resolving merge conflict

Author: schaffererin

articles/active-directory/authentication/concept-system-preferred-multifactor-authentication.md

@@ -103,8 +103,8 @@ When a user signs in, the authentication process checks which authentication met
 1. [Telephony](concept-authentication-phone-options.md)<sup>2</sup>
 
 <sup>1</sup> Includes hardware or software TOTP from Microsoft Authenticator, Authenticator Lite, or third-party applications.
-<sup>2</sup> Includes SMS and voice calls.
 
+<sup>2</sup> Includes SMS and voice calls.
 
 ### How does system-preferred MFA affect AD FS or NPS extension?
 
@@ -113,6 +113,7 @@ System-preferred MFA doesn't affect users who sign in by using Active Directory
 ### What happens for users who aren't specified in the Authentication methods policy but enabled in the legacy MFA tenant-wide policy?
 
 The system-preferred MFA also applies for users who are enabled for MFA in the legacy MFA policy.
+
 :::image type="content" border="true" source="./media/how-to-mfa-number-match/legacy-settings.png" alt-text="Screenshot of legacy MFA settings.":::
 
 ## Next steps

articles/active-directory/authentication/howto-registration-mfa-sspr-combined.md

@@ -17,40 +17,15 @@ ms.collection: M365-identity-device-management
 ---
 # Enable combined security information registration in Azure Active Directory
 
-Before combined registration, users registered authentication methods for Azure AD Multi-Factor Authentication and self-service password reset (SSPR) separately. People were confused that similar methods were used for Azure AD Multi-Factor Authentication and SSPR but they had to register for both features. Now, with combined registration, users can register once and get the benefits of both Azure AD Multi-Factor Authentication and SSPR.
+Before combined registration, users registered authentication methods for Azure AD Multi-Factor Authentication and self-service password reset (SSPR) separately. Users were confused that similar methods were used for Azure AD Multi-Factor Authentication and SSPR but they had to register for both features. Now, with combined registration, users can register once and get the benefits of both Azure AD Multi-Factor Authentication and SSPR.
 
 > [!NOTE]
-> Effective Oct. 1st, 2022, we will begin to enable combined registration for all users in Azure AD tenants created before August 15th, 2020. Tenants created after this date are enabled with combined registration. 
+> Effective Mar. 14th, 2023 combined registration is now the default MFA and SSPR registration experience for all organizations. 
 
-To make sure you understand the functionality and effects before you enable the new experience, see the [Combined security information registration concepts](concept-registration-mfa-sspr-combined.md).
+To help you understand the functionality and effects of the new experience, see the [Combined security information registration concepts](concept-registration-mfa-sspr-combined.md).
 
 ![Combined security information registration enhanced experience](media/howto-registration-mfa-sspr-combined/combined-security-info-more-required.png)
 
-## Enable combined registration
-
-To enable combined registration, complete these steps:
-
-1. Sign in to the Azure portal as a user administrator or global administrator.
-2. Go to **Azure Active Directory** > **User settings** > **Manage user feature settings**.
-3. Under **Users can use the combined security information registration experience**, choose to enable for a **Selected** group of users or for **All** users.
-
-   ![Enable the combined security info experience for users](media/howto-registration-mfa-sspr-combined/enable-the-combined-security-info.png)
-
-   > [!IMPORTANT]
-   > If your Azure tenant has already been enabled for combined registration, you might not see the configuration option for **Users can use the combined security information registration experience** or even see it grayed out.
-
-> [!NOTE]
-> After you enable combined registration, users who register or confirm their phone number or mobile app through the new experience can use them for Azure AD Multi-Factor Authentication and SSPR, if those methods are enabled in the Azure AD Multi-Factor Authentication and SSPR policies.
->
-> If you then disable this experience, users who go to the previous SSPR registration page at `https://aka.ms/ssprsetup` are required to perform multi-factor authentication before they can access the page.
-
-If you have configured the *Site to Zone Assignment List* in Internet Explorer, the following sites have to be in the same zone:
-
-* *[https://login.microsoftonline.com](https://login.microsoftonline.com)*
-* *[https://Login.windows.net](https://login.windows.net)*
-* *[https://mysignins.microsoft.com](https://mysignins.microsoft.com)*
-* *[https://account.activedirectory.windowsazure.com](https://account.activedirectory.windowsazure.com)*
-
 ## Conditional Access policies for combined registration
 
 To secure when and how users register for Azure AD Multi-Factor Authentication and self-service password reset, you can use user actions in Conditional Access policy. This functionality may be enabled in organizations that want users to register for Azure AD Multi-Factor Authentication and SSPR from a central location, such as a trusted network location during HR onboarding.
@@ -91,6 +66,6 @@ Complete the following steps to create a policy that applies to all selected use
 
 If you need help, see [troubleshoot combined security info registration](howto-registration-mfa-sspr-combined-troubleshoot.md) or learn [What is the location condition in Azure AD Conditional Access?](../conditional-access/location-condition.md)
 
-Once users are enabled for combined registration, you can then [enable self-service password reset](tutorial-enable-sspr.md) and [enable Azure AD Multi-Factor Authentication](tutorial-enable-azure-mfa.md).
+Review how you can [enable self-service password reset](tutorial-enable-sspr.md) and [enable Azure AD Multi-Factor Authentication](tutorial-enable-azure-mfa.md) in your tenant.
 
 If needed, learn how to [force users to re-register authentication methods](howto-mfa-userdevicesettings.md#manage-user-authentication-options).

articles/aks/enable-host-encryption.md

@@ -24,17 +24,17 @@ This feature can only be set at cluster creation or node pool creation time.
 
 ### Prerequisites
 
-- Make sure you have the CLI extension v2.23 or higher version installed.
+- Ensure you have the CLI extension v2.23 or higher version installed.
 
 ### Limitations
 
 - Can only be enabled on new node pools.
 - Can only be enabled in [Azure regions][supported-regions] that support server-side encryption of Azure managed disks and only with specific [supported VM sizes][supported-sizes].
-- Requires an AKS cluster and node pool based on Virtual Machine Scale Sets as *VM set type*.
+- Requires an AKS cluster and node pool based on Virtual Machine Scale Sets(VMSS) as *VM set type*.
 
 ## Use host-based encryption on new clusters
 
-Configure the cluster agent nodes to use host-based encryption when the cluster is created.
+Configure the cluster agent nodes to use host-based encryption when the cluster is created. 
 
 ```azurecli-interactive
 az aks create --name myAKSCluster --resource-group myResourceGroup -s Standard_DS2_v2 -l westus2 --enable-encryption-at-host
@@ -52,13 +52,11 @@ az aks nodepool add --name hostencrypt --cluster-name myAKSCluster --resource-gr
 
 If you want to create new node pools without the host-based encryption feature, you can do so by omitting the `--enable-encryption-at-host` parameter.
 
-> [!NOTE]
-> Once you've enabled host-based encryption, make sure you provide the proper permissions to grant access to your Azure Key Vault keys. For more information, see [Full control of your keys][full-control-keys] and [Built-in roles for Key Vault data plane operations][akv-built-in-roles].
-
 ## Next steps
 
-- Review [best practices for AKS cluster security][best-practices-security].
-- Read more about [host-based encryption](../virtual-machines/disk-encryption.md#encryption-at-host---end-to-end-encryption-for-your-vm-data).
+Review [best practices for AKS cluster security][best-practices-security]
+Read more about [host-based encryption](../virtual-machines/disk-encryption.md#encryption-at-host---end-to-end-encryption-for-your-vm-data).
+
 
 <!-- LINKS - external -->
 

articles/aks/node-upgrade-github-actions.md

@@ -41,9 +41,9 @@ This article also assumes you have a [GitHub][github] account to create your act
 `cron` is a utility that allows you to run a set of commands, or job, on an automated schedule. To create job to update your AKS nodes on an automated schedule, you'll need a repository to host your actions. Usually, GitHub actions are configured in the same repository as your application, but you can use any repository. For this article we'll be using your [profile repository][profile-repository]. If you don't have one, create a new repository with the same name as your GitHub username.
 
 1. Navigate to your repository on GitHub
-1. Click on the **Actions** tab at the top of the page.
-1. If you already set up a workflow in this repository, you'll be directed to the list of completed runs, in this case, click on the **New Workflow** button. If this is your first workflow in the repository, GitHub will present you with some project templates, click on the **Set up a workflow yourself** link below the description text.
-1. Change the workflow `name` and `on` tags similar to the below. GitHub Actions use the same [POSIX cron syntax][cron-syntax] as any Linux-based system. In this schedule, we're telling the workflow to run every 15 days at 3am.
+2. Select the **Actions** tab at the top of the page.
+3. If you already set up a workflow in this repository, you'll be directed to the list of completed runs, in this case, select the **New Workflow** button. If this is your first workflow in the repository, GitHub will present you with some project templates, select the **Set up a workflow yourself** link below the description text.
+4. Change the workflow `name` and `on` tags similar to the below. GitHub Actions use the same [POSIX cron syntax][cron-syntax] as any Linux-based system. In this schedule, we're telling the workflow to run every 15 days at 3am.
 
     ```yml
     name: Upgrade cluster node images
@@ -52,7 +52,7 @@ This article also assumes you have a [GitHub][github] account to create your act
         - cron: '0 3 */15 * *'
     ```
 
-1. Create a new job using the below. This job is named `upgrade-node`, runs on an Ubuntu agent, and will connect to your Azure CLI account to execute the needed steps to upgrade the nodes.
+5. Create a new job using the below. This job is named `upgrade-node`, runs on an Ubuntu agent, and will connect to your Azure CLI account to execute the needed steps to upgrade the nodes.
 
     ```yml
     name: Upgrade cluster node images
@@ -73,15 +73,15 @@ In the `steps` key, you'll define all the work the workflow will execute to upgr
 Download and sign in to the Azure CLI.
 
 1. On the right-hand side of the GitHub Actions screen, find the *marketplace search bar* and type **"Azure Login"**.
-1. You'll get as a result, an Action called **Azure Login** published **by Azure**:
+2. You'll get as a result, an Action called **Azure Login** published **by Azure**:
 
       :::image type="content" source="media/node-upgrade-github-actions/azure-login-search.png" alt-text="Search results showing two lines, the first action is called 'Azure Login' and the second 'Azure Container Registry Login'":::
 
-1. Click on **Azure Login**. On the next screen, click the **copy icon** in the top right of the code sample.
+3. Select **Azure Login**. On the next screen, select the **copy icon** in the top right of the code sample.
 
-    :::image type="content" source="media/node-upgrade-github-actions/azure-login.png" alt-text="Azure Login action result pane with code sample below, red square around a copy icon highlights the click spot":::
+    :::image type="content" source="media/node-upgrade-github-actions/azure-login.png" alt-text="Azure Login action result pane with code sample below, red square around a copy icon highlights the select spot":::
 
-1. Paste the following under the `steps` key:
+4. Paste the following under the `steps` key:
 
       ```yml
       name: Upgrade cluster node images
@@ -101,7 +101,10 @@ Download and sign in to the Azure CLI.
                 creds: ${{ secrets.AZURE_CREDENTIALS }}
       ```
 
-1. From the Azure CLI, run the following command to generate a new username and password.
+5. From the Azure CLI, run the following command to generate a new username and password.
+
+    > [!NOTE]
+    > This example creates the `Contributor` role at the *Subscription* scope. You may provide the role and scope that meets your needs. For more information, see [Azure built-in roles][azure-built-in-roles] and [Azure RBAC scope levels][azure-rbac-scope-levels].
 
     ```azurecli-interactive
     az ad sp create-for-rbac --role Contributor --scopes /subscriptions/{subscriptionID} -o json
@@ -124,13 +127,13 @@ Download and sign in to the Azure CLI.
     }
     ```
 
-1. **In a new browser window** navigate to your GitHub repository and open the **Settings** tab of the repository. Click **Secrets** then, click on **New Repository Secret**.
-1. For *Name*, use `AZURE_CREDENTIALS`.
-1.  For *Value*, add the entire contents from the output of the previous step where you created a new username and password.
+6. **In a new browser window** navigate to your GitHub repository and open the **Settings** tab of the repository. Select **Secrets** then, select **New Repository Secret**.
+7. For *Name*, use `AZURE_CREDENTIALS`.
+8. For *Value*, add the entire contents from the output of the previous step where you created a new username and password.
 
     :::image type="content" source="media/node-upgrade-github-actions/azure-credential-secret.png" alt-text="Form showing AZURE_CREDENTIALS as secret title, and the output of the executed command pasted as JSON":::
 
-1. Click **Add Secret**.
+9. Select **Add Secret**.
 
 The CLI used by your action will be logged to your Azure account and ready to run commands.
 
@@ -140,7 +143,7 @@ To create the steps to execute Azure CLI commands.
 
     :::image type="content" source="media/node-upgrade-github-actions/azure-cli-action.png" alt-text="Search result for 'Azure CLI Action' with first result being shown as made by Azure":::
 
-1. Click the copy button on the *GitHub marketplace result* and paste the contents of the action in the main editor, below the *Azure Login* step, similar to the following:
+1. Select the copy button on the *GitHub marketplace result* and paste the contents of the action in the main editor, below the *Azure Login* step, similar to the following:
 
     ```yml
     name: Upgrade cluster node images
@@ -168,7 +171,7 @@ To create the steps to execute Azure CLI commands.
     > You can decouple the `-g` and `-n` parameters from the command by adding them to secrets similar to the previous steps. Replace the `{resourceGroupName}` and `{aksClusterName}` placeholders by their secret counterparts, for example `${{secrets.RESOURCE_GROUP_NAME}}` and `${{secrets.AKS_CLUSTER_NAME}}`
 
 1. Rename the file to `upgrade-node-images`.
-1. Click **Start Commit**, add a message title, and save the workflow.
+1. Select **Start Commit**, add a message title, and save the workflow.
 
 Once you create the commit, the workflow will be saved and ready for execution.
 
@@ -226,4 +229,6 @@ jobs:
 [system-pools]: use-system-pools.md
 [spot-pools]: spot-node-pool.md
 [use-multiple-node-pools]: use-multiple-node-pools.md
-[auto-upgrade-node-image]: auto-upgrade-node-image.md
+[auto-upgrade-node-image]: auto-upgrade-node-image.md
+[azure-built-in-roles]: ../role-based-access-control/built-in-roles.md
+[azure-rbac-scope-levels]: ../role-based-access-control/scope-overview.md#scope-format

articles/azure-government/documentation-government-csp-list.md

@@ -115,7 +115,6 @@ Below you can find a list of all the authorized Cloud Solution Providers (CSPs),
 |[Competitive Innovations, LLC](https://www.cillc.com)|
 |[CompuNet Inc.](https://compunet.biz/)|
 |[Computer Solutions Inc.](http://cs-inc.co/)|
-|[Computex Technology Solutions](http://www.computex-inc.com/)|
 |[Communication Square LLC](https://www.communicationsquare.com)|
 |[ConvergeOne](https://www.convergeone.com)|
 |[Copper River Technologies, LLC](http://www.copperrivertech.com/)|
@@ -149,7 +148,7 @@ Below you can find a list of all the authorized Cloud Solution Providers (CSPs),
 |[Dell Federal Services](https://www.dellemc.com/en-us/industry/federal/federal-government-it.htm#)|
 |[Dell Marketing LP](https://www.dell.com/)|
 |[Delphi Technology Solutions](https://delphi-ts.com/)|
-|[Derek Coleman & Associates Corporation](https://www.dcassociatesgroup.com/index.html)|
+|[Derek Coleman & Associates Corporation](https://www.dcassociatesgroup.com/)|
 |[Developing Today LLC](https://www.developingtoday.net/)|
 |[DevHawk, LLC](https://www.devhawk.io)|
 |Diamond Capture Associates LLC|
@@ -326,7 +325,6 @@ Below you can find a list of all the authorized Cloud Solution Providers (CSPs),
 |[PA-Group](https://pa-group.us/)|
 |[Palecek Consulting Group](https://www.pcgit.net)|
 |[Pangea Group Inc.](http://www.pangea-group.com)|
-|[Parachute Technology](https://www.parachutech.com)|
 |[Paragon Software Solutions, Inc.](http://www.paragonhq.com/)|
 |[Patrocinium Systems, Inc.](https://www.patrocinium.com)|
 |[PCM](https://www.pcm.com/)|
@@ -511,8 +509,6 @@ Below you can find a list of all the authorized Cloud Solution Providers (CSPs),
 |[Pax8](https://www.pax8.com/en-us/microsoft/)|
 |[Synnex](https://www.synnexcorp.com)|
 |[Tech Data Corporation](https://www.techdata.com/)|
-|[Tech Data Government Solutions, LLC](https://gov.as.techdata.com/en-us/Pages/default.aspx)|
-
 
 ## Approved LSPs