Added link to set custom expiry duration

anraghun · anraghun · commit e32153a9b01f · 2022-07-11T13:18:40.000+05:30
diff --git a/articles/azure-arc/kubernetes/azure-rbac.md b/articles/azure-arc/kubernetes/azure-rbac.md
@@ -57,7 +57,7 @@ A conceptual overview of this feature is available in the [Azure RBAC on Azure A
     az ad app update --id "${SERVER_APP_ID}" --set groupMembershipClaims=All
     ```
 
-1. Create a service principal and get its `password` field value. This value is required later as `serverApplicationSecret` when you're enabling this feature on the cluster. Please note that this secret is valid for 1 year and will need to be [rotated after that](./azure-rbac.md#refresh-the-secret-of-the-server-application). 
+1. Create a service principal and get its `password` field value. This value is required later as `serverApplicationSecret` when you're enabling this feature on the cluster. Please note that this secret is valid for 1 year by default and will need to be [rotated after that](./azure-rbac.md#refresh-the-secret-of-the-server-application). Please refer to [this](/cli/azure/ad/sp/credential?view=azure-cli-latest&preserve-view=true#az-ad-sp-credential-reset) to set a custom expiry duration.
 
     ```azurecli
     az ad sp create --id "${SERVER_APP_ID}"
@@ -539,7 +539,7 @@ If the secret for the server application's service principal has expired, you wi
 SERVER_APP_SECRET=$(az ad sp credential reset --name "${SERVER_APP_ID}" --credential-description "ArcSecret" --query password -o tsv)
 ```
 
-Update the secret on the cluster.
+Update the secret on the cluster. Please add any optional parameters you configured when this command was originally run.
 ```azurecli
 az connectedk8s enable-features -n <clusterName> -g <resourceGroupName> --features azure-rbac --app-id "${SERVER_APP_ID}" --app-secret "${SERVER_APP_SECRET}"
 ```
diff --git a/articles/azure-arc/kubernetes/troubleshooting.md b/articles/azure-arc/kubernetes/troubleshooting.md
@@ -168,7 +168,7 @@ To resolve this issue, try the following steps.
    name: azure-identity-certificate
    ```
 
-   To resolve this issue, try deleting the Arc deployment by running the `az connectedk8s delete` command and reinstalling it. If the issue continues to happen, it could be an issue with your proxy settings. In that case, [try connecting your cluster to Azure Arc via a proxy](./quickstart-connect-cluster.md#connect-using-an-outbound-proxy-server) to connect your cluster to Arc via a proxy.
+   To resolve this issue, try deleting the Arc deployment by running the `az connectedk8s delete` command and reinstalling it. If the issue continues to happen, it could be an issue with your proxy settings. In that case, [try connecting your cluster to Azure Arc via a proxy](./quickstart-connect-cluster.md#connect-using-an-outbound-proxy-server) to connect your cluster to Arc via a proxy. Please also verify if all the [network prerequisites](quickstart-connect-cluster.md#meet-network-requirements) have been met.
 
 4. If the `clusterconnect-agent` and the `config-agent` pods are running, but the `kube-aad-proxy` pod is missing, check your pod security policies. This pod uses the `azure-arc-kube-aad-proxy-sa` service account, which doesn't have admin permissions but requires the permission to mount host path.
 
