Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into fixNewReg

Author: roygara

.openpublishing.publish.config.json

@@ -1018,7 +1018,7 @@
 	  },
 	  {
       "path_to_root": "microsoft-graph",
-      "url": "https://github.com/MicrosoftGraph/microsoft-graph-docs",
+      "url": "https://github.com/MicrosoftGraph/microsoft-graph-docs-contrib",
       "branch": "main",
       "branch_mapping": {}
     },

.openpublishing.redirection.active-directory.json

@@ -105,6 +105,11 @@
       "redirect_url": "/azure/active-directory/saas-apps/gainsight-tutorial",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/active-directory/saas-apps/postman-provisioning-tutorialy.md",
+      "redirect_url": "/azure/active-directory/saas-apps/postman-provisioning-tutorial",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/active-directory/saas-apps/iauditor-tutorial.md",
       "redirect_url": "/azure/active-directory/saas-apps/safety-culture-tutorial",

.openpublishing.redirection.azure-vmware.json

@@ -9,6 +9,11 @@
             "source_path_from_root": "/articles/azure-vmware/attach-disk-pools-to-azure-vmware-solution-hosts.md",
             "redirect_url": "/azure/storage/elastic-san/elastic-san-introduction",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-vmware/migrate-sql-server-always-on-cluster.md",
+            "redirect_url": "/azure/azure-vmware/migrate-sql-server-always-on-availability-group",
+            "redirect_document_id": false
         }
     ]
 }

.openpublishing.redirection.json

@@ -14897,6 +14897,11 @@
             "redirect_url": "/azure/scheduler/migrate-from-scheduler-to-logic-apps",
             "redirect_document_id": ""
         },
+        {
+            "source_path_from_root": "/articles/search/semantic-ranking.md",
+            "redirect_url": "/azure/search/semantic-search-overview",
+            "redirect_document_id": true
+        },
         {
             "source_path_from_root": "/articles/search/tutorial-csharp-create-first-app.md",
             "redirect_url": "/previous-versions/azure/search/tutorial-csharp-create-first-app",
@@ -23347,6 +23352,56 @@
             "redirect_url": "/azure/active-directory/develop/quickstart-register-app",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/migrate-adal-msal-java.md",
+            "redirect_url": "/entra/msal/java/advanced/support-for-adfs",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-logging-java.md",
+            "redirect_url": "/entra/msal/java/advanced/msal-logging-java",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-error-handling-java.md",
+            "redirect_url": "/entra/msal/java/advanced/msal-error-handling-java",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-java-token-cache-serialization.md",
+            "redirect_url": "/entra/msal/java/advanced/msal-java-token-cache-serialization",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-java-adfs-support.md",
+            "redirect_url": "/entra/msal/java/advanced/msal-java-adfs-support",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-java-get-remove-accounts-token-cache.md",
+            "redirect_url": "/entra/msal/java/advanced/msal-java-get-remove-accounts-token-cache",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/migrate-python-adal-msal.md",
+            "redirect_url": "/entra/msal/python/advanced/migrate-python-adal-msal",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-logging-python.md",
+            "redirect_url": "/entra/msal/python/advanced/msal-logging-python",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-error-handling-python.md",
+            "redirect_url": "/entra/msal/python/advanced/msal-error-handling-python",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-python-token-cache-serialization.md",
+            "redirect_url": "/entra/msal/python/advanced/msal-python-token-cache-serialization",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/networking/azure-orbital-overview.md",
             "redirect_url": "/azure/orbital/overview",

articles/active-directory-b2c/custom-policy-developer-notes.md

@@ -9,7 +9,7 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: reference
-ms.date: 06/06/2023
+ms.date: 09/06/2023
 ms.custom: project-no-code
 ms.author: kengaderdus
 ms.subservice: B2C
@@ -133,9 +133,11 @@ The following table summarizes the Security Assertion Markup Language (SAML) app
 
 |Feature  |User flow  |Custom policy  |Notes  |
 |---------|:---------:|:---------:|---------|
-|[API connectors](api-connectors-overview.md) | Preview | GA | |
-|[Secure with basic authentication](secure-rest-api.md#http-basic-authentication) | Preview | GA | |
-|[Secure with client certificate authentication](secure-rest-api.md#https-client-certificate-authentication) | Preview | GA | |
+|[After federating with an identity provider during sign-up](api-connectors-overview.md?pivots=b2c-user-flow#after-federating-with-an-identity-provider-during-sign-up) | GA | GA | |
+|[Before creating the user](api-connectors-overview.md?pivots=b2c-user-flow#before-creating-the-user) | GA | GA | |
+|[Before including application claims in token](api-connectors-overview.md?pivots=b2c-user-flow#before-sending-the-token-preview)| Preview | GA | |
+|[Secure with basic authentication](secure-rest-api.md#http-basic-authentication) | GA | GA | |
+|[Secure with client certificate authentication](secure-rest-api.md#https-client-certificate-authentication) | GA | GA | |
 |[Secure with OAuth2 bearer authentication](secure-rest-api.md#oauth2-bearer-authentication) | NA | GA | |
 |[Secure API key authentication](secure-rest-api.md#api-key-authentication) | NA | GA | |
 

articles/active-directory-domain-services/faqs.yml

@@ -11,7 +11,7 @@ metadata:
   ms.subservice: domain-services
   ms.workload: identity
   ms.topic: faq
-  ms.date: 08/01/2023
+  ms.date: 09/05/2023
   ms.author: justinha
 title: Frequently asked questions (FAQs) about Azure Active Directory (AD) Domain Services
 summary: This page answers frequently asked questions about Azure Active Directory Domain Services.
@@ -106,6 +106,11 @@ sections:
         answer: |
           Any user account that's part of the managed domain can join a VM. Members of the *Azure AD DC Administrators* group are granted remote desktop access to machines that have been joined to the managed domain.
 
+      - question: |
+          Is there any quota for the number of machines that I can join to the domain?
+        answer: |
+          There's no quota in Azure AD DS for domain-joined machines.
+
       - question: |
           Do I have domain administrator privileges for the managed domain provided by Azure AD Domain Services?
         answer: |

articles/active-directory-domain-services/policy-reference.md

@@ -1,7 +1,7 @@
 ---
 title: Built-in policy definitions for Azure Active Directory Domain Services
 description: Lists Azure Policy built-in policy definitions for Azure Active Directory Domain Services. These built-in policy definitions provide common approaches to managing your Azure resources.
-ms.date: 08/30/2023
+ms.date: 09/06/2023
 ms.service: active-directory
 ms.subservice: domain-services
 author: justinha

articles/active-directory-domain-services/powershell-scoped-synchronization.md

@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.subservice: domain-services
 ms.workload: identity
 ms.topic: how-to
-ms.date: 01/29/2023
+ms.date: 09/06/2023
 ms.author: justinha 
 ms.custom: has-azure-ad-ps-ref
 ---
@@ -86,7 +86,7 @@ foreach ($groupName in $groupsToAdd)
 Write-Output "****************************************************************************`n"
 Write-Output "`n****************************************************************************"
 
-$currentAssignments = Get-AzureADServiceAppRoleAssignment -ObjectId $sp.ObjectId
+$currentAssignments = Get-AzureADServiceAppRoleAssignment -ObjectId $sp.ObjectId -All $true
 Write-Output "Total current group-assignments: $($currentAssignments.Count), SP-ObjectId: $($sp.ObjectId)"
 
 $currAssignedObjectIds = New-Object 'System.Collections.Generic.HashSet[string]'

articles/active-directory/app-provisioning/provision-on-demand.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: app-provisioning
 ms.workload: identity
 ms.topic: how-to
-ms.date: 05/05/2023
+ms.date: 08/05/2023
 ms.author: kenwith
 ms.reviewer: arvinh
 zone_pivot_groups: app-provisioning-cross-tenant-synchronization
@@ -163,9 +163,12 @@ There are currently a few known limitations to on-demand provisioning. Post your
 ::: zone pivot="app-provisioning"
 > [!NOTE]
 > The following limitations are specific to the on-demand provisioning capability. For information about whether an application supports provisioning groups, deletions, or other capabilities, check the tutorial for that application.
-
-* On-demand provisioning of groups supports updating up to five members at a time
+* On-demand provisioning of groups supports updating up to five members at a time. Connectors for cross-tenant synchronization, Workday, etc. do not support group provisioning and as a result do not support on-demand provisioning of groups.  
+::: zone-end
+::: zone pivot="cross-tenant-synchronization"
+* On-demand provisioning of groups is not supported for cross-tenant synchronization. 
 ::: zone-end
+* On-demand provisioning supports provisioning one user at a time through the Microsoft Entra portal.
 * Restoring a previously soft-deleted user in the target tenant with on-demand provisioning isn't supported. If you try to soft-delete a user with on-demand provisioning and then restore the user, it can result in duplicate users.
 * On-demand provisioning of roles isn't supported.
 * On-demand provisioning supports disabling users that have been unassigned from the application. However, it doesn't support disabling or deleting users that have been disabled or deleted from Azure AD. Those users don't appear when you search for a user.

articles/active-directory/app-provisioning/use-scim-to-provision-users-and-groups.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: app-provisioning
 ms.workload: identity
 ms.topic: tutorial
-ms.date: 03/17/2023
+ms.date: 09/08/2023
 ms.author: kenwith
 ms.reviewer: arvinh
 ---
@@ -888,7 +888,7 @@ organization.",
 
 **TLS Protocol Versions**
 
-The only acceptable protocol versions are TLS 1.2 and TLS 1.3. No other SSL/TLS versions are permitted.
+The only acceptable protocol version is TLS 1.2. No other SSL/TLS version is permitted.
 
 - RSA keys must be at least 2,048 bits.
 - ECC keys must be at least 256 bits, generated using an approved elliptic curve