Merge pull request #240424 from rolyon/rolyon-mto-how-to-configure-preview

[Azure AD MTO] How-to Preview

Author: v-regandowner

articles/active-directory/fundamentals/users-default-permissions.md

@@ -38,7 +38,7 @@ Users and contacts | <ul><li>Enumerate the list of all users and contacts<li>Rea
 Groups | <ul><li>Create security groups<li>Create Microsoft 365 groups<li>Enumerate the list of all groups<li>Read all properties of groups<li>Read non-hidden group memberships<li>Read hidden Microsoft 365 group memberships for joined groups<li>Manage properties, ownership, and membership of groups that the user owns<li>Add guests to owned groups<li>Manage dynamic membership settings<li>Delete owned groups<li>Restore owned Microsoft 365 groups</li></ul> | <ul><li>Read properties of non-hidden groups, including membership and ownership (even non-joined groups)<li>Read hidden Microsoft 365 group memberships for joined groups<li>Search for groups by display name or object ID (if allowed)</li></ul> | <ul><li>Read object ID for joined groups<li>Read membership and ownership of joined groups in some Microsoft 365 apps (if allowed)</li></ul>
 Applications | <ul><li>Register (create) new applications<li>Enumerate the list of all applications<li>Read properties of registered and enterprise applications<li>Manage application properties, assignments, and credentials for owned applications<li>Create or delete application passwords for users<li>Delete owned applications<li>Restore owned applications<li>List permissions granted to applications</ul> | <ul><li>Read properties of registered and enterprise applications<li>List permissions granted to applications</ul> | <ul><li>Read properties of registered and enterprise applications</li><li>List permissions granted to applications</li></ul>
 Devices</li></ul> | <ul><li>Enumerate the list of all devices<li>Read all properties of devices<li>Manage all properties of owned devices</li></ul> | No permissions | No permissions
-Organization | <ul><li>Read all company information<li>Read all domains<li>Read configuration of certificate-based authentication<li>Read all partner contracts</li></ul> | <ul><li>Read company display name<li>Read all domains<li>Read configuration of certificate-based authentication</li></ul> | <ul><li>Read company display name<li>Read all domains</li></ul>
+Organization | <ul><li>Read all company information<li>Read all domains<li>Read configuration of certificate-based authentication<li>Read all partner contracts</li><li>Read multi-tenant organization basic details and active tenants</li></ul> | <ul><li>Read company display name<li>Read all domains<li>Read configuration of certificate-based authentication</li></ul> | <ul><li>Read company display name<li>Read all domains</li></ul>
 Roles and scopes | <ul><li>Read all administrative roles and memberships<li>Read all properties and membership of administrative units</li></ul> | No permissions | No permissions
 Subscriptions | <ul><li>Read all licensing subscriptions<li>Enable service plan memberships</li></ul> | No permissions | No permissions
 Policies | <ul><li>Read all properties of policies<li>Manage all properties of owned policies</li></ul> | No permissions | No permissions

articles/active-directory/multi-tenant-organizations/TOC.yml

@@ -3,36 +3,54 @@
 - name: Overview
   expanded: true
   items:
-  - name: What is a multi-tenant organization?
+  - name: Multi-tenant organization scenario
     href: overview.md
+  - name: What is a multi-tenant organization?
+    href: multi-tenant-organization-overview.md
   - name: What is cross-tenant synchronization?
     href: cross-tenant-synchronization-overview.md
 - name: Concepts
   expanded: true
   items:
+  - name: Multi-tenant organizations and Microsoft 365
+    href: multi-tenant-organization-microsoft-365.md
+  - name: Multi-tenant organization templates
+    href: multi-tenant-organization-templates.md
   - name: Topologies for cross-tenant synchronization
     href: cross-tenant-synchronization-topology.md
 - name: How-to guides
   expanded: true
   items:
-  - name: Configure cross-tenant synchronization
+  - name: Multi-tenant organizations
+    expanded: true
+    items:
+    - name: Configure a multi-tenant organization
+      href: multi-tenant-organization-configure-graph.md
+    - name: Configure templates
+      href: multi-tenant-organization-configure-templates.md
+    - name: Known issues
+      href: multi-tenant-organization-known-issues.md
+  - name: Cross-tenant synchronization
+    expanded: true
     items:
-    - name: Portal
-      href: cross-tenant-synchronization-configure.md
-    - name: PowerShell or Graph API
-      href: cross-tenant-synchronization-configure-graph.md
-  - name: Scoping users or groups to be provisioned
-    href: ../app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md?toc=/azure/active-directory/multi-tenant-organizations/toc.json&pivots=cross-tenant-synchronization
-  - name: Skip deletion for out-of-scope users
-    href: ../app-provisioning/skip-out-of-scope-deletions.md?toc=/azure/active-directory/multi-tenant-organizations/toc.json&pivots=cross-tenant-synchronization
-  - name: Enable accidental deletions prevention
-    href: ../app-provisioning/accidental-deletions.md?toc=/azure/active-directory/multi-tenant-organizations/toc.json&pivots=cross-tenant-synchronization
-  - name: Provision on-demand
-    href: ../app-provisioning/provision-on-demand.md?toc=/azure/active-directory/multi-tenant-organizations/toc.json&pivots=cross-tenant-synchronization
-  - name: Provisioning logs
-    href: ../reports-monitoring/concept-provisioning-logs.md?toc=/azure/active-directory/multi-tenant-organizations/toc.json&pivots=cross-tenant-synchronization
-  - name: Known issues
-    href: ../app-provisioning/known-issues.md?toc=/azure/active-directory/multi-tenant-organizations/toc.json&pivots=cross-tenant-synchronization
+    - name: Configure cross-tenant synchronization
+      items:
+      - name: Portal
+        href: cross-tenant-synchronization-configure.md
+      - name: PowerShell or Graph API
+        href: cross-tenant-synchronization-configure-graph.md
+    - name: Scoping users or groups to be provisioned
+      href: ../app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md?toc=/azure/active-directory/multi-tenant-organizations/toc.json&pivots=cross-tenant-synchronization
+    - name: Skip deletion for out-of-scope users
+      href: ../app-provisioning/skip-out-of-scope-deletions.md?toc=/azure/active-directory/multi-tenant-organizations/toc.json&pivots=cross-tenant-synchronization
+    - name: Enable accidental deletions prevention
+      href: ../app-provisioning/accidental-deletions.md?toc=/azure/active-directory/multi-tenant-organizations/toc.json&pivots=cross-tenant-synchronization
+    - name: Provision on-demand
+      href: ../app-provisioning/provision-on-demand.md?toc=/azure/active-directory/multi-tenant-organizations/toc.json&pivots=cross-tenant-synchronization
+    - name: Provisioning logs
+      href: ../reports-monitoring/concept-provisioning-logs.md?toc=/azure/active-directory/multi-tenant-organizations/toc.json&pivots=cross-tenant-synchronization
+    - name: Known issues
+      href: ../app-provisioning/known-issues.md?toc=/azure/active-directory/multi-tenant-organizations/toc.json&pivots=cross-tenant-synchronization
 - name: Reference
   expanded: true
   items:

articles/active-directory/multi-tenant-organizations/index.yml

@@ -11,7 +11,7 @@ metadata:
   ms.subservice: multi-tenant-organizations
   manager: amycolannino
   ms.topic: landing-page
-  ms.date: 01/23/2023
+  ms.date: 08/22/2023
   author: rolyon
   ms.author: rolyon
 
@@ -24,8 +24,10 @@ landingContent:
     linkLists:
       - linkListType: overview
         links:
-          - text: What is a multi-tenant organization?
+          - text: Multi-tenant organization scenario
             url: overview.md
+          - text: What is a multi-tenant organization?
+            url: multi-tenant-organization-overview.md
           - text: What is cross-tenant synchronization?
             url: cross-tenant-synchronization-overview.md
 
@@ -39,14 +41,40 @@ landingContent:
           - text: Topologies for cross-tenant synchronization
             url: cross-tenant-synchronization-topology.md
 
+  # Card
+  - title: Collaborate in Microsoft 365
+    linkLists:
+      - linkListType: concept
+        links:
+          - text: Multi-tenant organizations and Microsoft 365
+            url: multi-tenant-organization-microsoft-365.md
+          - text: Plan for multi-tenant organizations in Microsoft 365
+            url: /microsoft-365/enterprise/plan-multi-tenant-org-overview
+          - text: Microsoft 365 multi-tenant organization people search
+            url: /microsoft-365/enterprise/multi-tenant-people-search
+
+  # Card
+  - title: Configure a multi-tenant organization
+    linkLists:
+      - linkListType: how-to-guide
+        links:
+          - text: Set up a multi-tenant org in Microsoft 365
+            url: /microsoft-365/enterprise/set-up-multi-tenant-org
+          - text: Join or leave a multi-tenant organization in Microsoft 365
+            url: /microsoft-365/enterprise/join-leave-multi-tenant-org
+          - text: Microsoft Graph API
+            url: multi-tenant-organization-configure-graph.md
+
   # Card
   - title: Configure cross-tenant synchronization
     linkLists:
       - linkListType: how-to-guide
         links:
           - text: Azure portal
             url: cross-tenant-synchronization-configure.md
-          - text: Microsoft Graph API
+          - text: PowerShell or Microsoft Graph API
             url: cross-tenant-synchronization-configure-graph.md
           - text: Scoping users or groups to be provisioned
             url: ../app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md?toc=/azure/active-directory/multi-tenant-organizations/toc.json&pivots=cross-tenant-synchronization
+          - text: Synchronize users in multi-tenant organizations in Microsoft 365
+            url: /microsoft-365/enterprise/sync-users-multi-tenant-orgs