BWDC - Schedule a Sync w/ Task Scheduler (#797)

* initial draft

* remove contact

* upgrade free org information

* corrections to syncing AD by AU

_articles/directory-connector/azure-active-directory.md

@@ -36,9 +36,11 @@ Complete the following steps to grant the created app registration the required
    - User > User.ReadBasic.All (Read all users' basic profiles)
    - User > User.Read.All (Read all users' full profiles)
    - Group > Group.Read.All (Read all groups)
+   - AdministrativeUnit > AdministrativeUnit.Read.All (Only required if you'll be syncing [Administrative Units](#specify-sync-filters))
 5. Set the following **Application Permissions**:
    - User > User.Read.All (Read all users' full profiles)
    - Group > Group.Read.All (Read all groups)
+   - AdministrativeUnit > Administrative.Unit.Read.All (Only required if you'll be syncing [Administrative Units](#specify-sync-filters))
 6. Back on the API Permissions page, select the **Grant admin consent for...** button.
 
 ### Create App Secret Key
@@ -142,12 +144,12 @@ exclude:Group A,Group B
 
 ##### Group by Administrative Unit (AU)
 
-You can include or exclude groups from a sync based on their tagged [Azure Active Directory Administrative Units (AUs)](https://docs.microsoft.com/en-us/azure/active-directory/roles/administrative-units){:target="\_blank"} by using the `includeadministrativeunit` and `excludeadministrativeunit` keywords. `includeadministrativeunit` and `excludeadministrativeunit` use the name of the Administrative Unit:
+You can include or exclude groups from a sync based on their tagged [Azure Active Directory Administrative Units (AUs)](https://docs.microsoft.com/en-us/azure/active-directory/roles/administrative-units){:target="\_blank"} by using the `includeadministrativeunit` and `excludeadministrativeunit` keywords. `includeadministrativeunit` and `excludeadministrativeunit` use the **Object ID** of the Administrative Unit:
 ```
-includeadministrativeunit:bitwarden
+includeadministrativeunit:7ckcq6e5-d733-4b96-be17-5bad81fe679d
 ```
 ```
-excludeadministrativeunit:not-bitwarden
+excludeadministrativeunit:7ckcq6e5-d733-4b96-be17-5bad81fe679d
 ```
 
 ## Test a Sync

_articles/directory-connector/schedule-directory-sync.md

@@ -9,11 +9,22 @@ order: "07"
 description: "Learn how to use a cronjob to schedule Bitwarden Directory Connector syncs of users and groups."
 ---
 
-For Organizations using the Directory Connector CLI, automatic syncs can be scheduled on defined intervals as an alternative to using the Desktop Applications **Interval** setting. This is particularly useful in headless environments, on in circumstances where a Desktop Application cannot be left running in the background.
+For Organizations using the Directory Connector CLI, automatic syncs can be scheduled on defined intervals as an alternative to using the Desktop Applications **Interval** setting. This is particularly useful in headless environments, or in circumstances where a Desktop Application cannot be left running in the background.
 
-## Cron
+To schedule syncs, use **Cron** in Unix-like environments including Linux and MacOS, and use **Task Scheduler** in Windows environments:
 
-In Unix-like environments, including Linux and macOS, use cron to schedule Directory Connector sync jobs:
+<ul class="nav nav-tabs" id="myTab" role="tablist">
+  <li class="nav-item" role="presentation">
+    <a class="nav-link active" id="crontab" data-bs-toggle="tab" data-target="#cron" role="tab" aria-controls="crontab" aria-selected="true">Cron</a>
+  </li>
+  <li class="nav-item" role="presentation">
+    <a class="nav-link" id="tstab" data-bs-toggle="tab" data-target="#ts" role="tab" aria-controls="tstab" aria-selected="false">Task Scheduler</a>
+  </li>
+</ul>
+
+<div class="tab-content" id="clientsContent">
+  <div class="tab-pane show active" id="cron" role="tabpanel" aria-labelledby="crontab">
+{% capture cap_cron %}
 
 ### Cron Permissions
 
@@ -23,7 +34,7 @@ In order to continue, you will also need your Organization's [API Key]({{site.ba
 
 ### Setup a Sync Script
 
-In order avoid session timeouts, we recommend creating a shell script to run through cron. This script should securely read your `client_secret` to complete the login, and run a `bwdc sync` command that writes output to `bwdc.log`. If you need help creating a sync script, [Contact Us](https://bitwarden.com/contact).
+In order avoid session timeouts, we recommend creating a shell script to run through cron. This script should securely read your `client_secret` to complete the login, and run a `bwdc sync` command that writes output to `bwdc.log`.
 
 {% comment %}
 ```
@@ -79,3 +90,39 @@ If you're not yet comfortable with cron job scheduling expressions, check out [h
 
 Please note, this is a third-party resource that is not operated or maintained by Bitwarden.
 {% endcallout %}
+
+{% endcapture %}
+{{ cap_cron | markdownify }}
+  </div>
+  <div class="tab-pane" id="ts" role="tabpanel" aria-labelledby="tstab">
+{% capture cap_ts %}
+
+### Task Scheduler Permissions
+
+When running a task, we recommend doing so as a dedicated Directory Connector user. Create a `bwdc` user if you haven't already.
+
+In order to continue, you will also need your Organization's [API Key]({{site.baseurl}}/article/public-api/#authentication) `client_id` and `client_secret`, which can be obtained by an Organization **Owner** from the Web Vault by navigating to Organization **Settings** &rarr; **My Organization**.
+
+### Setup a Sync Script
+
+In order to avoid session timeouts, you'll need to create a script to run as the Task Scheduler Action. This script should securely read your `client_secret` to complete the login, and run a `bwdc sync` command that writes output to `bwdc.log`.
+
+### Create a Task
+
+As the dedicated `bwdc` user:
+
+1. Open Task Scheduler and select **Create Task** from the Actions menu.
+2. Configure the task with the following Security options:
+
+   - Set the task to use the created `bwdc` user.
+   - Set the task to **Run whether user is logged on or not**.
+3. Select the **Triggers** tab and select the **New...** button to create a trigger that fits your directory sync needs.
+
+   {% callout success %}For example, you could create a Weekly Trigger that runs at 8:00 PM every Sunday or every week:<br><br>{% image directory-connector/taskscheduler-trigger.png %}{% endcallout %}
+4. Select the **Actions** tab and select the **New...** button to create an Action that runs the [created sync script](#setup-a-sync-script).
+5. Select **OK** to finish creating the scheduled task.
+
+{% endcapture %}
+{{ cap_ts | markdownify }}
+  </div>
+</div>

_articles/faqs/org-faqs.md

@@ -65,6 +65,12 @@ Like with any software, running old versions may present a security risk.
 2. Select the **Download License** button to download a license with the updated Organization name.
 3. [Upload the new license]({{site.baseurl}}/article/licensing-on-premise/#organization-license) to your self-hosted server.
 
+### Q: How do I upgrade my Free Organization?
+
+**A**: If you want to upgrade to a paid Organization to unlock [lots of additional features]({{site.baseurl}}/article/about-bitwarden-plans/), navigate to your Organization **Settings** → **Subscription** view and select the **Upgrade Plan** button:
+
+{% image plans-and-pricing/upgrade-org.png Upgrade your Organization %}
+
 ## Sharing with an Organization
 
 ### Q: How do I "unshare" an item from my Organization?

_articles/getting-started/getting-started-organizations.md

@@ -156,4 +156,6 @@ This new item will be accessible to both yourself and the other Organization use
 
 ## Congratulations!
 
-You've setup your new Bitwarden accounts, created an Organization, learned a bit about your Vaults, and shared an item! Nice work!
+You've setup your new Bitwarden accounts, created an Organization, learned a bit about your Vaults, and shared an item! Nice work! If you want to upgrade to a paid Organization to unlock [lots of additional features]({{site.baseurl}}/article/about-bitwarden-plans/), navigate to your Organization **Settings** → **Subscription** view and select the **Upgrade Plan** button:
+
+{% image plans-and-pricing/upgrade-org.png Upgrade your Organization %}

_articles/plans-and-pricing/upgrade-from-individual-to-org.md

@@ -11,6 +11,10 @@ description: "Learn how to add an Organization subscription to your individual B
 ---
 This article will guide existing individual Bitwarden users ([**Free**]({{site.baseurl}}/article/about-bitwarden-plans/#free-individual) or [**Premium**]({{site.baseurl}}/article/about-bitwarden-plans/#premium-individual)) through the process of transitioning to an Organizations plan ([**Free**]({{site.baseurl}}/article/about-bitwarden-plans/#free-organizations), [**Families**]({{site.baseurl}}/article/about-bitwarden-plans/#families-organizations), [**Teams**]({{site.baseurl}}/article/about-bitwarden-plans/#teams-organizations), or [**Enterprise**]({{site.baseurl}}/article/about-bitwarden-plans/#enterprise-organizations)) in order to start securely sharing data from Organizations with friends, family, co-workers, a department, or an entire company.
 
+{% callout success %}
+If you're looking for how to upgrade an existing Free Organization to a paid Organization, see [this FAQ item]({{site.baseurl}}/article/org-faqs/#q-how-do-i-upgrade-my-free-organization) instead.
+{% endcallout %}
+
 ## Start Your Organization
 
 Complete the following steps to start your Organization: