Merge pull request #251692 from billmath/rebrand1

updating

Author: v-dirichards

articles/active-directory/hybrid/accidental-deletes.md

@@ -26,13 +26,11 @@ You can change the default behavior and tailor it to your organizations needs.
 To use the new feature, follow the steps below.
 
 
- 1.  In the Azure portal, select **Azure Active Directory**.
- 2.  On the left, select **Azure AD Connect**.
- 3.  On the left, select **Cloud sync**.
- 4. Under **Configuration**, select your configuration.
- 5. Select **View default properties**.
- 6. Click the pencil next to **Basics**
- 5. On the right, fill in the following information.
+[!INCLUDE [sign in](../../../includes/cloud-sync-sign-in.md)]
+ 3. Under **Configuration**, select your configuration.
+ 4. Select **View default properties**.
+ 5. Click the pencil next to **Basics**
+ 6. On the right, fill in the following information.
 	 - **Notification email** - email used for notifications
 	- **Prevent accidental deletions** - check this box to enable the feature
 	- **Accidental deletion threshold** - enter the number of objects to stop synchronization and send a notification

articles/active-directory/hybrid/accounts.md

@@ -42,7 +42,7 @@ Azure AD Connect uses three accounts to *synchronize information* from on-premis
 |Azure AD Connector account|Used to write information to Azure AD.|
 |Local Administrator account|The administrator who is installing Azure AD Connect and who has local Administrator permissions on the computer.|
 |AD DS Enterprise Administrator account|Optionally used to create the required AD DS Connector account.|
-|Azure AD Global Administrator account|Used to create the Azure AD Connector account and to configure Azure AD. You can view Global Administrator and Hybrid Identity Administrator accounts in the Azure portal. See [List Azure AD role assignments](../roles/view-assignments.md).|
+|Azure AD Global Administrator account|Used to create the Azure AD Connector account and to configure Azure AD. You can view Global Administrator and Hybrid Identity Administrator accounts in the [Microsoft Entra admin center](https://entra.microsoft.com). See [List Azure AD role assignments](../roles/view-assignments.md).|
 |SQL SA account (optional)|Used to create the ADSync database when you use the full version of SQL Server. The instance of SQL Server can be local or remote to the Azure AD Connect installation. This account can be the same account as the Enterprise Administrator account.|
 
 For more information, on Azure AD Connet accounts, and how to configure them, see [Accounts and permissions](connect/reference-connect-accounts-permissions.md).

articles/active-directory/hybrid/connect/choose-ad-authn.md

@@ -169,7 +169,7 @@ The following diagrams outline the high-level architecture components required f
 |What are the on-premises server requirements beyond the provisioning system: Azure AD Connect?|None|One server for each additional authentication agent|Two or more AD FS servers<br><br>Two or more WAP servers in the perimeter/DMZ network|
 |What are the requirements for on-premises Internet and networking beyond the provisioning system?|None|[Outbound Internet access](how-to-connect-pta-quick-start.md) from the servers running authentication agents|[Inbound Internet access](/windows-server/identity/ad-fs/overview/ad-fs-requirements) to WAP servers in the perimeter<br><br>Inbound network access to AD FS servers from WAP servers in the perimeter<br><br>Network load balancing|
 |Is there a TLS/SSL certificate requirement?|No|No|Yes|
-|Is there a health monitoring solution?|Not required|Agent status provided by the [Azure portal](tshoot-connect-pass-through-authentication.md)|[Azure AD Connect Health](how-to-connect-health-adfs.md)|
+|Is there a health monitoring solution?|Not required|Agent status provided by the [[Microsoft Entra admin center](https://entra.microsoft.com)](tshoot-connect-pass-through-authentication.md)|[Azure AD Connect Health](how-to-connect-health-adfs.md)|
 |Do users get single sign-on to cloud resources from domain-joined devices within the company network?|Yes with [Azure AD joined devices](../../devices/concept-directory-join.md), [Hybrid Azure AD joined devices](../../devices/how-to-hybrid-join.md), the [Microsoft Enterprise SSO plug-in for Apple devices](../../develop/apple-sso-plugin.md), or [Seamless SSO](how-to-connect-sso.md)|Yes with [Azure AD joined devices](../../devices/concept-directory-join.md), [Hybrid Azure AD joined devices](../../devices/how-to-hybrid-join.md), the [Microsoft Enterprise SSO plug-in for Apple devices](../../develop/apple-sso-plugin.md), or [Seamless SSO](how-to-connect-sso.md)|Yes|
 |What sign-in types are supported?|UserPrincipalName + password<br><br>Windows-Integrated Authentication by using [Seamless SSO](how-to-connect-sso.md)<br><br>[Alternate login ID](how-to-connect-install-custom.md)<br><br>[Azure AD Joined Devices](../../devices/concept-directory-join.md)<br><br>[Hybrid Azure AD joined devices](../../devices/how-to-hybrid-join.md)<br><br>[Certificate and smart card authentication](../../authentication/concept-certificate-based-authentication-smartcard.md)|UserPrincipalName + password<br><br>Windows-Integrated Authentication by using [Seamless SSO](how-to-connect-sso.md)<br><br>[Alternate login ID](how-to-connect-pta-faq.yml)<br><br>[Azure AD Joined Devices](../../devices/concept-directory-join.md)<br><br>[Hybrid Azure AD joined devices](../../devices/how-to-hybrid-join.md)<br><br>[Certificate and smart card authentication](../../authentication/concept-certificate-based-authentication-smartcard.md)|UserPrincipalName + password<br><br>sAMAccountName + password<br><br>Windows-Integrated Authentication<br><br>[Certificate and smart card authentication](/windows-server/identity/ad-fs/operations/configure-user-certificate-authentication)<br><br>[Alternate login ID](/windows-server/identity/ad-fs/operations/configuring-alternate-login-id)|
 |Is Windows Hello for Business supported?|[Key trust model](/windows/security/identity-protection/hello-for-business/hello-identity-verification)<br><br>[Hybrid Cloud Trust](/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-trust)|[Key trust model](/windows/security/identity-protection/hello-for-business/hello-identity-verification)<br><br>[Hybrid Cloud Trust](/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-trust)<br><br>*Both require Windows Server 2016 Domain functional level*|[Key trust model](/windows/security/identity-protection/hello-for-business/hello-identity-verification)<br><br>[Hybrid Cloud Trust](/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-trust)<br><br>[Certificate trust model](/windows/security/identity-protection/hello-for-business/hello-key-trust-adfs)|

