It appears they don't care about those people. Windows is not the product.
If you are not consuming their cloud product AND providing a stream of your telemetry data for them to monetize, you are of no value to MS and so invisible.
Microsoft will give them whatever they request. When you spend that much money you can just ask for a custom build. I would imagine that NSA TAO and other such parts of the USG are provided access to much of the Windows source already.
Microsoft and US intelligence and the US armed forces are practically vertically integrated at this point, they are the Lockheed of software.
I remember seeing "Windows is a service" update popups in my Windows 10 VM. That was the last straw before I went out of my way and disabled the deliberate RCE^W^W Windows Update services completely.
They will force it, probably. I think for enterprise edition, they will allow it.
Also, guys be ready to make your phone number ready because Microsoft seems to require it. They have successfully impinged their tentacles on people's privacy.
Click "Setup for Work or School", then click "Domain Join instead". Since they don't want to figure out a way to expose DNS settings in OOBE (that you might need to discover a domain controller), they just ask you to set up a local administrator account and assume you'll complete the join at the desktop.
This is how I've always setup 10 and 11 Pro, I never knew about the whole unplug the ethernet method. I knew that was required for Home, but not Pro.
If you are not consuming their cloud product AND providing a stream of your telemetry data for them to monetize, you are of no value to MS and so invisible.