Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into entraadmin

Author: rwike77

articles/active-directory-domain-services/join-centos-linux-vm.md

@@ -39,7 +39,7 @@ If you have an existing CentOS Linux VM in Azure, connect to it using SSH, then
 
 If you need to create a CentOS Linux VM, or want to create a test VM for use with this article, you can use one of the following methods:
 
-* [Azure portal](../virtual-machines/linux/quick-create-portal.md)
+* [Microsoft Entra admin center](../virtual-machines/linux/quick-create-portal.md)
 * [Azure CLI](../virtual-machines/linux/quick-create-cli.md)
 * [Azure PowerShell](../virtual-machines/linux/quick-create-powershell.md)
 

articles/active-directory-domain-services/join-coreos-linux-vm.md

@@ -39,7 +39,7 @@ If you have an existing CoreOS Linux VM in Azure, connect to it using SSH, then
 
 If you need to create a CoreOS Linux VM, or want to create a test VM for use with this article, you can use one of the following methods:
 
-* [Azure portal](../virtual-machines/linux/quick-create-portal.md)
+* [Microsoft Entra admin center](../virtual-machines/linux/quick-create-portal.md)
 * [Azure CLI](../virtual-machines/linux/quick-create-cli.md)
 * [Azure PowerShell](../virtual-machines/linux/quick-create-powershell.md)
 

articles/active-directory-domain-services/join-rhel-linux-vm.md

@@ -39,7 +39,7 @@ If you have an existing RHEL Linux VM in Azure, connect to it using SSH, then co
 
 If you need to create a RHEL Linux VM, or want to create a test VM for use with this article, you can use one of the following methods:
 
-* [Azure portal](../virtual-machines/linux/quick-create-portal.md)
+* [Microsoft Entra admin center](../virtual-machines/linux/quick-create-portal.md)
 * [Azure CLI](../virtual-machines/linux/quick-create-cli.md)
 * [Azure PowerShell](../virtual-machines/linux/quick-create-powershell.md)
 

articles/active-directory-domain-services/join-suse-linux-vm.md

@@ -38,7 +38,7 @@ If you have an existing SLE Linux VM in Azure, connect to it using SSH, then con
 
 If you need to create a SLE Linux VM, or want to create a test VM for use with this article, you can use one of the following methods:
 
-* [Azure portal](../virtual-machines/linux/quick-create-portal.md)
+* [Microsoft Entra admin center](../virtual-machines/linux/quick-create-portal.md)
 * [Azure CLI](../virtual-machines/linux/quick-create-cli.md)
 * [Azure PowerShell](../virtual-machines/linux/quick-create-powershell.md)
 
@@ -86,7 +86,7 @@ To join the managed domain using **SSSD** and the *User Logon Management* module
 
     In YaST, select **System > Network Settings**.
 
-1. Select the *Hostname/DNS* tab, then enter the IP address(es) of the managed domain into the text box *Name Server 1*. These IP addresses are shown on the *Properties* window in the Azure portal for your managed domain, such as *10.0.2.4* and *10.0.2.5*.
+1. Select the *Hostname/DNS* tab, then enter the IP address(es) of the managed domain into the text box *Name Server 1*. These IP addresses are shown on the *Properties* window in the Microsoft Entra admin center for your managed domain, such as *10.0.2.4* and *10.0.2.5*.
 
     Add your own managed domain IP addresses, then select **OK**.
 
@@ -162,7 +162,7 @@ To join the managed domain using **winbind** and the *Windows Domain Membership*
 
 1. If you want to change the UID and GID ranges for the Samba users and groups, select *Expert Settings*.
 
-1. Configure Network Time Protocol (NTP) time synchronization for your managed domain by selecting *NTP Configuration*. Enter the IP addresses of the managed domain. These IP addresses are shown on the *Properties* window in the Azure portal for your managed domain, such as *10.0.2.4* and *10.0.2.5*.
+1. Configure Network Time Protocol (NTP) time synchronization for your managed domain by selecting *NTP Configuration*. Enter the IP addresses of the managed domain. These IP addresses are shown on the *Properties* window in the Microsoft Entra admin center for your managed domain, such as *10.0.2.4* and *10.0.2.5*.
 
 1. Select **OK** and confirm the domain join when prompted for it.
 

articles/active-directory-domain-services/join-ubuntu-linux-vm.md

@@ -39,7 +39,7 @@ If you have an existing Ubuntu Linux VM in Azure, connect to it using SSH, then
 
 If you need to create an Ubuntu Linux VM, or want to create a test VM for use with this article, you can use one of the following methods:
 
-* [Azure portal](../virtual-machines/linux/quick-create-portal.md)
+* [Microsoft Entra admin center](../virtual-machines/linux/quick-create-portal.md)
 * [Azure CLI](../virtual-machines/linux/quick-create-cli.md)
 * [Azure PowerShell](../virtual-machines/linux/quick-create-powershell.md)
 

articles/active-directory-domain-services/join-windows-vm.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: domain-services
 ms.workload: identity
 ms.topic: tutorial
-ms.date: 06/22/2023
+ms.date: 09/15/2023
 ms.author: justinha
 
 #Customer intent: As an server administrator, I want to learn how to join a Windows Server VM to an Azure Active Directory Domain Services managed domain to provide centralized identity and policy.
@@ -43,21 +43,21 @@ To complete this tutorial, you need the following resources:
 
 If you already have a VM that you want to domain-join, skip to the section to [join the VM to the managed domain](#join-the-vm-to-the-managed-domain).
 
-## Sign in to the Azure portal
+## Sign in to the Microsoft Entra admin center
 
-In this tutorial, you create a Windows Server VM to join to your managed domain using the Azure portal. To get started, first sign in to the [Azure portal](https://portal.azure.com).
+In this tutorial, you create a Windows Server VM to join to your managed domain using the Microsoft Entra admin center. To get started, first sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
 
 ## Create a Windows Server virtual machine
 
 To see how to join a computer to a managed domain, let's create a Windows Server VM. This VM is connected to an Azure virtual network that provides connectivity to the managed domain. The process to join a managed domain is the same as joining a regular on-premises Active Directory Domain Services domain.
 
 If you already have a VM that you want to domain-join, skip to the section to [join the VM to the managed domain](#join-the-vm-to-the-managed-domain).
 
-1. From the Azure portal menu or from the **Home** page, select **Create a resource**.
+1. From the Microsoft Entra admin center menu or from the **Home** page, select **Create a resource**.
 
 1. From **Get started**, choose **Windows Server 2016 Datacenter**.
 
-    ![Choose to create a Windows Server 2016 Datacenter VM in the Azure portal](./media/join-windows-vm/select-vm-image.png)
+    ![Choose to create a Windows Server 2016 Datacenter VM](./media/join-windows-vm/select-vm-image.png)
 
 1. In the **Basics** window, configure the core settings for the virtual machine. Leave the defaults for *Availability options*, *Image*, and *Size*.
 
@@ -71,7 +71,7 @@ If you already have a VM that you want to domain-join, skip to the section to [j
 
 1. By default, VMs created in Azure are accessible from the Internet using RDP. When RDP is enabled, automated sign-in attacks are likely to occur, which may disable accounts with common names such as *admin* or *administrator* due to multiple failed successive sign-in attempts.
 
-    RDP should only be enabled when required, and limited to a set of authorized IP ranges. This configuration helps improve the security of the VM and reduces the area for potential attack. Or, create and use an Azure Bastion host that allows access only through the Azure portal over TLS. In the next step of this tutorial, you use an Azure Bastion host to securely connect to the VM.
+    RDP should only be enabled when required, and limited to a set of authorized IP ranges. This configuration helps improve the security of the VM and reduces the area for potential attack. Or, create and use an Azure Bastion host that allows access only through the Microsoft Entra admin center over TLS. In the next step of this tutorial, you use an Azure Bastion host to securely connect to the VM.
 
     Under **Public inbound ports**, select *None*.
 
@@ -89,21 +89,21 @@ If you already have a VM that you want to domain-join, skip to the section to [j
     In the **Networking** pane, select the virtual network in which your managed domain is deployed, such as *aaads-vnet*
 1. In this example, the existing *aaads-subnet* is shown that the managed domain is connected to. Don't connect your VM to this subnet. To create a subnet for the VM, select **Manage subnet configuration**.
 
-    ![Choose to manage the subnet configuration in the Azure portal](./media/join-windows-vm/manage-subnet.png)
+    ![Choose to manage the subnet configuration](./media/join-windows-vm/manage-subnet.png)
 
 1. In the left-hand menu of the virtual network window, select **Address space**. The virtual network is created with a single address space of *10.0.2.0/24*, which is used by the default subnet. Other subnets, such as for *workloads* or Azure Bastion may also already exist.
 
     Add an additional IP address range to the virtual network. The size of this address range and the actual IP address range to use depends on other network resources already deployed. The IP address range shouldn't overlap with any existing address ranges in your Azure or on-premises environment. Make sure that you size the IP address range large enough for the number of VMs you expect to deploy into the subnet.
 
     In the following example, an additional IP address range of *10.0.5.0/24* is added. When ready, select **Save**.
 
-    ![Add an additional virtual network IP address range in the Azure portal](./media/join-windows-vm/add-vnet-address-range.png)
+    ![Add an additional virtual network IP address range](./media/join-windows-vm/add-vnet-address-range.png)
 
 1. Next, in the left-hand menu of the virtual network window, select **Subnets**, then choose **+ Subnet** to add a subnet.
 
 1. Select **+ Subnet**, then enter a name for the subnet, such as *management*. Provide an **Address range (CIDR block)**, such as *10.0.5.0/24*. Make sure that this IP address range doesn't overlap with any other existing Azure or on-premises address ranges. Leave the other options as their default values, then select **OK**.
 
-    ![Create a subnet configuration in the Azure portal](./media/join-windows-vm/create-subnet.png)
+    ![Create a subnet configuration](./media/join-windows-vm/create-subnet.png)
 
 1. It takes a few seconds to create the subnet. Once it's created, select the *X* to close the subnet window.
 1. Back in the **Networking** pane to create a VM, choose the subnet you created from the drop-down menu, such as *management*. Again, make sure you choose the correct subnet and don't deploy your VM in the same subnet as your managed domain.
@@ -112,23 +112,23 @@ If you already have a VM that you want to domain-join, skip to the section to [j
 1. Set **Boot diagnostics** to *Off*. Leave the other options as their default values, then select **Review + create**.
 1. Review the VM settings, then select **Create**.
 
-It takes a few minutes to create the VM. The Azure portal shows the status of the deployment. Once the VM is ready, select **Go to resource**.
+It takes a few minutes to create the VM. The Microsoft Entra admin center shows the status of the deployment. Once the VM is ready, select **Go to resource**.
 
-![Go to the VM resource in the Azure portal once it's successfully created](./media/join-windows-vm/vm-created.png)
+![Go to the VM resource once it's successfully created](./media/join-windows-vm/vm-created.png)
 
 ## Connect to the Windows Server VM
 
-To securely connect to your VMs, use an Azure Bastion host. With Azure Bastion, a managed host is deployed into your virtual network and provides web-based RDP or SSH connections to VMs. No public IP addresses are required for the VMs, and you don't need to open network security group rules for external remote traffic. You connect to VMs using the Azure portal from your web browser. If needed, [create an Azure Bastion host][azure-bastion].
+To securely connect to your VMs, use an Azure Bastion host. With Azure Bastion, a managed host is deployed into your virtual network and provides web-based RDP or SSH connections to VMs. No public IP addresses are required for the VMs, and you don't need to open network security group rules for external remote traffic. You connect to VMs using the Microsoft Entra admin center from your web browser. If needed, [create an Azure Bastion host][azure-bastion].
 
 To use a Bastion host to connect to your VM, complete the following steps:
 
 1. In the **Overview** pane for your VM, select **Connect**, then **Bastion**.
 
-    ![Connect to Windows virtual machine using Bastion in the Azure portal](./media/join-windows-vm/connect-to-vm.png)
+    ![Connect to Windows virtual machine using Bastion](./media/join-windows-vm/connect-to-vm.png)
 
 1. Enter the credentials for your VM that you specified in the previous section, then select **Connect**.
 
-   ![Connect through the Bastion host in the Azure portal](./media/join-windows-vm/connect-to-bastion.png)
+   ![Connect through the Bastion host](./media/join-windows-vm/connect-to-bastion.png)
 
 If needed, allow your web browser to open pop-ups for the Bastion connection to be displayed. It takes a few seconds to make the connection to your VM.
 

articles/active-directory/authentication/concept-authentication-methods-manage.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 05/19/2023
+ms.date: 09/15/2023
 
 ms.author: justinha
 author: justinha
@@ -32,7 +32,7 @@ Most methods also have configuration parameters to more precisely control how th
 
 Or let's say you want to enable passwordless authentication with Microsoft Authenticator. You can set extra parameters like showing the user sign-in location or the name of the app being signed into. These options provide more context for users when they sign-in and help prevent accidental MFA approvals.
 
-To manage the Authentication methods policy in the Azure AD portal, click **Security** > **Authentication methods** > **Policies**.
+To manage the Authentication methods policy, sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Authentication Policy Administrator](../roles/permissions-reference.md#authentication-policy-administrator) and browse to **Protection** > **Authentication methods** > **Policies**.
 
 :::image type="content" border="true" source="./media/concept-authentication-methods-manage/authentication-methods-policy.png" alt-text="Screenshot of Authentication methods policy.":::
 

articles/active-directory/authentication/how-to-authentication-two-way-sms-unsupported.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 01/29/2023
+ms.date: 09/15/2023
 
 ms.author: justinha
 author: rhicock
@@ -19,7 +19,7 @@ ms.collection: M365-identity-device-management
 
 Two-way SMS for Azure AD Multi-Factor Authentication (MFA) Server was originally deprecated in 2018, and no longer supported after February 24, 2021, except for organizations that received a support extension until August 2, 2021. Administrators should enable another method for users who still use two-way SMS.
 
-Email notifications and Azure portal Service Health notifications (portal toasts) were sent to affected admins on December 8, 2020 and January 28, 2021. The alerts went to the Owner, Co-Owner, Admin, and Service Admin RBAC roles tied to the subscriptions. If you've already completed the following steps, no action is necessary.
+Email notifications and Service Health notifications (portal toasts) were sent to affected admins on December 8, 2020 and January 28, 2021. The alerts went to the Owner, Co-Owner, Admin, and Service Admin RBAC roles tied to the subscriptions. If you've already completed the following steps, no action is necessary.
 
 ## Required actions
 

articles/active-directory/authentication/how-to-mfa-server-migration-utility.md

@@ -346,7 +346,7 @@ Once you've successfully migrated user data, you can validate the end-user exper
 
 #### Enable Staged Rollout
 
-1. Navigate to the following url: [Enable staged rollout features - Microsoft Azure](https://portal.azure.com/?mfaUIEnabled=true%2F#view/Microsoft_AAD_IAM/StagedRolloutEnablementBladeV2).
+1. Navigate to the following url: [Enable staged rollout features - Microsoft Azure](https://entra.microsoft.com/#view/Microsoft_AAD_IAM/StagedRolloutEnablementBladeV2).
 
 1. Change **Azure multifactor authentication** to **On**, and then click **Manage groups**.
 

articles/active-directory/authentication/howto-authentication-passwordless-faqs.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: troubleshooting
-ms.date: 01/29/2023
+ms.date: 09/15/2023
 
 ms.author: justinha
 author: justinha
@@ -49,7 +49,7 @@ For a list of supported providers, see [FIDO2 security keys providers](concept-a
 
 ### What if I lose my security key?
 
-You can remove keys in the Azure portal by navigating to the **Security info** page and removing the FIDO2 security key.
+You can remove keys by navigating to the **Security info** page and removing the FIDO2 security key.
 
 ### How is the data protected on the FIDO2 security key?