MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions b/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions
diff --git a/‎articles/active-directory/app-provisioning/application-provisioning-quarantine-status.md
Lines changed: 10 additions & 10 deletions b/‎articles/active-directory/app-provisioning/application-provisioning-quarantine-status.md
Lines changed: 10 additions & 10 deletions
diff --git a/‎articles/active-directory/develop/msal-net-aad-b2c-considerations.md
Lines changed: 15 additions & 17 deletions b/‎articles/active-directory/develop/msal-net-aad-b2c-considerations.md
Lines changed: 15 additions & 17 deletions
diff --git a/‎articles/active-directory/enterprise-users/licensing-service-plan-reference.md
Lines changed: 0 additions & 2 deletions b/‎articles/active-directory/enterprise-users/licensing-service-plan-reference.md
Lines changed: 0 additions & 2 deletions
diff --git a/‎articles/active-directory/fundamentals/data-protection-considerations.md
Lines changed: 0 additions & 1 deletion b/‎articles/active-directory/fundamentals/data-protection-considerations.md
Lines changed: 0 additions & 1 deletion
diff --git a/‎articles/active-directory/reports-monitoring/media/overview-recommendations/recommendation-mark-as-options.png
16.3 KB b/‎articles/active-directory/reports-monitoring/media/overview-recommendations/recommendation-mark-as-options.png
16.3 KB
diff --git a/‎articles/active-directory/reports-monitoring/media/overview-recommendations/recommendations-object.png
-9.42 KB b/‎articles/active-directory/reports-monitoring/media/overview-recommendations/recommendations-object.png
-9.42 KB
diff --git a/‎articles/active-directory/reports-monitoring/media/overview-recommendations/resource-mark-as-option.png
-1.67 KB b/‎articles/active-directory/reports-monitoring/media/overview-recommendations/resource-mark-as-option.png
-1.67 KB
diff --git a/‎articles/active-directory/reports-monitoring/overview-recommendations.md
Lines changed: 9 additions & 10 deletions b/‎articles/active-directory/reports-monitoring/overview-recommendations.md
Lines changed: 9 additions & 10 deletions
diff --git a/‎articles/active-directory/reports-monitoring/recommendation-migrate-to-authenticator.md
Lines changed: 3 additions & 3 deletions b/‎articles/active-directory/reports-monitoring/recommendation-migrate-to-authenticator.md
Lines changed: 3 additions & 3 deletions
@@ -13399,6 +13399,11 @@
             "redirect_url": "/previous-versions/azure/search/search-how-to-index-power-query-data-sources",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/search/search-performance-optimization.md",
+            "redirect_url": "/azure/search/search-reliability",
+            "redirect_document_id": true
+        },
         {
             "source_path_from_root": "/articles/search/cognitive-search-quickstart-ocr.md",
             "redirect_url": "/azure/search/cognitive-search-quickstart-blob",
 
@@ -75,16 +75,16 @@ A job can go into quarantine regardless of failure counts for issues such as adm
 
 The logic documented here may be different for certain connectors to ensure best customer experience, but we generally have the below retry cycles after a failure:
 
-After the first failure, the first retry happens within the next 2 hours (usually in the next sync cycle).
-- The second retry happens 6 hours after the first failure.
-- The third retry happens 12 hours after the first failure.
-- The fourth retry happens 24 hours after the first failure.
-- The fifth retry happens 48 hours after the first failure.
-- The sixth retry happens 72 hours after the first failure.
-- The seventh retry happens 96 hours after the first failure.
-- The eighth retry happens 120 hours after the first failure.
-
-This cycle is repeated every 24 hours until the 30th day when retries are stopped and the job is disabled. 
+After the failure, the first retry will happen in 6 hours.
+- The second retry happens 12 hours after the first failure.
+- The third retry happens 24 hours after the first failure.
+- The fourth retry happens 48 hours after the first failure.
+- The fifth retry happens 96 hours after the first failure.
+- The sixth retry happens 192 hours after the first failure.
+- The seventh retry happens 384 hours after the first failure.
+- The eighth retry happens 768 hours after the first failure.
+
+The retries are stopped after the 8th retry and the escrow entry is removed. The job will continue unless it hits the escrow thresholds from the section above 
 
 
 ## How do I get my application out of quarantine?
 
@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.subservice: develop
 ms.topic: conceptual
 ms.workload: identity
-ms.date: 05/07/2020
+ms.date: 02/21/2023
 ms.author: henrymbugua
 ms.reviewer: saeeda, jeferrie
 ms.custom: "devx-track-csharp, aaddev"
@@ -29,9 +29,9 @@ This article applies to MSAL.NET 3.x. For MSAL.NET 2.x, see [Azure AD B2C specif
 
 The authority format for Azure AD B2C is: `https://{azureADB2CHostname}/tfp/{tenant}/{policyName}`
 
-- `azureADB2CHostname` - The name of the Azure AD B2C tenant plus the host. For example, *contosob2c.b2clogin.com*.
-- `tenant` - The domain name or the directory (tenant) ID of the Azure AD B2C tenant. For example, *contosob2c.onmicrosoft.com* or a GUID, respectively.
-- `policyName` - The name of the user flow or custom policy to apply. For example, a sign-up/sign-in policy like *b2c_1_susi*.
+- `azureADB2CHostname` - The name of the Azure AD B2C tenant plus the host. For example, _contosob2c.b2clogin.com_.
+- `tenant` - The domain name or the directory (tenant) ID of the Azure AD B2C tenant. For example, _contosob2c.onmicrosoft.com_ or a GUID, respectively.
+- `policyName` - The name of the user flow or custom policy to apply. For example, a sign-up/sign-in policy like _b2c_1_susi_.
 
 For more information about Azure AD B2C authorities, see [Set redirect URLs to b2clogin.com](../../active-directory-b2c/b2clogin.md).
 
@@ -77,7 +77,7 @@ catch (MsalUiRequiredException ex)
                         .WithAccount(account)
                         .WithParentActivityOrWindow(ParentActivityOrWindow)
                         .ExecuteAsync();
-}  
+}
 ```
 
 In the preceding code snippet:
@@ -116,12 +116,12 @@ private async void EditProfileButton_Click(object sender, RoutedEventArgs e)
 
 For more information on the ROPC flow, see [Sign in with resource owner password credentials grant](v2-oauth-ropc.md).
 
-The ROPC flow is **not recommended** because asking a user for their password in your application is not secure. For more information about this problem, see [What’s the solution to the growing problem of passwords?](https://news.microsoft.com/features/whats-solution-growing-problem-passwords-says-microsoft/).
+The ROPC flow is **not recommended** because asking a user for their password in your application isn't secure. For more information about this problem, see [What’s the solution to the growing problem of passwords?](https://news.microsoft.com/features/whats-solution-growing-problem-passwords-says-microsoft/).
 
 By using username/password in an ROPC flow, you sacrifice several things:
 
 - Core tenets of modern identity: The password can be fished or replayed because the shared secret can be intercepted. By definition, ROPC is incompatible with passwordless flows.
-- Users who need to do MFA won't be able to sign in (as there is no interaction).
+- Users who use multi-factor authentication (MFA) won't be able to sign in as there's no interaction.
 - Users won't be able to use single sign-on (SSO).
 
 ### Configure the ROPC flow in Azure AD B2C
@@ -137,21 +137,19 @@ AcquireTokenByUsernamePassword(
             SecureString password)
 ```
 
-This `AcquireTokenByUsernamePassword` method takes the following parameters:
+The `AcquireTokenByUsernamePassword` method takes the following parameters:
 
-- The *scopes* for which to obtain an access token.
-- A *username*.
-- A SecureString *password* for the user.
+- The _scopes_ for which to obtain an access token.
+- A _username_.
+- A SecureString _password_ for the user.
 
 ### Limitations of the ROPC flow
 
 The ROPC flow **only works for local accounts**, where your users have registered with Azure AD B2C using an email address or username. This flow doesn't work when federating to an external identity provider supported by Azure AD B2C (Facebook, Google, etc.).
 
 ## Google auth and embedded webview
 
-If you're using Google as an identity provider, we recommend you use the system browser as Google doesn't allow [authentication from embedded webviews](https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html). Currently, `login.microsoftonline.com` is a trusted authority with Google and will work with embedded webview. However, `b2clogin.com` is not a trusted authority with Google, so users will not be able to authenticate.
-
-We'll provide an update to this [issue](https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/688) if things change.
+If you're using Google as an identity provider, we recommend you use the system browser as Google doesn't allow [authentication from embedded webviews](https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html). Currently, `login.microsoftonline.com` is a trusted authority with Google and will work with embedded webview. However, `b2clogin.com` isn't a trusted authority with Google, so users won't be able to authenticate.
 
 ## Token caching in MSAL.NET
 
@@ -186,6 +184,6 @@ For more information about specifying which claims are returned by your user flo
 
 More details about acquiring tokens interactively with MSAL.NET for Azure AD B2C applications are provided in the following sample.
 
-| Sample | Platform | Description|
-|------ | -------- | -----------|
-|[active-directory-b2c-xamarin-native](https://github.com/Azure-Samples/active-directory-b2c-xamarin-native) | Xamarin iOS, Xamarin Android, UWP | A Xamarin Forms app that uses MSAL.NET to authenticate users via Azure AD B2C and then access a web API with the tokens returned.|
+| Sample                                                                                                      | Platform                          | Description                                                                                                                       |
+| ----------------------------------------------------------------------------------------------------------- | --------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- |
+| [active-directory-b2c-xamarin-native](https://github.com/Azure-Samples/active-directory-b2c-xamarin-native) | Xamarin iOS, Xamarin Android, UWP | A Xamarin Forms app that uses MSAL.NET to authenticate users via Azure AD B2C and then access a web API with the tokens returned. |
@@ -424,10 +424,8 @@ The following service plans cannot be assigned together:
 | Service Plan Name | GUID |
 | --- | --- |
 | EXCHANGE_B_STANDARD	| 90927877-dcff-4af6-b346-2332c0b15bb7 |
-| EXCHANGE_L_STANDARD	| d42bdbd6-c335-4231-ab3d-c8f348d5aff5 |
 | EXCHANGE_S_ARCHIVE	| da040e0a-b393-4bea-bb76-928b3fa1cf5a |
 | EXCHANGE_S_DESKLESS	| 4a82b400-a79f-41a4-b4e2-e94f5787b113 |
-| EXCHANGE_S_ENTERPRISE	| efb87545-963c-4e0d-99df-69c6916d9eb0 |
 | EXCHANGE_S_ESSENTIALS	| 1126bef5-da20-4f07-b45e-ad25d2581aa8 |
 | EXCHANGE_S_STANDARD	| 9aaf7827-d63c-4b61-89c3-182f06f82e5c |
 | EXCHANGE_S_STANDARD_MIDMARKET	| fc52cc4b-ed7d-472d-bbe7-b081c23ecc56 |
 
@@ -83,7 +83,6 @@ For more information about Secret encryption at rest, see the following table.
 
 * [Microsoft Service Trust Documents](https://servicetrust.microsoft.com/Documents/TrustDocuments)
 * [Microsoft Azure Trust Center](https://azure.microsoft.com/overview/trusted-cloud/)
-* [Where is my data? - Office 365 documentation](http://o365datacentermap.azurewebsites.net/)
 * [Recover from deletions in Azure Active Directory](recover-from-deletions.md)
 
 ## Next steps
 
@@ -9,7 +9,7 @@ ms.topic: overview
 ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: report-monitor
-ms.date: 02/16/2023
+ms.date: 02/24/2023
 ms.author: sarahlipsey
 ms.reviewer: hafowler  
 ms.collection: M365-identity-device-management
@@ -48,9 +48,9 @@ Each recommendation contains a description, a summary of the value of addressing
 
 Each recommendation provides the same set of details that explain what the recommendation is, why it's important, and how to fix it.
 
-The **Status** of a recommendation can be updated manually or automatically. If all resources are addressed according to the action plan, the status will automatically change to *Completed* the next time the recommendations service runs. The recommendation service runs every 24-48 hours, depending on the recommendation. 
+The **Status** of a recommendation can be updated manually or automatically by the system. If all resources are addressed according to the action plan, the status automatically changes to *Completed* the next time the recommendations service runs. The recommendation service runs every 24-48 hours, depending on the recommendation. 
 
-![Screenshot of the Mark as options.](./media/overview-recommendations/recommendations-object.png)
+![Screenshot of the Mark as options.](./media/overview-recommendations/recommendation-mark-as-options.png)
 
 The **Priority** of a recommendation could be low, medium, or high. These values are determined by several factors, such as security implications, health concerns, or potential breaking changes.
 
@@ -118,17 +118,16 @@ The recommendations listed in the following table are available to all Azure AD
 
 1. The recommendation service automatically marks the recommendation as complete, but if you need to manually change the status of a recommendation, select **Mark as** from the top of the page and select a status.
 
-    ![Screenshot of the Mark as options, to highlight the difference from the resource menu.](./media/overview-recommendations/recommendations-object.png)
+    ![Screenshot of the Mark as options, to highlight the difference from the resource menu.](./media/overview-recommendations/recommendation-mark-as-options.png)
 
-    - Mark a recommendation as **Completed** if all impacted resources have been addressed.
-        - Active resources may still appear in the list of resources for manually completed recommendations. If the resource is completed, the service will update the status the next time the service runs. 
-        - If the service identifies an active resource for a manually completed recommendation the next time the service runs, the recommendation will automatically change back to **Active**.
-        - Completing a recommendation is the only action collected in the audit log. To view these logs, go to **Azure AD** > **Audit logs** and filter the service to "Azure AD recommendations."
     - Mark a recommendation as **Dismissed** if you think the recommendation is irrelevant or the data is wrong.
-        - Azure AD will ask for a reason why you dismissed the recommendation so we can improve the service.
+        - Azure AD asks for a reason why you dismissed the recommendation so we can improve the service.
     - Mark a recommendation as **Postponed** if you want to address the recommendation at a later time.
-        - The recommendation will become **Active** when the selected date occurs.
+        - The recommendation becomes **Active** when the selected date occurs.
     - You can reactivate a completed or postponed recommendation to keep it top of mind and reassess the resources.
+    - Recommendations change to **Completed** if all impacted resources have been addressed.
+       - If the service identifies an active resource for a completed recommendation the next time the service runs, the recommendation will automatically change back to **Active**.
+       - Completing a recommendation is the only action collected in the audit log. To view these logs, go to **Azure AD** > **Audit logs** and filter the service to "Azure AD recommendations."
 
 Continue to monitor the recommendations in your tenant for changes.
 
 
@@ -8,18 +8,18 @@ ms.service: active-directory
 ms.topic: reference
 ms.workload: identity
 ms.subservice: report-monitor
-ms.date: 02/07/2023
+ms.date: 02/24/2023
 ms.author: sarahlipsey
 ms.reviewer: hafowler
 
 ms.collection: M365-identity-device-management
 ---
 
-# Azure AD recommendation: Migrate to Microsoft Authenticator 
+# Azure AD recommendation: Migrate to Microsoft Authenticator (preview)
 
 [Azure AD recommendations](overview-recommendations.md) is a feature that provides you with personalized insights and actionable guidance to align your tenant with recommended best practices.
 
-This article covers the recommendation to migrate users to the Microsoft Authenticator app. This recommendation is called `useAuthenticatorApp` in the recommendations API in Microsoft Graph.
+This article covers the recommendation to migrate users to the Microsoft Authenticator app, which is currently a preview recommendation. This recommendation is called `useAuthenticatorApp` in the recommendations API in Microsoft Graph.
 
 ## Description