Merge pull request #8069 from ErikjeMS/win365

acrolinx fixes 3

Author: PRMerger-2

windows-365/enterprise/app-assure.md

@@ -32,9 +32,9 @@ ms.collection: M365-identity-device-management
 
 App Assure is a service that helps customers with application issues that might occur when using apps on Cloud PCs. If you experience any issues with your apps, Microsoft will help you fix them at no cost.
 
-App Assure is available to eligible customers with 150+ seats at no additional cost. For more information on eligibility requirements, see [Eligibility](/fasttrack/eligibility).
+App Assure is available to eligible customers with 150+ seats at no extra cost. For more information on eligibility requirements, see [Eligibility](/fasttrack/eligibility).
 
-Visit the [App Assure page](https://fasttrack.microsoft.com/dl/daa) and sign in to submit your request for assistance from a dedicated App Assure Manager. If you experience any issues while submitting your request, contact [email protected] and our team members will reach out to you. 
+Visit the [App Assure page](https://fasttrack.microsoft.com/dl/daa) and sign in to submit your request for assistance from a dedicated App Assure Manager. If you experience any issues while submitting your request, contact [email protected] and our team members will reach out to you.
 
 App Assure is part of the [FastTrack benefit](/fasttrack/introduction) from Microsoft 365.
 

windows-365/enterprise/app-overview.md

@@ -30,7 +30,7 @@ ms.collection: M365-identity-device-management
 
 # Applications in Windows 365
 
-As an IT admin, one of the easiest ways to get started with Windows 365 is to create Cloud PCs with default gallery images of Windows 10/11 Enterprise. After provisioning, you can customize the user experience  by using Microsoft Endpoint Manager to push apps to your users’ Cloud PCs. These can include existing Windows client apps already in your Microsoft Endpoint Manager environment. Since these Cloud PC devices are enrolled in Endpoint Manager, you can treat these like any other Windows device in your environment.
+As an IT admin, one of the easiest ways to get started with Windows 365 is to create Cloud PCs with default gallery images of Windows 10/11 Enterprise. After provisioning, you can customize the user experience by using Microsoft Endpoint Manager to push apps to your users’ Cloud PCs. These images can include existing Windows client apps already in your Microsoft Endpoint Manager environment. Since these Cloud PC devices are enrolled in Endpoint Manager, you can treat them like any other Windows device in your environment.
 
 The following apps are available with no need to upload:
 
@@ -47,7 +47,7 @@ The IntuneWin format is a way to pre-process Windows classic (Win32) apps. The t
 
 After you use this tool on the app installer folder, you can create an app enrollment configuration for enhanced deployment capabilities. For example, OS version dependencies and uninstall methods when you need to remove applications remotely.  
 
-If you select the most common application format (Win32), you must encapsulate the .exe or .msi file into a IntuneWin file. Windows 365 needs this as part of the App configuration set.  
+If you select the most common application format (Win32), you must encapsulate the .exe or .msi file into a IntuneWin file. Windows 365 needs this encapsulation as part of the App configuration set.  
 
 ### .MSI  
 

windows-365/enterprise/architecture.md

@@ -88,7 +88,7 @@ When configuring Cloud PCs to use Azure AD Join, Azure AD provides:
 - The domain join mechanism for the Cloud PCs.
 - User authentication for RDP connections.
 
-For more information on how the identity services impact the deployment, management, and usage of Cloud PCs, see [identity and authentication](identity-authentication.md).
+For more information on how the identity services affect the deployment, management, and usage of Cloud PCs, see [identity and authentication](identity-authentication.md).
 
 ### Azure AD
 
@@ -137,9 +137,9 @@ The following diagrams show the logical architecture for an Azure AD Join config
 
 All Cloud PC connectivity is provided by the virtual network interface card. The "hosted on behalf of" architecture means that the Cloud PCs exist in the subscription owned by Microsoft. Therefore, Microsoft incurs the costs for running and managing this infrastructure.
 
-Windows 365 manages the capacity and in-region availability in the Windows 365 subscriptions. Windows 365 determines the size and type of VM based on the [license](cloud-pc-size-recommendations.md) you [assign to the user](assign-licenses.md). Windows 365 determines the Azure region to host your Cloud PCs in based on the virtual network you select when [creating an on-prem network connection](create-azure-network-connection.md).
+Windows 365 manages the capacity and in-region availability in the Windows 365 subscriptions. Windows 365 determines the size and type of VM based on the [license](cloud-pc-size-recommendations.md) you [assign to the user](assign-licenses.md). Windows 365 determines the Azure region to host your Cloud PCs in based on the virtual network you select when [creating an on-premises network connection](create-azure-network-connection.md).
 
-Windows 365 aligns with Microsoft 365 data protection policies and provisions. Customer data within Microsoft's enterprise cloud services is protected by various technologies and processes:
+Windows 365 aligns with Microsoft 365 data protection policies. Customer data within Microsoft's enterprise cloud services is protected by various technologies and processes:
 
 - Various forms of encryption.
 - Isolated logically from other tenants.

windows-365/enterprise/assign-licenses.md

@@ -32,7 +32,7 @@ ms.collection: M365-identity-device-management
 
 Before a user can use a Cloud PC, you must assign a [Windows 365 license](https://www.microsoft.com/windows-365/all-pricing) to that user. You can assign the licenses using either of these methods:
 
-- Microsoft 365 admin center for individual users. For steps on how to do this, see [Assign licenses to users](/microsoft-365/admin/manage/assign-licenses-to-users).
+- Microsoft 365 admin center for individual users. For steps on how to use admin center to assign licenses, see [Assign licenses to users](/microsoft-365/admin/manage/assign-licenses-to-users).
 - [Azure AD admin center](https://aad.portal.azure.com/) for group license assignments. For more information about group license assignments, see [Assign licenses to users by group membership in Azure Active Directory](/azure/active-directory/enterprise-users/licensing-groups-assign).
 - To assign direct licenses to a list of individual users, see [Assign licenses for Windows 365](/microsoft-365/enterprise/assign-licenses-to-user-accounts-with-microsoft-365-powershell) or see [Assign license](/graph/api/user-assignlicense) to perform through Graph  
 

windows-365/enterprise/assign-users-as-local-admin.md

@@ -32,7 +32,7 @@ ms.collection: M365-identity-device-management
 
 The **User settings** page lets IT administrators manage various settings for the user. Currently, the only setting is the option of making the user a local admin in their Cloud PC.  
 
-When managing settings, keep the following in mind:
+When managing settings, keep the following points in mind:
 
 - The privileges can be applied before or after a Cloud PC is assigned.
 - Local administrator permissions apply at the user level.
@@ -72,7 +72,7 @@ When managing settings, keep the following in mind:
 
 ## Conflict Resolution for Local Admin
 
-Because user setting policies are assigned to user groups, there’s a possibility of overlap for groups/users. If a user is assigned to more than one user setting policy, user settings will honor the most-recently created policy and ignore all others. The last time a policy was updated doesn't impact this priority. To make sure user settings are consistent and clear, avoid any policy targeting overlaps.
+Because user setting policies are assigned to user groups, there’s a possibility of overlap for groups/users. If a user is assigned to more than one user setting policy, user settings will honor the most-recently created policy and ignore all others. The last time a policy was updated doesn't affect this priority. To make sure user settings are consistent and clear, avoid any policy targeting overlaps.
 
 <!-- ########################## -->
 ## Next steps

windows-365/enterprise/automated-provisioning-steps.md

@@ -43,25 +43,25 @@ There are three stages that Windows 365 automatically completes for Cloud PC pro
 Core provisioning is optimized to only perform necessary steps to make sure a Cloud PC is provisioned successfully.
 
 1. **Allocate Azure capacity**: When provisioning first begins, Windows 365 allocates Azure capacity in the customer’s supported region of choice. Customers don’t need to manage capacity and allocation manually.
-2. **Create VM**: A virtual machine is created based on the Windows 365 license assigned to the user. Each Windows 365 license includes hardware capacity information. The VM is created with these specs.
-3. **Attach the VM to the appropriate network**: When the VM is created, a virtual NIC is also created. If the provisioning policy specifies a Microsoft hosted network, the NIC is attached to an existing or new virtual network in the selected region specifically for the customer. If the provisioning policy specifies an Azure network connection, the NIC is injected into the customers provided vNet. This lets the Cloud PC connect to the customers on-premises network.
+2. **Create VM**: A virtual machine is created based on the Windows 365 license assigned to the user. Each Windows 365 license includes hardware capacity information. The VM is created with these specifications.
+3. **Attach the VM to the appropriate network**: When the VM is created, a virtual NIC is also created. If the provisioning policy specifies a Microsoft hosted network, the NIC is attached to an existing or new virtual network in the selected region specifically for the customer. If the provisioning policy specifies an Azure network connection, the NIC is injected into the customers provided vNet. This step lets the Cloud PC connect to the customers on-premises network.
 4. **Join to Azure AD**: After the VM is running, the device will be joined to Azure AD in one of two ways:
 
     - Through Azure AD Join: the device performs the Azure AD Join operation and has no Windows Server Active Directory dependency.
     - Through Hybrid Azure AD Join: the device performs the domain join operation on the customer’s domain and is then registered to Azure AD through synchronization or federation. In this step, we wait for the computer object to appear in Azure AD before proceeding.
 
-6. **Intune MDM enroll**: After the Azure AD object is available, the Cloud PC is enrolled in Intune. This is performed as a device enrollment and no user credentials need to be provided.
+6. **Intune MDM enroll**: After the Azure AD object is available, the Cloud PC is enrolled in Intune. This step is performed as a device enrollment and no user credentials need to be provided.
 7. **Primary user assignment**: The Cloud PC user is assigned to the Intune primary user to make sure self service and reporting scenarios work seamlessly.
 
 ## Post provisioning configuration
 
 After core provisioning is complete, Windows 365 optimizes the configuration to ensure the best end-user Cloud PC experience.
 
-1. **Hide Start Menu power icons**: Hide the shutdown button in the start menu (HKLM:\Software\Microsoft\PolicyManager\default\Start\HideShutDown\value) and Hide the shutdown button in the login screen (HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\ShutDownWithoutLogon).
+1. **Hide Start Menu power icons**: Hide the shutdown button in the start menu (HKLM:\Software\Microsoft\PolicyManager\default\Start\HideShutDown\value) and Hide the shutdown button in the sign-in screen (HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\ShutDownWithoutLogon).
 2. **Disable Windows reset action**: reagent: c.exe /disable
 3. **Assign user as administrator (when applicable)**:
-  $Member = '[email protected]'  # use OnPremisesUserPrincipalName
-  Add-LocalGroupMember -Group "Administrators" -Member $Member
+  ```$Member = '[email protected]'  # use OnPremisesUserPrincipalName```
+  ```Add-LocalGroupMember -Group "Administrators" -Member $Member```
 4. **Set Teams for VDI mode**: Hosted desktop optimization (HKLM:\SOFTWARE\Microsoft\Teams\IsWVDEnvironment).
 5. **Enable time zone Redirection**: Enable the setting (HKLM:\Softare\Policies\Microsoft\Windows NT\Terminal Services\ fEnabletimezoneRedirection).
 6. **Resize OS disk partition to match license**: Resize the OS disk to match the size of the Azure Managed Disk.

windows-365/enterprise/azure-network-connections.md

@@ -42,7 +42,6 @@ There are two kinds of ANCs based on their join type. Both let you manage traffi
 - **Azure AD Join**: Doesn't require connectivity to a Windows Server Active Directory (AD) domain.
 - **Hybrid Azure AD Join**: Requires connectivity to a Windows Server AD domain. You must provide the AD domain details when you [create the ANC](create-azure-network-connection.md).
 
-
 ## Provisioning
 
 When a Cloud PC is provisioned, the information in the ANC is used by the provisioning policy to provision the Cloud PC in the Azure subnet. The information required in an ANC includes:
@@ -72,7 +71,12 @@ While this first ANC health check is underway, you can’t assign it to a provis
 
 ## Periodic health checks
 
-After provisioning, the information in an ANC is also used to monitor the connection health between your network-based resources and the Cloud PC hosted in the Microsoft hosted subscription. Windows 365 will report configuration issues that may cause provisioning failures or poor end-user experiences. This monitoring reduces your management overhead. For more information on these periodic checks, see [Azure network connection health checks](health-checks.md).
+After provisioning, the information in an ANC is also used to monitor:
+
+- the connection health between your network-based resources
+- the Cloud PC hosted in the Microsoft hosted subscription
+
+Windows 365 will report configuration issues that may cause provisioning failures or poor end-user experiences. This monitoring reduces your management overhead. For more information on these periodic checks, see [Azure network connection health checks](health-checks.md).
 
 ## Health check frequency
 
@@ -95,7 +99,7 @@ The ANC wizard requires access to Azure and, optionally, on-premises domain reso
 - Active directory (Hybrid Azure AD Join ANCs only)
   - An Active Directory user account with sufficient permissions to join the AD domain into this Organizational Unit.
 
-To create, edit , or delete an ANC, you'll also need to have one of the following permissions:
+To create, edit, or delete an ANC, you'll also need to have one of the following permissions:
 
 - Intune Administrator in Azure AD
 - Cloud PC administrator

windows-365/enterprise/business-continuity-disaster-recovery.md

@@ -37,7 +37,7 @@ Windows 365 provides highly resilient user cloud pcs, including:
 - Automated in-zone disaster recovery for compute.
 - Recovery Point Objective (RPO) of ~0.
 
-Windows 365 is part of Microsoft 365 and seamlessly uses Windows and Microsoft 365 solutions, features, and tools. This helps to make sure that user data and user context are portable and resilient. Important optional Windows and Microsoft 365 solutions include:
+Windows 365 is part of Microsoft 365 and seamlessly uses Windows and Microsoft 365 solutions, features, and tools. This integration helps to make sure that user data and user context are portable and resilient. Important optional Windows and Microsoft 365 solutions include:
 
 - OneDrive
 - OneDrive for Business
@@ -64,7 +64,7 @@ Azure automatically identifies compute failures and automatically moves the user
 
 If a user is actively using a session, there may be a slight disruption to the user while the service is restored. After restoration, the user must restore the connection by signing into their Cloud PC session again. If an in-zone failure occurs while the user is signed in and actively using their Cloud PC session, the user will lose access until the system is restored.
 
-Storage systems are separate from compute functions, and use storage redundancy to help deliver Windows 365 disaster recovery with an RPO of ~0. Automated Windows 365 disaster recovery is based on an up-to-date copy of the OS disk, with an RPO of ~0. Therefore, the process of recovery starts automatically because there is no need to accept the data loss associated with a past point-in-time recovery.
+Storage systems are separate from compute functions, and use storage redundancy to help deliver Windows 365 disaster recovery with an RPO of ~0. Automated Windows 365 disaster recovery is based on an up-to-date copy of the OS disk, with an RPO of ~0. Therefore, the process of recovery starts automatically because there's no need to accept the data loss associated with a past point-in-time recovery.
 
 ## OneDrive, OneDrive for Business and OneDrive with Known Folder Move