Merged PR 11260: tweak MDM topics, add MMAT; add Surface Go to autopilot

devices/surface/windows-autopilot-and-surface-devices.md

@@ -7,7 +7,7 @@ ms.mktglfcycl: deploy
 ms.pagetype: surface, devices
 ms.sitesec: library
 author: brecords
-ms.date: 01/31/2018
+ms.date: 09/12/2018
 ms.author: jdecker
 ms.topic: article
 ---
@@ -45,6 +45,7 @@ Surface devices with support for out-of-box deployment with Windows Autopilot, e
 * Surface Book 2
 * Surface Laptop
 * Surface Studio
+* Surface Go
 
 ## Surface partners enabled for Windows Autopilot
 Enrolling Surface devices in Windows Autopilot at the time of purchase is a capability provided by select Surface partners that are enabled with the capability to identify individual Surface devices during the purchase process and perform enrollment on an organization’s behalf. Devices enrolled by a Surface partner at time of purchase can be shipped directly to users and configured entirely through the zero-touch process of Windows Autopilot, Azure Active Directory, and Mobile Device Management.

windows/client-management/mdm/device-update-management.md

@@ -2,6 +2,7 @@
 title: Device update management
 description: In the current device landscape of PC, tablets, phones, and IoT devices, the Mobile Device Management (MDM) solutions are becoming prevalent as a lightweight device management technology.
 ms.assetid: C27BAEE7-2890-4FB7-9549-A6EACC790777
+keywords: mdm,management,administrator
 ms.author: maricia
 ms.topic: article
 ms.prod: w10
@@ -13,15 +14,18 @@ ms.date: 11/15/2017
 
 # Device update management
 
-In the current device landscape of PC, tablets, phones, and IoT devices, the Mobile Device Management (MDM) solutions are becoming prevalent as a lightweight device management technology. In Windows 10, we are investing heavily in extending the management capabilities available to MDMs. One key feature we are adding is the ability for MDMs to keep devices up-to-date with the latest Microsoft Updates.
+>[!TIP]
+>If you're not a developer or administrator, you'll find more helpful information in the [Windows Update: Frequently Asked Questions](https://support.microsoft.com/help/12373/windows-update-faq).
 
-In particular, Windows 10 provides additional APIs to enable MDMs to:
+In the current device landscape of PC, tablets, phones, and IoT devices, Mobile Device Management (MDM) solutions are becoming prevalent as a lightweight device management technology. In Windows 10, we are investing heavily in extending the management capabilities available to MDMs. One key feature we are adding is the ability for MDMs to keep devices up-to-date with the latest Microsoft updates.
+
+In particular, Windows 10 provides APIs to enable MDMs to:
 
 -   Ensure machines stay up-to-date by configuring Automatic Update policies.
 -   Test updates on a smaller set of machines before enterprise-wide rollout by configuring which updates are approved for a given device.
 -   Get compliance status of managed devices so IT can easily understand which machines still need a particular security patch, or how up-to-date is a particular machine.
 
-This topic provides MDM ISVs with the information they need to implement update management in Windows 10.
+This topic provides MDM independent software vendors (ISV) with the information they need to implement update management in Windows 10.
 
 In Windows 10, the MDM protocol has been extended to better enable IT admins to manage updates. In particular, Windows has added configuration service providers (CSPs) that expose policies and actions for MDMs to:
 
@@ -30,7 +34,8 @@ In Windows 10, the MDM protocol has been extended to better enable IT admins to
 -   Specify a per-device update approval list, to ensure devices don’t install unapproved updates that have not been tested.
 -   Approve EULAs on behalf of the end-user so update deployment can be automated even for updates with EULAs.
 
-The OMA DM APIs for specifying update approvals and getting compliance status reference updates using an Update ID, which is a GUID that identifies a particular update. The MDM, of course, will want to expose IT-friendly information about the update (instead of a raw GUID), including the update’s title, description, KB, update type (for example, a security update or service pack). For more information, see [\[MS-WSUSSS\]: Windows Update Services: Server-Server Protocol](https://go.microsoft.com/fwlink/p/?LinkId=526707).
+The OMA DM APIs for specifying update approvals and getting compliance status refer to updates by using an Update ID, which is a GUID that identifies a particular update. The MDM, of course, will want to expose IT-friendly information about the update (instead of a raw GUID), including the update’s title, description, KB, update type (for example, a security update or service pack). For more information, see [\[MS-WSUSSS\]: Windows Update Services: Server-Server Protocol](https://go.microsoft.com/fwlink/p/?LinkId=526707).
+
 For more information about the CSPs, see [Update CSP](update-csp.md) and the update policy area of the [Policy CSP](policy-configuration-service-provider.md).
 
 The following diagram provides a conceptual overview of how this works:

windows/client-management/mdm/index.md

@@ -5,12 +5,12 @@ MS-HAID:
 - 'p\_phDeviceMgmt.provisioning\_and\_device\_management'
 - 'p\_phDeviceMgmt.mobile\_device\_management\_windows\_mdm'
 ms.assetid: 50ac90a7-713e-4487-9cb9-b6d6fdaa4e5b
-ms.author: maricia
+ms.author: jdecker
 ms.topic: article
 ms.prod: w10
 ms.technology: windows
-author: MariciaAlforque
-ms.date: 06/26/2017
+author: jdeckerms
+ms.date: 09/12/2018
 ---
 
 # Mobile device management
@@ -25,6 +25,12 @@ There are two parts to the Windows 10 management component:
 
 Third-party MDM servers can manage Windows 10 by using the MDM protocol. The built-in management client is able to communicate with a third-party server proxy that supports the protocols outlined in this document to perform enterprise management tasks. The third-party server will have the same consistent first-party user experience for enrollment, which also provides simplicity for Windows 10 users. MDM servers do not need to create or download a client to manage Windows 10. For details about the MDM protocols, see [\[MS-MDM\]: Mobile Device Management Protocol](https://go.microsoft.com/fwlink/p/?LinkId=619346) and [\[MS-MDE2\]: Mobile Device Enrollment Protocol Version 2]( http://go.microsoft.com/fwlink/p/?LinkId=619347).
 
+<span id="mmat" />
+## Learn about migrating to MDM
+
+When an organization wants to move to MDM to manage devices, they should prepare by analyzing their current Group Policy settings to see what they need to transition to MDM management. Microsoft created the [MDM Migration Analysis Tool](https://aka.ms/mmat/) (MMAT) to help. MMAT determines which Group Policies have been set for a target user or computer and then generates a report that lists the level of support for each policy settings in MDM equivalents. For more information, see [MMAT Instructions](https://github.com/WindowsDeviceManagement/MMAT/blob/master/MDM%20Migration%20Analysis%20Tool%20Instructions.pdf).
+
+
 ## Learn about device enrollment
 
 

windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md

@@ -1760,6 +1760,12 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
 
 ## Change history in MDM documentation
 
+### September 2018
+
+New or updated topic | Description
+--- | ---
+[Mobile device management](index.md#mmat) | Added information about the MDM Migration Analysis Tool (MMAT).
+
 ### August 2018
 
 <table class="mx-tdBreakAll">