Update storage-files-active-directory-domain-services-enable.md

yuemlu · web-flow · commit b700975a98a6 · 2020-02-23T15:35:26.000-08:00
diff --git a/articles/storage/files/storage-files-active-directory-domain-services-enable.md b/articles/storage/files/storage-files-active-directory-domain-services-enable.md
@@ -19,7 +19,7 @@ ms.author: rogarana
 > 
 > AD authentication does not support authentication against Computer accounts created in AD. 
 > 
-> AD authentication can only be supported against one AD forest where the storage account is registered to. You can only access Azure file shares with the AD credentials from a single AD forest by default. If you need to access your Azure file share from a different forest, make sure that you have the proper forest trust configured, see [FAQ](https://docs.microsoft.com/en-us/azure/storage/files/storage-files-faq#security-authentication-and-access-control) for details.  
+> AD authentication can only be supported against one AD forest where the storage account is registered to. You can only access Azure file shares with the AD credentials from a single AD forest by default. If you need to access your Azure file share from a different forest, make sure that you have the proper forest trust configured, see [FAQ](https://docs.microsoft.com/azure/storage/files/storage-files-faq#security-authentication-and-access-control) for details.  
 > 
 > AD authentication for SMB access and ACL persistence is supported for Azure file shares managed by Azure File Sync.
 
@@ -182,7 +182,7 @@ You have now successfully enabled AD authentication over SMB and assigned a cust
 
 If you registered the AD identity/account representing your storage account under an OU that enforces password expiration time, you must rotate the password before the maximum password age. Failing to update the password of the AD account will result in authentication failures to access Azure file shares.  
 
-To trigger password rotation, you can run the `Update-AzStorageAccountADObjectPassword` command from the [AzFilesHybrid module](#script-prerequisites). The cmdlet performs actions similar to storage account key rotation. It gets the second Kerberos key of the storage account and uses it to update the password of the registered account in AD. Then it regenerates the target Kerberos key of the storage account and updates the password of the registered account in AD. You must run this cmdlet in an AD domain joined environment.
+To trigger password rotation, you can run the `Update-AzStorageAccountADObjectPassword` command from the AzFilesHybrid module. The cmdlet performs actions similar to storage account key rotation. It gets the second Kerberos key of the storage account and uses it to update the password of the registered account in AD. Then it regenerates the target Kerberos key of the storage account and updates the password of the registered account in AD. You must run this cmdlet in an AD domain joined environment.
 
 ```PowerShell
 #Update the password of the AD account registered for the storage account

Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,7 @@ ms.author: rogarana`
`19`	`19`	`>`
`20`	`20`	`> AD authentication does not support authentication against Computer accounts created in AD.`
`21`	`21`	`>`
`22`		`-> AD authentication can only be supported against one AD forest where the storage account is registered to. You can only access Azure file shares with the AD credentials from a single AD forest by default. If you need to access your Azure file share from a different forest, make sure that you have the proper forest trust configured, see [FAQ](https://docs.microsoft.com/en-us/azure/storage/files/storage-files-faq#security-authentication-and-access-control) for details.`
	`22`	`+> AD authentication can only be supported against one AD forest where the storage account is registered to. You can only access Azure file shares with the AD credentials from a single AD forest by default. If you need to access your Azure file share from a different forest, make sure that you have the proper forest trust configured, see [FAQ](https://docs.microsoft.com/azure/storage/files/storage-files-faq#security-authentication-and-access-control) for details.`
`23`	`23`	`>`
`24`	`24`	`> AD authentication for SMB access and ACL persistence is supported for Azure file shares managed by Azure File Sync.`
`25`	`25`
`@@ -182,7 +182,7 @@ You have now successfully enabled AD authentication over SMB and assigned a cust`
`182`	`182`
`183`	`183`	`If you registered the AD identity/account representing your storage account under an OU that enforces password expiration time, you must rotate the password before the maximum password age. Failing to update the password of the AD account will result in authentication failures to access Azure file shares.`
`184`	`184`
`185`		-To trigger password rotation, you can run the `Update-AzStorageAccountADObjectPassword` command from the [AzFilesHybrid module](#script-prerequisites). The cmdlet performs actions similar to storage account key rotation. It gets the second Kerberos key of the storage account and uses it to update the password of the registered account in AD. Then it regenerates the target Kerberos key of the storage account and updates the password of the registered account in AD. You must run this cmdlet in an AD domain joined environment.
	`185`	+To trigger password rotation, you can run the `Update-AzStorageAccountADObjectPassword` command from the AzFilesHybrid module. The cmdlet performs actions similar to storage account key rotation. It gets the second Kerberos key of the storage account and uses it to update the password of the registered account in AD. Then it regenerates the target Kerberos key of the storage account and updates the password of the registered account in AD. You must run this cmdlet in an AD domain joined environment.
`186`	`186`
`187`	`187`	```PowerShell
`188`	`188`	`#Update the password of the AD account registered for the storage account`