Merge branch 'main' of https://github.com/microsoftdocs/memdocs-pr into 12724154-cp-remote-help-logging

Brenduns · Brenduns · commit 2965b4736f4a · 2021-12-03T08:15:03.000-08:00
diff --git a/memdocs/intune/fundamentals/in-development.md b/memdocs/intune/fundamentals/in-development.md
@@ -72,8 +72,6 @@ End users will be able to more easily see the compliance status of their devices
 ### Password complexity for Android devices<!-- 9321870 -->
 The **Require device lock** setting in Intune will be extended to include values (**Low Complexity**, **Medium Complexity**, and **High Complexity**). If the device lock doesn’t meet the minimum password requirement, you will be able to **warn**, **wipe data**, or **block** the end user from accessing a managed account in a managed app. This feature targets devices that operate on Android 11+. For devices operating on Android 10 and earlier, setting a complexity value of **Low**, **Medium**, or **High** will default to the expected behavior for **Low Complexity**. For related information, see [Android app protection policy settings in Microsoft Intune](..\apps\app-protection-policy-settings-android.md).
 
-### Unified delivery of Azure AD Enterprise and Office Online applications in the Android Company Portal<!-- 1817862  -->
-
 <!-- ***********************************************-->
 
 ## Device security
diff --git a/memdocs/intune/protect/certificate-authority-add-scep-overview.md b/memdocs/intune/protect/certificate-authority-add-scep-overview.md
@@ -113,6 +113,12 @@ Be sure you have the required permissions to register an Azure AD app. See [Requ
       2. Expand **Application** and select the checkbox for **Application.Read.All** (Read all applications).
       3. Select **Add permissions** to save this configuration.
 
+   1. Select **Add a permission** again.
+      1. On the *Request API permissions* page, select **Azure Active Directory Graph** > **Application permissions**.
+      2. Expand **Application** and select the checkbox for **Application.Read.All** (Read all applications). 
+      3. Select **Add permissions** to save this configuration.
+
+<!-- Pending review to replace step 7.c>
    1. Use *Microsoft Graph* to add the following permissions to the app:
 
       - **Application.Read.All** (Read all applications).
@@ -121,9 +127,7 @@ Be sure you have the required permissions to register an Azure AD app. See [Requ
 
       > [!NOTE]  
       > Previously, these permissions were configured by using Azure AD Graph, and available through the App registration UI. Azure AD Graph is now deprecated and will be retired on June 30, 2022. As part of this deprecation path, the capability to add Azure AD Graph permissions to the required permissions for an app registration through the Azure portal is now disabled.
-      >
-      > In addition to using the information at [Configure Azure AD Graph permissions](/graph/migrate-azure-ad-graph-configure-permissions) to set permission on the app, we recommend that you follow the [App migration planning checklist](/graph/migrate-azure-ad-graph-planning-checklist) to help you transition your apps to the [Microsoft Graph](/graph/overview) API.
-
+-->
 8. Remain on the **API permissions** page, and select **Grant admin consent for** ***\<your tenant>***, and then select **Yes**.  
 
    The app registration process in Azure AD is complete.
