Merge pull request #16929 from MicrosoftDocs/main

Published main to live, Thursday 10:30 AM PST, 12/12

autopilot/self-deploying.md

@@ -61,7 +61,7 @@ Optionally, a [device-only subscription](https://techcommunity.microsoft.com/t5/
 
 > [!NOTE]
 >
-> Intune doesn't automatically configure a primary user when using self-deploying mode in Autopilot to provision a Windows device. Some Intune capabilities rely on a primary user being set on a device. These features include user self-service BitLocker recovery key retrieval and using the Company Portal to install software. Using self-provisioning mode for Autopilot doesn't preclude a licensed user from logging into the device and using features entitled to that user such as conditional access. For more information, see [Windows Autopilot scenarios and capabilities](windows-autopilot-scenarios.md).
+> Intune doesn't automatically configure a primary user when using self-deploying mode in Autopilot to provision a Windows device. Some Intune capabilities rely on a primary user being set on a device. These features include user self-service BitLocker recovery key retrieval and using the Company Portal to install software. Using self-provisioning mode for Autopilot doesn't preclude a licensed user from logging into the device and using features entitled to that user such as Conditional Access. For more information, see [Windows Autopilot scenarios and capabilities](windows-autopilot-scenarios.md).
 >
 > If desired, a primary user can be manually set after device provisioning via the Intune admin center. For more information, see [Change a devices primary user](/mem/intune/remote-actions/find-primary-user#change-a-devices-primary-user).
 

memdocs/analytics/work-from-anywhere.md

@@ -60,7 +60,7 @@ Benefits of each cloud management type:<!--IN7207657-->
 | Manage your clients anywhere | :::image type="content" source="media/green-check.png" border="false" alt-text="Yes."::: | :::image type="content" source="media/green-check.png" border="false" alt-text="Yes."::: | :::image type="content" source="media/green-check.png" border="false" alt-text="Yes."::: | :::image type="content" source="media/green-check.png" border="false" alt-text="Yes."::: |
 | View and take action on all Windows PCs from Microsoft Intune admin center| |:::image type="content" source="media/green-check.png" border="false" alt-text="Yes.":::| :::image type="content" source="media/green-check.png" border="false" alt-text="Yes.":::| :::image type="content" source="media/green-check.png" border="false" alt-text="Yes."::: |
 | Modernize your directory approach with Microsoft Entra ID | |:::image type="content" source="media/green-check.png" border="false" alt-text="Yes.":::| :::image type="content" source="media/green-check.png" border="false" alt-text="Yes.":::| :::image type="content" source="media/green-check.png" border="false" alt-text="Yes."::: |
-|Enhance Zero Trust with conditional access| | |:::image type="content" source="media/green-check.png" border="false" alt-text="Yes.":::| :::image type="content" source="media/green-check.png" border="false" alt-text="Yes."::: |
+|Enhance Zero Trust with Conditional Access| | |:::image type="content" source="media/green-check.png" border="false" alt-text="Yes.":::| :::image type="content" source="media/green-check.png" border="false" alt-text="Yes."::: |
 | Make device provisioning easier by enabling Windows Autopilot |  | |:::image type="content" source="media/green-check.png" border="false" alt-text="Yes.":::| :::image type="content" source="media/green-check.png" border="false" alt-text="Yes."::: |
 | Gain more remote access with Intune | | |:::image type="content" source="media/green-check.png" border="false" alt-text="Yes.":::| :::image type="content" source="media/green-check.png" border="false" alt-text="Yes."::: |
 | Split PC management workloads between cloud and on-premises | | |:::image type="content" source="media/green-check.png" border="false" alt-text="Yes.":::| |

memdocs/configmgr/apps/plan-design/plan-for-software-center.md

@@ -31,7 +31,7 @@ Use client settings to configure the appearance and behaviors of Software Center
 
 - Configure which default tabs are visible, and add up to five custom tabs to Software Center.<!--4063773-->
 
-  In Configuration Manager 2103 and earlier, when single sign on with multifactor authentication is used, you may not be able to sign into custom tabs that load a website that's subject to conditional access policies. <!--10436429-->
+  In Configuration Manager 2103 and earlier, when single sign on with multifactor authentication is used, you may not be able to sign into custom tabs that load a website that's subject to Conditional Access policies. <!--10436429-->
 
