revised portal steps

Justinha · Justinha · commit 4780bed010e9 · 2023-09-14T16:41:22.000-07:00
diff --git a/articles/active-directory/authentication/howto-password-ban-bad-on-premises-deploy.md b/articles/active-directory/authentication/howto-password-ban-bad-on-premises-deploy.md
@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 06/01/2023
+ms.date: 09/14/2023
 
 ms.author: justinha
 author: justinha
@@ -96,7 +96,7 @@ The following core requirements apply:
 
 > [!NOTE]
 > Some endpoints, such as the CRL endpoint, are not addressed in this article. For a list of all supported endpoints, see [Microsoft 365 URLs and IP address ranges](/microsoft-365/enterprise/urls-and-ip-address-ranges#microsoft-365-common-and-office-online).
->In addition, other endpoints are required for Azure portal authentication. For more information, see [Azure portal URLs for proxy bypass](/azure/azure-portal/azure-portal-safelist-urls?tabs=public-cloud#azure-portal-urls-for-proxy-bypass).
+>In addition, other endpoints are required for Microsoft Entra admin center authentication. For more information, see [Microsoft Entra admin center URLs for proxy bypass](/azure/azure-portal/azure-portal-safelist-urls?tabs=public-cloud#azure-portal-urls-for-proxy-bypass).
 
 ### Azure AD Password Protection DC agent
 
@@ -243,7 +243,7 @@ To install the Azure AD Password Protection proxy service, complete the followin
         >
         > You may also see MFA required if Azure Device Registration (which is used under the covers by Azure AD Password Protection) has been configured to globally require MFA. To workaround this requirement you may use a different account that supports MFA with one of the previous two authentication modes, or you may also temporarily relax the Azure Device Registration MFA requirement.
         >
-        > To make this change, search for and select **Azure Active Directory** in the Azure portal, then select **Devices > Device Settings**. Set **Require Multi-Factor Auth to join devices** to *No*. Be sure to reconfigure this setting back to *Yes* once registration is complete.
+        > To make this change, search for and select then select **Devices > Device Settings** in the Microsoft Entra admin center. Set **Require Multi-Factor Auth to join devices** to *No*. Be sure to reconfigure this setting back to *Yes* once registration is complete.
         >
         > We recommend that MFA requirements be bypassed for test purposes only.
 
@@ -296,7 +296,7 @@ To install the Azure AD Password Protection proxy service, complete the followin
         >
         > You may also see MFA required if Azure Device Registration (which is used under the covers by Azure AD Password Protection) has been configured to globally require MFA. To workaround this requirement you may use a different account that supports MFA with one of the previous two authentication modes, or you may also temporarily relax the Azure Device Registration MFA requirement.
         >
-        > To make this change, search for and select **Azure Active Directory** in the Azure portal, then select **Devices > Device Settings**. Set **Require Multi-Factor Auth to join devices** to *No*. Be sure to reconfigure this setting back to *Yes* once registration is complete.
+        > To make this change, search for and select **Devices > Device Settings** in the Microsoft Entra admin center. Set **Require Multi-Factor Auth to join devices** to *No*. Be sure to reconfigure this setting back to *Yes* once registration is complete.
         >
         > We recommend that MFA requirements be bypassed for test purposes only.
 
@@ -400,7 +400,7 @@ The software installation, or uninstallation, requires a restart. This requireme
 
 The installation of on-prem Azure AD Password Protection is complete after the DC agent software is installed on a domain controller, and that computer is rebooted. No other configuration is required or possible. Password change events against the on-prem DCs use the configured banned password lists from Azure AD.
 
-To enable on-prem Azure AD Password Protection from the Azure portal or configure custom banned passwords, see [Enable on-premises Azure AD Password Protection](howto-password-ban-bad-on-premises-operations.md).
+To enable on-prem Azure AD Password Protection or configure custom banned passwords, see [Enable on-premises Azure AD Password Protection](howto-password-ban-bad-on-premises-operations.md).
 
