Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into Release_Archive_main_2023-06-29-15-23-03

Author: pauljewellmsft

articles/active-directory/authentication/howto-mfa-mfasettings.md

@@ -6,7 +6,7 @@ services: multi-factor-authentication
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 06/26/2023
+ms.date: 06/29/2023
 
 ms.author: justinha
 author: justinha
@@ -19,12 +19,12 @@ ms.custom: contperf-fy20q4
 # Configure Azure AD Multi-Factor Authentication settings
 
 To customize the end-user experience for Azure AD Multi-Factor Authentication, you can configure options for settings like account lockout thresholds or fraud alerts and notifications. Some settings are available directly in the Azure portal for Azure Active Directory (Azure AD), and some are in a separate Azure AD Multi-Factor Authentication portal.
-
+ 
 The following Azure AD Multi-Factor Authentication settings are available in the Azure portal:
 
 | Feature | Description |
 | ------- | ----------- |
-| [Account lockout](#account-lockout) | Temporarily lock accounts from using Azure AD Multi-Factor Authentication if there are too many denied authentication attempts in a row. This feature applies only to users who enter a PIN to authenticate. (MFA Server only) |
+| [Account lockout (MFA Server only)](#account-lockout-mfa-server-only) | Temporarily lock accounts from using Azure AD Multi-Factor Authentication if there are too many denied authentication attempts in a row. This feature applies only to users who use MFA Server to enter a PIN to authenticate. |
 | [Block/unblock users](#block-and-unblock-users) | Block specific users from being able to receive Azure AD Multi-Factor Authentication requests. Any authentication attempts for blocked users are automatically denied. Users remain blocked for 90 days from the time that they're blocked or until they're manually unblocked. |
 | [Report suspicious activity](#report-suspicious-activity) | Configure settings that allow users to report fraudulent verification requests. |
 | [Notifications](#notifications) | Enable notifications of events from MFA Server. |
@@ -34,9 +34,12 @@ The following Azure AD Multi-Factor Authentication settings are available in the
 
 ![Azure portal - Azure AD Multi-Factor Authentication settings](./media/howto-mfa-mfasettings/multi-factor-authentication-settings-portal.png)
 
-## Account lockout
+## Account lockout (MFA Server only)
+
+>[!NOTE]
+>Account lockout only affects users who sign in by using MFA Server on-premises. 
 
-To prevent repeated MFA attempts as part of an attack, the account lockout settings let you specify how many failed attempts to allow before the account becomes locked out for a period of time. The account lockout settings are  applied only when a PIN code is entered for the MFA prompt.
+To prevent repeated MFA attempts as part of an attack, the account lockout settings let you specify how many failed attempts to allow before the account becomes locked out for a period of time. The account lockout settings are applied only when a PIN code is entered for the MFA prompt by using MFA Server on-premises.
 
 The following settings are available:
 

articles/active-directory/authentication/howto-mfa-userdevicesettings.md

@@ -15,6 +15,7 @@ ms.reviewer: michmcla, dawoo
 
 ms.collection: M365-identity-device-management
 ---
+
 # Manage user authentication methods for Azure AD Multi-Factor Authentication
 
 Users in Azure AD have two distinct sets of contact information:  
@@ -89,11 +90,8 @@ If you're assigned the *Authentication Administrator* role, you can require user
 1. On the left, select **Azure Active Directory** > **Users** > **All users**.
 1. Choose the user you wish to perform an action on and select **Authentication methods**. At the top of the window, then choose one of the following options for the user:
    - **Reset Password** resets the user's password and assigns a temporary password that must be changed on the next sign-in.
-   - **Require Re-register MFA** makes it so that when the user signs in next time, they're requested to set up a new MFA authentication method.
-   
-      > [!NOTE]
-      > The user's currently registered authentication methods aren't deleted when an admin requires re-registration for MFA. After a user re-registers for MFA, we recommend they review their security info and delete any previously registered authentication methods that are no longer usable.
-   
+- **Require Re-register MFA** deactivates the user's hardware OATH tokens and deletes the following authentication methods from this user: phone numbers, Microsoft Authenticator apps and software OATH tokens. If needed, the user is requested to set up a new MFA authentication method the next time they sign in.
+
    - **Revoke MFA Sessions** clears the user's remembered MFA sessions and requires them to perform MFA the next time it's required by the policy on the device.
 
     :::image type="content" source="media/howto-mfa-userdevicesettings/manage-authentication-methods-in-azure.png" alt-text="Manage authentication methods from the Azure portal":::
@@ -111,7 +109,7 @@ To delete a user's app passwords, complete the following steps:
 1. Check the box next to the user or users that you wish to manage. A list of quick step options appears on the right.
 1. Select **Manage user settings**, then check the box for **Delete all existing app passwords generated by the selected users**, as shown in the following example:
    ![Delete all existing app passwords](./media/howto-mfa-userdevicesettings/deleteapppasswords.png)
-1. Select **save**, then **close**.
+1. 1. Select **save**, then **close**.
 
 ## Next steps
 

articles/active-directory/develop/quickstart-register-app.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: develop
 ms.topic: quickstart
 ms.workload: identity
-ms.date: 10/31/2022
+ms.date: 06/29/2023
 ms.author: cwerner
 ms.custom: aaddev, identityplatformtop40, contperf-fy21q1, contperf-fy21q2, contperf-fy21q4, mode-other
 

articles/active-directory/fundamentals/whats-new-archive.md

@@ -6347,41 +6347,3 @@ Starting on February 8, 2020, when a request is sent to login.microsoftonline.co
 
 ---
 
-## December 2019
-
-### Integrate SAP SuccessFactors provisioning into Azure AD and on-premises AD (Public Preview)
-
-**Type:** New feature  
-**Service category:** App Provisioning  
-**Product capability:** Identity Lifecycle Management
-
-You can now integrate SAP SuccessFactors as an authoritative identity source in Azure AD. This integration helps you automate the end-to-end identity lifecycle, including using HR-based events, like new hires or terminations, to control provisioning of Azure AD accounts.
-
-For more information about how to set up SAP SuccessFactors inbound provisioning to Azure AD, see the [Configure SAP SuccessFactors automatic provisioning](../saas-apps/sap-successfactors-inbound-provisioning-tutorial.md) tutorial.
-
----
-
-### Support for customized emails in Azure AD B2C (Public Preview)
-
-**Type:** New feature  
-**Service category:** B2C - Consumer Identity Management  
-**Product capability:** B2B/B2C
-
-You can now use Azure AD B2C to create customized emails when your users sign up to use your apps. By using DisplayControls (currently in preview) and a third-party email provider (such as, [SendGrid](https://sendgrid.com/), [SparkPost](https://sparkpost.com/), or a custom REST API), you can use your own email template, **From** address, and subject text, as well as support localization and custom one-time password (OTP) settings.
-
-For more information, see [Custom email verification in Azure Active Directory B2C](../../active-directory-b2c/custom-email-sendgrid.md).
-
----
-
-### Replacement of baseline policies with security defaults
-
-**Type:** Changed feature  
-**Service category:** Other  
-**Product capability:** Identity Security and Protection
-
-As part of a secure-by-default model for authentication, we're removing the existing baseline protection policies from all tenants. This removal is targeted for completion at the end of February. The replacement for these baseline protection policies is security defaults. If you've been using baseline protection policies, you must plan to move to the new security defaults policy or to Conditional Access. If you haven't used these policies, there is no action for you to take.
-
-For more information about the new security defaults, see [What are security defaults?](./concept-fundamentals-security-defaults.md) For more information about Conditional Access policies, see [Common Conditional Access policies](../conditional-access/concept-conditional-access-policy-common.md).
-
----
-

articles/aks/windows-faq.md

@@ -106,7 +106,7 @@ az aks update \
 ```
 
 > [!IMPORTANT]
-> Performing the `az aks update` operation upgrades only Windows Server node pools. Linux node pools are not affected.
+> Performing the `az aks update` operation upgrades only Windows Server node pools and will cause a restart. Linux node pools are not affected. 
 > 
 > When you're changing `--windows-admin-password`, the new password must be at least 14 characters and meet [Windows Server password requirements][windows-server-password].
 
@@ -123,7 +123,7 @@ $cluster | Set-AzAksCluster
 ```
 
 > [!IMPORTANT]
-> Performing the `Set-AzAksCluster` operation upgrades only Windows Server node pools. Linux node pools are not affected.
+> Performing the `Set-AzAksCluster` operation upgrades only Windows Server node pools and will cause a restart. Linux node pools are not affected.
 >
 > When you're changing the Windows administrator password, the new password must be at least 14 characters and meet [Windows Server password requirements][windows-server-password].
 

articles/azure-cache-for-redis/cache-how-to-functions.md

@@ -232,21 +232,22 @@ public static void PubSubTrigger(
 
 :::zone-end
 
-### RedisListsTrigger
+### RedisListTrigger
 
-The `RedisListsTrigger` pops elements from a list and surfaces those elements to the function. The trigger polls Redis at a configurable fixed interval, and uses [`LPOP`](https://redis.io/commands/lpop/)/[`RPOP`](https://redis.io/commands/rpop/)/[`LMPOP`](https://redis.io/commands/lmpop/) to pop elements from the lists.
+The `RedisListTrigger` pops elements from a list and surfaces those elements to the function. The trigger polls Redis at a configurable fixed interval, and uses [`LPOP`](https://redis.io/commands/lpop/)/[`RPOP`](https://redis.io/commands/rpop/)/[`LMPOP`](https://redis.io/commands/lmpop/) to pop elements from the lists.
 
-#### Inputs for RedisListsTrigger
+#### Inputs for RedisListTrigger
 
-- `ConnectionString`: connection string to the redis cache, for example`<cacheName>.redis.cache.windows.net:6380,password=...`.
-- `Keys`: Keys to read from, space-delimited.
+- `ConnectionStringSetting`: connection string to the redis cache, for example`<cacheName>.redis.cache.windows.net:6380,password=...`.
+- `Key`: Key or keys to read from, space-delimited.
   - Multiple keys only supported on Redis 7.0+ using [`LMPOP`](https://redis.io/commands/lmpop/).
   - Listens to only the first key given in the argument using [`LPOP`](https://redis.io/commands/lpop/)/[`RPOP`](https://redis.io/commands/rpop/) on Redis versions less than 7.0.
+  - This field can be resolved using `INameResolver`
 - (optional) `PollingIntervalInMs`: How often to poll Redis in milliseconds.
   - Default: 1000
 - (optional) `MessagesPerWorker`: How many messages each functions worker "should" process. Used to determine how many workers the function should scale to.
   - Default: 100
-- (optional) `BatchSize`: Number of elements to pull from Redis at one time.
+- (optional) `Count`: Number of elements to pull from Redis at one time. These are processed in parallel.
   - Default: 10
   - Only supported on Redis 6.2+ using the `COUNT` argument in [`LPOP`](https://redis.io/commands/lpop/)/[`RPOP`](https://redis.io/commands/rpop/).
 - (optional) `ListPopFromBeginning`: determines whether to pop elements from the beginning using [`LPOP`](https://redis.io/commands/lpop/) or to pop elements from the end using [`RPOP`](https://redis.io/commands/rpop/).
@@ -257,9 +258,9 @@ The following sample polls the key `listTest` at a localhost Redis instance at `
 ::: zone pivot="programming-language-csharp"
 
 ```csharp
-[FunctionName(nameof(ListsTrigger))]
-public static void ListsTrigger(
-    [RedisListsTrigger(ConnectionString = "127.0.0.1:6379", Keys = "listTest")] RedisMessageModel model,
+[FunctionName(nameof(ListTrigger))]
+public static void ListTrigger(
+    [RedisListTrigger(ConnectionStringSetting = "127.0.0.1:6379", Key = "listTest")] RedisMessageModel model,
     ILogger logger)
 {
     logger.LogInformation(JsonSerializer.Serialize(model));
@@ -311,25 +312,25 @@ public static void ListsTrigger(
 
 :::zone-end
 
-### RedisStreamsTrigger
+### RedisStreamTrigger
 
-The `RedisStreamsTrigger` pops elements from a stream and surfaces those elements to the function.
+The `RedisStreamTrigger` pops elements from a stream and surfaces those elements to the function.
 The trigger polls Redis at a configurable fixed interval, and uses [`XREADGROUP`](https://redis.io/commands/xreadgroup/) to read elements from the stream.
+The consumer group for all function instances will be the ID of the function. For example, for the StreamTrigger function in [this sample](https://github.com/Azure/azure-functions-redis-extension/blob/main/samples/dotnet/RedisSamples.cs), the consumer group would be `Microsoft.Azure.WebJobs.Extensions.Redis.Samples.RedisSamples.StreamTrigger`. 
 Each function creates a new random GUID to use as its consumer name within the group to ensure that scaled out instances of the function don't read the same messages from the stream.
 
-#### Inputs for RedisStreamsTrigger
+#### Inputs for RedisStreamTrigger
 
-- `ConnectionString`: connection string to the redis cache, for example, `<cacheName>.redis.cache.windows.net:6380,password=...`.
-- `Keys`: Keys to read from, space-delimited.
+- `ConnectionStringSetting`: connection string to the redis cache, for example, `<cacheName>.redis.cache.windows.net:6380,password=...`.
+- `Key`: Key or keys to read from, space-delimited.
   - Uses [`XREADGROUP`](https://redis.io/commands/xreadgroup/).
+  - This field can be resolved using `INameResolver`.
 - (optional) `PollingIntervalInMs`: How often to poll Redis in milliseconds.
   - Default: 1000
 - (optional) `MessagesPerWorker`: How many messages each functions worker "should" process. Used to determine how many workers the function should scale to.
   - Default: 100
-- (optional) `BatchSize`: Number of elements to pull from Redis at one time.
+- (optional) `Count`: Number of elements to pull from Redis at one time.
   - Default: 10
-- (optional) `ConsumerGroup`: The name of the consumer group that the function uses.
-  - Default: "AzureFunctionRedisExtension"
 - (optional) `DeleteAfterProcess`: If the listener will delete the stream entries after the function runs.
   - Default: false
 
@@ -338,9 +339,9 @@ The following sample polls the key `streamTest` at a localhost Redis instance at
 ::: zone pivot="programming-language-csharp"
 
 ```csharp
-[FunctionName(nameof(StreamsTrigger))]
-public static void StreamsTrigger(
-    [RedisStreamsTrigger(ConnectionString = "127.0.0.1:6379", Keys = "streamTest")] RedisMessageModel model,
+[FunctionName(nameof(StreamTrigger))]
+public static void StreamTrigger(
+    [RedisStreamTrigger(ConnectionString = "127.0.0.1:6379", Keys = "streamTest")] RedisMessageModel model,
     ILogger logger)
 {
     logger.LogInformation(JsonSerializer.Serialize(model));

articles/azure-functions/functions-reference-node.md

@@ -1418,21 +1418,62 @@ You can see the current version that the runtime is using by logging `process.ve
 
 ### Setting the Node version
 
-# [Windows](#tab/windows-setting-the-node-version)
+The way that you upgrade your Node.js version depends on the OS on which your function app runs.
 
-For Windows function apps, target the version in Azure by setting the `WEBSITE_NODE_DEFAULT_VERSION` [app setting](functions-how-to-use-azure-function-app-settings.md#settings) to a supported LTS version, such as `~18`.
+# [Windows](#tab/windows)
 
-# [Linux](#tab/linux-setting-the-node-version)
+When running on Windows, the Node.js version is set by the [`WEBSITE_NODE_DEFAULT_VERSION`](./functions-app-settings.md#website_node_default_version) application setting. This setting can be updated either by using the Azure CLI or in the Azure portal.
 
-For Linux function apps, run the following Azure CLI command to update the Node version.
+# [Linux](#tab/linux)
 
-```azurecli
-az functionapp config set --linux-fx-version "node|18" --name "<MY_APP_NAME>" --resource-group "<MY_RESOURCE_GROUP_NAME>"
+When running on Windows, the Node.js version is set by the [linuxfxversion](./functions-app-settings.md#linuxfxversion) site setting. This setting can be updated using the Azure CLI.
+
+---
+
+For more information about Node.js versions, see [Supported versions](#supported-versions).
+
+Before upgrading your Node.js version, make sure your function app is running on the latest version of the Azure Functions runtime. If you need to upgrade your runtime version, see [Migrate apps from Azure Functions version 3.x to version 4.x](migrate-version-3-version-4.md?pivots=programming-language-javascript).  
+
+# [Azure CLI](#tab/azure-cli/windows)
+
+Run the Azure CLI [`az functionapp config appsettings set`](/cli/azure/functionapp/config#az-functionapp-config-appsettings-set) command to update the Node.js version for your function app running on Windows:
+
+```azurecli-interactive
+az functionapp config appsettings set  --settings WEBSITE_NODE_DEFAULT_VERSION=~18 \
+ --name <FUNCTION_APP_NAME> --resource-group <RESOURCE_GROUP_NAME> 
+```
+
+This sets the [`WEBSITE_NODE_DEFAULT_VERSION` application setting](./functions-app-settings.md#website_node_default_version) the supported LTS version of `~18`.
+
+# [Azure portal](#tab/azure-portal/windows)
+
+Use the following steps to change the Node.js version:
+
+[!INCLUDE [functions-set-nodejs-version-portal](../../includes/functions-set-nodejs-version-portal.md)]
+
+# [Azure CLI](#tab/azure-cli/linux)
+
+Run the Azure CLI [`az functionapp config set`](/cli/azure/functionapp/config#az-functionapp-config-set) command to update the Node.js version for your function app running on Linux:
+
+```azurecli-interactive
+az functionapp config set --linux-fx-version "node|18" --name "<FUNCTION_APP_NAME>" \
+ --resource-group "<RESOURCE_GROUP_NAME>"
 ```
 
+This sets the base image of the Linux function app to Node.js version 18.
+
+# [Azure portal](#tab/azure-portal/linux)
+
+>[!NOTE]  
+> You can't change the Node.js version in the Azure portal when your function app is running on Linux in a Consumption plan. Instead use the Azure CLI.
+
+For Premium and Dedicated plans, use the following steps to change the Node.js version:  
+
+[!INCLUDE [functions-set-nodejs-version-portal](../../includes/functions-set-nodejs-version-portal.md)]
+
 ---
 
-To learn more about Azure Functions runtime support policy, refer to this [article](./language-support-policy.md).
+After changes are made, your function app restarts. To learn more about Functions support for Node.js, see [Language runtime support policy](./language-support-policy.md).
 
 <a name="access-environment-variables-in-code"></a>