Merge pull request #113251 from curtand/tenant020429

[Azure AD] tenant to organization 021

Author: PRMerger17

articles/active-directory/users-groups-roles/groups-quickstart-expiration.md

@@ -9,11 +9,11 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: users-groups-roles
 ms.topic: quickstart
-ms.date: 11/08/2019
+ms.date: 04/29/2020
 ms.author: curtand
 ms.reviewer: krbain
 ms.custom: it-pro
-#As a new Azure AD identity administrator, I want user-created Office 365 groups in my tenant to expire so I can reduce the number of unused groups.
+#As a new Azure AD identity administrator, I want user-created Office 365 groups in my organization to expire so I can reduce the number of unused groups.
 ms.collection: M365-identity-device-management
 ---
 # Quickstart: Set Office 365 groups to expire in Azure Active Directory
@@ -68,7 +68,7 @@ That's it! In this quickstart, you successfully set the expiration policy for th
 
 ### To remove the expiration policy
 
-1. Ensure that you are signed in to the [Azure portal](https://portal.azure.com) with an account that is the Global Administrator for your tenant.
+1. Ensure that you are signed in to the [Azure portal](https://portal.azure.com) with an account that is the Global Administrator for your Azure AD organization.
 2. Select **Azure Active Directory** > **Groups** > **Expiration**.
 3. Set **Enable expiration for these Office 365 groups** to **None**.
 

articles/active-directory/users-groups-roles/groups-quickstart-naming-policy.md

@@ -13,21 +13,21 @@ ms.date: 11/08/2019
 ms.author: curtand
 ms.reviewer: krbain
 ms.custom: it-pro
-#As an Azure AD identity administrator, I want to enforce naming policy on self-service groups, to help me sort and search in my tenant’s user-created groups. 
+#As an Azure AD identity administrator, I want to enforce naming policy on self-service groups, to help me sort and search in my Azure AD organization’s user-created groups. 
 ms.collection: M365-identity-device-management
 ---
 
 # Quickstart: Naming policy for groups in Azure Active Directory
 
-In this quickstart, you will set up naming policy in your Azure Active Directory (Azure AD) tenant for user-created Office 365 groups, to help you sort and search your tenant’s groups. For example, you could use the naming policy to:
+In this quickstart, you will set up naming policy in your Azure Active Directory (Azure AD) organization for user-created Office 365 groups, to help you sort and search your organization’s groups. For example, you could use the naming policy to:
 
 * Communicate the function of a group, membership, geographic region, or who created the group.
 * Help categorize groups in the address book.
 * Block specific words from being used in group names and aliases.
 
 If you don't have an Azure subscription, [create a free account](https://azure.microsoft.com/free/) before you begin.
 
-## Configure the group naming policy for a tenant using Azure portal
+## Configure the group naming policy in the Azure portal
 
 1. Sign in to the [Azure AD admin center](https://aad.portal.azure.com) with a User administrator account.
 1. Select **Groups**, then select **Naming policy** to open the Naming policy page.

articles/active-directory/users-groups-roles/groups-restore-deleted.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: users-groups-roles
 ms.topic: quickstart
-ms.date: 03/18/2019
+ms.date: 04/29/2020
 ms.author: curtand 
 ms.reviewer: krbain
 ms.custom: "it-pro, seo-update-azuread-jan"
@@ -46,7 +46,7 @@ User | Can restore any deleted Office 365 group that they own
 
 The following cmdlets can be used to view the deleted groups to verify that the one or ones you're interested in have not yet been permanently purged. These cmdlets are part of the [Azure AD PowerShell module](https://www.powershellgallery.com/packages/AzureAD/). More information about this module can be found in the [Azure Active Directory PowerShell Version 2](/powershell/azure/install-adv2?view=azureadps-2.0) article.
 
-1.  Run the following cmdlet to display all deleted Office 365 groups in your tenant that are still available to restore.
+1.  Run the following cmdlet to display all deleted Office 365 groups in your Azure AD organization that are still available to restore.
 
 
     ```powershell

articles/active-directory/users-groups-roles/groups-settings-cmdlets.md

@@ -154,7 +154,7 @@ Here are the settings defined in the Group.Unified SettingsTemplate. Unless othe
 |  <ul><li>AllowGuestsToBeGroupOwner<li>Type: Boolean<li>Default: False | Boolean indicating whether or not a guest user can be an owner of groups. |
 |  <ul><li>AllowGuestsToAccessGroups<li>Type: Boolean<li>Default: True | Boolean indicating whether or not a guest user can have access to Office 365 groups content.  This setting does not require an Azure Active Directory Premium P1 license.|
 |  <ul><li>GuestUsageGuidelinesUrl<li>Type: String<li>Default: "" | The url of a link to the guest usage guidelines. |
-|  <ul><li>AllowToAddGuests<li>Type: Boolean<li>Default: True | A boolean indicating whether or not is allowed to add guests to this directory. <br>This setting may be overridden and become read-only if *EnableMIPLabels* is set to *True* and a guest policy is associated with the sensitivity label assigned to the group.<br>If the AllowToAddGuests setting is set to False at the tenant level, any AllowToAddGuests setting at the group level is ignored. If you want to enable guest access for only a few groups, you must set AllowToAddGuests to be true at the tenant level, and then selectively disable it for specific groups. |
+|  <ul><li>AllowToAddGuests<li>Type: Boolean<li>Default: True | A boolean indicating whether or not is allowed to add guests to this directory. <br>This setting may be overridden and become read-only if *EnableMIPLabels* is set to *True* and a guest policy is associated with the sensitivity label assigned to the group.<br>If the AllowToAddGuests setting is set to False at the organization level, any AllowToAddGuests setting at the group level is ignored. If you want to enable guest access for only a few groups, you must set AllowToAddGuests to be true at the organization level, and then selectively disable it for specific groups. |
 |  <ul><li>ClassificationList<li>Type: String<li>Default: "" | A comma-delimited list of valid classification values that can be applied to Office 365 Groups. <br>This setting does not apply when EnableMIPLabels == True.|
 |  <ul><li>EnableMIPLabels<li>Type: Boolean<li>Default: "False" |The flag indicating whether sensitivity labels published in Microsoft 365 Compliance Center can be applied to Office 365 Groups. For more information, see [Assign Sensitivity Labels for Office 365 groups](groups-assign-sensitivity-labels.md). |
 

articles/active-directory/users-groups-roles/groups-settings-v2-cmdlets.md

@@ -57,8 +57,8 @@ Before you can start managing groups using Azure AD PowerShell cmdlets, you must
 The cmdlet prompts you for the credentials you want to use to access your directory. In this example, we are using [email protected] to access the demonstration directory. The cmdlet returns a confirmation to show the session was connected successfully to your directory:
 
 ```powershell
-    Account                       Environment Tenant
-    -------                       ----------- ------
+    Account                       Environment Tenant ID
+    -------                       ----------- ---------
     [email protected] AzureCloud  85b5ff1e-0402-400c-9e3c-0f…
 ```
 

articles/active-directory/users-groups-roles/groups-troubleshooting.md

@@ -38,7 +38,7 @@ To disable group creation for non-admin users in Powershell:
    ```
 
 <br/>**I received a max groups allowed error when trying to create a Dynamic Group in Powershell**<br/>
-If you receive a message in Powershell indicating _Dynamic group policies max allowed groups count reached_, this means you have reached the max limit for Dynamic groups in your tenant. The max number of Dynamic groups per tenant is 5,000.
+If you receive a message in Powershell indicating _Dynamic group policies max allowed groups count reached_, this means you have reached the max limit for Dynamic groups in your organization. The max number of Dynamic groups per organization is 5,000.
 
 To create any new Dynamic groups, you'll first need to delete some existing Dynamic groups. There's no way to increase the limit.
 
@@ -49,7 +49,7 @@ To create any new Dynamic groups, you'll first need to delete some existing Dyna
 For devices, check the device properties to ensure any synced attributes contain the expected values.<br/>
 2. Check the membership processing status to confirm if it is complete. You can check the [membership processing status](groups-create-rule.md#check-processing-status-for-a-rule) and the last updated date on the **Overview** page for the group.
 
-If everything looks good, please allow some time for the group to populate. Depending on the size of your tenant, the group may take up to 24 hours for populating for the first time or after a rule change.
+If everything looks good, please allow some time for the group to populate. Depending on the size of your Azure AD organization, the group may take up to 24 hours for populating for the first time or after a rule change.
 
 **I configured a rule, but now the existing members of the rule are removed**<br/>This is expected behavior. Existing members of the group are removed when a rule is enabled or changed. The users returned from evaluation of the rule are added as members to the group.
 

articles/active-directory/users-groups-roles/licensing-directory-independence.md

@@ -1,15 +1,15 @@
 ---
 title: Characteristics of multiple tenant interaction - Azure AD | Microsoft Docs
-description: Understanding your Azure Active Directory tenants as fully independent organizations
-services: active-tenant
+description: Understanding the data independence of your Azure Active Directory organizations
+services: active-directory
 documentationcenter: ''
 author: curtand
 manager: daveba
 ms.service: active-directory
 ms.topic: article
 ms.workload: identity
 ms.subservice: users-groups-roles
-ms.date: 04/07/2020
+ms.date: 04/29/2020
 ms.author: curtand
 ms.custom: it-pro
 ms.reviewer: sumitp
@@ -18,7 +18,7 @@ ms.collection: M365-identity-device-management
 
 # Understand how multiple Azure Active Directory organizations interact
 
-In Azure Active Directory (Azure AD), each tenant is a fully independent organization: a peer that is logically independent from the other Azure AD organizations that you manage. This independence between organizations includes resource independence, administrative independence, and synchronization independence. There is no parent-child relationship between organizations.
+In Azure Active Directory (Azure AD), each Azure AD organization is fully independent: a peer that is logically independent from the other Azure AD organizations that you manage. This independence between organizations includes resource independence, administrative independence, and synchronization independence. There is no parent-child relationship between organizations.
 
 ## Resource independence
 

articles/active-directory/users-groups-roles/licensing-group-advanced.md

@@ -95,15 +95,15 @@ Initially, the user inherits the license only from the *E3 basic services* group
 
 ## Managing new services added to products
 
-When Microsoft adds a new service to a product license plan, it is enabled by default in all groups to which you have assigned the product license. Users in your tenant who are subscribed to notifications about product changes will receive emails ahead of time notifying them about the upcoming service additions.
+When Microsoft adds a new service to a product license plan, it is enabled by default in all groups to which you have assigned the product license. Users in your organization who are subscribed to notifications about product changes will receive emails ahead of time notifying them about the upcoming service additions.
 
 As an administrator, you can review all groups affected by the change and take action, such as disabling the new service in each group. For example, if you created groups targeting only specific services for deployment, you can revisit those groups and make sure that any newly added services are disabled.
 
 Here is an example of what this process may look like:
 
 1. Originally, you assigned the *Office 365 Enterprise E5* product to several groups. One of those groups, called *O365 E5 - Exchange only* was designed to enable only the *Exchange Online (Plan 2)* service for its members.
 
-2. You received a notification from Microsoft that the E5 product will be extended with a new service - *Microsoft Stream*. When the service becomes available in your tenant, you can do the following:
+2. You received a notification from Microsoft that the E5 product will be extended with a new service - *Microsoft Stream*. When the service becomes available in your organization, you can do the following:
 
 3. Go to the [**Azure Active Directory > Licenses > All products**](https://portal.azure.com/#blade/Microsoft_AAD_IAM/LicensesMenuBlade/Products) blade and select *Office 365 Enterprise E5*, then select **Licensed Groups** to view a list of all groups with that product.
 
@@ -123,9 +123,9 @@ Here is an example of what this process may look like:
 ## Use PowerShell to see who has inherited and direct licenses
 You can use a PowerShell script to check if users have a license assigned directly or inherited from a group.
 
-1. Run the `connect-msolservice` cmdlet to authenticate and connect to your tenant.
+1. Run the `connect-msolservice` cmdlet to authenticate and connect to your organization.
 
-2. `Get-MsolAccountSku` can be used to discover all provisioned product licenses in the tenant.
+2. `Get-MsolAccountSku` can be used to discover all provisioned product licenses in the Azure AD organization.
 
    ![Screenshot of the Get-Msolaccountsku cmdlet](./media/licensing-group-advanced/get-msolaccountsku-cmdlet.png)
 

articles/active-directory/users-groups-roles/licensing-groups-assign.md

@@ -11,7 +11,7 @@ ms.service: active-directory
 ms.topic: article
 ms.workload: identity
 ms.subservice: users-groups-roles
-ms.date: 03/18/2019
+ms.date: 04/29/2020
 ms.author: curtand
 ms.reviewer: sumitp
 ms.custom: it-pro
@@ -22,7 +22,7 @@ ms.collection: M365-identity-device-management
 
 This article walks you through assigning product licenses to a group of users and verifying that they're licensed correctly in Azure Active Directory (Azure AD).
 
-In this example, the tenant contains a security group called **HR Department**. This group includes all members of the human resources department (around 1,000 users). You want to assign Office 365 Enterprise E3 licenses to the entire department. The Yammer Enterprise service that's included in the product must be temporarily disabled until the department is ready to start using it. You also want to deploy Enterprise Mobility + Security licenses to the same group of users.
+In this example, the Azure AD organization contains a security group called **HR Department**. This group includes all members of the human resources department (around 1,000 users). You want to assign Office 365 Enterprise E3 licenses to the entire department. The Yammer Enterprise service that's included in the product must be temporarily disabled until the department is ready to start using it. You also want to deploy Enterprise Mobility + Security licenses to the same group of users.
 
 > [!NOTE]
 > Some Microsoft services are not available in all locations. Before a license can be assigned to a user, the administrator has to specify the Usage location property on the user.
@@ -33,7 +33,7 @@ In this example, the tenant contains a security group called **HR Department**.
 
 1. Sign in to the [**Azure AD admin center**](https://aad.portal.azure.com) with a license administrator account. To manage licenses, the account must be a license administrator, user administrator, or global administrator.
 
-1. Select **Licenses** to open a page where you can see and manage all licensable products in the tenant.
+1. Select **Licenses** to open a page where you can see and manage all licensable products in the organization.
 
 1. Under **All products**, select both Office 365 Enterprise E5 and Enterprise Mobility + Security E3 by selecting the product names. To start the assignment, select **Assign** at the top of the page.
 

articles/active-directory/users-groups-roles/licensing-groups-resolve-problems.md

@@ -97,7 +97,7 @@ To solve this problem, remove users from unsupported locations from the licensed
 
 ## Duplicate proxy addresses
 
-If you use Exchange Online, some users in your tenant might be incorrectly configured with the same proxy address value. When group-based licensing tries to assign a license to such a user, it fails and shows  “Proxy address is already being used”.
+If you use Exchange Online, some users in your organization might be incorrectly configured with the same proxy address value. When group-based licensing tries to assign a license to such a user, it fails and shows  “Proxy address is already being used”.
 
 > [!TIP]
 > To see if there is a duplicate proxy address, execute the following PowerShell cmdlet against Exchange Online: