Merge pull request #247399 from alexbuckgit/alexbuckgit/docutune-autopr-20230804-193350-7351350-ignore-build

Stacyrch140 · web-flow · commit a123f5728684 · 2023-08-04T18:15:16.000-04:00
[BULK] DocuTune - Standardize sign-in terminology
diff --git a/articles/active-directory/app-proxy/application-proxy-deployment-plan.md b/articles/active-directory/app-proxy/application-proxy-deployment-plan.md
@@ -274,7 +274,7 @@ Microsoft advocates the principle of granting the least possible privilege to pe
 | Business role| Business tasks| Azure AD roles |
 |---|---|---|
 | Help desk admin | Typically limited to qualifying end user reported issues and performing limited tasks such as changing users’ passwords, invalidating refresh tokens, and monitoring service health. | Helpdesk Administrator |
-| Identity admin| Read Azure AD sign in reports and audit logs to debug App Proxy related issues.| Security reader |
+| Identity admin| Read Azure AD sign-in reports and audit logs to debug App Proxy related issues.| Security reader |
 | Application owner| Create and manage all aspects of enterprise applications, application registrations, and application proxy settings.| Application Admin |
 | Infrastructure admin | Certificate Rollover Owner | Application Admin |
 
diff --git a/articles/active-directory/app-proxy/application-proxy-integrate-with-power-bi.md b/articles/active-directory/app-proxy/application-proxy-integrate-with-power-bi.md
@@ -124,7 +124,7 @@ Before the Power BI mobile app can connect and access Report Services, you must
 
    ![Power BI mobile app with External URL](media/application-proxy-integrate-with-power-bi/app-proxy-power-bi-mobile-app.png)
 
-2. Select **Connect**. You'll be directed to the Azure Active Directory sign in page.
+2. Select **Connect**. You'll be directed to the Azure Active Directory sign-in page.
 
 3. Enter valid credentials for your user and select **Sign in**. You'll see the elements from your Reporting Services server.
 
diff --git a/articles/active-directory/architecture/govern-service-accounts.md b/articles/active-directory/architecture/govern-service-accounts.md
@@ -94,8 +94,8 @@ Monitor your service accounts to ensure usage patterns are correct, and that the
 
 Use one of the following monitoring methods:
 
-* Azure AD Sign-In Logs in the Azure portal
-* Export the Azure AD Sign-In Logs to 
+* Azure AD sign-in logs in the Azure portal
+* Export the Azure AD sign-in logs to 
   * [Azure Storage documentation](../../storage/index.yml)
   * [Azure Event Hubs documentation](../../event-hubs/index.yml), or 
   * [Azure Monitor Logs overview](../../azure-monitor/logs/data-platform-logs.md)
diff --git a/articles/active-directory/architecture/security-operations-user-accounts.md b/articles/active-directory/architecture/security-operations-user-accounts.md
@@ -175,7 +175,7 @@ We recommend that user and privileged accounts only be created following your or
 
 Seeing failures for user authentication is normal. But seeing patterns or blocks of failures can be an indicator that something is happening with a user's Identity. For example, during Password spray or Brute Force attacks, or when a user account is compromised. It's critical that you monitor and alert when patterns emerge. This helps ensure you can protect the user and your organization's data.
 
-Success appears to say all is well. But it can mean that a bad actor has successfully accessed a service. Monitoring successful logins helps you detect user accounts that are gaining access but aren't user accounts that should have access. User authentication successes are normal entries in Azure AD Sign-Ins logs. We recommend you monitor and alert to detect when patterns emerge. This helps ensure you can protect user accounts and your organization's data.
+Success appears to say all is well. But it can mean that a bad actor has successfully accessed a service. Monitoring successful logins helps you detect user accounts that are gaining access but aren't user accounts that should have access. User authentication successes are normal entries in Azure AD sign-in logs. We recommend you monitor and alert to detect when patterns emerge. This helps ensure you can protect user accounts and your organization's data.
 
 As you design and operationalize a log monitoring and alerting strategy, consider the tools available to you through the Azure portal. Identity Protection enables you to automate the detection, protection, and remediation of identity-based risks. Identity protection uses intelligence-fed machine learning and heuristic systems to detect risk and assign a risk score for users and sign-ins. Customers can configure policies based on a risk level for when to allow or deny access or allow the user to securely self-remediate from a risk. The following Identity Protection risk detections inform risk levels today:
 
diff --git a/articles/active-directory/authentication/howto-mfa-getstarted.md b/articles/active-directory/authentication/howto-mfa-getstarted.md
@@ -238,7 +238,7 @@ Azure AD has reports that provide technical and business insights, follow the pr
 
 You can monitor authentication method registration and usage across your organization using the [Authentication Methods Activity dashboard](howto-authentication-methods-activity.md). This helps you understand what methods are being registered and how they're being used.
 
-#### Sign in report to review MFA events
+#### Sign-in report to review MFA events
 
 The Azure AD sign-in reports include authentication details for events when a user is prompted for MFA, and if any Conditional Access policies were in use. You can also use PowerShell for reporting on users registered for Azure AD Multi-Factor Authentication. 
 
diff --git a/articles/active-directory/conditional-access/concept-condition-filters-for-devices.md b/articles/active-directory/conditional-access/concept-condition-filters-for-devices.md
@@ -123,8 +123,8 @@ The following device attributes can be used with the filter for devices conditio
 | operatingSystem | Equals, NotEquals, StartsWith, NotStartsWith, EndsWith, NotEndsWith, Contains, NotContains, In, NotIn | A valid operating system (like Windows, iOS, or Android) | (device.operatingSystem -eq "Windows") |
 | operatingSystemVersion | Equals, NotEquals, StartsWith, NotStartsWith, EndsWith, NotEndsWith, Contains, NotContains, In, NotIn | A valid operating system version (like 6.1 for Windows 7, 6.2 for Windows 8, or 10.0 for Windows 10 and Windows 11) | (device.operatingSystemVersion -in ["10.0.18363", "10.0.19041", "10.0.19042", "10.0.22000"]) |
 | physicalIds | Contains, NotContains | As an example all Windows Autopilot devices store ZTDId (a unique value assigned to all imported Windows Autopilot devices) in device physicalIds property. | (device.physicalIds -contains "[ZTDId]:value") |
-| profileType | Equals, NotEquals | A valid profile type set for a device. Supported values are: RegisteredDevice (default), SecureVM (used for Windows VMs in Azure enabled with Azure AD sign in.), Printer (used for printers), Shared (used for shared devices), IoT (used for IoT devices) | (device.profileType -eq "Printer") |
-| systemLabels | Contains, NotContains | List of labels applied to the device by the system. Some of the supported values are: AzureResource (used for Windows VMs in Azure enabled with Azure AD sign in), M365Managed (used for devices managed using Microsoft Managed Desktop), MultiUser (used for shared devices) | (device.systemLabels -contains "M365Managed") |
+| profileType | Equals, NotEquals | A valid profile type set for a device. Supported values are: RegisteredDevice (default), SecureVM (used for Windows VMs in Azure enabled with Azure AD sign-in), Printer (used for printers), Shared (used for shared devices), IoT (used for IoT devices) | (device.profileType -eq "Printer") |
+| systemLabels | Contains, NotContains | List of labels applied to the device by the system. Some of the supported values are: AzureResource (used for Windows VMs in Azure enabled with Azure AD sign-in), M365Managed (used for devices managed using Microsoft Managed Desktop), MultiUser (used for shared devices) | (device.systemLabels -contains "M365Managed") |
 | trustType | Equals, NotEquals | A valid registered state for devices. Supported values are: AzureAD (used for Azure AD joined devices), ServerAD (used for Hybrid Azure AD joined devices), Workplace (used for Azure AD registered devices) | (device.trustType -eq "ServerAD") |
 | extensionAttribute1-15 | Equals, NotEquals, StartsWith, NotStartsWith, EndsWith, NotEndsWith, Contains, NotContains, In, NotIn | extensionAttributes1-15 are attributes that customers can use for device objects. Customers can update any of the extensionAttributes1 through 15 with custom values and use them in the filter for devices condition in Conditional Access. Any string value can be used. | (device.extensionAttribute1 -eq "SAW") |
 
diff --git a/articles/active-directory/develop/msal-java-adfs-support.md b/articles/active-directory/develop/msal-java-adfs-support.md
@@ -44,4 +44,4 @@ When you acquire a token using `ConfidentialClientApplication.AcquireToken()` or
 
 ## Next steps
 
-For the federated case, see [Configure Azure Active Directory sign in behavior for an application by using a Home Realm Discovery policy](../manage-apps/configure-authentication-for-federated-users-portal.md)
+For the federated case, see [Configure Azure Active Directory sign-in behavior for an application by using a Home Realm Discovery policy](../manage-apps/configure-authentication-for-federated-users-portal.md)
diff --git a/articles/active-directory/develop/msal-net-adfs-support.md b/articles/active-directory/develop/msal-net-adfs-support.md
@@ -58,4 +58,4 @@ Currently, there are no plans to support a direct connection to:
 
 ## Next steps
 
-For the federated case, see [Configure Azure Active Directory sign in behavior for an application by using a Home Realm Discovery policy](../manage-apps/configure-authentication-for-federated-users-portal.md)
+For the federated case, see [Configure Azure Active Directory sign-in behavior for an application by using a Home Realm Discovery policy](../manage-apps/configure-authentication-for-federated-users-portal.md)
diff --git a/articles/active-directory/develop/msal-python-adfs-support.md b/articles/active-directory/develop/msal-python-adfs-support.md
@@ -55,4 +55,4 @@ MSAL Python supports ADFS 2019, but does not support a direct connection to ADFS
 
 ## Next steps
 
-- For the federated case, see [Configure Azure Active Directory sign in behavior for an application by using a Home Realm Discovery policy](../manage-apps/configure-authentication-for-federated-users-portal.md)
+- For the federated case, see [Configure Azure Active Directory sign-in behavior for an application by using a Home Realm Discovery policy](../manage-apps/configure-authentication-for-federated-users-portal.md)
diff --git a/articles/active-directory/devices/troubleshoot-mac-sso-extension-plugin.md b/articles/active-directory/devices/troubleshoot-mac-sso-extension-plugin.md
@@ -377,7 +377,7 @@ Analyzing the SSO extension logs is an excellent way to troubleshoot the authent
    - Native MSAL
    - Non MSAL/Browser SSO
 - Interaction with the macOS Keychain for credential retrival/storage operations
-- Correlation IDs for Azure AD Sign-In events
+- Correlation IDs for Azure AD sign-in events
    - PRT acquisition
    - Device Registration
 
diff --git a/articles/active-directory/hybrid/connect/how-to-connect-health-ad-fs-sign-in.md b/articles/active-directory/hybrid/connect/how-to-connect-health-ad-fs-sign-in.md
@@ -19,7 +19,7 @@ ms.collection: M365-identity-device-management
 
 AD FS sign-ins can now be integrated into the Azure Active Directory sign-ins report by using Connect Health. The [Azure AD sign-ins Report](../../reports-monitoring/concept-all-sign-ins.md) report includes information about when users, applications, and managed resources sign in to Azure AD and access resources. 
 
-The Connect Health for AD FS agent correlates multiple Event IDs from AD FS, dependent on the server version, to provide information about the request and error details if the request fails. This information is correlated to the Azure AD sign-ins report schema and displayed in the Azure AD Sign-In Report UX. Alongside the report, a new Log Analytics stream is available with the AD FS data and a new Azure Monitor Workbook template. The template can be used and modified for an in-depth analysis for scenarios such as AD FS account lockouts, bad password attempts, and spikes of unexpected sign-in attempts.
+The Connect Health for AD FS agent correlates multiple Event IDs from AD FS, dependent on the server version, to provide information about the request and error details if the request fails. This information is correlated to the Azure AD sign-in report schema and displayed in the Azure AD sign-in report UX. Alongside the report, a new Log Analytics stream is available with the AD FS data and a new Azure Monitor Workbook template. The template can be used and modified for an in-depth analysis for scenarios such as AD FS account lockouts, bad password attempts, and spikes of unexpected sign-in attempts.
 
 ## Prerequisites
 * Azure AD Connect Health for AD FS installed and upgraded to latest version (3.1.95.0 or later).
@@ -86,7 +86,7 @@ If a single factor authentication is performed, two rows will be populated with
 In cases of Multi Factor Authentication, there will be three rows with a shared correlation ID and three corresponding Authentication Methods (i.e. Forms, AzureMFA, Multifactor). In this particular example, the multifactor in this case shows that the SSO has an MFA.
 
 ***What are the errors that I can see in the report?***
-For a full list of AD FS related errors that are populated in the Sign-In report and descriptions, visit [AD FS Help Error Code Reference](https://adfshelp.microsoft.com/References/ConnectHealthErrorCodeReference)
+For a full list of AD FS related errors that are populated in the sign-in report and descriptions, visit [AD FS Help Error Code Reference](https://adfshelp.microsoft.com/References/ConnectHealthErrorCodeReference)
 
 ***I am seeing “00000000-0000-0000-0000-000000000000” in the “User” section of a sign-in. What does that 
 mean?***
@@ -98,7 +98,7 @@ the attempted value the user entered. In these cases, the user attempting to sig
 The Azure AD Connect Health agent for AD FS correlates event IDs from AD FS dependent on server version. The events will be available on the Security Log of the AD FS servers. 
 
 ***Why do I see NotSet or NotApplicable in the Application ID/Name for some AD FS sign-ins?***
-The AD FS Sign-In Report will display OAuth Ids in the Application ID field for OAuth sign-ins. In the WS-Fed, WS-Trust sign-in scenarios, the application ID will be NotSet or NotApplicable and the Resource IDs and Relying Party identifiers will be present in the Resource ID field.
+The AD FS sign-in report will display OAuth Ids in the Application ID field for OAuth sign-ins. In the WS-Fed, WS-Trust sign-in scenarios, the application ID will be NotSet or NotApplicable and the Resource IDs and Relying Party identifiers will be present in the Resource ID field.
 
 ***Why do I see Resource ID and Resource Name fields as "Not Set"?***
 The ResourceId/Name fields will be "NotSet" in some error cases, such as "Username and Password incorrect" and in WSTrust based failed sign-ins.
diff --git a/articles/active-directory/hybrid/connect/how-to-connect-pta-how-it-works.md b/articles/active-directory/hybrid/connect/how-to-connect-pta-how-it-works.md
@@ -29,8 +29,8 @@ When a user tries to sign in to an application secured by Azure AD, and if Pass-
 
 1. The user tries to access an application, for example, [Outlook Web App](https://outlook.office365.com/owa/).
 2. If the user is not already signed in, the user is redirected to the Azure AD **User Sign-in** page.
-3. The user enters their username into the Azure AD sign in page, and then selects the **Next** button.
-4. The user enters their password into the Azure AD sign in page, and then selects the **Sign in** button.
+3. The user enters their username into the Azure AD sign-in page, and then selects the **Next** button.
+4. The user enters their password into the Azure AD sign-in page, and then selects the **Sign in** button.
 5. Azure AD, on receiving the request to sign in, places the username and password (encrypted by using the public key of the Authentication Agents) in a queue.
 6. An on-premises Authentication Agent retrieves the username and encrypted password from the queue. Note that the Agent doesn't frequently poll for requests from the queue, but retrieves requests over a pre-established persistent connection.
 7. The agent decrypts the password by using its private key.
diff --git a/articles/active-directory/hybrid/connect/reference-connect-health-version-history.md b/articles/active-directory/hybrid/connect/reference-connect-health-version-history.md
@@ -74,10 +74,10 @@ Azure AD Connect Health AD DS and ADFS Health Agents (version 3.2.2256.26, Downl
   - Fix to resolve NT4 formatted username to a UPN during sign-in events.
   - Fix to identify incorrect application identifier scenarios with a dedicated error code.
   - Changes to add a new property for OAuth client identifier.
-  - Fix to display correct values in the **Protocol** and **Authentication Type** fields in Azure AD Sign-In Report for certain sign-in scenarios.
-  - Fix to display IP addresses in Azure AD Sign-In Report's IP chain field in order of the request.
+  - Fix to display correct values in the **Protocol** and **Authentication Type** fields in Azure AD sign-in report for certain sign-in scenarios.
+  - Fix to display IP addresses in Azure AD sign-in report's IP chain field in order of the request.
   - Changes to introduce a new field to differentiate if secondary authentication was requested during a sign-in.
-  - Fix for AD FS application identifier property to display in Azure AD Sign-In Report.
+  - Fix for AD FS application identifier property to display in Azure AD sign-in report.
 
 ## April 2020
 **Agent Update**
diff --git a/articles/active-directory/manage-apps/application-sign-in-problem-application-error.md b/articles/active-directory/manage-apps/application-sign-in-problem-application-error.md
@@ -1,6 +1,6 @@
 ---
 title: Error message appears on app page after you sign in
-description: How to resolve issues with Azure AD sign in when the app returns an error message.
+description: How to resolve issues with Azure AD sign-in when the app returns an error message.
 services: active-directory
 author: omondiatieno
 manager: CelesteDG
diff --git a/articles/active-directory/manage-apps/f5-big-ip-header-advanced.md b/articles/active-directory/manage-apps/f5-big-ip-header-advanced.md
@@ -116,7 +116,7 @@ Learn more: [What is Conditional Access?](../conditional-access/overview.md)
    >[!NOTE]
    >In this configuration, the SAML flow operates in IdP mode: Azure AD issues the user a SAML assertion before being redirected to the BIG-IP service endpoint for the application. The BIG-IP APM supports IdP and SP modes.
 
-9. For **Logout URI** enter the BIG-IP APM Single Logout (SLO) endpoint, prepended by the service host header. The SLO URI ensures user BIG-IP APM sessions end after Azure AD sign out. For example, `https://mytravel.contoso.com/saml/sp/profile/redirect/slr`
+9. For **Logout URI** enter the BIG-IP APM Single Logout (SLO) endpoint, prepended by the service host header. The SLO URI ensures user BIG-IP APM sessions end after Azure AD sign-out. For example, `https://mytravel.contoso.com/saml/sp/profile/redirect/slr`
 
    ![Screenshot of Basic SAML Configuration input for Identifier, Reply URL, Sign on URL, etc.](./media/f5-big-ip-header-advanced/basic-saml-configuration.png)
 
diff --git a/articles/active-directory/manage-apps/f5-big-ip-headers-easy-button.md b/articles/active-directory/manage-apps/f5-big-ip-headers-easy-button.md
@@ -311,7 +311,7 @@ Learn more: see, [My Apps](https://myapplications.microsoft.com/)
 
 The SAML federation metadata for the published application is imported from your tenant. The import provides the APM with the SAML sign out endpoint for Azure AD. This action ensures SP-initiated sign out terminates client and Azure AD sessions. Ensure the APM knows when user sign out occurs.
 
-If the BIG-IP webtop portal accesses published applications, then th eAPM processes the sign out to call the Azure AD sign out endpoint. If the BIG-IP webtop portal isn’t used, users can't instruct the APM to sign out. If users sign out of the application, the BIG-IP is oblivious. Thus, ensure SP-initiated sign out securely terminates sessions. You can add an SLO function to an application **Sign out** button, Then, clients are redirected to the Azure AD SAML or BIG-IP sign out endpoint. To locate the SAML sign out endpoint URL for your tenant, go to **App Registrations > Endpoints**.
+If the BIG-IP webtop portal accesses published applications, then th eAPM processes the sign out to call the Azure AD sign-out endpoint. If the BIG-IP webtop portal isn’t used, users can't instruct the APM to sign out. If users sign out of the application, the BIG-IP is oblivious. Thus, ensure SP-initiated sign out securely terminates sessions. You can add an SLO function to an application **Sign out** button, Then, clients are redirected to the Azure AD SAML or BIG-IP sign out endpoint. To locate the SAML sign out endpoint URL for your tenant, go to **App Registrations > Endpoints**.
 
 If you can't change the app, enable the BIG-IP to listen for the application sign out call and trigger SLO. 
 
diff --git a/articles/active-directory/manage-apps/f5-big-ip-oracle-enterprise-business-suite-easy-button.md b/articles/active-directory/manage-apps/f5-big-ip-oracle-enterprise-business-suite-easy-button.md
diff --git a/articles/active-directory/manage-apps/f5-big-ip-oracle-jde-easy-button.md b/articles/active-directory/manage-apps/f5-big-ip-oracle-jde-easy-button.md
diff --git a/articles/active-directory/reports-monitoring/overview-flagged-sign-ins.md b/articles/active-directory/reports-monitoring/overview-flagged-sign-ins.md
diff --git a/articles/azure-maps/how-to-secure-device-code.md b/articles/azure-maps/how-to-secure-device-code.md
diff --git a/articles/cost-management-billing/manage/ea-portal-administration.md b/articles/cost-management-billing/manage/ea-portal-administration.md
diff --git a/articles/security/fundamentals/steps-secure-identity.md b/articles/security/fundamentals/steps-secure-identity.md

Original file line number	Diff line number	Diff line change
@@ -44,4 +44,4 @@ When you acquire a token using `ConfidentialClientApplication.AcquireToken()` or
`44`	`44`
`45`	`45`	`## Next steps`
`46`	`46`
`47`		`-For the federated case, see [Configure Azure Active Directory sign in behavior for an application by using a Home Realm Discovery policy](../manage-apps/configure-authentication-for-federated-users-portal.md)`
	`47`	`+For the federated case, see [Configure Azure Active Directory sign-in behavior for an application by using a Home Realm Discovery policy](../manage-apps/configure-authentication-for-federated-users-portal.md)`
Original file line number	Diff line number	Diff line change
`@@ -58,4 +58,4 @@ Currently, there are no plans to support a direct connection to:`
`58`	`58`
`59`	`59`	`## Next steps`
`60`	`60`
`61`		`-For the federated case, see [Configure Azure Active Directory sign in behavior for an application by using a Home Realm Discovery policy](../manage-apps/configure-authentication-for-federated-users-portal.md)`
	`61`	`+For the federated case, see [Configure Azure Active Directory sign-in behavior for an application by using a Home Realm Discovery policy](../manage-apps/configure-authentication-for-federated-users-portal.md)`
Original file line number	Diff line number	Diff line change
`@@ -55,4 +55,4 @@ MSAL Python supports ADFS 2019, but does not support a direct connection to ADFS`
`55`	`55`
`56`	`56`	`## Next steps`
`57`	`57`
`58`		`-- For the federated case, see [Configure Azure Active Directory sign in behavior for an application by using a Home Realm Discovery policy](../manage-apps/configure-authentication-for-federated-users-portal.md)`
	`58`	`+- For the federated case, see [Configure Azure Active Directory sign-in behavior for an application by using a Home Realm Discovery policy](../manage-apps/configure-authentication-for-federated-users-portal.md)`