Merge branch 'main' into release-intune-2112

Author: v-alje

memdocs/intune/fundamentals/in-development.md

@@ -192,10 +192,7 @@ Filters allows you to include or exclude devices in policy or app assignments ba
 New assignment filters in Enrollment Restrictions will let you include or exclude restrictions based on device type. For example, you can allow personal devices, while blocking Windows 10 Home devices, by applying the operatingSystemSKU assignment filter. These filters will be released for public preview with a new configuration experience for enrollment restrictions and supported for Windows and Apple devices, with Android support coming at a later date. For more information about how to use filters, see [Create a filter](../fundamentals/filters.md).   
 
 <!-- vvvvvvvvvvvvvvvvvvvvvv -->
-## Monitor and troubleshoot
-
-### Adding event viewer for Windows 10 diagnostics<!-- 10741116 -->
-We're adding a new event viewer to Windows 10 device diagnostics called Microsoft-Windows-Windows Firewall with Advanced Security/Firewall. The event viewer will assist you in troubleshooting issues with the firewall.
+## Monitor and troubleshoot  
 
 ### Account protection policy changes in Endpoint security<!--  7492116   -->
 

memdocs/intune/fundamentals/whats-new.md

@@ -7,7 +7,7 @@ keywords:
 author: Erikre
 ms.author: erikre
 manager: dougeby
-ms.date: 12/01/2021
+ms.date: 12/07/2021
 ms.topic: conceptual
 ms.service: microsoft-intune
 ms.subservice: fundamentals
@@ -60,7 +60,15 @@ You can use RSS to be notified when this page is updated. For more information,
 ### Scripts
 -->
 
-## Week of November 22, 2021
+
+## Week of December 6, 2021  
+
+### Monitor and troubleshoot  
+
+#### New event viewer for Windows 10 diagnostics <!-- 10741116 -->
+We've added a new event viewer to Windows device diagnostics called *Microsoft-Windows-Windows Firewall with Advanced Security/Firewall*. The event viewer can assist you in troubleshooting issues with the firewall. For more information about Windows device diagnostics, see [Collect diagnostics from a Windows device](../remote-actions/collect-diagnostics.md).  
+
+## Week of November 22, 2021  
 
 <!-- vvvvvvvvvvvvvvvvvvvvvv -->
 

memdocs/intune/protect/microsoft-tunnel-overview.md

@@ -102,7 +102,7 @@ The Microsoft Tunnel Gateway runs in containers that run on Linux servers.
 **Components**:  
 - **A** – Microsoft Intune.
 - **B**- Azure Active Directory (AD).
-- **C** – Linux server with Podman (Red Hat Enterprise Linux 8.4 or later) or Docker CE (all other Linux distributions).
+- **C** – Linux server with Podman (Red Hat Enterprise Linux 8.4) or Docker CE (all other Linux distributions).
   - **C.1** - Microsoft Tunnel Gateway.
   - **C.2** – Management Agent.
   - **C.3** – Authentication plugin – Authorization plugin, which authenticates with Azure AD.

memdocs/intune/protect/microsoft-tunnel-prerequisites.md

@@ -5,7 +5,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 11/23/2021
+ms.date: 12/07/2021
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect
@@ -34,7 +34,7 @@ At a high level, you’ll need the following to use the Microsoft Tunnel:
 - An Azure subscription.
 - An Intune subscription.
 - A Linux server that runs containers. This server can be on-premises or in the cloud:
-  - Podman for Red Hat Enterprise Linux (RHEL) 8.4 or later
+  - Podman for Red Hat Enterprise Linux (RHEL) 8.4
   - Docker for all other Linux distributions
 - A Transport Layer Security (TLS) certificate for the Linux server to secure connections from devices to the Tunnel Gateway server.
 - Devices that run Android or iOS/iPadOS.
@@ -53,7 +53,7 @@ Set up a Linux based virtual machine or a physical server on which Microsoft Tun
 
   - CentOS 7.4+(CentOS 8+ isn’t supported)
   - Red Hat (RHEL) 7.4+
-  - Red Hat (RHEL) 8.4+
+  - Red Hat (RHEL) 8.4
   - Ubuntu 18.04
   - Ubuntu 20.04
 
@@ -72,17 +72,17 @@ Set up a Linux based virtual machine or a physical server on which Microsoft Tun
 
 - **CPU**: 64-bit AMD/Intel processor.
 
-- **Install Docker CE or Podman**: Install Podman version 3.0 on RHEL 8.4 or later. For all other versions of RHEL or other Linux distributions, install Docker version 19.03 CE or later.
-  Microsoft Tunnel requires Docker (or Podman on RHEL 8.4 or later) on the Linux server to provide support for containers. Containers provide a consistent execution environment, health monitoring and proactive remediation, and a clean upgrade experience.
+- **Install Docker CE or Podman**: Install Podman version 3.0 on RHEL 8.4. For all other versions of RHEL or other Linux distributions, install Docker version 19.03 CE or later.
+  Microsoft Tunnel requires Docker (or Podman on RHEL 8.4) on the Linux server to provide support for containers. Containers provide a consistent execution environment, health monitoring and proactive remediation, and a clean upgrade experience.
 
   For information about installing and configuring Docker or Podman, see:
 
   - [Install Docker Engine on CentOS or Red Hat Enterprise Linux 7]( https://docs.docker.com/engine/install/centos/)
     > [!NOTE]
-    > The preceding link directs you to the CentOS download and installation instructions. Use those same instructions for RHEL 7. The version installed on RHEL 7 by default is too old to support Microsoft Tunnel Gateway. Red Hat Enterprise Linux 8 does not support Docker. For RHEL 8.4 or later, install and use Podman instead.
+    > The preceding link directs you to the CentOS download and installation instructions. Use those same instructions for RHEL 7. The version installed on RHEL 7 by default is too old to support Microsoft Tunnel Gateway. Red Hat Enterprise Linux 8 does not support Docker. For RHEL 8.4, install and use Podman instead.
   - [Install Docker Engine on Ubuntu](https://docs.docker.com/engine/install/ubuntu/)
-  - [Install Podman on Red Hat Enterprise Linux 8.4 or later (scroll down to RHEL8)](https://podman.io/getting-started/installation).  
-    Podman is the container solution used on RHEL 8.4 and later, and *podman* is part of a module called "container-tools". In this context, a module is a set of RPM packages that represent a component and are usually installed together. A typical module contains packages with an application, packages with the application-specific dependency libraries, packages
+  - [Install Podman on Red Hat Enterprise Linux 8.4 (scroll down to RHEL8)](https://podman.io/getting-started/installation).  
+    Podman is the container solution used on RHEL 8.4, and *podman* is part of a module called "container-tools". In this context, a module is a set of RPM packages that represent a component and are usually installed together. A typical module contains packages with an application, packages with the application-specific dependency libraries, packages
 with documentation for the application, and packages with helper utilities. For more information see [Introduction to modules](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/installing_managing_and_removing_user-space_components/introduction-to-modules_using-appstream) in the Red Hat documentation.
 
 - **Transport Layer Security (TLS) certificate**: The Linux server requires a trusted TLS certificate to secure the connection between devices and the Tunnel Gateway server. You’ll add the TLS certificate, including the full trusted certificate chain, to the server during installation of the Tunnel Gateway.
@@ -184,7 +184,7 @@ You can use a proxy server with Microsoft Tunnel. The following considerations c
 
 ### Configure an internal proxy for Podman
 
-The following details can help you configure an internal proxy when using RHEL 8.4 or later, and Podman:
+The following details can help you configure an internal proxy when using RHEL 8.4, and Podman:
 
 - Podman reads HTTP Proxy information stored in **/etc/profile.d/http_proxy.sh**. If this file doesn't exist on your server, create it. Edit **http_proxy.sh** to add the following two lines. In the following lines, *10.10.10.1:3128* is an example address:port entry. When you add these lines, replace *10.10.10.1:3128* with the values for your proxy IP *address:port*:
 

memdocs/intune/protect/microsoft-tunnel-reference.md

@@ -202,7 +202,7 @@ Following are environment variables you might want to configure when you install
 The following are common commands for Docker that can be of use if you must investigate problems on a tunnel server.
 
 > [!NOTE]
-> Most Linux distributions use Docker. However, *Red Hat Enterprise Linux (RHEL) 8.4 and later* are not supported to use Docker. Instead, RHEL 8.4 and later use Podman.
+> Most Linux distributions use Docker. However, *Red Hat Enterprise Linux (RHEL) 8.4* are not supported to use Docker. Instead, RHEL 8.4 use Podman.
 >
 > The references and command lines that are written for Docker can be used with Podman by replacing *docker* with *podman*.
 

memdocs/intune/protect/microsoft-tunnel-upgrade.md

@@ -155,7 +155,7 @@ Image hash values:
 Changes in this release:
 
 - Added ability to get a client network trace
-- Added ability to enabled resoruce access tracking
+- Added ability to enabled resource access tracking
 - Added support for Podman when using Red Hat Enterprise Linux 8.4
 - Minor bug fixes
 

memdocs/intune/remote-actions/collect-diagnostics.md

@@ -8,7 +8,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 09/27/2021
+ms.date: 12/07/2021
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: remote-actions
@@ -67,13 +67,13 @@ Registry Keys:
 
 1. HKLM\Software\Microsoft\IntuneManagementExtension
 2. HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot
-3. HKLM\SOFTWARE\Microsoft\Windows Endpoint
+3. HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection
 4. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI
 5. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
 6. HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall
 7. HKLM\Software\Policies
 8. HKLM\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL
-9. HKLM\SOFTWARE\Policies\Microsoft\Windows Endpoint
+9. HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection
 10. HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall
 11. HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL
 
@@ -107,24 +107,25 @@ Event Viewers:
 34. Microsoft-Windows-HelloForBusiness/Operational
 35. Microsoft-Windows-SENSE/Operational
 36. Microsoft-Windows-SenseIR/Operational
-37. Setup
-38. System
+37. Microsoft-Windows-Windows Firewall With Advanced Security/Firewall
+38. Setup
+39. System
 
 Files:
 
-39. %ProgramData%\Microsoft\DiagnosticLogCSP\Collectors\*.etl
-40. %ProgramData%\Microsoft\IntuneManagementExtension\Logs\*.*
-41. %ProgramData%\Microsoft\Windows Defender\Support\MpSupportFiles.cab
-42. %ProgramData%\Microsoft\Windows\WlanReport\wlan-report-latest.html
-43. %temp%\MDMDiagnostics\battery-report.html
-44. %temp%\MDMDiagnostics\energy-report.html
-45. %temp%\MDMDiagnostics\mdmlogs-<Date/Time>.cab
-46. %temp%\MDMDiagnostics\msinfo32.log
-47. %windir%\ccm\logs\*.log
-48. %windir%\ccmsetup\logs\*.log
-49. %windir%\logs\CBS\cbs.log
-50. %windir%\logs\measuredboot\*.*
-51. %windir%\Logs\WindowsUpdate\*.etl
+40. %ProgramData%\Microsoft\DiagnosticLogCSP\Collectors\*.etl
+41. %ProgramData%\Microsoft\IntuneManagementExtension\Logs\*.*
+42. %ProgramData%\Microsoft\Windows Defender\Support\MpSupportFiles.cab
+43. %ProgramData%\Microsoft\Windows\WlanReport\wlan-report-latest.html
+44. %temp%\MDMDiagnostics\battery-report.html
+45. %temp%\MDMDiagnostics\energy-report.html
+46. %temp%\MDMDiagnostics\mdmlogs-<Date/Time>.cab
+47. %temp%\MDMDiagnostics\msinfo32.log
+48. %windir%\ccm\logs\*.log
+49. %windir%\ccmsetup\logs\*.log
+50. %windir%\logs\CBS\cbs.log
+51. %windir%\logs\measuredboot\*.*
+52. %windir%\Logs\WindowsUpdate\*.etl
 
 ## Disable device diagnostics
 

memdocs/intune/remote-actions/remote-help.md

@@ -7,7 +7,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 12/03/2021
+ms.date: 12/07/2021
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: remote-actions
@@ -181,7 +181,7 @@ To configure your tenant to support remote help, review and complete the followi
 
 2. On the **Settings** tab:
    1. Set **Enable remote help** to **Enabled** to allow use of remote help.  By default, this setting is *Enabled*.
-   2. Set **Allow remote help to unenrolled devices** to **Enabled** if you want to allow this option. By default, this setting *Not allowed*.
+   2. Set **Allow remote help to unenrolled devices** to **Enabled** if you want to allow this option. By default, this setting *Disabled*.
 
 3. Select **Save**.
 
@@ -232,7 +232,7 @@ To request help, you must reach out to your support staff to request assistance.
 
 As a sharer, when you’ve requested help and both you and the helper are ready to start:
 
-1. Start the remote help app on the device and sign-in to authenticate to your organization. The device might not need to be enrolled to Intune if your administrator allows you to get help on unenrolled devices.
+1. Start the remote help app on the device and sign in to authenticate to your organization. The device might not need to be enrolled to Intune if your administrator allows you to get help on unenrolled devices.
 
 2. After signing into the app, get the security code from the individual assisting you and enter that code below *Get Help*, and then select **Submit**.