Merge branch 'main' into alexbuckgit/docutune-autopr-20230918-141307-7479199-ignore-build

Author: alexbuckgit

.openpublishing.publish.config.json

@@ -974,12 +974,90 @@
       "branch": "main",
       "branch_mapping": {}
     },
+    {
+      "path_to_root": "cosmos-db-nosql-javascript-samples",
+      "url": "https://github.com/azure-samples/cosmos-db-nosql-javascript-samples",
+      "branch": "main",
+      "branch_mapping": {}
+    },
     {
       "path_to_root": "cosmos-db-nosql-python-samples",
       "url": "https://github.com/azure-samples/cosmos-db-nosql-python-samples",
       "branch": "main",
       "branch_mapping": {}
     },
+    {
+      "path_to_root": "cosmos-db-mongodb-dotnet-samples",
+      "url": "https://github.com/azure-samples/cosmos-db-mongodb-dotnet-samples",
+      "branch": "main",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "cosmos-db-mongodb-javascript-samples",
+      "url": "https://github.com/azure-samples/cosmos-db-mongodb-javascript-samples",
+      "branch": "main",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "cosmos-db-mongodb-python-samples",
+      "url": "https://github.com/azure-samples/cosmos-db-mongodb-python-samples",
+      "branch": "main",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "cosmos-db-apache-cassandra-dotnet-samples",
+      "url": "https://github.com/azure-samples/cosmos-db-apache-cassandra-dotnet-samples",
+      "branch": "main",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "cosmos-db-apache-cassandra-javascript-samples",
+      "url": "https://github.com/azure-samples/cosmos-db-apache-cassandra-javascript-samples",
+      "branch": "main",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "cosmos-db-apache-cassandra-python-samples",
+      "url": "https://github.com/azure-samples/cosmos-db-apache-cassandra-python-samples",
+      "branch": "main",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "cosmos-db-apache-gremlin-dotnet-samples",
+      "url": "https://github.com/azure-samples/cosmos-db-apache-gremlin-dotnet-samples",
+      "branch": "main",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "cosmos-db-apache-gremlin-javascript-samples",
+      "url": "https://github.com/azure-samples/cosmos-db-apache-gremlin-javascript-samples",
+      "branch": "main",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "cosmos-db-apache-gremlin-python-samples",
+      "url": "https://github.com/azure-samples/cosmos-db-apache-gremlin-python-samples",
+      "branch": "main",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "cosmos-db-table-dotnet-samples",
+      "url": "https://github.com/azure-samples/cosmos-db-table-dotnet-samples",
+      "branch": "main",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "cosmos-db-table-javascript-samples",
+      "url": "https://github.com/azure-samples/cosmos-db-table-javascript-samples",
+      "branch": "main",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "cosmos-db-table-python-samples",
+      "url": "https://github.com/azure-samples/cosmos-db-table-python-samples",
+      "branch": "main",
+      "branch_mapping": {}
+    },
     {
       "path_to_root": "azure-cosmos-db-table-dotnet-v12",
       "url": "https://github.com/Azure-Samples/cosmos-db-table-api-dotnet-samples",

.openpublishing.redirection.azure-kubernetes-service.json

@@ -19,6 +19,11 @@
             "source_path_from_root": "/articles/aks/aks-planned-maintenance-weekly-releases.md",
             "redirect_url": "/azure/aks/planned-maintenance",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/aks/create-k8s-cluster-with-aks-application-gateway-ingress.md",
+            "redirect_url": "/azure/application-gateway/for-containers/overview",
+            "redirect_document_id": false
         }
     ]
 }

.openpublishing.redirection.json

@@ -22362,6 +22362,11 @@
             "redirect_url": "/azure/communication-services/how-tos/calling-sdk/lobby",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/communication-services/tutorials/widgets/click-to-call-widget.md",
+            "redirect_url": "/azure/communication-services/tutorials/calling-widget/calling-widget-overview",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/load-balancer/tutorial-load-balancer-standard-manage-portal.md",
             "redirect_url": "/azure/load-balancer/quickstart-load-balancer-standard-public-portal",
@@ -23591,13 +23596,27 @@
             "source_path_from_root": "/articles/devtest-labs/how-to-move-schedule-to-new-region.md",
             "redirect_url": "/azure/devtest-labs/how-to-move-labs",
             "redirect_document_id": false
-        },
+        },       
         {
             "source_path_from_root": "/articles/devtest-labs/devtest-lab-guidance-prescriptive-adoption.md",
             "redirect_url": "/azure/devtest-labs/deliver-proof-of-concept",
             "redirect_document_id": false
         },        
         {
+            "source_path_from_root": "/articles/devtest-labs/devtest-lab-guidance-governance-cost-ownership.md",
+            "redirect_url": "/azure/devtest-labs/devtest-lab-guidance-governance-resources",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/devtest-labs/devtest-lab-guidance-governance-policy-compliance.md",
+            "redirect_url": "/azure/devtest-labs/devtest-lab-guidance-governance-resources",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/devtest-labs/devtest-lab-guidance-governance-application-migration-integration.md",
+            "redirect_url": "/azure/devtest-labs/devtest-lab-guidance-governance-resources",
+            "redirect_document_id": false
+        },        {
             "source_path_from_root": "/articles/azure/virtual-desktop/azure-advisor.md",
             "redirect_url": "/azure/advisor/advisor-overview",
             "redirect_document_id": false
@@ -24496,6 +24515,14 @@
             "source_path_from_root": "/articles/aks/command-invoke.md",
             "redirect_url": "/azure/aks/access-private-cluster",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/orbital/space-partner-program-overview.md",
+            "redirect_url": "/azure/orbital/overview",
+            "redirect_document_id": false
         }
+
+
+        
     ]
 }

articles/active-directory-domain-services/policy-reference.md

@@ -1,7 +1,7 @@
 ---
 title: Built-in policy definitions for Azure Active Directory Domain Services
 description: Lists Azure Policy built-in policy definitions for Azure Active Directory Domain Services. These built-in policy definitions provide common approaches to managing your Azure resources.
-ms.date: 09/15/2023
+ms.date: 09/19/2023
 ms.service: active-directory
 ms.subservice: domain-services
 author: justinha

articles/active-directory/app-provisioning/provision-on-demand.md

@@ -173,6 +173,7 @@ There are currently a few known limitations to on-demand provisioning. Post your
 * On-demand provisioning of roles isn't supported.
 * On-demand provisioning supports disabling users that have been unassigned from the application. However, it doesn't support disabling or deleting users that have been disabled or deleted from Azure AD. Those users don't appear when you search for a user.
 * On-demand provisioning doesn't support nested groups that aren't directly assigned to the application.
+* The on-demand provisioning request API can only accept a single group with up to 5 members at a time.
 
 ## Next steps
 

articles/active-directory/authentication/TOC.yml

@@ -9,7 +9,7 @@
   items:
   - name: Enable self-service password reset
     href: tutorial-enable-sspr.md
-  - name: Enable Azure AD Multi-Factor Authentication
+  - name: Enable Microsoft Entra multifactor authentication
     href: tutorial-enable-azure-mfa.md
   - name: Enable cloud sync password writeback
     href: tutorial-enable-cloud-sync-sspr-writeback.md
@@ -54,7 +54,7 @@
       href: concept-sspr-policy.md
     - name: Licenses
       href: concept-sspr-licensing.md
-  - name: Multifactor Authentication
+  - name: Multifactor authentication
     items:
     - name: How MFA works
       href: concept-mfa-howitworks.md
@@ -130,13 +130,13 @@
         href: /windows/security/identity-protection/hello-for-business/hello-identity-verification
       - name: Certificate-based authentication
         items:
-        - name: Azure AD CBA
+        - name: Microsoft Entra CBA
           items:
           - name: Overview
             href: concept-certificate-based-authentication.md
-          - name: How Azure AD CBA works
+          - name: How Microsoft Entra CBA works
             href: concept-certificate-based-authentication-technical-deep-dive.md
-          - name: Configure Azure AD CBA
+          - name: Configure Microsoft Entra CBA
             href: how-to-certificate-based-authentication.md
           - name: Windows smart card logon
             href: concept-certificate-based-authentication-smartcard.md
@@ -150,7 +150,7 @@
             href: concept-certificate-based-authentication-migration.md
           - name: FAQ
             href: certificate-based-authentication-faq.yml
-        - name: Federated CBA with Azure AD
+        - name: Federated CBA with Microsoft Entra ID
           items:
           - name: Configure CBA with federation
             href: certificate-based-authentication-federation-get-started.md
@@ -180,7 +180,7 @@
       href: howto-sspr-authenticationdata.md
     - name: SSPR for Windows clients
       href: howto-sspr-windows.md
-  - name: Azure AD Multi-Factor Authentication
+  - name: Microsoft Entra multifactor authentication
     items:
     - name: Deployment guide
       href: howto-mfa-getstarted.md
@@ -212,7 +212,7 @@
         href: howto-mfa-nps-extension.md
       - name: Advanced configuration for NPS extension
         href: howto-mfa-nps-extension-advanced.md
-      - name: Azure VPN and Azure AD MFA
+      - name: Azure VPN and Microsoft Entra multifactor authentication
         href: ../../vpn-gateway/vpn-gateway-radius-mfa-nsp.md
       - name: Remote Desktop Gateway
         href: howto-mfa-nps-extension-rdg.md
@@ -238,7 +238,7 @@
       href: howto-password-ban-bad-on-premises-faq.yml
     - name: Agent version history
       href: howto-password-ban-bad-on-premises-agent-versions.md
-  - name: Azure AD smart lockout
+  - name: Microsoft Entra smart lockout
     href: howto-password-smart-lockout.md
   - name: Reporting
     items:
@@ -252,7 +252,7 @@
       href: howto-mfa-reporting-datacollection.md
   - name: MFA Server
     items:
-    - name: Migrate MFA Server to Azure AD MFA
+    - name: Migrate MFA Server to Microsoft Entra multifactor authentication
       items:
       - name: Overview
         href: how-to-migrate-mfa-server-to-azure-mfa.md

articles/active-directory/authentication/certificate-based-authentication-faq.yml

@@ -1,7 +1,7 @@
 ### YamlMime:FAQ
 metadata:
-  title: Azure AD certificate-based authentication (CBA) FAQ
-  description: Frequently asked questions and answers related to Azure AD certificate-based authentication (CBA). 
+  title: Microsoft Entra certificate-based authentication (CBA) FAQ
+  description: Frequently asked questions and answers related to Microsoft Entra certificate-based authentication (CBA). 
 
   services: multi-factor-authentication
   ms.service: active-directory
@@ -14,17 +14,17 @@ metadata:
   manager: amycolannino
   ms.reviewer: vimrang
   ms.collection: M365-identity-device-management
-title: Frequently asked questions about Azure AD certificate-based authentication (CBA)
+title: Frequently asked questions about Microsoft Entra certificate-based authentication (CBA)
 summary: |
-  This article addresses frequently asked questions about how Azure AD certificate-based authentication (CBA) works. 
+  This article addresses frequently asked questions about how Microsoft Entra certificate-based authentication (CBA) works. 
   Keep checking back for updated content.
 
 
 sections:
   - name: General
     questions:
       - question: |
-          Why don't I see an option to sign in to Azure Active Directory by using certificates after I enter my username?
+          Why don't I see an option to sign in to Microsoft Entra ID by using certificates after I enter my username?
         answer: |
           An administrator needs to enable CBA for the tenant to make the sign-in with certificate option available for users. For more information, see [Step 3: Configure authentication binding policy](how-to-certificate-based-authentication.md#step-3-configure-authentication-binding-policy).
 
@@ -35,22 +35,22 @@ sections:
           To get more diagnostic information, check the **Sign-ins report**.
 
