WIP

MicrosoftGuyJFlo · MicrosoftGuyJFlo · commit 4fcec40cfc21 · 2022-01-26T16:49:38.000-05:00
diff --git a/articles/active-directory/devices/concept-azure-ad-join-hybrid.md b/articles/active-directory/devices/concept-azure-ad-join-hybrid.md
@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: devices
 ms.topic: conceptual
-ms.date: 06/10/2021
+ms.date: 01/26/2022
 
 ms.author: joflore
 author: MicrosoftGuyJFlo
@@ -36,12 +36,11 @@ Hybrid Azure AD joined devices require network line of sight to your on-premises
 | **Device sign in options** | Organizational accounts using: |
 |   | Password |
 |   | Windows Hello for Business for Win10 |
-| **Device management** | Group Policy |
-|   | Configuration Manager standalone or co-management with Microsoft Intune |
+| **Device management** | [Group Policy](/mem/configmgr/comanage/faq#my-environment-has-too-many-group-policy-objects-and-legacy-authenticated-apps--do-i-have-to-use-hybrid-azure-ad-) |
+|   | [Configuration Manager standalone or co-management with Microsoft Intune](/mem/configmgr/comanage/overview) |
 | **Key capabilities** | SSO to both cloud and on-premises resources |
 |   | Conditional Access through Domain join or through Intune if co-managed |
-|   | Self-service Password Reset and Windows Hello PIN reset on lock screen |
-|   | Enterprise State Roaming across devices |
+|   | [Self-service Password Reset and Windows Hello PIN reset on lock screen](../authentication/howto-sspr-windows.md) |
 
 ![Hybrid Azure AD joined devices](./media/concept-azure-ad-join-hybrid/azure-ad-hybrid-joined-device.png)
 
@@ -50,12 +49,13 @@ Hybrid Azure AD joined devices require network line of sight to your on-premises
 Use Azure AD hybrid joined devices if:
 
 - You support down-level devices running Windows 7 and 8.1.
-- You want to continue to use Group Policy to manage device configuration.
+- You want to continue to use [Group Policy](/mem/configmgr/comanage/faq#my-environment-has-too-many-group-policy-objects-and-legacy-authenticated-apps--do-i-have-to-use-hybrid-azure-ad-) to manage device configuration.
 - You want to continue to use existing imaging solutions to deploy and configure devices.
 - You have Win32 apps deployed to these devices that rely on Active Directory machine authentication.
 
 ## Next steps
 
 - [Plan your hybrid Azure AD join implementation](hybrid-azuread-join-plan.md)
+- [Co-management using Configuration Manager and Microsoft Intune](/mem/configmgr/comanage/overview)
 - [Manage device identities using the Azure portal](device-management-azure-portal.md)
 - [Manage stale devices in Azure AD](manage-stale-devices.md)
diff --git a/articles/active-directory/devices/concept-azure-ad-join.md b/articles/active-directory/devices/concept-azure-ad-join.md
@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: devices
 ms.topic: conceptual
-ms.date: 06/10/2021
+ms.date: 01/26/2022
 
 ms.author: joflore
 author: MicrosoftGuyJFlo
@@ -35,11 +35,10 @@ Any organization can deploy Azure AD joined devices no matter the size or indust
 |   | Windows Hello for Business |
 |   | FIDO2.0 security keys (preview) |
 | **Device management** | Mobile Device Management (example: Microsoft Intune) |
-|   | Co-management with Microsoft Intune and Microsoft Endpoint Configuration Manager |
+|   | [Configuration Manager standalone or co-management with Microsoft Intune](/mem/configmgr/comanage/overview) |
 | **Key capabilities** | SSO to both cloud and on-premises resources |
 |   | Conditional Access through MDM enrollment and MDM compliance evaluation |
-|   | Self-service Password Reset and Windows Hello PIN reset on lock screen |
-|   | Enterprise State Roaming across devices |
+|   | [Self-service Password Reset and Windows Hello PIN reset on lock screen](../authentication/howto-sspr-windows.md) |
 
 Azure AD joined devices are signed in to using an organizational Azure AD account. Access to resources in the organization can be further limited based on that Azure AD account and [Conditional Access policies](../conditional-access/howto-conditional-access-policy-compliant-device.md) applied to the device identity.
 
@@ -51,15 +50,15 @@ Azure AD joined devices can still maintain single sign-on access to on-premises
 
 ## Scenarios
 
-While Azure AD join is primarily intended for organizations that do not have an on-premises Windows Server Active Directory infrastructure, you can certainly use it in scenarios where:
+While Azure AD join can be used in a variety of scenarios like:
 
 - You want to transition to cloud-based infrastructure using Azure AD and MDM like Intune.
 - You can’t use an on-premises domain join, for example, if you need to get mobile devices such as tablets and phones under control.
 - Your users primarily need to access Microsoft 365 or other SaaS apps integrated with Azure AD.
 - You want to manage a group of users in Azure AD instead of in Active Directory. This scenario can apply, for example, to seasonal workers, contractors, or students.
-- You want to provide joining capabilities to workers in remote branch offices with limited on-premises infrastructure.
+- You want to provide joining capabilities to workers who work from home or are in remote branch offices with limited on-premises infrastructure.
 
-You can configure Azure AD joined devices for all Windows 10 devices except for Windows 10 Home.
+You can configure Azure AD join for all Windows 10 devices except for Windows 10 Home.
 
 The goal of Azure AD joined devices is to simplify:
 
@@ -79,6 +78,7 @@ Azure AD Join can be deployed by using any of the following methods:
 ## Next steps
 
 - [Plan your Azure AD join implementation](azureadjoin-plan.md)
+- [Co-management using Configuration Manager and Microsoft Intune](/mem/configmgr/comanage/overview)
 - [How to manage the local administrators group on Azure AD joined devices](assign-local-admin.md)
 - [Manage device identities using the Azure portal](device-management-azure-portal.md)
 - [Manage stale devices in Azure AD](manage-stale-devices.md)
diff --git a/articles/active-directory/devices/concept-azure-ad-register.md b/articles/active-directory/devices/concept-azure-ad-register.md
@@ -1,12 +1,12 @@
 ---
 title: What are Azure AD registered devices?
-description: Learn how Azure AD registered devices provide your users with support for the Bring Your Own Device (BYOD) or mobile device scenarios.
+description: Learn how Azure AD registered devices provide your users with support for bring your own device (BYOD) or mobile device scenarios.
 
 services: active-directory
 ms.service: active-directory
 ms.subservice: devices
 ms.topic: conceptual
-ms.date: 06/09/2021
+ms.date: 01/26/2022
 
 ms.author: joflore
 author: MicrosoftGuyJFlo
@@ -17,7 +17,7 @@ ms.collection: M365-identity-device-management
 ---
 # Azure AD registered devices
 
-The goal of Azure AD registered devices is to provide your users with support for the bring your own device (BYOD) or mobile device scenarios. In these scenarios, a user can access your organization’s resources using a personal device.
+The goal of Azure AD registered devices is to provide your users with support for bring your own device (BYOD) or mobile device scenarios. In these scenarios, a user can access your organization’s resources using a personal device.
 
 | Azure AD Registered | Description |
 | --- | --- |
