Merge pull request #5962 from MicrosoftDocs/main

Merge main to live, 4 AM

.docutune/dictionaries/known-guids.json

@@ -3823,5 +3823,6 @@
   "Azure Key Vault Managed HSM Key Governance Service" : "a1b76039-a76c-499f-a2dd-846b4cc32627",
   "EV_EFI_VARIABLE_DRIVER_CONFIG GUID 1" : "8BE4DF61-93CA-11D2-AA0D-00E098032B8C",
   "EV_EFI_VARIABLE_DRIVER_CONFIG GUID 2" : "77FA9ABD-0359-4D32-BD60-28F4E78F784B",
-  "Process mining service principal" : "dad3c6de-ed58-42ef-989f-9c0303aaeedc"
+  "Process mining service principal" : "dad3c6de-ed58-42ef-989f-9c0303aaeedc",
+  "Tabular Data Stream (TDS) link" : "893fcc7e-8a39-4b3c-815a-773b7b982c50"
 }

docs/global-secure-access/scripts/powershell-get-token.md

@@ -134,6 +134,9 @@ Write-Output "Error: Authentication result, token or tenant id returned with nul
 $accessToken = $token
 
 Set-Content -Path C:\token.txt -Value "$accessToken"
+Write-Output "---------------------------------------"
+Write-Output "Access Token that you acquired is available in C:\token.txt. "
+Write-Output "---------------------------------------"
 Write-Output "Please ensure no additional spaces are introduced when copying token to marketplace input form. Introducing spaces can change the token and can cause failures"
 Write-Output "---------------------------------------"
 
@@ -146,21 +149,23 @@ cd "C:\"
 # Note that if the Connector service is not uninstalled properly, next iteration can fail on this machine.  
 
 Write-Output "---------------------------------------"
-Write-Output "Performing the cleanup. Kindly follow the prompts to Uninstall and clean the state"
+Write-Output "Performing the cleanup. Kindly be patient"
 Write-Output "---------------------------------------"
 
-Start-Process -FilePath 'C:\temp\MicrosoftEntraPrivateNetworkConnectorInstaller.exe' /uninstall -Wait 
+C:\temp\MicrosoftEntraPrivateNetworkConnectorInstaller.exe /uninstall /quiet 
+
+#Wait 60 seconds
+Start-Sleep -Seconds 60
 
 # Delete the related files. Note that if you need to get the token again from 
 
 Write-Host "Cleaning Up....."
-Remove-Item C:\temp\*.*
-Remove-Item -Path "C:\temp"
+Remove-Item -Path "C:\temp" -Recurse
 Remove-Item -Path "C:\Program Files\Microsoft Entra private network connector" -Recurse
 Remove-Item -Path "C:\Program Files\Microsoft Entra private network connector updater" -Recurse
 
 Write-Output "---------------------------------------"
-Write-Output "Access Token that you acquired is available in C:\token.txt. "
+Write-Output "All Cleaned Up. Access Token that you acquired is available in C:\token.txt. "
 Write-Output "---------------------------------------"
 
 } else {

docs/id-governance/apps.md

@@ -147,7 +147,6 @@ Microsoft Entra ID Governance can be integrated with many other applications, us
 | [Blockbax](~/identity/saas-apps/blockbax-tutorial.md) |  | ● |
 | [BlogIn](~/identity/saas-apps/blogin-provisioning-tutorial.md) | ● | ● |
 | [Blue Ocean Brain](~/identity/saas-apps/blue-ocean-brain-tutorial.md) |  | ● |
-| [BlueJeans](~/identity/saas-apps/bluejeans-provisioning-tutorial.md) | ● | ● |
 | [Bonusly](~/identity/saas-apps/bonusly-provisioning-tutorial.md) | ● | ● |
 | [BorrowBox](~/identity/saas-apps/borrowbox-tutorial.md) |  | ● |
 | [Box](~/identity/saas-apps/box-userprovisioning-tutorial.md) | ● | ● |

docs/identity-platform/scenario-mobile-app-registration.md

@@ -5,7 +5,7 @@ author: henrymbuguakiarie
 manager: CelesteDG
 ms.author: henrymbugua
 ms.custom: 
-ms.date: 08/18/2021
+ms.date: 11/14/2024
 ms.reviewer: brianmel, jmprieur
 ms.service: identity-platform
 

docs/identity-platform/v2-protocols.md

@@ -5,7 +5,7 @@ author: henrymbuguakiarie
 manager: CelesteDG
 ms.author: henrymbugua
 ms.custom: has-adal-ref
-ms.date: 02/09/2024
+ms.date: 11/14/2024
 ms.reviewer: nickludwig
 ms.service: identity-platform
 

docs/identity/devices/device-join-macos-platform-single-sign-on-kerberos-configuration.md

@@ -172,6 +172,16 @@ Validate your configuration is working by testing with appropriate Kerberos-capa
 1. Test on-premises Active Directory functionality by accessing an on-premises AD-integrated file server using Finder or a web application using Safari. The user should be able to access the file share without being challenged for interactive credentials.
 2. Test Microsoft Entra ID Kerberos functionality by accessing an Azure Files share enabled for Microsoft Entra ID cloud kerberos. The user should be able to access the file share without being challenged for interactive credentials. Refer to [this guide](/azure/storage/files/storage-files-identity-auth-hybrid-identities-enable) if you need to configure a cloud file share in Azure Files.
 
+## Known Issues
+
+### Kerberos SSO extension menu extra
+
+When deploying support for Kerberos SSO with Platform SSO, the standard Kerberos SSO extension capabilities of macOS are still leveraged. Like with a deployment of the native [Kerberos SSO extension](https://support.apple.com/guide/deployment/kerberos-sso-extension-depe6a1cda64/web) without Platform SSO, the Kerberos SSO extension menu extra will appear in the macOS menu bar:
+
+:::image type="content" source="media/device-registration-macos-platform-single-sign-on/platform-sso-kerberos-menu-bar-applet.png" alt-text="Screenshot of the macOS Kerberos SSO extension menu extra.":::
+
+When deploying Kerberos support with Platform SSO, users do not need to interact with the Kerberos SSO extension menu extra to have Kerberos functionality work. Kerberos SSO functionality will still operate if the user does not sign into the menu bar extra and the menu bar extra reports "Not signed in". You may instruct users to ignore the menu bar extra when deploying with Platform SSO, per this article. Instead, make sure that you validate that kerberos functionality works as expected without interaction with the menu bar extra, as outlined in the [Testing Kerberos SSO](#testing-kerberos-sso) section of this article.
+
 ## See also
 
 - [Join a Mac device with Microsoft Entra ID using Company Portal](./device-join-microsoft-entra-company-portal.md)

docs/identity/saas-apps/greenhouse-tutorial.md

@@ -79,7 +79,7 @@ Follow these steps to enable Microsoft Entra SSO.
 	![Edit Basic SAML Configuration](common/edit-urls.png)
 
 > [!NOTE]
-> [Greenhouse Client support team](https://www.greenhouse.io/contact) recommends configuring Entra ID side application settings for **IDP** initiated mode. Contact Greenshouse Client support team for more details and get the correct vales mentioned below. 
+> The [Greenhouse Client support team](https://www.greenhouse.io/contact) recommends configuring Entra ID side application settings for **IDP** initiated mode. Contact the Greenhouse Client support team for more details and to get the correct values mentioned below. 
 
 1. On the **Basic SAML Configuration** section enter the values for the following fields:
 

docs/verified-id/verifiable-credentials-configure-tenant.md

@@ -51,7 +51,7 @@ If you don't have an Azure Key Vault instance available, follow [these steps](/a
 
 Before you can set up Verified ID, you need to provide Key Vault [access](/azure/key-vault/general/rbac-guide). This defines whether a specified admin can perform operations on Key Vault secrets and keys. Provide access permissions to your key vault for both the Verified ID administrator account, and for the Request Service API principal that you created.
 
-After you create your key vault, Verifiable Credentials generates a set of keys used to provide message security. These keys are stored in Key Vault. You use a key set for signing, updating, and recovering verifiable credentials.
+After you create your key vault, Verifiable Credentials generates a set of keys used to provide message security. These keys are stored in Key Vault. You use a key set for signing verifiable credentials.
 
 ## Set up Verified ID