Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into ps-ps

Author: halkazwini

.openpublishing.redirection.active-directory.json

@@ -4371,6 +4371,11 @@
       "redirect_url": "/azure/active-directory/reports-monitoring/reports-faq",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/active-directory/reports-monitoring/workbook-legacy authentication.md",
+      "redirect_url": "/azure/active-directory/reports-monitoring/workbook-legacy-authentication",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/active-directory/reports-monitoring/troubleshoot-missing-audit-data.md",
       "redirect_url": "/azure/active-directory/reports-monitoring/reports-faq",

.openpublishing.redirection.azure-monitor.json

@@ -5626,6 +5626,21 @@
             "source_path_from_root": "/articles/azure-monitor/vm/vminsights-health-troubleshoot.md",
             "redirect_url": "/azure/azure-monitor/vm/vminsights-overview",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/vm/monitor-virtual-machine-configure.md",
+            "redirect_url": "/azure/azure-monitor/vm/monitor-virtual-machine-data-collection",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/vm/monitor-virtual-machine-security.md",
+            "redirect_url": "/azure/azure-monitor/vm/monitor-virtual-machine#security-monitoring",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/vm/monitor-virtual-machine-workloads.md",
+            "redirect_url": "/azure/azure-monitor/vm/monitor-virtual-machine-data-collection",
+            "redirect_document_id": false
         }
     ]
 }

.openpublishing.redirection.healthcare-apis.json

@@ -610,11 +610,15 @@
         "redirect_document_id": false
     },
     {   "source_path_from_root": "/articles/healthcare-apis/iot/iot-troubleshoot-error-messages-and-conditions.md",
-        "redirect_url": "/azure/healthcare-apis/iot/troubleshoot-error-messages-and-conditions",
+        "redirect_url": "/azure/healthcare-apis/iot/troubleshoot-errors",
+        "redirect_document_id": false
+    },
+    {   "source_path_from_root": "/articles/healthcare-apis/iot/troubleshoot-error-messages-and-conditions.md",
+        "redirect_url": "/azure/healthcare-apis/iot/troubleshoot-errors",
         "redirect_document_id": false
     },
     {   "source_path_from_root": "/articles/healthcare-apis/iot/iot-troubleshoot-mappings.md",
-        "redirect_url": "/azure/healthcare-apis/iot/troubleshoot-mappings",
+        "redirect_url": "/azure/healthcare-apis/iot/troubleshoot-errors",
         "redirect_document_id": false
     },
     {   "source_path_from_root": "/articles/healthcare-apis/iot/iot-connector-faqs.md",
@@ -637,6 +641,10 @@
         "redirect_url": "/azure/healthcare-apis/iot/deploy-new-arm",
         "redirect_document_id": false
     },
+    {   "source_path_from_root": "/articles/healthcare-apis/iot/troubleshoot-mappings.md",
+        "redirect_url": "/azure/healthcare-apis/iot/troubleshoot-errors",
+        "redirect_document_id": false
+    },
     {   "source_path_from_root": "/articles/healthcare-apis/events/events-display-metrics.md",
         "redirect_url": "/azure/healthcare-apis/events/events-use-metrics",
         "redirect_document_id": false

articles/active-directory/authentication/howto-authentication-methods-activity.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 07/13/2021
+ms.date: 01/12/2023
 
 ms.author: justinha
 author: sopand
@@ -112,7 +112,7 @@ The registration details report shows the following information for each user:
 - SSPR Registered (Registered, Not Registered)
 - SSPR Enabled (Enabled, Not Enabled)
 - SSPR Capable (Capable, Not Capable) 
-- Methods registered (Email, Mobile Phone, Alternative Mobile Phone, Office Phone, Microsoft Authenticator Push, Software One Time Passcode, FIDO2, Security Key, Security questions)
+- Methods registered (Email, Mobile Phone, Alternative Mobile Phone, Office Phone, Microsoft Authenticator Push, Software One Time Passcode, FIDO2, Security Key, Security questions, Hardware OATH token)
 
   ![Screenshot of user registration details](media/how-to-authentication-methods-usage-insights/registration-details.png)
 
@@ -133,7 +133,7 @@ The registration details report shows the following information for each user:
 ## Limitations
 
 - The data in the report is not updated in real-time and may reflect a latency of up to a few hours.
-- The **PhoneAppNotification** or **PhoneAppOTP** methods that a user might have configured are not displayed in the dashboard. 
+- The **PhoneAppNotification** or **PhoneAppOTP** methods that a user might have configured are not displayed in the dashboard on **Azure AD Authentication methods - Policies**. 
 
 ## Next steps
 

articles/active-directory/develop/howto-configure-publisher-domain.md

@@ -116,7 +116,7 @@ You're not required to maintain the resources that are used for verification aft
 If your tenant has verified domains, in the **Select a verified domain** dropdown, select one of the domains.
 
 > [!NOTE]
-> The expected `Content-Type` header that should return is `application/json`. If you use any other header, like `application/json; charset=utf-8`, you might see this error message:
+> Content will be interpreted as UTF-8 JSON for deserialization. Supported `Content-Type` headers that should return are `application/json`, `application/json; charset=utf-8`, or ` `. If you use any other header, you might see this error message:
 >
 > `Verification of publisher domain failed. Error getting JSON file from https:///.well-known/microsoft-identity-association. The server returned an unexpected content type header value.`
 >

articles/active-directory/hybrid/how-to-connect-group-writeback-enable.md

@@ -29,6 +29,10 @@ Group writeback requires enabling both the original and new versions of the feat
 >
 >The enhanced group writeback feature is enabled on the tenant and not per Azure AD Connect client instance. Please be sure that all Azure AD Connect client instances are updated to a minimal build version of 1.6.4.0 or later.
 
+> [!NOTE]
+> If you don't want to writeback all existing Microsoft 365 groups to Active Directory, you need to make changes to group writeback default behaviour before performing the steps in this article to enable the feature. See [Modify Azure AD Connect group writeback default behavior](how-to-connect-modify-group-writeback.md).
+> Also the new and original versions of the feature need to be enabled in the order documented. If the original feature is enabled first, all existing Microsoft 365 groups will be written back to Active Directory.
+
 ### Enable group writeback by using PowerShell 
 
 1. On your Azure AD Connect server, open a PowerShell prompt as an administrator. 

articles/active-directory/hybrid/how-to-connect-group-writeback-v2.md

@@ -118,7 +118,10 @@ You can modify the default behavior as follows:
 - Microsoft 365 groups with up to 250,000 members can be written back to on-premises. 
 
 If you plan to make changes to the default behavior, we recommend that you do so before you enable group writeback. However, you can still modify the default behavior if group writeback is already enabled. For more information, see [Modify Azure AD Connect group writeback default behavior](how-to-connect-modify-group-writeback.md). 
- 
+
+> [!NOTE]
+> You need to make these changes before enabling group writeback; otherwise, all existing Microsoft 365 groups will be automatically written back to Active Directory. Also, the new and original versions of the feature need to be enabled in the order documented. If the original feature is enabled first, all existing Microsoft 365 groups will be written back to Active Directory.
+
 ## Understand limitations of public preview  
 
 Although this release has undergone extensive testing, you might still encounter issues. One of the goals of this public preview release is to find and fix any issues before the feature moves to general availability. Please also note that any public preview functionality can still receive breaking changes which may require you to make changes to you configuration to continue using this feature. We may also decide to change or remove certain functionality without prior notice.
@@ -143,4 +146,4 @@ These limitations and known issues are specific to group writeback:
 
 - [Modify Azure AD Connect group writeback default behavior](how-to-connect-modify-group-writeback.md) 
 - [Enable Azure AD Connect group writeback](how-to-connect-group-writeback-enable.md)
-- [Disable Azure AD Connect group writeback](how-to-connect-group-writeback-disable.md)
+- [Disable Azure AD Connect group writeback](how-to-connect-group-writeback-disable.md)

articles/active-directory/reports-monitoring/concept-activity-logs-azure-monitor.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.topic: conceptual
 ms.workload: identity
 ms.subservice: report-monitor
-ms.date: 12/02/2022
+ms.date: 01/12/2023
 ms.author: sarahlipsey
 ms.reviewer: besiler
 ms.collection: M365-identity-device-management
@@ -57,11 +57,12 @@ Once you have your endpoint established, go to **Azure AD** and then **Diagnosti
 
 If you already have an Azure AD license, you need an Azure subscription to set up the storage account and Event Hubs. The Azure subscription comes at no cost, but you have to pay to utilize Azure resources, including the storage account that you use for archival and the Event Hubs that you use for streaming. The amount of data and, thus, the cost incurred, can vary significantly depending on the tenant size. 
 
+Azure Monitor provides the option to exclude whole events, fields, or parts of fields when ingesting logs from Azure AD. Learn more about this cost saving feature in [Data collection transformation in Azure Monitor](../../azure-monitor/essentials/data-collection-transformations.md).
+
 ### Storage size for activity logs
 
 Every audit log event uses about 2 KB of data storage. Sign in event logs are about 4 KB of data storage. For a tenant with 100,000 users, which would incur about 1.5 million events per day, you would need about 3 GB of data storage per day. Because writes occur in approximately five-minute batches, you can anticipate approximately 9,000 write operations per month. 
 
-
 The following table contains a cost estimate of, depending on the size of the tenant, a general-purpose v2 storage account in West US for at least one year of retention. To create a more accurate estimate for the data volume that you anticipate for your application, use the [Azure storage pricing calculator](https://azure.microsoft.com/pricing/details/storage/blobs/).
 
 
@@ -75,9 +76,6 @@ The following table contains a cost estimate of, depending on the size of the te
 
 If you want to know for how long the activity data is stored in a Premium tenant, see: [How long does Azure AD store the data?](reference-reports-data-retention.md#how-long-does-azure-ad-store-the-data)
 
-
-
-
 ### Event Hubs messages for activity logs
 
 Events are batched into approximately five-minute intervals and sent as a single message that contains all the events within that timeframe. A message in the Event Hubs has a maximum size of 256 KB. If the total size of all the messages within the timeframe exceeds that volume, multiple messages are sent. 

articles/active-directory/reports-monitoring/concept-all-sign-ins.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.topic: conceptual
 ms.workload: identity
 ms.subservice: report-monitor
-ms.date: 01/05/2023
+ms.date: 01/12/2023
 ms.author: sarahlipsey
 ms.reviewer: besiler
 ms.collection: M365-identity-device-management
@@ -262,6 +262,7 @@ When analyzing authentication details, take note of the following details:
 - The **Authentication details** tab can initially show incomplete or inaccurate data until log information is fully aggregated. Known examples include: 
     - A **satisfied by claim in the token** message is incorrectly displayed when sign-in events are initially logged. 
     - The **Primary authentication** row isn't initially logged. 
+- If you're unsure of a detail in the logs, gather the **Request ID** and **Correlation ID** to use for further analyzing or troubleshooting.
 
 ## Sign-in data used by other services
 

articles/active-directory/reports-monitoring/concept-sign-ins.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.topic: conceptual
 ms.workload: identity
 ms.subservice: report-monitor
-ms.date: 11/04/2022
+ms.date: 01/12/2023
 ms.author: sarahlipsey
 ms.reviewer: besiler
 ms.collection: M365-identity-device-management
@@ -156,7 +156,8 @@ When analyzing authentication details, take note of the following details:
 - **OATH verification code** is logged as the authentication method for both OATH hardware and software tokens (such as the Microsoft Authenticator app).
 - The **Authentication details** tab can initially show incomplete or inaccurate data until log information is fully aggregated. Known examples include: 
     - A **satisfied by claim in the token** message is incorrectly displayed when sign-in events are initially logged. 
-    - The **Primary authentication** row isn't initially logged. 
+    - The **Primary authentication** row isn't initially logged.
+- If you're unsure of a detail in the logs, gather the **Request ID** and **Correlation ID** to use for further analyzing or troubleshooting.
 
 ## Sign-in data used by other services