MicrosoftDocs
diff --git a/‎articles/dev-box/how-to-conditional-access-dev-tunnels-service.md
Lines changed: 10 additions & 10 deletions b/‎articles/dev-box/how-to-conditional-access-dev-tunnels-service.md
Lines changed: 10 additions & 10 deletions
diff --git a/‎articles/dev-box/media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-activity-logs.png renamed to ‎articles/dev-box/media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-activity-logs.png b/‎articles/dev-box/media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-activity-logs.png renamed to ‎articles/dev-box/media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-activity-logs.png
diff --git a/‎articles/dev-box/media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-attribute.png renamed to ‎articles/dev-box/media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-attribute.png b/‎articles/dev-box/media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-attribute.png renamed to ‎articles/dev-box/media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-attribute.png
diff --git a/‎articles/dev-box/media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-conditional-access-policy.png renamed to ‎articles/dev-box/media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-conditional-access-policy.png b/‎articles/dev-box/media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-conditional-access-policy.png renamed to ‎articles/dev-box/media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-conditional-access-policy.png
diff --git a/‎articles/dev-box/media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-custom-attributes.png renamed to ‎articles/dev-box/media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-custom-attributes.png b/‎articles/dev-box/media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-custom-attributes.png renamed to ‎articles/dev-box/media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-custom-attributes.png
diff --git a/‎articles/dev-box/media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-no-access.png renamed to ‎articles/dev-box/media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-no-access.png b/‎articles/dev-box/media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-no-access.png renamed to ‎articles/dev-box/media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-no-access.png
diff --git a/‎articles/dev-box/media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-register-service.png renamed to ‎articles/dev-box/media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-register-service.png b/‎articles/dev-box/media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-register-service.png renamed to ‎articles/dev-box/media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-register-service.png
diff --git a/‎articles/dev-box/media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-security-attributes.png renamed to ‎articles/dev-box/media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-security-attributes.png b/‎articles/dev-box/media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-security-attributes.png renamed to ‎articles/dev-box/media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-security-attributes.png
diff --git a/‎articles/dev-box/media/how-to-setup-dev-tunnels/dev-tunnels-connect-tunnnel.png
-2.31 KB b/‎articles/dev-box/media/how-to-setup-dev-tunnels/dev-tunnels-connect-tunnnel.png
-2.31 KB
diff --git a/‎articles/dev-box/media/how-to-setup-dev-tunnels/dev-tunnels-enable-tunnel.png
-2.89 KB b/‎articles/dev-box/media/how-to-setup-dev-tunnels/dev-tunnels-enable-tunnel.png
-2.89 KB
@@ -24,7 +24,7 @@ Conditional access policies for the Dev tunnels service:
 
 The conditional access policies work correctly for the Dev tunnels service. Because registering the Dev tunnels service app to a tenant and making it available to the conditional access picker is unique, this article documents the steps.
 
-### Register Dev tunnels service to a tenant
+## Register Dev tunnels service to a tenant
 
 According to [Apps & service principals in Microsoft Entra ID](/entra/identity-platform/app-objects-and-service-principals?tabs=browser), a service principal is created in each tenant where the application is used. However, this doesn't apply to the Dev tunnels service. This article doesn't explore the root conditional access use. If you know about app definitions, review the [Dev tunnels service app registration specification](https://msazure.visualstudio.com/One/_git/AAD-FirstPartyApps?path=/Customers/Configs/AppReg/46da2f7e-b5ef-422a-88d4-2a7f9de6a0b2/AppReg.Parameters.Production.json&version=GBmaster&_a=contents).
 
@@ -46,27 +46,27 @@ Therefore, we're using [Microsoft.Graph PowerShell](/powershell/module/microsoft
 
 1. Go to "Microsoft Entra ID" -> "Manage" -> "Enterprise applications" to verify if the Dev tunnels service is registered.
 
-   :::image type="content" source="media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-register-service.png" alt-text="Screenshot of the Enterprise applications page in Microsoft Entra ID, showing the Dev tunnels service registration.":::
+   :::image type="content" source="media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-register-service.png" alt-text="Screenshot of the Enterprise applications page in Microsoft Entra ID, showing the Dev tunnels service registration." lightbox="media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-register-service.png":::
 
-### Enable the Dev tunnels service for the conditional access picker
+## Enable the Dev tunnels service for the conditional access picker
 
 The Microsoft Entra IDteam is working on removing the need to onboard apps for them to appear in the app picker, with delivery expected in May. Therefore, we aren't onboarding Dev tunnel service to the conditional access picker. Instead, target the Dev tunnels service in a conditional access policy using [Custom Security Attributes](/entra/identity/conditional-access/concept-filter-for-applications).
 
 1. Follow [Add or deactivate custom security attribute definitions in Microsoft Entra ID](/entra/fundamentals/custom-security-attributes-add?tabs=ms-powershell) to add the following Attribute set and New attributes.
 
-   :::image type="content" source="media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-custom-attributes.png" alt-text="Screenshot of the custom security attribute definition process in Microsoft Entra ID.":::
+   :::image type="content" source="media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-custom-attributes.png" alt-text="Screenshot of the custom security attribute definition process in Microsoft Entra ID." lightbox="media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-custom-attributes.png":::
 
-   :::image type="content" source="media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-attribute.png" alt-text="Screenshot of the new attribute creation in Microsoft Entra ID.":::
+   :::image type="content" source="media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-attribute.png" alt-text="Screenshot of the new attribute creation in Microsoft Entra ID." lightbox="media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-attribute.png":::
 
 1. Follow [Create a conditional access policy](/entra/identity/conditional-access/concept-filter-for-applications#create-a-conditional-access-policy) to create a conditional access policy.
 
-   :::image type="content" source="media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-conditional-access-policy.png" alt-text="Screenshot of the conditional access policy creation process for Dev tunnels service.":::
+   :::image type="content" source="media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-conditional-access-policy.png" alt-text="Screenshot of the conditional access policy creation process for Dev tunnels service." lightbox="media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-conditional-access-policy.png":::
 
 1. Follow [Configure custom attributes](/entra/identity/conditional-access/concept-filter-for-applications#configure-custom-attributes) to configure the custom attribute for the Dev tunnels service.
 
-   :::image type="content" source="media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-security-attributes.png" alt-text="Screenshot of configuring custom attributes for the Dev tunnels service in Microsoft Entra ID.":::
+   :::image type="content" source="media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-security-attributes.png" alt-text="Screenshot of configuring custom attributes for the Dev tunnels service in Microsoft Entra ID." lightbox="media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-security-attributes.png":::
 
-### Testing
+## Testing
 
 1. Turn off the BlockDevTunnelCA
 
@@ -82,11 +82,11 @@ code tunnel
 
     1. Any new attempts to execute the commands in step #2 will fail. Both errors are:
 
-       :::image type="content" source="media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-no-access.png" alt-text="Screenshot of error message when Dev tunnels connection is blocked by conditional access policy.":::
+       :::image type="content" source="media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-no-access.png" alt-text="Screenshot of error message when Dev tunnels connection is blocked by conditional access policy." lightbox="media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-no-access.png":::
 
 1. The Microsoft Entra ID sign-in logs show these entries.
 
-   :::image type="content" source="media/configure-conditional-access-policies-for-dev-tunnels-service/dev-tunnels-activity-logs.png" alt-text="Screenshot of Microsoft Entra ID sign-in logs showing entries related to Dev tunnels conditional access policy.":::
+   :::image type="content" source="media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-activity-logs.png" alt-text="Screenshot of Microsoft Entra ID sign-in logs showing entries related to Dev tunnels conditional access policy." lightbox="media/how-to-conditional-access-dev-tunnels-service/dev-tunnels-activity-logs.png":::
 
 ## Limitations