Skip to content

Commit c76e90d

Browse files
committed
Merging changes synced from https://github.com/MicrosoftDocs/azure-docs-pr (branch live)
2 parents 5307e40 + 49ed86e commit c76e90d

File tree

227 files changed

+3174
-799
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

227 files changed

+3174
-799
lines changed

.openpublishing.redirection.active-directory.json

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7910,6 +7910,11 @@
79107910
"redirect_url": "/azure/active-directory/saas-apps/cisco-webex-provisioning-tutorial",
79117911
"redirect_document_id": false
79127912
},
7913+
{
7914+
"source_path_from_root": "/articles/active-directory/saas-apps/active-and-thriving-perth-airport-tutorial.md",
7915+
"redirect_url": "/azure/active-directory/saas-apps/active-and-thriving-tutorial",
7916+
"redirect_document_id": false
7917+
},
79137918
{
79147919
"source_path_from_root": "/articles/active-directory/active-directory-saas-cisco-webex-tutorial.md",
79157920
"redirect_url": "/azure/active-directory/saas-apps/cisco-webex-tutorial",

articles/active-directory-b2c/self-asserted-technical-profile.md

Lines changed: 10 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ manager: CelesteDG
99
ms.service: active-directory
1010
ms.workload: identity
1111
ms.topic: reference
12-
ms.date: 01/14/2022
12+
ms.date: 02/17/2022
1313
ms.author: kengaderdus
1414
ms.subservice: B2C
1515
---
@@ -196,22 +196,23 @@ You can also call a REST API technical profile with your business logic, overwri
196196

197197
| Attribute | Required | Description |
198198
| --------- | -------- | ----------- |
199-
| setting.operatingMode <sup>1</sup>| No | For a sign-in page, this property controls the behavior of the username field, such as input validation and error messages. Expected values: `Username` or `Email`. |
199+
| setting.operatingMode <sup>1</sup>| No | For a sign-in page, this property controls the behavior of the username field, such as input validation and error messages. Expected values: `Username` or `Email`. Check out the [Live demo](https://github.com/azure-ad-b2c/unit-tests/tree/main/technical-profiles/self-asserted#operating-mode) of this metadata. |
200200
| AllowGenerationOfClaimsWithNullValues| No| Allow to generate a claim with null value. For example, in a case user doesn't select a checkbox.|
201201
| ContentDefinitionReferenceId | Yes | The identifier of the [content definition](contentdefinitions.md) associated with this technical profile. |
202202
| EnforceEmailVerification | No | For sign-up or profile edit, enforces email verification. Possible values: `true` (default), or `false`. |
203-
| setting.retryLimit | No | Controls the number of times a user can try to provide the data that is checked against a validation technical profile. For example, a user tries to sign-up with an account that already exists and keeps trying until the limit reached.
203+
| setting.retryLimit | No | Controls the number of times a user can try to provide the data that is checked against a validation technical profile. For example, a user tries to sign-up with an account that already exists and keeps trying until the limit reached. Check out the [Live demo](https://github.com/azure-ad-b2c/unit-tests/tree/main/technical-profiles/self-asserted#retry-limit) of this metadata.|
204204
| SignUpTarget <sup>1</sup>| No | The sign-up target exchange identifier. When the user clicks the sign-up button, Azure AD B2C executes the specified exchange identifier. |
205-
| setting.showCancelButton | No | Displays the cancel button. Possible values: `true` (default), or `false` |
206-
| setting.showContinueButton | No | Displays the continue button. Possible values: `true` (default), or `false` |
207-
| setting.showSignupLink <sup>2</sup>| No | Displays the sign-up button. Possible values: `true` (default), or `false` |
208-
| setting.forgotPasswordLinkLocation <sup>2</sup>| No| Displays the forgot password link. Possible values: `AfterLabel` (default) displays the link directly after the label or after the password input field when there is no label, `AfterInput` displays the link after the password input field, `AfterButtons` displays the link on the bottom of the form after the buttons, or `None` removes the forgot password link.|
209-
| setting.enableRememberMe <sup>2</sup>| No| Displays the [Keep me signed in](session-behavior.md?pivots=b2c-custom-policy#enable-keep-me-signed-in-kmsi) checkbox. Possible values: `true` , or `false` (default). |
210-
| setting.inputVerificationDelayTimeInMilliseconds <sup>3</sup>| No| Improves user experience, by waiting for the user to stop typing, and then validate the value. Default value 2000 milliseconds. |
205+
| setting.showCancelButton | No | Displays the cancel button. Possible values: `true` (default), or `false`. Check out the [Live demo](https://github.com/azure-ad-b2c/unit-tests/tree/main/technical-profiles/self-asserted#show-the-cancel-button) of this metadata.|
206+
| setting.showContinueButton | No | Displays the continue button. Possible values: `true` (default), or `false`. Check out the [Live demo](https://github.com/azure-ad-b2c/unit-tests/tree/main/technical-profiles/self-asserted#show-the-continue-button) of this metadata. |
207+
| setting.showSignupLink <sup>2</sup>| No | Displays the sign-up button. Possible values: `true` (default), or `false`. Check out the [Live demo](https://github.com/azure-ad-b2c/unit-tests/tree/main/technical-profiles/self-asserted#show-sign-up-link) of this metadata. |
208+
| setting.forgotPasswordLinkLocation <sup>2</sup>| No| Displays the forgot password link. Possible values: `AfterLabel` (default) displays the link directly after the label or after the password input field when there is no label, `AfterInput` displays the link after the password input field, `AfterButtons` displays the link on the bottom of the form after the buttons, or `None` removes the forgot password link. Check out the [Live demo](https://github.com/azure-ad-b2c/unit-tests/tree/main/technical-profiles/self-asserted#forgot-password-link-location) of this metadata.|
209+
| setting.enableRememberMe <sup>2</sup>| No| Displays the [Keep me signed in](session-behavior.md?pivots=b2c-custom-policy#enable-keep-me-signed-in-kmsi) checkbox. Possible values: `true` , or `false` (default). [Live demo](https://github.com/azure-ad-b2c/unit-tests/tree/main/technical-profiles/self-asserted#enable-remember-me-kmsi) of this metadata. |
210+
| setting.inputVerificationDelayTimeInMilliseconds <sup>3</sup>| No| Improves user experience, by waiting for the user to stop typing, and then validate the value. Default value 2000 milliseconds. Check out the [Live demo](https://github.com/azure-ad-b2c/unit-tests/tree/main/technical-profiles/self-asserted#input-verification-delay-time-in-milliseconds) of this metadata. |
211211
| IncludeClaimResolvingInClaimsHandling  | No | For input and output claims, specifies whether [claims resolution](claim-resolver-overview.md) is included in the technical profile. Possible values: `true`, or `false` (default). If you want to use a claims resolver in the technical profile, set this to `true`. |
212212
|setting.forgotPasswordLinkOverride <sup>4</sup>| No | A password reset claims exchange to be executed. For more information, see [Self-service password reset](add-password-reset-policy.md). |
213213

214214
Notes:
215+
215216
1. Available for content definition [DataUri](contentdefinitions.md#datauri) type of `unifiedssp`, or `unifiedssd`.
216217
1. Available for content definition [DataUri](contentdefinitions.md#datauri) type of `unifiedssp`, or `unifiedssd`. [Page layout version](page-layout.md) 1.1.0 and above.
217218
1. Available for [page layout version](page-layout.md) 1.2.0 and above.

articles/active-directory/external-identities/b2b-quickstart-invite-powershell.md

Lines changed: 15 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,11 @@
11
---
22
title: 'Quickstart: Add a guest user with PowerShell - Azure AD'
3-
description: In this quickstart, you learn how to use PowerShell to send an invitation to an external Azure AD B2B collaboration user.
3+
description: In this quickstart, you learn how to use PowerShell to send an invitation to an external Azure AD B2B collaboration user. You'll use the Microsoft Graph Identity Sign-ins and the Microsoft Graph Users PowerShell modules.
44
services: active-directory
55
author: msmimart
66
ms.author: mimart
77
manager: celestedg
8-
ms.reviewer: mal
9-
ms.date: 08/28/2018
8+
ms.date: 02/16/2022
109
ms.topic: quickstart
1110
ms.service: active-directory
1211
ms.subservice: B2B
@@ -17,14 +16,14 @@ ms.collection: M365-identity-device-management
1716

1817
# Quickstart: Add a guest user with PowerShell
1918

20-
There are many ways you can invite external partners to your apps and services with Azure Active Directory B2B collaboration. In the previous quickstart, you saw how to add guest users directly in the Azure Active Directory admin portal. You can also use PowerShell to add guest users, either one at a time or in bulk. In this quickstart, you’ll use the New-AzureADMSInvitation command to add one guest user to your Azure tenant.
19+
There are many ways you can invite external partners to your apps and services with Azure Active Directory B2B collaboration. In the previous quickstart, you saw how to add guest users directly in the Azure Active Directory admin portal. You can also use PowerShell to add guest users, either one at a time or in bulk. In this quickstart, you’ll use the New-MgInvitation command to add one guest user to your Azure tenant.
2120

22-
If you don’t have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
21+
If you don’t have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
2322

2423
## Prerequisites
2524

2625
### PowerShell Module
27-
Install the [Azure AD V2 PowerShell for Graph module](/powershell/azure/active-directory/install-adv2) (AzureAD) or the [Azure AD V2 PowerShell for Graph module preview version](/powershell/azure/active-directory/install-adv2?view=azureadps-2.0-preview&preserve-view=true) (AzureADPreview).
26+
Install the [Microsoft Graph Identity Sign-ins module](/powershell/module/microsoft.graph.identity.signins/?view=graph-powershell-beta) (Microsoft.Graph.Identity.SignIns) and the [Microsoft Graph Users module](/powershell/module/microsoft.graph.users/?view=graph-powershell-beta) (Microsoft.Graph.Users).
2827

2928
### Get a test email account
3029

@@ -35,33 +34,32 @@ You need a test email account that you can send the invitation to. The account m
3534
Run the following command to connect to the tenant domain:
3635

3736
```powershell
38-
Connect-AzureAD -TenantDomain "<Tenant_Domain_Name>"
37+
Connect-MgGraph -Scopes user.readwrite.all
3938
```
40-
For example, `Connect-AzureAD -TenantDomain "contoso.onmicrosoft.com"`.
4139

4240
When prompted, enter your credentials.
4341

4442
## Send an invitation
4543

46-
1. To send an invitation to your test email account, run the following PowerShell command (replace **"Sanda"** and **sanda\@fabrikam.com** with your test email account name and email address):
44+
1. To send an invitation to your test email account, run the following PowerShell command (replace **"John Doe"** and **john\@contoso.com** with your test email account name and email address):
4745

4846
```powershell
49-
New-AzureADMSInvitation -InvitedUserDisplayName "Sanda" -InvitedUserEmailAddress sanda@fabrikam.com -InviteRedirectURL https://myapps.microsoft.com -SendInvitationMessage $true
47+
New-MgInvitation -InvitedUserDisplayName "John Doe" -InvitedUserEmailAddress John@contoso.com -InviteRedirectUrl "https://myapplications.microsoft.com" -SendInvitationMessage:$true
5048
```
51-
2. The command sends an invitation to the email address specified. Check the output, which should look similar to the following:
49+
1. The command sends an invitation to the email address specified. Check the output, which should look similar to the following example:
5250

53-
![PowerShell output showing pending user acceptance](media/quickstart-invite-powershell/powershell-azureadmsinvitation-result.png)
51+
![PowerShell output of the invitation command](media/quickstart-invite-powershell/powershell-mginvitation-result.png)
5452

5553
## Verify the user exists in the directory
5654

57-
1. To verify that the invited user was added to Azure AD, run the following command:
55+
1. To verify that the invited user was added to Azure AD, run the following command (replace **john\@contoso.com** with your invited email):
5856

5957
```powershell
60-
Get-AzureADUser -Filter "UserType eq 'Guest'"
58+
Get-MgUser -Filter "Mail eq '[email protected]'"
6159
```
62-
3. Check the output to make sure the user you invited is listed, with a user principal name (UPN) in the format *emailaddress*#EXT#\@*domain*. For example, *sanda_fabrikam.com#EXT#\@contoso.onmicrosoft.com*, where contoso.onmicrosoft.com is the organization from which you sent the invitations.
60+
1. Check the output to make sure the user you invited is listed, with a user principal name (UPN) in the format *emailaddress*#EXT#\@*domain*. For example, *john_contoso.com#EXT#\@fabrikam.onmicrosoft.com*, where fabrikam.onmicrosoft.com is the organization from which you sent the invitations.
6361

64-
![PowerShell output showing guest user added](media/quickstart-invite-powershell/powershell-guest-user-added.png)
62+
![PowerShell output showing guest user added](media/quickstart-invite-powershell/powershell-mginvitation-guest-user-add.png)
6563

6664
## Clean up resources
6765

@@ -70,7 +68,7 @@ When no longer needed, you can delete the test user account in the directory. Ru
7068
```powershell
7169
Remove-AzureADUser -ObjectId "<UPN>"
7270
```
73-
For example: `Remove-AzureADUser -ObjectId "sanda_fabrikam.com#EXT#@contoso.onmicrosoft.com"`
71+
For example: `Remove-AzureADUser -UserId john_contoso.com#EXT#@fabrikam.onmicrosoft.com`
7472

7573

7674
## Next steps
Loading
Loading

articles/active-directory/external-identities/tutorial-bulk-invite.md

Lines changed: 15 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,18 +1,17 @@
11
---
22

33
title: Tutorial for bulk inviting B2B collaboration users - Azure AD
4-
description: In this tutorial, you learn how to use PowerShell and a CSV file to send bulk invitations to external Azure AD B2B collaboration users.
4+
description: In this tutorial, you learn how to use PowerShell and a CSV file to send bulk invitations to external Azure AD B2B collaboration users. You'll use the Microsoft.Graph.Users PowerShell module.
55

66
services: active-directory
77
ms.service: active-directory
88
ms.subservice: B2B
99
ms.topic: tutorial
10-
ms.date: 03/17/2021
10+
ms.date: 02/16/2022
1111

1212
ms.author: mimart
1313
author: msmimart
1414
manager: celestedg
15-
ms.reviewer: mal
1615

1716
# Customer intent: As a tenant administrator, I want to send B2B invitations to multiple external users at the same time so that I can avoid having to send individual invitations to each user.
1817

@@ -21,7 +20,7 @@ ms.collection: M365-identity-device-management
2120

2221
# Tutorial: Bulk invite Azure AD B2B collaboration users
2322

24-
If you use Azure Active Directory (Azure AD) B2B collaboration to work with external partners, you can invite multiple guest users to your organization at the same time. In this tutorial, you learn how to use the Azure portal to send bulk invitations to external users. Specifically, you do the following:
23+
If you use Azure Active Directory (Azure AD) B2B collaboration to work with external partners, you can invite multiple guest users to your organization at the same time. In this tutorial, you learn how to use the Azure portal to send bulk invitations to external users. Specifically, you'll follow these steps:
2524

2625
> [!div class="checklist"]
2726
> * Use **Bulk invite users** to prepare a comma-separated value (.csv) file with the user information and invitation preferences
@@ -42,13 +41,13 @@ The rows in a downloaded CSV template are as follows:
4241

4342
- **Version number**: The first row containing the version number must be included in the upload CSV.
4443
- **Column headings**: The format of the column headings is &lt;*Item name*&gt; [PropertyName] &lt;*Required or blank*&gt;. For example, `Email address to invite [inviteeEmail] Required`. Some older versions of the template might have slight variations.
45-
- **Examples row**: We have included in the template a row of examples of values for each column. You must remove the examples row and replace it with your own entries.
44+
- **Examples row**: We've included in the template a row of examples of values for each column. You must remove the examples row and replace it with your own entries.
4645

4746
### Additional guidance
4847

4948
- The first two rows of the upload template must not be removed or modified, or the upload can't be processed.
5049
- The required columns are listed first.
51-
- We don't recommend adding new columns to the template. Any additional columns you add are ignored and not processed.
50+
- We don't recommend adding new columns to the template. Any columns you add are ignored and not processed.
5251
- We recommend that you download the latest version of the CSV template as often as possible.
5352

5453
## Prerequisites
@@ -83,7 +82,7 @@ You need two or more test email accounts that you can send the invitations to. T
8382
7. On the **Bulk invite users** page, under **Upload your csv file**, browse to the file. When you select the file, validation of the .csv file starts.
8483
8. When the file contents are validated, you’ll see **File uploaded successfully**. If there are errors, you must fix them before you can submit the job.
8584
9. When your file passes validation, select **Submit** to start the Azure bulk operation that adds the invitations.
86-
10. To view the job status, select **Click here to view the status of each operation**. Or, you can select **Bulk operation results** in the **Activity** section. For details about each line item within the the bulk operation, select the values under the **# Success**, **# Failure**, or **Total Requests** columns. If failures occurred, the reasons for failure will be listed.
85+
10. To view the job status, select **Click here to view the status of each operation**. Or, you can select **Bulk operation results** in the **Activity** section. For details about each line item within the bulk operation, select the values under the **# Success**, **# Failure**, or **Total Requests** columns. If failures occurred, the reasons for failure will be listed.
8786

8887
![Example of bulk operation results](media/tutorial-bulk-invite/bulk-operation-results.png)
8988

@@ -102,25 +101,30 @@ Check to see that the guest users you added exist in the directory either in the
102101

103102
### View guest users with PowerShell
104103

104+
To view guest users with PowerShell, you'll need the [Microsoft.Graph.Users PowerShell Module](/powershell/module/microsoft.graph.users/?view=graph-powershell-beta). Then sign in using the `Connect-MgGraph` command with an admin account to consent to the required scopes:
105+
```powershell
106+
Connect-MgGraph -Scopes "User.Read.All"
107+
```
108+
105109
Run the following command:
106110

107111
```powershell
108-
Get-AzureADUser -Filter "UserType eq 'Guest'"
112+
Get-MgUser -Filter "UserType eq 'Guest'"
109113
```
110114

111115
You should see the users that you invited listed, with a user principal name (UPN) in the format *emailaddress*#EXT#\@*domain*. For example, *lstokes_fabrikam.com#EXT#\@contoso.onmicrosoft.com*, where contoso.onmicrosoft.com is the organization from which you sent the invitations.
112116

113117
## Clean up resources
114118

115-
When no longer needed, you can delete the test user accounts in the directory in the Azure portal on the Users page by selecting the checkbox next to the guest user and then selecting **Delete**.
119+
When no longer needed, you can delete the test user accounts in the directory in the Azure portal on the Users page by selecting the checkbox next to the guest user and then selecting **Delete**.
116120

117121
Or you can run the following PowerShell command to delete a user account:
118122

119123
```powershell
120-
Remove-AzureADUser -ObjectId "<UPN>"
124+
Remove-MgUser -UserId "<UPN>"
121125
```
122126

123-
For example: `Remove-AzureADUser -ObjectId "lstokes_fabrikam.com#EXT#@contoso.onmicrosoft.com"`
127+
For example: `Remove-MgUser -UserId "lstokes_fabrikam.com#EXT#@contoso.onmicrosoft.com"`
124128

125129
## Next steps
126130

0 commit comments

Comments
 (0)