endpoint manager rebranding

Author: MandiOhlinger

articles/active-directory/app-proxy/active-directory-app-proxy-protect-ndes.md

@@ -81,7 +81,7 @@ Azure AD Application Proxy is built on Azure. It gives you a massive amount of n
 
 1. You should see an **HTTP Error 403 – Forbidden** response.
 
-1. Change the NDES URL provided (via Microsoft Intune) to devices. This change could either be in Microsoft Endpoint Configuration Manager or the Microsoft Endpoint Manager admin center.
+1. Change the NDES URL provided (via Microsoft Intune) to devices. This change could either be in Microsoft Configuration Manager or the Microsoft Intune admin center.
 
    * For Configuration Manager, go to the certificate registration point and adjust the URL. This URL is what devices call out to and present their challenge.
    * For Intune standalone, either edit or create a new SCEP policy and add the new URL.

articles/active-directory/authentication/active-directory-certificate-based-authentication-get-started.md

@@ -121,7 +121,7 @@ The EAS profile must contain the following information:
 
 - The EAS endpoint (for example, outlook.office365.com)
 
-An EAS profile can be configured and placed on the device through the utilization of Mobile device management (MDM) such as Microsoft Endpoint Manager or by manually placing the certificate in the EAS profile on the device.
+An EAS profile can be configured and placed on the device through the utilization of Mobile device management (MDM) such as Microsoft Intune or by manually placing the certificate in the EAS profile on the device.
 
 ### Testing EAS client applications on Android
 

articles/active-directory/authentication/concept-password-ban-bad-combined-policy.md

@@ -46,7 +46,7 @@ Password expiration policies are unchanged but they're included in this topic fo
 
 You can also use PowerShell to remove the never-expires configuration, or to see user passwords that are set to never expire.
 
-The following expiration requirements apply to other providers that use Azure AD for identity and directory services, such as Microsoft Endpoint Manager and Microsoft 365. 
+The following expiration requirements apply to other providers that use Azure AD for identity and directory services, such as Microsoft Intune and Microsoft 365. 
 
 | Property | Requirements |
 | --- | --- |

articles/active-directory/authentication/concept-resilient-controls.md

@@ -61,7 +61,7 @@ Incorporate the following access controls in your existing Conditional Access po
 
 - Provision multiple authentication methods for each user that rely on different communication channels, for example the Microsoft Authenticator app (internet-based), OATH token (generated on-device), and SMS (telephonic). The following PowerShell script will help you identify in advance, which additional methods your users should register: [Script for Azure AD MFA authentication method analysis](/samples/azure-samples/azure-mfa-authentication-method-analysis/azure-mfa-authentication-method-analysis/).
 - Deploy Windows Hello for Business on Windows 10 devices to satisfy MFA requirements directly from device sign-in.
-- Use trusted devices via [Azure AD Hybrid Join](../devices/overview.md) or [Microsoft Endpoint Manager](/intune/planning-guide). Trusted devices will improve user experience because the trusted device itself can satisfy the strong authentication requirements of policy without an MFA challenge to the user. MFA will then be required when enrolling a new device and when accessing apps or resources from untrusted devices.
+- Use trusted devices via [Azure AD Hybrid Join](../devices/overview.md) or [Microsoft Intune](/intune/planning-guide). Trusted devices will improve user experience because the trusted device itself can satisfy the strong authentication requirements of policy without an MFA challenge to the user. MFA will then be required when enrolling a new device and when accessing apps or resources from untrusted devices.
 - Use Azure AD identity protection risk-based policies that prevent access when the user or sign-in is at risk in place of fixed MFA policies.
 - If you are protecting VPN access using Azure AD MFA NPS extension, consider federating your VPN solution as a [SAML app](../manage-apps/view-applications-portal.md) and determine the app category as recommended below. 
 

articles/active-directory/authentication/howto-authentication-passwordless-deployment.md

@@ -216,13 +216,13 @@ There are three types of passwordless sign-in deployments available with securit
 
 Enabling Windows 10 sign-in using FIDO2 security keys requires you to enable the credential provider functionality in Windows 10. Choose one of the following:
 
-* [Enable credential provider with Microsoft Endpoint Manager](howto-authentication-passwordless-security-key-windows.md)
+* [Enable credential provider with Microsoft Intune](howto-authentication-passwordless-security-key-windows.md)
 
-  * We recommend Microsoft Endpoint Manager deployment.
+  * We recommend Microsoft Intune deployment.
 
 * [Enable credential provider with a provisioning package](howto-authentication-passwordless-security-key-windows.md)
 
-  * If Microsoft Endpoint Manager deployment isn't possible, administrators must deploy a package on each machine to enable the credential provider functionality. The package installation can be carried out by one of the following options:
+  * If Microsoft Intune deployment isn't possible, administrators must deploy a package on each machine to enable the credential provider functionality. The package installation can be carried out by one of the following options:
     * Group Policy or Configuration Manager
     * Local installation on a Windows 10 machine
 

articles/active-directory/authentication/howto-authentication-passwordless-security-key-windows.md

@@ -31,7 +31,7 @@ This document focuses on enabling FIDO2 security key based passwordless authenti
 | [Hybrid Azure AD joined devices](../devices/concept-azure-ad-join-hybrid.md) require Windows 10 version 2004 or higher |   | X |
 | Fully patched Windows Server 2016/2019 Domain Controllers. |   | X |
 | [Azure AD Hybrid Authentication Management module](https://www.powershellgallery.com/packages/AzureADHybridAuthenticationManagement/2.1.1.0) |   | X |
-| [Microsoft Endpoint Manager](/intune/fundamentals/what-is-intune) (Optional) | X | X |
+| [Microsoft Intune](/intune/fundamentals/what-is-intune) (Optional) | X | X |
 | Provisioning package (Optional) | X | X |
 | Group Policy (Optional) |   | X |
 
@@ -58,8 +58,8 @@ Hybrid Azure AD joined devices must run Windows 10 version 2004 or newer.
 
 Organizations may choose to use one or more of the following methods to enable the use of security keys for Windows sign-in based on their organization's requirements:
 
-- [Enable with Endpoint Manager](#enable-with-endpoint-manager)
-- [Targeted Endpoint Manager deployment](#targeted-endpoint-manager-deployment)
+- [Enable with Microsoft Intune](#enable-with-microsoft-intune)
+- [Targeted Microsoft Intune deployment](#targeted-intune-deployment)
 - [Enable with a provisioning package](#enable-with-a-provisioning-package)
 - [Enable with Group Policy (Hybrid Azure AD joined devices only)](#enable-with-group-policy)
 
@@ -68,21 +68,21 @@ Organizations may choose to use one or more of the following methods to enable t
 >
 > Organizations with **Azure AD joined devices** must do this before their devices can authenticate to on-premises resources with FIDO2 security keys.
 
-### Enable with Endpoint Manager
+### Enable with Microsoft Intune
 
-To enable the use of security keys using Endpoint Manager, complete the following steps:
+To enable the use of security keys using Intune, complete the following steps:
 
-1. Sign in to the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com).
+1. Sign in to the [Microsoft Intune admin center](https://endpoint.microsoft.com).
 1. Browse to **Devices** > **Enroll Devices** > **Windows enrollment** > **Windows Hello for Business**.
 1. Set **Use security keys for sign-in** to **Enabled**.
 
 Configuration of security keys for sign-in isn't dependent on configuring Windows Hello for Business.
 
-### Targeted Endpoint Manager deployment
+### Targeted Intune deployment
 
-To target specific device groups to enable the credential provider, use the following custom settings via Endpoint Manager:
+To target specific device groups to enable the credential provider, use the following custom settings via Intune:
 
-1. Sign in to the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com).
+1. Sign in to the [Microsoft Intune admin center](https://endpoint.microsoft.com).
 1. Browse to **Devices** > **Windows** > **Configuration profiles** > **Create profile**.
 1. Configure the new profile with the following settings:
    - Platform: Windows 10 and later
@@ -95,11 +95,11 @@ To target specific device groups to enable the credential provider, use the foll
       - OMA-URI: ./Device/Vendor/MSFT/PassportForWork/SecurityKey/UseSecurityKeyForSignin
       - Data Type: Integer
       - Value: 1
-1. The remainder of the policy settings include assigning to specific users, devices, or groups. For more information, see [Assign user and device profiles in Microsoft Endpoint Manager](/intune/device-profile-assign).
+1. The remainder of the policy settings include assigning to specific users, devices, or groups. For more information, see [Assign user and device profiles in Microsoft Intune](/intune/device-profile-assign).
 
 ### Enable with a provisioning package
 
-For devices not managed by Microsoft Endpoint Manager, a provisioning package can be installed to enable the functionality. The Windows Configuration Designer app can be installed from the [Microsoft Store](https://www.microsoft.com/p/windows-configuration-designer/9nblggh4tx22). Complete the following steps to create a provisioning package:
+For devices not managed by Microsoft Intune, a provisioning package can be installed to enable the functionality. The Windows Configuration Designer app can be installed from the [Microsoft Store](https://www.microsoft.com/p/windows-configuration-designer/9nblggh4tx22). Complete the following steps to create a provisioning package:
 
 1. Launch the Windows Configuration Designer.
 1. Select **File** > **New project**.

articles/active-directory/authentication/howto-sspr-deployment.md

@@ -264,7 +264,7 @@ To enable your support team's success, you can create a FAQ based on questions y
 | User isn't receiving a text or call on their office or cell phone| A user is trying to verify their identity via text or call but isn't receiving a text/call. |
 | User can't access the password reset portal| A user wants to reset their password but isn't enabled for password reset and can't access the page to update passwords. |
 | User can't set a new password| A user completes verification during the password reset flow but can't set a new password. |
-| User doesn't see a Reset Password link on a Windows 10 device| A user is trying to reset password from the Windows 10 lock screen, but the device is either not joined to Azure AD, or the Microsoft Endpoint Manager device policy isn't enabled |
+| User doesn't see a Reset Password link on a Windows 10 device| A user is trying to reset password from the Windows 10 lock screen, but the device is either not joined to Azure AD, or the Microsoft Intune device policy isn't enabled |
 
