Merging changes synced from https://github.com/MicrosoftDocs/memdocs-pr…

… (branch live)

memdocs/intune/apps/store-apps-company-portal-app.md

@@ -8,7 +8,7 @@ keywords:
 author: Erikre
 ms.author: erikre
 manager: dougeby
-ms.date: 02/27/2024
+ms.date: 08/27/2024
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: apps
@@ -32,63 +32,45 @@ ms.collection:
 - highpri
 ---
 
-# Add the Windows 10 Company Portal app by using Microsoft Intune
+# Add the Windows Company Portal app by using Microsoft Intune
 
 [!INCLUDE [azure_portal](../includes/azure_portal.md)]
 
-To manage devices and install apps, your users can install the Company Portal app themselves from the Microsoft Store or download it from the [Microsoft Intune Company Portal for Windows](../apps/store-apps-company-portal-app.md#download-the-offline-company-portal-app). If your business needs require that you assign the Company Portal app to them, however, you can assign the Windows 10 Company Portal app directly from Intune.
+To manage devices and install apps, your users can install the Company Portal app themselves from the Microsoft Store or download it from the [Microsoft Intune Company Portal for Windows](../apps/store-apps-company-portal-app.md#download-the-offline-company-portal-app). If your business needs require that you assign the Company Portal app to them, however, you can assign the Company Portal app for Windows directly from Intune.
 
  > [!IMPORTANT]
- > If you download the Company Portal app, the option described in this article requires that you assign manual updates each time an app update is released. To deploy the Company Portal app for Windows 10 Autopilot provisioned devices, see [Add Windows 10 Company Portal app Autopilot devices](store-apps-company-portal-autopilot.md).
+ > To deploy the Company Portal app for Autopilot provisioned devices, see [Add Company Portal app for Autopilot devices](store-apps-company-portal-autopilot.md).
 
 > [!NOTE]
 > The Company Portal supports Configuration Manager applications. This feature allows end users to see both Configuration Manager and Intune deployed applications in the Company Portal for co-managed customers. This new version of the Company Portal will display Configuration Manager deployed apps for all co-managed customers. This support will help administrators consolidate their different end user portal experiences. For more information, see [Use the Company Portal app on co-managed devices](../../configmgr/comanage/company-portal.md).
 
 ## Download the offline Company Portal app
 
-1. Search for and then select the **Company Portal** app.
-2. Set the **License type** to **Offline**. Offline apps are managed by Intune, whereas online apps are managed by the store. Use offline apps when you need to install and maintain a specific app version.
-3. Select **Get the app** to acquire and add the offline Company Portal app to your inventory. If you already have the offline app, you can select the **Manage** option.
-4. For **Platform**, select **Windows 10 all devices**, and then select the appropriate **Minimum version**, **Architecture**, and **Download app metadata** values.
-5. Select **Download** to save the file to your local machine.
-
-    ![Windows 10 devices, where architecture equals X86, is selected](./media/app-sideload-windows/Win10CP-all-devices.png)
-
-6. Download all the packages under "Required Frameworks" by selecting **Download**.  
-
-    This action must be completed for x86, x64, and ARM architectures:<br> 
-    *There are 9 Required Framework Packages when selecting 1507 as the minimum OS Version, 12 packages when selecting 1511, and 15 packages when selecting 1607.*
-
-7. In Microsoft Intune in the portal, upload the Company Portal app as a new app. You add the application by selecting Line-of-business app as the **App type** in the **Select app type** pane. You then select the app package file (extension .AppxBundle).
-
-8. Under **Select dependency app files** select all the dependencies you downloaded in step 7 by using shift-click, and verify that the **Added** column displays **Yes** for the architectures you need.
+1. Use the [Windows Package Manager](/windows/package-manager/winget) command-line tool, also known as *Winget.exe*, to download the Company Portal app for Windows with dependencies. Files are downloaded to the Downloads folder on your device by default.  
+
+1. In the Microsoft Intune admin center, upload the Company Portal app as a new app.
+    1. Go to **Apps** > **By platform** and select **Windows**. 
+    1. Select  **Add**. 
+    1. For **App type**, choose **Other** > **Line-of-business app**.  
+    1. Choose **Select** to continue.  
+    1. On the **App information** page, choose **Select app package file**. 
+    1. In the new pane, select the **File** upload button, and then upload the app package file. The file you want to select has the app package (.appxbundle) extension.   
+1. Detected dependencies appear. Under **Select dependency app files**, select all dependencies you downloaded in step 1.
+
+   1. **Shift + click** to select all dependencies.
+
+   1. Under the **Added** column, verify that **Yes** appears for the architectures you need.  
 
      > [!NOTE]
-     > If the dependencies are not added, the app might not install on the specified device types.
-
-9. Click **Ok**, enter any desired **App Information**, and click **Add**.
+     > If you don't add the dependencies, installation could fail for the selected device types.  
 
-10. Assign the Company Portal app as a required app to your selected set of user or device groups.  
+1. Select **Ok**.  
+1. Under **App information**, enter any information about the app.
+1. Select **Add**.  
+1. Assign the Company Portal app as a required app to selected users or device groups.   
 
 For more information about how Intune handles dependencies for Universal apps, see [Deploying an appxbundle with dependencies via Microsoft Intune MDM](/archive/blogs/configmgrdogs/deploying-an-appxbundle-with-dependencies-via-microsoft-intune-mdm).  
 
-## Frequently asked questions
-
- > [!NOTE]
- > Microsoft Intune will be ending support on October 21, 2022 for devices running Windows 8.1. Intune will no longer support Windows 8.1 sideloading.
-
-### How do I update the Company Portal app on my users' devices if they have already installed the older apps from the store?
-
-If your users have already installed the Windows 8.1 Company Portal apps from the Microsoft Store, their apps should be automatically updated to the latest version with no action required from you or your users. If the update does not happen, ask your users to confirm that they have enabled auto-updates for Store apps on their devices.
-
-### How do I upgrade my sideloaded Windows 8.1 Company Portal app to the Windows 10 Company Portal app?
-
-Our recommended migration path is to delete the assignment for the Windows 8.1 Company Portal app by setting the assignment action to **Uninstall**. After you select this setting, you can assign the Windows 10 Company Portal app by using any of the previously discussed options.  
-
-If you need to sideload the app and you assigned the Windows 8.1 Company Portal without signing it with the Symantec Certificate, complete the upgrade by completing the steps in the preceding sections of this article.
-
-If you need to sideload the app and you signed and assigned the Windows 8.1 Company Portal app with the Symantec code-signing certificate, follow the steps in the next section.
-
 ## Next steps
 
 - [Assign apps to groups](apps-deploy.md)

memdocs/intune/fundamentals/windows-10-virtual-machines.md

@@ -31,7 +31,7 @@ ms.collection:
 - M365-identity-device-management
 ---
 
-# Using Windows 10 virtual machines with Intune
+# Using Windows 10/11 virtual machines with Intune
 
 Intune supports managing virtual machines running Windows 10 Enterprise with certain limitations. Intune management doesn't depend on, or interfere with Azure Virtual Desktop management of the same virtual machine.
 
@@ -41,9 +41,9 @@ Intune supports managing virtual machines running Windows 10 Enterprise with cer
 
 - Windows Autopilot Self-deploying and pre-provisioning deployment types aren't supported because they require a physical Trusted Platform Module (TPM).
 
-- Out of Box Experience (OOBE) enrollment isn't supported on VMs that can only be accessed by using RDP (such as VMs that are hosted on Azure).
+- Out of Box Experience (OOBE) enrollment isn't supported on non-persistent VMs that can only be accessed by using RDP (such as VMs that are hosted on Azure).
 This restriction means:
-  - Windows Autopilot and Commercial OOBE aren't supported.
+- Windows Autopilot and Commercial OOBE aren't supported.
   - Enrollment Status Page isn't supported.
 
 ## Configuration

memdocs/intune/protect/blackberry-mtd-connector-integration.md

@@ -8,7 +8,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 11/17/2023
+ms.date: 08/27/2024
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect
@@ -81,10 +81,10 @@ For more information about consent and Microsoft Entra applications, see [Introd
 8. Sign in with your Microsoft Entra account, and then follow the instructions in [Integrating UES with Intune to respond to mobile threats](https://docs.blackberry.com/en/unified-endpoint-security/blackberry-ues/setup/setup/Setting-up-BlackBerry-Protect/Integrating-EMM-to-respond-to-mobile-threats) (opens BlackBerry UES docs) to complete setup.
 9. After you finish setup in the UES management console, return to your tab in the Microsoft Intune admin center.
 10. Under **MDM Compliance Policy Settings**, turn on the following settings:
-    * **Connect Android devices to BlackBerry Protect Mobile**
-    * **Connect iOS devices to BlackBerry Protect Mobile**
+    - **Connect Android devices to BlackBerry Protect Mobile**
+    - **Connect iOS devices to BlackBerry Protect Mobile**
     These settings allow BlackBerry Protect Mobile to evaluate the devices in your organization.
- 11. Select **Create** to save your connector configurations.
+11. Select **Create** to save your connector configurations.
 
 ## Next steps
 

memdocs/intune/protect/checkpoint-sandblast-mobile-mtd-connector-integration.md

@@ -1,14 +1,14 @@
 ---
 # required metadata
 
-title: Set up  Check Point Harmony integration with Intune
+title: Set up Check Point Harmony integration with Intune
 titleSuffix: Microsoft Intune
 description: How to set up CheckPoint Harmony Mobile Threat Defense (MTD) with Microsoft Intune to control mobile device access to your corporate resources.
 keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 11/17/2023
+ms.date: 08/27/2024
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect

memdocs/intune/protect/epm-data-collection.md

@@ -1,5 +1,5 @@
 ---
-title: Review the data that Endpoint Privilege Management collects when used with Microsoft Intune
+title: Review the type of data that Microsoft Intune Endpoint Privilege Management collects
 description: View details about the type of data Endpoint Privilege Management can collect and store when used with Microsoft Intune.
 keywords:
 author: brenduns
@@ -49,15 +49,19 @@ Endpoint Privilege Management on devices can be configured to report on the foll
 - Diagnostic data
 - Usage data
 
-When configuring EPM, you configure the *Send elevation data for reporting* and *Reporting scope* settings in a [Windows elevation settings policies](../protect/epm-policies.md#about-windows-elevation-settings-policy) to determine which data is reported to Microsoft.
+When configuring EPM, you configure the *Send elevation data for reporting* and *Reporting scope* settings in an Intune [Windows elevation settings policy](../protect/epm-policies.md#about-windows-elevation-settings-policy) to determine which data is reported to Microsoft.
 
 ## Diagnostic Data
 
 Diagnostic data is event data that is used by Microsoft to monitor the health of the client side components that provide the capability to elevate as a standard user.
 
 ## Usage Data
 
-Usage data is elevation data that is used by customers to determine what elevations have occurred in their environment. This data is stored with your Intune infrastructure and is used to populate the elevation reports. When configuring *reporting scope*, you have the ability to configure what scope of data is collected. You can choose between none, only elevations completed by EPM, or all elevations that take place on a device.
+Usage data is elevation data that is used by customers to determine what elevations have occurred in their environment. This data is stored with your Intune infrastructure and is used to populate the [elevation reports](../protect/epm-reports.md). When configuring *reporting scope*, you configure what scope of data is collected and can choose between:
+
+- *Diagnostic data* only
+- *Diagnostic data and all endpoint elevations* that take place on a device
+- *Diagnostic data and managed elevations only*
 
 ### Data collection reference
 
@@ -97,10 +101,10 @@ Usage data is elevation data that is used by customers to determine what elevati
 ||Operation Type|Type of policy application, used for policy application operations |
 ||Cancellation Action Type|Type of cancellation generated by the Administrator|
 
-
 ## Next steps
 
 - [Learn about Endpoint Privilege Management](../protect/epm-overview.md)
 - [Guidance for creating Elevation Rules](../protect/epm-guidance-for-creating-rules.md)
 - [Configure policies for Endpoint Privilege Management](../protect/epm-policies.md)
 - [Reports for Endpoint Privilege Management](../protect/epm-reports.md)
+- [Deployment considerations and frequently asked questions](../protect/epm-deployment-considerations-ki.md)

memdocs/intune/protect/pradeo-mobile-threat-defense-connector.md

@@ -8,7 +8,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 11/17/2023
+ms.date: 08/27/2024
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect

memdocs/intune/protect/pradeo-mtd-connector-integration.md

@@ -1,14 +1,14 @@
 ---
 # required metadata
 
-title: Set up the Pradeo integration with Intune
+title: Set up Pradeo Mobile Threat Defense to integrate with Intune
 titleSuffix: Intune on Azure
 description: How to set up the Pradeo Mobile Threat Protection solution with Microsoft Intune to control mobile device access to your corporate resources.
 keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 11/17/2023
+ms.date: 08/27/2024
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect

memdocs/intune/protect/skycure-mobile-threat-defense-connector.md

@@ -8,7 +8,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 11/17/2023
+ms.date: 08/27/2024
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect
@@ -46,6 +46,7 @@ You can control mobile device access to corporate resources using Conditional Ac
 You can enable SEP Mobile risk assessment through Intune device compliance policies, and then use Conditional Access policies to allow or block noncompliant device access to corporate resources based on detected threats.
 
 > [!NOTE]
+>
 > This Mobile Threat Defense vendor is not supported for unenrolled devices.
 
 ## Supported platforms

memdocs/intune/protect/skycure-mtd-connector-integration.md

@@ -8,7 +8,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 11/17/2023
+ms.date: 08/27/2024
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect

memdocs/intune/protect/sophos-mtd-connector-integration.md

@@ -8,7 +8,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 11/17/2023
+ms.date: 08/27/2024
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect

memdocs/intune/protect/sophos-mtd-connector.md

@@ -8,7 +8,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 11/29/2023
+ms.date: 08/27/2024
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect

memdocs/intune/protect/trend-micro-mobile-threat-defense-connector.md

@@ -7,7 +7,7 @@ description: How to set up Trend Micro Mobile Threat Defense with with Microsoft
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 11/17/2023
+ms.date: 08/27/2024
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect
@@ -41,11 +41,10 @@ Control mobile device access to corporate resources using Conditional Access bas
 
 You can configure Conditional Access policies based on Trend Micro Mobile Security as a Service’s risk assessment, enabled through Intune device compliance policies for enrolled devices. You can set up your policies to allow or block noncompliant devices from accessing corporate resources based on detected threats.
 
-<!-- Trend Micro links are no longer available - and replacement content is not identified. >
-For more information about how to integrate Trend Micro with Microsoft Intune, see [Integration with Microsoft Endpoint Manager (Intune)](http://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security/getting-started-with_003/integration-with-int.aspx) in the [Trend Micro Mobile Security documentation](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security.aspx).
--->
+For more information about how to integrate Trend Micro with Microsoft Intune, see [Setting up Intune integration](https://docs.trendmicro.com/documentation/article/trend-vision-one-setting-up-intune-integration) in the Trend Micro Mobile Security documentation.
 
 > [!NOTE]
+>
 > This Mobile Threat Defense vendor is not supported for unenrolled devices.
 
 ## Supported platforms

memdocs/intune/protect/trend-micro-mtd-connector-integration.md

@@ -8,7 +8,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 11/17/2023
+ms.date: 08/27/2024
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect
@@ -33,7 +33,7 @@ ms.collection:
 
 # Connect Trend Micro Mobile Security as a Service with Microsoft Intune
 
-Connect Trend Micro Mobile Security as a Service to monitor and mitigate device risk levels on Intune-managed devices. Trend Micro Mobile Security as a Service works by reporting device risk levels to Microsoft Intune. Intune then uses that information to enforce the appropriate app configuration and risk assessment policies. For more information about Trend Micro Mobile Security as a Service, see [Getting Started with Mobile Security](https://docs.trendmicro.com/en-us/enterprise/trend-vision-one/mobile-security/getting-started-with_003.aspx) in the Trend Micro documentation.
+Connect Trend Micro Mobile Security as a Service to monitor and mitigate device risk levels on Intune-managed devices. Trend Micro Mobile Security as a Service works by reporting device risk levels to Microsoft Intune. Intune then uses that information to enforce the appropriate app configuration and risk assessment policies. For more information about Trend Micro Mobile Security as a Service, see [Getting Started with Mobile Security](https://docs.trendmicro.com/documentation/article/trend-vision-one-getting-started-mobile-security) in the Trend Micro documentation.
 
 This article describes the requirements and steps to connect Trend Micro Mobile Security as a Service in your tenant.
 
@@ -72,7 +72,7 @@ The configuration of Trend Micro Mobile Security as a Service and Intune integra
 
 2. **Select groups to install Trend Micro Mobile Security as a Service mobile app.** - Trend Micro Mobile Security as a Service mobile app installs automatically on devices in the selected groups.
 
-3. **(Optional) Create mobile policies.** - Optionally create customized mobile security policies provided by Trend Micro Mobile Security as a Service. For more information, see [Configuring Mobile Policies](https://docs.trendmicro.com/en-us/enterprise/trend-micro-xdr-help/configuringmobilepolicy).
+3. **(Optional) Create mobile policies.** - Optionally create customized mobile security policies provided by Trend Micro Mobile Security as a Service. For more information, see [Configuring Mobile Policies](https://docs.trendmicro.com/enterprise/trend-micro-xdr-help/configuringmobilepolicy).
 
 4. **Confirm mobile app status update.**
 
@@ -90,5 +90,5 @@ The configuration of Trend Micro Mobile Security as a Service and Intune integra
 
 ## Next steps
 
-- [Customize Mobile Policies in Trend Micro Mobile Security as a Service](https://docs.trendmicro.com/en-us/enterprise/trend-vision-one/mobile-security/integration-with-mdm/mobile-policy/configuring-mobile-p.aspx)
+- [Customize Mobile Policies in Trend Micro Mobile Security as a Service](https://docs.trendmicro.com/documentation/article/trend-vision-one-configuring-mobile-policies)
 - [Create Mobile Threat Defense (MTD) device compliance policy with Intune](../protect/mtd-device-compliance-policy-create.md)

memdocs/intune/protect/zimperium-mtd-connector-integration.md

@@ -8,7 +8,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 11/17/2023
+ms.date: 08/27/2024
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect