Merge pull request #251703 from Justinha/steps-ds-7

fixed portal references

Author: prmerger-automator[bot]

articles/active-directory-domain-services/check-health.md

@@ -1,6 +1,6 @@
 ---
 title: Check the health of Azure Active Directory Domain Services | Microsoft Docs
-description: Learn how to check the health of an Azure Active Directory Domain Services (Azure AD DS) managed domain and understand status messages using the Azure portal.
+description: Learn how to check the health of an Azure Active Directory Domain Services (Azure AD DS) managed domain and understand status messages.
 services: active-directory-ds
 author: justinha
 manager: amycolannino
@@ -10,25 +10,26 @@ ms.service: active-directory
 ms.subservice: domain-services
 ms.workload: identity
 ms.topic: how-to
-ms.date: 01/29/2023
+ms.date: 09/13/2023
 ms.author: justinha
 
 ---
 # Check the health of an Azure Active Directory Domain Services managed domain
 
-Azure Active Directory Domain Services (Azure AD DS) runs some background tasks to keep the managed domain healthy and up-to-date. These tasks include taking backups, applying security updates, and synchronizing data from Azure AD. If there are issues with the Azure AD DS managed domain, these tasks may not successfully complete. To review and resolve any issues, you can check the health status of a managed domain using the Azure portal.
+Azure Active Directory Domain Services (Azure AD DS) runs some background tasks to keep the managed domain healthy and up-to-date. These tasks include taking backups, applying security updates, and synchronizing data from Azure AD. If there are issues with the Azure AD DS managed domain, these tasks may not successfully complete. To review and resolve any issues, you can check the health status of a managed domain using the Microsoft Entra admin center.
 
 This article shows you how to view the Azure AD DS health status and understand the information or alerts shown.
 
 ## View the health status
 
-The health status for a managed domain is viewed using the Azure portal. Information on the last backup time and synchronization with Azure AD can be seen, along with any alerts that indicate a problem with the managed domain's health. To view the health status for a managed domain, complete the following steps:
+The health status for a managed domain is viewed using the Microsoft Entra admin center. Information on the last backup time and synchronization with Azure AD can be seen, along with any alerts that indicate a problem with the managed domain's health. To view the health status for a managed domain, complete the following steps:
 
-1. In the Azure portal, search for and select **Azure AD Domain Services**.
+1. Sign in to [Microsoft Entra admin center](https://entra.microsoft.com) as a [Global Administrator](../active-directory/roles/permissions-reference.md#global-administrator). 
+1. Search for and select **Azure AD Domain Services**.
 1. Select your managed domain, such as *aaddscontoso.com*.
 1. On the left-hand side of the Azure AD DS resource window, select **Health**. The following example screenshot shows a healthy managed domain and the status of the last backup and Azure AD synchronization:
 
-    ![Health page overview in the Azure portal showing the Azure Active Directory Domain Services status](./media/check-health/health-page.png)
+    ![Health page overview showing the Azure Active Directory Domain Services status](./media/check-health/health-page.png)
 
 The *Last evaluated* timestamp of the health page shows when the managed domain was last checked. The health of a managed domain is evaluated every hour. If you make any changes to a managed domain, wait until the next evaluation cycle to view the updated health status.
 

articles/active-directory-domain-services/compare-identity-solutions.md

@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.subservice: domain-services
 ms.workload: identity
 ms.topic: overview
-ms.date: 04/03/2023
+ms.date: 09/13/2023
 ms.author: justinha
 
 #Customer intent: As an IT administrator or decision maker, I want to understand the differences between Active Directory Domain Services (AD DS), Azure AD, and Azure AD DS so I can choose the most appropriate identity solution for my organization.
@@ -24,7 +24,7 @@ Although the three Active Directory-based identity solutions share a common name
 * **Active Directory Domain Services (AD DS)** - Enterprise-ready lightweight directory access protocol (LDAP) server that provides key features such as identity and authentication, computer object management, group policy, and trusts.
     * AD DS is a central component in many organizations with an on-premises IT environment, and provides core user account authentication and computer management features.
     * For more information, see [Active Directory Domain Services overview in the Windows Server documentation][overview-adds].
-* **Azure Active Directory (Azure AD)** - Cloud-based identity and mobile device management that provides user account and authentication services for resources such as Microsoft 365, the Azure portal, or SaaS applications.
+* **Azure Active Directory (Azure AD)** - Cloud-based identity and mobile device management that provides user account and authentication services for resources such as Microsoft 365, the Microsoft Entra admin center, or SaaS applications.
     * Azure AD can be synchronized with an on-premises AD DS environment to provide a single identity to users that works natively in the cloud.
     * For more information about Azure AD, see [What is Azure Active Directory?][whatis-azuread]
 * **Azure Active Directory Domain Services (Azure AD DS)** - Provides managed domain services with a subset of fully compatible traditional AD DS features such as domain join, group policy, LDAP, and Kerberos / NTLM authentication.
@@ -34,7 +34,7 @@ Although the three Active Directory-based identity solutions share a common name
 This overview article compares and contrasts how these identity solutions can work together, or would be used independently, depending on the needs of your organization.
 
