](/windows/client-management/mdm/policy-csp-update#setpolicydrivenupdatesourceforfeatureupdates)) for either feature or quality updates is set to WSUS. If you need this content, you can set **Specify settings for optional component installation and component repair** to Windows Update and then either:
-- Change the source selection for feature and quality updates to Windows Update
+- Change the source selection for feature and quality updates to Windows Update
- Allow all classes of updates to come from WSUS by not configuring any source selections
> [!Note]
diff --git a/windows/deployment/update/forward-reverse-differentials.md b/windows/deployment/update/forward-reverse-differentials.md
index 1ac187396e..5cfe24c253 100644
--- a/windows/deployment/update/forward-reverse-differentials.md
+++ b/windows/deployment/update/forward-reverse-differentials.md
@@ -6,7 +6,7 @@ ms.subservice: itpro-updates
ms.topic: reference
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
appliesto:
- ✅ Windows 11
diff --git a/windows/deployment/update/get-started-updates-channels-tools.md b/windows/deployment/update/get-started-updates-channels-tools.md
index f52ce23286..ebdc8e3a94 100644
--- a/windows/deployment/update/get-started-updates-channels-tools.md
+++ b/windows/deployment/update/get-started-updates-channels-tools.md
@@ -6,9 +6,9 @@ ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 12/31/2017
@@ -31,7 +31,7 @@ version of the software.
## Types of updates
-We include information here about many different update types you hear about, but the two overarching types that you have the most direct control over are *feature updates* and *quality updates*.
+We include information here about many different update types you hear about, but the two overarching types that you have the most direct control over are *feature updates* and *quality updates*.
- **Feature updates:** Released annually. Feature updates add new features and functionality to Windows 10. Because they're delivered frequently (rather than every 3-5 years), they're easier to manage.
- **Quality updates:** Quality updates deliver both security and nonsecurity fixes. Quality updates include security updates, critical updates, servicing stack updates, and driver updates. They're typically released on the second Tuesday of each month, though they can be released at any time. The second-Tuesday releases are the ones that focus on security updates. Quality updates are *cumulative*, so installing the latest quality update is sufficient to get all the available fixes for a specific feature update, including any out-of-band security fixes and any *servicing stack updates* that might have been released previously.
@@ -68,7 +68,7 @@ We recommend that you use the Windows Insider Release Preview channel for valida
The **Long-Term Servicing Channel** is designed to be used only for specialized devices (which typically don't run Office) such as ones that control medical equipment or ATMs. Devices on this channel receive new feature releases every two to three years. LTSC releases service a special LTSC edition of Windows 10 and are only available through the [Microsoft Volume Licensing Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx).
-The General Availability Channel is the default servicing channel for all Windows devices except those with the LTSC edition installed. The following table shows the servicing channels available to each edition.
+The General Availability Channel is the default servicing channel for all Windows devices except those with the LTSC edition installed. The following table shows the servicing channels available to each edition.
| Edition | General Availability Channel | Insider Program | Long-Term Servicing Channel |
diff --git a/windows/deployment/update/how-windows-update-works.md b/windows/deployment/update/how-windows-update-works.md
index b8165cc86a..7641003e38 100644
--- a/windows/deployment/update/how-windows-update-works.md
+++ b/windows/deployment/update/how-windows-update-works.md
@@ -6,9 +6,9 @@ ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 12/31/2017
@@ -16,7 +16,7 @@ ms.date: 12/31/2017
# How Windows Update works
-The Windows Update workflow has four core areas of functionality:
+The Windows Update workflow has four core areas of functionality:
1. Scan
1. Orchestrator schedules the scan.
@@ -35,49 +35,49 @@ The Windows Update workflow has four core areas of functionality:
1. The arbiter finalizes before the restart.
-## How updating works
-During the updating process, the Windows Update Orchestrator operates in the background to scan, download, and install updates. It does these actions automatically, according to your settings, and silently so that doesn't disrupt your computer usage.
+## How updating works
+During the updating process, the Windows Update Orchestrator operates in the background to scan, download, and install updates. It does these actions automatically, according to your settings, and silently so that doesn't disrupt your computer usage.
-## Scanning updates
+## Scanning updates
-The Windows Update Orchestrator on your PC checks the Microsoft Update server or your WSUS endpoint for new updates at random intervals. The randomization ensures that the Windows Update server isn't overloaded with requests all at the same time. The Update Orchestrator searches only for updates that have been added since the last time updates were searched, allowing it to find updates quickly and efficiently.
+The Windows Update Orchestrator on your PC checks the Microsoft Update server or your WSUS endpoint for new updates at random intervals. The randomization ensures that the Windows Update server isn't overloaded with requests all at the same time. The Update Orchestrator searches only for updates that have been added since the last time updates were searched, allowing it to find updates quickly and efficiently.
-When devices check for updates, the Windows Update Orchestrator evaluates whether the update is appropriate for your device. It uses guidelines defined by the publisher of the update, for example, Microsoft Office including enterprise group policies.
+When devices check for updates, the Windows Update Orchestrator evaluates whether the update is appropriate for your device. It uses guidelines defined by the publisher of the update, for example, Microsoft Office including enterprise group policies.
Make sure you're familiar with the following terminology related to Windows Update scan:
|Term|Definition|
|----|----------|
-|Update|We use this term to mean several different things, but in this context it's the actual updated code or change.|
-|Bundle update|An update that contains 1-N child updates; doesn't contain payload itself.|
-|Child update|Leaf update that's bundled by another update; contains payload.|
-|Detector update|A special update that contains `IsInstalled` applicability rule only and no payload. Used for prerequisite evaluation.|
+|Update|We use this term to mean several different things, but in this context it's the actual updated code or change.|
+|Bundle update|An update that contains 1-N child updates; doesn't contain payload itself.|
+|Child update|Leaf update that's bundled by another update; contains payload.|
+|Detector update|A special update that contains `IsInstalled` applicability rule only and no payload. Used for prerequisite evaluation.|
|Category update|A special `detectoid` that has an `IsInstalled` rule that is always true. Used for grouping updates and allowing the device to filter updates. |
-|Full scan|Scan with empty datastore.|
-|Delta scan|Scan with updates from previous scan already cached in datastore.|
+|Full scan|Scan with empty datastore.|
+|Delta scan|Scan with updates from previous scan already cached in datastore.|
|Online scan|Scan that uses the network and to check an update server. |
|Offline scan|Scan that doesn't use the network and instead checks the local datastore. Only useful if online scan has been performed before. |
-|CatScan|Category scan where caller can specify a **categoryId** to get updates published under that **categoryId**.|
-|AppCatScan|Category scan where caller can specify an **AppCategoryId** to get apps published under that **appCategoryId**.|
-|Software sync|Part of the scan that only checks for software updates (both the apps and the operating system).|
-|Driver sync|Part of the scan that checks driver updates only. This sync is optional and runs after the software sync.|
+|CatScan|Category scan where caller can specify a **categoryId** to get updates published under that **categoryId**.|
+|AppCatScan|Category scan where caller can specify an **AppCategoryId** to get apps published under that **appCategoryId**.|
+|Software sync|Part of the scan that only checks for software updates (both the apps and the operating system).|
+|Driver sync|Part of the scan that checks driver updates only. This sync is optional and runs after the software sync.|
|ProductSync|A sync based on attributes, in which the client provides a list of device, product, and caller attributes ahead of time to allow service to check applicability in the cloud. |
-### How Windows Update scanning works
-
-Windows Update does the following actions when it runs a scan.
+### How Windows Update scanning works
-#### Starts the scan for updates
-When users start scanning in Windows Update through the Settings panel, the following occurs:
+Windows Update does the following actions when it runs a scan.
-- The scan first generates a `ComApi` message. The caller (Microsoft Defender Antivirus) tells the Windows Update engine to scan for updates.
-- "Agent" messages: queueing the scan, then actually starting the work:
- - Updates are identified by the different IDs ("ID = 10", "ID = 11") and from the different thread ID numbers.
- - Windows Update uses the thread ID filtering to concentrate on one particular task.
+#### Starts the scan for updates
+When users start scanning in Windows Update through the Settings panel, the following occurs:
+
+- The scan first generates a `ComApi` message. The caller (Microsoft Defender Antivirus) tells the Windows Update engine to scan for updates.
+- "Agent" messages: queueing the scan, then actually starting the work:
+ - Updates are identified by the different IDs ("ID = 10", "ID = 11") and from the different thread ID numbers.
+ - Windows Update uses the thread ID filtering to concentrate on one particular task.
-
+
#### Proxy Behavior
For Windows Update (WU) scans URLs that are used for update detection ([MS-WUSP: SimpleAuth Web Service](/openspecs/windows_protocols/ms-wusp/61235469-6c2f-4c08-9749-e35d52c16899), [MS-WUSP: Client Web Service](/openspecs/windows_protocols/ms-wusp/69093c08-da97-445e-a944-af0bef36e4ec)):
- System proxy is attempted (set using the `netsh` command).
@@ -92,57 +92,57 @@ For Windows Update URLs that _aren't_ used for update detection, such as for dow
#### Identifies service IDs
-- Service IDs indicate which update source is being scanned.
+- Service IDs indicate which update source is being scanned.
-- The Windows Update engine treats every service as a separate entity, even though multiple services may contain the same updates.
+- The Windows Update engine treats every service as a separate entity, even though multiple services may contain the same updates.
-- Common service IDs
+- Common service IDs
> [!IMPORTANT]
- > ServiceId here identifies a client abstraction, not any specific service in the cloud. No assumption should be made of which server a serviceId is pointing to. It's totally controlled by responses from the Service Locator Service.
-
+ > ServiceId here identifies a client abstraction, not any specific service in the cloud. No assumption should be made of which server a serviceId is pointing to. It's totally controlled by responses from the Service Locator Service.
+
|Service|ServiceId|
-|-------|---------|
+|-------|---------|
|Unspecified / Default|Windows Update, Microsoft Update, or WSUS
00000000-0000-0000-0000-000000000000 |
-|Windows Update|9482F4B4-E343-43B6-B170-9A65BC822C77|
-|Microsoft Update|7971f918-a847-4430-9279-4a52d1efe18d|
-|Store|855E8A7C-ECB4-4CA3-B045-1DFA50104289|
-|OS Flighting|8B24B027-1DEE-BABB-9A95-3517DFB9C552|
+|Windows Update|9482F4B4-E343-43B6-B170-9A65BC822C77|
+|Microsoft Update|7971f918-a847-4430-9279-4a52d1efe18d|
+|Store|855E8A7C-ECB4-4CA3-B045-1DFA50104289|
+|OS Flighting|8B24B027-1DEE-BABB-9A95-3517DFB9C552|
|WSUS or Configuration Manager|Via ServerSelection::ssManagedServer
3DA21691-E39D-4da6-8A4B-B43877BCB1B7 |
-|Offline scan service|Via IUpdateServiceManager::AddScanPackageService|
+|Offline scan service|Via IUpdateServiceManager::AddScanPackageService|
#### Finds network faults
-Common update failure is caused due to network issues. To find the root of the issue:
+Common update failure is caused due to network issues. To find the root of the issue:
-- Look for "ProtocolTalker" messages to see client-server sync network traffic.
-- "SOAP faults" can be either client- or server-side issues; read the message.
-- The Windows Update client uses the Service Locator Service to discover the configurations and endpoints of Microsoft network update sources: Windows update, Microsoft Update, or Flighting.
+- Look for "ProtocolTalker" messages to see client-server sync network traffic.
+- "SOAP faults" can be either client- or server-side issues; read the message.
+- The Windows Update client uses the Service Locator Service to discover the configurations and endpoints of Microsoft network update sources: Windows update, Microsoft Update, or Flighting.
> [!NOTE]
- > If the search is against WSUS or Configuration Manager, you can ignore warning messages for the Service Locator Service.
+ > If the search is against WSUS or Configuration Manager, you can ignore warning messages for the Service Locator Service.
- On sites that only use WSUS or Configuration Manager, the Service Locator Service might be blocked at the firewall. In this case the request will fail, and though the service can't scan against Windows Update or Microsoft Update, it can still scan against WSUS or Configuration Manager, since it's locally configured.
-
-## Downloading updates
+
+## Downloading updates
-Once the Windows Update Orchestrator determines which updates apply to your computer, it begins downloading the updates, if you have selected the option to automatically download updates. It does operation in the background without interrupting your normal use of the device.
+Once the Windows Update Orchestrator determines which updates apply to your computer, it begins downloading the updates, if you have selected the option to automatically download updates. It does operation in the background without interrupting your normal use of the device.
-To ensure that your other downloads aren't affected or slowed down because updates are downloading, Windows Update uses Delivery Optimization, which downloads updates and reduces bandwidth consumption.
-
-For more information, see [Configure Delivery Optimization for Windows 10 updates](../do/waas-delivery-optimization.md).
+To ensure that your other downloads aren't affected or slowed down because updates are downloading, Windows Update uses Delivery Optimization, which downloads updates and reduces bandwidth consumption.
-## Installing updates
+For more information, see [Configure Delivery Optimization for Windows 10 updates](../do/waas-delivery-optimization.md).
+
+## Installing updates
-When an update is applicable, the "Arbiter" and metadata are downloaded. Depending on your Windows Update settings, when downloading is complete, the Arbiter will gather details from the device, and compare that with the downloaded metadata to create an "action list".
+When an update is applicable, the "Arbiter" and metadata are downloaded. Depending on your Windows Update settings, when downloading is complete, the Arbiter will gather details from the device, and compare that with the downloaded metadata to create an "action list".
-The action list describes all the files needed from Windows Update, and what the installation agent (such as CBS or Setup) should do with them. The action list is provided to the installation agent along with the payload to begin the installation.
-
-## Committing Updates
+The action list describes all the files needed from Windows Update, and what the installation agent (such as CBS or Setup) should do with them. The action list is provided to the installation agent along with the payload to begin the installation.
+
+## Committing Updates
-When the option to automatically install updates is configured, the Windows Update Orchestrator, in most cases, automatically restarts the device for you after installing the updates. It has to restart the device because it might be insecure, or not fully updated, until it restarts. You can use Group Policy settings, mobile device management (MDM), or the registry (not recommended) to configure when devices will restart after a Windows 10 update is installed.
+When the option to automatically install updates is configured, the Windows Update Orchestrator, in most cases, automatically restarts the device for you after installing the updates. It has to restart the device because it might be insecure, or not fully updated, until it restarts. You can use Group Policy settings, mobile device management (MDM), or the registry (not recommended) to configure when devices will restart after a Windows 10 update is installed.
-For more information, see [Manage device restarts after updates](waas-restart.md).
+For more information, see [Manage device restarts after updates](waas-restart.md).
diff --git a/windows/deployment/update/includes/checkpoint-cumulative-updates.md b/windows/deployment/update/includes/checkpoint-cumulative-updates.md
index dd9b0e1abd..8e9fd665e1 100644
--- a/windows/deployment/update/includes/checkpoint-cumulative-updates.md
+++ b/windows/deployment/update/includes/checkpoint-cumulative-updates.md
@@ -1,7 +1,7 @@
---
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.subservice: itpro-updates
ms.service: windows-client
ms.topic: include
diff --git a/windows/deployment/update/includes/update-history.md b/windows/deployment/update/includes/update-history.md
index cc5fb9bb9f..e41c62590d 100644
--- a/windows/deployment/update/includes/update-history.md
+++ b/windows/deployment/update/includes/update-history.md
@@ -1,7 +1,7 @@
---
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.subservice: itpro-updates
ms.service: windows-client
ms.topic: include
diff --git a/windows/deployment/update/includes/wufb-reports-admin-center-permissions.md b/windows/deployment/update/includes/wufb-reports-admin-center-permissions.md
index 5fb6f0f36d..e22fc777dc 100644
--- a/windows/deployment/update/includes/wufb-reports-admin-center-permissions.md
+++ b/windows/deployment/update/includes/wufb-reports-admin-center-permissions.md
@@ -1,7 +1,7 @@
---
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.subservice: itpro-updates
ms.service: windows-client
ms.topic: include
diff --git a/windows/deployment/update/includes/wufb-reports-endpoints.md b/windows/deployment/update/includes/wufb-reports-endpoints.md
index a3bfb9b575..30e4d07f1d 100644
--- a/windows/deployment/update/includes/wufb-reports-endpoints.md
+++ b/windows/deployment/update/includes/wufb-reports-endpoints.md
@@ -1,7 +1,7 @@
---
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.subservice: itpro-updates
ms.service: windows-client
ms.topic: include
@@ -11,7 +11,7 @@ ms.localizationpriority: medium
-Devices must be able to contact the following endpoints in order to authenticate and send diagnostic data:
+Devices must be able to contact the following endpoints in order to authenticate and send diagnostic data:
| **Endpoint** | **Function** |
|---------------------------------------------------------|-----------|
diff --git a/windows/deployment/update/includes/wufb-reports-onboard-admin-center.md b/windows/deployment/update/includes/wufb-reports-onboard-admin-center.md
index f0f14e2a67..c1a8cedf98 100644
--- a/windows/deployment/update/includes/wufb-reports-onboard-admin-center.md
+++ b/windows/deployment/update/includes/wufb-reports-onboard-admin-center.md
@@ -1,7 +1,7 @@
---
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.subservice: itpro-updates
ms.service: windows-client
ms.topic: include
@@ -18,7 +18,7 @@ ms.localizationpriority: medium
- The Azure subscription
- The Log Analytics workspace
1. The initial setup can take up to 24 hours. During this time, the **Windows** tab will display that it's **Waiting for Windows Update for Business reports data**.
- - Enrolling into Windows Update for Business reports doesn't influence the rate that required data is uploaded from devices. Device connectivity to the internet and how active the device is influences how long it will take before the device appears in reporting. Devices that are active and connected to the internet daily can expect to be fully uploaded within one week (usually less than 72 hours). Devices that are less active can take up to two weeks before data is fully available.
+ - Enrolling into Windows Update for Business reports doesn't influence the rate that required data is uploaded from devices. Device connectivity to the internet and how active the device is influences how long it will take before the device appears in reporting. Devices that are active and connected to the internet daily can expect to be fully uploaded within one week (usually less than 72 hours). Devices that are less active can take up to two weeks before data is fully available.
1. After the initial setup is complete, the **Windows** tab will display your Windows Update for Business reports data in the charts.
> [!Note]
- > The device counts in the **Windows** tab may vary from the **Microsoft 365 Apps** tab since their requirements are different.
+ > The device counts in the **Windows** tab may vary from the **Microsoft 365 Apps** tab since their requirements are different.
diff --git a/windows/deployment/update/includes/wufb-reports-script-error-codes.md b/windows/deployment/update/includes/wufb-reports-script-error-codes.md
index 7057d0789c..cb975177db 100644
--- a/windows/deployment/update/includes/wufb-reports-script-error-codes.md
+++ b/windows/deployment/update/includes/wufb-reports-script-error-codes.md
@@ -1,7 +1,7 @@
---
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.subservice: itpro-updates
ms.service: windows-client
ms.topic: include
@@ -41,7 +41,7 @@ ms.localizationpriority: medium
| 62 | AllowTelemetry registry key isn't the correct type of REG_DWORD.|
| 63 | AllowTelemetry isn't set to the appropriate value and it couldn't be set by the script.|
| 64 | AllowTelemetry isn't the correct type of REG_DWORD.|
-| 66 | Failed to verify UTC connectivity and recent uploads.|
+| 66 | Failed to verify UTC connectivity and recent uploads.|
| 67 | Unexpected failure when verifying UTC CSP.|
| 99 | Device isn't Windows 10 or Windows 11.|
| 100 | Device must be Microsoft Entra joined or Microsoft Entra hybrid joined to use Windows Update for Business reports.|
diff --git a/windows/deployment/update/includes/wufb-restart-notifications-compliance-deadlines.md b/windows/deployment/update/includes/wufb-restart-notifications-compliance-deadlines.md
index 2bee5ae05c..4cd5c212cc 100644
--- a/windows/deployment/update/includes/wufb-restart-notifications-compliance-deadlines.md
+++ b/windows/deployment/update/includes/wufb-restart-notifications-compliance-deadlines.md
@@ -1,7 +1,7 @@
---
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.subservice: itpro-updates
ms.service: windows-client
ms.topic: include
@@ -12,27 +12,27 @@ ms.localizationpriority: medium
These deadline policies also offer an option to opt out of automatic restarts until a deadline is reached by presenting an "engaged restart experience" until the deadline passes. At that point, the device automatically schedules a restart regardless of active hours.
-These notifications are what the user sees depending on the settings you choose, and what operating system version their device is running. Generally, the user notifications become more noticeable as the deadline approaches. The experience described is the default and assumes there's ample time for notifications before the [effective deadline](../wufb-compliancedeadlines.md) occurs. The description doesn't account for changes to the **Display options for update notifications** policy ([Update/NoUpdateNotificationsDuringActiveHours](/windows/client-management/mdm/policy-csp-update#noupdatenotificationsduringactivehours)) or other settings that would significantly change the experience.
+These notifications are what the user sees depending on the settings you choose, and what operating system version their device is running. Generally, the user notifications become more noticeable as the deadline approaches. The experience described is the default and assumes there's ample time for notifications before the [effective deadline](../wufb-compliancedeadlines.md) occurs. The description doesn't account for changes to the **Display options for update notifications** policy ([Update/NoUpdateNotificationsDuringActiveHours](/windows/client-management/mdm/policy-csp-update#noupdatenotificationsduringactivehours)) or other settings that would significantly change the experience.
# [Windows 11, version 23H2 and later](#tab/w11-23h2-notifications)
The following notifications are what the user sees on Windows 11, version 23H2 and later, depending on the settings chosen by the user and the IT administrator:
-When **Specify deadlines for automatic updates and restarts** is set:
+When **Specify deadlines for automatic updates and restarts** is set:
-While restart is pending, before the deadline occurs, users receive a toast notification in the corner of their screen. The notification includes the deadline date, and options to either restart now, pick a time to restart, or restart tonight once active hours ends.
+While restart is pending, before the deadline occurs, users receive a toast notification in the corner of their screen. The notification includes the deadline date, and options to either restart now, pick a time to restart, or restart tonight once active hours ends.
- If the user set [the option](../waas-wufb-csp-mdm.md#user-settings-for-notifications) **Settings** > **Windows Update** > **Advanced options** > **Notify me when a restart is required to finish updating** to **On**, they immediately receive the toast notification when the device enters a restart pending state for updates. Automatic restarts for updates are blocked for 24 hours after the initial notification to give these users time to prepare.
- If the user set **Notify me when a restart is required to finish updating** to **Off** (default), they receive a toast notification that a restart is required 24 hours after the device enters a restart pending state for updates.
:::image type="content" source="../media/9091858-11-initial-toast.png" alt-text="Screenshot of the initial toast notification displayed in Windows 11 version 23H2, or later, for a user when a restart is needed for an update but isn't past the deadline." lightbox="../media/9091858-initial-toast.png":::
-Depending on settings both users and admins configure, toast notification may occur occasionally before the day of the deadline to remind the user of the update. During this time, if they're allowed, automatic restarts might be scheduled after active hours.
+Depending on settings both users and admins configure, toast notification may occur occasionally before the day of the deadline to remind the user of the update. During this time, if they're allowed, automatic restarts might be scheduled after active hours.
- If an automatic restart is scheduled or the user scheduled the restart, and the user is signed in at that time, they receive a notification 15 minutes before the scheduled time.
:::image type="content" source="../media/9091858-11-pre-deadline-restart-imminent.png" alt-text="Screenshot of the dialog displayed in Windows 11 version 23H2, or later, for a user when a restart is needed for an update but the deadline isn't reached yet. The notification contains the deadline time and options to restart now or acknowledge the notification" lightbox="../media/9091858-pre-deadline-restart-imminent.png":::
-As the device approaches the deadline time, a notification displays in the middle of the screen that contains the deadline time and options to restart now or acknowledge the notification.
+As the device approaches the deadline time, a notification displays in the middle of the screen that contains the deadline time and options to restart now or acknowledge the notification.
:::image type="content" source="../media/9091858-11-dialog-18-hours.png" alt-text="Screenshot of the dialog displayed in Windows 11 version 23H2, or later, for a user when a restart is needed for an update but the deadline isn't reached yet. The notification contains the deadline time and options to restart now or acknowledge the notification." lightbox="../media/9091858-11-dialog-18-hours.png":::
@@ -58,14 +58,14 @@ The following notifications are what the user sees on Windows 11, version 22H2 a
When **Specify deadlines for automatic updates and restarts** is set:
-For the first few days, the user receives a toast notification in the corner of their screen. The notification includes the deadline date, and options to either restart now, pick a time to restart, or restart tonight once active hours ends.
+For the first few days, the user receives a toast notification in the corner of their screen. The notification includes the deadline date, and options to either restart now, pick a time to restart, or restart tonight once active hours ends.
- If the device is Windows 11, version 22H2 and the user set [the option](../waas-wufb-csp-mdm.md#user-settings-for-notifications) **Settings** > **Windows Update** > **Advanced options** > **Notify me when a restart is required to finish updating** to **On**, they immediately receive the toast notification when the device enters a restart pending state for updates. Automatic restarts for updates are blocked for 24 hours after the initial notification to give these users time to prepare.
- If the device is Windows 11, version 22H2 and the user set **Notify me when a restart is required to finish updating** to **Off** (default), they receive a toast notification that a restart is required 24 hours after the device enters a reboot pending state for updates.
:::image type="content" source="../media/9091858-11-initial-toast.png" alt-text="Screenshot of the initial toast notification displayed in Windows 11 version 23H2, or later, for a user when a restart is needed for an update but isn't past the deadline." lightbox="../media/9091858-initial-toast.png":::
-Depending on settings both users and admins configure, notifications display in the middle of the screen as the deadline gets closer.
+Depending on settings both users and admins configure, notifications display in the middle of the screen as the deadline gets closer.
- If there's still time for an automatic restart to occur after active hours, the dialog displays an option to let the device restart later along with options to restart now or to pick a time to schedule a restart.
- If there's not time for an automatic restart to occur after active hours, the dialog displays options to pick a time to schedule a restart, restart now, or remind the user later.
@@ -76,7 +76,7 @@ During this time before the deadline is reached, if they're allowed, automatic r
:::image type="content" source="../media/9091858-11-pre-deadline-restart-imminent.png" alt-text="Screenshot of the dialog displayed for a user when a restart is needed for an update but the deadline isn't reached yet. The notification contains the deadline time and options to restart now, schedule a restart, or acknowledge the notification. This notification is displayed for Windows 11, version 22H2, and earlier devices." lightbox="../media/9091858-11-pre-deadline-restart-imminent.png":::
-The day of the deadline, a notification displays that contains the deadline time and options to restart now or acknowledge the notification.
+The day of the deadline, a notification displays that contains the deadline time and options to restart now or acknowledge the notification.
:::image type="content" source="../media/9091858-11-dialog-18-hours.png" alt-text="Screenshot of the dialog displayed for a user when a restart is needed for an update but the deadline isn't reached yet. The notification contains the deadline time and options to restart now or acknowledge the notification. This notification is displayed for Windows 11, version 22H2, and earlier devices." lightbox="../media/9091858-11-dialog-18-hours.png":::
diff --git a/windows/deployment/update/media-dynamic-update.md b/windows/deployment/update/media-dynamic-update.md
index 2bd5947bd1..d7682bf733 100644
--- a/windows/deployment/update/media-dynamic-update.md
+++ b/windows/deployment/update/media-dynamic-update.md
@@ -6,10 +6,10 @@ ms.subservice: itpro-updates
ms.topic: how-to
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.reviewer: stevedia
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
- ✅ Windows Server
@@ -38,11 +38,11 @@ Devices must be able to connect to the internet to obtain Dynamic Updates. In so
## Acquire Dynamic Update packages
-You can obtain Dynamic Update packages from the [Microsoft Update Catalog](https://catalog.update.microsoft.com). At that site, use the search bar in the upper right to find the Dynamic Update packages for a particular release. The various Dynamic Update packages might not all be present in the results from a single search, so you might have to search with different keywords to find all of the updates. Check various parts of the results to be sure you've identified the files needed. The following tables show the key values to search for or look for in the results.
+You can obtain Dynamic Update packages from the [Microsoft Update Catalog](https://catalog.update.microsoft.com). At that site, use the search bar in the upper right to find the Dynamic Update packages for a particular release. The various Dynamic Update packages might not all be present in the results from a single search, so you might have to search with different keywords to find all of the updates. Check various parts of the results to be sure you've identified the files needed. The following tables show the key values to search for or look for in the results.
### Windows Server 2025 Dynamic Update packages
-**Title** can distinguish each Dynamic Package. Latest cumulative updates have the servicing stack embedded. The servicing stack is published only if necessary for a given cumulative update.
+**Title** can distinguish each Dynamic Package. Latest cumulative updates have the servicing stack embedded. The servicing stack is published only if necessary for a given cumulative update.
| Update packages |Title |
|-----------------------------------|--------------------------------------------------------------------------------------|
@@ -161,7 +161,7 @@ Optional Components, along with the .NET feature, can be installed offline. Howe
### Checkpoint cumulative updates
-Starting with Windows 11, version 24H2, and Windows Server 2025, the latest cumulative update might have a prerequisite cumulative update that is required to be installed first. These updates are known as checkpoint cumulative updates. In these cases, the cumulative update file level differentials are based on a previous cumulative update instead of the Windows RTM release. The benefit is a smaller update package and faster installation. When you obtain the latest cumulative update from the [Microsoft Update Catalog](https://catalog.update.microsoft.com), checkpoint cumulative updates are available from the download button. In addition, the knowledge base article for the cumulative update provides additional information.
+Starting with Windows 11, version 24H2, and Windows Server 2025, the latest cumulative update might have a prerequisite cumulative update that is required to be installed first. These updates are known as checkpoint cumulative updates. In these cases, the cumulative update file level differentials are based on a previous cumulative update instead of the Windows RTM release. The benefit is a smaller update package and faster installation. When you obtain the latest cumulative update from the [Microsoft Update Catalog](https://catalog.update.microsoft.com), checkpoint cumulative updates are available from the download button. In addition, the knowledge base article for the cumulative update provides additional information.
To install the checkpoint(s) when servicing the Windows OS (steps 9 & 12) and WinPE (steps 17 & 23), call `Add-WindowsPackage` with the target cumulative update. The folder from `-PackagePath` is used to discover and install one or more checkpoints as needed. Only the target cumulative update and checkpoint cumulative updates should be in the `-PackagePath` folder. Cumulative update packages with a revision <= the target cumulative update are processed. If you aren't customizing the image with additional languages and/or optional features, then separate calls to `Add-WindowsPackage` (checkpoint cumulative updates first) can be used for steps 9 & 17 above. Separate calls can't be used for steps 12 and 23.
@@ -253,13 +253,13 @@ Get-ChildItem -Path $MEDIA_NEW_PATH -Recurse | Where-Object { -not $_.PSIsContai
### Update WinRE and each main OS Windows edition
-The script updates each edition of Windows within the main operating system file (install.wim). For each edition, the main OS image is mounted.
+The script updates each edition of Windows within the main operating system file (install.wim). For each edition, the main OS image is mounted.
-For the first image, Winre.wim is copied to the working folder, and mounted. It then applies servicing stack via the latest cumulative update, since its components are used for updating other components. Depending on the Windows release that you're updating, there are two different approaches for updating the servicing stack. The first approach is to use the combined cumulative update. This is for Windows releases that are shipping a combined cumulative update that includes the servicing stack updates (that is, SSU + LCU are combined). Windows 11, version 21H2, and Windows 11, version 22H2 are examples. In these cases, the servicing stack update isn't published separately; the combined cumulative update should be used for this step. However, in rare cases, there might be a breaking change in the combined cumulative update format change, that requires a standalone servicing stack update to be published, and installed first before the combined cumulative update can be installed. Since the script is optionally adding Japanese, it adds the language pack to the image, and installs the Japanese versions of all optional packages already installed in Winre.wim. Then, it applies the Safe OS Dynamic Update package. It finishes by cleaning and exporting the image to reduce the image size.
+For the first image, Winre.wim is copied to the working folder, and mounted. It then applies servicing stack via the latest cumulative update, since its components are used for updating other components. Depending on the Windows release that you're updating, there are two different approaches for updating the servicing stack. The first approach is to use the combined cumulative update. This is for Windows releases that are shipping a combined cumulative update that includes the servicing stack updates (that is, SSU + LCU are combined). Windows 11, version 21H2, and Windows 11, version 22H2 are examples. In these cases, the servicing stack update isn't published separately; the combined cumulative update should be used for this step. However, in rare cases, there might be a breaking change in the combined cumulative update format change, that requires a standalone servicing stack update to be published, and installed first before the combined cumulative update can be installed. Since the script is optionally adding Japanese, it adds the language pack to the image, and installs the Japanese versions of all optional packages already installed in Winre.wim. Then, it applies the Safe OS Dynamic Update package. It finishes by cleaning and exporting the image to reduce the image size.
-Next, for the mounted OS image, the script starts by applying the servicing stack via the latest cumulative update. Then, it adds Japanese language support and then the Japanese language features. Unlike the Dynamic Update packages, it uses `Add-WindowsCapability` to add these features. For a full list of such features, and their associated capability name, see [Available Features on Demand](/windows-hardware/manufacture/desktop/features-on-demand-non-language-fod). Now is the time to enable other Optional Components or add other Features on Demand. If such a feature has an associated cumulative update (for example, .NET), this is the time to apply those. The script then attempts to clean the image, then a final step to apply the latest cumulative update. It's important to apply the latest cumulative update last, to ensure Features on Demand, Optional Components, and Languages are updated from their initial release state. The .NET feature is an exception that's added along with its cumulative update next. Finally, the script exports the image.
+Next, for the mounted OS image, the script starts by applying the servicing stack via the latest cumulative update. Then, it adds Japanese language support and then the Japanese language features. Unlike the Dynamic Update packages, it uses `Add-WindowsCapability` to add these features. For a full list of such features, and their associated capability name, see [Available Features on Demand](/windows-hardware/manufacture/desktop/features-on-demand-non-language-fod). Now is the time to enable other Optional Components or add other Features on Demand. If such a feature has an associated cumulative update (for example, .NET), this is the time to apply those. The script then attempts to clean the image, then a final step to apply the latest cumulative update. It's important to apply the latest cumulative update last, to ensure Features on Demand, Optional Components, and Languages are updated from their initial release state. The .NET feature is an exception that's added along with its cumulative update next. Finally, the script exports the image.
-This process is repeated for each edition of Windows within the main operating system file. To reduce size, the serviced Winre.wim file from the first image is saved, and used to update each subsequent Windows edition. This reduces the final size of install.wim.
+This process is repeated for each edition of Windows within the main operating system file. To reduce size, the serviced Winre.wim file from the first image is saved, and used to update each subsequent Windows edition. This reduces the final size of install.wim.
```powershell
@@ -270,14 +270,14 @@ This process is repeated for each edition of Windows within the main operating s
# Get the list of images contained within the main OS
$WINOS_IMAGES = Get-WindowsImage -ImagePath $MEDIA_NEW_PATH"\sources\install.wim"
-Foreach ($IMAGE in $WINOS_IMAGES)
+Foreach ($IMAGE in $WINOS_IMAGES)
{
# first mount the main OS image
Write-Output "$(Get-TS): Mounting main OS, image index $($IMAGE.ImageIndex)"
Mount-WindowsImage -ImagePath $MEDIA_NEW_PATH"\sources\install.wim" -Index $IMAGE.ImageIndex -Path $MAIN_OS_MOUNT -ErrorAction stop| Out-Null
- if ($IMAGE.ImageIndex -eq "1")
+ if ($IMAGE.ImageIndex -eq "1")
{
#
@@ -288,21 +288,21 @@ Foreach ($IMAGE in $WINOS_IMAGES)
Mount-WindowsImage -ImagePath $WORKING_PATH"\winre.wim" -Index 1 -Path $WINRE_MOUNT -ErrorAction stop | Out-Null
# Add servicing stack update (Step 1 from the table)
- Write-Output "$(Get-TS): Adding package $LCU_PATH to WinRE"
+ Write-Output "$(Get-TS): Adding package $LCU_PATH to WinRE"
try
{
- Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $LCU_PATH | Out-Null
+ Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $LCU_PATH | Out-Null
}
Catch
{
$theError = $_
Write-Output "$(Get-TS): $theError"
-
- if ($theError.Exception -like "*0x8007007e*")
+
+ if ($theError.Exception -like "*0x8007007e*")
{
Write-Warning "$(Get-TS): Failed with error 0x8007007e. This failure is a known issue with combined cumulative update, we can ignore."
}
- else
+ else
{
throw
}
@@ -311,42 +311,42 @@ Foreach ($IMAGE in $WINOS_IMAGES)
#
# Optional: Add the language to recovery environment
#
-
+
# Install lp.cab cab
Write-Output "$(Get-TS): Adding package $WINPE_OC_LP_PATH to WinRE"
Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $WINPE_OC_LP_PATH -ErrorAction stop | Out-Null
# Install language cabs for each optional package installed
$WINRE_INSTALLED_OC = Get-WindowsPackage -Path $WINRE_MOUNT
- Foreach ($PACKAGE in $WINRE_INSTALLED_OC)
+ Foreach ($PACKAGE in $WINRE_INSTALLED_OC)
{
- if ( ($PACKAGE.PackageState -eq "Installed") -and ($PACKAGE.PackageName.startsWith("WinPE-")) -and ($PACKAGE.ReleaseType -eq "FeaturePack") )
+ if ( ($PACKAGE.PackageState -eq "Installed") -and ($PACKAGE.PackageName.startsWith("WinPE-")) -and ($PACKAGE.ReleaseType -eq "FeaturePack") )
{
$INDEX = $PACKAGE.PackageName.IndexOf("-Package")
if ($INDEX -ge 0)
{
$OC_CAB = $PACKAGE.PackageName.Substring(0, $INDEX) + "_" + $LANG + ".cab"
- if ($WINPE_OC_LANG_CABS.Contains($OC_CAB))
+ if ($WINPE_OC_LANG_CABS.Contains($OC_CAB))
{
$OC_CAB_PATH = Join-Path $WINPE_OC_LANG_PATH $OC_CAB
Write-Output "$(Get-TS): Adding package $OC_CAB_PATH to WinRE"
- Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $OC_CAB_PATH -ErrorAction stop | Out-Null
+ Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $OC_CAB_PATH -ErrorAction stop | Out-Null
}
}
}
}
# Add font support for the new language
- if ( (Test-Path -Path $WINPE_FONT_SUPPORT_PATH) )
+ if ( (Test-Path -Path $WINPE_FONT_SUPPORT_PATH) )
{
Write-Output "$(Get-TS): Adding package $WINPE_FONT_SUPPORT_PATH to WinRE"
Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $WINPE_FONT_SUPPORT_PATH -ErrorAction stop | Out-Null
}
# Add TTS support for the new language
- if (Test-Path -Path $WINPE_SPEECH_TTS_PATH)
+ if (Test-Path -Path $WINPE_SPEECH_TTS_PATH)
{
- if ( (Test-Path -Path $WINPE_SPEECH_TTS_LANG_PATH) )
+ if ( (Test-Path -Path $WINPE_SPEECH_TTS_LANG_PATH) )
{
Write-Output "$(Get-TS): Adding package $WINPE_SPEECH_TTS_PATH to WinRE"
Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $WINPE_SPEECH_TTS_PATH -ErrorAction stop | Out-Null
@@ -363,7 +363,7 @@ Foreach ($IMAGE in $WINOS_IMAGES)
# Perform image cleanup
Write-Output "$(Get-TS): Performing image cleanup on WinRE"
DISM /image:$WINRE_MOUNT /cleanup-image /StartComponentCleanup /ResetBase /Defer | Out-Null
- if ($LastExitCode -ne 0)
+ if ($LastExitCode -ne 0)
{
throw "Error: Failed to perform image cleanup on WinRE. Exit code: $LastExitCode"
}
@@ -376,9 +376,9 @@ Foreach ($IMAGE in $WINOS_IMAGES)
Export-WindowsImage -SourceImagePath $WORKING_PATH"\winre.wim" -SourceIndex 1 -DestinationImagePath $WORKING_PATH"\winre2.wim" -ErrorAction stop | Out-Null
}
-
+
Copy-Item -Path $WORKING_PATH"\winre2.wim" -Destination $MAIN_OS_MOUNT"\windows\system32\recovery\winre.wim" -Force -ErrorAction stop | Out-Null
-
+
#
# update Main OS
#
@@ -415,14 +415,14 @@ Foreach ($IMAGE in $WINOS_IMAGES)
{
Write-Output "$(Get-TS): Adding $($FOD[$index]) to main OS, index $($IMAGE.ImageIndex)"
Add-WindowsCapability -Name $($FOD[$index]) -Path $MAIN_OS_MOUNT -Source $FOD_PATH -ErrorAction stop | Out-Null
- }
-
+ }
+
# Optional: Add Legacy Features
For ( $index = 0; $index -lt $OC.count; $index++)
{
Write-Output "$(Get-TS): Adding $($OC[$index]) to main OS, index $($IMAGE.ImageIndex)"
DISM /Image:$MAIN_OS_MOUNT /Enable-Feature /FeatureName:$($OC[$index]) /All | Out-Null
- if ($LastExitCode -ne 0)
+ if ($LastExitCode -ne 0)
{
throw "Error: Failed to add $($OC[$index]) to main OS, index $($IMAGE.ImageIndex). Exit code: $LastExitCode"
}
@@ -432,14 +432,14 @@ Foreach ($IMAGE in $WINOS_IMAGES)
Write-Output "$(Get-TS): Adding package $LCU_PATH to main OS, index $($IMAGE.ImageIndex)"
Add-WindowsPackage -Path $MAIN_OS_MOUNT -PackagePath $LCU_PATH -ErrorAction stop | Out-Null
- # Perform image cleanup. Some Optional Components might require the image to be booted, and thus
+ # Perform image cleanup. Some Optional Components might require the image to be booted, and thus
# image cleanup may fail. We'll catch and handle as a warning.
Write-Output "$(Get-TS): Performing image cleanup on main OS, index $($IMAGE.ImageIndex)"
DISM /image:$MAIN_OS_MOUNT /cleanup-image /StartComponentCleanup | Out-Null
- if ($LastExitCode -ne 0)
+ if ($LastExitCode -ne 0)
{
- if ($LastExitCode -eq -2146498554)
- {
+ if ($LastExitCode -eq -2146498554)
+ {
# We hit 0x800F0806 CBS_E_PENDING. We will ignore this with a warning
# This is likely due to legacy components being added that require online operations.
Write-Warning "$(Get-TS): Failed to perform image cleanup on main OS, index $($IMAGE.ImageIndex). Exit code: $LastExitCode. The operation cannot be performed until pending servicing operations are completed. The image must be booted to complete the pending servicing operation."
@@ -482,7 +482,7 @@ This script is similar to the one that updates WinRE, but instead it mounts Boot
# Get the list of images contained within WinPE
$WINPE_IMAGES = Get-WindowsImage -ImagePath $MEDIA_NEW_PATH"\sources\boot.wim"
-Foreach ($IMAGE in $WINPE_IMAGES)
+Foreach ($IMAGE in $WINPE_IMAGES)
{
# update WinPE
@@ -493,17 +493,17 @@ Foreach ($IMAGE in $WINPE_IMAGES)
try
{
Write-Output "$(Get-TS): Adding package $LCU_PATH to WinPE, image index $($IMAGE.ImageIndex)"
- Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $LCU_PATH | Out-Null
+ Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $LCU_PATH | Out-Null
}
Catch
{
$theError = $_
Write-Output "$(Get-TS): $theError"
- if ($theError.Exception -like "*0x8007007e*")
+ if ($theError.Exception -like "*0x8007007e*")
{
Write-Warning "$(Get-TS): Failed with error 0x8007007e. This failure is a known issue with combined cumulative update, we can ignore."
}
- else
+ else
{
throw
}
@@ -515,36 +515,36 @@ Foreach ($IMAGE in $WINPE_IMAGES)
# Install language cabs for each optional package installed
$WINPE_INSTALLED_OC = Get-WindowsPackage -Path $WINPE_MOUNT
- Foreach ($PACKAGE in $WINPE_INSTALLED_OC)
+ Foreach ($PACKAGE in $WINPE_INSTALLED_OC)
{
- if ( ($PACKAGE.PackageState -eq "Installed") -and ($PACKAGE.PackageName.startsWith("WinPE-")) -and ($PACKAGE.ReleaseType -eq "FeaturePack") )
+ if ( ($PACKAGE.PackageState -eq "Installed") -and ($PACKAGE.PackageName.startsWith("WinPE-")) -and ($PACKAGE.ReleaseType -eq "FeaturePack") )
{
$INDEX = $PACKAGE.PackageName.IndexOf("-Package")
- if ($INDEX -ge 0)
+ if ($INDEX -ge 0)
{
$OC_CAB = $PACKAGE.PackageName.Substring(0, $INDEX) + "_" + $LANG + ".cab"
- if ($WINPE_OC_LANG_CABS.Contains($OC_CAB))
+ if ($WINPE_OC_LANG_CABS.Contains($OC_CAB))
{
$OC_CAB_PATH = Join-Path $WINPE_OC_LANG_PATH $OC_CAB
-
+
Write-Output "$(Get-TS): Adding package $OC_CAB_PATH to WinPE, image index $($IMAGE.ImageIndex)"
- Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $OC_CAB_PATH -ErrorAction stop | Out-Null
+ Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $OC_CAB_PATH -ErrorAction stop | Out-Null
}
}
}
}
# Add font support for the new language
- if ( (Test-Path -Path $WINPE_FONT_SUPPORT_PATH) )
+ if ( (Test-Path -Path $WINPE_FONT_SUPPORT_PATH) )
{
Write-Output "$(Get-TS): Adding package $WINPE_FONT_SUPPORT_PATH to WinPE, image index $($IMAGE.ImageIndex)"
Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $WINPE_FONT_SUPPORT_PATH -ErrorAction stop | Out-Null
}
# Add TTS support for the new language
- if (Test-Path -Path $WINPE_SPEECH_TTS_PATH)
+ if (Test-Path -Path $WINPE_SPEECH_TTS_PATH)
{
- if ( (Test-Path -Path $WINPE_SPEECH_TTS_LANG_PATH) )
+ if ( (Test-Path -Path $WINPE_SPEECH_TTS_LANG_PATH) )
{
Write-Output "$(Get-TS): Adding package $WINPE_SPEECH_TTS_PATH to WinPE, image index $($IMAGE.ImageIndex)"
Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $WINPE_SPEECH_TTS_PATH -ErrorAction stop | Out-Null
@@ -555,11 +555,11 @@ Foreach ($IMAGE in $WINPE_IMAGES)
}
# Generates a new Lang.ini file which is used to define the language packs inside the image
- if ( (Test-Path -Path $WINPE_MOUNT"\sources\lang.ini") )
+ if ( (Test-Path -Path $WINPE_MOUNT"\sources\lang.ini") )
{
Write-Output "$(Get-TS): Updating lang.ini"
DISM /image:$WINPE_MOUNT /Gen-LangINI /distribution:$WINPE_MOUNT | Out-Null
- if ($LastExitCode -ne 0)
+ if ($LastExitCode -ne 0)
{
throw "Error: Failed to update lang.ini. Exit code: $LastExitCode"
}
@@ -572,33 +572,33 @@ Foreach ($IMAGE in $WINPE_IMAGES)
# Perform image cleanup
Write-Output "$(Get-TS): Performing image cleanup on WinPE, image index $($IMAGE.ImageIndex)"
DISM /image:$WINPE_MOUNT /cleanup-image /StartComponentCleanup /ResetBase /Defer | Out-Null
- if ($LastExitCode -ne 0)
+ if ($LastExitCode -ne 0)
{
throw "Error: Failed to perform image cleanup on WinPE, image index $($IMAGE.ImageIndex). Exit code: $LastExitCode"
}
- if ($IMAGE.ImageIndex -eq "2")
+ if ($IMAGE.ImageIndex -eq "2")
{
# Save setup.exe for later use. This will address possible binary mismatch with the version in the main OS \sources folder
Copy-Item -Path $WINPE_MOUNT"\sources\setup.exe" -Destination $WORKING_PATH"\setup.exe" -Force -ErrorAction stop | Out-Null
-
+
# Save setuphost.exe for later use. This will address possible binary mismatch with the version in the main OS \sources folder
# This is only required starting with Windows 11 version 24H2
$TEMP = Get-WindowsImage -ImagePath $MEDIA_NEW_PATH"\sources\boot.wim" -Index $IMAGE.ImageIndex
- if ([System.Version]$TEMP.Version -ge [System.Version]"10.0.26100")
+ if ([System.Version]$TEMP.Version -ge [System.Version]"10.0.26100")
{
Copy-Item -Path $WINPE_MOUNT"\sources\setuphost.exe" -Destination $WORKING_PATH"\setuphost.exe" -Force -ErrorAction stop | Out-Null
}
- else
+ else
{
Write-Output "$(Get-TS): Skipping copy of setuphost.exe; image version $($TEMP.Version)"
}
-
+
# Save serviced boot manager files later copy to the root media.
Copy-Item -Path $WINPE_MOUNT"\Windows\boot\efi\bootmgfw.efi" -Destination $WORKING_PATH"\bootmgfw.efi" -Force -ErrorAction stop | Out-Null
Copy-Item -Path $WINPE_MOUNT"\Windows\boot\efi\bootmgr.efi" -Destination $WORKING_PATH"\bootmgr.efi" -Force -ErrorAction stop | Out-Null
}
-
+
# Dismount
Dismount-WindowsImage -Path $WINPE_MOUNT -Save -ErrorAction stop | Out-Null
@@ -623,7 +623,7 @@ This part of the script updates the Setup files. It simply copies the individual
# Add Setup DU by copy the files from the package into the newMedia
Write-Output "$(Get-TS): Adding package $SETUP_DU_PATH"
cmd.exe /c $env:SystemRoot\System32\expand.exe $SETUP_DU_PATH -F:* $MEDIA_NEW_PATH"\sources" | Out-Null
-if ($LastExitCode -ne 0)
+if ($LastExitCode -ne 0)
{
throw "Error: Failed to expand $SETUP_DU_PATH. Exit code: $LastExitCode"
}
@@ -633,7 +633,7 @@ Write-Output "$(Get-TS): Copying $WORKING_PATH\setup.exe to $MEDIA_NEW_PATH\sour
Copy-Item -Path $WORKING_PATH"\setup.exe" -Destination $MEDIA_NEW_PATH"\sources\setup.exe" -Force -ErrorAction stop | Out-Null
# Copy setuphost.exe from boot.wim, saved earlier.
-if (Test-Path -Path $WORKING_PATH"\setuphost.exe")
+if (Test-Path -Path $WORKING_PATH"\setuphost.exe")
{
Write-Output "$(Get-TS): Copying $WORKING_PATH\setuphost.exe to $MEDIA_NEW_PATH\sources\setuphost.exe"
Copy-Item -Path $WORKING_PATH"\setuphost.exe" -Destination $MEDIA_NEW_PATH"\sources\setuphost.exe" -Force -ErrorAction stop | Out-Null
@@ -642,14 +642,14 @@ if (Test-Path -Path $WORKING_PATH"\setuphost.exe")
# Copy bootmgr files from boot.wim, saved earlier.
$MEDIA_NEW_FILES = Get-ChildItem $MEDIA_NEW_PATH -Force -Recurse -Filter b*.efi
-Foreach ($File in $MEDIA_NEW_FILES)
+Foreach ($File in $MEDIA_NEW_FILES)
{
- if (($File.Name -ieq "bootmgfw.efi") -or ($File.Name -ieq "bootx64.efi") -or ($File.Name -ieq "bootia32.efi") -or ($File.Name -ieq "bootaa64.efi"))
+ if (($File.Name -ieq "bootmgfw.efi") -or ($File.Name -ieq "bootx64.efi") -or ($File.Name -ieq "bootia32.efi") -or ($File.Name -ieq "bootaa64.efi"))
{
Write-Output "$(Get-TS): Copying $WORKING_PATH\bootmgfw.efi to $($File.FullName)"
Copy-Item -Path $WORKING_PATH"\bootmgfw.efi" -Destination $File.FullName -Force -ErrorAction stop | Out-Null
}
- elseif ($File.Name -ieq "bootmgr.efi")
+ elseif ($File.Name -ieq "bootmgr.efi")
{
Write-Output "$(Get-TS): Copying $WORKING_PATH\bootmgr.efi to $($File.FullName)"
Copy-Item -Path $WORKING_PATH"\bootmgr.efi" -Destination $File.FullName -Force -ErrorAction stop | Out-Null
diff --git a/windows/deployment/update/optional-content.md b/windows/deployment/update/optional-content.md
index 0e8eca8f1d..1872f1f2b0 100644
--- a/windows/deployment/update/optional-content.md
+++ b/windows/deployment/update/optional-content.md
@@ -6,21 +6,21 @@ ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 04/22/2024
---
# Migrating and acquiring optional Windows content during updates
-
+
This article provides some background on the problem of keeping language resources and Features on Demand during operating system updates and offers guidance to help you move forward in the short term and prepare for the long term.
-When you update the operating system, it's critical to keep language resources and Features on Demand (FODs). Many commercial organizations use Configuration Manager or other management tools to distribute and orchestrate Windows client setup using a local Windows image or WIM file (a *media-based* or *task-sequence-based* update). Others do in-place updates using an approved Windows client feature update by using Windows Server Update Services (WSUS), Configuration Manager, or equivalent tools (a *servicing-based* update).
+When you update the operating system, it's critical to keep language resources and Features on Demand (FODs). Many commercial organizations use Configuration Manager or other management tools to distribute and orchestrate Windows client setup using a local Windows image or WIM file (a *media-based* or *task-sequence-based* update). Others do in-place updates using an approved Windows client feature update by using Windows Server Update Services (WSUS), Configuration Manager, or equivalent tools (a *servicing-based* update).
-Neither approach contains the full set of Windows optional features that a user's device might need, so those features aren't migrated to the new operating system. In the past, those features weren't available in Configuration Manager nor WSUS for on-premises acquisition after a feature update.
+Neither approach contains the full set of Windows optional features that a user's device might need, so those features aren't migrated to the new operating system. In the past, those features weren't available in Configuration Manager nor WSUS for on-premises acquisition after a feature update.
## What is optional content?
@@ -29,7 +29,7 @@ Optional content includes the following items:
- General Features on Demand also referred to as FODs (for example, Windows Mixed Reality)
- Language-based and regional FODs (for example, Language.Basic~~~ja-jp~0.0.1.0)
- Local Experience Packs
-- Language packs
+- Language packs
Optional content isn't included by default in the Windows image file that is part of the operating system media available in the Volume Licensing Service Center (VLSC). Instead, it's released as an additional ISO file on VLSC. Shipping these features out of the operating system media and shipping them separately reduces the disk footprint of Windows. This approach provides more space for user's data. It also reduces the time needed to service the operating system, whether installing a monthly quality update or upgrading to a newer version. A smaller default Windows image also means less data to transmit over the network.
@@ -39,9 +39,9 @@ The challenges surrounding optional content typically fall into two groups:
### Incomplete operating system updates
-The first challenge is related to content migration during a feature update. When Windows Setup performs an in-place update, the new operating system is written to the user's disk alongside the old version in a temporary folder, where a second clean operating system is installed and prepared for the user to *move into*. When operation happens, Windows Setup enumerates optional content installed already in the current version and plans to install the new version of this content in the new operating system.
-
-Windows Setup needs access to the optional content. Since optional content isn't in the Windows image by default, Windows Setup must look elsewhere to get the Windows packages, stage them, and then install them in the new operating system. When the content can't be found, the result is an update that is missing features on the device, a frustrated end user, and likely a help desk call. This pain point is sometimes referred to as *failure to migrate optional content during update*. For media-based updates, Windows will automatically try again once the new operating system boots. We call this *latent acquisition*.
+The first challenge is related to content migration during a feature update. When Windows Setup performs an in-place update, the new operating system is written to the user's disk alongside the old version in a temporary folder, where a second clean operating system is installed and prepared for the user to *move into*. When operation happens, Windows Setup enumerates optional content installed already in the current version and plans to install the new version of this content in the new operating system.
+
+Windows Setup needs access to the optional content. Since optional content isn't in the Windows image by default, Windows Setup must look elsewhere to get the Windows packages, stage them, and then install them in the new operating system. When the content can't be found, the result is an update that is missing features on the device, a frustrated end user, and likely a help desk call. This pain point is sometimes referred to as *failure to migrate optional content during update*. For media-based updates, Windows will automatically try again once the new operating system boots. We call this *latent acquisition*.
### User-initiated feature acquisition failure
@@ -109,7 +109,7 @@ For many organizations, the deployment workflow involves a Configuration Manager
You can customize the Windows image in these ways:
- Applying a cumulative update
-- Applying updates to the servicing stack
+- Applying updates to the servicing stack
- Applying updates to `Setup.exe` binaries or other files that setup uses for feature updates
- Applying updates for the *safe operating system* (SafeOS) that's used for the Windows recovery environment
- Adding or removing languages
@@ -124,11 +124,11 @@ A partial solution to address the first pain point of failing to migrate optiona
When Setup runs, it injects these packages into the new operating system during installation. It can be an alternative to enabling Dynamic Update or customizing the operating system image before deployment. You must take care with this approach, because the packages can't be renamed. Further, the content is coming from two separate release media ISOs. The key is to copy both the FOD packages and the FOD metadata .cab from the FOD ISO into the folder, and the architecture-specific Language Pack .cab files from the LPLIP ISO. We treat InstallLangPacks failures as fatal, and roll back the entire upgrade. The idea is to not leave the user in a bad state since media-based upgrades don't migrate FOD and languages (unless Dynamic Update is enabled).
-This approach has some interesting benefits. The original Windows image doesn't need to be modified, possibly saving time and scripting.
+This approach has some interesting benefits. The original Windows image doesn't need to be modified, possibly saving time and scripting.
### Option 6: Install optional content after deployment
-This option is like Option 4 in that you customize the operating system image with more optional content after it's deployed. IT pros can extend the behavior of Windows Setup by running their own custom action scripts during and after a feature update. See [Run custom actions during feature update](/windows-hardware/manufacture/desktop/windows-setup-enable-custom-actions) for details. With this approach, you can create a device-specific migration of optional content by capturing the optional content that's installed in the operating system, and then saving this list to install the same optional content in the new operating system. Like Option 5, you would internally host a network share that contains the source of the optional content packages. Then, during the execution of Setup on the device, capture the list of installed optional content from the source operating system and save. Later, after Setup completes, you use the list to install the optional content, which leaves the user's device without loss of functionality.
+This option is like Option 4 in that you customize the operating system image with more optional content after it's deployed. IT pros can extend the behavior of Windows Setup by running their own custom action scripts during and after a feature update. See [Run custom actions during feature update](/windows-hardware/manufacture/desktop/windows-setup-enable-custom-actions) for details. With this approach, you can create a device-specific migration of optional content by capturing the optional content that's installed in the operating system, and then saving this list to install the same optional content in the new operating system. Like Option 5, you would internally host a network share that contains the source of the optional content packages. Then, during the execution of Setup on the device, capture the list of installed optional content from the source operating system and save. Later, after Setup completes, you use the list to install the optional content, which leaves the user's device without loss of functionality.
### Option 7: Configure an alternative source for optional content
@@ -161,7 +161,7 @@ Options 4 and 6 involve the most scripting. Sample scripts for Option 4 already
### Creating an optional content repository
-To get started, we build a repository of optional content and host on a network share. This content is a subset of content from the FOD and language pack ISOs that ship with each release. We configure this repository or repo with only those FODs our organization needs, using DISM /Export. For example, a superset based on taking inventory of optional features installed on existing devices. In this case, we exclude the Windows Mixed Reality feature. In addition, we copy all language packs to the root of the repository.
+To get started, we build a repository of optional content and host on a network share. This content is a subset of content from the FOD and language pack ISOs that ship with each release. We configure this repository or repo with only those FODs our organization needs, using DISM /Export. For example, a superset based on taking inventory of optional features installed on existing devices. In this case, we exclude the Windows Mixed Reality feature. In addition, we copy all language packs to the root of the repository.
@@ -170,7 +170,7 @@ To get started, we build a repository of optional content and host on a network
$LP_ISO_PATH = "C:\_IMAGE\2004_ISO\CLIENTLANGPACKDVD_OEM_MULTI.iso"
$FOD_ISO_PATH = "C:\_IMAGE\2004_ISO\FOD-PACKAGES_OEM_PT1_amd64fre_MULTI.iso"
-# Declare folders
+# Declare folders
$WORKING_PATH = "C:\_IMAGE\BuildRepo"
$MEDIA_PATH = "C:\_IMAGE\2004_SETUP"
@@ -178,20 +178,20 @@ $MAIN_OS_MOUNT = $WORKING_PATH + "\MainOSMount"
$REPO_PATH = $WORKING_PATH + "\Repo"
# Create folders for mounting image optional content repository
-if (Test-Path $MAIN_OS_MOUNT) {
- Remove-Item -Path $MAIN_OS_MOUNT -Force -Recurse -ErrorAction stop| Out-Null
+if (Test-Path $MAIN_OS_MOUNT) {
+ Remove-Item -Path $MAIN_OS_MOUNT -Force -Recurse -ErrorAction stop| Out-Null
}
-if (Test-Path $REPO_PATH) {
- Remove-Item -Path $REPO_PATH -Force -Recurse -ErrorAction stop| Out-Null
+if (Test-Path $REPO_PATH) {
+ Remove-Item -Path $REPO_PATH -Force -Recurse -ErrorAction stop| Out-Null
}
-New-Item -ItemType Directory -Force -Path $MAIN_OS_MOUNT -ErrorAction stop| Out-Null
-New-Item -ItemType Directory -Force -Path $REPO_PATH -ErrorAction stop| Out-Null
+New-Item -ItemType Directory -Force -Path $MAIN_OS_MOUNT -ErrorAction stop| Out-Null
+New-Item -ItemType Directory -Force -Path $REPO_PATH -ErrorAction stop| Out-Null
# Mount the main OS, I'll use this throughout the script
Write-Host "Mounting main OS"
-Mount-WindowsImage -ImagePath $MEDIA_PATH"\sources\install.wim" -Index 1 -Path $MAIN_OS_MOUNT -ErrorAction stop| Out-Null
+Mount-WindowsImage -ImagePath $MEDIA_PATH"\sources\install.wim" -Index 1 -Path $MAIN_OS_MOUNT -ErrorAction stop| Out-Null
# Mount the LP ISO
Write-Host "Mounting LP ISO"
@@ -203,9 +203,9 @@ $OS_LP_PATH = $LP_ISO_DRIVE_LETTER + ":\x64\langpacks\" + "*.cab"
# Mount the FOD ISO
Write-Host "Mounting FOD ISO"
$FOD_ISO_DRIVE_LETTER = (Mount-DiskImage -ImagePath $FOD_ISO_PATH -ErrorAction stop | Get-Volume).DriveLetter
-$FOD_PATH = $FOD_ISO_DRIVE_LETTER + ":\"
+$FOD_PATH = $FOD_ISO_DRIVE_LETTER + ":\"
-# Export the FODs from the ISO that we are interested in
+# Export the FODs from the ISO that we are interested in
Write-Host "Exporting FODs to Repo"
DISM /image:$MAIN_OS_MOUNT /export-source /source:$FOD_PATH /target:$REPO_PATH `
/capabilityname:Accessibility.Braille~~~~0.0.1.0 `
@@ -553,11 +553,11 @@ DISM /image:$MAIN_OS_MOUNT /export-source /source:$FOD_PATH /target:$REPO_PATH `
/capabilityname:Windows.Client.ShellComponents~~~~0.0.1.0 `
/capabilityname:Windows.Desktop.EMS-SAC.Tools~~~~0.0.1.0 `
/capabilityname:WMI-SNMP-Provider.Client~~~~0.0.1.0 `
- /capabilityname:XPS.Viewer~~~~0.0.1.0
+ /capabilityname:XPS.Viewer~~~~0.0.1.0
# This one is large, lets skip for now
#/capabilityname:Analog.Holographic.Desktop~~~~0.0.1.0 `
-
+
# Copy language caps to the repo
Copy-Item -Path $OS_LP_PATH -Destination $REPO_PATH -Force -ErrorAction stop | Out-Null
@@ -568,7 +568,7 @@ Dismount-WindowsImage -Path $MAIN_OS_MOUNT -Discard -ErrorAction ignore | Out-Nu
# Dismount ISO images
Write-Host "Dismounting ISO images"
Dismount-DiskImage -ImagePath $LP_ISO_PATH -ErrorAction ignore | Out-Null
-Dismount-DiskImage -ImagePath $FOD_ISO_PATH -ErrorAction ignore | Out-Null
+Dismount-DiskImage -ImagePath $FOD_ISO_PATH -ErrorAction ignore | Out-Null
```
@@ -588,7 +588,7 @@ $OSVERSION_PATH = $OUTPUT_PATH + "sourceVersion.txt"
$REPO_PATH = "Z:\Repo\"
$LOCAL_REPO_PATH = $OUTPUT_PATH + "Local_Repo\"
-Function Get-TS { return "{0:HH:mm:ss}" -f (Get-Date) }
+Function Get-TS { return "{0:HH:mm:ss}" -f (Get-Date) }
Function Log
{
@@ -600,7 +600,7 @@ Function Log
$M = "$(Get-TS): PreInstall: $MESSAGE"
Write-Host $M
Add-Content -Path $LOG_PATH -Value $M
-
+
}
Function IsLangFile
@@ -612,7 +612,7 @@ Function IsLangFile
if (($PATH -match '[-_~]ar[-_~]') -or ($PATH -match '[-_~]bg[-_~]') -or ($PATH -match '[-_~]cs[-_~]') -or `
($PATH -match '[-_~]da[-_~]') -or ($PATH -match '[-_~]de[-_~]') -or ($PATH -match '[-_~]el[-_~]') -or `
- ($PATH -match '[-_~]en[-_~]') -or ($PATH -match '[-_~]es[-_~]') -or ($PATH -match '[-_~]et[-_~]') -or `
+ ($PATH -match '[-_~]en[-_~]') -or ($PATH -match '[-_~]es[-_~]') -or ($PATH -match '[-_~]et[-_~]') -or `
($PATH -match '[-_~]fi[-_~]') -or ($PATH -match '[-_~]fr[-_~]') -or ($PATH -match '[-_~]he[-_~]') -or `
($PATH -match '[-_~]hr[-_~]') -or ($PATH -match '[-_~]hu[-_~]') -or ($PATH -match '[-_~]it[-_~]') -or `
($PATH -match '[-_~]ja[-_~]') -or ($PATH -match '[-_~]ko[-_~]') -or ($PATH -match '[-_~]lt[-_~]') -or `
@@ -643,7 +643,7 @@ Log "OS Version: $($OSINFO.Version)"
Add-Content -Path $OSVERSION_PATH -Value $OSINFO.Version
# Get installed languages from international settings
-$INTL = DISM.exe /Online /Get-Intl /English
+$INTL = DISM.exe /Online /Get-Intl /English
# Save only output lines with installed languages
$LANGUAGES = $INTL | Select-String -SimpleMatch 'Installed language(s)'
@@ -659,22 +659,22 @@ $SYSLANG = $SYSLANG | ForEach-Object {$_.Line.Replace("Default system UI languag
# Save these languages
Log "Default system UI language on source OS: $($SYSLANG)"
-ForEach ($ITEM in $LANGUAGES) {
+ForEach ($ITEM in $LANGUAGES) {
Log "Installed language on source OS: $($ITEM)"
Add-Content -Path $LANG_PATH -Value $ITEM
}
# Get and save installed packages, we'll use this for debugging
$PACKAGES = Get-WindowsPackage -Online
-ForEach ($ITEM in $PACKAGES) {
+ForEach ($ITEM in $PACKAGES) {
if($ITEM.PackageState -eq "Installed") {
- Log "Package $($ITEM.PackageName) is installed"
+ Log "Package $($ITEM.PackageName) is installed"
}
}
# Get and save capabilities
-$CAPABILITIES = Get-WindowsCapability -Online
-ForEach ($ITEM in $CAPABILITIES) {
+$CAPABILITIES = Get-WindowsCapability -Online
+ForEach ($ITEM in $CAPABILITIES) {
if($ITEM.State -eq "Installed") {
Log "Capability $($ITEM.Name) is installed"
Add-Content -Path $CAP_PATH -Value $ITEM.Name
@@ -688,10 +688,10 @@ ForEach ($FILE in $REPO_FILES) {
If (!(Test-Path $Path)) {
New-Item -ItemType Directory -Path $PATH -Force | Out-Null
}
- If ((IsLangFile $FILE.Name)) {
+ If ((IsLangFile $FILE.Name)) {
# Only copy those files where we need the primary languages from the source OS
- ForEach ($ITEM in $LANGUAGES) {
+ ForEach ($ITEM in $LANGUAGES) {
if ($FILE.Name -match $Item) {
If (!(Test-Path (Join-Path $Path $File.Name))) {
@@ -701,7 +701,7 @@ ForEach ($FILE in $REPO_FILES) {
else {
Log "File $($FILE.Name) already exists in local repository"
}
- }
+ }
}
} Else {
@@ -717,12 +717,12 @@ ForEach ($FILE in $REPO_FILES) {
}
Log ("Exiting")
-
+
```
### Adding optional content in the target operating system
-After setup has completed successfully, we use success.cmd to retrieve the optional content state from the source operating system and install in the new operating system only if that's missing. Then, apply the latest monthly update as a final step.
+After setup has completed successfully, we use success.cmd to retrieve the optional content state from the source operating system and install in the new operating system only if that's missing. Then, apply the latest monthly update as a final step.
```powershell
@@ -735,7 +735,7 @@ $LOCAL_REPO_PATH = $OUTPUT_PATH + "Local_Repo\"
$LCU_PATH = $OUTPUT_PATH + "Windows10.0-KB4565503-x64_PSFX.cab"
$PENDING = $false
-Function Get-TS { return "{0:HH:mm:ss}" -f (Get-Date) }
+Function Get-TS { return "{0:HH:mm:ss}" -f (Get-Date) }
Function Log
{
@@ -747,7 +747,7 @@ Function Log
$M = "$(Get-TS): PostInstall: $MESSAGE"
Write-Host $M
Add-Content -Path $LOG_PATH -Value $M
-
+
}
Log "Starting"
@@ -765,7 +765,7 @@ if (!(Test-Path $LANG_PATH) -or !(Test-Path $CAP_PATH) -or !(Test-Path $OSVERSIO
else {
# Retrive OS version from source OS
- $SOURCE_OSVERSION = Get-Content -Path $OSVERSION_PATH
+ $SOURCE_OSVERSION = Get-Content -Path $OSVERSION_PATH
if ($OSINFO.Version -eq $SOURCE_OSVERSION) {
Log "OS Version hasn't changed."
}
@@ -773,10 +773,10 @@ else {
else {
# Retrive language list from source OS
- $SOURCE_LANGUAGES = Get-Content -Path $LANG_PATH
+ $SOURCE_LANGUAGES = Get-Content -Path $LANG_PATH
# Get installed languages from International Settings
- $INTL = DISM.exe /Online /Get-Intl /English
+ $INTL = DISM.exe /Online /Get-Intl /English
# Save System Language, save only output line with default system language
$SYS_LANG = $INTL | Select-String -SimpleMatch 'Default system UI language'
@@ -786,53 +786,53 @@ else {
# Get and save installed packages, we'll use this for debugging
$PACKAGES = Get-WindowsPackage -Online
- ForEach ($ITEM in $PACKAGES) {
+ ForEach ($ITEM in $PACKAGES) {
if($ITEM.PackageState -eq "Installed") {
Log "Package $($ITEM.PackageName) is installed"
}
}
# Loop through source OS languages, and install if missing on target OS
- ForEach ($SOURCE_ITEM in $SOURCE_LANGUAGES) {
+ ForEach ($SOURCE_ITEM in $SOURCE_LANGUAGES) {
if ($SOURCE_ITEM -ne $SYS_LANG) {
# add missing languages except the system language
Log "Adding language Microsoft-Windows-Client-Language-Pack_x64_$($SOURCE_ITEM).cab"
try {
- Add-WindowsPackage -Online -PackagePath "$($LOCAL_REPO_PATH)\Microsoft-Windows-Client-Language-Pack_x64_$($SOURCE_ITEM).cab" -ErrorAction stop | Out-Null
+ Add-WindowsPackage -Online -PackagePath "$($LOCAL_REPO_PATH)\Microsoft-Windows-Client-Language-Pack_x64_$($SOURCE_ITEM).cab" -ErrorAction stop | Out-Null
}
catch {
Log $_.Exception.Message
}
}
}
-
+
# Retrieve capabilities from source OS and target OS
$SOURCE_CAPABILITIES = Get-Content -Path $CAP_PATH
- $CAPABILITIES = Get-WindowsCapability -Online
+ $CAPABILITIES = Get-WindowsCapability -Online
# Loop through source OS capabilities, and install if missing on target OS
- ForEach ($SOURCE_ITEM in $SOURCE_CAPABILITIES) {
+ ForEach ($SOURCE_ITEM in $SOURCE_CAPABILITIES) {
$INSTALLED = $false
- ForEach ($ITEM in $CAPABILITIES) {
+ ForEach ($ITEM in $CAPABILITIES) {
if ($ITEM.Name -eq $($SOURCE_ITEM)) {
if ($ITEM.State -eq "Installed") {
$INSTALLED = $true
break
}
}
- }
+ }
# Add if not already installed
if (!($INSTALLED)) {
Log "Adding capability $SOURCE_ITEM"
try {
- Add-WindowsCapability -Online -Name $SOURCE_ITEM -Source $LOCAL_REPO_PATH -ErrorAction stop | Out-Null
+ Add-WindowsCapability -Online -Name $SOURCE_ITEM -Source $LOCAL_REPO_PATH -ErrorAction stop | Out-Null
}
catch {
Log $_.Exception.Message
}
- }
+ }
else {
Log "Capability $SOURCE_ITEM is already installed"
}
@@ -840,11 +840,11 @@ else {
# Add LCU, this is required after adding FODs and languages
Log ("Adding LCU")
- Add-WindowsPackage -Online -PackagePath $LCU_PATH -NoRestart
+ Add-WindowsPackage -Online -PackagePath $LCU_PATH -NoRestart
# Get packages, we'll use this for debugging and to see if we need to restart to install
$PACKAGES = Get-WindowsPackage -Online
- ForEach ($ITEM in $PACKAGES) {
+ ForEach ($ITEM in $PACKAGES) {
Log "Package $($ITEM.PackageName) is $($ITEM.PackageState)"
if ($ITEM.PackageState -eq "InstallPending") {
$PENDING = $true
diff --git a/windows/deployment/update/plan-define-readiness.md b/windows/deployment/update/plan-define-readiness.md
index 47a408ee3e..490584def6 100644
--- a/windows/deployment/update/plan-define-readiness.md
+++ b/windows/deployment/update/plan-define-readiness.md
@@ -6,9 +6,9 @@ ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 12/31/2017
diff --git a/windows/deployment/update/plan-define-strategy.md b/windows/deployment/update/plan-define-strategy.md
index 37900735dd..1629a50e5f 100644
--- a/windows/deployment/update/plan-define-strategy.md
+++ b/windows/deployment/update/plan-define-strategy.md
@@ -6,9 +6,9 @@ ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 12/31/2017
@@ -30,7 +30,7 @@ Here's a calendar showing an example schedule that applies one Windows feature u
[  ](images/annual-calendar.png#lightbox)
-This approach provides approximately 12 months of use from each feature update before the next update is due to be installed by aligning to the Windows H2 feature update.
+This approach provides approximately 12 months of use from each feature update before the next update is due to be installed by aligning to the Windows H2 feature update.
This cadence might be most suitable for you if any of these conditions apply:
@@ -38,6 +38,6 @@ This cadence might be most suitable for you if any of these conditions apply:
- You want to wait and see how successful other companies are at adopting a Windows feature update.
-- You want to go quickly with feature updates, and want the ability to skip a feature update while keeping Windows serviced in case business priorities change.
+- You want to go quickly with feature updates, and want the ability to skip a feature update while keeping Windows serviced in case business priorities change.
diff --git a/windows/deployment/update/prepare-deploy-windows.md b/windows/deployment/update/prepare-deploy-windows.md
index def7222a70..0ac059d07a 100644
--- a/windows/deployment/update/prepare-deploy-windows.md
+++ b/windows/deployment/update/prepare-deploy-windows.md
@@ -6,7 +6,7 @@ ms.subservice: itpro-updates
ms.topic: concept-article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
appliesto:
- ✅ Windows 11
diff --git a/windows/deployment/update/release-cycle.md b/windows/deployment/update/release-cycle.md
index b195e6d540..81dd2f440a 100644
--- a/windows/deployment/update/release-cycle.md
+++ b/windows/deployment/update/release-cycle.md
@@ -6,7 +6,7 @@ ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
appliesto:
- ✅ Windows 11
diff --git a/windows/deployment/update/safeguard-holds.md b/windows/deployment/update/safeguard-holds.md
index e9d8d1decd..cb885ff58e 100644
--- a/windows/deployment/update/safeguard-holds.md
+++ b/windows/deployment/update/safeguard-holds.md
@@ -6,12 +6,12 @@ ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
ms.collection:
- highpri
- tier2
-appliesto:
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 12/31/2017
@@ -47,5 +47,5 @@ We recommend that you don't attempt to manually update until issues have been re
> [!CAUTION]
> Opting out of a safeguard hold can put devices at risk from known performance issues. We strongly recommend that you complete robust testing to ensure the impact is acceptable before opting out.
-
+
With that in mind, IT admins who stay informed with [Windows Update for Business reports](wufb-reports-overview.md) and the [Windows release health](/windows/release-health/) dashboard can choose to temporarily [opt-out of the protection of all safeguard holds](safeguard-opt-out.md) and allow an update to proceed. We recommend opting out only in an IT environment and for validation purposes. If you do opt out of a hold, this condition is temporary. Once an update is complete, the protection of safeguard holds is reinstated automatically.
diff --git a/windows/deployment/update/safeguard-opt-out.md b/windows/deployment/update/safeguard-opt-out.md
index 8c13cedd5d..040d89d803 100644
--- a/windows/deployment/update/safeguard-opt-out.md
+++ b/windows/deployment/update/safeguard-opt-out.md
@@ -1,14 +1,14 @@
---
title: Opt out of safeguard holds
-description: How to install an update in your organization even when a safeguard hold for a known issue has been applied to it.
+description: How to install an update in your organization even when a safeguard hold for a known issue has been applied to it.
ms.service: windows-client
ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 10/21/2020
@@ -21,15 +21,15 @@ Safeguard holds prevent a device with a known compatibility issue from being off
## How can I opt out of safeguard holds?
IT admins can, if necessary, opt devices out of safeguard protections by using the disable safeguards policy. In a Mobile Device Management (MDM) tool, use the **Update/DisableWUfBSafeguards** CSP. In Group Policy, use the **Disable safeguards for Feature Updates** Group Policy. This policy is available to Windows Update client policies devices running the following operating systems:
-- Windows 11
+- Windows 11
- Windows 10, version 1809, or later, with the October 2020 security update.
> [!CAUTION]
-> Opting out of a safeguard hold can put devices at risk from known performance issues.
+> Opting out of a safeguard hold can put devices at risk from known performance issues.
We recommend opting out only in an IT environment and for validation purposes. You can also validate an upcoming Windows client feature update version without the safeguards being applied by using the Release Preview channel of the Windows Insider Program for Business.
-Disabling safeguards doesn't guarantee your device will be able to successfully update. The update might still fail and will likely result in a bad experience since you're bypassing the protection against known issues.
+Disabling safeguards doesn't guarantee your device will be able to successfully update. The update might still fail and will likely result in a bad experience since you're bypassing the protection against known issues.
> [!NOTE]
-> After a device installs a new Windows client version, the **Disable safeguards for Feature Updates** Group Policy will revert to **Not configured** even if it was previously enabled. We do this to ensure the admin is consciously disabling Microsoft's default protection from known issues for each new feature update.
+> After a device installs a new Windows client version, the **Disable safeguards for Feature Updates** Group Policy will revert to **Not configured** even if it was previously enabled. We do this to ensure the admin is consciously disabling Microsoft's default protection from known issues for each new feature update.
diff --git a/windows/deployment/update/servicing-stack-updates.md b/windows/deployment/update/servicing-stack-updates.md
index 392ee59e6e..c89c968cc2 100644
--- a/windows/deployment/update/servicing-stack-updates.md
+++ b/windows/deployment/update/servicing-stack-updates.md
@@ -6,12 +6,12 @@ ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.collection:
- highpri
- tier2
ms.localizationpriority: high
-appliesto:
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
- ✅ Windows Server
@@ -34,9 +34,9 @@ Servicing stack updates provide fixes to the servicing stack, the component that
## What's the difference between a servicing stack update and a cumulative update?
-Both Windows client and Windows Server use the cumulative update mechanism, in which many fixes to improve the quality and security of Windows are packaged into a single update. Each cumulative update includes the changes and fixes from all previous updates. A servicing stack update improves the reliability of the update process to mitigate potential issues while installing the latest monthly security update release and feature updates.
+Both Windows client and Windows Server use the cumulative update mechanism, in which many fixes to improve the quality and security of Windows are packaged into a single update. Each cumulative update includes the changes and fixes from all previous updates. A servicing stack update improves the reliability of the update process to mitigate potential issues while installing the latest monthly security update release and feature updates.
-Starting in February 2021, the cumulative update includes the latest servicing stack updates, providing a single combined cumulative update payload for Windows Update, Windows Server Update Services (WSUS), and the Microsoft Update Catalog. This combined monthly cumulative update is available on Windows 10, version 2004 and later starting with [KB4601382](https://support.microsoft.com/kb/4601382). If you use an endpoint management tool backed by WSUS, such as Configuration Manager, you only have to select and deploy the monthly cumulative update. The latest servicing stack updates are automatically applied correctly. Release notes and file information for cumulative updates, including notes and information related to the servicing stack, are in a single KB article.
+Starting in February 2021, the cumulative update includes the latest servicing stack updates, providing a single combined cumulative update payload for Windows Update, Windows Server Update Services (WSUS), and the Microsoft Update Catalog. This combined monthly cumulative update is available on Windows 10, version 2004 and later starting with [KB4601382](https://support.microsoft.com/kb/4601382). If you use an endpoint management tool backed by WSUS, such as Configuration Manager, you only have to select and deploy the monthly cumulative update. The latest servicing stack updates are automatically applied correctly. Release notes and file information for cumulative updates, including notes and information related to the servicing stack, are in a single KB article.
## When are they released?
diff --git a/windows/deployment/update/update-baseline.md b/windows/deployment/update/update-baseline.md
index e625088cb2..7ce38a753d 100644
--- a/windows/deployment/update/update-baseline.md
+++ b/windows/deployment/update/update-baseline.md
@@ -6,9 +6,9 @@ ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 10
ms.date: 12/31/2017
---
@@ -18,20 +18,20 @@ ms.date: 12/31/2017
> [!NOTE]
> Update Baseline isn't currently available for Windows 11.
-With the large number of different policies offered for Windows client, Update Baseline provides a clear list of recommended Windows Update policy settings for IT administrators who want the best user experience while also meeting their monthly update compliance goals. See [Policies included in the Update Baseline](#policies-included-in-the-update-baseline) for the full list of policy configurations.
+With the large number of different policies offered for Windows client, Update Baseline provides a clear list of recommended Windows Update policy settings for IT administrators who want the best user experience while also meeting their monthly update compliance goals. See [Policies included in the Update Baseline](#policies-included-in-the-update-baseline) for the full list of policy configurations.
-## Why is Update Baseline needed?
+## Why is Update Baseline needed?
-Update Baseline is an industry-tested solution that improves update adoption rates while also maintaining a high-quality user experience. Whether you're just starting out, or you have been configuring policies for years, Update Baseline can help get you to a known good state with an excellent user experience. Applying the baseline is especially helpful for organizations that have many years of policy configurations to clear out lingering misconfigurations.
+Update Baseline is an industry-tested solution that improves update adoption rates while also maintaining a high-quality user experience. Whether you're just starting out, or you have been configuring policies for years, Update Baseline can help get you to a known good state with an excellent user experience. Applying the baseline is especially helpful for organizations that have many years of policy configurations to clear out lingering misconfigurations.
-## You can use Update Baseline to:
+## You can use Update Baseline to:
-- Ensure that user and device configuration settings are compliant with the baseline.
-- Set configuration settings. You can use Group Policy to configure a device with the setting values specified in the baseline.
+- Ensure that user and device configuration settings are compliant with the baseline.
+- Set configuration settings. You can use Group Policy to configure a device with the setting values specified in the baseline.
-Update Baseline doesn't affect your offering policies, whether you're using deferrals or target version to manage which updates are offered to your devices and when.
+Update Baseline doesn't affect your offering policies, whether you're using deferrals or target version to manage which updates are offered to your devices and when.
-## Policies included in the Update Baseline
+## Policies included in the Update Baseline
The Update Baseline configures settings in these Group Policy areas:
@@ -39,11 +39,11 @@ The Update Baseline configures settings in these Group Policy areas:
- Windows Components/Delivery Optimization
- Windows Components/Windows Update
-For the complete detailed list of all settings and their values, see the MSFT Windows Update.htm file in the [Update Baseline toolkit](https://www.microsoft.com/download/details.aspx?id=101056) at the Download Center
+For the complete detailed list of all settings and their values, see the MSFT Windows Update.htm file in the [Update Baseline toolkit](https://www.microsoft.com/download/details.aspx?id=101056) at the Download Center
-## How do I get started?
+## How do I get started?
-The Update Baseline toolkit makes it easy by providing a single command for IT Admins to load the baseline settings into Group Policy Management Console. You can get the [Update Baseline toolkit](https://www.microsoft.com/download/details.aspx?id=55319) (included as a part of the Security Compliance Toolkit) from the Download Center.
+The Update Baseline toolkit makes it easy by providing a single command for IT Admins to load the baseline settings into Group Policy Management Console. You can get the [Update Baseline toolkit](https://www.microsoft.com/download/details.aspx?id=55319) (included as a part of the Security Compliance Toolkit) from the Download Center.
-Today, the Update Baseline toolkit is currently only available for use with Group Policy.
+Today, the Update Baseline toolkit is currently only available for use with Group Policy.
diff --git a/windows/deployment/update/update-managed-unmanaged-devices.md b/windows/deployment/update/update-managed-unmanaged-devices.md
index 911f059706..b46e87d258 100644
--- a/windows/deployment/update/update-managed-unmanaged-devices.md
+++ b/windows/deployment/update/update-managed-unmanaged-devices.md
@@ -8,7 +8,7 @@ ms.date: 06/25/2024
author: v-fvalentyna
ms.author: v-fvalentyna
ms.reviewer: mstewart,thtrombl,arcarley
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
appliesto:
- ✅ Windows 11
diff --git a/windows/deployment/update/update-other-microsoft-products.md b/windows/deployment/update/update-other-microsoft-products.md
index 977b8fc32a..5aba3db75c 100644
--- a/windows/deployment/update/update-other-microsoft-products.md
+++ b/windows/deployment/update/update-other-microsoft-products.md
@@ -6,7 +6,7 @@ ms.subservice: itpro-updates
ms.topic: reference
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
appliesto:
- ✅ Windows 11
- ✅ Windows 10
diff --git a/windows/deployment/update/update-policies.md b/windows/deployment/update/update-policies.md
index 8f10fce044..926cb416fa 100644
--- a/windows/deployment/update/update-policies.md
+++ b/windows/deployment/update/update-policies.md
@@ -6,7 +6,7 @@ ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
appliesto:
- ✅ Windows 11
diff --git a/windows/deployment/update/waas-branchcache.md b/windows/deployment/update/waas-branchcache.md
index 8bae58b073..25a2521a94 100644
--- a/windows/deployment/update/waas-branchcache.md
+++ b/windows/deployment/update/waas-branchcache.md
@@ -6,27 +6,27 @@ ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 10
ms.date: 11/16/2023
---
# Configure BranchCache for Windows client updates
-> **Looking for consumer information?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq)
+> **Looking for consumer information?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq)
-BranchCache is a bandwidth-optimization feature that has been available since the Windows Server 2008 R2 and Windows 7 operating systems. Each client has a cache and acts as an alternate source for content that devices on its own network request. Windows Server Update Services (WSUS) and Microsoft Configuration Manager can use BranchCache to optimize network bandwidth during update deployment, and it's easy to configure for either of them. BranchCache has two operating modes: Distributed Cache mode and Hosted Cache mode.
+BranchCache is a bandwidth-optimization feature that has been available since the Windows Server 2008 R2 and Windows 7 operating systems. Each client has a cache and acts as an alternate source for content that devices on its own network request. Windows Server Update Services (WSUS) and Microsoft Configuration Manager can use BranchCache to optimize network bandwidth during update deployment, and it's easy to configure for either of them. BranchCache has two operating modes: Distributed Cache mode and Hosted Cache mode.
-- Distributed Cache mode operates like the [Delivery Optimization](../do/waas-delivery-optimization.md) feature in Windows client: each client contains a cached version of the BranchCache-enabled files it requests and acts as a distributed cache for other clients requesting that same file.
+- Distributed Cache mode operates like the [Delivery Optimization](../do/waas-delivery-optimization.md) feature in Windows client: each client contains a cached version of the BranchCache-enabled files it requests and acts as a distributed cache for other clients requesting that same file.
> [!TIP]
- > Distributed Cache mode is preferred to Hosted Cache mode for Windows clients updates to get the most benefit from peer-to-peer distribution.
+ > Distributed Cache mode is preferred to Hosted Cache mode for Windows clients updates to get the most benefit from peer-to-peer distribution.
-- In Hosted Cache mode, designated servers at specific locations act as a cache for files requested by clients in its area. Then, rather than clients retrieving files from a latent source, the hosted cache server provides the content on its behalf.
+- In Hosted Cache mode, designated servers at specific locations act as a cache for files requested by clients in its area. Then, rather than clients retrieving files from a latent source, the hosted cache server provides the content on its behalf.
-For detailed information about how Distributed Cache mode and Hosted Cache mode work, see [BranchCache Overview](/previous-versions/windows/it-pro/windows-7/dd637832(v=ws.10)).
+For detailed information about how Distributed Cache mode and Hosted Cache mode work, see [BranchCache Overview](/previous-versions/windows/it-pro/windows-7/dd637832(v=ws.10)).
## Configure clients for BranchCache
@@ -34,12 +34,12 @@ Whether you use BranchCache with Configuration Manager or WSUS, each client that
In Windows 10, version 1607, the Windows Update Agent uses Delivery Optimization by default, even when the updates are retrieved from WSUS. When using BranchCache with Windows client, set the Delivery Optimization **Download mode** to '100' (Bypass) to allow clients to use the Background Intelligent Transfer Service (BITS) protocol with BranchCache instead. For instructions on how to use BranchCache in Distributed Cache mode with WSUS, see the section WSUS and Configuration Manager with BranchCache in Distributed Cache mode.
-> [!Note]
+> [!Note]
> [Bypass Download mode (100)](../do/waas-delivery-optimization-reference.md#download-mode) is only available in Windows 10 (starting in version 1607) and deprecated in Windows 11. BranchCache isn't supported for content downloaded using Delivery Optimization in Windows 11.
## Configure servers for BranchCache
-You can use WSUS and Configuration Manager with BranchCache in Distributed Cache mode. BranchCache in Distributed Cache mode is easy to configure for both WSUS and Microsoft Configuration Manager.
+You can use WSUS and Configuration Manager with BranchCache in Distributed Cache mode. BranchCache in Distributed Cache mode is easy to configure for both WSUS and Microsoft Configuration Manager.
For a step-by-step guide to configuring BranchCache on Windows Server devices, see the [BranchCache Deployment Guide (Windows Server 2012)](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj572990(v=ws.11)) or [BranchCache Deployment Guide (Windows Server 2016)](/windows-server/networking/branchcache/deploy/branchcache-deployment-guide).
diff --git a/windows/deployment/update/waas-configure-wufb.md b/windows/deployment/update/waas-configure-wufb.md
index 4575153002..d2a9de1460 100644
--- a/windows/deployment/update/waas-configure-wufb.md
+++ b/windows/deployment/update/waas-configure-wufb.md
@@ -1,6 +1,6 @@
---
title: Configure Windows Update client policies
-manager: aaroncz
+manager: bpardi
description: You can use Group Policy or your mobile device management (MDM) service to configure Windows Update client policies for your devices.
ms.service: windows-client
author: mestew
diff --git a/windows/deployment/update/waas-integrate-wufb.md b/windows/deployment/update/waas-integrate-wufb.md
index ec5910bb42..89ecb16c28 100644
--- a/windows/deployment/update/waas-integrate-wufb.md
+++ b/windows/deployment/update/waas-integrate-wufb.md
@@ -6,7 +6,7 @@ ms.subservice: itpro-updates
ms.topic: integration
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
appliesto:
- ✅ Windows 11
diff --git a/windows/deployment/update/waas-manage-updates-wsus.md b/windows/deployment/update/waas-manage-updates-wsus.md
index 075c7f13af..cda4e5e217 100644
--- a/windows/deployment/update/waas-manage-updates-wsus.md
+++ b/windows/deployment/update/waas-manage-updates-wsus.md
@@ -6,34 +6,34 @@ ms.subservice: itpro-updates
ms.topic: how-to
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.collection:
- highpri
- tier2
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
-- ✅ WSUS
+- ✅ WSUS
ms.date: 04/22/2024
---
# Deploy Windows client updates using Windows Server Update Services (WSUS)
-
-> **Looking for consumer information?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq)
+
+> **Looking for consumer information?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq)
WSUS is a Windows Server role available in the Windows Server operating systems. It provides a single hub for Windows updates within an organization. WSUS allows companies not only to defer updates but also to selectively approve them, choose when they're delivered, and determine which individual devices or groups of devices receive them. WSUS provides additional control over Windows Update client policies but doesn't provide all the scheduling options and deployment flexibility that Microsoft Configuration Manager provides.
-When you choose WSUS as your source for Windows updates, you use Group Policy to point Windows client devices to the WSUS server for their updates. From there, updates are periodically downloaded to the WSUS server and managed, approved, and deployed through the WSUS administration console or Group Policy, streamlining enterprise update management. If you're currently using WSUS to manage Windows updates in your environment, you can continue to do so in Windows 11.
+When you choose WSUS as your source for Windows updates, you use Group Policy to point Windows client devices to the WSUS server for their updates. From there, updates are periodically downloaded to the WSUS server and managed, approved, and deployed through the WSUS administration console or Group Policy, streamlining enterprise update management. If you're currently using WSUS to manage Windows updates in your environment, you can continue to do so in Windows 11.
## Requirements for Windows client servicing with WSUS
-To be able to use WSUS to manage and deploy Windows feature updates, you must use a supported WSUS version:
+To be able to use WSUS to manage and deploy Windows feature updates, you must use a supported WSUS version:
- WSUS 10.0.14393 (role in Windows Server 2016)
-- WSUS 10.0.17763 (role in Windows Server 2019)
+- WSUS 10.0.17763 (role in Windows Server 2019)
- WSUS 6.2 and 6.3 (role in Windows Server 2012 and Windows Server 2012 R2)
- KB 3095113 and KB 3159706 (or an equivalent update) must be installed on WSUS 6.2 and 6.3.
@@ -45,7 +45,7 @@ To be able to use WSUS to manage and deploy Windows feature updates, you must us
## WSUS scalability
To use WSUS to manage all Windows updates, some organizations may need access to WSUS from a perimeter network, or they might have some other complex scenario. WSUS is highly scalable and configurable for organizations of any size or site layout. For specific information about scaling WSUS, including upstream and downstream server configuration, branch offices, WSUS load balancing, and other complex scenarios, see [Deploy Windows Server Update Services](/windows-server/administration/windows-server-update-services/deploy/deploy-windows-server-update-services).
-
+
@@ -57,15 +57,15 @@ When using WSUS to manage updates on Windows client devices, start by configurin
1. Open Group Policy Management Console (gpmc.msc).
-2. Expand *Forest\Domains\\*Your_Domain**.
+2. Expand *Forest\Domains\\*Your_Domain**.
3. Right-click **Your_Domain**, and then select **Create a GPO in this domain, and Link it here**.
- 
-
+ 
+
>[!NOTE]
>In this example, the **Configure Automatic Updates** and **Intranet Microsoft Update Service Location** Group Policy settings are specified for the entire domain. This is not a requirement; you can target these settings to any security group by using Security Filtering or a specific OU.
-
+
4. In the **New GPO** dialog box, name the new GPO **WSUS - Auto Updates and Intranet Update Service Location**.
5. Right-click the **WSUS - Auto Updates and Intranet Update Service Location** GPO, and then select **Edit**.
@@ -75,20 +75,20 @@ When using WSUS to manage updates on Windows client devices, start by configurin
7. Right-click the **Configure Automatic Updates** setting, and then select **Edit**.
-
+
8. In the **Configure Automatic Updates** dialog box, select **Enable**.
9. Under **Options**, from the **Configure automatic updating** list, select **3 - Auto download and notify for install**, and then select **OK**.
-
+
>[!IMPORTANT]
> Use Regedit.exe to check that the following key is not enabled, because it can break Windows Store connectivity: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\DoNotConnectToWindowsUpdateInternetLocations
-
+
> [!NOTE]
- > There are three other settings for automatic update download and installation dates and times. This is simply the option this example uses. For more examples of how to control automatic updates and other related policies, see [Configure Automatic Updates by Using Group Policy](/windows-server/administration/windows-server-update-services/deploy/4-configure-group-policy-settings-for-automatic-updates).
-
-10. Right-click the **Specify intranet Microsoft update service location** setting, and then select **Edit**.
+ > There are three other settings for automatic update download and installation dates and times. This is simply the option this example uses. For more examples of how to control automatic updates and other related policies, see [Configure Automatic Updates by Using Group Policy](/windows-server/administration/windows-server-update-services/deploy/4-configure-group-policy-settings-for-automatic-updates).
+
+10. Right-click the **Specify intranet Microsoft update service location** setting, and then select **Edit**.
11. In the **Specify intranet Microsoft update service location** dialog box, select **Enable**.
@@ -96,9 +96,9 @@ When using WSUS to manage updates on Windows client devices, start by configurin
>[!NOTE]
>The URL `http://CONTOSO-WSUS1.contoso.com:8530` in the following image is just an example. In your environment, be sure to use the server name and port number for your WSUS instance.
-
+
-
+
>[!NOTE]
>The default HTTP port for WSUS is 8530, and the default HTTP over Secure Sockets Layer (HTTPS) port is 8531. (The other options are 80 and 443; no other ports are supported.)
@@ -109,16 +109,16 @@ As Windows clients refresh their computer policies (the default Group Policy ref
>[!NOTE]
>The following procedures use the groups from Table 1 in [Build deployment rings for Windows client updates](waas-deployment-rings-windows-10-updates.md) as examples.
-You can use computer groups to target a subset of devices that have specific quality and feature updates. These groups represent your deployment rings, as controlled by WSUS. You can populate the groups either manually by using the WSUS Administration Console or automatically through Group Policy. Regardless of the method you choose, you must first create the groups in the WSUS Administration Console.
+You can use computer groups to target a subset of devices that have specific quality and feature updates. These groups represent your deployment rings, as controlled by WSUS. You can populate the groups either manually by using the WSUS Administration Console or automatically through Group Policy. Regardless of the method you choose, you must first create the groups in the WSUS Administration Console.
**To create computer groups in the WSUS Administration Console**
-1. Open the WSUS Administration Console.
+1. Open the WSUS Administration Console.
-2. Go to *Server_Name*\Computers\All Computers, and then select **Add Computer Group**.
+2. Go to *Server_Name*\Computers\All Computers, and then select **Add Computer Group**.
-
+
3. Type **Ring 2 Pilot Business Users** for the name, and then select **Add**.
4. Repeat these steps for the **Ring 3 Broad IT** and **Ring 4 Broad Business Users** groups. When you're finished, there should be three deployment ring groups.
@@ -129,7 +129,7 @@ Now that the groups have been created, add the computers to the computer groups
## Use the WSUS Administration Console to populate deployment rings
-Adding computers to computer groups in the WSUS Administration Console is simple, but it could take much longer than managing membership through Group Policy, especially if you have many computers to add. Adding computers to computer groups in the WSUS Administration Console is called *server-side targeting*.
+Adding computers to computer groups in the WSUS Administration Console is simple, but it could take much longer than managing membership through Group Policy, especially if you have many computers to add. Adding computers to computer groups in the WSUS Administration Console is called *server-side targeting*.
In this example, you add computers to computer groups in two different ways: by manually assigning unassigned computers and by searching for multiple computers.
@@ -164,7 +164,7 @@ Another way to add multiple computers to a deployment ring in the WSUS Administr
3. In the search results, select the computers, right-click the selection, and then select **Change Membership**.
-
+
4. Select the **Ring 3 Broad IT** deployment ring, and then select **OK**.
You can now see these computers in the **Ring 3 Broad IT** computer group.
@@ -181,12 +181,12 @@ The WSUS Administration Console provides a friendly interface from which you can
1. Open the WSUS Administration Console, and go to *Server_Name*\Options, and then select **Computers**.
-
+
2. In the **Computers** dialog box, select **Use Group Policy or registry settings on computers**, and then select **OK**.
>[!NOTE]
- >This option is exclusively either-or. When you enable WSUS to use Group Policy for group assignment, you can no longer manually add computers through the WSUS Administration Console until you change the option back.
-
+ >This option is exclusively either-or. When you enable WSUS to use Group Policy for group assignment, you can no longer manually add computers through the WSUS Administration Console until you change the option back.
+
Now that WSUS is ready for client-side targeting, complete the following steps to use Group Policy to configure client-side targeting:
**To configure client-side targeting**
@@ -205,7 +205,7 @@ Now that WSUS is ready for client-side targeting, complete the following steps t
5. Right-click the **WSUS - Client Targeting - Ring 4 Broad Business Users** GPO, and then select **Edit**.
-
+
6. In the Group Policy Management Editor, go to Computer Configuration\Policies\Administrative Templates\Windows Components\Windows Update.
7. Right-click **Enable client-side targeting**, and then select **Edit**.
@@ -221,7 +221,7 @@ Now that WSUS is ready for client-side targeting, complete the following steps t
10. Close the Group Policy Management Editor.
-Now you're ready to deploy this GPO to the correct computer security group for the **Ring 4 Broad Business Users** deployment ring.
+Now you're ready to deploy this GPO to the correct computer security group for the **Ring 4 Broad Business Users** deployment ring.
**To scope the GPO to a group**
@@ -232,8 +232,8 @@ Now you're ready to deploy this GPO to the correct computer security group for t
3. Under **Security Filtering**, remove the default **AUTHENTICATED USERS** security group, and then add the **Ring 4 Broad Business Users** group.
-
-The next time the clients in the **Ring 4 Broad Business Users** security group receive their computer policy and contact WSUS, they'll be added to the **Ring 4 Broad Business Users** deployment ring.
+
+The next time the clients in the **Ring 4 Broad Business Users** security group receive their computer policy and contact WSUS, they'll be added to the **Ring 4 Broad Business Users** deployment ring.
## Automatically approve and deploy feature updates
@@ -253,13 +253,13 @@ This example uses Windows 10, but the process is the same for Windows 11.
3. In the **Add Rule** dialog box, select the **When an update is in a specific classification**, **When an update is in a specific product**, and **Set a deadline for the approval** check boxes.
-
+
4. In the **Edit the properties** area, select **any classification**. Clear everything except **Upgrades**, and then select **OK**.
5. In the **Edit the properties area**, select the **any product** link. Clear all check boxes except **Windows 10**, and then select **OK**.
Windows 10 is under All Products\Microsoft\Windows.
-
+
6. In the **Edit the properties** area, select the **all computers** link. Clear all the computer group check boxes except **Ring 3 Broad IT**, and then select **OK**.
7. Leave the deadline set for **7 days after the approval at 3:00 AM**.
@@ -267,7 +267,7 @@ This example uses Windows 10, but the process is the same for Windows 11.
8. In the **Step 3: Specify a name** box, type **Windows 10 Upgrade Auto-approval for Ring 3 Broad IT**, and then select **OK**.
-
+
9. In the **Automatic Approvals** dialog box, select **OK**.
>[!NOTE]
@@ -285,7 +285,7 @@ You can manually approve updates and set deadlines for installation within the W
To simplify the manual approval process, start by creating a software update view that contains only Windows 10 (in this example) updates. The process is the same for Windows 11 updates.
> [!NOTE]
-> If you approve more than one feature update for a computer, an error can result with the client. Approve only one feature update per computer.
+> If you approve more than one feature update for a computer, an error can result with the client. Approve only one feature update per computer.
**To approve and deploy feature updates manually**
@@ -298,7 +298,7 @@ To simplify the manual approval process, start by creating a software update vie
4. Under **Step 2: Edit the properties**, select **any product**. Clear all check boxes except **Windows 10**, and then select **OK**.
Windows 10 is under All Products\Microsoft\Windows.
-
+
5. In the **Step 3: Specify a name** box, type **All Windows 10 Upgrades**, and then select **OK**.
@@ -309,21 +309,21 @@ Now that you have the **All Windows 10 Upgrades** view, complete the following s
2. Right-click the feature update you want to deploy, and then select **Approve**.
- 
-
+ 
+
3. In the **Approve Updates** dialog box, from the **Ring 4 Broad Business Users** list, select **Approved for Install**.
- 
-
-4. In the **Approve Updates** dialog box, from the **Ring 4 Broad Business Users** list, select **Deadline**, select **One Week**, and then select **OK**.
+ 
+
+4. In the **Approve Updates** dialog box, from the **Ring 4 Broad Business Users** list, select **Deadline**, select **One Week**, and then select **OK**.
+
+ 
- 
-
5. If the **Microsoft Software License Terms** dialog box opens, select **Accept**.
If the deployment is successful, you should receive a successful progress report.
-
- 
+
+ 
6. In the **Approval Progress** dialog box, select **Close**.
diff --git a/windows/deployment/update/waas-manage-updates-wufb.md b/windows/deployment/update/waas-manage-updates-wufb.md
index 29f2ef945c..b1fbf52b12 100644
--- a/windows/deployment/update/waas-manage-updates-wufb.md
+++ b/windows/deployment/update/waas-manage-updates-wufb.md
@@ -1,6 +1,6 @@
---
title: Windows Update client policies
-manager: aaroncz
+manager: bpardi
description: Learn how Windows Update client policies let you manage when devices receive updates from Windows Update.
ms.service: windows-client
ms.subservice: itpro-updates
diff --git a/windows/deployment/update/waas-overview.md b/windows/deployment/update/waas-overview.md
index 08bf12a6af..9771f4d928 100644
--- a/windows/deployment/update/waas-overview.md
+++ b/windows/deployment/update/waas-overview.md
@@ -6,7 +6,7 @@ ms.subservice: itpro-updates
ms.topic: overview
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
ms.collection:
- highpri
diff --git a/windows/deployment/update/waas-quick-start.md b/windows/deployment/update/waas-quick-start.md
index f3cec00f34..a09dfcfed5 100644
--- a/windows/deployment/update/waas-quick-start.md
+++ b/windows/deployment/update/waas-quick-start.md
@@ -6,7 +6,7 @@ ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: high
appliesto:
- ✅ Windows 11
diff --git a/windows/deployment/update/waas-restart.md b/windows/deployment/update/waas-restart.md
index 55239f12f7..fedfd5634d 100644
--- a/windows/deployment/update/waas-restart.md
+++ b/windows/deployment/update/waas-restart.md
@@ -6,7 +6,7 @@ ms.subservice: itpro-updates
ms.topic: how-to
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.collection:
- highpri
- tier2
diff --git a/windows/deployment/update/waas-servicing-channels-windows-10-updates.md b/windows/deployment/update/waas-servicing-channels-windows-10-updates.md
index 03cdf677fb..01cd40364a 100644
--- a/windows/deployment/update/waas-servicing-channels-windows-10-updates.md
+++ b/windows/deployment/update/waas-servicing-channels-windows-10-updates.md
@@ -6,22 +6,22 @@ ms.subservice: itpro-updates
ms.topic: how-to
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 12/31/2017
---
# Assign devices to servicing channels for Windows updates
-> **Looking for consumer information?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq)
+> **Looking for consumer information?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq)
>[!TIP]
>If you're not familiar with the servicing or release channels, read [Servicing Channels](waas-overview.md#servicing-channels) first.
-The General Availability Channel is the default servicing channel for all Windows 10 and Windows 11 devices except devices with the LTSC edition installed. The following table shows the servicing channels available to each edition.
+The General Availability Channel is the default servicing channel for all Windows 10 and Windows 11 devices except devices with the LTSC edition installed. The following table shows the servicing channels available to each edition.
| Edition | General Availability Channel | Long-Term Servicing Channel | Insider Program |
| --- | --- | --- | --- |
diff --git a/windows/deployment/update/waas-servicing-strategy-windows-10-updates.md b/windows/deployment/update/waas-servicing-strategy-windows-10-updates.md
index c71b2ef12d..d6da791ad0 100644
--- a/windows/deployment/update/waas-servicing-strategy-windows-10-updates.md
+++ b/windows/deployment/update/waas-servicing-strategy-windows-10-updates.md
@@ -6,7 +6,7 @@ ms.subservice: itpro-updates
ms.topic: how-to
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
appliesto:
- ✅ Windows 11
diff --git a/windows/deployment/update/waas-wu-settings.md b/windows/deployment/update/waas-wu-settings.md
index 949719191b..4854952fd4 100644
--- a/windows/deployment/update/waas-wu-settings.md
+++ b/windows/deployment/update/waas-wu-settings.md
@@ -6,14 +6,14 @@ ms.subservice: itpro-updates
ms.topic: reference
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.collection:
- highpri
- tier2
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 12/27/2024
---
@@ -61,7 +61,7 @@ For additional settings that configure when feature and quality updates are rece
Specifies an intranet server to host updates from Microsoft Update. You can then use this update service to automatically update computers on your network.
This setting lets you specify a server on your network to function as an internal update service. The Automatic Updates client searches this service for updates that apply to the computers on your network.
-To use this setting in Group Policy, go to **Computer Configuration\Administrative Templates\Windows Components\Windows Update\Specify Intranet Microsoft update service location**. You must set two server name values:
+To use this setting in Group Policy, go to **Computer Configuration\Administrative Templates\Windows Components\Windows Update\Specify Intranet Microsoft update service location**. You must set two server name values:
- The server from which the Automatic Updates client detects and downloads updates
- The server to which updated workstations upload statistics
You can set both values to be the same server. An optional server name value can be specified to configure Windows Update Agent to download updates from an alternate download server instead of the intranet update service.
@@ -166,9 +166,9 @@ Under **Computer Configuration\Administrative Templates\Windows Components\Windo
**4 - Auto download and schedule the install** - Specify the schedule using the options in the Group Policy Setting. For more information about this setting, see [Schedule update installation](waas-restart.md#schedule-update-installation).
-**5 - Allow local admin to choose setting** - With this option, local administrators are allowed to use the settings app to select a configuration option of their choice. Local administrators won't be allowed to disable the configuration for Automatic Updates. This option isn't available in any Windows 10 or later versions.
+**5 - Allow local admin to choose setting** - With this option, local administrators are allowed to use the settings app to select a configuration option of their choice. Local administrators won't be allowed to disable the configuration for Automatic Updates. This option isn't available in any Windows 10 or later versions.
-**7 - Notify for install and notify for restart** (Windows Server 2016 and later only) - With this option, when Windows finds updates that apply to this device, they are downloaded, then users are notified that updates are ready to be installed. Once updates are installed, a notification is displayed to users to restart the device.
+**7 - Notify for install and notify for restart** (Windows Server 2016 and later only) - With this option, when Windows finds updates that apply to this device, they are downloaded, then users are notified that updates are ready to be installed. Once updates are installed, a notification is displayed to users to restart the device.
If this setting is set to **Disabled**, any updates that are available on Windows Update must be downloaded and installed manually. To do this, users must go to **Settings > Update & security > Windows Update**.
@@ -266,10 +266,10 @@ HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\
## Display organization name in Windows Update notifications
-When Windows 11 clients are associated with a Microsoft Entra tenant, the organization name appears in the Windows Update notifications. For instance, when you have a compliance deadline configured for Windows Update client policies, the user notification displays a message similar to **Contoso requires important updates to be installed**. The organization name will also display on the **Windows Update** page in the **Settings** for Windows 11.
-
+When Windows 11 clients are associated with a Microsoft Entra tenant, the organization name appears in the Windows Update notifications. For instance, when you have a compliance deadline configured for Windows Update client policies, the user notification displays a message similar to **Contoso requires important updates to be installed**. The organization name will also display on the **Windows Update** page in the **Settings** for Windows 11.
