Skip to content

Commit cc0ee77

Browse files
learn-build-service-prod[bot]Yebbenbev-dirichardsbubbletroublesCopilot
authored
Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/entra-docs (branch main) (#13778)
* Added limitation clarity (#1903) Clarify that the `memberOf` attribute cannot be used with other rules and operators, and add details about processing time and membership updates. Co-authored-by: Diana Richards <v-dirichards@microsoft.com> * Update What If tool documentation to remove references to preview (#2001) * Update What If tool documentation to remove references to preview * Updated with copilot suggestions. Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * Add custom domain email requirements to B2B invitation email docs (#1994) * Add custom domain email requirements to B2B invitation email docs Add prerequisites section covering mail-enabled tenant requirements, MOERA domain guidance, and DNS configuration (SPF, DKIM, DMARC) for custom domain invitation emails. Includes guidance for both Exchange Online and third-party gateway scenarios. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Apply reviewer suggestions: add ai-usage, remove microsoft.com reference, move section, reformat related content Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fixed heading Removed 'Next steps' section from invitation email elements documentation. --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: Diana Richards <103777760+v-dirichards@users.noreply.github.com> * Remove usage reports permission from AI reader (#2007) Removed the ability to view Office 365 usage reports from the AI reader permissions. * Adding missing closing brace from open on line 83 (#2004) Line 83 has an if statement with an open brace but it never closes. Adding closing brace on line 175 as this seems like the only logical place for it. * Revise source IP restoration guidance and roles (#2011) * Revise source IP restoration guidance and roles Updated notes on source IP restoration and role assignments for administrators. Clarified the impact of disabling Global Secure Access signaling on Conditional Access policies. * Update link for Global Secure Access signaling * Apply suggestions from code review Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Regan Downer <v-rdowner@microsoft.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * Fixed csanalyzer.ps1 script (#2012) removed hidden characters and corrected parameter name * Update secure-your-domain.md (#2013) Add prerequisites that document the Microsoft Entra directory roles required to modify security settings for a Microsoft Entra Domain Services managed domain. The update specifies that Application Administrator and Groups Administrator roles are required. It also clarifies that Azure RBAC permissions alone don't provide the directory-level permissions required to modify these settings. * Remove 'Preview' label from approver details section (#2016) * Update video links for user provisioning in Entra ID (#1930) * Update video links for user provisioning in Entra ID Update incorrect names for videos * fixing product name --------- Co-authored-by: Diana Richards <103777760+v-dirichards@users.noreply.github.com> * Update hardware requirements for Entra Connect server (#2015) Clarified hardware requirements for Microsoft Entra Connect server and noted resource adjustments for remote SQL Server hosting. Removed not appropriate statement if SQL is installed on the same server as Entra Connect Sync. * Remove reference to Azure AD PowerShell (#1919) * Update tshoot-connect-sso.md Reference to Azure AD PowerShell is deprecated or possibly hallucinated and not required for troubleshooting. * Apply suggestion from @omondiatieno Co-authored-by: Jackline Omondi <57798781+omondiatieno@users.noreply.github.com> --------- Co-authored-by: Jackline Omondi <57798781+omondiatieno@users.noreply.github.com> * fix: update deprecated Microsoft Docs links (#2019) Co-authored-by: Gowrisha C. Vishwa Kumar <gowrish@gcvs-mbp.speedport.ip> * Removed Power BI MTO limitation - MTO is GA in Power BI and Fabric (#2022) Co-authored-by: Sruly Taber <srulyt@microsoft.com> * Update harness-provisioning-tutorial.md (#2010) * Update harness-provisioning-tutorial.md Update screenshots, add appropriate explanation and improve structure * Remove firstgen reference * Remove extra space * Update image link * Address review comments * Refine API token generation and provisioning steps Updated instructions for generating an API token and editing provisioning properties. Minor formatting and wording adjustments for clarity. --------- Co-authored-by: Smriti Satyanarayana <smriti.satyanarayana@harness.io> Co-authored-by: Regan Downer <v-rdowner@microsoft.com> * Fix extra space and grammar in broker definition (#2030) * Update reviewers and enhance MFA self-enforcement details (#2028) * Update reviewers and enhance MFA self-enforcement details Added a second reviewer for the document and clarified the self-enforcement of MFA with Azure Policy modes. * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: learn-build-service-prod[bot] <113403604+learn-build-service-prod[bot]@users.noreply.github.com> Co-authored-by: Ben Jenkins <140325164+Yebbenbe@users.noreply.github.com> Co-authored-by: Diana Richards <v-dirichards@microsoft.com> Co-authored-by: bubbletroubles <42738824+bubbletroubles@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Co-authored-by: Learn Build Service GitHub App <Learn Build Service LearnBuild@microsoft.com> Co-authored-by: jconley76 <100385591+jconley76@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: Diana Richards <103777760+v-dirichards@users.noreply.github.com> Co-authored-by: Shawn Kupfer <60445862+ShawnKupfer@users.noreply.github.com> Co-authored-by: Marc <MarcLaf@users.noreply.github.com> Co-authored-by: Alexander Pavlovsky <alexpav@microsoft.com> Co-authored-by: Regan Downer <v-rdowner@microsoft.com> Co-authored-by: Tariq Jaber <64084421+tajaber@users.noreply.github.com> Co-authored-by: DiyaSaadeh <44966771+DiyaSaadeh@users.noreply.github.com> Co-authored-by: myra-ramdenbourg <108485108+myra-ramdenbourg@users.noreply.github.com> Co-authored-by: Kosta Kondaurov <11173634+miracle2come@users.noreply.github.com> Co-authored-by: Akos Regi <59701513+akosre@users.noreply.github.com> Co-authored-by: Shannon Graybrook <552756+realslacker@users.noreply.github.com> Co-authored-by: Jackline Omondi <57798781+omondiatieno@users.noreply.github.com> Co-authored-by: Gowrisha C. Vishwa Kumar <97154030+gowrishacv@users.noreply.github.com> Co-authored-by: Gowrisha C. Vishwa Kumar <gowrish@gcvs-mbp.speedport.ip> Co-authored-by: Sruly Taber <sruly@thetabers.com> Co-authored-by: Sruly Taber <srulyt@microsoft.com> Co-authored-by: Smriti S <35428245+SmritiSatyan@users.noreply.github.com> Co-authored-by: Smriti Satyanarayana <smriti.satyanarayana@harness.io> Co-authored-by: Ben Hecht <benjamin.hecht@gmail.com> Co-authored-by: nehakulkarni123 <70352273+nehakulkarni123@users.noreply.github.com>
1 parent 14f5948 commit cc0ee77

