Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into ertutorial

Author: duongau

.openpublishing.redirection.active-directory.json

@@ -5290,6 +5290,11 @@
       "redirect_url": "/azure/active-directory/reports-monitoring/howto-customize-filter-logs",
       "redirect_document_id": true
     },
+    {
+      "source_path_from_root": "/articles/active-directory/reports-monitoring/tutorial-azure-monitor-stream-logs-to-event-hub.md",
+      "redirect_url": "/azure/active-directory/reports-monitoring/howto-stream-logs-to-event-hub",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/active-directory/reports-monitoring/reference-basic-info-sign-in-logs.md",
       "redirect_url": "/azure/active-directory/reports-monitoring/concept-sign-in-log-activity-details",

articles/active-directory-domain-services/faqs.yml

@@ -11,7 +11,7 @@ metadata:
   ms.subservice: domain-services
   ms.workload: identity
   ms.topic: faq
-  ms.date: 09/05/2023
+  ms.date: 09/15/2023
   ms.author: justinha
 title: Frequently asked questions (FAQs) about Azure Active Directory (AD) Domain Services
 summary: This page answers frequently asked questions about Azure Active Directory Domain Services.
@@ -62,7 +62,7 @@ sections:
       - question: |
           Can I enable Azure AD Domain Services using a Resource Manager Template?
         answer: |
-          Yes, you can create an Azure AD Domain Services managed domain using a Resource Manager template. A service principal and Azure AD group for administration must be created using the Azure portal or Azure PowerShell before the template is deployed. For more information, see [Create an Azure AD DS managed domain using an Azure Resource Manager template](template-create-instance.md). When you create an Azure AD Domain Services managed domain in the Azure portal, there's also an option to export the template for use with additional deployments.
+          Yes, you can create an Azure AD Domain Services managed domain using a Resource Manager template. A service principal and Azure AD group for administration must be created using the Microsoft Entra admin center or Azure PowerShell before the template is deployed. For more information, see [Create an Azure AD DS managed domain using an Azure Resource Manager template](template-create-instance.md). When you create an Azure AD Domain Services managed domain in the Microsoft Entra admin center, there's also an option to export the template for use with additional deployments.
           
       - question: |
           Can I add domain controllers to an Azure AD Domain Services managed domain?
@@ -82,7 +82,7 @@ sections:
       - question: |
           Can I move a managed domain?
         answer: |
-          After you create an Azure AD Domain Services managed domain, you can't move it to a different subscription, resource group, or region. As a workaround, you can [delete the managed domain](delete-aadds.md) by using PowerShell or the Azure portal and re-create it with your desired setup. No restore operations can be provided while the managed domain is re-created.
+          After you create an Azure AD Domain Services managed domain, you can't move it to a different subscription, resource group, or region. As a workaround, you can [delete the managed domain](delete-aadds.md) by using PowerShell or the Microsoft Entra admin center and re-create it with your desired setup. No restore operations can be provided while the managed domain is re-created.
 
       - question: |
           Can I rename an existing Azure AD Domain Services domain name?

articles/active-directory-domain-services/join-centos-linux-vm.md

@@ -39,7 +39,7 @@ If you have an existing CentOS Linux VM in Azure, connect to it using SSH, then
 
 If you need to create a CentOS Linux VM, or want to create a test VM for use with this article, you can use one of the following methods:
 
-* [Azure portal](../virtual-machines/linux/quick-create-portal.md)
+* [Microsoft Entra admin center](../virtual-machines/linux/quick-create-portal.md)
 * [Azure CLI](../virtual-machines/linux/quick-create-cli.md)
 * [Azure PowerShell](../virtual-machines/linux/quick-create-powershell.md)
 

articles/active-directory-domain-services/join-coreos-linux-vm.md

@@ -39,7 +39,7 @@ If you have an existing CoreOS Linux VM in Azure, connect to it using SSH, then
 
 If you need to create a CoreOS Linux VM, or want to create a test VM for use with this article, you can use one of the following methods:
 
-* [Azure portal](../virtual-machines/linux/quick-create-portal.md)
+* [Microsoft Entra admin center](../virtual-machines/linux/quick-create-portal.md)
 * [Azure CLI](../virtual-machines/linux/quick-create-cli.md)
 * [Azure PowerShell](../virtual-machines/linux/quick-create-powershell.md)
 

articles/active-directory-domain-services/join-rhel-linux-vm.md

@@ -39,7 +39,7 @@ If you have an existing RHEL Linux VM in Azure, connect to it using SSH, then co
 
 If you need to create a RHEL Linux VM, or want to create a test VM for use with this article, you can use one of the following methods:
 
-* [Azure portal](../virtual-machines/linux/quick-create-portal.md)
+* [Microsoft Entra admin center](../virtual-machines/linux/quick-create-portal.md)
 * [Azure CLI](../virtual-machines/linux/quick-create-cli.md)
 * [Azure PowerShell](../virtual-machines/linux/quick-create-powershell.md)
 

articles/active-directory-domain-services/join-suse-linux-vm.md

@@ -38,7 +38,7 @@ If you have an existing SLE Linux VM in Azure, connect to it using SSH, then con
 
 If you need to create a SLE Linux VM, or want to create a test VM for use with this article, you can use one of the following methods:
 
-* [Azure portal](../virtual-machines/linux/quick-create-portal.md)
+* [Microsoft Entra admin center](../virtual-machines/linux/quick-create-portal.md)
 * [Azure CLI](../virtual-machines/linux/quick-create-cli.md)
 * [Azure PowerShell](../virtual-machines/linux/quick-create-powershell.md)
 
@@ -86,7 +86,7 @@ To join the managed domain using **SSSD** and the *User Logon Management* module
 
     In YaST, select **System > Network Settings**.
 
-1. Select the *Hostname/DNS* tab, then enter the IP address(es) of the managed domain into the text box *Name Server 1*. These IP addresses are shown on the *Properties* window in the Azure portal for your managed domain, such as *10.0.2.4* and *10.0.2.5*.
+1. Select the *Hostname/DNS* tab, then enter the IP address(es) of the managed domain into the text box *Name Server 1*. These IP addresses are shown on the *Properties* window in the Microsoft Entra admin center for your managed domain, such as *10.0.2.4* and *10.0.2.5*.
 
     Add your own managed domain IP addresses, then select **OK**.
 
@@ -162,7 +162,7 @@ To join the managed domain using **winbind** and the *Windows Domain Membership*
 
 1. If you want to change the UID and GID ranges for the Samba users and groups, select *Expert Settings*.
 
-1. Configure Network Time Protocol (NTP) time synchronization for your managed domain by selecting *NTP Configuration*. Enter the IP addresses of the managed domain. These IP addresses are shown on the *Properties* window in the Azure portal for your managed domain, such as *10.0.2.4* and *10.0.2.5*.
+1. Configure Network Time Protocol (NTP) time synchronization for your managed domain by selecting *NTP Configuration*. Enter the IP addresses of the managed domain. These IP addresses are shown on the *Properties* window in the Microsoft Entra admin center for your managed domain, such as *10.0.2.4* and *10.0.2.5*.
 
 1. Select **OK** and confirm the domain join when prompted for it.
 

articles/active-directory-domain-services/join-ubuntu-linux-vm.md

@@ -39,7 +39,7 @@ If you have an existing Ubuntu Linux VM in Azure, connect to it using SSH, then
 
 If you need to create an Ubuntu Linux VM, or want to create a test VM for use with this article, you can use one of the following methods:
 
-* [Azure portal](../virtual-machines/linux/quick-create-portal.md)
+* [Microsoft Entra admin center](../virtual-machines/linux/quick-create-portal.md)
 * [Azure CLI](../virtual-machines/linux/quick-create-cli.md)
 * [Azure PowerShell](../virtual-machines/linux/quick-create-powershell.md)
 

articles/active-directory-domain-services/join-windows-vm.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: domain-services
 ms.workload: identity
 ms.topic: tutorial
-ms.date: 06/22/2023
+ms.date: 09/15/2023
 ms.author: justinha
 
 #Customer intent: As an server administrator, I want to learn how to join a Windows Server VM to an Azure Active Directory Domain Services managed domain to provide centralized identity and policy.
@@ -43,21 +43,21 @@ To complete this tutorial, you need the following resources:
 
 If you already have a VM that you want to domain-join, skip to the section to [join the VM to the managed domain](#join-the-vm-to-the-managed-domain).
 
-## Sign in to the Azure portal
+## Sign in to the Microsoft Entra admin center
 
-In this tutorial, you create a Windows Server VM to join to your managed domain using the Azure portal. To get started, first sign in to the [Azure portal](https://portal.azure.com).
+In this tutorial, you create a Windows Server VM to join to your managed domain using the Microsoft Entra admin center. To get started, first sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
 
 ## Create a Windows Server virtual machine
 
 To see how to join a computer to a managed domain, let's create a Windows Server VM. This VM is connected to an Azure virtual network that provides connectivity to the managed domain. The process to join a managed domain is the same as joining a regular on-premises Active Directory Domain Services domain.
 
 If you already have a VM that you want to domain-join, skip to the section to [join the VM to the managed domain](#join-the-vm-to-the-managed-domain).
 
-1. From the Azure portal menu or from the **Home** page, select **Create a resource**.
+1. From the Microsoft Entra admin center menu or from the **Home** page, select **Create a resource**.
 
 1. From **Get started**, choose **Windows Server 2016 Datacenter**.
 
-    ![Choose to create a Windows Server 2016 Datacenter VM in the Azure portal](./media/join-windows-vm/select-vm-image.png)
+    ![Choose to create a Windows Server 2016 Datacenter VM](./media/join-windows-vm/select-vm-image.png)
 
 1. In the **Basics** window, configure the core settings for the virtual machine. Leave the defaults for *Availability options*, *Image*, and *Size*.
 
@@ -71,7 +71,7 @@ If you already have a VM that you want to domain-join, skip to the section to [j
 
 1. By default, VMs created in Azure are accessible from the Internet using RDP. When RDP is enabled, automated sign-in attacks are likely to occur, which may disable accounts with common names such as *admin* or *administrator* due to multiple failed successive sign-in attempts.
 
-    RDP should only be enabled when required, and limited to a set of authorized IP ranges. This configuration helps improve the security of the VM and reduces the area for potential attack. Or, create and use an Azure Bastion host that allows access only through the Azure portal over TLS. In the next step of this tutorial, you use an Azure Bastion host to securely connect to the VM.
+    RDP should only be enabled when required, and limited to a set of authorized IP ranges. This configuration helps improve the security of the VM and reduces the area for potential attack. Or, create and use an Azure Bastion host that allows access only through the Microsoft Entra admin center over TLS. In the next step of this tutorial, you use an Azure Bastion host to securely connect to the VM.
 
     Under **Public inbound ports**, select *None*.
 
@@ -89,21 +89,21 @@ If you already have a VM that you want to domain-join, skip to the section to [j
     In the **Networking** pane, select the virtual network in which your managed domain is deployed, such as *aaads-vnet*
 1. In this example, the existing *aaads-subnet* is shown that the managed domain is connected to. Don't connect your VM to this subnet. To create a subnet for the VM, select **Manage subnet configuration**.
 
-    ![Choose to manage the subnet configuration in the Azure portal](./media/join-windows-vm/manage-subnet.png)
+    ![Choose to manage the subnet configuration](./media/join-windows-vm/manage-subnet.png)
 
 1. In the left-hand menu of the virtual network window, select **Address space**. The virtual network is created with a single address space of *10.0.2.0/24*, which is used by the default subnet. Other subnets, such as for *workloads* or Azure Bastion may also already exist.
 
     Add an additional IP address range to the virtual network. The size of this address range and the actual IP address range to use depends on other network resources already deployed. The IP address range shouldn't overlap with any existing address ranges in your Azure or on-premises environment. Make sure that you size the IP address range large enough for the number of VMs you expect to deploy into the subnet.
 
     In the following example, an additional IP address range of *10.0.5.0/24* is added. When ready, select **Save**.
 
-    ![Add an additional virtual network IP address range in the Azure portal](./media/join-windows-vm/add-vnet-address-range.png)
+    ![Add an additional virtual network IP address range](./media/join-windows-vm/add-vnet-address-range.png)
 
 1. Next, in the left-hand menu of the virtual network window, select **Subnets**, then choose **+ Subnet** to add a subnet.
 
 1. Select **+ Subnet**, then enter a name for the subnet, such as *management*. Provide an **Address range (CIDR block)**, such as *10.0.5.0/24*. Make sure that this IP address range doesn't overlap with any other existing Azure or on-premises address ranges. Leave the other options as their default values, then select **OK**.
 
-    ![Create a subnet configuration in the Azure portal](./media/join-windows-vm/create-subnet.png)
+    ![Create a subnet configuration](./media/join-windows-vm/create-subnet.png)
 
 1. It takes a few seconds to create the subnet. Once it's created, select the *X* to close the subnet window.
 1. Back in the **Networking** pane to create a VM, choose the subnet you created from the drop-down menu, such as *management*. Again, make sure you choose the correct subnet and don't deploy your VM in the same subnet as your managed domain.
@@ -112,23 +112,23 @@ If you already have a VM that you want to domain-join, skip to the section to [j
 1. Set **Boot diagnostics** to *Off*. Leave the other options as their default values, then select **Review + create**.
 1. Review the VM settings, then select **Create**.
 
-It takes a few minutes to create the VM. The Azure portal shows the status of the deployment. Once the VM is ready, select **Go to resource**.
+It takes a few minutes to create the VM. The Microsoft Entra admin center shows the status of the deployment. Once the VM is ready, select **Go to resource**.
 
-![Go to the VM resource in the Azure portal once it's successfully created](./media/join-windows-vm/vm-created.png)
+![Go to the VM resource once it's successfully created](./media/join-windows-vm/vm-created.png)
 
 ## Connect to the Windows Server VM
 
-To securely connect to your VMs, use an Azure Bastion host. With Azure Bastion, a managed host is deployed into your virtual network and provides web-based RDP or SSH connections to VMs. No public IP addresses are required for the VMs, and you don't need to open network security group rules for external remote traffic. You connect to VMs using the Azure portal from your web browser. If needed, [create an Azure Bastion host][azure-bastion].
+To securely connect to your VMs, use an Azure Bastion host. With Azure Bastion, a managed host is deployed into your virtual network and provides web-based RDP or SSH connections to VMs. No public IP addresses are required for the VMs, and you don't need to open network security group rules for external remote traffic. You connect to VMs using the Microsoft Entra admin center from your web browser. If needed, [create an Azure Bastion host][azure-bastion].
 
 To use a Bastion host to connect to your VM, complete the following steps:
 
 1. In the **Overview** pane for your VM, select **Connect**, then **Bastion**.
 
-    ![Connect to Windows virtual machine using Bastion in the Azure portal](./media/join-windows-vm/connect-to-vm.png)
+    ![Connect to Windows virtual machine using Bastion](./media/join-windows-vm/connect-to-vm.png)
 
 1. Enter the credentials for your VM that you specified in the previous section, then select **Connect**.
 
-   ![Connect through the Bastion host in the Azure portal](./media/join-windows-vm/connect-to-bastion.png)
+   ![Connect through the Bastion host](./media/join-windows-vm/connect-to-bastion.png)
 
 If needed, allow your web browser to open pop-ups for the Bastion connection to be displayed. It takes a few seconds to make the connection to your VM.
 

articles/active-directory/app-proxy/app-proxy-protect-ndes.md

@@ -50,14 +50,14 @@ Azure AD Application Proxy is built on Azure. It gives you a massive amount of n
    * If Internet Explorer Enhanced Security Configuration is turned on for the server where you install the connector, the registration screen might be blocked. To allow access, follow the instructions in the error message, or turn off Internet Explorer Enhanced Security during the install process.
    * If connector registration fails, see [Troubleshoot Application Proxy](application-proxy-troubleshoot.md).
 1. At the end of the setup, a note is shown for environments with an outbound proxy. To configure the Azure AD Application Proxy connector to work through the outbound proxy, run the provided script, such as `C:\Program Files\Microsoft AAD App Proxy connector\ConfigureOutBoundProxy.ps1`.
-1. On the Application proxy page in the Azure portal, the new connector is listed with a status of *Active*, as shown in the following example:
+1. On the Application proxy page in the Microsoft Entra admin center, the new connector is listed with a status of *Active*, as shown in the following example:
 
-    ![The new Azure AD Application Proxy connector shown as active in the Azure portal](./media/app-proxy-protect-ndes/connected-app-proxy.png)
+    ![The new Azure AD Application Proxy connector shown as active in the Microsoft Entra admin center](./media/app-proxy-protect-ndes/connected-app-proxy.png)
 
     > [!NOTE]
     > To provide high availability for applications authenticating through the Azure AD Application Proxy, you can install connectors on multiple VMs. Repeat the same steps listed in the previous section to install the connector on other servers joined to the Azure AD DS managed domain.
 
-1. After successful installation, go back to the Azure portal.
+1. After successful installation, go back to the Microsoft Entra admin center.
 
 1. Select **Enterprise applications**.