Merge pull request #219354 from MicrosoftDocs/main

11/22 PM Publish

Author: huypub

.openpublishing.redirection.azure-monitor.json

@@ -5522,6 +5522,11 @@
             "redirect_url": "/azure/azure-monitor/agents/diagnostics-extension-to-application-insights",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/azure-monitor/app/platforms.md",
+            "redirect_url": "/azure/azure-monitor/app/app-insights-overview",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/azure-monitor/app/export-data-model.md",
             "redirect_url": "/azure/azure-monitor/app/export-telemetry",

.openpublishing.redirection.json

@@ -5963,6 +5963,11 @@
             "redirect_url": "/azure/automation/create-azure-automation-account-portal",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/update-center/enable-machines.md",
+            "redirect_url": "/azure/update-center/updates-maintenance-schedules",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/best-practices-availability-paired-regions.md",
             "redirect_url": "/azure/reliability/cross-region-replication-azure",

.openpublishing.redirection.virtual-desktop.json

@@ -75,6 +75,31 @@
             "redirect_url": "/azure/virtual-desktop/users/connect-thin-clients",
             "redirect_document_id": true
         },
+        {
+            "source_path_from_root": "/articles/virtual-desktop/azure-monitor.md",
+            "redirect_url": "/azure/virtual-desktop/insights",
+            "redirect_document_id": true
+        },
+        {
+            "source_path_from_root": "/articles/virtual-desktop/azure-monitor-costs.md",
+            "redirect_url": "/azure/virtual-desktop/insights-costs",
+            "redirect_document_id": true
+        },
+        {
+            "source_path_from_root": "/articles/virtual-desktop/azure-monitor-glossary.md",
+            "redirect_url": "/azure/virtual-desktop/insights-glossary",
+            "redirect_document_id": true
+        },
+        {
+            "source_path_from_root": "/articles/virtual-desktop/troubleshoot-azure-monitor.md",
+            "redirect_url": "/azure/virtual-desktop/troubleshoot-insights",
+            "redirect_document_id": true
+        },
+        {
+            "source_path_from_root": "/articles/virtual-desktop/whats-new-azure-monitor.md",
+            "redirect_url": "/azure/virtual-desktop/whats-new-insights",
+            "redirect_document_id": true
+        },
         {
             "source_path_from_root": "/articles/virtual-desktop/troubleshoot-client.md",
             "redirect_url": "/azure/virtual-desktop/troubleshoot-client-windows",

articles/active-directory/app-provisioning/on-premises-ecma-troubleshoot.md

@@ -24,14 +24,26 @@ After you configure the provisioning agent and ECMA host, it's time to test conn
 
         ![Screenshot that shows that the ECMA service is running.](./media/on-premises-ecma-troubleshoot/tshoot-1.png)
 
- 2. Go to the folder where the ECMA host was installed by selecting **Troubleshooting** > **Scripts** > **TestECMA2HostConnection**. Run the script. This script sends a SCIM GET or POST request to validate that the ECMA Connector Host is operating and responding to requests. It should be run on the same computer as the ECMA Connector Host service itself.
+ 2. Check that the ECMA Connector Host service is responding to requests.
+     1. On the server with the agent installed, launch PowerShell.
+     1. Change to the folder where the ECMA host was installed, such as `C:\Program Files\Microsoft ECMA2Host`.
+     1. Change to the subdirectory `Troubleshooting`.
+     1. Run the script `TestECMA2HostConnection.ps1` in that directory.  Provide as arguments the connector name and the secret token when prompted.
+        ```
+        PS C:\Program Files\Microsoft ECMA2Host\Troubleshooting> .\TestECMA2HostConnection.ps1
+        Supply values for the following parameters:
+        ConnectorName: CORPDB1
+        SecretToken: ************
+        ```
+     1. This script sends a SCIM GET or POST request to validate that the ECMA Connector Host is operating and responding to requests. If the output does not show that an HTTP connection was successful, then check that the service is running and that the correct secret token was provided.
+
  3. Ensure that the agent is active by going to your application in the Azure portal, selecting **admin connectivity**, selecting the agent dropdown list, and ensuring your agent is active.
  4. Check if the secret token provided is the same as the secret token on-premises. Go to on-premises, provide the secret token again, and then copy it into the Azure portal.
  5. Ensure that you've assigned one or more agents to the application in the Azure portal.
  6. After you assign an agent, you need to wait 10 to 20 minutes for the registration to complete. The connectivity test won't work until the registration completes.
- 7. Ensure that you're using a valid certificate. Go to the **Settings** tab of the ECMA host to generate a new certificate.
+ 7. Ensure that you're using a valid certificate that has not expired. Go to the **Settings** tab of the ECMA host to view the certificate expiration date. If the certificate has expired, click `Generate certificate` to generate a new certificate.
  8. Restart the provisioning agent by going to the taskbar on your VM by searching for the Microsoft Azure AD Connect provisioning agent. Right-click **Stop**, and then select **Start**.
- 1. If you continue to see `The ECMA host is currently importing data from the target application` even after restarting the ECMA Connector Host and the provisioning agent, and waiting for the initial import to complete, then you may need to cancel and re-start configuring provisioning to the application in the Azure portal.
+ 1. If you continue to see `The ECMA host is currently importing data from the target application` even after restarting the ECMA Connector Host and the provisioning agent, and waiting for the initial import to complete, then you may need to cancel and start over configuring provisioning to the application in the Azure portal.
  1. When you provide the tenant URL in the Azure portal, ensure that it follows the following pattern. You can replace `localhost` with your host name, but it isn't required. Replace `connectorName` with the name of the connector you specified in the ECMA host. The error message 'invalid resource' generally indicates that the URL does not follow the expected format.
  
     ```
@@ -40,13 +52,13 @@ After you configure the provisioning agent and ECMA host, it's time to test conn
 
 ## Unable to configure the ECMA host, view logs in Event Viewer, or start the ECMA host service
 
-To resolve the following issues, run the ECMA host as an admin:
+To resolve the following issues, run the ECMA host configuration wizard as an administrator:
 
 * I get an error when I open the ECMA host wizard.
 
    ![Screenshot that shows an ECMA wizard error.](./media/on-premises-ecma-troubleshoot/tshoot-2.png)
 
-* I can configure the ECMA host wizard, but I can't see the ECMA host logs. In this case, you need to open the host as an admin and set up a connector end to end. This step can be simplified by exporting an existing connector and importing it again. 
+* I can configure the ECMA host wizard, but I can't see the ECMA host logs. In this case, you need to open the ECMA Host configuration wizard as an administrator and set up a connector end to end. This step can be simplified by exporting an existing connector and importing it again. 
 
    ![Screenshot that shows host logs.](./media/on-premises-ecma-troubleshoot/tshoot-3.png)
 
@@ -57,7 +69,7 @@ To resolve the following issues, run the ECMA host as an admin:
 
 ## Turn on verbose logging 
 
-By default, `switchValue` for the ECMA Connector Host is set to `Verbose`. This will emit detailed logging that will help you troubleshoot issues. You can change the verbosity to `Error` if you would like to limit the number of logs emitted to only errors. Wen using the SQL connector without Windows Integrated Auth, we recommend setting the `switchValue` to `Error` as it will ensure that the connection string is not emitted in the logs. In order to change the verbosity to error, please update the `switchValue` to "Error" in both places as shown below.
+By default, `switchValue` for the ECMA Connector Host is set to `Verbose`. This setting will emit detailed logging that will help you troubleshoot issues. You can change the verbosity to `Error` if you would like to limit the number of logs emitted to only errors. Wen using the SQL connector without Windows Integrated Auth, we recommend setting the `switchValue` to `Error` as it will ensure that the connection string is not emitted in the logs. In order to change the verbosity to error, update the `switchValue` to "Error" in both places as shown below.
 
 The file location for verbose service logging is C:\Program Files\Microsoft ECMA2Host\Service\Microsoft.ECMA2Host.Service.exe.config.
   ```
@@ -101,34 +113,59 @@ The file location for wizard logging is C:\Program Files\Microsoft ECMA2Host\Wiz
 ## Query the ECMA Host Cache
 
 The ECMA Host has a cache of users in your application that is updated according to the schedule you specify in the properties page of the ECMA Host wizard. In order to query the cache, perform the steps below:
+
 1. Set the Debug flag to `true`.
-2. Restart the ECMA Host service.
-3. Query this endpoint from the server the ECMA Host is installed on, replacing  `{connector name}` with the name of your connector, specified in the properties page of the ECMA Host.  `https://localhost:8585/ecma2host_{connectorName}/scim/cache`
 
-Please be aware that setting the debug flag to  `true` disables authentication on the ECMA Host. You will want to set it back to `false` and restart the ECMA Host service once you are done querying the cache. 
+   Please be aware that setting the debug flag to  `true` disables authentication on the ECMA Host. You will need to set it back to `false` and restart the ECMA Host service once you are done querying the cache.
 
-The file location for verbose service logging is C:\Program Files\Microsoft ECMA2Host\Service\Microsoft.ECMA2Host.Service.exe.config.
-  ```
-  <?xml version="1.0" encoding="utf-8"?> 
-  <configuration> 
+   The file location for verbose service logging is `C:\Program Files\Microsoft ECMA2Host\Service\Microsoft.ECMA2Host.Service.exe.config`.
+   ```
+   <?xml version="1.0" encoding="utf-8"?>
+   <configuration>
       <startup>  
           <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6" /> 
       </startup> 
       <appSettings> 
         <add key="Debug" value="true" /> 
       </appSettings> 
 
-  ```
+   ```
+
+2. Restart the `Microsoft ECMA2Host` service.
+1. Wait for the ECMA Host to connect to the target systems and re-read its cache from each of the connected systems.  If there are many users in those connected systems, this import process could take several minutes.
+1. Query this endpoint from the server the ECMA Host is installed on, replacing  `{connector name}` with the name of your connector, specified in the properties page of the ECMA Host: `https://localhost:8585/ecma2host_{connectorName}/scim/cache`.
+
+     1. On the server with the agent installed, launch PowerShell.
+     1. Change to the folder where the ECMA host was installed, such as `C:\Program Files\Microsoft ECMA2Host`.
+     1. Change to the subdirectory `Troubleshooting`.
+     1. Run the script `TestECMA2HostConnection.ps1` in that directory, and provide as arguments the connector name and the `ObjectTypePath` value `cache`.  When prompted, type the secret token configured for that connector.
+        ```
+        PS C:\Program Files\Microsoft ECMA2Host\Troubleshooting> .\TestECMA2HostConnection.ps1 -ConnectorName CORPDB1 -ObjectTypePath cache
+        Supply values for the following parameters:
+        SecretToken: ************
+        ```
+     1. This script sends a SCIM GET request to validate that the ECMA Connector Host is operating and responding to requests. If the output does not show that an HTTP connection was successful, then check that the service is running and that the correct secret token was provided.
+
+1. Set the Debug flag back to `false` or remove the setting once you are done querying the cache.
+2. Restart the `Microsoft ECMA2Host` service.
+
+
 ## Target attribute is missing 
 The provisioning service automatically discovers attributes in your target application. If you see that a target attribute is missing in the target attribute list in the Azure portal, perform the following troubleshooting step:
 
- 1. Review the **Select Attributes** page of your ECMA host configuration to check that the attribute has been selected to be exposed to the Azure portal.
- 1. Ensure that the ECMA host service is turned on. 
+ 1. Review the **Select Attributes** page of your ECMA host configuration to check that the attribute has been selected, so that it will be exposed to the Azure portal.
+ 1. Ensure that the ECMA host service is running.
  1. Review the ECMA host logs to check that a /schemas request was made, and review the attributes in the response. This information will be valuable for support to troubleshoot the issue.
 
 ## Collect logs from Event Viewer as a zip file
 
-Go to the folder where the ECMA host was installed by selecting **Troubleshooting** > **Scripts**. Run the `CollectTroubleshootingInfo` script as an admin. You can use it to capture the logs in a zip file and export them.
+You can use an included script to capture the event logs in a zip file and export them.
+
+ 1. On the server with the agent installed, right click on PowerShell in the Start menu and select to `Run as administrator`.
+ 1. Change to the folder where the ECMA host was installed, such as `C:\Program Files\Microsoft ECMA2Host`.
+ 1. Change to the subdirectory `Troubleshooting`.
+ 1. Run the script `CollectTroubleshootingInfo.ps1` in that directory.
+ 1. The script will create a ZIP file in that directory containing the event logs.
 
 ## Review events in Event Viewer
 
@@ -143,13 +180,13 @@ After the ECMA Connector Host schema mapping has been configured, start the serv
 | Error      | Resolution |
 | ----------- | ----------- |
 | Could not load file or assembly 'file:///C:\Program Files\Microsoft ECMA2Host\Service\ECMA\Cache\8b514472-c18a-4641-9a44-732c296534e8\Microsoft.IAM.Connector.GenericSql.dll' or one of its dependencies. Access is denied.      | Ensure that the network service account has 'full control' permissions over the cache folder. |
-| Invalid LDAP style of object's DN. DN: [email protected]" or `Target Site: ValidByLdapStyle`  | Ensure the 'DN is Anchor' checkbox is not checked in the 'connectivity' page of the ECMA host. Ensure the 'autogenerated' checkbox is selected in the 'object types' page of the ECMA host.  See [About anchor attributes and distinguished names](on-premises-application-provisioning-architecture.md#about-anchor-attributes-and-distinguished-names) for more information.|
+| Invalid LDAP style of object's DN. DN: [email protected]" or `Target Site: ValidByLdapStyle`  | Ensure the 'DN is Anchor' checkbox is not checked in the 'connectivity' page of the ECMA host. Ensure the 'autogenerated' checkbox is selected in the 'object types' page of the ECMA host.  For more information, see [About anchor attributes and distinguished names](on-premises-application-provisioning-architecture.md#about-anchor-attributes-and-distinguished-names).|
 
 ## Understand incoming SCIM requests
 
 Requests made by Azure AD to the provisioning agent and connector host use the SCIM protocol. Requests made from the host to apps use the protocol the app supports. The requests from the host to the agent to Azure AD rely on SCIM. You can learn more about the SCIM implementation in [Tutorial: Develop and plan provisioning for a SCIM endpoint in Azure Active Directory](use-scim-to-provision-users-and-groups.md).
 
-At the beginning of each provisioning cycle, before performing on-demand provisioning and when doing the test connection, the Azure AD provisioning service generally makes a get-user call for a [dummy user](use-scim-to-provision-users-and-groups.md#request-3) to ensure the target endpoint is available and returning SCIM-compliant responses. 
+The Azure AD provisioning service generally makes a get-user call to check for a [dummy user](use-scim-to-provision-users-and-groups.md#request-3) in three situations: at the beginning of each provisioning cycle, before performing on-demand provisioning and when **test connection** is selected. This check ensures the target endpoint is available and returning SCIM-compliant responses to the Azure AD provisioning service.
 
 
 ## How do I troubleshoot the provisioning agent?
@@ -235,9 +272,9 @@ By using Azure AD, you can monitor the provisioning service in the cloud and col
 ### I am getting an Invalid LDAP style DN error when trying to configure the ECMA Connector Host with SQL
 By default, the generic SQL connector expects the DN to be populated using the LDAP style (when the 'DN is anchor' attribute is left unchecked in the first connectivity page). In the error message `Invalid LDAP style DN` or `Target Site: ValidByLdapStyle`, you may see that the DN field contains a user principal name (UPN), rather than an LDAP style DN that the connector expects.
 
-To resolve this, ensure that **Autogenerated** is selected on the object types page when you configure the connector.
+To resolve this error message, ensure that **Autogenerated** is selected on the object types page when you configure the connector.
 
-See [About anchor attributes and distinguished names](on-premises-application-provisioning-architecture.md#about-anchor-attributes-and-distinguished-names) for more information.
+For more information, see [About anchor attributes and distinguished names](on-premises-application-provisioning-architecture.md#about-anchor-attributes-and-distinguished-names).
 
 ## Next steps