 ### Plan rollback
 

articles/active-directory/authentication/howto-sspr-windows.md

@@ -70,13 +70,13 @@ To configure a Windows 11 or 10 device for SSPR at the sign-in screen, review th
     - Azure AD joined
     - Hybrid Azure AD joined
 
-### Enable for Windows 11 and 10 using Microsoft Endpoint Manager
+### Enable for Windows 11 and 10 using Microsoft Intune
 
-Deploying the configuration change to enable SSPR from the login screen using Microsoft Endpoint Manager is the most flexible method. Microsoft Endpoint Manager allows you to deploy the configuration change to a specific group of machines you define. This method requires Microsoft Endpoint Manager enrollment of the device.
+Deploying the configuration change to enable SSPR from the login screen using Microsoft Intune is the most flexible method. Microsoft Intune allows you to deploy the configuration change to a specific group of machines you define. This method requires Microsoft Intune enrollment of the device.
 
-#### Create a device configuration policy in Microsoft Endpoint Manager
+#### Create a device configuration policy in Microsoft Intune
 
-1. Sign in to the [Azure portal](https://portal.azure.com) and select **Endpoint Manager**.
+1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
 1. Create a new device configuration profile by going to **Device configuration** > **Profiles**, then select **+ Create Profile**
    - For **Platform** choose *Windows 10 and later*
    - For **Profile type**, choose Templates then select the Custom template below
@@ -93,7 +93,7 @@ Deploying the configuration change to enable SSPR from the login screen using Mi
     Select **Add**, then **Next**.
 1. The policy can be assigned to specific users, devices, or groups. Assign the profile as desired for your environment, ideally to a test group of devices first, then select **Next**.
 
-    For more information, see [Assign user and device profiles in Microsoft Microsoft Endpoint Manager](/mem/intune/configuration/device-profile-assign).
+    For more information, see [Assign user and device profiles in Microsoft Microsoft Intune](/mem/intune/configuration/device-profile-assign).
 
 1. Configure applicability rules as desired for your environment, such as to *Assign profile if OS edition is Windows 10 Enterprise*, then select **Next**.
 1. Review your profile, then select **Create**.

articles/active-directory/develop/apple-sso-plugin.md

@@ -105,7 +105,7 @@ The SSO plug-in is installed automatically by devices that have:
 * Downloaded the Authenticator app on iOS or iPadOS, or downloaded the Intune Company Portal app on macOS.
 * Registered their device with your organization. 
 
-Your organization likely uses the Authenticator app for scenarios like multifactor authentication (MFA), passwordless authentication, and conditional access. By using an MDM provider, you can turn on the SSO plug-in for your applications. Microsoft has made it easy to configure the plug-in inside the Microsoft Endpoint Manager in Intune. An allowlist is used to configure these applications to use the SSO plug-in.
+Your organization likely uses the Authenticator app for scenarios like multifactor authentication (MFA), passwordless authentication, and conditional access. By using an MDM provider, you can turn on the SSO plug-in for your applications. Microsoft has made it easy to configure the plug-in using Microsoft Intune. An allowlist is used to configure these applications to use the SSO plug-in.
 
 >[!IMPORTANT]
 > The Microsoft Enterprise SSO plug-in supports only apps that use native Apple network technologies or webviews. It doesn't support applications that ship their own network layer implementation.  

articles/active-directory/devices/azureadjoin-plan.md

@@ -110,7 +110,7 @@ There are two approaches for managing Azure AD joined devices:
 - **MDM-only** - A device is exclusively managed by an MDM provider like Intune. All policies are delivered as part of the MDM enrollment process. For Azure AD Premium or EMS customers, MDM enrollment is an automated step that is part of an Azure AD join.
 - **Co-management** -  A device is managed by an MDM provider and Microsoft Endpoint Configuration Manager. In this approach, the Microsoft Endpoint Configuration Manager agent is installed on an MDM-managed device to administer certain aspects.
 
-If you're using Group Policies, evaluate your GPO and MDM policy parity by using [Group Policy analytics](/mem/intune/configuration/group-policy-analytics) in Microsoft Endpoint Manager. 
+If you're using Group Policies, evaluate your GPO and MDM policy parity by using [Group Policy analytics](/mem/intune/configuration/group-policy-analytics) in Microsoft Intune. 
 
 Review supported and unsupported policies to determine whether you can use an MDM solution instead of Group policies. For unsupported policies, consider the following questions: