Merge pull request #16871 from MicrosoftDocs/main

Published main to live, Friday 5:00 PM IST, 12/06

windows-365/enterprise/azure-network-connections.md

@@ -123,7 +123,7 @@ After completing either of these operations, you can delete the ANC.
 
 ## Maximum Azure network connections
 
-Each tenant has a limit of 10 Azure network connections. If your organization needs more than 10 Azure network connections, contact support.
+Each tenant has a limit of 50 Azure network connections. If your organization needs more than 50 Azure network connections, contact support.
 
 ## Inactive ANCs
 

windows-365/enterprise/create-azure-network-connection.md

@@ -33,7 +33,7 @@ ms.collection:
 
 [Azure network connections](azure-network-connections.md) (ANC) let you provision Cloud PCs that are attached to a virtual network that you manage.
 
-You can have up to 10 ANCs per tenant.
+You can have up to 50 ANCs per tenant.
 
 As part of the connection process, the Windows 365 service is granted the following permissions:
 

windows-365/enterprise/create-manual-restore-point.md

@@ -7,7 +7,7 @@ keywords:
 author: ErikjeMS 
 ms.author: erikje
 manager: dougeby
-ms.date: 06/24/2024
+ms.date: 12/04/2024
 ms.topic: conceptual
 ms.service: windows-365
 ms.subservice: windows-365-enterprise
@@ -35,8 +35,9 @@ Cloud PC [restore points](restore-overview.md) can be manually created both sing
 
 ## Create a single manual restore point
 
-1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431) > **Devices** > **All devices** > select a device > **Restore points**.
-1. Select **Create Restore Points** > **Yes**.
+1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431) > **Devices** > **All devices** > select a device > **Restore points** > **Create restore points**.
+2. (Optiona) If you want to share the restore point to a storage account, select **Create new restore point for share**. If you do, you must also select a **Subscription**, **Storage account**, and **[Access tier](/azure/storage/blobs/access-tiers-overview)**.
+3. Select **Create Restore Points** > **Yes**.
 
 The new restore point will be created. It may take up to an hour or more for the new restore point to appear in the list of restore points. If a restore point already exists for this Cloud PC it will be overwritten by the new restore point.
 
@@ -45,15 +46,22 @@ The new restore point will be created. It may take up to an hour or more for the
 1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431) > **Devices** > **All devices** > **Bulk Device Actions**.
 ![Screenshot of bulk device actions.](./media/restore-bulk/bulk-device-actions.png)
 1. On the **Basics** page, select the following options:
-    1. **OS**: Windows
-    1. **Device action**: Create Cloud PC manual restore point
+    - **OS**: Windows
+    - **Device type**: Cloud PCs
+    - **Device action**: Create restore points
+3. (Optional) If you want to share the restore point to a storage account, select **Create new restore point for share**. Then select the following options:
+    - **Subscription**: One of your Azure subscriptions.
+    - **Storage account**
+    - **Access tier**
 1. Select **Next**.
 1. On the **Devices** page, choose **Select devices to include**.
 1. In the **Select devices**, choose the Cloud PCs that you want to create manual restore points for > **Select** > **Next**.
 1. On the **Review + create** page, confirm your choices > **Create**.
 
 The new restore points will be created. It may take up to an hour or more for the new restore points to appear in the list of restore points. If any of the selected Cloud PCs already have a restore point, the existing restore points will be overwritten.
 
+You can bulk create restore points on up to 5,000 Cloud PCs at once.
+
 <!-- ########################## -->
 ## Next steps
 

windows-365/enterprise/edit-provisioning-policy.md

@@ -7,7 +7,7 @@ keywords:
 author: ErikjeMS  
 ms.author: erikje
 manager: dougeby
-ms.date: 10/24/2024
+ms.date: 12/04/2024
 ms.topic: how-to
 ms.service: windows-365
 ms.subservice: windows-365-enterprise
@@ -61,15 +61,15 @@ If you remove users from the provisioning policy assignment:
 To apply a configuration change to existing Cloud PCs:
 
 1. Modify and save the changes to an existing provisioning policy.
-2. From the policy page, select **Apply current configuration**.
+2. From the policy page, select **Apply this configuration**.
 3. Select the configuration change to apply to existing Cloud PCs from the available list including:
     1. Region.
     2. Single sign-on.
 4. Select Apply.
 
 >[!Important]
 >
->- When you apply a new region, Cloud PCs are shutdown during the application process. Users are disconnected and any unsaved work is lost.
+>- When you apply a new region, Cloud PCs are shutdown during the application process for the targeted Cloud PCs. Users are disconnected and any unsaved work is lost.
 >- When you apply single sign-on, Cloud PCs deployed before April 2023 are shutdown during the application process. As this operation takes time, applying SSO to a large number of Cloud PCs can restart the VMs over a long period of time and won't complete immediately.
 
 ## Apply the current configuration for Frontline in shared mode

windows-365/enterprise/introduction-windows-365-government.md

@@ -67,10 +67,10 @@ The following features aren't yet supported for Windows 365 GCC or GCC High.
 - [Support for Omnissa Horizon clients and the Blast protocol](set-up-omnissa-horizon.md)
 - [Microsoft Purview Customer Key](purview-customer-key.md)
 - [HP Anyware for Windows 365](hp-anyware-set-up.md)
-- Bulk Troubleshoot action
 - RDP Shortpath for public networks via TURN
 - Windows 365 Link
 - Configure client device redirection for Windows App on iOS/iPadOS/Android using Intune
+- Intune scope tags
 
 ## Next steps
 

windows-365/enterprise/place-cloud-pc-under-review.md

@@ -52,7 +52,7 @@ As part of the process to place Cloud PCs under review, Windows 365 requires the
 2. Configure the storage account with the following settings;
     - **Instance details**
         - **Region**: Same region as CloudPC suggested for performance. There is no restriction on which region.
-        - **Performance**: **Premium**
+        - **Performance**: **Premium** (supports only hot [access tier](/azure/storage/blobs/access-tiers-overview)) or **Standard** (supports all access tiers).
         - **Premium account type**: **Page blobs**
     - **Security**
         - Minimum TLS version: **Version 1.2**
@@ -73,7 +73,7 @@ After setting up an Azure storage account with permissions as explained above, y
 2. Select the ellipses (**…**) > **Place cloud PC under review**.
     ![Screenshot of place a Cloud PC under review](./media/place-cloud-pc-under-review/place-cloud-pc-under-review.png)
 
-3. Select the Azure subscription and the Azure storage account to which the Windows 365 service was given **Storage Account Contributor** and **Storage Blob Data Contributor** permissions.
+3. Select the **Subscription**, **Storage account**, and **Access tier** to which the Windows 365 service was given **Storage Account Contributor** and **Storage Blob Data Contributor** permissions.
 
    Under **Access during review**, if you choose
    - **Block Access**, the Cloud PC will be immediately powered off so the user cannot access the Cloud PC, and then the snapshot will be created. This is useful in cases where you may want to contain a security threat by shutting the Cloud PC down, and then performing analysis of the snapshot later in an isolated environment.
@@ -93,7 +93,6 @@ Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?
 
 You can also use Intune’s bulk device actions to place multiple Cloud PCs under review at the same time. For more information, see [Use bulk device actions]( /mem/intune/remote-actions/bulk-device-actions).
 
-
 > [!NOTE]
 > Up to 10 Cloud PCs can be placed under review simultaneously. When more than 10 are placed under review at once, requests are queued and timeouts may increase if the request remains in the queue for too long. If you experience timeouts, it is recommended you stagger the requests to allow sufficient time for previous requests to complete first. Completion times will depend on the size of the Cloud PC disk as well as the location and type of your Azure Storage account.   
 

windows-365/enterprise/report-connected-frontline-cloud-pcs.md

@@ -37,6 +37,7 @@ This report helps you:
 
 - Understand the maximum number of concurrent connections for each Cloud PC license size that you own (maximum concurrency limit).
 - See which users are currently connected to their Frontline Cloud PC and see their session length.
+- See which users are currently using the concurrency buffer (Frontline Cloud PCs in dedicated mode only).
 - Restart Frontline Cloud PCs to get concurrency below the set threshold.
 - Make sure you have purchased the right number of licenses for your peak usage.
 
