Merge pull request #239465 from OWinfreyATL/owinfreyATL-NameCheck

prmerger-automator[bot] · web-flow · commit a3f3fe6b4ba2 · 2023-05-26T22:09:42.000Z
Document owner and acrolinx check
diff --git a/articles/active-directory/governance/entitlement-management-group-licenses.md b/articles/active-directory/governance/entitlement-management-group-licenses.md
@@ -3,13 +3,13 @@ title: Manage the lifecycle of group-based licenses in Azure AD
 description: This step-by-step tutorial shows how to create an access package for managing group-based licenses in entitlement management.
 services: active-directory
 documentationCenter: ''
-author: sama
+author: owinfreyATL
 ms.service: active-directory
 ms.workload: identity
 ms.tgt_pltfrm: na
 ms.topic: tutorial
 ms.subservice: compliance
-ms.date: 01/25/2023
+ms.date: 05/25/2023
 ms.author: owinfrey
 ms.collection: M365-identity-device-management
 
@@ -60,7 +60,7 @@ For more information, see [License requirements](entitlement-management-overview
 
 1. Select **Next: Requests** to go to the **Requests** tab.
 
-   On this tab, you create a request policy. A *policy* defines the rules for access to an access package. You'll create a policy that allows employees in the resource directory to request the access package.
+   On this tab, you create a request policy. A *policy* defines the rules for access to an access package. You create a policy that allows employees in the resource directory to request the access package.
 
 3. In the **Users who can request access** section, select **For users in your directory** and then select **All members (excluding guests)**. These settings make it so that only members of your directory can request Office licenses.
 
@@ -90,16 +90,16 @@ For more information, see [License requirements](entitlement-management-overview
 
 2. In the **Expiration** section, for **Access package assignments expire**, select **Number of days**.
 	
-3. In **Assignments expire after**, enter **365**. This box specifies when members who have access to the access package will need to renew their access. 
+3. In **Assignments expire after**, enter **365**. This box specifies when members who have access to the access package needs to renew their access. 
 
 4. You can also configure access reviews, which allow periodic checks of whether the employee still needs access to the access package. A review can be a self-review performed by the employee. Or you can set the employee's manager or another person as the reviewer. For more information, see [Access reviews](entitlement-management-access-reviews-create.md). 
  
     In this scenario, you want all employees to review whether they still need a license for Office each year.
 
     1. Under **Require access reviews**, select **Yes**.
-    2. You can leave **Starting on** set to the current date. This date is when the access review will start. After you create an access review, you can't update its start date.
-    3. Under **Review frequency**, select **Annually**, because the review will occur once per year. The **Review frequency** box is where you determine how often the access review runs.
-    4. Specify a **Duration (in days)**.  The duration box is where you indicate how many days each occurrence of the access review series will run.
+    2. You can leave **Starting on** set to the current date. This date is when the access review starts. After you create an access review, you can't update its start date.
+    3. Under **Review frequency**, select **Annually**, because the review occurs once per year. The **Review frequency** box is where you determine how often the access review runs.
+    4. Specify a **Duration (in days)**.  The duration box is where you indicate how many days each occurrence of the access review series runs.
     5. Under **Reviewers**, select **Manager**.
 
 ## Step 6: Review and create your access package
diff --git a/articles/active-directory/governance/identity-governance-organizational-roles.md b/articles/active-directory/governance/identity-governance-organizational-roles.md
@@ -3,16 +3,16 @@ title: Govern access with an organizational role model
 description: Microsoft Entra Identity Governance allows you to model organizational roles using access packages, so you can migrate your existing role definitions to entitlement management.
 services: active-directory
 documentationcenter: ''
-author: markwahl-msft
+author: owinfreyATL
 manager: amycolannino
 editor: markwahl-msft
 ms.service: active-directory
 ms.workload: identity
 ms.tgt_pltfrm: na
 ms.topic: conceptual
 ms.subservice: compliance
-ms.date: 12/1/2022
-ms.author: mwahl
+ms.date: 05/26/2023
+ms.author: owinfrey
 ms.reviewer: markwahl-msft
 ms.collection: M365-identity-device-management
 ---
@@ -49,9 +49,9 @@ For example, an organization may have an existing organizational role model simi
 |Role Name|Permissions the role provides|Automatic assignment to the role|Request-based assignment to the role|Separation of duties checks|
 |:--|-|-|-|-|
 |*Salesperson*|Member of **Sales** Team|Yes|No|None|
-|*Sales Solution Manager*|The permissions of *Salesperson*, and **Solution manager** app role in the Sales application|None|A salesperson can request, requires manager approval and quarterly review|Requestor cannot be a *Sales Account Manager*|
-|*Sales Account Manager*|The permissions of *Salesperson*, and **Account manager** app role in the Sales application|None|A salesperson can request, requires manager approval and quarterly review|Request cannot be a *Sales Solution Manager*|
-|*Sales Support*|Same permissions as a *Salesperson*|None|Any non-salesperson can request, requires manager approval and quarterly review|Requestor cannot be a *Salesperson*|
+|*Sales Solution Manager*|The permissions of *Salesperson*, and **Solution manager** app role in the Sales application|None|A salesperson can request, requires manager approval and quarterly review|Requestor can't be a *Sales Account Manager*|
+|*Sales Account Manager*|The permissions of *Salesperson*, and **Account manager** app role in the Sales application|None|A salesperson can request, requires manager approval and quarterly review|Request can't be a *Sales Solution Manager*|
+|*Sales Support*|Same permissions as a *Salesperson*|None|Any nonsalesperson can request, requires manager approval and quarterly review|Requestor can't be a *Salesperson*|
 
 This could be represented in Entra Identity Governance as an access package catalog containing four access packages.
 
@@ -66,29 +66,29 @@ The next sections outline the process for migration, creating the Azure AD and M
 
 ### Connect apps whose permissions are referenced in the organizational roles to Azure AD
 
-If your organizational roles are used to assign permissions that control access to non-Microsoft SaaS apps, on-premises apps or your own cloud apps, then you will need to connect your applications to Azure AD.
+If your organizational roles are used to assign permissions that control access to non-Microsoft SaaS apps, on-premises apps or your own cloud apps, then you'll need to connect your applications to Azure AD.
 
 In order for an access package representing an organizational role to be able to refer to an application's roles as the permissions to include in the role, for an application that  has multiple roles and supports modern standards such as SCIM, you should [integrate the application with Azure AD](identity-governance-applications-integrate.md) and ensure that the application's roles are listed in the application manifest.
 
-If the application only has a single role, then you should still [integrated the application with Azure AD](identity-governance-applications-integrate.md).  For applications that do not support SCIM, Azure AD can write users into an application's existing directory or SQL database, or add AD users into an AD group.
+If the application only has a single role, then you should still [integrated the application with Azure AD](identity-governance-applications-integrate.md).  For applications that don't support SCIM, Azure AD can write users into an application's existing directory or SQL database, or add AD users into an AD group.
 
 ### Populate Azure AD schema used by apps and for user scoping rules in the organizational roles
 
-If your role definitions include statements of the form "all users with these attribute values get assigned to the role automatically" or "users with these attribute values are allowed to request", then you will need to ensure those attributes are present in Azure AD.
+If your role definitions include statements of the form "all users with these attribute values get assigned to the role automatically" or "users with these attribute values are allowed to request", then you'll need to ensure those attributes are present in Azure AD.
 
 You can [extend the Azure AD schema](../app-provisioning/user-provisioning-sync-attributes-for-mapping.md) and then populate those attributes either from on-premises AD, via Azure AD Connect, or from an HR system such as Workday or SuccessFactors.
 
 ### Create catalogs for delegation
 
-If the ongoing maintenance of roles is delegated, then you can delegate the administration of access packages by [creating a catalog](entitlement-management-catalog-create.md ) for each part of the organization you will be delegating to.
+If the ongoing maintenance of roles is delegated, then you can delegate the administration of access packages by [creating a catalog](entitlement-management-catalog-create.md ) for each part of the organization you'll be delegating to.
 
 If you have multiple catalogs to create, you can use a PowerShell script to [create each catalog](entitlement-management-catalog-create.md#create-a-catalog-with-powershell).
 
-If you are not planning to delegate the administration of the access packages, then you can keep the access packages in a single catalog.
+If you aren't planning to delegate the administration of the access packages, then you can keep the access packages in a single catalog.
 
 ### Add resources to the catalogs
 
-Now that you have the catalogs identified, then [add the applications, groups or sites](entitlement-management-catalog-create.md#add-resources-to-a-catalog) that will be included in the access packages representing the organization roles to the catalogs.
+Now that you have the catalogs identified, then [add the applications, groups or sites](entitlement-management-catalog-create.md#add-resources-to-a-catalog) that are included in the access packages representing the organization roles to the catalogs.
 
 If you have many resources, you can use a PowerShell script to [add each resource to a catalog](entitlement-management-catalog-create.md#add-a-resource-to-a-catalog-with-powershell).
 
@@ -98,13 +98,13 @@ Each organizational role definition can be represented with an [access package](
 
 You can use a PowerShell script to [create an access package in a catalog](entitlement-management-access-package-create.md#create-an-access-package-with-microsoft-powershell).
 
-Once you've created an access package, then you'll link one or more of the roles of the resources in the catalog to the access package.  This represents the permissions of the organizational role.
+Once you've created an access package, then you link one or more of the roles of the resources in the catalog to the access package.  This represents the permissions of the organizational role.
 
 In addition, you'll [create a policy for direct assignment](entitlement-management-access-package-request-policy.md#none-administrator-direct-assignments-only), as part of that access package that can be used to track the users who already have individual organizational role assignments.
 
 ### Create access package assignments for existing individual organizational role assignments
 
-If some of your users already have organizational role memberships, that they would not receive via automatic assignment, then you should [create direct assignments](entitlement-management-access-package-assignments.md#directly-assign-a-user) for those users to the corresponding access packages.
+If some of your users already have organizational role memberships, that they wouldn't receive via automatic assignment, then you should [create direct assignments](entitlement-management-access-package-assignments.md#directly-assign-a-user) for those users to the corresponding access packages.
 
 If you have many users who need assignments, you can use a PowerShell script to [assign each user to an access package](entitlement-management-access-package-assignments.md#assign-a-user-to-an-access-package-with-powershell).  This would link the users to the direct assignment policy.
 
@@ -122,7 +122,7 @@ For each access package that is to be marked as incompatible with another, you c
 
 ### Add policies to access packages for users to be allowed to request
 
-If users who do not already have an organizational role are allowed to request and be approved to take on a role, then you can also configure entitlement management to allow users to request an access package. You can [add additional policies to an access package](entitlement-management-access-package-request-policy.md#choose-between-one-or-multiple-policies), and in each policy specify which users can request and who must approve.
+If users who don't already have an organizational role are allowed to request and be approved to take on a role, then you can also configure entitlement management to allow users to request an access package. You can [add additional policies to an access package](entitlement-management-access-package-request-policy.md#choose-between-one-or-multiple-policies), and in each policy specify which users can request and who must approve.
 
 ### Configure access reviews in access package assignment policies
 
diff --git a/articles/active-directory/governance/workflows-faqs.md b/articles/active-directory/governance/workflows-faqs.md
@@ -2,20 +2,20 @@
 title: 'Lifecycle workflows FAQs (preview)'
 description: Frequently asked questions about Lifecycle workflows (preview).
 services: active-directory
-author: amsliu
+author: owinfreyATL
 manager: amycolannino
 ms.service: active-directory
 ms.workload: identity
 ms.topic: how-to
 ms.subservice: compliance
-ms.date: 07/14/2022
+ms.date: 05/26/2023
 ms.author: amsliu
 ms.reviewer: krbain
 ms.custom: template-tutorial
 ---
 # Lifecycle workflows - FAQs (preview)
 
-In this article you will find questions to commonly asked questions about [Lifecycle Workflows](what-are-lifecycle-workflows.md). Please check back to this page frequently as changes happen often, and answers are continually being added.
+In this article, you'll find questions to commonly asked questions about [Lifecycle Workflows](what-are-lifecycle-workflows.md). Check back to this page frequently as changes happen often, and answers are continually being added.
 
 ## Frequently asked questions
 
@@ -28,7 +28,7 @@ For a small portion of our customers, Lifecycle Workflows may still be listed un
 
 ### Do I need to map employeeHireDate in provisioning apps like WorkDay?
 
-Yes, key user properties like employeeHireDate and employeeType are supported for user provisioning from HR apps like WorkDay. To use these properties in Lifecycle workflows, you will need to map them in the provisioning process to ensure the values are set. The following is an example of the mapping: 
+Yes, key user properties like employeeHireDate and employeeType are supported for user provisioning from HR apps like WorkDay. To use these properties in Lifecycle workflows, you need to map them in the provisioning process to ensure the values are set. The following is an example of the mapping: 
 
 ![Screenshot showing an example of how mapping is done in a Lifecycle Workflow.](./media/workflows-faqs/workflows-mapping.png)
 
