Merge pull request #8017 from tiaraquan/ap-updates-031323-1

Reorganization
2025-05-15 06:47:21 +00:00 · 2023-03-13 12:27:06 -07:00 · 2023-03-13 12:27:06 -07:00 · e643a974ec
commit e643a974ec
parent f53390e870 42d994f2c0
11 changed files with 19 additions and 14 deletions
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@ -20649,6 +20649,11 @@
      "source_path": "education/windows/enable-s-mode-on-surface-go-devices.md",
      "redirect_url": "/windows/deployment/s-mode",
      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md",
+      "redirect_url": "/windows/deployment/windows-autopatch/overview/windows-autopatch-privacy",
+      "redirect_document_id": true
    }
  ]
 }
--- a/windows/deployment/windows-autopatch/TOC.yml
+++ b/windows/deployment/windows-autopatch/TOC.yml
@ -8,6 +8,8 @@
          href: overview/windows-autopatch-overview.md
        - name: Roles and responsibilities
          href: overview/windows-autopatch-roles-responsibilities.md
+        - name: Privacy
+          href: overview/windows-autopatch-privacy.md
        - name: FAQ
          href: overview/windows-autopatch-faq.yml
    - name: Prepare
@ -90,7 +92,7 @@
          href: operate/windows-autopatch-deregister-devices.md
        - name: Unenroll your tenant
          href: operate/windows-autopatch-unenroll-tenant.md
-    - name: Reference
+    - name: References
      href:
      items:
        - name: Update policies
@ -102,8 +104,6 @@
              href: references/windows-autopatch-microsoft-365-policies.md
        - name: Changes made at tenant enrollment
          href: references/windows-autopatch-changes-to-tenant.md
-        - name: Privacy
-          href: references/windows-autopatch-privacy.md
    - name: What's new
      href:
      items: 
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-maintain-environment.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-maintain-environment.md
@ -37,7 +37,7 @@ Windows Autopatch deploys, manages and maintains all configurations related to t
 The **Tenant management** blade can be found by navigating to Tenant administration > Windows Autopatch > **Tenant management**.

 > [!IMPORTANT]
-> Starting October 12, 2022, Windows Autopatch will manage your tenant with our [first party enterprise applications](../references/windows-autopatch-changes-to-tenant.md#windows-autopatch-enterprise-applications). If your tenant is still using the [Windows Autopatch service accounts](../references/windows-autopatch-privacy.md#service-accounts), your Global admin must take action in the new Windows Autopatch Tenant management blade to approve the configuration change. To take action or see if you need to take action, visit the Tenant management blade in the Windows Autopatch portal.
+> Starting October 12, 2022, Windows Autopatch will manage your tenant with our [first party enterprise applications](../references/windows-autopatch-changes-to-tenant.md#windows-autopatch-enterprise-applications). If your tenant is still using the [Windows Autopatch service accounts](../overview/windows-autopatch-privacy.md#service-accounts), your Global admin must take action in the new Windows Autopatch Tenant management blade to approve the configuration change. To take action or see if you need to take action, visit the Tenant management blade in the Windows Autopatch portal.

 The type of banner that appears depends on the severity of the action. Currently, only critical actions are listed.

--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-unenroll-tenant.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-unenroll-tenant.md
@ -32,7 +32,7 @@ Unenrolling from Windows Autopatch requires manual actions from both you and fro

 | Responsibility | Description |
 | ----- | ----- |
-| Windows Autopatch data | Windows Autopatch will delete user data that is within the Windows Autopatch service. We won’t make changes to any other data. For more information about how data is used in Windows Autopatch, see [Privacy](../references/windows-autopatch-privacy.md). |
+| Windows Autopatch data | Windows Autopatch will delete user data that is within the Windows Autopatch service. We won’t make changes to any other data. For more information about how data is used in Windows Autopatch, see [Privacy](../overview/windows-autopatch-privacy.md). |
 | Deregistering devices | Windows Autopatch will deregister all devices previously registered with the service. Only the Windows Autopatch device record will be deleted. We won't delete Microsoft Intune and/or Azure Active Directory device records. For more information, see [Deregister a device](/windows/deployment/windows-autopatch/operate/windows-autopatch-deregister-devices). |

 ## Your responsibilities after unenrolling your tenant
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-reports-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-reports-overview.md
@ -39,7 +39,7 @@ Users with the following permissions can access the reports:

 ## About data latency

-The data source for these reports is the [Windows diagnostic data](../references/windows-autopatch-privacy.md#microsoft-windows-1011-diagnostic-data). The data typically uploads from enrolled devices once per day. Then, the data is processed in batches before being made available in Windows Autopatch. The maximum end-to-end latency is approximately 24 hours.
+The data source for these reports is the [Windows diagnostic data](../overview/windows-autopatch-privacy.md#microsoft-windows-1011-diagnostic-data). The data typically uploads from enrolled devices once per day. Then, the data is processed in batches before being made available in Windows Autopatch. The maximum end-to-end latency is approximately 24 hours.

 ## Windows quality update statuses

--- a/windows/deployment/windows-autopatch/overview/windows-autopatch-overview.md
+++ b/windows/deployment/windows-autopatch/overview/windows-autopatch-overview.md
@ -63,7 +63,7 @@ Microsoft remains committed to the security of your data and the [accessibility]
 | Prepare | The following articles describe the mandatory steps to prepare and enroll your tenant into Windows Autopatch:<ul><li>[Prerequisites](../prepare/windows-autopatch-prerequisites.md)</li><li>[Configure your network](../prepare/windows-autopatch-configure-network.md)</li><li>[Enroll your tenant](../prepare/windows-autopatch-enroll-tenant.md)</li><li>[Fix issues found by the Readiness assessment tool](../prepare/windows-autopatch-fix-issues.md)</li></ul> |
 | Deploy | Once you've enrolled your tenant, this section instructs you to:<ul><li>[Add and verify admin contacts](../deploy/windows-autopatch-admin-contacts.md)</li><li>[Register your devices](../deploy/windows-autopatch-register-devices.md)</li></ul> |
 | Operate | This section includes the following information about your day-to-day life with the service:<ul><li>[Update management](../operate/windows-autopatch-update-management.md)</li><li>[Maintain your Windows Autopatch environment](../operate/windows-autopatch-maintain-environment.md)</li><li>[Submit a support request](../operate/windows-autopatch-support-request.md)</li><li>[Deregister a device](../operate/windows-autopatch-deregister-devices.md)</li></ul>
-| References | This section includes the following articles:<ul><li>[Windows update policies](../references/windows-autopatch-windows-update-unsupported-policies.md)</li><li>[Microsoft 365 Apps for enterprise update policies](../references/windows-autopatch-microsoft-365-policies.md)</li><li>[Privacy](../references/windows-autopatch-privacy.md)</li><li>[Windows Autopatch Preview Addendum](../references/windows-autopatch-preview-addendum.md)</li></ul> |
+| References | This section includes the following articles:<ul><li>[Windows update policies](../references/windows-autopatch-windows-update-unsupported-policies.md)</li><li>[Microsoft 365 Apps for enterprise update policies](../references/windows-autopatch-microsoft-365-policies.md)</li><li>[Privacy](../overview/windows-autopatch-privacy.md)</li><li>[Windows Autopatch Preview Addendum](../references/windows-autopatch-preview-addendum.md)</li></ul> |

 ### Have feedback or would like to start a discussion?

--- a/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md
+++ b/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md
@ -1,7 +1,7 @@
 ---
 title: Privacy
 description: This article provides details about the data platform and privacy compliance for Autopatch
-ms.date: 02/02/2023
+ms.date: 03/13/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: reference
@ -72,12 +72,12 @@ Windows Autopatch creates an enterprise application in your tenant. This enterpr

 | Enterprise application name | Usage | Permissions |
 | ----- | ----- | ----- |
-| Modern Workplace Management | This enterprise application is a limited first party enterprise application with elevated privileges. This application is used to manage the service, publish baseline configuration updates, and maintain overall service health. | <ul><li>DeviceManagementApps.ReadWrite.All</li><li>DeviceManagementConfiguration.ReadWrite.All</li><li>DeviceManagementManagedDevices.PriviligedOperation.All</li><li>DeviceManagementManagedDevices.ReadWrite.All</li><li>DeviceManagementRBAC.ReadWrite.All</li><li>DeviceManagementServiceConfig.ReadWrite.All</li><li>Directory.Read.All</li><li>Group.Create</li><li>Policy.Read.All</li><li>WindowsUpdates.Read.Write.All</li></ul>|
+| Modern Workplace Management | This enterprise application is a limited first party enterprise application with elevated privileges. This application is used to manage the service, publish baseline configuration updates, and maintain overall service health. | <ul><li>DeviceManagementApps.ReadWrite.All</li><li>DeviceManagementConfiguration.ReadWrite.All</li><li>DeviceManagementManagedDevices.PriviligedOperation.All</li><li>DeviceManagementManagedDevices.ReadWrite.All</li><li>DeviceManagementRBAC.ReadWrite.All</li><li>DeviceManagementServiceConfig.ReadWrite.All</li><li>Directory.Read.All</li><li>Group.Create</li><li>Policy.Read.All</li><li>WindowsUpdates.ReadWrite.All</li></ul>|

 ### Service accounts

 > [!IMPORTANT]
-> Starting October 12, 2022, Windows Autopatch will manage your tenant with our [first party enterprise application](windows-autopatch-changes-to-tenant.md#windows-autopatch-enterprise-applications). If your tenant is still using the [Windows Autopatch service accounts](windows-autopatch-privacy.md#service-accounts), you must take action. To take action or see if you need to take action, visit the [Tenant management blade](../operate/windows-autopatch-maintain-environment.md#windows-autopatch-tenant-actions) in the Windows Autopatch portal.
+> Starting October 12, 2022, Windows Autopatch will manage your tenant with our [enterprise application](../references/windows-autopatch-changes-to-tenant.md#windows-autopatch-enterprise-applications). If your tenant is still using the [Windows Autopatch service accounts](windows-autopatch-privacy.md#service-accounts), you must take action. To take action or see if you need to take action, visit the [Tenant management blade](../operate/windows-autopatch-maintain-environment.md#windows-autopatch-tenant-actions) in the Windows Autopatch portal.

 Windows Autopatch creates and uses guest accounts using just-in-time access functionality when signing into a customer tenant to manage the Windows Autopatch service. To provide additional locked down control, Windows Autopatch maintains a separate conditional access policy to restrict access to these accounts.

--- a/windows/deployment/windows-autopatch/overview/windows-autopatch-roles-responsibilities.md
+++ b/windows/deployment/windows-autopatch/overview/windows-autopatch-roles-responsibilities.md
@ -25,7 +25,7 @@ This article outlines your responsibilities and Windows Autopatch's responsibili
 | Task | Your responsibility | Windows Autopatch |
 | ----- | :-----: | :-----: |
 | Review the [prerequisites](../prepare/windows-autopatch-prerequisites.md) | :heavy_check_mark: | :x: |
-| [Review the service data platform and privacy compliance details](../references/windows-autopatch-privacy.md) | :heavy_check_mark: | :x: |
+| [Review the service data platform and privacy compliance details](../overview/windows-autopatch-privacy.md) | :heavy_check_mark: | :x: |
 | Ensure device [prerequisites](../prepare/windows-autopatch-prerequisites.md) are met and in place prior to enrollment | :heavy_check_mark: | :x: |
 | Ensure [infrastructure and environment prerequisites](../prepare/windows-autopatch-configure-network.md) are met and in place prior to enrollment | :heavy_check_mark: | :x: |
 | Prepare to remove your devices from existing unsupported [Windows update](../references/windows-autopatch-windows-update-unsupported-policies.md) and [Microsoft 365](../references/windows-autopatch-microsoft-365-policies.md) policies | :heavy_check_mark: | :x: |
--- a/windows/deployment/windows-autopatch/prepare/windows-autopatch-prerequisites.md
+++ b/windows/deployment/windows-autopatch/prepare/windows-autopatch-prerequisites.md
@ -22,7 +22,7 @@ Getting started with Windows Autopatch has been designed to be easy. This articl
 | Connectivity | All Windows Autopatch devices require connectivity to multiple Microsoft service endpoints from the corporate network.<p><p>For the full list of required IPs and URLs, see [Configure your network](../prepare/windows-autopatch-configure-network.md). |
 | Azure Active Directory | Azure Active Directory must either be the source of authority for all user accounts, or user accounts must be synchronized from on-premises Active Directory using the latest supported version of Azure Active Directory Connect to enable Hybrid Azure Active Directory join.<br><ul><li>For more information, see [Azure Active Directory Connect](/azure/active-directory/hybrid/whatis-azure-ad-connect) and [Hybrid Azure Active Directory join](/azure/active-directory/devices/howto-hybrid-azure-ad-join)</li><li>For more information on supported Azure Active Directory Connect versions, see [Azure AD Connect:Version release history](/azure/active-directory/hybrid/reference-connect-version-history).</li></ul> |
 | Device management | [Devices must be already enrolled with Microsoft Intune](/mem/intune/user-help/enroll-windows-10-device) prior to registering with Windows Autopatch. Intune must be set as the Mobile Device Management (MDM) authority or co-management must be turned on and enabled on the target devices.<p><p>At a minimum, the Windows Update, Device configuration and Office Click-to-Run apps workloads must be set to Pilot Intune or Intune. You must also ensure that the devices you intend on bringing to Windows Autopatch are in the targeted device collection. For more information, see [co-management requirements for Windows Autopatch](#configuration-manager-co-management-requirements).<p>Other device management prerequisites include:<ul><li>Devices must be corporate-owned. Windows bring-your-own-devices (BYOD) are blocked during device registration prerequisite checks.</li><li>Devices must be managed by either Intune or Configuration Manager co-management. Devices only managed by Configuration Manager aren't supported.</li><li>Devices must be in communication with Microsoft Intune in the **last 28 days**. Otherwise, the devices won't be registered with Autopatch.</li><li>Devices must be connected to the internet.</li><li>Devices must have a **Serial number**, **Model** and **Manufacturer**. Device emulators that don't generate this information fail to meet **Intune or Cloud-attached** prerequisite check.</li></ul><p>See [Register your devices](/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices) for more details on device prerequisites and on how the device registration process works with Windows Autopatch.<p>For more information on co-management, see [co-management for Windows devices](/mem/configmgr/comanage/overview).</p> |
-| Data and privacy | For more information on Windows Autopatch privacy practices, see [Windows Autopatch Privacy](../references/windows-autopatch-privacy.md). |
+| Data and privacy | For more information on Windows Autopatch privacy practices, see [Windows Autopatch Privacy](../overview/windows-autopatch-privacy.md). |

 ## More about licenses

--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2022.md
@ -43,7 +43,7 @@ Minor corrections such as typos, style, or formatting issues aren't listed.

 | Article | Description |
 | ----- | ----- |
-| [Privacy](../references/windows-autopatch-privacy.md) | Updated data center locations<ul><li>[MC448005](https://admin.microsoft.com/adminportal/home#/MessageCenter) |
+| [Privacy](../overview/windows-autopatch-privacy.md) | Updated data center locations<ul><li>[MC448005](https://admin.microsoft.com/adminportal/home#/MessageCenter) |
 | [Changes made at tenant enrollment](../references/windows-autopatch-changes-to-tenant.md) | Updated multiple sections because of the OMA-URI to Intune Settings Catalog policy migration<ul><li>[MC443898](https://admin.microsoft.com/adminportal/home#/MessageCenter) |
 | [Configure your network](../prepare/windows-autopatch-configure-network.md) | Added information on Delivery Optimization  |
 | [Microsoft 365 Apps for enterprise](../operate/windows-autopatch-microsoft-365-apps-enterprise.md) | 32 and 64-bit versions are supported |
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
@ -44,7 +44,7 @@ Minor corrections such as typos, style, or formatting issues aren't listed.
 | [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) | Added note about [Windows 10 Long-Term Servicing Channel (LTSC) support](../operate/windows-autopatch-windows-quality-update-overview.md#device-eligibility) |
 | [Register your devices](../deploy/windows-autopatch-register-devices.md) | Added note about [Windows 10 Long-Term Servicing Channel (LTSC) support](../deploy/windows-autopatch-register-devices.md#prerequisites-for-device-registration) |
 | [Prerequisites](../prepare/windows-autopatch-prerequisites.md) | Added note about [Windows 10 Long-Term Servicing Channel (LTSC) support](../prepare/windows-autopatch-prerequisites.md#more-about-licenses) |
-| [Privacy](../references/windows-autopatch-privacy.md) | Added additional resources to the [Microsoft Windows 10/11 diagnostic data](../references/windows-autopatch-privacy.md#microsoft-windows-1011-diagnostic-data) section |
+| [Privacy](../overview/windows-autopatch-privacy.md) | Added additional resources to the [Microsoft Windows 10/11 diagnostic data](../overview/windows-autopatch-privacy.md#microsoft-windows-1011-diagnostic-data) section |
 | [Changes made at tenant enrollment](../references/windows-autopatch-changes-to-tenant.md) | Updated Feature update policies section with Windows Autopatch - DSS Policy [deployment ring] |
 | [Register your devices](../deploy/windows-autopatch-register-devices.md) |<ul><li>Updated the [Built-in roles required for registration](../deploy/windows-autopatch-register-devices.md#built-in-roles-required-for-device-registration) section</li><li>Added more information about assigning less-privileged user accounts</li></ul> |