Merge pull request #248279 from alexbuckgit/alexbuckgit/docutune-autopr-20230815-015346-4380734-ignore-build

[BULK] DocuTune - Update stale local links (part 9)

Author: v-ccolin

articles/active-directory/hybrid/connect/reference-connect-accounts-permissions.md

@@ -204,7 +204,7 @@ Legend:
 - Non-bold = A supported option
 - Local account = Local user account on the server
 - Domain account = Domain user account
-- sMSA = [standalone managed service account](../../fundamentals/service-accounts-on-premises.md)
+- sMSA = [standalone managed service account](../../architecture/service-accounts-on-premises.md)
 - gMSA = [group managed service account](/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview)
 
 | | Local database<br />Express | Local database/Local SQL Server<br />Custom | Remote SQL Server<br />Custom |
@@ -230,7 +230,7 @@ To use this option, on the [Install required components](how-to-connect-install-
 
 :::image type="content" source="media/reference-connect-accounts-permissions/serviceaccount.png" alt-text="Screenshot that shows selecting Managed Service Account in Windows Server.":::
 
-You also can use an [sMSA](../../fundamentals/service-accounts-on-premises.md) in this scenario. However, you can use an sMSA only on the local computer, and there's no benefit to using an sMSA instead of the default VSA.
+You also can use an [sMSA](../../architecture/service-accounts-on-premises.md) in this scenario. However, you can use an sMSA only on the local computer, and there's no benefit to using an sMSA instead of the default VSA.
 
 The sMSA feature requires Windows Server 2012 or later. If you need to use an earlier version of an operating system and you use remote SQL Server, you must use a [user account](#user-account).
 

articles/active-directory/hybrid/connect/reference-connect-faq.yml

@@ -381,7 +381,7 @@ sections:
           
           * Search for technical questions and answers or ask your own questions by going to [the Azure AD community](/answers/topics/azure-active-directory.html).
           
-          [Get support for Azure AD](../../fundamentals/active-directory-troubleshooting-support-howto.md)
+          [Get support for Azure AD](../../fundamentals/how-to-get-support.md)
           
       - question: |
           Why am I seeing Events 6311 and 6401 occur after Sync Step Errors?

articles/active-directory/hybrid/connect/tshoot-connect-pass-through-authentication.md

@@ -22,7 +22,7 @@ ms.collection: M365-identity-device-management
 This article helps you find troubleshooting information about common issues regarding Azure AD Pass-through Authentication.
 
 > [!IMPORTANT]
-> If you are facing user sign-in issues with Pass-through Authentication, don't disable the feature or uninstall Pass-through Authentication Agents without having a cloud-only Global Administrator account or a Hybrid Identity Administrator account to fall back on. Learn about [adding a cloud-only Global Administrator account](../../fundamentals/add-users-azure-active-directory.md). Doing this step is critical and ensures that you don't get locked out of your tenant.
+> If you are facing user sign-in issues with Pass-through Authentication, don't disable the feature or uninstall Pass-through Authentication Agents without having a cloud-only Global Administrator account or a Hybrid Identity Administrator account to fall back on. Learn about [adding a cloud-only Global Administrator account](../../fundamentals/add-users.md). Doing this step is critical and ensures that you don't get locked out of your tenant.
 
 ## General issues
 

articles/active-directory/hybrid/decommission-connect-sync-v1.md

@@ -49,6 +49,6 @@ If you aren't yet eligible to move to cloud sync, use this table for more inform
 
 ## Next steps
 
-- [What is Azure AD Connect V2?](whatis-azure-ad-connect-v2.md)
-- [Azure AD Cloud Sync](../cloud-sync/what-is-cloud-sync.md)
-- [Azure AD Connect version history](reference-connect-version-history.md)
+- [What is Azure AD Connect V2?](./connect/whatis-azure-ad-connect-v2.md)
+- [Azure AD Cloud Sync](./cloud-sync/what-is-cloud-sync.md)
+- [Azure AD Connect version history](./connect/reference-connect-version-history.md)

articles/active-directory/hybrid/install.md

@@ -50,7 +50,7 @@ Express settings are the default option to install Azure AD Connect, and it's us
  4. On **Express settings**, select **Use express settings**.
  5.  n **Connect to Azure AD**, enter the username and password of the Hybrid Identity Administrator account, and then select **Next**.
  6. On **Connect to AD DS**, enter the username and password for an Enterprise Admin account. You can enter the domain part in either NetBIOS or FQDN format, like `FABRIKAM\administrator` or `fabrikam.com\administrator`. Select **Next**
- 7. The [Azure AD sign-in configuration](plan-connect-user-signin.md#azure-ad-sign-in-configuration) page appears only if you didn't complete the step to [verify your domains](../fundamentals/add-custom-domain.md) in the [prerequisites](how-to-connect-install-prerequisites.md)
+ 7. The [Azure AD sign-in configuration](./connect/plan-connect-user-signin.md#azure-ad-sign-in-configuration) page appears only if you didn't complete the step to [verify your domains](../fundamentals/add-custom-domain.md) in the [prerequisites](./connect/how-to-connect-install-prerequisites.md)
  8. On **Ready to configure**, select **Install**
  9. When the installation is finished, select **Exit**.
  10. Before you use Synchronization Service Manager or Synchronization Rule Editor, sign out, and then sign in again.

articles/active-directory/hybrid/prerequisites.md

@@ -63,7 +63,7 @@ For more information on the cloud sync prerequisites, see [Azure AD Connect prer
 |-----|-----|
 |Enterprise administrator|Required to install Azure AD Connect.|
 |Hybrid Identity administrator|Required to configure cloud sync.  This account cannot be a guest account.  This account must be a school or organization account and can't be a Microsoft account.|
-|Custom settings|If you use the custom settings installation path, you have more options. You can specify the following information:</br>• [AD DS Connector account](reference-connect-accounts-permissions.md)</br>• [ADSync Service account](reference-connect-accounts-permissions.md)</br>• [Azure AD Connector account](reference-connect-accounts-permissions.md).  </br>For more information, see [Custom installation settings](reference-connect-accounts-permissions.md#custom-settings).|
+|Custom settings|If you use the custom settings installation path, you have more options. You can specify the following information:</br>• [AD DS Connector account](./connect/reference-connect-accounts-permissions.md)</br>• [ADSync Service account](./connect/reference-connect-accounts-permissions.md)</br>• [Azure AD Connector account](./connect/reference-connect-accounts-permissions.md).  </br>For more information, see [Custom installation settings](./connect/reference-connect-accounts-permissions.md#custom-settings).|
 
 For more information on the Azure AD Connect accounts, see [Azure AD Connect: Accounts and permissions](connect/reference-connect-accounts-permissions.md).
 

articles/active-directory/hybrid/what-is-inter-directory-provisioning.md

@@ -25,21 +25,21 @@ Inter-directory provisioning allows us to create [hybrid identity](whatis-hybrid
 
 Azure AD currently supports three methods for accomplishing inter-directory provisioning. These methods are:
 
-- [Azure AD Connect cloud sync](../cloud-sync/what-is-cloud-sync.md) -a new Microsoft agent designed to meet and accomplish your hybrid identity goals.  It is provides a light-weight inter -directory provisioning experience between Active Directory and Azure AD and is configured via the portal.
+- [Azure AD Connect cloud sync](./cloud-sync/what-is-cloud-sync.md) -a new Microsoft agent designed to meet and accomplish your hybrid identity goals.  It is provides a light-weight inter -directory provisioning experience between Active Directory and Azure AD and is configured via the portal.
 
-- [Azure AD Connect](whatis-azure-ad-connect.md) - the Microsoft tool designed to meet and accomplish your hybrid identity, including inter-directory provisioning from Active Directory to Azure AD.
+- [Azure AD Connect](./connect/whatis-azure-ad-connect.md) - the Microsoft tool designed to meet and accomplish your hybrid identity, including inter-directory provisioning from Active Directory to Azure AD.
 
 - [Microsoft Identity Manager](/microsoft-identity-manager/microsoft-identity-manager-2016) - Microsoft's on-premises identity and access management solution that helps you manage the users, credentials, policies, and access within your organization. Additionally, MIM provides advanced inter-directory provisioning to achieve hybrid identity environments for Active Directory, Azure AD, and other directories.
 
 ### Key benefits
 
 This capability of inter-directory provisioning offers the following significant business benefits:
 
-- [Password hash synchronization](whatis-phs.md) - A sign-in method that synchronizes a hash of a users on-premises AD password with Azure AD.
-- [Pass-through authentication](how-to-connect-pta.md) - A sign-in method that allows users to use the same password on-premises and in the cloud, but doesn't require the additional infrastructure of a federated environment.
-- [Federation integration](how-to-connect-fed-whatis.md) - can be used to configure a hybrid environment using an on-premises AD FS infrastructure. It also provides AD FS management capabilities such as certificate renewal and additional AD FS server deployments.
-- [Synchronization](how-to-connect-sync-whatis.md) - Responsible for creating users, groups, and other objects.  As well as, making sure identity information for your on-premises users and groups is matching the cloud.  This synchronization also includes password hashes.
-- [Health Monitoring](whatis-azure-ad-connect.md) - can provide robust monitoring and provide a central location in the Azure portal to view this activity. 
+- [Password hash synchronization](./connect/whatis-phs.md) - A sign-in method that synchronizes a hash of a users on-premises AD password with Azure AD.
+- [Pass-through authentication](./connect/how-to-connect-pta.md) - A sign-in method that allows users to use the same password on-premises and in the cloud, but doesn't require the additional infrastructure of a federated environment.
+- [Federation integration](./connect/how-to-connect-fed-whatis.md) - can be used to configure a hybrid environment using an on-premises AD FS infrastructure. It also provides AD FS management capabilities such as certificate renewal and additional AD FS server deployments.
+- [Synchronization](./connect/how-to-connect-sync-whatis.md) - Responsible for creating users, groups, and other objects.  As well as, making sure identity information for your on-premises users and groups is matching the cloud.  This synchronization also includes password hashes.
+- [Health Monitoring](./connect/whatis-azure-ad-connect.md) - can provide robust monitoring and provide a central location in the Azure portal to view this activity. 
 
 ## Next steps 
 - [What is identity lifecycle management](../governance/what-is-identity-lifecycle-management.md)

articles/active-directory/identity-protection/concept-identity-protection-risks.md

@@ -218,7 +218,7 @@ Microsoft doesn't provide specific details about how risk is calculated. Each le
 
 ### Password hash synchronization
 
-Risk detections like leaked credentials require the presence of password hashes for detection to occur. For more information about password hash synchronization, see the article, [Implement password hash synchronization with Azure AD Connect sync](../hybrid/how-to-connect-password-hash-synchronization.md).
+Risk detections like leaked credentials require the presence of password hashes for detection to occur. For more information about password hash synchronization, see the article, [Implement password hash synchronization with Azure AD Connect sync](../hybrid/connect/how-to-connect-password-hash-synchronization.md).
 
 ### Why are there risk detections generated for disabled user accounts?
           

articles/active-directory/identity-protection/concept-workload-identity-risk.md

@@ -20,7 +20,7 @@ ms.collection: M365-identity-device-management
 
 Azure AD Identity Protection has historically protected users in detecting, investigating, and remediating identity-based risks. We're now extending these capabilities to workload identities to protect applications and service principals.
 
-A [workload identity](../develop/workload-identities-overview.md) is an identity that allows an application or service principal access to resources, sometimes in the context of a user. These workload identities differ from traditional user accounts as they:
+A [workload identity](../workload-identities/workload-identities-overview.md) is an identity that allows an application or service principal access to resources, sometimes in the context of a user. These workload identities differ from traditional user accounts as they:
 
 - Can’t perform multifactor authentication.
 - Often have no formal lifecycle process.
@@ -98,7 +98,7 @@ Some of the key questions to answer during your investigation include:
 - Have there been suspicious configuration changes to accounts?
 - Did the account acquire unauthorized application roles?
 
-The [Azure Active Directory security operations guide for Applications](../fundamentals/security-operations-applications.md) provides detailed guidance on the above investigation areas.
+The [Azure Active Directory security operations guide for Applications](../architecture/security-operations-applications.md) provides detailed guidance on the above investigation areas.
 
 Once you determine if the workload identity was compromised, dismiss the account’s risk, or confirm the account as compromised in the Risky workload identities report. You can also select “Disable service principal” if you want to block the account from further sign-ins.
 

articles/active-directory/identity-protection/how-to-deploy-identity-protection.md

@@ -37,8 +37,8 @@ This deployment plan extends concepts introduced in the [Conditional Access depl
    * Create or modify Conditional Access policies 
       * [Conditional Access Administrator](../roles/permissions-reference.md#conditional-access-administrator)
       * [Security Administrator](../roles/permissions-reference.md#security-administrator)
-* A test user (non-administrator) that allows you to verify policies work as expected before deploying to real users. If you need to create a user, see [Quickstart: Add new users to Azure Active Directory](../fundamentals/add-users-azure-active-directory.md).
-* A group that the non-administrator user is a member of. If you need to create a group, see [Create a group and add members in Azure Active Directory](../fundamentals/active-directory-groups-create-azure-portal.md).
+* A test user (non-administrator) that allows you to verify policies work as expected before deploying to real users. If you need to create a user, see [Quickstart: Add new users to Azure Active Directory](../fundamentals/add-users.md).
+* A group that the non-administrator user is a member of. If you need to create a group, see [Create a group and add members in Azure Active Directory](../fundamentals/how-to-manage-groups.md).
 
 ### Engage the right stakeholders