From 0539269ee5a31e91b197c3ebce8cb7b6fb50c657 Mon Sep 17 00:00:00 2001 From: Ed McKillop <157421646+edmckillop@users.noreply.github.com> Date: Tue, 3 Dec 2024 08:05:32 -0800 Subject: [PATCH 01/11] Update migrate-okta-sync-provisioning.md Reverse edits and return content necessary for context and usage, regardless of mention of Azure AD --- docs/identity/enterprise-apps/migrate-okta-sync-provisioning.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/identity/enterprise-apps/migrate-okta-sync-provisioning.md b/docs/identity/enterprise-apps/migrate-okta-sync-provisioning.md index edeb9e473d0..2157a75e68f 100644 --- a/docs/identity/enterprise-apps/migrate-okta-sync-provisioning.md +++ b/docs/identity/enterprise-apps/migrate-okta-sync-provisioning.md @@ -5,7 +5,7 @@ author: gargi-sinha manager: martinco ms.service: entra-id ms.topic: tutorial -ms.date: 04/18/2024 +ms.date: 12/03/2024 ms.author: gasinh ms.subservice: enterprise-apps ms.custom: kr2b-contr-experiment, not-enterprise-apps, has-azure-ad-ps-ref From b8c920811fd06bf7609b7763abdd2b32a1e9d0fc Mon Sep 17 00:00:00 2001 From: Ed McKillop <157421646+edmckillop@users.noreply.github.com> Date: Tue, 3 Dec 2024 08:14:56 -0800 Subject: [PATCH 02/11] Update migrate-okta-sync-provisioning.md --- .../migrate-okta-sync-provisioning.md | 24 +++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/docs/identity/enterprise-apps/migrate-okta-sync-provisioning.md b/docs/identity/enterprise-apps/migrate-okta-sync-provisioning.md index 2157a75e68f..bf8794f22f0 100644 --- a/docs/identity/enterprise-apps/migrate-okta-sync-provisioning.md +++ b/docs/identity/enterprise-apps/migrate-okta-sync-provisioning.md @@ -44,7 +44,14 @@ To use Microsoft Entra Connect, you need to sign in with a Hybrid Identity Admin The ImmutableID attribute ties synchronized objects to their on-premises counterparts. Okta takes the Active Directory objectGUID of an on-premises object and converts it to a Base-64-encoded string. By default, it then stamps that string to the ImmutableID field in Microsoft Entra ID. -You can connect to Microsoft Graph PowerShell and examine the current ImmutableID value. If you haven't used the Microsoft Graph PowerShell module, run it in an administrative session before you run commands: +You can connect to Microsoft Graph PowerShell and examine the current ImmutableID value. If you haven't used the Microsoft Graph PowerShell module, run: + + `Install-Module AzureAD` in an administrative session before you run the following commands: + + ```Powershell + Import-Module AzureAD + Connect-MgGraph + ``` If you have the module, a warning might appear to update to the latest version. @@ -68,7 +75,6 @@ The following command gets on-premises Microsoft Entra users and exports a list 1. Run the following command in Microsoft Graph PowerShell on an on-premises domain controller: - ```PowerShell Get-MgUser -Filter * -Properties objectGUID | Select-Object UserPrincipalName, Name, objectGUID, @{Name = 'ImmutableID'; @@ -77,8 +83,18 @@ The following command gets on-premises Microsoft Entra users and exports a list } } | export-csv C:\Temp\OnPremIDs.csv ``` -2. Run a command in a Microsoft Graph PowerShell session to list the synchronized values. -3. After both exports, confirm user ImmutableID values match. +2. Run the following command in a Microsoft Graph PowerShell session to list the synchronized values: + + ```powershell + Get-MgUser -all $true | Where-Object {$_.dirsyncenabled -like + "true"} | Select-Object UserPrincipalName, @{Name = 'objectGUID'; + Expression = { + [GUID][System.Convert]::FromBase64String($_.ImmutableID) } }, + ImmutableID | export-csv C:\\temp\\AzureADSyncedIDS.csv + ``` + +3. Run a command in a Microsoft Graph PowerShell session to list the synchronized values. +4. After both exports, confirm user ImmutableID values match. >[!IMPORTANT] >If your ImmutableID values in the cloud don't match objectGUID values, you've modified the defaults for Okta sync. You've likely chosen another attribute to determine ImmutableID values. Before going the next section, identify which source attribute populates ImmutableID values. Before you disable Okta sync, update the attribute Okta is syncing. From 1a3bbfb152273a54548f17ec4ba8384dd58a9ba8 Mon Sep 17 00:00:00 2001 From: TheWriteDoc <187326664+TheWriteDoc@users.noreply.github.com> Date: Tue, 3 Dec 2024 10:59:09 -0800 Subject: [PATCH 03/11] november 2024 refresh set 14 --- docs/identity/domain-services/manage-group-policy.yml | 2 +- docs/identity/domain-services/mismatched-tenant-error.md | 2 +- docs/identity/domain-services/overview.md | 2 +- docs/identity/domain-services/password-policy.md | 2 +- docs/identity/domain-services/scoped-synchronization.md | 2 +- docs/identity/domain-services/secure-your-domain.md | 2 +- docs/identity/domain-services/suspension.md | 2 +- docs/identity/domain-services/troubleshoot-account-lockout.md | 2 +- docs/identity/domain-services/troubleshoot-alerts.md | 2 +- docs/identity/domain-services/troubleshoot-domain-join.md | 2 +- docs/identity/domain-services/troubleshoot-sign-in.md | 2 +- docs/identity/domain-services/troubleshoot.md | 2 +- docs/identity/domain-services/tshoot-ldaps.md | 2 +- docs/identity/domain-services/tutorial-configure-ldaps.md | 2 +- docs/identity/domain-services/tutorial-configure-networking.md | 2 +- .../domain-services/tutorial-configure-password-hash-sync.md | 2 +- .../domain-services/tutorial-create-instance-advanced.md | 2 +- docs/identity/domain-services/tutorial-create-management-vm.md | 2 +- docs/identity/domain-services/tutorial-create-replica-set.md | 2 +- .../domain-services/tutorial-perform-disaster-recovery-drill.md | 2 +- docs/identity/domain-services/use-azure-monitor-workbooks.md | 2 +- 21 files changed, 21 insertions(+), 21 deletions(-) diff --git a/docs/identity/domain-services/manage-group-policy.yml b/docs/identity/domain-services/manage-group-policy.yml index 41afa6a0a61..bfe50667575 100644 --- a/docs/identity/domain-services/manage-group-policy.yml +++ b/docs/identity/domain-services/manage-group-policy.yml @@ -6,7 +6,7 @@ metadata: author: justinha ms.author: justinha manager: amycolannino - ms.date: 09/15/2023 + ms.date: 12/03/2024 ms.service: entra-id ms.subservice: domain-services ms.topic: how-to diff --git a/docs/identity/domain-services/mismatched-tenant-error.md b/docs/identity/domain-services/mismatched-tenant-error.md index b69cc7776b6..6739c82639e 100644 --- a/docs/identity/domain-services/mismatched-tenant-error.md +++ b/docs/identity/domain-services/mismatched-tenant-error.md @@ -8,7 +8,7 @@ ms.assetid: 40eb75b7-827e-4d30-af6c-ca3c2af915c7 ms.service: entra-id ms.subservice: domain-services ms.topic: troubleshooting -ms.date: 09/23/2023 +ms.date: 12/03/2024 ms.author: justinha --- # Resolve mismatched directory errors for existing Microsoft Entra Domain Services managed domains diff --git a/docs/identity/domain-services/overview.md b/docs/identity/domain-services/overview.md index dd81b7019a8..b0ce7577f43 100644 --- a/docs/identity/domain-services/overview.md +++ b/docs/identity/domain-services/overview.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.subservice: domain-services ms.topic: overview -ms.date: 09/15/2023 +ms.date: 12/03/2024 ms.author: justinha #Customer intent: As an IT administrator or decision maker, I want to understand what Domain Services is and how it can benefit my organization. --- diff --git a/docs/identity/domain-services/password-policy.md b/docs/identity/domain-services/password-policy.md index 528744b202e..511f2f75e15 100644 --- a/docs/identity/domain-services/password-policy.md +++ b/docs/identity/domain-services/password-policy.md @@ -8,7 +8,7 @@ ms.assetid: 1a14637e-b3d0-4fd9-ba7a-576b8df62ff2 ms.service: entra-id ms.subservice: domain-services ms.topic: how-to -ms.date: 09/21/2023 +ms.date: 12/03/2024 ms.author: justinha --- # Password and account lockout policies on Microsoft Entra Domain Services managed domains diff --git a/docs/identity/domain-services/scoped-synchronization.md b/docs/identity/domain-services/scoped-synchronization.md index 8a123414740..24db035a110 100644 --- a/docs/identity/domain-services/scoped-synchronization.md +++ b/docs/identity/domain-services/scoped-synchronization.md @@ -8,7 +8,7 @@ ms.assetid: 9389cf0f-0036-4b17-95da-80838edd2225 ms.service: entra-id ms.subservice: domain-services ms.topic: how-to -ms.date: 09/21/2023 +ms.date: 12/03/2024 ms.author: justinha --- # Configure scoped synchronization from Microsoft Entra ID to Microsoft Entra Domain Services using the Microsoft Entra admin center diff --git a/docs/identity/domain-services/secure-your-domain.md b/docs/identity/domain-services/secure-your-domain.md index d52df197907..e035d0d7461 100644 --- a/docs/identity/domain-services/secure-your-domain.md +++ b/docs/identity/domain-services/secure-your-domain.md @@ -8,7 +8,7 @@ ms.assetid: 6b4665b5-4324-42ab-82c5-d36c01192c2a ms.service: entra-id ms.subservice: domain-services ms.topic: how-to -ms.date: 09/23/2023 +ms.date: 12/03/2024 ms.author: justinha ms.custom: has-azure-ad-ps-ref, azure-ad-ref-level-one-done --- diff --git a/docs/identity/domain-services/suspension.md b/docs/identity/domain-services/suspension.md index d1177ef1398..12f2645ee3e 100644 --- a/docs/identity/domain-services/suspension.md +++ b/docs/identity/domain-services/suspension.md @@ -8,7 +8,7 @@ ms.assetid: 95e1d8da-60c7-4fc1-987d-f48fde56a8cb ms.service: entra-id ms.subservice: domain-services ms.topic: how-to -ms.date: 11/01/2023 +ms.date: 12/03/2024 ms.author: justinha --- # Understand the health states and resolve suspended domains in Microsoft Entra Domain Services diff --git a/docs/identity/domain-services/troubleshoot-account-lockout.md b/docs/identity/domain-services/troubleshoot-account-lockout.md index 9073605181f..06d8830c1e1 100644 --- a/docs/identity/domain-services/troubleshoot-account-lockout.md +++ b/docs/identity/domain-services/troubleshoot-account-lockout.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.subservice: domain-services ms.topic: troubleshooting -ms.date: 09/21/2023 +ms.date: 12/03/2024 ms.author: justinha #Customer intent: As a directory administrator, I want to troubleshoot why user accounts are locked out in a Microsoft Entra Domain Services managed domain. --- diff --git a/docs/identity/domain-services/troubleshoot-alerts.md b/docs/identity/domain-services/troubleshoot-alerts.md index f9f41999a7e..365debe4ca5 100644 --- a/docs/identity/domain-services/troubleshoot-alerts.md +++ b/docs/identity/domain-services/troubleshoot-alerts.md @@ -8,7 +8,7 @@ ms.assetid: 54319292-6aa0-4a08-846b-e3c53ecca483 ms.service: entra-id ms.subservice: domain-services ms.topic: troubleshooting -ms.date: 09/15/2023 +ms.date: 12/03/2024 ms.author: justinha --- # Known issues: Common alerts and resolutions in Microsoft Entra Domain Services diff --git a/docs/identity/domain-services/troubleshoot-domain-join.md b/docs/identity/domain-services/troubleshoot-domain-join.md index 1c5611cb4ea..9a3154d5117 100644 --- a/docs/identity/domain-services/troubleshoot-domain-join.md +++ b/docs/identity/domain-services/troubleshoot-domain-join.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.subservice: domain-services ms.topic: troubleshooting -ms.date: 09/21/2023 +ms.date: 12/03/2024 ms.author: justinha #Customer intent: As a directory administrator, I want to troubleshoot why VMs can't join a Microsoft Entra Domain Services managed domain. --- diff --git a/docs/identity/domain-services/troubleshoot-sign-in.md b/docs/identity/domain-services/troubleshoot-sign-in.md index ee5882fa008..0ed6573aa2f 100644 --- a/docs/identity/domain-services/troubleshoot-sign-in.md +++ b/docs/identity/domain-services/troubleshoot-sign-in.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.subservice: domain-services ms.topic: troubleshooting -ms.date: 09/21/2023 +ms.date: 12/03/2024 ms.author: justinha #Customer intent: As a directory administrator, I want to troubleshoot user account sign in problems in a Microsoft Entra Domain Services managed domain. --- diff --git a/docs/identity/domain-services/troubleshoot.md b/docs/identity/domain-services/troubleshoot.md index ee6b87afab1..de1a92668e6 100644 --- a/docs/identity/domain-services/troubleshoot.md +++ b/docs/identity/domain-services/troubleshoot.md @@ -9,7 +9,7 @@ ms.service: entra-id ms.subservice: domain-services ms.custom: has-azure-ad-ps-ref, azure-ad-ref-level-one-done ms.topic: troubleshooting -ms.date: 11/26/2023 +ms.date: 12/03/2024 ms.author: justinha --- # Common errors and troubleshooting steps for Microsoft Entra Domain Services diff --git a/docs/identity/domain-services/tshoot-ldaps.md b/docs/identity/domain-services/tshoot-ldaps.md index b349fb0718b..dcb21e2a798 100644 --- a/docs/identity/domain-services/tshoot-ldaps.md +++ b/docs/identity/domain-services/tshoot-ldaps.md @@ -8,7 +8,7 @@ ms.assetid: 445c60da-e115-447b-841d-96739975bdf6 ms.service: entra-id ms.subservice: domain-services ms.topic: troubleshooting -ms.date: 01/29/2023 +ms.date: 12/03/2024 ms.author: justinha --- # Troubleshoot secure LDAP connectivity issues to a Microsoft Entra Domain Services managed domain diff --git a/docs/identity/domain-services/tutorial-configure-ldaps.md b/docs/identity/domain-services/tutorial-configure-ldaps.md index 9e4b5825230..baaccd29c31 100644 --- a/docs/identity/domain-services/tutorial-configure-ldaps.md +++ b/docs/identity/domain-services/tutorial-configure-ldaps.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.subservice: domain-services ms.topic: tutorial -ms.date: 09/15/2023 +ms.date: 12/03/2024 ms.author: justinha ms.reviewer: xyuan #Customer intent: As an identity administrator, I want to secure access to a Microsoft Entra Domain Services managed domain using secure Lightweight Directory Access Protocol (LDAPS) diff --git a/docs/identity/domain-services/tutorial-configure-networking.md b/docs/identity/domain-services/tutorial-configure-networking.md index 1af0b5c5e0e..ddf8b282d53 100644 --- a/docs/identity/domain-services/tutorial-configure-networking.md +++ b/docs/identity/domain-services/tutorial-configure-networking.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.subservice: domain-services ms.topic: tutorial -ms.date: 09/15/2023 +ms.date: 12/03/2024 ms.author: justinha #Customer intent: As an identity administrator, I want to create and configure a virtual network subnet or network peering for application workloads in a Microsoft Entra Domain Services managed domain --- diff --git a/docs/identity/domain-services/tutorial-configure-password-hash-sync.md b/docs/identity/domain-services/tutorial-configure-password-hash-sync.md index 2859e700822..0b8a6574a08 100644 --- a/docs/identity/domain-services/tutorial-configure-password-hash-sync.md +++ b/docs/identity/domain-services/tutorial-configure-password-hash-sync.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.subservice: domain-services ms.topic: tutorial -ms.date: 09/21/2023 +ms.date: 12/03/2024 ms.author: justinha #Customer intent: As a server administrator, I want to learn how to enable password hash synchronization with Microsoft Entra Connect to create a hybrid environment using an on-premises AD DS domain. --- diff --git a/docs/identity/domain-services/tutorial-create-instance-advanced.md b/docs/identity/domain-services/tutorial-create-instance-advanced.md index ce62c593a5d..847e810e2f9 100644 --- a/docs/identity/domain-services/tutorial-create-instance-advanced.md +++ b/docs/identity/domain-services/tutorial-create-instance-advanced.md @@ -8,7 +8,7 @@ ms.service: entra-id ms.subservice: domain-services ms.custom: has-azure-ad-ps-ref, azure-ad-ref-level-one-done ms.topic: tutorial -ms.date: 09/15/2023 +ms.date: 12/03/2024 ms.author: justinha #Customer intent: As an identity administrator, I want to create a Microsoft Entra Domain Services managed domain and define advanced configuration options so that I can synchronize identity information with my Microsoft Entra tenant and provide Domain Services connectivity to virtual machines and applications in Azure. --- diff --git a/docs/identity/domain-services/tutorial-create-management-vm.md b/docs/identity/domain-services/tutorial-create-management-vm.md index e30d07c9a96..bf71984e996 100644 --- a/docs/identity/domain-services/tutorial-create-management-vm.md +++ b/docs/identity/domain-services/tutorial-create-management-vm.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.subservice: domain-services ms.topic: tutorial -ms.date: 09/15/2023 +ms.date: 12/03/2024 ms.author: justinha #Customer intent: As an identity administrator, I want to create a management VM and install the required tools to connect to and manage a Microsoft Entra Domain Services managed domain. --- diff --git a/docs/identity/domain-services/tutorial-create-replica-set.md b/docs/identity/domain-services/tutorial-create-replica-set.md index b1485389d02..ed6a90b2622 100644 --- a/docs/identity/domain-services/tutorial-create-replica-set.md +++ b/docs/identity/domain-services/tutorial-create-replica-set.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.subservice: domain-services ms.topic: tutorial -ms.date: 09/15/2023 +ms.date: 12/03/2024 ms.author: justinha #Customer intent: As an identity administrator, I want to create and use replica sets in Microsoft Entra Domain Services to provide resiliency or geographical distributed managed domain data. --- diff --git a/docs/identity/domain-services/tutorial-perform-disaster-recovery-drill.md b/docs/identity/domain-services/tutorial-perform-disaster-recovery-drill.md index eb8a8bde0a1..7c0c7bdaf91 100644 --- a/docs/identity/domain-services/tutorial-perform-disaster-recovery-drill.md +++ b/docs/identity/domain-services/tutorial-perform-disaster-recovery-drill.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.subservice: domain-services ms.topic: tutorial -ms.date: 09/21/2023 +ms.date: 12/03/2024 ms.author: justinha #Customer intent: As an identity administrator, I want to perform a disaster recovery drill by using replica sets in Microsoft Entra Domain Services to demonstrate resiliency for geographically distributed domain data. --- diff --git a/docs/identity/domain-services/use-azure-monitor-workbooks.md b/docs/identity/domain-services/use-azure-monitor-workbooks.md index 8a402c443af..308da24f918 100644 --- a/docs/identity/domain-services/use-azure-monitor-workbooks.md +++ b/docs/identity/domain-services/use-azure-monitor-workbooks.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.subservice: domain-services ms.topic: how-to -ms.date: 09/21/2023 +ms.date: 12/03/2024 ms.author: justinha --- # Review security audit events in Microsoft Entra Domain Services using Azure Monitor Workbooks From e2202d7516364c2cee974a98f4888c8cdb55096f Mon Sep 17 00:00:00 2001 From: TheWriteDoc <187326664+TheWriteDoc@users.noreply.github.com> Date: Tue, 3 Dec 2024 11:46:45 -0800 Subject: [PATCH 04/11] november 2024 refresh set 15 --- docs/identity/hybrid/accidental-deletes.md | 2 +- docs/identity/hybrid/accounts.md | 2 +- docs/identity/hybrid/cloud-sync/how-to-automatic-upgrade.md | 2 +- docs/identity/hybrid/cloud-sync/how-to-gmsa-cmdlets.md | 2 +- docs/identity/hybrid/cloud-sync/how-to-install-pshell.md | 2 +- .../hybrid/cloud-sync/how-to-manage-registry-options.md | 2 +- docs/identity/hybrid/cloud-sync/how-to-map-usertype.md | 2 +- docs/identity/hybrid/cloud-sync/how-to-sso.md | 2 +- docs/identity/hybrid/cloud-sync/reference-powershell.md | 2 +- .../cloud-sync/reference-provision-to-active-directory-faq.yml | 2 +- docs/identity/hybrid/cloud-sync/tutorial-basic-ad-azure.md | 2 +- docs/identity/hybrid/cloud-sync/tutorial-existing-forest.md | 2 +- docs/identity/hybrid/cloud-sync/what-is-provisioning-agent.md | 2 +- docs/identity/hybrid/configure.md | 2 +- 14 files changed, 14 insertions(+), 14 deletions(-) diff --git a/docs/identity/hybrid/accidental-deletes.md b/docs/identity/hybrid/accidental-deletes.md index 90914d38a0b..d8eee003bcf 100644 --- a/docs/identity/hybrid/accidental-deletes.md +++ b/docs/identity/hybrid/accidental-deletes.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.topic: conceptual ms.tgt_pltfrm: na -ms.date: 11/06/2023 +ms.date: 12/03/2024 ms.subservice: hybrid ms.author: billmath diff --git a/docs/identity/hybrid/accounts.md b/docs/identity/hybrid/accounts.md index 1124c6baf83..be917d073a3 100644 --- a/docs/identity/hybrid/accounts.md +++ b/docs/identity/hybrid/accounts.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.topic: conceptual ms.tgt_pltfrm: na -ms.date: 11/06/2023 +ms.date: 12/03/2024 ms.subservice: hybrid ms.author: billmath diff --git a/docs/identity/hybrid/cloud-sync/how-to-automatic-upgrade.md b/docs/identity/hybrid/cloud-sync/how-to-automatic-upgrade.md index fd2b9d1ecab..e25eeb589cd 100644 --- a/docs/identity/hybrid/cloud-sync/how-to-automatic-upgrade.md +++ b/docs/identity/hybrid/cloud-sync/how-to-automatic-upgrade.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.topic: how-to ms.tgt_pltfrm: na -ms.date: 11/06/2023 +ms.date: 12/03/2024 ms.subservice: hybrid-cloud-sync ms.author: billmath diff --git a/docs/identity/hybrid/cloud-sync/how-to-gmsa-cmdlets.md b/docs/identity/hybrid/cloud-sync/how-to-gmsa-cmdlets.md index 5fe83411b80..42612b76731 100644 --- a/docs/identity/hybrid/cloud-sync/how-to-gmsa-cmdlets.md +++ b/docs/identity/hybrid/cloud-sync/how-to-gmsa-cmdlets.md @@ -6,7 +6,7 @@ author: billmath manager: amycolannino ms.service: entra-id ms.topic: how-to -ms.date: 11/06/2023 +ms.date: 12/03/2024 ms.subservice: hybrid-cloud-sync ms.author: billmath diff --git a/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md b/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md index ae3b6b8ebb6..431926a31b9 100644 --- a/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md +++ b/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md @@ -6,7 +6,7 @@ author: billmath manager: amycolannino ms.service: entra-id ms.topic: how-to -ms.date: 11/06/2023 +ms.date: 12/03/2024 ms.subservice: hybrid-cloud-sync ms.author: billmath diff --git a/docs/identity/hybrid/cloud-sync/how-to-manage-registry-options.md b/docs/identity/hybrid/cloud-sync/how-to-manage-registry-options.md index 499bfbaa83c..c9b44899994 100644 --- a/docs/identity/hybrid/cloud-sync/how-to-manage-registry-options.md +++ b/docs/identity/hybrid/cloud-sync/how-to-manage-registry-options.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.topic: how-to ms.tgt_pltfrm: na -ms.date: 11/06/2023 +ms.date: 12/03/2024 ms.subservice: hybrid-cloud-sync ms.reviewer: chmutali ms.author: billmath diff --git a/docs/identity/hybrid/cloud-sync/how-to-map-usertype.md b/docs/identity/hybrid/cloud-sync/how-to-map-usertype.md index 1dfb3ab7aa3..da98a196b1f 100644 --- a/docs/identity/hybrid/cloud-sync/how-to-map-usertype.md +++ b/docs/identity/hybrid/cloud-sync/how-to-map-usertype.md @@ -6,7 +6,7 @@ author: billmath manager: amycolannino ms.service: entra-id ms.topic: how-to -ms.date: 11/06/2023 +ms.date: 12/03/2024 ms.subservice: hybrid-cloud-sync ms.author: billmath diff --git a/docs/identity/hybrid/cloud-sync/how-to-sso.md b/docs/identity/hybrid/cloud-sync/how-to-sso.md index a411fdec9e1..9727c18f089 100644 --- a/docs/identity/hybrid/cloud-sync/how-to-sso.md +++ b/docs/identity/hybrid/cloud-sync/how-to-sso.md @@ -6,7 +6,7 @@ author: billmath manager: amycolannino ms.service: entra-id ms.topic: how-to -ms.date: 11/06/2023 +ms.date: 12/03/2024 ms.subservice: hybrid-cloud-sync ms.author: billmath diff --git a/docs/identity/hybrid/cloud-sync/reference-powershell.md b/docs/identity/hybrid/cloud-sync/reference-powershell.md index 95ff4eac80a..10a5300e1ae 100644 --- a/docs/identity/hybrid/cloud-sync/reference-powershell.md +++ b/docs/identity/hybrid/cloud-sync/reference-powershell.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.custom: has-azure-ad-ps-ref, azure-ad-ref-level-one-done ms.topic: how-to -ms.date: 11/06/2023 +ms.date: 12/03/2024 ms.subservice: hybrid-cloud-sync ms.author: billmath diff --git a/docs/identity/hybrid/cloud-sync/reference-provision-to-active-directory-faq.yml b/docs/identity/hybrid/cloud-sync/reference-provision-to-active-directory-faq.yml index 6f9a4bd6bb2..737f9a862ee 100644 --- a/docs/identity/hybrid/cloud-sync/reference-provision-to-active-directory-faq.yml +++ b/docs/identity/hybrid/cloud-sync/reference-provision-to-active-directory-faq.yml @@ -6,7 +6,7 @@ metadata: manager: amycolannino ms.service: entra-id ms.topic: faq - ms.date: 06/21/2023 + ms.date: 12/03/2024 ms.subservice: hybrid-cloud-sync ms.author: billmath diff --git a/docs/identity/hybrid/cloud-sync/tutorial-basic-ad-azure.md b/docs/identity/hybrid/cloud-sync/tutorial-basic-ad-azure.md index db7154adeff..94e5a7809e1 100644 --- a/docs/identity/hybrid/cloud-sync/tutorial-basic-ad-azure.md +++ b/docs/identity/hybrid/cloud-sync/tutorial-basic-ad-azure.md @@ -6,7 +6,7 @@ author: billmath manager: amycolannino ms.service: entra-id ms.topic: tutorial -ms.date: 11/06/2023 +ms.date: 12/03/2024 ms.subservice: hybrid-cloud-sync ms.author: billmath diff --git a/docs/identity/hybrid/cloud-sync/tutorial-existing-forest.md b/docs/identity/hybrid/cloud-sync/tutorial-existing-forest.md index dea4a5639b6..d832ddcda6b 100644 --- a/docs/identity/hybrid/cloud-sync/tutorial-existing-forest.md +++ b/docs/identity/hybrid/cloud-sync/tutorial-existing-forest.md @@ -6,7 +6,7 @@ author: billmath manager: amycolannino ms.service: entra-id ms.topic: tutorial -ms.date: 11/06/2023 +ms.date: 12/03/2024 ms.subservice: hybrid-cloud-sync ms.author: billmath diff --git a/docs/identity/hybrid/cloud-sync/what-is-provisioning-agent.md b/docs/identity/hybrid/cloud-sync/what-is-provisioning-agent.md index f698740ec5d..aa15c30a133 100644 --- a/docs/identity/hybrid/cloud-sync/what-is-provisioning-agent.md +++ b/docs/identity/hybrid/cloud-sync/what-is-provisioning-agent.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.topic: conceptual ms.tgt_pltfrm: na -ms.date: 11/06/2023 +ms.date: 12/03/2024 ms.subservice: hybrid-cloud-sync ms.author: billmath diff --git a/docs/identity/hybrid/configure.md b/docs/identity/hybrid/configure.md index 50c43fe60da..9afd38c47ef 100644 --- a/docs/identity/hybrid/configure.md +++ b/docs/identity/hybrid/configure.md @@ -7,7 +7,7 @@ manager: amycolannino ms.service: entra-id ms.topic: conceptual ms.tgt_pltfrm: na -ms.date: 11/06/2023 +ms.date: 12/03/2024 ms.subservice: hybrid ms.author: billmath From b70276e401464978acf6f16da1db28fdd25cf709 Mon Sep 17 00:00:00 2001 From: TheWriteDoc <187326664+TheWriteDoc@users.noreply.github.com> Date: Tue, 3 Dec 2024 12:38:30 -0800 Subject: [PATCH 05/11] fix verbiage --- docs/identity/hybrid/cloud-sync/how-to-install-pshell.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md b/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md index 431926a31b9..f5436c53815 100644 --- a/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md +++ b/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md @@ -34,7 +34,7 @@ The Windows server must have TLS 1.2 enabled before you install the Microsoft En [!INCLUDE [sign in](~/includes/cloud-sync-sign-in.md)] 3. Select **Manage**. - 4. Click **Download provisioning agent** + 4. Select **Download provisioning agent** 5. On the right, click **Accept terms and download**. 6. For the purposes of these instructions, the agent was downloaded to the C:\temp folder. 7. Install ProvisioningAgent in quiet mode. From ef0fea693491c7e453970e5a5b39add110fd7599 Mon Sep 17 00:00:00 2001 From: TheWriteDoc <187326664+TheWriteDoc@users.noreply.github.com> Date: Tue, 3 Dec 2024 12:46:24 -0800 Subject: [PATCH 06/11] fix Acro score --- docs/identity/hybrid/cloud-sync/how-to-install-pshell.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md b/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md index f5436c53815..ae0f0596ee1 100644 --- a/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md +++ b/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md @@ -35,7 +35,7 @@ The Windows server must have TLS 1.2 enabled before you install the Microsoft En [!INCLUDE [sign in](~/includes/cloud-sync-sign-in.md)] 3. Select **Manage**. 4. Select **Download provisioning agent** - 5. On the right, click **Accept terms and download**. + 5. On the right, select **Accept terms and download**. 6. For the purposes of these instructions, the agent was downloaded to the C:\temp folder. 