 - You can configure co-managed devices to use the Company Portal for both Intune and Configuration Manager apps. For more information, see [Use the Company Portal app on co-managed devices](../../comanage/company-portal.md).<!--CMADO-3601237,INADO-4297660-->
 

memdocs/configmgr/cloud-attach/toc.yml

@@ -137,7 +137,7 @@ items:
       href: ../comanage/workloads.md?toc=/mem/configmgr/cloud-attach/toc.json&bc=/mem/configmgr/cloud-attach/breadcrumb/toc.json
     - name: Switch workloads to Intune
       href: ../comanage/how-to-switch-workloads.md?toc=/mem/configmgr/cloud-attach/toc.json&bc=/mem/configmgr/cloud-attach/breadcrumb/toc.json
-    - name: Conditional access
+    - name: Conditional Access
       href: ../comanage/quickstart-conditional-access.md?toc=/mem/configmgr/cloud-attach/toc.json&bc=/mem/configmgr/cloud-attach/breadcrumb/toc.json
     - name: Remote actions from Intune
       href: ../comanage/quickstart-remote-actions.md?toc=/mem/configmgr/cloud-attach/toc.json&bc=/mem/configmgr/cloud-attach/breadcrumb/toc.json

memdocs/configmgr/comanage/coexistence.md

@@ -33,7 +33,7 @@ When the Configuration Manager client detects that a third-party MDM service is
 - Application management, including legacy packages
 - Software update scanning and installation
 - Endpoint protection, the Windows Defender suite of antimalware protection features
-- Compliance policy for conditional access
+- Compliance policy for Conditional Access
 - Device configuration
 - Office Click-to-Run management
 

memdocs/configmgr/comanage/faq.yml

@@ -104,7 +104,7 @@ sections:
       - question: |
           I've enabled co-management, which workload should I switch first?
         answer: |
-          **Compliance** is the workload that most customers switch first. If you switch this workload to Intune, you can still require devices to evaluate settings from Configuration Manager. When you configure a compliance policy in Intune, enable it to require device [compliance from Configuration Manager](../../intune/protect/compliance-policy-create-windows.md#configuration-manager-compliance). Then you can use device compliance state to control [conditional access](../../intune/protect/conditional-access.md) to cloud-based resources. This configuration lets you start using the cloud services without changing the compliance checks you already have in Configuration Manager.
+          **Compliance** is the workload that most customers switch first. If you switch this workload to Intune, you can still require devices to evaluate settings from Configuration Manager. When you configure a compliance policy in Intune, enable it to require device [compliance from Configuration Manager](../../intune/protect/compliance-policy-create-windows.md#configuration-manager-compliance). Then you can use device compliance state to control [Conditional Access](../../intune/protect/conditional-access.md) to cloud-based resources. This configuration lets you start using the cloud services without changing the compliance checks you already have in Configuration Manager.
 
           After compliance, the most common workloads are **Office Click-to-Run apps**, **Client apps**, and **Windows Update policies**.
 
@@ -140,7 +140,7 @@ sections:
       - question: |
           With co-management, can I use compliance policies in Intune and compliance settings in Configuration Manager to assess overall device compliance?
         answer: |
-          Yes. Once you have your environment co-managed, and switch the compliance workload to Intune, you can use your existing Configuration Manager compliance settings and integrate them with [conditional access](../../intune/protect/conditional-access.md). For more information, see the following articles:
+          Yes. Once you have your environment co-managed, and switch the compliance workload to Intune, you can use your existing Configuration Manager compliance settings and integrate them with [Conditional Access](../../intune/protect/conditional-access.md). For more information, see the following articles:
 
           - [Include custom configuration baselines as part of compliance policy assessment](../compliance/deploy-use/create-configuration-baselines.md#bkmk_CAbaselines)
 

memdocs/configmgr/comanage/how-to-enable.md

@@ -38,7 +38,7 @@ Make sure the co-management prerequisites are set up before you start this proce
 
 Now that you've enabled co-management, look at the following articles for immediate value you can gain in your environment:
 
-- [Conditional access](quickstart-conditional-access.md)  
+- [Conditional Access](quickstart-conditional-access.md)  
 
 - [Remote actions from Intune](quickstart-remote-actions.md)  
 

memdocs/configmgr/comanage/overview.md

@@ -18,7 +18,7 @@ ms.reviewer: mstewart,aaroncz
 # What is co-management?
 
 <!-- 1350871 -->
-Co-management is one of the primary ways to attach your existing Configuration Manager deployment to the Microsoft 365 cloud. It helps you unlock more cloud-powered capabilities like conditional access.
+Co-management is one of the primary ways to attach your existing Configuration Manager deployment to the Microsoft 365 cloud. It helps you unlock more cloud-powered capabilities like Conditional Access.
 
 Co-management enables you to concurrently manage Windows 10 or later devices by using both Configuration Manager and Microsoft Intune. It lets you cloud-attach your existing investment in Configuration Manager by adding new functionality. By using co-management, you have the flexibility to use the technology solution that works best for your organization.
 
@@ -45,7 +45,7 @@ For more information on the paths, see [Paths to co-management](quickstart-paths
 
 When you enroll existing Configuration Manager clients in co-management, you gain the following immediate value:
 
-- Conditional access with device compliance
+- Conditional Access with device compliance
 
 - Intune-based remote actions, for example: restart, remote control, or factory reset
 

memdocs/configmgr/comanage/quickstart-hybrid-aad.md

@@ -16,9 +16,9 @@ ms.reviewer: mstewart,aaroncz
 
 # Use Microsoft Entra ID for co-management
 
-In the cloud, identity is the new control plane. Microsoft Entra ID allows you to link your users, devices, and applications across both cloud and on-premises environments. Registering your devices to Microsoft Entra ID enables you to improve productivity for your users and security for your resources. Having devices in Microsoft Entra ID is the foundation for both co-management and device-based conditional access.
+In the cloud, identity is the new control plane. Microsoft Entra ID allows you to link your users, devices, and applications across both cloud and on-premises environments. Registering your devices to Microsoft Entra ID enables you to improve productivity for your users and security for your resources. Having devices in Microsoft Entra ID is the foundation for both co-management and device-based Conditional Access.
 
-For more information on device-based conditional access, see [How To: Require managed devices for cloud app access with conditional access](/azure/active-directory/conditional-access/require-managed-devices).
+For more information on device-based Conditional Access, see [How To: Require managed devices for cloud app access with Conditional Access](/azure/active-directory/conditional-access/require-managed-devices).
 
 In the following video, senior program manager Sandeep Deo and product marketing manager Adam Harbour discuss and demo Microsoft Entra ID for co-management:
 
@@ -66,11 +66,11 @@ Windows Hello for Business brings strong password-less authentication to Windows
 
 For more information, see [Windows Hello for Business](/windows/security/identity-protection/hello-for-business/hello-identity-verification).
 
-### Device-based conditional access
+### Device-based Conditional Access
 
-Enable conditional access based on the device state to better protect your organization's data. Device-based conditional access requires a managed device. This device must be a compliant device or a Microsoft Entra hybrid joined device. For Microsoft Entra joined devices, you need Intune to mark the device as compliant. But for Microsoft Entra hybrid joined devices, the device state itself is used to evaluate conditional access. Co-management provides you the additional advantage of evaluating compliance through Intune for Microsoft Entra hybrid joined devices. This feature makes sure the device configuration is intact.
+Enable Conditional Access based on the device state to better protect your organization's data. Device-based Conditional Access requires a managed device. This device must be a compliant device or a Microsoft Entra hybrid joined device. For Microsoft Entra joined devices, you need Intune to mark the device as compliant. But for Microsoft Entra hybrid joined devices, the device state itself is used to evaluate Conditional Access. Co-management provides you the additional advantage of evaluating compliance through Intune for Microsoft Entra hybrid joined devices. This feature makes sure the device configuration is intact.
 
-For more information on device-based conditional access, see [How To: Require managed devices for cloud app access with conditional access](/azure/active-directory/conditional-access/require-managed-devices).
+For more information on device-based Conditional Access, see [How To: Require managed devices for cloud app access with Conditional Access](/azure/active-directory/conditional-access/require-managed-devices).
 
 ### Automatic device licensing
 

memdocs/configmgr/comanage/quickstarts.md

@@ -28,13 +28,13 @@ In the following video, Microsoft corporate vice president Brad Anderson introdu
 
 | Immediate value | Getting started |
 |-----------------|-----------------|
-| - [Conditional access](#bkmk_ca)<br> - [Remote actions from Intune](#bkmk_remote)<br> - [Client health](#bkmk_client-health)<br> - [Hybrid Microsoft Entra ID](#bkmk_hybrid-aad)<br> - [Windows Autopilot](#bkmk_autopilot) | - [Paths to co-management](#bkmk_paths)<br> - [Set up hybrid Microsoft Entra ID](#bkmk_setup-hybrid-aad)<br> - [Upgrade Windows](#bkmk_upgrade-win10)<br> - [Get help from FastTrack](#bkmk_fasttrack) |
+| - [Conditional Access](#bkmk_ca)<br> - [Remote actions from Intune](#bkmk_remote)<br> - [Client health](#bkmk_client-health)<br> - [Hybrid Microsoft Entra ID](#bkmk_hybrid-aad)<br> - [Windows Autopilot](#bkmk_autopilot) | - [Paths to co-management](#bkmk_paths)<br> - [Set up hybrid Microsoft Entra ID](#bkmk_setup-hybrid-aad)<br> - [Upgrade Windows](#bkmk_upgrade-win10)<br> - [Get help from FastTrack](#bkmk_fasttrack) |
 
 ## Immediate value
 
 |Title |Description |Link |
 |-|-|-|
-| <a name="bkmk_ca"></a>**Conditional access with device compliance** | Control user access to corporate resources based on compliance rules from Intune. | [![Thumbnail of conditional access video.](media/thumbnail-conditional-access.png)](quickstart-conditional-access.md) |
+| <a name="bkmk_ca"></a>**Conditional Access with device compliance** | Control user access to corporate resources based on compliance rules from Intune. | [![Thumbnail of Conditional Access video.](media/thumbnail-conditional-access.png)](quickstart-conditional-access.md) |
 | <a name="bkmk_remote"></a>**Remote actions from Intune** | Run remote actions from Intune for co-managed devices. For example, wipe and reset a device and maintain enrollment and account. | [![Thumbnail of remote actions video.](media/thumbnail-remote-action.png)](quickstart-remote-actions.md) |
 | <a name="bkmk_client-health"></a>**Configuration Manager client health** | Maintain visibility of Configuration Manager client health from the Microsoft Intune admin center. | [![Thumbnail of client health video.](media/thumbnail-client-health.png)](quickstart-client-health.md) |
 | <a name="bkmk_hybrid-aad"></a>**Microsoft Entra ID** | With Microsoft Entra ID you can take advantage of improved productivity for your users and security for your resources, across both cloud and on-prem environments. | [![Thumbnail of hybrid Microsoft Entra video.](media/thumbnail-azure-ad.png)](quickstart-hybrid-aad.md) |

memdocs/configmgr/comanage/toc.yml

@@ -13,7 +13,7 @@ items:
     href: quickstarts.md
   - name: Immediate value
     items:
-    - name: Conditional access
+    - name: Conditional Access
       href: quickstart-conditional-access.md
     - name: Remote actions from Intune
       href: quickstart-remote-actions.md

memdocs/configmgr/comanage/tutorial-co-manage-clients.md

@@ -183,4 +183,4 @@ When you enable co-management, you'll assign a collection as a *Pilot group*. Th
 
 - Review the status of co-managed devices with the [Co-management dashboard](how-to-monitor.md)
 - Start getting [immediate value](quickstarts.md#immediate-value) from co-management
-- Use [conditional access](quickstart-conditional-access.md) and Intune compliance rules to manage user access to corporate resources
+- Use [Conditional Access](quickstart-conditional-access.md) and Intune compliance rules to manage user access to corporate resources

memdocs/configmgr/comanage/workloads.md

@@ -38,7 +38,7 @@ Co-management supports the following workloads:
 
 ## Compliance policies
 
-Compliance policies define the rules and settings that a device must comply with to be considered compliant by conditional access policies. Also use compliance policies to monitor and remediate compliance issues with devices independently of conditional access. You can add evaluation of custom configuration baselines as a compliance policy assessment rule. For more information, see [Include custom configuration baselines as part of compliance policy assessment](../compliance/deploy-use/create-configuration-baselines.md#bkmk_CAbaselines).
+Compliance policies define the rules and settings that a device must comply with to be considered compliant by Conditional Access policies. Also use compliance policies to monitor and remediate compliance issues with devices independently of Conditional Access. You can add evaluation of custom configuration baselines as a compliance policy assessment rule. For more information, see [Include custom configuration baselines as part of compliance policy assessment](../compliance/deploy-use/create-configuration-baselines.md#bkmk_CAbaselines).
 
 For more information on the Intune feature, see [Use compliance policies to set rules for devices you manage with Intune](../../intune/protect/device-compliance-get-started.md).