From 1475dae4bfe7aa46682cb989885104e7d8ed41b7 Mon Sep 17 00:00:00 2001 From: Erik Reitan <7407729+Erikre@users.noreply.github.com> Date: Mon, 30 Sep 2024 11:05:24 -0700 Subject: [PATCH 1/3] erikre-docs-29409875 --- memdocs/intune/fundamentals/deployment-guide-enrollment.md | 2 +- memdocs/intune/fundamentals/deployment-plan-protect-apps.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/memdocs/intune/fundamentals/deployment-guide-enrollment.md b/memdocs/intune/fundamentals/deployment-guide-enrollment.md index 1924b7bf387..0556bfafa2d 100644 --- a/memdocs/intune/fundamentals/deployment-guide-enrollment.md +++ b/memdocs/intune/fundamentals/deployment-guide-enrollment.md @@ -146,7 +146,7 @@ On the platforms that don't require a factory reset, when these devices enroll i There's an enrollment guide for every platform. Choose your scenario, and get started: -- [Application management without enrollment (MAM-WE)](deployment-guide-enrollment-mamwe.md) +- [Application management without enrollment](deployment-guide-enrollment-mamwe.md) - [Android](deployment-guide-enrollment-android.md) - [iOS/iPadOS](deployment-guide-enrollment-ios-ipados.md) - [Linux](deployment-guide-enrollment-linux.md) diff --git a/memdocs/intune/fundamentals/deployment-plan-protect-apps.md b/memdocs/intune/fundamentals/deployment-plan-protect-apps.md index 75252fe7e0f..73427bba58d 100644 --- a/memdocs/intune/fundamentals/deployment-plan-protect-apps.md +++ b/memdocs/intune/fundamentals/deployment-plan-protect-apps.md @@ -32,7 +32,7 @@ The next step when deploying Intune is to add and protect apps that access organ :::image type="content" source="./media/deployment-plan-protect-apps/deployment-plan-add-apps.png" alt-text="Diagram that shows getting started with Microsoft Intune with step 2, which is adding and protect apps using Microsoft Intune."::: -Managing applications on devices in your organization is a central part to a secure and productive enterprise ecosystem. You can use Microsoft Intune to manage the apps that your company's workforce uses. By managing apps, you help control which apps your company uses, as well as the configuration and protection of the apps. This functionality is called mobile application management (MAM). MAM in Intune is designed to protect organization data at the application level, including custom apps and store apps. App management can be used on organization-owned devices and personal devices. When it is used with personal devices, only organization-related access and data is managed. This type of app management is called MAM without enrollment (MAM-WE), or from an end-user perspective, bring your own device (BYOD). +Managing applications on devices in your organization is a central part to a secure and productive enterprise ecosystem. You can use Microsoft Intune to manage the apps that your company's workforce uses. By managing apps, you help control which apps your company uses, as well as the configuration and protection of the apps. This functionality is called mobile application management (MAM). MAM in Intune is designed to protect organization data at the application level, including custom apps and store apps. App management can be used on organization-owned devices and personal devices. When it is used with personal devices, only organization-related access and data is managed. This type of app management is called MAM without enrollment, or from an end-user perspective, bring your own device (BYOD). ## MAM configurations @@ -45,7 +45,7 @@ Microsoft Intune supports two MAM configurations: ### MAM without device management -This configuration allows your organization's apps to be managed by Intune, but doesn't enroll the devices to be managed by Intune. This configuration is commonly referred to as **MAM without device enrollment**, or **MAM-WE**. IT administrators can manage apps using MAM by using Intune configuration and protection policies on devices not enrolled with Intune mobile-device management (MDM). +This configuration allows your organization's apps to be managed by Intune, but doesn't enroll the devices to be managed by Intune. This configuration is commonly referred to as **MAM without device enrollment**. IT administrators can manage apps using MAM by using Intune configuration and protection policies on devices not enrolled with Intune mobile-device management (MDM). > [!NOTE] > This configuration includes managing apps with Intune on devices enrolled with third-party enterprise mobility management (EMM) providers. You can use Intune app protection policies independent of any MDM solution. This independence helps you protect your company's data with or without enrolling devices in a device management solution. By implementing app-level policies, you can restrict access to company resources and keep data within the purview of your IT department. From e2e88b255815804ac422354619dcbe138b880fb1 Mon Sep 17 00:00:00 2001 From: ErikjeMS Date: Mon, 30 Sep 2024 14:12:02 -0700 Subject: [PATCH 2/3] update Win365 app to Win App --- windows-365/enterprise/set-up-tenants-windows-365-gcc.md | 6 +++--- windows-365/enterprise/troubleshoot-windows-365-boot.md | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/windows-365/enterprise/set-up-tenants-windows-365-gcc.md b/windows-365/enterprise/set-up-tenants-windows-365-gcc.md index ec7c952fd86..f90cb495457 100644 --- a/windows-365/enterprise/set-up-tenants-windows-365-gcc.md +++ b/windows-365/enterprise/set-up-tenants-windows-365-gcc.md @@ -80,11 +80,11 @@ If you want to use Microsoft Entra join or Microsoft Entra hybrid join, consider For the Windows 365 GCC Setup Tool to complete tenant mapping, the Windows 365 Microsoft Entra application must be given permission to access your Azure Government AD tenant through a service principal. The service principal object defines what the app can do in the tenant, who can access the app, and what resources the app can access. Before running the Windows 365 GCC Setup Tool the first time, you must do the following: 1. If not already completed, install the Azure CLI on the computer where you will be creating the service principal. For more information, see [How to install the Azure CLI](/cli/azure/install-azure-cli). -2. Sign into your Azure Government AD tenant by using the Azure CLI steps defined in [Sign in with Azure CLI](/cli/azure/authenticate-azure-cli). Global Administrator permissions are required to create the service principal for the Windows 365 App. +2. Sign into your Azure Government AD tenant by using the Azure CLI steps defined in [Sign in with Azure CLI](/cli/azure/authenticate-azure-cli). Global Administrator permissions are required to create the service principal for Windows App. 3. For more information about working with service principals in Azure, see [Work with Azure service principal using the Azure CLI](/cli/azure/azure-cli-sp-tutorial-1). Grant the Windows 365 Microsoft Entra app permissions to your tenant by running the following PowerShell command: ```az ad sp create --id 0af06dc6-e4b5-4f28-818e-e78e62d137a5```. -4. After the command completes successfully, you should be able to view details about the service principal by running the following PowerShell command: ```az ad sp show --id 0af06dc6-e4b5-4f28-818e-e78e62d137a5```. You should see the Windows 365 application listed in the **All Applications** view in the Enterprise application blade in Azure portal. +4. After the command completes successfully, you should be able to view details about the service principal by running the following PowerShell command: ```az ad sp show --id 0af06dc6-e4b5-4f28-818e-e78e62d137a5```. You should see Windows App listed in the **All Applications** view in the Enterprise application blade in Azure portal. -The Windows 365 App service principal can only access Azure resources necessary to configure custom image and Azure Network Connection (ANC) support in Windows 365. After it's created, the service principal can only be deleted when custom images, ANC objects and corresponding Cloud PCs using them have been deprovisioned. Otherwise, Cloud PC provisioning tasks may fail, and existing Cloud PCs may become inaccessible. +The Windows App service principal can only access Azure resources necessary to configure custom image and Azure Network Connection (ANC) support in Windows 365. After it's created, the service principal can only be deleted when custom images, ANC objects and corresponding Cloud PCs using them have been deprovisioned. Otherwise, Cloud PC provisioning tasks may fail, and existing Cloud PCs may become inaccessible. ## Get started with the Windows 365 GCC Setup Tool diff --git a/windows-365/enterprise/troubleshoot-windows-365-boot.md b/windows-365/enterprise/troubleshoot-windows-365-boot.md index 2ece1085945..a78fd5ff600 100644 --- a/windows-365/enterprise/troubleshoot-windows-365-boot.md +++ b/windows-365/enterprise/troubleshoot-windows-365-boot.md @@ -39,7 +39,7 @@ If the user can't access the Cloud PC from the Windows 365 Boot physical device, 1. Check to see if you can sign in to the Cloud PC from either: - The browser at windows365.microsoft.com. - - The Windows 365 app on another (non-Windows 365 Boot) device. + - The Windows App on another (non-Windows 365 Boot) device. 2. If a user has more than one Cloud PC, make sure they have selected a default Cloud PC to use each time they sign in. To set this default: - Navigate to https://windows365.microsoft.com. - In the card for the Cloud PC you want to set as default, select the ellipses (...) > Settings. From 187c2598f4411962880cb7d5e996318b552e5d7c Mon Sep 17 00:00:00 2001 From: David Strome <21028455+dstrome@users.noreply.github.com> Date: Mon, 30 Sep 2024 14:52:25 -0700 Subject: [PATCH 3/3] Adding Stale Workflow --- .github/workflows/Stale.yml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .github/workflows/Stale.yml diff --git a/.github/workflows/Stale.yml b/.github/workflows/Stale.yml new file mode 100644 index 00000000000..dec280f7764 --- /dev/null +++ b/.github/workflows/Stale.yml @@ -0,0 +1,19 @@ +name: (Scheduled) Mark stale pull requests + +permissions: + issues: write + pull-requests: write + +on: + schedule: + - cron: "0 */6 * * *" + workflow_dispatch: + +jobs: + stale: + uses: MicrosoftDocs/microsoft-365-docs/.github/workflows/Shared-Stale.yml@workflows-prod + with: + RunDebug: false + RepoVisibility: ${{ github.repository_visibility }} + secrets: + AccessToken: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file