Merge pull request #196841 from MicrosoftDocs/main

5/02 PM Publish

Author: huypub

.openpublishing.redirection.json

@@ -24204,7 +24204,22 @@
       "redirect_document_id": false
     },
     {
-      "source_path_from_root": "/articles/sql-database/sql-database-managed-instance-create-manage",
+       "source_path_from_root": "/articles/virtual-machines/windows/sql/virtual-machines-windows-portal-sql-availability-group-tutorial.md",
+       "redirect_url": "/azure/azure-sql/virtual-machines/windows/availability-group-manually-configure-tutorial-multi-subnet",
+       "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/virtual-machines/windows/sql/virtual-machines-windows-sql-server-iaas-overview.md",
+      "redirect_url": "/azure/azure-sql/virtual-machines/windows/sql-server-on-azure-vm-iaas-what-is-overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/sql-database/index.md",
+      "redirect_url": "/azure/azure-sql/database/index",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/sql-database/sql-database-managed-instance-create-manage.md",
       "redirect_url": "/azure/azure-sql/managed-instance/instance-create-quickstart",
       "redirect_document_id": false
     },          

articles/active-directory/enterprise-users/licensing-service-plan-reference.md

@@ -1,7 +1,7 @@
 ---
 title: "What's new in Azure Active Directory External Identities"
 description: "New and updated documentation for the Azure Active Directory External Identities."
-ms.date: 03/31/2022
+ms.date: 05/02/2022
 ms.service: active-directory
 ms.subservice: B2B
 ms.topic: reference
@@ -15,6 +15,22 @@ manager: CelesteDG
 
 Welcome to what's new in Azure Active Directory External Identities documentation. This article lists new docs that have been added and those that have had significant updates in the last three months. To learn what's new with the External Identities service, see [What's new in Azure Active Directory](../fundamentals/whats-new.md).
 
+## April 2022
+
+### Updated articles
+
+- [Email one-time passcode authentication](one-time-passcode.md)
+- [Configure external collaboration settings](external-collaboration-settings-configure.md)
+- [Add a self-service sign-up user flow to an app](self-service-sign-up-user-flow.md)
+- [B2B direct connect overview (Preview)](b2b-direct-connect-overview.md)
+- [Azure Active Directory B2B collaboration invitation redemption](redemption-experience.md)
+- [Federation with SAML/WS-Fed identity providers for guest users (preview)](direct-federation.md)
+- [Azure Active Directory External Identities: What's new](whats-new-docs.md)
+- [Azure Active Directory B2B best practices](b2b-fundamentals.md)
+- [Troubleshooting Azure Active Directory B2B collaboration](troubleshoot.md)
+- [Properties of an Azure Active Directory B2B collaboration user](user-properties.md)
+- [B2B collaboration overview](what-is-b2b.md)
+
 ## March 2022
 
 ### New articles
@@ -61,10 +77,3 @@ Welcome to what's new in Azure Active Directory External Identities documentatio
 - [Troubleshooting Azure Active Directory B2B collaboration](troubleshoot.md)
 - [Properties of an Azure Active Directory B2B collaboration user](user-properties.md)
 - [Authentication and Conditional Access for External Identities](authentication-conditional-access.md)
-
-## January 2022
-
-### Updated articles
-
-- [Properties of an Azure Active Directory B2B collaboration user](user-properties.md)
-- [Azure Active Directory B2B collaboration invitation redemption](redemption-experience.md)

articles/active-directory/external-identities/media/b2b-direct-connect-overview/b2b-direct-connect-example.png

@@ -63,17 +63,18 @@ For more information, see [License requirements](access-reviews-overview.md#lice
 
    ![Screenshot that shows the interface that appears if you selected applications instead of groups.](./media/create-access-review/select-application-detailed.png)
 
-   > [!NOTE]
-   > Selecting multiple groups or applications results in the creation of multiple access reviews. For example, if you select five groups to review, the result is five separate access reviews.
-
-1. Now you can select a scope for the review. Your options are:
+> [!NOTE]
+> Selecting multiple groups or applications results in the creation of multiple access reviews. For example, if you select five groups to review, the result is five separate access reviews.
 
+7. Now you can select a scope for the review. Your options are:
     - **Guest users only**: This option limits the access review to only the Azure AD B2B guest users in your directory.
     - **Everyone**: This option scopes the access review to all user objects associated with the resource.
 
     > [!NOTE]  
     > If you selected **All Microsoft 365 groups with guest users**, your only option is to review **Guest users only**.
 
+1. Or if you are conducting group membership review, you can create access reviews only for inactive users in the group (preview). In the *Users scope* section, check the box next to **Inactive users (on tenant level)**. If you check the box, the scope of the review will focus on inactive users only. Then, specify **Days inactive**  with a number of days inactive up to 730 days (two years). Users in the group inactive for the specified number of days will be the only users in the review.
+
 1. Select **Next: Reviews**.
 
 ### Next: Reviews
@@ -213,9 +214,9 @@ B2B direct connect users and teams are included in access reviews of the Teams-e
 - User administrator 
 - Identity Governance Administrator
 
-Ue the following instructions to create an access review on a team with shared channels:
+Use the following instructions to create an access review on a team with shared channels:
 
-1. Sign in to the Azure Portal as a Global Admin, User Admin or Identity Governance Admin.
+1. Sign in to the Azure portal as a Global Admin, User Admin or Identity Governance Admin.
 
 1. Open the [Identity Governance](https://portal.azure.com/#blade/Microsoft_AAD_ERM/DashboardBlade/) page.
 

articles/active-directory/external-identities/media/b2b-direct-connect-overview/b2b-direct-connect-overview.png

@@ -2,14 +2,14 @@
 title: 'Migrate application authentication to Azure Active Directory'
 description: This whitepaper details the planning for and benefits of migrating your application authentication to Azure AD.
 services: active-directory
-author: omondiatieno
+author: CelesteDG
 manager: CelesteDG
 ms.service: active-directory
 ms.subservice: app-mgmt
 ms.topic: how-to
 ms.workload: identity
 ms.date: 02/05/2021
-ms.author: jamondi
+ms.author: celested
 ms.reviewer: alamaral
 ms.collection: M365-identity-device-management
 ---

articles/active-directory/external-identities/whats-new-docs.md

@@ -166,44 +166,44 @@
         href: secure-hybrid-access-integrations.md
       - name: Datawiza
         href: datawiza-with-azure-ad.md 
-    - name: F5
-      items:
-      - name: Deploy F5 BIG-IP in Azure
-        href: f5-bigip-deployment-guide.md
-      - name: F5 BIG-IP and Azure AD integration
+      - name: F5
         items:
-        - name: Integrate F5 BIG-IP with Azure AD
-          href: f5-aad-integration.md
-        - name: Easy Button guided configuration
-          items:
-          - name: Kerberos
-            href: f5-big-ip-kerberos-easy-button.md
-          - name: Headers
-            href: f5-big-ip-headers-easy-button.md
-          - name: Headers and LDAP
-            href: f5-big-ip-ldap-header-easybutton.md
-          - name: Oracle EBS
-            href: f5-big-ip-oracle-enterprise-business-suite-easy-button.md
-          - name: Oracle JDE
-            href: f5-big-ip-oracle-jde-easy-button.md
-          - name: Oracle PeopleSoft
-            href: f5-big-ip-oracle-peoplesoft-easy-button.md
-          - name: SAP ERP
-            href: f5-big-ip-sap-erp-easy-button.md
-        - name: Advanced configuration
+        - name: Deploy F5 BIG-IP in Azure
+          href: f5-bigip-deployment-guide.md
+        - name: F5 BIG-IP and Azure AD integration
           items:
-            - name: Headers
-              href: f5-big-ip-header-advanced.md
+          - name: Integrate F5 BIG-IP with Azure AD
+            href: f5-aad-integration.md
+          - name: Easy Button guided configuration
+            items:
             - name: Kerberos
-              href: f5-big-ip-kerberos-advanced.md
-            - name: Form-based
-              href: f5-big-ip-forms-advanced.md 
-            - name: SSL-VPN
-              href: f5-aad-password-less-vpn.md  
-            - name: B2C
-              href: ../../active-directory-b2c/partner-f5.md
-    - name: Silverfort
-      href: silverfort-azure-ad-integration.md
+              href: f5-big-ip-kerberos-easy-button.md
+            - name: Headers
+              href: f5-big-ip-headers-easy-button.md
+            - name: Headers and LDAP
+              href: f5-big-ip-ldap-header-easybutton.md
+            - name: Oracle EBS
+              href: f5-big-ip-oracle-enterprise-business-suite-easy-button.md
+            - name: Oracle JDE
+              href: f5-big-ip-oracle-jde-easy-button.md
+            - name: Oracle PeopleSoft
+              href: f5-big-ip-oracle-peoplesoft-easy-button.md
+            - name: SAP ERP
+              href: f5-big-ip-sap-erp-easy-button.md
+          - name: Advanced configuration
+            items:
+              - name: Headers
+                href: f5-big-ip-header-advanced.md
+              - name: Kerberos
+                href: f5-big-ip-kerberos-advanced.md
+              - name: Form-based
+                href: f5-big-ip-forms-advanced.md 
+              - name: SSL-VPN
+                href: f5-aad-password-less-vpn.md  
+              - name: B2C
+                href: ../../active-directory-b2c/partner-f5.md
+      - name: Silverfort
+        href: silverfort-azure-ad-integration.md
     - name: Single sign-on
       items:
       - name: Linked

articles/active-directory/governance/create-access-review.md

@@ -63,18 +63,20 @@ The need for access to privileged Azure resource and Azure AD roles by employees
 
     :::image type="content" source="./media/pim-create-azure-ad-roles-and-resource-roles-review/users.png" alt-text="Users scope to review role membership of screenshot.":::
 
-11. Under **Review role membership**, select the privileged Azure resource or Azure AD roles to review.
+11. Or, you can create access reviews only for inactive users (preview). In the *Users scope* section, set the **Inactive users (on tenant level) only** to **true**. If the toggle is set to *true*, the scope of the review will focus on inactive users only. Then, specify **Days inactive**  with a number of days inactive up to 730 days (two years). Users inactive for the specified number of days will be the only users in the review.
+ 
+12. Under **Review role membership**, select the privileged Azure resource or Azure AD roles to review.
 
     > [!NOTE]
     > Selecting more than one role will create multiple access reviews. For example, selecting five roles will create five separate access reviews.
 
     :::image type="content" source="./media/pim-create-azure-ad-roles-and-resource-roles-review/review-role-membership.png" alt-text="Review role memberships screenshot.":::
 
-12. In **assignment type**, scope the review by how the principal was assigned to the role. Choose **eligible assignments only** to review eligible assignments (regardless of activation status when the review is created) or **active assignments only** to review active assignments. Choose **all active and eligible assignments** to review all assignments regardless of type.
+13. In **assignment type**, scope the review by how the principal was assigned to the role. Choose **eligible assignments only** to review eligible assignments (regardless of activation status when the review is created) or **active assignments only** to review active assignments. Choose **all active and eligible assignments** to review all assignments regardless of type.
 
     :::image type="content" source="./media/pim-create-azure-ad-roles-and-resource-roles-review/assignment-type-select.png" alt-text="Reviewers list of assignment types screenshot.":::
 
-13. In the **Reviewers** section, select one or more people to review all the users. Or you can select to have the members review their own access.
+14. In the **Reviewers** section, select one or more people to review all the users. Or you can select to have the members review their own access.
 
     :::image type="content" source="./media/pim-create-azure-ad-roles-and-resource-roles-review/reviewers.png" alt-text="Reviewers list of selected users or members (self)":::
 

articles/active-directory/manage-apps/migrate-application-authentication-to-azure-active-directory.md

@@ -13,7 +13,7 @@ ms.topic: conceptual
 ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: report-monitor
-ms.date: 12/17/2021
+ms.date: 05/02/2022
 ms.author: markvi
 ms.reviewer: besiler
 
@@ -154,9 +154,7 @@ Customizing the view enables you to display additional fields or remove fields t
 ![All interactive columns](./media/concept-all-sign-ins/all-interactive-columns.png)
 
 
-Select an item in the list view to get more detailed information about the related sign-in.
 
-![Sign-in activity](./media/concept-all-sign-ins/interactive-user-sign-in-details.png "Interactive user sign-ins")
 
 
 
@@ -207,14 +205,6 @@ To make it easier to digest the data, non-interactive sign-in events are grouped
 - Resource ID
 
 
-You can:
-
-- Expand a node to see the individual items of a group.  
-
-- Click an individual item to see all details 
-
-
-![Non-interactive user sign-in details](./media/concept-all-sign-ins/non-interactive-sign-ins-details.png)
 
 
 
@@ -267,14 +257,6 @@ To make it easier to digest the data in the service principal sign-in logs, serv
 
 - Resource name or ID
 
-You can:
-
-- Expand a node to see the individual items of a group.  
-
-- Click an individual item so see all details 
-
-
-![Column details](./media/concept-all-sign-ins/service-principals-sign-ins-view.png "Column details")
 
 
 
@@ -388,73 +370,11 @@ To access the new sign-in logs with non-interactive and application sign-ins:
 
 
 
-## Download sign-in activity logs
-
-When you download a sign-in activity report, the following is true:
-
-- You can download the sign-in report as CSV or JSON file.
-
-- You can download up to 100-K records. If you want to download more data, use the reporting API.
-
-- Your download is based on the filter selection you made.
-
-- The number of records you can download is constrained by the [Azure Active Directory report retention policies](reference-reports-data-retention.md). 
-
-
-![Download logs](./media/concept-all-sign-ins/download-reports.png "Download logs")
-
-
-Each CSV download consists of six different files:
-
-- Interactive sign-ins
-
-- Auth details of the interactive sign-ins
-
-- Non-interactive sign-ins
 
-- Auth details of the non-interactive sign-ins
-
-- Service principal sign-ins
-
-- Managed identity for Azure resources sign-ins
-
-Each JSON download consists of four different files:
-
-- Interactive sign-ins (includes auth details)
-
-- Non-interactive sign-ins (includes auth details)
-
-- Service principal sign-ins
-
-- Managed identity for Azure resources sign-ins
-
-![Download files](./media/concept-all-sign-ins/download-files.png "Download files")
-
-
-## Return log data with Microsoft Graph
-
-In addition to using the Azure portal, you can query sign-in logs using the Microsoft Graph API to return different types of sign-in information. To avoid potential performance issues, scope your query to just the data you care about. 
-
-The following example scopes the query by the number records, by a specific time period, and by type of sign-in event:
-
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/auditLogs/signIns?$top=100&$filter=createdDateTime ge 2020-09-10T06:00:00Z and createdDateTime le 2020-09-17T06:00:00Z and signInEventTypes/any(t: t eq 'nonInteractiveUser')
-```
-
-The query parameters in the example provide the following results:
-
-- The [$top](/graph/query-parameters#top-parameter) parameter returns the top 100 results.
-- The [$filter](/graph/query-parameters#filter-parameter) parameter limits the time frame for results to return and uses the signInEventTypes property to return only non-interactive user sign-ins.
-
-The following values are available for filtering by different sign-in types: 
+## Next steps
 
-- interactiveUser
-- nonInteractiveUser
-- servicePrincipal 
-- managedIdentity
+- [Basic info in the Azure AD sign-in logs](reference-basic-info-sign-in-logs.md)
 
-## Next steps
+- [How to download logs in Azure Active Directory](howto-download-logs.md)
 
-* [Sign-in activity report error codes](./concept-sign-ins.md)
-* [Azure AD data retention policies](reference-reports-data-retention.md)
-* [Azure AD report latencies](reference-reports-latencies.md)
+- [How to access activity logs in Azure AD](howto-access-activity-logs.md)