MicrosoftDocs
diff --git a/‎.openpublishing.publish.config.json
Lines changed: 6 additions & 0 deletions b/‎.openpublishing.publish.config.json
Lines changed: 6 additions & 0 deletions
diff --git a/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions b/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions
diff --git a/‎articles/active-directory-b2c/azure-monitor.md
Lines changed: 14 additions & 11 deletions b/‎articles/active-directory-b2c/azure-monitor.md
Lines changed: 14 additions & 11 deletions
diff --git a/‎articles/active-directory-b2c/media/azure-monitor/azure-monitor-portal-05-diagnostic-settings-pane-enabled.png
133 KB b/‎articles/active-directory-b2c/media/azure-monitor/azure-monitor-portal-05-diagnostic-settings-pane-enabled.png
133 KB
diff --git a/‎articles/active-directory-b2c/media/tutorial-create-tenant/switch-directory.png
-9.98 KB b/‎articles/active-directory-b2c/media/tutorial-create-tenant/switch-directory.png
-9.98 KB
diff --git a/‎articles/active-directory-b2c/tutorial-create-tenant.md
Lines changed: 5 additions & 4 deletions b/‎articles/active-directory-b2c/tutorial-create-tenant.md
Lines changed: 5 additions & 4 deletions
diff --git a/‎articles/active-directory-b2c/validation-technical-profile.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/validation-technical-profile.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/app-provisioning/application-provisioning-quarantine-status.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/app-provisioning/application-provisioning-quarantine-status.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/authentication/howto-sspr-authenticationdata.md
Lines changed: 50 additions & 11 deletions b/‎articles/active-directory/authentication/howto-sspr-authenticationdata.md
Lines changed: 50 additions & 11 deletions
@@ -884,6 +884,12 @@
       "branch": "main",
       "branch_mapping": {}
     },
+    {
+      "path_to_root": "azure-cosmos-tableapi-dotnet",
+      "url": "https://github.com/Azure-Samples/cosmos-db-table-api-dotnet-samples",
+      "branch": "v12",
+      "branch_mapping": {}
+    },
     {
       "path_to_root": "msdocs-django-postgresql-sample-app",
       "url": "https://github.com/Azure-Samples/msdocs-django-postgresql-sample-app",
 
@@ -6911,6 +6911,11 @@
       "redirect_url": "/azure/azure-functions/functions-bindings-event-hubs-output",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/azure-functions/monitor-metrics.md",
+      "redirect_url": "/azure/azure-functions/monitor-functions",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/azure-functions/functions-bindings-errors.md",
       "redirect_url": "/azure/azure-functions/functions-bindings-error-pages",
 
@@ -11,7 +11,7 @@ ms.workload: identity
 ms.topic: how-to
 ms.author: kengaderdus
 ms.subservice: B2C
-ms.date: 06/03/2022
+ms.date: 07/12/2022
 ---
 
 # Monitor Azure AD B2C with Azure Monitor
@@ -124,7 +124,7 @@ To create the custom authorization and delegation in Azure Lighthouse, we use an
    | Region                | Select the region where the resource will be deployed.                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
    | Msp Offer Name        | A name describing this definition. For example, _Azure AD B2C Monitoring_. It's the name that will be displayed in Azure Lighthouse.  The **MSP Offer Name** must be unique in your Azure AD. To monitor multiple Azure AD B2C tenants, use different names. |
    | Msp Offer Description | A brief description of your offer. For example, _Enables Azure Monitor in Azure AD B2C_.                                                                                                                                                                                                                                                                                                                                                                                                                                     |
-   | Managed By Tenant Id  | The **Tenant ID** of your Azure AD B2C tenant (also known as the directory ID).                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+   | Managed By Tenant ID  | The **Tenant ID** of your Azure AD B2C tenant (also known as the directory ID).                                                                                                                                                                                                                                                                                                                                                                                                                                              |
    | Authorizations        | Specify a JSON array of objects that include the Azure AD `principalId`, `principalIdDisplayName`, and Azure `roleDefinitionId`. The `principalId` is the **Object ID** of the B2C group or user that will have access to resources in this Azure subscription. For this walkthrough, specify the group's Object ID that you recorded earlier. For the `roleDefinitionId`, use the [built-in role](../role-based-access-control/built-in-roles.md) value for the _Contributor role_, `b24988ac-6180-42a0-ab88-20f7382dd24c`. |
    | Rg Name               | The name of the resource group you create earlier in your Azure AD tenant. For example, _azure-ad-b2c-monitor_.                                                                                                                                                                                                                                                                                                                                                                                                              |
 
@@ -173,18 +173,21 @@ You're ready to [create diagnostic settings](../active-directory/reports-monitor
 To configure monitoring settings for Azure AD B2C activity logs:
 
 1. Sign in to the [Azure portal](https://portal.azure.com/) with your Azure AD B2C administrative account. This account must be a member of the security group you specified in the [Select a security group](#32-select-a-security-group) step.
-1. Make sure you're using the directory that contains your Azure AD B2C tenant. Select the **Directories + subscriptions** icon in the portal toolbar.
-1. On the **Portal settings | Directories + subscriptions** page, find your Azure AD B2C directory in the **Directory name** list, and then select **Switch**.
+1. Make sure you're using the directory that contains your Azure AD B2C tenant:
+    1. Select the **Directories + subscriptions** icon in the portal toolbar.
+    2. On the **Portal settings | Directories + subscriptions** page, find your Azure AD B2C directory in the **Directory name** list, and then select **Switch**.
 1. Select **Azure Active Directory**
 1. Under **Monitoring**, select **Diagnostic settings**.
-1. If there are existing settings for the resource, you'll see a list of settings already configured. Either select **Add diagnostic setting** to add a new setting, or select **Edit** to edit an existing setting. Each setting can have no more than one of each of the destination types.
+1. If there are existing settings for the resource, you'll see a list of settings already configured. Either select **Add diagnostic setting** to add a new setting, or select **Edit settings** to edit an existing setting. Each setting can have no more than one of each of the destination types.
 
-   ![Diagnostics settings pane in Azure portal](./media/azure-monitor/azure-monitor-portal-05-diagnostic-settings-pane-enabled.png)
+   ![Screenshot of the diagnostics settings pane in Azure portal.](./media/azure-monitor/azure-monitor-portal-05-diagnostic-settings-pane-enabled.png)
 
 1. Give your setting a name if it doesn't already have one.
-1. Check the box for each destination to send the logs. Select **Configure** to specify their settings **as described in the following table**.
-1. Select **Send to Log Analytics**, and then select the **Name of workspace** you created earlier (`AzureAdB2C`).
 1. Select **AuditLogs** and **SignInLogs**.
+1. Select **Send to Log Analytics Workspace**, and then:
+    1. Under **Subscription**, select your subscription. 
+    2. Under **Log Analytics Workspace**, select the name of the workspace you created earlier such as `AzureAdB2C`.
+
 
    > [!NOTE]
    > Only the **AuditLogs** and **SignInLogs** diagnostic settings are currently supported for Azure AD B2C tenants.
@@ -204,7 +207,7 @@ Now you can configure your Log Analytics workspace to visualize your data and co
 
 Log queries help you to fully use the value of the data collected in Azure Monitor Logs. A powerful query language allows you to join data from multiple tables, aggregate large sets of data, and perform complex operations with minimal code. Virtually any question can be answered and analysis performed as long as the supporting data has been collected, and you understand how to construct the right query. For more information, see [Get started with log queries in Azure Monitor](../azure-monitor/logs/get-started-queries.md).
 
-1. From **Log Analytics workspace**, select **Logs**
+1. From **Log Analytics workspace** window, select **Logs**
 1. In the query editor, paste the following [Kusto Query Language](/azure/data-explorer/kusto/query/) query. This query shows policy usage by operation over the past x days. The default duration is set to 90 days (90d). Notice that the query is focused only on the operation where a token/code is issued by policy.
 
    ```kusto
@@ -253,7 +256,7 @@ Workbooks provide a flexible canvas for data analysis and the creation of rich v
 
 Follow the instructions below to create a new workbook using a JSON Gallery Template. This workbook provides a **User Insights** and **Authentication** dashboard for Azure AD B2C tenant.
 
-1. From the **Log Analytics workspace**, select **Workbooks**.
+1. From the **Log Analytics workspace** window, select **Workbooks**.
 1. From the toolbar, select **+ New** option to create a new workbook.
 1. On the **New workbook** page, select the **Advanced Editor** using the **</>** option on the toolbar.
 
@@ -279,7 +282,7 @@ The workbook will display reports in the form of a dashboard.
 
 ## Create alerts
 
-Alerts are created by alert rules in Azure Monitor and can automatically run saved queries or custom log searches at regular intervals. You can create alerts based on specific performance metrics or when certain events occur. You can also create alerts on absence of an event, or a number of events are occur within a particular time window. For example, alerts can be used to notify you when average number of sign in exceeds a certain threshold. For more information, see [Create alerts](../azure-monitor/alerts/alerts-log.md).
+Alerts are created by alert rules in Azure Monitor and can automatically run saved queries or custom log searches at regular intervals. You can create alerts based on specific performance metrics or when certain events occur. You can also create alerts on absence of an event, or a number of events occur within a particular time window. For example, alerts can be used to notify you when average number of sign in exceeds a certain threshold. For more information, see [Create alerts](../azure-monitor/alerts/alerts-log.md).
 
