Merge branch 'main' into ignite-intune-copilot

MicrosoftDocs · Nov 13, 2024 · b6cc2dc · b6cc2dc
2 parents 6f40a89 + ba0eebb
commit b6cc2dc
Show file tree

Hide file tree

Showing 47 changed files with 337 additions and 208 deletions.
diff --git a/autopilot/dfci-management.md b/autopilot/dfci-management.md
@@ -56,7 +56,7 @@ See the following figure:
 - A currently supported version of Windows and a supported UEFI is required.
 - The device manufacturer must have DFCI added to their UEFI firmware in the manufacturing process, or as a firmware update that can be installed. Work with the device vendors to determine the [manufacturers that support DFCI](#oems-that-support-dfci), or the firmware version needed to use DFCI.
 - The device must be managed with Microsoft Intune. For more information, see [Enroll Windows devices in Intune using Windows Autopilot](/mem/intune/enrollment/enrollment-autopilot).
-- The device must be registered for Windows Autopilot by a [Microsoft Cloud Solution Provider (CSP) partner](https://partner.microsoft.com/membership/cloud-solution-provider), or registered directly by the OEM. For Surface devices, Microsoft registration support is available at [Microsoft Devices Autopilot Support](https://prod.support.services.microsoft.com/supportrequestform/0d8bf192-cab7-6d39-143d-5a17840b9f5f).
+- The device must be registered for Windows Autopilot by a [Microsoft Cloud Solution Provider (CSP) partner](https://partner.microsoft.com/membership/cloud-solution-provider), or registered directly by the OEM. For Surface devices, Microsoft registration support is available at [Microsoft Devices Autopilot Support](https://support.microsoft.com/supportrequestform/0d8bf192-cab7-6d39-143d-5a17840b9f5f).
 
 > [!IMPORTANT]
 >

diff --git a/memdocs/analytics/toc.yml → memdocs/analytics/tocyml.old b/memdocs/analytics/toc.yml → memdocs/analytics/tocyml.old
@@ -54,4 +54,4 @@ items:
   - name: Data collection
     href: data-collection.md
   - name: Get support
-    href: get-support.md
+    href: get-support.md
diff --git a/memdocs/configmgr/comanage/workloads.md b/memdocs/configmgr/comanage/workloads.md
@@ -152,6 +152,8 @@ For more information on the Intune feature, see [What is Microsoft Intune app ma
 
 When you enable Microsoft Connected Cache on your Configuration Manager distribution points, they can serve Microsoft Intune Win32 apps to co-managed clients. For more information, see [Microsoft Connected Cache with Configuration Manager](../core/plan-design/hierarchy/microsoft-connected-cache.md#support-for-intune-win32-apps).
 
+For example, if you wish to deploy the new Store applications (winget) via Microsoft Intune, you need to switch this workload. 
+
 ## Diagram for app workloads
 
 :::image type="content" source="media/co-management-apps.svg" alt-text="Diagram of co-management app workloads." lightbox="media/co-management-apps.svg":::

diff --git a/...core/plan-design/configs/supported-operating-systems-for-clients-and-devices.md b/...core/plan-design/configs/supported-operating-systems-for-clients-and-devices.md
@@ -67,8 +67,10 @@ For more information, see the following articles:
 ### Supported server OS versions
 
 - **Windows Server 2022**: IoT, Standard, Datacenter (_starting in Configuration Manager version 2107_)<!-- 10200029 -->
+    - *Windows Server IoT 2022 for Storage* is not supported
 
-- **Windows Server 2019**: IoT, Standard, Datacenter 
+- **Windows Server 2019**: IoT, Standard, Datacenter
+    - *Windows Server IoT 2019 for Storage* is not supported
 
 - **Windows Server 2016**: Standard, Datacenter 
 

diff --git a/memdocs/configmgr/core/plan-design/hierarchy/accounts.md b/memdocs/configmgr/core/plan-design/hierarchy/accounts.md
@@ -364,7 +364,7 @@ The site server uses the **Exchange Server connection account** to connect to th
 
 ### Management point connection account
 
-The management point uses the **Management point connection account** to connect to the Configuration Manager site database. It uses this connection to send and retrieve information for clients. The management point uses its computer account by default, but you can configure an alternate service account instead. When the management point is in an untrusted domain from the site server, you must specify a alternate service account.
+The management point uses the **Management point connection account** to connect to the Configuration Manager site database. It uses this connection to send and retrieve information for clients. The management point uses its computer account by default, but you can configure an alternate service account instead. When the management point is in an untrusted domain from the site server, you must specify an alternate service account.
 
   > [!NOTE]
   > For enhanced security posture it is recommended to leverage alternate service account rather than Computer account for ‘Management point connection account’.
@@ -391,7 +391,11 @@ For more information, see [Use multicast to deploy Windows over the network](../
 
 ### Network access account
 
-Client computers use the **network access account** when they can't use their local computer account to access content on distribution points. It mostly applies to workgroup clients and computers from untrusted domains. This account is also used during OS deployment, when the computer that's installing the OS doesn't yet have a computer account on the domain.
+Client computers use the **network access account** when they can't use their local computer account to access content on distribution points. It mostly applies to workgroup clients and computers from untrusted domains.
+This account is also used during OS deployment, when the computer that's installing the OS doesn't yet have a computer account on the domain.
+
+> [!NOTE]
+> Managing clients in untrusted domains and cross-forest scenarios allows for multiple network access accounts.
 
 > [!IMPORTANT]
 > The network access account is never used as the security context to run programs, install software updates, or run task sequences. It's used only for accessing resources on the network.
@@ -441,7 +445,6 @@ The network access account is still required for the following actions (includin
 
 - Task Sequence properties setting to **Run another program first**. This setting runs a package and program from a network share before the task sequence starts. For more information, see [Task sequences properties: Advanced tab](../../../osd/deploy-use/manage-task-sequences-to-automate-tasks.md#advanced-tab).
 
-- Managing clients in untrusted domains and cross-forest scenarios allows for multiple network access accounts.
 
 ### Package access account
 
@@ -746,7 +749,7 @@ Configuration Manager grants access to the account used for the reporting servic
 
 ## Elevated permissions
 
-Configuration Manager requires some accounts to have elevated permissions for on-going operations. For example, see [Prerequisites for installing a primary site](../../servers/deploy/install/prerequisites-for-installing-sites.md#bkmk_PrereqPri). The following list summarizes these permissions and the reasons why they're needed.
+Configuration Manager requires some accounts to have elevated permissions for ongoing operations. For example, see [Prerequisites for installing a primary site](../../servers/deploy/install/prerequisites-for-installing-sites.md#bkmk_PrereqPri). The following list summarizes these permissions and the reasons why they're needed.
 
 - The computer account of the primary site server and central administration site server requires:
 

diff --git a/memdocs/configmgr/core/plan-design/network/internet-endpoints.md b/memdocs/configmgr/core/plan-design/network/internet-endpoints.md
@@ -188,6 +188,8 @@ If you use Configuration Manager to deploy and update Microsoft 365 Apps for ent
 
 - `contentstorage.osi.office.net` to support the evaluation of Office add-in readiness<!-- MEMDocs#410 -->
 
+- `clients.config.office.net` to retrieve the names of the files needed for a particular Microsoft 365 Apps update. For more information, see [Using the Microsoft 365 Apps file list API](/office/client-developer/shared/manageability-applications-with-the-office-365-click-to-run-installer#using-the-microsoft-365-apps-file-list-api).
+
 Your top-level site server needs access to the following endpoint to download the Microsoft Apps 365 readiness file:
 
 - Starting March 2, 2021: `https://omex.cdn.office.net/mirrored/sccmreadiness/SOT_SCCM_AddinReadiness.CAB`

diff --git a/memdocs/configmgr/core/servers/manage/modify-your-infrastructure.md b/memdocs/configmgr/core/servers/manage/modify-your-infrastructure.md
@@ -79,7 +79,7 @@ For example, you install the Configuration Manager console from a site server th
 
 Each time the Configuration Manager console opens:
 
-- Tt determines the configured language settings for the computer
+- It determines the configured language settings for the computer
 - Verifies whether an associated language pack is available for the Configuration Manager console
 - Opens the console by using the appropriate language pack
 
@@ -381,4 +381,4 @@ You can modify these values or disable alerts for each site:
 
 You may need to uninstall a Configuration Manager site system role, site, or hierarchy. For more information, see [Uninstall roles, sites, and hierarchies](../deploy/install/uninstall-sites-and-hierarchies.md).
 
-Starting in version 2002, you can also remove the CAS from a hierarchy, but keep the primary site. For more information, see [Remove the CAS](../deploy/install/remove-central-administration-site.md).
+Starting in version 2002, you can also remove the CAS from a hierarchy, but keep the primary site. For more information, see [Remove the CAS](../deploy/install/remove-central-administration-site.md).