Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into afdcustomdomain

duongau · duongau · commit e352d4c36d4b · 2023-04-04T13:32:02.000-07:00
diff --git a/articles/active-directory/enterprise-users/clean-up-unmanaged-azure-ad-accounts.md b/articles/active-directory/enterprise-users/clean-up-unmanaged-azure-ad-accounts.md
@@ -1,11 +1,11 @@
 ---
-title: Clean up unmanaged Azure AD accounts
-description: Clean up unmanaged accounts using email OTP and PowerShell modules in Azure Active Directory
+title: Clean up unmanaged Azure Active Directory accounts
+description: Clean up unmanaged accounts using email one-time password and PowerShell modules in Azure AD
 services: active-directory 
 author: gargi-sinha
 ms.author: gasinh
 manager: martinco
-ms.date: 06/28/2022
+ms.date: 03/28/2023
 ms.topic: how-to
 ms.service: active-directory
 ms.subservice: enterprise-users
@@ -16,68 +16,65 @@ ms.collection: M365-identity-device-management
 
 # Clean up unmanaged Azure Active Directory accounts
 
-Prior to August 2022, Azure AD B2B supported Self-service sign-up for email-verified users which allowed users to create Azure AD accounts if they can verify ownership of the email. These accounts were created in unmanaged (aka “viral”) tenants. This meant that the user created an account with an organization’s domain that is not under the lifecycle management of the organization’s IT and access can persist after the user leaves the organization. To learn more, see, [What is self-service sign-up for Azure Active Directory?](./directory-self-service-signup.md)
+Prior to August 2022, Azure Active Directory B2B (Azure AD B2B) supported self-service sign-up for email-verified users. With this feature, users create Azure AD accounts, when they verify email ownership. These accounts were created in unmanaged (or viral) tenants: users created accounts with an organization domain, not under IT team management. Access persists after users leave the organization. 
 
-The creation of unmanaged Azure AD accounts via Azure AD B2B is now deprecated and new B2B invitations cannot be redeemed with these accounts as of August 2022. However, invitations sent prior to August 2022 could have been redeemed with unmanaged Azure AD accounts. 
+To learn more, see, [What is self-service sign-up for Azure AD?](./directory-self-service-signup.md)
+
+   > [!NOTE]
+   > Unmanaged Azure AD accounts via Azure AD B2B were deprecated. As of August 2022, new B2B invitations can't be redeemed. However, invitations prior to August 2022 were redeemable with unmanaged Azure AD accounts. 
 
 ## Remove unmanaged Azure AD accounts
 
-Admins can use either this sample application in [Azure-samples/Remove-unmanaged-guests](https://github.com/Azure-Samples/Remove-Unmanaged-Guests) or PowerShell cmdlets in [AzureAD/MSIdentityTools](https://github.com/AzureAD/MSIdentityTools/wiki/) to remove existing unmanaged Azure AD accounts from your Azure AD tenants. These tools allow you to identify viral users in your Azure AD tenant and reset the redemption status of these users.  
+Use the following guidance to remove unmanaged Azure AD accounts from Azure AD tenants. Tool features help identify viral users in the Azure AD tenant. You can reset the user redemption status.
+
+* Use the sample application in [Azure-samples/Remove-unmanaged-guests](https://github.com/Azure-Samples/Remove-Unmanaged-Guests)
+* Use PowerShell cmdlets in [AzureAD/MSIdentityTools](https://github.com/AzureAD/MSIdentityTools/wiki/)  
 
-Once you have run one of the available tools, when users with unmanaged Azure AD accounts try to access your tenant, they will re-redeem their invitations. However, Azure AD will prevent users from redeeming with an existing unmanaged Azure AD account and they’ll redeem with another account type. Google Federation and SAML/WS-Fed are not enabled by default. So by default, these users will redeem with either an MSA or Email OTP, with MSA taking precedence. For a full explanation on the B2B redemption precedence, refer to the [redemption precedence flow chart](../external-identities/redemption-experience.md#invitation-redemption-flow).
+After you run a tool, users with unmanaged Azure AD accounts access the tenant, and re-redeem their invitations. However, Azure AD prevents users from redeeming with an unmanaged Azure AD account. They can redeem with another account type. Google Federation and SAML/WS-Federation aren't enabled by default. Therefore, users redeem with a Microsoft account (MSA) or email one-time password (OTP). MSA is recommended. 
+
+Learn more: [Invitation redemption flow](../external-identities/redemption-experience.md#invitation-redemption-flow)
 
 ## Overtaken tenants and domains
 
-Some tenants created as unmanaged tenants can be taken over and
-converted to a managed tenant. See, [take over an unmanaged directory as
-administrator in Azure AD](./domains-admin-takeover.md).
+It's possible to convert some unmanaged tenants to managed tenants. 
 
