Skip to content

Commit 3abb076

Browse files
Learn Build Service GitHub AppLearn Build Service GitHub App
authored andcommitted
Merging changes synced from https://github.com/MicrosoftDocs/azure-docs-pr (branch live)
2 parents 99f66aa + 813afb3 commit 3abb076

File tree

505 files changed

+4006
-1817
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

505 files changed

+4006
-1817
lines changed

.openpublishing.redirection.azure-monitor.json

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6170,6 +6170,11 @@
61706170
"source_path_from_root": "/articles/azure-monitor/app/javascript-sdk-advanced.md",
61716171
"redirect_url": "/azure/azure-monitor/app/javascript-sdk-configuration",
61726172
"redirect_document_id": false
6173-
}
6173+
},
6174+
{
6175+
"source_path_from_root": "/articles/azure-monitor/agents/data-collection-firewall.md",
6176+
"redirect_url": "/azure/azure-monitor/agents/data-collection-rule-azure-monitor-agent",
6177+
"redirect_document_id": false
6178+
}
61746179
]
61756180
}

.openpublishing.redirection.json

Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14038,6 +14038,56 @@
1403814038
"redirect_url": "/azure/load-balancer/tutorial-load-balancer-standard-public-zone-redundant-portal",
1403914039
"redirect_document_id": false
1404014040
},
14041+
{
14042+
"source_path_from_root": "/articles/load-balancer/scripts/load-balancer-linux-cli-sample-zone-redundant-frontend.md",
14043+
"redirect_url": "/azure/load-balancer/tutorial-multi-availability-sets-portal",
14044+
"redirect_document_id": false
14045+
},
14046+
{
14047+
"source_path_from_root": "/articles/load-balancer/scripts/load-balancer-linux-cli-load-balance-multiple-websites-vm.md",
14048+
"redirect_url": "/azure/load-balancer/load-balancer-multiple-ip",
14049+
"redirect_document_id": false
14050+
},
14051+
{
14052+
"source_path_from_root": "/articles/load-balancer/scripts/load-balancer-linux-cli-sample-nlb.md",
14053+
"redirect_url": "/azure/load-balancer/tutorial-multi-availability-sets-portal",
14054+
"redirect_document_id": false
14055+
},
14056+
{
14057+
"source_path_from_root": "/articles/load-balancer/scripts/load-balancer-linux-cli-sample-zonal-frontend.md",
14058+
"redirect_url": "/azure/load-balancer/tutorial-load-balancer-standard-public-zonal-portal",
14059+
"redirect_document_id": false
14060+
},
14061+
{
14062+
"source_path_from_root": "/articles/load-balancer/scripts/load-balancer-windows-powershell-sample-nlb.md",
14063+
"redirect_url": "/azure/load-balancer/tutorial-multi-availability-sets-portal",
14064+
"redirect_document_id": false
14065+
},
14066+
{
14067+
"source_path_from_root": "/articles/load-balancer/scripts/load-balancer-windows-powershell-load-balance-multiple-websites-vm.md",
14068+
"redirect_url": "/azure/load-balancer/load-balancer-multiple-ip",
14069+
"redirect_document_id": false
14070+
},
14071+
{
14072+
"source_path_from_root": "/articles/load-balancer/cli-samples.md",
14073+
"redirect_url": "/azure/load-balancer/quickstart-load-balancer-standard-public-cli",
14074+
"redirect_document_id": false
14075+
},
14076+
{
14077+
"source_path_from_root": "/articles/load-balancer/powershell-samples.md",
14078+
"redirect_url": "/azure/load-balancer/quickstart-load-balancer-standard-public-powershell",
14079+
"redirect_document_id": false
14080+
},
14081+
{
14082+
"source_path_from_root": "/articles/load-balancer/python-samples.md",
14083+
"redirect_url": "/samples/azure-samples/azure-samples-python-management/network-python-manage-loadbalancer/",
14084+
"redirect_document_id": false
14085+
},
14086+
{
14087+
"source_path_from_root": "/articles/load-balancer-windows-powershell-load-balance-multiple-websites-vm.md",
14088+
"redirect_url": "/azure/load-balancer/load-balancer-multiple-ip-powershell",
14089+
"redirect_document_id": false
14090+
},
1404114091
{
1404214092
"source_path_from_root": "/articles/dms/tutorial-sql-server-azure-sql-online.md",
1404314093
"redirect_url": "/azure/dms/tutorial-sql-server-to-azure-sql",

articles/active-directory-b2c/azure-monitor.md

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,8 @@ ms.workload: identity
1111
ms.topic: how-to
1212
ms.author: kengaderdus
1313
ms.subservice: B2C
14-
ms.date: 01/31/2023
14+
ms.date: 06/12/2023
15+
ms.custom: "b2c-support"
1516
---
1617

1718
# Monitor Azure AD B2C with Azure Monitor
@@ -345,6 +346,19 @@ workspace("AD-B2C-TENANT1").AuditLogs
345346

346347
Azure Monitor Logs are designed to scale and support collecting, indexing, and storing massive amounts of data per day from any source in your enterprise or deployed in Azure. By default, logs are retained for 30 days, but retention duration can be increased to up to two years. Learn how to [manage usage and costs with Azure Monitor Logs](../azure-monitor/logs/cost-logs.md). After you select the pricing tier, you can [Change the data retention period](../azure-monitor/logs/data-retention-archive.md).
347348

349+
## Disable monitoring data collection
350+
351+
To stop collecting logs to your Log Analytics workspace, delete the diagnostic settings you created. You'll continue to incur charges for retaining log data you've already collected into your workspace. If you no longer need the monitoring data you've collected, you can delete your Log Analytics workspace and the resource group you created for Azure Monitor. Deleting the Log Analytics workspace deletes all data in the workspace and prevents you from incurring additional data retention charges.
352+
353+
## Delete Log Analytics workspace and resource group
354+
355+
1. Sign in to the [Azure portal](https://portal.azure.com).
356+
1. Make sure you're using the directory that contains your *Azure AD* tenant:
357+
1. Select the **Directories + subscriptions** icon in the portal toolbar.
358+
1. On the **Portal settings | Directories + subscriptions** page, find your Azure AD directory in the **Directory name** list, and then select **Switch** button next to it.
359+
1. Choose the resource group that contains the Log Analytics workspace. This example uses a resource group named _azure-ad-b2c-monitor_ and a Log Analytics workspace named `AzureAdB2C`.
360+
1. [Delete the Logs Analytics workspace](../azure-monitor/logs/delete-workspace.md#azure-portal).
361+
1. Select the **Delete** button to delete the resource group.
348362
## Next steps
349363

350364
- Find more samples in the Azure AD B2C [SIEM gallery](https://aka.ms/b2csiem).

articles/active-directory-b2c/data-residency.md

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ manager: CelesteDG
99
ms.service: active-directory
1010
ms.workload: identity
1111
ms.topic: reference
12-
ms.date: 06/06/2023
12+
ms.date: 06/24/2023
1313
ms.author: kengaderdus
1414
ms.subservice: B2C
1515
ms.custom: references_regions
@@ -78,7 +78,10 @@ At the moment, the following countries/regions have the local data residence opt
7878

7979
#### What do I need to do?
8080

81-
If you've an existing Azure AD B2C tenant, you need to opt in to start using Go-Local add-on. If you're creating a new Azure AD B2C tenant, you can enable Go-Local add-on when you create it. Learn how to [create your Azure AD B2C](tutorial-create-tenant.md) tenant.
81+
|Tenant status | What to do |
82+
|-------------|---------|
83+
| I've an existing tenant | You need to opt in to start using Go-Local add-on by using the steps in [Activate Go-Local ad-on](tutorial-create-tenant.md#activate-azure-ad-b2c-go-local-add-on). |
84+
| I'm creating a new tenant | You enable Go-Local add-on when you create your new Azure AD B2C tenant. Learn how to [create your Azure AD B2C](tutorial-create-tenant.md) tenant.|
8285

8386
## EU Data Boundary
8487

articles/active-directory-b2c/faq.yml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ metadata:
88
ms.service: active-directory
99
ms.workload: identity
1010
ms.topic: faq
11-
ms.date: 06/08/2023
11+
ms.date: 06/23/2023
1212
ms.author: godonnell
1313
ms.subservice: B2C
1414
ms.custom: "b2c-support"
@@ -187,6 +187,10 @@ sections:
187187
answer: |
188188
No. 50,000 free [MAUs](billing.md#mau-overview) per month doesn't apply when you enable Go-Local add-on.
189189
You'll incur a charge on the Go-Local add-on from the first MAU. However, you'll continue to enjoy free 50,000 MAUs per month on the other features available on your Azure AD B2C [Premium P1 or P2 pricing](https://azure.microsoft.com/pricing/details/active-directory-b2c/).
190+
- question: |
191+
I've an existing Azure AD B2C tenant in Japan or Australia that doesn't have Go-Local add-on enabled. How do I activate this add-on?
192+
answer: |
193+
Follow the steps in [Activate Go-Local ad-on](tutorial-create-tenant.md#activate-azure-ad-b2c-go-local-add-on) to activate Azure AD B2C Go-Local add-on.
190194
- question: |
191195
Can I localize the UI of pages served by Azure AD B2C? What languages are supported?
192196
answer: |
91.8 KB
Loading

articles/active-directory-b2c/tutorial-create-tenant.md

Lines changed: 25 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ manager: CelesteDG
88
ms.service: active-directory
99
ms.workload: identity
1010
ms.topic: tutorial
11-
ms.date: 06/06/2023
11+
ms.date: 06/23/2023
1212
ms.author: kengaderdus
1313
ms.subservice: B2C
1414
ms.custom: "b2c-support"
@@ -32,7 +32,7 @@ Before you create your Azure AD B2C tenant, you need to take the following consi
3232

3333
- By default, each tenant can accommodate a total of **1.25 million** objects (user accounts and applications), but you can increase this limit to **5.25 million** objects when you add and verify a custom domain. If you want to increase this limit, please contact [Microsoft Support](find-help-open-support-ticket.md). However, if you created your tenant before **September 2022**, this limit doesn't affect you, and your tenant will retain the size allocated to it at creation, that's, **50 million** objects. Learn how to [read your tenant usage](microsoft-graph-operations.md#tenant-usage).
3434

35-
- If you want to reuse a tenant name that you previously tried to delete, but you see the error "Already in use by another directory" when you enter the domain name, you'll need to [follow these steps to fully delete the tenant first](./faq.yml?tabs=app-reg-ga#how-do-i-delete-my-azure-ad-b2c-tenant-). A role of at least *Subscription Administrator* is required. After deleting the tenant, you might also need to sign out and sign back in before you can reuse the domain name.
35+
- If you want to reuse a tenant name that you previously tried to delete, but you see the error "Already in use by another directory" when you enter the domain name, you'll need to [follow these steps to fully delete the tenant](./faq.yml?tabs=app-reg-ga#how-do-i-delete-my-azure-ad-b2c-tenant-) before you try again. You require a role of at least *Subscription Administrator*. After deleting the tenant, you might also need to sign out and sign back in before you can reuse the domain name.
3636

3737
## Prerequisites
3838

@@ -77,7 +77,7 @@ Before you create your Azure AD B2C tenant, you need to take the following consi
7777

7878
- For **Organization name**, enter a name for your Azure AD B2C tenant.
7979
- For **Initial domain name**, enter a domain name for your Azure AD B2C tenant.
80-
- For **Location**, select your country/region from the list. If the country/region you select has a [Go-Local add-on](data-residency.md#go-local-add-on) option, such as Japan or Australia, and you want to store your data exclusively within that country/region, select the **Store Azure AD Core Store data, components and service data in the location selected above** checkbox. Go-Local add-on is a paid add-on whose charge is added to your Azure AD B2C Premium P1 or P2 licenses charges, see [Billing model](billing.md#about-go-local-add-on). You can't change the data residency region after you create your Azure AD B2C tenant.
80+
- For **Location**, select your country/region from the list. If the country/region you select has a [Go-Local add-on](data-residency.md#go-local-add-on) option, such as Japan or Australia, and you want to store your data exclusively within that country/region, select the **Store Azure AD Core Store data and Azure AD components and service data in the location selected above** checkbox. Go-Local add-on is a paid add-on whose charge is added to your Azure AD B2C Premium P1 or P2 licenses charges, see [Billing model](billing.md#about-go-local-add-on). You can't change the data residency region after you create your Azure AD B2C tenant.
8181
- For **Subscription**, select your subscription from the list.
8282
- For **Resource group**, select or search for the resource group that will contain the tenant.
8383

@@ -91,6 +91,28 @@ You can link multiple Azure AD B2C tenants to a single Azure subscription for bi
9191
> [!NOTE]
9292
> When an Azure AD B2C directory is created, an application called `b2c-extensions-app` is automatically created inside the new directory. Do not modify or delete it. The application is used by Azure AD B2C for storing user data. Learn more about [Azure AD B2C: Extensions app](extensions-app.md).
9393
94+
## Activate Azure AD B2C Go-Local add-on
95+
96+
Azure AD B2C allows you to activate Go-Local add-on on an existing tenant as long as your tenant stores data in a country/region that has local data residence option. To opt-in to Go-Local add-on, use the following steps:
97+
98+
1. Sign in to the [Azure portal](https://portal.azure.com/).
99+
100+
1. Make sure you're using the directory that contains your Azure AD B2C tenant:
101+
102+
1. In the Azure portal toolbar, select the **Directories + subscriptions** (:::image type="icon" source="./../active-directory/develop/media/common/portal-directory-subscription-filter.png" border="false":::) icon.
103+
104+
1. On the **Portal settings | Directories + subscriptions** page, find your Azure AD B2C directory in the **Directory name** list, and then select the **Switch** button next to it.
105+
106+
1. In the Azure portal, search for and select **Azure AD B2C**.
107+
108+
1. On the tenant management page that appears, on the top of the page, select **Enable data residency** link.
109+
110+
:::image type="content" source="media/tutorial-create-tenant/opt-in-go-local-add-on.png" alt-text="Screenshot of opt in to Azure AD B2C Go-Local add-on in Azure portal.":::
111+
112+
1. On the **Data residency** pane that appears, select the **Store my directory and Azure AD data in \<Country\>** checkbox, then select **Save** button.
113+
114+
1. Close the **Data residency** pane.
115+
94116
## Select your B2C tenant directory
95117

96118
To start using your new Azure AD B2C tenant, you need to switch to the directory that contains the tenant:

articles/active-directory-domain-services/policy-reference.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
---
22
title: Built-in policy definitions for Azure Active Directory Domain Services
33
description: Lists Azure Policy built-in policy definitions for Azure Active Directory Domain Services. These built-in policy definitions provide common approaches to managing your Azure resources.
4-
ms.date: 06/01/2023
4+
ms.date: 06/21/2023
55
ms.service: active-directory
66
ms.subservice: domain-services
77
author: justinha

articles/active-directory/authentication/concept-authentication-default-enablement.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,7 @@ The following table lists each setting that can be set to Microsoft managed and
5757
| [Location in Microsoft Authenticator notifications](how-to-mfa-additional-context.md) | Disabled |
5858
| [Application name in Microsoft Authenticator notifications](how-to-mfa-additional-context.md) | Disabled |
5959
| [System-preferred MFA](concept-system-preferred-multifactor-authentication.md) | Disabled |
60-
| [Authenticator Lite](how-to-mfa-authenticator-lite.md) | Disabled |
60+
| [Authenticator Lite](how-to-mfa-authenticator-lite.md) | Enabled |
6161

6262
As threat vectors change, Azure AD may announce default protection for a **Microsoft managed** setting in [release notes](../fundamentals/whats-new.md) and on commonly read forums like [Tech Community](https://techcommunity.microsoft.com/). For example, see our blog post [It's Time to Hang Up on Phone Transports for Authentication](https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/it-s-time-to-hang-up-on-phone-transports-for-authentication/ba-p/1751752) for more information about the need to move away from using SMS and voice calls, which led to default enablement for the registration campaign to help users to set up Authenticator for modern authentication.
6363

articles/active-directory/authentication/howto-mfa-mfasettings.md

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ services: multi-factor-authentication
66
ms.service: active-directory
77
ms.subservice: authentication
88
ms.topic: how-to
9-
ms.date: 05/30/2023
9+
ms.date: 06/26/2023
1010

1111
ms.author: justinha
1212
author: justinha
@@ -257,6 +257,9 @@ If your organization uses the NPS extension to provide MFA to on-premises applic
257257

258258
Trusted IP bypass works only from inside the company intranet. If you select the **All Federated Users** option and a user signs in from outside the company intranet, the user has to authenticate by using multi-factor authentication. The process is the same even if the user presents an AD FS claim.
259259

260+
>[!NOTE]
261+
>If both per-user MFA and Conditional Access policies are configured in the tenant, you will need to add trusted IPs to the Conditional Access policy and update the MFA service settings.
262+
260263
#### User experience inside the corporate network
261264

262265
When the trusted IPs feature is disabled, multi-factor authentication is required for browser flows. App passwords are required for older rich-client applications.

0 commit comments

Comments
 (0)