Your bookmarks are wrong. Your runbooks are wrong. And if your helpdesk has step-by-step guides for managing Cloud PCs in Microsoft Intune, those are wrong too.

Microsoft has shipped the generally available version of the Windows 365 navigation reorganization in the Microsoft Intune admin center — effective the week of April 6, 2026. The change is purely structural: no features were removed, no RBAC permissions changed, no Cloud PCs were affected. But the paths your team uses every day to get to provisioning policies, Azure Network Connections, and Cloud PC settings have all moved.

Here is exactly what changed and what you need to do about it.

Key Takeaways

  • The old Devices > Device onboarding > Windows 365 entry point is gone. The new home is Devices > Manage Windows 365 Cloud PCs.
  • A dedicated “Provision Cloud PCs” section now groups provisioning policies, custom images, and Azure Network Connections.
  • Governance-level settings — Cloud PC alerts, encryption type, maintenance windows, and partner connectors — have moved to a new “Windows 365 administration” section under Tenant Administration.
  • Nothing functional changed. RBAC, Conditional Access, compliance, provisioning behavior, and Cloud PC sessions are unaffected.
  • Your action list: update bookmarks, revise documentation, brief helpdesk, and audit custom RBAC roles.

What the Old Navigation Looked Like

Until this week, Windows 365 management lived under Devices > Device onboarding > Windows 365. This placement made sense when Windows 365 was a newer, smaller feature being grafted onto the existing Intune admin center. But as Windows 365 has grown into a production workload for thousands of organizations, the “Device onboarding” label stopped accurately describing what IT admins were actually doing there.

The sub-navigation under that entry point was also flat — everything from provisioning policies to Cloud PC settings to Azure Network Connections lived in a single-level list.

The New Navigation Structure

Devices > Manage Windows 365 Cloud PCs

This is the primary home for Cloud PC management. The section uses a vertical navigation menu with the following items:

  • Overview — at-a-glance status of your Cloud PC estate
  • All Cloud PCs — the main device list, now with automatic refresh every five minutes, plus improved filtering, searching, and sorting
  • All Cloud Apps — app management for Cloud PC environments
  • Settings — organization-wide Cloud PC configuration

Provision Cloud PCs

A dedicated sub-section for provisioning and infrastructure:

  • Provisioning policies — previously a top-level item, now grouped logically with the resources it depends on
  • Custom images — gallery and custom image management
  • Azure Network Connections — ANC health monitoring and configuration

Grouping these three together is the right call. When you’re setting up a new provisioning policy, you almost always need to reference custom images and ANC configuration in the same workflow. Previously, you were bouncing between different parts of the nav to do it.

Tenant Administration > Windows 365 Administration (New)

This is the most important change to document for your team. The following settings have moved out of the primary Cloud PC management area and into a new section under Tenant Administration:

  • Cloud PC encryption type
  • Cloud PC alerts
  • Cloud PC maintenance windows
  • Partner connectors

These are governance and organizational policy settings — not day-to-day device management — so placing them under Tenant Administration is architecturally correct. But it means admins who previously navigated to these settings from the Windows 365 section will need to know to look in a different top-level area.

What Has Not Changed

Before your team starts filing tickets, be clear on what is unaffected:

RBAC and permissions: No changes. The built-in Cloud PC Administrator and Cloud PC Reader roles continue to work exactly as before. If you have custom RBAC roles, verify that they have appropriate access across both the new Devices section and the Tenant Administration section — but the underlying permissions model is unchanged.

Conditional Access: Policies targeting Cloud PCs are configured under Endpoint Security, not the Windows 365 section. Nothing here has moved.

Provisioning behavior: Provisioning policies, assignments, and Cloud PC creation workflows behave identically. The settings are in a new location; the logic behind them is not.

Compliance policies: Device compliance continues to apply to Cloud PCs using the same mechanisms as physical devices. If you recently adopted the improvement that evaluates compliance during Cloud PC provisioning, none of that configuration has changed — the navigation for compliance policies lives under Endpoint Security, not the Windows 365 section.

Scope tags: Visibility controls work exactly as before.

Cloud PC sessions: End users notice nothing. This change is entirely admin-side.

What You Actually Need to Do

1. Update Bookmarks and Shortcuts

Any direct-URL bookmarks to the old “Device onboarding > Windows 365” path are now stale. Update them to the new Devices section and, where applicable, the Tenant Administration section for governance settings.

2. Revise Runbooks and SOPs

Every standard operating procedure that walks an admin through Cloud PC provisioning, ANC health checks, or maintenance window configuration contains wrong navigation instructions. Prioritize:

  • Provisioning new Cloud PCs
  • Troubleshooting ANC health
  • Configuring maintenance windows (now under Tenant Administration)
  • Onboarding helpdesk staff to Cloud PC management

3. Brief Your Helpdesk

If your helpdesk uses step-by-step guides to troubleshoot or manage Cloud PCs, those guides are broken. A five-minute briefing or an updated one-pager prevents a wave of “I can’t find it” tickets from your own support team.

4. Review Custom RBAC Roles

Organizations using custom RBAC roles should verify that those roles provide appropriate access across both the Devices section (Manage Windows 365 Cloud PCs) and the Tenant Administration section (Windows 365 administration). The permission model is unchanged, but the navigation surfaces both areas separately now.

5. Do Not Update Conditional Access or Compliance Policies

These are unaffected. Leave them alone.

Why This Reorganization Matters Beyond the Navigation Change

This is not just housekeeping. It is a signal.

Microsoft has now elevated Windows 365 to the same navigation tier as Endpoint Security and App Management — dedicated sections with their own logical hierarchy, not features buried under a generic label like “Device onboarding.” The reorganization follows the same pattern Microsoft used when those other management domains matured from features to first-class platform capabilities.

For IT decision-makers, this matters because it affects long-term planning. An organization considering Windows 365 adoption today is looking at a platform Microsoft is actively investing in and positioning as a primary workload in Intune — not an add-on. The navigation architecture reflects that commitment.

For IT administrators managing Windows 365 today, it means the admin center experience will continue to evolve. Building operational habits around the new structure now — rather than waiting for it to become unfamiliar — is worth the short-term friction.

Ready to Optimize Your Windows 365 Environment?

Big Hat Group helps organizations design, deploy, and manage Windows 365 environments — from initial architecture through day-to-day operational support. Whether you’re mid-deployment, evaluating Frontline for a distributed workforce, or looking to tighten your Intune configuration, we bring hands-on expertise to every engagement.

Contact Big Hat Group to discuss your Windows 365 strategy, or explore our Windows 365 services to see how we help IT teams move faster with confidence.

Looking for more Windows 365 guidance? See how Windows 365 Frontline dedicated Cloud PCs now support resize without reprovisioning, or review how compliance is now evaluated during Cloud PC provisioning — both are recent changes worth understanding alongside this navigation update.

Big Hat Group is a Microsoft partner specializing in modern endpoint management, Windows 365, and Microsoft 365 deployments. This post is part of our ongoing Windows 365 coverage.