Merge pull request #8708 from MandiOhlinger/ado15367747

ADO 15367747: Round 1 - Removing "Endpoint Manager"

Author: v-stsavell

memdocs/autopilot/known-issues.md

@@ -24,6 +24,10 @@ This article describes known issues that can often be resolved by configuration
 
 ## Known issues
 
+### TPM attestation failure with error code 0x81039001
+
+Some devices may intermittently fail TPM attestation during Windows Autopilot pre-provisioning technician flow or self-deployment mode with the error code 0x81039001 E_AUTOPILOT_CLIENT_TPM_MAX_ATTESTATION_RETRY_EXCEEDED. This failure occurs during the 'Securing your hardware' step for Windows Autopilot devices deployed using self-deploying mode or pre-provisioning mode. Subsequent attempts to provision may resolve the issue. A fix is expected by the end of October 2022.
+
 ### Autopilot deployment report shows "failure" status on a successful deployment
 
 The Autopilot deployment report (preview) will show a failed status for any device that experiences an initial deployment failure. For subsequent deployment attempts, using the **Try again** or **Continue to desktop** options, it won't update the deployment state in the report. If the user resets the device, it will show as a new deployment row in the report with the previous attempt remaining as failed.

memdocs/configmgr/core/plan-design/changes/deprecated/removed-and-deprecated-cmfeatures.md

@@ -86,7 +86,7 @@ The following features are no longer supported. In some cases, they're no longer
 |Task sequences: <br /> - OSDPreserveDriveLetter <br /><br /> During an operating system deployment, by default, Windows Setup now determines the best drive letter to use (typically C:). If you want to specify a different drive to use, you can change the location in the Apply Operating System task sequence step. Go to the **Select the location where you want to apply this operating system** setting. Select **Specific logical drive letter** and choose the drive that you want to use. |June 20, 2016 |Version 1606 |
 |[Network Access Protection](#network-access-protection) (NAP) - as found in System Center 2012 Configuration Manager|July 10, 2015|Version 1511|
 |[Out of Band Management](#out-of-band-management) - as found in System Center 2012 Configuration Manager|October 16, 2015|Version 1511|
-|[System Center Configuration Manager Management Pack  - for System Center Operations Manager is not available for download |October 16, 2015|Version 1511|
+|System Center Configuration Manager Management Pack  - for System Center Operations Manager is not available for download |October 16, 2015|Version 1511|
 
 ### WINS
 

memdocs/intune/configuration/administrative-templates-configure-edge.md

@@ -1,10 +1,10 @@
 ---
 title: Deploy Microsoft Edge policy using ADMX template in Microsoft Intune
-description: Add or create settings using ADMX administrative templates to configure Microsoft Edge on Windows devices. Using Microsoft Intune and Endpoint Manager, you can configure group policy settings, and deploy these settings to Microsoft Edge users.
+description: Add or create settings using ADMX administrative templates to configure Microsoft Edge on Windows devices. Using Microsoft Intune, you can configure group policy settings, and deploy these settings to Microsoft Edge users.
 ms.author: mandia
 author: MandiOhlinger
 manager: dougeby
-ms.date: 01/18/2022
+ms.date: 10/10/2022
 audience: ITPro
 ms.topic: how-to
 ms.service: microsoft-intune

memdocs/intune/configuration/administrative-templates-import-custom.md

@@ -2,12 +2,12 @@
 # required metadata
 
 title: Import custom and third party partner ADMX templates in Microsoft Intune
-description: You can add, upload, or import custom and third party partner ADMX and ADML files in Microsoft Intune and Endpoint Manager. When they're imported, create a device configuration profile and assign the profile to your Windows 10/11 devices.
+description: You can add, upload, or import custom and third party partner ADMX and ADML files in Microsoft Intune. When they're imported, create a device configuration profile and assign the profile to your Windows 10/11 devices.
 keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 08/15/2022
+ms.date: 10/10/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -29,7 +29,7 @@ ms.collection:
 
 ---
 
-# Import custom ADMX and ADML administrative templates into Endpoint Manager (public preview)
+# Import custom ADMX and ADML administrative templates into Microsoft Intune (public preview)
 
 You can import custom and third party/partner ADMX and ADML templates into the Endpoint Manager admin center. Once imported, you can create a device configuration policy using these settings, and then assign the policy to your managed devices.
 
