Merge pull request #16192 from MicrosoftDocs/main

Publish main to live 09/23/2024, 3:30 PM
MicrosoftDocs · Sep 23, 2024 · 0d4736a · 0d4736a
2 parents 5a33d2e + 8f68224
commit 0d4736a
Show file tree

Hide file tree

Showing 5 changed files with 31 additions and 6 deletions.
diff --git a/memdocs/intune/configuration/device-profiles.md b/memdocs/intune/configuration/device-profiles.md
@@ -8,7 +8,7 @@ author: MandiOhlinger
 
 ms.author: mandia
 manager: dougeby
-ms.date: 07/18/2024
+ms.date: 09/23/2024
 ms.topic: overview
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -207,6 +207,11 @@ This feature supports:
 
 ## Endpoint protection
 
+> [!IMPORTANT]
+> This template is deprecated in the August 2024 service release (2408). Existing policies continue to work. But, you can't create new policies using this template.
+>
+> Instead, use the settings catalog to create new policies that configure the FileVault, Firewall, and System Policy Control (Gatekeeper) payloads. To learn more, go to [macOS settings catalog](settings-catalog.md).
+
 [Endpoint protection](../protect/endpoint-protection-configure.md) configures BitLocker and Microsoft Defender settings for Windows client devices. On macOS devices, you can also configure the firewall, gateway, and other resources.
 
 To onboard Microsoft Defender for Endpoint with Microsoft Intune, see [Configure endpoints using Mobile Device Management (MDM) tools](/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm).
@@ -228,6 +233,11 @@ This feature supports:
 
 ## Extensions
 
+> [!IMPORTANT]
+> This template is deprecated in the August 2024 service release (2408). Existing policies continue to work. But, you can't create new policies using this template.
+>
+> Instead, use the settings catalog to create new policies that configure the System Extensions payload. To learn more, go to [macOS settings catalog](settings-catalog.md).
+
 [macOS system extensions and kernel extensions](kernel-extensions-overview-macos.md) allows administrators to add features or programs that extend the native capabilities of the operating system. Configure these settings to trust all extensions from a specific developer or partner, or allow specific extensions.
 
 This feature supports:

diff --git a/memdocs/intune/configuration/kernel-extensions-overview-macos.md b/memdocs/intune/configuration/kernel-extensions-overview-macos.md
@@ -8,7 +8,7 @@ keywords: macos, kernel extensions, system extensions, microsoft intune, endpoin
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 01/11/2024
+ms.date: 09/11/2024
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -114,6 +114,11 @@ For more information on kernel extensions, go to [kernel extensions](https://dev
 
 ## Create the kernel extension policy
 
+> [!IMPORTANT]
+> This macOS extensions template is deprecated in the August 2024 service release (2408). Existing policies continue to work. But, you can't create new policies using this template.
+>
+> Instead, use the settings catalog to create new policies that configure the System Extension payload. To learn more about the settings catalog, go to [settings catalog](settings-catalog.md).
+
 1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
 2. Select **Devices** > **Manage devices** > **Configuration** > **Create** > **New policy**.
 3. Enter the following properties:

diff --git a/memdocs/intune/fundamentals/intune-govt-service-description.md b/memdocs/intune/fundamentals/intune-govt-service-description.md
@@ -77,7 +77,7 @@ The following features are available and supported in Microsoft GCC High and/or
 | Remote Help | ✅ <br/><br/> Remote Help is supported in GCC on Android, macOS, and Windows devices. It's not supported in GCC High or DoD.<br/><br/> For more information on this feature, go to [Remote Help in Microsoft Intune](../fundamentals/remote-help.md). |
 | Windows Autopilot device preparation | ✅ <br/><br/> Some features are available now, such as user-driven deployments, and some are still [in the planning phase](#in-the-planning-phase). For more information on the recent changes to Windows Autopilot device preparation, go to [Blog: Windows deployment with the next generation of Windows Autopilot](https://techcommunity.microsoft.com/t5/microsoft-intune-blog/windows-deployment-with-the-next-generation-of-windows-autopilot/ba-p/4148169). <br/><br/> To get started with Windows Autopilot device preparation, go to [Windows Autopilot Device Preparation overview](/autopilot/device-preparation/overview). |
 | Log Analytics | ✅ <br/><br/> You can send Intune log data to Azure Storage, Event Hubs, or Log Analytics. <br/><br/> For more information on this feature, go to [Send log data to storage, event hubs, or log analytics from Intune](review-logs-using-azure-monitor.md). |
-| Microsoft Intune Plan 2 </br>and Microsoft Intune Suite | For more information on these plans, go to [Use Intune Suite add-on capabilities](intune-add-ons.md). <br/><br/> The following Plan 2 features support the GCC High and DoD environements: </br>- [Microsoft Tunnel for Mobile Application Management](../protect/microsoft-tunnel-mam.md) </br>- [Firmware-over-the-air update](../protect/fota-updates-android.md) </br>- [Specialty devices management](../fundamentals/specialty-devices-with-intune.md) </br></br>  The following Microsoft Intune Suite features support the GCC High and DoD environements: </br>- [Endpoint Privilege Management](../protect/epm-overview.md) </br>- [Advanced Analytics](../../analytics/advanced-endpoint-analytics.md)  - With this release, GCC High and DoD support for Advanced Endpoint Analytics not include the [*Device query*](../../analytics/device-query.md) functionality.|
+| Microsoft Intune Plan 2 </br>and Microsoft Intune Suite | For more information on these plans, go to [Use Intune Suite add-on capabilities](intune-add-ons.md). <br/><br/> The following Plan 2 features support the GCC High and DoD environments: </br>- [Microsoft Tunnel for Mobile Application Management](../protect/microsoft-tunnel-mam.md) </br>- [Firmware-over-the-air update](../protect/fota-updates-android.md) </br>- [Specialty devices management](../fundamentals/specialty-devices-with-intune.md) </br></br>  The following Microsoft Intune Suite features support the GCC High and DoD environments: </br>- [Endpoint Privilege Management](../protect/epm-overview.md) </br>- [Advanced Analytics](../../analytics/advanced-endpoint-analytics.md)
 
 ### In the planning phase
 

diff --git a/memdocs/intune/user-help/sso-dialog-faqs.yml b/memdocs/intune/user-help/sso-dialog-faqs.yml
@@ -36,7 +36,7 @@ sections:
           On a Windows device, navigate to the **Settings** app > **Accounts** > **Access work or school** > Select your account > **Disconnect**. If you don't have access to the device you signed in to, go to [https://account.microsoft.com/devices](https://account.microsoft.com/devices) to manage your account and sign out.
     
           > [!NOTE] 
-          > Signing out of any individual app doesn't remove your account from your device. Signing out of a desktop app doesn't remove your account from the device. You must sign out of all apps via settings or [https://account.microsoft.com/devices](https://account.microsoft.com/devices) to remove your account from the device.
+          > Signing out of any individual desktop app doesn't remove your account from the device. You must sign out of all apps via settings or [https://account.microsoft.com/devices](https://account.microsoft.com/devices) to remove your account from the device.
 
       - question: |
           What does selecting "No, this app only" do?
@@ -70,7 +70,7 @@ sections:
       - question: |
           What happens if I uncheck the device management checkbox but sign in to all apps?
         answer: |
-          You're signed in to all native and desktop apps on your device, but your device isn't enrolled in [mobile device management](/windows/client-management/mdm-overview). Your organization might require MDM to access some applications or resources, without it you might not have access.
+          You're signed in to all desktop apps on the device, but the device isn't enrolled in [mobile device management](/windows/client-management/mdm-overview). Your organization might require MDM to access some applications or resources, without it you might not have access.
 
       - question: |
           What can my administrator do if I enroll in mobile device management?

diff --git a/windows-365/enterprise/whats-new.md b/windows-365/enterprise/whats-new.md
@@ -7,7 +7,7 @@ keywords:
 author: ErikjeMS  
 ms.author: erikje
 manager: dougeby
-ms.date: 09/20/2024
+ms.date: 09/23/2024
 ms.topic: conceptual
 ms.service: windows-365
 ms.subservice: windows-365-enterprise
@@ -55,6 +55,16 @@ For more information about public preview items, see [Public preview in Windows
 ### Windows 365 app
 -->
 
+<!-- ########################## -->
+## Week of September 23, 2024
+
+<!-- vvvvvvvvvvvvvvvvvvvvvv -->
+### Device management
+
+#### Windows 11 Cloud PCs now support EN-NZ<!--54032315-->
+
+Windows 365 Cloud PCs now support EN-NZ for Windows 11.
+
 <!-- ########################## -->
 ## Week of September 16, 2024