Merging changes synced from https://github.com/MicrosoftDocs/SupportArticles-docs-pr (branch live)

Author: Learn Build Service GitHub App

support/azure/virtual-machines/linux/how-to-display-encryption-settings-with-azure-resource-explorer.md

@@ -0,0 +1,96 @@
+---
+title: How to display encryption settings on Azure Linux Virtual Machines
+description: Learn how to visualize encryption settings stamped on a disk or VM after Azure Disk Encryption (ADE) is deployed.
+author: elicorme
+ms.author: elcorral
+ms.date: 01/20/2025
+ms.reviewer: divargas
+ms.service: azure-virtual-machines
+ms.custom: linux-related-content
+ms.topic: troubleshooting
+ms.collection: linux
+---
+
+# How to display encryption settings on Azure Linux Virtual Machines
+
+**Applies to:** :heavy_check_mark: Linux VMs
+
+When Azure Disk Encryption (ADE) is enabled on an Azure Linux Virtual Machine (VM), encryption settings are configured at a platform level to either the disk object or the VM object. This guide shows how to visualize these encryption settings after ADE is deployed.
+
+## Prerequisites
+
+- Access to [the Azure portal Resource Explorer](https://portal.azure.com/?feature.customportal=false#view/HubsExtension/ArmExplorerBlade)
+- Access to [Azure web Resource Explorer](https://resources.azure.com/)
+
+## How to identify the ADE extension version
+
+You can identify the ADE version in the Azure portal. To do this, open the properties of the VM, and then select `Extensions` to open the `Extensions` blade. On the `Extensions` blade, view the version number of **AzureDiskEncryptionForLinux**.
+
+- If the version number is `0.*`, the disk uses **dual-pass encryption**.
+- If the version number is `1.*` or a later version, the disk uses **single-pass encryption**.
+
+If ADE single-pass is used, the extension process stamps the encryption settings on the disk object itself. If ADE dual-pass is used, encryption settings are stamped on the VM object.
+
+> [!NOTE]
+> We recommend that you use single-pass encryption instead of dual-pass encryption.
+
+## <a id="portal"> </a> Verify ADE encryption settings through Azure portal
+
+1. Log in to your subscription in [the Azure portal](https://portal.azure.com)
+2. Search for "Resource Explorer" on the search bar.
+
+    :::image type="content" source="./media/how-to-display-encryption-settings-in-azure-vms/searchresourceexplorerportal.png" alt-text="Portal search bar":::
+
+3. Select the "Resource Explorer" icon.
+4. Select the subscription that you want to review.
+5. Locate the disk that you want to review by using either by the resource group path or the provider path.
+
+    :::image type="content" source="./media/how-to-display-encryption-settings-in-azure-vms/providersrgs.png" alt-text="Provider and resource groups view":::
+
+    :::image type="content" source="./media/how-to-display-encryption-settings-in-azure-vms/compute.jpeg" alt-text="Disk selected":::
+
+6. After the disk is selected, the corresponding JSON metadata is shown in the right panel. The encryption settings block is enclosed inside the `encryptionSettingsCollection` key. It resembles the following code:
+
+    ```json
+    "encryptionSettingsCollection": {
+        "enabled": true,
+        "encryptionSettings": [
+            {
+                "diskEncryptionKey": {
+                    "sourceVault": {
+                        "id": "/subscriptions/12345678-1234-4321-5678-987654321987/resourceGroups/RGName/providers/Microsoft.KeyVault/vaults/KeyvaultName"
+                    },
+                    "secretUrl": "https://kevaultName.vault.azure.net/secrets/12345678-1234-4321-5678-987654321987/12345678998765432112345678998765"
+                },
+                "keyEncryptionKey": {
+                    "sourceVault": {
+                        "id": "/subscriptions/12345678-1234-4321-5678-987654321987/resourceGroups/RGName/providers/Microsoft.KeyVault/vaults/KeyvaultName"
+                    },
+                    "keyUrl": "https://kevaultName.vault.azure.net/keys/kek/"
+                }
+            }
+        ],
+        "encryptionSettingsVersion": "1.1"
+    }
+    ```
+
+- `encryptionSettingsCollection` - This value is set to `True` if the disk has encryption settings stamped.
+- `encryptionSettings` - This value corresponds to the JSON array that contains the encryption settings on a disk.
+- `sourceVault` - This value is the complete URL of the key vault that's used for ADE.
+- `secretUrl` - This value is the complete URL of the secret that's generated during encryption.
+- `keyEncryptionKey` - This value is optional. If you used [Key Encryption Key (KEK)](/azure/virtual-machines/linux/disk-encryption-overview#terminology), the URL of the wrapping key is listed in this section.
+- `encryptionSettingsVersion` - The extension (ADE) version that's used to encrypt the disk.
+  - If the version number is `0.*`, the disk uses dual-pass encryption.
+  - If the version number is `1.*` or a later version, the disk uses single-pass encryption.
+
+The first version of ADE relied on Microsoft Entra ID for authentication (dual-pass). The current version of ADE doesn't rely on Entra ID (single-pass). We strongly encourage you to use the current version.
+
+If you're already using the dual-pass version of ADE, the encryption settings are shown in the VM component.
+
+## Verify ADE encryption settings through Azure Web Resource Explorer
+
+You can access the web version of Resource Explorer through [this link](https://resources.azure.com). Follow steps 1 through 6 in []"Verify ADE encryption settings through Azure portal"](#portal) to locate the component that ou want to analyze.
+
+## Next steps
+
+For more information, see [the ADE documentation](/azure/virtual-machines/linux/disk-encryption-overview).

support/azure/virtual-machines/linux/media/how-to-display-encryption-settings-in-azure-vms/compute.jpeg

@@ -339,12 +339,16 @@
   - name: A Capacity Reservation is in a "Failed" provisioning state
     href: ../windows/capacity-reservation-failed-provisioning-state.md?context=/troubleshoot/azure/virtual-machines/linux/context/context
 
-- name: Azure Disk Encryption (ADE) not operating correctly
+- name: Azure Disk Encryption (ADE) for Linux
   items:
   - name: Overview
     href: /azure/virtual-machines/linux/disk-encryption-overview?context=/troubleshoot/azure/virtual-machines/linux/context/context
-  - name: Troubleshoot
+  - name: General troubleshooting guide
     href: /azure/virtual-machines/linux/disk-encryption-troubleshooting?context=/troubleshoot/azure/virtual-machines/linux/context/context
+  - name: Unlock the encrypted disk for offline repair
+    href: unlock-encrypted-linux-disk-offline-repair.md
+  - name: How to display encription settings with resource explorer
+    href: /azure/virtual-machines/linux/how-to-display-encryption-settings-with-azure-resource-explorer.md
   - name: FAQ
     href: /azure/virtual-machines/linux/disk-encryption-faq?context=/troubleshoot/azure/virtual-machines/linux/context/context
 
@@ -358,8 +362,6 @@
     href: repair-linux-vm-using-azure-virtual-machine-repair-commands.md
   - name: Azure Linux Auto Repair
     href: repair-linux-vm-using-ALAR.md
-  - name: Unlock the encrypted disk for offline repair
-    href: unlock-encrypted-linux-disk-offline-repair.md
   - name: Troubleshoot chroot environment for Linux rescue VM
     href: chroot-environment-linux.md
   - name: Redeploy Linux virtual machine to new Azure node

support/azure/virtual-machines/linux/media/how-to-display-encryption-settings-in-azure-vms/providersrgs.png

@@ -44,7 +44,7 @@ Before proceeding, it might help to mentally review what has changed since the l
 Before proceeding to the detailed troubleshooting,
 
 * Check the status of the virtual machine in the Azure portal for any obvious issues.
-* Follow the [quick fix steps for common RDP errors in the basic troubleshooting guide](troubleshoot-rdp-connection.md#quick-troubleshooting-steps).
+* Follow the [quick fix steps for common RDP errors in the basic troubleshooting guide](troubleshoot-rdp-connection.md#troubleshooting-steps).
 * For custom images, make sure that your VHD is properly prepared prior to upload it. For more information, see [Prepare a Windows VHD or VHDX to upload to Azure](/azure/virtual-machines/windows/prepare-for-upload-vhd-image).
 
 Try reconnecting to the VM via Remote Desktop after these steps.

support/azure/virtual-machines/linux/media/how-to-display-encryption-settings-in-azure-vms/searchresourceexplorerportal.png

@@ -19,15 +19,15 @@ ms.author: genli
 
 **Applies to:** :heavy_check_mark: Windows VMs
 
-[!INCLUDE [Feedback](../../../includes/feedback.md)]
-
 The Remote Desktop Protocol (RDP) connection to your Windows-based Azure virtual machine (VM) can fail for various reasons, leaving you unable to access your VM. The issue can be with the Remote Desktop service on the VM, the network connection, or the Remote Desktop client on your host computer. This article guides you through some of the most common methods to resolve RDP connection issues.
 
-If you need more help at any point in this article, you can contact the Azure experts on [the MSDN Azure and Stack Overflow forums](https://azure.microsoft.com/support/forums/). Alternatively, you can file an Azure support incident. Go to the [Azure support site](https://azure.microsoft.com/support/options/) and select **Get Support**
-
 <a id="quickfixrdp"></a>
 
-## Quick troubleshooting steps
+> [!IMPORTANT]
+> **Before you begin**, take advantage of resource-specific diagnostics, with interactive step-by-step workflows, and detailed troubleshooting guides tailored to your Azure Windows VM connectivity issue. 
+> Go to the [Azure portal](https://portal.azure.com), click the **Help(?)** icon, and provide your problem and resource details.
+
+## Troubleshooting steps
 
 After each troubleshooting step, try reconnecting to the VM: