MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json
Lines changed: 51 additions & 16 deletions b/‎.openpublishing.redirection.json
Lines changed: 51 additions & 16 deletions
diff --git a/‎articles/active-directory/authentication/howto-authentication-use-email-signin.md
Lines changed: 1 addition & 0 deletions b/‎articles/active-directory/authentication/howto-authentication-use-email-signin.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎articles/active-directory/authentication/media/concept-authentication-methods/authentication-methods.png
59.8 KB b/‎articles/active-directory/authentication/media/concept-authentication-methods/authentication-methods.png
59.8 KB
diff --git a/‎articles/active-directory/enterprise-users/groups-write-back-portal.md
Lines changed: 22 additions & 10 deletions b/‎articles/active-directory/enterprise-users/groups-write-back-portal.md
Lines changed: 22 additions & 10 deletions
diff --git a/‎articles/active-directory/fundamentals/active-directory-data-storage-eu.md
Lines changed: 2 additions & 5 deletions b/‎articles/active-directory/fundamentals/active-directory-data-storage-eu.md
Lines changed: 2 additions & 5 deletions
@@ -10388,8 +10388,8 @@
     },
     {
       "source_path_from_root": "/articles/azure-supportability/classic-deployment-model-quota-increase-requests.md",
-      "redirect_url": "/azure/azure-portal/supportability/classic-deployment-model-quota-increase-requests",
-      "redirect_document_id": true
+      "redirect_url": "/azure/quotas/classic-deployment-model-quota-increase-requests",
+      "redirect_document_id": false
     },
     {
       "source_path_from_root": "/articles/azure-supportability/how-to-create-azure-support-request.md",
@@ -10433,44 +10433,79 @@
     },
     {
       "source_path_from_root": "/articles/azure-supportability/low-priority-quota.md",
-      "redirect_url": "/azure/azure-portal/supportability/spot-quota",
-      "redirect_document_id": true
+      "redirect_url": "/azure/quotas/spot-quota",
+      "redirect_document_id": false
     },
     {
       "source_path_from_root": "/articles/azure-supportability/networking-quota-requests.md",
-      "redirect_url": "/azure/azure-portal/supportability/networking-quota-requests",
-      "redirect_document_id": true
+      "redirect_url": "/azure/quotas/networking-quota-requests",
+      "redirect_document_id": false
     },
     {
       "source_path_from_root": "/articles/azure-supportability/per-vm-quota-requests.md",
-      "redirect_url": "/azure/azure-portal/supportability/per-vm-quota-requests",
-      "redirect_document_id": true
+      "redirect_url": "/azure/quotas/per-vm-quota-requests",
+      "redirect_document_id": false
     },
     {
       "source_path_from_root": "/articles/azure-supportability/regional-quota-requests.md",
-      "redirect_url": "/azure/azure-portal/supportability/regional-quota-requests",
-      "redirect_document_id": true
+      "redirect_url": "/azure/quotas/regional-quota-requests",
+      "redirect_document_id": false
     },
     {
       "source_path_from_root": "/articles/azure-supportability/resource-manager-core-quotas-request.md",
-      "redirect_url": "/azure/azure-portal/supportability/regional-quota-requests",
+      "redirect_url": "/azure/quotas/regional-quota-requests",
       "redirect_document_id": false
     },
     {
       "source_path_from_root": "/articles/azure-portal/supportability/resource-manager-core-quotas-request.md",
-      "redirect_url": "/azure/azure-portal/supportability/regional-quota-requests",
+      "redirect_url": "/azure/quotas/regional-quota-requests",
       "redirect_document_id": false
     },
     {
-      "source_path_from_root": "/articles/azure-supportability/sku-series-unavailable.md",
-      "redirect_url": "/azure/azure-portal/supportability/sku-series-unavailable",
-      "redirect_document_id": true
+      "source_path_from_root": "/articles/azure-supportability/sku-series-unavailable.md", 
+      "redirect_url": "/troubleshoot/azure/general/region-access-request-process",
+      "redirect_document_id": false
     },
     {
       "source_path_from_root": "/articles/azure-portal/supportability/low-priority-quota.md",
-      "redirect_url": "/azure/azure-portal/supportability/spot-quota",
+      "redirect_url": "/azure/quotas/spot-quota",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/azure-portal/supportability/quotas-overview.md",
+      "redirect_url": "/azure/quotas/quotas-overview",
+      "redirect_document_id": true
+    },
+    {
+      "source_path_from_root": "/articles/azure-portal/supportability/view-quotas.md",
+      "redirect_url": "/azure/quotas/view-quotas",
+      "redirect_document_id": true
+    },
+    {
+      "source_path_from_root": "/articles/azure-portal/supportability/per-vm-quota-requests.md",
+      "redirect_url": "/azure/quotas/per-vm-quota-requests",
+      "redirect_document_id": true
+    },
+    {
+      "source_path_from_root": "/articles/azure-portal/supportability/regional-quota-requests.md",
+      "redirect_url": "/azure/quotas/regional-quota-requests",
+      "redirect_document_id": true
+    },
+    {
+      "source_path_from_root": "/articles/azure-portal/supportability/spot-quota.md",
+      "redirect_url": "/azure/quotas/spot-quota",
+      "redirect_document_id": true
+    },
+    {
+      "source_path_from_root": "/articles/azure-portal/supportability/classic-deployment-model-quota-increase-requests.md",
+      "redirect_url": "/azure/quotas/classic-deployment-model-quota-increase-requests",
+      "redirect_document_id": true
+    },
+    {
+      "source_path_from_root": "/articles/azure-portal/supportability/networking-quota-requests.md",
+      "redirect_url": "/azure/quotas/networking-quota-requests",
+      "redirect_document_id": true
+    },
     {
       "source_path_from_root": "/articles/managed-applications/concepts-custom-providers-built-in-policy.md",
       "redirect_url": "/azure/azure-resource-manager/custom-providers/concepts-built-in-policy",
 
