Merge pull request #214252 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)

Author: huypub

articles/active-directory-b2c/json-transformations.md

@@ -9,7 +9,7 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: reference
-ms.date: 08/10/2022
+ms.date: 09/07/2022
 ms.author: kengaderdus
 ms.subservice: B2C
 ---
@@ -251,6 +251,26 @@ The following claims transformation outputs a JSON string claim that will be the
     }
     ```
 
+The **GenerateJson** claims transformation accepts plain strings. If an input claim contains a JSON string, that string will be escaped. In the following example, if you use email output from [CreateJsonArray above](json-transformations.md#example-of-createjsonarray), that is ["[email protected]"], as an input parameter, the email will look like as shown in the following JSON claim:
+
+- Output claim:
+  - **requestBody**:
+
+    ```json
+    {
+       "customerEntity":{
+          "email":"[\"[email protected]\"]",
+          "userObjectId":"01234567-89ab-cdef-0123-456789abcdef",
+          "firstName":"John",
+          "lastName":"Smith",
+          "role":{
+             "name":"Administrator",
+             "id": 1
+          }
+       }
+    }
+    ```
+
 ## GetClaimFromJson
 
 Get a specified element from a JSON data. Check out the [Live demo](https://github.com/azure-ad-b2c/unit-tests/tree/main/claims-transformation/json#getclaimfromjson) of this claims transformation.

articles/active-directory-b2c/user-profile-attributes.md

@@ -8,9 +8,10 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 09/24/2021
+ms.date: 10/11/2021
 ms.author: kengaderdus
 ms.subservice: B2C
+ms.custom: b2c-support
 ---
 
 # User profile attributes
@@ -48,7 +49,7 @@ The table below lists the [user resource type](/graph/api/resources/user) attrib
 |creationType    |String|If the user account was created as a local account for an Azure Active Directory B2C tenant, the value is LocalAccount or nameCoexistence. Read only.|No|No|Persisted, Output|
 |dateOfBirth     |Date|Date of birth.|No|No|Persisted, Output|
 |department      |String|The name for the department in which the user works. Max length 64.|Yes|No|Persisted, Output|
-|displayName     |String|The display name for the user. Max length 256.|Yes|Yes|Persisted, Output|
+|displayName     |String|The display name for the user. Max length 256. \< \> characters aren't allowed. | Yes|Yes|Persisted, Output|
 |facsimileTelephoneNumber<sup>1</sup>|String|The telephone number of the user's business fax machine.|Yes|No|Persisted, Output|
 |givenName       |String|The given name (first name) of the user. Max length 64.|Yes|Yes|Persisted, Output|
 |jobTitle        |String|The user's job title. Max length 128.|Yes|Yes|Persisted, Output|
@@ -165,7 +166,7 @@ In user migration scenarios, if the accounts you want to migrate have weaker pas
 
 ## MFA phone number attribute
 
-When using a phone for multi-factor authentication (MFA), the mobile phone is used to verify the user identity. To [add](/graph/api/authentication-post-phonemethods) a new phone number programmatically, [update](/graph/api/b2cauthenticationmethodspolicy-update), [get](/graph/api/b2cauthenticationmethodspolicy-get), or [delete](/graph/api/phoneauthenticationmethod-delete) the phone number, use MS Graph API [phone authentication method](/graph/api/resources/phoneauthenticationmethod).
+When using a phone for multi-factor authentication (MFA), the mobile phone is used to verify the user identity. To [add](/graph/api/authentication-post-phonemethods) a new phone number programmatically, [update](/graph/api/phoneauthenticationmethod-update), [get](/graph/api/phoneauthenticationmethod-get), or [delete](/graph/api/phoneauthenticationmethod-delete) the phone number, use MS Graph API [phone authentication method](/graph/api/resources/phoneauthenticationmethod).
 
 In Azure AD B2C [custom policies](custom-policy-overview.md), the phone number is available through `strongAuthenticationPhoneNumber` claim type.
 

articles/active-directory/enterprise-users/groups-dynamic-membership.md

@@ -104,7 +104,7 @@ dirSyncEnabled |true false |user.dirSyncEnabled -eq true
 | memberOf | Any string value (valid group object ID) | user.memberof -any (group.objectId -in ['value']) |
 | mobile |Any string value or *null* | user.mobile -eq "value" |
 | objectId |GUID of the user object | user.objectId -eq "11111111-1111-1111-1111-111111111111" |
-| onPremisesDistinguishedName (preview)| Any string value or *null* | user.onPremisesDistinguishedName -eq "value" |
+| onPremisesDistinguishedName | Any string value or *null* | user.onPremisesDistinguishedName -eq "value" |
 | onPremisesSecurityIdentifier | On-premises security identifier (SID) for users who were synchronized from on-premises to the cloud. | user.onPremisesSecurityIdentifier -eq "S-1-1-11-1111111111-1111111111-1111111111-1111111" |
 | passwordPolicies |None<br>DisableStrongPassword<br>DisablePasswordExpiration<br>DisablePasswordExpiration, DisableStrongPassword | user.passwordPolicies -eq "DisableStrongPassword" |
 | physicalDeliveryOfficeName |Any string value or *null* | user.physicalDeliveryOfficeName -eq "value" |

articles/active-directory/governance/how-to-lifecycle-workflow-sync-attributes.md

@@ -94,7 +94,7 @@ To ensure timing accuracy of scheduled workflows it’s curial to consider:
  6. Select **Add attribute**.
  7. Fill in the following information: 
      - Mapping Type: Direct
-     - Source attribute: msDS-cloudExtensionAttribute1
+     - Source attribute: extensionAttribute1
      - Default value: Leave blank
      - Target attribute: employeeHireDate
      - Apply this mapping: Always
@@ -157,4 +157,4 @@ For more information, see [How to customize a synchronization rule](../hybrid/ho
 ## Next steps
 - [What are lifecycle workflows?](what-are-lifecycle-workflows.md)
 - [Create a custom workflow using the Azure portal](tutorial-onboard-custom-workflow-portal.md)
-- [Create a Lifecycle workflow](create-lifecycle-workflow.md)
+- [Create a Lifecycle workflow](create-lifecycle-workflow.md)

articles/active-directory/governance/tutorial-prepare-azure-ad-user-accounts.md

@@ -58,8 +58,8 @@ First we'll create our employee, Melva Prince.
   "displayName": "Melva Prince",
   "mailNickname": "mprince",
   "department": "sales",
-  "mail": "mpricne@<your tenant name here>",
-  "employeeHireDate": "2022-04-15T22:10:00Z"
+  "mail": "mprince@<your tenant name here>",
+  "employeeHireDate": "2022-04-15T22:10:00Z",
   "userPrincipalName": "mprince@<your tenant name here>",
   "passwordProfile" : {
     "forceChangePasswordNextSignIn": true,
@@ -84,7 +84,7 @@ Next, we'll create Britta Simon.  This is the account that will be used as our m
   "mailNickname": "bsimon",
   "department": "sales",
   "mail": "bsimon@<your tenant name here>",
-  "employeeHireDate": "2021-01-15T22:10:00Z"
+  "employeeHireDate": "2021-01-15T22:10:00Z",
   "userPrincipalName": "bsimon@<your tenant name here>",
   "passwordProfile" : {
     "forceChangePasswordNextSignIn": true,

articles/aks/cluster-configuration.md

@@ -369,7 +369,7 @@ This enables an OIDC Issuer URL of the provider which allows the API server to d
 
 ### Prerequisites
 
-* The Azure CLI version 2.42.0 or higher. Run `az --version` to find your version. If you need to install or upgrade, see [Install Azure CLI][azure-cli-install].
+* The Azure CLI version 2.40.0 or higher. Run `az --version` to find your version. If you need to install or upgrade, see [Install Azure CLI][azure-cli-install].
 * AKS version 1.22 and higher. If your cluster is running version 1.21 and the OIDC Issuer preview is enabled, we recommend you upgrade the cluster to the minimum required version supported.
 
 ### Create an AKS cluster with OIDC Issuer