making minor freshness edits

Author: barclayn

articles/active-directory/fundamentals/active-directory-how-subscriptions-associated-directory.md

@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: fundamentals
 ms.topic: how-to
-ms.date: 08/17/2022
+ms.date: 01/23/2023
 ms.author: barclayn
 ms.reviewer: jeffsta
 ms.custom: "it-pro, seodec18, contperf-fy20q4"
@@ -18,46 +18,40 @@ ms.collection: M365-identity-device-management
 
 # Associate or add an Azure subscription to your Azure Active Directory tenant
 
-An Azure subscription has a trust relationship with Azure Active Directory (Azure AD). A subscription trusts Azure AD to authenticate users, services, and devices.
-
-Multiple subscriptions can trust the same Azure AD directory. Each subscription can only trust a single directory.
-
-One or more Azure subscriptions can establish a trust relationship with an instance of Azure Active Directory (Azure AD) in order to authenticate and authorize security principals and devices against Azure services.  When a subscription expires, the trusted instance of the Azure AD service remains, but the security principals lose access to Azure resources.
+All Azure subscriptions have a trust relationship with an Azure Active Directory (Azure AD) instance. Subscriptions rely on their trusted Azure AD to authenticate and authorize security principals and devices.  When a subscription expires, the trusted instance of the Azure AD service remains, but the security principals lose access to Azure resources. Subscriptions can only trust a single directory while one Azure AD may be trusted by multiple subscriptions.
 
 When a user signs up for a Microsoft cloud service, a new Azure AD tenant is created and the user is made a member of the Global Administrator role. However, when an owner of a subscription joins their subscription to an existing tenant, the owner isn't assigned to the Global Administrator role.
 
-All of your users have a single *home* directory for authentication. Your users can also be guests in other directories. You can see both the home and guest directories for each user in Azure AD.
+While users may only have a single authentication *home* directory, users may participate as guests in multiple directories. You can see both the home and guest directories for each user in Azure AD.
 
 :::image type="content" source="media/active-directory-how-subscriptions-associated-directory/trust-relationship-azure-ad.png" alt-text="Screenshot that shows the trust relationship between Azure subscriptions and Azure active directories.":::
 
 > [!Important]
-> When you associate a subscription with a different directory, users that have roles assigned using [Azure role-based access control](../../role-based-access-control/role-assignments-portal.md) lose their access. Classic subscription administrators, including Service Administrator and Co-Administrators, also lose access.
+> When a subscription is associated with a different directory, users who have roles assigned using [Azure role-based access control](../../role-based-access-control/role-assignments-portal.md) lose their access. Classic subscription administrators, including Service Administrator and Co-Administrators, also lose access.
 >
 > Moving your Azure Kubernetes Service (AKS) cluster to a different subscription, or moving the cluster-owning subscription to a new tenant, causes the cluster to lose functionality due to lost role assignments and service principal's rights. For more information about AKS, see [Azure Kubernetes Service (AKS)](../../aks/index.yml).
 
 ## Before you begin
 
-Before you can associate or add your subscription, do the following tasks:
-
-- Review the following list of changes that will occur after you associate or add your subscription, and how you might be affected:
+Before you can associate or add your subscription, do the following steps:
 
-  - Users that have been assigned roles using Azure RBAC will lose their access.
-  - Service Administrator and Co-Administrators will lose access.
-  - If you have any key vaults, they'll be inaccessible, and you'll have to fix them after association.
-  - If you have any managed identities for resources such as Virtual Machines or Logic Apps, you must re-enable or recreate them after the association.
-  - If you have a registered Azure Stack, you'll have to re-register it after association.
-  - For more information, see [Transfer an Azure subscription to a different Azure AD directory](../../role-based-access-control/transfer-subscription.md).
+- Review the following list of changes that will occur after you associate or add your subscription, and how you might be affected:    
+    - Users that have been assigned roles using Azure RBAC will lose their access.
+    - Service Administrator and Co-Administrators will lose access.
+    - If you have any key vaults, they'll be inaccessible, and you'll have to fix them after association.
+    - If you have any managed identities for resources such as Virtual Machines or Logic Apps, you must re-enable or recreate them after the association.
+    - If you have a registered Azure Stack, you'll have to re-register it after association.
+  
+  For more information, see [Transfer an Azure subscription to a different Azure AD directory](../../role-based-access-control/transfer-subscription.md).
 
 - Sign in using an account that:
-
-  - Has an [Owner](../../role-based-access-control/built-in-roles.md#owner) role assignment for the subscription. For information about how to assign the Owner role, see [Assign Azure roles using the Azure portal](../../role-based-access-control/role-assignments-portal.md).
-  - Exists in both the current directory and in the new directory. The current directory is associated with the subscription. You'll associate the new directory with the subscription. For more information about getting access to another directory, see [Add Azure Active Directory B2B collaboration users in the Azure portal](../external-identities/add-users-administrator.md).
-
-- Make sure that you're not using an Azure Cloud Service Providers (CSP) subscription (MS-AZR-0145P, MS-AZR-0146P, MS-AZR-159P), a Microsoft Internal subscription (MS-AZR-0015P), or a Microsoft Azure for Students Starter subscription (MS-AZR-0144P).
+    - Has an [Owner](../../role-based-access-control/built-in-roles.md#owner) role assignment for the subscription. For information about how to assign the Owner role, see [Assign Azure roles using the Azure portal](../../role-based-access-control/role-assignments-portal.md).
+    - Exists in both the current directory and in the new directory. The current directory is associated with the subscription. You'll associate the new directory with the subscription. For more information about getting access to another directory, see [Add Azure Active Directory B2B collaboration users in the Azure portal](../external-identities/add-users-administrator.md).
+    - Make sure that you're not using an Azure Cloud Service Providers (CSP) subscription (MS-AZR-0145P, MS-AZR-0146P, MS-AZR-159P), a Microsoft Internal subscription (MS-AZR-0015P), or a Microsoft Azure for Students Starter subscription (MS-AZR-0144P).
 
 ## Associate a subscription to a directory<a name="to-associate-an-existing-subscription-to-your-azure-ad-directory"></a>
 
-To associate an existing subscription to your Azure AD directory, follow these steps:
+To associate an existing subscription with your Azure AD, follow these steps:
 
 1. Sign in and select the subscription you want to use from the [Subscriptions page in Azure portal](https://portal.azure.com/#blade/Microsoft_Azure_Billing/SubscriptionsBlade).
 
@@ -81,7 +75,7 @@ Changing the subscription directory is a service-level operation, so it doesn't
 
 ## Post-association steps
 
-After you associate a subscription to a different directory, you might need to do the following tasks to resume operations:
+After you associate a subscription with a different directory, you might need to do the following tasks to resume operations:
 
 - If you have any key vaults, you must change the key vault tenant ID. For more information, see [Change a key vault tenant ID after a subscription move](../../key-vault/general/move-subscription.md).
 

articles/active-directory/fundamentals/active-directory-how-to-find-tenant.md

@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: fundamentals
 ms.topic: how-to
-ms.date: 08/17/2022
+ms.date: 01/23/2023
 ms.author: barclayn
 ms.reviewer: jeffsta
 ms.custom: "it-pro, devx-track-azurepowershell"
@@ -18,7 +18,7 @@ ms.collection: M365-identity-device-management
 
 # How to find your Azure Active Directory tenant ID
 
-Azure subscriptions have a trust relationship with Azure Active Directory (Azure AD). Azure AD is trusted to authenticate users, services, and devices for the subscription. Each subscription has a tenant ID associated with it, and there are a few ways you can find the tenant ID for your subscription.
+Azure subscriptions have a trust relationship with Azure Active Directory (Azure AD). Azure AD is trusted to authenticate the subscription's users, services, and devices. Each subscription has a tenant ID associated with it, and there are a few ways you can find the tenant ID for your subscription.
 
 ## Find tenant ID through the Azure portal
 
@@ -28,7 +28,7 @@ Azure subscriptions have a trust relationship with Azure Active Directory (Azure
 
 1. Select **Properties**.
 
-1. Scroll down to the **Tenant ID** field. Your tenant ID will be in the box.
+1. Scroll down to the **Tenant ID** section and you can find your tenant ID in the box.
 
 :::image type="content" source="media/active-directory-how-to-find-tenant/portal-tenant-id.png" alt-text="Azure Active Directory - Properties - Tenant ID - Tenant ID field":::
 
@@ -41,13 +41,14 @@ Connect-AzAccount
 Get-AzTenant
 ```
 
-For more information, see this Azure PowerShell cmdlet reference for [Get-AzTenant](/powershell/module/az.accounts/get-aztenant).
+For more information, see the [Get-AzTenant](/powershell/module/az.accounts/get-aztenant) cmdlet reference.
 
 
 ## Find tenant ID with CLI
+
 The [Azure CLI](/cli/azure/install-azure-cli) or [Microsoft 365 CLI](https://pnp.github.io/cli-microsoft365/) can be used to find the tenant ID.
 
-For Azure CLI, use one of the commands **az login**, **az account list**, or **az account tenant list** as shown in the following example. Notice the **tenantId** property for each of your subscriptions in the output from each command.
+For Azure CLI, use one of the commands **az login**, **az account list**, or **az account tenant list**. All of command's included below return the **tenantId** property for each of your subscriptions.
 
 ```azurecli-interactive
 az login

articles/active-directory/fundamentals/active-directory-users-reset-password-azure-portal.md

@@ -11,7 +11,7 @@ ms.service: active-directory
 ms.subservice: fundamentals
 ms.workload: identity
 ms.topic: how-to
-ms.date: 08/17/2022
+ms.date: 01/23/2023
 ms.author: barclayn
 ms.reviewer: jeffsta
 ms.custom: "it-pro, seodec18"
@@ -20,15 +20,15 @@ ms.collection: M365-identity-device-management
 ---
 # Reset a user's password using Azure Active Directory
 
-As an administrator, you can reset a user's password if the password is forgotten, if the user gets locked out of a device, or if the user never received a password.
+Azure Active Directory (Azure AD) administrators can reset a user's password if the password is forgotten, if the user gets locked out of a device, or if the user never received a password.
 
 >[!Note]
 >Unless your Azure AD tenant is the home directory for a user, you won't be able reset their password. This means that if your user is signing in to your organization using an account from another organization, a Microsoft account, or a Google account, you won't be able to reset their password.
 >
 >If your user has a source of authority as Windows Server Active Directory, you'll only be able to reset the password if you've turned on password writeback and the user domain is managed. Changing the user password from Azure Active Directory for federated domains is not supported. In this case, you should change the user password in the on-premises Active Directory.<br><br>If your user has a source of authority as External Azure AD, you won't be able to reset the password. Only the user, or an administrator in External Azure AD, can reset the password.
 
 >[!Note]
->If you're not an administrator and are instead looking for instructions about how to reset your own work or school password, see [Reset your work or school password](https://support.microsoft.com/account-billing/reset-your-work-or-school-password-using-security-info-23dde81f-08bb-4776-ba72-e6b72b9dda9e).
+>If you're not an administrator and you need instructions on how to reset your own work or school password, see [Reset your work or school password](https://support.microsoft.com/account-billing/reset-your-work-or-school-password-using-security-info-23dde81f-08bb-4776-ba72-e6b72b9dda9e).
 
 ## To reset a password
 
@@ -51,7 +51,7 @@ As an administrator, you can reset a user's password if the password is forgotte
     >The temporary password never expires. The next time the user signs in, the password will still work, regardless how much time has passed since the temporary password was generated.
 
 > [!IMPORTANT]
-> If an administrator is unable to reset the user's password, and in the Application Event Logs on the Azure AD Connect server the following error code hr=80231367 is seen, review the user's attributes in Active Directory.  If the attribute **AdminCount** is set to 1, this will prevent an administrator from resetting the user's password.  The attribute **AdminCount** must be set to 0, in order for an administrators to reset the user's password.
+> If an administrator is unable to reset the user's password, and the Application Event Logs on the Azure AD Connect server has error code hr=80231367, review the user's attributes in Active Directory.  If the attribute **AdminCount** is set to 1, this will prevent an administrator from resetting the user's password.  The attribute **AdminCount** must be set to 0, in order for an administrators to reset the user's password.
 
 
 ## Next steps