 > [!TIP]
 > You can install the Azure AD Password Protection DC agent on a machine that's not yet a domain controller. In this case, the service starts and runs but remain inactive until the machine is promoted to be a domain controller.
@@ -436,4 +436,4 @@ The `Get-AzureADPasswordProtectionDCAgent` cmdlet may be used to query the softw
 
 ## Next steps
 
-Now that you've installed the services that you need for Azure AD Password Protection on your on-premises servers, [enable on-prem Azure AD Password Protection in the Azure portal](howto-password-ban-bad-on-premises-operations.md) to complete your deployment.
+Now that you've installed the services that you need for Azure AD Password Protection on your on-premises servers, [enable on-prem Azure AD Password Protection](howto-password-ban-bad-on-premises-operations.md) to complete your deployment.
diff --git a/articles/active-directory/authentication/howto-registration-mfa-sspr-combined.md b/articles/active-directory/authentication/howto-registration-mfa-sspr-combined.md
@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 06/08/2023
+ms.date: 09/14/2023
 
 ms.author: justinha
 author: justinha
@@ -38,7 +38,8 @@ For more information about creating trusted locations in Conditional Access, see
 
 Complete the following steps to create a policy that applies to all selected users that attempt to register using the combined registration experience, and blocks access unless they are connecting from a location marked as trusted network:
 
-1. In the **Azure portal**, browse to **Azure Active Directory** > **Security** > **Conditional Access**.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Conditional Access Administrator](../roles/permissions-reference.md#conditional-access-administrator).
+1. Browse to **Protection** > **Conditional Access**.
 1. Select **+ New policy**.
 1. Enter a name for this policy, such as *Combined Security Info Registration on Trusted Networks*.
 1. Under **Assignments**, select **Users**. Choose the users and groups you want this policy to apply to.
diff --git a/articles/active-directory/authentication/howto-sspr-authenticationdata.md b/articles/active-directory/authentication/howto-sspr-authenticationdata.md
@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 04/26/2023
+ms.date: 09/14/2023
 
 ms.author: justinha
 author: justinha
@@ -45,9 +45,9 @@ After a user verifies their mobile phone number, the *Phone* field under **Authe
 
 ## Authentication contact info
 
-On the **Authentication methods** page for an Azure AD user in the Azure portal, a Global Administrator can manually set the authentication contact information. You can review existing methods under the *Usable authentication methods* section, or **+Add authentication methods**, as shown in the following example screenshot:
+On the **Authentication methods** page for an Azure AD user in the Microsoft Entra admin center, a Global Administrator can manually set the authentication contact information. You can review existing methods under the *Usable authentication methods* section, or **+Add authentication methods**, as shown in the following example screenshot:
 
-:::image type="content" source="media/howto-sspr-authenticationdata/user-authentication-contact-info.png" alt-text="Manage authentication methods from the Azure portal":::
+:::image type="content" source="media/howto-sspr-authenticationdata/user-authentication-contact-info.png" alt-text="Screenshot of how to manage authentication methods":::
 
 The following considerations apply for this authentication contact info:
 
diff --git a/articles/active-directory/authentication/howto-sspr-customization.md b/articles/active-directory/authentication/howto-sspr-customization.md
@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 02/01/2023
+ms.date: 09/14/2023
 
 ms.author: justinha
 author: justinha
@@ -69,7 +69,7 @@ The graphics you choose are shown in the following circumstances:
 
 ### Directory name
 
-To make things look more user-friendly, you can change organization name in the portal and in the automated communications. To change the directory name attribute in the Azure portal, browse to **Azure Active Directory** > **Properties**. This friendly organization name option is the most visible in automated emails, as in the following examples:
+To make things look more user-friendly, you can change organization name in the portal and in the automated communications. To change the directory name attribute in the Microsoft Entra admin center, sign in as a Global Administrator and browse to **Identity** > **Overview** > **Properties**. This friendly organization name option is the most visible in automated emails, as in the following examples:
 
 * The friendly name in the email, for example "*Microsoft on behalf of CONTOSO demo*"
 * The subject line in the email, for example "*CONTOSO demo account email verification code*"
diff --git a/articles/active-directory/authentication/howto-sspr-deployment.md b/articles/active-directory/authentication/howto-sspr-deployment.md
@@ -261,9 +261,7 @@ You can also refer to [Complete out an Azure AD self-service password reset pilo
 
 ### Plan support
 
-While SSPR does not typically create user issues, it is important to prepare support staff to deal with issues that may arise. While an administrator can reset the password for end users through the Azure portal, it is better to help resolve the issue via a self-service support process.
-
-To enable your support team's success, you can create a FAQ based on questions you receive from your users. Here are a few examples:
+While SSPR does not typically create user issues, it is important to prepare support staff to deal with issues that may arise. To enable your support team's success, you can create a FAQ based on questions you receive from your users. Here are a few examples:
 
 | Scenarios| Description |
 | - | - |
@@ -319,10 +317,10 @@ Azure AD can provide additional information on your SSPR performance through aud
 
 ### Password management activity reports 
 
-You can use pre-built reports on Azure portal to measure the SSPR performance. If you're appropriately licensed, you can also create custom queries. For more information, see [Reporting options for Azure AD password management](./howto-sspr-reporting.md)
+You can use pre-built reports on Microsoft Entra admin center to measure the SSPR performance. If you're appropriately licensed, you can also create custom queries. For more information, see [Reporting options for Azure AD password management](./howto-sspr-reporting.md)
 
 > [!NOTE]
->  You must be [a global administrator](../roles/permissions-reference.md), and you must opt-in for this data to be gathered for your organization. To opt in, you must visit the Reporting tab or the audit logs on the Azure portal at least once. Until then, the data doesn't collect for your organization.
+>  You must be [a global administrator](../roles/permissions-reference.md), and you must opt-in for this data to be gathered for your organization. To opt in, you must visit the Reporting tab or the audit logs on the Microsoft Entra admin center at least once. Until then, the data doesn't collect for your organization.
 
 Audit logs for registration and password reset are available for 30 days. If security auditing within your corporation requires longer retention, the logs need to be exported and consumed into a SIEM tool such as [Microsoft Sentinel](../../sentinel/connect-azure-active-directory.md), Splunk, or ArcSight.
 
diff --git a/articles/active-directory/authentication/howto-sspr-reporting.md b/articles/active-directory/authentication/howto-sspr-reporting.md
@@ -5,7 +5,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 01/29/2023
+ms.date: 09/14/2023
 ms.author: justinha
 author: justinha
 manager: amycolannino
@@ -19,10 +19,10 @@ After deployment, many organizations want to know how or if self-service passwor
 
 ![Reporting on SSPR using the audit logs in Azure AD][Reporting]
 
-The following questions can be answered by the reports that exist in the [Azure portal](https://portal.azure.com):
+The following questions can be answered by the reports that exist in the [Microsoft Entra admin center](https://entra.microsoft.com):
 
 > [!NOTE]
-> You must be [a global administrator](../roles/permissions-reference.md), and you must opt-in for this data to be gathered on behalf of your organization. To opt in, you must visit the **Reporting** tab or the audit logs at least once. Until then, data is not collected for your organization.
+> You must be [a Global Administrator](../roles/permissions-reference.md), and you must opt-in for this data to be gathered on behalf of your organization. To opt in, you must visit the **Reporting** tab or the audit logs at least once. Until then, data is not collected for your organization.
 >
 
 * How many people have registered for password reset?
@@ -34,16 +34,14 @@ The following questions can be answered by the reports that exist in the [Azure
 * What admins are resetting their own passwords frequently?
 * Is there any suspicious activity going on with password reset?
 
-## How to view password management reports in the Azure portal
+## How to view password management reports
 
 [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
 
-In the Azure portal experience, we have improved the way that you can view password reset and password reset registration activity. Use the following the steps to find the password reset and password reset registration events:
+Use the following the steps to find the password reset and password reset registration events:
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
-2. Select **All services** in the left pane.
-3. Search for **Azure Active Directory** in the list of services and select it.
-4. Select **Users** from the Manage section.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as a [Global Administrator](../roles/permissions-reference.md#global-administrator).
+1. Browse to **Identity** > **Users**.
 5. Select **Audit Logs** from the **Users** blade. This shows you all of the audit events that occurred against all the users in your directory. You can filter this view to see all the password-related events.
 6. From the **Filter** menu at the top of the pane, select the **Service** drop-down list, and change it to the **Self-service Password Management** service type.
 7. Optionally, further filter the list by choosing the specific **Activity** you're interested in.
@@ -52,18 +50,18 @@ In the Azure portal experience, we have improved the way that you can view passw
 
 [Combined registration](./concept-registration-mfa-sspr-combined.md) security information registration and management events can be found in the audit logs under **Security** > **Authentication Methods**.
 
-## Description of the report columns in the Azure portal
+## Description of the report columns
 
-The following list explains each of the report columns in the Azure portal in detail:
+The following list explains each of the report columns in detail:
 
 * **User**: The user who attempted a password reset registration operation.
 * **Role**: The role of the user in the directory.
 * **Date and Time**: The date and time of the attempt.
 * **Data Registered**: The authentication data that the user provided during password reset registration.
 
-## Description of the report values in the Azure portal
+## Description of the report values
 
-The following table describes the different values that are you can set for each column in the Azure portal:
+The following table describes the different values that are you can set for each column:
 
 | Column | Permitted values and their meanings |
 | --- | --- |
@@ -75,10 +73,10 @@ The following activity types appear in the **Self-Service Password Management**
 
 * [Blocked from self-service password reset](#activity-type-blocked-from-self-service-password-reset): Indicates that a user tried to reset a password, use a specific gate, or validate a phone number more than five total times in 24 hours.
 * [Change password (self-service)](#activity-type-change-password-self-service): Indicates that a user performed a voluntary, or forced (due to expiry) password change.
-* [Reset password (by admin)](#activity-type-reset-password-by-admin): Indicates that an administrator performed a password reset on behalf of a user from the Azure portal.
-* [Reset password (self-service)](#activity-type-reset-password-self-service): Indicates that a user successfully reset their password from the [Azure AD password reset portal](https://passwordreset.microsoftonline.com).
+* [Reset password (by admin)](#activity-type-reset-password-by-admin): Indicates that an administrator performed a password reset on behalf of a user.
+* [Reset password (self-service)](#activity-type-reset-password-self-service): Indicates that a user successfully reset their password from [Azure AD password reset](https://passwordreset.microsoftonline.com).
 * [Self-service password reset flow activity progress](#activity-type-self-serve-password-reset-flow-activity-progress): Indicates each specific step a user proceeds through, such as passing a specific password reset authentication gate, as part of the password reset process.
-* [Unlock user account (self-service)](#activity-type-unlock-a-user-account-self-service)): Indicates that a user successfully unlocked their Active Directory account without resetting their password from the [Azure AD password reset portal](https://passwordreset.microsoftonline.com) by using the Active Directory feature of account unlock without reset.
+* [Unlock user account (self-service)](#activity-type-unlock-a-user-account-self-service): Indicates that a user successfully unlocked their Active Directory account without resetting their password from the [Azure AD password reset portal](https://passwordreset.microsoftonline.com) by using the Active Directory feature of account unlock without reset.
 * [User registered for self-service password reset](#activity-type-user-registered-for-self-service-password-reset): Indicates that a user has registered all the required information to be able to reset their password in accordance with the currently specified tenant password reset policy.
 
 ### Activity type: Blocked from self-service password reset
@@ -109,7 +107,7 @@ The following list explains this activity in detail:
 
 The following list explains this activity in detail:
 
-* **Activity description**: Indicates that an administrator performed a password reset on behalf of a user from the Azure portal.
+* **Activity description**: Indicates that an administrator performed a password reset on behalf of a user.
 * **Activity actor**: The administrator who performed the password reset on behalf of another end user or administrator. Must be a password administrator, user administrator, or helpdesk administrator.
 * **Activity target**: The user whose password was reset. The user can be an end user or a different administrator.
 * **Activity statuses**:
diff --git a/articles/active-directory/authentication/howto-sspr-windows.md b/articles/active-directory/authentication/howto-sspr-windows.md