2 files changed

Lines changed: 3 additions & 3 deletions

File tree

docs/identity/authentication/concept-mandatory-multifactor-authentication.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ title: Plan for mandatory Microsoft Entra multifactor authentication (MFA)
33
description: Learn about mandatory multifactor authentication (MFA) enforcement for Azure, Microsoft 365, and other admin portals, and how to prepare your tenant.
44
ms.topic: concept-article
55
ms.date: 04/03/2026
6-
ms.reviewer: shahjoy
6+
ms.reviewer: shahjoy, nehakulkarni
77
ms.custom: sfi-ga-nochange, msecd-doc-authoring-106
88
# Customer intent: As an identity administrator, I want to plan for mandatory MFA for users who sign in to Azure portal so that my organization is prepared before enforcement begins.
99
---
@@ -185,7 +185,7 @@ To prepare for MFA enforcement, configure a [Conditional Access policy](how-to-m
185185

186186
Conditional Access requires a Microsoft Entra ID P1 or P2 license. If you can't use Conditional Access, enable [security defaults](~/fundamentals/security-defaults.md).
187187

188-
You can self-enforce MFA by using built-in definitions in Azure Policy. To learn more and follow a step-by-step overview to apply these policy assignments in your environment, see [Tutorial: Apply MFA self-enforcement through Azure Policy](/azure/governance/policy/tutorials/mfa-enforcement).
188+
You can self-enforce MFA by using built-in definitions in Azure Policy. To learn more and follow a step-by-step overview to apply these policy assignments in your environment, see [Tutorial: Apply MFA self-enforcement through Azure Policy](/azure/governance/policy/tutorials/mfa-enforcement). Azure Policy supports both the `Audit` effect (which reports noncompliance in policy compliance results) and the `Deny` effect, which blocks noncompliant requests.
189189

190190
For the best compatibility experience, ensure users in your tenant are using Azure CLI version 2.76 and Azure PowerShell version 14.3 or later. Otherwise, you can expect to see error messages as explained in these topics:
191191

docs/identity/devices/concept-primary-refresh-token.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ The following Windows components play a key role in requesting and using a Prima
1818

1919
| **Term** | **Description** |
2020
| :--- | --- |
21-
| **broker** | An identity broker is a service that acts as an intermediary between an identity providers (IdPs) and service providers (SPs), simplifying authentication and authorization . Web Account Manager is an example of an identity broker.|
21+
| **broker** | An identity broker is a service that acts as an intermediary between identity providers (IdPs) and service providers (SPs), simplifying authentication and authorization. Web Account Manager is an example of an identity broker.|
2222
| **Cloud Authentication Provider (CloudAP)**| CloudAP is the modern authentication provider for Windows sign in, that verifies users logging to a Windows 10 or newer device. CloudAP provides a plugin framework that identity providers can build on to enable authentication to Windows using that identity provider's credentials. |
2323
| **Web Account Manager (WAM)**| WAM is the default token broker on Windows 10 or newer devices. WAM also provides a plugin framework that identity providers can build on and enable SSO to their applications relying on that identity provider.|
2424
| **Microsoft Entra CloudAP plugin**| A Microsoft Entra specific plugin built on the CloudAP framework that verifies user credentials with Microsoft Entra ID during Windows sign in.|

0 commit comments

Comments
 (0)