Microsoft
Looking at the settings screenshot in the article, it doesn't look like it's possible to set a particular DNS-over-HTTPS DNS server system-wide for the entire machine – in order to make sure it always uses a particular encrypted-only DNS-over-HTTPS DNS server regardless of what Ethernet/Wi-Fi networks the machine connects to. If this is the case, it would be better if it had it's own separate setting – one setting that is applied everywhere – like how DNS-over-TLS is implemented on Android 9 upwards.
The main appeal of DoH/DoT is to ensure control/authenticity over the DNS requests on networks that you do not own or control. For example, if the device is connecting to someone else's Wi-Fi, such as a third-party home network, coffee shop, fast food restaurant, hotel, airport, coach, train station, etc.. Or if it is unwittingly connected to a malicious network that's pretending to be a legitimate public Wi-Fi network.
Therefore, it would be most effective if there was a single setting to set a DNS-over-HTTPS setting system-wide as the DNS provider for all networks, meaning that the machine will always be using a trusted/secure DNS provider regardless of what networks the machine joins; and not require any user configuration beyond first setting up DoH. This would ensure that whatever the network, the DNS requests from the device aren't being modified by a malicious MITM – either on a deliberately malicious network, or a network where the owner's DNS has been unknowingly hijacked by a malicious individual.
