Merge pull request #8390 from MandiOhlinger/15027949

15027949 - 2209 release: AOSP is GA

Author: Angela Fleischmann

memdocs/intune/configuration/device-restrictions-android-aosp.md

@@ -1,13 +1,13 @@
 ---
 # required metadata
 
-title: Device restriction settings for Android (AOSP) platform in Microsoft Intune
-description: Use Android (AOSP) restriction settings to control a wide range of settings and features on AOSP devices.  
+title: Device restriction settings for Android (AOSP) in Microsoft Intune
+description: On Android Open Source Project (AOSP) devices, restrict settings on the device. You can block the camera, block screenshots, disable bluetooth, block USB file transfer, and more in Microsoft Intune.
 keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 10/19/2021
+ms.date: 09/20/2022
 ms.topic: conceptual
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -20,28 +20,26 @@ ms.technology:
 
 params:
   siblings_only: true
-ms.reviewer: mikedano, chmaguir, chrisbal, priyar
+ms.reviewer: priyar
 ms.suite: ems
 search.appverid: MET150
 #ms.tgt_pltfrm:
-ms.custom: intune-azure, seodec18
+ms.custom: intune-azure
 ms.collection: M365-identity-device-management
 ---
 
 # Android (AOSP) device settings to allow or restrict features using Intune
 
-*This feature is in public preview.*
+This article describes the different settings you can control on Android (AOSP) devices. You can use these restrictions to configure password requirements and access to device features.
 
-This article describes the different settings you can control on Android (AOSP) devices. You can use these restrictions to configure password requirements and access to device features. 
+This feature applies to:
 
-This feature applies to the following Android (AOSP) device types: 
-
-- Corporate-owned, userless devices (shared)  
-- Corporate-owned, user-associated devices (single user)  
+- Android Open Source Project (AOSP) corporate-owned userless devices (shared)  
+- Android Open Source Project (AOSP) corporate-owned user-associated devices (single user)  
 
 ## Before you begin
 
-To access these settings, create an [Android (AOSP) device restrictions profile](device-restrictions-configure.md). When prompted to select a **Platform**, choose **Android (AOSP)**.    
+Create an [AOSP device restrictions profile](device-restrictions-configure.md). For the platform, select **Android (AOSP)**.
 
 ## Device password  
 
@@ -53,20 +51,20 @@ To access these settings, create an [Android (AOSP) device restrictions profile]
 
     - **Minimum password length**: Enter the minimum number of digits the password must have, from 4 to 16.  
 
-  - **Numeric complex**: Does not permit repeat or consecutive numbers, such as `1111` or `1234`. Also enter:  
+  - **Numeric complex**: Doesn't permit repeat or consecutive numbers, such as `1111` or `1234`. Also enter:  
 
     - **Minimum password length**: Enter the minimum number of digits or characters a password must have, from 4 to 16.  
 
 - **Number of sign-in failures before wiping device**: Enter the number of sign-in attempts allowed, from 4 to 11, before the device is wiped. `0` (zero) might disable the device wipe functionality. When the value is blank, Intune doesn't change or update this setting.  
 
 - **Maximum minutes of inactivity until screen locks**: Enter the maximum length of time, from 1 minute to 1 hour, that devices can be idle before the screen is automatically locked. Users must enter their credentials to regain access. For example, enter `5` to lock the device after 5 minutes of inactivity. When the value is blank or set to **Not configured**, Intune doesn't change or update this setting.  
 
-> [!NOTE]  
+> [!NOTE]
+>
 >- RealWear devices currently only support device default, numeric, and numeric complex password types.  
->- The password type **Password required, no restrictions** appears as an option but doesn't currently work on devices, which is a known issue.  
-
+>- The password type **Password required, no restrictions** appears as an option but doesn't currently work on devices, which is a known issue.
 
-## General 
+## General
 
 - **Block access to camera**: Prevents access to the camera on the device. When set to **Not configured** (default), Intune doesn't change or update this setting. By default, the OS might allow access to the camera.  
 