@@ -38,10 +38,10 @@ This feature applies to:
 - Windows 11
 - Windows 10
 
-This article shows you how to import custom ADMX and ADML files in the Endpoint Manager admin center. For more information on administrative templates in Endpoint Manager, go to [Use ADMX templates to configure policy settings in Microsoft Intune](administrative-templates-windows.md).
+This article shows you how to import custom ADMX and ADML files in the Endpoint Manager admin center. For more information on administrative templates in Intune, go to [Use ADMX templates to configure policy settings in Microsoft Intune](administrative-templates-windows.md).
 
 > [!TIP]
-> The settings catalog has many settings natively built-in to Endpoint Manager, including Google Chrome. For more information, go to:
+> The settings catalog has many settings natively built-in to Intune, including Google Chrome. For more information, go to:
 >
 > - [Use the settings catalog to configure settings on Windows, iOS/iPadOS and macOS devices](settings-catalog.md)
 > - [Common tasks you can complete using the Settings Catalog](settings-catalog-common-features.md)

memdocs/intune/configuration/administrative-templates-restrict-usb.md

@@ -7,7 +7,7 @@ keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 03/30/2022
+ms.date: 10/10/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -60,19 +60,19 @@ Applies to:
 
     - **Prevent installation of devices not described by other policy settings**: Select **Enabled** > **OK**:
 
-      :::image type="content" source="media/administrative-templates-restrict-usb/prevent-installation-of-devices-not-described-setting.png" alt-text="In Intune and Endpoint Manager, set the Prevent installation of devices not described by other policy settings setting to Enabled.":::
+      :::image type="content" source="media/administrative-templates-restrict-usb/prevent-installation-of-devices-not-described-setting.png" alt-text="In Intune, set the Prevent installation of devices not described by other policy settings setting to Enabled.":::
 
     - **Allow installation of devices using drivers that match these device setup classes**: Select **Enabled**. Then, add the [class GUID of the device classes](/windows-hardware/drivers/install/system-defined-device-setup-classes-available-to-vendors) you want to allow.
 
       In the following example, the **Keyboard**, **Mouse**, and **Multimedia** classes are allowed:
 
-      :::image type="content" source="media/administrative-templates-restrict-usb/allow-installation-of-devices-using-drivers-setting.png" alt-text="In Intune and Endpoint Manager, set the Allow installation of devices using drivers that match these device setup classes setting, and add your class GUIDs.":::
+      :::image type="content" source="media/administrative-templates-restrict-usb/allow-installation-of-devices-using-drivers-setting.png" alt-text="Screenshot that shows how to set the Allow installation of devices using drivers that match these device setup classes setting in Intune and how to add your class GUIDs.":::
 
       Select **OK**.
 
     - **Allow installation of devices that match any of these Device IDs**: Select **Enabled**. Then, add the device/hardware IDs for devices you want to allow:
 
-       :::image type="content" source="media/administrative-templates-restrict-usb/allow-installation-of-devices-that-match-setting.png" alt-text="In Intune and Endpoint Manager, set the Allow installation of devices that match any of these Device IDs setting, and add your hardware IDs.":::
+       :::image type="content" source="media/administrative-templates-restrict-usb/allow-installation-of-devices-that-match-setting.png" alt-text="Screenshot that shows how to set the Allow installation of devices that match any of these Device IDs setting in Intune and how to add your hardware IDs.":::
 
       To get the device/hardware ID, you can use Device Manager, find the device, and look at the properties. For the specific steps, see [find the hardware ID on a Windows device](/windows-hardware/drivers/install/hardware-ids).
 

memdocs/intune/configuration/administrative-templates-windows.md

@@ -2,12 +2,12 @@
 # required metadata
 
 title: Use ADMX templates on Windows 10/11 devices in Microsoft Intune
-description: Use Administrative templates in Microsoft Intune and Endpoint Manager to create groups of settings for Windows 10/11 client devices. Use these settings in a device configuration profile. You can control Office programs, Microsoft Edge, secure Internet Explorer, access OneDrive, use remote desktop, enable Auto-Play, set power management settings, use HTTP printing, control user sign-in, and change the event log size.
+description: Use Administrative templates in Microsoft Intune to create groups of settings for Windows 10/11 client devices. Use these settings in a device configuration profile. You can control Office programs, Microsoft Edge, secure Internet Explorer, access OneDrive, use remote desktop, enable Auto-Play, set power management settings, use HTTP printing, control user sign-in, and change the event log size.
 keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 08/15/2022
+ms.date: 10/10/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: configuration

memdocs/intune/configuration/custom-settings-configure.md

@@ -7,7 +7,7 @@ keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 09/20/2022
+ms.date: 10/10/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -92,8 +92,7 @@ This article shows you how to create a custom profile for Android device adminis
 
 In the following example, the **Connectivity/AllowVPNOverCellular** setting is enabled. This setting allows a Windows client device to open a VPN connection when on a cellular network.
 
-> [!div class="mx-imgBorder"]
-> ![Example of a custom policy containing VPN settings in Intune and Endpoint Manager](./media/custom-settings-configure/custom-policy-example.png)
+:::image type="content" source="./media/custom-settings-configure/custom-policy-example.png" alt-text="Screenshot that shows an example of a custom policy containing VPN settings in Intune.":::
 
 ## Next steps
 

memdocs/intune/configuration/custom-settings-windows-10.md

@@ -7,7 +7,7 @@ keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 01/18/2022
+ms.date: 10/10/2022
 ms.topic: conceptual
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -87,7 +87,7 @@ Additionally, Intune doesn't support all the settings listed in [Configuration s
 > [!NOTE]
 > For settings that were created by using a string, base64, or XML data type, the stored value is obscured. If the user who is accessing the value has any of the following permissions or roles, they can see the value:
 >
-> - Create, Read, and Update permissions in a Microsoft Endpoint Manager role-based access control (RBAC) role.
+> - Create, Read, and Update permissions in a Microsoft Intune role-based access control (RBAC) role.
 > - Intune Service Administrator.
 > - Global Administrator Azure Active Directory role.
 >

memdocs/intune/configuration/device-profile-assign.md

@@ -7,7 +7,7 @@ keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 07/26/2022
+ms.date: 10/10/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -55,11 +55,11 @@ Be sure you have the correct role to assign profiles. For more information, see
 2. Select **Devices** > **Configuration profiles**. All the profiles are listed.
 3. Select the profile you want to assign > **Properties** > **Assignments** > **Edit**:
 
-    :::image type="content" source="./media/device-profile-assign/properties-select-assignments.png" alt-text="Select assignments to deploy the profile to users and groups in Microsoft Intune and Endpoint Manager":::
+    :::image type="content" source="./media/device-profile-assign/properties-select-assignments.png" alt-text="Screenshot that shows how to select assignments to deploy the profile to users and groups in Microsoft Intune.":::
 
 4. Select **Included groups** or **Excluded groups**, and then choose **Select groups to include**. When you select your groups, you're choosing an Azure AD group. To select multiple groups, hold down the **Ctrl** key, and select your groups.
 
-    :::image type="content" source="./media/device-profile-assign/select-included-excluded-groups-profile-assignment.png" alt-text="Include or exclude users and groups when assigning or deploying a profile in Microsoft Intune and Endpoint Manager.":::
+    :::image type="content" source="./media/device-profile-assign/select-included-excluded-groups-profile-assignment.png" alt-text="Screenshot that shows how to include or exclude users and groups when assigning or deploying a profile in Microsoft Intune.":::
 
 5. Select **Review + Save**. This step doesn't assign your profile.
 6. Select **Save**. When you save, your profile is assigned. Your groups will receive your profile settings when the devices check in with the Intune service.
@@ -112,7 +112,7 @@ To summarize, use user groups when you want your settings and rules to always go
 
 The policy settings for Windows devices are based on the [configuration service providers (CSPs)](/windows/client-management/mdm/configuration-service-provider-reference). These settings map to registry keys or files on the devices.
 
-Endpoint Manager exposes these CSPs so you can configure these settings and assign them to your Windows devices. These settings are configurable using the built-in templates and using the [settings catalog](settings-catalog.md). In the settings catalog, you'll see that some settings apply to the user scope and some settings apply to the device scope.
+Intune exposes these CSPs so you can configure these settings and assign them to your Windows devices. These settings are configurable using the built-in templates and using the [settings catalog](settings-catalog.md). In the settings catalog, you'll see that some settings apply to the user scope and some settings apply to the device scope.
 
 For information on how user scoped and device scoped settings are applied to Windows devices, go to [Settings catalog: Device scope vs. user scope settings](settings-catalog.md#device-scope-vs-user-scope-settings).
 
@@ -154,7 +154,7 @@ Use the following matrix to understand support for excluding groups:
 - ❌: Not supported
 - ❕ : Partially supported
 
-:::image type="content" source="./media/device-profile-assign/include-exclude-user-device-groups-matrix.png" alt-text="Supported options include or exclude groups from a profile assignment":::
+:::image type="content" source="./media/device-profile-assign/include-exclude-user-device-groups-matrix.png" alt-text="Screenshot that shows the supported options to include or exclude groups from a profile assignment.":::
 
 | Scenario | Support|
 | --- | --- |

memdocs/intune/configuration/device-profile-create.md

@@ -7,7 +7,7 @@ keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 09/20/2022
+ms.date: 10/10/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -36,7 +36,7 @@ ms.collection:
 
 Device profiles allow you to add and configure settings, and then push these settings to devices in your organization. You have some options when creating policies:
 
-- **Administrative templates**: On Windows 10/11 devices, these templates are ADMX settings that you configure. If you're familiar with ADMX policies or group policy objects (GPO), then using administrative templates is a natural step to Microsoft Intune and Endpoint Manager.
+- **Administrative templates**: On Windows 10/11 devices, these templates are ADMX settings that you configure. If you're familiar with ADMX policies or group policy objects (GPO), then using administrative templates is a natural step to Microsoft Intune.
 
   For more information, see [Administrative Templates](administrative-templates-windows.md)
 
@@ -68,7 +68,7 @@ This article:
 
 Profiles are created in the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431). In this admin center, select **Devices**. You have the following options:
 
-:::image type="content" source="./media/device-profile-create/devices-overview.png" alt-text="In Endpoint Manager and Microsoft Intune, select Devices to see what you can configure and manage.":::
+:::image type="content" source="./media/device-profile-create/devices-overview.png" alt-text="Screenshot that shows how to select Devices to see what you can configure and manage in Microsoft Intune.":::
 
 - **Overview**: Lists the status of your profiles, and provides more details on the profiles you assigned to users and devices.
 - **Monitor**: Check the status of your profiles for success or failure, and also view logs on your profiles.
@@ -120,11 +120,11 @@ Then, choose the profile. Depending on the platform you choose, the settings you
 
 For example, if you select **iOS/iPadOS** for the platform, your options look similar to the following profile:
 
-:::image type="content" source="./media/device-profile-create/create-device-profile.png" alt-text="Create an iOS/iPadOS device configuration policy and profile in Endpoint Manager and Microsoft Intune.":::
+:::image type="content" source="./media/device-profile-create/create-device-profile.png" alt-text="Screenshot that shows how to create an iOS/iPadOS device configuration policy and profile in Microsoft Intune.":::
 
 If you select **Windows 10 and later** for the platform, your options look similar to the following profile:
 
-:::image type="content" source="./media/device-profile-create/windows-create-device-profile.png" alt-text="Create a Windows device configuration policy and profile in Endpoint Manager and Microsoft Intune.":::
+:::image type="content" source="./media/device-profile-create/windows-create-device-profile.png" alt-text="Screenshot that shows how to create a Windows device configuration policy and profile in Microsoft Intune.":::
 
 ## Scope tags
 
@@ -168,7 +168,7 @@ When you assign the profile to the groups, the applicability rules act as a filt
 
 1. Select **Applicability Rules**. You can choose the **Rule**, and **Property**:
 
-    :::image type="content" source="./media/device-profile-create/applicability-rules.png" alt-text="Add an applicability rule to a Windows 10 device configuration profile in Endpoint Manager and Microsoft Intune.":::
+    :::image type="content" source="./media/device-profile-create/applicability-rules.png" alt-text="Screenshot that shows how to add an applicability rule to a Windows 10 device configuration profile in Microsoft Intune.":::
 
 2. In **Rule**, choose if you want to include or exclude users or groups. Your options:
 
@@ -216,7 +216,7 @@ When creating profiles, consider the following recommendations:
 
   The following image shows an example of a setting that can apply to users, apply to devices, or apply to both:
 
-  :::image type="content" source="./media/device-profile-create/setting-applies-to-user-and-device.png" alt-text="Intune admin template that applies to user and devices in Endpoint Manager and Microsoft Intune.":::
+  :::image type="content" source="./media/device-profile-create/setting-applies-to-user-and-device.png" alt-text="Screenshot that shows an Intune admin template that applies to user and devices in Microsoft Intune.":::
 
 - Every time you create a restrictive policy, communicate this change to your users. For example, if you're changing the passcode requirement from four (4) characters to six (6) characters, let your users know before your assign the policy.