@@ -65,14 +66,18 @@ To assign these permissions, go to **Tenant administration** > **Roles** > **Cre
 
 ## Use the Connected Frontline Cloud PCs report
 
-To get to the **Connected Frontline Cloud PCs** report, sign in to [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431), select **Reports** > **Cloud PC overview** > **Connected Frontline Cloud PCs** > select a Cloud PC size.
+To get to the **Connected Frontline Cloud PCs** report, sign in to [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431), select **Reports** > **Cloud PC overview** > **Connected Frontline Cloud PCs (preview)** > select a Cloud PC size.
 
 :::image type="content" source="./media/report-connected-frontline-cloud-pcs/view-report.png" alt-text="Screenshot of getting to the Cloud PC utilization report." lightbox="./media/report-connected-frontline-cloud-pcs/view-report.png":::
 
-If you have provisioned Frontline Cloud PCs in shared mode the related assignments are displayed under the selected Cloud PC size.
+If you have provisioned Frontline Cloud PCs in shared mode, the related assignments are displayed under the selected Cloud PC size.
 
 ## Report data
 
+This report is specific to Windows 365 Frontline dedicated and shared mode. It doesn't apply to other Windows 365 plans. If you haven't purchased any Windows 365 Frontline licenses for your tenant, no data is displayed in the report.
+
+### Concurrent connection history
+
 The report shows the following data aggregated for the last 28 days:
 
 - **Current connections**: Number of currently connected Frontline Cloud PCs.
@@ -83,9 +88,13 @@ The report shows the following data aggregated for the last 28 days:
 - **Limit**: Maximum concurrency limit, which is equal to the number of licenses purchased.
 - **Reached concurrency limit**: Warnings for approaching and reaching the maximum concurrency limit.
 
+The **Concurrent connection history** chart shows when you reach or exceed the max concurrency limit for your tenant or selected group assignment. If you see the total number of connections exceed the max concurrency limit, you're using your concurrency buffer (Frontline dedicated mode only). For more information, see [Exceeding the maximum concurrency limit](introduction-windows-365-frontline.md#exceeding-the-maximum-concurrency-limit).
+
+### Connected devices
+
 To see which users are currently connected, select **Connected**.
 
-This report is specific to Windows 365 Frontline dedicated and shared mode. It doesn't apply to other Windows 365 plans. If you haven't purchased any Windows 365 Frontline licenses for your tenant, no data is displayed in the report.
+This section shows which Cloud PCs are currently connected. To bring concurrency below the maximum limit, you can restart Cloud PCs to disconnect the user from their session.
 
 <!-- ########################## -->
 ## Next steps

windows-365/enterprise/requirements.md

@@ -125,6 +125,8 @@ Windows 365 manages the capacity and availability of underlying Azure resources
   - Central India
 - Japan
   - Japan East
+- Middle East
+  - Israel
 - Norway
   - Norway East
 - South Africa

windows-365/enterprise/role-based-access.md

@@ -33,7 +33,7 @@ ms.collection:
 
 Role-based access control (RBAC) helps you manage who has access to your organization's resources and what they can do with those resources. You can assign roles for your Cloud PCs by using the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
 
-When a user with the Subscription Owner or User Access Administrator role creates, edits, or retries an ANC, Windows 365 transparently assigns the required built-in roles the following resources (if tehy're not already assigned):
+When a user with the Subscription Owner or User Access Administrator role creates, edits, or retries an ANC, Windows 365 transparently assigns the required built-in roles the following resources (if they're not already assigned):
 
 - Azure Subscription
 - Resource group
@@ -171,8 +171,6 @@ For more details about removing a role assignment from an Azure resource, see [R
 
 ## Scope tags
 
-Windows 365 support for scope tags is in [public preview](../public-preview.md).
-
 For RBAC, roles are only part of the equation. While roles work well to define a set of permissions, scope tags help define visibility of your organization’s resources. Scope tags are most helpful when organizing your tenant to have users scoped to certain hierarchies, geographical regions, business units, and so on.
 
 Use Intune to create and manage scope tags. For more information on how scope tags are created and managed, see [Use role-based access control (RBAC) and scope tags for distributed IT](/mem/intune/fundamentals/scope-tags).  
@@ -191,23 +189,16 @@ To make sure that both the Intune-owned **All devices** list and Windows 365-own
 2. Assign the created scope tag  to the dynamic device group.
 3. After the Cloud PC is provisioned and enrolled into Intune, both the All Devices list and All Cloud PCs list should display the same Cloud PCs.  
 
