Merge pull request #47797 from ShawnKupfer/WB1528

User Story 336412: Q&M: Freshness for Manage users and groups module

Author: JamesJBarnett

learn-pr/azure/manage-users-and-groups-in-aad/1-introduction.yml

@@ -6,7 +6,7 @@ metadata:
   prefetch-feature-rollout: true
   title: Introduction
   description: Introduction
-  ms.date: 11/08/2023
+  ms.date: 11/04/2024
   author: shlipsey3
   ms.author: sarahlipsey
   ms.topic: unit

learn-pr/azure/manage-users-and-groups-in-aad/2-create-aad.yml

@@ -6,7 +6,7 @@ metadata:
   prefetch-feature-rollout: true
   title: What is Microsoft Entra ID?
   description: What is Microsoft Entra ID?
-  ms.date: 11/08/2023
+  ms.date: 11/04/2024
   author: shlipsey3
   ms.author: sarahlipsey
   ms.topic: unit
@@ -19,12 +19,12 @@ quiz:
    questions:
    - content: "An Azure subscription is a _______________."
      choices:
-     - content: billing entity and security boundary
+     - content: Billing entity and security boundary.
        isCorrect: true
        explanation: "Correct. Azure subscriptions manage resources, limits, and provide the charges billed to the account owner."
-     - content: container that holds users
+     - content: Container that holds users.
        isCorrect: false
-     - content: monthly charge for Azure services
+     - content: Monthly charge for Azure services.
        isCorrect: false
    - content: "Which of the following best describes the relationship between a subscription and a Microsoft Entra directory?"
      choices:

learn-pr/azure/manage-users-and-groups-in-aad/3-users.yml

@@ -6,7 +6,7 @@ metadata:
   prefetch-feature-rollout: true
   title: Create and manage users
   description: Create and manage users
-  ms.date: 11/08/2023
+  ms.date: 11/04/2024
   author: shlipsey3
   ms.author: sarahlipsey
   ms.topic: unit

learn-pr/azure/manage-users-and-groups-in-aad/4-groups.yml

@@ -6,7 +6,7 @@ metadata:
   prefetch-feature-rollout: true
   title: Create and manage groups
   description: Create and manage groups
-  ms.date: 11/08/2023
+  ms.date: 11/04/2024
   author: shlipsey3
   ms.author: sarahlipsey
   ms.topic: unit

learn-pr/azure/manage-users-and-groups-in-aad/5-manage-aad-roles.yml

@@ -6,7 +6,7 @@ metadata:
   prefetch-feature-rollout: true
   title: Use roles to control resource access
   description: Use roles to control resource access
-  ms.date: 11/08/2023
+  ms.date: 11/04/2024
   author: shlipsey3
   ms.author: sarahlipsey
   ms.topic: unit

learn-pr/azure/manage-users-and-groups-in-aad/6-azure-ad-connect.yml

@@ -6,7 +6,7 @@ metadata:
   prefetch-feature-rollout: true
   title: Connect Active Directory to Microsoft Entra ID with Microsoft Entra Connect
   description: Connect Active Directory to Microsoft Entra ID with Microsoft Entra Connect
-  ms.date: 11/08/2023
+  ms.date: 11/04/2024
   author: shlipsey3
   ms.author: sarahlipsey
   ms.topic: unit

learn-pr/azure/manage-users-and-groups-in-aad/7-summary.yml

@@ -6,7 +6,7 @@ metadata:
   prefetch-feature-rollout: true
   title: Summary
   description: Summary
-  ms.date: 11/08/2023
+  ms.date: 11/04/2024
   author: shlipsey3
   ms.author: sarahlipsey
   ms.topic: unit

learn-pr/azure/manage-users-and-groups-in-aad/includes/1-introduction.md

@@ -19,3 +19,4 @@ In this module, you'll:
 
