Merge pull request #216748 from MicrosoftDocs/main

11/01 AM Publish

Author: huypub

.openpublishing.publish.config.json

@@ -908,6 +908,7 @@
     ".openpublishing.redirection.azure-percept.json",
     ".openpublishing.redirection.azure-productivity.json",
     ".openpublishing.redirection.azure-australia.json",
+    ".openpublishing.redirection.iot-hub-device-update.json",
     "articles/azure-fluid-relay/.openpublishing.redirection.fluid-relay.json",
     "articles/azure-netapp-files/.openpublishing.redirection.azure-netapp-files.json",
     "articles/azure-relay/.openpublishing.redirection.relay.json",

.openpublishing.redirection.azure-monitor.json

@@ -5465,30 +5465,31 @@
             "source_path_from_root": "/articles/azure-monitor/containers/container-insights-update-metrics.md",
             "redirect_url": "/azure/azure-monitor/containers/container-insights-custom-metrics",
             "redirect_document_id": false
-        }
-        ,
+        },
         {
             "source_path_from_root": "/articles/automation/migrate-oms-update-deployments.md",
             "redirect_url": "/azure/azure-monitor/terminology#april-2018---retirement-of-operations-management-suite-brand",
             "redirect_document_id": false
-        }
-        ,
+        },
         {
             "source_path_from_root": "/articles/azure-monitor/autoscale/autoscale-virtual-machine-scale-sets.md",
             "redirect_url": "/azure/virtual-machine-scale-sets/tutorial-autoscale-template",
             "redirect_document_id": false
-        }
-        ,
+        },
         {
             "source_path_from_root": "/articles/azure-monitor/alerts/alerts-common-schema-integrations.md",
             "redirect_url": "/azure/azure-monitor/alerts/alerts-logic-apps",
             "redirect_document_id": false
-        }
-        ,
+        },
         {
             "source_path_from_root": "/articles/azure-monitor/alerts/action-groups-logic-app.md",
             "redirect_url": "/azure/azure-monitor/alerts/alerts-logic-apps",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/containers/container-insights-prometheus-metrics-addon.md",
+            "redirect_url": "/azure/azure-monitor/essentials/prometheus-metrics-enable",
+            "redirect_document_id": false
         }
     ]
 }

.openpublishing.redirection.iot-hub-device-update.json

@@ -0,0 +1,9 @@
+{
+    "redirections": [
+        {
+            "source_path_from_root": "/articles/iot-hub-device-update/migration-pp-to-ppr.md",
+            "redirect_url": "/azure/iot-hub-device-update/migration-public-preview-refresh-to-ga",
+            "redirect_document_id": true
+        }
+      ]
+}

articles/active-directory-b2c/TOC.yml

@@ -249,9 +249,8 @@
             - name: Authentication options
               href: enable-authentication-in-node-web-app-with-api-options.md
           - name: Secure access to Web API (ASP.NET Core and Node.js)
-            displayName: REST API
-          - name: Enable authentication in your web API
             href: enable-authentication-web-api.md
+            displayName: REST API
           - name: Secure API Management API
             href: secure-api-management.md
             displayName: api, api management, migrate, b2clogin.com 

articles/active-directory-b2c/index.yml

@@ -87,7 +87,7 @@ productDirectory:
 
 ## BAND 3 - CONCEPTUAL CONTENT #############################################################################################################################
 conceptualContent:
-  title: Quickly access to Azure AD B2C documentation 
+  title: Quick access to Azure AD B2C documentation 
   summary: Get quick access to our guides and tutorials for your most common scenarios. 
   items:
     ## CARD 1 ######################

articles/active-directory/authentication/howto-mfa-app-passwords.md

@@ -6,7 +6,7 @@ services: multi-factor-authentication
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 06/20/2022
+ms.date: 11/01/2022
 
 ms.author: justinha
 author: justinha
@@ -24,7 +24,7 @@ Modern authentication is supported for the Microsoft Office 2013 clients and lat
 This article shows you how to use app passwords for legacy applications that don't support multi-factor authentication prompts.
 
 >[!NOTE]
-> App passwords don't work with Conditional Access based multi-factor authentication policies and modern authentication.
+> App passwords don't work with Conditional Access based multi-factor authentication policies and modern authentication. App passwords only work with legacy authentication protocols such as IMAP and SMTP.
 
 ## Overview and considerations
 

articles/active-directory/authentication/howto-mfaserver-dir-ldap.md

@@ -1,12 +1,12 @@
 ---
-title: LDAP Authentication and Azure MFA Server - Azure Active Directory
+title: LDAP Authentication and Azure Multi-Factor Authentication Server - Azure Active Directory
 description: Deploying LDAP Authentication and Azure Multi-Factor Authentication Server.
 
 services: multi-factor-authentication
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 07/11/2018
+ms.date: 10/31/2022
 ms.author: justinha
 author: justinha
 manager: amycolannino
@@ -16,16 +16,14 @@ ms.collection: M365-identity-device-management
 ---
 # LDAP authentication and Azure Multi-Factor Authentication Server
 
-By default, the Azure Multi-Factor Authentication Server is configured to import or synchronize users from Active Directory. However, it can be configured to bind to different LDAP directories, such as an ADAM directory, or specific Active Directory domain controller. When connected to a directory via LDAP, the Azure Multi-Factor Authentication Server can act as an LDAP proxy to perform authentications. It also allows for the use of LDAP bind as a RADIUS target, for pre-authentication of users with IIS Authentication, or for primary authentication in the Azure MFA user portal.
+By default, the Azure Multi-Factor Authentication Server is configured to import or synchronize users from Active Directory. However, it can be configured to bind to different LDAP directories, such as an ADAM directory, or specific Active Directory domain controller. When connected to a directory via LDAP, the Azure Multi-Factor Authentication Server can act as an LDAP proxy to perform authentications. Azure Multi-Factor Authentication Server can also use LDAP bind as a RADIUS target to pre-authenticate IIS users, or for primary authentication in the Azure Multi-Factor Authentication user portal.
 
 To use Azure Multi-Factor Authentication as an LDAP proxy, insert the Azure Multi-Factor Authentication Server between the LDAP client (for example, VPN appliance, application) and the LDAP directory server. The Azure Multi-Factor Authentication Server must be configured to communicate with both the client servers and the LDAP directory. In this configuration, the Azure Multi-Factor Authentication Server accepts LDAP requests from client servers and applications and forwards them to the target LDAP directory server to validate the primary credentials. If the LDAP directory validates the primary credentials, Azure Multi-Factor Authentication performs a second identity verification and sends a response back to the LDAP client. The entire authentication succeeds only if both the LDAP server authentication and the second-step verification succeed.
 
 > [!IMPORTANT]
-> As of July 1, 2019, Microsoft no longer offers MFA Server for new deployments. New customers that want to require multi-factor authentication (MFA) during sign-in events should use cloud-based Azure AD Multi-Factor Authentication.
+> In September 2022, Microsoft announced deprecation of Azure Multi-Factor Authentication Server. Beginning September 30, 2024, Azure Multi-Factor Authentication Server deployments will no longer service multifactor authentication (MFA) requests, which could cause authentications to fail for your organization. To ensure uninterrupted authentication services and to remain in a supported state, organizations should [migrate their users’ authentication data](how-to-migrate-mfa-server-to-azure-mfa-user-authentication.md) to the cloud-based Azure Multi-Factor Authentication service by using the latest Migration Utility included in the most recent [Azure Multi-Factor Authentication Server update](https://www.microsoft.com/download/details.aspx?id=55849). For more information, see [Azure Multi-Factor Authentication Server Migration](how-to-migrate-mfa-server-to-azure-mfa.md).
 >
-> To get started with cloud-based MFA, see [Tutorial: Secure user sign-in events with Azure AD Multi-Factor Authentication](tutorial-enable-azure-mfa.md).
->
-> Existing customers that activated MFA Server before July 1, 2019 can download the latest version, future updates, and generate activation credentials as usual.
+> To get started with cloud-based MFA, see [Tutorial: Secure user sign-in events with Azure Multi-Factor Authentication](tutorial-enable-azure-mfa.md).
 
 ## Configure LDAP authentication
 
@@ -42,9 +40,9 @@ To configure LDAP authentication, install the Azure Multi-Factor Authentication
 4. If you plan to use LDAPS from the client to the Azure Multi-Factor Authentication Server, an TLS/SSL certificate must be installed on the same server as MFA Server. Click **Browse** next to the SSL (TLS) certificate box, and select a certificate to use for the secure connection.
 5. Click **Add**.
 6. In the Add LDAP Client dialog box, enter the IP address of the appliance, server, or application that authenticates to the Server and an Application name (optional). The Application name appears in Azure Multi-Factor Authentication reports and may be displayed within SMS or Mobile App authentication messages.
-7. Check the **Require Azure Multi-Factor Authentication user match** box if all users have been or will be imported into the Server and subject to two-step verification. If a significant number of users have not yet been imported into the Server and/or are exempt from two-step verification, leave the box unchecked. See the MFA Server help file for additional information on this feature.
+7. Check the **Require Azure Multi-Factor Authentication user match** box if all users have been or will be imported into the Server and subject to two-step verification. If a significant number of users haven't yet been imported into the Server and/or are exempt from two-step verification, leave the box unchecked. See the MFA Server help file for additional information on this feature.
 
-Repeat these steps to add additional LDAP clients.
+Repeat these steps to add more LDAP clients.
 
 ### Configure the LDAP directory connection
 
@@ -70,14 +68,14 @@ When the Azure Multi-Factor Authentication is configured to receive LDAP authent
 12. Click the **Company Settings** icon and select the **Username Resolution** tab.
 13. If you're connecting to Active Directory from a domain-joined server, leave the **Use Windows security identifiers (SIDs) for matching usernames** radio button selected. Otherwise, select the **Use LDAP unique identifier attribute for matching usernames** radio button.
 
-When the **Use LDAP unique identifier attribute for matching usernames** radio button is selected, the Azure Multi-Factor Authentication Server attempts to resolve each username to a unique identifier in the LDAP directory. An LDAP search is performed on the Username attributes defined in the Directory Integration -> Attributes tab. When a user authenticates, the username is resolved to the unique identifier in the LDAP directory. The unique identifier is used for matching the user in the Azure Multi-Factor Authentication data file. This allows for case-insensitive comparisons, and long and short username formats.
+When the **Use LDAP unique identifier attribute for matching usernames** radio button is selected, the Azure Multi-Factor Authentication Server attempts to resolve each username to a unique identifier in the LDAP directory. An LDAP search is performed on the Username attributes defined in the Directory Integration > Attributes tab. When a user authenticates, the username is resolved to the unique identifier in the LDAP directory. The unique identifier is used for matching the user in the Azure Multi-Factor Authentication data file. This allows for case-insensitive comparisons, and long and short username formats.
 
 After you complete these steps, the MFA Server listens on the configured ports for LDAP access requests from the configured clients, and acts as a proxy for those requests to the LDAP directory for authentication.
 
 ## Configure LDAP client
 
 To configure the LDAP client, use the guidelines:
 
-* Configure your appliance, server, or application to authenticate via LDAP to the Azure Multi-Factor Authentication Server as though it were your LDAP directory. Use the same settings that you would normally use to connect directly to your LDAP directory, except for the server name or IP address, which will be that of the Azure Multi-Factor Authentication Server.
-* Configure the LDAP timeout to 30-60 seconds so that there is time to validate the user's credentials with the LDAP directory, perform the second-step verification, receive their response, and respond to the LDAP access request.
+* Configure your appliance, server, or application to authenticate via LDAP to the Azure Multi-Factor Authentication Server as though it were your LDAP directory. Use the same settings that you normally use to connect directly to your LDAP directory, but use the Azure Multi-Factor Authentication Server for the server name or IP address.
+* Configure the LDAP timeout to 30-60 seconds to provide enough time to validate the user's credentials with the LDAP directory, perform the second-step verification, receive their response, and respond to the LDAP access request.
 * If using LDAPS, the appliance or server making the LDAP queries must trust the TLS/SSL certificate installed on the Azure Multi-Factor Authentication Server.