articles/active-directory/hybrid/connect/cloud-governed-management-for-on-premises.md

@@ -18,7 +18,7 @@ ms.collection: M365-identity-device-management
 
 Azure Active Directory (Azure AD) is a comprehensive identity as a service (IDaaS) solution used by millions of organizations that span all aspects of identity, access management, and security. Azure AD holds more than a billion user identities and helps users sign in and securely access both:
 
-* External resources, such as Microsoft 365, the Azure portal, and thousands of other Software-as-a-Service (SaaS) applications.
+* External resources, such as Microsoft 365, the [Microsoft Entra admin center](https://entra.microsoft.com), and thousands of other Software-as-a-Service (SaaS) applications.
 * Internal resources, such as applications on an organization's corporate network and intranet, along with any cloud applications developed by that organization.
 
 Organizations can use Azure AD if they are 'pure cloud,' or as a 'hybrid' deployment if they have on-premises workloads. A hybrid deployment of Azure AD can be part of a strategy for an organization to migrate its IT assets to the cloud, or to continue to integrate existing on-premises infrastructure alongside new cloud services.

articles/active-directory/hybrid/connect/four-steps.md

@@ -113,7 +113,7 @@ For organizations already using AD FS or another on-premises authentication prov
 
 ### Enable automatic deprovisioning of accounts
 
-Enabling automated provisioning and deprovisioning to your applications is the best strategy for governing the lifecycle of identities across multiple systems. Azure AD supports [automated, policy-based provisioning and deprovisioning](../../app-provisioning/configure-automatic-user-provisioning-portal.md) of user accounts to various popular SaaS applications such as ServiceNow and Salesforce, and others that implement the [SCIM 2.0 protocol](../../app-provisioning/use-scim-to-provision-users-and-groups.md). Unlike traditional provisioning solutions, which require custom code or manual uploading of CSV files, the provisioning service is hosted in the cloud, and features pre-integrated connectors that can be set up and managed using the Azure portal. A key benefit of automatic deprovisioning is that it helps secure your organization by instantly removing users' identities from key SaaS apps when they leave the organization.
+Enabling automated provisioning and deprovisioning to your applications is the best strategy for governing the lifecycle of identities across multiple systems. Azure AD supports [automated, policy-based provisioning and deprovisioning](../../app-provisioning/configure-automatic-user-provisioning-portal.md) of user accounts to various popular SaaS applications such as ServiceNow and Salesforce, and others that implement the [SCIM 2.0 protocol](../../app-provisioning/use-scim-to-provision-users-and-groups.md). Unlike traditional provisioning solutions, which require custom code or manual uploading of CSV files, the provisioning service is hosted in the cloud, and features pre-integrated connectors that can be set up and managed using the [Microsoft Entra admin center](https://entra.microsoft.com). A key benefit of automatic deprovisioning is that it helps secure your organization by instantly removing users' identities from key SaaS apps when they leave the organization.
 
 To learn more about automatic user account provisioning and how it works, see [Automate User Provisioning and Deprovisioning to SaaS Applications with Azure Active Directory](../../app-provisioning/user-provisioning.md).
 

articles/active-directory/hybrid/connect/how-to-connect-group-writeback-v2.md

@@ -33,7 +33,7 @@ There are two versions of group writeback. The original version is in general av
 - Written-back groups nested as members of on-premises Active Directory synced groups will be synced up to Azure AD as nested. 
 - Devices that are members of writeback-enabled groups in Azure AD will be written back as members of Active Directory. Azure AD-registered and Azure AD-joined devices require device writeback to be enabled for group membership to be written back.
 - You can configure the common name in an Active Directory group's distinguished name to include the group's display name when it's written back.  
-- You can use the Azure portal, Graph Explorer, and PowerShell to configure which Azure AD groups are written back. 
+- You can use the [Microsoft Entra admin center](https://entra.microsoft.com), Graph Explorer, and PowerShell to configure which Azure AD groups are written back. 
 
 The new version is enabled on the tenant and not per Azure AD Connect client instance. Make sure that all Azure AD Connect client instances are updated to a minimal build of [Azure AD Connect version 2.0 or later](https://www.microsoft.com/download/details.aspx?id=47594) if group writeback is currently enabled on the client instance.