-In some cases, overtaken domains might not be updated, for example, missing a DNS TXT record and therefore become flagged as unmanaged. Implications are:
+Learn more: [Take over an unmanaged directory as administrator in Azure AD](./domains-admin-takeover.md)
 
-- For guest users who belong to formerly unmanaged tenants, redemption status is reset and one consent prompt appears. Redemption occurs with same account as before.
+Some overtaken domains might not be updated. For example, a missing DNS TXT record indicates an unmanaged state. Implications are:
 
-- After unmanaged user redemption status is reset, the tool might identify unmanaged users that are false positives.
+* For guest users from unmanaged tenants, redemption status is reset. A consent prompt appears. 
+  * Redemption occurs with same account
+* The tool might identify unmanaged users as false positives after you reset unmanaged user redemption status
 
-## Reset redemption using a sample application
+## Reset redemption with a sample application
 
-Use the sample application on
-    [Azure-Samples/Remove-Unmanaged-Guests](https://github.com/Azure-Samples/Remove-Unmanaged-Guests).
+Use the sample application on [Azure-Samples/Remove-Unmanaged-Guests](https://github.com/Azure-Samples/Remove-Unmanaged-Guests).
 
 ## Reset redemption using MSIdentityTools PowerShell Module
 
-MSIdentityTools PowerShell Module is a collection of cmdlets and
-scripts. They are for use in the Microsoft identity platform and Azure
-AD; they augment capabilities in the PowerShell SDK. See, [Microsoft
-Graph PowerShell
-SDK](https://github.com/microsoftgraph/msgraph-sdk-powershell).
+MSIdentityTools PowerShell Module is a collection of cmdlets and scripts, which you use in the Microsoft identity platform and Azure AD. Use the cmdlets and scripts to augment PowerShell SDK capabilities. See, [microsoftgraph/msgraph-sdk-powershell](https://github.com/microsoftgraph/msgraph-sdk-powershell).
 
 Run the following cmdlets:
 
-- `Install-Module Microsoft.Graph -Scope CurrentUser`
-
-- `Install-Module MSIdentityTools`
-
-- `Import-Module msidentitytools,microsoft.graph`
+* `Install-Module Microsoft.Graph -Scope CurrentUser`
+* `Install-Module MSIdentityTools`
+* `Import-Module msidentitytools,microsoft.graph`
 
 To identify unmanaged Azure AD accounts, run:
 
-- `Connect-MgGraph -Scope User.ReadAll`
-
-- `Get-MsIdUnmanagedExternalUser`
+* `Connect-MgGraph -Scope User.ReadAll`
+* `Get-MsIdUnmanagedExternalUser`
 
 To reset unmanaged Azure AD account redemption status, run:
 
-- `Connect-MgGraph -Scopes User.ReadWriteAll`
-
-- `Get-MsIdUnmanagedExternalUser | Reset-MsIdExternalUser`
+* `Connect-MgGraph -Scopes User.ReadWriteAll`
+* `Get-MsIdUnmanagedExternalUser | Reset-MsIdExternalUser`
 
 To delete unmanaged Azure AD accounts, run:
 
-- `Connect-MgGraph -Scopes User.ReadWriteAll`
-
-- `Get-MsIdUnmanagedExternalUser | Remove-MgUser`
+* `Connect-MgGraph -Scopes User.ReadWriteAll`
+* `Get-MsIdUnmanagedExternalUser | Remove-MgUser`
 
-## Next steps
+## Resources
 
-Examples of using
-[Get-MSIdUnmanagedExternalUser](https://github.com/AzureAD/MSIdentityTools/wiki/Get-MsIdUnmanagedExternalUser)
+See, [Get-MSIdUnmanagedExternalUser](https://github.com/AzureAD/MSIdentityTools/wiki/Get-MsIdUnmanagedExternalUser). The tool returns a list of external unmanaged users, or viral users, in the tenant.
diff --git a/articles/cosmos-db/nosql/troubleshoot-request-rate-too-large.md b/articles/cosmos-db/nosql/troubleshoot-request-rate-too-large.md
@@ -54,6 +54,9 @@ By default, the Azure Cosmos DB client SDKs and data import tools suc
 #### Recommended solution
 In general, for a production workload, **if you see between 1-5% of requests with 429 responses, and your end to end latency is acceptable, this is a healthy sign that the RU/s are being fully utilized**. No action is required. Otherwise, move to the next troubleshooting steps.
 
+> [!IMPORTANT]
+> This 1-5% range is assuming that your account partitions are evenly distributed. If your partitions are not evenly distributed, your problem partition may return a large amount of 429 errors while the overall rate may be low.
+
 If you're using autoscale, it's possible to see 429 responses on your database or container, even if the RU/s wasn't scaled to the maximum RU/s. See the section [Request rate is large with autoscale](#request-rate-is-large-with-autoscale) for an explanation.
 
 One common question that arises is, **"Why am I seeing 429 responses in the Azure Monitor metrics, but none in my own application monitoring?"** If Azure Monitor Metrics show you have 429 responses, but you've not seen any in your own application, this is because by default, the Azure Cosmos DB client SDKs [`automatically retried internally on the 429 responses`](xref:Microsoft.Azure.Cosmos.CosmosClientOptions.MaxRetryAttemptsOnRateLimitedRequests) and the request succeeded in subsequent retries. As a result, the 429 status code isn't returned to the application. In these cases, the overall rate of 429 responses is typically minimal and can be safely ignored, assuming the overall rate is between 1-5% and end to end latency is acceptable to your application.
diff --git a/articles/quotas/index.yml b/articles/quotas/index.yml
@@ -4,12 +4,12 @@ title: Azure Quotas documentation
 summary: Azure Quotas lets you view and manage quotas for many of the Azure resources you use in your subscriptions.
 metadata:
   title: Azure Quotas documentation
-  description: Azure Quotas summary TK
+  description: Azure Quotas lets you view and manage quotas for many of the Azure resources you use in your subscriptions.
   services: Azure Quotas
   ms.topic: landing-page
   ms.service: azure-quotas
   ms.collection: collection
-  ms.date: 07/22/2022
+  ms.date: 04/04/2023
 
 # linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new
 
diff --git a/articles/storage/blobs/blobfuse2-commands-mount-all.md b/articles/storage/blobs/blobfuse2-commands-mount-all.md
@@ -73,12 +73,19 @@ The following flags are inherited from parent command [`blobfuse2 mount`](blobfu
 Mount all blob storage containers in the storage account specified in the configuration file to the path specified in the command. (Each container will be a subdirectory under the directory specified):
 
 ```bash
-~$ mkdir bf2all
-~$ blobfuse2 mount all ./bf2all --config-file=./config.yaml
+sudo mkdir bf2all
+sudo blobfuse2 mount all ./bf2all --config-file=./config.yaml
+```
+Example Output
+```output
 Mounting container : blobfuse2a to path : bf2all/blobfuse2a
 Mounting container : blobfuse2b to path : bf2all/blobfuse2b
-
-~$ blobfuse2 mount list
+```
+```bash
+sudo blobfuse2 mount list
+```
+Example output
+```output
 1 : /home/<user>/bf2all/blobfuse2a
 2 : /home/<user>/bf2all/blobfuse2b
 ```
diff --git a/articles/storage/blobs/blobfuse2-commands-mount-list.md b/articles/storage/blobs/blobfuse2-commands-mount-list.md
@@ -60,7 +60,10 @@ The following flags are inherited from parent command [`blobfuse2 mount`](blobfu
 Display all current BlobFuse2 mount points:
 
 ```bash
-~$ blobfuse2 mount list
+sudo blobfuse2 mount list
+```
+Example output
+```output
 1 : /home/<user>/bf2a
 2 : /home/<user>/bf2b
 ```
diff --git a/articles/storage/blobs/blobfuse2-commands-mountv1.md b/articles/storage/blobs/blobfuse2-commands-mountv1.md
@@ -94,13 +94,13 @@ The following flags apply only to command `blobfuse2 mountv1` command:
 1. Mount a blob container in an Azure Data Lake Storage account using a BlobFuse v1 configuration file:
 
     ```bash
-    blobfuse2 mountv1 ./mount_dir --config-file=./config.cfg --use-adls=true
+    sudo blobfuse2 mountv1 ./mount_dir --config-file=./config.cfg --use-adls=true
     ```
 
 1. Create a BlobFuse2 configuration file from a v1 configuration file in the same directory, but do not mount any containers:
 
     ```bash
-    blobfuse2 mountv1 --config-file=./config.cfg --output-file=./config.yaml --convert-config-only=true
+    sudo blobfuse2 mountv1 --config-file=./config.cfg --output-file=./config.yaml --convert-config-only=true
     ```
 
 ## See also
diff --git a/articles/storage/blobs/blobfuse2-commands-unmount.md b/articles/storage/blobs/blobfuse2-commands-unmount.md
@@ -53,7 +53,7 @@ There are no flags only supported by the unmount command.
 1. Unmount a BlobFuse2 mount instance:
 
     ```bash
-    blobfuse2 unmount ./mount_path
+    sudo blobfuse2 unmount ./mount_path
     ```
 
     (Alternatively, you can use a native Linux command to do the same):
@@ -65,7 +65,7 @@ There are no flags only supported by the unmount command.
 1. Unmount all BlobFuse2 mount points (see also [The BlobFuse2 unmount all command](blobfuse2-commands-unmount-all.md)):
 
     ```bash
-    blobfuse2 unmount all
+    sudo blobfuse2 unmount all
     ```
 
 ## See also
