Merge pull request #6994 from mestew/ca-ci-baseline-13783318

CMADO-13783318, CMADO-9906327

Author: PRMerger13

memdocs/configmgr/compliance/deploy-use/create-configuration-baselines.md

@@ -2,7 +2,7 @@
 title: Create configuration baselines
 titleSuffix: Configuration Manager
 description: Create configuration baselines in Configuration Manager that you can deploy to a collection.
-ms.date: 01/10/2022
+ms.date: 03/10/2022
 ms.prod: configuration-manager
 ms.technology: configmgr-compliance
 ms.topic: conceptual
@@ -81,10 +81,11 @@ You can add evaluation of custom configuration baselines as a compliance policy
 
 To include custom configuration baselines as part of compliance policy assessment, do the following:
 
-- Create and deploy a compliance policy to a user collection with a rule to [**Include configured baselines in compliance policy assessment**](#bkmk_CA).
-- Select [**Evaluate this baseline as part of compliance policy assessment**](#bkmk_eval-baseline) in a configuration baseline deployed to a device collection.
+- Create and deploy a compliance policy to a *user* collection with a rule to [**Include configured baselines in compliance policy assessment**](#bkmk_CA).
+- Select [**Evaluate this baseline as part of compliance policy assessment**](#bkmk_eval-baseline) in a configuration baseline deployed to a *device* collection.
 
 > [!IMPORTANT]
+> - The configuration baseline must be deployed to a *device* collection. Baselines deployed to *user* collections aren't honored when these settings are used. <!--13139787,13783318 --> 
 > - When targeting devices that are co-managed, ensure you meet the [co-management prerequisites](../../comanage/overview.md#prerequisites). Co-managed clients ignore service windows for remediation when their compliance policies workload is managed by Intune. <!--12439085, 12412748-->
 > - For devices managed by Configuration Manager, the client honors the service window for compliance policy remediation. To ignore the service window and remediate immediately, select **Check compliance** in the **Software Center**. <!--12439085, 12412748-->
 

memdocs/configmgr/compliance/deploy-use/create-custom-configuration-items-for-windows-desktop-and-server-computers-managed-with-the-client.md

@@ -2,7 +2,7 @@
 title: Create custom configuration items
 titleSuffix: Configuration Manager
 description: Manage settings for Windows computers and servers with a custom configuration item for Windows desktops and servers
-ms.date: 01/04/2021
+ms.date: 03/10/2022
 ms.prod: configuration-manager
 ms.technology: configmgr-compliance
 ms.topic: conceptual
@@ -220,7 +220,9 @@ The value returned by the script is used to assess the compliance of the global
 
 - **Discovery script**: Select **Add Script**, and enter or browse to a script. This script is used to find the value. You can use Windows PowerShell, VBScript, or Microsoft JScript scripts.  
 
-- **Remediation script (optional)**: Select **Add Script**, and enter or browse to a script. This script is used to remediate non-compliant setting values. You can use Windows PowerShell, VBScript, or Microsoft JScript scripts.  
+- **Remediation script (optional)**: Select **Add Script**, and enter or browse to a script. This script is used to remediate non-compliant setting values. You can use Windows PowerShell, VBScript, or Microsoft JScript scripts.
+    > [!IMPORTANT]  
+    > - To properly report a remediation failure, scripts need to throw exceptions rather than a nonzero exit code. <!--8760430-->
 
 - **Run scripts by using the logged on user credentials**: If you enable this option, the script runs on client computers that use the credentials of the signed-in user.  
 
@@ -319,7 +321,9 @@ Compliance rules specify the conditions that define the compliance of a configur
     - **WQL query**  
 
     > [!IMPORTANT]  
-    > You can only remediate noncompliant rules when the rule operator is set to **Equals**.  
+    > - To properly report a remediation failure, scripts need to throw exceptions rather than a nonzero exit code. <!--8760430-->
+    > - You can only remediate noncompliant rules when the rule operator is set to **Equals**. 
+
 
 - **Report noncompliance if this setting instance is not found**: If this setting isn't found on client computers, enable this option for the configuration item to report noncompliance.