       - question: |
-          How can an administrator enable Azure AD CBA?
+          How can an administrator enable Microsoft Entra CBA?
         answer: |        
           1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Authentication Policy Administrator](../roles/permissions-reference.md#authentication-policy-administrator).
           2. Browse to **Protection** > **Authentication methods** > **Policies**.
           3. Select policy: **Certificate-based Authentication**.
           4. On the **Enable and Target** tab, select the **Enable** toggle to enable certificate-based authentication.
 
       - question: |
-          Is Azure AD CBA a free feature?
+          Is Microsoft Entra CBA a free feature?
         answer: |
           Certificate-based authentication is a free feature. 
           Every edition of Azure AD includes Azure AD CBA.
           For more information about features in each Azure AD edition, see [Azure AD pricing](https://www.microsoft.com/security/business/identity-access-management/azure-ad-pricing).
 
       - question: |
-          Does Azure AD CBA support Alternate ID as the username instead of userPrincipalName?
+          Does Microsoft Entra CBA support Alternate ID as the username instead of userPrincipalName?
         answer: |
           No, sign-in using a non-UPN value, such as an alternate email, isn't supported now.
           

articles/active-directory/authentication/certificate-based-authentication-federation-android.md

@@ -16,9 +16,9 @@ ms.reviewer: annaba
 
 ms.collection: M365-identity-device-management
 ---
-# Azure Active Directory certificate-based authentication with federation on Android
+# Microsoft Entra certificate-based authentication with federation on Android
 
-Android devices can use certificate-based authentication (CBA) to authenticate to Azure Active Directory using a client certificate on their device when connecting to:
+Android devices can use certificate-based authentication (CBA) to authenticate to Microsoft Entra ID using a client certificate on their device when connecting to:
 
 * Office mobile applications such as Microsoft Outlook and Microsoft Word
 * Exchange ActiveSync (EAS) clients
@@ -47,14 +47,14 @@ The device OS version must be Android 5.0 (Lollipop) and above.
 
 A federation server must be configured.
 
-For Azure Active Directory to revoke a client certificate, the AD FS token must have the following claims:
+For Microsoft Entra ID to revoke a client certificate, the AD FS token must have the following claims:
 
 * `http://schemas.microsoft.com/ws/2008/06/identity/claims/<serialnumber>`
   (The serial number of the client certificate)
 * `http://schemas.microsoft.com/2012/12/certificatecontext/field/<issuer>`
   (The string for the issuer of the client certificate)
 
-Azure Active Directory adds these claims to the refresh token if they're available in the AD FS token (or any other SAML token). When the refresh token needs to be validated, this information is used to check the revocation.
+Microsoft Entra ID adds these claims to the refresh token if they're available in the AD FS token (or any other SAML token). When the refresh token needs to be validated, this information is used to check the revocation.
 
 As a best practice, you should update your organization's AD FS error pages with the following information:
 
@@ -63,7 +63,7 @@ As a best practice, you should update your organization's AD FS error pages with
 
 For more information, see [Customizing the AD FS Sign-in Pages](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn280950(v=ws.11)).
 
-Office apps with modern authentication enabled send '*prompt=login*' to Azure AD in their request. By default, Azure AD translates '*prompt=login*' in the request to AD FS as '*wauth=usernamepassworduri*' (asks AD FS to do U/P Auth) and '*wfresh=0*' (asks AD FS to ignore SSO state and do a fresh authentication). If you want to enable certificate-based authentication for these apps, you need to modify the default Azure AD behavior. Set the '*PromptLoginBehavior*' in your federated domain settings to '*Disabled*'.
+Office apps with modern authentication enabled send '*prompt=login*' to Microsoft Entra ID in their request. By default, Microsoft Entra ID translates '*prompt=login*' in the request to AD FS as '*wauth=usernamepassworduri*' (asks AD FS to do U/P Auth) and '*wfresh=0*' (asks AD FS to ignore SSO state and do a fresh authentication). If you want to enable certificate-based authentication for these apps, you need to modify the default Microsoft Entra behavior. Set the '*PromptLoginBehavior*' in your federated domain settings to '*Disabled*'.
 You can use the [MSOLDomainFederationSettings](/powershell/module/msonline/set-msoldomainfederationsettings) cmdlet to perform this task:
 
 ```powershell