MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json
Lines changed: 10 additions & 0 deletions b/‎.openpublishing.redirection.json
Lines changed: 10 additions & 0 deletions
diff --git a/‎articles/active-directory/manage-apps/f5-aad-password-less-vpn.md
Lines changed: 186 additions & 167 deletions b/‎articles/active-directory/manage-apps/f5-aad-password-less-vpn.md
Lines changed: 186 additions & 167 deletions
diff --git a/‎articles/active-directory/manage-apps/f5-bigip-deployment-guide.md
Lines changed: 305 additions & 300 deletions b/‎articles/active-directory/manage-apps/f5-bigip-deployment-guide.md
Lines changed: 305 additions & 300 deletions
diff --git a/‎articles/active-directory/standards/configure-azure-active-directory-for-cmmc-compliance.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory/standards/configure-azure-active-directory-for-cmmc-compliance.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/active-directory/standards/configure-azure-active-directory-for-fedramp-high-impact.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/standards/configure-azure-active-directory-for-fedramp-high-impact.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/standards/configure-cmmc-level-1-controls.md
Lines changed: 4 additions & 4 deletions b/‎articles/active-directory/standards/configure-cmmc-level-1-controls.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎articles/active-directory/standards/configure-cmmc-level-2-access-control.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory/standards/configure-cmmc-level-2-access-control.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/active-directory/standards/configure-cmmc-level-2-additional-controls.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/standards/configure-cmmc-level-2-additional-controls.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/standards/configure-cmmc-level-2-identification-and-authentication.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory/standards/configure-cmmc-level-2-identification-and-authentication.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/applied-ai-services/form-recognizer/whats-new.md
Lines changed: 1 addition & 1 deletion b/‎articles/applied-ai-services/form-recognizer/whats-new.md
Lines changed: 1 addition & 1 deletion
@@ -29499,6 +29499,16 @@
             "redirect_url": "/azure/aks/intro-kubernetes",
             "redirect_document_id": "false"
         },
+        {
+            "source_path_from_root": "/articles/azure-arc/servers/onboard-group-policy-service-principal-encryption.md",
+            "redirect_url": "/azure/azure-arc/servers/onboard-group-policy-powershell",
+            "redirect_document_id": "false"
+        },
+        {
+            "source_path_from_root": "/articles/azure-arc/servers/onboard-group-policy.md",
+            "redirect_url": "/azure/azure-arc/servers/onboard-group-policy-powershell",
+            "redirect_document_id": "false"
+        },
         {
           "source_path": "articles/azure-cache-for-redis/redis-cache-insights-overview.md",
           "redirect_url": "/azure/azure-cache-for-redis/cache-insights-overview",
 
@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: fundamentals
 ms.topic: conceptual
-ms.date: 07/15/2021
+ms.date: 12/13/2022
 ms.author: jricketts
 ms.custom: "it-pro, seodec18"
 ms.collection: M365-identity-device-management
@@ -54,6 +54,6 @@ Learn more:
 
 * [Configure CMMC Level 2 Access Control (AC) controls](configure-cmmc-level-2-access-control.md)
 
-* [Configure CMMC Level 2 Identification and Authentication (IR) controls](configure-cmmc-level-2-identification-and-authentication.md)
+* [Configure CMMC Level 2 Identification and Authentication (IA) controls](configure-cmmc-level-2-identification-and-authentication.md)
 
 * [Configure CMMC Level 2 additional controls](configure-cmmc-level-2-additional-controls.md)
@@ -10,7 +10,7 @@ author: gargi-sinha
 ms.author: gasinh
 manager: martinco
 ms.reviewer: martinco
-ms.date: 09/13/2022
+ms.date: 12/13/2022
 ms.custom: it-pro
 ms.collection: M365-identity-device-management
 ---
 
@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: fundamentals
 ms.topic: conceptual
-ms.date: 07/15/2021
+ms.date: 12/13/2022
 ms.author: jricketts
 ms.custom: "it-pro, seodec18"
 ms.collection: M365-identity-device-management
@@ -37,8 +37,8 @@ The following table provides a list of control IDs and associated customer respo
 | *Control* | *Guidance* |
 | - | - |
 | AC.L1-3.1.1 | You're responsible for provisioning Azure AD accounts. Provisioning accounts in Azure AD is accomplished from external HR systems, on-premises Active Directory, or directly in the cloud. You configure Conditional Access to only grant access from a known (Registered/Managed) device. Additionally, apply the concept of least privilege when granting application permissions. Where possible, use delegated permission. <br><br>Provision users<br><li>[Plan cloud HR application to Azure Active Directory user provisioning](../app-provisioning/plan-cloud-hr-provision.md) <li>[Azure AD Connect sync: Understand and customize synchronization](../hybrid/how-to-connect-sync-whatis.md)<li>[Add or delete users – Azure Active Directory](../fundamentals/add-users-azure-active-directory.md)<br><br>Provision devices<li>[What is device identity in Azure Active Directory](../devices/overview.md)<br><br>Configure applications<li>[QuickStart: Register an app in the Microsoft identity platform](../develop/quickstart-register-app.md)<li>[Microsoft identity platform scopes, permissions, & consent](../develop/v2-permissions-and-consent.md)<li>[Securing service principals in Azure Active Directory](../fundamentals/service-accounts-principal.md)<br><br>Conditional access<li>[What is Conditional Access in Azure Active Directory](../conditional-access/overview.md)<li>[Conditional Access require managed device](../conditional-access/require-managed-devices.md) |
-| AC.L1-3.1.2 | You're responsible for configuring access controls such as Role Based Access Controls (RBAC) with built-in or custom roles. Use role assignable groups to manage role assignments for multiple users requiring same access. Configure Attribute Based Access Controls (ABAC) with default or custom security attributes. The objective is to granularly control access to resources protected with Azure AD.<br><br>Provision RBAC<li>[Overview of role-based access control in Active Directory ](../roles/custom-overview.md)[Azure AD built-in roles](../roles/permissions-reference.md)<li>[Create and assign a custom role in Azure Active Directory](../roles/custom-create.md)<br><br>Provision ABAC<li>What is Azure attribute-based access control (Azure ABAC)? (preview) ---**needs link**<li>What are custom security attributes in Azure AD? (Preview) ---**needs link**<br><br>Provision groups for role assignment<li>[Use Azure AD groups to manage role assignments](../roles/groups-concept.md) |
-| AC.L1-3.1.20 | You're responsible for configuring conditional access policies using device controls and or network locations to control and or limit connections and use of external systems. Configure Terms of Use (TOU) for recorded user acknowledgment of terms and conditions for use of external systems for access.<br><br>Provision Conditional Access as required<li>[What is Conditional Access?](../conditional-access/overview.md)<li>[Require managed devices for cloud app access with Conditional Access](../conditional-access/require-managed-devices.md)<li>[Require device to be marked as compliant](../conditional-access/require-managed-devices.md)<li>Conditional Access: Filter for devices ---**needs link**<br><br>Use Conditional Access to block access<li>[Conditional Access - Block access by location](../conditional-access/howto-conditional-access-policy-location.md)<br><br>Configure terms of use<li>[Terms of use - Azure Active Directory](../conditional-access/terms-of-use.md)<li>[Conditional Access require terms of use ](../conditional-access/require-tou.md) |
+| AC.L1-3.1.2 | You're responsible for configuring access controls such as Role Based Access Controls (RBAC) with built-in or custom roles. Use role assignable groups to manage role assignments for multiple users requiring same access. Configure Attribute Based Access Controls (ABAC) with default or custom security attributes. The objective is to granularly control access to resources protected with Azure AD.<br><br>Provision RBAC<li>[Overview of role-based access control in Active Directory ](../roles/custom-overview.md)[Azure AD built-in roles](../roles/permissions-reference.md)<li>[Create and assign a custom role in Azure Active Directory](../roles/custom-create.md)<br><br>Provision ABAC<li>[What is Azure attribute-based access control (Azure ABAC)](/azure/role-based-access-control/conditions-overview)<li>[What are custom security attributes in Azure AD?](/azure/active-directory/fundamentals/custom-security-attributes-overview)<br><br>Provision groups for role assignment<li>[Use Azure AD groups to manage role assignments](../roles/groups-concept.md) |
+| AC.L1-3.1.20 | You're responsible for configuring conditional access policies using device controls and or network locations to control and or limit connections and use of external systems. Configure Terms of Use (TOU) for recorded user acknowledgment of terms and conditions for use of external systems for access.<br><br>Provision Conditional Access as required<li>[What is Conditional Access?](../conditional-access/overview.md)<li>[Require managed devices for cloud app access with Conditional Access](../conditional-access/require-managed-devices.md)<li>[Require device to be marked as compliant](../conditional-access/require-managed-devices.md)<li>[Conditional Access: Filter for devices](/azure/active-directory/conditional-access/concept-condition-filters-for-devices)<br><br>Use Conditional Access to block access<li>[Conditional Access - Block access by location](../conditional-access/howto-conditional-access-policy-location.md)<br><br>Configure terms of use<li>[Terms of use - Azure Active Directory](../conditional-access/terms-of-use.md)<li>[Conditional Access require terms of use ](../conditional-access/require-tou.md) |
 | AC.L1-3.1.22 | You're responsible for configuring Privileged Identity Management (PIM) to manage access to systems where posted information is publicly accessible. Require approvals with justification prior to role assignment in PIM. Configure Terms of Use (TOU) for systems where posted information is publicly accessible for recorded acknowledgment of terms and conditions for posting of publicly accessible information.<br><br>Plan PIM deployment<li>[What is Privileged Identity Management?](../privileged-identity-management/pim-configure.md)<li>[Plan a Privileged Identity Management deployment](../privileged-identity-management/pim-deployment-plan.md)<br><br>Configure terms of use<li>[Terms of use - Azure Active Directory](../conditional-access/terms-of-use.md)<li>[Conditional Access require terms of use ](../conditional-access/require-tou.md)<li>[Configure Azure AD role settings in PIM - Require Justification](../privileged-identity-management/pim-how-to-change-default-settings.md) |
 
 ## Identification and Authentication (IA) domain
@@ -64,6 +64,6 @@ The following table provides a list of control IDs and associated responsibiliti
 
 * [Configure CMMC Level 2 Access Control (AC) controls](configure-cmmc-level-2-access-control.md)
 
-* [Configure CMMC Level 2 Identification and Authentication (IR) controls](configure-cmmc-level-2-identification-and-authentication.md)
+* [Configure CMMC Level 2 Identification and Authentication (IA) controls](configure-cmmc-level-2-identification-and-authentication.md)
 
 * [Configure CMMC Level 2 additional controls](configure-cmmc-level-2-additional-controls.md)
@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: fundamentals
 ms.topic: conceptual
-ms.date: 11/15/2022
+ms.date: 12/13/2022
 ms.author: jricketts
 ms.custom: "it-pro, seodec18"
 ms.collection: M365-identity-device-management
@@ -64,6 +64,6 @@ The following table provides a list of control IDs and associated customer respo
 
 * [Configure CMMC Level 1 controls](configure-cmmc-level-1-controls.md)
 
-* [Configure CMMC Level 2 Identification and Authentication (IR) controls](configure-cmmc-level-2-identification-and-authentication.md)
+* [Configure CMMC Level 2 Identification and Authentication (IA) controls](configure-cmmc-level-2-identification-and-authentication.md)
 
 * [Configure CMMC Level 2 additional controls](configure-cmmc-level-2-additional-controls.md)
@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: fundamentals
 ms.topic: conceptual
-ms.date: 11/15/2022
+ms.date: 12/13/2022
 ms.author: jricketts
 ms.custom: "it-pro, seodec18"
 ms.collection: M365-identity-device-management
 
@@ -8,13 +8,13 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: fundamentals
 ms.topic: conceptual
-ms.date: 11/15/2022
+ms.date: 12/13/2022
 ms.author: jricketts
 ms.custom: "it-pro, seodec18"
 ms.collection: M365-identity-device-management
 ---
 
-# Configure CMMC Level 2 Identification and Authentication (IA) controls
+# Configure CMMC Level 2 Identification and Authentication (IA) controls 
 
 Azure Active Directory helps you meet identity-related practice requirements in each Cybersecurity Maturity Model Certification (CMMC) level. To complete other configurations or processes to be compliant with [CMMC V2.0 level 2](https://cmmc-coe.org/maturity-level-two/)requirements, is the responsibility of companies performing work with, and on behalf of, the US Dept. of Defense (DoD).
 
 
@@ -39,7 +39,7 @@ December 2022
 
   * **Custom model labeling**:
 
-    * **Batch OCR**. You can opt to run batch OCR in the setup wizard for custom model on all documents in your blob storage.
+    * **Run Layout API automatically**. You can opt to run the Layout API for all documents automatically in your blob storage during the setup process for custom model.
 
     * **Search**. The Studio now includes search functionality to locate words within a document. This improvement allows for easier navigation while labeling.