deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 14:27:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'main' of https://github.com/MicrosoftDocs/windows-docs-pr into wufbds-reorg-7512938

Browse Source
This commit is contained in:
Meghan Stewart 2023-02-02 11:58:25 -08:00
commit da177fb622
28 changed files with 280 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
.openpublishing.redirection.json
View File

@ -20449,6 +20449,71 @@
"source_path": "windows/security/identity-protection/hello-for-business/hello-event-300.md",
"redirect_url": "/windows/security/identity-protection/hello-for-business/hello-faq",
"redirect_document_id": false
},
{
"source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md",
"redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview",
"redirect_document_id": true
},
{
"source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-fu-end-user-exp.md",
"redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-end-user-exp",
"redirect_document_id": true
},
{
"source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-overview.md",
"redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview",
"redirect_document_id": true
},
{
"source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-end-user-exp.md",
"redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-end-user-exp",
"redirect_document_id": true
},
{
"source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-signals.md",
"redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-signals",
"redirect_document_id": true
},
{
"source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-communications.md",
"redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-communications",
"redirect_document_id": true
},
{
"source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-reports-overview.md",
"redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-reports-overview",
"redirect_document_id": true
},
{
"source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-summary-dashboard.md",
"redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-summary-dashboard",
"redirect_document_id": true
},
{
"source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-all-devices-report.md",
"redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-report",
"redirect_document_id": true
},
{
"source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-all-devices-historical-report.md",
"redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-historical-report",
"redirect_document_id": true
},
{
"source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-eligible-devices-historical-report.md",
"redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-eligible-devices-historical-report",
"redirect_document_id": true
},
{
"source_path": "windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-ineligible-devices-historical-report.md",
"redirect_url": "/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-ineligible-devices-historical-report",
"redirect_document_id": true
},
{
"source_path": "windows/deployment/windows-autopatch/references/windows-autopatch-wqu-unsupported-policies.md",
"redirect_url": "/windows/deployment/windows-autopatch/references/windows-autopatch-windows-update-unsupported-policies",
"redirect_document_id": true
}
]
}

3
windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
View File

@ -4,7 +4,7 @@ description: Learn about the policies in Policy CSP supported by Group Policy.
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa
ms.date: 01/18/2023
ms.date: 01/30/2023
ms.localizationpriority: medium
ms.prod: windows-client
ms.technology: itpro-manage
@ -642,6 +642,7 @@ This article lists the policies in Policy CSP that have a group policy mapping.
- [AllowCortanaInAAD](policy-csp-search.md)
- [AllowFindMyFiles](policy-csp-search.md)
- [AllowSearchHighlights](policy-csp-search.md)
- [ConfigureSearchOnTaskbarMode](policy-csp-search.md)
## Security

94
windows/client-management/mdm/policy-csp-search.md
View File

@ -4,7 +4,7 @@ description: Learn more about the Search Area in Policy CSP.
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa
ms.date: 01/09/2023
ms.date: 02/01/2023
ms.localizationpriority: medium
ms.prod: windows-client
ms.technology: itpro-manage
@ -16,6 +16,9 @@ ms.topic: reference
<!-- Search-Begin -->
# Policy CSP - Search
> [!IMPORTANT]
> This CSP contains preview policies that are under development and only applicable for [Windows Insider Preview builds](/windows-insider/). These policies are subject to change and may have dependencies on other features or services in preview.
<!-- Search-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- Search-Editable-End -->
@ -187,7 +190,7 @@ This policy controls whether the user can configure search to *Find My Files* mo
| Value | Description |
|:--|:--|
| 1 (Default) | Find My Files feature can be toggled (still off by default), and the settings UI is present. |
| 1 (Default) | , and the settings UI is present. |
| 0 | Find My Files feature is turned off completely, and the settings UI is disabled. |
<!-- AllowFindMyFiles-AllowedValues-End -->
@ -480,7 +483,7 @@ This policy has been deprecated.
This policy setting allows words that contain diacritic characters to be treated as separate words.
- If you enable this policy setting, words that only differ in diacritics are treated as different words.
- If you disable this policy setting, words with diacritics and words without diacritics are treated as identical words. This policy setting is not configured by default.
- If you do not configure this policy setting, the local setting, configured through Control Panel, will be used
- If you do not configure this policy setting, the local setting, configured through Control Panel, will be used.
> [!NOTE]
> By default, the Control Panel setting is set to treat words that differ only because of diacritics as the same word.
@ -639,6 +642,81 @@ The most restrictive value is `0` to now allow automatic language detection.
<!-- AlwaysUseAutoLangDetection-End -->
<!-- ConfigureSearchOnTaskbarMode-Begin -->
## ConfigureSearchOnTaskbarMode
<!-- ConfigureSearchOnTaskbarMode-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows Insider Preview |
<!-- ConfigureSearchOnTaskbarMode-Applicability-End -->
<!-- ConfigureSearchOnTaskbarMode-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/Search/ConfigureSearchOnTaskbarMode
```
<!-- ConfigureSearchOnTaskbarMode-OmaUri-End -->
<!-- ConfigureSearchOnTaskbarMode-Description-Begin -->
<!-- Description-Source-ADMX-Forced -->
This policy setting allows you to configure search on the taskbar.
- If you enable this policy setting and set it to hide, search on taskbar will be hidden by default. Users cannot change it in Settings.
- If you enable this policy setting and set it to search icon only, the search icon will be displayed on the taskbar by default. Users cannot change it in Settings.
- If you enable this policy setting and set it to search icon and label, the search icon and label will be displayed on the taskbar by default. Users cannot change it in Settings.
- If you enable this policy setting and set it to search box, the search box will be displayed on the taskbar by default. Users cannot change it in Settings.
- If you disable or do not configure this policy setting, search on taskbar will be configured according to the defaults for your Windows edition. Users will be able to change search on taskbar in Settings.
<!-- ConfigureSearchOnTaskbarMode-Description-End -->
<!-- ConfigureSearchOnTaskbarMode-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- ConfigureSearchOnTaskbarMode-Editable-End -->
<!-- ConfigureSearchOnTaskbarMode-DFProperties-Begin -->
**Description framework properties**:
| Property name | Property value |
|:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 3 |
<!-- ConfigureSearchOnTaskbarMode-DFProperties-End -->
<!-- ConfigureSearchOnTaskbarMode-AllowedValues-Begin -->
**Allowed values**:
| Value | Description |
|:--|:--|
| 0 | Hide. |
| 1 | Search icon only. |
| 2 | Search icon and label. |
| 3 (Default) | Search box. |
<!-- ConfigureSearchOnTaskbarMode-AllowedValues-End -->
<!-- ConfigureSearchOnTaskbarMode-GpMapping-Begin -->
**Group policy mapping**:
| Name | Value |
|:--|:--|
| Name | ConfigureSearchOnTaskbarMode |
| Friendly Name | Configures search on the taskbar |
| Element Name | Search on the taskbar |
| Location | Computer Configuration |
| Path | Windows Components > Search |
| Registry Key Name | Software\Policies\Microsoft\Windows\Windows Search |
| ADMX File Name | Search.admx |
<!-- ConfigureSearchOnTaskbarMode-GpMapping-End -->
<!-- ConfigureSearchOnTaskbarMode-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- ConfigureSearchOnTaskbarMode-Examples-End -->
<!-- ConfigureSearchOnTaskbarMode-End -->
<!-- DisableBackoff-Begin -->
## DisableBackoff
@ -775,7 +853,7 @@ This policy setting configures whether or not locations on removable drives can
<!-- DisableSearch-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 22H2 [10.0.22621] and later |
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows Insider Preview |
<!-- DisableSearch-Applicability-End -->
<!-- DisableSearch-OmaUri-Begin -->
@ -1031,13 +1109,10 @@ If enabled, clients will be unable to query this computer's index remotely. Thus
<!-- SafeSearchPermissions-Begin -->
## SafeSearchPermissions
> [!NOTE]
> This policy is deprecated and may be removed in a future release.
<!-- SafeSearchPermissions-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :x: Pro <br> :x: Enterprise <br> :x: Education <br> :x: Windows SE | :heavy_check_mark: Windows 10, version 1607 [10.0.14393] and later |
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1607 [10.0.14393] and later |
<!-- SafeSearchPermissions-Applicability-End -->
<!-- SafeSearchPermissions-OmaUri-Begin -->
@ -1047,8 +1122,7 @@ If enabled, clients will be unable to query this computer's index remotely. Thus
<!-- SafeSearchPermissions-OmaUri-End -->
<!-- SafeSearchPermissions-Description-Begin -->
<!-- Description-Source-DDF -->
This policy is deprecated.
<!-- Description-Source-Not-Found -->
<!-- SafeSearchPermissions-Description-End -->
<!-- SafeSearchPermissions-Editable-Begin -->

28
windows/deployment/windows-autopatch/TOC.yml
View File

@ -48,32 +48,32 @@
href:
items:
- name: Windows quality updates
href: operate/windows-autopatch-wqu-overview.md
href: operate/windows-autopatch-windows-quality-update-overview.md
items:
- name: Windows quality update end user experience
href: operate/windows-autopatch-wqu-end-user-exp.md
href: operate/windows-autopatch-windows-quality-update-end-user-exp.md
- name: Windows quality update signals
href: operate/windows-autopatch-wqu-signals.md
href: operate/windows-autopatch-windows-quality-update-signals.md
- name: Windows quality update communications
href: operate/windows-autopatch-windows-quality-update-communications.md
- name: Windows quality update reports
href: operate/windows-autopatch-wqu-reports-overview.md
href: operate/windows-autopatch-windows-quality-update-reports-overview.md
items:
- name: Summary dashboard
href: operate/windows-autopatch-wqu-summary-dashboard.md
href: operate/windows-autopatch-windows-quality-update-summary-dashboard.md
- name: All devices report
href: operate/windows-autopatch-wqu-all-devices-report.md
href: operate/windows-autopatch-windows-quality-update-all-devices-report.md
- name: All devices report—historical
href: operate/windows-autopatch-wqu-all-devices-historical-report.md
href: operate/windows-autopatch-windows-quality-update-all-devices-historical-report.md
- name: Eligible devices report—historical
href: operate/windows-autopatch-wqu-eligible-devices-historical-report.md
href: operate/windows-autopatch-windows-quality-update-eligible-devices-historical-report.md
- name: Ineligible devices report—historical
href: operate/windows-autopatch-wqu-ineligible-devices-historical-report.md
href: operate/windows-autopatch-windows-quality-update-ineligible-devices-historical-report.md
- name: Windows feature updates
href: operate/windows-autopatch-fu-overview.md
href: operate/windows-autopatch-windows-feature-update-overview.md
items:
- name: Windows feature update end user experience
href: operate/windows-autopatch-fu-end-user-exp.md
- name: Windows quality and feature update communications
href: operate/windows-autopatch-wqu-communications.md
href: operate/windows-autopatch-windows-feature-update-end-user-exp.md
- name: Microsoft 365 Apps for enterprise
href: operate/windows-autopatch-microsoft-365-apps-enterprise.md
- name: Microsoft Edge
@ -95,7 +95,7 @@
href:
items:
- name: Windows update policies
href: operate/windows-autopatch-wqu-unsupported-policies.md
href: references/windows-autopatch-windows-update-unsupported-policies.md
- name: Microsoft 365 Apps for enterprise update policies
href: references/windows-autopatch-microsoft-365-policies.md
- name: Changes made at tenant enrollment

4
windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
View File

@ -20,8 +20,8 @@ Before Microsoft can manage your devices in Windows Autopatch, you must have dev
Windows Autopatch can take over software update management control of devices that meet software-based prerequisites as soon as an IT admin decides to have their tenant managed by the service. The Windows Autopatch software update management scope includes the following software update workloads:
- [Windows quality updates](../operate/windows-autopatch-wqu-overview.md)
- [Windows feature updates](../operate/windows-autopatch-fu-overview.md)
- [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md)
- [Windows feature updates](../operate/windows-autopatch-windows-feature-update-overview.md)
- [Microsoft 365 Apps for enterprise updates](../operate/windows-autopatch-microsoft-365-apps-enterprise.md)
- [Microsoft Edge updates](../operate/windows-autopatch-edge.md)
- [Microsoft Teams updates](../operate/windows-autopatch-teams.md)

4
windows/deployment/windows-autopatch/operate/windows-autopatch-update-management.md
View File

@ -20,8 +20,8 @@ Keeping your devices up to date is a balance of speed and stability. Windows Aut
| Software update workload | Description |
| ----- | ----- |
| Windows quality update | Windows Autopatch uses four deployment rings to manage Windows quality updates. For more detailed information, see [Windows quality updates](../operate/windows-autopatch-wqu-overview.md). |
| Windows feature update | Windows Autopatch uses four deployment rings to manage Windows feature updates. For more detailed information, see [Windows feature updates](windows-autopatch-fu-overview.md).
| Windows quality update | Windows Autopatch uses four deployment rings to manage Windows quality updates. For more detailed information, see [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md). |
| Windows feature update | Windows Autopatch uses four deployment rings to manage Windows feature updates. For more detailed information, see [Windows feature updates](windows-autopatch-windows-feature-update-overview.md).
| Anti-virus definition | Updated with each scan. |
| Microsoft 365 Apps for enterprise | For more information, see [Microsoft 365 Apps for enterprise](windows-autopatch-microsoft-365-apps-enterprise.md). |
| Microsoft Edge | For more information, see [Microsoft Edge](../operate/windows-autopatch-edge.md). |

19
windows/deployment/windows-autopatch/operate/windows-autopatch-fu-end-user-exp.md → windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-end-user-exp.md
View File

@ -29,11 +29,11 @@ In this section we'll review what an end user would see in the following three s
### Typical update experience
In this example, we'll be discussing a device in the First ring. The Autopatch service updates the First rings DSS policy to target the next version of Windows 30 days after the start of the release. When the policy is applied to the device, the device will download the update, and notify end users that the new version of Windows is ready to install. The end user can either:
In this example, we'll be discussing a device in the First ring. When the policy is applied to the device, the device will download the update, and notify end users that the new version of Windows is ready to install. The end user can either:
1. Restart immediately to install the updates
1. Schedule the installation, or
1. Snooze (the device will attempt to install outside of active hours.)
1. Restart immediately to install the updates.
2. Schedule the installation.
3. Snooze (the device will attempt to install outside of active hours).
In the following example, the user schedules the restart and is notified 15 minutes prior to the scheduled restart time. The user can reschedule, if necessary, but isn't able to reschedule past the deadline.
@ -51,7 +51,16 @@ The deadline specified in the update policy is five days. Therefore, once this d
In the following example, the user is on holiday and the device is offline beyond the feature update deadline. The user then returns to work and the device is turned back on.
Since the deadline has already passed, the device is granted a two-day grace period to install the update and restart. The user will be notified of a pending installation and given options to choose from. Once the two-day grace period has expired, the user is forced to restart with a 15-minute warning notification.
The grace period to install the update and restart depends on the deployment ring the device is assigned to:
| Deployment ring | Grace period (in days) |
| ----- | ----- |
| Test | Zero days |
| First | Two days |
| Fast | Two days |
| Broad | Two days |
The user will be notified of a pending installation and given options to choose from. Once the grace period has expired, the user is forced to restart with a 15-minute warning notification.
:::image type="content" source="../media/windows-feature-update-grace-period.png" alt-text="Windows feature update grace period" lightbox="../media/windows-feature-update-grace-period.png":::

25
windows/deployment/windows-autopatch/operate/windows-autopatch-fu-overview.md → windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
View File

@ -14,22 +14,21 @@ msreviewer: andredm7
# Windows feature updates
Microsoft provides robust modern device management (MDM) solutions such as Microsoft Intune, Windows Update for Business, Configuration Manager etc. However, the administration of these solutions to keep Windows devices up to date with the latest Windows feature releases rests on your organizations IT admins. The Windows feature update process is considered one of the most expensive and fundamental tasks by IT organizations because Windows feature updates provide:
Microsoft provides robust mobile device management (MDM) solutions such as Microsoft Intune, Windows Update for Business, Configuration Manager etc. However, the administration of these solutions to keep Windows devices up to date with the latest Windows feature releases rests on your organizations IT admins. The Windows feature update process is considered one of the most expensive and time consuming tasks for IT since it requires incremental rollout and validation. Windows feature updates:
- Fixes for security vulnerabilities and known bugs to keep Windows devices protected against advanced malicious attacks.
- New features to boost end-user productivity.
- Keep Windows devices protected against behavioral issues.
- Provide new features to boost end-user productivity.
Windows Autopatch makes it easier and less expensive for you to keep your Windows devicesup to date so you can focus on running your corebusinesses while Windows Autopatch runs update management on your behalf.
## Enforcing a minimum Windows OS version
Once devices are registered with Windows Autopatch, theyre assigned to deployment rings. Each deployment ring has its Windows feature update policy assigned to them.
Once devices are registered with Windows Autopatch, theyre assigned to deployment rings. Each of the four deployment rings have its Windows feature update policy assigned to them. This is intended to minimize unexpected Windows OS upgrades once new devices register with the service.
The policies:
- Contain the minimum Windows 10 version being currently serviced by the [Windows servicing channels](/windows/release-health/release-information?msclkid=ee885719baa511ecb838e1a689da96d2). The current minimum OS version is **Windows 10 20H2**.
- Set a bare minimum Windows OS version required by the service once devices are registered with the service.
- Minimize unexpected Windows OS upgrades once new devices register with Windows Autopatch.
If a device is registered with Windows Autopatch, and the device is:
@ -50,19 +49,25 @@ If your tenant is enrolled with Windows Autopatch, you can see the following pol
> [!IMPORTANT]
> If youre ahead of the current minimum OS version enforced by Windows Autopatch in your organization, you can [edit Windows Autopatchs default Windows feature update policy and select your desired targeted version](/mem/intune/protect/windows-10-feature-updates#create-and-assign-feature-updates-for-windows-10-and-later-policy).
> [!NOTE]
> The four minimum Windows 10 OS version feature update policies were introduced in Windows Autopatch in the 2212 release milestone. Its creation automatically unassigns the previous four feature update policies targeting Windows 10 21H2 from all four Windows Autopatch deployment rings:<ul><li>**Modern Workplace DSS Policy [Test]**</li><li>**Modern Workplace DSS Policy [First]**</li><li>**Modern Workplace DSS Policy [Fast]**</li><li>**Modern Workplace DSS Policy [Broad]**</li><p>Since the new Windows feature update policies that set the minimum Windows 10 OS version are already in place, the Modern Workplace DSS policies can be safely removed from your tenant.</p>
## Test Windows 11 feature updates
You can test Windows 11 deployments by adding devices either through direct membership or by bulk importing them into the Modern Workplace - Windows 11 Pre-Release Test Devices Azure AD group. Theres a separate Windows feature update policy (**Modern Workplace DSS Policy [Windows 11]**) targeted to this Azure AD group, and its configuration is set as follows:
You can test Windows 11 deployments by adding devices either through direct membership or by bulk importing them into the **Modern Workplace - Windows 11 Pre-Release Test Devices** Azure AD group. Theres a separate Windows feature update policy (**Modern Workplace DSS Policy [Windows 11]**) targeted to this Azure AD group, and its configuration is set as follows:
| Policy name | Feature update version | Rollout options | First deployment ring availability | Final deployment ring availability | Day between deployment rings | Support end date |
| ----- | ----- | ----- | ----- | ----- | ----- | ----- |
| Modern Workplace DSS Policy [Windows 11] | Windows 11 22H2 | Make update available as soon as possible | N/A | N/A | N/A | 10/13/2025, 7:00PM |
> [!IMPORTANT]
> Windows Autopatch neither applies its deployment ring distribution, nor configures the [Windows Update for Business gradual rollout settings](/mem/intune/protect/windows-update-rollout-options) in the **Modern Workplace DSS Policy [Windows 11]** policy.<p>Once devices are added to the **Modern Workplace - Windows 11 Pre-Release Test Devices** Azure AD group, the devices can be offered the Windows 11 22H2 feature update at the same time.</p>
## Manage Windows feature update deployments
Windows Autopatch uses Microsoft Intunes built-in solution, which uses configuration service providers (CSPs), for pausing and resuming both [Windows quality](windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release) and feature updates.
Windows Autopatch uses Microsoft Intunes built-in solution, which uses configuration service providers (CSPs), for pausing and resuming both [Windows quality](windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release).
Windows Autopatch provides a permanent pause of a Windows feature update deployment. The Windows Autopatch service automatically extends the 35 day pause limit (permanent pause) established by Microsoft Intune on your behalf. The deployment remains permanently paused until you decide to resume it.
Windows Autopatch provides a permanent pause of a Windows feature update deployment. The Windows Autopatch service automatically extends the 35-day pause limit (permanent pause) established by Microsoft Intune on your behalf. The deployment remains permanently paused until you decide to resume it.
## Pausing and resuming a release
@ -79,14 +84,14 @@ Windows Autopatch provides a permanent pause of a Windows feature update deploym
9. Select **Okay**.
> [!NOTE]
> Pausing an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch uses Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
> Pausing or resuming an update can take up to eight hours to be applied to devices. This happens because Windows Autopatch uses Microsoft Intune as its management solution, and that's the average frequency devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.<p>For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).</p>
## Rollback
Windows Autopatch doesnt support the rollback of Windows Feature updates.
> [!CAUTION]
> Its not recommended to use [Microsoft Intunes capabilities](/mem/intune/protect/windows-10-update-rings#manage-your-windows-update-rings) to pause and rollback a Windows feature update. However, if you choose to pause, resume and/or roll back from Intune, Windows Autopatch is **not** responsible for any problems that arise from rolling back the feature update.
> Its not recommended to use [Microsoft Intunes capabilities](/mem/intune/protect/windows-10-update-rings#manage-your-windows-update-rings) to pause and rollback a Windows feature update. However, if you choose to pause, resume and/or roll back from Intune, Windows Autopatch is **not** responsible for any problems that arise from rolling back the Windows feature update.
## Contact support

2
windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-all-devices-historical-report.md → windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-historical-report.md
View File

@ -37,4 +37,4 @@ The following options are available:
| Export | Select **Export devices** at the top of the page to export data from this report into a CSV file. |
| Filter | Select either the **Update status** or **Deployment rings** filters at the top of the report to filter the results. Then, select **Generate trend**. |
For a description of the displayed device status trends, see [Windows quality update statuses](windows-autopatch-wqu-reports-overview.md#windows-quality-update-statuses).
For a description of the displayed device status trends, see [Windows quality update statuses](windows-autopatch-windows-quality-update-reports-overview.md#windows-quality-update-statuses).

4
windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-all-devices-report.md → windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-all-devices-report.md
View File

@ -38,8 +38,8 @@ The following information is available in the All devices report:
| Azure Active Directory (AD) device ID | The current Azure AD recorded device ID for the device. |
| Serial number | The current Intune recorded serial number for the device. |
| Deployment ring | The currently assigned Windows Autopatch deployment ring for the device. |
| Update status | The current update status for the device (see [Windows quality update statuses](windows-autopatch-wqu-reports-overview.md#windows-quality-update-statuses)). |
| Update sub status | The current update sub status for the device (see [Windows quality update statuses](windows-autopatch-wqu-reports-overview.md#windows-quality-update-statuses)) |
| Update status | The current update status for the device (see [Windows quality update statuses](windows-autopatch-windows-quality-update-reports-overview.md#windows-quality-update-statuses)). |
| Update sub status | The current update sub status for the device (see [Windows quality update statuses](windows-autopatch-windows-quality-update-reports-overview.md#windows-quality-update-statuses)) |
| OS version | The current version of Windows installed on the device. |
| OS revision | The current revision of Windows installed on the device. |
| Intune last check in time | The last time the device checked in to Intune. |

12
windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-communications.md → windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-communications.md
View File

@ -1,5 +1,5 @@
---
title: Windows quality and feature update communications
title: Windows quality update communications
description: This article explains Windows quality update communications
ms.date: 05/30/2022
ms.prod: windows-client
@ -12,7 +12,7 @@ manager: dougeby
msreviewer: hathind
---
# Windows quality and feature update communications
# Windows quality update communications
There are three categories of communication that are sent out during a Windows quality and feature update:
@ -20,7 +20,11 @@ There are three categories of communication that are sent out during a Windows q
- [Communications during release](#communications-during-release)
- [Incident communications](#incident-communications)
Communications are posted to Message center, Service health dashboard, and the Windows Autopatch messages section of the Microsoft Endpoint Manager admin center as appropriate for the type of communication.
Communications are posted to, as appropriate for the type of communication, to the:
- Message center
- Service health dashboard
- Windows Autopatch messages section of the Microsoft Endpoint Manager admin center
:::image type="content" source="../media/update-communications.png" alt-text="Update communications timeline" lightbox="../media/update-communications.png":::
@ -42,4 +46,4 @@ For example, new threat intelligence may require us to expedite a release, or we
## Incident communications
Despite the best intentions, every service should plan for failure and success. When there's an incident, timely and transparent communication is key to building and maintaining your trust. If insufficient numbers of devices have been updated to meet the service level objective, devices will experience an interruption to productivity and an incident will be raised. Microsoft will update the status of the incident at least once every 24 hours.
Despite the best intentions, every service should plan for failure and success. When there's an incident, timely and transparent communication is key to building and maintaining your trust. If insufficient numbers of devices have been updated to meet the service level objective, devices will experience an interruption to productivity, and an incident will be raised. Microsoft will update the status of the incident at least once every 24 hours.

2
windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-eligible-devices-historical-report.md → windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-eligible-devices-historical-report.md
View File

@ -37,4 +37,4 @@ The following options are available:
| Export | Select **Export devices** at the top of the page to export data from this report into a CSV file. |
| Filter | Select either the **Update status** or **Deployment rings** filters at the top of the report to filter the results. Then, select **Generate trend**. |
For a description of the displayed device status trends, see [Windows quality update statuses](windows-autopatch-wqu-reports-overview.md#windows-quality-update-statuses).
For a description of the displayed device status trends, see [Windows quality update statuses](windows-autopatch-windows-quality-update-reports-overview.md#windows-quality-update-statuses).

0
windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-end-user-exp.md → windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-end-user-exp.md
View File

2
windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-ineligible-devices-historical-report.md → windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-ineligible-devices-historical-report.md
View File

@ -40,4 +40,4 @@ The following options are available:
| Export | Select **Export devices** at the top of the page to export data from this report into a CSV file. |
| Filter | Select either the **Update status** or **Deployment rings** filters at the top of the report to filter the results. Then, select **Generate trend**. |
For a description of the displayed device status trends, see [Windows quality update statuses](windows-autopatch-wqu-reports-overview.md#windows-quality-update-statuses).
For a description of the displayed device status trends, see [Windows quality update statuses](windows-autopatch-windows-quality-update-reports-overview.md#windows-quality-update-statuses).

8
windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-overview.md → windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
View File

@ -30,8 +30,8 @@ For a device to be eligible for Windows quality updates as a part of Windows Aut
| Deployed | Windows Autopatch doesn't update devices that haven't yet been deployed. |
| Internet connectivity | Devices must have a steady internet connection, and access to Windows [update endpoints](../prepare/windows-autopatch-configure-network.md). |
| Windows edition | Devices must be on a Windows edition supported by Windows Autopatch. For more information, see [Prerequisites](../prepare/windows-autopatch-prerequisites.md). |
| Mobile device management (MDM) policy conflict | Devices must not have deployed any policies that would prevent device management. For more information, see [Conflicting and unsupported policies](../operate/windows-autopatch-wqu-unsupported-policies.md). |
| Group policy conflict | Devices must not have group policies deployed which would prevent device management. For more information, see [Group policy](windows-autopatch-wqu-unsupported-policies.md#group-policy-and-other-policy-managers) |
| Mobile device management (MDM) policy conflict | Devices must not have deployed any policies that would prevent device management. For more information, see [Conflicting and unsupported policies](../references/windows-autopatch-windows-update-unsupported-policies.md). |
| Group policy conflict | Devices must not have group policies deployed which would prevent device management. For more information, see [Group policy](../references/windows-autopatch-windows-update-unsupported-policies.md#group-policy-and-other-policy-managers) |
## Windows quality update releases
@ -108,7 +108,7 @@ Windows Autopatch schedules and deploys required Out of Band (OOB) updates relea
### Pausing and resuming a release
If Windows Autopatch detects a [significant issue with a release](../operate/windows-autopatch-wqu-signals.md), we may decide to pause that release.
If Windows Autopatch detects a [significant issue with a release](../operate/windows-autopatch-windows-quality-update-signals.md), we may decide to pause that release.
In the [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) > **Release management** > in the **Release schedule** tab, you can pause or resume a Windows quality update.
@ -121,4 +121,4 @@ There are two statuses associated with paused quality updates, **Service Paused*
## Remediating Ineligible and/or Not up to Date devices
To ensure your devices receive Windows quality updates, Windows Autopatch provides information on how you can remediate [Ineligible Devices (Customer Actions)](../operate/windows-autopatch-wqu-reports-overview.md#ineligible-devices-customer-action). In addition, the Windows Autopatch service may remediate [Not up to Date devices](../operate/windows-autopatch-wqu-reports-overview.md#not-up-to-date-microsoft-action) to bring them back into compliance.
To ensure your devices receive Windows quality updates, Windows Autopatch provides information on how you can remediate [Ineligible Devices (Customer Actions)](../operate/windows-autopatch-windows-quality-update-reports-overview.md#ineligible-devices-customer-action). In addition, the Windows Autopatch service may remediate [Not up to Date devices](../operate/windows-autopatch-windows-quality-update-reports-overview.md#not-up-to-date-microsoft-action) to bring them back into compliance.

14
windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-reports-overview.md → windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-reports-overview.md
View File

@ -26,8 +26,8 @@ The report types are organized into the following focus areas:
| Focus area | Description |
| ----- | ----- |
| Operational detail | <ul><li>[Summary dashboard](windows-autopatch-wqu-summary-dashboard.md): Provides the current update status summary for all devices.</li><li>[All devices report](windows-autopatch-wqu-all-devices-report.md): Provides the current update status of all devices at the device level.</li></ul> |
| Device trends | <ul><li>[All devices report historical](windows-autopatch-wqu-all-devices-historical-report.md): Provides the update status trend of all devices over the last 90 days.</li><li>[Eligible devices report historical](windows-autopatch-wqu-eligible-devices-historical-report.md): Provides the update status trend of all eligible devices to receive quality updates over the last 90 days.</li><li>[Ineligible devices report historical](windows-autopatch-wqu-ineligible-devices-historical-report.md): Provides a trending view of why ineligible devices havent received quality updates over the last 90 days.</li></ul> |
| Operational detail | <ul><li>[Summary dashboard](windows-autopatch-windows-quality-update-summary-dashboard.md): Provides the current update status summary for all devices.</li><li>[All devices report](windows-autopatch-windows-quality-update-all-devices-report.md): Provides the current update status of all devices at the device level.</li></ul> |
| Device trends | <ul><li>[All devices report historical](windows-autopatch-windows-quality-update-all-devices-historical-report.md): Provides the update status trend of all devices over the last 90 days.</li><li>[Eligible devices report historical](windows-autopatch-windows-quality-update-eligible-devices-historical-report.md): Provides the update status trend of all eligible devices to receive quality updates over the last 90 days.</li><li>[Ineligible devices report historical](windows-autopatch-windows-quality-update-ineligible-devices-historical-report.md): Provides a trending view of why ineligible devices havent received quality updates over the last 90 days.</li></ul> |
## Who can access the reports?
@ -57,16 +57,16 @@ Healthy devices are devices that meet all of the following prerequisites:
- [Prerequisites](../prepare/windows-autopatch-prerequisites.md)
- [Prerequisites for device registration](../deploy/windows-autopatch-register-devices.md#prerequisites-for-device-registration)
- [Windows quality update device eligibility](../operate/windows-autopatch-wqu-overview.md#device-eligibility)
- [Windows quality update device eligibility](../operate/windows-autopatch-windows-quality-update-overview.md#device-eligibility)
> [!NOTE]
> Healthy devices will remain with the **In Progress** status for the 21-day service level objective period. Devices which are **Paused** are also considered healthy.
| Sub status | Description |
| ----- | ----- |
| Up to Date | Devices are up to date with the latest quality update deployed through the [Windows Autopatch release schedule](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases). |
| In Progress | Devices are currently installing the latest quality update deployed through the [Windows Autopatch release schedule](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases). |
| Paused | Devices that are currently paused due to a Windows Autopatch or customer-initiated Release Management pause. For more information, see [Pausing and resuming a release](../operate/windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release). |
| Up to Date | Devices are up to date with the latest quality update deployed through the [Windows Autopatch release schedule](../operate/windows-autopatch-windows-quality-update-overview.md#windows-quality-update-releases). |
| In Progress | Devices are currently installing the latest quality update deployed through the [Windows Autopatch release schedule](../operate/windows-autopatch-windows-quality-update-overview.md#windows-quality-update-releases). |
| Paused | Devices that are currently paused due to a Windows Autopatch or customer-initiated Release Management pause. For more information, see [Pausing and resuming a release](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release). |
### Not Up to Date (Microsoft Action)
@ -76,7 +76,7 @@ Not Up to Date means a device isnt up to date when the:
- Device is more than 21 days overdue from the last release.
> [!NOTE]
> Microsoft Action refers to the responsibility of the Windows Autopatch Service Engineering Team to carry out the appropriate action to resolve the reported device state. Windows Autopatch aims to keep at least [95% of eligible devices on the latest Windows quality update 21 days after release](../operate/windows-autopatch-wqu-overview.md#service-level-objective).
> Microsoft Action refers to the responsibility of the Windows Autopatch Service Engineering Team to carry out the appropriate action to resolve the reported device state. Windows Autopatch aims to keep at least [95% of eligible devices on the latest Windows quality update 21 days after release](../operate/windows-autopatch-windows-quality-update-overview.md#service-level-objective).
| Sub status | Description |
| ----- | ----- |

4
windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-signals.md → windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-signals.md
View File

@ -24,7 +24,7 @@ Before being released to the Test ring, Windows Autopatch reviews several data s
| Pre-release signal | Description |
| ----- | ----- |
| Windows Payload Review | The contents of the B release are reviewed to help focus your update testing on areas that have changed. If any relevant changes are detected, a [customer advisory](../operate/windows-autopatch-wqu-communications.md#communications-during-release) will be sent out. |
| Windows Payload Review | The contents of the B release are reviewed to help focus your update testing on areas that have changed. If any relevant changes are detected, a [customer advisory](../operate/windows-autopatch-windows-quality-update-communications.md#communications-during-release) will be sent out. |
| C-Release Review - Internal Signals | Windows Autopatch reviews active incidents associated with the previous C release to understand potential risks in the B release. |
| C-Release Review - Social Signals | Windows Autopatch monitors social signals to better understand potential risks associated with the B release. |
@ -56,4 +56,4 @@ Autopatch monitors the following reliability signals:
| Microsoft Edge reliability | Tracks the number of Microsoft Edge crashes and freezes per device. |
| Microsoft Teams reliability | Tracks the number of Microsoft Teams crashes and freezes per device. |
When the update is released to the First ring, the service crosses the 500 device threshold. Therefore, Autopatch can to detect regressions, which are common to all customers. At this point in the release, we'll decide if we need to change the release schedule or pause for all customers.
When the update is released to the First ring, the service crosses the 500 device threshold. Therefore, Autopatch can detect regressions that are common to all customers. At this point in the release, we'll decide if we need to change the release schedule or pause for all customers.

2
windows/deployment/windows-autopatch/operate/windows-autopatch-wqu-summary-dashboard.md → windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-summary-dashboard.md
View File

@ -32,7 +32,7 @@ The following information is available in the Summary dashboard:
| Column name | Description |
| ----- | ----- |
| Windows quality update status | The device update state. For more information, see [Windows quality update status](windows-autopatch-wqu-reports-overview.md#windows-quality-update-statuses). |
| Windows quality update status | The device update state. For more information, see [Windows quality update status](windows-autopatch-windows-quality-update-reports-overview.md#windows-quality-update-statuses). |
| Devices | The number of devices showing as applicable for the state. |
## Report options

10
windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
View File

@ -92,26 +92,26 @@ sections:
- question: What happens if there's an issue with an update?
answer: |
Autopatch relies on the following capabilities to help resolve update issues:
- Pausing and resuming: If Windows Autopatch detects an issue with a Windows quality release, we may decide that it's necessary to pause that release. Once the issue is resolved, the release will be resumed. For more information, see [Pausing and resuming a Windows quality release](../operate/windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release).
- Pausing and resuming: If Windows Autopatch detects an issue with a Windows quality release, we may decide that it's necessary to pause that release. Once the issue is resolved, the release will be resumed. For more information, see [Pausing and resuming a Windows quality release](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release).
- Rollback: If Windows Autopatch detects issues between versions of Microsoft 365 Apps for enterprise, we might force all devices to roll back to the previous version. For more information, see [Update controls for Microsoft 365 Apps for enterprise](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#update-controls).
- question: Can I permanently pause a Windows feature update deployment?
answer: |
Yes. Windows Autopatch provides a [permanent pause of either a feature update deployment](../operate/windows-autopatch-fu-overview.md#pausing-and-resuming-a-release).
Yes. Windows Autopatch provides a [permanent pause of either a feature update deployment](../operate/windows-autopatch-windows-feature-update-overview.md#pausing-and-resuming-a-release).
- question: Will Windows quality updates be released more quickly after vulnerabilities are identified, or what is the regular cadence of updates?
answer: |
For zero-day threats, Autopatch will have an [expedited release cadence](../operate/windows-autopatch-wqu-overview.md#expedited-releases). For normal updates Autopatch, uses a [regular release cadence](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases) starting with devices in the Test ring and completing with general rollout to the Broad ring.
For zero-day threats, Autopatch will have an [expedited release cadence](../operate/windows-autopatch-windows-quality-update-overview.md#expedited-releases). For normal updates Autopatch, uses a [regular release cadence](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases) starting with devices in the Test ring and completing with general rollout to the Broad ring.
- question: Can customers configure when to move to the next ring or is it controlled by Windows Autopatch?
answer: |
The decision of when to move to the next ring is handled by Windows Autopatch; it isn't customer configurable.
- question: Can you customize the scheduling of an update rollout to only install on certain days and times?
answer: |
No, you can't customize update scheduling. However, you can specify [active hours](../operate/windows-autopatch-wqu-end-user-exp.md#servicing-window) to prevent users from updating during business hours.
No, you can't customize update scheduling. However, you can specify [active hours](../operate/windows-autopatch-windows-quality-update-end-user-exp.md#servicing-window) to prevent users from updating during business hours.
- question: Does Autopatch support include and exclude groups, or dynamic groups to define deployment ring membership?
answer: |
Windows Autopatch doesn't support managing update deployment ring membership using your Azure AD groups. For more information, see [Moving devices in between deployment rings](../operate/windows-autopatch-update-management.md#moving-devices-in-between-deployment-rings).
- question: Does Autopatch have two release cadences per update or are there two release cadences per-ring?
answer: |
The release cadences are defined based on the update type. For example, a [regular cadence](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases) (for a Windows quality update would be a gradual rollout from the Test ring to the Broad ring over 14 days whereas an [expedited release](../operate/windows-autopatch-wqu-overview.md#expedited-releases) would roll out more rapidly.
The release cadences are defined based on the update type. For example, a [regular cadence](../operate/windows-autopatch-windows-quality-update-overview.md#windows-quality-update-releases) (for a Windows quality update would be a gradual rollout from the Test ring to the Broad ring over 14 days whereas an [expedited release](../operate/windows-autopatch-windows-quality-update-overview.md#expedited-releases) would roll out more rapidly.
- name: Support
questions:
- question: What support is available for customers who need help with onboarding to Windows Autopatch?

6
windows/deployment/windows-autopatch/overview/windows-autopatch-overview.md
View File

@ -37,8 +37,8 @@ The goal of Windows Autopatch is to deliver software updates to registered devic
| Management area | Service level objective |
| ----- | ----- |
| [Windows quality updates](../operate/windows-autopatch-wqu-overview.md) | Windows Autopatch aims to keep at least 95% of eligible devices on the latest Windows quality update 21 days after release. |
| [Windows feature updates](../operate/windows-autopatch-fu-overview.md) | Windows Autopatch aims to keep at least 99% of eligible devices on a supported version of Windows so that they can continue receiving Windows feature updates. |
| [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) | Windows Autopatch aims to keep at least 95% of eligible devices on the latest Windows quality update 21 days after release. |
| [Windows feature updates](../operate/windows-autopatch-windows-feature-update-overview.md) | Windows Autopatch aims to keep at least 99% of eligible devices on a supported version of Windows so that they can continue receiving Windows feature updates. |
| [Microsoft 365 Apps for enterprise](../operate/windows-autopatch-microsoft-365-apps-enterprise.md) | Windows Autopatch aims to keep at least 90% of eligible devices on a supported version of the Monthly Enterprise Channel (MEC). |
| [Microsoft Edge](../operate/windows-autopatch-edge.md) | Windows Autopatch configures eligible devices to benefit from Microsoft Edge's progressive rollouts on the Stable channel. |
| [Microsoft Teams](../operate/windows-autopatch-teams.md) | Windows Autopatch allows eligible devices to benefit from the standard automatic update channel. |
@ -64,7 +64,7 @@ Microsoft remains committed to the security of your data and the [accessibility]
| Prepare | The following articles describe the mandatory steps to prepare and enroll your tenant into Windows Autopatch:<ul><li>[Prerequisites](../prepare/windows-autopatch-prerequisites.md)</li><li>[Configure your network](../prepare/windows-autopatch-configure-network.md)</li><li>[Enroll your tenant](../prepare/windows-autopatch-enroll-tenant.md)</li><li>[Fix issues found by the Readiness assessment tool](../prepare/windows-autopatch-fix-issues.md)</li></ul> |
| Deploy | Once you've enrolled your tenant, this section instructs you to:<ul><li>[Add and verify admin contacts](../deploy/windows-autopatch-admin-contacts.md)</li><li>[Register your devices](../deploy/windows-autopatch-register-devices.md)</li></ul> |
| Operate | This section includes the following information about your day-to-day life with the service:<ul><li>[Update management](../operate/windows-autopatch-update-management.md)</li><li>[Maintain your Windows Autopatch environment](../operate/windows-autopatch-maintain-environment.md)</li><li>[Submit a support request](../operate/windows-autopatch-support-request.md)</li><li>[Deregister a device](../operate/windows-autopatch-deregister-devices.md)</li></ul>
| References | This section includes the following articles:<ul><li>[Windows update policies](../operate/windows-autopatch-wqu-unsupported-policies.md)</li><li>[Microsoft 365 Apps for enterprise update policies](../references/windows-autopatch-microsoft-365-policies.md)</li><li>[Privacy](../references/windows-autopatch-privacy.md)</li><li>[Windows Autopatch Preview Addendum](../references/windows-autopatch-preview-addendum.md)</li></ul> |
| References | This section includes the following articles:<ul><li>[Windows update policies](../references/windows-autopatch-windows-update-unsupported-policies.md)</li><li>[Microsoft 365 Apps for enterprise update policies](../references/windows-autopatch-microsoft-365-policies.md)</li><li>[Privacy](../references/windows-autopatch-privacy.md)</li><li>[Windows Autopatch Preview Addendum](../references/windows-autopatch-preview-addendum.md)</li></ul> |
### Have feedback or would like to start a discussion?

34
windows/deployment/windows-autopatch/overview/windows-autopatch-roles-responsibilities.md
View File

@ -28,7 +28,7 @@ This article outlines your responsibilities and Windows Autopatch's responsibili
| [Review the service data platform and privacy compliance details](../references/windows-autopatch-privacy.md) | :heavy_check_mark: | :x: |
| Ensure device [prerequisites](../prepare/windows-autopatch-prerequisites.md) are met and in place prior to enrollment | :heavy_check_mark: | :x: |
| Ensure [infrastructure and environment prerequisites](../prepare/windows-autopatch-configure-network.md) are met and in place prior to enrollment | :heavy_check_mark: | :x: |
| Prepare to remove your devices from existing unsupported [Windows update](../references/windows-autopatch-wqu-unsupported-policies.md) and [Microsoft 365](../references/windows-autopatch-microsoft-365-policies.md) policies | :heavy_check_mark: | :x: |
| Prepare to remove your devices from existing unsupported [Windows update](../references/windows-autopatch-windows-update-unsupported-policies.md) and [Microsoft 365](../references/windows-autopatch-microsoft-365-policies.md) policies | :heavy_check_mark: | :x: |
| [Configure required network endpoints](../prepare/windows-autopatch-configure-network.md#required-microsoft-product-endpoints) | :heavy_check_mark: | :x: |
| [Fix issues identified by the Readiness assessment tool](../prepare/windows-autopatch-fix-issues.md) | :heavy_check_mark: | :x: |
| [Enroll tenant into the Windows Autopatch service](../prepare/windows-autopatch-enroll-tenant.md) | :heavy_check_mark: | :x: |
@ -40,8 +40,8 @@ This article outlines your responsibilities and Windows Autopatch's responsibili
| ----- | :-----: | :-----: |
| [Add and verify admin contacts](../deploy/windows-autopatch-admin-contacts.md) in Microsoft Endpoint Manager | :heavy_check_mark: | :x: |
| [Deploy and configure Windows Autopatch service configuration](../references/windows-autopatch-changes-to-tenant.md) | :x: | :heavy_check_mark: |
| Educate users on the Windows Autopatch end user update experience<ul><li>[Windows quality update end user experience](../operate/windows-autopatch-wqu-end-user-exp.md)</li><li>[Windows feature update end user experience](../operate/windows-autopatch-fu-end-user-exp.md)</li><li>[Microsoft 365 Apps for enterprise end user experience](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#end-user-experience)</li><li>[Microsoft Teams end user experience](../operate/windows-autopatch-teams.md#end-user-experience)</li></ul> | :heavy_check_mark: | :x: |
| Remove your devices from existing unsupported [Windows update](../references/windows-autopatch-wqu-unsupported-policies.md) and [Microsoft 365](../references/windows-autopatch-microsoft-365-policies.md) policies | :heavy_check_mark: | :x: |
| Educate users on the Windows Autopatch end user update experience<ul><li>[Windows quality update end user experience](../operate/windows-autopatch-windows-quality-update-end-user-exp.md)</li><li>[Windows feature update end user experience](../operate/windows-autopatch-windows-feature-update-end-user-exp.md)</li><li>[Microsoft 365 Apps for enterprise end user experience](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#end-user-experience)</li><li>[Microsoft Teams end user experience](../operate/windows-autopatch-teams.md#end-user-experience)</li></ul> | :heavy_check_mark: | :x: |
| Remove your devices from existing unsupported [Windows update](../references/windows-autopatch-windows-update-unsupported-policies.md) and [Microsoft 365](../references/windows-autopatch-microsoft-365-policies.md) policies | :heavy_check_mark: | :x: |
| [Register devices/add devices to the Windows Autopatch Device Registration group](../deploy/windows-autopatch-register-devices.md#steps-to-register-devices) | :heavy_check_mark: | :x: |
| [Run the pre-registration device readiness checks](../deploy/windows-autopatch-register-devices.md#about-the-ready-not-ready-and-not-registered-tabs) | :x: | :heavy_check_mark: |
| [Automatically assign devices to First, Fast & Broad deployment rings at device registration](../operate/windows-autopatch-update-management.md#deployment-ring-calculation-logic) | :x: | :heavy_check_mark: |
@ -61,29 +61,29 @@ This article outlines your responsibilities and Windows Autopatch's responsibili
| [Maintain customer configuration to align with the Windows Autopatch service configuration](../operate/windows-autopatch-maintain-environment.md) | :heavy_check_mark: | :x: |
| [Run on-going checks to ensure devices are only present in one deployment ring](../operate/windows-autopatch-update-management.md#automated-deployment-ring-remediation-functions) | :x: | :heavy_check_mark: |
| [Maintain the Test deployment ring membership](../operate/windows-autopatch-update-management.md#deployment-ring-calculation-logic) | :heavy_check_mark: | :x: |
| Monitor [Windows update signals](../operate/windows-autopatch-wqu-signals.md) for safe update release | :x: | :heavy_check_mark: |
| Test specific [business update scenarios](../operate/windows-autopatch-wqu-signals.md) | :heavy_check_mark: | :x: |
| [Define and implement release schedule](../operate/windows-autopatch-wqu-overview.md) | :x: | :heavy_check_mark: |
| Communicate the update [release schedule](../operate/windows-autopatch-wqu-communications.md) | :x: | :heavy_check_mark: |
| Release updates (as scheduled)<ul><li>[Windows quality updates](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases)</li><li>[Microsoft 365 Apps for enterprise](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#update-release-schedule)</li><li>[Microsoft Edge](../operate/windows-autopatch-edge.md#update-release-schedule)</li><li>[Microsoft Teams](../operate/windows-autopatch-teams.md#update-release-schedule)</li><ul>| :x: | :heavy_check_mark: |
| [Release updates (expedited)](../operate/windows-autopatch-wqu-overview.md#expedited-releases) | :x: | :heavy_check_mark: |
| Monitor [Windows update signals](../operate/windows-autopatch-windows-quality-update-signals.md) for safe update release | :x: | :heavy_check_mark: |
| Test specific [business update scenarios](../operate/windows-autopatch-windows-quality-update-signals.md) | :heavy_check_mark: | :x: |
| [Define and implement release schedule](../operate/windows-autopatch-windows-quality-update-overview.md) | :x: | :heavy_check_mark: |
| Communicate the update [release schedule](../operate/windows-autopatch-windows-quality-update-communications.md) | :x: | :heavy_check_mark: |
| Release updates (as scheduled)<ul><li>[Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md#windows-quality-update-releases)</li><li>[Microsoft 365 Apps for enterprise](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#update-release-schedule)</li><li>[Microsoft Edge](../operate/windows-autopatch-edge.md#update-release-schedule)</li><li>[Microsoft Teams](../operate/windows-autopatch-teams.md#update-release-schedule)</li><ul>| :x: | :heavy_check_mark: |
| [Release updates (expedited)](../operate/windows-autopatch-windows-quality-update-overview.md#expedited-releases) | :x: | :heavy_check_mark: |
| [Deploy updates to devices](../operate/windows-autopatch-update-management.md) | :x: | :heavy_check_mark: |
| Monitor [Windows quality](../operate/windows-autopatch-wqu-overview.md) or [feature updates](../operate/windows-autopatch-fu-overview.md) through the release cycle | :x: | :heavy_check_mark: |
| Review [update reports](../operate/windows-autopatch-wqu-reports-overview.md) | :heavy_check_mark: | :x: |
| [Pause updates (Windows Autopatch initiated)](../operate/windows-autopatch-wqu-signals.md) | :x: | :heavy_check_mark: |
| [Pause updates (initiated by you)](../operate/windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release) | :heavy_check_mark: | :x: |
| Monitor [Windows quality](../operate/windows-autopatch-windows-quality-update-overview.md) or [feature updates](../operate/windows-autopatch-windows-feature-update-overview.md) through the release cycle | :x: | :heavy_check_mark: |
| Review [update reports](../operate/windows-autopatch-windows-quality-update-reports-overview.md) | :heavy_check_mark: | :x: |
| [Pause updates (Windows Autopatch initiated)](../operate/windows-autopatch-windows-quality-update-signals.md) | :x: | :heavy_check_mark: |
| [Pause updates (initiated by you)](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) | :heavy_check_mark: | :x: |
| Run [on-going post-registration device readiness checks](../deploy/windows-autopatch-post-reg-readiness-checks.md) | :x: | :heavy_check_mark: |
| [Remediate devices displayed in the **Not ready** tab](../deploy/windows-autopatch-post-reg-readiness-checks.md#about-the-three-tabs-in-the-devices-blade) | :heavy_check_mark: | :x: |
| Resolve any conflicting and unsupported [Windows update](../references/windows-autopatch-wqu-unsupported-policies.md) and [Microsoft 365](../references/windows-autopatch-microsoft-365-policies.md) policies | :heavy_check_mark: | :x: |
| [Investigate devices that aren't up to date within the service level objective (Microsoft action)](../operate/windows-autopatch-wqu-reports-overview.md#not-up-to-date-microsoft-action) | :x: | :heavy_check_mark: |
| [Investigate and remediate devices that are marked as ineligible (Customer action)](../operate/windows-autopatch-wqu-reports-overview.md#ineligible-devices-customer-action) | :heavy_check_mark: | :x: |
| Resolve any conflicting and unsupported [Windows update](../references/windows-autopatch-windows-update-unsupported-policies.md) and [Microsoft 365](../references/windows-autopatch-microsoft-365-policies.md) policies | :heavy_check_mark: | :x: |
| [Investigate devices that aren't up to date within the service level objective (Microsoft action)](../operate/windows-autopatch-windows-quality-update-reports-overview.md#not-up-to-date-microsoft-action) | :x: | :heavy_check_mark: |
| [Investigate and remediate devices that are marked as ineligible (Customer action)](../operate/windows-autopatch-windows-quality-update-reports-overview.md#ineligible-devices-customer-action) | :heavy_check_mark: | :x: |
| [Raise, manage and resolve a service incident if an update management area isn't meeting the service level objective](windows-autopatch-overview.md#update-management) | :x: | :heavy_check_mark: |
| [Deregister devices](../operate/windows-autopatch-deregister-devices.md) | :heavy_check_mark: | :x: |
| [Register a device that was previously deregistered (upon customers request)](../operate/windows-autopatch-deregister-devices.md#excluded-devices) | :x: | :heavy_check_mark: |
| [Request unenrollment from Windows Autopatch](../operate/windows-autopatch-unenroll-tenant.md) | :heavy_check_mark: | :x: |
| [Remove Windows Autopatch data from the service and deregister devices](../operate/windows-autopatch-unenroll-tenant.md#microsofts-responsibilities-during-unenrollment) | :x: | :heavy_check_mark: |
| [Maintain update configuration & update devices post unenrollment from Windows Autopatch](../operate/windows-autopatch-unenroll-tenant.md#your-responsibilities-after-unenrolling-your-tenant) | :heavy_check_mark: | :x: |
| Review and respond to Message Center and Service Health Dashboard notifications<ul><li>[Windows quality and feature update communications](../operate/windows-autopatch-wqu-communications.md)</li><li>[Add and verify admin contacts](../deploy/windows-autopatch-admin-contacts.md)</li></ul> | :heavy_check_mark: | :x: |
| Review and respond to Message Center and Service Health Dashboard notifications<ul><li>[Windows quality and feature update communications](../operate/windows-autopatch-windows-quality-update-communications.md)</li><li>[Add and verify admin contacts](../deploy/windows-autopatch-admin-contacts.md)</li></ul> | :heavy_check_mark: | :x: |
| [Highlight Windows Autopatch Tenant management alerts that require customer action](../operate/windows-autopatch-maintain-environment.md#windows-autopatch-tenant-actions) | :x: | :heavy_check_mark: |
| [Review and respond to Windows Autopatch Tenant management alerts](../operate/windows-autopatch-maintain-environment.md#windows-autopatch-tenant-actions) | :heavy_check_mark: | :x: |
| [Raise and respond to support requests](../operate/windows-autopatch-support-request.md) | :heavy_check_mark: | :x: |

6
windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md
View File

@ -45,13 +45,13 @@ This setting must be turned on to avoid a "lack of permissions" error when we in
| ----- | ----- |
| Not ready | Allow access to unlicensed admins should be turned on. Without this setting enabled, errors can occur when we try to access your Azure AD organization for service. You can safely enable this setting without worrying about security implications. The scope of access is defined by the roles assigned to users, including our operations staff.<p><p>For more information, see [Unlicensed admins](/mem/intune/fundamentals/unlicensed-admins). |
### Deployment rings for Windows 10 or later
### Windows 10 and later update rings
Your "Windows 10 deployment ring" policy in Intune must not target any Windows Autopatch devices.
Your "Windows 10 and later update ring" policy in Intune must not target any Windows Autopatch devices.
| Result | Meaning |
| ----- | ----- |
| Not ready | You have an "update ring" policy that targets all devices, all users, or both.<p>To resolve, change the policy to use an assignment that targets a specific Azure Active Directory (AD) group that doesn't include any Windows Autopatch devices.</p><p>For more information, see [Manage Windows 10 software updates in Intune](/mem/intune/protect/windows-update-for-business-configure).</p> |
| Not ready | You have an "update ring" policy that targets all devices, all users, or both.<p>To resolve, change the policy to use an assignment that targets a specific Azure Active Directory (AD) group that doesn't include any Windows Autopatch devices.</p><p>For more information, see [Manage Windows 10 and later software updates in Intune](/mem/intune/protect/windows-update-for-business-configure).</p> |
| Advisory | Both the **Modern Workplace Devices - All** and **Modern Workplace - All** Azure AD groups are groups that we create after you enroll in Windows Autopatch.<p>You can continue with enrollment. However, you must resolve the advisory prior to deploying your first device. To resolve the advisory, see [Maintain the Windows Autopatch environment](../operate/windows-autopatch-maintain-environment.md).</p>|
## Azure Active Directory settings

18
windows/deployment/windows-autopatch/references/windows-autopatch-changes-to-tenant.md
View File

@ -78,18 +78,18 @@ Windows Autopatch will create Azure Active Directory groups that are required to
## Feature update policies
- Modern Workplace DSS Policy [Test]
- Modern Workplace DSS Policy [First]
- Modern Workplace DSS Policy [Fast]
- Modern Workplace DSS Policy [Broad]
- Modern Workplace DSS Policy [Windows 11]
- Windows Autopatch - DSS Policy [Test]
- Windows Autopatch - DSS Policy [First]
- Windows Autopatch - DSS Policy [Fast]
- Windows Autopatch - DSS Policy [Broad]
- Windows Autopatch - DSS Policy [Windows 11]
| Policy name | Policy description | Value |
| ----- | ----- | ----- |
| Modern Workplace DSS Policy [Test] | DSSpolicyforTest devicegroup | Assigned to:<ul><li>ModernWorkplaceDevices-WindowsAutopatch-Test</li></ul><br>Exclude from:<ul><li>ModernWorkplace-Windows11Pre-ReleaseTestDevices</li></ul>|
| ModernWorkplaceDSSPolicy[First] | DSSpolicyforFirstdevice group | Assigned to:<ul><li>ModernWorkplaceDevices-WindowsAutopatch-First</li><li>Modern Workplace - Windows 11 Pre-Release Test Devices</li> |
| ModernWorkplaceDSSPolicy[Fast] | DSSpolicyforFastdevice group | Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Fast</li></ul><br>Exclude from:<ul><li>Modern Workplace - Windows 11 Pre-Release Test Devices</li></ul> |
| ModernWorkplaceDSSPolicy[Broad] | DSSpolicyforBroad devicegroup | Assigned to:<ul><li>ModernWorkplaceDevices-WindowsAutopatch-Broad</li></ul><br>Exclude from:<ul><li>ModernWorkplace-Windows11Pre-ReleaseTestDevices</li></ul>|
| Windows Autopatch - DSS Policy [Test] | DSSpolicyforTest devicegroup | Assigned to:<ul><li>ModernWorkplaceDevices-WindowsAutopatch-Test</li></ul><br>Exclude from:<ul><li>ModernWorkplace-Windows11Pre-ReleaseTestDevices</li></ul>|
| Windows Autopatch -DSSPolicy[First] | DSSpolicyforFirstdevice group | Assigned to:<ul><li>ModernWorkplaceDevices-WindowsAutopatch-First</li><li>Modern Workplace - Windows 11 Pre-Release Test Devices</li> |
| Windows Autopatch -DSSPolicy[Fast] | DSSpolicyforFastdevice group | Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Fast</li></ul><br>Exclude from:<ul><li>Modern Workplace - Windows 11 Pre-Release Test Devices</li></ul> |
| Windows Autopatch -Policy[Broad] | DSSpolicyforBroad devicegroup | Assigned to:<ul><li>ModernWorkplaceDevices-WindowsAutopatch-Broad</li></ul><br>Exclude from:<ul><li>ModernWorkplace-Windows11Pre-ReleaseTestDevices</li></ul>|
| ModernWorkplaceDSSPolicy[Windows11] | Windows11DSSpolicy | Assigned to:<ul><li>ModernWorkplace-Windows11Pre-ReleaseTestDevices</li></ul>|
## Microsoft Office update policies

15
windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md
View File

@ -1,7 +1,7 @@
---
title: Privacy
description: This article provides details about the data platform and privacy compliance for Autopatch
ms.date: 11/08/2022
ms.date: 02/02/2023
ms.prod: windows-client
ms.technology: itpro-updates
ms.topic: reference
@ -25,7 +25,7 @@ The sources include Azure Active Directory (Azure AD), Microsoft Intune, and Mic
| Data source | Purpose |
| ------ | ------ |
| [Microsoft Windows 10/11 Enterprise](/windows/windows-10/) | Management of device setup experience, managing connections to other services, and operational support for IT pros. |
| [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb) | Uses Windows 10 Enterprise diagnostic data to provide additional information on Windows 10/11 update. |
| [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb) | Uses Windows 10/11 Enterprise diagnostic data to provide additional information on Windows 10/11 update. |
| [Microsoft Intune](/mem/intune/fundamentals/what-is-intune) | Device management and to keep your data secure. The following endpoint management data sources are used:<br><ul><li>[Microsoft Azure Active Directory](/azure/active-directory/): Authentication and identification of all user accounts.</li><li>[Microsoft Intune](/mem/intune/): Distributing device configurations, device management and application management.</li></ul>
| [Windows Autopatch](https://go.microsoft.com/fwlink/?linkid=2109431) | Data provided by the customer or generated by the service during running of the service. |
| [Microsoft 365 Apps for enterprise](https://www.microsoft.com/microsoft-365/enterprise/compare-office-365-plans)| Management of Microsoft 365 Apps. |
@ -53,13 +53,18 @@ Windows Autopatch Service Engineering Team is in the United States, India and Ro
Windows Autopatch uses [Windows 10/11 Enhanced diagnostic data](/windows/privacy/windows-diagnostic-data) to keep Windows secure, up to date, fix problems, and make product improvements.
The enhanced diagnostic data setting includes more detailed information about the devices enrolled in Windows Autopatch and their settings, capabilities, and device health. When enhanced diagnostic data is selected, data, including required diagnostic data, are collected. For more information, see [Changes to Windows diagnostic data collection](/windows/privacy/changes-to-windows-diagnostic-data-collection) about the Windows 10 diagnostic data setting and data collection.
The enhanced diagnostic data setting includes more detailed information about the devices enrolled in Windows Autopatch and their settings, capabilities, and device health. When enhanced diagnostic data is selected, data, including required diagnostic data, are collected. For more information, see [Changes to Windows diagnostic data collection](/windows/privacy/changes-to-windows-diagnostic-data-collection) about the Windows 10/11 diagnostic data setting and data collection.
The diagnostic data terminology will change in future versions of Windows. Windows Autopatch is committed to processing only the data that the service needs. The diagnostic level will change to **Optional**, but Windows Autopatch will implement the limited diagnostic policies to fine-tune diagnostic data collection required for the service. For more information, see [Changes to Windows diagnostic data collection](/windows/privacy/changes-to-windows-diagnostic-data-collection).
Windows Autopatch only processes and stores system-level data from Windows 10 optional diagnostic data that originates from enrolled devices such as application and device reliability, and performance information. Windows Autopatch doesn't process and store customers' data such as chat and browser history, voice, text, or speech data.
Windows Autopatch only processes and stores system-level data from Windows 10/11 optional diagnostic data that originates from enrolled devices such as application and device reliability, and performance information. Windows Autopatch doesn't process and store customers' data such as chat and browser history, voice, text, or speech data.
For more information about the diagnostic data collection of Microsoft Windows 10, see the [Where we store and process data](https://privacy.microsoft.com/privacystatement#mainwherewestoreandprocessdatamodule) section of the Microsoft Privacy Statement.
For more information about the diagnostic data collection of Microsoft Windows 10/11, see the [Where we store and process data](https://privacy.microsoft.com/privacystatement#mainwherewestoreandprocessdatamodule) section of the Microsoft Privacy Statement.
For more information about how Windows diagnostic data is used, see:
- [Windows diagnostic data in your organization](/windows/privacy/configure-windows-diagnostic-data-in-your-organization#enable-windows-diagnostic-data-processor-configuration)
- [Features that require Windows diagnostic data](/mem/intune/protect/data-enable-windows-data)
## Tenant access

0
windows/deployment/windows-autopatch/references/windows-autopatch-wqu-unsupported-policies.md → windows/deployment/windows-autopatch/references/windows-autopatch-windows-update-unsupported-policies.md
View File

6
windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md
View File

@ -24,12 +24,12 @@ Minor corrections such as typos, style, or formatting issues aren't listed.
| Article | Description |
| ----- | ----- |
| [Windows quality updates](../operate/windows-autopatch-wqu-overview.md) | Added information about: <ul><li>Turning off service-driven expedited quality update releases<ul><li>[MC482178](https://admin.microsoft.com/adminportal/home#/MessageCenter)</li></ul></li><li>Viewing deployed out of band releases<ul><li>[MC484915](https://admin.microsoft.com/adminportal/home#/MessageCenter)</li></ul></li></ul> |
| [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) | Added information about: <ul><li>Turning off service-driven expedited quality update releases<ul><li>[MC482178](https://admin.microsoft.com/adminportal/home#/MessageCenter)</li></ul></li><li>Viewing deployed out of band releases<ul><li>[MC484915](https://admin.microsoft.com/adminportal/home#/MessageCenter)</li></ul></li></ul> |
| [Roles and responsibilities](../overview/windows-autopatch-roles-responsibilities.md) | Added Roles and responsibilities article |
| [Prerequisites](../prepare/windows-autopatch-prerequisites.md) | Added more licenses to the More about licenses section<ul><li>[MC452168](https://admin.microsoft.com/adminportal/home#/MessageCenter) |
| [Unsupported policies](../operate/windows-autopatch-wqu-unsupported-policies.md) | Updated to include other policy managers in the Group policy section |
| [Unsupported policies](../references/windows-autopatch-windows-update-unsupported-policies.md) | Updated to include other policy managers in the Group policy section |
| [Changes made at tenant enrollment](../references/windows-autopatch-changes-to-tenant.md) | Updated the Device configuration, Microsoft Office and Edge policies |
| [Windows quality update reports](../operate/windows-autopatch-wqu-reports-overview.md) | Added Windows quality update reports |
| [Windows quality update reports](../operate/windows-autopatch-windows-quality-update-reports-overview.md) | Added Windows quality update reports |
### December service release

6
windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
View File

@ -24,7 +24,9 @@ Minor corrections such as typos, style, or formatting issues aren't listed.
| Article | Description |
| ----- | ----- |
| [Register your devices](../deploy/windows-autopatch-register-devices.md) |<ul><li>Updated the Built-in roles required for registration section.</li><li>Added more information about assigning less-privileged user accounts</li></ul> |
| [Privacy](../references/windows-autopatch-privacy.md) | Added additional resources to the Microsoft Windows 10/11 diagnostic data section |
| [Changes made at tenant enrollment](../references/windows-autopatch-changes-to-tenant.md) | Updated Feature update policies section with Windows Autopatch - DSS Policy [deployment ring] |
| [Register your devices](../deploy/windows-autopatch-register-devices.md) |<ul><li>Updated the Built-in roles required for registration section</li><li>Added more information about assigning less-privileged user accounts</li></ul> |
## January 2023
@ -32,7 +34,7 @@ Minor corrections such as typos, style, or formatting issues aren't listed.
| Article | Description |
| ----- | ----- |
| [Windows feature update](../operate/windows-autopatch-fu-overview.md) | Updated Windows feature update information |
| [Windows feature update](../operate/windows-autopatch-windows-feature-update-overview.md) | Updated Windows feature update information |
| [Submit a tenant enrollment support request](../prepare/windows-autopatch-enrollment-support-request.md) | Added the Submit a tenant enrollment support request section. You can submit a tenant enrollment support request through the Tenant enrollment tool if you're running into issues with enrollment |
| [Submit a support request](../operate/windows-autopatch-support-request.md) | Added Premier and Unified support options section |

2
windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
View File

@ -63,7 +63,7 @@ The following procedures describe the most common tasks performed by using the B
By completing the procedures in this scenario, the recovery passwords for a computer have been viewed and copied and a password ID was used to locate a recovery password.
## Replated articles
## Related articles
- [BitLocker Overview](bitlocker-overview.md)
- [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml)