-wqu-all-devices-report.md => windows-autopatch-windows-quality-update-all-devices-report.md} (100%)
 rename windows/deployment/windows-autopatch/operate/{windows-autopatch-wqu-communications.md => windows-autopatch-windows-quality-update-communications.md} (100%)
 rename windows/deployment/windows-autopatch/operate/{windows-autopatch-wqu-eligible-devices-historical-report.md => windows-autopatch-windows-quality-update-eligible-devices-historical-report.md} (100%)
 rename windows/deployment/windows-autopatch/operate/{windows-autopatch-wqu-end-user-exp.md => windows-autopatch-windows-quality-update-end-user-exp.md} (100%)
 rename windows/deployment/windows-autopatch/operate/{windows-autopatch-wqu-ineligible-devices-historical-report.md => windows-autopatch-windows-quality-update-ineligible-devices-historical-report.md} (100%)
 rename windows/deployment/windows-autopatch/operate/{windows-autopatch-wqu-overview.md => windows-autopatch-windows-quality-update-overview.md} (93%)
 rename windows/deployment/windows-autopatch/operate/{windows-autopatch-wqu-reports-overview.md => windows-autopatch-windows-quality-update-reports-overview.md} (81%)
 rename windows/deployment/windows-autopatch/operate/{windows-autopatch-wqu-signals.md => windows-autopatch-windows-quality-update-signals.md} (100%)
 rename windows/deployment/windows-autopatch/operate/{windows-autopatch-wqu-summary-dashboard.md => windows-autopatch-windows-quality-update-summary-dashboard.md} (100%)
 rename windows/deployment/windows-autopatch/references/{windows-autopatch-wqu-unsupported-policies.md => windows-autopatch-windows-update-unsupported-policies.md} (100%)

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 7e4e331ff7..e6a9c13cf5 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -20452,12 +20452,67 @@
     },
     {
       "source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md",
-      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-feature-update-overview",
+      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview",
       "redirect_document_id": true
     },
     {
       "source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-fu-end-user-exp.md",
-      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-feature-update-end-user-exp",
+      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-end-user-exp",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-overview.md",
+      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-end-user-exp.md",
+      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-end-user-exp",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-signals.md",
+      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-signals",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-communications.md",
+      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-communications",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-reports-overview.md",
+      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-reports-overview",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-summary-dashboard.md",
+      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-summary-dashboard",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-all-devices-report.md",
+      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-report",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-all-devices-historical-report.md",
+      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-historical-report",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-eligible-devices-historical-report.md",
+      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-eligible-devices-historical-report",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-ineligible-devices-historical-report.md",
+      "redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-ineligible-devices-historical-report",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "windows/deployment/windows-autopatch/references/windows-autopatch-wqu-unsupported-policies.md",
+      "redirect_url": "/windows/deployment/windows-autopatch/references/windows-autopatch-windows-update-unsupported-policies",
       "redirect_document_id": true
     }
   ]
diff --git a/windows/deployment/windows-autopatch/TOC.yml b/windows/deployment/windows-autopatch/TOC.yml
index 7c75aa20cb..9f479471e4 100644
--- a/windows/deployment/windows-autopatch/TOC.yml
+++ b/windows/deployment/windows-autopatch/TOC.yml
@@ -48,32 +48,32 @@
               href:
               items:
                 - name: Windows quality updates
-                  href: operate/windows-autopatch-wqu-overview.md
+                  href: operate/windows-autopatch-windows-quality-update-overview.md
                   items:
                     - name: Windows quality update end user experience
-                      href: operate/windows-autopatch-wqu-end-user-exp.md
+                      href: operate/windows-autopatch-windows-quality-update-end-user-exp.md
                     - name: Windows quality update signals
-                      href: operate/windows-autopatch-wqu-signals.md
+                      href: operate/windows-autopatch-windows-quality-update-signals.md
                     - name: Windows quality update communications
-                      href: operate/windows-autopatch-wqu-communications.md
+                      href: operate/windows-autopatch-windows-quality-update-communications.md
                     - name: Windows quality update reports
-                      href: operate/windows-autopatch-wqu-reports-overview.md
+                      href: operate/windows-autopatch-windows-quality-update-reports-overview.md
                       items:
                         - name: Summary dashboard
-                          href: operate/windows-autopatch-wqu-summary-dashboard.md
+                          href: operate/windows-autopatch-windows-quality-update-summary-dashboard.md
                         - name: All devices report
-                          href: operate/windows-autopatch-wqu-all-devices-report.md
+                          href: operate/windows-autopatch-windows-quality-update-all-devices-report.md
                         - name: All devices report—historical
-                          href: operate/windows-autopatch-wqu-all-devices-historical-report.md
+                          href: operate/windows-autopatch-windows-quality-update-all-devices-historical-report.md
                         - name: Eligible devices report—historical
-                          href: operate/windows-autopatch-wqu-eligible-devices-historical-report.md
+                          href: operate/windows-autopatch-windows-quality-update-eligible-devices-historical-report.md
                         - name: Ineligible devices report—historical
-                          href: operate/windows-autopatch-wqu-ineligible-devices-historical-report.md
+                          href: operate/windows-autopatch-windows-quality-update-ineligible-devices-historical-report.md
                 - name: Windows feature updates
-                  href: operate/windows-autopatch-feature-update-overview.md
+                  href: operate/windows-autopatch-windows-feature-update-overview.md
                   items:
                     - name: Windows feature update end user experience
-                      href: operate/windows-autopatch-feature-update-end-user-exp.md
+                      href: operate/windows-autopatch-windows-feature-update-end-user-exp.md
             - name: Microsoft 365 Apps for enterprise
               href: operate/windows-autopatch-microsoft-365-apps-enterprise.md
             - name: Microsoft Edge
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-update-management.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-update-management.md
index c250ba4502..3c5bb1f346 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-update-management.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-update-management.md
@@ -20,8 +20,8 @@ Keeping your devices up to date is a balance of speed and stability. Windows Aut
 
 | Software update workload | Description |
 | ----- | ----- |
-| Windows quality update | Windows Autopatch uses four deployment rings to manage Windows quality updates. For more detailed information, see [Windows quality updates](../operate/windows-autopatch-wqu-overview.md). |
-| Windows feature update | Windows Autopatch uses four deployment rings to manage Windows feature updates. For more detailed information, see [Windows feature updates](windows-autopatch-fu-overview.md).
+| Windows quality update | Windows Autopatch uses four deployment rings to manage Windows quality updates. For more detailed information, see [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md). |
+| Windows feature update | Windows Autopatch uses four deployment rings to manage Windows feature updates. For more detailed information, see [Windows feature updates](windows-autopatch-windows-feature-update-overview.md).
 | Anti-virus definition | Updated with each scan. |
 | Microsoft 365 Apps for enterprise | For more information, see [Microsoft 365 Apps for enterprise](windows-autopatch-microsoft-365-apps-enterprise.md). |
 | Microsoft Edge | For more information, see [Microsoft Edge](../operate/windows-autopatch-edge.md). |
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-feature-update-end-user-exp.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-end-user-exp.md
similarity index 100%
rename from windows/deployment/windows-autopatch/operate/windows-autopatch-feature-update-end-user-exp.md
rename to windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-end-user-exp.md
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
similarity index 97%
rename from windows/deployment/windows-autopatch/operate/windows-autopatch-feature-update-overview.md
rename to windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
index 64f6442d2d..fb5db5fcd8 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
@@ -65,7 +65,7 @@ You can test Windows 11 deployments by adding devices either through direct memb
 
 ## Manage Windows feature update deployments
 
-Windows Autopatch uses Microsoft Intune’s built-in solution, which uses configuration service providers (CSPs), for pausing and resuming both [Windows quality](windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release).
+Windows Autopatch uses Microsoft Intune’s built-in solution, which uses configuration service providers (CSPs), for pausing and resuming both [Windows quality](windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release).
 
 Windows Autopatch provides a permanent pause of a Windows feature update deployment. The Windows Autopatch service automatically extends the 35-day pause limit (permanent pause) established by Microsoft Intune on your behalf. The deployment remains permanently paused until you decide to resume it.
 
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-all-devices-historical-report.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-historical-report.md
similarity index 100%
rename from windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-all-devices-historical-report.md
rename to windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-historical-report.md
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-all-devices-report.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-report.md
similarity index 100%
rename from windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-all-devices-report.md
rename to windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-report.md
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-communications.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-communications.md
similarity index 100%
rename from windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-communications.md
rename to windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-communications.md
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-eligible-devices-historical-report.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-eligible-devices-historical-report.md
similarity index 100%
rename from windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-eligible-devices-historical-report.md
rename to windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-eligible-devices-historical-report.md
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-end-user-exp.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-end-user-exp.md
similarity index 100%
rename from windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-end-user-exp.md
rename to windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-end-user-exp.md
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-ineligible-devices-historical-report.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-ineligible-devices-historical-report.md
similarity index 100%
rename from windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-ineligible-devices-historical-report.md
rename to windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-ineligible-devices-historical-report.md
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
similarity index 93%
rename from windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-overview.md
rename to windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index 7fdb0ac0d9..59cc60bb90 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -30,8 +30,8 @@ For a device to be eligible for Windows quality updates as a part of Windows Aut
 | Deployed | Windows Autopatch doesn't update devices that haven't yet been deployed. |
 | Internet connectivity | Devices must have a steady internet connection, and access to Windows [update endpoints](../prepare/windows-autopatch-configure-network.md). |
 | Windows edition | Devices must be on a Windows edition supported by Windows Autopatch. For more information, see [Prerequisites](../prepare/windows-autopatch-prerequisites.md). |
-| Mobile device management (MDM) policy conflict | Devices must not have deployed any policies that would prevent device management. For more information, see [Conflicting and unsupported policies](../operate/windows-autopatch-wqu-unsupported-policies.md). |
-| Group policy conflict | Devices must not have group policies deployed which would prevent device management. For more information, see [Group policy](windows-autopatch-wqu-unsupported-policies.md#group-policy-and-other-policy-managers) |
+| Mobile device management (MDM) policy conflict | Devices must not have deployed any policies that would prevent device management. For more information, see [Conflicting and unsupported policies](../references/windows-autopatch-windows-update-unsupported-policies.md). |
+| Group policy conflict | Devices must not have group policies deployed which would prevent device management. For more information, see [Group policy](../references/windows-autopatch-windows-update-unsupported-policies.md#group-policy-and-other-policy-managers) |
 
 ## Windows quality update releases
 
@@ -108,7 +108,7 @@ Windows Autopatch schedules and deploys required Out of Band (OOB) updates relea
 
 ### Pausing and resuming a release
 
-If Windows Autopatch detects a [significant issue with a release](../operate/windows-autopatch-wqu-signals.md), we may decide to pause that release.
+If Windows Autopatch detects a [significant issue with a release](../operate/windows-autopatch-windows-quality-update-signals.md), we may decide to pause that release.
 
 In the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) > **Release management** > in the **Release schedule** tab, you can pause or resume a Windows quality update.
 
@@ -121,4 +121,4 @@ There are two statuses associated with paused quality updates, **Service Paused*
 
 ## Remediating Ineligible and/or Not up to Date devices
 
-To ensure your devices receive Windows quality updates, Windows Autopatch provides information on how you can remediate [Ineligible Devices (Customer Actions)](../operate/windows-autopatch-wqu-reports-overview.md#ineligible-devices-customer-action). In addition, the Windows Autopatch service may remediate [Not up to Date devices](../operate/windows-autopatch-wqu-reports-overview.md#not-up-to-date-microsoft-action) to bring them back into compliance.
+To ensure your devices receive Windows quality updates, Windows Autopatch provides information on how you can remediate [Ineligible Devices (Customer Actions)](../operate/windows-autopatch-windows-quality-update-reports-overview.md#ineligible-devices-customer-action). In addition, the Windows Autopatch service may remediate [Not up to Date devices](../operate/windows-autopatch-windows-quality-update-reports-overview.md#not-up-to-date-microsoft-action) to bring them back into compliance.
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-reports-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-reports-overview.md
similarity index 81%
rename from windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-reports-overview.md
rename to windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-reports-overview.md
index 2e61770efe..e73bb77716 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-reports-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-reports-overview.md
@@ -26,8 +26,8 @@ The report types are organized into the following focus areas:
 
 | Focus area | Description |
 | ----- | ----- |
-| Operational detail | <ul><li>[Summary dashboard](windows-autopatch-wqu-summary-dashboard.md): Provides the current update status summary for all devices.</li><li>[All devices report](windows-autopatch-wqu-all-devices-report.md): Provides the current update status of all devices at the device level.</li></ul> |
-| Device trends | <ul><li>[All devices report – historical](windows-autopatch-wqu-all-devices-historical-report.md): Provides the update status trend of all devices over the last 90 days.</li><li>[Eligible devices report – historical](windows-autopatch-wqu-eligible-devices-historical-report.md): Provides the update status trend of all eligible devices to receive quality updates over the last 90 days.</li><li>[Ineligible devices report – historical](windows-autopatch-wqu-ineligible-devices-historical-report.md): Provides a trending view of why ineligible devices haven’t received quality updates over the last 90 days.</li></ul> |
+| Operational detail | <ul><li>[Summary dashboard](windows-autopatch-windows-quality-update-summary-dashboard.md): Provides the current update status summary for all devices.</li><li>[All devices report](windows-autopatch-windows-quality-update-all-devices-report.md): Provides the current update status of all devices at the device level.</li></ul> |
+| Device trends | <ul><li>[All devices report – historical](windows-autopatch-windows-quality-update-all-devices-historical-report.md): Provides the update status trend of all devices over the last 90 days.</li><li>[Eligible devices report – historical](windows-autopatch-windows-quality-update-eligible-devices-historical-report.md): Provides the update status trend of all eligible devices to receive quality updates over the last 90 days.</li><li>[Ineligible devices report – historical](windows-autopatch-windows-quality-update-ineligible-devices-historical-report.md): Provides a trending view of why ineligible devices haven’t received quality updates over the last 90 days.</li></ul> |
 
 ## Who can access the reports?
 
@@ -57,16 +57,16 @@ Healthy devices are devices that meet all of the following prerequisites:
 
 - [Prerequisites](../prepare/windows-autopatch-prerequisites.md)
 - [Prerequisites for device registration](../deploy/windows-autopatch-register-devices.md#prerequisites-for-device-registration)
-- [Windows quality update device eligibility](../operate/windows-autopatch-wqu-overview.md#device-eligibility)
+- [Windows quality update device eligibility](../operate/windows-autopatch-windows-quality-update-overview.md#device-eligibility)
 
 > [!NOTE]
 > Healthy devices will remain with the **In Progress** status for the 21-day service level objective period. Devices which are **Paused** are also considered healthy.
 
 | Sub status | Description |
 | ----- | ----- |
-| Up to Date | Devices are up to date with the latest quality update deployed through the [Windows Autopatch release schedule](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases). |
-| In Progress | Devices are currently installing the latest quality update deployed through the [Windows Autopatch release schedule](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases). |
-| Paused | Devices that are currently paused due to a Windows Autopatch or customer-initiated Release Management pause. For more information, see [Pausing and resuming a release](../operate/windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release). |
+| Up to Date | Devices are up to date with the latest quality update deployed through the [Windows Autopatch release schedule](../operate/windows-autopatch-windows-quality-update-overview.md#windows-quality-update-releases). |
+| In Progress | Devices are currently installing the latest quality update deployed through the [Windows Autopatch release schedule](../operate/windows-autopatch-windows-quality-update-overview.md#windows-quality-update-releases). |
+| Paused | Devices that are currently paused due to a Windows Autopatch or customer-initiated Release Management pause. For more information, see [Pausing and resuming a release](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release). |
 
 ### Not Up to Date (Microsoft Action)
 
@@ -76,7 +76,7 @@ Not Up to Date means a device isn’t up to date when the:
 - Device is more than 21 days overdue from the last release.
 
 > [!NOTE]
-> Microsoft Action refers to the responsibility of the Windows Autopatch Service Engineering Team to carry out the appropriate action to resolve the reported device state. Windows Autopatch aims to keep at least [95% of eligible devices on the latest Windows quality update 21 days after release](../operate/windows-autopatch-wqu-overview.md#service-level-objective).
+> Microsoft Action refers to the responsibility of the Windows Autopatch Service Engineering Team to carry out the appropriate action to resolve the reported device state. Windows Autopatch aims to keep at least [95% of eligible devices on the latest Windows quality update 21 days after release](../operate/windows-autopatch-windows-quality-update-overview.md#service-level-objective).
 
 | Sub status | Description |
 | ----- | ----- |
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-signals.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-signals.md
similarity index 100%
rename from windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-signals.md
rename to windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-signals.md
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-summary-dashboard.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-summary-dashboard.md
similarity index 100%
rename from windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-summary-dashboard.md
rename to windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-summary-dashboard.md
diff --git a/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml b/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
index 0c377a7e69..c1121c22df 100644
--- a/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
+++ b/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
@@ -92,26 +92,26 @@ sections:
       - question: What happens if there's an issue with an update?
         answer: |
           Autopatch relies on the following capabilities to help resolve update issues:
-          - Pausing and resuming: If Windows Autopatch detects an issue with a Windows quality release, we may decide that it's necessary to pause that release. Once the issue is resolved, the release will be resumed. For more information, see [Pausing and resuming a Windows quality release](../operate/windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release).
+          - Pausing and resuming: If Windows Autopatch detects an issue with a Windows quality release, we may decide that it's necessary to pause that release. Once the issue is resolved, the release will be resumed. For more information, see [Pausing and resuming a Windows quality release](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release).
           - Rollback: If Windows Autopatch detects issues between versions of Microsoft 365 Apps for enterprise, we might force all devices to roll back to the previous version. For more information, see [Update controls for Microsoft 365 Apps for enterprise](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#update-controls).
       - question: Can I permanently pause a Windows feature update deployment?
         answer: |
-          Yes. Windows Autopatch provides a [permanent pause of either a feature update deployment](../operate/windows-autopatch-fu-overview.md#pausing-and-resuming-a-release).
+          Yes. Windows Autopatch provides a [permanent pause of either a feature update deployment](../operate/windows-autopatch-feature-update-overview.md#pausing-and-resuming-a-release).
       - question: Will Windows quality updates be released more quickly after vulnerabilities are identified, or what is the regular cadence of updates?
         answer: |
-          For zero-day threats, Autopatch will have an [expedited release cadence](../operate/windows-autopatch-wqu-overview.md#expedited-releases). For normal updates Autopatch, uses a [regular release cadence](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases) starting with devices in the Test ring and completing with general rollout to the Broad ring.
+          For zero-day threats, Autopatch will have an [expedited release cadence](../operate/windows-autopatch-windows-quality-update-overview.md#expedited-releases). For normal updates Autopatch, uses a [regular release cadence](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases) starting with devices in the Test ring and completing with general rollout to the Broad ring.
       - question: Can customers configure when to move to the next ring or is it controlled by Windows Autopatch?
         answer: |
           The decision of when to move to the next ring is handled by Windows Autopatch; it isn't customer configurable.
       - question: Can you customize the scheduling of an update rollout to only install on certain days and times?
         answer: |
-          No, you can't customize update scheduling. However, you can specify [active hours](../operate/windows-autopatch-wqu-end-user-exp.md#servicing-window) to prevent users from updating during business hours.
+          No, you can't customize update scheduling. However, you can specify [active hours](../operate/windows-autopatch-windows-quality-update-end-user-exp.md#servicing-window) to prevent users from updating during business hours.
       - question: Does Autopatch support include and exclude groups, or dynamic groups to define deployment ring membership?
         answer: |
           Windows Autopatch doesn't support managing update deployment ring membership using your Azure AD groups. For more information, see [Moving devices in between deployment rings](../operate/windows-autopatch-update-management.md#moving-devices-in-between-deployment-rings).
       - question: Does Autopatch have two release cadences per update or are there two release cadences per-ring?
         answer: |
-          The release cadences are defined based on the update type. For example, a [regular cadence](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases) (for a Windows quality update would be a gradual rollout from the Test ring to the Broad ring over 14 days whereas an [expedited release](../operate/windows-autopatch-wqu-overview.md#expedited-releases) would roll out more rapidly.
+          The release cadences are defined based on the update type. For example, a [regular cadence](../operate/windows-autopatch-windows-quality-update-overview.md#windows-quality-update-releases) (for a Windows quality update would be a gradual rollout from the Test ring to the Broad ring over 14 days whereas an [expedited release](../operate/windows-autopatch-windows-quality-update-overview.md#expedited-releases) would roll out more rapidly.
   - name: Support
     questions:
       - question: What support is available for customers who need help with onboarding to Windows Autopatch?
diff --git a/windows/deployment/windows-autopatch/overview/windows-autopatch-overview.md b/windows/deployment/windows-autopatch/overview/windows-autopatch-overview.md
index 8ed02530ce..33c47e3fa1 100644
--- a/windows/deployment/windows-autopatch/overview/windows-autopatch-overview.md
+++ b/windows/deployment/windows-autopatch/overview/windows-autopatch-overview.md
@@ -37,8 +37,8 @@ The goal of Windows Autopatch is to deliver software updates to registered devic
 
 | Management area | Service level objective |
 | ----- | ----- |
-| [Windows quality updates](../operate/windows-autopatch-wqu-overview.md) | Windows Autopatch aims to keep at least 95% of eligible devices on the latest Windows quality update 21 days after release. |
-| [Windows feature updates](../operate/windows-autopatch-fu-overview.md) | Windows Autopatch aims to keep at least 99% of eligible devices on a supported version of Windows so that they can continue receiving Windows feature updates. |
+| [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) | Windows Autopatch aims to keep at least 95% of eligible devices on the latest Windows quality update 21 days after release. |
+| [Windows feature updates](../operate/windows-autopatch-feature-update-overview.md) | Windows Autopatch aims to keep at least 99% of eligible devices on a supported version of Windows so that they can continue receiving Windows feature updates. |
 | [Microsoft 365 Apps for enterprise](../operate/windows-autopatch-microsoft-365-apps-enterprise.md) | Windows Autopatch aims to keep at least 90% of eligible devices on a supported version of the Monthly Enterprise Channel (MEC). |
 | [Microsoft Edge](../operate/windows-autopatch-edge.md) | Windows Autopatch configures eligible devices to benefit from Microsoft Edge's progressive rollouts on the Stable channel. |
 | [Microsoft Teams](../operate/windows-autopatch-teams.md) | Windows Autopatch allows eligible devices to benefit from the standard automatic update channel. |
@@ -64,7 +64,7 @@ Microsoft remains committed to the security of your data and the [accessibility]
 | Prepare | The following articles describe the mandatory steps to prepare and enroll your tenant into Windows Autopatch:<ul><li>[Prerequisites](../prepare/windows-autopatch-prerequisites.md)</li><li>[Configure your network](../prepare/windows-autopatch-configure-network.md)</li><li>[Enroll your tenant](../prepare/windows-autopatch-enroll-tenant.md)</li><li>[Fix issues found by the Readiness assessment tool](../prepare/windows-autopatch-fix-issues.md)</li></ul> |
 | Deploy | Once you've enrolled your tenant, this section instructs you to:<ul><li>[Add and verify admin contacts](../deploy/windows-autopatch-admin-contacts.md)</li><li>[Register your devices](../deploy/windows-autopatch-register-devices.md)</li></ul> |
 | Operate | This section includes the following information about your day-to-day life with the service:<ul><li>[Update management](../operate/windows-autopatch-update-management.md)</li><li>[Maintain your Windows Autopatch environment](../operate/windows-autopatch-maintain-environment.md)</li><li>[Submit a support request](../operate/windows-autopatch-support-request.md)</li><li>[Deregister a device](../operate/windows-autopatch-deregister-devices.md)</li></ul>
-| References | This section includes the following articles:<ul><li>[Windows update policies](../operate/windows-autopatch-wqu-unsupported-policies.md)</li><li>[Microsoft 365 Apps for enterprise update policies](../references/windows-autopatch-microsoft-365-policies.md)</li><li>[Privacy](../references/windows-autopatch-privacy.md)</li><li>[Windows Autopatch Preview Addendum](../references/windows-autopatch-preview-addendum.md)</li></ul> |
+| References | This section includes the following articles:<ul><li>[Windows update policies](../operate/windows-autopatch-windows-update-unsupported-policies.md)</li><li>[Microsoft 365 Apps for enterprise update policies](../references/windows-autopatch-microsoft-365-policies.md)</li><li>[Privacy](../references/windows-autopatch-privacy.md)</li><li>[Windows Autopatch Preview Addendum](../references/windows-autopatch-preview-addendum.md)</li></ul> |
 
 ### Have feedback or would like to start a discussion?
 
diff --git a/windows/deployment/windows-autopatch/references/windows-autopatch-wqu-unsupported-policies.md b/windows/deployment/windows-autopatch/references/windows-autopatch-windows-update-unsupported-policies.md
similarity index 100%
rename from windows/deployment/windows-autopatch/references/windows-autopatch-wqu-unsupported-policies.md
rename to windows/deployment/windows-autopatch/references/windows-autopatch-windows-update-unsupported-policies.md

From 86d425c1c93fffa3e49bc4b03f371641309494c4 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 1 Feb 2023 18:00:54 -0800
Subject: [PATCH 42/98] Fix toc broken link.

---
 windows/deployment/windows-autopatch/TOC.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/TOC.yml b/windows/deployment/windows-autopatch/TOC.yml
index 9f479471e4..fa4844aef5 100644
--- a/windows/deployment/windows-autopatch/TOC.yml
+++ b/windows/deployment/windows-autopatch/TOC.yml
@@ -95,7 +95,7 @@
           href:
           items:
             - name: Windows update policies
-              href: operate/windows-autopatch-wqu-unsupported-policies.md
+              href: references/windows-autopatch-windows-update-unsupported-policies.md
             - name: Microsoft 365 Apps for enterprise update policies
               href: references/windows-autopatch-microsoft-365-policies.md
         - name: Changes made at tenant enrollment

From 54aa47a334ef24e9f5af835ded1104f38a350901 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 1 Feb 2023 19:35:40 -0800
Subject: [PATCH 43/98] Fixed broken links.

---
 .../windows-autopatch/overview/windows-autopatch-faq.yml      | 2 +-
 .../windows-autopatch/overview/windows-autopatch-overview.md  | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml b/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
index c1121c22df..fd6ef0d1ef 100644
--- a/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
+++ b/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
@@ -96,7 +96,7 @@ sections:
           - Rollback: If Windows Autopatch detects issues between versions of Microsoft 365 Apps for enterprise, we might force all devices to roll back to the previous version. For more information, see [Update controls for Microsoft 365 Apps for enterprise](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#update-controls).
       - question: Can I permanently pause a Windows feature update deployment?
         answer: |
-          Yes. Windows Autopatch provides a [permanent pause of either a feature update deployment](../operate/windows-autopatch-feature-update-overview.md#pausing-and-resuming-a-release).
+          Yes. Windows Autopatch provides a [permanent pause of either a feature update deployment](../operate/windows-autopatch-windows-feature-update-overview.md#pausing-and-resuming-a-release).
       - question: Will Windows quality updates be released more quickly after vulnerabilities are identified, or what is the regular cadence of updates?
         answer: |
           For zero-day threats, Autopatch will have an [expedited release cadence](../operate/windows-autopatch-windows-quality-update-overview.md#expedited-releases). For normal updates Autopatch, uses a [regular release cadence](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases) starting with devices in the Test ring and completing with general rollout to the Broad ring.
diff --git a/windows/deployment/windows-autopatch/overview/windows-autopatch-overview.md b/windows/deployment/windows-autopatch/overview/windows-autopatch-overview.md
index 33c47e3fa1..6458591d05 100644
--- a/windows/deployment/windows-autopatch/overview/windows-autopatch-overview.md
+++ b/windows/deployment/windows-autopatch/overview/windows-autopatch-overview.md
@@ -38,7 +38,7 @@ The goal of Windows Autopatch is to deliver software updates to registered devic
 | Management area | Service level objective |
 | ----- | ----- |
 | [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) | Windows Autopatch aims to keep at least 95% of eligible devices on the latest Windows quality update 21 days after release. |
-| [Windows feature updates](../operate/windows-autopatch-feature-update-overview.md) | Windows Autopatch aims to keep at least 99% of eligible devices on a supported version of Windows so that they can continue receiving Windows feature updates. |
+| [Windows feature updates](../operate/windows-autopatch-windows-feature-update-overview.md) | Windows Autopatch aims to keep at least 99% of eligible devices on a supported version of Windows so that they can continue receiving Windows feature updates. |
 | [Microsoft 365 Apps for enterprise](../operate/windows-autopatch-microsoft-365-apps-enterprise.md) | Windows Autopatch aims to keep at least 90% of eligible devices on a supported version of the Monthly Enterprise Channel (MEC). |
 | [Microsoft Edge](../operate/windows-autopatch-edge.md) | Windows Autopatch configures eligible devices to benefit from Microsoft Edge's progressive rollouts on the Stable channel. |
 | [Microsoft Teams](../operate/windows-autopatch-teams.md) | Windows Autopatch allows eligible devices to benefit from the standard automatic update channel. |
@@ -64,7 +64,7 @@ Microsoft remains committed to the security of your data and the [accessibility]
 | Prepare | The following articles describe the mandatory steps to prepare and enroll your tenant into Windows Autopatch:<ul><li>[Prerequisites](../prepare/windows-autopatch-prerequisites.md)</li><li>[Configure your network](../prepare/windows-autopatch-configure-network.md)</li><li>[Enroll your tenant](../prepare/windows-autopatch-enroll-tenant.md)</li><li>[Fix issues found by the Readiness assessment tool](../prepare/windows-autopatch-fix-issues.md)</li></ul> |
 | Deploy | Once you've enrolled your tenant, this section instructs you to:<ul><li>[Add and verify admin contacts](../deploy/windows-autopatch-admin-contacts.md)</li><li>[Register your devices](../deploy/windows-autopatch-register-devices.md)</li></ul> |
 | Operate | This section includes the following information about your day-to-day life with the service:<ul><li>[Update management](../operate/windows-autopatch-update-management.md)</li><li>[Maintain your Windows Autopatch environment](../operate/windows-autopatch-maintain-environment.md)</li><li>[Submit a support request](../operate/windows-autopatch-support-request.md)</li><li>[Deregister a device](../operate/windows-autopatch-deregister-devices.md)</li></ul>
-| References | This section includes the following articles:<ul><li>[Windows update policies](../operate/windows-autopatch-windows-update-unsupported-policies.md)</li><li>[Microsoft 365 Apps for enterprise update policies](../references/windows-autopatch-microsoft-365-policies.md)</li><li>[Privacy](../references/windows-autopatch-privacy.md)</li><li>[Windows Autopatch Preview Addendum](../references/windows-autopatch-preview-addendum.md)</li></ul> |
+| References | This section includes the following articles:<ul><li>[Windows update policies](../references/windows-autopatch-windows-update-unsupported-policies.md)</li><li>[Microsoft 365 Apps for enterprise update policies](../references/windows-autopatch-microsoft-365-policies.md)</li><li>[Privacy](../references/windows-autopatch-privacy.md)</li><li>[Windows Autopatch Preview Addendum](../references/windows-autopatch-preview-addendum.md)</li></ul> |
 
 ### Have feedback or would like to start a discussion?
 

From c859ffda767062954bab43957e4f9759152dfaea Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 1 Feb 2023 19:41:51 -0800
Subject: [PATCH 44/98] Fixing more broken links

---
 .../whats-new/windows-autopatch-whats-new-2022.md           | 6 +++---
 .../whats-new/windows-autopatch-whats-new-2023.md           | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md
index 5e36572e92..4692d775fd 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md
@@ -24,12 +24,12 @@ Minor corrections such as typos, style, or formatting issues aren't listed.
 
 | Article | Description |
 | ----- | ----- |
-| [Windows quality updates](../operate/windows-autopatch-wqu-overview.md) | Added information about: <ul><li>Turning off service-driven expedited quality update releases<ul><li>[MC482178](https://admin.microsoft.com/adminportal/home#/MessageCenter)</li></ul></li><li>Viewing deployed out of band releases<ul><li>[MC484915](https://admin.microsoft.com/adminportal/home#/MessageCenter)</li></ul></li></ul> |
+| [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) | Added information about: <ul><li>Turning off service-driven expedited quality update releases<ul><li>[MC482178](https://admin.microsoft.com/adminportal/home#/MessageCenter)</li></ul></li><li>Viewing deployed out of band releases<ul><li>[MC484915](https://admin.microsoft.com/adminportal/home#/MessageCenter)</li></ul></li></ul> |
 | [Roles and responsibilities](../overview/windows-autopatch-roles-responsibilities.md) | Added Roles and responsibilities article |
 | [Prerequisites](../prepare/windows-autopatch-prerequisites.md) | Added more licenses to the More about licenses section<ul><li>[MC452168](https://admin.microsoft.com/adminportal/home#/MessageCenter) |
-| [Unsupported policies](../operate/windows-autopatch-wqu-unsupported-policies.md) | Updated to include other policy managers in the Group policy section |
+| [Unsupported policies](../operate/windows-autopatch-windows-quality-update-unsupported-policies.md) | Updated to include other policy managers in the Group policy section |
 | [Changes made at tenant enrollment](../references/windows-autopatch-changes-to-tenant.md) | Updated the Device configuration, Microsoft Office and Edge policies |
-| [Windows quality update reports](../operate/windows-autopatch-wqu-reports-overview.md) | Added Windows quality update reports |
+| [Windows quality update reports](../operate/windows-autopatch-windows-quality-update-reports-overview.md) | Added Windows quality update reports |
 
 ### December service release
 
diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
index 13f228bf15..d65d8a0e54 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
@@ -33,7 +33,7 @@ Minor corrections such as typos, style, or formatting issues aren't listed.
 
 | Article | Description |
 | ----- | ----- |
-| [Windows feature update](../operate/windows-autopatch-fu-overview.md) | Updated Windows feature update information |
+| [Windows feature update](../operate/windows-autopatch-windows-feature-update-overview.md) | Updated Windows feature update information |
 | [Submit a tenant enrollment support request](../prepare/windows-autopatch-enrollment-support-request.md) | Added the Submit a tenant enrollment support request section. You can submit a tenant enrollment support request through the Tenant enrollment tool if you're running into issues with enrollment |
 | [Submit a support request](../operate/windows-autopatch-support-request.md) | Added Premier and Unified support options section |
 

From fa0a4e67b85f8db14cb11a5b31d5a62af4841921 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 1 Feb 2023 19:54:43 -0800
Subject: [PATCH 45/98] Fixed broken links.