+
The organization name appears automatically for Windows 11 clients that are associated with Microsoft Entra ID in any of the following ways:
-- [Microsoft Entra joined](/azure/active-directory/devices/concept-azure-ad-join)
+- [Microsoft Entra joined](/azure/active-directory/devices/concept-azure-ad-join)
- [Microsoft Entra registered](/azure/active-directory/devices/concept-azure-ad-register)
- [Microsoft Entra hybrid joined](/azure/active-directory/devices/concept-azure-ad-join-hybrid)
@@ -279,13 +279,13 @@ To disable displaying the organization name in Windows Update notifications, add
- **DWORD value name**: UsoDisableAADJAttribution
- **Value data:** 1
-The following PowerShell script is provided as an example to you:
+The following PowerShell script is provided as an example to you:
```powershell
$registryPath = "HKLM:\Software\Microsoft\WindowsUpdate\Orchestrator\Configurations"
$Name = "UsoDisableAADJAttribution"
-$value = "1"
+$value = "1"
-if (!(Test-Path $registryPath))
+if (!(Test-Path $registryPath))
{
New-Item -Path $registryPath -Force | Out-Null
}
@@ -296,7 +296,7 @@ New-ItemProperty -Path $registryPath -Name $name -Value $value -PropertyType DWO
## Allow Windows updates to install before initial user sign-in
*(Starting in Windows 11, version 22H2 with 2023-04 Cumulative Update Preview, or a later cumulative update)*
-On new devices, Windows Update doesn't begin installing background updates until a user has completed the Out of Box Experience (OOBE) and signs in for the first time. In many cases, the user signs in immediately after completing the OOBE. However, some VM-based solutions provision a device and automate the first user experience. These VMs may not be immediately assigned to a user so they won't see an initial sign-in until several days later.
+On new devices, Windows Update doesn't begin installing background updates until a user has completed the Out of Box Experience (OOBE) and signs in for the first time. In many cases, the user signs in immediately after completing the OOBE. However, some VM-based solutions provision a device and automate the first user experience. These VMs may not be immediately assigned to a user so they won't see an initial sign-in until several days later.
In scenarios where initial sign-in is delayed, setting the following registry values allow devices to begin background update work before a user first signs in:
diff --git a/windows/deployment/update/waas-wufb-csp-mdm.md b/windows/deployment/update/waas-wufb-csp-mdm.md
index bf4db941d8..be9b7d66e3 100644
--- a/windows/deployment/update/waas-wufb-csp-mdm.md
+++ b/windows/deployment/update/waas-wufb-csp-mdm.md
@@ -6,7 +6,7 @@ ms.subservice: itpro-updates
ms.topic: how-to
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
appliesto:
- ✅ Windows 11
diff --git a/windows/deployment/update/waas-wufb-group-policy.md b/windows/deployment/update/waas-wufb-group-policy.md
index fdfeb35b4e..005e3ac239 100644
--- a/windows/deployment/update/waas-wufb-group-policy.md
+++ b/windows/deployment/update/waas-wufb-group-policy.md
@@ -3,7 +3,7 @@ title: Configure Windows Update client policies via Group Policy
description: Walk through of how to configure Windows Update client policies using Group Policy to update devices.
ms.service: windows-client
ms.subservice: itpro-updates
-manager: aaroncz
+manager: bpardi
ms.topic: how-to
author: mestew
ms.localizationpriority: medium
diff --git a/windows/deployment/update/windows-update-error-reference.md b/windows/deployment/update/windows-update-error-reference.md
index f5d53887cf..811d95c567 100644
--- a/windows/deployment/update/windows-update-error-reference.md
+++ b/windows/deployment/update/windows-update-error-reference.md
@@ -6,17 +6,17 @@ ms.subservice: itpro-updates
ms.topic: reference
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 09/18/2018
---
# Windows Update error codes by component
-This section lists the error codes for Microsoft Windows Update.
+This section lists the error codes for Microsoft Windows Update.
## Automatic Update Errors
@@ -65,7 +65,7 @@ This section lists the error codes for Microsoft Windows Update.
| `0x8024E006` | `WU_E_EE_INVALID_ATTRIBUTEDATA` | An expression evaluator operation couldn't be completed because there was an invalid attribute. |
| `0x8024E007` | `WU_E_EE_CLUSTER_ERROR` | An expression evaluator operation couldn't be completed because the cluster state of the computer couldn't be determined. |
| `0x8024EFFF` | `WU_E_EE_UNEXPECTED` | There was an expression evaluator error not covered by another `WU_E_EE_*` error code. |
-
+
## Reporter errors
| Error code | Message | Description |
@@ -80,7 +80,7 @@ This section lists the error codes for Microsoft Windows Update.
| `0x8024FFFF` | `WU_E_REPORTER_UNEXPECTED` | There was a reporter error not covered by another error code. |
## Redirector errors
-The components that download the `Wuredir.cab` file and then parse the `Wuredir.cab` file generate the following errors.
+The components that download the `Wuredir.cab` file and then parse the `Wuredir.cab` file generate the following errors.
| Error code | Message | Description |
|----------- |------------------------------|------------------------------------------------------------------------------------------|
@@ -90,7 +90,7 @@ The components that download the `Wuredir.cab` file and then parse the `Wuredir.
| `0x80245FFF` | `WU_E_REDIRECTOR_UNEXPECTED` | The redirector failed for reasons not covered by another `WU_E_REDIRECTOR_*` error code. |
## Protocol Talker errors
-The following errors map to `SOAPCLIENT_ERROR`s through the `Atlsoap.h` file. These errors are obtained when the `CClientWebService` object calls the `GetClientError()` method.
+The following errors map to `SOAPCLIENT_ERROR`s through the `Atlsoap.h` file. These errors are obtained when the `CClientWebService` object calls the `GetClientError()` method.
| Error code | Message | Description |
@@ -240,7 +240,7 @@ The following errors map to `SOAP_ERROR_CODE`s from the `Atlsoap.h` file. These
| `0x80248FFF` | `WU_E_DS_UNEXPECTED` | A data store error not covered by another `WU_E_DS_*` code. |
## Driver Util errors
-The PnP enumerated device is removed from the System Spec because one of the hardware IDs or the compatible IDs matches an installed printer driver. This isn't a fatal error, and the device is merely skipped.
+The PnP enumerated device is removed from the System Spec because one of the hardware IDs or the compatible IDs matches an installed printer driver. This isn't a fatal error, and the device is merely skipped.
| Error code | Message | Description |
|------------|-------------------------------|------------------------------------------------------------------------------------------------|
@@ -276,12 +276,12 @@ The PnP enumerated device is removed from the System Spec because one of the har
| `0x80240010` | `WU_E_TOO_DEEP_RELATION` | Update relationships too deep to evaluate were evaluated.
| `0x80240011` | `WU_E_INVALID_RELATIONSHIP` | An invalid update relationship was detected.
| `0x80240012` | `WU_E_REG_VALUE_INVALID` | An invalid registry value was read.
-| `0x80240013` | `WU_E_DUPLICATE_ITEM` | Operation tried to add a duplicate item to a list.
+| `0x80240013` | `WU_E_DUPLICATE_ITEM` | Operation tried to add a duplicate item to a list.
| `0x80240016` | `WU_E_INSTALL_NOT_ALLOWED` | Operation tried to install while another installation was in progress or the system was pending a mandatory restart.
| `0x80240017` | `WU_E_NOT_APPLICABLE` | Operation wasn't performed because there are no applicable updates.
| `0x80240018` | `WU_E_NO_USERTOKEN` | Operation failed because a required user token is missing.
| `0x80240019` | `WU_E_EXCLUSIVE_INSTALL_CONFLICT` | An exclusive update can't be installed with other updates at the same time.
-| `0x8024001A` | `WU_E_POLICY_NOT_SET` | A policy value wasn't set.
+| `0x8024001A` | `WU_E_POLICY_NOT_SET` | A policy value wasn't set.
| `0x8024001B` | `WU_E_SELFUPDATE_IN_PROGRESS` | The operation couldn't be performed because the Windows Update Agent is self-updating.
| `0x8024001D` | `WU_E_INVALID_UPDATE` | An update contains invalid metadata.
| `0x8024001E` | `WU_E_SERVICE_STOP` | Operation didn't complete because the service or system was being shut down.
@@ -293,7 +293,7 @@ The PnP enumerated device is removed from the System Spec because one of the har
| `0x80240024` | `WU_E_NO_UPDATE` | There are no updates.
| `0x80240025` | `WU_E_USER_ACCESS_DISABLED` | Group Policy settings prevented access to Windows Update.
| `0x80240026` | `WU_E_INVALID_UPDATE_TYPE` | The type of update is invalid.
-| `0x80240027` | `WU_E_URL_TOO_LONG` | The URL exceeded the maximum length.
+| `0x80240027` | `WU_E_URL_TOO_LONG` | The URL exceeded the maximum length.
| `0x80240028` | `WU_E_UNINSTALL_NOT_ALLOWED` | The update couldn't be uninstalled because the request didn't originate from a WSUS server.
| `0x80240029` | `WU_E_INVALID_PRODUCT_LICENSE` | Search may have missed some updates before there's an unlicensed application on the system.
| `0x8024002A` | `WU_E_MISSING_HANDLER` | A component required to detect applicable updates was missing.
@@ -333,7 +333,7 @@ The PnP enumerated device is removed from the System Spec because one of the har
| `0x00240008` | `WU_S_ALREADY_DOWNLOADED` | The update to be downloaded has already been downloaded. |
## Windows Installer minor errors
-The following errors are used to indicate that part of a search fails because of Windows Installer problems. Another part of the search may successfully return updates. All Windows Installer minor codes must share the same error code range so that the caller can tell that they're related to Windows Installer.
+The following errors are used to indicate that part of a search fails because of Windows Installer problems. Another part of the search may successfully return updates. All Windows Installer minor codes must share the same error code range so that the caller can tell that they're related to Windows Installer.
| Error code | Message | Description |
|------------|------------------------------|---------------------------------------------------------------------------------------------|
@@ -342,7 +342,7 @@ The following errors are used to indicate that part of a search fails because of
| `0x80241003` | `WU_E_MSP_DISABLED` | Search may have missed some updates because policy has disabled Windows Installer patching. |
| `0x80241004` | `WU_E_MSI_WRONG_APP_CONTEXT` | An update couldn't be applied because the application is installed per-user. |
| `0x80241FFF` | `WU_E_MSP_UNEXPECTED` | Search may have missed some updates because there was a failure of the Windows Installer. |
-
+
## Windows Update Agent update and setup errors
| Error code | Message | Description |
diff --git a/windows/deployment/update/windows-update-logs.md b/windows/deployment/update/windows-update-logs.md
index 1bd05f13ec..c5e483557b 100644
--- a/windows/deployment/update/windows-update-logs.md
+++ b/windows/deployment/update/windows-update-logs.md
@@ -6,7 +6,7 @@ ms.subservice: itpro-updates
ms.topic: reference
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.collection:
- highpri
- tier2
diff --git a/windows/deployment/update/windows-update-overview.md b/windows/deployment/update/windows-update-overview.md
index 55cf4cf9e5..d069c1816c 100644
--- a/windows/deployment/update/windows-update-overview.md
+++ b/windows/deployment/update/windows-update-overview.md
@@ -6,10 +6,10 @@ ms.subservice: itpro-updates
ms.topic: get-started
author: mestew
ms.author: mstewart
-manager: aaroncz
-appliesto:
+manager: bpardi
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 09/18/2018
---
@@ -17,7 +17,7 @@ ms.date: 09/18/2018
>Applies to: Windows 10
-With the release of Windows 10, we moved the update model to the Unified Update Platform. Unified Update Platform (UUP) is a single publishing, hosting, scan and download model for all types of OS updates, client devices for all Windows-based operating systems, for everything from monthly quality updates to new feature updates.
+With the release of Windows 10, we moved the update model to the Unified Update Platform. Unified Update Platform (UUP) is a single publishing, hosting, scan and download model for all types of OS updates, client devices for all Windows-based operating systems, for everything from monthly quality updates to new feature updates.
Use the following information to get started with Windows Update:
@@ -29,30 +29,30 @@ Use the following information to get started with Windows Update:
- Review [other resources](/troubleshoot/windows-client/deployment/additional-resources-for-windows-update) to help you use Windows Update
- Review [Windows IT Pro Blog](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/bg-p/Windows10Blog) section of Microsoft Blogs.
-## Unified Update Platform (UUP) architecture
-To understand the changes to the Windows Update architecture that UUP introduces let's start with some new key terms.
+## Unified Update Platform (UUP) architecture
+To understand the changes to the Windows Update architecture that UUP introduces let's start with some new key terms.
-- **Update UI** - The user interface to initiate Windows Update check and history. Available under **Settings --> Update & Security --> Windows Update**.
-- **Update Session Orchestrator (USO)**- A Windows OS component that orchestrates the sequence of downloading and installing various update types from Windows Update.
+- **Update UI** - The user interface to initiate Windows Update check and history. Available under **Settings --> Update & Security --> Windows Update**.
+- **Update Session Orchestrator (USO)**- A Windows OS component that orchestrates the sequence of downloading and installing various update types from Windows Update.
- Update types-
- - OS Feature updates
- - OS Security updates
- - Device drivers
- - Defender definition updates
+ Update types-
+ - OS Feature updates
+ - OS Security updates
+ - Device drivers
+ - Defender definition updates
>[!NOTE]
> Other types of updates, like Office desktop updates, are installed if the user opts into Microsoft Update.
>
- >Store apps aren't installed by USO, today they are separate.
+ >Store apps aren't installed by USO, today they are separate.
-- **Windows Update Client/ UpdateAgent** - The component running on your PC. It's essentially a DLL that is downloaded to the device when an update is applicable. It surfaces the APIs needed to perform an update, including those needed to generate a list of payloads to download, as well as starts stage and commit operations. It provides a unified interface that abstracts away the underlying update technologies from the caller.
-- **Windows Update Arbiter handle**- Code that is included in the UpdateAgent binary. The arbiter gathers information about the device, and uses the CompDB(s) to output an action list. It is responsible for determining the final "composition state" of your device, and which payloads (like ESDs or packages) are needed to get your device up to date.
-- **Deployment Arbiter**- A deployment manager that calls different installers. For example, CBS.
-
-Additional components include the following-
+- **Windows Update Client/ UpdateAgent** - The component running on your PC. It's essentially a DLL that is downloaded to the device when an update is applicable. It surfaces the APIs needed to perform an update, including those needed to generate a list of payloads to download, as well as starts stage and commit operations. It provides a unified interface that abstracts away the underlying update technologies from the caller.
+- **Windows Update Arbiter handle**- Code that is included in the UpdateAgent binary. The arbiter gathers information about the device, and uses the CompDB(s) to output an action list. It is responsible for determining the final "composition state" of your device, and which payloads (like ESDs or packages) are needed to get your device up to date.
+- **Deployment Arbiter**- A deployment manager that calls different installers. For example, CBS.
-- **CompDB** - A generic term to refer to the XML describing information about target build composition, available diff packages, and conditional rules.
-- **Action List** - The payload and additional information needed to perform an update. The action list is consumed by the UpdateAgent, as well as other installers to determine what payload to download. It's also consumed by the "Install Agent" to determine what actions need to be taken, such as installing or removing packages.
+Additional components include the following-
+
+- **CompDB** - A generic term to refer to the XML describing information about target build composition, available diff packages, and conditional rules.
+- **Action List** - The payload and additional information needed to perform an update. The action list is consumed by the UpdateAgent, as well as other installers to determine what payload to download. It's also consumed by the "Install Agent" to determine what actions need to be taken, such as installing or removing packages.
diff --git a/windows/deployment/update/windows-update-security.md b/windows/deployment/update/windows-update-security.md
index 7ae6ec0103..de179e4066 100644
--- a/windows/deployment/update/windows-update-security.md
+++ b/windows/deployment/update/windows-update-security.md
@@ -1,15 +1,15 @@
---
title: Windows Update security
-manager: aaroncz
+manager: bpardi
description: Overview of the security for Windows Update including security for the metadata exchange and content download.
ms.service: windows-client
ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-appliesto:
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 08/15/2024
---
@@ -45,7 +45,7 @@ Regardless of which method is used to download the content, the resulting files
When Windows Update scans for updates, it goes through a series of metadata exchanges between the device and Windows Update servers. This exchange is done using HTTPS (HTTP over TLS). These secured connections are certificate-pinned, ensuring that:
-- The TLS connection's server certificate is validated (certificate trust, expiry, revocation, SAN entries, etc.)
+- The TLS connection's server certificate is validated (certificate trust, expiry, revocation, SAN entries, etc.)
- The certificate's issuer is validated as genuine Microsoft Windows Update
The connection fails if the issuer is unexpected, or not a valid Windows Update intermediate certificate. Certificate pinning ensures that the device is connecting to legitimate Microsoft servers and prevents man-in-the-middle attacks.
diff --git a/windows/deployment/update/wufb-compliancedeadlines.md b/windows/deployment/update/wufb-compliancedeadlines.md
index 799c85f710..ae62a06d24 100644
--- a/windows/deployment/update/wufb-compliancedeadlines.md
+++ b/windows/deployment/update/wufb-compliancedeadlines.md
@@ -7,7 +7,7 @@ ms.topic: article
author: mestew
ms.localizationpriority: medium
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
appliesto:
- ✅ Windows 11
- ✅ Windows 10
diff --git a/windows/deployment/update/wufb-reports-admin-center.md b/windows/deployment/update/wufb-reports-admin-center.md
index ee1df9351e..3367918cc2 100644
--- a/windows/deployment/update/wufb-reports-admin-center.md
+++ b/windows/deployment/update/wufb-reports-admin-center.md
@@ -1,7 +1,7 @@
---
title: Microsoft 365 admin center software updates page
titleSuffix: Windows Update for Business reports
-manager: aaroncz
+manager: bpardi
description: Microsoft admin center populates Windows Update for Business reports data into the software updates page.
ms.service: windows-client
ms.subservice: itpro-updates
@@ -9,11 +9,11 @@ ms.topic: article
author: mestew
ms.author: mstewart
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
-- ✅ Windows Update for Business reports
-- ✅ Microsoft 365 admin center
+- ✅ Windows 10
+- ✅ Windows Update for Business reports
+- ✅ Microsoft 365 admin center
ms.date: 05/08/2024
---
@@ -36,7 +36,7 @@ Windows Update for Business reports is a Windows service hosted in Azure that us
## Get started
-After verifying that you've met the [prerequisites and permissions](wufb-reports-prerequisites.md) for Windows Update for Business reports, enroll using the instructions below if needed:
+After verifying that you've met the [prerequisites and permissions](wufb-reports-prerequisites.md) for Windows Update for Business reports, enroll using the instructions below if needed:
[!INCLUDE [Onboarding Windows Update for Business reports through the Microsoft 365 admin center](./includes/wufb-reports-onboard-admin-center.md)]
diff --git a/windows/deployment/update/wufb-reports-configuration-intune.md b/windows/deployment/update/wufb-reports-configuration-intune.md
index 555bab68e4..6f2be0c3d1 100644
--- a/windows/deployment/update/wufb-reports-configuration-intune.md
+++ b/windows/deployment/update/wufb-reports-configuration-intune.md
@@ -7,9 +7,9 @@ ms.subservice: itpro-updates
ms.topic: how-to
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11 and Windows 10 devices managed by Microsoft Intune
ms.date: 03/08/2023
---
@@ -56,7 +56,7 @@ Create a configuration profile that will set the required policies for Windows U
- **Setting**: Configure Telemetry Opt In Change Notification
- **Value**: Disabled
- By turning this setting on, you're disabling notifications of diagnostic data changes.
-
+
- **Setting**: Allow device name to be sent in Windows diagnostic data
- **Value**: Allowed
- If this policy is disabled, the device name won't be sent and won't be visible in Windows Update for Business reports.
@@ -75,19 +75,19 @@ Create a configuration profile that will set the required policies for Windows U
1. You're now on the Configuration profile creation screen. On the **Basics** tab, provide a **Name** and **Description**.
1. On the **Configuration settings** page, you'll be adding multiple OMA-URI Settings that correspond to the policies described in [Manually configuring devices for Windows Update for Business reports](wufb-reports-configuration-manual.md).
- **Required settings**:
+ **Required settings**:
1. Add a setting configuring the **Windows Diagnostic Data level** for devices:
- **Name**: Allow Telemetry
- **Description**: Sets the maximum allowed diagnostic data to be sent to Microsoft, required for Windows Update for Business reports.
- **OMA-URI**: `./Vendor/MSFT/Policy/Config/System/AllowTelemetry`
- **Data type**: Integer
- - **Value**: 1
+ - **Value**: 1
- *1 is the minimum value meaning required or basic diagnostic data, but it can be safely set to a higher value.*
**Recommended settings, but not required**:
- 1. Add settings for **Disabling devices' Diagnostic Data opt-in settings interface**. If these aren't disabled, users of each device can potentially override the diagnostic data level of devices such that data won't be available for those devices in Windows Update for Business reports:
+ 1. Add settings for **Disabling devices' Diagnostic Data opt-in settings interface**. If these aren't disabled, users of each device can potentially override the diagnostic data level of devices such that data won't be available for those devices in Windows Update for Business reports:
- **Name**: Disable Telemetry opt-in interface
- **Description**: Disables the ability for end users of devices can adjust diagnostic data to levels lower than defined by the Allow Telemetry setting.
- **OMA-URI**: `./Vendor/MSFT/Policy/Config/System/ConfigureTelemetryOptInSettingsUx`
@@ -99,7 +99,7 @@ Create a configuration profile that will set the required policies for Windows U
- **OMA-URI**: `./Vendor/MSFT/Policy/Config/System/AllowDeviceNameInDiagnosticData`
- **Data type**: Integer
- **Value**: 1
- 1. Add a setting to **Configure Telemetry Opt In Change Notification**. Diagnostic data opt-in change notifications won't appear when changes occur.
+ 1. Add a setting to **Configure Telemetry Opt In Change Notification**. Diagnostic data opt-in change notifications won't appear when changes occur.
- **Name**: Configure Telemetry Opt In Change Notification
- **Description**: Disables Telemetry Opt In Change Notification
- **OMA-URI**: `./Vendor/MSFT/Policy/Config/System/ConfigureTelemetryOptInChangeNotification`
@@ -114,7 +114,7 @@ Create a configuration profile that will set the required policies for Windows U
The [Windows Update for Business reports Configuration Script](wufb-reports-configuration-script.md) is a useful tool for properly enrolling devices in Windows Update for Business reports, though it isn't strictly necessary. It checks to ensure that devices have the required services running and checks connectivity to the endpoints detailed in the section on [Manually configuring devices for Windows Update for Business reports](wufb-reports-configuration-manual.md). You can deploy the script as a Win32 app. For more information, see [Win32 app management in Microsoft Intune](/mem/intune/apps/apps-win32-app-management).
> [!NOTE]
-> Using the script is optional when configuring devices through Intune. The script can be leveraged as a troubleshooting tool to ensure that devices are properly configured for Windows Update for Business reports.
+> Using the script is optional when configuring devices through Intune. The script can be leveraged as a troubleshooting tool to ensure that devices are properly configured for Windows Update for Business reports.
When you deploy the configuration script as a Win32 app, you won't be able to retrieve the results of logs on the device without having access to the device, or saving results of the logs to a shared filesystem. We recommend deploying the script in pilot mode to a subset of devices that you can access. After following this guidance, you can deploy the configuration script in deployment mode as a Win32 app to all Windows Update for Business reports devices.
diff --git a/windows/deployment/update/wufb-reports-configuration-manual.md b/windows/deployment/update/wufb-reports-configuration-manual.md
index 5cbf3748b6..64f4a16d46 100644
--- a/windows/deployment/update/wufb-reports-configuration-manual.md
+++ b/windows/deployment/update/wufb-reports-configuration-manual.md
@@ -7,11 +7,11 @@ ms.subservice: itpro-updates
ms.topic: how-to
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 07/09/2024
---
diff --git a/windows/deployment/update/wufb-reports-configuration-script.md b/windows/deployment/update/wufb-reports-configuration-script.md
index 8452c0087f..a04421c2ec 100644
--- a/windows/deployment/update/wufb-reports-configuration-script.md
+++ b/windows/deployment/update/wufb-reports-configuration-script.md
@@ -7,11 +7,11 @@ ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 07/09/2024
---
@@ -22,7 +22,7 @@ The Windows Update for Business reports configuration script is the recommended
## About the script
-The configuration script configures registry keys directly. Registry keys can potentially be overwritten by policy settings like Group Policy or MDM. *Reconfiguring devices with the script doesn't reconfigure previously set policies, both in the case of Group Policy and MDM*. If there are conflicts between your Group Policy or MDM configurations and the required configurations listed in [Manually configuring devices for Windows Update for Business reports](wufb-reports-configuration-manual.md), device data might not appear in Windows Update for Business reports correctly.
+The configuration script configures registry keys directly. Registry keys can potentially be overwritten by policy settings like Group Policy or MDM. *Reconfiguring devices with the script doesn't reconfigure previously set policies, both in the case of Group Policy and MDM*. If there are conflicts between your Group Policy or MDM configurations and the required configurations listed in [Manually configuring devices for Windows Update for Business reports](wufb-reports-configuration-manual.md), device data might not appear in Windows Update for Business reports correctly.
You can download the script from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=101086).
@@ -43,7 +43,7 @@ Edit the `RunConfig.bat` file to configure the following variables, then run the
| logPath | Path where the logs are saved. The default location of the logs is `.\UCLogs`.| `logPath=C:\temp\logs` |
| logMode | **0**: Log to the console only **1** (default): Log to file and console. **2**: Log to file only. | `logMode=2` |
| DeviceNameOptIn | **true** (default): Device name is sent to Microsoft. **false**: Device name isn't sent to Microsoft. | `DeviceNameOptIn=true` |
-| ClientProxy | **Direct** (default): No proxy is used. The connection to the endpoints is direct. **System**: The system proxy, without authentication, is used. This type of proxy is typically configured with [netsh](/windows-server/networking/technologies/netsh/netsh-contexts) and can be verified using `netsh winhttp show proxy`. **User**: The proxy is configured through IE and it might or might not require user authentication. For more information, see [How the Windows Update client determines which proxy server to use to connect to the Windows Update website](https://support.microsoft.com/en-us/topic/how-the-windows-update-client-determines-which-proxy-server-to-use-to-connect-to-the-windows-update-website-08612ae5-3722-886c-f1e1-d012516c22a1) | `ClientProxy=Direct` |
+| ClientProxy | **Direct** (default): No proxy is used. The connection to the endpoints is direct. **System**: The system proxy, without authentication, is used. This type of proxy is typically configured with [netsh](/windows-server/networking/technologies/netsh/netsh-contexts) and can be verified using `netsh winhttp show proxy`. **User**: The proxy is configured through IE and it might or might not require user authentication. For more information, see [How the Windows Update client determines which proxy server to use to connect to the Windows Update website](https://support.microsoft.com/en-us/topic/how-the-windows-update-client-determines-which-proxy-server-to-use-to-connect-to-the-windows-update-website-08612ae5-3722-886c-f1e1-d012516c22a1) | `ClientProxy=Direct` |
| source | Used by the .bat file and PowerShell script to locate dependencies. It's recommended that you don't change this value. | `source=%~dp0` |
diff --git a/windows/deployment/update/wufb-reports-do.md b/windows/deployment/update/wufb-reports-do.md
index cef5beedc7..bb35bf803a 100644
--- a/windows/deployment/update/wufb-reports-do.md
+++ b/windows/deployment/update/wufb-reports-do.md
@@ -1,17 +1,17 @@
---
title: Delivery Optimization data in reports
titleSuffix: Windows Update for Business reports
-description: This article provides information about Delivery Optimization data in Windows Update for Business reports.
+description: This article provides information about Delivery Optimization data in Windows Update for Business reports.
ms.service: windows-client
ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 09/03/2024
---
@@ -37,7 +37,7 @@ Windows Update for Business reports uses the following Delivery Optimization ter
- LAN (1)
- Group (2)
- Internet (3)
-
+
- **Peering 'OFF'**: Devices where DO peer-to-peer is disabled, set to one of the following modes:
- HTTP Only (0)
- Simple Mode (99)
@@ -139,10 +139,10 @@ The following query is used to display the Top 10 GroupIDs:
```kusto
UCDOStatus | where TimeGenerated == _SnapshotTime
| summarize sum(BytesFromCDN) , sum(BytesFromGroupPeers) , sum(BytesFromPeers) , sum(BytesFromCache) ,
-DeviceCount = count_distinct(GlobalDeviceId) by GroupID | top 10 by DeviceCount desc
+DeviceCount = count_distinct(GlobalDeviceId) by GroupID | top 10 by DeviceCount desc
| extend TotalBytes = (sum_BytesFromPeers + sum_BytesFromGroupPeers+sum_BytesFromCDN+sum_BytesFromCache)
-| extend P2PPercentage = ((0.0 + sum_BytesFromPeers + sum_BytesFromGroupPeers)/TotalBytes ) * 100.0
-| extend MCCPercentage = ((0.0 + sum_BytesFromCache)/ TotalBytes) * 100.0 ,
+| extend P2PPercentage = ((0.0 + sum_BytesFromPeers + sum_BytesFromGroupPeers)/TotalBytes ) * 100.0
+| extend MCCPercentage = ((0.0 + sum_BytesFromCache)/ TotalBytes) * 100.0 ,
VolumeBytesFromPeers = sum_BytesFromPeers + sum_BytesFromGroupPeers
| extend VolumeBytesFromMCC = sum_BytesFromCache , VolumeByCDN = sum_BytesFromCDN
| project GroupID , P2PPercentage , MCCPercentage , VolumeBytesFromPeers , VolumeBytesFromMCC ,VolumeByCDN , DeviceCount
@@ -164,7 +164,7 @@ There are many Microsoft [content types](waas-delivery-optimization.md#types-of-
## Frequency Asked Questions
- **What time period does the Delivery Optimization data include?**
-Data is generated/aggregated for the last 28 days for active devices. For Delivery Optimization data to register in the report, the device must have performed some Delivery Optimization action in the 28-day rolling window. This includes device configuration information.
+Data is generated/aggregated for the last 28 days for active devices. For Delivery Optimization data to register in the report, the device must have performed some Delivery Optimization action in the 28-day rolling window. This includes device configuration information.
- **Data is showing as 'Unknown', what does that mean?**
You may see data in the report listed as 'Unknown'. This status indicates that the Delivery Optimization DownloadMode setting is either invalid or empty.
diff --git a/windows/deployment/update/wufb-reports-enable.md b/windows/deployment/update/wufb-reports-enable.md
index 0deac75ed2..6b15537bfb 100644
--- a/windows/deployment/update/wufb-reports-enable.md
+++ b/windows/deployment/update/wufb-reports-enable.md
@@ -7,10 +7,10 @@ ms.subservice: itpro-updates
ms.topic: how-to
author: mestew
ms.author: mstewart
-manager: aaroncz
-appliesto:
+manager: bpardi
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 07/09/2024
---
@@ -69,7 +69,7 @@ Enroll into Windows Update for Business reports by configuring its settings thro
> [!Tip]
> If a `403 Forbidden` error occurs, verify the account you're using has [permissions](wufb-reports-prerequisites.md#permissions) to enroll into Windows Update for Business reports.
1. The initial setup can take up to 24 hours. During this time, the workbook will display that it's **Waiting for Windows Update for Business reports data**.
- - Enrolling into Windows Update for Business reports doesn't influence the rate that required data is uploaded from devices. Device connectivity to the internet and how active the device is influences how long it takes before the device appears in reporting. Devices that are active and connected to the internet daily can expect to be fully uploaded within one week (usually less than 72 hours). Devices that are less active can take up to two weeks before data is fully available.
+ - Enrolling into Windows Update for Business reports doesn't influence the rate that required data is uploaded from devices. Device connectivity to the internet and how active the device is influences how long it takes before the device appears in reporting. Devices that are active and connected to the internet daily can expect to be fully uploaded within one week (usually less than 72 hours). Devices that are less active can take up to two weeks before data is fully available.
##### Enroll through the Microsoft 365 admin center
diff --git a/windows/deployment/update/wufb-reports-faq.yml b/windows/deployment/update/wufb-reports-faq.yml
index 0583d74808..6ad9b1965a 100644
--- a/windows/deployment/update/wufb-reports-faq.yml
+++ b/windows/deployment/update/wufb-reports-faq.yml
@@ -6,7 +6,7 @@ metadata:
ms.service: windows-client
ms.subservice: itpro-updates
ms.topic: faq
- manager: aaroncz
+ manager: bpardi
author: mestew
ms.author: mstewart
ms.date: 05/07/2024
diff --git a/windows/deployment/update/wufb-reports-help.md b/windows/deployment/update/wufb-reports-help.md
index 868d704195..9a03922bbd 100644
--- a/windows/deployment/update/wufb-reports-help.md
+++ b/windows/deployment/update/wufb-reports-help.md
@@ -7,8 +7,8 @@ ms.subservice: itpro-updates
ms.topic: troubleshooting-general
author: mestew
ms.author: mstewart
-manager: aaroncz
-appliesto:
+manager: bpardi
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 07/09/2024
@@ -40,11 +40,11 @@ Use the product feedback option to offer suggestions for new features and functi
You can open support requests directly from the Azure portal. If the **Help + Support** page doesn't display, verify you have access to open support requests. For more information about role-based access controls for support requests, see [Create an Azure support request](/azure/azure-portal/supportability/how-to-create-azure-support-request). To create a new support request for Windows Update for Business reports:
-1. Open the **Help + Support** page from the following locations:
+1. Open the **Help + Support** page from the following locations:
- In the [Send product feedback](#send-product-feedback) flyout, select the **contact support** link.
- From the Azure portal, select **New support request** under the **Support + Troubleshooting** heading.
-1. Select **Create a support request**, which opens the new support request page.
-1. On the **Problem description** tab, provide information about the issue. The following items in ***bold italics*** should be used to help ensure a Windows Update for Business reports engineer receives your support request:
+1. Select **Create a support request**, which opens the new support request page.
+1. On the **Problem description** tab, provide information about the issue. The following items in ***bold italics*** should be used to help ensure a Windows Update for Business reports engineer receives your support request:
- **Summary** - Brief description of the issue
- **Issue type** - ***Technical***
- **Subscription** - Select the subscription used for Windows Update for Business reports
diff --git a/windows/deployment/update/wufb-reports-overview.md b/windows/deployment/update/wufb-reports-overview.md
index 38119098c0..9ccc999e4c 100644
--- a/windows/deployment/update/wufb-reports-overview.md
+++ b/windows/deployment/update/wufb-reports-overview.md
@@ -7,7 +7,7 @@ ms.subservice: itpro-updates
ms.topic: overview
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
appliesto:
- ✅ Windows 11
- ✅ Windows 10
diff --git a/windows/deployment/update/wufb-reports-prerequisites.md b/windows/deployment/update/wufb-reports-prerequisites.md
index 5878b42548..4d38e0bdcf 100644
--- a/windows/deployment/update/wufb-reports-prerequisites.md
+++ b/windows/deployment/update/wufb-reports-prerequisites.md
@@ -7,10 +7,10 @@ ms.subservice: itpro-updates
ms.topic: article
author: mestew
ms.author: mstewart
-manager: aaroncz
-appliesto:
+manager: bpardi
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 06/04/2024
---
@@ -52,9 +52,9 @@ Windows Update for Business reports supports Windows client devices on the follo
## Windows operating system updates for client devices
-Installing the February 2023 cumulative update, or a later equivalent update, is required for clients to enroll into Windows Update for Business reports. This update helped enable [changes to Windows diagnostic data collection](/windows/privacy/changes-to-windows-diagnostic-data-collection#services-that-rely-on-enhanced-diagnostic-data), which Windows Update for Business reports relies on.
+Installing the February 2023 cumulative update, or a later equivalent update, is required for clients to enroll into Windows Update for Business reports. This update helped enable [changes to Windows diagnostic data collection](/windows/privacy/changes-to-windows-diagnostic-data-collection#services-that-rely-on-enhanced-diagnostic-data), which Windows Update for Business reports relies on.
-For more information about available updates, see [Windows 11 release information](/windows/release-health/windows11-release-information) and [Windows 10 release information](/windows/release-health/release-information).
+For more information about available updates, see [Windows 11 release information](/windows/release-health/windows11-release-information) and [Windows 10 release information](/windows/release-health/release-information).
## Diagnostic data requirements
diff --git a/windows/deployment/update/wufb-reports-schema-enumerated-types.md b/windows/deployment/update/wufb-reports-schema-enumerated-types.md
index 5ce2780b48..fd59da2239 100644
--- a/windows/deployment/update/wufb-reports-schema-enumerated-types.md
+++ b/windows/deployment/update/wufb-reports-schema-enumerated-types.md
@@ -7,8 +7,8 @@ ms.subservice: itpro-updates
ms.topic: reference
author: mestew
ms.author: mstewart
-manager: aaroncz
-appliesto:
+manager: bpardi
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 12/06/2023
@@ -30,7 +30,7 @@ SKU of Windows the device is running.
| **ProfessionalN** | Similar to Windows Professional edition but doesn't include Windows media player. |
| **Education** | Windows Education |
-## OSArchitecture
+## OSArchitecture
Architecture of the OS running on the client.
@@ -40,7 +40,7 @@ Architecture of the OS running on the client.
| **x86** | OS is 32-bit |
| **Unknown** | The OS architecture is unknown |
-## OSFeatureUpdateStatus
+## OSFeatureUpdateStatus
Feature updates status
@@ -50,7 +50,7 @@ Feature updates status
| **InService** | Client is on a version of Windows 10 that is serviced. |
| **EndOfService** | Client is on a version of Windows 10 that is no longer serviced. |
-## OSQualityUpdateStatus
+## OSQualityUpdateStatus
Quality updates status
@@ -119,7 +119,7 @@ Lower-level service state
| **ServicePaused** | Update is on hold because of an automatic action by the deployment service. |
| **SafeguardHold** | Update isn't offered because an existing safeguard hold on the device. |
-## ClientState
+## ClientState
High-level client state
@@ -136,7 +136,7 @@ High-level client state
## ClientSubstate
-Lower-level client state
+Lower-level client state
|Value | Description |
|---|---|
diff --git a/windows/deployment/update/wufb-reports-schema-ucclient.md b/windows/deployment/update/wufb-reports-schema-ucclient.md
index a0c9a45bba..c713b26b04 100644
--- a/windows/deployment/update/wufb-reports-schema-ucclient.md
+++ b/windows/deployment/update/wufb-reports-schema-ucclient.md
@@ -7,8 +7,8 @@ ms.subservice: itpro-updates
ms.topic: reference
author: mestew
ms.author: mstewart
-manager: aaroncz
-appliesto:
+manager: bpardi
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 03/12/2024
diff --git a/windows/deployment/update/wufb-reports-schema-ucclientreadinessstatus.md b/windows/deployment/update/wufb-reports-schema-ucclientreadinessstatus.md
index e531090eff..bb4362a778 100644
--- a/windows/deployment/update/wufb-reports-schema-ucclientreadinessstatus.md
+++ b/windows/deployment/update/wufb-reports-schema-ucclientreadinessstatus.md
@@ -7,10 +7,10 @@ ms.subservice: itpro-updates
ms.topic: reference
author: mestew
ms.author: mstewart
-manager: aaroncz
-appliesto:
+manager: bpardi
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 12/06/2023
---
diff --git a/windows/deployment/update/wufb-reports-schema-ucclientupdatestatus.md b/windows/deployment/update/wufb-reports-schema-ucclientupdatestatus.md
index af30fb0d1b..5d0aeae92a 100644
--- a/windows/deployment/update/wufb-reports-schema-ucclientupdatestatus.md
+++ b/windows/deployment/update/wufb-reports-schema-ucclientupdatestatus.md
@@ -7,10 +7,10 @@ ms.subservice: itpro-updates
ms.topic: reference
author: mestew
ms.author: mstewart
-manager: aaroncz
-appliesto:
+manager: bpardi
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 12/06/2023
---
diff --git a/windows/deployment/update/wufb-reports-schema-ucdevicealert.md b/windows/deployment/update/wufb-reports-schema-ucdevicealert.md
index 9a8a2cda3a..24784f27db 100644
--- a/windows/deployment/update/wufb-reports-schema-ucdevicealert.md
+++ b/windows/deployment/update/wufb-reports-schema-ucdevicealert.md
@@ -7,8 +7,8 @@ ms.subservice: itpro-updates
ms.topic: reference
author: mestew
ms.author: mstewart
-manager: aaroncz
-appliesto:
+manager: bpardi
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 12/06/2023
diff --git a/windows/deployment/update/wufb-reports-schema-ucdoaggregatedstatus.md b/windows/deployment/update/wufb-reports-schema-ucdoaggregatedstatus.md
index 54de3d5647..274a16ece8 100644
--- a/windows/deployment/update/wufb-reports-schema-ucdoaggregatedstatus.md
+++ b/windows/deployment/update/wufb-reports-schema-ucdoaggregatedstatus.md
@@ -7,11 +7,11 @@ ms.subservice: itpro-updates
ms.topic: reference
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.reviewer: carmenf
-appliesto:
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 12/06/2023
---
diff --git a/windows/deployment/update/wufb-reports-schema-ucdostatus.md b/windows/deployment/update/wufb-reports-schema-ucdostatus.md
index ede39f076e..7db17f44f4 100644
--- a/windows/deployment/update/wufb-reports-schema-ucdostatus.md
+++ b/windows/deployment/update/wufb-reports-schema-ucdostatus.md
@@ -7,7 +7,7 @@ ms.subservice: itpro-updates
ms.topic: reference
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.reviewer: carmenf
appliesto:
- ✅ Windows 11
diff --git a/windows/deployment/update/wufb-reports-schema-ucserviceupdatestatus.md b/windows/deployment/update/wufb-reports-schema-ucserviceupdatestatus.md
index 3c6a26b80c..c908ffb2db 100644
--- a/windows/deployment/update/wufb-reports-schema-ucserviceupdatestatus.md
+++ b/windows/deployment/update/wufb-reports-schema-ucserviceupdatestatus.md
@@ -7,10 +7,10 @@ ms.subservice: itpro-updates
ms.topic: reference
author: mestew
ms.author: mstewart
-manager: aaroncz
-appliesto:
+manager: bpardi
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 12/06/2023
---
@@ -19,7 +19,7 @@ ms.date: 12/06/2023
Update Event that comes directly from the service-side. The event has only service-side information for one device (client), and one update, in one deployment. This event has certain fields removed from it in favor of being able to show data in near real time.
## Schema for UCServiceUpdateStatus
-
+
| Field |Type | Enumerated type |Example |Description |
|---|---|---|---|---|
| **AzureADDeviceId** | [string](/azure/data-explorer/kusto/query/scalar-data-types/string) | No | `71db1a1a-f1a6-4a25-b88f-79c2f513dae0` | Microsoft Entra Device ID |
diff --git a/windows/deployment/update/wufb-reports-schema-ucupdatealert.md b/windows/deployment/update/wufb-reports-schema-ucupdatealert.md
index c8239fc4a2..77d7552a2b 100644
--- a/windows/deployment/update/wufb-reports-schema-ucupdatealert.md
+++ b/windows/deployment/update/wufb-reports-schema-ucupdatealert.md
@@ -7,10 +7,10 @@ ms.subservice: itpro-updates
ms.topic: reference
author: mestew
ms.author: mstewart
-manager: aaroncz
-appliesto:
+manager: bpardi
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 12/06/2023
---
diff --git a/windows/deployment/update/wufb-reports-schema.md b/windows/deployment/update/wufb-reports-schema.md
index d87b64907c..2c789e2e28 100644
--- a/windows/deployment/update/wufb-reports-schema.md
+++ b/windows/deployment/update/wufb-reports-schema.md
@@ -7,10 +7,10 @@ ms.subservice: itpro-updates
ms.topic: reference
author: mestew
ms.author: mstewart
-manager: aaroncz
-appliesto:
+manager: bpardi
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 12/06/2023
---
diff --git a/windows/deployment/update/wufb-reports-use.md b/windows/deployment/update/wufb-reports-use.md
index 4f96164a1b..6f54bffeab 100644
--- a/windows/deployment/update/wufb-reports-use.md
+++ b/windows/deployment/update/wufb-reports-use.md
@@ -7,10 +7,10 @@ ms.subservice: itpro-updates
ms.topic: how-to
author: mestew
ms.author: mstewart
-manager: aaroncz
-appliesto:
+manager: bpardi
+appliesto:
- ✅ Windows 11
-- ✅ Windows 10
+- ✅ Windows 10
ms.date: 11/15/2022
---
@@ -20,7 +20,7 @@ In this article, you'll learn how to use Windows Update for Business reports to
## Display Windows Update for Business reports data
-1. Sign into the [Azure portal](https://portal.azure.com).
+1. Sign into the [Azure portal](https://portal.azure.com).
1. In the Azure portal, type **Log Analytics** in the search bar. As you begin typing, the list filters based on your input.
1. Select **Log Analytics workspaces**.
1. Select the workspace that you use for Windows Update for Business reports.
diff --git a/windows/deployment/update/wufb-reports-workbook.md b/windows/deployment/update/wufb-reports-workbook.md
index ba85a80f98..b39cc14f27 100644
--- a/windows/deployment/update/wufb-reports-workbook.md
+++ b/windows/deployment/update/wufb-reports-workbook.md
@@ -7,8 +7,8 @@ ms.subservice: itpro-updates
ms.topic: how-to
author: mestew
ms.author: mstewart
-manager: aaroncz
-appliesto:
+manager: bpardi
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 01/29/2024
@@ -62,7 +62,7 @@ The charts displayed in the **Summary** tab give you a general idea of the overa
- **Overall security update status**: Gives you general insight into of the current update compliance state of your enrolled devices. For instance, if the chart shows a large number of devices are missing multiple security updates, it may indicate an issue in the software update process.
- **Feature update status**: Gives you a general understanding of how many devices are eligible for feature updates based on the operating system lifecycle.
-
+
:::image type="content" source="media/33771278-overall-security-update-status.png" alt-text="Screenshot of the charts in the workbook's summary tab" lightbox="media/33771278-overall-security-update-status.png":::
## Quality updates tab
@@ -71,7 +71,7 @@ The **Quality updates** tab displays generalized data at the top by using tiles.
| Tile name | Description | Drill-in description |
|---|---|---|
-|**Latest security update**| Count of devices that have reported successful installation of the latest security update. | - Select **View details** to display a flyout with a chart that displays the first 1000 items. - Select `...` from the flyout to export the full list, or display the query in [Log Analytics](/azure/azure-monitor/logs/log-analytics-tutorial). |
+|**Latest security update**| Count of devices that have reported successful installation of the latest security update. | - Select **View details** to display a flyout with a chart that displays the first 1000 items. - Select `...` from the flyout to export the full list, or display the query in [Log Analytics](/azure/azure-monitor/logs/log-analytics-tutorial). |
| **Missing one security update** | Count of devices that haven't installed the latest security update.| - Select **View details** to display a flyout with a chart that displays the first 1000 items. - Select `...` from the flyout to export the full list, or display the query in [Log Analytics](/azure/azure-monitor/logs/log-analytics-tutorial).|
| **Missing multiple security updates** | Count of devices that are missing two or more security updates. | - Select **View details** to display a flyout with a chart that displays the first 1000 items. - Select `...` from the flyout to export the full list, or display the query in [Log Analytics](/azure/azure-monitor/logs/log-analytics-tutorial). |
| **Active alerts** | Count of active update and device alerts for quality updates. | |
@@ -91,7 +91,7 @@ The **Update deployment status** table displays the quality updates for each ope
| Column name | Description | Drill-in description |
|---|---|---|
-|**Alerts**| Number of different error codes encountered by devices for the update. | Selecting this number lists the alert name for each error code and a count of devices with the error. Select the device count to display a list of devices that have an active alert for the error code.
+|**Alerts**| Number of different error codes encountered by devices for the update. | Selecting this number lists the alert name for each error code and a count of devices with the error. Select the device count to display a list of devices that have an active alert for the error code.
| **KB Number** | KB number for the update | Selecting the KB number will open the support information webpage for the update.|
| **Total devices** | Number of devices that have been offered the update, or are installing, have installed, or canceled the update. | Selecting the device count opens a device list table. This table is limited to the first 1000 rows. Select `...` to export the full list, or display the query in [Log Analytics](/azure/azure-monitor/logs/log-analytics-tutorial). |
diff --git a/windows/deployment/update/wufb-wsus.md b/windows/deployment/update/wufb-wsus.md
index d320df4f52..47d1366ab1 100644
--- a/windows/deployment/update/wufb-wsus.md
+++ b/windows/deployment/update/wufb-wsus.md
@@ -6,7 +6,7 @@ ms.subservice: itpro-updates
ms.topic: how-to
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
appliesto:
- ✅ Windows 11
diff --git a/windows/deployment/upgrade/log-files.md b/windows/deployment/upgrade/log-files.md
index 34fd512807..0e3f3e23be 100644
--- a/windows/deployment/upgrade/log-files.md
+++ b/windows/deployment/upgrade/log-files.md
@@ -3,7 +3,7 @@ title: Log files and resolving upgrade errors
description: Learn how to interpret and analyze the log files that are generated during the Windows upgrade process.
ms.service: windows-client
author: frankroj
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.localizationpriority: medium
ms.topic: troubleshooting
diff --git a/windows/deployment/upgrade/resolve-windows-upgrade-errors.md b/windows/deployment/upgrade/resolve-windows-upgrade-errors.md
index 8b9ff49ed1..f80f33d87d 100644
--- a/windows/deployment/upgrade/resolve-windows-upgrade-errors.md
+++ b/windows/deployment/upgrade/resolve-windows-upgrade-errors.md
@@ -1,6 +1,6 @@
---
title: Resolve Windows upgrade errors - Windows IT Pro
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
description: Resolve Windows upgrade errors for ITPros. Technical information for IT professionals to help diagnose Windows setup errors.
author: frankroj
diff --git a/windows/deployment/upgrade/setupdiag.md b/windows/deployment/upgrade/setupdiag.md
index b082524620..c7c89010c2 100644
--- a/windows/deployment/upgrade/setupdiag.md
+++ b/windows/deployment/upgrade/setupdiag.md
@@ -5,7 +5,7 @@ ms.reviewer: shendrix
ms.service: windows-client
ms.subservice: itpro-deploy
author: frankroj
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.localizationpriority: medium
ms.topic: troubleshooting
diff --git a/windows/deployment/upgrade/submit-errors.md b/windows/deployment/upgrade/submit-errors.md
index f1fc97e892..25f8f413c2 100644
--- a/windows/deployment/upgrade/submit-errors.md
+++ b/windows/deployment/upgrade/submit-errors.md
@@ -1,6 +1,6 @@
---
title: Submit Windows upgrade errors using Feedback Hub
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
description: Download the Feedback Hub app, and then submit Windows upgrade errors for diagnosis using Feedback Hub.
ms.service: windows-client
diff --git a/windows/deployment/upgrade/windows-edition-upgrades.md b/windows/deployment/upgrade/windows-edition-upgrades.md
index eea591bb03..3dcd3c720a 100644
--- a/windows/deployment/upgrade/windows-edition-upgrades.md
+++ b/windows/deployment/upgrade/windows-edition-upgrades.md
@@ -1,7 +1,7 @@
---
title: Windows edition upgrade
description: With Windows, you can quickly upgrade from one edition of Windows to another, provided the upgrade path is supported.
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
ms.localizationpriority: medium
@@ -129,7 +129,7 @@ If only a few devices are being upgraded devices, a product key for the upgraded
1. In the **Run** window, next to **Open**, enter
`ms-settings:activation`
-
+
and then select **OK**.
1. Select **Change product key**.
@@ -152,7 +152,7 @@ If you don't have a product key, you can upgrade your edition of Windows through
1. In the **Run** window, next to **Open**, enter
`ms-windows-store://windowsupgrade/`
-
+
and then select **OK**.
1. Follow the on-screen instructions.
diff --git a/windows/deployment/upgrade/windows-error-reporting.md b/windows/deployment/upgrade/windows-error-reporting.md
index d2da8a5c3d..d204be51e1 100644
--- a/windows/deployment/upgrade/windows-error-reporting.md
+++ b/windows/deployment/upgrade/windows-error-reporting.md
@@ -1,6 +1,6 @@
---
title: Windows error reporting - Windows IT Pro
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
description: Learn how to review the events generated by Windows Error Reporting when something goes wrong during Windows 10 setup.
ms.service: windows-client
diff --git a/windows/deployment/upgrade/windows-upgrade-and-migration-considerations.md b/windows/deployment/upgrade/windows-upgrade-and-migration-considerations.md
index e1d51e9ebd..7d41a77815 100644
--- a/windows/deployment/upgrade/windows-upgrade-and-migration-considerations.md
+++ b/windows/deployment/upgrade/windows-upgrade-and-migration-considerations.md
@@ -1,7 +1,7 @@
---
title: Windows Upgrade and Migration Considerations
description: Discover the Microsoft tools that can be used to move files and settings between installations including special considerations for performing an upgrade or migration.
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/upgrade/windows-upgrade-paths.md b/windows/deployment/upgrade/windows-upgrade-paths.md
index e8d3480151..c60653051f 100644
--- a/windows/deployment/upgrade/windows-upgrade-paths.md
+++ b/windows/deployment/upgrade/windows-upgrade-paths.md
@@ -4,7 +4,7 @@ description: Upgrade to current versions of Windows from a previous version of W
ms.service: windows-client
ms.localizationpriority: medium
author: frankroj
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.topic: upgrade-and-migration-article
ms.collection:
diff --git a/windows/deployment/usmt/getting-started-with-the-user-state-migration-tool.md b/windows/deployment/usmt/getting-started-with-the-user-state-migration-tool.md
index 103b3e14b9..3a8564f64c 100644
--- a/windows/deployment/usmt/getting-started-with-the-user-state-migration-tool.md
+++ b/windows/deployment/usmt/getting-started-with-the-user-state-migration-tool.md
@@ -2,7 +2,7 @@
title: User State Migration Tool (USMT) - Getting Started
description: Plan, collect, and prepare the source computer for migration using the User State Migration Tool (USMT).
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/migrate-application-settings.md b/windows/deployment/usmt/migrate-application-settings.md
index c6c0627a49..1934301352 100644
--- a/windows/deployment/usmt/migrate-application-settings.md
+++ b/windows/deployment/usmt/migrate-application-settings.md
@@ -2,7 +2,7 @@
title: Migrate Application Settings
description: Learn how to author a custom migration .xml file that migrates the settings of an application that isn't migrated by default using MigApp.xml.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/migration-store-types-overview.md b/windows/deployment/usmt/migration-store-types-overview.md
index a8473748b7..bec414fa59 100644
--- a/windows/deployment/usmt/migration-store-types-overview.md
+++ b/windows/deployment/usmt/migration-store-types-overview.md
@@ -2,7 +2,7 @@
title: Migration Store Types Overview
description: Learn about the migration store types and how to determine which migration store type best suits the organization's needs.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/offline-migration-reference.md b/windows/deployment/usmt/offline-migration-reference.md
index e60272da5f..1496e411b8 100644
--- a/windows/deployment/usmt/offline-migration-reference.md
+++ b/windows/deployment/usmt/offline-migration-reference.md
@@ -2,7 +2,7 @@
title: Offline Migration Reference
description: Offline migration enables the ScanState tool to run inside a different Windows OS than the Windows OS from which ScanState is gathering files and settings.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/understanding-migration-xml-files.md b/windows/deployment/usmt/understanding-migration-xml-files.md
index fab9e7724b..becd523f57 100644
--- a/windows/deployment/usmt/understanding-migration-xml-files.md
+++ b/windows/deployment/usmt/understanding-migration-xml-files.md
@@ -2,7 +2,7 @@
title: Understanding Migration XML Files
description: Learn how to modify the behavior of a basic User State Migration Tool (USMT) migration by using XML files.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-best-practices.md b/windows/deployment/usmt/usmt-best-practices.md
index 34fb82aa18..5cf6ae4e12 100644
--- a/windows/deployment/usmt/usmt-best-practices.md
+++ b/windows/deployment/usmt/usmt-best-practices.md
@@ -2,7 +2,7 @@
title: USMT Best Practices
description: This article discusses general and security-related best practices when using User State Migration Tool (USMT).
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-choose-migration-store-type.md b/windows/deployment/usmt/usmt-choose-migration-store-type.md
index 46f76521b8..17ee6d7e93 100644
--- a/windows/deployment/usmt/usmt-choose-migration-store-type.md
+++ b/windows/deployment/usmt/usmt-choose-migration-store-type.md
@@ -2,7 +2,7 @@
title: Choose a Migration Store Type
description: Learn how to choose a migration store type and estimate the amount of disk space needed for computers in the organization.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-command-line-syntax.md b/windows/deployment/usmt/usmt-command-line-syntax.md
index cac5f93581..7681d63254 100644
--- a/windows/deployment/usmt/usmt-command-line-syntax.md
+++ b/windows/deployment/usmt/usmt-command-line-syntax.md
@@ -2,7 +2,7 @@
title: User State Migration Tool (USMT) Command-line Syntax
description: Learn about the User State Migration Tool (USMT) command-line syntax for using the **ScanState** tool, **LoadState** tool, and UsmtUtils tool.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-common-migration-scenarios.md b/windows/deployment/usmt/usmt-common-migration-scenarios.md
index b81d59505e..082e9858fe 100644
--- a/windows/deployment/usmt/usmt-common-migration-scenarios.md
+++ b/windows/deployment/usmt/usmt-common-migration-scenarios.md
@@ -2,7 +2,7 @@
title: Common Migration Scenarios
description: See how the User State Migration Tool (USMT) is used when planning hardware and/or operating system upgrades.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-configxml-file.md b/windows/deployment/usmt/usmt-configxml-file.md
index b0444cb0cd..8e13ed4b1a 100644
--- a/windows/deployment/usmt/usmt-configxml-file.md
+++ b/windows/deployment/usmt/usmt-configxml-file.md
@@ -2,7 +2,7 @@
title: Config.xml File
description: Learn how the Config.xml file is an optional User State Migration Tool (USMT) file that can be created using the /genconfig option with the ScanState.exe tool.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-conflicts-and-precedence.md b/windows/deployment/usmt/usmt-conflicts-and-precedence.md
index c514ca0de2..1b749944d2 100644
--- a/windows/deployment/usmt/usmt-conflicts-and-precedence.md
+++ b/windows/deployment/usmt/usmt-conflicts-and-precedence.md
@@ -2,7 +2,7 @@
title: Conflicts and Precedence
description: In this article, learn how User State Migration Tool (USMT) deals with conflicts and precedence.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-custom-xml-examples.md b/windows/deployment/usmt/usmt-custom-xml-examples.md
index ea5761cc5e..69e702b388 100644
--- a/windows/deployment/usmt/usmt-custom-xml-examples.md
+++ b/windows/deployment/usmt/usmt-custom-xml-examples.md
@@ -2,7 +2,7 @@
title: Custom XML Examples
description: Use custom XML examples to learn how to migrate an unsupported application, migrate files and registry keys, and migrate the Videos folder.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-customize-xml-files.md b/windows/deployment/usmt/usmt-customize-xml-files.md
index 1c80db779b..cbea525df5 100644
--- a/windows/deployment/usmt/usmt-customize-xml-files.md
+++ b/windows/deployment/usmt/usmt-customize-xml-files.md
@@ -2,7 +2,7 @@
title: Customize USMT XML Files
description: Learn how to customize USMT XML files. Also, learn about the migration XML files that are included with USMT.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-determine-what-to-migrate.md b/windows/deployment/usmt/usmt-determine-what-to-migrate.md
index afad7e7d3d..fb34e2ea26 100644
--- a/windows/deployment/usmt/usmt-determine-what-to-migrate.md
+++ b/windows/deployment/usmt/usmt-determine-what-to-migrate.md
@@ -2,7 +2,7 @@
title: Determine What to Migrate
description: Determine migration settings for standard or customized for the User State Migration Tool (USMT).
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-estimate-migration-store-size.md b/windows/deployment/usmt/usmt-estimate-migration-store-size.md
index 0ebc0fc1de..0094327673 100644
--- a/windows/deployment/usmt/usmt-estimate-migration-store-size.md
+++ b/windows/deployment/usmt/usmt-estimate-migration-store-size.md
@@ -2,7 +2,7 @@
title: Estimate Migration Store Size
description: Estimate the disk space requirement for a migration so that the User State Migration Tool (USMT) can be used.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-exclude-files-and-settings.md b/windows/deployment/usmt/usmt-exclude-files-and-settings.md
index 52a44c5d33..864ee7abf4 100644
--- a/windows/deployment/usmt/usmt-exclude-files-and-settings.md
+++ b/windows/deployment/usmt/usmt-exclude-files-and-settings.md
@@ -2,7 +2,7 @@
title: Exclude Files and Settings
description: In this article, learn how to exclude files and settings when creating a custom .xml file and a Config.xml file.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-extract-files-from-a-compressed-migration-store.md b/windows/deployment/usmt/usmt-extract-files-from-a-compressed-migration-store.md
index 8f2d1c1196..49c3bc1d0a 100644
--- a/windows/deployment/usmt/usmt-extract-files-from-a-compressed-migration-store.md
+++ b/windows/deployment/usmt/usmt-extract-files-from-a-compressed-migration-store.md
@@ -2,7 +2,7 @@
title: Extract Files from a Compressed USMT Migration Store
description: In this article, learn how to extract files from a compressed User State Migration Tool (USMT) migration store.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-faq.yml b/windows/deployment/usmt/usmt-faq.yml
index fb9a10a99e..b17fe6d128 100644
--- a/windows/deployment/usmt/usmt-faq.yml
+++ b/windows/deployment/usmt/usmt-faq.yml
@@ -7,7 +7,7 @@ metadata:
ms.subservice: itpro-deploy
author: frankroj
ms.author: frankroj
- manager: aaroncz
+ manager: bpardi
ms.mktglfcycl: deploy
ms.sitesec: library
audience: itpro
diff --git a/windows/deployment/usmt/usmt-general-conventions.md b/windows/deployment/usmt/usmt-general-conventions.md
index 146ed9bd56..7f7206ba1c 100644
--- a/windows/deployment/usmt/usmt-general-conventions.md
+++ b/windows/deployment/usmt/usmt-general-conventions.md
@@ -2,7 +2,7 @@
title: General Conventions
description: Learn about general XML guidelines and how to use XML helper functions in the XML Elements library to change migration behavior.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-hard-link-migration-store.md b/windows/deployment/usmt/usmt-hard-link-migration-store.md
index 75a8d9fb1d..20d039aba7 100644
--- a/windows/deployment/usmt/usmt-hard-link-migration-store.md
+++ b/windows/deployment/usmt/usmt-hard-link-migration-store.md
@@ -2,7 +2,7 @@
title: Hard-Link Migration Store
description: Use of a hard-link migration store for a computer-refresh scenario drastically improves migration performance and significantly reduces hard-disk utilization.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-how-it-works.md b/windows/deployment/usmt/usmt-how-it-works.md
index 49a7170f0c..a3fd5d2a81 100644
--- a/windows/deployment/usmt/usmt-how-it-works.md
+++ b/windows/deployment/usmt/usmt-how-it-works.md
@@ -2,7 +2,7 @@
title: How USMT Works
description: Learn how USMT works and how it includes two tools that migrate settings and data - ScanState and LoadState.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-how-to.md b/windows/deployment/usmt/usmt-how-to.md
index 29114c8d6e..6baddb6988 100644
--- a/windows/deployment/usmt/usmt-how-to.md
+++ b/windows/deployment/usmt/usmt-how-to.md
@@ -2,7 +2,7 @@
title: User State Migration Tool (USMT) How-to articles
description: Reference the articles in this article to learn how to use User State Migration Tool (USMT) to perform specific tasks.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-identify-application-settings.md b/windows/deployment/usmt/usmt-identify-application-settings.md
index 644d0c72b2..3e696e0933 100644
--- a/windows/deployment/usmt/usmt-identify-application-settings.md
+++ b/windows/deployment/usmt/usmt-identify-application-settings.md
@@ -2,7 +2,7 @@
title: Identify Applications Settings
description: Identify which applications and settings need to be migrated before using the User State Migration Tool (USMT).
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-identify-file-types-files-and-folders.md b/windows/deployment/usmt/usmt-identify-file-types-files-and-folders.md
index 217fc28b31..2158e2c2e6 100644
--- a/windows/deployment/usmt/usmt-identify-file-types-files-and-folders.md
+++ b/windows/deployment/usmt/usmt-identify-file-types-files-and-folders.md
@@ -2,7 +2,7 @@
title: Identify File Types, Files, and Folders
description: Identify the file types, files, folders, and settings that need to be migrated when planning the migration.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-identify-operating-system-settings.md b/windows/deployment/usmt/usmt-identify-operating-system-settings.md
index b37083ce78..a765ccc6b0 100644
--- a/windows/deployment/usmt/usmt-identify-operating-system-settings.md
+++ b/windows/deployment/usmt/usmt-identify-operating-system-settings.md
@@ -2,7 +2,7 @@
title: Identify Operating System Settings
description: Identify which system settings need to be migrated. The User State Migration Tool (USMT) can then be used to select settings and keep the default values for all others.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-identify-users.md b/windows/deployment/usmt/usmt-identify-users.md
index e72d3bab25..7a1892124c 100644
--- a/windows/deployment/usmt/usmt-identify-users.md
+++ b/windows/deployment/usmt/usmt-identify-users.md
@@ -2,7 +2,7 @@
title: Identify Users
description: Learn how to identify users that need to be migrated, and how to migrate local accounts and domain accounts.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-include-files-and-settings.md b/windows/deployment/usmt/usmt-include-files-and-settings.md
index aa3a9e2593..524bea7f3d 100644
--- a/windows/deployment/usmt/usmt-include-files-and-settings.md
+++ b/windows/deployment/usmt/usmt-include-files-and-settings.md
@@ -2,7 +2,7 @@
title: Include Files and Settings
description: Specify the migration .xml files that are needed, then use the User State Migration Tool (USMT) to migrate the settings and components specified.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-loadstate-syntax.md b/windows/deployment/usmt/usmt-loadstate-syntax.md
index cb3ee8ef8b..ea6c0afdd0 100644
--- a/windows/deployment/usmt/usmt-loadstate-syntax.md
+++ b/windows/deployment/usmt/usmt-loadstate-syntax.md
@@ -2,7 +2,7 @@
title: LoadState Syntax
description: Learn about the syntax and usage of the command-line options available when using the LoadState command.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-log-files.md b/windows/deployment/usmt/usmt-log-files.md
index e015af4036..1f6ed9791b 100644
--- a/windows/deployment/usmt/usmt-log-files.md
+++ b/windows/deployment/usmt/usmt-log-files.md
@@ -2,7 +2,7 @@
title: USMT Log Files
description: Learn how to use User State Migration Tool (USMT) logs to monitor the migration and to troubleshoot errors and failed migrations.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-migrate-efs-files-and-certificates.md b/windows/deployment/usmt/usmt-migrate-efs-files-and-certificates.md
index 9f896b125f..921f57459d 100644
--- a/windows/deployment/usmt/usmt-migrate-efs-files-and-certificates.md
+++ b/windows/deployment/usmt/usmt-migrate-efs-files-and-certificates.md
@@ -2,7 +2,7 @@
title: Migrate EFS Files and Certificates
description: Learn how to migrate Encrypting File System (EFS) certificates. Also, learn where to find information about how to identify file types, files, and folders.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-migrate-user-accounts.md b/windows/deployment/usmt/usmt-migrate-user-accounts.md
index ba220bc251..612c768aef 100644
--- a/windows/deployment/usmt/usmt-migrate-user-accounts.md
+++ b/windows/deployment/usmt/usmt-migrate-user-accounts.md
@@ -2,7 +2,7 @@
title: Migrate User Accounts
description: Learn how to migrate user accounts and how to specify which users to include and exclude by using the User options on the command line.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-migration-store-encryption.md b/windows/deployment/usmt/usmt-migration-store-encryption.md
index 0af8864e20..372b2cf594 100644
--- a/windows/deployment/usmt/usmt-migration-store-encryption.md
+++ b/windows/deployment/usmt/usmt-migration-store-encryption.md
@@ -2,7 +2,7 @@
title: Migration Store Encryption
description: Learn how the User State Migration Tool (USMT) enables support for stronger encryption algorithms, called Advanced Encryption Standard (AES).
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-overview.md b/windows/deployment/usmt/usmt-overview.md
index 0eaa678d6e..fbe01f87bd 100644
--- a/windows/deployment/usmt/usmt-overview.md
+++ b/windows/deployment/usmt/usmt-overview.md
@@ -5,7 +5,7 @@ ms.service: windows-client
ms.subservice: itpro-deploy
author: frankroj
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.date: 03/27/2025
ms.topic: overview
diff --git a/windows/deployment/usmt/usmt-plan-your-migration.md b/windows/deployment/usmt/usmt-plan-your-migration.md
index a75bc7ea90..570bec08bb 100644
--- a/windows/deployment/usmt/usmt-plan-your-migration.md
+++ b/windows/deployment/usmt/usmt-plan-your-migration.md
@@ -2,7 +2,7 @@
title: Plan The Migration
description: Learn how to plan the migration carefully so the migration can proceed smoothly and so that the risk of migration failure is reduced.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-recognized-environment-variables.md b/windows/deployment/usmt/usmt-recognized-environment-variables.md
index c626ac56fe..4fddca1594 100644
--- a/windows/deployment/usmt/usmt-recognized-environment-variables.md
+++ b/windows/deployment/usmt/usmt-recognized-environment-variables.md
@@ -4,7 +4,7 @@ description: Learn how to use environment variables to identify folders that can
ms.service: windows-client
ms.subservice: itpro-deploy
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
author: frankroj
ms.date: 01/29/2025
diff --git a/windows/deployment/usmt/usmt-reference.md b/windows/deployment/usmt/usmt-reference.md
index a5e4eea126..55d8bb2fa1 100644
--- a/windows/deployment/usmt/usmt-reference.md
+++ b/windows/deployment/usmt/usmt-reference.md
@@ -2,7 +2,7 @@
title: User State Migration Toolkit (USMT) Reference
description: Use this User State Migration Toolkit (USMT) article to learn details about USMT, like operating system, hardware, and software requirements, and user prerequisites.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-requirements.md b/windows/deployment/usmt/usmt-requirements.md
index fb0d5ddf48..315fe8423d 100644
--- a/windows/deployment/usmt/usmt-requirements.md
+++ b/windows/deployment/usmt/usmt-requirements.md
@@ -2,7 +2,7 @@
title: USMT Requirements
description: While the User State Migration Tool (USMT) doesn't have many requirements, these tips and tricks can help smooth the migration process.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-reroute-files-and-settings.md b/windows/deployment/usmt/usmt-reroute-files-and-settings.md
index 8cbda2d6c9..a3e1310a7d 100644
--- a/windows/deployment/usmt/usmt-reroute-files-and-settings.md
+++ b/windows/deployment/usmt/usmt-reroute-files-and-settings.md
@@ -2,7 +2,7 @@
title: Reroute Files and Settings
description: Learn how to create a custom .xml file and specify this file name on both the ScanState and LoadState command lines to reroute files and settings.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-resources.md b/windows/deployment/usmt/usmt-resources.md
index cf9749d531..d714529956 100644
--- a/windows/deployment/usmt/usmt-resources.md
+++ b/windows/deployment/usmt/usmt-resources.md
@@ -2,7 +2,7 @@
title: USMT Resources
description: Learn about User State Migration Tool (USMT) online resources, including Microsoft Visual Studio and forums.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-scanstate-syntax.md b/windows/deployment/usmt/usmt-scanstate-syntax.md
index 04fee70623..8d64c330c7 100644
--- a/windows/deployment/usmt/usmt-scanstate-syntax.md
+++ b/windows/deployment/usmt/usmt-scanstate-syntax.md
@@ -2,7 +2,7 @@
title: ScanState Syntax
description: The ScanState command is used with the User State Migration Tool (USMT) to scan the source computer, collect the files and settings, and create a store.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-technical-reference.md b/windows/deployment/usmt/usmt-technical-reference.md
index 4e15899fb3..fbe3df07a9 100644
--- a/windows/deployment/usmt/usmt-technical-reference.md
+++ b/windows/deployment/usmt/usmt-technical-reference.md
@@ -2,7 +2,7 @@
title: User State Migration Tool (USMT) Technical Reference
description: The User State Migration Tool (USMT) provides a highly customizable user-profile migration experience for IT professionals.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-test-your-migration.md b/windows/deployment/usmt/usmt-test-your-migration.md
index 08bbb67f9d..e4b5a73092 100644
--- a/windows/deployment/usmt/usmt-test-your-migration.md
+++ b/windows/deployment/usmt/usmt-test-your-migration.md
@@ -2,7 +2,7 @@
title: Test The Migration
description: Learn about testing the migration plan in a controlled laboratory setting before deploying it to the entire organization.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-topics.md b/windows/deployment/usmt/usmt-topics.md
index 98ddecb7ae..989fff9691 100644
--- a/windows/deployment/usmt/usmt-topics.md
+++ b/windows/deployment/usmt/usmt-topics.md
@@ -2,7 +2,7 @@
title: User State Migration Tool (USMT) Overview Articles
description: Learn about User State Migration Tool (USMT) overview articles that describe USMT as a highly customizable user-profile migration experience for IT professionals.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-troubleshooting.md b/windows/deployment/usmt/usmt-troubleshooting.md
index 98b2ed5c0e..fc0c71560b 100644
--- a/windows/deployment/usmt/usmt-troubleshooting.md
+++ b/windows/deployment/usmt/usmt-troubleshooting.md
@@ -2,7 +2,7 @@
title: User State Migration Tool (USMT) Troubleshooting
description: Learn about articles that address common User State Migration Tool (USMT) issues and questions to help troubleshooting.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-utilities.md b/windows/deployment/usmt/usmt-utilities.md
index 29f40c6108..81f80a94db 100644
--- a/windows/deployment/usmt/usmt-utilities.md
+++ b/windows/deployment/usmt/usmt-utilities.md
@@ -2,7 +2,7 @@
title: UsmtUtils Syntax
description: Learn about the syntax for the utilities available in User State Migration Tool (USMT) through the command-line interface.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-what-does-usmt-migrate.md b/windows/deployment/usmt/usmt-what-does-usmt-migrate.md
index a60ce0dd07..0ab08f59e9 100644
--- a/windows/deployment/usmt/usmt-what-does-usmt-migrate.md
+++ b/windows/deployment/usmt/usmt-what-does-usmt-migrate.md
@@ -2,7 +2,7 @@
title: What does USMT migrate
description: Learn how User State Migration Tool (USMT) is designed so that an IT engineer can precisely define migrations using the USMT .xml scripting language.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-xml-elements-library.md b/windows/deployment/usmt/usmt-xml-elements-library.md
index edf9b0b470..3433804014 100644
--- a/windows/deployment/usmt/usmt-xml-elements-library.md
+++ b/windows/deployment/usmt/usmt-xml-elements-library.md
@@ -2,7 +2,7 @@
title: XML Elements Library
description: Learn about the XML elements and helper functions that can be employed to author migration .xml files to use with User State Migration Tool (USMT).
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/usmt-xml-reference.md b/windows/deployment/usmt/usmt-xml-reference.md
index 551883b1ab..031e1aa4bd 100644
--- a/windows/deployment/usmt/usmt-xml-reference.md
+++ b/windows/deployment/usmt/usmt-xml-reference.md
@@ -2,7 +2,7 @@
title: USMT XML Reference
description: Learn about working with and customizing the migration XML files using User State Migration Tool (USMT) XML Reference for Windows.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/verify-the-condition-of-a-compressed-migration-store.md b/windows/deployment/usmt/verify-the-condition-of-a-compressed-migration-store.md
index 0f537173ad..1e164d0589 100644
--- a/windows/deployment/usmt/verify-the-condition-of-a-compressed-migration-store.md
+++ b/windows/deployment/usmt/verify-the-condition-of-a-compressed-migration-store.md
@@ -2,7 +2,7 @@
title: Verify the Condition of a Compressed Migration Store
description: Use these tips and tricks to verify the condition of a compressed migration store when using User State Migration Tool (USMT).
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/usmt/xml-file-requirements.md b/windows/deployment/usmt/xml-file-requirements.md
index d26d21f084..1e8a5a5c01 100644
--- a/windows/deployment/usmt/xml-file-requirements.md
+++ b/windows/deployment/usmt/xml-file-requirements.md
@@ -2,7 +2,7 @@
title: XML File Requirements
description: Learn about the XML file requirements for creating custom .xml files, like the file must be in UTF-8 and have a unique migration URL ID.
ms.reviewer: kevinmi,warrenw
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
ms.service: windows-client
author: frankroj
diff --git a/windows/deployment/wds-boot-support.md b/windows/deployment/wds-boot-support.md
index 35a89089d3..083c3539a1 100644
--- a/windows/deployment/wds-boot-support.md
+++ b/windows/deployment/wds-boot-support.md
@@ -5,7 +5,7 @@ ms.service: windows-client
ms.localizationpriority: medium
author: frankroj
ms.author: frankroj
-manager: aaroncz
+manager: bpardi
ms.topic: article
ms.date: 07/19/2024
ms.subservice: itpro-deploy
diff --git a/windows/deployment/windows-adk-scenarios-for-it-pros.md b/windows/deployment/windows-adk-scenarios-for-it-pros.md
index b6a137b5f0..599712aaeb 100644
--- a/windows/deployment/windows-adk-scenarios-for-it-pros.md
+++ b/windows/deployment/windows-adk-scenarios-for-it-pros.md
@@ -3,7 +3,7 @@ title: Windows ADK for Windows scenarios for IT Pros
description: The Windows Assessment and Deployment Kit (Windows ADK) contains tools that IT Pros can use to deploy Windows.
author: frankroj
ms.author: frankroj
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.localizationpriority: medium
ms.date: 02/27/2025
diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md
index 0818a69802..a86f0f531b 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md
@@ -8,7 +8,7 @@ ms.topic: concept-article
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-overview.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-overview.md
index a5edca8e5b..9b31857c17 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-overview.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-overview.md
@@ -8,7 +8,7 @@ ms.topic: concept-article
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-post-reg-readiness-checks.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-post-reg-readiness-checks.md
index 4bab65f8f1..fa8b5ef224 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-post-reg-readiness-checks.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-post-reg-readiness-checks.md
@@ -8,7 +8,7 @@ ms.topic: concept-article
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
index ec56d0dd09..589f3620fb 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/includes/windows-autopatch-applies-to-all-licenses.md b/windows/deployment/windows-autopatch/includes/windows-autopatch-applies-to-all-licenses.md
index 28cef2dd9a..79e76221e8 100644
--- a/windows/deployment/windows-autopatch/includes/windows-autopatch-applies-to-all-licenses.md
+++ b/windows/deployment/windows-autopatch/includes/windows-autopatch-applies-to-all-licenses.md
@@ -1,7 +1,7 @@
---
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.subservice: autopatch
ms.topic: include
diff --git a/windows/deployment/windows-autopatch/includes/windows-autopatch-audience-graph-explorer.md b/windows/deployment/windows-autopatch/includes/windows-autopatch-audience-graph-explorer.md
index 1b467a2ff9..9aada40100 100644
--- a/windows/deployment/windows-autopatch/includes/windows-autopatch-audience-graph-explorer.md
+++ b/windows/deployment/windows-autopatch/includes/windows-autopatch-audience-graph-explorer.md
@@ -1,7 +1,7 @@
---
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.subservice: autopatch
ms.topic: include
@@ -14,8 +14,8 @@ A deployment audience is a collection of devices that you want to deploy updates
1. To create a new audience, **POST** to the [deployment audience](/graph/api/resources/windowsupdates-deploymentaudience) resource with a request body of `{}`.
```msgraph-interactive
- POST https://graph.microsoft.com/beta/admin/windows/updates/deploymentAudiences
- content-type: application/json
+ POST https://graph.microsoft.com/beta/admin/windows/updates/deploymentAudiences
+ content-type: application/json
{}
```
@@ -35,8 +35,8 @@ A deployment audience is a collection of devices that you want to deploy updates
1. Add devices, using their **Microsoft Entra ID**, to the deployment audience so they become audience members. Specify the deployment **Audience ID** in the URL field and the devices to add in the request body. The `id` property specifies the **Microsoft Entra ID** of the device.
```msgraph-interactive
- POST https://graph.microsoft.com/beta/admin/windows/updates/deploymentAudiences/d39ad1ce-0123-4567-89ab-cdef01234567/updateAudience
- content-type: application/json
+ POST https://graph.microsoft.com/beta/admin/windows/updates/deploymentAudiences/d39ad1ce-0123-4567-89ab-cdef01234567/updateAudience
+ content-type: application/json
{
"addMembers": [
diff --git a/windows/deployment/windows-autopatch/includes/windows-autopatch-business-premium-a3-licenses.md b/windows/deployment/windows-autopatch/includes/windows-autopatch-business-premium-a3-licenses.md
index 30ab466ec3..c7dc6119a0 100644
--- a/windows/deployment/windows-autopatch/includes/windows-autopatch-business-premium-a3-licenses.md
+++ b/windows/deployment/windows-autopatch/includes/windows-autopatch-business-premium-a3-licenses.md
@@ -1,7 +1,7 @@
---
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.subservice: autopatch
ms.topic: include
diff --git a/windows/deployment/windows-autopatch/includes/windows-autopatch-driver-policy-considerations.md b/windows/deployment/windows-autopatch/includes/windows-autopatch-driver-policy-considerations.md
index 6f2d96bdcb..9295e738d9 100644
--- a/windows/deployment/windows-autopatch/includes/windows-autopatch-driver-policy-considerations.md
+++ b/windows/deployment/windows-autopatch/includes/windows-autopatch-driver-policy-considerations.md
@@ -1,7 +1,7 @@
---
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.subservice: autopatch
ms.topic: include
@@ -10,7 +10,7 @@ ms.localizationpriority: medium
---
-It's possible for the service to receive content approval but the content doesn't get installed on the device because of a Group Policy, CSP, or registry setting on the device. In some cases, organizations specifically configure these policies to fit their current or future needs. For instance, organizations may want to review applicable driver content, but not allow installation. Configuring this sort of behavior can be useful, especially when transitioning management of driver updates due to changing organizational needs. The following list describes driver related update policies that can affect deployments:
+It's possible for the service to receive content approval but the content doesn't get installed on the device because of a Group Policy, CSP, or registry setting on the device. In some cases, organizations specifically configure these policies to fit their current or future needs. For instance, organizations may want to review applicable driver content, but not allow installation. Configuring this sort of behavior can be useful, especially when transitioning management of driver updates due to changing organizational needs. The following list describes driver related update policies that can affect deployments:
### Policies that exclude drivers from Windows Update for a device
@@ -20,7 +20,7 @@ The following policies exclude drivers from Windows Update for a device:
- **Group Policy**: `\Windows Components\Windows Update\Do not include drivers with Windows Updates` set to `enabled`
- **CSP**: [ExcludeWUDriversInQualityUpdate](/windows/client-management/mdm/policy-csp-update#excludewudriversinqualityupdate) set to `1`
- **Registry**: `HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ExcludeWUDriversFromQualityUpdates` set to `1`
- - **Intune**: [**Windows Drivers** update setting](/mem/intune/protect/windows-update-settings#update-settings) for the update ring set to `Block`
+ - **Intune**: [**Windows Drivers** update setting](/mem/intune/protect/windows-update-settings#update-settings) for the update ring set to `Block`
**Behavior**: Devices with driver exclusion polices that are enrolled for **drivers** and added to an audience:
- Will display the applicable driver content
diff --git a/windows/deployment/windows-autopatch/includes/windows-autopatch-enroll-device-graph-explorer.md b/windows/deployment/windows-autopatch/includes/windows-autopatch-enroll-device-graph-explorer.md
index 4c86165a65..95e1915162 100644
--- a/windows/deployment/windows-autopatch/includes/windows-autopatch-enroll-device-graph-explorer.md
+++ b/windows/deployment/windows-autopatch/includes/windows-autopatch-enroll-device-graph-explorer.md
@@ -1,7 +1,7 @@
---
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.subservice: autopatch
ms.topic: include
diff --git a/windows/deployment/windows-autopatch/includes/windows-autopatch-enterprise-e3-f3-licenses.md b/windows/deployment/windows-autopatch/includes/windows-autopatch-enterprise-e3-f3-licenses.md
index ec09838176..6e1470f0d3 100644
--- a/windows/deployment/windows-autopatch/includes/windows-autopatch-enterprise-e3-f3-licenses.md
+++ b/windows/deployment/windows-autopatch/includes/windows-autopatch-enterprise-e3-f3-licenses.md
@@ -1,7 +1,7 @@
---
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.subservice: autopatch
ms.topic: include
diff --git a/windows/deployment/windows-autopatch/includes/windows-autopatch-find-device-name-graph-explorer.md b/windows/deployment/windows-autopatch/includes/windows-autopatch-find-device-name-graph-explorer.md
index 00dc5b6ebd..8aea748977 100644
--- a/windows/deployment/windows-autopatch/includes/windows-autopatch-find-device-name-graph-explorer.md
+++ b/windows/deployment/windows-autopatch/includes/windows-autopatch-find-device-name-graph-explorer.md
@@ -1,7 +1,7 @@
---
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.subservice: autopatch
ms.topic: include
diff --git a/windows/deployment/windows-autopatch/includes/windows-autopatch-graph-explorer-permissions.md b/windows/deployment/windows-autopatch/includes/windows-autopatch-graph-explorer-permissions.md
index 439c49b803..a9093eab8d 100644
--- a/windows/deployment/windows-autopatch/includes/windows-autopatch-graph-explorer-permissions.md
+++ b/windows/deployment/windows-autopatch/includes/windows-autopatch-graph-explorer-permissions.md
@@ -1,7 +1,7 @@
---
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.subservice: autopatch
ms.topic: include
diff --git a/windows/deployment/windows-autopatch/includes/windows-autopatch-graph-explorer.md b/windows/deployment/windows-autopatch/includes/windows-autopatch-graph-explorer.md
index 8ce80d8b36..06e0756c59 100644
--- a/windows/deployment/windows-autopatch/includes/windows-autopatch-graph-explorer.md
+++ b/windows/deployment/windows-autopatch/includes/windows-autopatch-graph-explorer.md
@@ -1,7 +1,7 @@
---
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.subservice: autopatch
ms.topic: include
@@ -28,6 +28,6 @@ For this article, you'll use Graph Explorer to make requests to the [Microsoft G
1. Enter the request into the URL field. The version will populate automatically based on the URL.
1. If you need to modify the request body, edit the **Request body** tab.
1. Select the **Run query** button. The results will appear in the **Response** window.
-
+
> [!TIP]
> When reviewing [Microsoft Graph documentation](/graph/), you may notice example requests usually list `content-type: application/json`. Specifying `content-type` typically isn't required for Graph Explorer, but you can add it to the request by selecting the **Headers** tab and adding the `content-type` to the **Request headers** field as the **Key** and `application/json` as the **Value**.
diff --git a/windows/deployment/windows-autopatch/includes/windows-autopatch-graph-unenroll.md b/windows/deployment/windows-autopatch/includes/windows-autopatch-graph-unenroll.md
index f91004dfa0..bef9475e63 100644
--- a/windows/deployment/windows-autopatch/includes/windows-autopatch-graph-unenroll.md
+++ b/windows/deployment/windows-autopatch/includes/windows-autopatch-graph-unenroll.md
@@ -1,7 +1,7 @@
---
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.subservice: autopatch
ms.topic: include
diff --git a/windows/deployment/windows-autopatch/includes/windows-autopatch-limitations.md b/windows/deployment/windows-autopatch/includes/windows-autopatch-limitations.md
index dc0fd1a739..afdcb3aa7c 100644
--- a/windows/deployment/windows-autopatch/includes/windows-autopatch-limitations.md
+++ b/windows/deployment/windows-autopatch/includes/windows-autopatch-limitations.md
@@ -1,7 +1,7 @@
---
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.subservice: autopatch
ms.topic: include
diff --git a/windows/deployment/windows-autopatch/includes/windows-autopatch-required-graph-api-endpoints.md b/windows/deployment/windows-autopatch/includes/windows-autopatch-required-graph-api-endpoints.md
index ec3fc85cbe..cb3aa08e13 100644
--- a/windows/deployment/windows-autopatch/includes/windows-autopatch-required-graph-api-endpoints.md
+++ b/windows/deployment/windows-autopatch/includes/windows-autopatch-required-graph-api-endpoints.md
@@ -1,7 +1,7 @@
---
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.subservice: autopatch
ms.topic: include
diff --git a/windows/deployment/windows-autopatch/includes/windows-autopatch-update-health-tools-logs.md b/windows/deployment/windows-autopatch/includes/windows-autopatch-update-health-tools-logs.md
index adc812a9a0..039e1ec718 100644
--- a/windows/deployment/windows-autopatch/includes/windows-autopatch-update-health-tools-logs.md
+++ b/windows/deployment/windows-autopatch/includes/windows-autopatch-update-health-tools-logs.md
@@ -1,7 +1,7 @@
---
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.subservice: autopatch
ms.topic: include
@@ -15,7 +15,7 @@ The Update Health Tools are used when you deploy expedited updates. In some case
**Log location**: `%ProgramFiles%\Microsoft Update Health Tools\Logs`
-- The logs are in `.etl` format.
+- The logs are in `.etl` format.
- Microsoft offers [PerfView as a download on GitHub](https://github.com/Microsoft/perfview/blob/main/documentation/Downloading.md), which displays `.etl` files.
For more information, see [Troubleshooting expedited updates](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/get-the-most-out-of-expedited-windows-quality-updates/ba-p/3659741).
diff --git a/windows/deployment/windows-autopatch/index.yml b/windows/deployment/windows-autopatch/index.yml
index 2a64ebfccd..7c2e99fc4b 100644
--- a/windows/deployment/windows-autopatch/index.yml
+++ b/windows/deployment/windows-autopatch/index.yml
@@ -10,7 +10,7 @@ metadata:
ms.topic: landing-page # Required
author: tiaraquan #Required; your GitHub user alias, with correct capitalization.
ms.author: tiaraquan #Required; microsoft alias of author; optional team alias.
- manager: aaroncz
+ manager: bpardi
ms.date: 08/27/2024 #Required; mm/dd/yyyy format.
ms.service: windows-client
ms.subservice: autopatch
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-driver-and-firmware-update-programmatic-controls.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-driver-and-firmware-update-programmatic-controls.md
index 528758638d..fb05813062 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-driver-and-firmware-update-programmatic-controls.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-driver-and-firmware-update-programmatic-controls.md
@@ -1,17 +1,17 @@
---
title: Programmatic controls for drivers and firmware
-titleSuffix: Windows Autopatch
+titleSuffix: Windows Autopatch
description: Use programmatic controls to deploy driver and firmware updates to devices.
ms.service: windows-client
ms.subservice: autopatch
ms.topic: how-to
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.collection:
- tier1
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 03/31/2025
@@ -87,7 +87,7 @@ To create a policy without any deployment settings, in the request body specify
```msgraph-interactive
POST https://graph.microsoft.com/beta/admin/windows/updates/updatePolicies
content-type: application/json
-
+
{
"audience": {
"id": "d39ad1ce-0123-4567-89ab-cdef01234567"
@@ -129,7 +129,7 @@ To create a policy with additional settings, in the request body:
```msgraph-interactive
POST https://graph.microsoft.com/beta/admin/windows/updates/updatePolicies
content-type: application/json
-
+
{
"@odata.type": "#microsoft.graph.windowsUpdates.updatePolicy",
"audience": {
@@ -193,7 +193,7 @@ Once Windows Autopatch has scan results from devices, the applicability for driv
- The **Microsoft Entra ID** of the devices it's applicable to
- Information describing the update such as the name and version.
-To display [applicable content](/graph/api/resources/windowsupdates-applicablecontent), run a query using the **Audience ID**, for example `d39ad1ce-0123-4567-89ab-cdef01234567`:
+To display [applicable content](/graph/api/resources/windowsupdates-applicablecontent), run a query using the **Audience ID**, for example `d39ad1ce-0123-4567-89ab-cdef01234567`:
```msgraph-interactive
GET https://graph.microsoft.com/beta/admin/windows/updates/deploymentAudiences/d39ad1ce-0123-4567-89ab-cdef01234567/applicableContent
@@ -202,7 +202,7 @@ GET https://graph.microsoft.com/beta/admin/windows/updates/deploymentAudiences/d
The following truncated response displays:
- An **Microsoft Entra ID** of `01234567-89ab-cdef-0123-456789abcdef`
- - The **Catalog ID** of `5d6dede684ba5c4a731d62d9c9c2a99db12c5e6015e9f8ad00f3e9387c7f399c`
+ - The **Catalog ID** of `5d6dede684ba5c4a731d62d9c9c2a99db12c5e6015e9f8ad00f3e9387c7f399c`
```json
"matchedDevices": [
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-edge.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-edge.md
index ad4f28e24c..ccc61e4487 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-edge.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-edge.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: hathind
ms.collection:
- highpri
@@ -32,7 +32,7 @@ For a device to be eligible for Microsoft Edge updates as a part of Windows Auto
With the expanded Autopatch group capabilities, you can choose to enable Microsoft Edge updates on a per Autopatch group level. Depending on your tenant settings, one of the following scenarios occurs:
-- Tenants that previously turned on Autopatch Microsoft Edge updates, has the Microsoft Edge updates Update Type checkbox selected, and the updated policies applied to each Autopatch group.
+- Tenants that previously turned on Autopatch Microsoft Edge updates, has the Microsoft Edge updates Update Type checkbox selected, and the updated policies applied to each Autopatch group.
- Tenants that previously turned off Autopatch Microsoft Edge updates, or are new to Windows Autopatch, Autopatch Microsoft Edge updates remain turned off.
If you [created an Autopatch group](../manage/windows-autopatch-manage-autopatch-groups.md#create-an-autopatch-group) and selected Microsoft Edge updates as a content type, the **Update Type** checkbox is **selected**, with new policies created and any available old policies are removed. If you didn’t select Microsoft Edge updates as a content type upon creating an Autopatch group, the **Update Type** checkbox is **unselected**. Any available customized policies are retained and appear in the **Policies** tab.
@@ -43,11 +43,11 @@ If you [created an Autopatch group](../manage/windows-autopatch-manage-autopatch
1. Go to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
1. Navigate to **Tenant Administration** > **Windows Autopatch** > **Autopatch groups**.
-1. Select an Autopatch group to modify (repeat these steps for each group).
-1. Next to **Update types**, select **Edit**.
-1. Select **Microsoft Edge updates**.
+1. Select an Autopatch group to modify (repeat these steps for each group).
+1. Next to **Update types**, select **Edit**.
+1. Select **Microsoft Edge updates**.
1. Select **Next: Deployment settings** > **Next: Release schedules** > **Next: Review + save** > **Save** to save these changes.
-1. We recommend deleting old Autopatch default policies to avoid policy conflict. Navigate to **Devices** > **Manage devices** > **Configuration** > **Policies** tab.
+1. We recommend deleting old Autopatch default policies to avoid policy conflict. Navigate to **Devices** > **Manage devices** > **Configuration** > **Policies** tab.
1. Manually remove the following profiles related to Microsoft Edge
1. Windows Autopatch - Microsoft Edge Update Channel Beta
1. Windows Autopatch - Microsoft Edge Update Channel Stable
@@ -61,9 +61,9 @@ If you [created an Autopatch group](../manage/windows-autopatch-manage-autopatch
1. Go to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
1. Navigate to **Tenant Administration** > **Windows Autopatch** > **Autopatch groups**.
-1. Select an Autopatch group to modify (repeat these steps for each group).
+1. Select an Autopatch group to modify (repeat these steps for each group).
1. Next to **Update types**, select **Edit**.
-1. Unselect **Microsoft Edge updates**.
+1. Unselect **Microsoft Edge updates**.
1. Select **Next: Deployment settings** > **Next: Release schedules** > **Next: Review + save** > **Save** to save these changes.
### Verify Microsoft Edge updates policies
@@ -71,7 +71,7 @@ If you [created an Autopatch group](../manage/windows-autopatch-manage-autopatch
**To verify Microsoft Edge updates policies:**
1. Go to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
-1. Navigate to **Tenant Administration** > **Windows Autopatch** > **Autopatch groups**.
+1. Navigate to **Tenant Administration** > **Windows Autopatch** > **Autopatch groups**.
1. Verify each Autopatch group has the **Microsoft Edge Update Type** checkbox **selected**.
1. Navigate to **Devices** > **Manage devices** > **Configuration** > **Policies** tab.
1. The following new policies should be discoverable from the list of profiles:
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-exclude-device.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-exclude-device.md
index b8eb5ff8e1..46c32145e3 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-exclude-device.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-exclude-device.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- tier2
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-groups-policies.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-groups-policies.md
index 4646e51661..8f43772b96 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-groups-policies.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-groups-policies.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- highpri
@@ -33,12 +33,12 @@ Autopatch groups create one Windows 10 Update Ring policy for each deployment ri
## Feature update policy for Windows 10 and later
-If features updates are [selected as a content type for an Autopatch group](../manage/windows-autopatch-manage-autopatch-groups.md#create-an-autopatch-group), a feature update policy is created with the Microsoft Entra groups for each update ring assigned to it. This policy does the following:
+If features updates are [selected as a content type for an Autopatch group](../manage/windows-autopatch-manage-autopatch-groups.md#create-an-autopatch-group), a feature update policy is created with the Microsoft Entra groups for each update ring assigned to it. This policy does the following:
- Ensures existing devices on the target version don’t update beyond that version.
-- If new devices are added to the Autopatch group and are below your target version, the devices are updated to the target version.
+- If new devices are added to the Autopatch group and are below your target version, the devices are updated to the target version.
-To achieve this outcome, the feature update policy is configured for immediate start as required.
+To achieve this outcome, the feature update policy is configured for immediate start as required.
> [!IMPORTANT]
> To safely deploy a new feature update, Autopatch recommends using a custom Windows feature update release. The custom release allows you to choose how and when different deployment rings receive the update. Autopatch doesn't recommend updating the minimum version within an Autopatch group until your rollout is complete. Doing so initiates a rollout which starts immediately for all members of that group.Once you create a custom Windows feature update release, the Autopatch group's deployment rings are unassigned from that group’s feature update policy.
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-hotpatch-updates.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-hotpatch-updates.md
index 4669de9482..533b8e819a 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-hotpatch-updates.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-hotpatch-updates.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: adnich
ms.collection:
- highpri
@@ -68,11 +68,11 @@ You can also use the CSP DisableCHPE (available on Windows Insider Preview). For
> [!NOTE]
> There are no plans to support hotpatch updates on Arm64 devices with CHPE enabled. Disabling CHPE is required only for Arm64 devices. AMD and Intel CPUs don’t have CHPE.
-If you choose to no longer use Hotpatch updates, clear the CHPE disable flag (`HotPatchRestrictions=0`) then restart the device to turn on CHPE usage.
+If you choose to no longer use Hotpatch updates, clear the CHPE disable flag (`HotPatchRestrictions=0`) then restart the device to turn on CHPE usage.
## Ineligible devices
-Devices that don't meet one or more prerequisites automatically receive the Latest Cumulative Update (LCU) instead. Latest Cumulative Update (LCU) contains monthly updates that supersede the previous month's updates containing both security and nonsecurity releases.
+Devices that don't meet one or more prerequisites automatically receive the Latest Cumulative Update (LCU) instead. Latest Cumulative Update (LCU) contains monthly updates that supersede the previous month's updates containing both security and nonsecurity releases.
LCUs requires you to restart the device, but the LCU ensures that the device remains fully secure and compliant.
@@ -149,7 +149,7 @@ For the latest release schedule, see the [hotpatch release notes](https://suppor
### Step 3: Verify the device is properly configured to turn on hotpatch updates
-1. In Intune, review your configured policies within Autopatch to see which groups of devices are targeted with a hotpatch policy by going to the **Windows Update** > **Quality Updates** page.
+1. In Intune, review your configured policies within Autopatch to see which groups of devices are targeted with a hotpatch policy by going to the **Windows Update** > **Quality Updates** page.
1. Ensure the hotpatch update policy is set to **Allow**.
1. On the device, select **Start** > **Settings** > **Windows Update** > **Advanced options** > **Configured update policies** > find **Enable hotpatching when available**. This setting indicates that the device is enrolled in hotpatch updates as configured by Autopatch.
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-manage-autopatch-groups.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-manage-autopatch-groups.md
index c180c7bfa8..00072ac729 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-manage-autopatch-groups.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-manage-autopatch-groups.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-manage-driver-and-firmware-updates.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-manage-driver-and-firmware-updates.md
index 5fb0db6f49..a02e360545 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-manage-driver-and-firmware-updates.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-manage-driver-and-firmware-updates.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- highpri
@@ -31,7 +31,7 @@ You can manage and control your driver and firmware updates by:
The Autopatch service creates additional driver profiles on a per-deployment ring and per group basis within your tenant.
-Choosing between Automatic and Manual modes can be done per-deployment ring and/or per Autopatch group. For a single Autopatch group, a mix of both Automatic and Manual policies is allowed. If you were previously in Manual mode, we create Manual policies for all your group rings. If Automatic (the default) was previously used, we create Automatic policies instead.
+Choosing between Automatic and Manual modes can be done per-deployment ring and/or per Autopatch group. For a single Autopatch group, a mix of both Automatic and Manual policies is allowed. If you were previously in Manual mode, we create Manual policies for all your group rings. If Automatic (the default) was previously used, we create Automatic policies instead.
> [!IMPORTANT]
> If you switch between Automatic and Manual modes, new policies are generated to **replace old policies**. **You’ll lose any approvals, paused drivers, and declined drivers previously made for those groups and/or deployment rings**.
@@ -67,9 +67,9 @@ Choosing between Automatic and Manual modes can be done per-deployment ring and/
For deployment rings set to **Automatic**, you can choose the deferral period for driver and firmware updates. The deferral period is the number of days that you must wait to deploy after a driver becomes available. By default, these deferral values match the values you set for your Windows quality updates.
-The deferral period allows you to delay the installation of driver and firmware updates on the devices in the specified deployment ring in case you want to test the update on a smaller group of devices first or avoid potential disruptions during a busy period.
+The deferral period allows you to delay the installation of driver and firmware updates on the devices in the specified deployment ring in case you want to test the update on a smaller group of devices first or avoid potential disruptions during a busy period.
-The deferral period can be set from 0 to 30 days, and it can be different for each deployment ring.
+The deferral period can be set from 0 to 30 days, and it can be different for each deployment ring.
> [!NOTE]
> The deferral period only applies to automatically approved driver and firmware updates. An admin must specify the date to start offering a driver with any manual approval.
@@ -88,7 +88,7 @@ When an OEM releases a newer update version that qualifies to be the new recomme
1. Go to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431), navigate to **Devices** > **Manage updates** > **Windows updates** > **Driver updates**.
1. Select **Manage drivers for Autopatch groups** or select one of the **Drivers to review** links.
-1. Select the driver or drivers you’d like to manage.
+1. Select the driver or drivers you’d like to manage.
1. Select **Manage**. You can either:
1. Approve for all policies
2. Decline for all unreviewed policies
@@ -128,6 +128,6 @@ These updates can include:
1. Approve for all policies
2. Decline for all unreviewed policies
3. Manage for individual policies
-1. In the **Approve for all policies** dropdown, select the date to make the driver available through Windows Update.
+1. In the **Approve for all policies** dropdown, select the date to make the driver available through Windows Update.
1. In the **Manage for individual policies** dropdown, select the policies to approve or decline the driver.
1. Select **Save**.
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-microsoft-365-apps-enterprise.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-microsoft-365-apps-enterprise.md
index 820fd843d4..ab33051323 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-microsoft-365-apps-enterprise.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-microsoft-365-apps-enterprise.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: hathind
ms.collection:
- highpri
@@ -74,7 +74,7 @@ To ensure that users are receiving automatic updates, Windows Autopatch prevents
With the expanded Autopatch group capabilities, you can choose to turn on Microsoft 365 Apps updates on a per Autopatch group level. Depending on your tenant settings, one of the following scenarios occurs:
-- Tenants that previously turned on Autopatch Microsoft 365 Apps update, has the Microsoft 365 Apps updates Update Type checkbox selected and the updated policies applied to each Autopatch group.
+- Tenants that previously turned on Autopatch Microsoft 365 Apps update, has the Microsoft 365 Apps updates Update Type checkbox selected and the updated policies applied to each Autopatch group.
- Tenants that previously turned off Autopatch Microsoft 365 Apps updates, or are new to Windows Autopatch, Autopatch Microsoft 365 Apps updates remain turned off.
If you [created an Autopatch group](../manage/windows-autopatch-manage-autopatch-groups.md#create-an-autopatch-group) and selected Microsoft 365 apps updates as a content type, the **Update Type** checkbox is **selected**, with new policies created, and any available old policies are removed. If you didn’t select Microsoft 365 apps updates as a content type upon creating an Autopatch group, the **Update Type** checkbox is **unselected**. Any available customized policies are retained and appear in the **Policies** tab.
@@ -85,11 +85,11 @@ If you [created an Autopatch group](../manage/windows-autopatch-manage-autopatch
1. Go to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
1. Navigate to **Tenant Administration** > **Windows Autopatch** > **Autopatch groups**.
-1. Select an Autopatch group to modify (repeat these steps for each group).
-1. Next to **Update types**, select **Edit**.
-1. Select **Microsoft 365 Apps updates**.
+1. Select an Autopatch group to modify (repeat these steps for each group).
+1. Next to **Update types**, select **Edit**.
+1. Select **Microsoft 365 Apps updates**.
1. Select **Next: Deployment settings** > **Next: Release schedules** > **Next: Review + save** > **Save** to save these changes.
-1. We recommend deleting old Autopatch default policies to avoid policy conflict. Navigate to **Devices** > **Manage devices** > **Configuration** > **Policies** tab.
+1. We recommend deleting old Autopatch default policies to avoid policy conflict. Navigate to **Devices** > **Manage devices** > **Configuration** > **Policies** tab.
1. Manually remove the following profiles related to Microsoft 365 Apps:
1. Windows Autopatch - Office Configuration
2. Windows Autopatch - Office Update Configuration [Test]
@@ -98,7 +98,7 @@ If you [created an Autopatch group](../manage/windows-autopatch-manage-autopatch
5. Windows Autopatch - Office Update Configuration [Broad]
> [!NOTE]
-> If you previously selected **Microsoft 365 Apps updates** when [creating an Autopatch group](../manage/windows-autopatch-manage-autopatch-groups.md#create-an-autopatch-group), but your tenant isn't showing the new updates, there’s a possibility that you previously modified the policy. To ensure there are no disruptions, the Autopatch Service retains that policy.
+> If you previously selected **Microsoft 365 Apps updates** when [creating an Autopatch group](../manage/windows-autopatch-manage-autopatch-groups.md#create-an-autopatch-group), but your tenant isn't showing the new updates, there’s a possibility that you previously modified the policy. To ensure there are no disruptions, the Autopatch Service retains that policy.
### Turn off Microsoft 365 Apps updates
@@ -106,9 +106,9 @@ If you [created an Autopatch group](../manage/windows-autopatch-manage-autopatch
1. Go to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
1. Navigate to **Tenant Administration** > **Windows Autopatch** > **Autopatch groups**.
-1. Select an Autopatch group to modify (repeat these steps for each group).
+1. Select an Autopatch group to modify (repeat these steps for each group).
1. Next to **Update types**, select **Edit**.
-1. Unselect **Microsoft 365 Apps updates**.
+1. Unselect **Microsoft 365 Apps updates**.
1. Select **Next: Deployment settings** > **Next: Release schedules** > **Next: Review + save** > **Save** to save these changes.
### Verify Microsoft 365 Apps updates policies
@@ -116,7 +116,7 @@ If you [created an Autopatch group](../manage/windows-autopatch-manage-autopatch
**To verify Microsoft 365 Apps updates policies:**
1. Go to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
-1. Navigate to **Tenant Administration** > **Windows Autopatch** > **Autopatch groups**.
+1. Navigate to **Tenant Administration** > **Windows Autopatch** > **Autopatch groups**.
1. Verify each Autopatch group has the **Microsoft 365 Apps Update Type** checkbox **selected**.
1. Navigate to **Devices** > **Manage devices** > **Configuration** > **Policies** tab.
1. The following new policies should be discoverable from the list of profiles:
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-microsoft-365-policies.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-microsoft-365-policies.md
index 905c086332..ed10600ca1 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-microsoft-365-policies.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-microsoft-365-policies.md
@@ -8,7 +8,7 @@ ms.topic: concept-article
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: hathind
ms.collection:
- tier2
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-release-schedule.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-release-schedule.md
index 398823cff1..46dfc1f7a5 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-release-schedule.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-release-schedule.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-support-request.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-support-request.md
index e0eacd5946..25399d3692 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-support-request.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-support-request.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: hathind
ms.collection:
- highpri
@@ -30,7 +30,7 @@ Support requests are triaged and responded to as they're received.
1. In the **Help** section, enter your questions and/or a description of the issue.
1. Review the links that are provided to try to help with the issue.
1. If the answers that were given don't help you resolve the issue, select **Contact support** at the bottom of the page.
-1. Follow the instructions to file a support request with Windows Autopatch. Make sure you provide the correct primary contact information for this specific support ticket.
+1. Follow the instructions to file a support request with Windows Autopatch. Make sure you provide the correct primary contact information for this specific support ticket.
1. When you're ready, select **Contact me**.
## Premier and Unified support options
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-teams.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-teams.md
index 90b420fa4a..1f45b4cd66 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-teams.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-teams.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: hathind
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-troubleshoot-programmatic-controls.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-troubleshoot-programmatic-controls.md
index 169146d992..ea2ae965aa 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-troubleshoot-programmatic-controls.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-troubleshoot-programmatic-controls.md
@@ -7,11 +7,11 @@ ms.subservice: autopatch
ms.topic: troubleshooting
ms.author: tiaraquan
author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.collection:
- tier1
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 03/31/2025
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-update-rings.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-update-rings.md
index 64e0d1e9f7..32c3aa63d8 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-update-rings.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-update-rings.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-overview.md
index a228676afb..ae36283b57 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-overview.md
@@ -8,7 +8,7 @@ ms.topic: overview
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-programmatic-controls.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-programmatic-controls.md
index f2c2a7eba4..ac081febb5 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-programmatic-controls.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-programmatic-controls.md
@@ -1,17 +1,17 @@
---
-title: Programmatic controls for feature updates
+title: Programmatic controls for feature updates
titleSuffix: Windows Autopatch
-description: Use programmatic controls to deploy feature updates to devices in your organization.
+description: Use programmatic controls to deploy feature updates to devices in your organization.
ms.service: windows-client
ms.subservice: autopatch
ms.topic: how-to
ms.author: tiaraquan
author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.collection:
- tier1
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 03/31/2025
@@ -101,7 +101,7 @@ The following truncated response displays a **Catalog ID** of `d9049ddb-0ca8-4b
## Create a deployment
-When creating a deployment for a feature update, there are multiple options available to define how the deployment behaves. The deployment and monitoring settings are optional. The following [deployment settings](/graph/api/resources/windowsupdates-deploymentsettings) are defined in the example request body for deploying the Windows 11, version 22H2 feature update (**Catalog ID** of `d9049ddb-0ca8-4bc1-bd3c-41a456ef300f`):
+When creating a deployment for a feature update, there are multiple options available to define how the deployment behaves. The deployment and monitoring settings are optional. The following [deployment settings](/graph/api/resources/windowsupdates-deploymentsettings) are defined in the example request body for deploying the Windows 11, version 22H2 feature update (**Catalog ID** of `d9049ddb-0ca8-4bc1-bd3c-41a456ef300f`):
- Deployment [start date](/graph/api/resources/windowsupdates-schedulesettings) of February 14, 2023 at 5 AM UTC
- [Gradual rollout](/graph/api/resources/windowsupdates-gradualrolloutsettings) at a rate of 100 devices every three days
@@ -207,7 +207,7 @@ The response body contains:
To [update deployment](/graph/api/windowsupdates-deployment-update), PATCH the deployment resource by its **Deployment ID** and supply the updated settings in the request body. The following example keeps the existing gradual rollout settings that were defined when creating the deployment but changes the deployment start date to February 28, 2023 at 5 AM UTC:
-```msgraph-interactive
+```msgraph-interactive
PATCH https://graph.microsoft.com/beta/admin/windows/updates/deployments/de910e12-3456-7890-abcd-ef1234567890
content-type: application/json
@@ -235,7 +235,7 @@ GET https://graph.microsoft.com/beta/admin/windows/updates/deployments/de910e12-
## Add members to the deployment audience
-The **Audience ID**, `d39ad1ce-0123-4567-89ab-cdef01234567`, was created when the deployment was created. The **Audience ID** is used to add members to the deployment audience. After the deployment audience is updated, Windows Update starts offering the update to the devices according to the deployment settings. As long as the deployment exists and the device is in the audience, the update is offered.
+The **Audience ID**, `d39ad1ce-0123-4567-89ab-cdef01234567`, was created when the deployment was created. The **Audience ID** is used to add members to the deployment audience. After the deployment audience is updated, Windows Update starts offering the update to the devices according to the deployment settings. As long as the deployment exists and the device is in the audience, the update is offered.
The following example adds three devices to the deployment audience using the **Microsoft Entra ID** for each device:
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-end-user-exp.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-end-user-exp.md
index 2bd9cc5d2a..fa9975bbe2 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-end-user-exp.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-end-user-exp.md
@@ -8,7 +8,7 @@ ms.topic: article
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: adnich
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-overview.md
index cf8bd182c2..71fb519196 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-overview.md
@@ -8,7 +8,7 @@ ms.topic: article
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-programmatic-controls.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-programmatic-controls.md
index 721d6a1169..1a3601e895 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-programmatic-controls.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-programmatic-controls.md
@@ -1,17 +1,17 @@
---
title: Programmatic controls for expedited Windows quality updates
titleSuffix: Windows Autopatch
-description: Use programmatic controls to deploy expedited Windows quality updates to devices in your organization.
+description: Use programmatic controls to deploy expedited Windows quality updates to devices in your organization.
ms.service: windows-client
ms.subservice: autopatch
ms.topic: how-to
ms.author: tiaraquan
author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.collection:
- tier1
ms.localizationpriority: medium
-appliesto:
+appliesto:
- ✅ Windows 11
- ✅ Windows 10
ms.date: 03/31/2025
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-update-policies.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-update-policies.md
index 65aded1caa..77d49bb638 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-update-policies.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-update-policies.md
@@ -8,7 +8,7 @@ ms.topic: concept-article
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: adnich
ms.collection:
- tier2
diff --git a/windows/deployment/windows-autopatch/monitor/windows-autopatch-device-alerts.md b/windows/deployment/windows-autopatch/monitor/windows-autopatch-device-alerts.md
index 67ddbea0cc..4717245285 100644
--- a/windows/deployment/windows-autopatch/monitor/windows-autopatch-device-alerts.md
+++ b/windows/deployment/windows-autopatch/monitor/windows-autopatch-device-alerts.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: adnich
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/monitor/windows-autopatch-hotpatch-quality-update-report.md b/windows/deployment/windows-autopatch/monitor/windows-autopatch-hotpatch-quality-update-report.md
index fa37013aee..fc059e1628 100644
--- a/windows/deployment/windows-autopatch/monitor/windows-autopatch-hotpatch-quality-update-report.md
+++ b/windows/deployment/windows-autopatch/monitor/windows-autopatch-hotpatch-quality-update-report.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: adnich
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/monitor/windows-autopatch-maintain-environment.md b/windows/deployment/windows-autopatch/monitor/windows-autopatch-maintain-environment.md
index aacf1432f3..3b897a5d7e 100644
--- a/windows/deployment/windows-autopatch/monitor/windows-autopatch-maintain-environment.md
+++ b/windows/deployment/windows-autopatch/monitor/windows-autopatch-maintain-environment.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: smithcharles
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/monitor/windows-autopatch-policy-health-and-remediation.md b/windows/deployment/windows-autopatch/monitor/windows-autopatch-policy-health-and-remediation.md
index d30db0518d..f3c04346b1 100644
--- a/windows/deployment/windows-autopatch/monitor/windows-autopatch-policy-health-and-remediation.md
+++ b/windows/deployment/windows-autopatch/monitor/windows-autopatch-policy-health-and-remediation.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: rekhanr
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/monitor/windows-autopatch-resolve-policy-conflicts.md b/windows/deployment/windows-autopatch/monitor/windows-autopatch-resolve-policy-conflicts.md
index 6b5547677d..84ce500a5d 100644
--- a/windows/deployment/windows-autopatch/monitor/windows-autopatch-resolve-policy-conflicts.md
+++ b/windows/deployment/windows-autopatch/monitor/windows-autopatch-resolve-policy-conflicts.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: hathind
ms.collection:
- highpri
@@ -37,20 +37,20 @@ With this feature, IT admins can view:
Alerts are raised when devices report policy conflicts. Autopatch policies are assigned to Autopatch groups. Devices that are members of Autopatch groups are expected to receive only Windows Autopatch policies.
-Once you resolve the conflict, it can take effect on the device at the next Intune sync. This view is refreshed every 24 hours. It can take up to 72 hours after the conflict is resolved for the view to be updated.
+Once you resolve the conflict, it can take effect on the device at the next Intune sync. This view is refreshed every 24 hours. It can take up to 72 hours after the conflict is resolved for the view to be updated.
> [!NOTE]
> This view only includes policy conflicts between Microsoft Intune policies. This view doesn't include policy issues caused by other configurations, for example, group policy settings, registry settings that are changed by scripts and prevent Windows Autopatch from deploying updates.When Windows Autopatch detects Intune based policies are missing or modified, this information is displayed with detailed recommended actions, and described in [Policy health and remediation](../monitor/windows-autopatch-policy-health-and-remediation.md).
To ensure devices remain healthy and not affected by group policies, see [Post-device registration readiness checks](../deploy/windows-autopatch-post-reg-readiness-checks.md#details-about-the-post-device-registration-readiness-checks).
## Policy conflict view
-This view includes the list of Windows Autopatch policies ([Expected policies](#policy-conflict-view-alert-details)) that are assigned to various Windows Autopatch groups that include devices. When the Expected policy can't be successfully assigned to one or more devices, because of an equivalent setting in another Intune policy targeting the device, the conflict is detected, and reported as a [Conflicting policy](#policy-conflict-view-alert-details).
+This view includes the list of Windows Autopatch policies ([Expected policies](#policy-conflict-view-alert-details)) that are assigned to various Windows Autopatch groups that include devices. When the Expected policy can't be successfully assigned to one or more devices, because of an equivalent setting in another Intune policy targeting the device, the conflict is detected, and reported as a [Conflicting policy](#policy-conflict-view-alert-details).
-If the Expected policy conflicts with multiple Intune policies, each conflict is displayed in different lines in the Policy conflict view.
+If the Expected policy conflicts with multiple Intune policies, each conflict is displayed in different lines in the Policy conflict view.
**To view all policies conflicting with the Expected policies:**
-1. Go to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+1. Go to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
2. Navigate to **Devices** > **Managed updates** > **Windows Updates** > **Monitor** > **Policy health**.
3. In the **Policy conflicts** tab, the list of expected policies and conflicting policies is displayed.
4. Select **View alert** and review the details of the **Recommended action** and alert details.
@@ -70,7 +70,7 @@ All alerts displayed in this flyout include the following details. You must revi
## Affected devices view
-This view includes the list of devices with policy conflicts with the [Expected policy](#policy-conflict-view-alert-details). It's possible for devices to have multiple conflicting policies, due to their membership in various groups.
+This view includes the list of devices with policy conflicts with the [Expected policy](#policy-conflict-view-alert-details). It's possible for devices to have multiple conflicting policies, due to their membership in various groups.
You can navigate to this view from the Affected devices column link in the [Policy conflicts view](#policy-conflict-view), or directly from Policy health blade. This page displays a filtered device list, when navigating from the Policy conflicts view. Affected devices only include devices that have a successful Intune sync status in the last 28 days.
diff --git a/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-feature-update-status-report.md b/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-feature-update-status-report.md
index f99254cf03..02cde19481 100644
--- a/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-feature-update-status-report.md
+++ b/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-feature-update-status-report.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-feature-update-summary-dashboard.md b/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-feature-update-summary-dashboard.md
index cd3667a8a2..bf5478ec2f 100644
--- a/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-feature-update-summary-dashboard.md
+++ b/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-feature-update-summary-dashboard.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-feature-update-trending-report.md b/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-feature-update-trending-report.md
index 674f5de9cc..838f68b2b2 100644
--- a/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-feature-update-trending-report.md
+++ b/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-feature-update-trending-report.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-and-feature-update-reports-overview.md b/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-and-feature-update-reports-overview.md
index 6640e631b5..1bcf9e530a 100644
--- a/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-and-feature-update-reports-overview.md
+++ b/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-and-feature-update-reports-overview.md
@@ -8,7 +8,7 @@ ms.topic: overview
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: adnich
ms.collection:
- highpri
@@ -26,7 +26,7 @@ Windows Autopatch requires, and uses Windows diagnostic data to display device u
This data collection configuration method using Windows diagnostic data in Intune is shared across Autopatch reports. To support Autopatch reporting, you must configure the [Enable Windows diagnostic data collection settings](/windows/privacy/configure-windows-diagnostic-data-in-your-organization#diagnostic-data-settings) from devices at the **Required** or higher level.
-### Permissions and scope to view reports
+### Permissions and scope to view reports
To view Windows Update reports, you must be assigned an Intune role with the **Device Configuration** > **View reports** permission. This permission is included in the following built-in roles:
diff --git a/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-update-status-report.md b/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-update-status-report.md
index e310b53f31..cc03f4230d 100644
--- a/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-update-status-report.md
+++ b/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-update-status-report.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: adnich
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-update-summary-dashboard.md b/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-update-summary-dashboard.md
index 0d0528d557..1c300459fb 100644
--- a/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-update-summary-dashboard.md
+++ b/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-update-summary-dashboard.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: adnich
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-update-trending-report.md b/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-update-trending-report.md
index 7ac39cf891..8dbd49f9b0 100644
--- a/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-update-trending-report.md
+++ b/windows/deployment/windows-autopatch/monitor/windows-autopatch-windows-quality-update-trending-report.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: adnich
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml b/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
index b23c1587ec..0864fdc6ac 100644
--- a/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
+++ b/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
@@ -7,7 +7,7 @@ metadata:
ms.date: 04/21/2025
audience: itpro
ms.localizationpriority: medium
- manager: aaroncz
+ manager: bpardi
author: tiaraquan
ms.author: tiaraquan
ms.reviwer: hathind
@@ -16,19 +16,19 @@ title: Frequently Asked Questions about Windows Autopatch
summary: This article answers frequently asked questions about Windows Autopatch.
sections:
- name: General
- questions:
+ questions:
- question: Is Windows 365 for Enterprise supported with Windows Autopatch?
answer: |
Windows Autopatch supports Windows 365 for Enterprise. Windows 365 for Business isn't supported.
- question: Will Windows Autopatch support local domain join Windows 10?
answer: |
- Windows Autopatch doesn't support local (on-premises) domain join. Windows Autopatch supports [Microsoft Hybrid Entra join](/entra/identity/devices/concept-hybrid-join) or [Microsoft Entra join](/entra/identity/devices/concept-directory-join).
+ Windows Autopatch doesn't support local (on-premises) domain join. Windows Autopatch supports [Microsoft Hybrid Entra join](/entra/identity/devices/concept-hybrid-join) or [Microsoft Entra join](/entra/identity/devices/concept-directory-join).
- question: Will Windows Autopatch be available for state and local government customers?
answer: |
Windows Autopatch isn't currently supported for government cloud (GCC) customers. Although Windows 365 Enterprise is in the Azure Commercial cloud, when Windows 365 Enterprise is used with a GCC customer tenant, Autopatch is not supported.
- question: How do I access Windows Autopatch?
- answer: |
- You can access Windows Autopatch through Intune. For more information, see [Start using Windows Autopatch](../prepare/windows-autopatch-start-using-autopatch.md#use-microsoft-intune-for-windows-autopatch) and [Prerequisites](../prepare/windows-autopatch-prerequisites.md) to ensure you meet the licensing requirements.
+ answer: |
+ You can access Windows Autopatch through Intune. For more information, see [Start using Windows Autopatch](../prepare/windows-autopatch-start-using-autopatch.md#use-microsoft-intune-for-windows-autopatch) and [Prerequisites](../prepare/windows-autopatch-prerequisites.md) to ensure you meet the licensing requirements.
- name: Requirements
questions:
- question: What are the licensing requirements for Windows Autopatch?
@@ -55,8 +55,8 @@ sections:
answer: |
No, Windows Autopatch doesn't require any specific hardware. However, general hardware requirements for updates are still applicable. For example, to deliver Windows 11 to your Autopatch devices they must meet [specific hardware requirements](/windows/whats-new/windows-11-requirements). Windows devices must be supported by your hardware OEM.
- name: Device registration
- questions:
- - question: Who can register devices into Windows Autopatch?
+ questions:
+ - question: Who can register devices into Windows Autopatch?
answer: |
If you have Business Premium, A3+, E3+ and F3 licenses, you can register devices into Windows Autopatch. For more information, see [Features and capabilities](../overview/windows-autopatch-overview.md#features-and-capabilities).
- question: Does Autopatch on Windows 365 Cloud PCs have any feature difference from a physical device?
@@ -77,7 +77,7 @@ sections:
- name: Manage updates
questions:
- question: Who can manage updates with Windows Autopatch?
- answer: |
+ answer: |
Business Premium, A3+, E3+ and F3 licenses can manage updates with Windows Autopatch. For more information, see [Features and capabilities](../overview/windows-autopatch-overview.md#features-and-capabilities).
- question: What systems does Windows Autopatch update?
answer: |
@@ -100,12 +100,12 @@ sections:
- question: What is the expected behavior for turning on the Feature Update option for Autopatch groups?
answer: |
Starting in April 2025, default policies aren't created for new Autopatch customers. Existing customers will continue to receive support until Windows 10 reaches its End-of-Service (EOS). However, these policies won't transition to Windows 11.
-
+
If you created an Autopatch group before April 2025:
- The Feature Update option is unselected by default.
- Selecting the Feature Update option creates a feature update policy for the newly created Autopatch group. This doesn't affect the Global DSS policy.
- The Feature Update option doesn't affect existing releases created before April 2025; these releases remain unchanged
-
+
If you created an Autopatch group after April 2025:
- Selecting the Feature Update option creates a feature update policy and assigns it to all its deployment rings.
- Global DSS policy isn't affected.
@@ -122,7 +122,7 @@ sections:
Yes, hotpatch updates are available for Arm64 devices. For more information, see [Arm 64 devices must disable compiled hybrid PE usage (CHPE) (Arm 64 CPU Only)](../manage/windows-autopatch-hotpatch-updates.md#arm-64-devices-must-disable-compiled-hybrid-pe-usage-chpe-arm-64-cpu-only)).
- question: What is the default hotpatch behavior on Windows Home or Pro devices?
answer: |
- Hotpatch updates aren't available to Home or Pro devices. Hotpatching requires domain admin or group policy. It's available only via Windows Autopatch update policy, which includes Windows 365 Enterprise, E3/E5, F3 and A3/A5 licenses.
+ Hotpatch updates aren't available to Home or Pro devices. Hotpatching requires domain admin or group policy. It's available only via Windows Autopatch update policy, which includes Windows 365 Enterprise, E3/E5, F3 and A3/A5 licenses.
- question: How do I enroll devices to receive hotpatch updates?
answer: |
For more information, see [Enroll devices to receive hotpatch updates](../manage/windows-autopatch-hotpatch-updates.md#enroll-devices-to-receive-hotpatch-updates).
@@ -137,13 +137,13 @@ sections:
Devices receiving the hotpatch update have a different KB number tracking the release and a different OS version than devices receiving the standard update that requires a restart. The monthly KB release articles indicate if the KB installed is hotpatch capable and the corresponding OS version. The following Windows Update message appears “Great news! The latest security update was installed without a restart.”
- question: What if I restart a device after receiving a hotpatch update?
answer: |
- The device stays on the hotpatch update KB/OS version after a restart. It won't receive any new features as part of the regular servicing track until the next quarterly cumulative baseline update.
+ The device stays on the hotpatch update KB/OS version after a restart. It won't receive any new features as part of the regular servicing track until the next quarterly cumulative baseline update.
- question: Do hotpatch updates only update common system binaries loaded in third-party processes or only Microsoft processes?
answer: |
- Hotpatch updates aren't limited to Microsoft processes. Hotpatch updates are only created for OS binaries. Any process loading OS binaries that have hotpatch updates installed are updated before the application or operating system uses the binaries. This includes common system dynamic link libraries (DLLs) like ntdll.dll.
+ Hotpatch updates aren't limited to Microsoft processes. Hotpatch updates are only created for OS binaries. Any process loading OS binaries that have hotpatch updates installed are updated before the application or operating system uses the binaries. This includes common system dynamic link libraries (DLLs) like ntdll.dll.
- question: How can I find out if a hotpatch update was applied to the specific DLL?
- answer: |
- You can see the hotpatch modules in the memory dump. Symbols for hotpatched DLLs depend on the function that receives the update. Some code that is hotpatch-updated could be public (symbols), while other functions could be private (no symbols).
+ answer: |
+ You can see the hotpatch modules in the memory dump. Symbols for hotpatched DLLs depend on the function that receives the update. Some code that is hotpatch-updated could be public (symbols), while other functions could be private (no symbols).
- question: Are there kernel-mode hotpatch updates?
answer: |
Yes, there are kernel-mode hotpatch updates.
@@ -155,7 +155,7 @@ sections:
Yes, you can. You can manually download the standard Windows monthly update from the Microsoft Update Catalog. In this case, the device stops receiving hotpatch updates and receives standard Windows updates until the month after the next baseline update. Since the device is still enrolled in hotpatching, the device automatically rejoins the hotpatch cadence of updates after the update is released on the baseline month.
- question: How do hotpatch update events show up in audit logs?
answer: |
- Process explorer shows it loaded in memory OS ``_hotpatch`` loaded in memory. The hotpatch update KB includes a link to the CSV file listing the update payload.
+ Process explorer shows it loaded in memory OS ``_hotpatch`` loaded in memory. The hotpatch update KB includes a link to the CSV file listing the update payload.
- question: Can I get security alerts through Event Tracing for Windows (ETW) about hotpatch updates?
answer: |
Hotpatch events are captured in the audit log. Search for “hotpatch” in the audit log to find related errors if any were captured.
diff --git a/windows/deployment/windows-autopatch/overview/windows-autopatch-overview.md b/windows/deployment/windows-autopatch/overview/windows-autopatch-overview.md
index 8413a5f6bc..d2676895dd 100644
--- a/windows/deployment/windows-autopatch/overview/windows-autopatch-overview.md
+++ b/windows/deployment/windows-autopatch/overview/windows-autopatch-overview.md
@@ -8,7 +8,7 @@ ms.topic: overview
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.collection:
- highpri
- tier1
diff --git a/windows/deployment/windows-autopatch/overview/windows-autopatch-privacy.md b/windows/deployment/windows-autopatch/overview/windows-autopatch-privacy.md
index 7a2f526a80..0042d35d3f 100644
--- a/windows/deployment/windows-autopatch/overview/windows-autopatch-privacy.md
+++ b/windows/deployment/windows-autopatch/overview/windows-autopatch-privacy.md
@@ -8,7 +8,7 @@ ms.topic: concept-article
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: hathind
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/prepare/windows-autopatch-configure-network.md b/windows/deployment/windows-autopatch/prepare/windows-autopatch-configure-network.md
index f1b9194cc1..c3ad416595 100644
--- a/windows/deployment/windows-autopatch/prepare/windows-autopatch-configure-network.md
+++ b/windows/deployment/windows-autopatch/prepare/windows-autopatch-configure-network.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: hathind
ms.collection:
- tier2
diff --git a/windows/deployment/windows-autopatch/prepare/windows-autopatch-prerequisites.md b/windows/deployment/windows-autopatch/prepare/windows-autopatch-prerequisites.md
index 5c37ee4ebe..83af9ee276 100644
--- a/windows/deployment/windows-autopatch/prepare/windows-autopatch-prerequisites.md
+++ b/windows/deployment/windows-autopatch/prepare/windows-autopatch-prerequisites.md
@@ -8,7 +8,7 @@ ms.topic: concept-article
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: hathind
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/prepare/windows-autopatch-role-based-access-control.md b/windows/deployment/windows-autopatch/prepare/windows-autopatch-role-based-access-control.md
index ea13e0ebf9..c1954e0537 100644
--- a/windows/deployment/windows-autopatch/prepare/windows-autopatch-role-based-access-control.md
+++ b/windows/deployment/windows-autopatch/prepare/windows-autopatch-role-based-access-control.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: andredm7
ms.collection:
- highpri
@@ -26,13 +26,13 @@ Windows Autopatch enables role-based access control to use the least privileged
> [!IMPORTANT]
> To successfully manage Windows Autopatch as a lower privilege role, the user must have both Autopatch Admin permissions and Policy and Profile admin permissions.
-The permissions defined in Windows Autopatch administrator or Windows Autopatch reader roles are used to manage Autopatch groups, support requests, Autopatch messages, and Autopatch reports.
+The permissions defined in Windows Autopatch administrator or Windows Autopatch reader roles are used to manage Autopatch groups, support requests, Autopatch messages, and Autopatch reports.
To manage update policies and Windows Update reports, Device Configuration permission is **required**. This permission is available in built-in roles such as the Policy and Profile Manager roles.
### Policy and Profile Manager roles
-Policy and Profile Manager roles include device configuration permissions for managing Intune policies including the following Update policies:
+Policy and Profile Manager roles include device configuration permissions for managing Intune policies including the following Update policies:
- Update rings
- Quality updates
@@ -85,7 +85,7 @@ The following Microsoft Entra roles can access Windows Autopatch features via th
You can create two custom roles that include permissions required for a specific job role.
-To achieve all-up update management, make sure that the groups assigned to the Autopatch custom role are also a member of the [Policy & Profile Manager role](#policy-and-profile-manager-roles) or a custom role with equivalent permissions.
+To achieve all-up update management, make sure that the groups assigned to the Autopatch custom role are also a member of the [Policy & Profile Manager role](#policy-and-profile-manager-roles) or a custom role with equivalent permissions.
Navigate to **Tenant Administration** > **Roles** > **Create Custom role** > **Windows Autopatch** to create a custom role.
@@ -109,18 +109,18 @@ Navigate to **Tenant Administration** > **Roles** > **Create Custom role** > **W
### Scopes
-Windows Autopatch supports Intune scope tags and scoped groups to be used for distributed update management. Use Microsoft Intune to create and manage scope tags.
+Windows Autopatch supports Intune scope tags and scoped groups to be used for distributed update management. Use Microsoft Intune to create and manage scope tags.
- Windows Autopatch supports Intune scope for Autopatch groups, Autopatch role assignments, update policies, and reports.
-- Autopatch messages, support, and Admin contacts don't support scopes.
-- Autopatch groups created by scoped admins are assigned to the same scope tags as the user.
+- Autopatch messages, support, and Admin contacts don't support scopes.
+- Autopatch groups created by scoped admins are assigned to the same scope tags as the user.
- Only scoped admins, with the same scope tags assigned to them, can edit and manage Autopatch groups.
-- When you create Autopatch groups and assign scope tags, the update policies created inherit the same scope tags.
+- When you create Autopatch groups and assign scope tags, the update policies created inherit the same scope tags.
- The devices assigned to Autopatch groups don't inherit the Autopatch group scope tags. Use Intune to assign scope tag to devices.
## Permissions for Autopatch groups
-Autopatch groups create Microsoft Entra groups and update policies and assign the policies to the group as part of its workflow. To successfully complete the workflow, both permissions are **required**. The option to create Autopatch groups is only available when the user has both the permissions enabled.
+Autopatch groups create Microsoft Entra groups and update policies and assign the policies to the group as part of its workflow. To successfully complete the workflow, both permissions are **required**. The option to create Autopatch groups is only available when the user has both the permissions enabled.
1. Device Configuration, **all** permissions
2. Windows Autopatch group, **all** permissions
@@ -163,8 +163,8 @@ The following table explains the high-level workflow:
1. In the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431), navigate to **Tenant Administration** > **Autopatch groups** > **select a group**. All rings and policies of the Autopatch group have the same scope.
1. In the **Add group to ring** option, select the Microsoft Entra groups to be assigned to the Autopatch group. Only groups with scope objects are available for selection.
1. Navigate to **Properties** > **Scope (Tags)** > **Edit** > **Select scope tags** > select the tags that you want to add to the profile. You can assign a **maximum of 100 scope tags** to an object.
- 1. The **Scope Group** section is displayed when the service detects Autopatch groups that are created before role-based access controls. This indicates that a Microsoft Entra group is created, which can be added as a Scoped Group. A scoped admin can manage this Autopatch group if included in their scope.
- 2. Follow the steps in the [Scoped admins and Autopatch group workflow](#scoped-admins-and-autopatch-group-workflow) section to assign scoped groups.
+ 1. The **Scope Group** section is displayed when the service detects Autopatch groups that are created before role-based access controls. This indicates that a Microsoft Entra group is created, which can be added as a Scoped Group. A scoped admin can manage this Autopatch group if included in their scope.
+ 2. Follow the steps in the [Scoped admins and Autopatch group workflow](#scoped-admins-and-autopatch-group-workflow) section to assign scoped groups.
1. Select **Review + save**.
## Known issues
diff --git a/windows/deployment/windows-autopatch/prepare/windows-autopatch-start-using-autopatch.md b/windows/deployment/windows-autopatch/prepare/windows-autopatch-start-using-autopatch.md
index 78381a1502..bddd8a49f6 100644
--- a/windows/deployment/windows-autopatch/prepare/windows-autopatch-start-using-autopatch.md
+++ b/windows/deployment/windows-autopatch/prepare/windows-autopatch-start-using-autopatch.md
@@ -8,7 +8,7 @@ ms.topic: how-to
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: hathind
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/references/windows-autopatch-conflicting-configurations.md b/windows/deployment/windows-autopatch/references/windows-autopatch-conflicting-configurations.md
index 176db43f98..28b73303b8 100644
--- a/windows/deployment/windows-autopatch/references/windows-autopatch-conflicting-configurations.md
+++ b/windows/deployment/windows-autopatch/references/windows-autopatch-conflicting-configurations.md
@@ -8,7 +8,7 @@ ms.topic: concept-article
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: adnich
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/references/windows-autopatch-driver-and-firmware-updates-public-preview-addendum.md b/windows/deployment/windows-autopatch/references/windows-autopatch-driver-and-firmware-updates-public-preview-addendum.md
index d18412ab3c..b3c834dda4 100644
--- a/windows/deployment/windows-autopatch/references/windows-autopatch-driver-and-firmware-updates-public-preview-addendum.md
+++ b/windows/deployment/windows-autopatch/references/windows-autopatch-driver-and-firmware-updates-public-preview-addendum.md
@@ -8,7 +8,7 @@ ms.topic: legal
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
msreviewer: hathind
---
diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md
index fbf6ff1953..3fa0801a4f 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md
@@ -8,7 +8,7 @@ ms.topic: whats-new
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: hathind
---
diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
index 7a603bbfc4..864befa507 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
@@ -8,7 +8,7 @@ ms.topic: whats-new
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: hathind
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2024.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2024.md
index 1133d289ab..14a5cb4361 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2024.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2024.md
@@ -8,7 +8,7 @@ ms.topic: whats-new
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: hathind
ms.collection:
- highpri
diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2025.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2025.md
index 2e4db95468..8c95c4a13f 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2025.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2025.md
@@ -8,7 +8,7 @@ ms.topic: whats-new
ms.localizationpriority: medium
author: tiaraquan
ms.author: tiaraquan
-manager: aaroncz
+manager: bpardi
ms.reviewer: hathind
ms.collection:
- highpri
diff --git a/windows/deployment/windows-deployment-scenarios-and-tools.md b/windows/deployment/windows-deployment-scenarios-and-tools.md
index 22734dbc08..3ab4371a1e 100644
--- a/windows/deployment/windows-deployment-scenarios-and-tools.md
+++ b/windows/deployment/windows-deployment-scenarios-and-tools.md
@@ -1,7 +1,7 @@
---
title: Windows deployment scenarios and tools
description: Learn about the tools that can be used to deploy Windows and related applications to your organization. Explore deployment scenarios.
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
author: frankroj
ms.service: windows-client
@@ -87,7 +87,7 @@ By default USMT migrates many settings, most of which are related to the user pr
- The following specific file types:
`.accdb`, `.ch3`, `.csv`, `.dif`, `.doc*`, `.dot*`, `.dqy`, `.iqy`, `.mcw`, `.mdb*`, `.mpp`, `.one*`, `.oqy`, `.or6`, `.pot*`, `.ppa`, `.pps*`, `.ppt*`, `.pre`, `.pst`, `.pub`, `.qdf`, `.qel`, `.qph`, `.qsd`, `.rqy`, `.rtf`, `.scd`, `.sh3`, `.slk`, `.txt`, `.vl*`, `.vsd`, `.wk*`, `.wpd`, `.wps`, `.wq1`, `.wri`, `.xl*`, `.xla`, `.xlb`, `.xls*`
-
+
> [!NOTE]
>
> - The asterisk (`*`) stands for zero or more characters.
diff --git a/windows/deployment/windows-deployment-scenarios.md b/windows/deployment/windows-deployment-scenarios.md
index faec964678..2534797dcd 100644
--- a/windows/deployment/windows-deployment-scenarios.md
+++ b/windows/deployment/windows-deployment-scenarios.md
@@ -1,7 +1,7 @@
---
title: Windows deployment scenarios
description: Understand the different ways Windows operating system can be deployed in an organization. Explore several Windows deployment scenarios.
-manager: aaroncz
+manager: bpardi
ms.author: frankroj
author: frankroj
ms.service: windows-client
diff --git a/windows/deployment/windows-missing-fonts.md b/windows/deployment/windows-missing-fonts.md
index 11091fa358..57e303cb72 100644
--- a/windows/deployment/windows-missing-fonts.md
+++ b/windows/deployment/windows-missing-fonts.md
@@ -5,7 +5,7 @@ ms.service: windows-client
ms.localizationpriority: medium
author: frankroj
ms.author: frankroj
-manager: aaroncz
+manager: bpardi
ms.topic: how-to
ms.date: 02/27/2025
ms.subservice: itpro-deploy
diff --git a/windows/hub/index.yml b/windows/hub/index.yml
index a20075e2cf..c235a498e4 100644
--- a/windows/hub/index.yml
+++ b/windows/hub/index.yml
@@ -12,9 +12,9 @@ metadata:
ms.collection:
- tier1
- essentials-navigation
- author: aczechowski
- ms.author: aaroncz
- manager: aaroncz
+ author: blokpardi
+ ms.author: bpardi
+ manager: bpardi
ms.date: 10/01/2024
highlightedContent:
diff --git a/windows/security/application-security/application-control/app-control-for-business/index.yml b/windows/security/application-security/application-control/app-control-for-business/index.yml
index 576efefff8..cd84210e03 100644
--- a/windows/security/application-security/application-control/app-control-for-business/index.yml
+++ b/windows/security/application-security/application-control/app-control-for-business/index.yml
@@ -7,7 +7,7 @@ metadata:
ms.topic: landing-page
author: vinaypamnani-msft
ms.author: vinpa
- manager: aaroncz
+ manager: bpardi
ms.date: 09/11/2024
# linkListType: overview | how-to-guide | tutorial | video
landingContent:
diff --git a/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md b/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md
index 9f6ad2b2dc..be0cbfa469 100644
--- a/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md
+++ b/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md
@@ -4,7 +4,7 @@ description: Hardware and software system integrity-hardening capabilities that
ms.localizationpriority: medium
author: vinaypamnani-msft
ms.author: vinpa
-manager: aaroncz
+manager: bpardi
ms.date: 09/11/2024
ms.topic: article
appliesto:
diff --git a/windows/security/docfx.json b/windows/security/docfx.json
index f64814d751..a88a8d4e1d 100644
--- a/windows/security/docfx.json
+++ b/windows/security/docfx.json
@@ -44,7 +44,7 @@
"zone_pivot_group_filename": "resources/zone-pivot-groups.json",
"uhfHeaderId": "MSDocsHeader-Windows",
"ms.localizationpriority": "medium",
- "manager": "aaroncz",
+ "manager": "bpardi",
"feedback_system": "Standard",
"feedback_product_url": "https://support.microsoft.com/windows/send-feedback-to-microsoft-with-the-feedback-hub-app-f59187f8-8739-22d6-ba93-f66612949332",
"_op_documentIdPathDepotMapping": {
diff --git a/windows/security/index.yml b/windows/security/index.yml
index 65fbde4219..6a9abb26c8 100644
--- a/windows/security/index.yml
+++ b/windows/security/index.yml
@@ -10,7 +10,7 @@ metadata:
- essentials-security
author: paolomatarazzo
ms.author: paoloma
- manager: aaroncz
+ manager: bpardi
ms.date: 10/18/2024
# linkListType: architecture | concept | deploy | download | get-started | how-to-guide | tutorial | overview | quickstart | reference | sample | tutorial | video | whats-new
diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md
index a7938a1a29..7681406ae6 100644
--- a/windows/security/threat-protection/index.md
+++ b/windows/security/threat-protection/index.md
@@ -3,7 +3,7 @@ title: Windows threat protection
description: Describes the security capabilities in Windows client focused on threat protection
author: aczechowski
ms.author: aaroncz
-manager: aaroncz
+manager: bpardi
ms.topic: article
ms.date: 12/31/2017
---
diff --git a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
index abb60675b1..7b2bd8ca0f 100644
--- a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
+++ b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
@@ -4,7 +4,7 @@ description: An overview of software and firmware threats faced in the current s
ms.localizationpriority: medium
author: aczechowski
ms.author: aaroncz
-manager: aaroncz
+manager: bpardi
ms.date: 12/31/2017
ms.topic: how-to
---
diff --git a/windows/whats-new/deprecated-features-resources.md b/windows/whats-new/deprecated-features-resources.md
index 608b3bce04..ae0871033c 100644
--- a/windows/whats-new/deprecated-features-resources.md
+++ b/windows/whats-new/deprecated-features-resources.md
@@ -7,7 +7,7 @@ ms.subservice: itpro-fundamentals
ms.localizationpriority: medium
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.topic: reference
ms.collection:
- highpri
@@ -23,7 +23,7 @@ This article provides more information about some [deprecated features for Windo
## Maps app
-Maps is deprecated and will be removed from the Microsoft Store by July 2025. At this time, there will also be a final update to the app from the Store that makes it nonfunctional. If you remove the app before July 2025, you can still reinstall it from the Store, but past July 2025 you won't be able to reinstall it. You'll be able to uninstall the app at any time. Any personal data or files you have saved, such as guided navigation or URLs to maps, won't be removed, but they'll no longer function in the Maps app past July 2025. If you wish to still use maps powered by the Bing service, please visit [https://www.bing.com/maps](https://www.bing.com/maps). Maps is no longer preinstalled with Windows starting with the Windows 11, version 24H2 release.
+Maps is deprecated and will be removed from the Microsoft Store by July 2025. At this time, there will also be a final update to the app from the Store that makes it nonfunctional. If you remove the app before July 2025, you can still reinstall it from the Store, but past July 2025 you won't be able to reinstall it. You'll be able to uninstall the app at any time. Any personal data or files you have saved, such as guided navigation or URLs to maps, won't be removed, but they'll no longer function in the Maps app past July 2025. If you wish to still use maps powered by the Bing service, please visit [https://www.bing.com/maps](https://www.bing.com/maps). Maps is no longer preinstalled with Windows starting with the Windows 11, version 24H2 release.
## Windows UWP Map control and Windows Maps platform APIs
@@ -43,11 +43,11 @@ Paint 3D was deprecated in August 2024 and was removed from the Microsoft Store
## NTLM
-Customers concerned about NTLM usage in their environments are encouraged to utilize [NTLM auditing](/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain) to [investigate how NTLM is being used](https://techcommunity.microsoft.com/t5/ask-the-directory-services-team/ntlm-blocking-and-you-application-analysis-and-auditing/ba-p/397191).
+Customers concerned about NTLM usage in their environments are encouraged to utilize [NTLM auditing](/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain) to [investigate how NTLM is being used](https://techcommunity.microsoft.com/t5/ask-the-directory-services-team/ntlm-blocking-and-you-application-analysis-and-auditing/ba-p/397191).
In many cases, applications should be able to replace NTLM with Negotiate using a one-line change in their `AcquireCredentialsHandle` request to the SSPI. One known exception is for applications that make hard assumptions about the maximum number of round trips needed to complete authentication. In most cases, Negotiate will add at least one additional round trip. Some scenarios might require additional configuration. For more information, see [Kerberos authentication troubleshooting guidance](/troubleshoot/windows-server/windows-security/kerberos-authentication-troubleshooting-guidance).
-Negotiate's built-in fallback to NTLM is preserved to mitigate compatibility issues during this transition. For updates on NTLM deprecation, see [https://aka.ms/ntlm](https://aka.ms/ntlm).
+Negotiate's built-in fallback to NTLM is preserved to mitigate compatibility issues during this transition. For updates on NTLM deprecation, see [https://aka.ms/ntlm](https://aka.ms/ntlm).
NTLM v1 is removed starting in Windows 11, version 24H2 and Windows Server 2025. Some situations still use NTLMv1 primitives for legacy reasons. MSCHAPv2 uses the same response function as NTLMv1 and is vulnerable to the same attacks against the weak crypto. MSCHAPv2 is only disabled by enabling Credential Guard.
@@ -57,14 +57,14 @@ WordPad is removed from all editions of Windows starting in Windows 11, version
- wordpad.exe
- wordpadfilter.dll
-- write.exe
+- write.exe
Avoid taking a direct dependency on these binaries and Wordpad in your product. Instead, for trying to open a text file, rely on Microsoft Word or Notepad.
## VBScript
VBScript will be available as a [feature on demand](/windows-hardware/manufacture/desktop/features-on-demand-v2--capabilities) before being retired in future Windows releases. Initially, the VBScript feature on demand will be preinstalled to allow for uninterrupted use while you prepare for the retirement of VBScript.
-
+
## TLS versions 1.0 and 1.1 disablement resources
Over the past several years, internet standards and regulatory bodies have [deprecated or disallowed](https://www.ietf.org/rfc/rfc8996.html) TLS versions 1.0 and 1.1 due to various security issues. Starting in Windows 11 Insider Preview builds for September 2023 and continuing in future Windows OS releases, TLS 1.0 and 1.1 are disabled by default. This change increases the security posture of Windows customers and encourages modern protocol adoption. For organizations that need to use these versions, there's an option to re-enable TLS 1.0 or TLS 1.1.
@@ -111,7 +111,7 @@ Re-enabling TLS 1.0 or TLS 1.1 on machines should only be done as a last resort,
## Microsoft Support Diagnostic Tool resources
-The [Microsoft Support Diagnostic Tool (MSDT)](/windows-server/administration/windows-commands/msdt) gathers diagnostic data for analysis by support professionals. MSDT is the engine used to run legacy Windows built-in troubleshooters. There are currently 28 built-in troubleshooters for MSDT. Half of the built-in troubleshooters have already been [redirected](#redirected-msdt-troubleshooters) to the Get Help platform, while the other half will be [retired](#retired-msdt-troubleshooters).
+The [Microsoft Support Diagnostic Tool (MSDT)](/windows-server/administration/windows-commands/msdt) gathers diagnostic data for analysis by support professionals. MSDT is the engine used to run legacy Windows built-in troubleshooters. There are currently 28 built-in troubleshooters for MSDT. Half of the built-in troubleshooters have already been [redirected](#redirected-msdt-troubleshooters) to the Get Help platform, while the other half will be [retired](#retired-msdt-troubleshooters).
If you're using MSDT to run [custom troubleshooting packages](/previous-versions/windows/desktop/wintt/package-schema), it will be available as a [feature on demand](/windows-hardware/manufacture/desktop/features-on-demand-v2--capabilities) before the tool is fully retired in 2025. This change allows you to continue to use MSDT to run custom troubleshooting packages while transitioning to a new platform. [Contact Microsoft support](https://support.microsoft.com/contactus) for Windows if you require more assistance.
diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index e068f80f83..46a4823b8b 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -7,7 +7,7 @@ ms.subservice: itpro-fundamentals
ms.localizationpriority: medium
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.topic: reference
ms.collection:
- highpri
diff --git a/windows/whats-new/enable-extended-security-updates.md b/windows/whats-new/enable-extended-security-updates.md
index dcaa16db39..af03388d2c 100644
--- a/windows/whats-new/enable-extended-security-updates.md
+++ b/windows/whats-new/enable-extended-security-updates.md
@@ -5,7 +5,7 @@ ms.service: windows-client
ms.subservice: itpro-fundamentals
ms.author: mstewart
author: mestew
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
ms.topic: article
ms.date: 05/21/2025
@@ -54,7 +54,7 @@ To enable ESU for Windows 10, you must meet the following prerequisites:
If you bought ESU licenses, you can activate them with Multiple Activation Keys (MAK) that you get from the Microsoft 365 admin center. To find the ESU license MAK, use the following steps:
1. In the [admin center](https://admin.microsoft.com), go to the **Billing** > **Your Products** page, then select the Volume licensing tab.
-2. In the **Contracts** section, select **View contracts**.
+2. In the **Contracts** section, select **View contracts**.
3. On the Contracts page, find the **License ID** that the ESU licenses were purchased under, select the three dots (**More actions**), then select **View product keys**. The **Product keys** details page includes contract details and a list of all keys for that contract.
> [!NOTE]
@@ -150,10 +150,10 @@ If the device doesn't have access to the internet or to the Microsoft Activation
The output should show the **Name** of the corresponding ESU program and the **License Status** as `Licensed` for that program.
## Activate large numbers of devices that don't have internet access
-
+
For more information on how to do manual activation of large numbers of devices, review the Volume Activation Management Tool (VAMT) [Proxy Activation](/windows/deployment/volume-activation/proxy-activation-vamt) scenario. You should install the latest [Automated Deployment Kit (ADK) tool](/windows-hardware/get-started/adk-install) to ensure that the VAMT tool includes updated PkeyConfig files for Windows 10 ESU MAK keys.
-For more information on adding additional activations to a Windows 10 ESU MAK, see [Request an increase to MAK activation limits](/microsoft-365/commerce/licenses/product-keys-for-vl#request-an-increase-to-mak-activation-limits).
+For more information on adding additional activations to a Windows 10 ESU MAK, see [Request an increase to MAK activation limits](/microsoft-365/commerce/licenses/product-keys-for-vl#request-an-increase-to-mak-activation-limits).
## Related content
diff --git a/windows/whats-new/extended-security-updates.md b/windows/whats-new/extended-security-updates.md
index 8bacc05a7c..46e5be5e94 100644
--- a/windows/whats-new/extended-security-updates.md
+++ b/windows/whats-new/extended-security-updates.md
@@ -1,11 +1,11 @@
---
-title: Extended Security Updates (ESU) program for Windows 10
+title: Extended Security Updates (ESU) program for Windows 10
description: Learn about the Extended Security Updates (ESU) program for Windows 10. The ESU program gives customers the option to receive security updates for Windows 10.
ms.service: windows-client
ms.subservice: itpro-fundamentals
ms.author: mstewart
author: mestew
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
ms.topic: article
ms.date: 05/21/2025
@@ -42,13 +42,13 @@ ESUs doesn't include the following items:
## Frequently asked questions
-The following are frequently asked questions about the ESU program for Windows 10:
+The following are frequently asked questions about the ESU program for Windows 10:
### How much does ESU cost?
Extended Security Updates for organizations and businesses on Windows 10 can be purchased today through the Microsoft Volume Licensing Program, at $61 USD per device for Year One. For more information, see [When to use Windows 10 Extended Security Updates](https://techcommunity.microsoft.com/blog/windows-itpro-blog/when-to-use-windows-10-extended-security-updates/4102628). The price doubles every consecutive year, for a maximum of three years. ESU is available at no additional cost for Windows 10 virtual machines in the following services:
-- [Windows 365](/windows-365/overview)
+- [Windows 365](/windows-365/overview)
- [Azure Virtual Desktop](/azure/virtual-desktop/overview)
- [Azure virtual machines](/azure/virtual-machines/overview)
- [Azure Dedicated Host](/azure/virtual-machines/dedicated-hosts)
@@ -60,7 +60,7 @@ Extended Security Updates for organizations and businesses on Windows 10 can be
Additionally, Windows 10 endpoints connecting to Windows 365 Cloud PCs will be entitled to the ESU for up to three years, with an active Windows 365 subscription license. For more information about Windows 365, see [What is Windows 365?](/windows-365/overview).
-For individuals or Windows 10 Home customers, Extended Security Updates for Windows 10 will be available for purchase at $30 for one year.
+For individuals or Windows 10 Home customers, Extended Security Updates for Windows 10 will be available for purchase at $30 for one year.
### Is there a minimum license purchase requirement for Windows 10 ESU?
@@ -82,7 +82,7 @@ Enrolled PCs belonging to a commercial or educational organization can receive s
### Is technical support included in ESU?
-No, technical support isn't included in the ESU program. Microsoft will provide support for customers that encounter challenges related to the ESU.
+No, technical support isn't included in the ESU program. Microsoft will provide support for customers that encounter challenges related to the ESU.
### Will Windows 10 PCs stop working without the ESU offering?
diff --git a/windows/whats-new/feature-lifecycle.md b/windows/whats-new/feature-lifecycle.md
index 578a92fb51..f16809dce1 100644
--- a/windows/whats-new/feature-lifecycle.md
+++ b/windows/whats-new/feature-lifecycle.md
@@ -4,7 +4,7 @@ description: Learn about the lifecycle of Windows features, as well as features
ms.service: windows-client
ms.localizationpriority: medium
author: mestew
-manager: aaroncz
+manager: bpardi
ms.author: mstewart
ms.topic: reference
ms.subservice: itpro-fundamentals
diff --git a/windows/whats-new/index.yml b/windows/whats-new/index.yml
index 9d6a27a7f2..c7a53d0afb 100644
--- a/windows/whats-new/index.yml
+++ b/windows/whats-new/index.yml
@@ -12,9 +12,9 @@ metadata:
ms.collection:
- highpri
- tier1
- author: aczechowski
- ms.author: aaroncz
- manager: aaroncz
+ author: mestew
+ ms.author: mstewart
+ manager: bpardi
ms.date: 07/01/2024
ms.localizationpriority: medium
@@ -42,7 +42,7 @@ landingContent:
- linkListType: whats-new
links:
- text: What's new in Windows 11, version 24H2
- url: whats-new-windows-11-version-24h2.md
+ url: whats-new-windows-11-version-24h2.md
- text: What's new in Windows 11, version 23H2
url: whats-new-windows-11-version-23h2.md
- text: What's new in Windows 11, version 22H2
@@ -64,7 +64,7 @@ landingContent:
- text: Windows Enterprise LTSC overview
url: ltsc/overview.md
- text: What's new in Windows 11 Enterprise LTSC 2024
- url: ltsc/whats-new-windows-11-2024.md
+ url: ltsc/whats-new-windows-11-2024.md
- text: What's new in Windows 10 Enterprise LTSC 2021
url: ltsc/whats-new-windows-10-2021.md
- text: What's new in Windows 10 Enterprise LTSC 2019
@@ -73,7 +73,7 @@ landingContent:
url: ltsc/whats-new-windows-10-2016.md
- text: What's new in Windows 10 Enterprise LTSC 2015
url: ltsc/whats-new-windows-10-2015.md
-
+
- title: Deprecated features
linkLists:
diff --git a/windows/whats-new/ltsc/overview.md b/windows/whats-new/ltsc/overview.md
index 1ac5c31aeb..1744490bdb 100644
--- a/windows/whats-new/ltsc/overview.md
+++ b/windows/whats-new/ltsc/overview.md
@@ -4,7 +4,7 @@ description: An overview of the Windows long-term servicing channel (LTSC).
ms.service: windows-client
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: low
ms.topic: overview
ms.subservice: itpro-fundamentals
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2015.md b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
index 2df8a9ec8d..929fd93dc6 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2015.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
@@ -1,6 +1,6 @@
---
title: What's new in Windows 10 Enterprise LTSC 2015
-manager: aaroncz
+manager: bpardi
ms.author: mstewart
description: New and updated IT pro content about new features in Windows 10 Enterprise LTSC 2015 (also known as Windows 10 Enterprise 2015 LTSB).
ms.service: windows-client
@@ -248,7 +248,7 @@ Enterprises have the following identity and management choices.
> [!NOTE]
> With the release of Windows Server 2012 R2, Network Access Protection (NAP) was deprecated and the NAP client has now been removed in Windows 10. For more information about support lifecycles, see [Microsoft Support Lifecycle](/lifecycle/).
-
+
### Device lockdown
@@ -270,7 +270,7 @@ A standard Start layout can be useful on devices that are common to multiple use
Administrators can also use mobile device management (MDM) or Group Policy to disable the use of [Windows Spotlight on the lock screen](/windows/configuration/windows-spotlight).
-## Updates
+## Updates
Windows Update client policies enable information technology administrators to keep the Windows 10-based devices in their organization always up to date with the latest security defenses and Windows features by directly connecting these systems to Microsoft's Windows Update service.
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2016.md b/windows/whats-new/ltsc/whats-new-windows-10-2016.md
index 9c94a7e808..ea6f5b3131 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2016.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2016.md
@@ -1,6 +1,6 @@
---
title: What's new in Windows 10 Enterprise LTSC 2016
-manager: aaroncz
+manager: bpardi
ms.author: mstewart
description: New and updated IT pro content about new features in Windows 10 Enterprise LTSC 2016 (also known as Windows 10 Enterprise 2016 LTSB).
ms.service: windows-client
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2019.md b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
index 9b46e095f9..ec4ade72b3 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2019.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
@@ -1,6 +1,6 @@
---
title: What's new in Windows 10 Enterprise LTSC 2019
-manager: aaroncz
+manager: bpardi
ms.author: mstewart
description: New and updated IT Pro content about new features in Windows 10 Enterprise LTSC 2019 (also known as Windows 10 Enterprise 2019 LTSB).
ms.service: windows-client
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2021.md b/windows/whats-new/ltsc/whats-new-windows-10-2021.md
index f8a15b202a..7f9bb0de42 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2021.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2021.md
@@ -1,6 +1,6 @@
---
title: What's new in Windows 10 Enterprise LTSC 2021
-manager: aaroncz
+manager: bpardi
ms.author: mstewart
description: New and updated IT Pro content about new features in Windows 10 Enterprise LTSC 2021.
ms.service: windows-client
@@ -22,9 +22,9 @@ This article lists new and updated features and content that is of interest to I
>
> The LTSC release is [intended for special use devices](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/LTSC-What-is-it-and-when-should-it-be-used/ba-p/293181). Support for LTSC by apps and tools that are designed for the general availability channel release of Windows 10 might be limited.
-Windows 10 Enterprise LTSC 2021 builds on Windows 10 Enterprise LTSC 2019, adding premium features such as advanced protection against modern security threats and comprehensive device management, app management, and control capabilities.
+Windows 10 Enterprise LTSC 2021 builds on Windows 10 Enterprise LTSC 2019, adding premium features such as advanced protection against modern security threats and comprehensive device management, app management, and control capabilities.
-The Windows 10 Enterprise LTSC 2021 release includes the cumulative enhancements provided in Windows 10 versions 1903, 1909, 2004, 21H1, and 21H2. Details about these enhancements are provided below.
+The Windows 10 Enterprise LTSC 2021 release includes the cumulative enhancements provided in Windows 10 versions 1903, 1909, 2004, 21H1, and 21H2. Details about these enhancements are provided below.
## Lifecycle
@@ -41,7 +41,7 @@ For more information about the lifecycle for this release, see [The next Windows
In this release, [Windows Defender System Guard](/windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows) enables an even *higher* level of [System Management Mode](/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows#system-management-mode-smm-protection) (SMM) Firmware Protection that goes beyond checking the OS memory and secrets to other resources like registers and IO.
-With this improvement, the OS can detect a higher level of SMM compliance, enabling devices to be even more hardened against SMM exploits and vulnerabilities. Based on the platform, the underlying hardware and firmware, there are three versions of SMM Firmware Protection (one, two and three), with each subsequent versions offering stronger protections than the preceding ones.
+With this improvement, the OS can detect a higher level of SMM compliance, enabling devices to be even more hardened against SMM exploits and vulnerabilities. Based on the platform, the underlying hardware and firmware, there are three versions of SMM Firmware Protection (one, two and three), with each subsequent versions offering stronger protections than the preceding ones.
There are already devices in the market today that offer SMM Firmware Protection versions one and two. SMM Firmware Protection version three This feature is currently forward-looking and requires new hardware that will be made available soon.
@@ -49,7 +49,7 @@ There are already devices in the market today that offer SMM Firmware Protection
### System security
-[Windows Security app](/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center) improvements now include Protection history, including detailed and easier to understand information about threats and available actions, Controlled Folder Access blocks are now in the Protection history, Windows Defender Offline Scanning tool actions, and any pending recommendations.
+[Windows Security app](/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center) improvements now include Protection history, including detailed and easier to understand information about threats and available actions, Controlled Folder Access blocks are now in the Protection history, Windows Defender Offline Scanning tool actions, and any pending recommendations.
### Encryption and data protection
@@ -59,13 +59,13 @@ BitLocker and Mobile Device Management (MDM) with Microsoft Entra ID work togeth
#### Windows Defender Firewall
-Windows Defender Firewall now offers the following benefits:
+Windows Defender Firewall now offers the following benefits:
-**Reduce risk**: Windows Defender Firewall reduces the attack surface of a device with rules to restrict or allow traffic by many properties, such as IP addresses, ports, or program paths. Reducing the attack surface of a device increases manageability and decreases the likelihood of a successful attack.
+**Reduce risk**: Windows Defender Firewall reduces the attack surface of a device with rules to restrict or allow traffic by many properties, such as IP addresses, ports, or program paths. Reducing the attack surface of a device increases manageability and decreases the likelihood of a successful attack.
-**Safeguard data**: With integrated Internet Protocol Security (IPsec), Windows Defender Firewall provides a simple way to enforce authenticated, end-to-end network communications. It provides scalable, tiered access to trusted network resources, helping to enforce integrity of the data, and optionally helping to protect the confidentiality of the data.
+**Safeguard data**: With integrated Internet Protocol Security (IPsec), Windows Defender Firewall provides a simple way to enforce authenticated, end-to-end network communications. It provides scalable, tiered access to trusted network resources, helping to enforce integrity of the data, and optionally helping to protect the confidentiality of the data.
-**Extend value**: Windows Defender Firewall is a host-based firewall that is included with the operating system, so there's no other hardware or software required. Windows Defender Firewall is also designed to complement existing non-Microsoft network security solutions through a documented application programming interface (API).
+**Extend value**: Windows Defender Firewall is a host-based firewall that is included with the operating system, so there's no other hardware or software required. Windows Defender Firewall is also designed to complement existing non-Microsoft network security solutions through a documented application programming interface (API).
The Windows Defender Firewall is also now easier to analyze and debug. IPsec behavior has been integrated with Packet Monitor (pktmon), an in-box cross-component network diagnostic tool for Windows.
@@ -107,7 +107,7 @@ Windows Defender Firewall also now supports [Windows Subsystem for Linux (WSL)](
- Standalone users can install and configure their Windows Defender Application Guard settings without needing to change registry key settings. Enterprise users can check their settings to see what their administrators have configured for their machines to better understand the behavior.
- Application Guard is now an extension in Google Chrome and Mozilla Firefox. Many users are in a hybrid browser environment, and would like to extend Application Guard's browser isolation technology beyond Microsoft Edge. In the latest release, users can install the Application Guard extension in their Chrome or Firefox browsers. This extension will redirect untrusted navigation to the Application Guard Edge browser. There's also a companion app to enable this feature in the Microsoft Store. Users can quickly launch Application Guard from their desktop using this app. This feature is also available in Windows 10, version 1803 or later with the latest updates.
- To try this extension:
+ To try this extension:
1. Configure Application Guard policies on your device.
2. Go to the Chrome Web Store or Firefox Add-ons and search for Application Guard. Install the extension.
3. Follow any of the other configuration steps on the extension setup page.
@@ -186,11 +186,11 @@ This release also includes two new features called key-rolling and key-rotation
### SetupDiag
-[SetupDiag](/windows/deployment/upgrade/setupdiag) is a command-line tool that can help diagnose why a Windows 10 update failed. SetupDiag works by searching Windows Setup log files. When log files are being searched, SetupDiag uses a set of rules to match known issues. In the current version of SetupDiag there are 53 rules contained in the rules.xml file, which is extracted when SetupDiag is run. The rules.xml file will be updated as new versions of SetupDiag are made available.
+[SetupDiag](/windows/deployment/upgrade/setupdiag) is a command-line tool that can help diagnose why a Windows 10 update failed. SetupDiag works by searching Windows Setup log files. When log files are being searched, SetupDiag uses a set of rules to match known issues. In the current version of SetupDiag there are 53 rules contained in the rules.xml file, which is extracted when SetupDiag is run. The rules.xml file will be updated as new versions of SetupDiag are made available.
### Reserved storage
-[**Reserved storage**](https://techcommunity.microsoft.com/t5/Storage-at-Microsoft/Windows-10-and-reserved-storage/ba-p/428327): Reserved storage sets aside disk space to be used by updates, apps, temporary files, and system caches. It improves the day-to-day function of your PC by ensuring critical OS functions always have access to disk space. Reserved storage will be enabled automatically on new PCs with Windows 10, version 1903 pre-installed, and for clean installs. It will not be enabled when updating from a previous version of Windows 10.
+[**Reserved storage**](https://techcommunity.microsoft.com/t5/Storage-at-Microsoft/Windows-10-and-reserved-storage/ba-p/428327): Reserved storage sets aside disk space to be used by updates, apps, temporary files, and system caches. It improves the day-to-day function of your PC by ensuring critical OS functions always have access to disk space. Reserved storage will be enabled automatically on new PCs with Windows 10, version 1903 pre-installed, and for clean installs. It will not be enabled when updating from a previous version of Windows 10.
### Windows Assessment and Deployment Toolkit (ADK)
diff --git a/windows/whats-new/ltsc/whats-new-windows-11-2024.md b/windows/whats-new/ltsc/whats-new-windows-11-2024.md
index 2e098597d2..115347b607 100644
--- a/windows/whats-new/ltsc/whats-new-windows-11-2024.md
+++ b/windows/whats-new/ltsc/whats-new-windows-11-2024.md
@@ -1,6 +1,6 @@
---
title: What's new in Windows 11 Enterprise long-term servicing channel (LTSC) 2024
-manager: aaroncz
+manager: bpardi
ms.author: mstewart
description: New and updated IT Pro content about new features in Windows 11 Enterprise long-term servicing channel (LTSC) 2024.
ms.service: windows-client
diff --git a/windows/whats-new/removed-features.md b/windows/whats-new/removed-features.md
index 00441769f7..f4c5e2cc7d 100644
--- a/windows/whats-new/removed-features.md
+++ b/windows/whats-new/removed-features.md
@@ -5,9 +5,9 @@ ms.service: windows-client
ms.localizationpriority: medium
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.topic: reference
-ms.subservice: itpro-fundamentals
+ms.subservice: itpro-fundamentals
ms.date: 05/23/2025
ms.collection:
- highpri
@@ -19,7 +19,7 @@ appliesto:
# Features and functionality removed in Windows client
-Each version of Windows client adds new features and functionality. Occasionally, new versions also remove features and functionality, often because they've added a newer option. This article provides details about the features and functionality that have been removed in Windows client.
+Each version of Windows client adds new features and functionality. Occasionally, new versions also remove features and functionality, often because they've added a newer option. This article provides details about the features and functionality that have been removed in Windows client.
For more information about features that might be removed in a future release, see [Deprecated features for Windows client](deprecated-features.md).
@@ -41,7 +41,7 @@ The following features and functionalities have been removed from the installed
| Location History | We are removing the Location History feature, an [API](/uwp/api/windows.devices.geolocation.geolocator.getgeopositionhistoryasync) that allowed Cortana to access 24 hours of device history when location was enabled. With the removal of the Location History feature, location data will no longer be saved locally and the corresponding settings will also be removed from the **Privacy & Security** > **Location** page in **Settings**. This feature is being gradually removed from devices using a controlled feature rollout (CFR). | March 25, 2025 |
| Paint 3D | Paint 3D was deprecated in August 2024 and was removed from the Microsoft Store on November 4, 2024. To view and edit 2D images, you can use [Paint](https://apps.microsoft.com/detail/9pcfs5b6t72h) or [Photos](https://apps.microsoft.com/detail/9wzdncrfjbh4). For viewing 3D content, you can use [3D Viewer](https://apps.microsoft.com/detail/9nblggh42ths). | November 4, 2024 |
| Windows Mixed Reality | As announced in December of 2023, Mixed Reality was removed in Windows 11, version 24H2. This deprecation includes the Mixed Reality Portal app, Windows Mixed Reality for SteamVR, and Steam VR Beta. Existing Windows Mixed Reality devices will continue to work with Steam through November 2026, if users remain on their current released version of Windows 11, version 23H2. After November 2026, Windows Mixed Reality will no longer receive security updates, nonsecurity updates, bug fixes, technical support, or online technical content updates. | 24H2 |
-| Data Encryption Standard (DES) | DES, the symmetric-key block encryption cipher, is considered nonsecure against modern cryptographic attacks, and replaced by more robust encryption algorithms. DES was disabled by default starting with Windows 7 and Windows Server 2008 R2. It's removed from Windows 11, version 24H2 and later, and [Windows Server 2025](/windows-server/get-started/removed-deprecated-features-windows-server-2025) and later.| September 2025 |
+| Data Encryption Standard (DES) | DES, the symmetric-key block encryption cipher, is considered nonsecure against modern cryptographic attacks, and replaced by more robust encryption algorithms. DES was disabled by default starting with Windows 7 and Windows Server 2008 R2. It's removed from Windows 11, version 24H2 and later, and [Windows Server 2025](/windows-server/get-started/removed-deprecated-features-windows-server-2025) and later.| September 2025 |
| NTLMv1 | NTLMv1 is removed starting in Windows 11, version 24H2 and Windows Server 2025. | 24H2 |
| Windows Information Protection | Windows Information Protection is removed starting in Windows 11, version 24H2. | 24H2 |
| Microsoft Defender Application Guard for Edge | [Microsoft Defender Application Guard](/windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-overview), including the [Windows Isolated App Launcher APIs](/windows/win32/api/isolatedapplauncher/), is deprecated for Microsoft Edge for Business and is no longer available starting with Windows 11, version 24H2. | 24H2 |
diff --git a/windows/whats-new/temporary-enterprise-feature-control.md b/windows/whats-new/temporary-enterprise-feature-control.md
index e52f21b5da..cdd96b553f 100644
--- a/windows/whats-new/temporary-enterprise-feature-control.md
+++ b/windows/whats-new/temporary-enterprise-feature-control.md
@@ -5,7 +5,7 @@ ms.service: windows-client
ms.subservice: itpro-fundamentals
ms.author: mstewart
author: mestew
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
ms.topic: reference
ms.date: 04/25/2025
@@ -55,7 +55,7 @@ The following features are behind temporary enterprise control in Windows 11:
| Feature | KB article where the feature was introduced | Feature update that ends temporary control | Notes |
|---|---|---|---|
-| Improved Windows search |[April 25, 2025 - KB5055627](https://support.microsoft.com/kb/5055627) | | Improved Windows search will continue to respect your existing [search policies](/windows/client-management/mdm/policy-csp-search). |
+| Improved Windows search |[April 25, 2025 - KB5055627](https://support.microsoft.com/kb/5055627) | | Improved Windows search will continue to respect your existing [search policies](/windows/client-management/mdm/policy-csp-search). |
| Click to Do | [April 25, 2025 - KB5055627](https://support.microsoft.com/kb/5055627)| | This feature also has a permanent control. For more information, see [Manage Click to Do](/windows/client-management/manage-click-to-do). |
| Touch-optimized taskbar for 2-in-1 devices | [February 28, 2023 - KB5022913](https://support.microsoft.com/kb/5022913) | [Feature Update to Windows 11, version 23H2](https://support.microsoft.com/kb/5027397) | |
| Selecting **Uninstall** for a Win32 app from the right-click menu uses the **Installed Apps** page in **Settings** rather than **Programs and Features** under the **Control Panel** | [September 2023 - KB5030310](https://support.microsoft.com/kb/5030310) | [Feature Update to Windows 11, version 23H2](https://support.microsoft.com/kb/5027397) | |
diff --git a/windows/whats-new/whats-new-windows-10-version-22H2.md b/windows/whats-new/whats-new-windows-10-version-22H2.md
index cf7858f2c8..7b315f41e3 100644
--- a/windows/whats-new/whats-new-windows-10-version-22H2.md
+++ b/windows/whats-new/whats-new-windows-10-version-22H2.md
@@ -5,7 +5,7 @@ ms.service: windows-client
ms.subservice: itpro-fundamentals
ms.author: mstewart
author: mestew
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: medium
ms.topic: reference
ms.date: 07/09/2024
diff --git a/windows/whats-new/whats-new-windows-11-version-22H2.md b/windows/whats-new/whats-new-windows-11-version-22H2.md
index 644ef67639..d2101e39a0 100644
--- a/windows/whats-new/whats-new-windows-11-version-22H2.md
+++ b/windows/whats-new/whats-new-windows-11-version-22H2.md
@@ -1,7 +1,7 @@
---
title: What's new in Windows 11, version 22H2 for IT pros
description: Learn more about what's new in Windows 11 version 21H2, including servicing updates, Windows Subsystem for Linux, the latest CSPs, and more.
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.author: mstewart
author: mestew
diff --git a/windows/whats-new/whats-new-windows-11-version-23h2.md b/windows/whats-new/whats-new-windows-11-version-23h2.md
index a2bed8fed2..2ce7bcd987 100644
--- a/windows/whats-new/whats-new-windows-11-version-23h2.md
+++ b/windows/whats-new/whats-new-windows-11-version-23h2.md
@@ -1,7 +1,7 @@
---
title: What's new in Windows 11, version 23H2 for IT pros
description: Learn more about what's new in Windows 11 version 23H2, including servicing updates, Windows Subsystem for Linux, the latest CSPs, and more.
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.author: mstewart
author: mestew
@@ -38,14 +38,14 @@ To learn more about the status of the update rollout, known issues, and new info
When a managed Windows 11, version 22H2 device installs [version 23H2](https://support.microsoft.com/kb/5027397), the following features will no longer be under temporary enterprise feature control:
-| Feature | KB article where the feature was introduced |
+| Feature | KB article where the feature was introduced |
|---|---|
-| Touch-optimized taskbar for 2-in-1 devices | [February 28, 2023 - KB5022913](https://support.microsoft.com/kb/5022913) |
-| Selecting **Uninstall** for a Win32 app from the right-click menu uses the **Installed Apps** page in **Settings** rather than **Programs and Features** under the **Control Panel** | [September 2023 - KB5030310](https://support.microsoft.com/kb/5030310) |
+| Touch-optimized taskbar for 2-in-1 devices | [February 28, 2023 - KB5022913](https://support.microsoft.com/kb/5022913) |
+| Selecting **Uninstall** for a Win32 app from the right-click menu uses the **Installed Apps** page in **Settings** rather than **Programs and Features** under the **Control Panel** | [September 2023 - KB5030310](https://support.microsoft.com/kb/5030310) |
| Windows Spotlight provides a minimized experience, opportunities to learn more about each image, and allows users to preview images at full screen.| [September 2023 - KB5030310](https://support.microsoft.com/kb/5030310) |
| Copilot in Windows | [September 2023 - KB5030310](https://support.microsoft.com/kb/5030310) |
| [Dev Home](/windows/dev-home/) | [September 2023 - KB5030310](https://support.microsoft.com/kb/5030310) |
-| [Dev Drive](/windows/dev-drive/) | [September 2023 - KB5030310](https://support.microsoft.com/kb/5030310) |
+| [Dev Drive](/windows/dev-drive/) | [September 2023 - KB5030310](https://support.microsoft.com/kb/5030310) |
## Features added to Windows 11 since version 22H2
@@ -66,7 +66,7 @@ When the policy is enabled, certain Windows authentication scenarios don't offer
You can enable a web-based sign-in experience on Microsoft Entra joined devices, unlocking new sign-in options and capabilities. For more information, see [Web sign-in for Windows](/windows/security/identity-protection/web-sign-in).
### Declared configuration protocol
-
+
**Declared configuration protocol** is a new protocol for device configuration management that's based on a desired state model and uses OMA-DM SyncML protocol. It allows the server to provide the device with a collection of settings for a specific scenario, and the device to handle the configuration request and maintain its state. For more information, see [What is the declared configuration protocol](/windows/client-management/declared-configuration).
### Education themes
@@ -113,11 +113,11 @@ Dev Drive is a new form of storage volume available to improve performance for k
### Additional features
-- **Tabs for File Explorer**: File Explorer includes tabs to help you organize your File Explorer sessions.
+- **Tabs for File Explorer**: File Explorer includes tabs to help you organize your File Explorer sessions.
- **Taskbar overflow menu**: The taskbar offers an entry point to a menu that shows all of your overflowed apps in one spot.
- **Suggested actions**: Copied text in certain formats, such as phone numbers or dates, offer suggested actions such as calling the number or adding the event to your calendar.
- **Task Manager enhancements**: Process filtering, theme settings, and the ability to opt out of efficiency mode notification were added to Task Manager.
-- **Narrator improvements**: Scripting functionality was added to Narrator. Narrator includes more natural voices.
+- **Narrator improvements**: Scripting functionality was added to Narrator. Narrator includes more natural voices.
### In-box apps
diff --git a/windows/whats-new/whats-new-windows-11-version-24h2.md b/windows/whats-new/whats-new-windows-11-version-24h2.md
index ac9490e3f4..ac95ac244a 100644
--- a/windows/whats-new/whats-new-windows-11-version-24h2.md
+++ b/windows/whats-new/whats-new-windows-11-version-24h2.md
@@ -1,7 +1,7 @@
---
title: What's new in Windows 11, version 24H2 for IT pros
description: Learn more about what's new in Windows 11 version 24H2, including servicing updates, Windows Subsystem for Linux, the latest CSPs, and more.
-manager: aaroncz
+manager: bpardi
ms.service: windows-client
ms.author: mstewart
author: mestew
@@ -242,7 +242,7 @@ The following developer APIs were added or updated:
The following [deprecated features](deprecated-features.md) are [removed](removed-features.md) in Windows 11, version 24H2:
-- **NTLMv1**: NTLMv1 is removed starting in Windows 11, version 24H2 and Windows Server 2025.
+- **NTLMv1**: NTLMv1 is removed starting in Windows 11, version 24H2 and Windows Server 2025.
- **WordPad**: WordPad is removed from all editions of Windows starting in Windows 11, version 24H2 and Windows Server 2025.
- **Alljoyn**: Microsoft's implementation of AllJoyn, which included the [Windows.Devices.AllJoyn API namespace](/uwp/api/windows.devices.alljoyn), a [Win32 API](/windows/win32/api/_alljoyn/), a [management configuration service provider (CSP)](/windows/client-management/mdm/alljoynmanagement-csp), and an [Alljoyn Router Service](/windows-server/security/windows-services/security-guidelines-for-disabling-system-services-in-windows-server#alljoyn-router-service) is retired.
-- **Windows Mixed Reality**: Mixed Reality is removed starting in Windows 11, version 24H2.
\ No newline at end of file
+- **Windows Mixed Reality**: Mixed Reality is removed starting in Windows 11, version 24H2.
\ No newline at end of file
diff --git a/windows/whats-new/windows-11-overview.md b/windows/whats-new/windows-11-overview.md
index 88e4b929b7..4d36ebd72a 100644
--- a/windows/whats-new/windows-11-overview.md
+++ b/windows/whats-new/windows-11-overview.md
@@ -1,7 +1,7 @@
---
title: Windows 11 overview for administrators
description: Learn more about Windows 11. Read about the features IT professionals and administrators should know about Windows 11, including security, apps, the new desktop, and deploying and servicing PCs.
-manager: aaroncz
+manager: bpardi
author: mestew
ms.author: mstewart
ms.service: windows-client
@@ -34,11 +34,11 @@ This article lists what's new, and some of the features & improvements. For more
The security and privacy features in Windows 11 are similar to Windows 10. Security for your devices starts with the hardware, and includes OS security, application security, and user & identity security. There are features available in the Windows OS to help in these areas. This section describes some of these features. For a more comprehensive view, including zero trust, see [Windows security](/windows/security/).
- The **Windows Security** app is built into the OS. This app is an easy-to-use interface, and combines commonly used security features. For example, your get access to virus & threat protection, firewall & network protection, account protection, and more.
-
+
For more information, see [the Windows Security app](/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center).
- **Security baselines** includes security settings that already configured, and ready to be deployed to your devices. If you don't know where to start, or it's too time consuming to go through all the settings, then you should look at Security Baselines.
-
+
For more information, see [Windows security baselines](/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines).
- **Microsoft Defender Antivirus** is built into Windows, and helps protect devices using next-generation security. When used with Microsoft Defender for Endpoint, your organization gets strong endpoint protection, and advanced endpoint protection & response. If you use Intune to manage devices, then you can create policies based on threat levels in Microsoft Defender for Endpoint.
@@ -50,7 +50,7 @@ The security and privacy features in Windows 11 are similar to Windows 10. Secur
- [Enforce compliance for Microsoft Defender for Endpoint](/mem/intune/protect/advanced-threat-protection)
- The application security features help prevent unwanted or malicious code from running, isolate untrusted websites & untrusted Office files, protect against phishing or malware websites, and more.
-
+
For more information, see [Windows application security](/windows/security/apps).
- **Windows Hello for Business** helps protect users and identities. It replaces passwords, and uses a PIN or biometric that stays locally on the device. Device manufacturers are including more secure hardware features, such as IR cameras and TPM chips. These features are used with Windows Hello for Business to help protect user identities on your organization devices.
@@ -94,7 +94,7 @@ For more information on the security features you can configure, manage, and enf
Users can manage some snap features using the **Settings** app > **System** > **Multitasking**. For more information on the end-user experience, see [Snap your windows](https://support.microsoft.com/windows/snap-your-windows-885a9b1e-a983-a3b1-16cd-c531795e6241).
- You can also add Snap Layouts to apps your organization creates. For more information, see [Support snap layouts for desktop apps on Windows 11](/windows/apps/desktop/modernize/apply-snap-layout-menu).
+ You can also add Snap Layouts to apps your organization creates. For more information, see [Support snap layouts for desktop apps on Windows 11](/windows/apps/desktop/modernize/apply-snap-layout-menu).
Starting in Windows 11, version 22H2, you can also activate snap layouts by dragging a window to the top of the screen. The feature is available for both mouse and touch.
@@ -168,7 +168,7 @@ For more information on the security features you can configure, manage, and enf
If users or groups in your organization do a lot with Windows PowerShell or the command prompt, then use policy to add the Windows Terminal app to the [Start menu layout](/windows/configuration/customize-start-menu-layout-windows-11) or the [Taskbar](/windows/configuration/customize-taskbar-windows-11).
- Users can also search for the Terminal app, right-select the app, and pin the app to the Start menu and taskbar.
+ Users can also search for the Terminal app, right-select the app, and pin the app to the Start menu and taskbar.
- The **Microsoft Store** has a new look, and includes more public and retail apps. For more information on the end-user experience, see:
diff --git a/windows/whats-new/windows-11-plan.md b/windows/whats-new/windows-11-plan.md
index de2ec6e9df..ea1aa12887 100644
--- a/windows/whats-new/windows-11-plan.md
+++ b/windows/whats-new/windows-11-plan.md
@@ -4,7 +4,7 @@ description: This article provides guidance to help you plan for Windows 11 in y
ms.service: windows-client
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: high
ms.topic: get-started
ms.collection:
diff --git a/windows/whats-new/windows-11-prepare.md b/windows/whats-new/windows-11-prepare.md
index 148413934a..0f41ef37b3 100644
--- a/windows/whats-new/windows-11-prepare.md
+++ b/windows/whats-new/windows-11-prepare.md
@@ -4,7 +4,7 @@ description: Prepare your infrastructure and tools to deploy Windows 11.
ms.service: windows-client
author: mestew
ms.author: mstewart
-manager: aaroncz
+manager: bpardi
ms.localizationpriority: high
ms.topic: concept-article
ms.collection:
diff --git a/windows/whats-new/windows-11-requirements.md b/windows/whats-new/windows-11-requirements.md
index 909814ca56..549849717d 100644
--- a/windows/whats-new/windows-11-requirements.md
+++ b/windows/whats-new/windows-11-requirements.md
@@ -1,7 +1,7 @@
---
title: Windows 11 requirements
description: Hardware requirements to deploy Windows 11.
-manager: aaroncz
+manager: bpardi
author: mestew
ms.author: mstewart
ms.service: windows-client
diff --git a/windows/whats-new/windows-licensing.md b/windows/whats-new/windows-licensing.md
index c50c610a28..f6943deb1a 100644
--- a/windows/whats-new/windows-licensing.md
+++ b/windows/whats-new/windows-licensing.md
@@ -4,7 +4,7 @@ description: Learn about products and use rights available through Windows comme
ms.subservice: itpro-security
author: paolomatarazzo
ms.author: paoloma
-manager: aaroncz
+manager: bpardi
ms.collection:
- tier2
ms.topic: overview