From e9a0e94c20f951d0d74934945c31d5bdcc55aebc Mon Sep 17 00:00:00 2001
From: Michael Niehaus <niehaus@live.com>
Date: Tue, 16 Jun 2020 16:29:47 -0700
Subject: [PATCH] Update policy-conflicts.md

Adding an additional row for UAC settings.
---
 windows/deployment/windows-autopilot/policy-conflicts.md | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/windows/deployment/windows-autopilot/policy-conflicts.md b/windows/deployment/windows-autopilot/policy-conflicts.md
index 3fd528f206..cb76416553 100644
--- a/windows/deployment/windows-autopilot/policy-conflicts.md
+++ b/windows/deployment/windows-autopilot/policy-conflicts.md
@@ -28,8 +28,13 @@ There are a sigificant number of policy settings available for Windows 10, both
 <table>
 <th>Policy<th>More information
 
-<tr><td width="50%">Device restriction / <a href="https://docs.microsoft.com/partner-center/regional-authorization-overview">Password policy</a>
-<td>When certain <a href="https://docs.microsoft.com/windows/client-management/mdm/policy-csp-devicelock">DeviceLock policies</a>, such as minimum password length and password complexity, or any similar group policy settings, including any that disable auto-logon, are applied to a device, and that device reboots during the device Enrollment Status Page (ESP), the out-of-box experience or user desktop auto-logon could fail unexpectantly.
+<tr><td width="50%">Device restriction / <a href="https://docs.microsoft.com/windows/client-management/mdm/devicelock-csp">Password Policy</a></td>
+<td>When certain <a href="https://docs.microsoft.com/windows/client-management/mdm/policy-csp-devicelock">DeviceLock policies</a>, such as minimum password length and password complexity, or any similar group policy settings, including any that disable auto-logon, are applied to a device, and that device reboots during the device Enrollment Status Page (ESP), the out-of-box experience or user desktop auto-logon could fail unexpectantly.  This is especially true for kiosk scenarios where passwords are automatically generated.</td>
+
+<tr><td width="50%">Windows 10 Security Baseline / <a href="https://docs.microsoft.com/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions">Administrator elevation prompt behavior</a>
+<br>Windows 10 Security Baseline / <a href="https://docs.microsoft.com/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions">Require admin approval mode for administrators</a></td>
+<td>When modifying user account control (UAC) settings during the out-of-box experience (OOBE) using device Enrollment Status Page (ESP), additional UAC prompts may result, especially if the device reboots after these policies are applied enabling them to take effect.  To work around this issue, the policies can be targeted to users instead of devices so that they apply later in the process.</td>
+
 </table>
 
 ## Related topics

Policy	More information -
Device restriction / Password policy -	When certain DeviceLock policies, such as minimum password length and password complexity, or any similar group policy settings, including any that disable auto-logon, are applied to a device, and that device reboots during the device Enrollment Status Page (ESP), the out-of-box experience or user desktop auto-logon could fail unexpectantly. +
Device restriction / Password Policy	When certain DeviceLock policies, such as minimum password length and password complexity, or any similar group policy settings, including any that disable auto-logon, are applied to a device, and that device reboots during the device Enrollment Status Page (ESP), the out-of-box experience or user desktop auto-logon could fail unexpectantly. This is especially true for kiosk scenarios where passwords are automatically generated.
Windows 10 Security Baseline / Administrator elevation prompt behavior + Windows 10 Security Baseline / Require admin approval mode for administrators	When modifying user account control (UAC) settings during the out-of-box experience (OOBE) using device Enrollment Status Page (ESP), additional UAC prompts may result, especially if the device reboots after these policies are applied enabling them to take effect. To work around this issue, the policies can be targeted to users instead of devices so that they apply later in the process.