Merge pull request #253885 from MicrosoftDocs/main

10/05 AM Publishing

Author: v-alje

.openpublishing.publish.config.json

@@ -1100,6 +1100,12 @@
 		"branch": "main",
 		"branch_mapping": {}
 	  },
+    {
+    "path_to_root": "playwright-testing-service",
+    "url": "https://github.com/microsoft/playwright-testing-service",
+    "branch": "main",
+    "branch_mapping": {}
+    },
 	  {
       "path_to_root": "microsoft-graph",
       "url": "https://github.com/MicrosoftGraph/microsoft-graph-docs-contrib",

articles/active-directory-domain-services/faqs.yml

@@ -11,7 +11,7 @@ metadata:
   ms.subservice: domain-services
   ms.workload: identity
   ms.topic: faq
-  ms.date: 09/23/2023
+  ms.date: 10/05/2023
   ms.author: justinha
 title: Frequently asked questions (FAQs) about Microsoft Entra Domain Services
 summary: This page answers frequently asked questions about Microsoft Entra Domain Services.
@@ -159,7 +159,10 @@ sections:
           How are Windows Updates applied in Microsoft Entra Domain Services?
         answer: |
           Domain controllers in a managed domain automatically apply required Windows updates. There's nothing for you to configure or administer here. Make sure you don't create network security group rules that block outbound traffic to Windows Updates. For your own VMs joined to the managed domain, you are responsible for configuring and applying any required OS and application updates.
-          
+      - question: |
+         How is patching performed on domain controllers that are part of a managed domain?
+        answer: |
+         Patches are installed as soon as they become available (every second Tuesday). They are installed in phases during the week they become available, starting on Tuesdays.          
       - question: |
           Why do my domain controllers change names?
         answer: |

articles/active-directory-domain-services/troubleshoot.md

@@ -11,7 +11,7 @@ ms.subservice: domain-services
 ms.workload: identity
 ms.custom: has-azure-ad-ps-ref
 ms.topic: troubleshooting
-ms.date: 09/15/2023
+ms.date: 10/05/2023
 ms.author: justinha
 ---
 # Common errors and troubleshooting steps for Microsoft Entra Domain Services
@@ -138,7 +138,7 @@ If one or more users in your Microsoft Entra tenant can't sign in to the managed
       * You've deployed, or updated to, the [latest recommended release of Microsoft Entra Connect](https://www.microsoft.com/download/details.aspx?id=47594).
       * You've configured Microsoft Entra Connect to [perform a full synchronization][hybrid-phs].
       * Depending on the size of your directory, it may take a while for user accounts and credential hashes to be available in the managed domain. Make sure you wait long enough before trying to authenticate against the managed domain.
-      * If the issue persists after verifying the previous steps, try restarting the *Microsoft Entra ID Sync Service*. From your Microsoft Entra Connect server, open a command prompt, then run the following commands:
+      * If the issue persists after verifying the previous steps, try restarting the *Azure AD Sync Service*. From your Microsoft Entra Connect server, open a command prompt, then run the following commands:
 
         ```console
         net stop 'Microsoft Azure AD Sync'

articles/active-directory/authentication/concept-certificate-based-authentication-certificateuserids.md

@@ -72,10 +72,22 @@ Tenant admins can use the following steps to update certificate user IDs for a u
 
 Authorized callers can run Microsoft Graph queries to find all the users with a given certificateUserId value. On the Microsoft Graph [user](/graph/api/resources/user) object, the collection of certificateUserIds is stored in the **authorizationInfo** property.
 
-To retrieve all user objects that have the value '[email protected]' in certificateUserIds:
+To retrieve certificateUserIds of all user objects:
 
 ```msgraph-interactive
-GET https://graph.microsoft.com/v1.0/users?$filter=authorizationInfo/certificateUserIds/any(x:x eq '[email protected]')&$count=true
+GET https://graph.microsoft.com/v1.0/users?$select=authorizationinfo
+ConsistencyLevel: eventual
+```
+To retrieve certificateUserIds for a given user by user's ObjectId:
+
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/users/{user-object-id}?$select=authorizationinfo
+ConsistencyLevel: eventual
+```
+To retrieve the user object with a specific value in certificateUserIds:
+
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/users?$select=authorizationinfo&$filter=authorizationInfo/certificateUserIds/any(x:x eq 'x509:<PN>[email protected]')&$count=true
 ConsistencyLevel: eventual
 ```
 
@@ -88,7 +100,7 @@ Run a PATCH request to update the certificateUserIds for a given user.
 #### Request body:
 
 ```http
-PATCH https://graph.microsoft.com/v1.0/users/{id}
+PATCH https://graph.microsoft.com/v1.0/users/{user-object-id}
 Content-Type: application/json
 {
     "authorizationInfo": {

articles/active-directory/authentication/fido2-compatibility.md

@@ -98,7 +98,7 @@ The following tables show which transports are supported for each platform. Supp
 | Chrome  | ❌  | ❌ | ❌ |
 | Firefox | ❌  | ❌ | ❌ |
 
-<sup>1</sup>Security key biometrics or PIN for user verficiation isn't currently supported on Android by Google. Microsoft Entra ID requires user verification for all FIDO2 authentications.
+<sup>1</sup>Security key biometrics or PIN for user verficiation are currently supported on Android by Google. Microsoft Entra ID requires user verification for all FIDO2 authentications.
 
 ## Minimum browser version
 

articles/active-directory/authentication/howto-authentication-passwordless-phone.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: authentication
 ms.custom: has-azure-ad-ps-ref
 ms.topic: how-to
-ms.date: 09/13/2023
+ms.date: 10/05/2023
 
 
 ms.author: justinha
@@ -61,7 +61,7 @@ To use passwordless authentication in Microsoft Entra ID, first enable the combi
 Microsoft Entra ID lets you choose which authentication methods can be used during the sign-in process. Users then register for the methods they'd like to use. The **Microsoft Authenticator** authentication method policy manages both the traditional push MFA method and the passwordless authentication method. 
 
 > [!NOTE]
-> If you enabled Microsoft Authenticator passwordless sign-in using Azure AD PowerShell, it was enabled for your entire directory. If you enable using this new method, it supersedes the PowerShell policy. We recommend you enable for all users in your tenant via the new **Authentication Methods** menu, otherwise users who aren't in the new policy can't sign in without a password.
+> If you enabled Microsoft Authenticator passwordless sign-in using PowerShell, it was enabled for your entire directory. If you enable using this new method, it supersedes the PowerShell policy. We recommend you enable for all users in your tenant via the new **Authentication Methods** menu, otherwise users who aren't in the new policy can't sign in without a password.
 
 To enable the authentication method for passwordless phone sign-in, complete the following steps:
 

articles/active-directory/authentication/howto-sspr-windows.md

@@ -193,6 +193,7 @@ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provide
 
 - To enable verbose logging, create a `REG_DWORD: "EnableLogging"`, and set it to 1.
 - To disable verbose logging, change the `REG_DWORD: "EnableLogging"` to 0.
+- Review the debug logging in the Application event log under source AADPasswordResetCredentialProvider.
 
 ## What do users see
 

articles/active-directory/authentication/troubleshoot-sspr-writeback.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: troubleshooting
-ms.date: 01/29/2023
+ms.date: 10/05/2023
 
 ms.author: justinha
 author: justinha
@@ -73,7 +73,7 @@ To resolve connectivity issues or other transient problems with the service, com
 
 1. As an administrator on the server that runs Microsoft Entra Connect, select **Start**.
 1. Enter *services.msc* in the search field and select **Enter**.
-1. Look for the *Microsoft Entra ID Sync* entry.
+1. Look for the *Azure AD Sync* entry.
 1. Right-click the service entry, select **Restart**, and wait for the operation to finish.
 
     :::image type="content" source="./media/troubleshoot-sspr-writeback/service-restart.png" alt-text="Restart the Azure AD Sync service using the GUI" border="false":::

articles/active-directory/develop/apple-sso-plugin.md

@@ -61,7 +61,7 @@ Use the following information to enable the SSO plug-in by using MDM.
 
 If you use Microsoft Intune as your MDM service, you can use built-in configuration profile settings to enable the Microsoft Enterprise SSO plug-in:
 
-1. Configure the [SSO app extension](/mem/intune/configuration/device-features-configure#single-sign-on-app-extension) settings of a configuration profile. 
+1. Configure the [SSO app plug-in](/mem/intune/configuration/use-enterprise-sso-plug-in-ios-ipados-with-intune) settings of a configuration profile. 
 1. If the profile isn't already assigned, [assign the profile to a user or device group](/mem/intune/configuration/device-profile-assign).
 
 The profile settings that enable the SSO plug-in are automatically applied to the group's devices the next time each device checks in with Intune.

articles/ai-services/speech-service/includes/quickstarts/stt-diarization/cpp.md

@@ -66,12 +66,12 @@ Follow these steps to create a new console application and install the Speech SD
         std::promise<void> recognitionEnd;
 
         // Subscribes to events.
-        conversationTranscriber->Transcribing.Connect([](const SpeechRecognitionEventArgs& e)
+        conversationTranscriber->Transcribing.Connect([](const ConversationTranscriptionEventArgs& e)
             {
                 std::cout << "TRANSCRIBING:" << e.Result->Text << std::endl;
             });
 
-        conversationTranscriber->Transcribed.Connect([](const SpeechRecognitionEventArgs& e)
+        conversationTranscriber->Transcribed.Connect([](const ConversationTranscriptionEventArgs& e)
             {
                 if (e.Result->Reason == ResultReason::RecognizedSpeech)
                 {
@@ -84,7 +84,7 @@ Follow these steps to create a new console application and install the Speech SD
                 }
             });
 
-        conversationTranscriber->Canceled.Connect([&recognitionEnd](const SpeechRecognitionCanceledEventArgs& e)
+        conversationTranscriber->Canceled.Connect([&recognitionEnd](const ConversationTranscriptionCanceledEventArgs& e)
             {
                 auto cancellation = CancellationDetails::FromResult(e.Result);
                 std::cout << "CANCELED: Reason=" << (int)cancellation->Reason << std::endl;