Merge remote-tracking branch 'refs/remotes/origin/master' into jd5holo

windows/configuration/wcd/wcd-devicemanagement.md

@@ -50,7 +50,7 @@ Use to configure device management settings.
 | ProtocolVersion | Select between **1.1** and **1.2** for the OMA DM protocol version that the server supports |
 | **Role** | Select between **Enterprise** and **Mobile Operator** for the role mask that the DM session runs with when it communicates with the server |
 | **ServerID** | Enter the OMA DM server's unique identifier for the current OMA DM account |
-| SSLClientCertSearchCriteria | Specify the client certificate search criteria, by subject attribute and certficate stores. For details, see [DMAcc configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/dmacc-csp). |
+| SSLClientCertSearchCriteria | Specify the client certificate search criteria, by subject attribute and certificate stores. For details, see [DMAcc configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/dmacc-csp). |
 | UseHardwareDeviceID | Specify whether to use the hardware ID for the ./DevInfo/DevID parameter in the DM account to identify the device |
 | UseNonceResync | Specify whether the OMA DM client should use the nonce resynchronization procedure if the server trigger notification fails authentication |
 

windows/deployment/windows-autopilot/user-driven-hybrid.md

@@ -9,7 +9,7 @@ ms.sitesec: library
 ms.pagetype: deploy
 author: greg-lindsay
 ms.author: greg-lindsay
-ms.date: 11/07/2018
+ms.date: 11/12/2018
 ---
 
 
@@ -23,7 +23,6 @@ Windows Autopilot requires that devices be Azure Active Directory joined. If you
 
 To perform a user-driven hybrid AAD joined deployment using Windows Autopilot:
 
-- Users must be able to join devices to Azure Active Directory.
 - A Windows Autopilot profile for user-driven mode must be created and 
     - **Hybrid Azure AD joined** must be specified as the selected option under **Join to Azure AD as** in the Autopilot profile.
 - If using Intune, a device group in Azure Active Directory must exist with the Windows Autopilot profile assigned to that group.
@@ -32,6 +31,8 @@ To perform a user-driven hybrid AAD joined deployment using Windows Autopilot:
 - The Intune Connector for Active Directory must be installed.
     - Note: The Intune Connector will perform an on-prem AD join, therefore users do not need on-prem AD-join permission, assuming the Connector is [configured to perform this action](https://docs.microsoft.com/intune/windows-autopilot-hybrid#increase-the-computer-account-limit-in-the-organizational-unit) on the user's behalf. 
 
+**AAD device join**: The hybrid AAD join process uses the system context to perform device AAD join, therefore it is not affected by user based AAD join permission settings. In addition, all users are enabled to join devices to AAD by default.
+
 ## Step by step instructions
 
 See [Deploy hybrid Azure AD joined devices using Intune and Windows Autopilot](https://docs.microsoft.com/intune/windows-autopilot-hybrid).

windows/security/threat-protection/TOC.md

@@ -269,11 +269,6 @@
 ######## [Add or Remove machine tags](windows-defender-atp/add-or-remove-machine-tags-windows-defender-advanced-threat-protection-new.md)
 ######## [Find machines by IP](windows-defender-atp/find-machines-by-ip-windows-defender-advanced-threat-protection-new.md)
 
-####### Machines Security States
-######## [Get MachineSecurityStates collection](windows-defender-atp/get-machinesecuritystates-collection-windows-defender-advanced-threat-protection.md)
-####### Machine Groups
-######## [Get MachineGroups collection](windows-defender-atp/get-machinegroups-collection-windows-defender-advanced-threat-protection.md)
-
 
 ####### [Machine Action](windows-defender-atp/machineaction-windows-defender-advanced-threat-protection-new.md)
 ######## [List MachineActions](windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection-new.md)

windows/security/threat-protection/windows-defender-atp/TOC.md

@@ -16,11 +16,6 @@
 #### [Security operations dashboard](security-operations-dashboard-windows-defender-advanced-threat-protection.md)
 
 
-#### [Incidents queue](incidents-queue.md)
-##### [View and organize the Incidents queue](view-incidents-queue.md)
-##### [Manage incidents](manage-incidents-windows-defender-advanced-threat-protection.md)
-##### [Investigate incidents](investigate-incidents-windows-defender-advanced-threat-protection.md)
-
 #### [Incidents queue](incidents-queue.md)
 ##### [View and organize the Incidents queue](view-incidents-queue.md)
 ##### [Manage incidents](manage-incidents-windows-defender-advanced-threat-protection.md)
@@ -283,11 +278,6 @@
 ####### [Run antivirus scan](run-av-scan-windows-defender-advanced-threat-protection-new.md)
 ####### [Offboard machine](offboard-machine-api-windows-defender-advanced-threat-protection-new.md)
 
-###### Machines Security States
-####### [Get MachineSecurityStates collection](get-machinesecuritystates-collection-windows-defender-advanced-threat-protection.md)
-###### Machine Groups
-####### [Get MachineGroups collection](get-machinegroups-collection-windows-defender-advanced-threat-protection.md)
-
 
 ###### [User](user-windows-defender-advanced-threat-protection-new.md)
 ####### [Get user related alerts](get-user-related-alerts-windows-defender-advanced-threat-protection-new.md)