+If you add new scope tags to a provisioning policy, make sure you also add the scope tags to the Intune dynamic group. This addition make ssure the dynamic group honors the new scope tags. Also, check on any Cloud PCs that may have unique scope tags added to them to make sure they're still there after any updates.
+
+To make sure that Windows 365 can honor changes to Intune scope tags, this data is synced from Intune. For more information, see [Privacy, customer data, and customer content in Windows 365](/windows-365/enterprise/privacy-personal-data).
+
 To let scoped administrators view which scope tags are assigned to them and the objects within their scope, they must be assigned one of the following roles:
 
 - Intune read only
 - Cloud PC reader/administrator
 - A custom role with similar permissions.
 
-### Graph API bulk actions and scope tags during the public preview
-
-For the duration of the scope tags public preview, the following bulk actions don't honor scope tags when called directly from the Graph API:
-
-- Restore
-- Reprovision
-- Place Cloud PC under review
-- Remove Cloud PC under review
-- Share Cloud PC restore point to storage
-- Create Cloud PC manual restore point
-
 <!-- ########################## -->
 ## Next steps
 [Role-based access control (RBAC) with Microsoft Intune](/mem/intune/fundamentals/role-based-access-control).

windows-365/enterprise/share-restore-points-storage.md

@@ -31,7 +31,7 @@ ms.collection:
 
 # Share Cloud PC restore points to an Azure Storage Account
 
-Cloud PC [restore points](restore-overview.md) can be shared to a storage account both singly and in bulk.
+Cloud PC [restore points](restore-overview.md) can be shared to a storage account both for single Cloud PCs and in bulk.
 
 You might want to share (move or copy) a Cloud PC and its contents to:
 
@@ -42,25 +42,27 @@ You might want to share (move or copy) a Cloud PC and its contents to:
 
 ## Share a single restore point
 
-1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431) > **Devices** > **Windows 365** > **All Cloud PCs** > select a device > **Restore points** > select the ellipses (**...**) > **Share**.
-1. In the **Share restore point** area, select a **Subscription** and **Storage account**.
-1. Select **Share**.
+1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431) > **Devices** > **Windows 365** > **All Cloud PCs** > select a device > **Restore points** > Fore  restore point, select the ellipses (**...**) > **Share**.
+2. In the **Share restore point** area, select a **Subscription**, **Storage account**, and **[Access tier](/azure/storage/blobs/access-tiers-overview)**. 
+3. Select **Share**.
 
 A folder is created in the storage account. The folder name is identical to the Cloud PC name. The folder contains a VHD copy of the Cloud PC device disk.
 
+To avoid time out issues, only share up to 3000 restore points to an Azure storage account at the same time.  
+
 ## Share multiple restore points in bulk
 
 1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431) > **Devices** > **All devices** > **Bulk Device Actions**.
 ![Screenshot of bulk device actions.](./media/restore-bulk/bulk-device-actions.png)
-1. On the **Basics** page, select the following options:
+2. On the **Basics** page, select the following options:
     1. **OS**: Windows
     1. **Device action**: Share Cloud PC restore point to storage
     1. **Specify date and time**: Choose a date and time. This setting defines the Cloud PC restore point time that you’d like to share. The following options help determine exactly which restore point is used for each of the Cloud PCs you select.
     1. **Select restore point time range**: Choose one of the following options:
         - **Before specified date and time**: Share the closest Cloud PC restore point before the date and time you specified.
         - **After specified date and time**: Share the closest Cloud PC restore point after the date and time you specified.
         - **Whichever is closest (before or after specified date and time)**: Share the Cloud PC restore point closest to the date and time you specified.
-1. Select a **Subscription** and **Storage account** > **Next**.
+1. Select a **Subscription**, **Storage account**, and **Access tier** > **Next**.
 1. On the **Devices** page, choose **Select devices to include**.
 1. In the **Select devices**, choose the Cloud PCs that you want to share restore points for > **Select** > **Next**.
 1. On the **Review + create** page, confirm your choices > **Create**.