 > [!div class="nextstepaction"]
-> [To get started, create an Azure AD DS managed domain using the Azure portal][tutorial-create]
+> [To get started, create an Azure AD DS managed domain using the Microsoft Entra admin center][tutorial-create]
 
 ## Azure AD DS and self-managed AD DS
 
@@ -117,7 +117,7 @@ If on-premises AD DS and Azure AD are configured for federated authentication us
 
 ## Next steps
 
-To get started with using Azure AD DS, [create an Azure AD DS managed domain using the Azure portal][tutorial-create].
+To get started with using Azure AD DS, [create an Azure AD DS managed domain using the Microsoft Entra admin center][tutorial-create].
 
 You can also learn more about 
 [management concepts for user accounts, passwords, and administration in Azure AD DS][administration-concepts] and [how objects and credentials are synchronized in a managed domain][synchronization].

articles/active-directory-domain-services/concepts-forest-trust.md

@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.subservice: domain-services
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 03/02/2023
+ms.date: 09/13/2023
 ms.author: justinha
 ---
 
@@ -107,7 +107,7 @@ Before you can create a forest trust, you need to verify you have the correct Do
 
 To create a forest trust, you must be a member of the Domain Admins group (in the forest root domain) or the Enterprise Admins group in Active Directory. Each trust is assigned a password that the administrators in both forests must know. Members of Enterprise Admins in both forests can create the trusts in both forests at once and, in this scenario, a password that is cryptographically random is automatically generated and written for both forests.
 
-A managed domain forest supports up to five one-way outbound forest trusts to on-premises forests. The outbound forest trust for Azure AD Domain Services is created in the Azure portal. You don't manually create the trust with the managed domain itself. The incoming forest trust must be configured by a user with the privileges previously noted in the on-premises Active Directory. 
+A managed domain forest supports up to five one-way outbound forest trusts to on-premises forests. The outbound forest trust for Azure AD Domain Services is created in the Microsoft Entra admin center. You don't manually create the trust with the managed domain itself. The incoming forest trust must be configured by a user with the privileges previously noted in the on-premises Active Directory. 
 
 ## Trust processes and interactions
 

articles/active-directory-domain-services/create-forest-trust-powershell.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: domain-services
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 04/03/2023
+ms.date: 09/15/2023
 ms.author: justinha 
 ms.custom: devx-track-azurepowershell, has-azure-ad-ps-ref
 #Customer intent: As an identity administrator, I want to create an Azure AD Domain Services forest and one-way outbound trust from an Azure Active Directory Domain Services forest to an on-premises Active Directory Domain Services forest using Azure PowerShell to provide authentication and resource access between forests.
@@ -52,9 +52,9 @@ To complete this article, you need the following resources and privileges:
 * You need [Application Administrator](../active-directory/roles/permissions-reference.md#application-administrator) and [Groups Administrator](../active-directory/roles/permissions-reference.md#groups-administrator) Azure AD roles in your tenant to enable Azure AD DS.
 * You need [Domain Services Contributor](../role-based-access-control/built-in-roles.md#contributor) Azure role to create the required Azure AD DS resources.
 
-## Sign in to the Azure portal
+## Sign in to the Microsoft Entra admin center
 
-In this article, you create and configure the outbound forest trust from a managed domain using the Azure portal. To get started, first sign in to the [Azure portal](https://portal.azure.com).
+In this article, you create and configure the outbound forest trust from a managed domain using the Microsoft Entra admin center. To get started, first sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
 
 ## Deployment process
 
@@ -161,7 +161,7 @@ Before you start, make sure you understand the [network considerations and recom
     * Confirm that your on-premises domain controller can connect to the managed VM using `ping` or remote desktop, for example.
     * Verify that your management VM can connect to your on-premises domain controllers, again using a utility such as `ping`.
 
-1. In the Azure portal, search for and select **Azure AD Domain Services**. Choose your managed domain, such as *aaddscontoso.com* and wait for the status to report as **Running**.
+1. In the Microsoft Entra admin center, search for and select **Azure AD Domain Services**. Choose your managed domain, such as *aaddscontoso.com* and wait for the status to report as **Running**.
 
     When running, [update DNS settings for the Azure virtual network](tutorial-create-instance.md#update-dns-settings-for-the-azure-virtual-network) and then [enable user accounts for Azure AD DS](tutorial-create-instance.md#enable-user-accounts-for-azure-ad-ds) to finalize the configurations for your managed domain.
 
@@ -226,7 +226,7 @@ To correctly resolve the managed domain from the on-premises environment, you ma
 
 ## Create inbound forest trust in the on-premises domain
 
-The on-premises AD DS domain needs an incoming forest trust for the managed domain. This trust must be manually created in the on-premises AD DS domain, it can't be created from the Azure portal.
+The on-premises AD DS domain needs an incoming forest trust for the managed domain. This trust must be manually created in the on-premises AD DS domain, it can't be created from the Microsoft Entra admin center.
 
 To configure inbound trust on the on-premises AD DS domain, complete the following steps from a management workstation for the on-premises AD DS domain:
 
@@ -235,8 +235,8 @@ To configure inbound trust on the on-premises AD DS domain, complete the followi
 1. Choose **Trusts** tab, then **New Trust**
 1. Enter the name of the managed domain, such as *aaddscontoso.com*, then select **Next**
 1. Select the option to create a **Forest trust**, then to create a **One way: incoming** trust.
-1. Choose to create the trust for **This domain only**. In the next step, you create the trust in the Azure portal for the managed domain.
-1. Choose to use **Forest-wide authentication**, then enter and confirm a trust password. This same password is also entered in the Azure portal in the next section.
+1. Choose to create the trust for **This domain only**. In the next step, you create the trust in the Microsoft Entra admin center for the managed domain.
+1. Choose to use **Forest-wide authentication**, then enter and confirm a trust password. This same password is also entered in the Microsoft Entra admin center in the next section.
 1. Step through the next few windows with default options, then choose the option for **No, do not confirm the outgoing trust**. You can't validate the trust relation because your delegated admin account to the managed domain doesn't have the required permissions. This behavior is by design.
 1. Select **Finish**
 

articles/active-directory-domain-services/create-ou.md

@@ -10,7 +10,7 @@ ms.service: active-directory
 ms.subservice: domain-services
 ms.workload: identity
 ms.topic: how-to
-ms.date: 01/29/2023
+ms.date: 09/15/2023
 ms.author: justinha
 
 ---
@@ -62,7 +62,7 @@ To create a custom OU, you use the Active Directory Administrative Tools from a
 > [!NOTE]
 > To create a custom OU in a managed domain, you must be signed in to a user account that's a member of the *AAD DC Administrators* group.
 
-1. Sign in to your management VM. For steps on how to connect using the Azure portal, see [Connect to a Windows Server VM][connect-windows-server-vm].
+1. Sign in to your management VM. For steps on how to connect using the Microsoft Entra admin center, see [Connect to a Windows Server VM][connect-windows-server-vm].
 1. From the Start screen, select **Administrative Tools**. A list of available management tools is shown that were installed in the tutorial to [create a management VM][tutorial-create-management-vm].
 1. To create and manage OUs, select **Active Directory Administrative Center** from the list of administrative tools.
 1. In the left pane, choose your managed domain, such as *aaddscontoso.com*. A list of existing OUs and resources is shown:

articles/active-directory-domain-services/csp.md

@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.subservice: domain-services
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 01/29/2023
+ms.date: 09/15/2023
 ms.author: justinha
 
 ---
@@ -91,4 +91,4 @@ The following important considerations apply when administering a managed domain
 
 ## Next steps
 
-To get started, [enroll in the Azure CSP program](/partner-center/enrolling-in-the-csp-program). You can then enable Azure AD Domain Services using the [Azure portal](tutorial-create-instance.md) or [Azure PowerShell](powershell-create-instance.md).
+To get started, [enroll in the Azure CSP program](/partner-center/enrolling-in-the-csp-program). You can then enable Azure AD Domain Services using the [Microsoft Entra admin center](tutorial-create-instance.md) or [Azure PowerShell](powershell-create-instance.md).

articles/active-directory-domain-services/delete-aadds.md

@@ -1,6 +1,6 @@
 ---
 title: Delete Azure Active Directory Domain Services | Microsoft Docs
-description: Learn how to disable, or delete, an Azure Active Directory Domain Services managed domain using the Azure portal
+description: Learn how to disable, or delete, an Azure Active Directory Domain Services managed domain 
 services: active-directory-ds
 author: justinha
 manager: amycolannino
@@ -10,15 +10,15 @@ ms.service: active-directory
 ms.subservice: domain-services
 ms.workload: identity
 ms.topic: how-to
-ms.date: 01/29/2023
+ms.date: 09/15/2023
 ms.author: justinha
 
 ---
-# Delete an Azure Active Directory Domain Services managed domain using the Azure portal
+# Delete an Azure Active Directory Domain Services managed domain
 
 If you no longer need an Azure Active Directory Domain Services (Azure AD DS) managed domain, you can delete it. There's no option to turn off or temporarily disable an Azure AD DS managed domain. Deleting the managed domain doesn't delete or otherwise adversely impact the Azure AD tenant.
 
-This article shows you how to use the Azure portal to delete a managed domain.
+This article shows you how to use the Microsoft Entra admin center to delete a managed domain.
 
 > [!WARNING]
 > **Deletion is permanent and can't be reversed.**
@@ -33,7 +33,8 @@ This article shows you how to use the Azure portal to delete a managed domain.
 
 To delete a managed domain, complete the following steps:
 
-1. In the Azure portal, search for and select **Azure AD Domain Services**.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as a [Global Administrator](../active-directory/roles/permissions-reference.md#global-administrator).
+1. Search for and select **Azure AD Domain Services**.
 1. Select the name of your managed domain, such as *aaddscontoso.com*.
 1. On the **Overview** page, select **Delete**. To confirm the deletion, type the domain name of the managed domain again, then select **Delete**.