@@ -82,16 +80,13 @@ To access these settings, create an [Android (AOSP) device restrictions profile]
 
 - **Block Wi-Fi setting changes**: Prevents users from creating or changing any Wi-Fi configurations. When set to **Not configured** (default), Intune doesn't change or update this setting. By default, the OS might allow users to change the Wi-Fi settings on the device.  
 
-- **Disable Bluetooth**: Disables Bluetooth on the device so that users can't pair with other devices. When set to **Not configured** (default), Intune doesn't change or update this setting. By default, the OS might enable Bluetooth on the device.   
+- **Disable Bluetooth**: Disables Bluetooth on the device so that users can't pair with other devices. When set to **Not configured** (default), Intune doesn't change or update this setting. By default, the OS might enable Bluetooth on the device.
 
-- **Block Bluetooth configuration**: Prevents users from configuring Bluetooth on the device. When set to **Not configured** (default), Intune doesn't change or update this setting. By default, the OS might allow users to configure Bluetooth.   
+- **Block Bluetooth configuration**: Prevents users from configuring Bluetooth on the device. When set to **Not configured** (default), Intune doesn't change or update this setting. By default, the OS might allow users to configure Bluetooth.
 
 - **Allow users to turn on debugging features**: Permits users to access the debugging features on the device. When set to **Not configured** (default), Intune doesn't change or update this setting. By default, the OS might prevent users from using the debugging features on the device.  
 
 ## Next steps  
 
-- [Create an Android (AOSP) device compliance policy](../protect/compliance-policy-create-android-aosp.md).   
-
+- [Create an Android (AOSP) device compliance policy](../protect/compliance-policy-create-android-aosp.md).
 - [Add actions for noncompliant devices](../protect/actions-for-noncompliance.md).  
-
-

memdocs/intune/configuration/device-restrictions-android-for-work.md

@@ -1,7 +1,7 @@
 ---
 # required metadata
 
-title: Android Enterprise device settings in Microsoft Intune
+title: Android Enterprise device restriction settings in Microsoft Intune
 description: On Android Enterprise or Android for Work devices, restrict settings on the device using Microsoft Intune. Restrict copy and paste, notifications, app permissions, data sharing, password length, sign in failures, use fingerprint to unlock, reuse passwords, and enable bluetooth sharing of work contacts. Configure devices as a dedicated device kiosk to run one app, or multiple apps.
 keywords:
 author: MandiOhlinger
@@ -42,7 +42,7 @@ This feature applies to:
 - Android Enterprise corporate owned fully managed (COBO)
 - Android Enterprise corporate owned dedicated devices (COSU)
 
-For Android device administrator, see [Android and Samsung Knox Standard device restrictions](device-restrictions-android.md).
+For AOSP, go to [Android (AOSP) device settings to allow or restrict features using Intune](device-restrictions-android-aosp.md).
 
 ## Before you begin
 

memdocs/intune/configuration/device-restrictions-configure.md

@@ -2,12 +2,12 @@
 # required metadata
 
 title: Restrict devices features using policy in Microsoft Intune
-description: Add a device profile to restrict features on Android device administrator, Android Enterprise, macOS, iOS, iPadOS, and Windows 10/11 client devices in Microsoft Intune and Endpoint Manager.
+description: Add a device configuration profile to restrict features on Android device administrator, Android Enterprise, AOSP, macOS, iOS, iPadOS, and Windows 10/11 client devices in Microsoft Intune and Endpoint Manager.
 keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 01/18/2022
+ms.date: 09/20/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -44,8 +44,8 @@ These features are available in Intune, and are configurable by the administrato
 This feature applies to:
 
 - Android device administrator
-- Android (AOSP) (preview)  
-- Android Enterprise personally-owned devices with a work profile
+- Android Open Source Project (AOSP)
+- Android Enterprise personally owned devices with a work profile
 - iOS/iPadOS
 - macOS
 - Windows 11
@@ -63,7 +63,7 @@ This article shows you how to create a device restrictions profile. You can also
     - **Platform**: Choose the platform of your devices. Your options:  
 
         - **Android device administrator**
-        - **Android (AOSP)** (preview)  
+        - **Android (AOSP)**
         - **Android Enterprise**
         - **iOS/iPadOS**
         - **macOS**
@@ -85,7 +85,7 @@ This article shows you how to create a device restrictions profile. You can also
 7. In **Configuration settings**, depending on the platform you chose, the settings you can configure are different. Choose your platform for detailed settings:
 
     - [Android device administrator](device-restrictions-android.md)
-    - [Android (AOSP)](device-restrictions-android-aosp.md) (in preview)  
+    - [Android (AOSP)](device-restrictions-android-aosp.md)
     - [Android Enterprise](device-restrictions-android-for-work.md)
     - [iOS/iPadOS](device-restrictions-ios.md)
     - [macOS](device-restrictions-macos.md)

memdocs/intune/enrollment/android-aosp-corporate-owned-user-associated-enroll.md

@@ -8,7 +8,7 @@ keywords:
 author: Lenewsad
 ms.author: lanewsad
 manager: dougeby
-ms.date: 06/27/2022
+ms.date: 09/20/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: enrollment
@@ -31,9 +31,6 @@ ms.collection: M365-identity-device-management
 
 # Set up Intune enrollment for Android (AOSP) corporate-owned user-associated devices 
 
-> [!IMPORTANT]
-> This feature is in [public preview](../fundamentals/public-preview.md).  
-
 Set up enrollment in Intune for corporate-owned, user-associated devices built on the Android Open Source Project (AOSP) platform. Intune offers an *Android (AOSP)* device management solution for corporate-owned Android devices that are:  
 
 * Not integrated with Google Mobile Services.

memdocs/intune/enrollment/android-aosp-corporate-owned-userless-enroll.md

@@ -8,7 +8,7 @@ keywords:
 author: Lenewsad
 ms.author: lanewsad
 manager: dougeby
-ms.date: 02/23/2022
+ms.date: 09/20/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: enrollment
@@ -31,8 +31,6 @@ ms.collection: M365-identity-device-management
 
 # Set up Intune enrollment for Android (AOSP) corporate-owned userless devices    
 
-*This feature is in public preview.*  
-
 Set up enrollment in Microsoft Intune for corporate-owned, userless devices built on the Android Open Source Project (AOSP) platform. Intune offers an *Android (AOSP)* device management solution for corporate-owned Android devices that are:   
 
 * Not integrated with Google Mobile Services.
@@ -41,9 +39,6 @@ Set up enrollment in Microsoft Intune for corporate-owned, userless devices buil
 
 This article describes how to set up Android (AOSP) device management and enroll RealWear devices for use at work. 
 
-> [!IMPORTANT]
-> This feature is in [public preview](../fundamentals/public-preview.md).  
-
 ## Prerequisites
 
 To enroll and manage AOSP devices, you must have:

memdocs/intune/enrollment/android-enroll.md

@@ -8,7 +8,7 @@ keywords:
 author: Lenewsad
 ms.author: lanewsad
 manager: dougeby
-ms.date: 02/01/2022
+ms.date: 09/20/2022
 ms.topic: overview
 ms.service: microsoft-intune
 ms.subservice: enrollment
@@ -37,12 +37,12 @@ ms.collection:
 
 As an Intune administrator, you can enroll Android devices in the following ways:
 - Android Enterprise (offering a set of enrollment options that provide users with the most up-to-date and secure features):
-    - [**Android Enterprise personally-owned with a work profile**](android-work-profile-enroll.md): For personal devices granted permission to access corporate data. Admins can manage work accounts, apps, and data. Personal data on the device is kept separate from work data and admins don't control personal settings or data. 
+    - [**Android Enterprise personally owned with a work profile**](android-work-profile-enroll.md): For personal devices granted permission to access corporate data. Admins can manage work accounts, apps, and data. Personal data on the device is kept separate from work data and admins don't control personal settings or data. 
     - [**Android Enterprise dedicated**](android-kiosk-enroll.md): For corporate-owned, single use devices, such as digital signage, ticket printing, or inventory management. Admins lock down the usage of a device for a limited set of apps and web links. It also prevents users from adding other apps or taking other actions on the device.
-    - [**Android Enterprise fully managed**](android-fully-managed-enroll.md): For corporate-owned, single user devices used exclusively for work and not personal use. Admins can manage the entire device and enforce policy controls unavailable to personally-owned/corporate-owned work profiles.
+    - [**Android Enterprise fully managed**](android-fully-managed-enroll.md): For corporate-owned, single user devices used exclusively for work and not personal use. Admins can manage the entire device and enforce policy controls unavailable to personally owned/corporate-owned work profiles.
     - [**Android Enterprise corporate-owned with a work profile**](android-corporate-owned-work-profile-enroll.md): For corporate-owned, single user devices intended for corporate and personal use.
 - [**Android device administrator**](android-enroll-device-administrator.md), including Samsung Knox Standard devices and [Zebra devices](../configuration/android-zebra-mx-overview.md). Device administrator should be used in areas where Android Enterprise or Google Mobile Services (GMS) is unavailable.  Google has decreased support for device administrator (DA) management in areas where Android Enterprise is available, and encourages organizations to migrate to Android Enterprise device management. For a list of countries that support Android Enterprise, see [Is Android Enterprise available in my country](https://support.google.com/work/android/answer/6270910)?  
-- Android (AOSP), currently in public preview, offers a set of enrollment options for devices that aren't integrated with Google Mobile services.  
+- Android (AOSP) offers a set of enrollment options for devices that aren't integrated with Google Mobile services.  
     - [Corporate-owned, user associated devices](android-aosp-corporate-owned-user-associated-enroll.md): For corporate-owned, single user devices intended exclusively for work and not personal use. Admins can manage the entire device.  
     - [Corporate-owned, userless devices](android-aosp-corporate-owned-userless-enroll.md): For corporate-owned, shared devices. Admins can manage the entire device.  
 
@@ -61,7 +61,7 @@ For Samsung Knox Standard devices, there are [more prerequisites](android-samsun
 
 ## Next steps
 
-- [Set up Android Enterprise personally-owned work profile enrollment](android-work-profile-enroll.md)
+- [Set up Android Enterprise personally owned work profile enrollment](android-work-profile-enroll.md)
 - [Set up Android Enterprise dedicated device enrollment](android-kiosk-enroll.md)
 - [Set up Android Enterprise fully managed enrollment](android-fully-managed-enroll.md)
 - [Set up Android device administrator enrollment](android-enroll-device-administrator.md)

memdocs/intune/fundamentals/deployment-guide-enrollment-android.md

@@ -7,7 +7,7 @@ keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 06/08/2022
+ms.date: 09/20/2022
 ms.topic: conceptual
 ms.service: microsoft-intune
 ms.subservice: enrollment
@@ -37,7 +37,7 @@ Personal and organization-owned devices can be enrolled in Intune. Once enrolled
 - [Android Enterprise corporate owned dedicated devices](#android-enterprise-dedicated-devices) (COSU)
 - [Android Enterprise corporate owned fully managed](#android-enterprise-fully-managed) (COBO)
 - [Android Enterprise corporate owned work profile](#android-enterprise-corporate-owned-work-profile) (COPE)
-- [Android Open Source Project (preview)](#android-open-source-project) (AOSP)
+- [Android Open Source Project (AOSP)](#android-open-source-project)
 - [Android device administrator](#android-device-administrator) (DA)
 
 This article provides recommendations on the Android enrollment methods. It also includes an overview of the administrator and user tasks for each enrollment type.
@@ -227,7 +227,7 @@ The specific steps depend on how you configured the enrollment profile. For the
 > [!NOTE]
 > Currently, there's limited OEM support for this enrollment method.
 
-Also referred to as AOSP. Currently in [public preview](public-preview.md). These devices are organization-owned, and don't use Google Mobile Services (GMS). They can be kiosk-style devices that aren't associated with a single or specific user, or can have one user. They're used exclusively for organization work; not personal use.
+Also referred to as AOSP. These devices are organization-owned, and don't use Google Mobile Services (GMS). They can be kiosk-style devices that aren't associated with a single or specific user, or can have one user. They're used exclusively for organization work; not personal use.
 
 When you create the Intune enrollment profile, you decide if the devices are userless, or are associated with a single user. For more information on these options, including supported OEMs, see: