Merge pull request #8279 from MicrosoftDocs/main

Auto push to live 2025-02-23 18:00:03

Author: Deland-Han

support/azure/virtual-machines/windows/failed-get-contents-log-error.md

@@ -31,7 +31,7 @@ This problem might occur for any of the following reasons:
     WindowsAzureGuestAgent starting. Version 2.7.1198.802
     (See Workaround 2)
 
-- The automatic generation of the VM Health Report by the VM Guest Agent may fail. If this occurs, no SerialConsole.log file is created. This triggers th e error message that is mentioned in the "Symptoms" section. For example, this report isn't produced if there are unresolved SIDs reported as members in the virtual machine Local Administrators group. To search for such issues, examine the `C:\WindowsAzure\logs\TransparentInstaller.log` file.
+- The automatic generation of the VM Health Report by the VM Guest Agent may fail. If this occurs, no SerialConsole.log file is created. This triggers the error message that is mentioned in the "Symptoms" section. For example, this report isn't produced if there are unresolved SIDs reported as members in the virtual machine Local Administrators group. To search for such issues, examine the `C:\WindowsAzure\logs\TransparentInstaller.log` file.
 (See Workaround 3)
 
 ## Workaround

support/dynamics/gp/set-up-use-lot-expiration-dates.md

@@ -137,7 +137,7 @@ This example uses Fabrikam, Inc., the sample company for Microsoft Dynamics GP 1
 5. In the **Item Number** list, select the item number you created in the Item Maintenance window.
 6. In the **Quantity** field, type **-5**.
 7. In the **Site ID** list, select **WAREHOUSE**.
-8. In the Lot Number Entry window, select **A** in th **e Lot Number** list, and then type 5 in the **Quantity Selected** field.
+8. In the Lot Number Entry window, select **A** in the **Lot Number** list, and then type 5 in the **Quantity Selected** field.
 9. Select **Insert**.
 10. When you receive the following message, type **TEST**, and then select **OK**:  
     Enter a password to use an expired lot.

support/entra/entra-id/app-integration/error-code-aadsts700003-device-object-not-found.md

@@ -0,0 +1,47 @@
+---
+title: Error AADSTS700003 - Device Object Was Not Found in the Tenant Directory
+description: Provides a solution to an issue where you experience the AADSTS700003 error when you try to sign in to an Azure application that can be used with Microsoft Entra ID.
+ms.service: entra-id
+ms.date: 02/24/2025
+ms.reviewer: jutakata, willfid, bachoang, joaos, modawud, v-weizhu
+ms.custom: sap:Issues Signing In to Applications
+---
+
+# Error AADSTS700003 - Device object was not found in the tenant '\<TenantName\>' directory
+
+This article discusses how to resolve the "AADSTS700003" error that occurs when you try to sign in to an application that's integrated into Microsoft Entra ID.
+
+## Symptoms
+
+When you try to sign in to an application that's integrated into Microsoft Entra ID, you receive an "AADSTS700003" error with one of the following error messages:
+
+- > Device object was not found in the tenant '\<TenantName\>' directory.
+- > Your organization has deleted this device.
+
+## Cause
+
+This issue occurs because the device object is deleted on your home tenant. When a device is deleted, the "Delete device" activity type is recorded in the [Microsoft Entra audit log](/entra/identity/monitoring-health/concept-audit-logs). In Microsoft Entra ID, there are three ways to register or join user devices:
+
+- Microsoft Entra registered
+- Microsoft Entra joined
+- Microsoft Entra hybrid joined
+
+Device registration or join creates a [device identity](/entra/identity/devices/overview). This device identity is used in scenarios such as [device-based Conditional Access policies](/entra/identity/conditional-access/concept-conditional-access-grant) and [Mobile Device Management with Microsoft Intune](/mem/endpoint-manager-overview). When you receive the AADSTS700003 error, the device object isn't found in the tenant.
+
+## Solution
+
+Engage the home tenant administrators to determine when and why your device object is deleted. Then, take the corresponding action depending on the device registration/join type, as shown in the following table: 
+
+| Device join type | Action |
+|--|--|
+| Microsoft Entra registered | For Windows 10/11 Microsoft Entra registered devices, go to **Settings** > **Accounts** > **Access Work or School**. Select your work or school account on the screen. Select **Disconnect** to disconnect the device. Then, register the device to Microsoft Entra ID again.<br/><br/>For iOS and Android, you can use the Microsoft Authenticator application and select **Settings** > **Device Registration** > **Unregister device**. Then, register the device to Microsoft Entra ID again.<br/><br/>For macOS, you can use the Microsoft Intune Company Portal application to unenroll the device from management and remove any registration. Then, register the device to Microsoft Entra ID again.<br/><br/> For more information, see [Microsoft Entra register FAQ](/entra/identity/devices/faq#how-do-i-remove-a-microsoft-entra-registered-state-for-a-device-locally).|
+| Microsoft Entra joined | Open a PowerShell console with the administrative right on the Windows device, and run the `dsregcmd /forcerecovery` command. Select **Sign in** to sign in with your Microsoft Entra ID account. |
+| Microsoft Entra hybrid joined | Open a PowerShell console with the administrative right on the Windows device, and run the `dsregcmd /leave` command. Then, reboot the device and sign in to the device with your domain credential. |
+
+## More information
+
+For a full list of authentication and authorization error codes, see [Microsoft Entra authentication and authorization error codes](/azure/active-directory/develop/reference-error-codes).
+
+To investigate individual errors, go to [https://login.microsoftonline.com/error](https://login.microsoftonline.com/error).
+
+[!INCLUDE [Azure Help Support](../../../includes/azure-help-support.md)]

support/entra/entra-id/toc.yml

@@ -98,6 +98,8 @@
         href: app-integration/error-code-AADSTS75005-not-a-valid-saml-request.md
       - name: Error AADSTS750054 - SAML request or response not present
         href: app-integration/error-code-AADSTS750054-saml-request-not-present.md
+      - name: Error AADSTS700003 - Device object was not found in the tenant directory
+        href: app-integration/error-code-aadsts700003-device-object-not-found.md
       - name: Error AADSTS7000110 - request is ambiguous, multiple application identifiers found
         href: app-integration/error-code-aadsts7000110-request-is-ambiguous.md
       - name: Error AADSTS7000112 - application is disabled

support/sql/analysis-services/wmi-provider-error-0x80004005-code.md

@@ -46,7 +46,7 @@ This issue occurs because when you set up the clustered instance of Analysis Ser
 
 To fix this issue, grant the SQL Server Analysis Services service SID the local policy user Log on as a service right.
 
-- For a default instance of SQL Server Analysis Services, t he name of the service SID is `NT SERVICE\MSSQLServerOLAPService`.
+- For a default instance of SQL Server Analysis Services, the name of the service SID is `NT SERVICE\MSSQLServerOLAPService`.
 - For a named instance, the name is `NT SERVICE\MSOLAP$\<instance name>`.
 
 To grant the **Log on as a service right** to the service SID, follow these steps:

support/windows-client/performance/invalid-boot-file-received-error.md

@@ -38,4 +38,4 @@ If you have a mix of UEFI and Legacy BIOS machines, you cannot use DHCP Scope Op
 
 ## More information
 
-For more information about he WDS Boot Program's for UEFI computers wdsmgfw.efi, see [Managing Network Boot Programs](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732351%28v=ws.10%29).
+For more information about the WDS Boot Program's for UEFI computers wdsmgfw.efi, see [Managing Network Boot Programs](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732351%28v=ws.10%29).

support/windows-server/group-policy/allow-active-content-to-run-files-on-my-computer-not-working.md

@@ -18,7 +18,7 @@ _Original KB number:_   2002093
 
 ## Symptoms
 
-If you use Windows or the Remote Server Administration Tools (RSAT) for Windows to enable he Group Policy Preference setting **Allow active content to run files on My Computer** remain disabled when the policy is applied on the client computers. If you disable the policy setting, you will find that it gets enabled on the client computers after the next Group Policy refresh.
+If you use Windows or the Remote Server Administration Tools (RSAT) for Windows to enable the Group Policy Preference setting **Allow active content to run files on My Computer** remain disabled when the policy is applied on the client computers. If you disable the policy setting, you will find that it gets enabled on the client computers after the next Group Policy refresh.
 
 The **Allow active content to run files on My Computer** is configured in the Group Policy Management Editor by navigating to **User Configuration\Preferences\Control Panel Settings\Internet Settings** and selecting **New**, then **Internet Explorer 7**. On the **Advanced** tab, scroll down to the **Security** section to view the **Allow active content to run files on My Computer** setting.
 

support/windows-server/licensing-and-activation/troubleshoot-activation-error-codes.md

@@ -331,7 +331,7 @@ Request more activations to increase limit. If you require more activations, con
 
 When you encounter this error, you see this error message:
 
-> The activation server reported that teh Multiple Activation Key extension limit has been exceeded.
+> The activation server reported that the Multiple Activation Key extension limit has been exceeded.
 
 **Cause:**
 
@@ -486,7 +486,7 @@ To resolve this issue, activate the KMS host by using either [online or telephon
 
 When you encounter this error, you see this error message:
 
-> The Software Protection Service determined that teh specified Key Management Service cannot be read.
+> The Software Protection Service determined that the specified Key Management Service cannot be read.
 
 **Cause:**
 
@@ -528,7 +528,7 @@ To resolve this issue, get a new MAK or KMS key, install it on the system, then
 
 When you encounter this error, you see this error message:
 
-> The Software Protection Service reported that teh non-genuine grace period expired.
+> The Software Protection Service reported that the non-genuine grace period expired.
 
 **Cause:**
 

support/windows-server/remote/windows-server-2016-rds-updates.md

@@ -308,7 +308,7 @@ Remote Desktop Gateway
 
 Remote Desktop Virtualization Host  
 
-- [KB4013429](https://support.microsoft.com/help/4013429) Addressed an issue in which t he RD Virtualization Host role fails to install on nested VM.  
+- [KB4013429](https://support.microsoft.com/help/4013429) Addressed an issue in which the RD Virtualization Host role fails to install on nested VM.  
 
 Remote Desktop Web Access  
 

support/windows/win32/win32-networkadapterconfiguration-unable-retrieve-information.md

@@ -1,6 +1,6 @@
 ---
 title: Win32_NetworkAdapterConfiguration class is unable to retrieve information
-description: This article provides a resolution for the problem where he Win32_NetworkAdapterConfiguration class is unable to retrieve information about PPPoE (Point-to-point protocol over Ethernet) and VPN (Virtual Private Network).
+description: This article provides a resolution for the problem where the Win32_NetworkAdapterConfiguration class is unable to retrieve information about PPPoE (Point-to-point protocol over Ethernet) and VPN (Virtual Private Network).
 ms.date: 12/19/2023
 ms.custom: sap:Networking Development\Other
 ms.reviewer: koichm
@@ -9,7 +9,7 @@ ms.topic: troubleshooting
 
 # The Win32_NetworkAdapterConfiguration class is unable to retrieve information about PPPoE (Point-to-point protocol over Ethernet) and VPN (Virtual Private Network)
 
-This article helps you resolve the problem where he `Win32_NetworkAdapterConfiguration` class is unable to retrieve information about PPPoE (Point-to-point protocol over Ethernet) and VPN (Virtual Private Network).
+This article helps you resolve the problem where the `Win32_NetworkAdapterConfiguration` class is unable to retrieve information about PPPoE (Point-to-point protocol over Ethernet) and VPN (Virtual Private Network).
 
 _Applies to:_   Windows Vista  
 _Original KB number:_   2549091