Updates to the AP docs

windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md

@@ -25,7 +25,18 @@ Windows Autopatch to take over software updates management of supported devices
 - [Microsoft Edge updates](../operate/windows-autopatch-edge.md)
 - [Microsoft Teams updates](../operate/windows-autopatch-teams.md)
 
-You must choose what devices to manage with Windows Autopatch by adding either devices through direct membership or by adding other Azure Active Directory (Azure AD) dynamic/assigned groups into the Azure Active Directory assigned **Windows Autopatch Device Registration** group. Windows Autopatch runs every hour to discover new devices added to this group. Once new devices are discovered, Windows Autopatch attempts to register these devices into its service.
+You must choose what devices to manage with Windows Autopatch by adding either devices through direct membership or by nesting other Azure Active Directory (Azure AD) dynamic/assigned groups into the Azure Active Directory assigned **Windows Autopatch Device Registration** group. Windows Autopatch runs every hour to discover new devices added to this group. Once new devices are discovered, Windows Autopatch attempts to register these devices into its service.
+
+### Other nested Azure AD group supported scenarios
+
+Windows Autopatch also supports the following Azure AD nested group scenarios:
+
+- Azure AD groups synced up from:
+	- On-premises Active Directory groups (Windows server type).
+	- [Configuration Manager collections](https://docs.microsoft.com/mem/configmgr/core/clients/manage/collections/create-collections#bkmk_aadcollsync).
+
+> [!IMPORTANT]
+> The **Windows Autopatch Device Registration** Azure AD group only supports one level of Azure AD nested groups.
 
 > [!TIP]
 > You can also use the **Discover Devices** button in either the Ready or Not ready tabs to discover devices from the Windows Autopatch Device Registration Azure AD group on demand.
@@ -34,13 +45,14 @@ To be eligible for Windows Autopatch management, devices must meet a minimum set
 
 ## Prerequisites
 
-- Windows 10/11 Enterprise edition 1809+.
+- Windows 10/11 64-bit Enterprise edition 1809+.
 - Either hybrid or Azure AD joined (personal devices aren't supported).
-- Managed by Microsoft Endpoint Manager (either Microsoft Endpoint Manager-Intune or Microsoft Endpoint Manager-Configuration Manager Co-management).
-- Microsoft Endpoint Manager-Configuration Manager Co-management workloads swung over to Microsoft Endpoint Manager-Intune (either set to Pilot Intune or Intune).
-	- Windows Updates policies
-	- Device configuration
-	- Office Click-to-run
+- Managed by Microsoft Endpoint Manager
+	- Microsoft Endpoint Manager-Intune or Microsoft Endpoint Manager-Configuration Manager Co-management.
+		- Microsoft Endpoint Manager-Configuration Manager Co-management workloads swung over to Microsoft Endpoint Manager-Intune (either set to Pilot Intune or Intune).
+			- Windows Updates policies
+			- Device configuration
+			- Office Click-to-run
 - Last Intune device check-in completed within the last 28 days.  
 
 For more information about each prerequisite check, see the [Prerequisites](../prepare/windows-autopatch-prerequisites.md) article.
@@ -80,6 +92,9 @@ A role defines the set of permissions granted to users assigned to that role. Yo
 
 Once devices or Azure AD groups containing devices are added to the **Windows Autopatch Device Registration** group, Windows Autopatch discovers these devices and runs device-level prerequisite checks to try to register them.
 
+> [!IMPORTANT]
+> It might take up to an hour for devices to change its statuses from **Ready for User** to **Active** in the Ready tab during the public preview.
+
 ## Other device lifecycle management scenarios
 
 There are a few more device lifecycle management scenarios to consider when planning to register devices in Windows Autopatch.

windows/deployment/windows-autopatch/operate/windows-autopatch-deregister-devices.md

@@ -1,7 +1,7 @@
 ---
 title: Deregister a device
 description:  This article explains how to deregister devices
-ms.date: 05/30/2022
+ms.date: 05/31/2022
 ms.prod: w11
 ms.technology: windows
 ms.topic: how-to
@@ -9,7 +9,7 @@ ms.localizationpriority: medium
 author: tiaraquan
 ms.author: tiaraquan
 manager: dougeby
-msreviewer: hathind
+msreviewer: andredm7
 ---
 
 # Deregister a device
@@ -26,7 +26,10 @@ To avoid end-user disruption, device de-registration in Windows Autopatch only d
 
 ## Excluded devices
 
-When you deregister a device from the Windows Autopatch service, the device is flagged as "excluded". Windows Autopatch doesn't try to re-register the device into the service again, because the de-registration command doesn't trigger device membership removal from the **Windows Autopatch Device Registration** Azure Active Directory group. This is due to a direct membership removal limitation present in Azure Active Directory dynamic groups.  
+When you deregister a device from the Windows Autopatch service, the device is flagged as "excluded" so Windows Autopatch doesn't try to re-register the device into the service again, since the de-registration command doesn't trigger device membership removal from the **Windows Autopatch Device Registration** Azure Active Directory group. 
+
+> [!IMPORTANT]
+> The Azure AD team doesn't recommend appending query statements to remove specific device from a dynamic query due to dynamic query performance issues.
 
 If you want to re-register a device that was previously deregistered from Windows Autopatch, you must [submit a support request](../operate/windows-autopatch-support-request.md) with the Windows Autopatch Service Engineering Team to request the removal of the "excluded" flag set during the de-registration process. After the Windows Autopatch Service Engineering Team removes the flag, you can re-register a device or a group of devices.