 Use the following instructions to create a new Azure Alert, which will send an [email notification](../azure-monitor/alerts/action-groups.md#configure-notifications) whenever there's a 25% drop in the **Total Requests** compared to previous period. Alert will run every 5 minutes and look for the drop in the last hour compared to the hour before it. The alerts are created using Kusto query language.
 
 
@@ -8,7 +8,7 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: tutorial
-ms.date: 10/29/2021
+ms.date: 07/12/2022
 ms.author: kengaderdus
 ms.subservice: B2C
 ms.custom: "b2c-support"
@@ -43,14 +43,15 @@ You learn how to register an application in the next tutorial.
 
 1. Sign in to the [Azure portal](https://portal.azure.com/). 
 
-1. Switch to the directory that contains your subscription:
+1. Make sure you're using the directory that contains your subscription:
+
     1. In the Azure portal toolbar, select the **Directories + subscriptions** filter icon. 
 
         ![Directories + subscriptions filter icon](media/tutorial-create-tenant/directories-subscription-filter-icon.png)
 
-    1. Find the directory that contains your subscription and select the **Switch** button next to it. Switching a directory reloads the portal.
+    1. Find the directory that contains your subscription and select the **Switch** button next to it. Switching a directory reloads the portal. If the directory that contains your subscription has the **Current** label next to it, you don't need to do anything. 
 
-        ![Directories + subscriptions with Switch button](media/tutorial-create-tenant/switch-directory.png)
+        ![Screenshot of the directories and subscriptions window.](media/tutorial-create-tenant/switch-directory.png)
 
 1. Add **Microsoft.AzureActiveDirectory** as a resource provider for the Azure subscription you're using ([learn more](../azure-resource-manager/management/resource-providers-and-types.md?WT.mc_id=Portal-Microsoft_Azure_Support#register-resource-provider-1)):
 
 
@@ -86,7 +86,7 @@ Following example uses these validation technical profiles:
 ```xml
 <ValidationTechnicalProfiles>
   <ValidationTechnicalProfile ReferenceId="login-NonInteractive" ContinueOnError="false" />
-  <ValidationTechnicalProfile ReferenceId="REST-ReadProfileFromCustomertsDatabase" ContinueOnError="true" >
+  <ValidationTechnicalProfile ReferenceId="REST-ReadProfileFromCustomersDatabase" ContinueOnError="true" >
     <Preconditions>
       <Precondition Type="ClaimsExist" ExecuteActionsIf="false">
         <Value>userType</Value>
 
@@ -82,7 +82,7 @@ After the first failure, the first retry happens within the next 2 hours (usuall
 - The fifth retry happens 48 hours after the first failure.
 - The sixth retry happens 72 hours after the first failure.
 - The seventh retry happens 96 hours after the first failure.
-- The eigth retry happens 120 hours after the first failure.
+- The eighth retry happens 120 hours after the first failure.
 
 This cycle is repeated every 24 hours until the 30th day when retries are stopped and the job is disabled. 
 
 
@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 10/05/2020
+ms.date: 07/12/2022
 
 ms.author: justinha
 author: justinha
@@ -18,7 +18,7 @@ ms.custom: devx-track-azurepowershell
 ---
 # Pre-populate user authentication contact information for Azure Active Directory self-service password reset (SSPR)
 
-To use Azure Active Directory (Azure AD) self-service password reset (SSPR), authentication contact information for a user must be present. Some organizations have users register their authentication data themselves. Other organizations prefer to synchronize from authentication data that already exists in Active Directory Domain Services (AD DS). This synchronized data is made available to Azure AD and SSPR without requiring user interaction. When users need to change or reset their password, they can do so even if they haven't previously registered their contact information.
+To use Azure Active Directory (Azure AD) self-service password reset (SSPR), authentication information for a user must be present. Most organizations have users register their authentication data themselves while collecting information for MFA. Some organizations prefer to bootstrap this process through synchronization of authentication data that already exists in Active Directory Domain Services (AD DS). This synchronized data is made available to Azure AD and SSPR without requiring user interaction. When users need to change or reset their password, they can do so even if they haven't previously registered their contact information.
 
 You can pre-populate authentication contact information if you meet the following requirements:
 
@@ -80,13 +80,13 @@ The following fields can be set through PowerShell:
     * Can only be set if you're not synchronizing with an on-premises directory.
 
 > [!IMPORTANT]
-> There's a known lack of parity in command features between PowerShell v1 and PowerShell v2. The [Microsoft Graph REST API (beta) for authentication methods](/graph/api/resources/authenticationmethods-overview) is the current engineering focus to provide modern interaction.
+> Azure AD PowerShell is planned for deprecation. You can start using [Microsoft Graph PowerShell](/powershell/microsoftgraph/overview) to interact with Azure AD as you would in Azure AD PowerShell, or use the [Microsoft Graph REST API for managing authentication methods](/graph/api/resources/authenticationmethods-overview).
 
-### Use PowerShell version 1
+### Use Azure AD PowerShell version 1
 
 To get started, [download and install the Azure AD PowerShell module](/previous-versions/azure/jj151815(v=azure.100)#bkmk_installmodule). After it's installed, use the following steps to configure each field.
 
-#### Set the authentication data with PowerShell version 1
+#### Set the authentication data with Azure AD PowerShell version 1
 
 ```PowerShell
 Connect-MsolService
@@ -98,7 +98,7 @@ Set-MsolUser -UserPrincipalName [email protected] -PhoneNumber "+1 4252345678"
 Set-MsolUser -UserPrincipalName [email protected] -AlternateEmailAddresses @("[email protected]") -MobilePhone "+1 4251234567" -PhoneNumber "+1 4252345678"
 ```
 
-#### Read the authentication data with PowerShell version 1
+#### Read the authentication data with Azure AD PowerShell version 1
 
 ```PowerShell
 Connect-MsolService
@@ -120,21 +120,21 @@ Get-MsolUser -UserPrincipalName [email protected] | select -Expand StrongAuthentic
 Get-MsolUser -UserPrincipalName [email protected] | select -Expand StrongAuthenticationUserDetails | select Email
 ```
 
-### Use PowerShell version 2
+### Use Azure AD PowerShell version 2
 
 To get started, [download and install the Azure AD version 2 PowerShell module](/powershell/module/azuread/).
 
 To quickly install from recent versions of PowerShell that support `Install-Module`, run the following commands. The first line checks to see if the module is already installed:
 
 ```PowerShell
-Get-Module AzureADPreview
-Install-Module AzureADPreview
+Get-Module AzureAD
+Install-Module AzureAD
 Connect-AzureAD
 ```
 
 After the module is installed, use the following steps to configure each field.
 
-#### Set the authentication data with PowerShell version 2
+#### Set the authentication data with Azure AD PowerShell version 2
 
 ```PowerShell
 Connect-AzureAD
@@ -146,7 +146,7 @@ Set-AzureADUser -ObjectId [email protected] -TelephoneNumber "+1 4252345678"
 Set-AzureADUser -ObjectId [email protected] -OtherMails @("[email protected]") -Mobile "+1 4251234567" -TelephoneNumber "+1 4252345678"
 ```
 
-#### Read the authentication data with PowerShell version 2
+#### Read the authentication data with Azure AD PowerShell version 2
 
 ```PowerShell
 Connect-AzureAD
@@ -158,6 +158,45 @@ Get-AzureADUser -ObjectID [email protected] | select TelephoneNumber
 Get-AzureADUser | select DisplayName,UserPrincipalName,otherMails,Mobile,TelephoneNumber | Format-Table
 ```
 
+### Use Microsoft Graph PowerShell
+
+To get started, [download and install the Microsoft Graph PowerShell module](/powershell/microsoftgraph/overview).
+
+To quickly install from recent versions of PowerShell that support `Install-Module`, run the following commands. The first line checks to see if the module is already installed:
+
+```PowerShell
+Get-Module Microsoft.Graph
+Install-Module Microsoft.Graph
+Select-MgProfile -Name "beta"
+Connect-MgGraph -Scopes "User.ReadWrite.All"
+```
+
+After the module is installed, use the following steps to configure each field.
+
+#### Set the authentication data with Microsoft Graph PowerShell
+
+```PowerShell
+Connect-MgGraph -Scopes "User.ReadWrite.All"
+
+Update-MgUser -UserId '[email protected]' -otherMails @("[email protected]")
+Update-MgUser -UserId '[email protected]' -mobilePhone "+1 4251234567"
+Update-MgUser -UserId '[email protected]' -businessPhones "+1 4252345678"
+
+Update-MgUser -UserId '[email protected]' -otherMails @("[email protected]") -mobilePhone "+1 4251234567" -businessPhones "+1 4252345678"
+```
+
+#### Read the authentication data with Microsoft Graph PowerShell
+
+```PowerShell
+Connect-MgGraph -Scopes "User.Read.All"
+
+Get-MgUser -UserId '[email protected]' | select otherMails
+Get-MgUser -UserId '[email protected]' | select mobilePhone
+Get-MgUser -UserId '[email protected]' | select businessPhones
+
+Get-MgUser -UserId '[email protected]' | Select businessPhones, mobilePhone, otherMails | Format-Table
+```
+
 ## Next steps
 
 Once authentication contact information is pre-populated for users, complete the following tutorial to enable self-service password reset: