WIP

Author: MicrosoftGuyJFlo

articles/active-directory/devices/enterprise-state-roaming-faqs.yml

@@ -7,7 +7,7 @@ metadata:
   ms.service: active-directory
   ms.subservice: devices
   ms.topic: troubleshooting
-  ms.date: 02/15/2022
+  ms.date: 02/25/2022
   ms.author: joflore
   author: MicrosoftGuyJFlo
   manager: karenhoran
@@ -33,7 +33,7 @@ sections:
           * Windows settings will always roam with the primary account.
           * App data will be tagged with the account used to acquire the app. Only apps tagged with the primary account will sync. App ownership tagging is determined when an app is side-loaded through the Windows Store or mobile device management (MDM).
           
-          If an application owner can’t be identified, it will roam with the primary account. If a device is upgraded from Windows 8 or Windows 8.1 to Windows 10, all the apps will be tagged as acquired by the Microsoft account. This is because most users acquire apps through the Windows Store, and there was no Windows Store support for Azure AD accounts prior to Windows 10. If an app is installed via an offline license, the app will be tagged using the primary account on the device.
+          If an application owner can't be identified, it will roam with the primary account. If a device is upgraded from Windows 8 or Windows 8.1 to Windows 10, all the apps will be tagged as acquired by the Microsoft account. This is because most users acquire apps through the Windows Store, and there was no Windows Store support for Azure AD accounts prior to Windows 10. If an app is installed via an offline license, the app will be tagged using the primary account on the device.
           
           > [!NOTE]
           > Windows 10 or newer devices that are enterprise-owned and are connected to Azure AD can no longer connect their Microsoft accounts to a domain account. The ability to connect a Microsoft account to a domain account and have all the user's data sync to the Microsoft account (that is, the Microsoft account roaming via the connected Microsoft account and Active Directory functionality) is removed from Windows 10 devices that are joined to a connected Active Directory or Azure AD environment.

articles/active-directory/devices/enterprise-state-roaming-troubleshooting.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: devices
 ms.topic: troubleshooting
-ms.date: 02/15/2022
+ms.date: 02/25/2022
 
 ms.author: joflore
 author: MicrosoftGuyJFlo
@@ -75,9 +75,9 @@ Enterprise State Roaming requires the device to be registered with Azure AD. Alt
 
 Under certain conditions, Enterprise State Roaming can fail to sync data if Azure AD Multi-Factor Authentication is configured. For more information on these symptoms, see the support document [KB3193683](https://support.microsoft.com/kb/3193683). 
 
-**Potential issue**: If your device is configured to require Multi-Factor Authentication on the Azure Active Directory portal, you may fail to sync settings while signing in to a Windows 10 or newer device using a password. This type of Multi-Factor Authentication configuration is intended to protect an Azure administrator account. Admin users may still be able to sync by signing in to their Windows 10 or newer devices with their Microsoft Passport for Work PIN or by completing Multi-Factor Authentication while accessing other Azure services like Microsoft 365.
+**Potential issue**: If your device is configured to require Multi-Factor Authentication on the Azure Active Directory portal, you may fail to sync settings while signing in to a Windows 10 or newer device using a password. This type of Multi-Factor Authentication configuration is intended to protect an Azure administrator account. Admin users may still be able to sync by signing in to their Windows 10 or newer devices with their Windows Hello for Business PIN or by completing Multi-Factor Authentication while accessing other Azure services like Microsoft 365.
 
-**Potential issue**: Sync can fail if the admin configures the Active Directory Federation Services Multi-Factor Authentication Conditional Access policy and the access token on the device expires. Ensure that you sign in and sign out using the Microsoft Passport for Work PIN or complete Multi-Factor Authentication while accessing other Azure services like Microsoft 365.
+**Potential issue**: Sync can fail if the admin configures the Active Directory Federation Services Multi-Factor Authentication Conditional Access policy and the access token on the device expires. Ensure that you sign in and sign out using the Windows Hello for Business PIN or complete Multi-Factor Authentication while accessing other Azure services like Microsoft 365.
 
 ### Event Viewer
 
@@ -94,15 +94,6 @@ Make sure the Windows 10 v1607 client has the August 23, 2016 Cumulative Update
 
 ---
 
-### Internet Explorer Favorites do not sync
-
-Affects devices running the Windows 10 November Update (Version 1511).
-
-**Recommended action**  
-Make sure the Windows 10 v1511 client has the July 2016 Cumulative Update ([KB3172985](https://support.microsoft.com/kb/3172985) OS Build 10586.494).
-
----
-
 ### Date, Time, and Region settings do not sync on domain-joined device 
 
 Devices that are domain-joined will not experience sync for the setting Date, Time, and Region: automatic time. Using automatic time may override the other Date, Time, and Region settings and cause those settings not to sync. 
@@ -112,15 +103,6 @@ None.
 
 ---
 
-### Sync does not work on devices that use smart card for login
-
-If you attempt to sign in to your Windows device using a smart card or virtual smart card, settings sync will stop working. 	
-
-**Recommended action**  
-None. Future updates to Windows may resolve this issue.
-
----
-
 ### Domain-joined device is not syncing after leaving corporate network 	
 
 Domain-joined devices registered to Azure AD may experience sync failure if the device is off-site for extended periods of time, and domain authentication can't complete.