Merge pull request #251936 from MicrosoftDocs/alexbuckgit/docutune-autopr-20230918-155458-2352445-ignore-build

[BULK] - DocuTune - Rebranding of Azure Active Directory to Microsoft Entra (part 38)

Author: prmerger-automator[bot]

articles/active-directory/managed-identities-azure-resources/tutorial-vm-windows-access-storage.md

@@ -30,7 +30,7 @@ This tutorial shows you how to use a system-assigned managed identity for a Wind
 > * Get an access and use it to call Azure Storage
 
 > [!NOTE]
-> Azure Active Directory authentication for Azure Storage is in public preview.
+> Microsoft Entra authentication for Azure Storage is in public preview.
 
 ## Prerequisites
 
@@ -96,7 +96,7 @@ This section shows how to grant your VM access to an Azure Storage container. Yo
 
 ## Access data 
 
-Azure Storage natively supports Azure AD authentication, so it can directly accept access tokens obtained using a managed identity. This approach uses Azure Storage's integration with Azure AD, and is different from supplying credentials on the connection string.
+Azure Storage natively supports Microsoft Entra authentication, so it can directly accept access tokens obtained using a managed identity. This approach uses Azure Storage's integration with Microsoft Entra ID, and is different from supplying credentials on the connection string.
 
 Here's a .NET code example of opening a connection to Azure Storage. The example uses an access token and then reads the contents of the file you created earlier. This code must run on the VM to be able to access the VM's managed identity endpoint. .NET Framework 4.6 or higher is required to use the access token method. Replace the value of `<URI to blob file>` accordingly. You can obtain this value by navigating to file you created and uploaded to blob storage and copying the **URL** under **Properties** the **Overview** page.
 
@@ -184,4 +184,4 @@ The response contains the contents of the file:
 In this tutorial, you learned how enable a Windows VM's system-assigned identity to access Azure Storage.  To learn more about Azure Storage, see:
 
 > [!div class="nextstepaction"]
-> [Azure Storage](../../storage/common/storage-introduction.md)
+> [Azure Storage](../../storage/common/storage-introduction.md)

articles/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-arm.md

@@ -21,7 +21,7 @@ ms.collection: M365-identity-device-management
 
 [!INCLUDE [preview-notice](../../../includes/active-directory-msi-preview-notice.md)]
 
-This tutorial shows you how to access the Azure Resource Manager API using a Windows virtual machine with system-assigned managed identity enabled. Managed identities for Azure resources are automatically managed by Azure and enable you to authenticate to services that support Azure AD authentication without needing to insert credentials into your code. You learn how to:
+This tutorial shows you how to access the Azure Resource Manager API using a Windows virtual machine with system-assigned managed identity enabled. Managed identities for Azure resources are automatically managed by Azure and enable you to authenticate to services that support Microsoft Entra authentication without needing to insert credentials into your code. You learn how to:
 
 > [!div class="checklist"] 
 > * Grant your VM access to a Resource Group in Azure Resource Manager 
@@ -43,7 +43,7 @@ This tutorial shows you how to access the Azure Resource Manager API using a Win
 
 [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
 
-Using managed identities for Azure resources, your application can get access tokens to authenticate to resources that support Azure AD authentication. The Azure Resource Manager API supports Azure AD authentication. We grant this VM's identity access to a resource in Azure Resource Manager, in this case a Resource Group. We assign the [Reader](../../role-based-access-control/built-in-roles.md#reader) role to the managed-identity at the scope of the resource group. 
+Using managed identities for Azure resources, your application can get access tokens to authenticate to resources that support Microsoft Entra authentication. The Azure Resource Manager API supports Microsoft Entra authentication. We grant this VM's identity access to a resource in Azure Resource Manager, in this case a Resource Group. We assign the [Reader](../../role-based-access-control/built-in-roles.md#reader) role to the managed-identity at the scope of the resource group. 
 
 1. Sign in to the [Azure portal](https://portal.azure.com) with your administrator account.
 1. Navigate to the tab for **Resource Groups**.
@@ -70,7 +70,7 @@ You'll need to use **PowerShell** in this portion.  If you don’t have **PowerS
     ```
     
     > [!NOTE]
-    > The value of the "resource" parameter must be an exact match for what is expected by Azure AD. When using the Azure Resource Manager resource ID, you must include the trailing slash on the URI.
+    > The value of the "resource" parameter must be an exact match for what is expected by Microsoft Entra ID. When using the Azure Resource Manager resource ID, you must include the trailing slash on the URI.
     
     Next, extract the full response, which is stored as a JavaScript Object Notation (JSON) formatted string in the $response object. 
     

articles/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-cosmos-db.md

@@ -61,7 +61,7 @@ Next, add a data collection in the Azure Cosmos DB account that you can query in
 
 ## Grant access
 
-This section shows how to grant Windows VM system-assigned managed identity access to the Azure Cosmos DB account access keys. Azure Cosmos DB does not natively support Azure AD authentication. However, you can use a system-assigned managed identity to retrieve an Azure Cosmos DB access key from Resource Manager, and use the key to access Azure Cosmos DB. In this step, you grant your Windows VM system-assigned managed identity access to the keys to the Azure Cosmos DB account.
+This section shows how to grant Windows VM system-assigned managed identity access to the Azure Cosmos DB account access keys. Azure Cosmos DB does not natively support Microsoft Entra authentication. However, you can use a system-assigned managed identity to retrieve an Azure Cosmos DB access key from Resource Manager, and use the key to access Azure Cosmos DB. In this step, you grant your Windows VM system-assigned managed identity access to the keys to the Azure Cosmos DB account.
 
 To grant the Windows VM system-assigned managed identity access to the Azure Cosmos DB account in Azure Resource Manager using PowerShell, update the following values:
 
@@ -97,7 +97,7 @@ You need to install the latest version of [Azure CLI](/cli/azure/install-azure-c
    ```
 
    > [!NOTE]
-   > The value of the "resource" parameter must be an exact match for what is expected by Azure AD. When using the Azure Resource Manager resource ID, you must include the trailing slash on the URI.
+   > The value of the "resource" parameter must be an exact match for what is expected by Microsoft Entra ID. When using the Azure Resource Manager resource ID, you must include the trailing slash on the URI.
     
    Next, extract the "Content" element, which is stored as a JavaScript Object Notation (JSON) formatted string in the $response object. 
 

articles/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-datalake.md

@@ -21,7 +21,7 @@ ms.collection: M365-identity-device-management
 
 [!INCLUDE [preview-notice](../../../includes/active-directory-msi-preview-notice.md)]
 
-This tutorial shows you how to use a system-assigned managed identity for a Windows virtual machine (VM) to access an Azure Data Lake Store. Managed identities are automatically managed by Azure. They enable your application to authenticate to services that support Azure AD authentication, without needing to insert credentials into your code.
+This tutorial shows you how to use a system-assigned managed identity for a Windows virtual machine (VM) to access an Azure Data Lake Store. Managed identities are automatically managed by Azure. They enable your application to authenticate to services that support Microsoft Entra authentication, without needing to insert credentials into your code.
 
 In this article you learn how to:
 
@@ -68,7 +68,7 @@ Your VM's system-assigned managed identity can now perform all operations on fil
 
 ## Access data
 
-Azure Data Lake Store natively supports Azure AD authentication, so it can directly accept access tokens obtained using managed identities for Azure resources.  To authenticate to the Data Lake Store filesystem, you send an access token issued by Azure AD to your Data Lake Store filesystem endpoint in an Authorization header. The header has the format "Bearer <ACCESS_TOKEN_VALUE>".  To learn more about Data Lake Store support for Azure AD authentication, read [Authentication with Data Lake Store using Azure Active Directory](../../data-lake-store/data-lakes-store-authentication-using-azure-active-directory.md)
+Azure Data Lake Store natively supports Microsoft Entra authentication, so it can directly accept access tokens obtained using managed identities for Azure resources.  To authenticate to the Data Lake Store filesystem, you send an access token issued by Microsoft Entra ID to your Data Lake Store filesystem endpoint in an Authorization header. The header has the format "Bearer <ACCESS_TOKEN_VALUE>".  To learn more about Data Lake Store support for Microsoft Entra authentication, read [Authentication with Data Lake Store using Microsoft Entra ID](../../data-lake-store/data-lakes-store-authentication-using-azure-active-directory.md)
 
 > [!NOTE]
 > The Data Lake Store filesystem client SDKs do not yet support managed identities for Azure resources.  This tutorial will be updated when support is added to the SDK.
@@ -195,4 +195,4 @@ Using other Data Lake Store filesystem APIs you can append to files, download fi
 In this tutorial, you learned how to use a system-assigned managed identity for a Windows virtual machine to access an Azure Data Lake Store. To learn more about Azure Data Lake Store, see:
 
 > [!div class="nextstepaction"]
->[Azure Data Lake Store](../../data-lake-store/data-lake-store-overview.md)
+>[Azure Data Lake Store](../../data-lake-store/data-lake-store-overview.md)

articles/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-nonaad.md

@@ -21,7 +21,7 @@ ms.collection: M365-identity-device-management
 
 [!INCLUDE [preview-notice](../../../includes/active-directory-msi-preview-notice.md)]
 
-This tutorial shows you how a Windows virtual machine (VM) can use a system-assigned managed identity to access [Azure Key Vault](../../key-vault/general/overview.md). Key Vault makes it possible for your client application to use a secret to access resources not secured by Azure Active Directory (Azure AD). Managed identities are automatically managed by Azure. They enable you to authenticate to services that support Azure AD authentication, without including authentication information in your code.
+This tutorial shows you how a Windows virtual machine (VM) can use a system-assigned managed identity to access [Azure Key Vault](../../key-vault/general/overview.md). Key Vault makes it possible for your client application to use a secret to access resources not secured by Microsoft Entra ID. Managed identities are automatically managed by Azure. They enable you to authenticate to services that support Microsoft Entra authentication, without including authentication information in your code.
 
 You learn how to:
 
@@ -41,7 +41,7 @@ You learn how to:
 
 [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
 
-This section shows how to grant your VM access to a secret stored in a Key Vault. When you use managed identities for Azure resources, your code can get access tokens to authenticate to resources that support Azure AD authentication.  However, not all Azure services support Azure AD authentication. To use managed identities for Azure resources with those services, store the service credentials in Azure Key Vault, and use the VM's managed identity to access Key Vault to retrieve the credentials.
+This section shows how to grant your VM access to a secret stored in a Key Vault. When you use managed identities for Azure resources, your code can get access tokens to authenticate to resources that support Microsoft Entra authentication.  However, not all Azure services support Microsoft Entra authentication. To use managed identities for Azure resources with those services, store the service credentials in Azure Key Vault, and use the VM's managed identity to access Key Vault to retrieve the credentials.
 
 First, we need to create a Key Vault and grant our VM’s system-assigned managed identity access to the Key Vault.
 

articles/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-sql.md

@@ -18,12 +18,12 @@ ms.collection: M365-identity-device-management
 # Tutorial: Use a Windows VM system-assigned managed identity to access Azure SQL
 
 
-This tutorial shows you how to use a system-assigned identity for a Windows virtual machine (VM) to access Azure SQL Database. Managed Service Identities are automatically managed by Azure and enable you to authenticate to services that support Azure AD authentication, without needing to insert credentials into your code. You learn how to:
+This tutorial shows you how to use a system-assigned identity for a Windows virtual machine (VM) to access Azure SQL Database. Managed Service Identities are automatically managed by Azure and enable you to authenticate to services that support Microsoft Entra authentication, without needing to insert credentials into your code. You learn how to:
 
 > [!div class="checklist"]
 >
 > * Grant your VM access to Azure SQL Database
-> * Enable Azure AD authentication
+> * Enable Microsoft Entra authentication
 > * Create a contained user in the database that represents the VM's system assigned identity
 > * Get an access token using the VM identity and use it to query Azure SQL Database
 
@@ -41,36 +41,38 @@ To grant your VM access to a database in Azure SQL Database, you can use an exis
 
 There are two steps to granting your VM access to a database:
 
-1. Enable Azure AD authentication for the server.
+1. Enable Microsoft Entra authentication for the server.
 2. Create a **contained user** in the database that represents the VM's system-assigned identity.
 
-### Enable Azure AD authentication
+<a name='enable-azure-ad-authentication'></a>
 
-**To [configure Azure AD authentication](/azure/azure-sql/database/authentication-aad-configure):**
+### Enable Microsoft Entra authentication
+
+**To [configure Microsoft Entra authentication](/azure/azure-sql/database/authentication-aad-configure):**
 
 1. In the Azure portal, select **SQL servers** from the left-hand navigation.
-2. Select the SQL server to be enabled for Azure AD authentication.
+2. Select the SQL server to be enabled for Microsoft Entra authentication.
 3. In the **Settings** section of the blade, click **Active Directory admin**.
 4. In the command bar, click **Set admin**.
-5. Select an Azure AD user account to be made an administrator of the server, and click **Select.**
+5. Select a Microsoft Entra user account to be made an administrator of the server, and click **Select.**
 6. In the command bar, click **Save.**
 
 
 ### Create contained user
 
-This section shows how to create a contained user in the database that represents the VM's system assigned identity. For this step, you need [Microsoft SQL Server Management Studio](/sql/ssms/download-sql-server-management-studio-ssms) (SSMS). Before beginning, it may also be helpful to review the following articles for background on Azure AD integration:
+This section shows how to create a contained user in the database that represents the VM's system assigned identity. For this step, you need [Microsoft SQL Server Management Studio](/sql/ssms/download-sql-server-management-studio-ssms) (SSMS). Before beginning, it may also be helpful to review the following articles for background on Microsoft Entra integration:
 
 - [Universal Authentication with SQL Database and Azure Synapse Analytics (SSMS support for MFA)](/azure/azure-sql/database/authentication-mfa-ssms-overview)
-- [Configure and manage Azure Active Directory authentication with SQL Database or Azure Synapse Analytics](/azure/azure-sql/database/authentication-aad-configure)
+- [Configure and manage Microsoft Entra authentication with SQL Database or Azure Synapse Analytics](/azure/azure-sql/database/authentication-aad-configure)
 
-SQL DB requires unique Azure AD display names. With this, the Azure AD accounts such as users, groups and Service Principals (applications), and VM names enabled for managed identity must be uniquely defined in Azure AD regarding their display names. SQL DB checks the Azure AD display name during T-SQL creation of such users and if it isn't unique, the command fails requesting to provide a unique Azure AD display name for a given account.
+SQL DB requires unique Microsoft Entra ID display names. With this, the Microsoft Entra accounts such as users, groups and Service Principals (applications), and VM names enabled for managed identity must be uniquely defined in Microsoft Entra ID regarding their display names. SQL DB checks the Microsoft Entra ID display name during T-SQL creation of such users and if it isn't unique, the command fails requesting to provide a unique Microsoft Entra ID display name for a given account.
 
 **To create a contained user:**
 
 1. Start SQL Server Management Studio.
 2. In the **Connect to Server** dialog, Enter your server name in the **Server name** field.
 3. In the **Authentication** field, select **Active Directory - Universal with MFA support**.
-4. In the **User name** field, enter the name of the Azure AD account that you set as the server administrator, for example, [email protected]
+4. In the **User name** field, enter the name of the Microsoft Entra account that you set as the server administrator, for example, [email protected]
 5. Click **Options**.
 6. In the **Connect to database** field, enter the name of the non-system database you want to configure.
 7. Click **Connect**. Complete the sign-in process.
@@ -103,7 +105,7 @@ Code running in the VM can now get a token using its system-assigned managed ide
 
 ## Access data
 
-This section shows how to get an access token using the VM's system-assigned managed identity and use it to call Azure SQL. Azure SQL natively supports Azure AD authentication, so it can directly accept access tokens obtained using managed identities for Azure resources. This method doesn't require supplying credentials on the connection string.
+This section shows how to get an access token using the VM's system-assigned managed identity and use it to call Azure SQL. Azure SQL natively supports Microsoft Entra authentication, so it can directly accept access tokens obtained using managed identities for Azure resources. This method doesn't require supplying credentials on the connection string.
 
 Here's a .NET code example of opening a connection to SQL using Active Directory Managed Identity authentication. The code must run on the VM to be able to access the VM's system-assigned managed identity's endpoint. **.NET Framework 4.6.2** or higher or **.NET Core 3.1** or higher is required to use this method. Replace the values of AZURE-SQL-SERVERNAME and DATABASE accordingly and add a NuGet reference to the Microsoft.Data.SqlClient library.
 
@@ -179,4 +181,3 @@ In this tutorial, you learned how to use a system-assigned managed identity to a
 
 > [!div class="nextstepaction"]
 > [Azure SQL Database](/azure/azure-sql/database/sql-database-paas-overview)
-