@@ -40,6 +40,7 @@ Here's what you need to know about email as an alternate login ID:
 * The feature is available in Azure AD Free edition and higher.
 * The feature enables sign-in with *ProxyAddresses*, in addition to UPN, for cloud-authenticated Azure AD users. More on how this applies to Azure AD business-to-business (B2B) collaboration in the [B2B](#b2b-guest-user-sign-in-with-an-email-address) section.
 * When a user signs in with a non-UPN email, the `unique_name` and `preferred_username` claims (if present) in the [ID token](../develop/id-tokens.md) will return the non-UPN email.
+    * If the non-UPN email in use becomes stale (no longer belongs to the user), these claims will return the UPN instead.
 * The feature supports managed authentication with Password Hash Sync (PHS) or Pass-Through Authentication (PTA).
 * There are two options for configuring the feature:
     * [Home Realm Discovery (HRD) policy](#enable-user-sign-in-with-an-email-address) - Use this option to enable the feature for the entire tenant. Global administrator privileges required.
 
@@ -2,11 +2,11 @@
 title: Group writeback portal operations (preview) in Azure Active Directory
 description: The access points for group writeback to on-premises Active Directory in the Azure Active Directory admin center.
 keywords:
-author: curtand
-manager: karenhoran
-ms.author: curtand
+author: barclayn
+manager: rkarlin
+ms.author: barclayn
 ms.reviewer: jordan.dahl
-ms.date: 06/18/2022
+ms.date: 07/21/2022
 ms.topic: how-to
 ms.service: active-directory
 ms.subservice: enterprise-users
@@ -23,7 +23,20 @@ ms.collection: M365-identity-device-management
 Group writeback is a valuable tool for administrators of Azure Active Directory (Azure AD) tenants being synced with on-premises Active Directory groups. Microsoft is now previewing new capabilities for group writeback. In this preview, you can specify in the Azure AD admin center which groups you want to write back and what you’d like each group to write back as. You can write Microsoft 365 groups back to on-premises Active Directory as Distribution, Mail-enabled Security, or Security groups, and write Security groups back as Security groups. Groups are written back with a scope of universal.
 
 >[!NOTE]
-> If you were previously writing Microsoft 365 groups back to on-premises Active Directory as universal distribution groups, they will appear in the Azure portal as not enabled for writeback in both the **Groups** page and in the properties page for a group. This is to ensure backward compatibility with the legacy version of group writeback and to avoid breaking setups that customers currently have.
+> If you were previously writing Microsoft 365 groups back to on-premises Active Directory as universal distribution groups, they will appear in the Azure portal as not enabled for writeback in both the **Groups** page and in the properties page for a group. These pages display a new property introduced for the preview, “writeback enabled”. This property is not set by the current version of group writeback to ensure backward compatibility with the legacy version of group writeback and to avoid breaking existing customer setups.
+
+To understand the behavior of No writeback in the portal, check the properties of the group in MS Graph.
+
+
+| Portal | MS Graph| Behavior|
+|--------|---------|---------|
+| No writeback | isEnabled=false | Group won't be written back to on-premises Active Directory|
+| No writeback | IsEnabled = null & onPremisesGroupType = null | If a Microsoft 365 group – it will be written back to on-premises Active Directory as a distribution group. </br> If an Azure AD security group – it will not be written back to on premises Active Directory. |
+
+By default, the **Group writeback state** of groups is set to **No writeback**. This means:
+
+- **Microsoft 365 groups**: if the group ```IsEnabled = null``` and ```onPremisesGroupType = null```, to ensure backwards compatibility with older version of group writeback, the group is written back to your on-premises Active Directory as a distribution group.
+- **Azure AD security groups**: if the group ```IsEnabled = null``` and ```onPremisesGroupType = null``` then the group is not written back to your on-premises Active Directory.
 
 ## Show writeback columns
 
@@ -39,15 +52,14 @@ The **Writeback enabled** column allows you to turn off the writeback capability
 
 ## Writeback settings in group properties
 
-You can also configure writeback settings for a group on the property page for the group. There's a **Group writeback state** setting allows you to turn off writeback for the group or to specify the writeback group type. When **No writeback** is selected, the group isn't being written back at all. If you select one of the other writeback types as an option (for example, Security), then you have:
+You can also configure writeback settings for a group on the property page for the group. There's a **Group writeback state** setting that allows you to turn off writeback for the group or to specify the writeback group type. When **No writeback** is selected, the group isn't written back. If you select one of the other writeback types as an option (for example, Security), then you have:
 
 - Enabled the group for writeback
 - Targeted the writeback type as a security group
 
 :::image type="content" source="./media/groups-write-back-portal/groups-properties-view.png" alt-text="Screenshot of changing writeback settings in the group properties." lightbox="media/groups-write-back-portal/groups-properties-view.png":::
- 
-## Next steps
 
-Check out the groups REST API documentation for the [preview writeback property on the settings template](../hybrid/how-to-connect-group-writeback.md).
+## Next steps
 
-For more about group writeback operations, see [Azure AD Connect group writeback](../hybrid/how-to-connect-group-writeback.md)
+- Check out the groups REST API documentation for the [preview writeback property on the settings template](/graph/api/resources/group?view=graph-rest-beta&preserve-view=true).
+- For more about group writeback operations, see [Azure AD Connect group writeback](../hybrid/how-to-connect-group-writeback.md)
@@ -10,12 +10,13 @@ ms.service: active-directory
 ms.subservice: fundamentals
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 01/20/2022
+ms.date: 07/20/2022
 ms.custom: "it-pro, seodec18"
 ms.collection: M365-identity-device-management
 ---
 
 # Identity data storage for European customers in Azure Active Directory
+
 Identity data is stored by Azure AD in a geographical location based on the address provided by your organization when it subscribed for a Microsoft Online service such as Microsoft 365 and Azure. For information on where your identity data is stored, you can use the [Where your data is located](https://www.microsoft.com/trust-center/privacy/data-location) section of the Microsoft Trust Center.
 
 For customers who provided an address in Europe, Azure AD keeps most of the identity data within European datacenters. This document provides information on any data that is stored outside of Europe by Azure AD services.
@@ -32,10 +33,6 @@ For cloud-based Azure AD Multi-Factor Authentication, authentication is complete
 
 For more information about what user information is collected by Azure Multi-Factor Authentication Server (MFA Server) and cloud-based Azure AD MFA, see [Azure Multi-Factor Authentication user data collection](../authentication/howto-mfa-reporting-datacollection.md).
 
-## Password-based Single Sign-On for Enterprise Applications
- 
-If a customer creates a new enterprise application (whether through Azure AD Gallery or non-Gallery) and enables password-based SSO, the Application sign in URL, and custom capture sign in fields are stored in the United States. For more information, see [Configure password-based single sign-on](../manage-apps/configure-password-single-sign-on-non-gallery-applications.md)
-
 ## Microsoft Azure Active Directory B2B (Azure AD B2B) 
 
 Azure AD B2B stores invitations with redeem link and redirect URL information in US datacenters. In addition, email address of users that unsubscribe from receiving B2B invitations are  also stored in U.S. datacenters.