diff --git a/windows/keep-secure/change-history-for-keep-windows-10-secure.md b/windows/keep-secure/change-history-for-keep-windows-10-secure.md index 0233982505..d3d40d84ac 100644 --- a/windows/keep-secure/change-history-for-keep-windows-10-secure.md +++ b/windows/keep-secure/change-history-for-keep-windows-10-secure.md @@ -18,6 +18,7 @@ This topic lists new and updated topics in the [Keep Windows 10 secure](index.md |---------------------|------------| |[Mandatory tasks and settings required to turn on Windows Information Protection (WIP)](mandatory-settings-for-wip.md) |Updated based on Windows 10, version 1703. | |[Create a Windows Information Protection (WIP) policy using Microsoft Intune](create-wip-policy-using-intune.md) |Updated based on Windows 10, version 1703. | +|[Deploy your Windows Information Protection (WIP) policy using Microsoft Intune](deploy-wip-policy-using-intune.md) |Updated based on Windows 10, version 1703. |[Limitations while using Windows Information Protection (WIP)](limitations-with-wip.md) |Added additional limitations for Windows 10, version 1703. | |[Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate](create-and-verify-an-efs-dra-certificate.md)|Added content about recovering data from a cloud environment.| |[Protect derived domain credentials with Credential Guard](credential-guard.md) |Updated to include additional security qualifications starting with Window 10, version 1703.| diff --git a/windows/keep-secure/create-vpn-and-wip-policy-using-intune.md b/windows/keep-secure/create-vpn-and-wip-policy-using-intune.md index 64602d97ae..adb3636f89 100644 --- a/windows/keep-secure/create-vpn-and-wip-policy-using-intune.md +++ b/windows/keep-secure/create-vpn-and-wip-policy-using-intune.md @@ -14,8 +14,8 @@ localizationpriority: high # Create and deploy a VPN policy for Windows Information Protection (WIP) using Microsoft Intune **Applies to:** -- Windows 10, version 1607 -- Windows 10 Mobile +- Windows 10, version 1703 +- Windows 10 Mobile, version 1703 After you've created and deployed your Windows Information Protection (WIP) policy, you can use Microsoft Intune to create and deploy your Virtual Private Network (VPN) policy, linking it to your WIP policy. diff --git a/windows/keep-secure/deploy-wip-policy-using-intune.md b/windows/keep-secure/deploy-wip-policy-using-intune.md index c9977fec21..f32db084a6 100644 --- a/windows/keep-secure/deploy-wip-policy-using-intune.md +++ b/windows/keep-secure/deploy-wip-policy-using-intune.md @@ -14,30 +14,31 @@ localizationpriority: high # Deploy your Windows Information Protection (WIP) policy using Microsoft Intune **Applies to:** -- Windows 10, version 1607 -- Windows 10 Mobile +- Windows 10, version 1703 +- Windows 10 Mobile, version 1703 (except Microsoft Azure Rights Management, which is only available on the desktop) After you’ve created your Windows Information Protection (WIP) policy, you'll need to deploy it to your organization's enrolled devices. Enrollment can be done for business or personal devices, allowing the devices to use your managed apps and to sync with your managed content and information. **To deploy your WIP policy** -1. On the **Configuration policies** page, locate your newly-created policy, click to select it, and then click the **Manage Deployment** button. +1. On the **App policy** pane, click your newly-created policy, click **User groups** from the menu that appears, and then click **Add user group**. - ![Microsoft Intune: Click the Manage Deployment link from the Configuration Policies screen](images/intune-managedeployment.png) + A list of user groups, made up of all of the security groups in your Azure Active Directory, appear in the **Add user group** pane. -2. In the left pane of the **Manage Deployment** box, click the employees or groups that should get the policy, and then click **Add**.

-The added people move to the **Selected Groups** list on the right-hand pane. +2. Choose the group you want your policy to apply to, and then click **Select** to deploy the policy. - ![Microsoft Intune: Pick the group of employees that should get the policy](images/intune-groupselection.png) + The policy is deployed to the selected users' devices. -3. After you've picked all of the employees and groups that should get the policy, click **OK**.

-The policy is deployed to the selected users' devices. + ![Microsoft Intune: Pick your user groups that should get the policy when it's deployed](images/wip-azure-add-user-groups.png) >[!NOTE] >Help to make this topic better by providing us with edits, additions, and feedback. For info about how to contribute to this topic, see [Contributing to TechNet content](https://github.com/Microsoft/windows-itpro-docs/blob/master/CONTRIBUTING.md). ## Related topics - [Create a Windows Information Protection (WIP) policy using Microsoft Intune](create-wip-policy-using-intune.md) + - [Add apps to your Windows Information Protection (WIP) policy by using the Microsoft Intune custom URI functionality](add-apps-to-protected-list-using-custom-uri.md) + - [Create and deploy a VPN policy for Windows Information Protection (WIP) using Microsoft Intune](create-vpn-and-wip-policy-using-intune.md) + - [General guidance and best practices for Windows Information Protection (WIP)](guidance-and-best-practices-wip.md) \ No newline at end of file diff --git a/windows/keep-secure/images/wip-azure-add-user-groups.png b/windows/keep-secure/images/wip-azure-add-user-groups.png new file mode 100644 index 0000000000..ab17d13baf Binary files /dev/null and b/windows/keep-secure/images/wip-azure-add-user-groups.png differ