Merge branch 'main' into patch-21

Author: lenewsad

.openpublishing.publish.config.json

@@ -49,7 +49,7 @@
     {
       "path_to_root": "mde",
       "url": "https://github.com/MicrosoftDocs/microsoft-365-docs-pr/",
-      "branch": "master",
+      "branch": "main",
       "branch_mapping": {}
     },
     {
@@ -74,4 +74,4 @@
   "docs_build_engine": {
     "name": "docfx_v3"
   }
-}
+}

.openpublishing.redirection.json

@@ -1087,6 +1087,11 @@
             "source_path": "memdocs/configmgr/core/plan-design/hierarchy/state-messaging-system-center-configuration-manager.md",
             "redirect_url": "/mem/configmgr/core/plan-design/hierarchy/state-messages",
             "redirect_document_id": true
+        },
+        {
+            "source_path": "memdocs/configmgr/sum/deploy-use/uup-preview.md",
+            "redirect_url": "/mem/configmgr/sum/index",
+            "redirect_document_id": true
         }
     ]
 }

memdocs/analytics/media/8816759-per-device-scores-chart.png

@@ -2,7 +2,7 @@
 title: Tutorial - Proactive remediations
 titleSuffix: Microsoft Endpoint Manager
 description: A tutorial on using Proactive remediations to enhance the user
-ms.date: 12/17/2021
+ms.date: 03/07/2022
 ms.prod: configuration-manager
 ms.technology: configmgr-analytics
 ms.topic: tutorial
@@ -59,10 +59,10 @@ Proactive remediations requires the [licensing for Endpoint analytics](enroll-in
 
 ### <a name="bkmk_requirements"></a> Script requirements
 
+- You can have up to 200 script packages.
+   - A script package can contain a detection script only or both a detection script and a remediation script.
 - Ensure the scripts are encoded in UTF-8.
-
 - The maximum allowed output size limit is 2048 characters.
-
 - If the option **Enforce script signature check** is enabled in the [Settings](#bkmk_prs_deploy) page of creating a script package, the script runs using the device's PowerShell execution policy. The default execution policy for Windows client computers is **Restricted**. The default execution for Windows Server devices is **RemoteSigned**. For more information, see [PowerShell execution policies](/powershell/module/microsoft.powershell.core/about/about_execution_policies#powershell-execution-policies).
    - Scripts built into Proactive remediations are signed and the certificate is added to the **Trusted Publishers** certificate store of the device.
    - When using third-party scripts that are signed, make sure the certificate is in the **Trusted Publishers** certificate store. As with any certificate, the certificate authority must be trusted by the device.

memdocs/analytics/media/8816759-per-device-scores.png

@@ -2,7 +2,7 @@
 title: Scores, baselines, and insights in Endpoint Analytics
 titleSuffix: Microsoft Endpoint Manager
 description: Learn about scores, baselines, and insights in Endpoint Analytics
-ms.date: 12/15/2021
+ms.date: 03/22/2022
 ms.prod: configuration-manager
 ms.technology: configmgr-analytics
 ms.topic: conceptual
@@ -57,7 +57,11 @@ To help you identify devices that could be impacting user experience, Endpoint a
 
 Selecting a device from the **Devices scores** tab loads a device page that gives you more information. From the device's **Startup performance** tab, review **Boot history** and **Sign-in history** for experience impacting trends. The **Application reliability** tab provides insight into potential issues for desktop applications on the managed device.
 
-:::image type="content" source="media/8816759-per-device-scores.png" alt-text="Screenshot of a device's Endpoint analytics score with the startup performance and application reliability subscores." lightbox="media/8816759-per-device-scores.png"::: 
+:::image type="content" source="media/8816759-per-device-scores.png" alt-text="Screenshot of a device's Endpoint analytics score with the startup performance and application reliability subscores." lightbox="media/8816759-per-device-scores.png":::
+
+You can also access per device scores on a device's **User experience** page. From the **User experience** page you can review the **Endpoint analytics**, **Startup performance**, and **Application reliability** information for the specific device.
+
+:::image type="content" source="media/user-experience-page.png" alt-text="Screenshot of a device's user experience page displaying the startup performance tab." lightbox="media/user-experience-page.png":::
 
 ### <a name="bkmk_drill-in"></a> Device level drill-in from reports
 

memdocs/analytics/media/user-experience-page.png

@@ -8,8 +8,8 @@ ms.localizationpriority: medium
 ms.sitesec: library
 ms.pagetype: deploy
 audience: itpro
-author: greg-lindsay
-ms.author: greglin
+author: aczechowski
+ms.author: aaroncz
 ms.reviewer: jubaptis
 manager: dougeby
 ms.date: 08/05/2021
@@ -28,7 +28,7 @@ ms.collection:
 - Windows 10
 - Windows Holographic, version 2004
 
-You can do Windows Autopilot device registration within your organization by manually collecting the hardware identity of devices (hardware hashes) and uploading this information in a comma-separated-values (CSV) file. Capturing the hardware hash for manual registration requires booting the device into Windows. So, this process is primarily for testing and evaluation scenarios.
+You can perform Windows Autopilot device registration within your organization by manually collecting the hardware identity of devices (hardware hashes) and uploading this information in a comma-separated-values (CSV) file. Capturing the hardware hash for manual registration requires booting the device into Windows. So, this process is primarily for testing and evaluation scenarios.
 
 Device owners can only register their devices with a hardware hash. Other methods (PKID, tuple) are available through OEMs or CSP partners.
 
@@ -50,7 +50,14 @@ Device enrollment requires *Intune Administrator* or *Policy and Profile Manager
 
 ## Collect the hardware hash
 
-You can use either Microsoft Endpoint Configuration Manager or Windows PowerShell to collect the hardware hash from existing devices.
+The following methods are available to harvest a hardware hash from existing devices:
+
+1. Using [Microsoft Endpoint Configuration Manager](#configuration-manager)
+2. Using [Windows PowerShell](#powershell)
+3. During OOBE by using the [Diagnostics Page](#diagnostics-page-hash-export) (Windows 11 only)
+4. From the Desktop using [Settings > Accounts](#desktop-hash-export)
+
+Each of these methods is described below.
 
 In *Windows 10 version 1809 and earlier*, it's important to capture the hardware hash and create an Autopilot device profile before you connect a device to the internet. Those steps include collecting the hardware hash, uploading the CSV file into Microsoft Store for Business (MSfB) or Intune, assigning the profile, and confirming the profile assignment. 
 
@@ -118,6 +125,25 @@ To install the script directly and capture the hardware hash from the local comp
 
 For more information about running the *Get-WindowsAutoPilotInfo.ps1* script, see the script's help by using `Get-Help Get-WindowsAutoPilotInfo`.
 
+### Diagnostics page hash export
+
+To export a hardware hash using the [Windows Autopilot Diagnostics Page](windows-autopilot-whats-new.md#windows-autopilot-diagnostics-page), the device must be running Windows 11.
+
+Windows Autopilot Diagnostics are available in OOBE. 
+
+During OOBE, press **Ctrl-Shift-D** to bring up the Diagnostics Page. From this page, you can export logs to a thumb drive. The logs will include a CSV file with the hardware hash.
+
+### Desktop hash export
+
+1. From the Windows 10 or Windows 11 Desktop, click **Settings** > **Accounts** > **Access work or school**.
+2. Export log files. The logs will include a CSV file with the hardware hash.
+   - Windows 11: In the **Export your management log files** tile, click **Export**. 
+   - Windows 10: Click the **Export your management log files** link.
+
+Log files are exported to the Users\Public\Documents\MDMDiagnostics directory.
+
+For more information, see [Diagnose MDM failures in Windows 10](/windows/client-management/mdm/diagnose-mdm-failures-in-windows-10)
+
 ## Ensure that the CSV file meets requirements
 
 Device information in the CSV file where you capture hardware hashes should include:

memdocs/analytics/proactive-remediations.md

@@ -8,8 +8,8 @@ ms.localizationpriority: medium
 ms.sitesec: library
 ms.pagetype: deploy
 audience: itpro
-author: greg-lindsay
-ms.author: greglin
+author: aczechowski
+ms.author: aaroncz
 ms.reviewer: jubaptis
 manager: dougeby
 ms.date: 11/05/2021
@@ -50,4 +50,4 @@ When using the [Windows Autopilot for existing devices](existing-devices.md) sce
 
 ## Also see
 
-[Registration overview](registration-overview.md)
+[Registration overview](registration-overview.md)

memdocs/analytics/scores.md

@@ -8,8 +8,8 @@ ms.localizationpriority: medium
 ms.sitesec: library
 ms.pagetype: deploy
 audience: itpro
-author: greg-lindsay
-ms.author: greglin
+author: aczechowski
+ms.author: aaroncz
 ms.reviewer: jubaptis
 manager: dougeby
 ms.date: 2/1/2022