---
 .../windows-autopatch-register-devices.md     |  4 +--
 ...ty-update-all-devices-historical-report.md |  2 +-
 ...ndows-quality-update-all-devices-report.md |  4 +--
 ...date-eligible-devices-historical-report.md |  2 +-
 ...te-ineligible-devices-historical-report.md |  2 +-
 ...utopatch-windows-quality-update-signals.md |  2 +-
 ...indows-quality-update-summary-dashboard.md |  2 +-
 ...indows-autopatch-roles-responsibilities.md | 34 +++++++++----------
 8 files changed, 26 insertions(+), 26 deletions(-)

diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
index 2a1201f79a..17cf0bb228 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
@@ -20,8 +20,8 @@ Before Microsoft can manage your devices in Windows Autopatch, you must have dev
 
 Windows Autopatch can take over software update management control of devices that meet software-based prerequisites as soon as an IT admin decides to have their tenant managed by the service. The Windows Autopatch software update management scope includes the following software update workloads:
 
-- [Windows quality updates](../operate/windows-autopatch-wqu-overview.md)
-- [Windows feature updates](../operate/windows-autopatch-fu-overview.md)
+- [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md)
+- [Windows feature updates](../operate/windows-autopatch-windows-feature-update-overview.md)
 - [Microsoft 365 Apps for enterprise updates](../operate/windows-autopatch-microsoft-365-apps-enterprise.md)
 - [Microsoft Edge updates](../operate/windows-autopatch-edge.md)
 - [Microsoft Teams updates](../operate/windows-autopatch-teams.md)
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-historical-report.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-historical-report.md
index 3808dd45a7..1aeecfd623 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-historical-report.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-historical-report.md
@@ -37,4 +37,4 @@ The following options are available:
 | Export | Select **Export devices** at the top of the page to export data from this report into a CSV file. |
 | Filter | Select either the **Update status** or **Deployment rings** filters at the top of the report to filter the results. Then, select **Generate trend**. |
 
-For a description of the displayed device status trends, see [Windows quality update statuses](windows-autopatch-wqu-reports-overview.md#windows-quality-update-statuses).
+For a description of the displayed device status trends, see [Windows quality update statuses](windows-autopatch-windows-quality-update-reports-overview.md#windows-quality-update-statuses).
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-report.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-report.md
index 5536a42c04..beb945d17e 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-report.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-report.md
@@ -38,8 +38,8 @@ The following information is available in the All devices report:
 | Azure Active Directory (AD) device ID | The current Azure AD recorded device ID for the device. |
 | Serial number | The current Intune recorded serial number for the device. |
 | Deployment ring | The currently assigned Windows Autopatch deployment ring for the device. |
-| Update status | The current update status for the device (see [Windows quality update statuses](windows-autopatch-wqu-reports-overview.md#windows-quality-update-statuses)). |
-| Update sub status | The current update sub status for the device (see [Windows quality update statuses](windows-autopatch-wqu-reports-overview.md#windows-quality-update-statuses)) |
+| Update status | The current update status for the device (see [Windows quality update statuses](windows-autopatch-windows-quality-update-reports-overview.md#windows-quality-update-statuses)). |
+| Update sub status | The current update sub status for the device (see [Windows quality update statuses](windows-autopatch-windows-quality-update-reports-overview.md#windows-quality-update-statuses)) |
 | OS version | The current version of Windows installed on the device. |
 | OS revision | The current revision of Windows installed on the device. |
 | Intune last check in time | The last time the device checked in to Intune. |
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-eligible-devices-historical-report.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-eligible-devices-historical-report.md
index 4e4e383213..8b2577d48c 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-eligible-devices-historical-report.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-eligible-devices-historical-report.md
@@ -37,4 +37,4 @@ The following options are available:
 | Export | Select **Export devices** at the top of the page to export data from this report into a CSV file. |
 | Filter | Select either the **Update status** or **Deployment rings** filters at the top of the report to filter the results. Then, select **Generate trend**. |
 
-For a description of the displayed device status trends, see [Windows quality update statuses](windows-autopatch-wqu-reports-overview.md#windows-quality-update-statuses).
+For a description of the displayed device status trends, see [Windows quality update statuses](windows-autopatch-windows-quality-update-reports-overview.md#windows-quality-update-statuses).
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-ineligible-devices-historical-report.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-ineligible-devices-historical-report.md
index 733ee98e88..dbcc2d106f 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-ineligible-devices-historical-report.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-ineligible-devices-historical-report.md
@@ -40,4 +40,4 @@ The following options are available:
 | Export | Select **Export devices** at the top of the page to export data from this report into a CSV file. |
 | Filter | Select either the **Update status** or **Deployment rings** filters at the top of the report to filter the results. Then, select **Generate trend**. |
 
-For a description of the displayed device status trends, see [Windows quality update statuses](windows-autopatch-wqu-reports-overview.md#windows-quality-update-statuses).
+For a description of the displayed device status trends, see [Windows quality update statuses](windows-autopatch-windows-quality-update-reports-overview.md#windows-quality-update-statuses).
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-signals.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-signals.md
index c715c4e960..fb93cc88c6 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-signals.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-signals.md
@@ -24,7 +24,7 @@ Before being released to the Test ring, Windows Autopatch reviews several data s
 
 | Pre-release signal | Description |
 | ----- | ----- |
-| Windows Payload Review | The contents of the B release are reviewed to help focus your update testing on areas that have changed. If any relevant changes are detected, a [customer advisory](../operate/windows-autopatch-wqu-communications.md#communications-during-release) will be sent out. |
+| Windows Payload Review | The contents of the B release are reviewed to help focus your update testing on areas that have changed. If any relevant changes are detected, a [customer advisory](../operate/windows-autopatch-windows-quality-update-communications.md#communications-during-release) will be sent out. |
 | C-Release Review - Internal Signals | Windows Autopatch reviews active incidents associated with the previous C release to understand potential risks in the B release. |
 | C-Release Review - Social Signals | Windows Autopatch monitors social signals to better understand potential risks associated with the B release. |
 
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-summary-dashboard.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-summary-dashboard.md
index 735136be22..88f6e4ec66 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-summary-dashboard.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-summary-dashboard.md
@@ -32,7 +32,7 @@ The following information is available in the Summary dashboard:
 
 | Column name | Description |
 | ----- | ----- |
-| Windows quality update status | The device update state. For more information, see [Windows quality update status](windows-autopatch-wqu-reports-overview.md#windows-quality-update-statuses). |
+| Windows quality update status | The device update state. For more information, see [Windows quality update status](windows-autopatch-windows-quality-update-reports-overview.md#windows-quality-update-statuses). |
 | Devices | The number of devices showing as applicable for the state. |
 
 ## Report options
diff --git a/windows/deployment/windows-autopatch/overview/windows-autopatch-roles-responsibilities.md b/windows/deployment/windows-autopatch/overview/windows-autopatch-roles-responsibilities.md
index ec8c9d7ece..6e707c4ca8 100644
--- a/windows/deployment/windows-autopatch/overview/windows-autopatch-roles-responsibilities.md
+++ b/windows/deployment/windows-autopatch/overview/windows-autopatch-roles-responsibilities.md
@@ -28,7 +28,7 @@ This article outlines your responsibilities and Windows Autopatch's responsibili
 | [Review the service data platform and privacy compliance details](../references/windows-autopatch-privacy.md) | :heavy_check_mark: | :x: |
 | Ensure device [prerequisites](../prepare/windows-autopatch-prerequisites.md) are met and in place prior to enrollment | :heavy_check_mark: | :x: |
 | Ensure [infrastructure and environment prerequisites](../prepare/windows-autopatch-configure-network.md) are met and in place prior to enrollment | :heavy_check_mark: | :x: |
-| Prepare to remove your devices from existing unsupported [Windows update](../references/windows-autopatch-wqu-unsupported-policies.md) and [Microsoft 365](../references/windows-autopatch-microsoft-365-policies.md) policies | :heavy_check_mark: | :x: |
+| Prepare to remove your devices from existing unsupported [Windows update](../references/windows-autopatch-windows-update-unsupported-policies.md) and [Microsoft 365](../references/windows-autopatch-microsoft-365-policies.md) policies | :heavy_check_mark: | :x: |
 | [Configure required network endpoints](../prepare/windows-autopatch-configure-network.md#required-microsoft-product-endpoints) | :heavy_check_mark: | :x: |
 | [Fix issues identified by the Readiness assessment tool](../prepare/windows-autopatch-fix-issues.md) | :heavy_check_mark: | :x: |
 | [Enroll tenant into the Windows Autopatch service](../prepare/windows-autopatch-enroll-tenant.md) | :heavy_check_mark: | :x: |
@@ -40,8 +40,8 @@ This article outlines your responsibilities and Windows Autopatch's responsibili
 | ----- | :-----: | :-----: |
 | [Add and verify admin contacts](../deploy/windows-autopatch-admin-contacts.md) in Microsoft Endpoint Manager |  :heavy_check_mark: | :x: |
 | [Deploy and configure Windows Autopatch service configuration](../references/windows-autopatch-changes-to-tenant.md) | :x: | :heavy_check_mark: |
-| Educate users on the Windows Autopatch end user update experience<ul><li>[Windows quality update end user experience](../operate/windows-autopatch-wqu-end-user-exp.md)</li><li>[Windows feature update end user experience](../operate/windows-autopatch-fu-end-user-exp.md)</li><li>[Microsoft 365 Apps for enterprise end user experience](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#end-user-experience)</li><li>[Microsoft Teams end user experience](../operate/windows-autopatch-teams.md#end-user-experience)</li></ul> | :heavy_check_mark: | :x: |
-| Remove your devices from existing unsupported [Windows update](../references/windows-autopatch-wqu-unsupported-policies.md) and [Microsoft 365](../references/windows-autopatch-microsoft-365-policies.md) policies |  :heavy_check_mark: | :x: |
+| Educate users on the Windows Autopatch end user update experience<ul><li>[Windows quality update end user experience](../operate/windows-autopatch-windows-quality-update-end-user-exp.md)</li><li>[Windows feature update end user experience](../operate/windows-autopatch-windows-feature-update-end-user-exp.md)</li><li>[Microsoft 365 Apps for enterprise end user experience](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#end-user-experience)</li><li>[Microsoft Teams end user experience](../operate/windows-autopatch-teams.md#end-user-experience)</li></ul> | :heavy_check_mark: | :x: |
+| Remove your devices from existing unsupported [Windows update](../references/windows-autopatch-windows-update-unsupported-policies.md) and [Microsoft 365](../references/windows-autopatch-microsoft-365-policies.md) policies |  :heavy_check_mark: | :x: |
 | [Register devices/add devices to the Windows Autopatch Device Registration group](../deploy/windows-autopatch-register-devices.md#steps-to-register-devices) | :heavy_check_mark: | :x: |
 | [Run the pre-registration device readiness checks](../deploy/windows-autopatch-register-devices.md#about-the-ready-not-ready-and-not-registered-tabs) | :x: | :heavy_check_mark: |
 | [Automatically assign devices to First, Fast & Broad deployment rings at device registration](../operate/windows-autopatch-update-management.md#deployment-ring-calculation-logic) | :x: | :heavy_check_mark: |
@@ -61,29 +61,29 @@ This article outlines your responsibilities and Windows Autopatch's responsibili
 | [Maintain customer configuration to align with the Windows Autopatch service configuration](../operate/windows-autopatch-maintain-environment.md) |  :heavy_check_mark: | :x: |
 | [Run on-going checks to ensure devices are only present in one deployment ring](../operate/windows-autopatch-update-management.md#automated-deployment-ring-remediation-functions) | :x: | :heavy_check_mark: |
 | [Maintain the Test deployment ring membership](../operate/windows-autopatch-update-management.md#deployment-ring-calculation-logic) | :heavy_check_mark: | :x: |
-| Monitor [Windows update signals](../operate/windows-autopatch-wqu-signals.md) for safe update release | :x: | :heavy_check_mark: |
-| Test specific [business update scenarios](../operate/windows-autopatch-wqu-signals.md) | :heavy_check_mark: | :x: |
-| [Define and implement release schedule](../operate/windows-autopatch-wqu-overview.md) | :x: | :heavy_check_mark: |
-| Communicate the update [release schedule](../operate/windows-autopatch-wqu-communications.md) | :x: | :heavy_check_mark: |
-| Release updates (as scheduled)<ul><li>[Windows quality updates](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases)</li><li>[Microsoft 365 Apps for enterprise](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#update-release-schedule)</li><li>[Microsoft Edge](../operate/windows-autopatch-edge.md#update-release-schedule)</li><li>[Microsoft Teams](../operate/windows-autopatch-teams.md#update-release-schedule)</li><ul>| :x: | :heavy_check_mark: |
-| [Release updates (expedited)](../operate/windows-autopatch-wqu-overview.md#expedited-releases) | :x: | :heavy_check_mark: |
+| Monitor [Windows update signals](../operate/windows-autopatch-windows-quality-update-signals.md) for safe update release | :x: | :heavy_check_mark: |
+| Test specific [business update scenarios](../operate/windows-autopatch-windows-quality-update-signals.md) | :heavy_check_mark: | :x: |
+| [Define and implement release schedule](../operate/windows-autopatch-windows-quality-update-overview.md) | :x: | :heavy_check_mark: |
+| Communicate the update [release schedule](../operate/windows-autopatch-windows-quality-update-communications.md) | :x: | :heavy_check_mark: |
+| Release updates (as scheduled)<ul><li>[Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md#windows-quality-update-releases)</li><li>[Microsoft 365 Apps for enterprise](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#update-release-schedule)</li><li>[Microsoft Edge](../operate/windows-autopatch-edge.md#update-release-schedule)</li><li>[Microsoft Teams](../operate/windows-autopatch-teams.md#update-release-schedule)</li><ul>| :x: | :heavy_check_mark: |
+| [Release updates (expedited)](../operate/windows-autopatch-windows-quality-update-overview.md#expedited-releases) | :x: | :heavy_check_mark: |
 | [Deploy updates to devices](../operate/windows-autopatch-update-management.md) | :x: | :heavy_check_mark: |
-| Monitor [Windows quality](../operate/windows-autopatch-wqu-overview.md) or [feature updates](../operate/windows-autopatch-fu-overview.md) through the release cycle | :x: | :heavy_check_mark: |
-| Review [update reports](../operate/windows-autopatch-wqu-reports-overview.md) | :heavy_check_mark: | :x: |
-| [Pause updates (Windows Autopatch initiated)](../operate/windows-autopatch-wqu-signals.md) | :x: | :heavy_check_mark: |
-| [Pause updates (initiated by you)](../operate/windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release) | :heavy_check_mark: | :x: |
+| Monitor [Windows quality](../operate/windows-autopatch-windows-quality-update-overview.md) or [feature updates](../operate/windows-autopatch-windows-feature-update-overview.md) through the release cycle | :x: | :heavy_check_mark: |
+| Review [update reports](../operate/windows-autopatch-windows-quality-update-reports-overview.md) | :heavy_check_mark: | :x: |
+| [Pause updates (Windows Autopatch initiated)](../operate/windows-autopatch-windows-quality-update-signals.md) | :x: | :heavy_check_mark: |
+| [Pause updates (initiated by you)](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) | :heavy_check_mark: | :x: |
 | Run [on-going post-registration device readiness checks](../deploy/windows-autopatch-post-reg-readiness-checks.md) | :x: | :heavy_check_mark: |
 | [Remediate devices displayed in the **Not ready** tab](../deploy/windows-autopatch-post-reg-readiness-checks.md#about-the-three-tabs-in-the-devices-blade) | :heavy_check_mark: | :x: |
-| Resolve any conflicting and unsupported [Windows update](../references/windows-autopatch-wqu-unsupported-policies.md) and [Microsoft 365](../references/windows-autopatch-microsoft-365-policies.md) policies | :heavy_check_mark: | :x: |
-| [Investigate devices that aren't up to date within the service level objective (Microsoft action)](../operate/windows-autopatch-wqu-reports-overview.md#not-up-to-date-microsoft-action) | :x: | :heavy_check_mark: |
-| [Investigate and remediate devices that are marked as ineligible (Customer action)](../operate/windows-autopatch-wqu-reports-overview.md#ineligible-devices-customer-action) | :heavy_check_mark: | :x: |
+| Resolve any conflicting and unsupported [Windows update](../references/windows-autopatch-windows-update-unsupported-policies.md) and [Microsoft 365](../references/windows-autopatch-microsoft-365-policies.md) policies | :heavy_check_mark: | :x: |
+| [Investigate devices that aren't up to date within the service level objective (Microsoft action)](../operate/windows-autopatch-windows-quality-update-reports-overview.md#not-up-to-date-microsoft-action) | :x: | :heavy_check_mark: |
+| [Investigate and remediate devices that are marked as ineligible (Customer action)](../operate/windows-autopatch-windows-quality-update-reports-overview.md#ineligible-devices-customer-action) | :heavy_check_mark: | :x: |
 | [Raise, manage and resolve a service incident if an update management area isn't meeting the service level objective](windows-autopatch-overview.md#update-management) | :x: | :heavy_check_mark: |
 | [Deregister devices](../operate/windows-autopatch-deregister-devices.md) | :heavy_check_mark: | :x: |
 | [Register a device that was previously deregistered (upon customers request)](../operate/windows-autopatch-deregister-devices.md#excluded-devices) | :x: | :heavy_check_mark: |
 | [Request unenrollment from Windows Autopatch](../operate/windows-autopatch-unenroll-tenant.md) | :heavy_check_mark: | :x: |
 | [Remove Windows Autopatch data from the service and deregister devices](../operate/windows-autopatch-unenroll-tenant.md#microsofts-responsibilities-during-unenrollment) | :x: | :heavy_check_mark: |
 | [Maintain update configuration & update devices post unenrollment from Windows Autopatch](../operate/windows-autopatch-unenroll-tenant.md#your-responsibilities-after-unenrolling-your-tenant) | :heavy_check_mark: | :x: |
-| Review and respond to Message Center and Service Health Dashboard notifications<ul><li>[Windows quality and feature update communications](../operate/windows-autopatch-wqu-communications.md)</li><li>[Add and verify admin contacts](../deploy/windows-autopatch-admin-contacts.md)</li></ul> | :heavy_check_mark: | :x: |
+| Review and respond to Message Center and Service Health Dashboard notifications<ul><li>[Windows quality and feature update communications](../operate/windows-autopatch-windows-quality-update-communications.md)</li><li>[Add and verify admin contacts](../deploy/windows-autopatch-admin-contacts.md)</li></ul> | :heavy_check_mark: | :x: |
 | [Highlight Windows Autopatch Tenant management alerts that require customer action](../operate/windows-autopatch-maintain-environment.md#windows-autopatch-tenant-actions) | :x: | :heavy_check_mark: |
 | [Review and respond to Windows Autopatch Tenant management alerts](../operate/windows-autopatch-maintain-environment.md#windows-autopatch-tenant-actions) | :heavy_check_mark: | :x: |
 | [Raise and respond to support requests](../operate/windows-autopatch-support-request.md) | :heavy_check_mark: | :x: |

From 099940b12463660c3e63662645af67778246bd3b Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 1 Feb 2023 20:01:01 -0800
Subject: [PATCH 46/98] Last broken link i think

---
 .../whats-new/windows-autopatch-whats-new-2022.md               | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md
index 4692d775fd..b79ce348b0 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md
@@ -27,7 +27,7 @@ Minor corrections such as typos, style, or formatting issues aren't listed.
 | [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) | Added information about: <ul><li>Turning off service-driven expedited quality update releases<ul><li>[MC482178](https://admin.microsoft.com/adminportal/home#/MessageCenter)</li></ul></li><li>Viewing deployed out of band releases<ul><li>[MC484915](https://admin.microsoft.com/adminportal/home#/MessageCenter)</li></ul></li></ul> |
 | [Roles and responsibilities](../overview/windows-autopatch-roles-responsibilities.md) | Added Roles and responsibilities article |
 | [Prerequisites](../prepare/windows-autopatch-prerequisites.md) | Added more licenses to the More about licenses section<ul><li>[MC452168](https://admin.microsoft.com/adminportal/home#/MessageCenter) |
-| [Unsupported policies](../operate/windows-autopatch-windows-quality-update-unsupported-policies.md) | Updated to include other policy managers in the Group policy section |
+| [Unsupported policies](../references/windows-autopatch-windows-update-unsupported-policies.md) | Updated to include other policy managers in the Group policy section |
 | [Changes made at tenant enrollment](../references/windows-autopatch-changes-to-tenant.md) | Updated the Device configuration, Microsoft Office and Edge policies |
 | [Windows quality update reports](../operate/windows-autopatch-windows-quality-update-reports-overview.md) | Added Windows quality update reports |
 

From be15eeeef4da6260fa18ad9c0dfe6bb700966042 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Thu, 2 Feb 2023 11:40:10 -0500
Subject: [PATCH 47/98] Spelling correction

Corrected Replated to Related
---
 .../bitlocker-use-bitlocker-recovery-password-viewer.md         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
index 315672e456..fe24fac2a4 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
@@ -63,7 +63,7 @@ The following procedures describe the most common tasks performed by using the B
 
 By completing the procedures in this scenario, the recovery passwords for a computer have been viewed and copied and a password ID was used to locate a recovery password.
 
-## Replated articles
+## Related articles
 
 - [BitLocker Overview](bitlocker-overview.md)
 - [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml)

From b45ca6d9b9c28bfc4493f5b838b04bdb1bab3ddb Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Thu, 2 Feb 2023 11:17:03 -0800
Subject: [PATCH 48/98] Added additional resources to Diagnostic data section
 as per Harman.

---
 .../references/windows-autopatch-privacy.md                | 7 ++++++-
 .../whats-new/windows-autopatch-whats-new-2023.md          | 1 +
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md b/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md
index 60f5f47988..50f23ad38a 100644
--- a/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md
+++ b/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md
@@ -1,7 +1,7 @@
 ---
 title: Privacy
 description:  This article provides details about the data platform and privacy compliance for Autopatch
-ms.date: 11/08/2022
+ms.date: 02/02/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: reference
@@ -61,6 +61,11 @@ Windows Autopatch only processes and stores system-level data from Windows 10 op
 
 For more information about the diagnostic data collection of Microsoft Windows 10, see the [Where we store and process data](https://privacy.microsoft.com/privacystatement#mainwherewestoreandprocessdatamodule) section of the Microsoft Privacy Statement.
 
+For more information about how Windows diagnostic data is used, see:
+
+- [Windows diagnostic data in your organization](/windows/privacy/configure-windows-diagnostic-data-in-your-organization#enable-windows-diagnostic-data-processor-configuration)
+- [Features that require Windows diagnostic data](/mem/intune/protect/data-enable-windows-data)
+
 ## Tenant access
 
 Windows Autopatch creates an enterprise application in your tenant. This enterprise application is a first party application used to run the Windows Autopatch service.
diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
index d65d8a0e54..9fe0664758 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
@@ -24,6 +24,7 @@ Minor corrections such as typos, style, or formatting issues aren't listed.
 
 | Article | Description |
 | ----- | ----- |
+| [Privacy](../references/windows-autopatch-privacy.md) | Added additional resources to Microsoft Windows 10/11 diagnostic data section |
 | [Changes made at tenant enrollment](../references/windows-autopatch-changes-to-tenant.md) | Updated Feature update policies section with Windows Autopatch - DSS Policy [deployment ring] |
 | [Register your devices](../deploy/windows-autopatch-register-devices.md) |<ul><li>Updated the Built-in roles required for registration section</li><li>Added more information about assigning less-privileged user accounts</li></ul> |
 

From 12bf703ba648b8d5d09a94d827e2454f03bba1d2 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Thu, 2 Feb 2023 11:22:47 -0800
Subject: [PATCH 49/98] Tweak

---
 .../references/windows-autopatch-privacy.md               | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md b/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md
index 50f23ad38a..f3e41c6ebe 100644
--- a/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md
+++ b/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md
@@ -25,7 +25,7 @@ The sources include Azure Active Directory (Azure AD), Microsoft Intune, and Mic
 | Data source | Purpose |
 | ------ | ------ |
 | [Microsoft Windows 10/11 Enterprise](/windows/windows-10/) | Management of device setup experience, managing connections to other services, and operational support for IT pros. |
-| [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb) | Uses Windows 10 Enterprise diagnostic data to provide additional information on Windows 10/11 update. |
+| [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb) | Uses Windows 10/11 Enterprise diagnostic data to provide additional information on Windows 10/11 update. |
 | [Microsoft Intune](/mem/intune/fundamentals/what-is-intune) | Device management and to keep your data secure. The following endpoint management data sources are used:<br><ul><li>[Microsoft Azure Active Directory](/azure/active-directory/): Authentication and identification of all user accounts.</li><li>[Microsoft Intune](/mem/intune/): Distributing device configurations, device management and application management.</li></ul>
 | [Windows Autopatch](https://go.microsoft.com/fwlink/?linkid=2109431) | Data provided by the customer or generated by the service during running of the service. |
 | [Microsoft 365 Apps for enterprise](https://www.microsoft.com/microsoft-365/enterprise/compare-office-365-plans)| Management of Microsoft 365 Apps. |
@@ -53,13 +53,13 @@ Windows Autopatch Service Engineering Team is in the United States, India and Ro
 
 Windows Autopatch uses [Windows 10/11 Enhanced diagnostic data](/windows/privacy/windows-diagnostic-data) to keep Windows secure, up to date, fix problems, and make product improvements.
 
-The enhanced diagnostic data setting includes more detailed information about the devices enrolled in Windows Autopatch and their settings, capabilities, and device health. When enhanced diagnostic data is selected, data, including required diagnostic data, are collected. For more information, see [Changes to Windows diagnostic data collection](/windows/privacy/changes-to-windows-diagnostic-data-collection) about the Windows 10 diagnostic data setting and data collection.
+The enhanced diagnostic data setting includes more detailed information about the devices enrolled in Windows Autopatch and their settings, capabilities, and device health. When enhanced diagnostic data is selected, data, including required diagnostic data, are collected. For more information, see [Changes to Windows diagnostic data collection](/windows/privacy/changes-to-windows-diagnostic-data-collection) about the Windows 10/11 diagnostic data setting and data collection.
 
 The diagnostic data terminology will change in future versions of Windows. Windows Autopatch is committed to processing only the data that the service needs. The diagnostic level will change to **Optional**, but Windows Autopatch will implement the limited diagnostic policies to fine-tune diagnostic data collection required for the service. For more information, see [Changes to Windows diagnostic data collection](/windows/privacy/changes-to-windows-diagnostic-data-collection).
 
-Windows Autopatch only processes and stores system-level data from Windows 10 optional diagnostic data that originates from enrolled devices such as application and device reliability, and performance information. Windows Autopatch doesn't process and store customers' data such as chat and browser history, voice, text, or speech data.
+Windows Autopatch only processes and stores system-level data from Windows 10/11 optional diagnostic data that originates from enrolled devices such as application and device reliability, and performance information. Windows Autopatch doesn't process and store customers' data such as chat and browser history, voice, text, or speech data.
 
-For more information about the diagnostic data collection of Microsoft Windows 10, see the [Where we store and process data](https://privacy.microsoft.com/privacystatement#mainwherewestoreandprocessdatamodule) section of the Microsoft Privacy Statement.
+For more information about the diagnostic data collection of Microsoft Windows 10/11, see the [Where we store and process data](https://privacy.microsoft.com/privacystatement#mainwherewestoreandprocessdatamodule) section of the Microsoft Privacy Statement.
 
 For more information about how Windows diagnostic data is used, see:
 

From c8f02def3d107554ca7124835d5a466543458173 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Thu, 2 Feb 2023 11:28:14 -0800
Subject: [PATCH 50/98] tweak

---
 .../whats-new/windows-autopatch-whats-new-2023.md               | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
index 9fe0664758..ceede02bef 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
@@ -24,7 +24,7 @@ Minor corrections such as typos, style, or formatting issues aren't listed.
 
 | Article | Description |
 | ----- | ----- |
-| [Privacy](../references/windows-autopatch-privacy.md) | Added additional resources to Microsoft Windows 10/11 diagnostic data section |
+| [Privacy](../references/windows-autopatch-privacy.md) | Added additional resources to the Microsoft Windows 10/11 diagnostic data section |
 | [Changes made at tenant enrollment](../references/windows-autopatch-changes-to-tenant.md) | Updated Feature update policies section with Windows Autopatch - DSS Policy [deployment ring] |
 | [Register your devices](../deploy/windows-autopatch-register-devices.md) |<ul><li>Updated the Built-in roles required for registration section</li><li>Added more information about assigning less-privileged user accounts</li></ul> |
 

From 866f0b1d4c788f9ec7ba0f5117835ad725b5ebec Mon Sep 17 00:00:00 2001
From: jsuther1974 <jsuther@microsoft.com>
Date: Thu, 2 Feb 2023 11:42:56 -0800
Subject: [PATCH 51/98] Added warnings for applocker event volumes and script
 enforcement on server 2016

---
 .../applocker/using-event-viewer-with-applocker.md  | 13 ++++++++-----
 ...orized-apps-deployed-with-a-managed-installer.md |  5 ++++-
 .../design/script-enforcement.md                    | 11 ++++++++---
 .../operations/known-issues.md                      |  7 +++----
 4 files changed, 23 insertions(+), 13 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
index 4c9e95f7c1..ed7b6721dc 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
@@ -1,6 +1,6 @@
 ---
 title: Using Event Viewer with AppLocker (Windows)
-description: This topic lists AppLocker events and describes how to use Event Viewer with AppLocker.
+description: This article lists AppLocker events and describes how to use Event Viewer with AppLocker.
 ms.assetid: 109abb10-78b1-4c29-a576-e5a17dfeb916
 ms.reviewer: 
 ms.author: vinpa
@@ -14,7 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.topic: conceptual
 ms.technology: itpro-security
-ms.date: 12/31/2017
+ms.date: 02/02/2023
 ---
 
 # Using Event Viewer with AppLocker
@@ -28,7 +28,7 @@ ms.date: 12/31/2017
 >[!NOTE]
 >Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
 
-This topic lists AppLocker events and describes how to use Event Viewer with AppLocker.
+This article lists AppLocker events and describes how to use Event Viewer with AppLocker.
 
 The AppLocker log contains information about applications that are affected by AppLocker rules. Each event in the log contains detailed info about:
 
@@ -43,10 +43,13 @@ Review the entries in the Event Viewer to determine if any applications aren't i
 
 For info about what to look for in the AppLocker event logs, see [Monitor app usage with AppLocker](monitor-application-usage-with-applocker.md).
 
+> [!NOTE]
+> The AppLocker event logs are very verbose and can result in a large number of events depending on the policies deployed, particularly in the *AppLocker - EXE and DLL* event log. If you're using an event forwarding and collection service, like LogAnalytics, you may want to adjust the configuration for that event log to only collect Error events or stop collecting events from that log altogether.
+
 **To review the AppLocker log in Event Viewer**
 
 1.  Open Event Viewer.
-2.  In the console tree under **Application and Services Logs\\Microsoft\\Windows**, click **AppLocker**.
+2.  In the console tree under **Application and Services Logs\\Microsoft\\Windows**, select **AppLocker**.
 
 The following table contains information about the events that you can use to determine which apps are affected by AppLocker rules.
 
@@ -83,7 +86,7 @@ The following table contains information about the events that you can use to de
 | 8040 | Error | Package family name * version * was prevented from installing or updating due to Config CI policy | Added in Windows Server 2016 and Windows 10.|
 
  
-## Related topics
+## Related articles
 
 - [Tools to use with AppLocker](tools-to-use-with-applocker.md)
  
diff --git a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md
index c15b97399b..2b03d8a6f4 100644
--- a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md
+++ b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md
@@ -13,7 +13,7 @@ author: jsuther1974
 ms.reviewer: jogeurte
 ms.author: vinpa
 manager: aaroncz
-ms.date: 08/26/2022
+ms.date: 02/02/2023
 ms.technology: itpro-security
 ms.topic: article
 ---
@@ -62,6 +62,9 @@ To turn on managed installer tracking, you must:
 - Create and deploy an AppLocker policy that defines your managed installer rules and enables services enforcement for executables and DLLs.
 - Enable AppLocker's Application Identity and AppLockerFltr services.
 
+> [!NOTE]
+> The managed installer AppLocker policy below is designed to be safely merged with any pre-existing AppLocker policies and won't change the behavior of those policies. However, if applied on a device that doesn't currently have any AppLocker policy, you will see a large increase in warning events generated in the *AppLocker - EXE and DLL* event log. If you're using an event forwarding and collection service, like LogAnalytics, you may want to adjust the configuration for that event log to only collect Error events or stop collecting events from that log altogether.
+
 > [!NOTE]
 > MEMCM will automatically configure itself as a managed installer, and enable the required AppLocker components, if you deploy one of its inbox WDAC policies. If you are configuring MEMCM as a managed installer using any other method, additional setup is required. Use the [**ManagedInstaller** cmdline switch in your ccmsetup.exe setup](/mem/configmgr/core/clients/deploy/about-client-installation-properties#managedinstaller). Or you can deploy one of the MEMCM inbox audit mode policies alongside your custom policy.
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md b/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md
index 2414d5dd4e..29174ef291 100644
--- a/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md
+++ b/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md
@@ -9,7 +9,7 @@ ms.reviewer: jogeurte
 ms.author: jogeurte
 ms.manager: jsuther
 manager: aaroncz
-ms.date: 11/02/2022
+ms.date: 02/02/2023
 ms.technology: itpro-security
 ms.topic: article
 ms.localizationpriority: medium
@@ -26,13 +26,18 @@ ms.localizationpriority: medium
 > [!NOTE]
 > Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
 
+> [!IMPORTANT]
+> Option **11 Disabled:Script Enforcement** is not supported on **Windows Server 2016** and should not be used on that platform. Doing so may result in unexpected script enforcement behaviors.
+
 ## Script enforcement overview
 
 By default, script enforcement is enabled for all WDAC policies unless the option **11 Disabled:Script Enforcement** is set in the policy. WDAC script enforcement involves a handshake between an enlightened script host, such as PowerShell, and WDAC. The actual enforcement behavior, however, is handled entirely by the script host. Some script hosts, like the Microsoft HTML Application Host (mshta.exe), simply block all code execution if any WDAC UMCI policy is active. Most script hosts first ask WDAC whether a script should be allowed to run based on the WDAC policies currently active. The script host then either blocks, allows, or changes *how* the script is run to best protect the user and the device.
 
+Validation for signed scripts is done using the [WinVerifyTrust API](/windows/win32/api/wintrust/nf-wintrust-winverifytrust). To pass validation, the signature root must be present in the trusted root store on the device and be allowed by your WDAC policy. This behavior is different from WDAC validation for executable files, which doesn't require installation of the root certificate.
+
 WDAC shares the *AppLocker - MSI and Script* event log for all script enforcement events. Whenever a script host asks WDAC if a script should be allowed, an event will be logged with the answer WDAC returned to the script host. For more information on WDAC script enforcement events, see [Understanding Application Control events](/windows/security/threat-protection/windows-defender-application-control/event-id-explanations#windows-applocker-msi-and-script-log).
 
-> [!IMPORTANT]
+> [!NOTE]
 > When a script runs that is not allowed by policy, WDAC raises an event indicating that the script was "blocked". However, the actual script enforcement behavior is handled by the script host and may not actually completely block the file from running.
 >
 > Also be aware that some script hosts may change how they behave even if a WDAC policy is in audit mode only. You should review the information below for each script host and test thoroughly within your environment to ensure the scripts you need to run are working properly.
@@ -43,7 +48,7 @@ WDAC shares the *AppLocker - MSI and Script* event log for all script enforcemen
 
 All PowerShell scripts (.ps1), modules (.psm1), and manifests (.psd1) must be allowed by WDAC policy in order to run with Full Language rights.
 
-Any **dependent modules** that are loaded by an allowed module must also be allowed by WDAC policy, and module functions must be exported explicitly by name when WDAC is enforced. Modules that do not specify any exported functions (no export name list) will still load but no module functions will be accessible. Modules that use wildcards (\*) in their name will fail to load.
+Any **dependent modules** that are loaded by an allowed module must also be allowed by WDAC policy, and module functions must be exported explicitly by name when WDAC is enforced. Modules that don't specify any exported functions (no export name list) will still load but no module functions will be accessible. Modules that use wildcards (\*) in their name will fail to load.
 
 Any PowerShell script that isn't allowed by WDAC policy will still run, but only in Constrained Language Mode.
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md b/windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md
index 9a7322339f..a5642a032c 100644
--- a/windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md
+++ b/windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md
@@ -9,7 +9,7 @@ ms.reviewer: jogeurte
 ms.author: jogeurte
 ms.manager: jsuther
 manager: aaroncz
-ms.date: 07/01/2022
+ms.date: 02/02/2023
 ms.technology: itpro-security
 ms.topic: article
 ms.localizationpriority: medium
@@ -19,7 +19,6 @@ ms.localizationpriority: medium
 
 **Applies to:**
 
-
 - Windows 10
 - Windows 11
 - Windows Server 2016 and above
@@ -27,11 +26,11 @@ ms.localizationpriority: medium
 > [!NOTE]
 > Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
 
-This topic covers tips and tricks for admins and known issues with Windows Defender Application Control (WDAC). Test this configuration in your lab before enabling it in production.
+This article covers tips and tricks for admins and known issues with Windows Defender Application Control (WDAC). Test this configuration in your lab before enabling it in production.
 
 ## Managed Installer and ISG will cause garrulous events
 
-When Managed Installer and ISG are enabled, 3091 and 3092 events will be logged when a file didn't have Managed Installer or ISG authorization, regardless of whether the file was allowed. Beginning with the September 2022 C release, these events will be moved to the verbose channel since the events don't indicate an issue with the policy.
+When Managed Installer and ISG are enabled, 3091 and 3092 events will be logged when a file didn't have Managed Installer or ISG authorization, regardless of whether the file was allowed. These events have been moved to the verbose channel beginning with the September 2022 Update Preview since the events don't indicate an issue with the policy.
 
 ## .NET native images may generate false positive block events
 

From 43f1d1c26f0e3977e6b5db1077a3c514602ecd51 Mon Sep 17 00:00:00 2001
From: Andre Della Monica <andredm@microsoft.com>
Date: Thu, 2 Feb 2023 13:51:18 -0600
Subject: [PATCH 52/98] More changes

---
 ...topatch-windows-feature-update-overview.md | 22 +++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
index fb5db5fcd8..99ba4fc377 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
@@ -1,7 +1,7 @@
 ---
 title: Windows feature updates
 description: This article explains how Windows feature updates are managed in Autopatch
-ms.date: 02/01/2023
+ms.date: 02/02/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: conceptual
@@ -14,10 +14,12 @@ msreviewer: andredm7
 
 # Windows feature updates
 
-Microsoft provides robust mobile device management (MDM) solutions such as Microsoft Intune, Windows Update for Business, Configuration Manager etc. However, the administration of these solutions to keep Windows devices up to date with the latest Windows feature releases rests on your organization’s IT admins. The Windows feature update process is considered one of the most expensive and time consuming tasks for IT since it requires incremental rollout and validation. Windows feature updates:
+Microsoft provides robust mobile device management (MDM) solutions such as Microsoft Intune, Windows Update for Business, Configuration Manager etc. However, the administration of these solutions to keep Windows devices up to date with the latest Windows feature releases rests on your organization’s IT admins. The Windows feature update process is considered one of the most expensive and time consuming tasks for IT since it requires incremental rollout and validation.
 
-- Keep Windows devices protected against behavioral issues.
-- Provide new features to boost end-user productivity.
+Windows feature updates consist of:
+
+- Keeping Windows devices protected against behavioral issues.
+- Providing new features to boost end-user productivity.
 
 Windows Autopatch makes it easier and less expensive for you to keep your Windows devices up to date so you can focus on running your core businesses while Windows Autopatch runs update management on your behalf.
 
@@ -86,6 +88,18 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 > [!NOTE]
 > Pausing or resuming an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch uses Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
 
+### Pause statuses
+
+There are two statuses: **Service Paused** and **Customer Paused**.
+
+| Status | Description |
+| ----- | ------ |
+| Service Paused | If the Windows Autopatch service has paused an update, the release will have the **Service Paused** status. You must [submit a support request](windows-autopatch-support-request.md) to resume the update. |
+| Customer Paused | If you've paused an update, the release will have the **Customer Paused** status. The Windows Autopatch service can't overwrite a customer-initiated pause. You must select **Resume** to resume the update. |
+
+> [!IMPORTANT]
+> Service pause is only available for [Windows Quality Updates](windows-autopatch-windows-quality-update-overview.md). Windows Autopatch does not pause Windows Feature Updates on behalf of your organization.
+
 ## Rollback
 
 Windows Autopatch doesn’t support the rollback of Windows Feature updates.

From ddcc4053f952838416d49759c181bde15f847940 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Thu, 2 Feb 2023 12:04:06 -0800
Subject: [PATCH 53/98] Update
 windows-autopatch-windows-feature-update-overview.md

---
 ...topatch-windows-feature-update-overview.md | 19 ++++++-------------
 1 file changed, 6 insertions(+), 13 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
index 99ba4fc377..922597bb73 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
@@ -73,6 +73,9 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 
 ## Pausing and resuming a release
 
+> [!IMPORTANT]
+> Pausing or resuming an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch uses Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
+
 **To pause or resume a feature update:**
 
 1. Go to the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
@@ -85,20 +88,10 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 8. If you're resuming an update, you can select one or more deployment rings.
 9. Select **Okay**.
 
+If you've paused an update, the specified release will have the **Customer Paused** status. The Windows Autopatch service can't overwrite a customer-initiated pause. You must select **Resume** to resume the update.
+
 > [!NOTE]
-> Pausing or resuming an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch uses Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
-
-### Pause statuses
-
-There are two statuses: **Service Paused** and **Customer Paused**.
-
-| Status | Description |
-| ----- | ------ |
-| Service Paused | If the Windows Autopatch service has paused an update, the release will have the **Service Paused** status. You must [submit a support request](windows-autopatch-support-request.md) to resume the update. |
-| Customer Paused | If you've paused an update, the release will have the **Customer Paused** status. The Windows Autopatch service can't overwrite a customer-initiated pause. You must select **Resume** to resume the update. |
-
-> [!IMPORTANT]
-> Service pause is only available for [Windows Quality Updates](windows-autopatch-windows-quality-update-overview.md). Windows Autopatch does not pause Windows Feature Updates on behalf of your organization.
+> The Service Paused status only applies to [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release). Windows Autopatch doesn't pause Windows feature updates on your behalf.
 
 ## Rollback
 

From 2cb041666424d6ed1aa5464f144a820c179fd9b2 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Thu, 2 Feb 2023 12:13:42 -0800
Subject: [PATCH 54/98] Update
 windows-autopatch-windows-feature-update-overview.md

---
 .../windows-autopatch-windows-feature-update-overview.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
index 922597bb73..f1cba8f922 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
@@ -74,7 +74,7 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 ## Pausing and resuming a release
 
 > [!IMPORTANT]
-> Pausing or resuming an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch uses Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
+> Pausing or resuming an update can take up to eight hours to be applied to devices, because Windows Autopatch uses Microsoft Intune as its management solution and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
 
 **To pause or resume a feature update:**
 

From 93f2f5c2a0a1398bf9736e622ec0dc360346b26e Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Thu, 2 Feb 2023 12:40:38 -0800
Subject: [PATCH 55/98] Updated WQU release mgmt section with similar
 instructions as feature updates.

---
 ...s-autopatch-windows-quality-update-overview.md | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index 59cc60bb90..eb56d18767 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -110,7 +110,20 @@ Windows Autopatch schedules and deploys required Out of Band (OOB) updates relea
 
 If Windows Autopatch detects a [significant issue with a release](../operate/windows-autopatch-windows-quality-update-signals.md), we may decide to pause that release.
 
-In the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) > **Release management** > in the **Release schedule** tab, you can pause or resume a Windows quality update.
+> [!IMPORTANT]
+> Pausing or resuming an update can take up to eight hours to be applied to devices, because Windows Autopatch uses Microsoft Intune as its management solution and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
+
+**To pause or resume a quality update:**
+
+1. Go to the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+1. Select **Devices** from the left navigation menu.
+1. Under the **Windows Autopatch** section, select **Release management**.
+1. In the **Release management** blade, select either: **Pause** or **Resume**.
+1. Select the update type you would like to pause or resume.
+1. Select a reason from the dropdown menu.
+1. Optional. Enter details about why you're pausing or resuming the selected update.
+1. If you're resuming an update, you can select one or more deployment rings.
+1. Select **Okay**.
 
 There are two statuses associated with paused quality updates, **Service Paused** and **Customer Paused**.
 

From c688efc7542d1c598e684bca5d63d89e80b1f28c Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Thu, 2 Feb 2023 12:45:22 -0800
Subject: [PATCH 56/98] Tweak

---
 ...-autopatch-windows-quality-update-overview.md | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index eb56d18767..4d4570df39 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -116,14 +116,14 @@ If Windows Autopatch detects a [significant issue with a release](../operate/win
 **To pause or resume a quality update:**
 
 1. Go to the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
-1. Select **Devices** from the left navigation menu.
-1. Under the **Windows Autopatch** section, select **Release management**.
-1. In the **Release management** blade, select either: **Pause** or **Resume**.
-1. Select the update type you would like to pause or resume.
-1. Select a reason from the dropdown menu.
-1. Optional. Enter details about why you're pausing or resuming the selected update.
-1. If you're resuming an update, you can select one or more deployment rings.
-1. Select **Okay**.
+2. Select **Devices** from the left navigation menu.
+3. Under the **Windows Autopatch** section, select **Release management**.
+4. In the **Release management** blade, select either: **Pause** or **Resume**.
+5. Select the update type you would like to pause or resume.
+6. Select a reason from the dropdown menu.
+7. Optional. Enter details about why you're pausing or resuming the selected update.
+8. If you're resuming an update, you can select one or more deployment rings.
+9. Select **Okay**.
 
 There are two statuses associated with paused quality updates, **Service Paused** and **Customer Paused**.
 

From a688e3437ee0aa5725f845f14bdc735dd06f8264 Mon Sep 17 00:00:00 2001
From: Angela Fleischmann <v-angelaf@microsoft.com>
Date: Thu, 2 Feb 2023 14:24:14 -0700
Subject: [PATCH 57/98] Update using-event-viewer-with-applocker.md

Line 58: Remove extra spaces.
---
 .../using-event-viewer-with-applocker.md      | 39 +++++++++----------
 1 file changed, 19 insertions(+), 20 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
index ed7b6721dc..d10ebcfc03 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
@@ -30,16 +30,16 @@ ms.date: 02/02/2023
 
 This article lists AppLocker events and describes how to use Event Viewer with AppLocker.
 
-The AppLocker log contains information about applications that are affected by AppLocker rules. Each event in the log contains detailed info about:
+The AppLocker log contains information about applications that are affected by AppLocker rules. Each event in the log contains details such as the following information:
 
--   Which file is affected and the path of that file
--   Which packaged app is affected and the package identifier of the app
--   Whether the file or packaged app is allowed or blocked
--   The rule type (path, file hash, or publisher)
--   The rule name
--   The security identifier (SID) for the user or group identified in the rule
+- Which file is affected and the path of that file
+- Which packaged app is affected and the package identifier of the app
+- Whether the file or packaged app is allowed or blocked
+- The rule type (path, file hash, or publisher)
+- The rule name
+- The security identifier (SID) for the user or group identified in the rule
 
-Review the entries in the Event Viewer to determine if any applications aren't included in the rules that you automatically generated. For instance, some line-of-business apps are installed to non-standard locations, such as the root of the active drive (for example: %SystemDrive%).
+Review the entries in the Event Viewer to determine if any applications aren't included in the rules that you automatically generated. For instance, some line-of-business apps are installed to non-standard locations, such as the root of the active drive (for example, `%SystemDrive%`).
 
 For info about what to look for in the AppLocker event logs, see [Monitor app usage with AppLocker](monitor-application-usage-with-applocker.md).
 
@@ -48,24 +48,24 @@ For info about what to look for in the AppLocker event logs, see [Monitor app us
 
 **To review the AppLocker log in Event Viewer**
 
-1.  Open Event Viewer.
-2.  In the console tree under **Application and Services Logs\\Microsoft\\Windows**, select **AppLocker**.
+1. Open Event Viewer.
+2. In the console tree under **Application and Services Logs\\Microsoft\\Windows**, select **AppLocker**.
 
 The following table contains information about the events that you can use to determine which apps are affected by AppLocker rules.
 
 | Event ID | Level | Event message | Description |
-| - | - | - | - |
-| 8000 | Error| Application Identity Policy conversion failed. Status  *&lt;%1&gt; *| Indicates that the policy wasn't applied correctly to the computer. The status message is provided for troubleshooting purposes.| 
+| --- | --- | --- | --- |
+| 8000 | Error| Application Identity Policy conversion failed. Status *&lt;%1&gt;*| Indicates that the policy wasn't applied correctly to the computer. The status message is provided for troubleshooting purposes.| 
 | 8001 | Information| The AppLocker policy was applied successfully to this computer.| Indicates that the AppLocker policy was successfully applied to the computer.| 
-| 8002 | Information|  *&lt;File name&gt; * was allowed to run.| Specifies that the .exe or .dll file is allowed by an AppLocker rule.| 
-| 8003 | Warning|  *&lt;File name&gt; * was allowed to run but would have been prevented from running if the AppLocker policy was enforced.| Applied only when the  **Audit only** enforcement mode is enabled. Specifies that the .exe or .dll file would be blocked if the  **Enforce rules** enforcement mode were enabled. |
-| 8004 | Error|  *&lt;File name&gt; * was not allowed to run.| Access to  *&lt;file name&gt;* is restricted by the administrator. Applied only when the  **Enforce rules** enforcement mode is set either directly or indirectly through Group Policy inheritance. The .exe or .dll file can't run.| 
-| 8005| Information|  *&lt;File name&gt; * was allowed to run.| Specifies that the script or .msi file is allowed by an AppLocker rule.| 
-| 8006 | Warning|  *&lt;File name&gt; * was allowed to run but would have been prevented from running if the AppLocker policy was enforced.| Applied only when the  **Audit only** enforcement mode is enabled. Specifies that the script or .msi file would be blocked if the  **Enforce rules** enforcement mode were enabled. |
-| 8007 | Error|  *&lt;File name&gt; * was not allowed to run.| Access to  *&lt;file name&gt;* is restricted by the administrator. Applied only when the  **Enforce rules** enforcement mode is set either directly or indirectly through Group Policy inheritance. The script or .msi file can't run.| 
+| 8002 | Information| *&lt;File name&gt; * was allowed to run.| Specifies that the .exe or .dll file is allowed by an AppLocker rule.| 
+| 8003 | Warning| *&lt;File name&gt; * was allowed to run but would have been prevented from running if the AppLocker policy was enforced.| Applied only when the **Audit only** enforcement mode is enabled. Specifies that the .exe or .dll file would be blocked if the **Enforce rules** enforcement mode were enabled. |
+| 8004 | Error| *&lt;File name&gt; * was not allowed to run.| Access to *&lt;file name&gt;* is restricted by the administrator. Applied only when the **Enforce rules** enforcement mode is set either directly or indirectly through Group Policy inheritance. The .exe or .dll file can't run.| 
+| 8005| Information| *&lt;File name&gt; * was allowed to run.| Specifies that the script or .msi file is allowed by an AppLocker rule.| 
+| 8006 | Warning| *&lt;File name&gt; * was allowed to run but would have been prevented from running if the AppLocker policy was enforced.| Applied only when the **Audit only** enforcement mode is enabled. Specifies that the script or .msi file would be blocked if the **Enforce rules** enforcement mode were enabled. |
+| 8007 | Error| *&lt;File name&gt; * was not allowed to run.| Access to *&lt;file name&gt;* is restricted by the administrator. Applied only when the **Enforce rules** enforcement mode is set either directly or indirectly through Group Policy inheritance. The script or .msi file can't run.| 
 | 8008| Error| AppLocker disabled on the SKU.| Added in Windows Server 2012 and Windows 8.| 
 | 8020| Information| Packaged app allowed.| Added in Windows Server 2012 and Windows 8.| 
-| 8021|  Information| Packaged app audited.| Added in Windows Server 2012 and Windows 8.| 
+| 8021| Information| Packaged app audited.| Added in Windows Server 2012 and Windows 8.| 
 | 8022| Information| Packaged app disabled.| Added in Windows Server 2012 and Windows 8.| 
 | 8023 | Information| Packaged app installation allowed.| Added in Windows Server 2012 and Windows 8.|
 | 8024 | Information| Packaged app installation audited.| Added in Windows Server 2012 and Windows 8.| 
@@ -90,4 +90,3 @@ The following table contains information about the events that you can use to de
 
 - [Tools to use with AppLocker](tools-to-use-with-applocker.md)
  
- 

From bb17ce2c681b089b05ae0fb631ba673c1841af8b Mon Sep 17 00:00:00 2001
From: Angela Fleischmann <v-angelaf@microsoft.com>
Date: Thu, 2 Feb 2023 14:26:49 -0700
Subject: [PATCH 58/98] Update
 windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md

Line 41: Correct the placement of a period.
---
 .../design/script-enforcement.md                                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md b/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md
index 29174ef291..d8598308cd 100644
--- a/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md
+++ b/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md
@@ -38,7 +38,7 @@ Validation for signed scripts is done using the [WinVerifyTrust API](/windows/wi
 WDAC shares the *AppLocker - MSI and Script* event log for all script enforcement events. Whenever a script host asks WDAC if a script should be allowed, an event will be logged with the answer WDAC returned to the script host. For more information on WDAC script enforcement events, see [Understanding Application Control events](/windows/security/threat-protection/windows-defender-application-control/event-id-explanations#windows-applocker-msi-and-script-log).
 
 > [!NOTE]
-> When a script runs that is not allowed by policy, WDAC raises an event indicating that the script was "blocked". However, the actual script enforcement behavior is handled by the script host and may not actually completely block the file from running.
+> When a script runs that is not allowed by policy, WDAC raises an event indicating that the script was "blocked." However, the actual script enforcement behavior is handled by the script host and may not actually completely block the file from running.
 >
 > Also be aware that some script hosts may change how they behave even if a WDAC policy is in audit mode only. You should review the information below for each script host and test thoroughly within your environment to ensure the scripts you need to run are working properly.
 

From 78db741ab05034a92db5a5e0b624c6b51bc56d61 Mon Sep 17 00:00:00 2001
From: Angela Fleischmann <v-angelaf@microsoft.com>
Date: Thu, 2 Feb 2023 14:29:57 -0700
Subject: [PATCH 59/98] Update
 windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md

Line 58: Replace extra spaces.
---
 .../applocker/using-event-viewer-with-applocker.md              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
index d10ebcfc03..00a6cb48d3 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
@@ -55,7 +55,7 @@ The following table contains information about the events that you can use to de
 
 | Event ID | Level | Event message | Description |
 | --- | --- | --- | --- |
-| 8000 | Error| Application Identity Policy conversion failed. Status *&lt;%1&gt;*| Indicates that the policy wasn't applied correctly to the computer. The status message is provided for troubleshooting purposes.| 
+| 8000 | Error| Application Identity Policy conversion failed. Status * &lt;%1&gt; *| Indicates that the policy wasn't applied correctly to the computer. The status message is provided for troubleshooting purposes.| 
 | 8001 | Information| The AppLocker policy was applied successfully to this computer.| Indicates that the AppLocker policy was successfully applied to the computer.| 
 | 8002 | Information| *&lt;File name&gt; * was allowed to run.| Specifies that the .exe or .dll file is allowed by an AppLocker rule.| 
 | 8003 | Warning| *&lt;File name&gt; * was allowed to run but would have been prevented from running if the AppLocker policy was enforced.| Applied only when the **Audit only** enforcement mode is enabled. Specifies that the .exe or .dll file would be blocked if the **Enforce rules** enforcement mode were enabled. |

From ac76087c4ce36c585371c5fcf6e3bebf7f6c7274 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Thu, 2 Feb 2023 13:43:28 -0800
Subject: [PATCH 60/98] Tweak

---
 .../windows-autopatch-windows-feature-update-overview.md        | 2 +-
 .../windows-autopatch-windows-quality-update-overview.md        | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
index f1cba8f922..4cc1f4a6ab 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
@@ -76,7 +76,7 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 > [!IMPORTANT]
 > Pausing or resuming an update can take up to eight hours to be applied to devices, because Windows Autopatch uses Microsoft Intune as its management solution and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
 
-**To pause or resume a feature update:**
+**To pause or resume a Windows feature update:**
 
 1. Go to the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
 2. Select **Devices** from the left navigation menu.
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index 4d4570df39..75c2765189 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -113,7 +113,7 @@ If Windows Autopatch detects a [significant issue with a release](../operate/win
 > [!IMPORTANT]
 > Pausing or resuming an update can take up to eight hours to be applied to devices, because Windows Autopatch uses Microsoft Intune as its management solution and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
 
-**To pause or resume a quality update:**
+**To pause or resume a Windows quality update:**
 
 1. Go to the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
 2. Select **Devices** from the left navigation menu.

From 449ef376cd6d427c4f70977d68d1fa08106604d1 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Thu, 2 Feb 2023 13:45:40 -0800
Subject: [PATCH 61/98] Tweak

---
 .../windows-autopatch-windows-feature-update-overview.md        | 2 +-
 .../windows-autopatch-windows-quality-update-overview.md        | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
index 4cc1f4a6ab..e63ff0668b 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
@@ -74,7 +74,7 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 ## Pausing and resuming a release
 
 > [!IMPORTANT]
-> Pausing or resuming an update can take up to eight hours to be applied to devices, because Windows Autopatch uses Microsoft Intune as its management solution and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
+> Pausing or resuming an update can take up to eight hours to be applied to devices. Windows Autopatch uses Microsoft Intune as its management solution and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
 
 **To pause or resume a Windows feature update:**
 
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index 75c2765189..52eb955e6c 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -111,7 +111,7 @@ Windows Autopatch schedules and deploys required Out of Band (OOB) updates relea
 If Windows Autopatch detects a [significant issue with a release](../operate/windows-autopatch-windows-quality-update-signals.md), we may decide to pause that release.
 
 > [!IMPORTANT]
-> Pausing or resuming an update can take up to eight hours to be applied to devices, because Windows Autopatch uses Microsoft Intune as its management solution and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
+> Pausing or resuming an update can take up to eight hours to be applied to devices. Windows Autopatch uses Microsoft Intune as its management solution and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
 
 **To pause or resume a Windows quality update:**
 

From a5d38138e53544ff6bae3c632176c8bd97cb11e2 Mon Sep 17 00:00:00 2001
From: Sunny Zankharia <67922512+sazankha@users.noreply.github.com>
Date: Thu, 2 Feb 2023 15:47:50 -0800
Subject: [PATCH 62/98] Update faq-md-app-guard.yml

Added a section explaining how to open a support case
---
 .../faq-md-app-guard.yml                                   | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml
index 816d5da3f4..49e6301d05 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml
@@ -223,7 +223,12 @@ sections:
           What does the _Allow users to trust files that open in Microsoft Defender Application Guard_ option in the Group policy do?
         answer: |
          This policy was present in Windows 10 prior to version 2004. It was removed from later versions of Windows as it doesn't enforce anything for either Edge or Office.
-
+         
+           - question: |
+          How do I open a support ticket for Microsoft Defender Application Guard?
+        answer: |
+         Go to this link: https://support.serviceshub.microsoft.com/supportforbusiness/create
+         Under the Product Family, select Windows. Select the product and the product version you need help with. For the category that best desribes the issue, select, 'Windows Security Tecnologies'. In the final option, select, 'Windows Defender Application Guard'.
 
 additionalContent: |
 

From 23e905f44f72161a78d85753cbaf8ea926d911a4 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Thu, 2 Feb 2023 17:24:44 -0800
Subject: [PATCH 63/98] MEM not EM

---
 .../windows-autopatch-windows-feature-update-overview.md    | 2 +-
 .../windows-autopatch-windows-quality-update-overview.md    | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
index e63ff0668b..59b3f9d138 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
@@ -78,7 +78,7 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 
 **To pause or resume a Windows feature update:**
 
-1. Go to the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+1. Go to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
 2. Select **Devices** from the left navigation menu.
 3. Under the **Windows Autopatch** section, select **Release management**.
 4. In the **Release management** blade, select either: **Pause** or **Resume**.
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index 52eb955e6c..d4fc020a8f 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -88,7 +88,7 @@ By default, the service expedites quality updates as needed. For those organizat
 
 **To turn off service-driven expedited quality updates:**
 
-1. Go to **[Microsoft Endpoint Manager portal](https://go.microsoft.com/fwlink/?linkid=2109431)** > **Devices**.
+1. Go to **[Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431)** > **Devices**.
 2. Under **Windows Autopatch** > **Release management**, go to the **Release settings** tab and turn off the **Expedited Quality Updates** setting.
 
 > [!NOTE]
@@ -100,7 +100,7 @@ Windows Autopatch schedules and deploys required Out of Band (OOB) updates relea
 
 **To view deployed Out of Band quality updates:**
 
-1. Go to [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) > **Devices** > **Windows Autopatch** > **Release management**.
+1. Go to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) > **Devices** > **Windows Autopatch** > **Release management**.
 2. Under the **Release Announcements** tab, you can view the knowledge base (KB) articles corresponding to deployed OOB and regular Windows quality updates.
 
 > [!NOTE]
@@ -115,7 +115,7 @@ If Windows Autopatch detects a [significant issue with a release](../operate/win
 
 **To pause or resume a Windows quality update:**
 
-1. Go to the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+1. Go to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
 2. Select **Devices** from the left navigation menu.
 3. Under the **Windows Autopatch** section, select **Release management**.
 4. In the **Release management** blade, select either: **Pause** or **Resume**.

From 2e1f63aeafd85cd4bf8dd817a0a46d2b4c0d360a Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Thu, 2 Feb 2023 17:38:04 -0800
Subject: [PATCH 64/98] Tiara you twit.

---
 .../windows-autopatch-windows-quality-update-overview.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index d4fc020a8f..c8ab6062c6 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -100,7 +100,7 @@ Windows Autopatch schedules and deploys required Out of Band (OOB) updates relea
 
 **To view deployed Out of Band quality updates:**
 
-1. Go to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) > **Devices** > **Windows Autopatch** > **Release management**.
+1. Go to [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) > **Devices** > **Windows Autopatch** > **Release management**.
 2. Under the **Release Announcements** tab, you can view the knowledge base (KB) articles corresponding to deployed OOB and regular Windows quality updates.
 
 > [!NOTE]

From caf39b5a087c6455fb8f99e2b71e93d3f384ecd1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rafa=C5=82=20Fitt?=
 <36852431+rafalfitt@users.noreply.github.com>
Date: Fri, 3 Feb 2023 10:13:18 +0100
Subject: [PATCH 65/98] Update
 user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md

sync with best practices, see https://github.com/MicrosoftDocs/windows-itpro-docs/commit/c66f5f99b1ee002661c50a9faa0adebe380d5c7f
---
 ...ntrol-behavior-of-the-elevation-prompt-for-standard-users.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md
index 2bbf3a6015..1d3ea2ed65 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md
@@ -78,7 +78,7 @@ One of the risks that the UAC feature tries to mitigate is that of malicious pro
 
 ### Countermeasure
 
-Configure the **User Account Control: Behavior of the elevation prompt for standard users** to **Automatically deny elevation requests**. This setting requires the user to sign in with an administrative account to run programs that require elevation of privilege. As a security best practice, standard users shouldn't have knowledge of administrative passwords. However, if your users have both standard and administrator-level accounts, we recommend setting **Prompt for credentials** so that the users don't choose to always sign in with their administrator accounts, and they shift their behavior to use the standard user account.
+Configure the **User Account Control: Behavior of the elevation prompt for standard users** to **Automatically deny elevation requests**. This setting requires the user to sign in with an administrative account to run programs that require elevation of privilege. As a security best practice, standard users shouldn't have knowledge of administrative passwords. However, if your users have both standard and administrator-level accounts, we recommend setting **Prompt for credentials on the secure desktop** so that the users don't choose to always sign in with their administrator accounts, and they shift their behavior to use the standard user account.
 
 ### Potential impact
 

From 85b9ad323629942d53e26d6da3c7a01da461207a Mon Sep 17 00:00:00 2001
From: Sunny Zankharia <67922512+sazankha@users.noreply.github.com>
Date: Fri, 3 Feb 2023 08:13:16 -0800
Subject: [PATCH 66/98] Update
 windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml

Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 .../microsoft-defender-application-guard/faq-md-app-guard.yml   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml
index 49e6301d05..3933bfc00f 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml
@@ -227,7 +227,7 @@ sections:
            - question: |
           How do I open a support ticket for Microsoft Defender Application Guard?
         answer: |
-         Go to this link: https://support.serviceshub.microsoft.com/supportforbusiness/create
+         [Create a new support request](https://support.serviceshub.microsoft.com/supportforbusiness/create).
          Under the Product Family, select Windows. Select the product and the product version you need help with. For the category that best desribes the issue, select, 'Windows Security Tecnologies'. In the final option, select, 'Windows Defender Application Guard'.
 
 additionalContent: |

From e4e86344229fba0f81ac28593bf79be563c087b1 Mon Sep 17 00:00:00 2001
From: Sunny Zankharia <67922512+sazankha@users.noreply.github.com>
Date: Fri, 3 Feb 2023 08:13:27 -0800
Subject: [PATCH 67/98] Update
 windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml

Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 .../microsoft-defender-application-guard/faq-md-app-guard.yml   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml
index 3933bfc00f..d7bbb33704 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml
@@ -228,7 +228,7 @@ sections:
           How do I open a support ticket for Microsoft Defender Application Guard?
         answer: |
          [Create a new support request](https://support.serviceshub.microsoft.com/supportforbusiness/create).
-         Under the Product Family, select Windows. Select the product and the product version you need help with. For the category that best desribes the issue, select, 'Windows Security Tecnologies'. In the final option, select, 'Windows Defender Application Guard'.
+         Under the Product Family, select Windows. Select the product and the product version you need help with. For the category that best describes the issue, select, **Windows Security Technologies**. In the final option, select **Windows Defender Application Guard**.
 
 additionalContent: |
 

From b6ea2673755d1f8a80af9f1ea3e547762f7180b7 Mon Sep 17 00:00:00 2001
From: Andre Della Monica <andredm@microsoft.com>
Date: Fri, 3 Feb 2023 10:20:14 -0600
Subject: [PATCH 68/98] More changes

---
 .../deploy/windows-autopatch-register-devices.md             | 5 ++++-
 .../windows-autopatch-windows-feature-update-overview.md     | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
index 17cf0bb228..8750604713 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
@@ -1,7 +1,7 @@
 ---
 title: Register your devices
 description: This article details how to register devices in Autopatch
-ms.date: 09/07/2022
+ms.date: 02/03/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: how-to
@@ -39,6 +39,9 @@ Windows Autopatch automatically runs its discover devices function every hour to
 > [!NOTE]
 > Devices that are intended to be managed by the Windows Autopatch service **must** be added into the **Windows Autopatch Device Registration** Azure AD assigned group. Devices can only be added to this group if they have an Azure AD device ID. Windows Autopatch scans the Azure AD group hourly to discover newly added devices to be registered. You can also use the **Discover devices** button in either the **Ready** or **Not ready** tab to register devices on demand.
 
+> [!IMPORTANT]
+> Windows Autopatch supports only one level of group-nesting in the **Windows Autopatch Device Registration** Azure AD group.
+
 #### Supported scenarios when nesting other Azure AD groups
 
 Windows Autopatch also supports the following Azure AD nested group scenarios:
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
index 59b3f9d138..b58aa2938f 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
@@ -91,7 +91,7 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 If you've paused an update, the specified release will have the **Customer Paused** status. The Windows Autopatch service can't overwrite a customer-initiated pause. You must select **Resume** to resume the update.
 
 > [!NOTE]
-> The Service Paused status only applies to [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release). Windows Autopatch doesn't pause Windows feature updates on your behalf.
+> The **Service Paused** status only applies to [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release). Windows Autopatch doesn't pause Windows feature updates on your behalf.
 
 ## Rollback
 

From 5d608ab8a48daac23c40b4197ec542efedda197a Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Fri, 3 Feb 2023 08:29:34 -0800
Subject: [PATCH 69/98] Update windows-autopatch-register-devices.md

---
 .../deploy/windows-autopatch-register-devices.md                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
index 8750604713..ca625dc2d8 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
@@ -55,7 +55,7 @@ Azure AD groups synced up from:
 > It isn't recommended to sync Configuration Manager collections straight to the **Windows Autopatch Device Registration** Azure AD group. Use a different Azure AD group when syncing Configuration Manager collections to Azure AD groups then you can nest this or these groups into the **Windows Autopatch Device Registration** Azure AD group.
 
 > [!IMPORTANT]
-> The **Windows Autopatch Device Registration** Azure AD group only supports one level of Azure AD nested groups.
+> The **Windows Autopatch Device Registration** Azure AD group only supports **one level** of Azure AD nested groups.
 
 ### Clean up dual state of Hybrid Azure AD joined and Azure registered devices in your Azure AD tenant
 

From 9a7f5b54e206ca0d5cf898d268c0657c8aa9e5ef Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Fri, 3 Feb 2023 08:42:56 -0800
Subject: [PATCH 70/98] Update windows-autopatch-register-devices.md

---
 .../deploy/windows-autopatch-register-devices.md               | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
index ca625dc2d8..a6540780aa 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
@@ -39,9 +39,6 @@ Windows Autopatch automatically runs its discover devices function every hour to
 > [!NOTE]
 > Devices that are intended to be managed by the Windows Autopatch service **must** be added into the **Windows Autopatch Device Registration** Azure AD assigned group. Devices can only be added to this group if they have an Azure AD device ID. Windows Autopatch scans the Azure AD group hourly to discover newly added devices to be registered. You can also use the **Discover devices** button in either the **Ready** or **Not ready** tab to register devices on demand.
 
-> [!IMPORTANT]
-> Windows Autopatch supports only one level of group-nesting in the **Windows Autopatch Device Registration** Azure AD group.
-
 #### Supported scenarios when nesting other Azure AD groups
 
 Windows Autopatch also supports the following Azure AD nested group scenarios:

From b7791e02072c87c14da2238db282c5337684ed34 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Fri, 3 Feb 2023 11:50:33 -0500
Subject: [PATCH 71/98] Update faq-md-app-guard.yml

Fix indentation
---
 .../faq-md-app-guard.yml                                  | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml
index d7bbb33704..a2c40f975e 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml
@@ -222,13 +222,13 @@ sections:
       - question: |
           What does the _Allow users to trust files that open in Microsoft Defender Application Guard_ option in the Group policy do?
         answer: |
-         This policy was present in Windows 10 prior to version 2004. It was removed from later versions of Windows as it doesn't enforce anything for either Edge or Office.
+          This policy was present in Windows 10 prior to version 2004. It was removed from later versions of Windows as it doesn't enforce anything for either Edge or Office.
          
-           - question: |
+      - question: |
           How do I open a support ticket for Microsoft Defender Application Guard?
         answer: |
-         [Create a new support request](https://support.serviceshub.microsoft.com/supportforbusiness/create).
-         Under the Product Family, select Windows. Select the product and the product version you need help with. For the category that best describes the issue, select, **Windows Security Technologies**. In the final option, select **Windows Defender Application Guard**.
+         - Visit [Create a new support request](https://support.serviceshub.microsoft.com/supportforbusiness/create).
+         - Under the Product Family, select Windows. Select the product and the product version you need help with. For the category that best describes the issue, select, **Windows Security Technologies**. In the final option, select **Windows Defender Application Guard**.
 
 additionalContent: |
 

From d85300ca59615b806e5a9aa48fd6b0a642cc51a8 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Fri, 3 Feb 2023 12:33:18 -0500
Subject: [PATCH 72/98] Update Update CSP

---
 .../mdm/policies-in-policy-csp-supported-by-group-policy.md  | 3 ++-
 windows/client-management/mdm/policy-csp-update.md           | 5 ++++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
index e6748d67f8..2b636d3e4f 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
@@ -4,7 +4,7 @@ description: Learn about the policies in Policy CSP supported by Group Policy.
 author: vinaypamnani-msft
 manager: aaroncz
 ms.author: vinpa
-ms.date: 01/30/2023
+ms.date: 02/03/2023
 ms.localizationpriority: medium
 ms.prod: windows-client
 ms.technology: itpro-manage
@@ -814,6 +814,7 @@ This article lists the policies in Policy CSP that have a group policy mapping.
 - [SetPolicyDrivenUpdateSourceForOtherUpdates](policy-csp-update.md)
 - [SetEDURestart](policy-csp-update.md)
 - [AllowAutoWindowsUpdateDownloadOverMeteredNetwork](policy-csp-update.md)
+- [AllowTemporaryEnterpriseFeatureControl](policy-csp-update.md)
 - [SetDisableUXWUAccess](policy-csp-update.md)
 - [SetDisablePauseUXAccess](policy-csp-update.md)
 - [UpdateNotificationLevel](policy-csp-update.md)
diff --git a/windows/client-management/mdm/policy-csp-update.md b/windows/client-management/mdm/policy-csp-update.md
index 7a183cb82b..434acb5dde 100644
--- a/windows/client-management/mdm/policy-csp-update.md
+++ b/windows/client-management/mdm/policy-csp-update.md
@@ -4,7 +4,7 @@ description: Learn more about the Update Area in Policy CSP.
 author: vinaypamnani-msft
 manager: aaroncz
 ms.author: vinpa
-ms.date: 01/31/2023
+ms.date: 02/03/2023
 ms.localizationpriority: medium
 ms.prod: windows-client
 ms.technology: itpro-manage
@@ -16,6 +16,9 @@ ms.topic: reference
 <!-- Update-Begin -->
 # Policy CSP - Update
 
+> [!IMPORTANT]
+> This CSP contains preview policies that are under development and only applicable for [Windows Insider Preview builds](/windows-insider/). These policies are subject to change and may have dependencies on other features or services in preview.
+
 <!-- Update-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- Update-Editable-End -->

From 570db9497514aff2d94c59e5e602442aad7fd6e6 Mon Sep 17 00:00:00 2001
From: Evan Miller <v-evmill@microsoft.com>
Date: Fri, 3 Feb 2023 10:31:27 -0800
Subject: [PATCH 73/98] Update HL2 Policies

---
 ...es-in-policy-csp-supported-by-hololens2.md | 27 ++++++++++++++++---
 1 file changed, 23 insertions(+), 4 deletions(-)

diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
index ee5e75bc24..7545fd6751 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
@@ -9,7 +9,7 @@ ms.prod: windows-client
 ms.technology: itpro-manage
 author: vinaypamnani-msft
 ms.localizationpriority: medium
-ms.date: 08/01/2022
+ms.date: 02/03/2023
 ---
 
 # Policies in Policy CSP supported by HoloLens 2
@@ -31,7 +31,20 @@ ms.date: 08/01/2022
 - [Browser/AllowSearchSuggestionsinAddressBar](policy-csp-browser.md#allowsearchsuggestionsinaddressbar)
 - [Browser/AllowSmartScreen](policy-csp-browser.md#allowsmartscreen)
 - [Connectivity/AllowBluetooth](policy-csp-connectivity.md#allowbluetooth)
+- [Connectivity/AllowConnectedDevices](policy-csp-connectivity.md#allowconnecteddevices)
 - [Connectivity/AllowUSBConnection](policy-csp-connectivity.md#allowusbconnection)
+- [DeliveryOptimization/DOCacheHost](policy-csp-deliveryoptimization.md#docachehost) <sup>10</sup>
+- [DeliveryOptimization/DOCacheHostSource](policy-csp-deliveryoptimization.md#docachehostsource) <sup>10</sup>
+- [DeliveryOptimization/DODelayCacheServerFallbackBackground](policy-csp-deliveryoptimization.md#dodelaycacheserverfallbackbackground) <sup>10</sup>
+- [DeliveryOptimization/DODelayCacheServerFallbackForeground](policy-csp-deliveryoptimization.md#dodelaycacheserverfallbackforeground) <sup>10</sup>
+- [DeliveryOptimization/DODownloadMode](policy-csp-deliveryoptimization.md#dodownloadmode) <sup>10</sup>
+- [DeliveryOptimization/DOMaxBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md#domaxbackgrounddownloadbandwidth) <sup>10</sup>
+- [DeliveryOptimization/DOMaxForegroundDownloadBandwidth](policy-csp-deliveryoptimization.md#domaxforegrounddownloadbandwidth) <sup>10</sup>
+- [DeliveryOptimization/DOPercentageMaxBackgroundBandwidth](policy-csp-deliveryoptimization.md#dopercentagemaxbackgroundbandwidth) <sup>10</sup>
+- [DeliveryOptimization/DOPercentageMaxForegroundBandwidth](policy-csp-deliveryoptimization.md#dopercentagemaxforegroundbandwidth) <sup>10</sup>
+- [DeliveryOptimization/DOSetHoursToLimitForegroundDownloadBandwidth](policy-csp-deliveryoptimization.md#dosethourstolimitforegrounddownloadbandwidth) <sup>10</sup>
+- [DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md#dosethourstolimitbackgrounddownloadbandwidth) <sup>10</sup>
+- [DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md#dosethourstolimitbackgrounddownloadbandwidth) <sup>10</sup>
 - [DeviceLock/AllowIdleReturnWithoutPassword](policy-csp-devicelock.md#allowidlereturnwithoutpassword)
 - [DeviceLock/AllowSimpleDevicePassword](policy-csp-devicelock.md#allowsimpledevicepassword)
 - [DeviceLock/AlphanumericDevicePasswordRequired](policy-csp-devicelock.md#alphanumericdevicepasswordrequired)
@@ -44,7 +57,8 @@ ms.date: 08/01/2022
 - [DeviceLock/MinDevicePasswordLength](policy-csp-devicelock.md#mindevicepasswordlength)
 - [Experience/AllowCortana](policy-csp-experience.md#allowcortana)
 - [Experience/AllowManualMDMUnenrollment](policy-csp-experience.md#allowmanualmdmunenrollment)
-- [MixedReality/AADGroupMembershipCacheValidityInDays](policy-csp-mixedreality.md#aadgroupmembershipcachevalidityindays)
+- [MemoryDump/AllowCrashDump](policy-csp-memorydump.md#allowcrashdump)
+- [MemoryDump/AllowLivehDump](policy-csp-memorydump.md#allowlivedump)
 - [MixedReality/AADGroupMembershipCacheValidityInDays](./policy-csp-mixedreality.md#aadgroupmembershipcachevalidityindays) <sup>9</sup>
 - [MixedReality/AllowCaptivePortalBeforeLogon](./policy-csp-mixedreality.md#allowcaptiveportalbeforelogon) <sup>12</sup>
 - [MixedReality/AllowLaunchUriInSingleAppKiosk](./policy-csp-mixedreality.md#allowlaunchuriinsingleappkiosk)<sup>10</sup>
@@ -78,6 +92,7 @@ ms.date: 08/01/2022
 - [Privacy/LetAppsAccessBackgroundSpatialPerception_ForceAllowTheseApps](policy-csp-privacy.md#letappsaccessbackgroundspatialperception_forceallowtheseapps)
 - [Privacy/LetAppsAccessBackgroundSpatialPerception_ForceDenyTheseApps](policy-csp-privacy.md#letappsaccessbackgroundspatialperception_forcedenytheseapps)
 - [Privacy/LetAppsAccessBackgroundSpatialPerception_UserInControlOfTheseApps](policy-csp-privacy.md#letappsaccessbackgroundspatialperception_userincontroloftheseapps)
+- [Privacy/LetAppsAccessCamera](policy-csp-privacy.md#letappsaccesscamera)
 - [Privacy/LetAppsAccessCamera_ForceAllowTheseApps](policy-csp-privacy.md#letappsaccesscamera_forceallowtheseapps) <sup>8</sup>
 - [Privacy/LetAppsAccessCamera_ForceDenyTheseApps](policy-csp-privacy.md#letappsaccesscamera_forcedenytheseapps) <sup>8</sup>
 - [Privacy/LetAppsAccessCamera_UserInControlOfTheseApps](policy-csp-privacy.md#letappsaccesscamera_userincontroloftheseapps) <sup>8</sup>
@@ -85,13 +100,11 @@ ms.date: 08/01/2022
 - [Privacy/LetAppsAccessGazeInput_ForceAllowTheseApps](policy-csp-privacy.md#letappsaccessgazeinput_forceallowtheseapps) <sup>8</sup>
 - [Privacy/LetAppsAccessGazeInput_ForceDenyTheseApps](policy-csp-privacy.md#letappsaccessgazeinput_forcedenytheseapps) <sup>8</sup>
 - [Privacy/LetAppsAccessGazeInput_UserInControlOfTheseApps](policy-csp-privacy.md#letappsaccessgazeinput_userincontroloftheseapps) <sup>8</sup>
-- [Privacy/LetAppsAccessCamera](policy-csp-privacy.md#letappsaccesscamera)
 - [Privacy/LetAppsAccessLocation](policy-csp-privacy.md#letappsaccesslocation)
 - [Privacy/LetAppsAccessMicrophone](policy-csp-privacy.md#letappsaccessmicrophone)
 - [Privacy/LetAppsAccessMicrophone_ForceAllowTheseApps](policy-csp-privacy.md#letappsaccessmicrophone_forceallowtheseapps) <sup>8</sup>
 - [Privacy/LetAppsAccessMicrophone_ForceDenyTheseApps](policy-csp-privacy.md#letappsaccessmicrophone_forcedenytheseapps) <sup>8</sup>
 - [Privacy/LetAppsAccessMicrophone_UserInControlOfTheseApps](policy-csp-privacy.md#letappsaccessmicrophone_userincontroloftheseapps) <sup>8</sup>
-- [RemoteLock/Lock](./remotelock-csp.md) <sup>9</sup>
 - [Search/AllowSearchToUseLocation](policy-csp-search.md#allowsearchtouselocation)
 - [Security/AllowAddProvisioningPackage](policy-csp-security.md#allowaddprovisioningpackage) <sup>9</sup>
 - [Security/AllowRemoveProvisioningPackage](policy-csp-security.md#allowremoveprovisioningpackage) <sup>9</sup>
@@ -105,9 +118,15 @@ ms.date: 08/01/2022
 - [Storage/ConfigStorageSenseDownloadsCleanupThreshold](policy-csp-storage.md#configstoragesensedownloadscleanupthreshold) <sup>12</sup>
 - [Storage/ConfigStorageSenseGlobalCadence](policy-csp-storage.md#configstoragesenseglobalcadence) <sup>12</sup>
 - [System/AllowCommercialDataPipeline](policy-csp-system.md#allowcommercialdatapipeline)
+- [System/AllowDeviceNameInDiagnosticData](policy-csp-system.md#allowdevicenameindiagnosticdata)
 - [System/AllowLocation](policy-csp-system.md#allowlocation)
 - [System/AllowStorageCard](policy-csp-system.md#allowstoragecard)
 - [System/AllowTelemetry](policy-csp-system.md#allowtelemetry)
+- [System/ConfigureTelemetryOptInSettingsUx](policy-csp-system.md#configuretelemetryoptinsettingsux)
+- [System/DisableDeviceDelete](policy-csp-system.md#disabledevicedelete)
+- [System/FeedbackHubAlwaysSaveDiagnosticsLocally](policy-csp-system.md#feedbackhubalwayssavediagnosticslocally)
+- [System/LimitDiagnosticLogCollection](policy-csp-system.md#limitdumpcollection)
+- [System/LimitDumpCollection](policy-csp-system.md#limitdumpcollection)
 - [TimeLanguageSettings/ConfigureTimeZone](./policy-csp-timelanguagesettings.md#configuretimezone) <sup>9</sup>
 - [Update/ActiveHoursEnd](./policy-csp-update.md#activehoursend) <sup>9</sup>
 - [Update/ActiveHoursMaxRange](./policy-csp-update.md#activehoursmaxrange) <sup>9</sup>

From 7e5f1d94241d4e2bdf494ba5723e5e57ff36de77 Mon Sep 17 00:00:00 2001
From: Evan Miller <v-evmill@microsoft.com>
Date: Fri, 3 Feb 2023 12:50:04 -0800
Subject: [PATCH 74/98] smart retry

---
 .../mdm/policies-in-policy-csp-supported-by-hololens2.md         | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
index 7545fd6751..77fc83e9b7 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
@@ -19,6 +19,7 @@ ms.date: 02/03/2023
 - [ApplicationManagement/AllowAppStoreAutoUpdate](policy-csp-applicationmanagement.md#allowappstoreautoupdate)
 - [ApplicationManagement/AllowDeveloperUnlock](policy-csp-applicationmanagement.md#allowdeveloperunlock)
 - [ApplicationManagement/RequirePrivateStoreOnly](policy-csp-applicationmanagement.md#requireprivatestoreonly) <sup>11</sup>
+- [ApplicationManagement/ScheduleForceRestartForUpdateFailures](policy-csp-applicationmanagement.md#smart-retry-for-app-updates)
 - [Authentication/AllowFastReconnect](policy-csp-authentication.md#allowfastreconnect)
 - [Authentication/PreferredAadTenantDomainName](policy-csp-authentication.md#preferredaadtenantdomainname)
 - [Bluetooth/AllowDiscoverableMode](policy-csp-bluetooth.md#allowdiscoverablemode)

From e9bcec3340493a4eee30d6d7c60ce8e712b67138 Mon Sep 17 00:00:00 2001
From: Evan Miller <v-evmill@microsoft.com>
Date: Fri, 3 Feb 2023 15:01:49 -0800
Subject: [PATCH 75/98] DO policies only

---
 .../mdm/policies-in-policy-csp-supported-by-hololens2.md | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
index 77fc83e9b7..ba9efea9af 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
@@ -32,7 +32,6 @@ ms.date: 02/03/2023
 - [Browser/AllowSearchSuggestionsinAddressBar](policy-csp-browser.md#allowsearchsuggestionsinaddressbar)
 - [Browser/AllowSmartScreen](policy-csp-browser.md#allowsmartscreen)
 - [Connectivity/AllowBluetooth](policy-csp-connectivity.md#allowbluetooth)
-- [Connectivity/AllowConnectedDevices](policy-csp-connectivity.md#allowconnecteddevices)
 - [Connectivity/AllowUSBConnection](policy-csp-connectivity.md#allowusbconnection)
 - [DeliveryOptimization/DOCacheHost](policy-csp-deliveryoptimization.md#docachehost) <sup>10</sup>
 - [DeliveryOptimization/DOCacheHostSource](policy-csp-deliveryoptimization.md#docachehostsource) <sup>10</sup>
@@ -58,8 +57,6 @@ ms.date: 02/03/2023
 - [DeviceLock/MinDevicePasswordLength](policy-csp-devicelock.md#mindevicepasswordlength)
 - [Experience/AllowCortana](policy-csp-experience.md#allowcortana)
 - [Experience/AllowManualMDMUnenrollment](policy-csp-experience.md#allowmanualmdmunenrollment)
-- [MemoryDump/AllowCrashDump](policy-csp-memorydump.md#allowcrashdump)
-- [MemoryDump/AllowLivehDump](policy-csp-memorydump.md#allowlivedump)
 - [MixedReality/AADGroupMembershipCacheValidityInDays](./policy-csp-mixedreality.md#aadgroupmembershipcachevalidityindays) <sup>9</sup>
 - [MixedReality/AllowCaptivePortalBeforeLogon](./policy-csp-mixedreality.md#allowcaptiveportalbeforelogon) <sup>12</sup>
 - [MixedReality/AllowLaunchUriInSingleAppKiosk](./policy-csp-mixedreality.md#allowlaunchuriinsingleappkiosk)<sup>10</sup>
@@ -119,15 +116,9 @@ ms.date: 02/03/2023
 - [Storage/ConfigStorageSenseDownloadsCleanupThreshold](policy-csp-storage.md#configstoragesensedownloadscleanupthreshold) <sup>12</sup>
 - [Storage/ConfigStorageSenseGlobalCadence](policy-csp-storage.md#configstoragesenseglobalcadence) <sup>12</sup>
 - [System/AllowCommercialDataPipeline](policy-csp-system.md#allowcommercialdatapipeline)
-- [System/AllowDeviceNameInDiagnosticData](policy-csp-system.md#allowdevicenameindiagnosticdata)
 - [System/AllowLocation](policy-csp-system.md#allowlocation)
 - [System/AllowStorageCard](policy-csp-system.md#allowstoragecard)
 - [System/AllowTelemetry](policy-csp-system.md#allowtelemetry)
-- [System/ConfigureTelemetryOptInSettingsUx](policy-csp-system.md#configuretelemetryoptinsettingsux)
-- [System/DisableDeviceDelete](policy-csp-system.md#disabledevicedelete)
-- [System/FeedbackHubAlwaysSaveDiagnosticsLocally](policy-csp-system.md#feedbackhubalwayssavediagnosticslocally)
-- [System/LimitDiagnosticLogCollection](policy-csp-system.md#limitdumpcollection)
-- [System/LimitDumpCollection](policy-csp-system.md#limitdumpcollection)
 - [TimeLanguageSettings/ConfigureTimeZone](./policy-csp-timelanguagesettings.md#configuretimezone) <sup>9</sup>
 - [Update/ActiveHoursEnd](./policy-csp-update.md#activehoursend) <sup>9</sup>
 - [Update/ActiveHoursMaxRange](./policy-csp-update.md#activehoursmaxrange) <sup>9</sup>

From 114800510e628934b17cd8be078c16d6a3a5c312 Mon Sep 17 00:00:00 2001
From: Evan Miller <v-evmill@microsoft.com>
Date: Fri, 3 Feb 2023 15:46:13 -0800
Subject: [PATCH 76/98] fix link

---
 .../mdm/policies-in-policy-csp-supported-by-hololens2.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
index ba9efea9af..b34eebfedb 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
@@ -19,7 +19,7 @@ ms.date: 02/03/2023
 - [ApplicationManagement/AllowAppStoreAutoUpdate](policy-csp-applicationmanagement.md#allowappstoreautoupdate)
 - [ApplicationManagement/AllowDeveloperUnlock](policy-csp-applicationmanagement.md#allowdeveloperunlock)
 - [ApplicationManagement/RequirePrivateStoreOnly](policy-csp-applicationmanagement.md#requireprivatestoreonly) <sup>11</sup>
-- [ApplicationManagement/ScheduleForceRestartForUpdateFailures](policy-csp-applicationmanagement.md#smart-retry-for-app-updates)
+- [ApplicationManagement/ScheduleForceRestartForUpdateFailures](policy-csp-applicationmanagement.md#scheduleforcerestartforupdatefailures)
 - [Authentication/AllowFastReconnect](policy-csp-authentication.md#allowfastreconnect)
 - [Authentication/PreferredAadTenantDomainName](policy-csp-authentication.md#preferredaadtenantdomainname)
 - [Bluetooth/AllowDiscoverableMode](policy-csp-bluetooth.md#allowdiscoverablemode)

From f45f167b9be4f7d7c50098cfcf19ff63fd67e466 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Mon, 6 Feb 2023 12:59:17 -0500
Subject: [PATCH 77/98] Draft for CSP DDF files

---
 .../mdm/configuration-service-provider-ddf.md | 575 +++++++++++++++++-
 1 file changed, 572 insertions(+), 3 deletions(-)

diff --git a/windows/client-management/mdm/configuration-service-provider-ddf.md b/windows/client-management/mdm/configuration-service-provider-ddf.md
index 4a903492c4..0825b38037 100644
--- a/windows/client-management/mdm/configuration-service-provider-ddf.md
+++ b/windows/client-management/mdm/configuration-service-provider-ddf.md
@@ -1,7 +1,7 @@
 ---
 title: Configuration service provider DDF files
 description: Learn more about the OMA DM device description framework (DDF) for various configuration service providers
-ms.reviewer: 
+ms.reviewer:
 manager: aaroncz
 ms.author: vinpa
 ms.topic: article
@@ -14,7 +14,565 @@ ms.collection: highpri
 
 # Configuration service provider DDF files
 
-This topic shows the OMA DM device description framework (DDF) for various configuration service providers. DDF files are used only with OMA DM provisioning XML.
+This article lists the OMA DM device description framework (DDF) files for various configuration service providers. DDF files are used only with OMA DM provisioning XML.
+
+As of December 2022, DDF files schema was updated to include additional information such as OS build applicability. DDF v2 files for Windows 10 and Windows 11 are combined, and provided in a single download:
+
+- [DDF v2 Files, December 2022](https://download.microsoft.com/download/7/4/c/74c6daca-983e-4f16-964a-eef65b553a37/DDFv2December2022.zip)
+
+## DDF v2 schema
+
+DDF v2 schema is listed below:
+
+```xml
+<?xml version="1.0" encoding="Windows-1252"?>
+<xs:schema xmlns="http://tempuri.org/DM_DDF-V1_2" elementFormDefault="qualified" targetNamespace="http://tempuri.org/DM_DDF-V1_2" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:MSFT="http://schemas.microsoft.com/MobileDevice/DM">
+  <xs:import schemaLocation="DDFv2Msft.xsd" namespace="http://schemas.microsoft.com/MobileDevice/DM" />
+  <xs:element name="MgmtTree">
+    <xs:annotation>
+      <xs:documentation>Starting point for DDF</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element ref="VerDTD" />
+        <xs:element minOccurs="1" ref="MSFT:Diagnostics" />
+        <xs:element minOccurs="1" maxOccurs="unbounded" ref="Node" />
+      </xs:sequence>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="VerDTD" type="xs:string" />
+  <xs:element name="Node">
+    <xs:annotation>
+      <xs:documentation>Main Recurring XML tag describing nodes of the CSP</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element ref="NodeName" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="Path" />
+        <xs:element minOccurs="1" maxOccurs="1" ref="DFProperties" />
+        <xs:choice>
+          <xs:element minOccurs="0" maxOccurs="unbounded" ref="Node" />
+        </xs:choice>
+      </xs:sequence>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="NodeName" type="xs:anyURI" />
+  <xs:element name="Path" type="xs:anyURI" />
+  <xs:element name="MIME" type="xs:string" />
+  <xs:element name="DDFName" type="xs:string" />
+  <xs:element name="DFProperties">
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element ref="AccessType" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="DefaultValue" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="Description" />
+        <xs:element ref="DFFormat" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="Occurrence" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="Scope" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="DFTitle" />
+        <xs:element ref="DFType" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="CaseSense" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:Applicability" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:DynamicNodeNaming" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:AllowedValues" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:ReplaceBehavior" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:RebootBehavior" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:GpMapping" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:CommonErrorResults" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:Deprecated" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:DependencyBehavior" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:ConflictResolution" />
+        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:AtomicRequired" />
+      </xs:sequence>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="AccessType">
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element minOccurs="0" maxOccurs="1" name="Add" />
+        <xs:element minOccurs="0" maxOccurs="1" name="Copy" />
+        <xs:element minOccurs="0" maxOccurs="1" name="Delete" />
+        <xs:element minOccurs="0" maxOccurs="1" name="Exec" />
+        <xs:element minOccurs="0" maxOccurs="1" name="Get" />
+        <xs:element minOccurs="0" maxOccurs="1" name="Replace" />
+      </xs:sequence>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="DefaultValue" type="xs:string" />
+  <xs:element name="Description" type="xs:string" />
+  <xs:element name="DFFormat">
+    <xs:complexType>
+      <xs:choice>
+        <xs:element name="b64" />
+        <xs:element name="bin" />
+        <xs:element name="bool" />
+        <xs:element name="chr" />
+        <xs:element name="int" />
+        <xs:element name="node" />
+        <xs:element name="null" />
+        <xs:element name="xml" />
+        <xs:element name="date" />
+        <xs:element name="time" />
+        <xs:element name="float" />
+      </xs:choice>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="Occurrence">
+    <xs:complexType>
+      <xs:choice>
+        <xs:element name="One" />
+        <xs:element name="ZeroOrOne" />
+        <xs:element name="ZeroOrMore" />
+        <xs:element name="OneOrMore" />
+        <xs:element name="ZeroOrN" type="xs:integer" />
+        <xs:element name="OneOrN" type="xs:integer" />
+      </xs:choice>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="Scope">
+    <xs:complexType>
+      <xs:choice>
+        <xs:element name="Permanent" />
+        <xs:element name="Dynamic" />
+      </xs:choice>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="DFTitle" type="xs:string" />
+  <xs:element name="DFType">
+    <xs:complexType>
+      <xs:choice>
+        <xs:element minOccurs="1" maxOccurs="unbounded" ref="MIME" />
+        <xs:element ref="DDFName" />
+      </xs:choice>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="CaseSense">
+    <xs:complexType>
+      <xs:choice>
+        <xs:element name="CS" />
+        <xs:element name="CIS" />
+      </xs:choice>
+    </xs:complexType>
+  </xs:element>
+</xs:schema>
+```
+
+DDF v2 files also include a reference to the `MSFT` namespace. Schema for the `MSFT` namespace is listed below:
+
+```xml
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema elementFormDefault="qualified" xmlns="http://schemas.microsoft.com/MobileDevice/DM" targetNamespace="http://schemas.microsoft.com/MobileDevice/DM" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <xs:element name="Diagnostics" type="xs:string">
+    <xs:annotation>
+      <xs:documentation>This node contains an XML blob that can be used as an argument to the DiagnosticsLogCSP to pull diagnostics for a feature.</xs:documentation>
+    </xs:annotation>
+  </xs:element>
+  <xs:element name="Deprecated">
+    <xs:annotation>
+      <xs:documentation>This node marks that a feature is deprecated.  If included, OsBuildDeprecated gives the OS Build version that the node is no longer recommended to be set.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:attribute name="OsBuildDeprecated" type="xs:string" />
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="DynamicNodeNaming">
+    <xs:annotation>
+      <xs:documentation>This node contains information on how to dynamically name the node such that the name is valid.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:choice>
+        <xs:element name="ServerGeneratedUniqueIdentifier">
+          <xs:annotation>
+            <xs:documentation>This indicates that the server should generate a unique identifier for the node.</xs:documentation>
+          </xs:annotation>
+        </xs:element>
+        <xs:element name="ClientInventory">
+          <xs:annotation>
+            <xs:documentation>This indicates that the client will generate the name of the node based on the device state (such as inventorying apps).</xs:documentation>
+          </xs:annotation>
+        </xs:element>
+        <xs:element name="UniqueName" type="xs:string">
+          <xs:annotation>
+            <xs:documentation>This indicates that the server should name the node, and the value listed gives a regex to define what is allowed.</xs:documentation>
+          </xs:annotation>
+        </xs:element>
+      </xs:choice>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="ConflictResolution" default="NoMerge">
+    <xs:simpleType>
+      <xs:annotation>
+        <xs:documentation>The type of the conflict resolution.</xs:documentation>
+      </xs:annotation>
+      <xs:restriction base="xs:string">
+        <xs:enumeration value="NoMerge">
+          <xs:annotation>
+            <xs:documentation>No policy merge.</xs:documentation>
+          </xs:annotation>
+        </xs:enumeration>
+        <xs:enumeration value="LowestValueMostSecure">
+          <xs:annotation>
+            <xs:documentation>The lowest value is the most secure policy value.</xs:documentation>
+          </xs:annotation>
+        </xs:enumeration>
+        <xs:enumeration value="HighestValueMostSecure">
+          <xs:annotation>
+            <xs:documentation>The highest value is the most secure policy value.</xs:documentation>
+          </xs:annotation>
+        </xs:enumeration>
+        <xs:enumeration value="LastWrite">
+          <xs:annotation>
+            <xs:documentation>The last written value is current value</xs:documentation>
+          </xs:annotation>
+        </xs:enumeration>
+        <xs:enumeration value="LowestValueMostSecureZeroHasNoLimits">
+          <xs:annotation>
+            <xs:documentation>The lowest value is the most secure policy value unless the value is zero.</xs:documentation>
+          </xs:annotation>
+        </xs:enumeration>
+        <xs:enumeration value="HighestValueMostSecureZeroHasNoLimits">
+          <xs:annotation>
+            <xs:documentation>The highest value is the most secure policy value unless the value is zero.</xs:documentation>
+          </xs:annotation>
+        </xs:enumeration>
+      </xs:restriction>
+    </xs:simpleType>
+  </xs:element>
+  <xs:element name="Applicability">
+    <xs:annotation>
+      <xs:documentation>These tags indicate what are required on the device for the node to be applicable to configured.  These tags can be inherited by children nodes.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element minOccurs="0" maxOccurs="1" name="OsBuildVersion" type="xs:string">
+          <xs:annotation>
+            <xs:documentation>This tag describes the first build that a feature is released to.  If the feature was backported, multiple OS versions will be listed, such that the OS build version without a minor number is the first "major release."</xs:documentation>
+          </xs:annotation>
+        </xs:element>
+        <xs:element minOccurs="0" maxOccurs="1" name="CspVersion" type="xs:decimal">
+          <xs:annotation>
+            <xs:documentation>This tag describes the lowest CSP Version that the node was released to.</xs:documentation>
+          </xs:annotation>
+        </xs:element>
+        <xs:element minOccurs="0" maxOccurs="1" name="EditionAllowList" type="xs:string">
+          <xs:annotation>
+            <xs:documentation>This tag describes the list of Edition IDs that the features is allowed on.  0x88* refers to Windows Holographic for Business.</xs:documentation>
+          </xs:annotation>
+        </xs:element>
+        <xs:element minOccurs="0" maxOccurs="1" name="RequiresAzureAd">
+          <xs:annotation>
+            <xs:documentation>This tag indicates that the node requires the device to be Azure Active Directory Joined to be applicable.</xs:documentation>
+          </xs:annotation>
+        </xs:element>
+      </xs:sequence>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="AllowedValues">
+    <xs:annotation>
+      <xs:documentation>These tags describe what values are allowed to be set for this particular node.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:group ref="AllowedValuesGroup" />
+      <xs:attributeGroup ref="AllowedValuesAttributeGroup" />
+    </xs:complexType>
+  </xs:element>
+  <xs:attributeGroup name="AllowedValuesAttributeGroup">
+    <xs:attribute name="ValueType" use="required">
+      <xs:annotation>
+        <xs:documentation>This attribute describes what kind of Allowed Values tag this is.</xs:documentation>
+      </xs:annotation>
+      <xs:simpleType>
+        <xs:restriction base="xs:string">
+          <xs:enumeration value="XSD">
+            <xs:annotation>
+              <xs:documentation>This attribute indicates that the Value tag contains an XSD for the node.</xs:documentation>
+            </xs:annotation>
+          </xs:enumeration>
+          <xs:enumeration value="RegEx">
+            <xs:annotation>
+              <xs:documentation>This attribute indicates that the Value tag contains a RegEx for the node.</xs:documentation>
+            </xs:annotation>
+          </xs:enumeration>
+          <xs:enumeration value="ADMX">
+            <xs:annotation>
+              <xs:documentation>This attribute indicates that the node can be described by an external ADMX file.</xs:documentation>
+            </xs:annotation>
+          </xs:enumeration>
+          <xs:enumeration value="JSON">
+            <xs:annotation>
+              <xs:documentation>This attribute indicates that the node can be described by a JSON schema.</xs:documentation>
+            </xs:annotation>
+          </xs:enumeration>
+          <xs:enumeration value="ENUM">
+            <xs:annotation>
+              <xs:documentation>This attribute indicates that the allowed values are an enumeration.</xs:documentation>
+            </xs:annotation>
+          </xs:enumeration>
+          <xs:enumeration value="Flag">
+            <xs:annotation>
+              <xs:documentation>This attribute indicates that the allowed values can be combined into a bitwise flag.</xs:documentation>
+            </xs:annotation>
+          </xs:enumeration>
+          <xs:enumeration value="Range">
+            <xs:annotation>
+              <xs:documentation>This attribute indicates that the allowed values are a numerical range.</xs:documentation>
+            </xs:annotation>
+          </xs:enumeration>
+          <xs:enumeration value="SDDL">
+            <xs:annotation>
+              <xs:documentation>This attribute indicates that the allowed values are a string in the SDDL format.</xs:documentation>
+            </xs:annotation>
+          </xs:enumeration>
+          <xs:enumeration value="None">
+            <xs:annotation>
+              <xs:documentation>This attribute indicates there is no data-driven way to define the allowed values of the node.  This potentially means that all string values are valid values.</xs:documentation>
+            </xs:annotation>
+          </xs:enumeration>
+        </xs:restriction>
+      </xs:simpleType>
+    </xs:attribute>
+  </xs:attributeGroup>
+  <xs:group name="AllowedValuesGroup">
+    <xs:sequence>
+      <xs:group minOccurs="0" maxOccurs="1" ref="AllowedValueGroupedNodes" />
+      <xs:element minOccurs="0" maxOccurs="1" name="List">
+        <xs:annotation>
+          <xs:documentation>This tag indicates that the node input can contain multiple, delimited values.</xs:documentation>
+        </xs:annotation>
+        <xs:complexType>
+          <xs:attribute name="Delimiter" type="xs:string" use="required">
+            <xs:annotation>
+              <xs:documentation>This attribute details the delimeter used for the list of values.</xs:documentation>
+            </xs:annotation>
+          </xs:attribute>
+        </xs:complexType>
+      </xs:element>
+    </xs:sequence>
+  </xs:group>
+  <xs:group name="ValueAndDescriptionGroup">
+    <xs:sequence>
+      <xs:element name="Value" type="xs:string">
+        <xs:annotation>
+          <xs:documentation>This tag indicates an allowed value.</xs:documentation>
+        </xs:annotation>
+      </xs:element>
+      <xs:element minOccurs="0" maxOccurs="1" name="ValueDescription" type="xs:string">
+        <xs:annotation>
+          <xs:documentation>This tag gives further description to an allowed value, such as for an enumeration.</xs:documentation>
+        </xs:annotation>
+      </xs:element>
+    </xs:sequence>
+  </xs:group>
+  <xs:group name="AllowedValueGroupedNodes">
+    <xs:choice>
+      <xs:element ref="Enum" maxOccurs="unbounded" />
+      <xs:group ref="ValueAndDescriptionGroup" />
+      <xs:element ref="AdmxBacked" />
+    </xs:choice>
+  </xs:group>
+  <xs:element name="Enum">
+    <xs:annotation>
+      <xs:documentation>This tag gives details for one particular enumeration of the allowed values.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:sequence>
+        <xs:group ref="ValueAndDescriptionGroup" />
+      </xs:sequence>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="AdmxBacked">
+    <xs:annotation>
+      <xs:documentation>This tag indicates the relevent details for the corresponding ADMX policy for this node.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:attribute name="Area" type="xs:string" use="required">
+        <xs:annotation>
+          <xs:documentation>This attribute gives the area path of the ADMX policy.</xs:documentation>
+        </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="Name" type="xs:string" use="required">
+        <xs:annotation>
+          <xs:documentation>This attribute gives the name of the ADMX policy.</xs:documentation>
+        </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="File" type="xs:string" use="required">
+        <xs:annotation>
+          <xs:documentation>This attribute gives the filename for the ADMX policy.</xs:documentation>
+        </xs:annotation>
+      </xs:attribute>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="ReplaceBehavior" default="Replace">
+    <xs:annotation>
+      <xs:documentation>This tag details the replace behavior of the node.</xs:documentation>
+    </xs:annotation>
+    <xs:simpleType>
+      <xs:restriction base="xs:string">
+        <xs:enumeration value="Append">
+          <xs:annotation>
+            <xs:documentation>When performing a replace operation on this node, the value is appending to the existing node data.</xs:documentation>
+          </xs:annotation>
+        </xs:enumeration>
+        <xs:enumeration value="Replace">
+          <xs:annotation>
+            <xs:documentation>When performing a replace operation on this node, the existing node data is removed before new data is added.</xs:documentation>
+          </xs:annotation>
+        </xs:enumeration>
+      </xs:restriction>
+    </xs:simpleType>
+  </xs:element>
+  <xs:element name="RebootBehavior" default="None">
+    <xs:annotation>
+      <xs:documentation>This tag describes the reboot behavior of the node.</xs:documentation>
+    </xs:annotation>
+    <xs:simpleType>
+      <xs:restriction base="xs:string">
+        <xs:enumeration value="None">
+          <xs:annotation>
+            <xs:documentation>No reboot is required for this node.</xs:documentation>
+          </xs:annotation>
+        </xs:enumeration>
+        <xs:enumeration value="Automatic">
+          <xs:annotation>
+            <xs:documentation>This node will automatically perform a reboot to take effect.</xs:documentation>
+          </xs:annotation>
+        </xs:enumeration>
+        <xs:enumeration value="ServerInitiated">
+          <xs:annotation>
+            <xs:documentation>This node needs a reboot initiated from an external source to take effect.</xs:documentation>
+          </xs:annotation>
+        </xs:enumeration>
+      </xs:restriction>
+    </xs:simpleType>
+  </xs:element>
+  <xs:element name="GpMapping">
+    <xs:annotation>
+      <xs:documentation>This tag details the information necessary to map this node to an existing group policy.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:attribute name="GpEnglishName" type="xs:string" use="required">
+        <xs:annotation>
+          <xs:documentation>This attribute details the English name of the GP.</xs:documentation>
+        </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="GpAreaPath" type="xs:string" use="required">
+        <xs:annotation>
+          <xs:documentation>This attribute details the area path of the GP.</xs:documentation>
+        </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="GpElement" type="xs:string">
+        <xs:annotation>
+          <xs:documentation>This attribute details a particular element of a GP that the CSP node maps to.</xs:documentation>
+        </xs:annotation>
+      </xs:attribute>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="CommonErrorResults">
+    <xs:annotation>
+      <xs:documentation>This tag lists out common error HRESULTS reported by the CSP and English text to associate with them.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element name="CommonErrorOne" type="xs:string" />
+        <xs:element name="CommonErrorTwo" type="xs:string" />
+        <xs:element name="CommonErrorThree" type="xs:string" />
+        <xs:element name="CommonErrorFour" type="xs:string" />
+        <xs:element name="CommonErrorFive" type="xs:string" />
+        <xs:element name="CommonErrorSix" type="xs:string" />
+        <xs:element name="CommonErrorSeven" type="xs:string" />
+        <xs:element name="CommonErrorEight" type="xs:string" />
+        <xs:element name="CommonErrorNine" type="xs:string" />
+        <xs:element name="CommonErrorTen" type="xs:string" />
+      </xs:sequence>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="AtomicRequired">
+    <xs:annotation>
+      <xs:documentation>This tag indicates that this node and all children nodes should be enclosed by an Atomic tag when being sent to the client.</xs:documentation>
+    </xs:annotation>
+  </xs:element>
+  <xs:element name="DependencyBehavior">
+    <xs:annotation>
+      <xs:documentation>These tags detail potential dependencies that the current CSP node has on other nodes in the same CSP.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element ref="DependencyGroup" maxOccurs="unbounded" />
+      </xs:sequence>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="Dependency">
+    <xs:annotation>
+      <xs:documentation>This tag describes a dependency that the current CSP node has on another nodes in the same CSP.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element name="DependencyUri" type="xs:anyURI">
+          <xs:annotation>
+            <xs:documentation>The URI that the current CSP node has a dependency on.</xs:documentation>
+          </xs:annotation>
+        </xs:element>
+        <xs:element ref="DependencyAllowedValue" />
+      </xs:sequence>
+      <xs:attribute name="Type" use="required">
+        <xs:annotation>
+          <xs:documentation>This tag details the kind of dependency.</xs:documentation>
+        </xs:annotation>
+        <xs:simpleType>
+          <xs:restriction base="xs:string">
+            <xs:enumeration value="DependsOn">
+              <xs:annotation>
+                <xs:documentation>The current node depends on the dependency holding a certain value.</xs:documentation>
+              </xs:annotation>
+            </xs:enumeration>
+            <xs:enumeration value="Not">
+              <xs:annotation>
+                <xs:documentation>The current node depends on the dependency not holding a certain value.</xs:documentation>
+              </xs:annotation>
+            </xs:enumeration>
+          </xs:restriction>
+        </xs:simpleType>
+      </xs:attribute>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="DependencyGroup">
+    <xs:annotation>
+      <xs:documentation>This tag details one specific dependency.  A node might have multiple different dependencies.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element minOccurs="0" maxOccurs="1" ref="DependencyChangedAllowedValues" />
+        <xs:element ref="Dependency" maxOccurs="unbounded" />
+      </xs:sequence>
+      <xs:attribute name="FriendlyId" type="xs:string" use="required">
+        <xs:annotation>
+          <xs:documentation>This attribute gives a friendly ID to the dependency, to differentiate it from other dependencies.</xs:documentation>
+        </xs:annotation>
+      </xs:attribute>
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="DependencyAllowedValue">
+    <xs:annotation>
+      <xs:documentation>This tag details the values that the dependency must be set to for the dependency to be satisfied.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:group ref="AllowedValuesGroup" />
+      <xs:attributeGroup ref="AllowedValuesAttributeGroup" />
+    </xs:complexType>
+  </xs:element>
+  <xs:element name="DependencyChangedAllowedValues">
+    <xs:annotation>
+      <xs:documentation>This tag details a change to the current node's allowed values if the dependency is satisfied.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:group ref="AllowedValuesGroup" />
+      <xs:attributeGroup ref="AllowedValuesAttributeGroup" />
+    </xs:complexType>
+  </xs:element>
+</xs:schema>
+```
+
+## Older DDF files
 
 You can download the DDF files for various CSPs from the links below:
 
@@ -26,4 +584,15 @@ You can download the DDF files for various CSPs from the links below:
 - [Download all the DDF files for Windows 10, version 1703](https://download.microsoft.com/download/C/7/C/C7C94663-44CF-4221-ABCA-BC895F42B6C2/Windows10_1703_DDF_download.zip)
 - [Download all the DDF files for Windows 10, version 1607](https://download.microsoft.com/download/2/3/E/23E27D6B-6E23-4833-B143-915EDA3BDD44/Windows10_1607_DDF.zip)
 
-You can download DDF file for Policy CSP from [Policy DDF file](policy-ddf-file.md).
+You can view various Policy area DDF files by clicking the following links:
+
+- [View the Policy DDF file for Windows 10, version 20H2](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/PolicyDDF_all_20H2.xml)
+- [View the Policy DDF file for Windows 10, version 2004](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/PolicyDDF_all_2004.xml)
+- [View the Policy DDF file for Windows 10, version 1903](https://download.microsoft.com/download/0/C/D/0CD61812-8B9C-4846-AC4A-1545BFD201EE/PolicyDDF_all_1903.xml)
+- [View the Policy DDF file for Windows 10, version 1809](https://download.microsoft.com/download/7/3/5/735B8537-82F4-4CD1-B059-93984F9FAAC5/Policy_DDF_all_1809.xml)
+- [View the Policy DDF file for Windows 10, version 1803](https://download.microsoft.com/download/4/9/6/496534EE-8F0C-4F12-B084-A8502DA22430/PolicyDDF_all.xml)
+- [View the Policy DDF file for Windows 10, version 1803 release C](https://download.microsoft.com/download/4/9/6/496534EE-8F0C-4F12-B084-A8502DA22430/PolicyDDF_all_1809C_release.xml)
+- [View the Policy DDF file for Windows 10, version 1709](https://download.microsoft.com/download/8/C/4/8C43C116-62CB-470B-9B69-76A3E2BC32A8/PolicyDDF_all.xml)
+- [View the Policy DDF file for Windows 10, version 1703](https://download.microsoft.com/download/7/2/C/72C36C37-20F9-41BF-8E23-721F6FFC253E/PolicyDDF_all.xml)
+- [View the Policy DDF file for Windows 10, version 1607](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607.xml)
+- [View the Policy DDF file for Windows 10, version 1607 release 8C](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607_8C.xml)

From 22ab373428424a3e15682609b2aa8f970761557c Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Mon, 6 Feb 2023 14:11:04 -0500
Subject: [PATCH 78/98] Update

---
 .openpublishing.redirection.json              |   27 +-
 .../mdm/configuration-service-provider-ddf.md | 1058 +++++++++--------
 .../client-management/mdm/policy-ddf-file.md  |   32 -
 3 files changed, 547 insertions(+), 570 deletions(-)
 delete mode 100644 windows/client-management/mdm/policy-ddf-file.md

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index e6a9c13cf5..22639222c2 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -19463,7 +19463,7 @@
     {
       "source_path": "windows/security/threat-protection/intelligence/rootkits-malware.md",
       "redirect_url": "/microsoft-365/security/intelligence/rootkits-malware",
-      "redirect_document_id": false  
+      "redirect_document_id": false
     },
     {
       "source_path": "windows/security/threat-protection/intelligence/safety-scanner-download.md",
@@ -20114,7 +20114,7 @@
       "source_path": "windows/deployment/update/update-compliance-v2-enable.md",
       "redirect_url": "/windows/deployment/update/wufb-reports-enable",
       "redirect_document_id": false
-    },	
+    },
     {
       "source_path": "windows/deployment/update/update-compliance-v2-help.md",
       "redirect_url": "/windows/deployment/update/wufb-reports-help",
@@ -20124,22 +20124,22 @@
       "source_path": "windows/deployment/update/update-compliance-v2-overview.md",
       "redirect_url": "/windows/deployment/update/wufb-reports-overview",
       "redirect_document_id": false
-    },		
+    },
     {
       "source_path": "windows/deployment/update/update-compliance-v2-prerequisites.md",
       "redirect_url": "/windows/deployment/update/wufb-reports-prerequisites",
       "redirect_document_id": false
-    },	
+    },
     {
       "source_path": "windows/deployment/update/update-compliance-v2-schema-ucclient.md",
       "redirect_url": "/windows/deployment/update/wufb-reports-schema-ucclient",
       "redirect_document_id": false
-    },	
+    },
     {
       "source_path": "windows/deployment/update/update-compliance-v2-schema-ucclientreadinessstatus.md",
       "redirect_url": "/windows/deployment/update/wufb-reports-schema-ucclientreadinessstatus",
       "redirect_document_id": false
-    },		
+    },
     {
       "source_path": "windows/deployment/update/update-compliance-v2-schema-ucclientupdatestatus.md",
       "redirect_url": "/windows/deployment/update/wufb-reports-schema-ucclientupdatestatus",
@@ -20149,17 +20149,17 @@
       "source_path": "windows/deployment/update/update-compliance-v2-schema-ucdevicealert.md",
       "redirect_url": "/windows/deployment/update/wufb-reports-schema-ucdevicealert",
       "redirect_document_id": false
-    },		
+    },
     {
       "source_path": "windows/deployment/update/update-compliance-v2-schema-ucserviceupdatestatus.md",
       "redirect_url": "/windows/deployment/update/wufb-reports-schema-ucserviceupdatestatus",
       "redirect_document_id": false
-    },		
+    },
     {
       "source_path": "windows/deployment/update/update-compliance-v2-schema-ucupdatealert.md",
       "redirect_url": "/windows/deployment/update/wufb-reports-schema-ucupdatealert",
       "redirect_document_id": false
-    },	
+    },
     {
       "source_path": "windows/deployment/update/update-compliance-v2-schema.md",
       "redirect_url": "/windows/deployment/update/wufb-reports-schema",
@@ -20194,7 +20194,7 @@
       "source_path": "windows/deployment/planning/features-lifecycle.md",
       "redirect_url": "/windows/whats-new/feature-lifecycle",
       "redirect_document_id": false
-    }, 
+    },
     {
       "source_path": "windows/deployment/planning/windows-10-deprecated-features.md",
       "redirect_url": "/windows/whats-new/deprecated-features",
@@ -20205,7 +20205,7 @@
       "redirect_url": "/windows/whats-new/removed-features",
       "redirect_document_id": false
     },
-    {               
+    {
       "source_path": "windows/deployment/usmt/usmt-common-issues.md",
       "redirect_url": "/troubleshoot/windows-client/deployment/usmt-common-issues",
       "redirect_document_id": false
@@ -20514,6 +20514,11 @@
       "source_path": "windows/deployment/windows-autopatch/references/windows-autopatch-wqu-unsupported-policies.md",
       "redirect_url": "/windows/deployment/windows-autopatch/references/windows-autopatch-windows-update-unsupported-policies",
       "redirect_document_id": true
+    },
+    {
+      "source_path": "windows-docs-pr/windows/client-management/mdm/policy-ddf-file.md",
+      "redirect_url": "/windows/client-management/mdm/configuration-service-provider-ddf",
+      "redirect_document_id": true
     }
   ]
 }
diff --git a/windows/client-management/mdm/configuration-service-provider-ddf.md b/windows/client-management/mdm/configuration-service-provider-ddf.md
index 0825b38037..b55b3ce963 100644
--- a/windows/client-management/mdm/configuration-service-provider-ddf.md
+++ b/windows/client-management/mdm/configuration-service-provider-ddf.md
@@ -16,565 +16,569 @@ ms.collection: highpri
 
 This article lists the OMA DM device description framework (DDF) files for various configuration service providers. DDF files are used only with OMA DM provisioning XML.
 
-As of December 2022, DDF files schema was updated to include additional information such as OS build applicability. DDF v2 files for Windows 10 and Windows 11 are combined, and provided in a single download:
+As of December 2022, DDF XML schema was updated to include additional information such as OS build applicability. DDF v2 XML files for Windows 10 and Windows 11 are combined, and provided in a single download:
 
 - [DDF v2 Files, December 2022](https://download.microsoft.com/download/7/4/c/74c6daca-983e-4f16-964a-eef65b553a37/DDFv2December2022.zip)
 
 ## DDF v2 schema
 
-DDF v2 schema is listed below:
+DDF v2 XML schema definition is listed below along with the schema definition for the referenced `MSFT` namespace.
 
-```xml
-<?xml version="1.0" encoding="Windows-1252"?>
-<xs:schema xmlns="http://tempuri.org/DM_DDF-V1_2" elementFormDefault="qualified" targetNamespace="http://tempuri.org/DM_DDF-V1_2" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:MSFT="http://schemas.microsoft.com/MobileDevice/DM">
-  <xs:import schemaLocation="DDFv2Msft.xsd" namespace="http://schemas.microsoft.com/MobileDevice/DM" />
-  <xs:element name="MgmtTree">
-    <xs:annotation>
-      <xs:documentation>Starting point for DDF</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element ref="VerDTD" />
-        <xs:element minOccurs="1" ref="MSFT:Diagnostics" />
-        <xs:element minOccurs="1" maxOccurs="unbounded" ref="Node" />
-      </xs:sequence>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="VerDTD" type="xs:string" />
-  <xs:element name="Node">
-    <xs:annotation>
-      <xs:documentation>Main Recurring XML tag describing nodes of the CSP</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element ref="NodeName" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="Path" />
-        <xs:element minOccurs="1" maxOccurs="1" ref="DFProperties" />
-        <xs:choice>
-          <xs:element minOccurs="0" maxOccurs="unbounded" ref="Node" />
-        </xs:choice>
-      </xs:sequence>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="NodeName" type="xs:anyURI" />
-  <xs:element name="Path" type="xs:anyURI" />
-  <xs:element name="MIME" type="xs:string" />
-  <xs:element name="DDFName" type="xs:string" />
-  <xs:element name="DFProperties">
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element ref="AccessType" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="DefaultValue" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="Description" />
-        <xs:element ref="DFFormat" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="Occurrence" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="Scope" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="DFTitle" />
-        <xs:element ref="DFType" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="CaseSense" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:Applicability" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:DynamicNodeNaming" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:AllowedValues" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:ReplaceBehavior" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:RebootBehavior" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:GpMapping" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:CommonErrorResults" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:Deprecated" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:DependencyBehavior" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:ConflictResolution" />
-        <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:AtomicRequired" />
-      </xs:sequence>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="AccessType">
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element minOccurs="0" maxOccurs="1" name="Add" />
-        <xs:element minOccurs="0" maxOccurs="1" name="Copy" />
-        <xs:element minOccurs="0" maxOccurs="1" name="Delete" />
-        <xs:element minOccurs="0" maxOccurs="1" name="Exec" />
-        <xs:element minOccurs="0" maxOccurs="1" name="Get" />
-        <xs:element minOccurs="0" maxOccurs="1" name="Replace" />
-      </xs:sequence>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="DefaultValue" type="xs:string" />
-  <xs:element name="Description" type="xs:string" />
-  <xs:element name="DFFormat">
-    <xs:complexType>
-      <xs:choice>
-        <xs:element name="b64" />
-        <xs:element name="bin" />
-        <xs:element name="bool" />
-        <xs:element name="chr" />
-        <xs:element name="int" />
-        <xs:element name="node" />
-        <xs:element name="null" />
-        <xs:element name="xml" />
-        <xs:element name="date" />
-        <xs:element name="time" />
-        <xs:element name="float" />
-      </xs:choice>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="Occurrence">
-    <xs:complexType>
-      <xs:choice>
-        <xs:element name="One" />
-        <xs:element name="ZeroOrOne" />
-        <xs:element name="ZeroOrMore" />
-        <xs:element name="OneOrMore" />
-        <xs:element name="ZeroOrN" type="xs:integer" />
-        <xs:element name="OneOrN" type="xs:integer" />
-      </xs:choice>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="Scope">
-    <xs:complexType>
-      <xs:choice>
-        <xs:element name="Permanent" />
-        <xs:element name="Dynamic" />
-      </xs:choice>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="DFTitle" type="xs:string" />
-  <xs:element name="DFType">
-    <xs:complexType>
-      <xs:choice>
-        <xs:element minOccurs="1" maxOccurs="unbounded" ref="MIME" />
-        <xs:element ref="DDFName" />
-      </xs:choice>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="CaseSense">
-    <xs:complexType>
-      <xs:choice>
-        <xs:element name="CS" />
-        <xs:element name="CIS" />
-      </xs:choice>
-    </xs:complexType>
-  </xs:element>
-</xs:schema>
-```
+- Schema definition for DDF v2:
 
-DDF v2 files also include a reference to the `MSFT` namespace. Schema for the `MSFT` namespace is listed below:
-
-```xml
-<?xml version="1.0" encoding="utf-8"?>
-<xs:schema elementFormDefault="qualified" xmlns="http://schemas.microsoft.com/MobileDevice/DM" targetNamespace="http://schemas.microsoft.com/MobileDevice/DM" xmlns:xs="http://www.w3.org/2001/XMLSchema">
-  <xs:element name="Diagnostics" type="xs:string">
-    <xs:annotation>
-      <xs:documentation>This node contains an XML blob that can be used as an argument to the DiagnosticsLogCSP to pull diagnostics for a feature.</xs:documentation>
-    </xs:annotation>
-  </xs:element>
-  <xs:element name="Deprecated">
-    <xs:annotation>
-      <xs:documentation>This node marks that a feature is deprecated.  If included, OsBuildDeprecated gives the OS Build version that the node is no longer recommended to be set.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:attribute name="OsBuildDeprecated" type="xs:string" />
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="DynamicNodeNaming">
-    <xs:annotation>
-      <xs:documentation>This node contains information on how to dynamically name the node such that the name is valid.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:choice>
-        <xs:element name="ServerGeneratedUniqueIdentifier">
-          <xs:annotation>
-            <xs:documentation>This indicates that the server should generate a unique identifier for the node.</xs:documentation>
-          </xs:annotation>
-        </xs:element>
-        <xs:element name="ClientInventory">
-          <xs:annotation>
-            <xs:documentation>This indicates that the client will generate the name of the node based on the device state (such as inventorying apps).</xs:documentation>
-          </xs:annotation>
-        </xs:element>
-        <xs:element name="UniqueName" type="xs:string">
-          <xs:annotation>
-            <xs:documentation>This indicates that the server should name the node, and the value listed gives a regex to define what is allowed.</xs:documentation>
-          </xs:annotation>
-        </xs:element>
-      </xs:choice>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="ConflictResolution" default="NoMerge">
-    <xs:simpleType>
-      <xs:annotation>
-        <xs:documentation>The type of the conflict resolution.</xs:documentation>
-      </xs:annotation>
-      <xs:restriction base="xs:string">
-        <xs:enumeration value="NoMerge">
-          <xs:annotation>
-            <xs:documentation>No policy merge.</xs:documentation>
-          </xs:annotation>
-        </xs:enumeration>
-        <xs:enumeration value="LowestValueMostSecure">
-          <xs:annotation>
-            <xs:documentation>The lowest value is the most secure policy value.</xs:documentation>
-          </xs:annotation>
-        </xs:enumeration>
-        <xs:enumeration value="HighestValueMostSecure">
-          <xs:annotation>
-            <xs:documentation>The highest value is the most secure policy value.</xs:documentation>
-          </xs:annotation>
-        </xs:enumeration>
-        <xs:enumeration value="LastWrite">
-          <xs:annotation>
-            <xs:documentation>The last written value is current value</xs:documentation>
-          </xs:annotation>
-        </xs:enumeration>
-        <xs:enumeration value="LowestValueMostSecureZeroHasNoLimits">
-          <xs:annotation>
-            <xs:documentation>The lowest value is the most secure policy value unless the value is zero.</xs:documentation>
-          </xs:annotation>
-        </xs:enumeration>
-        <xs:enumeration value="HighestValueMostSecureZeroHasNoLimits">
-          <xs:annotation>
-            <xs:documentation>The highest value is the most secure policy value unless the value is zero.</xs:documentation>
-          </xs:annotation>
-        </xs:enumeration>
-      </xs:restriction>
-    </xs:simpleType>
-  </xs:element>
-  <xs:element name="Applicability">
-    <xs:annotation>
-      <xs:documentation>These tags indicate what are required on the device for the node to be applicable to configured.  These tags can be inherited by children nodes.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element minOccurs="0" maxOccurs="1" name="OsBuildVersion" type="xs:string">
-          <xs:annotation>
-            <xs:documentation>This tag describes the first build that a feature is released to.  If the feature was backported, multiple OS versions will be listed, such that the OS build version without a minor number is the first "major release."</xs:documentation>
-          </xs:annotation>
-        </xs:element>
-        <xs:element minOccurs="0" maxOccurs="1" name="CspVersion" type="xs:decimal">
-          <xs:annotation>
-            <xs:documentation>This tag describes the lowest CSP Version that the node was released to.</xs:documentation>
-          </xs:annotation>
-        </xs:element>
-        <xs:element minOccurs="0" maxOccurs="1" name="EditionAllowList" type="xs:string">
-          <xs:annotation>
-            <xs:documentation>This tag describes the list of Edition IDs that the features is allowed on.  0x88* refers to Windows Holographic for Business.</xs:documentation>
-          </xs:annotation>
-        </xs:element>
-        <xs:element minOccurs="0" maxOccurs="1" name="RequiresAzureAd">
-          <xs:annotation>
-            <xs:documentation>This tag indicates that the node requires the device to be Azure Active Directory Joined to be applicable.</xs:documentation>
-          </xs:annotation>
-        </xs:element>
-      </xs:sequence>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="AllowedValues">
-    <xs:annotation>
-      <xs:documentation>These tags describe what values are allowed to be set for this particular node.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:group ref="AllowedValuesGroup" />
-      <xs:attributeGroup ref="AllowedValuesAttributeGroup" />
-    </xs:complexType>
-  </xs:element>
-  <xs:attributeGroup name="AllowedValuesAttributeGroup">
-    <xs:attribute name="ValueType" use="required">
-      <xs:annotation>
-        <xs:documentation>This attribute describes what kind of Allowed Values tag this is.</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:string">
-          <xs:enumeration value="XSD">
-            <xs:annotation>
-              <xs:documentation>This attribute indicates that the Value tag contains an XSD for the node.</xs:documentation>
-            </xs:annotation>
-          </xs:enumeration>
-          <xs:enumeration value="RegEx">
-            <xs:annotation>
-              <xs:documentation>This attribute indicates that the Value tag contains a RegEx for the node.</xs:documentation>
-            </xs:annotation>
-          </xs:enumeration>
-          <xs:enumeration value="ADMX">
-            <xs:annotation>
-              <xs:documentation>This attribute indicates that the node can be described by an external ADMX file.</xs:documentation>
-            </xs:annotation>
-          </xs:enumeration>
-          <xs:enumeration value="JSON">
-            <xs:annotation>
-              <xs:documentation>This attribute indicates that the node can be described by a JSON schema.</xs:documentation>
-            </xs:annotation>
-          </xs:enumeration>
-          <xs:enumeration value="ENUM">
-            <xs:annotation>
-              <xs:documentation>This attribute indicates that the allowed values are an enumeration.</xs:documentation>
-            </xs:annotation>
-          </xs:enumeration>
-          <xs:enumeration value="Flag">
-            <xs:annotation>
-              <xs:documentation>This attribute indicates that the allowed values can be combined into a bitwise flag.</xs:documentation>
-            </xs:annotation>
-          </xs:enumeration>
-          <xs:enumeration value="Range">
-            <xs:annotation>
-              <xs:documentation>This attribute indicates that the allowed values are a numerical range.</xs:documentation>
-            </xs:annotation>
-          </xs:enumeration>
-          <xs:enumeration value="SDDL">
-            <xs:annotation>
-              <xs:documentation>This attribute indicates that the allowed values are a string in the SDDL format.</xs:documentation>
-            </xs:annotation>
-          </xs:enumeration>
-          <xs:enumeration value="None">
-            <xs:annotation>
-              <xs:documentation>This attribute indicates there is no data-driven way to define the allowed values of the node.  This potentially means that all string values are valid values.</xs:documentation>
-            </xs:annotation>
-          </xs:enumeration>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:group name="AllowedValuesGroup">
-    <xs:sequence>
-      <xs:group minOccurs="0" maxOccurs="1" ref="AllowedValueGroupedNodes" />
-      <xs:element minOccurs="0" maxOccurs="1" name="List">
+    ```xml
+    <?xml version="1.0" encoding="Windows-1252"?>
+    <xs:schema xmlns="http://tempuri.org/DM_DDF-V1_2" elementFormDefault="qualified" targetNamespace="http://tempuri.org/DM_DDF-V1_2"
+               xmlns:xs="http://www.w3.org/2001/XMLSchema"
+               xmlns:MSFT="http://schemas.microsoft.com/MobileDevice/DM">
+      <xs:import schemaLocation="DDFv2Msft.xsd" namespace="http://schemas.microsoft.com/MobileDevice/DM" />
+      <xs:element name="MgmtTree">
         <xs:annotation>
-          <xs:documentation>This tag indicates that the node input can contain multiple, delimited values.</xs:documentation>
+          <xs:documentation>Starting point for DDF</xs:documentation>
         </xs:annotation>
         <xs:complexType>
-          <xs:attribute name="Delimiter" type="xs:string" use="required">
-            <xs:annotation>
-              <xs:documentation>This attribute details the delimeter used for the list of values.</xs:documentation>
-            </xs:annotation>
-          </xs:attribute>
+          <xs:sequence>
+            <xs:element ref="VerDTD" />
+            <xs:element minOccurs="1" ref="MSFT:Diagnostics" />
+            <xs:element minOccurs="1" maxOccurs="unbounded" ref="Node" />
+          </xs:sequence>
         </xs:complexType>
       </xs:element>
-    </xs:sequence>
-  </xs:group>
-  <xs:group name="ValueAndDescriptionGroup">
-    <xs:sequence>
-      <xs:element name="Value" type="xs:string">
+      <xs:element name="VerDTD" type="xs:string" />
+      <xs:element name="Node">
         <xs:annotation>
-          <xs:documentation>This tag indicates an allowed value.</xs:documentation>
+          <xs:documentation>Main Recurring XML tag describing nodes of the CSP</xs:documentation>
+        </xs:annotation>
+        <xs:complexType>
+          <xs:sequence>
+            <xs:element ref="NodeName" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="Path" />
+            <xs:element minOccurs="1" maxOccurs="1" ref="DFProperties" />
+            <xs:choice>
+              <xs:element minOccurs="0" maxOccurs="unbounded" ref="Node" />
+            </xs:choice>
+          </xs:sequence>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="NodeName" type="xs:anyURI" />
+      <xs:element name="Path" type="xs:anyURI" />
+      <xs:element name="MIME" type="xs:string" />
+      <xs:element name="DDFName" type="xs:string" />
+      <xs:element name="DFProperties">
+        <xs:complexType>
+          <xs:sequence>
+            <xs:element ref="AccessType" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="DefaultValue" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="Description" />
+            <xs:element ref="DFFormat" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="Occurrence" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="Scope" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="DFTitle" />
+            <xs:element ref="DFType" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="CaseSense" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:Applicability" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:DynamicNodeNaming" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:AllowedValues" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:ReplaceBehavior" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:RebootBehavior" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:GpMapping" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:CommonErrorResults" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:Deprecated" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:DependencyBehavior" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:ConflictResolution" />
+            <xs:element minOccurs="0" maxOccurs="1" ref="MSFT:AtomicRequired" />
+          </xs:sequence>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="AccessType">
+        <xs:complexType>
+          <xs:sequence>
+            <xs:element minOccurs="0" maxOccurs="1" name="Add" />
+            <xs:element minOccurs="0" maxOccurs="1" name="Copy" />
+            <xs:element minOccurs="0" maxOccurs="1" name="Delete" />
+            <xs:element minOccurs="0" maxOccurs="1" name="Exec" />
+            <xs:element minOccurs="0" maxOccurs="1" name="Get" />
+            <xs:element minOccurs="0" maxOccurs="1" name="Replace" />
+          </xs:sequence>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="DefaultValue" type="xs:string" />
+      <xs:element name="Description" type="xs:string" />
+      <xs:element name="DFFormat">
+        <xs:complexType>
+          <xs:choice>
+            <xs:element name="b64" />
+            <xs:element name="bin" />
+            <xs:element name="bool" />
+            <xs:element name="chr" />
+            <xs:element name="int" />
+            <xs:element name="node" />
+            <xs:element name="null" />
+            <xs:element name="xml" />
+            <xs:element name="date" />
+            <xs:element name="time" />
+            <xs:element name="float" />
+          </xs:choice>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="Occurrence">
+        <xs:complexType>
+          <xs:choice>
+            <xs:element name="One" />
+            <xs:element name="ZeroOrOne" />
+            <xs:element name="ZeroOrMore" />
+            <xs:element name="OneOrMore" />
+            <xs:element name="ZeroOrN" type="xs:integer" />
+            <xs:element name="OneOrN" type="xs:integer" />
+          </xs:choice>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="Scope">
+        <xs:complexType>
+          <xs:choice>
+            <xs:element name="Permanent" />
+            <xs:element name="Dynamic" />
+          </xs:choice>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="DFTitle" type="xs:string" />
+      <xs:element name="DFType">
+        <xs:complexType>
+          <xs:choice>
+            <xs:element minOccurs="1" maxOccurs="unbounded" ref="MIME" />
+            <xs:element ref="DDFName" />
+          </xs:choice>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="CaseSense">
+        <xs:complexType>
+          <xs:choice>
+            <xs:element name="CS" />
+            <xs:element name="CIS" />
+          </xs:choice>
+        </xs:complexType>
+      </xs:element>
+    </xs:schema>
+    ```
+
+- Schema definition for the `MSFT` namespace:
+
+    ```xml
+    <?xml version="1.0" encoding="utf-8"?>
+    <xs:schema elementFormDefault="qualified" xmlns="http://schemas.microsoft.com/MobileDevice/DM" targetNamespace="http://schemas.microsoft.com/MobileDevice/DM" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+      <xs:element name="Diagnostics" type="xs:string">
+        <xs:annotation>
+          <xs:documentation>This node contains an XML blob that can be used as an argument to the DiagnosticsLogCSP to pull diagnostics for a feature.</xs:documentation>
         </xs:annotation>
       </xs:element>
-      <xs:element minOccurs="0" maxOccurs="1" name="ValueDescription" type="xs:string">
+      <xs:element name="Deprecated">
         <xs:annotation>
-          <xs:documentation>This tag gives further description to an allowed value, such as for an enumeration.</xs:documentation>
+          <xs:documentation>This node marks that a feature is deprecated.  If included, OsBuildDeprecated gives the OS Build version that the node is no longer recommended to be set.</xs:documentation>
         </xs:annotation>
+        <xs:complexType>
+          <xs:attribute name="OsBuildDeprecated" type="xs:string" />
+        </xs:complexType>
       </xs:element>
-    </xs:sequence>
-  </xs:group>
-  <xs:group name="AllowedValueGroupedNodes">
-    <xs:choice>
-      <xs:element ref="Enum" maxOccurs="unbounded" />
-      <xs:group ref="ValueAndDescriptionGroup" />
-      <xs:element ref="AdmxBacked" />
-    </xs:choice>
-  </xs:group>
-  <xs:element name="Enum">
-    <xs:annotation>
-      <xs:documentation>This tag gives details for one particular enumeration of the allowed values.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:sequence>
-        <xs:group ref="ValueAndDescriptionGroup" />
-      </xs:sequence>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="AdmxBacked">
-    <xs:annotation>
-      <xs:documentation>This tag indicates the relevent details for the corresponding ADMX policy for this node.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:attribute name="Area" type="xs:string" use="required">
+      <xs:element name="DynamicNodeNaming">
         <xs:annotation>
-          <xs:documentation>This attribute gives the area path of the ADMX policy.</xs:documentation>
+          <xs:documentation>This node contains information on how to dynamically name the node such that the name is valid.</xs:documentation>
         </xs:annotation>
-      </xs:attribute>
-      <xs:attribute name="Name" type="xs:string" use="required">
-        <xs:annotation>
-          <xs:documentation>This attribute gives the name of the ADMX policy.</xs:documentation>
-        </xs:annotation>
-      </xs:attribute>
-      <xs:attribute name="File" type="xs:string" use="required">
-        <xs:annotation>
-          <xs:documentation>This attribute gives the filename for the ADMX policy.</xs:documentation>
-        </xs:annotation>
-      </xs:attribute>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="ReplaceBehavior" default="Replace">
-    <xs:annotation>
-      <xs:documentation>This tag details the replace behavior of the node.</xs:documentation>
-    </xs:annotation>
-    <xs:simpleType>
-      <xs:restriction base="xs:string">
-        <xs:enumeration value="Append">
-          <xs:annotation>
-            <xs:documentation>When performing a replace operation on this node, the value is appending to the existing node data.</xs:documentation>
-          </xs:annotation>
-        </xs:enumeration>
-        <xs:enumeration value="Replace">
-          <xs:annotation>
-            <xs:documentation>When performing a replace operation on this node, the existing node data is removed before new data is added.</xs:documentation>
-          </xs:annotation>
-        </xs:enumeration>
-      </xs:restriction>
-    </xs:simpleType>
-  </xs:element>
-  <xs:element name="RebootBehavior" default="None">
-    <xs:annotation>
-      <xs:documentation>This tag describes the reboot behavior of the node.</xs:documentation>
-    </xs:annotation>
-    <xs:simpleType>
-      <xs:restriction base="xs:string">
-        <xs:enumeration value="None">
-          <xs:annotation>
-            <xs:documentation>No reboot is required for this node.</xs:documentation>
-          </xs:annotation>
-        </xs:enumeration>
-        <xs:enumeration value="Automatic">
-          <xs:annotation>
-            <xs:documentation>This node will automatically perform a reboot to take effect.</xs:documentation>
-          </xs:annotation>
-        </xs:enumeration>
-        <xs:enumeration value="ServerInitiated">
-          <xs:annotation>
-            <xs:documentation>This node needs a reboot initiated from an external source to take effect.</xs:documentation>
-          </xs:annotation>
-        </xs:enumeration>
-      </xs:restriction>
-    </xs:simpleType>
-  </xs:element>
-  <xs:element name="GpMapping">
-    <xs:annotation>
-      <xs:documentation>This tag details the information necessary to map this node to an existing group policy.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:attribute name="GpEnglishName" type="xs:string" use="required">
-        <xs:annotation>
-          <xs:documentation>This attribute details the English name of the GP.</xs:documentation>
-        </xs:annotation>
-      </xs:attribute>
-      <xs:attribute name="GpAreaPath" type="xs:string" use="required">
-        <xs:annotation>
-          <xs:documentation>This attribute details the area path of the GP.</xs:documentation>
-        </xs:annotation>
-      </xs:attribute>
-      <xs:attribute name="GpElement" type="xs:string">
-        <xs:annotation>
-          <xs:documentation>This attribute details a particular element of a GP that the CSP node maps to.</xs:documentation>
-        </xs:annotation>
-      </xs:attribute>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="CommonErrorResults">
-    <xs:annotation>
-      <xs:documentation>This tag lists out common error HRESULTS reported by the CSP and English text to associate with them.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element name="CommonErrorOne" type="xs:string" />
-        <xs:element name="CommonErrorTwo" type="xs:string" />
-        <xs:element name="CommonErrorThree" type="xs:string" />
-        <xs:element name="CommonErrorFour" type="xs:string" />
-        <xs:element name="CommonErrorFive" type="xs:string" />
-        <xs:element name="CommonErrorSix" type="xs:string" />
-        <xs:element name="CommonErrorSeven" type="xs:string" />
-        <xs:element name="CommonErrorEight" type="xs:string" />
-        <xs:element name="CommonErrorNine" type="xs:string" />
-        <xs:element name="CommonErrorTen" type="xs:string" />
-      </xs:sequence>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="AtomicRequired">
-    <xs:annotation>
-      <xs:documentation>This tag indicates that this node and all children nodes should be enclosed by an Atomic tag when being sent to the client.</xs:documentation>
-    </xs:annotation>
-  </xs:element>
-  <xs:element name="DependencyBehavior">
-    <xs:annotation>
-      <xs:documentation>These tags detail potential dependencies that the current CSP node has on other nodes in the same CSP.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element ref="DependencyGroup" maxOccurs="unbounded" />
-      </xs:sequence>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="Dependency">
-    <xs:annotation>
-      <xs:documentation>This tag describes a dependency that the current CSP node has on another nodes in the same CSP.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element name="DependencyUri" type="xs:anyURI">
-          <xs:annotation>
-            <xs:documentation>The URI that the current CSP node has a dependency on.</xs:documentation>
-          </xs:annotation>
-        </xs:element>
-        <xs:element ref="DependencyAllowedValue" />
-      </xs:sequence>
-      <xs:attribute name="Type" use="required">
-        <xs:annotation>
-          <xs:documentation>This tag details the kind of dependency.</xs:documentation>
-        </xs:annotation>
-        <xs:simpleType>
-          <xs:restriction base="xs:string">
-            <xs:enumeration value="DependsOn">
+        <xs:complexType>
+          <xs:choice>
+            <xs:element name="ServerGeneratedUniqueIdentifier">
               <xs:annotation>
-                <xs:documentation>The current node depends on the dependency holding a certain value.</xs:documentation>
+                <xs:documentation>This indicates that the server should generate a unique identifier for the node.</xs:documentation>
+              </xs:annotation>
+            </xs:element>
+            <xs:element name="ClientInventory">
+              <xs:annotation>
+                <xs:documentation>This indicates that the client will generate the name of the node based on the device state (such as inventorying apps).</xs:documentation>
+              </xs:annotation>
+            </xs:element>
+            <xs:element name="UniqueName" type="xs:string">
+              <xs:annotation>
+                <xs:documentation>This indicates that the server should name the node, and the value listed gives a regex to define what is allowed.</xs:documentation>
+              </xs:annotation>
+            </xs:element>
+          </xs:choice>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="ConflictResolution" default="NoMerge">
+        <xs:simpleType>
+          <xs:annotation>
+            <xs:documentation>The type of the conflict resolution.</xs:documentation>
+          </xs:annotation>
+          <xs:restriction base="xs:string">
+            <xs:enumeration value="NoMerge">
+              <xs:annotation>
+                <xs:documentation>No policy merge.</xs:documentation>
               </xs:annotation>
             </xs:enumeration>
-            <xs:enumeration value="Not">
+            <xs:enumeration value="LowestValueMostSecure">
               <xs:annotation>
-                <xs:documentation>The current node depends on the dependency not holding a certain value.</xs:documentation>
+                <xs:documentation>The lowest value is the most secure policy value.</xs:documentation>
+              </xs:annotation>
+            </xs:enumeration>
+            <xs:enumeration value="HighestValueMostSecure">
+              <xs:annotation>
+                <xs:documentation>The highest value is the most secure policy value.</xs:documentation>
+              </xs:annotation>
+            </xs:enumeration>
+            <xs:enumeration value="LastWrite">
+              <xs:annotation>
+                <xs:documentation>The last written value is current value</xs:documentation>
+              </xs:annotation>
+            </xs:enumeration>
+            <xs:enumeration value="LowestValueMostSecureZeroHasNoLimits">
+              <xs:annotation>
+                <xs:documentation>The lowest value is the most secure policy value unless the value is zero.</xs:documentation>
+              </xs:annotation>
+            </xs:enumeration>
+            <xs:enumeration value="HighestValueMostSecureZeroHasNoLimits">
+              <xs:annotation>
+                <xs:documentation>The highest value is the most secure policy value unless the value is zero.</xs:documentation>
               </xs:annotation>
             </xs:enumeration>
           </xs:restriction>
         </xs:simpleType>
-      </xs:attribute>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="DependencyGroup">
-    <xs:annotation>
-      <xs:documentation>This tag details one specific dependency.  A node might have multiple different dependencies.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element minOccurs="0" maxOccurs="1" ref="DependencyChangedAllowedValues" />
-        <xs:element ref="Dependency" maxOccurs="unbounded" />
-      </xs:sequence>
-      <xs:attribute name="FriendlyId" type="xs:string" use="required">
+      </xs:element>
+      <xs:element name="Applicability">
         <xs:annotation>
-          <xs:documentation>This attribute gives a friendly ID to the dependency, to differentiate it from other dependencies.</xs:documentation>
+          <xs:documentation>These tags indicate what are required on the device for the node to be applicable to configured.  These tags can be inherited by children nodes.</xs:documentation>
         </xs:annotation>
-      </xs:attribute>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="DependencyAllowedValue">
-    <xs:annotation>
-      <xs:documentation>This tag details the values that the dependency must be set to for the dependency to be satisfied.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:group ref="AllowedValuesGroup" />
-      <xs:attributeGroup ref="AllowedValuesAttributeGroup" />
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="DependencyChangedAllowedValues">
-    <xs:annotation>
-      <xs:documentation>This tag details a change to the current node's allowed values if the dependency is satisfied.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:group ref="AllowedValuesGroup" />
-      <xs:attributeGroup ref="AllowedValuesAttributeGroup" />
-    </xs:complexType>
-  </xs:element>
-</xs:schema>
-```
+        <xs:complexType>
+          <xs:sequence>
+            <xs:element minOccurs="0" maxOccurs="1" name="OsBuildVersion" type="xs:string">
+              <xs:annotation>
+                <xs:documentation>This tag describes the first build that a feature is released to.  If the feature was backported, multiple OS versions will be listed, such that the OS build version without a minor number is the first "major release."</xs:documentation>
+              </xs:annotation>
+            </xs:element>
+            <xs:element minOccurs="0" maxOccurs="1" name="CspVersion" type="xs:decimal">
+              <xs:annotation>
+                <xs:documentation>This tag describes the lowest CSP Version that the node was released to.</xs:documentation>
+              </xs:annotation>
+            </xs:element>
+            <xs:element minOccurs="0" maxOccurs="1" name="EditionAllowList" type="xs:string">
+              <xs:annotation>
+                <xs:documentation>This tag describes the list of Edition IDs that the features is allowed on.  0x88* refers to Windows Holographic for Business.</xs:documentation>
+              </xs:annotation>
+            </xs:element>
+            <xs:element minOccurs="0" maxOccurs="1" name="RequiresAzureAd">
+              <xs:annotation>
+                <xs:documentation>This tag indicates that the node requires the device to be Azure Active Directory Joined to be applicable.</xs:documentation>
+              </xs:annotation>
+            </xs:element>
+          </xs:sequence>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="AllowedValues">
+        <xs:annotation>
+          <xs:documentation>These tags describe what values are allowed to be set for this particular node.</xs:documentation>
+        </xs:annotation>
+        <xs:complexType>
+          <xs:group ref="AllowedValuesGroup" />
+          <xs:attributeGroup ref="AllowedValuesAttributeGroup" />
+        </xs:complexType>
+      </xs:element>
+      <xs:attributeGroup name="AllowedValuesAttributeGroup">
+        <xs:attribute name="ValueType" use="required">
+          <xs:annotation>
+            <xs:documentation>This attribute describes what kind of Allowed Values tag this is.</xs:documentation>
+          </xs:annotation>
+          <xs:simpleType>
+            <xs:restriction base="xs:string">
+              <xs:enumeration value="XSD">
+                <xs:annotation>
+                  <xs:documentation>This attribute indicates that the Value tag contains an XSD for the node.</xs:documentation>
+                </xs:annotation>
+              </xs:enumeration>
+              <xs:enumeration value="RegEx">
+                <xs:annotation>
+                  <xs:documentation>This attribute indicates that the Value tag contains a RegEx for the node.</xs:documentation>
+                </xs:annotation>
+              </xs:enumeration>
+              <xs:enumeration value="ADMX">
+                <xs:annotation>
+                  <xs:documentation>This attribute indicates that the node can be described by an external ADMX file.</xs:documentation>
+                </xs:annotation>
+              </xs:enumeration>
+              <xs:enumeration value="JSON">
+                <xs:annotation>
+                  <xs:documentation>This attribute indicates that the node can be described by a JSON schema.</xs:documentation>
+                </xs:annotation>
+              </xs:enumeration>
+              <xs:enumeration value="ENUM">
+                <xs:annotation>
+                  <xs:documentation>This attribute indicates that the allowed values are an enumeration.</xs:documentation>
+                </xs:annotation>
+              </xs:enumeration>
+              <xs:enumeration value="Flag">
+                <xs:annotation>
+                  <xs:documentation>This attribute indicates that the allowed values can be combined into a bitwise flag.</xs:documentation>
+                </xs:annotation>
+              </xs:enumeration>
+              <xs:enumeration value="Range">
+                <xs:annotation>
+                  <xs:documentation>This attribute indicates that the allowed values are a numerical range.</xs:documentation>
+                </xs:annotation>
+              </xs:enumeration>
+              <xs:enumeration value="SDDL">
+                <xs:annotation>
+                  <xs:documentation>This attribute indicates that the allowed values are a string in the SDDL format.</xs:documentation>
+                </xs:annotation>
+              </xs:enumeration>
+              <xs:enumeration value="None">
+                <xs:annotation>
+                  <xs:documentation>This attribute indicates there is no data-driven way to define the allowed values of the node.  This potentially means that all string values are valid values.</xs:documentation>
+                </xs:annotation>
+              </xs:enumeration>
+            </xs:restriction>
+          </xs:simpleType>
+        </xs:attribute>
+      </xs:attributeGroup>
+      <xs:group name="AllowedValuesGroup">
+        <xs:sequence>
+          <xs:group minOccurs="0" maxOccurs="1" ref="AllowedValueGroupedNodes" />
+          <xs:element minOccurs="0" maxOccurs="1" name="List">
+            <xs:annotation>
+              <xs:documentation>This tag indicates that the node input can contain multiple, delimited values.</xs:documentation>
+            </xs:annotation>
+            <xs:complexType>
+              <xs:attribute name="Delimiter" type="xs:string" use="required">
+                <xs:annotation>
+                  <xs:documentation>This attribute details the delimeter used for the list of values.</xs:documentation>
+                </xs:annotation>
+              </xs:attribute>
+            </xs:complexType>
+          </xs:element>
+        </xs:sequence>
+      </xs:group>
+      <xs:group name="ValueAndDescriptionGroup">
+        <xs:sequence>
+          <xs:element name="Value" type="xs:string">
+            <xs:annotation>
+              <xs:documentation>This tag indicates an allowed value.</xs:documentation>
+            </xs:annotation>
+          </xs:element>
+          <xs:element minOccurs="0" maxOccurs="1" name="ValueDescription" type="xs:string">
+            <xs:annotation>
+              <xs:documentation>This tag gives further description to an allowed value, such as for an enumeration.</xs:documentation>
+            </xs:annotation>
+          </xs:element>
+        </xs:sequence>
+      </xs:group>
+      <xs:group name="AllowedValueGroupedNodes">
+        <xs:choice>
+          <xs:element ref="Enum" maxOccurs="unbounded" />
+          <xs:group ref="ValueAndDescriptionGroup" />
+          <xs:element ref="AdmxBacked" />
+        </xs:choice>
+      </xs:group>
+      <xs:element name="Enum">
+        <xs:annotation>
+          <xs:documentation>This tag gives details for one particular enumeration of the allowed values.</xs:documentation>
+        </xs:annotation>
+        <xs:complexType>
+          <xs:sequence>
+            <xs:group ref="ValueAndDescriptionGroup" />
+          </xs:sequence>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="AdmxBacked">
+        <xs:annotation>
+          <xs:documentation>This tag indicates the relevent details for the corresponding ADMX policy for this node.</xs:documentation>
+        </xs:annotation>
+        <xs:complexType>
+          <xs:attribute name="Area" type="xs:string" use="required">
+            <xs:annotation>
+              <xs:documentation>This attribute gives the area path of the ADMX policy.</xs:documentation>
+            </xs:annotation>
+          </xs:attribute>
+          <xs:attribute name="Name" type="xs:string" use="required">
+            <xs:annotation>
+              <xs:documentation>This attribute gives the name of the ADMX policy.</xs:documentation>
+            </xs:annotation>
+          </xs:attribute>
+          <xs:attribute name="File" type="xs:string" use="required">
+            <xs:annotation>
+              <xs:documentation>This attribute gives the filename for the ADMX policy.</xs:documentation>
+            </xs:annotation>
+          </xs:attribute>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="ReplaceBehavior" default="Replace">
+        <xs:annotation>
+          <xs:documentation>This tag details the replace behavior of the node.</xs:documentation>
+        </xs:annotation>
+        <xs:simpleType>
+          <xs:restriction base="xs:string">
+            <xs:enumeration value="Append">
+              <xs:annotation>
+                <xs:documentation>When performing a replace operation on this node, the value is appending to the existing node data.</xs:documentation>
+              </xs:annotation>
+            </xs:enumeration>
+            <xs:enumeration value="Replace">
+              <xs:annotation>
+                <xs:documentation>When performing a replace operation on this node, the existing node data is removed before new data is added.</xs:documentation>
+              </xs:annotation>
+            </xs:enumeration>
+          </xs:restriction>
+        </xs:simpleType>
+      </xs:element>
+      <xs:element name="RebootBehavior" default="None">
+        <xs:annotation>
+          <xs:documentation>This tag describes the reboot behavior of the node.</xs:documentation>
+        </xs:annotation>
+        <xs:simpleType>
+          <xs:restriction base="xs:string">
+            <xs:enumeration value="None">
+              <xs:annotation>
+                <xs:documentation>No reboot is required for this node.</xs:documentation>
+              </xs:annotation>
+            </xs:enumeration>
+            <xs:enumeration value="Automatic">
+              <xs:annotation>
+                <xs:documentation>This node will automatically perform a reboot to take effect.</xs:documentation>
+              </xs:annotation>
+            </xs:enumeration>
+            <xs:enumeration value="ServerInitiated">
+              <xs:annotation>
+                <xs:documentation>This node needs a reboot initiated from an external source to take effect.</xs:documentation>
+              </xs:annotation>
+            </xs:enumeration>
+          </xs:restriction>
+        </xs:simpleType>
+      </xs:element>
+      <xs:element name="GpMapping">
+        <xs:annotation>
+          <xs:documentation>This tag details the information necessary to map this node to an existing group policy.</xs:documentation>
+        </xs:annotation>
+        <xs:complexType>
+          <xs:attribute name="GpEnglishName" type="xs:string" use="required">
+            <xs:annotation>
+              <xs:documentation>This attribute details the English name of the GP.</xs:documentation>
+            </xs:annotation>
+          </xs:attribute>
+          <xs:attribute name="GpAreaPath" type="xs:string" use="required">
+            <xs:annotation>
+              <xs:documentation>This attribute details the area path of the GP.</xs:documentation>
+            </xs:annotation>
+          </xs:attribute>
+          <xs:attribute name="GpElement" type="xs:string">
+            <xs:annotation>
+              <xs:documentation>This attribute details a particular element of a GP that the CSP node maps to.</xs:documentation>
+            </xs:annotation>
+          </xs:attribute>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="CommonErrorResults">
+        <xs:annotation>
+          <xs:documentation>This tag lists out common error HRESULTS reported by the CSP and English text to associate with them.</xs:documentation>
+        </xs:annotation>
+        <xs:complexType>
+          <xs:sequence>
+            <xs:element name="CommonErrorOne" type="xs:string" />
+            <xs:element name="CommonErrorTwo" type="xs:string" />
+            <xs:element name="CommonErrorThree" type="xs:string" />
+            <xs:element name="CommonErrorFour" type="xs:string" />
+            <xs:element name="CommonErrorFive" type="xs:string" />
+            <xs:element name="CommonErrorSix" type="xs:string" />
+            <xs:element name="CommonErrorSeven" type="xs:string" />
+            <xs:element name="CommonErrorEight" type="xs:string" />
+            <xs:element name="CommonErrorNine" type="xs:string" />
+            <xs:element name="CommonErrorTen" type="xs:string" />
+          </xs:sequence>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="AtomicRequired">
+        <xs:annotation>
+          <xs:documentation>This tag indicates that this node and all children nodes should be enclosed by an Atomic tag when being sent to the client.</xs:documentation>
+        </xs:annotation>
+      </xs:element>
+      <xs:element name="DependencyBehavior">
+        <xs:annotation>
+          <xs:documentation>These tags detail potential dependencies that the current CSP node has on other nodes in the same CSP.</xs:documentation>
+        </xs:annotation>
+        <xs:complexType>
+          <xs:sequence>
+            <xs:element ref="DependencyGroup" maxOccurs="unbounded" />
+          </xs:sequence>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="Dependency">
+        <xs:annotation>
+          <xs:documentation>This tag describes a dependency that the current CSP node has on another nodes in the same CSP.</xs:documentation>
+        </xs:annotation>
+        <xs:complexType>
+          <xs:sequence>
+            <xs:element name="DependencyUri" type="xs:anyURI">
+              <xs:annotation>
+                <xs:documentation>The URI that the current CSP node has a dependency on.</xs:documentation>
+              </xs:annotation>
+            </xs:element>
+            <xs:element ref="DependencyAllowedValue" />
+          </xs:sequence>
+          <xs:attribute name="Type" use="required">
+            <xs:annotation>
+              <xs:documentation>This tag details the kind of dependency.</xs:documentation>
+            </xs:annotation>
+            <xs:simpleType>
+              <xs:restriction base="xs:string">
+                <xs:enumeration value="DependsOn">
+                  <xs:annotation>
+                    <xs:documentation>The current node depends on the dependency holding a certain value.</xs:documentation>
+                  </xs:annotation>
+                </xs:enumeration>
+                <xs:enumeration value="Not">
+                  <xs:annotation>
+                    <xs:documentation>The current node depends on the dependency not holding a certain value.</xs:documentation>
+                  </xs:annotation>
+                </xs:enumeration>
+              </xs:restriction>
+            </xs:simpleType>
+          </xs:attribute>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="DependencyGroup">
+        <xs:annotation>
+          <xs:documentation>This tag details one specific dependency.  A node might have multiple different dependencies.</xs:documentation>
+        </xs:annotation>
+        <xs:complexType>
+          <xs:sequence>
+            <xs:element minOccurs="0" maxOccurs="1" ref="DependencyChangedAllowedValues" />
+            <xs:element ref="Dependency" maxOccurs="unbounded" />
+          </xs:sequence>
+          <xs:attribute name="FriendlyId" type="xs:string" use="required">
+            <xs:annotation>
+              <xs:documentation>This attribute gives a friendly ID to the dependency, to differentiate it from other dependencies.</xs:documentation>
+            </xs:annotation>
+          </xs:attribute>
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="DependencyAllowedValue">
+        <xs:annotation>
+          <xs:documentation>This tag details the values that the dependency must be set to for the dependency to be satisfied.</xs:documentation>
+        </xs:annotation>
+        <xs:complexType>
+          <xs:group ref="AllowedValuesGroup" />
+          <xs:attributeGroup ref="AllowedValuesAttributeGroup" />
+        </xs:complexType>
+      </xs:element>
+      <xs:element name="DependencyChangedAllowedValues">
+        <xs:annotation>
+          <xs:documentation>This tag details a change to the current node's allowed values if the dependency is satisfied.</xs:documentation>
+        </xs:annotation>
+        <xs:complexType>
+          <xs:group ref="AllowedValuesGroup" />
+          <xs:attributeGroup ref="AllowedValuesAttributeGroup" />
+        </xs:complexType>
+      </xs:element>
+    </xs:schema>
+    ```
 
 ## Older DDF files
 
-You can download the DDF files for various CSPs from the links below:
+You can download the older DDF files for various CSPs from the links below:
 
 - [Download all the DDF files for Windows 10, version 2004](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/Windows10_2004_DDF_download.zip)
 - [Download all the DDF files for Windows 10, version 1903](https://download.microsoft.com/download/6/F/0/6F019079-6EB0-41B5-88E8-D1CE77DBA27B/Windows10_1903_DDF_download.zip)
@@ -584,7 +588,7 @@ You can download the DDF files for various CSPs from the links below:
 - [Download all the DDF files for Windows 10, version 1703](https://download.microsoft.com/download/C/7/C/C7C94663-44CF-4221-ABCA-BC895F42B6C2/Windows10_1703_DDF_download.zip)
 - [Download all the DDF files for Windows 10, version 1607](https://download.microsoft.com/download/2/3/E/23E27D6B-6E23-4833-B143-915EDA3BDD44/Windows10_1607_DDF.zip)
 
-You can view various Policy area DDF files by clicking the following links:
+You can download the older Policy area DDF files by clicking the following links:
 
 - [View the Policy DDF file for Windows 10, version 20H2](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/PolicyDDF_all_20H2.xml)
 - [View the Policy DDF file for Windows 10, version 2004](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/PolicyDDF_all_2004.xml)
diff --git a/windows/client-management/mdm/policy-ddf-file.md b/windows/client-management/mdm/policy-ddf-file.md
deleted file mode 100644
index 07c6ded973..0000000000
--- a/windows/client-management/mdm/policy-ddf-file.md
+++ /dev/null
@@ -1,32 +0,0 @@
----
-title: Policy DDF file
-description: Learn about the OMA DM device description framework (DDF) for the Policy configuration service provider.
-ms.reviewer: 
-manager: aaroncz
-ms.author: vinpa
-ms.topic: article
-ms.prod: windows-client
-ms.technology: itpro-manage
-author: vinaypamnani-msft
-ms.localizationpriority: medium
-ms.date: 10/28/2020
----
-
-# Policy DDF file
-
-This topic shows the OMA DM device description framework (DDF) for the **Policy** configuration service provider. DDF files are used only with OMA DM provisioning XML.
-
-You can view various Policy DDF files by clicking the following links:
-
-- [View the Policy DDF file for Windows 10, version 20H2](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/PolicyDDF_all_20H2.xml)
-- [View the Policy DDF file for Windows 10, version 2004](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/PolicyDDF_all_2004.xml)
-- [View the Policy DDF file for Windows 10, version 1903](https://download.microsoft.com/download/0/C/D/0CD61812-8B9C-4846-AC4A-1545BFD201EE/PolicyDDF_all_1903.xml)
-- [View the Policy DDF file for Windows 10, version 1809](https://download.microsoft.com/download/7/3/5/735B8537-82F4-4CD1-B059-93984F9FAAC5/Policy_DDF_all_1809.xml)
-- [View the Policy DDF file for Windows 10, version 1803](https://download.microsoft.com/download/4/9/6/496534EE-8F0C-4F12-B084-A8502DA22430/PolicyDDF_all.xml)
-- [View the Policy DDF file for Windows 10, version 1803 release C](https://download.microsoft.com/download/4/9/6/496534EE-8F0C-4F12-B084-A8502DA22430/PolicyDDF_all_1809C_release.xml)
-- [View the Policy DDF file for Windows 10, version 1709](https://download.microsoft.com/download/8/C/4/8C43C116-62CB-470B-9B69-76A3E2BC32A8/PolicyDDF_all.xml)
-- [View the Policy DDF file for Windows 10, version 1703](https://download.microsoft.com/download/7/2/C/72C36C37-20F9-41BF-8E23-721F6FFC253E/PolicyDDF_all.xml)
-- [View the Policy DDF file for Windows 10, version 1607](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607.xml)
-- [View the Policy DDF file for Windows 10, version 1607 release 8C](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607_8C.xml)
-
-You can download DDF files for various CSPs from [CSP DDF files download](configuration-service-provider-ddf.md).

From 7c4072364c07f884a57c5acf3dc4c6d74adc71d2 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Mon, 6 Feb 2023 14:12:19 -0500
Subject: [PATCH 79/98] Update TOC

---
 windows/client-management/mdm/toc.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/toc.yml b/windows/client-management/mdm/toc.yml
index 919e4cac79..d35962adb6 100644
--- a/windows/client-management/mdm/toc.yml
+++ b/windows/client-management/mdm/toc.yml
@@ -34,7 +34,7 @@ items:
       href: policy-configuration-service-provider.md
       items:
       - name: Policy CSP DDF file
-        href: policy-ddf-file.md
+        href: configuration-service-provider-ddf.md
       - name: Policy CSP support scenarios
         items:
         - name: ADMX policies in Policy CSP

From 8607282adad6d98f8843d5dcc5180b0cb9955e14 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Mon, 6 Feb 2023 14:20:41 -0500
Subject: [PATCH 80/98] Fix broken links

---
 .../change-history-for-mdm-documentation.md               | 8 ++++----
 windows/client-management/mdm/index.yml                   | 2 +-
 .../mdm/policy-csp-controlpolicyconflict.md               | 2 +-
 .../mdm/policy-csp-localpoliciessecurityoptions.md        | 2 +-
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/windows/client-management/change-history-for-mdm-documentation.md b/windows/client-management/change-history-for-mdm-documentation.md
index b77a1761a8..5b7f08ac50 100644
--- a/windows/client-management/change-history-for-mdm-documentation.md
+++ b/windows/client-management/change-history-for-mdm-documentation.md
@@ -185,7 +185,7 @@ As of November 2020 This page will no longer be updated. This article lists new
 |[RemoteWipe CSP](mdm/remotewipe-csp.md)|Added new settings in Windows 10, version 1809.|
 |[TenantLockdown CSP](mdm/tenantlockdown-csp.md)|Added new CSP in Windows 10, version 1809.|
 |[WindowsDefenderApplicationGuard CSP](mdm/windowsdefenderapplicationguard-csp.md)|Added new settings in Windows 10, version 1809.|
-|[Policy DDF file](mdm/policy-ddf-file.md)|Posted an updated version of the Policy DDF for Windows 10, version 1809.|
+|[Policy DDF file](mdm/configuration-service-provider-ddf.md)|Posted an updated version of the Policy DDF for Windows 10, version 1809.|
 |[Policy CSP](mdm/policy-configuration-service-provider.md)|Added the following new policies in Windows 10, version 1809:<li>Browser/AllowFullScreenMode<li>Browser/AllowPrelaunch<li>Browser/AllowPrinting<li>Browser/AllowSavingHistory<li>Browser/AllowSideloadingOfExtensions<li>Browser/AllowTabPreloading<li>Browser/AllowWebContentOnNewTabPage<li>Browser/ConfigureFavoritesBar<li>Browser/ConfigureHomeButton<li>Browser/ConfigureKioskMode<li>Browser/ConfigureKioskResetAfterIdleTimeout<li>Browser/ConfigureOpenMicrosoftEdgeWith<li>Browser/ConfigureTelemetryForMicrosoft365Analytics<li>Browser/PreventCertErrorOverrides<li>Browser/SetHomeButtonURL<li>Browser/SetNewTabPageURL<li>Browser/UnlockHomeButton<li>Experience/DoNotSyncBrowserSettings<li>Experience/PreventUsersFromTurningOnBrowserSyncing<li>Kerberos/UPNNameHints<li>Privacy/AllowCrossDeviceClipboard<li>Privacy<li>DisablePrivacyExperience<li>Privacy/UploadUserActivities<li>System/AllowDeviceNameInDiagnosticData<li>System/ConfigureMicrosoft365UploadEndpoint<li>System/DisableDeviceDelete<li>System/DisableDiagnosticDataViewer<li>Storage/RemovableDiskDenyWriteAccess<li>Update/UpdateNotificationLevel<br/><br/>Start/DisableContextMenus - added in Windows 10, version 1803.<br/><br/>RestrictedGroups/ConfigureGroupMembership - added new schema to apply and retrieve the policy.|
 
 ## July 2018
@@ -217,7 +217,7 @@ As of November 2020 This page will no longer be updated. This article lists new
 
 |New or updated article|Description|
 |--- |--- |
-|[Policy DDF file](mdm/policy-ddf-file.md)|Updated the DDF files in the Windows 10 version 1703 and 1709.<li>[Download the Policy DDF file for Windows 10, version 1709](https://download.microsoft.com/download/8/C/4/8C43C116-62CB-470B-9B69-76A3E2BC32A8/PolicyDDF_all.xml)<li>[Download the Policy DDF file for Windows 10, version 1703](https://download.microsoft.com/download/7/2/C/72C36C37-20F9-41BF-8E23-721F6FFC253E/PolicyDDF_all.xml)|
+|[Policy DDF file](mdm/configuration-service-provider-ddf.md)|Updated the DDF files in the Windows 10 version 1703 and 1709.<li>[Download the Policy DDF file for Windows 10, version 1709](https://download.microsoft.com/download/8/C/4/8C43C116-62CB-470B-9B69-76A3E2BC32A8/PolicyDDF_all.xml)<li>[Download the Policy DDF file for Windows 10, version 1703](https://download.microsoft.com/download/7/2/C/72C36C37-20F9-41BF-8E23-721F6FFC253E/PolicyDDF_all.xml)|
 
 ## April 2018
 
@@ -281,7 +281,7 @@ As of November 2020 This page will no longer be updated. This article lists new
 
 | New or updated article | Description |
 | --- | --- |
-| [Policy DDF file](mdm/policy-ddf-file.md) | Updated the DDF content for Windows 10 version 1709. Added a link to the download of Policy DDF for Windows 10, version 1709. |
+| [Policy DDF file](mdm/configuration-service-provider-ddf.md) | Updated the DDF content for Windows 10 version 1709. Added a link to the download of Policy DDF for Windows 10, version 1709. |
 | [Policy CSP](mdm/policy-configuration-service-provider.md) | Updated the following policies:<br/><br/>- Defender/ControlledFolderAccessAllowedApplications - string separator is `|`  <br/>- Defender/ControlledFolderAccessProtectedFolders - string separator is `|` |
 | [eUICCs CSP](mdm/euiccs-csp.md) | Added new CSP in Windows 10, version 1709. |
 | [AssignedAccess CSP](mdm/assignedaccess-csp.md) | Added SyncML examples for the new Configuration node. |
@@ -313,5 +313,5 @@ As of November 2020 This page will no longer be updated. This article lists new
 |[Office CSP](mdm/office-csp.md)|Added the following setting in Windows 10, version 1709:<li>Installation/CurrentStatus|
 |[BitLocker CSP](mdm/bitlocker-csp.md)|Added information to the ADMX-backed policies. Changed the minimum personal identification number (PIN) length to four digits in SystemDrivesRequireStartupAuthentication and SystemDrivesMinimumPINLength in Windows 10, version 1709.|
 |[Firewall CSP](mdm/firewall-csp.md)|Updated the CSP and DDF topics. Here are the changes:<li>Removed the two settings - FirewallRules/FirewallRuleName/FriendlyName and FirewallRules/FirewallRuleName/IcmpTypesAndCodes.<li>Changed some data types from integer to bool.<li>Updated the list of supported operations for some settings.<li>Added default values.|
-|[Policy DDF file](mdm/policy-ddf-file.md)|Added another Policy DDF file [download](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607_8C.xml) for the 8C release of Windows 10, version 1607, which added the following policies:<li>Browser/AllowMicrosoftCompatibilityList<li>Update/DisableDualScan<li>Update/FillEmptyContentUrls|
+|[Policy DDF file](mdm/configuration-service-provider-ddf.md)|Added another Policy DDF file [download](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607_8C.xml) for the 8C release of Windows 10, version 1607, which added the following policies:<li>Browser/AllowMicrosoftCompatibilityList<li>Update/DisableDualScan<li>Update/FillEmptyContentUrls|
 |[Policy CSP](mdm/policy-configuration-service-provider.md)|Added the following new policies for Windows 10, version 1709:<li>Browser/ProvisionFavorites<li>Browser/LockdownFavorites<li>ExploitGuard/ExploitProtectionSettings<li>Games/AllowAdvancedGamingServices<li>LocalPoliciesSecurityOptions/Accounts_BlockMicrosoftAccounts<li>LocalPoliciesSecurityOptions/Accounts_LimitLocalAccountUseOfBlankPasswordsToConsoleLogonOnly<li>LocalPoliciesSecurityOptions/Accounts_RenameAdministratorAccount<li>LocalPoliciesSecurityOptions/Accounts_RenameGuestAccount<li>LocalPoliciesSecurityOptions/InteractiveLogon_DisplayUserInformationWhenTheSessionIsLocked<li>LocalPoliciesSecurityOptions/Interactivelogon_DoNotDisplayLastSignedIn<li>LocalPoliciesSecurityOptions/Interactivelogon_DoNotDisplayUsernameAtSignIn<li>LocalPoliciesSecurityOptions/Interactivelogon_DoNotRequireCTRLALTDEL<li>LocalPoliciesSecurityOptions/InteractiveLogon_MachineInactivityLimit<li>LocalPoliciesSecurityOptions/InteractiveLogon_MessageTextForUsersAttemptingToLogOn<li>LocalPoliciesSecurityOptions/InteractiveLogon_MessageTitleForUsersAttemptingToLogOn<li>LocalPoliciesSecurityOptions/NetworkSecurity_AllowPKU2UAuthenticationRequests<li>LocalPoliciesSecurityOptions/Shutdown_AllowSystemToBeShutDownWithoutHavingToLogOn<li>LocalPoliciesSecurityOptions/UserAccountControl_AllowUIAccessApplicationsToPromptForElevation<li>LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForAdministrators<li>LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForStandardUsers<li>LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateExecutableFilesThatAreSignedAndValidated<li>LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateUIAccessApplicationsThatAreInstalledInSecureLocations<li>LocalPoliciesSecurityOptions/UserAccountControl_RunAllAdministratorsInAdminApprovalMode<li>LocalPoliciesSecurityOptions/UserAccountControl_SwitchToTheSecureDesktopWhenPromptingForElevation<li>LocalPoliciesSecurityOptions/UserAccountControl_VirtualizeFileAndRegistryWriteFailuresToPerUserLocations<li>Privacy/EnableActivityFeed<li>Privacy/PublishUserActivities<li>Update/DisableDualScan<li>Update/AllowAutoWindowsUpdateDownloadOverMeteredNetwork<br/><br/>Changed the name of new policy to CredentialProviders/DisableAutomaticReDeploymentCredentials from CredentialProviders/EnableWindowsAutopilotResetCredentials.<br/><br/>Changed the names of the following policies:<li>Defender/GuardedFoldersAllowedApplications to Defender/ControlledFolderAccessAllowedApplications<li>Defender/GuardedFoldersList to Defender/ControlledFolderAccessProtectedFolders<li>Defender/EnableGuardMyFolders to Defender/EnableControlledFolderAccess<br/><br/>Added links to the extra [ADMX-backed BitLocker policies](mdm/policy-csp-bitlocker.md).<br/><br/>There were issues reported with the previous release of the following policies. These issues were fixed in Windows 10, version 1709:<li>Privacy/AllowAutoAcceptPairingAndPrivacyConsentPrompts<li>Start/HideAppList|
diff --git a/windows/client-management/mdm/index.yml b/windows/client-management/mdm/index.yml
index d8bd8ed982..db2be7efaf 100644
--- a/windows/client-management/mdm/index.yml
+++ b/windows/client-management/mdm/index.yml
@@ -47,7 +47,7 @@ landingContent:
           - text: Policy CSP
             url: policy-configuration-service-provider.md
           - text: Policy DDF file
-            url: policy-ddf-file.md
+            url: configuration-service-provider-ddf.md
           - text: Policy CSP - Start
             url: policy-csp-start.md
           - text: Policy CSP - Update
diff --git a/windows/client-management/mdm/policy-csp-controlpolicyconflict.md b/windows/client-management/mdm/policy-csp-controlpolicyconflict.md
index f955123b29..b6865f7b07 100644
--- a/windows/client-management/mdm/policy-csp-controlpolicyconflict.md
+++ b/windows/client-management/mdm/policy-csp-controlpolicyconflict.md
@@ -58,7 +58,7 @@ This ensures that:
 -  The current Policy Manager policies are refreshed from what MDM has set
 -  Any values set by scripts/user outside of GP that conflict with MDM are removed
 
-The [Policy DDF](policy-ddf-file.md) contains the following tags to identify the policies with equivalent GP:
+The [Policy DDF](configuration-service-provider-ddf.md) contains the following tags to identify the policies with equivalent GP:
 
 -  \<MSFT:ADMXBacked\>
 -  \<MSFT:ADMXMapped\>
diff --git a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
index 459b035faf..075a1bd389 100644
--- a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
+++ b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
@@ -19,7 +19,7 @@ ms.topic: reference
 <!-- LocalPoliciesSecurityOptions-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 > [!NOTE]
-> To find data formats (and other policy-related details), see [Policy DDF file](./policy-ddf-file.md).
+> To find data formats (and other policy-related details), see [Policy DDF file](./configuration-service-provider-ddf.md).
 <!-- LocalPoliciesSecurityOptions-Editable-End -->
 
 <!-- Accounts_BlockMicrosoftAccounts-Begin -->

From fd9d7ac6ef6ee08dd128111579a334c9f1528a15 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Mon, 6 Feb 2023 14:21:48 -0500
Subject: [PATCH 81/98] Fix redirect

---
 .openpublishing.redirection.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 22639222c2..645db60d9e 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -20516,7 +20516,7 @@
       "redirect_document_id": true
     },
     {
-      "source_path": "windows-docs-pr/windows/client-management/mdm/policy-ddf-file.md",
+      "source_path": "windows/client-management/mdm/policy-ddf-file.md",
       "redirect_url": "/windows/client-management/mdm/configuration-service-provider-ddf",
       "redirect_document_id": true
     }

From 929412537593106e322a22679bda52e23c372a5c Mon Sep 17 00:00:00 2001
From: Tarun Maganur <104856032+Tarun-Edu@users.noreply.github.com>
Date: Mon, 6 Feb 2023 13:51:19 -0800
Subject: [PATCH 82/98] Update windows-11-se-overview.md

---
 education/windows/windows-11-se-overview.md | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/education/windows/windows-11-se-overview.md b/education/windows/windows-11-se-overview.md
index 8a63a27c99..bf2de408fe 100644
--- a/education/windows/windows-11-se-overview.md
+++ b/education/windows/windows-11-se-overview.md
@@ -93,6 +93,7 @@ The following applications can also run on Windows 11 SE, and can be deployed us
 | `Class Policy`                            | 114.0.0           | Win32    | `Class Policy`                            |
 | `Classroom.cloud`                         | 1.40.0004         | Win32    | `NetSupport`                              |
 | `CoGat Secure Browser`                    | 11.0.0.19         | Win32    | `Riverside Insights`                      |
+| `ContentKeeper Cloud`                     | 9.01.45           | Win32    | `ContentKeeper Technologies`              |
 | `Dragon Professional Individual`          | 15.00.100         | Win32    | `Nuance Communications`                   |
 | `DRC INSIGHT Online Assessments`          | 12.0.0.0          | `Store`  | `Data recognition Corporation`            |
 | `Duo from Cisco`                          | 3.0.0             | Win32    | `Cisco`                                   |
@@ -104,7 +105,7 @@ The following applications can also run on Windows 11 SE, and can be deployed us
 | `Free NaturalReader`                      | 16.1.2            | Win32    | `Natural Soft`                            |
 | `Ghotit Real Writer & Reader`             | 10.14.2.3         | Win32    | `Ghotit Ltd`                              |
 | `GoGuardian`                              | 1.4.4             | Win32    | `GoGuardian`                              |
-| `Google Chrome`                           | 102.0.5005.115    | Win32    | `Google`                                  |
+| `Google Chrome`                           | 109.0.5414.75     | Win32    | `Google`                                  |
 | `Illuminate Lockdown Browser`             | 2.0.5             | Win32    | `Illuminate Education`                    |
 | `Immunet`                                 | 7.5.8.21178       | Win32    | `Immunet`                                 |
 | `Impero Backdrop Client`                  | 4.4.86            | Win32    | `Impero Software`                         |
@@ -137,10 +138,10 @@ The following applications can also run on Windows 11 SE, and can be deployed us
 | `Respondus Lockdown Browser`              | 2.0.9.03          | Win32    | `Respondus`                               |
 | `Safe Exam Browser`                       | 3.4.1.505         | Win32    | `Safe Exam Browser`                       |
 | `Senso.Cloud`                             | 2021.11.15.0      | Win32    | `Senso.Cloud`                             |
-| `Smoothwall Monitor`                      | 2.8.0             | Win32    | `Smoothwall Ltd`                          |
+| `Smoothwall Monitor`                      | 2.9.2             | Win32    | `Smoothwall Ltd`                          |
 | `SuperNova Magnifier & Screen Reader`     | 21.02             | Win32    | `Dolphin Computer Access`                 |
 | `SuperNova Magnifier & Speech`            | 21.02             | Win32    | `Dolphin Computer Access`                 |
-|`TX Secure Browser`                        | 15.0.0            | Win32    | `Cambium Development`
+|`TX Secure Browser`                        | 15.0.0            | Win32    | `Cambium Development`                     |
 | `VitalSourceBookShelf`                    | 10.2.26.0         | Win32    | `VitalSource Technologies Inc`            |
 | `Winbird`                                 | 19                | Win32    | `Winbird Co., Ltd.`                       |
 | `WordQ`                                   | 5.4.23            | Win32    | `Mathetmots`                              |

From 9719a245a7fec2c5cfc7fb2eb3f3244308bcd858 Mon Sep 17 00:00:00 2001
From: Andre Della Monica <andredm@microsoft.com>
Date: Mon, 6 Feb 2023 20:03:28 -0600
Subject: [PATCH 83/98] Doc updates to Feature and Quality updates

---
 ...autopatch-windows-feature-update-overview.md |  6 +++---
 ...autopatch-windows-quality-update-overview.md | 17 ++++++++++++-----
 2 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
index b58aa2938f..5f3cf42951 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
@@ -1,7 +1,7 @@
 ---
 title: Windows feature updates
 description: This article explains how Windows feature updates are managed in Autopatch
-ms.date: 02/02/2023
+ms.date: 02/07/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: conceptual
@@ -88,7 +88,7 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 8. If you're resuming an update, you can select one or more deployment rings.
 9. Select **Okay**.
 
-If you've paused an update, the specified release will have the **Customer Paused** status. The Windows Autopatch service can't overwrite a customer-initiated pause. You must select **Resume** to resume the update.
+If you've paused an update, the specified release will have the **Customer Pause** status. The Windows Autopatch service can't overwrite IT admin's pause. You must select **Resume** to resume the update.
 
 > [!NOTE]
 > The **Service Paused** status only applies to [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release). Windows Autopatch doesn't pause Windows feature updates on your behalf.
@@ -98,7 +98,7 @@ If you've paused an update, the specified release will have the **Customer Pause
 Windows Autopatch doesn’t support the rollback of Windows Feature updates.
 
 > [!CAUTION]
-> It’s not recommended to use [Microsoft Intune’s capabilities](/mem/intune/protect/windows-10-update-rings#manage-your-windows-update-rings) to pause and rollback a Windows feature update. However, if you choose to pause, resume and/or roll back from Intune, Windows Autopatch is **not** responsible for any problems that arise from rolling back the Windows feature update.
+> It's only recommended to use Windows Autopatch's end-user experience to pause and resume [Windows quality](windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release). If you need assistance with pausing and resuming updates, please [submit a support request](../operate/windows-autopatch-support-request.md).
 
 ## Contact support
 
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index c8ab6062c6..2ed89e8d06 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -1,7 +1,7 @@
 ---
 title: Windows quality updates
 description: This article explains how Windows quality updates are managed in Autopatch
-ms.date: 12/15/2022
+ms.date: 02/07/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: conceptual
@@ -9,7 +9,7 @@ ms.localizationpriority: medium
 author: tiaraquan
 ms.author: tiaraquan
 manager: dougeby
-msreviewer: hathind
+msreviewer: andredm7
 ---
 
 # Windows quality updates
@@ -125,12 +125,19 @@ If Windows Autopatch detects a [significant issue with a release](../operate/win
 8. If you're resuming an update, you can select one or more deployment rings.
 9. Select **Okay**.
 
-There are two statuses associated with paused quality updates, **Service Paused** and **Customer Paused**.
+> [!CAUTION]
+> It's only recommended to use Windows Autopatch's end-user experience to pause and resume [Windows quality](windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release). If you need assistance with pausing and resuming updates, please [submit a support request](../operate/windows-autopatch-support-request.md).
+
+There are three statuses associated with paused quality updates, **Service Paused**, **Customer Paused** and **Customer & Service pause**.
 
 | Status | Description |
 | ----- | ------ |
-| Service Paused | If the Windows Autopatch service has paused an update, the release will have the **Service Paused** status. You must [submit a support request](windows-autopatch-support-request.md) to resume the update. |
-| Customer Paused | If you've paused an update, the release will have the **Customer Paused** status. The Windows Autopatch service can't overwrite a customer-initiated pause. You must select **Resume** to resume the update. |
+| Service Pause | If the Windows Autopatch service has paused an update, the release will have the **Service Pause** status. You must [submit a support request](windows-autopatch-support-request.md) to resume the update. |
+| Customer Pause | If you've paused an update, the release will have the **Customer Pause** status. The Windows Autopatch service can't overwrite a customer-initiated pause. You must select **Resume** to resume the update. |
+| Customer & Service Pause | If you and Microsoft (Windows Autopatch service) have both paused an update, the release will have the **Customer & Service pause** status. If you plan on resuming an update deployment under this mixed state, you must first [submit a support request](windows-autopatch-support-request.md) for Windows Autopatch service engineers to resume the update deployment on your behalf, this will change your update deployment status to **Customer pause**, once this happens, you can resume the update deployment in Windows Autopatch Release management blade yourself. |
+
+> [!NOTE]
+> The service-level pause of updates is driven by the various software update deployment-related signals Windows Autopatch receive from Windows Update for Business several other product groups within Microsoft.
 
 ## Remediating Ineligible and/or Not up to Date devices
 

From 6050b7cd71e4802c908a12c71ecfa182c09563ea Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Mon, 6 Feb 2023 19:41:41 -0800
Subject: [PATCH 84/98] Update
 windows-autopatch-windows-feature-update-overview.md

---
 .../windows-autopatch-windows-feature-update-overview.md      | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
index 5f3cf42951..0d53f7c783 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
@@ -91,14 +91,14 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 If you've paused an update, the specified release will have the **Customer Pause** status. The Windows Autopatch service can't overwrite IT admin's pause. You must select **Resume** to resume the update.
 
 > [!NOTE]
-> The **Service Paused** status only applies to [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release). Windows Autopatch doesn't pause Windows feature updates on your behalf.
+> The **Service Pause** status only applies to [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release). Windows Autopatch doesn't pause Windows feature updates on your behalf.
 
 ## Rollback
 
 Windows Autopatch doesn’t support the rollback of Windows Feature updates.
 
 > [!CAUTION]
-> It's only recommended to use Windows Autopatch's end-user experience to pause and resume [Windows quality](windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release). If you need assistance with pausing and resuming updates, please [submit a support request](../operate/windows-autopatch-support-request.md).
+> It's only recommended to use Windows Autopatch's end-user experience to pause and resume [Windows quality](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release). If you need assistance with pausing and resuming updates, please [submit a support request](../operate/windows-autopatch-support-request.md).
 
 ## Contact support
 

From 4735447f4381f2a9c62fe0cda6915f096e61a44f Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Mon, 6 Feb 2023 19:45:04 -0800
Subject: [PATCH 85/98] Update
 windows-autopatch-windows-quality-update-overview.md

---
 .../windows-autopatch-windows-quality-update-overview.md    | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index 2ed89e8d06..ee7cad09af 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -128,13 +128,13 @@ If Windows Autopatch detects a [significant issue with a release](../operate/win
 > [!CAUTION]
 > It's only recommended to use Windows Autopatch's end-user experience to pause and resume [Windows quality](windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release). If you need assistance with pausing and resuming updates, please [submit a support request](../operate/windows-autopatch-support-request.md).
 
-There are three statuses associated with paused quality updates, **Service Paused**, **Customer Paused** and **Customer & Service pause**.
+The three following statuses are associated with paused quality updates:
 
 | Status | Description |
 | ----- | ------ |
-| Service Pause | If the Windows Autopatch service has paused an update, the release will have the **Service Pause** status. You must [submit a support request](windows-autopatch-support-request.md) to resume the update. |
+| Service Pause | If the Windows Autopatch service has paused an update, the release will have the **Service Pause** status. You must [submit a support request](../operate/windows-autopatch-support-request.md) to resume the update. |
 | Customer Pause | If you've paused an update, the release will have the **Customer Pause** status. The Windows Autopatch service can't overwrite a customer-initiated pause. You must select **Resume** to resume the update. |
-| Customer & Service Pause | If you and Microsoft (Windows Autopatch service) have both paused an update, the release will have the **Customer & Service pause** status. If you plan on resuming an update deployment under this mixed state, you must first [submit a support request](windows-autopatch-support-request.md) for Windows Autopatch service engineers to resume the update deployment on your behalf, this will change your update deployment status to **Customer pause**, once this happens, you can resume the update deployment in Windows Autopatch Release management blade yourself. |
+| Customer & Service Pause | If you and Windows Autopatch have both paused an update, the release will have the **Customer & Service Pause** status. If you plan on resuming an update deployment under this mixed state, you must first [submit a support request](../operate/windows-autopatch-support-request.md) for Windows Autopatch to resume the update deployment on your behalf. After approval, the update deployment status will change to **Customer Pause**. Once this happens, you can resume the update deployment in Windows Autopatch Release management blade. |
 
 > [!NOTE]
 > The service-level pause of updates is driven by the various software update deployment-related signals Windows Autopatch receive from Windows Update for Business several other product groups within Microsoft.

From 3540e551d428c21eeed3cd59845043d6983cb727 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Mon, 6 Feb 2023 19:45:37 -0800
Subject: [PATCH 86/98] Update
 windows-autopatch-windows-feature-update-overview.md

---
 .../windows-autopatch-windows-feature-update-overview.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
index 0d53f7c783..5289b2b06f 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
@@ -95,7 +95,7 @@ If you've paused an update, the specified release will have the **Customer Pause
 
 ## Rollback
 
-Windows Autopatch doesn’t support the rollback of Windows Feature updates.
+Windows Autopatch doesn’t support the rollback of Windows feature updates.
 
 > [!CAUTION]
 > It's only recommended to use Windows Autopatch's end-user experience to pause and resume [Windows quality](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release). If you need assistance with pausing and resuming updates, please [submit a support request](../operate/windows-autopatch-support-request.md).

From dada47a33c1a22c74b66abc8995cfe8d1e562c4a Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 7 Feb 2023 06:49:19 -0800
Subject: [PATCH 87/98] Update
 windows-autopatch-windows-feature-update-overview.md

---
 .../windows-autopatch-windows-feature-update-overview.md      | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
index 5289b2b06f..fb14accf70 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
@@ -73,6 +73,10 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 
 ## Pausing and resuming a release
 
+> [!CAUTION]
+> It's only recommended to use Windows Autopatch's end-user experience to pause and resume [Windows quality](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release). If you need assistance with pausing and resuming updates, please [submit a support request](../operate/windows-autopatch-support-request.md).
+
+
 > [!IMPORTANT]
 > Pausing or resuming an update can take up to eight hours to be applied to devices. Windows Autopatch uses Microsoft Intune as its management solution and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
 

From bb140fa7c3411341ad07904d39f372992e9f7e8e Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 7 Feb 2023 06:50:04 -0800
Subject: [PATCH 88/98] Update
 windows-autopatch-windows-feature-update-overview.md

---
 .../operate/windows-autopatch-windows-feature-update-overview.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
index fb14accf70..7425935a04 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
@@ -76,7 +76,6 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
 > [!CAUTION]
 > It's only recommended to use Windows Autopatch's end-user experience to pause and resume [Windows quality](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release). If you need assistance with pausing and resuming updates, please [submit a support request](../operate/windows-autopatch-support-request.md).
 
-
 > [!IMPORTANT]
 > Pausing or resuming an update can take up to eight hours to be applied to devices. Windows Autopatch uses Microsoft Intune as its management solution and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
 

From ba077c67462cb50bb07b6ce8cb8e5522cec934fa Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 7 Feb 2023 07:03:49 -0800
Subject: [PATCH 89/98] Update
 windows-autopatch-windows-quality-update-overview.md

---
 .../windows-autopatch-windows-quality-update-overview.md    | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index ee7cad09af..f585127b25 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -108,6 +108,9 @@ Windows Autopatch schedules and deploys required Out of Band (OOB) updates relea
 
 ### Pausing and resuming a release
 
+> [!CAUTION]
+> It's only recommended to use Windows Autopatch's end-user experience to pause and resume [Windows quality](windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release). If you need assistance with pausing and resuming updates, please [submit a support request](../operate/windows-autopatch-support-request.md).
+
 If Windows Autopatch detects a [significant issue with a release](../operate/windows-autopatch-windows-quality-update-signals.md), we may decide to pause that release.
 
 > [!IMPORTANT]
@@ -125,9 +128,6 @@ If Windows Autopatch detects a [significant issue with a release](../operate/win
 8. If you're resuming an update, you can select one or more deployment rings.
 9. Select **Okay**.
 
-> [!CAUTION]
-> It's only recommended to use Windows Autopatch's end-user experience to pause and resume [Windows quality](windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release). If you need assistance with pausing and resuming updates, please [submit a support request](../operate/windows-autopatch-support-request.md).
-
 The three following statuses are associated with paused quality updates:
 
 | Status | Description |

From 13f46a695fda77ee3e10c66b6425571f379d2d4f Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 7 Feb 2023 08:16:34 -0800
Subject: [PATCH 90/98] Update
 windows-autopatch-windows-quality-update-overview.md

---
 .../windows-autopatch-windows-quality-update-overview.md     | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index f585127b25..d0f0148818 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -111,7 +111,7 @@ Windows Autopatch schedules and deploys required Out of Band (OOB) updates relea
 > [!CAUTION]
 > It's only recommended to use Windows Autopatch's end-user experience to pause and resume [Windows quality](windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release). If you need assistance with pausing and resuming updates, please [submit a support request](../operate/windows-autopatch-support-request.md).
 
-If Windows Autopatch detects a [significant issue with a release](../operate/windows-autopatch-windows-quality-update-signals.md), we may decide to pause that release.
+The service-level pause of updates is driven by the various software update deployment-related signals Windows Autopatch receive from Windows Update for Business several other product groups within Microsoft. If Windows Autopatch detects a [significant issue with a release](../operate/windows-autopatch-windows-quality-update-signals.md), we may decide to pause that release.
 
 > [!IMPORTANT]
 > Pausing or resuming an update can take up to eight hours to be applied to devices. Windows Autopatch uses Microsoft Intune as its management solution and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
@@ -136,9 +136,6 @@ The three following statuses are associated with paused quality updates:
 | Customer Pause | If you've paused an update, the release will have the **Customer Pause** status. The Windows Autopatch service can't overwrite a customer-initiated pause. You must select **Resume** to resume the update. |
 | Customer & Service Pause | If you and Windows Autopatch have both paused an update, the release will have the **Customer & Service Pause** status. If you plan on resuming an update deployment under this mixed state, you must first [submit a support request](../operate/windows-autopatch-support-request.md) for Windows Autopatch to resume the update deployment on your behalf. After approval, the update deployment status will change to **Customer Pause**. Once this happens, you can resume the update deployment in Windows Autopatch Release management blade. |
 
-> [!NOTE]
-> The service-level pause of updates is driven by the various software update deployment-related signals Windows Autopatch receive from Windows Update for Business several other product groups within Microsoft.
-
 ## Remediating Ineligible and/or Not up to Date devices
 
 To ensure your devices receive Windows quality updates, Windows Autopatch provides information on how you can remediate [Ineligible Devices (Customer Actions)](../operate/windows-autopatch-windows-quality-update-reports-overview.md#ineligible-devices-customer-action). In addition, the Windows Autopatch service may remediate [Not up to Date devices](../operate/windows-autopatch-windows-quality-update-reports-overview.md#not-up-to-date-microsoft-action) to bring them back into compliance.

From ccdf23dececf81ea2f04491a26bfbf44204be7e2 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 7 Feb 2023 11:09:39 -0800
Subject: [PATCH 91/98] Update
 windows-autopatch-windows-quality-update-overview.md

---
 .../windows-autopatch-windows-quality-update-overview.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index d0f0148818..5c89498b75 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -134,7 +134,7 @@ The three following statuses are associated with paused quality updates:
 | ----- | ------ |
 | Service Pause | If the Windows Autopatch service has paused an update, the release will have the **Service Pause** status. You must [submit a support request](../operate/windows-autopatch-support-request.md) to resume the update. |
 | Customer Pause | If you've paused an update, the release will have the **Customer Pause** status. The Windows Autopatch service can't overwrite a customer-initiated pause. You must select **Resume** to resume the update. |
-| Customer & Service Pause | If you and Windows Autopatch have both paused an update, the release will have the **Customer & Service Pause** status. If you plan on resuming an update deployment under this mixed state, you must first [submit a support request](../operate/windows-autopatch-support-request.md) for Windows Autopatch to resume the update deployment on your behalf. After approval, the update deployment status will change to **Customer Pause**. Once this happens, you can resume the update deployment in Windows Autopatch Release management blade. |
+| Customer & Service Pause | If you and Windows Autopatch have both paused an update, the release will have the Customer & Service Pause status. If you resume the update, and the Service Pause status still remains, you must [submit a support request](../operate/windows-autopatch-support-request.md) for Windows Autopatch to resume the update deployment on your behalf. |
 
 ## Remediating Ineligible and/or Not up to Date devices
 

From 974834f1de9ee341caa655285cc0290b84232e35 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 7 Feb 2023 11:19:13 -0800
Subject: [PATCH 92/98] Update
 windows-autopatch-windows-quality-update-overview.md

---
 .../windows-autopatch-windows-quality-update-overview.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index 5c89498b75..0651acb3f9 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -134,7 +134,7 @@ The three following statuses are associated with paused quality updates:
 | ----- | ------ |
 | Service Pause | If the Windows Autopatch service has paused an update, the release will have the **Service Pause** status. You must [submit a support request](../operate/windows-autopatch-support-request.md) to resume the update. |
 | Customer Pause | If you've paused an update, the release will have the **Customer Pause** status. The Windows Autopatch service can't overwrite a customer-initiated pause. You must select **Resume** to resume the update. |
-| Customer & Service Pause | If you and Windows Autopatch have both paused an update, the release will have the Customer & Service Pause status. If you resume the update, and the Service Pause status still remains, you must [submit a support request](../operate/windows-autopatch-support-request.md) for Windows Autopatch to resume the update deployment on your behalf. |
+| Customer & Service Pause | If you and Windows Autopatch have both paused an update, the release will have the **Customer & Service Pause** status. If you resume the update, and the **Service Pause** status still remains, you must [submit a support request](../operate/windows-autopatch-support-request.md) for Windows Autopatch to resume the update deployment on your behalf. |
 
 ## Remediating Ineligible and/or Not up to Date devices
 

From 09b3ec450ac84e2166805231457053254f432da4 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 7 Feb 2023 11:46:39 -0800
Subject: [PATCH 93/98] Update
 windows-autopatch-windows-quality-update-overview.md

---
 .../windows-autopatch-windows-quality-update-overview.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index 0651acb3f9..107c863015 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -133,7 +133,7 @@ The three following statuses are associated with paused quality updates:
 | Status | Description |
 | ----- | ------ |
 | Service Pause | If the Windows Autopatch service has paused an update, the release will have the **Service Pause** status. You must [submit a support request](../operate/windows-autopatch-support-request.md) to resume the update. |
-| Customer Pause | If you've paused an update, the release will have the **Customer Pause** status. The Windows Autopatch service can't overwrite a customer-initiated pause. You must select **Resume** to resume the update. |
+| Customer Pause | If you've paused an update, the release will have the **Customer Pause** status. The Windows Autopatch service can't overwrite an IT admin's pause. You must select **Resume** to resume the update. |
 | Customer & Service Pause | If you and Windows Autopatch have both paused an update, the release will have the **Customer & Service Pause** status. If you resume the update, and the **Service Pause** status still remains, you must [submit a support request](../operate/windows-autopatch-support-request.md) for Windows Autopatch to resume the update deployment on your behalf. |
 
 ## Remediating Ineligible and/or Not up to Date devices

From d01dc9e1527cbc680f99eb7496db281fb74f72f0 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 8 Feb 2023 08:11:24 -0800
Subject: [PATCH 94/98] Tweak

---
 .../windows-autopatch-windows-quality-update-overview.md      | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index 107c863015..0ff47c507d 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -111,7 +111,9 @@ Windows Autopatch schedules and deploys required Out of Band (OOB) updates relea
 > [!CAUTION]
 > It's only recommended to use Windows Autopatch's end-user experience to pause and resume [Windows quality](windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release). If you need assistance with pausing and resuming updates, please [submit a support request](../operate/windows-autopatch-support-request.md).
 
-The service-level pause of updates is driven by the various software update deployment-related signals Windows Autopatch receive from Windows Update for Business several other product groups within Microsoft. If Windows Autopatch detects a [significant issue with a release](../operate/windows-autopatch-windows-quality-update-signals.md), we may decide to pause that release.
+The service-level pause of updates is driven by the various software update deployment-related signals Windows Autopatch receives from Windows Update for Business, and several other product groups within Microsoft.
+
+If Windows Autopatch detects a [significant issue with a release](../operate/windows-autopatch-windows-quality-update-signals.md), we may decide to pause that release.
 
 > [!IMPORTANT]
 > Pausing or resuming an update can take up to eight hours to be applied to devices. Windows Autopatch uses Microsoft Intune as its management solution and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>

From 466e0ce1aa02b4111e4954c7dd7b1eaac265f4d5 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 8 Feb 2023 08:22:05 -0800
Subject: [PATCH 95/98] Tweak.

---
 .../operate/windows-autopatch-support-request.md                | 2 --
 .../windows-autopatch-windows-feature-update-overview.md        | 2 +-
 .../prepare/windows-autopatch-enrollment-support-request.md     | 2 +-
 3 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-support-request.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-support-request.md
index 800f387276..79ff9e1b78 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-support-request.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-support-request.md
@@ -17,8 +17,6 @@ msreviewer: hathind
 > [!IMPORTANT]
 > Make sure you've [added and verified your admin contacts](../deploy/windows-autopatch-admin-contacts.md). The Windows Autopatch Service Engineering Team will contact these individuals for assistance with remediating issues.
 
-You can submit support tickets to Microsoft using the Windows Autopatch admin center. Email is the recommended approach to interact with the Windows Autopatch Service Engineering Team.
-
 ## Submit a new support request
 
 Support requests are triaged and responded to as they're received.
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
index 7425935a04..4d8d128f89 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
@@ -105,4 +105,4 @@ Windows Autopatch doesn’t support the rollback of Windows feature updates.
 
 ## Contact support
 
-If you’re experiencing issues related to Windows feature updates, you can [submit a support request](../operate/windows-autopatch-support-request.md). Email is the recommended approach to interact with the Windows Autopatch Service Engineering Team.
+If you’re experiencing issues related to Windows feature updates, you can [submit a support request](../operate/windows-autopatch-support-request.md).
diff --git a/windows/deployment/windows-autopatch/prepare/windows-autopatch-enrollment-support-request.md b/windows/deployment/windows-autopatch/prepare/windows-autopatch-enrollment-support-request.md
index c36be7a98b..44447d5697 100644
--- a/windows/deployment/windows-autopatch/prepare/windows-autopatch-enrollment-support-request.md
+++ b/windows/deployment/windows-autopatch/prepare/windows-autopatch-enrollment-support-request.md
@@ -14,7 +14,7 @@ msreviewer: hathind
 
 # Submit a tenant enrollment support request
 
-If you need more assistance with tenant enrollment, you can submit support requests to the Windows Autopatch Service Engineering Team in the Windows Autopatch enrollment tool. Email is the recommended approach to interact with the Windows Autopatch Service Engineering Team.
+If you need more assistance with tenant enrollment, you can submit support requests to the Windows Autopatch Service Engineering Team in the Windows Autopatch enrollment tool.
 
 > [!NOTE]
 > After you've successfully enrolled your tenant, this feature will no longer be accessible. You must [submit a support request through the Tenant administration menu](../operate/windows-autopatch-support-request.md).

From 2f809b5ce63b9100fbcc15e9d63bf5954945696f Mon Sep 17 00:00:00 2001
From: Jared Agee <jagee23@yahoo.com>
Date: Wed, 8 Feb 2023 11:36:01 -0600
Subject: [PATCH 96/98] Update remote-credential-guard.md

Removed redundant portion of a sentence,  "to turn on Windows Defender Remote Credential Guard".
---
 .../security/identity-protection/remote-credential-guard.md   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/identity-protection/remote-credential-guard.md b/windows/security/identity-protection/remote-credential-guard.md
index e094da893b..eb1922b3a8 100644
--- a/windows/security/identity-protection/remote-credential-guard.md
+++ b/windows/security/identity-protection/remote-credential-guard.md
@@ -128,7 +128,7 @@ You must enable Restricted Admin or Windows Defender Remote Credential Guard on
     
     - Add a new DWORD value named **DisableRestrictedAdmin**.
     
-    - To turn on Restricted Admin and Windows Defender Remote Credential Guard, set the value of this registry setting to 0 to turn on Windows Defender Remote Credential Guard.
+    - To turn on Restricted Admin and Windows Defender Remote Credential Guard, set the value of this registry setting to 0.
     
 3. Close Registry Editor.
 
@@ -189,4 +189,4 @@ mstsc.exe /remoteGuard
 
 - No credentials are sent to the target device, but the target device still acquires Kerberos Service Tickets on its own.
 
-- The server and client must authenticate using Kerberos.
\ No newline at end of file
+- The server and client must authenticate using Kerberos.

From bc4215046196969c65c42f6a46a68f68137dc75a Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Wed, 8 Feb 2023 14:01:26 -0800
Subject: [PATCH 97/98] Tweak.

---
 .../windows-autopatch-windows-quality-update-overview.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index 0ff47c507d..c2ad146ec6 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -89,7 +89,7 @@ By default, the service expedites quality updates as needed. For those organizat
 **To turn off service-driven expedited quality updates:**
 
 1. Go to **[Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431)** > **Devices**.
-2. Under **Windows Autopatch** > **Release management**, go to the **Release settings** tab and turn off the **Expedited Quality Updates** setting.
+2. Under **Windows Autopatch** > **Release management**, go to the **Release settings** tab and turn off the **Expedited quality updates** setting.
 
 > [!NOTE]
 > Windows Autopatch doesn't allow customers to request expedited releases.

From 1a8346994b82d7db547a5ae0729f7ea3fafad082 Mon Sep 17 00:00:00 2001
From: Angela Fleischmann <v-angelaf@microsoft.com>
Date: Wed, 8 Feb 2023 16:18:18 -0700
Subject: [PATCH 98/98] Update policy-csp-update.md

https://microsoft-ce-csi.acrolinx.cloud/api/v1/checking/scorecards/e399e338-279c-47c8-b5ad-b239d24218f0#CORRECTNESS
Line 2665 and 3061: is a integer. > is an integer.
Line 2736:  on the every week. > every week.
Line 3120: allows to remove > allows removing
---
 windows/client-management/mdm/policy-csp-update.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-update.md b/windows/client-management/mdm/policy-csp-update.md
index 434acb5dde..e9921d6795 100644
--- a/windows/client-management/mdm/policy-csp-update.md
+++ b/windows/client-management/mdm/policy-csp-update.md
@@ -2662,7 +2662,7 @@ If you select "Apply only during active hours" in conjunction with Option 1 or 2
 
 <!-- ScheduledInstallDay-Description-Begin -->
 <!-- Description-Source-DDF -->
-Enables the IT admin to schedule the day of the update installation. The data type is a integer.
+Enables the IT admin to schedule the day of the update installation. The data type is an integer.
 <!-- ScheduledInstallDay-Description-End -->
 
 <!-- ScheduledInstallDay-Editable-Begin -->
@@ -2733,7 +2733,7 @@ Enables the IT admin to schedule the day of the update installation. The data ty
 
 <!-- ScheduledInstallEveryWeek-Description-Begin -->
 <!-- Description-Source-DDF -->
-Enables the IT admin to schedule the update installation on the every week. Value type is integer.
+Enables the IT admin to schedule the update installation every week. Value type is integer.
 <!-- ScheduledInstallEveryWeek-Description-End -->
 
 <!-- ScheduledInstallEveryWeek-Editable-Begin -->
@@ -3058,7 +3058,7 @@ Enables the IT admin to schedule the update installation on the third week of th
 
 <!-- ScheduledInstallTime-Description-Begin -->
 <!-- Description-Source-DDF -->
- the IT admin to schedule the time of the update installation. The data type is a integer. Supported values are 0-23, where 0 = 12 AM and 23 = 11 PM. The default value is 3.
+ the IT admin to schedule the time of the update installation. The data type is an integer. Supported values are 0-23, where 0 = 12 AM and 23 = 11 PM. The default value is 3.
 <!-- ScheduledInstallTime-Description-End -->
 
 <!-- ScheduledInstallTime-Editable-Begin -->
@@ -3117,7 +3117,7 @@ Enables the IT admin to schedule the update installation on the third week of th
 
 <!-- SetDisablePauseUXAccess-Description-Begin -->
 <!-- Description-Source-ADMX -->
-This setting allows to remove access to "Pause updates" feature.
+This setting allows removing access to "Pause updates" feature.
 
 Once enabled user access to pause updates is removed.
 <!-- SetDisablePauseUXAccess-Description-End -->