 - Basic understanding of identity and role-based access control
 - Experience using the Azure portal
+- Experience with Microsoft Entra admin center

learn-pr/azure/manage-users-and-groups-in-aad/includes/2-create-aad.md

@@ -32,10 +32,13 @@ You can also decide how the default directory is selected: last visited or a spe
 
 ## Create a new directory
 
+> [!NOTE]
+> You can accomplish many of these tasks in either the Azure portal or the Microsoft Entra admin center. For this tutorial, we'll use the Microsoft Entra admin center for most tasks, except where noted.
+
 An organization (tenant) has one associated default Microsoft Entra directory. However, owners can create additional directories to support development or testing purposes, or because they want to have separate directories to synchronize with their local Windows Server AD forests.
 
 > [!IMPORTANT]
-> The steps to create a new directory follow; however, unless you're an owner of your Azure account, this option won't be available to you. The Azure Sandbox doesn't allow you to create new Microsoft Entra directories.
+> The steps to create a new directory follow; however, unless you're an owner of your Azure account, this option isn't available to you. The Azure Sandbox doesn't allow you to create new Microsoft Entra directories.
 
 1. Sign in to the [Azure portal](https://portal.azure.com?azure-portal=true).
 
@@ -51,13 +54,13 @@ An organization (tenant) has one associated default Microsoft Entra directory. H
 
     - **Organization name**: Enter a name for the directory to help distinguish it from your other directories. The directory to be created will be used in production; provide a name that your users will recognize as your organization's name. You can change the name later if you want.
 
-    - **Initial domain name**: Enter a domain name associated with your organization. Azure will give a validation error unless the domain isn't known. The default domain name will always have the suffix `.onmicrosoft.com`. You can't change the default domain. If you choose to, you can add a custom domain owned by your organization so defined users can use a traditional company email, such as `[email protected]`.
+    - **Initial domain name**: Enter a domain name associated with your organization. An unknown or missing domain causes a validation error. The default domain name will always have the suffix `.onmicrosoft.com`. You can't change the default domain. If you choose to, you can add a custom domain owned by your organization so defined users can use a traditional company email, such as `[email protected]`.
 
-    - **Country or region**: Select the country/region in which the directory should reside. The country/region will identify the region and data center where the Microsoft Entra instance will live;  you can't change it later.
+    - **Country or region**: Select the country/region in which the directory should reside. The country/region identifies the region and data center where the Microsoft Entra instance lives; you can't change it later.
 
     ![Screenshot showing the AD creation process.](../media/2-create-directory.png)
 
-1. Select **Create** to create the new directory. A free tier directory will be created where you can add users, create roles, register apps and devices, and control licenses.
+1. Select **Create** to create the new directory. A free tier directory is created where you can add users, create roles, register apps and devices, and control licenses.
 
 After you've created the directory, select **Click here to manage your new tenant** to go to the Overview dashboard that lets you control all directory aspects.
 

learn-pr/azure/manage-users-and-groups-in-aad/includes/3-users.md

@@ -1,26 +1,29 @@
 Every user who needs access to Azure resources needs an Azure user account. Your user account contains all the information needed to authenticate you during the sign-in process. Once authenticated, Microsoft Entra ID builds an access token to authorize you, determine what resources you can access, and determine what you can do with those resources.
 
-You can use the **Microsoft Entra ID** dashboard in the Azure portal to work with user objects. Keep in mind that you can only work with a single directory at a time, but you can use the **Directory + Subscription** pane to switch directories. The dashboard also has a **Manage tenants** button in the toolbar, which makes it easy to view all your directories and switch to another available directory.
+The [Microsoft Entra admin center](https://entra.microsoft.com/) is a web-based identity portal for Microsoft Entra products. It provides a unified administrative experience for organizations and administrators to configure and manage their Microsoft Entra solutions in a centralized location.
+
+In this exercise, you'll use the Microsoft Entra admin center to work with user objects. Keep in mind that you can only work with a single directory at a time, but you can use the **Directory + Subscription** pane to switch directories. 
 
 ## View users
 
-To view the Microsoft Entra users, in the left menu pane, under **Manage**, select **Users**. The **All Users** pane appears. Notice the **User type** and **Identities** columns, as shown in the following screenshot:
+To view the Microsoft Entra users, select **Users** in the left pane, then select **All users**. The **All Users** pane appears. Notice the **User type** and **Identities** columns, as shown in the following screenshot:
 
 ![Screenshot that depicts the All users pane, with the **User type** and **Identities** columns noted.](../media/M1-AAD-Users.png)
 
 Typically, Microsoft Entra ID defines users in three ways:
 
-- **Cloud identities**: These users exist only in Microsoft Entra ID. Examples are administrator accounts and users that you manage yourself. Their source is **Microsoft Entra ID** or **External Microsoft Entra ID** if the user is defined in another Microsoft Entra instance, but needs access to subscription resources controlled by this directory. When these accounts are removed from the primary directory, they are deleted.
+- **Cloud identities**: These users exist only in Microsoft Entra ID. Examples are administrator accounts and users that you manage yourself. Their source is **Microsoft Entra ID** or **External Microsoft Entra ID** if the user is defined in another Microsoft Entra instance, but needs access to subscription resources controlled by this directory. When these accounts are removed from the primary directory, they're deleted.
 
 - **Directory-synchronized identities**: These users exist in an on-premises Active Directory. A synchronization activity that occurs via **Microsoft Entra Connect** brings these users in to Azure. Their source is **Windows Server AD**.
 
-- **Guest users**: These users exist outside Azure. Examples are accounts from other cloud providers and Microsoft accounts, such as an Xbox LIVE account. Their source is **Invited user**. This type of account is useful when external vendors or contractors need access to your Azure resources. Once their help is no longer necessary, you can remove the account and all of their access.
+- **Guest users**: These users exist outside Azure. Examples are accounts from other cloud providers and Microsoft accounts (such as an Xbox LIVE account). Their source is **Invited user**. This type of account is useful when external vendors or contractors need access to your Azure resources. Once their help is no longer necessary, you can remove the account and all of their access.
 
 ## Add users
 
 You can add cloud identities to Microsoft Entra ID in multiple ways:
 
 - Syncing an on-premises Windows Server Active Directory
+- Using the Microsoft Entra admin center
 - Using the Azure portal
 - Using the command line
 - Other options
@@ -29,19 +32,19 @@ You can add cloud identities to Microsoft Entra ID in multiple ways:
 
 Microsoft Entra Connect is a separate service that allows you to synchronize a traditional Active Directory with your Microsoft Entra instance. This is how most enterprise customers add users to the directory. The advantage to this approach is users can use single sign-on (SSO) to access local and cloud-based resources.
 
-### Use the Azure portal
+### Use the Microsoft Entra admin center
 
-You can manually add new users through the Azure portal. This is the easiest way to add a small set of users. You need to be in the **User Administrator** role to perform this function.
+You can manually add new users through the Microsoft Entra admin center. This is the easiest way to add a small set of users. You need to be in the **User Administrator** role to perform this function.
 
-1. To add a new user with the Azure portal, in the top menu bar, select **New user**, then select **Create new user**.
+1. To add a new user, select **New user** in the top menu bar, then select **Create new user**.
 
     ![Screenshot showing the New User button highlighted in the Microsoft Entra admin center.](../media/2-new-user-all-users-pane.png)
 
 1. In addition to **Name** and **User name**, you can add profile information, like **Job Title** and **Department**, on the **Properties** tab.
 
     ![Screenshot showing the New user dialog.](../media/2-new-user-user-pane.png)
 
-    The default behavior is to create a new user in the organization. The user will have a username with the default domain name assigned to the directory such as [email protected].
+    The default behavior is to create a new user in the organization. The user will have a username with the default domain name assigned to the directory, such as [email protected].
 
 1. You can also *invite* a user into the directory. In this case, an email is sent to a known email address, and an account is created and associated with that email address if the user accepts the invitation.