MicrosoftDocs
diff --git a/‎articles/purview/how-to-policies-data-owner-arc-sql-server.md
Lines changed: 4 additions & 4 deletions b/‎articles/purview/how-to-policies-data-owner-arc-sql-server.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎articles/purview/includes/access-policies-prerequisites-azure-sql-db.md
Lines changed: 5 additions & 2 deletions b/‎articles/purview/includes/access-policies-prerequisites-azure-sql-db.md
Lines changed: 5 additions & 2 deletions
diff --git a/‎articles/purview/media/how-to-policies-data-owner-sql/assign-active-directory-admin-azure-sql-db.png
50.1 KB b/‎articles/purview/media/how-to-policies-data-owner-sql/assign-active-directory-admin-azure-sql-db.png
50.1 KB
diff --git a/‎articles/purview/media/how-to-policies-data-owner-sql/setup-sql-on-arc-for-purview.png
51 Bytes b/‎articles/purview/media/how-to-policies-data-owner-sql/setup-sql-on-arc-for-purview.png
51 Bytes
@@ -59,14 +59,14 @@ This section describes the steps to configure the SQL Server on Azure Arc to use
 
 1. Navigate to **Azure Active Directory** feature on the left pane
 
-1. Verify that Azure Active Directory Authentication is configured and scroll down.
+1. Verify that Azure Active Directory Authentication is configured. This means that all these have been entered: an admin login, a SQL Server service certificate, and a SQL Server app registration.
 ![Screenshot shows how to configure Microsoft Purview endpoint in Azure AD section.](./media/how-to-policies-data-owner-sql/setup-sql-on-arc-for-purview.png)
 
-1. Set **External Policy Based Authorization** to enabled
+1. Scroll down to set **External Policy Based Authorization** to enabled
 
 1. Enter **Microsoft Purview Endpoint** in the format *https://\<purview-account-name\>.purview.azure.com*. You can see the names of Microsoft Purview accounts in your tenant through [this link](https://portal.azure.com/#blade/HubsExtension/BrowseResource/resourceType/Microsoft.Purview%2FAccounts). Optionally, you can confirm the endpoint by navigating to the Microsoft Purview account, then  to the Properties section on the left menu and scrolling down until you see "Scan endpoint". The full endpoint path will be the one listed without the "/Scan" at the end.
 
-1. Make a note of the **App registration ID**, as you will need it when you register and enable this data source for *Data use Management* in Microsoft Purview.
+1. Make a note of the **App registration ID**, as you will need it when you register and enable this data source for *Data Use Management* in Microsoft Purview.
 
 1. Select the **Save** button to save the configuration.
 
@@ -95,7 +95,7 @@ Once your data source has the **Data Use Management** toggle *Enabled*, it will
 ![Screenshot shows how to register a data source for policy.](./media/how-to-policies-data-owner-sql/register-data-source-for-policy-arc-sql.png)
 
 > [!Note]
-> - If you want to create a policy on a resource group or subscription and have it enforced in Arc-enabled SQL servers, you will need to also register those servers independently for *Data use management* to provide their App ID. See this document on how to create policies at resource group or subscription level: [Enable Microsoft Purview data owner policies on all data sources in a subscription or a resource group](./how-to-policies-data-owner-resource-group.md).
+> - If you want to create a policy on a resource group or subscription and have it enforced in Arc-enabled SQL servers, you will need to also register those servers independently for *Data Use Management* to provide their App ID. See this document on how to create policies at resource group or subscription level: [Enable Microsoft Purview data owner policies on all data sources in a subscription or a resource group](./how-to-policies-data-owner-resource-group.md).
 
 ## Create and publish a data owner policy
 
 
@@ -4,7 +4,7 @@ ms.author: vlrodrig
 ms.service: purview
 ms.subservice: purview-data-policies
 ms.topic: include
-ms.date: 08/11/2022
+ms.date: 09/16/2022
 ms.custom: 
 ---
 
@@ -18,7 +18,10 @@ ms.custom:
 -	Central India
 
 ### Azure SQL Database configuration
-Each Azure SQL Database server needs a Managed Identity assigned to it. In Azure portal navigate to the Azure SQL Server that hosts the Azure SQL DB and then navigate to Identity on the side menu. Under System assigned managed identity check status to *On* and save. See screenshot:
+Azure SQL Database needs an Azure Active Directory Admin to be configured to honor policies from Microsoft Purview. In Azure portal navigate to the Azure SQL Server that hosts the Azure SQL DB and then navigate to Azure Active Directory on the side menu. Set an Admin name and then Save. See screenshot:
+![Screenshot shows how to assign Active Directory Admin to Azure SQL Server.](../media/how-to-policies-data-owner-sql/assign-active-directory-admin-azure-sql-db.png)
+
+Then navigate to Identity on the side menu. Under System assigned managed identity check status to *On* and save. See screenshot:
 ![Screenshot shows how to assign system managed identity to Azure SQL Server.](../media/how-to-policies-data-owner-sql/assign-identity-azure-sql-db.png)
 
 You'll also need to enable (and verify) external policy based authorization on the Azure SQL server. You can do this in PowerShell: