acrolinx

MandiOhlinger · MandiOhlinger · commit 917892ebea49 · 2022-01-18T18:53:38.000-05:00
diff --git a/memdocs/intune/configuration/device-profile-assign.md b/memdocs/intune/configuration/device-profile-assign.md
@@ -92,7 +92,7 @@ To summarize, use device groups when you don't care who's signed in on the devic
 
 Profile settings applied to user groups always go with the user, and go with the user when signed in to their many devices. It's normal for users to have many devices, such as a Surface Pro for work, and a personal iOS/iPadOS device. And, it's normal for a person to access email and other organization resources from these devices.
 
-If a user has multiple devices on the same platform, then you can use [filters](../fundamentals/filters.md) on the group assignment. For example, a user has a personal iOS/iPadOS device, and an organization-owned iOS/iPadOS. When you assign a policy for that user, you can users [filters](../fundamentals/filters.md) to target only the organization-owned device.
+If a user has multiple devices on the same platform, then you can use [filters](../fundamentals/filters.md) on the group assignment. For example, a user has a personal iOS/iPadOS device, and an organization-owned iOS/iPadOS. When you assign a policy for that user, you can use [filters](../fundamentals/filters.md) to target only the organization-owned device.
 
 Follow this general rule: If a feature belongs to a user, such as email or user certificates, then assign to user groups.
 
@@ -139,7 +139,7 @@ When you assign your policies and profiles, apply the following general principl
 
 ### Support matrix
 
-Use the follow matrix to understand support for excluding groups:
+Use the following matrix to understand support for excluding groups:
 
 - ✔️: Supported
 - ❌: Not supported
@@ -151,12 +151,12 @@ Use the follow matrix to understand support for excluding groups:
 | --- | --- |
 | 1 | ❕ Partially supported </br></br> Assigning policies to a dynamic device group while excluding another dynamic device group is supported. But, it's not recommended in scenarios that are sensitive to latency. Any delay in exclude group membership calculation can cause policies to be offered to devices. In this scenario, we recommend using [filters](../fundamentals/filters.md) instead of dynamic device groups for excluding devices. </br></br> For example, you have a device policy that's assigned to **All devices**. Later, you have a requirement that new marketing devices don't receive this policy. So, you create a dynamic device group called **Marketing devices** based on the `enrollmentProfilename` property (`device.enrollmentProfileName -eq "Marketing_devices"`). In the policy, you add the **Marketing devices** dynamic group as an excluded group.  </br></br> A new marketing device enrolls in Intune for the first time, and a new Azure AD device object is created. The dynamic grouping process puts the device into the **Marketing devices** group with a possible delayed calculation. At the same time, the device enrolls into Intune, and starts receiving all applicable policies. The Intune policy may be deployed before the device is put in the exclusion group. This behavior results in an unwanted policy (or app) being deployed to the **Marketing devices** group.  </br></br> As a result, it's not recommended to use dynamic device groups for exclusions in latency sensitive scenarios. Instead, use [filters](../fundamentals/filters.md). |
 | 2 | ✔️ Supported </br></br> Assigning a policy to a dynamic device group while excluding a static device group is supported. |
-| 3 | ❌ Not supported </br></br> Assigning a policy to a dynamic device group while excluding user groups (both dynamic and static) isn't supported. Intune doesn't evaluate user-to-device group relationships, and devices of the included users will not be excluded. |
-| 4 | ❌ Not supported </br></br> Assigning a policy to a dynamic device group and excluding user groups (both dynamic and static) isn't supported. Intune doesn't evaluate user-to-device group relationships, and devices of the included users will not be excluded. |
+| 3 | ❌ Not supported </br></br> Assigning a policy to a dynamic device group while excluding user groups (both dynamic and static) isn't supported. Intune doesn't evaluate user-to-device group relationships, and devices of the included users won't be excluded. |
+| 4 | ❌ Not supported </br></br> Assigning a policy to a dynamic device group and excluding user groups (both dynamic and static) isn't supported. Intune doesn't evaluate user-to-device group relationships, and devices of the included users won't be excluded. |
 | 5 | ❌ Not supported </br></br> Assigning a policy to a static device group while excluding a dynamic device group is supported. But, it's not recommended in scenarios that are sensitive to latency. Any delay in exclude group membership calculation can cause policies to be offered to devices. In this scenario, we recommend using [filters](../fundamentals/filters.md) instead of dynamic device groups for excluding devices. |
 | 6 | ✔️ Supported </br></br> Assigning a policy to a static device group and excluding a different static device group is supported. |
-| 7 | ❌ Not supported </br></br> Assigning a policy to a static device group and excluding user groups (both dynamic and static) isn't supported. Intune doesn't evaluate user-to-device group relationships, and devices of the included users will not be excluded. |
-| 8 | ❌ Not supported </br></br> Assigning a policy to a static device group and excluding user groups (both dynamic and static) isn't supported. Intune doesn't evaluate user-to-device group relationships, and devices of the included users will not be excluded. |
+| 7 | ❌ Not supported </br></br> Assigning a policy to a static device group and excluding user groups (both dynamic and static) isn't supported. Intune doesn't evaluate user-to-device group relationships, and devices of the included users won't be excluded. |
+| 8 | ❌ Not supported </br></br> Assigning a policy to a static device group and excluding user groups (both dynamic and static) isn't supported. Intune doesn't evaluate user-to-device group relationships, and devices of the included users won't be excluded. |
 | 9 | ❌ Not supported </br></br> Assigning a policy to a dynamic user group and excluding device groups (both dynamic and static) isn't supported. |
 | 10 | ❌ Not supported </br></br> Assigning a policy to a dynamic user group and excluding device groups (both dynamic and static) isn't supported. |
 | 11 | ✔️ Supported </br></br> Assigning a policy to a dynamic user group while excluding other user groups (both dynamic and static) is supported. |
diff --git a/memdocs/intune/configuration/device-profile-troubleshoot.md b/memdocs/intune/configuration/device-profile-troubleshoot.md
@@ -2,7 +2,7 @@
 # required metadata
 
 title: Troubleshoot device profiles in Microsoft Intune
-description: Common questions and answers with device policies and profiles, including profile changes not applied to users or devices, how long it takes for new policies to be pushed to devices, which settings are applied when there are multiple policies, what happens when a profile is deleted or removed, and more with Microsoft Intune.
+description: Common questions and answers with device policies and profiles, including profile changes not applied to users or devices, how long it takes for new policies to deploy to devices, which settings apply when there are multiple policies, what happens when a profile is deleted or removed, and more with Microsoft Intune.
 keywords:
 author: MandiOhlinger
 ms.author: mandia
@@ -32,7 +32,7 @@ ms.collection: M365-identity-device-management
 
 Get answers to common questions when working with device profiles and policies in Intune. This article also lists the check-in time intervals, provides more detains on conflicts, and more.
 
-## How long does it take for devices to get a policy, profile, or app after they are assigned?
+## How long does it take for devices to get a policy, profile, or app after it's assigned?
 
 Intune notifies the device to check in with the Intune service. The notification times vary, including immediately up to a few hours. These notification times also vary between platforms.
 
@@ -84,9 +84,9 @@ When two or more policies are assigned to the same user or device, then the sett
 
 ## What happens when app protection policies conflict with each other? Which one is applied to the app?
 
-Conflict values are the most restrictive settings available in an app protection policy *except* for the number entry fields, such as PIN attempts before reset. The number entry fields are set the same as the values, as if you created a MAM policy using the recommended settings option.
+Conflict values are the most restrictive settings available in an app protection policy. The exception is numeric entry fields, such as PIN attempts before reset. Numeric entry fields are set the same as the values, as if you created a MAM policy using the recommended settings option.
 
-Conflicts happen when two profile settings are the same. For example, you configured two MAM policies that are identical except for the copy/paste setting. In this scenario, the copy/paste setting is set to the most restrictive value, but the rest of the settings are applied as configured.
+Conflicts happen when two profile settings are the same. For example, you configured two MAM policies that are identical except for the copy/paste setting. In this scenario, the copy/paste setting is set to the most restrictive value. The rest of the settings apply as configured.
 
 A policy is deployed to the app and takes effect. A second policy is deployed. In this scenario, the first policy takes precedence, and stays applied. The second policy shows a conflict. If both are applied at the same time, meaning that there isn't preceding policy, then both are in conflict. Any conflicting settings are set to the most restrictive values.
 
@@ -98,7 +98,7 @@ When you assign a custom policy, confirm that the configured settings don't conf
 
 ## What happens when a profile is deleted or no longer applicable?
 
-When you delete a profile, or remove a device from a group that's assigned the profile, then the profile and settings are removed from the device as described:
+When you delete a profile, or remove a device from a group that's assigned the profile, then the profile and settings are removed from the device. Specifically, they're removed as described in the following list:
 
 - Wi-Fi, VPN, certificate, and email profiles: These profiles are removed from all supported enrolled devices.
 - All other profile types:
@@ -118,7 +118,7 @@ When you delete a profile, or remove a device from a group that's assigned the p
 
 ## I changed a device restriction profile, but the changes haven't taken effect
 
-To apply a less restrictive profile, some devices, such as Android, iOS/iPadOS, and Windows client, may need to be retired and re-enrolled in to Intune.
+To apply a less restrictive profile, some devices may need to be retired and re-enrolled in to Intune. For example, you may have to retire and re-enroll Android, iOS/iPadOS, and Windows client devices.
 
 ## Some settings in a Windows 10/11 profile return "Not Applicable"
 
diff --git a/memdocs/intune/configuration/device-profiles.md b/memdocs/intune/configuration/device-profiles.md
@@ -94,7 +94,7 @@ Use these settings to control how software updates are downloaded to devices in
 
 This feature supports:
 
-- Winodws 11
+- Windows 11
 - Windows 10
 
 ## Derived credential