7. Install ProvisioningAgent in quiet mode. ``` @@ -89,10 +89,10 @@ The Windows server must have TLS 1.2 enabled before you install the Microsoft En 16. Go to the Microsoft Entra admin center to create the cloud sync configuration. ## Provisioning agent gMSA PowerShell cmdlets -Now that you've installed the agent, you can apply more granular permissions to the gMSA. For information and step-by-step instructions on how to configure the permissions, see [Microsoft Entra Connect cloud provisioning agent gMSA PowerShell cmdlets](how-to-gmsa-cmdlets.md). +After you've installed the agent, you can apply more granular permissions to the gMSA. For information and step-by-step instructions on how to configure the permissions, see [Microsoft Entra Connect cloud provisioning agent gMSA PowerShell cmdlets](how-to-gmsa-cmdlets.md). ## Installing against US government cloud -By default, the Microsoft Entra provisioning agent installs against the default Azure cloud environment. If you are installing the agent for use in the US government cloud do the following: +By default, the Microsoft Entra provisioning agent installs against the default Azure cloud environment. If you're installing the agent for use in the US government cloud, do the following: - In step #8, add **ENVIRONMENTNAME=AzureUSGovernment** to the command line like the example. ``` From 00d887bcf270e18bca306c071e23c6a59047726e Mon Sep 17 00:00:00 2001 From: TheWriteDoc <187326664+TheWriteDoc@users.noreply.github.com> Date: Tue, 3 Dec 2024 12:52:59 -0800 Subject: [PATCH 07/11] fix Acro score 2 --- docs/identity/hybrid/cloud-sync/how-to-install-pshell.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md b/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md index ae0f0596ee1..1082d3e12d6 100644 --- a/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md +++ b/docs/identity/hybrid/cloud-sync/how-to-install-pshell.md @@ -81,18 +81,18 @@ The Windows server must have TLS 1.2 enabled before you install the Microsoft En Add-AADCloudSyncADDomain -DomainName contoso.com -Credential $contosoDomainAdminCreds -PreferredDomainControllers $preferredDCs ``` - 14. Repeat the previous step to add more domains. Provide the account names and domain names of the respective domains. + 14. To add more domains, repeat the previous step. Provide the account names and domain names of the respective domains. 15. Restart the service. ``` Restart-Service -Name AADConnectProvisioningAgent ``` - 16. Go to the Microsoft Entra admin center to create the cloud sync configuration. + 16. To create the cloud sync configuration, go to the Microsoft Entra admin center. ## Provisioning agent gMSA PowerShell cmdlets -After you've installed the agent, you can apply more granular permissions to the gMSA. For information and step-by-step instructions on how to configure the permissions, see [Microsoft Entra Connect cloud provisioning agent gMSA PowerShell cmdlets](how-to-gmsa-cmdlets.md). +After you install the agent, you can apply more granular permissions to the gMSA. For information and step-by-step instructions on how to configure the permissions, see [Microsoft Entra Connect cloud provisioning agent gMSA PowerShell cmdlets](how-to-gmsa-cmdlets.md). ## Installing against US government cloud -By default, the Microsoft Entra provisioning agent installs against the default Azure cloud environment. If you're installing the agent for use in the US government cloud, do the following: +By default, the Microsoft Entra provisioning agent installs against the default Azure cloud environment. If you're installing the agent for use in the US government cloud, do the following: - In step #8, add **ENVIRONMENTNAME=AzureUSGovernment** to the command line like the example. ``` From 377758b50b8f8cd5cc015f3818c8eeb159c2c1cc Mon Sep 17 00:00:00 2001 From: Justinha Date: Tue, 3 Dec 2024 13:56:55 -0800 Subject: [PATCH 08/11] added note consolidate groups --- .../authentication/concept-authentication-methods-manage.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/identity/authentication/concept-authentication-methods-manage.md b/docs/identity/authentication/concept-authentication-methods-manage.md index dec20b6954d..a99b9cc7b67 100644 --- a/docs/identity/authentication/concept-authentication-methods-manage.md +++ b/docs/identity/authentication/concept-authentication-methods-manage.md @@ -5,7 +5,7 @@ description: Learn about the authentication methods policy and different ways to ms.service: entra-id ms.subservice: authentication ms.topic: conceptual -ms.date: 10/04/2024 +ms.date: 12/03/2024 ms.author: justinha author: justinha @@ -108,6 +108,9 @@ Tenants are set to either Pre-migration or Migration in Progress by default, dep - In recent updates, we removed the ability to target individual users. Previously targeted users will remain in the policy, but we recommend moving them to a targeted group. - Registration of an authentication method can fail if many groups are included in the Authentication methods policy or a registration campaign. We recommend consolidating multiple groups into a single group for each authentication method. To maintain registration for users during consolidation, add the new group and remove current groups in the same operation. + >[!NOTE] + >You might not be able to save updates to the Authentication methods policy if it targets many group targets and the policy size exceeds 20 KB. While we work to increase the polcy size limit, consolidate targeted group as much as possible. + ## Next steps - [How to migrate MFA and SSPR policy settings to the Authentication methods policy](how-to-authentication-methods-manage.md) From 63a9bd42cd088a49a6566914a89bd4612f06573c Mon Sep 17 00:00:00 2001 From: Justinha Date: Tue, 3 Dec 2024 14:05:39 -0800 Subject: [PATCH 09/11] typo --- .../authentication/concept-authentication-methods-manage.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/identity/authentication/concept-authentication-methods-manage.md b/docs/identity/authentication/concept-authentication-methods-manage.md index a99b9cc7b67..7416a56d592 100644 --- a/docs/identity/authentication/concept-authentication-methods-manage.md +++ b/docs/identity/authentication/concept-authentication-methods-manage.md @@ -109,7 +109,7 @@ Tenants are set to either Pre-migration or Migration in Progress by default, dep - Registration of an authentication method can fail if many groups are included in the Authentication methods policy or a registration campaign. We recommend consolidating multiple groups into a single group for each authentication method. To maintain registration for users during consolidation, add the new group and remove current groups in the same operation. >[!NOTE] - >You might not be able to save updates to the Authentication methods policy if it targets many group targets and the policy size exceeds 20 KB. While we work to increase the polcy size limit, consolidate targeted group as much as possible. + >You might not be able to save updates to the Authentication methods policy if it targets many group targets and the policy size exceeds 20 KB. While we work to increase the policy size limit, consolidate targeted group as much as possible. ## Next steps From 94fd0276a77cdaaf5d12e1449fc418a97110bc61 Mon Sep 17 00:00:00 2001 From: Justinha Date: Tue, 3 Dec 2024 14:06:36 -0800 Subject: [PATCH 10/11] another copyedit --- .../authentication/concept-authentication-methods-manage.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/identity/authentication/concept-authentication-methods-manage.md b/docs/identity/authentication/concept-authentication-methods-manage.md index 7416a56d592..0b073051621 100644 --- a/docs/identity/authentication/concept-authentication-methods-manage.md +++ b/docs/identity/authentication/concept-authentication-methods-manage.md @@ -109,7 +109,7 @@ Tenants are set to either Pre-migration or Migration in Progress by default, dep - Registration of an authentication method can fail if many groups are included in the Authentication methods policy or a registration campaign. We recommend consolidating multiple groups into a single group for each authentication method. To maintain registration for users during consolidation, add the new group and remove current groups in the same operation. >[!NOTE] - >You might not be able to save updates to the Authentication methods policy if it targets many group targets and the policy size exceeds 20 KB. While we work to increase the policy size limit, consolidate targeted group as much as possible. + >You might not be able to save updates to the Authentication methods policy if it targets many groups and the policy size exceeds 20 KB. While we work to increase the policy size limit, consolidate targeted group as much as possible. ## Next steps From f00df3c6cbf8c1c7e03af745f7f3fd93129599f4 Mon Sep 17 00:00:00 2001 From: Justinha Date: Tue, 3 Dec 2024 14:17:29 -0800 Subject: [PATCH 11/11] copyedit --- .../authentication/concept-authentication-methods-manage.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/identity/authentication/concept-authentication-methods-manage.md b/docs/identity/authentication/concept-authentication-methods-manage.md index 0b073051621..6fcff1ab981 100644 --- a/docs/identity/authentication/concept-authentication-methods-manage.md +++ b/docs/identity/authentication/concept-authentication-methods-manage.md @@ -109,7 +109,7 @@ Tenants are set to either Pre-migration or Migration in Progress by default, dep - Registration of an authentication method can fail if many groups are included in the Authentication methods policy or a registration campaign. We recommend consolidating multiple groups into a single group for each authentication method. To maintain registration for users during consolidation, add the new group and remove current groups in the same operation. >[!NOTE] - >You might not be able to save updates to the Authentication methods policy if it targets many groups and the policy size exceeds 20 KB. While we work to increase the policy size limit, consolidate targeted group as much as possible. + >You might not be able to save updates to the Authentication methods policy if it targets many groups and the policy size exceeds 20 KB. While we work to increase the policy size limit, consolidate targeted groups as much as possible. ## Next steps