Merge branch 'main' into pim3

Author: billmath

.openpublishing.publish.config.json

@@ -1039,6 +1039,12 @@
       "url": "https://github.com/Azure/Azure-Proactive-Resiliency-Library",
       "branch": "main",
       "branch_mapping": {}
+    },
+    {
+      "path_to_root": "azure-reference-other-repo",
+      "url": "https://github.com/MicrosoftDocs/azure-reference-other-pr",
+      "branch": "main",
+      "branch_mapping": {}
     }
   ],
   "branch_target_mapping": {

.openpublishing.redirection.container-registry.json

@@ -0,0 +1,36 @@
+{
+    "redirections": [
+        {
+            "source_path_from_root": "/articles/container-registry/tutorial-enable-registry-cache-auth.md",
+            "redirect_url": "/azure/container-registry/tutorial-enable-artifact-cache-auth",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/container-registry/tutorial-enable-registry-cache-auth-cli.md",
+            "redirect_url": "/azure/container-registry/tutorial-enable-artifact-cache-auth-cli",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/container-registry/tutorial-enable-registry-cache.md",
+            "redirect_url": "/azure/container-registry/tutorial-enable-artifact-cache",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/container-registry/tutorial-enable-registry-cache-cli.md",
+            "redirect_url": "/azure/container-registry/tutorial-enable-artifact-cache-cli",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/container-registry/tutorial-registry-cache.md",
+            "redirect_url": "/azure/container-registry/tutorial-artifact-cache",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/container-registry/tutorial-troubleshoot-registry-cache.md",
+            "redirect_url": "/azure/container-registry/tutorial-troubleshoot-artifact-cache",
+            "redirect_document_id": false
+        }
+        
+     
+    ]
+}

articles/active-directory-b2c/custom-domain.md

@@ -67,7 +67,7 @@ Every new Azure AD B2C tenant comes with an initial domain name, <domainname&
 
 Follow these steps to add a custom domain to your Azure AD B2C tenant:
 
-1. [Add your custom domain name to Azure AD](../active-directory/fundamentals/add-custom-domain.md#add-your-custom-domain-name-to-azure-ad).
+1. [Add your custom domain name to Azure AD](../active-directory/fundamentals/add-custom-domain.md#add-your-custom-domain-name).
 
     > [!IMPORTANT]
     > For these steps, be sure to sign in to your **Azure AD B2C** tenant and select the **Azure Active Directory** service.

articles/active-directory-domain-services/policy-reference.md

@@ -1,7 +1,7 @@
 ---
 title: Built-in policy definitions for Azure Active Directory Domain Services
 description: Lists Azure Policy built-in policy definitions for Azure Active Directory Domain Services. These built-in policy definitions provide common approaches to managing your Azure resources.
-ms.date: 09/06/2023
+ms.date: 09/13/2023
 ms.service: active-directory
 ms.subservice: domain-services
 author: justinha

articles/active-directory/app-provisioning/inbound-provisioning-api-issues.md

@@ -40,10 +40,13 @@ This document covers commonly encountered errors and issues with inbound provisi
 
 **Probable causes**
 1. Your API-driven provisioning app is paused. 
-1. The provisioning service is yet to update the provisioning logs with the bulk request processing details. 
+1. The provisioning service is yet to update the provisioning logs with the bulk request processing details.
+2. Your On-premises provisioning agent status is inactive (If you are running the [/API-driven inbound user provisioning to on-premises Active Directory](https://go.microsoft.com/fwlink/?linkid=2245182)).
+
 
 **Resolution:**
 1. Verify that your provisioning app is running. If it isn't running, select the menu option **Start provisioning** to process the data.
+2. Turn your On-premises provisioning agent status to active by restarting the On-premise agent.
 1. Expect 5 to 10-minute delay between processing the request and writing to the provisioning logs. If your API client is sending data to the provisioning /bulkUpload API endpoint, then introduce a time delay between the request invocation and provisioning logs query. 
 
 ### Forbidden 403 response code 

articles/active-directory/authentication/concept-authentication-default-enablement.md

@@ -53,14 +53,14 @@ The following table lists each setting that can be set to Microsoft managed and
 
 | Setting                                                                                         | Configuration |
 |-------------------------------------------------------------------------------------------------|---------------|
-| [Registration campaign](how-to-mfa-registration-campaign.md)                                    | Beginning in July, 2023, enabled for SMS and voice call users with free and trial subscriptions.      |
+| [Registration campaign](how-to-mfa-registration-campaign.md)                                    | Beginning in July, 2023, enabled for text message and voice call users with free and trial subscriptions.      |
 | [Location in Microsoft Authenticator notifications](how-to-mfa-additional-context.md)           | Disabled      |
 | [Application name in Microsoft Authenticator notifications](how-to-mfa-additional-context.md)   | Disabled      |
 | [System-preferred MFA](concept-system-preferred-multifactor-authentication.md)                  | Enabled       |
 | [Authenticator Lite](how-to-mfa-authenticator-lite.md)                                          | Enabled       |  
 | [Report suspicious activity](howto-mfa-mfasettings.md#report-suspicious-activity)                  | Disabled      |
 
-As threat vectors change, Azure AD may announce default protection for a **Microsoft managed** setting in [release notes](../fundamentals/whats-new.md) and on commonly read forums like [Tech Community](https://techcommunity.microsoft.com/). For example, see our blog post [It's Time to Hang Up on Phone Transports for Authentication](https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/it-s-time-to-hang-up-on-phone-transports-for-authentication/ba-p/1751752) for more information about the need to move away from using SMS and voice calls, which led to default enablement for the registration campaign to help users to set up Authenticator for modern authentication.
+As threat vectors change, Azure AD may announce default protection for a **Microsoft managed** setting in [release notes](../fundamentals/whats-new.md) and on commonly read forums like [Tech Community](https://techcommunity.microsoft.com/). For example, see our blog post [It's Time to Hang Up on Phone Transports for Authentication](https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/it-s-time-to-hang-up-on-phone-transports-for-authentication/ba-p/1751752) for more information about the need to move away from using text message and voice calls, which led to default enablement for the registration campaign to help users to set up Authenticator for modern authentication.
 
 ## Next steps
 

articles/active-directory/authentication/concept-authentication-methods-manage.md

@@ -49,7 +49,7 @@ To manage the legacy MFA policy, click **Security** > **Multifactor Authenticati
 
 :::image type="content" border="true" source="./media/concept-authentication-methods-manage/service-settings.png" alt-text="Screenshot of MFA service settings.":::
 
-To manage authentication methods for self-service password reset (SSPR), click **Password reset** > **Authentication methods**. The **Mobile phone** option in this policy allows either voice calls or SMS to be sent to a mobile phone. The **Office phone** option allows only voice calls. 
+To manage authentication methods for self-service password reset (SSPR), click **Password reset** > **Authentication methods**. The **Mobile phone** option in this policy allows either voice calls or text message to be sent to a mobile phone. The **Office phone** option allows only voice calls. 
 
 :::image type="content" border="true" source="./media/concept-authentication-methods-manage/password-reset.png" alt-text="Screenshot of password reset settings.":::
 
@@ -69,7 +69,7 @@ If the user can't register Microsoft Authenticator based on either of those poli
 - **Mobile app notification**
 - **Mobile app code**
 
-For users who are enabled for **Mobile phone** for SSPR, the independent control between policies can impact sign-in behavior. Where the other policies have separate options for SMS and voice calls, the **Mobile phone** for SSPR enables both options. As a result, anyone who uses **Mobile phone** for SSPR can also use voice calls for password reset, even if the other policies don't allow voice calls. 
+For users who are enabled for **Mobile phone** for SSPR, the independent control between policies can impact sign-in behavior. Where the other policies have separate options for text message and voice calls, the **Mobile phone** for SSPR enables both options. As a result, anyone who uses **Mobile phone** for SSPR can also use voice calls for password reset, even if the other policies don't allow voice calls. 
 
 Similarly, let's suppose you enable **Voice calls** for a group. After you enable it, you find that even users who aren't group members can sign-in with a voice call. In this case, it's likely those users are enabled for **Mobile phone** in the legacy SSPR policy or **Call to phone** in the legacy MFA policy.  
 

articles/active-directory/authentication/concept-authentication-methods.md

@@ -23,7 +23,7 @@ Microsoft recommends passwordless authentication methods such as Windows Hello,
 
 :::image type="content" border="true" source="media/concept-authentication-methods/authentication-methods.png" alt-text="Illustration of the strengths and preferred authentication methods in Azure AD." :::
 
-Azure AD Multi-Factor Authentication (MFA) adds additional security over only using a password when a user signs in. The user can be prompted for additional forms of authentication, such as to respond to a push notification, enter a code from a software or hardware token, or respond to an SMS or phone call.
+Azure AD Multi-Factor Authentication (MFA) adds additional security over only using a password when a user signs in. The user can be prompted for additional forms of authentication, such as to respond to a push notification, enter a code from a software or hardware token, or respond to a text message or phone call.
 
 To simplify the user on-boarding experience and register for both MFA and self-service password reset (SSPR), we recommend you [enable combined security information registration](howto-registration-mfa-sspr-combined.md). For resiliency, we recommend that you require users to register multiple authentication methods. When one method isn't available for a user during sign-in or SSPR, they can choose to authenticate with another method. For more information, see [Create a resilient access control management strategy in Azure AD](concept-resilient-controls.md).