Merge pull request #214354 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)

Author: huypub

articles/active-directory/fundamentals/license-users-groups.md

@@ -32,7 +32,7 @@ There are several license plans available for the Azure AD service, including:
 
 For specific information about each license plan and the associated licensing details, see [What license do I need?](https://www.microsoft.com/security/business/identity-access-management/azure-ad-pricing). To sign up for Azure AD premium license plans see [here](./active-directory-get-started-premium.md).
 
-Not all Microsoft services are available in all locations. Before a license can be assigned to a group, you must specify the **Usage location** for all members. You can set this value in the **Azure Active Directory > Users > Profile > Settings** area in Azure AD. Any user whose usage location isn't specified inherits the location of the Azure AD organization.
+Not all Microsoft services are available in all locations. Before a license can be assigned to a group, you must specify the **Usage location** for all members. You can set this value in the **Azure Active Directory > Users > Profile > Settings** area in Azure AD. When assigning licenses to a group or bulk updates such as disabling the synchronization status for the organization, any user whose usage location isn't specified inherits the location of the Azure AD organization.
 
 ## View license plans and plan details
 
@@ -80,7 +80,7 @@ Make sure that anyone needing to use a licensed Azure AD service has the appropr
     The **Assign license** page updates to show that a user is selected and that the assignments are configured.
 
     > [!NOTE]
-    > Not all Microsoft services are available in all locations. Before a license can be assigned to a user, you must specify the **Usage location**. You can set this value in the **Azure Active Directory > Users > Profile > Settings** area in Azure AD. Any user whose usage location is not specified inherits the location of the Azure AD organization.
+    > Not all Microsoft services are available in all locations. Before a license can be assigned to a user, you must specify the **Usage location**. You can set this value in the **Azure Active Directory > Users > Profile > Settings** area in Azure AD. When assigning licenses to a group or bulk updates such as disabling the synchronization status for the organization, any user whose usage location isn't specified inherits the location of the Azure AD organization.
 
 1. Select **Assign**.
 

articles/active-directory/reports-monitoring/reports-faq.yml

@@ -89,6 +89,11 @@ sections:
           I see .XXX in part of the IP address from a user in my sign-in logs. Why is that happening?
         answer: |
           Azure AD may redact part of an IP address in the sign-in logs to protect user privacy when a user may not belong to the tenant viewing the logs. This action happens in two cases: first, during cross tenant sign ins, such as when a CSP technician signs into a tenant that CSP manages. Second, when our service wasn't able to determine the user's identity with sufficient confidence to be sure the user belongs to the tenant viewing the logs.
+      - question: |
+          I see "PII Removed" in the Device Details of a user in my sign-in logs. Why is that happening?
+        answer: |
+          Azure AD redacts Personally Identifiable Information (PII) generated by devices that do not belong to your tenant to ensure customer data does not spread beyond tenant boundaries without user and data owner consent.
+
 
   - name: Conditional Access
     questions:

articles/active-directory/verifiable-credentials/verifiable-credentials-configure-tenant.md

@@ -1,6 +1,6 @@
 ---
 title: Tutorial - Configure your tenant for Microsoft Entra Verified ID
-description: In this tutorial, you learn how to configure your tenant to support the Verifiable Credentials service. 
+description: In this tutorial, you learn how to configure your tenant to support the Verified ID service. 
 ms.service: decentralized-identity
 ms.subservice: verifiable-credentials
 author: barclayn
@@ -24,7 +24,7 @@ Specifically, you learn how to:
 
 > [!div class="checklist"]
 > - Create an Azure Key Vault instance.
-> - Set up the Verifiable Credentials service.
+> - Set up the Verified ID service.
 > - Register an application in Azure AD.
 
 The following diagram illustrates the Verified ID architecture and the component you configure.
@@ -77,6 +77,7 @@ The Verifiable credentials service request is the Request Service API, and it ne
 
 1. To save the changes, select **Add**.
 
+
 ## Set up Verified ID
 
 To set up Verified ID, follow these steps:
@@ -87,7 +88,7 @@ To set up Verified ID, follow these steps:
 
 1. Set up your organization by providing the following information:
 
-    1. **Organization name**: Enter a name to reference your business within Verifiable Credentials. Your customers don't see this name.
+    1. **Organization name**: Enter a name to reference your business within Verified IDs. Your customers don't see this name.
 
     1. **Domain**: Enter a domain that's added to a service endpoint in your decentralized identity (DID) document. The domain is what binds your DID to something tangible that the user might know about your business. Microsoft Authenticator and other digital wallets use this information to validate that your DID is linked to your domain. If the wallet can verify the DID, it displays a verified symbol. If the wallet can't verify the DID, it informs the user that the credential was issued by an organization it couldn't validate.
 
@@ -99,7 +100,7 @@ To set up Verified ID, follow these steps:
     1. Under **Advanced**, you may choose the **trust system** that you want to use for your tenant. You can choose from either **Web** or **ION**. Web means your tenant uses [did:web](https://w3c-ccg.github.io/did-method-web/) as the did method and ION means it uses [did:ion](https://identity.foundation/ion/).
 
         >[!IMPORTANT]
-        > The only way to change the trust system is to opt-out of verifiable credentials and redo the onboarding.
+        > The only way to change the trust system is to opt-out of the Verified ID service and redo the onboarding.
 
 
 1. Select **Save and get started**.  
@@ -156,7 +157,8 @@ You can choose to grant issuance and presentation permissions separately if you
 
 ## Service endpoint configuration
 
-1. Navigate to the Verified ID in the Azure portal.  
+
+1. Navigate to the Verified ID service in the Azure portal.  
 1. Select **Registration**.
 1. Notice that there are two sections:
     1. Website ID registration