Merge pull request #250859 from rolyon/rolyon-aadroles-portal-entra-admin-center

[Azure AD roles] Azure portal to Microsoft Entra admin center

Author: Court72

articles/active-directory/roles/admin-units-assign-roles.md

@@ -75,15 +75,17 @@ It is not currently possible to assign directory read permissions scoped to an a
 
 ## Assign a role with an administrative unit scope
 
-You can assign an Azure AD role with an administrative unit scope by using the Azure portal, PowerShell, or Microsoft Graph.
+You can assign an Azure AD role with an administrative unit scope by using the Microsoft Entra admin center, PowerShell, or Microsoft Graph.
 
-### Azure portal
+### Microsoft Entra admin center
 
 [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Privileged Role Administrator](../roles/permissions-reference.md#privileged-role-administrator).
 
-1. Select **Azure Active Directory** > **Administrative units** and then select the administrative unit that you want to assign a user role scope to. 
+1. Browse to **Identity** > **Roles & admins** > **Admin units**.
+
+1. Select the administrative unit that you want to assign a user role scope to. 
 
 1. On the left pane, select **Roles and administrators** to list all the available roles.
 
@@ -133,15 +135,17 @@ Body
 
 ## List role assignments with administrative unit scope
 
-You can view a list of Azure AD role assignments with administrative unit scope by using the Azure portal, PowerShell, or Microsoft Graph.
+You can view a list of Azure AD role assignments with administrative unit scope by using the Microsoft Entra admin center, PowerShell, or Microsoft Graph.
+
+### Microsoft Entra admin center
 
-### Azure portal
+You can view all the role assignments created with an administrative unit scope in the **Admin units** section of the Microsoft Entra admin center. 
 
-You can view all the role assignments created with an administrative unit scope in the [Administrative units section of Azure AD](https://portal.azure.com/?microsoft_aad_iam_adminunitprivatepreview=true&microsoft_aad_iam_rbacv2=true#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/AdminUnit). 
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Browse to **Identity** > **Roles & admins** > **Admin units**.
 
-1. Select **Azure Active Directory** > **Administrative units** and then select the administrative unit for the list of role assignments you want to view. 
+1. Select the administrative unit for the list of role assignments you want to view. 
 
 1. Select **Roles and administrators**, and then open a role to view the assignments in the administrative unit.
 

articles/active-directory/roles/admin-units-faq-troubleshoot.yml

@@ -86,7 +86,7 @@ sections:
           The initial update of an administrative unit can take a few minutes depending on your tenant size and the current Azure AD load.
 
       - question: |
-          After creating a dynamic membership rule in the Azure portal using the rule builder and attempting to save, I get the error "Failed to update administrative unit properties".
+          After creating a dynamic membership rule in the Microsoft Entra admin center using the rule builder and attempting to save, I get the error "Failed to update administrative unit properties".
         answer: |
           This usually means there is a problem with the supplied property values. Confirm that the property values you have supplied have a proper value type (Boolean, string, or string collection). For more information, see the allowed values for each operator for [users](../enterprise-users/groups-dynamic-membership.md#supported-properties) or [devices](../enterprise-users/groups-dynamic-membership.md#rules-for-devices).
           

articles/active-directory/roles/admin-units-manage.md

@@ -40,15 +40,15 @@ For more information, see [Prerequisites to use PowerShell or Graph Explorer](pr
 
 ## Create an administrative unit
 
-You can create a new administrative unit by using either the Azure portal, PowerShell or Microsoft Graph.
+You can create a new administrative unit by using either the Microsoft Entra admin center, PowerShell or Microsoft Graph.
 
-### Azure portal
+### Microsoft Entra admin center
 
 [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Privileged Role Administrator](../roles/permissions-reference.md#privileged-role-administrator).
 
-1. Select **Azure Active Directory** > **Administrative units**.
+1. Browse to **Identity** > **Roles & admins** > **Admin units**.
 
     ![Screenshot of the Administrative units page in Azure AD.](./media/admin-units-manage/nav-to-admin-units.png)
 
@@ -161,17 +161,19 @@ Body
 
 In Azure AD, you can delete an administrative unit that you no longer need as a unit of scope for administrative roles. Before you delete the administrative unit, you should remove any role assignments with that administrative unit scope.
 
-### Azure portal
+### Microsoft Entra admin center
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Privileged Role Administrator](../roles/permissions-reference.md#privileged-role-administrator).
 
-1. Select **Azure Active Directory** > **Administrative units** and then select the administrative unit you want to delete.
+1. Browse to **Identity** > **Roles & admins** > **Admin units**.
+
+1. Select the administrative unit you want to delete.
 
 1. Select **Roles and administrators**, and then open a role to view the role assignments.
 
 1. Remove all the role assignments with the administrative unit scope.
 
-1. Select **Azure Active Directory** > **Administrative units**.
+1. Browse to **Identity** > **Roles & admins** > **Admin units**.
 
 1. Add a check mark next to the administrative unit you want to delete.
 

articles/active-directory/roles/admin-units-members-add.md

@@ -35,22 +35,22 @@ This article describes how to add users, groups, or devices to administrative un
 
 For more information, see [Prerequisites to use PowerShell or Graph Explorer](prerequisites.md).
 
-## Azure portal
+## Microsoft Entra admin center
 
-You can add users, groups, or devices to administrative units using the Azure portal. You can also add users in a bulk operation or create a new group in an administrative unit.
+You can add users, groups, or devices to administrative units using the Microsoft Entra admin center. You can also add users in a bulk operation or create a new group in an administrative unit.
 
 ### Add a single user, group, or device to administrative units
 
 [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Privileged Role Administrator](../roles/permissions-reference.md#privileged-role-administrator).
 
-1. Select **Azure Active Directory**.
+1. Browse to **Identity**.
 
-1. Select one of the following:
+1. Browse to one of the following:
 
-    - **Users**
-    - **Groups**
+    - **Users** > **All users**
+    - **Groups** > **All groups**
     - **Devices** > **All devices**
 
 1. Select the user, group, or device you want to add to administrative units.
@@ -65,11 +65,11 @@ You can add users, groups, or devices to administrative units using the Azure po
 
 ### Add users, groups, or devices to a single administrative unit
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Privileged Role Administrator](../roles/permissions-reference.md#privileged-role-administrator).
 
-1. Select **Azure Active Directory**.
+1. Browse to **Identity** > **Roles & admins** > **Admin units**.
 
-1. Select **Administrative units** and then select the administrative unit you want to add users, groups, or devices to.
+1. Select the administrative unit you want to add users, groups, or devices to.
 
 1. Select one of the following:
 
@@ -85,13 +85,11 @@ You can add users, groups, or devices to administrative units using the Azure po
 
 ### Add users to an administrative unit in a bulk operation
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
-
-1. Select **Azure Active Directory**.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Privileged Role Administrator](../roles/permissions-reference.md#privileged-role-administrator).
 
-1. Select **Administrative units** and then select the administrative unit you want to add users to.
+1. Browse to **Identity** > **Roles & admins** > **Admin units**.
 
-1. Select the administrative unit to which you want to add users.
+1. Select the administrative unit you want to add users to.
 
 1. Select **Users** > **Bulk operations** > **Bulk add members**.
 
@@ -111,11 +109,11 @@ You can add users, groups, or devices to administrative units using the Azure po
 
 ### Create a new group in an administrative unit
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Groups Administrator](../roles/permissions-reference.md#groups-administrator).
 
-1. Select **Azure Active Directory**.
+1. Browse to **Identity** > **Roles & admins** > **Admin units**.
 
-1. Select **Administrative units** and then select the administrative unit you want to create a new group in.
+1. Select the administrative unit you want to create a new group in.
 
 1. Select **Groups**.
 

articles/active-directory/roles/admin-units-members-dynamic.md

@@ -22,7 +22,7 @@ ms.collection: M365-identity-device-management
 > Dynamic membership rules for administrative units are currently in PREVIEW.
 > See the [Product Terms](https://aka.ms/EntraPreviewsTermsOfUse) for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
 
-You can add or remove users or devices for administrative units manually. With this preview, you can add or remove users or devices for administrative units dynamically using rules. This article describes how to create administrative units with dynamic membership rules using the Azure portal, PowerShell, or Microsoft Graph API.
+You can add or remove users or devices for administrative units manually. With this preview, you can add or remove users or devices for administrative units dynamically using rules. This article describes how to create administrative units with dynamic membership rules using the Microsoft Entra admin center, PowerShell, or Microsoft Graph API.
 
 > [!NOTE]
 > Dynamic membership rules for administrative units can be created using the same attributes available for dynamic groups. For more information about the specific attributes available and examples on how to use them, see [Dynamic membership rules for groups in Azure Active Directory](../enterprise-users/groups-dynamic-membership.md).
@@ -47,15 +47,13 @@ For more information, see [Prerequisites to use PowerShell or Graph Explorer](pr
 
 Follow these steps to create administrative units with dynamic membership rules for users or devices.
 
-### Azure portal
+### Microsoft Entra admin center
 
 [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Privileged Role Administrator](../roles/permissions-reference.md#privileged-role-administrator).
 
-1. Select **Azure Active Directory**.
-
-1. Select **Administrative units** and then select the administrative unit that you want to add users or devices to.
+1. Select the administrative unit that you want to add users or devices to.
 
 1. Select **Properties**.
 
@@ -133,13 +131,13 @@ For steps on how to edit your rule, see the following [Edit dynamic membership r
 
 When an administrative unit has been configured for dynamic membership, the usual commands to add or remove members for the administrative unit are disabled as the dynamic membership engine retains the sole ownership of adding or removing members. To make changes to the membership, you can edit the dynamic membership rules.
 
-### Azure portal
+### Microsoft Entra admin center
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Privileged Role Administrator](../roles/permissions-reference.md#privileged-role-administrator).
 
-1. Select **Azure Active Directory**.
+1. Browse to **Identity** > **Roles & admins** > **Admin units**.
 
-1. Select **Administrative units** and then select the administrative unit that has the dynamic membership rules you want to edit.
+1. Select the administrative unit that has the dynamic membership rules you want to edit.
 
 1. Select **Membership rules** to edit the dynamic membership rules using the rule builder.
 
@@ -180,13 +178,13 @@ Body
 
 Follow these steps to change an administrative unit with dynamic membership rules to an administrative unit where members are manually assigned.
 
-### Azure portal
+### Microsoft Entra admin center
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Privileged Role Administrator](../roles/permissions-reference.md#privileged-role-administrator).
 
-1. Select **Azure Active Directory**.
+1. Browse to **Identity** > **Roles & admins** > **Admin units**.
 
-1. Select **Administrative units** and then select the administrative unit that you want to change to assigned.
+1. Select the administrative unit that you want to change to assigned.
 
 1. Select **Properties**.
 

articles/active-directory/roles/admin-units-members-list.md

@@ -30,22 +30,22 @@ In Azure Active Directory (Azure AD), you can list the users, groups, or devices
 
 For more information, see [Prerequisites to use PowerShell or Graph Explorer](prerequisites.md).
 
-## Azure portal
+## Microsoft Entra admin center
 
-You can list the users, groups, or devices in administrative units using the Azure portal.
+You can list the users, groups, or devices in administrative units using the Microsoft Entra admin center.
 
 ### List the administrative units for a single user, group, or device
 
 [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
 
-1. Select **Azure Active Directory**.
+1. Browse to **Identity**.
 
-1. Select one of the following:
+1. Browse to one of the following:
 
-    - **Users**
-    - **Groups**
+    - **Users** > **All users**
+    - **Groups** > **All groups**
     - **Devices** > **All devices**
 
 1. Select the user, group, or device you want to list their administrative units.
@@ -56,11 +56,11 @@ You can list the users, groups, or devices in administrative units using the Azu
 
 ### List the users, groups, or devices for a single administrative unit
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
 
-1. Select **Azure Active Directory**.
+1. Browse to **Identity** > **Roles & admins** > **Admin units**.
 
-1. Select **Administrative units** and then select the administrative unit that you want to list the users, groups, or devices for.
+1. Select the administrative unit that you want to list the users, groups, or devices for.
 
 1. Select one of the following:
 
@@ -72,11 +72,9 @@ You can list the users, groups, or devices in administrative units using the Azu
 
 ### List the devices for an administrative unit by using the All devices page
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
 
-1. Select **Azure Active Directory**.
-
-1. Select **Devices** > **All devices**.
+1. Browse to **Identity** > **Devices** > **All devices**.
 
 1. Select the filter for administrative unit.
 
@@ -86,11 +84,16 @@ You can list the users, groups, or devices in administrative units using the Azu
 
 ### List the restricted management administrative units for a single user or group
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
+
+1. Browse to **Identity**.
+
+1. Browse to one of the following:
 
-1. Select **Azure Active Directory**.
+    - **Users** > **All users**
+    - **Groups** > **All groups**
 
-1. Select **Users** or **Groups** and then select the user or group you want to list their restricted management administrative units.
+1. Select the user or group you want to list their restricted management administrative units.
 
 1. Select **Administrative units** to list all the administrative units where the user or group is a member.
 

articles/active-directory/roles/admin-units-members-remove.md

@@ -31,22 +31,22 @@ When users, groups, or devices in an administrative unit no longer need access,
 
 For more information, see [Prerequisites to use PowerShell or Graph Explorer](prerequisites.md).
 
-## Azure portal
+## Microsoft Entra admin center
 
-You can remove users, groups, or devices from administrative units individually using the Azure portal. You can also remove users in a bulk operation.
+You can remove users, groups, or devices from administrative units individually using the Microsoft Entra admin center. You can also remove users in a bulk operation.
 
 ### Remove a single user, group, or device from administrative units
 
 [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Privileged Role Administrator](../roles/permissions-reference.md#privileged-role-administrator).
 
-1. Select **Azure Active Directory**.
+1. Browse to **Identity**.
 
-1. Select one of the following:
+1. Browse to one of the following:
 
-    - **Users**
-    - **Groups**
+    - **Users** > **All users**
+    - **Groups** > **All groups**
     - **Devices** > **All devices**
 
 1. Select the user, group, or device you want to remove from an administrative unit.
@@ -61,11 +61,11 @@ You can remove users, groups, or devices from administrative units individually
 
 ### Remove users, groups, or devices from a single administrative unit
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Privileged Role Administrator](../roles/permissions-reference.md#privileged-role-administrator).
 
-1. Select **Azure Active Directory**.
+1. Browse to **Identity** > **Roles & admins** > **Admin units**.
 
-1. Select **Administrative units** and then select the administrative unit that you want to remove users, groups, or devices from.
+1. Select the administrative unit that you want to remove users, groups, or devices from.
 
 1. Select one of the following:
 
@@ -81,11 +81,11 @@ You can remove users, groups, or devices from administrative units individually
 
 ### Remove users from an administrative unit in a bulk operation
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Privileged Role Administrator](../roles/permissions-reference.md#privileged-role-administrator).
 
-1. Select **Azure Active Directory**.
+1. Browse to **Identity** > **Roles & admins** > **Admin units**.
 
-1. Select **Administrative units** and then select the administrative unit that you want to remove users from.
+1. Select the administrative unit that you want to remove users from.
 
 1. Select **Users** > **Bulk operations** > **Bulk remove members**.