Merge pull request #236832 from MicrosoftDocs/main

5/03 PM Publish

Author: huypub

.openpublishing.redirection.json

@@ -5753,6 +5753,11 @@
             "redirect_url": "/azure/app-service-mobile",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/quotas/classic-deployment-model-quota-increase-requests.md",
+            "redirect_url": "/azure/quotas",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/app-service-mobile-net-upgrading-from-mobile-services.md",
             "redirect_url": "/azure/app-service-mobile",

articles/active-directory/authentication/concept-authentication-strengths.md

@@ -203,8 +203,6 @@ An authentication strength Conditional Access policy works together with [MFA tr
 
 - **Using 'Require one of the selected controls' with 'require authentication strength' control** - After you select authentication strengths grant control and additional controls, all the selected controls must be satisfied in order to gain access to the resource. Using **Require one of the selected controls** isn't applicable, and will default to requiring all the controls in the policy.
 
-- **Authentication loop** -  When the user is required to use Microsoft Authenticator (Phone Sign-in) but the user is not registered for this method, they will be given instructions on how to set up the Microsoft Authenticator, that does not include how to enable Passwordless sign-in. As a result, the user can get into an authentication loop. To avoid this issue, make sure the user is registered for the method before the Conditional Access policy is enforced. Phone Sign-in can be registered using the steps outlined here: [Add your work or school account to the Microsoft Authenticator app ("Sign in with your credentials")](https://support.microsoft.com/en-us/account-billing/add-your-work-or-school-account-to-the-microsoft-authenticator-app-43a73ab5-b4e8-446d-9e54-2a4cb8e4e93c)
-
 
 ## Limitations
 

articles/active-directory/authentication/concept-registration-mfa-sspr-combined.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 03/06/2023
+ms.date: 05/03/2023
 
 ms.author: justinha
 author: justinha
@@ -17,7 +17,7 @@ ms.collection: M365-identity-device-management
 ---
 # Combined security information registration for Azure Active Directory overview
 
-Before combined registration, users registered authentication methods for Azure AD Multi-Factor Authentication and self-service password reset (SSPR) separately. People were confused that similar methods were used for multifactor authentication and SSPR but they had to register for both features. Now, with combined registration, users can register once and get the benefits of both multifactor authentication and SSPR. We recommend this video on [How to enable and configure SSPR in Azure AD](https://www.youtube.com/watch?v=rA8TvhNcCvQ)
+Before combined registration, users registered authentication methods for Azure AD Multi-Factor Authentication and self-service password reset (SSPR) separately. People were confused that similar methods were used for multifactor authentication and SSPR but they had to register for both features. Now, with combined registration, users can register once and get the benefits of both multifactor authentication and SSPR. We recommend this video on [How to enable and configure SSPR in Azure AD](https://www.youtube.com/watch?v=rA8TvhNcCvQ).
 
 
 ![My Account showing registered Security info for a user](media/concept-registration-mfa-sspr-combined/combined-security-info-defaults-registered.png)
@@ -50,11 +50,15 @@ Combined registration supports the authentication methods and actions in the fol
 | FIDO2 security keys*| Yes | No | Yes |
 
 > [!NOTE]
-> <b>Microsoft Authenticator</b> if the authentication mode set in policy for Microsoft Authenticator is passwordless, users will need to enable passwordless sign-in from within the Microsoft Authenticator app. Learn more on [user regsitration of passwordless phone sign-in here.](../authentication/howto-authentication-passwordless-phone.md#user-registration). <br />
-> <b>Alternate phone</b> can only be registered in *manage mode* on the [Security info](https://mysignins.microsoft.com/security-info) page and requires Voice calls to be enabled in the Authentication methods policy. <br /> 
-> <b>Office phone</b> can only be registered in *Interrupt mode* if the users *Business phone* property has been set. Office phone can be added by users in *Managed mode from the [Security info](https://mysignins.microsoft.com/security-info)* without this requirement.  <br />
-> <b>App passwords</b> are available only to users who have been enforced for per-user MFA. App passwords aren't available to users who are enabled for Azure AD Multi-Factor Authentication by a Conditional Access policy. <br />
-> <b>FIDO2 security keys</b>, can only be added in *manage mode only* on the [Security info](https://mysignins.microsoft.com/security-info) page.
+> If you enable Microsoft Authenticator for passwordless authentication mode in the Authentication methods policy, users need to also enable passwordless sign-in in the Authenticator app.
+>
+> Alternate phone can only be registered in *Manage mode* on [https://aka.ms/mysecurityinfo](https://aka.ms/mysecurityinfo) and requires Voice calls to be enabled in the Authentication methods policy.
+>
+> Office phone can only be registered in *Interrupt mode* if the users *Business phone* property has been set. Office phone can be added by users in *Managed mode* from [https://aka.ms/mysecurityinfo](https://aka.ms/mysecurityinfo) without this requirement.
+>
+> App passwords are available only to users who have been enforced for per-user MFA. App passwords aren't available to users who are enabled for Azure AD Multi-Factor Authentication by a Conditional Access policy.
+>
+> FIDO2 security keys, can only be added in *Manage mode* on [https://aka.ms/mysecurityinfo](https://aka.ms/mysecurityinfo).
 
 Users can set one of the following options as the default multifactor authentication method. 
 

articles/active-directory/authentication/howto-authentication-use-email-signin.md

@@ -125,6 +125,9 @@ One of the user attributes that's automatically synchronized by Azure AD Connect
 
 Email as an alternate login ID applies to [Azure AD B2B collaboration](../external-identities/what-is-b2b.md) under a "bring your own sign-in identifiers" model. When email as an alternate login ID is enabled in the home tenant, Azure AD users can perform guest sign in with non-UPN email on the resource tenant endpoint. No action is required from the resource tenant to enable this functionality.
 
+> [!NOTE]
+> When an alternate login ID is used on a resource tenant endpoint that does not have the functionality enabled, the sign-in process will work seamlessly, but SSO will be interrupted.  
+
 ## Enable user sign-in with an email address
 
 > [!NOTE]

articles/active-directory/authentication/howto-password-ban-bad-on-premises-deploy.md

@@ -249,7 +249,7 @@ To install the Azure AD Password Protection proxy service, complete the followin
 
     Registration of the Azure AD Password Protection proxy service is necessary only once in the lifetime of the service. After that, the Azure AD Password Protection proxy service will automatically perform any other necessary maintenance.
 
-1. To make sure that the changes have taken effect, run `Test-AzureADPasswordProtectionDCAgentHealth -TestAll`. For help resolving errors, see [Troubleshoot: On-premises Azure AD Password Protection](howto-password-ban-bad-on-premises-troubleshoot.md).
+1. To make sure that the changes have taken effect, run `Test-AzureADPasswordProtectionProxyHealth -TestAll`. For help resolving errors, see [Troubleshoot: On-premises Azure AD Password Protection](howto-password-ban-bad-on-premises-troubleshoot.md).
 
 1. Now register the on-premises Active Directory forest with the necessary credentials to communicate with Azure by using the `Register-AzureADPasswordProtectionForest` PowerShell cmdlet.
 
@@ -304,7 +304,7 @@ To install the Azure AD Password Protection proxy service, complete the followin
     
     For `Register-AzureADPasswordProtectionForest` to succeed, at least one DC running Windows Server 2012 or later must be available in the Azure AD Password Protection proxy server's domain. The Azure AD Password Protection DC agent software doesn't have to be installed on any domain controllers prior to this step.
 
-1. To make sure that the changes have taken effect, run `Test-AzureADPasswordProtectionDCAgentHealth -TestAll`. For help resolving errors, see [Troubleshoot: On-premises Azure AD Password Protection](howto-password-ban-bad-on-premises-troubleshoot.md).
+1. To make sure that the changes have taken effect, run `Test-AzureADPasswordProtectionProxyHealth -TestAll`. For help resolving errors, see [Troubleshoot: On-premises Azure AD Password Protection](howto-password-ban-bad-on-premises-troubleshoot.md).
 
 ### Configure the proxy service to communicate through an HTTP proxy
 

articles/active-directory/develop/spa-quickstart-portal-angular-ciam.md

@@ -20,7 +20,7 @@ ms.date: 05/05/2023
 > [!div renderon="portal" id="display-on-portal" class="sxs-lookup"]
 > 1. Make sure you've installed [Node.js](https://nodejs.org/en/download/).
 >
-> 1. Unzip the sample, `cd` into the folder that contains `package.json`, then run the following commands:
+> 1. Unzip the sample app, `cd` into the folder that contains `package.json`, then run the following commands:
 >     ```console
 >     npm install && npm start
 >     ```

articles/active-directory/develop/spa-quickstart-portal-react-ciam.md

@@ -20,7 +20,7 @@ ms.date: 05/05/2023
 > [!div renderon="portal" id="display-on-portal" class="sxs-lookup"]
 > 1. Make sure you've installed [Node.js](https://nodejs.org/en/download/).
 >
-> 1. Unzip the sample, `cd` into the folder that contains `package.json`, then run the following commands:
+> 1. Unzip the sample app, `cd` into the folder that contains `package.json`, then run the following commands:
 >     ```console
 >     npm install && npm start
 >     ```

articles/active-directory/develop/spa-quickstart-portal-vanilla-js-ciam.md

@@ -20,9 +20,9 @@ ms.date: 05/05/2023
 > [!div renderon="portal" id="display-on-portal" class="sxs-lookup"]
 > 1. Make sure you've installed [Node.js](https://nodejs.org/en/download/).
 >
-> 1. Unzip the sample, `cd` into the app root folder, then run the following commands:
+> 1. Unzip the sample app, `cd` into the app root folder, then run the following command:
 >     ```console
->     cd App && npm install && npm start
+>     npm install && npm start
 >     ```
 > 1. Open your browser, visit `http://locahost:3000`, select **Sign-in**, then follow the prompts.
 >

articles/active-directory/develop/web-app-quickstart-portal-dotnet-ciam.md

@@ -18,9 +18,9 @@ ms.date: 05/05/2023
 > In this quickstart, you download and run a code sample that demonstrates how ASP.NET web app can sign in users with Azure Active Directory for customers.
 >
 > [!div renderon="portal" id="display-on-portal" class="sxs-lookup"]
-> 1. Make sure you've installed Make sure you've installed [.NET SDK v7](https://dotnet.microsoft.com/download/dotnet/7.0) or later.
+> 1. Make sure you've installed [.NET SDK v7](https://dotnet.microsoft.com/download/dotnet/7.0) or later.
 >
-> 1. Unzip the sample, `cd` into the app root folder, then run the following command:
+> 1. Unzip the sample app, `cd` into the app root folder, then run the following command:
 >     ```console
 >     dotnet run
 >     ```

articles/active-directory/develop/web-app-quickstart-portal-node-js-ciam.md

@@ -20,7 +20,7 @@ ms.date: 05/05/2023
 > [!div renderon="portal" id="display-on-portal" class="sxs-lookup"]
 > 1. Make sure you've installed [Node.js](https://nodejs.org/en/download/).
 >
-> 1. Unzip the sample, `cd` into the folder that contains `package.json`, then run the following commands:
+> 1. Unzip the sample app, `cd` into the folder that contains `package.json`, then run the following command:
 >     ```console
 >     npm install && npm start
 >     ```