Merging changes synced from https://github.com/MicrosoftDocs/azure-do…

…cs-pr (branch live)

articles/active-directory/enterprise-users/groups-naming-policy.md

@@ -23,9 +23,9 @@ To enforce consistent naming conventions for Microsoft 365 groups created or edi
 > [!IMPORTANT]
 > Using Microsoft Entra ID naming policy for Microsoft 365 groups requires that you possess but not necessarily assign a Microsoft Entra ID P1 license or Microsoft Entra Basic EDU license for each unique user that is a member of one or more Microsoft 365 groups.
 
-The naming policy is applied to creating or editing groups created across workloads (for example, Outlook, Microsoft Teams, SharePoint, Exchange, or Planner), even if no editing changes are made. It is applied to both the group name and group alias. If you set up your naming policy in Microsoft Entra ID and you have an existing Exchange group naming policy, the Microsoft Entra ID naming policy is enforced in your organization.
+The naming policy is applied to creating or editing groups created across workloads (for example, Outlook, Microsoft Teams, SharePoint, Exchange, or Planner), even if no editing changes are made. It's applied to both the group name and group alias. If you set up your naming policy in Microsoft Entra ID and you have an existing Exchange group naming policy, the Microsoft Entra ID naming policy is enforced in your organization.
 
-When group naming policy is configured, the policy will be applied to new Microsoft 365 groups created by end users. Naming policy does not apply to certain directory roles, such as Global Administrator or User Administrator (please see below for the complete list of roles exempted from group naming policy). For existing Microsoft 365 groups, the policy will not immediately apply at the time of configuration. Once group owner edits the group name for these groups, naming policy will be enforced, even if no changes are made.
+When group naming policy is configured, the policy will be applied to new Microsoft 365 groups created by end users. Naming policy doesn't apply to certain directory roles, such as Global Administrator or User Administrator (please see below for the complete list of roles exempted from group naming policy). For existing Microsoft 365 groups, the policy won't immediately apply at the time of configuration. Once group owner edits the group name for these groups, naming policy will be enforced, even if no changes are made.
 
 ## Naming policy features
 
@@ -39,7 +39,7 @@ You can enforce naming policy for groups in two different ways:
 
 The general structure of the naming convention is ‘Prefix[GroupName]Suffix’. While you can define multiple prefixes and suffixes, you can only have one instance of the [GroupName] in the setting. The prefixes or suffixes can be either fixed strings or user attributes such as \[Department\] that are substituted based on the user who is creating the group. The total allowable number of characters for your prefix and suffix strings including group name is 63 characters.
 
-Prefixes and suffixes can contain special characters that are supported in group name and group alias. Any characters in the prefix or suffix that are not supported in the group alias are still applied in the group name, but removed from the group alias. Because of this restriction, the prefixes and suffixes applied to the group name might be different from the ones applied to the group alias.
+Prefixes and suffixes can contain special characters that are supported in group name and group alias. Any characters in the prefix or suffix that aren't supported in the group alias are still applied in the group name, but removed from the group alias. Because of this restriction, the prefixes and suffixes applied to the group name might be different from the ones applied to the group alias.
 
 #### Fixed strings
 
@@ -57,10 +57,10 @@ A blocked word list is a comma-separated list of phrases to be blocked in group
 
 Blocked word list rules:
 
-- Blocked words are not case sensitive.
+- Blocked words aren't case sensitive.
 - When a user enters a blocked word as part of a group name, they see an error message with the blocked word.
 - There are no character restrictions on blocked words.
-- There is an upper limit of 5000 phrases that can be configured in the blocked words list. 
+- There's an upper limit of 5000 phrases that can be configured in the blocked words list. 
 
 ### Roles and permissions
 
@@ -118,7 +118,7 @@ Be sure to uninstall any older version of the Azure Active Directory PowerShell
    Install-Module AzureADPreview
    ```
 
-   If you are prompted about accessing an untrusted repository, enter **Y**. It might take few minutes for the new module to install.
+   If you're prompted about accessing an untrusted repository, enter **Y**. It might take few minutes for the new module to install.
 
 ## Configure naming policy in PowerShell
 
@@ -175,14 +175,14 @@ That's it. You've set your naming policy and added your blocked words.
 
 For more information, see the article [Microsoft Entra cmdlets for configuring group settings](../enterprise-users/groups-settings-cmdlets.md).
 
-Here is an example of a PowerShell script to export multiple blocked words:
+Here's an example of a PowerShell script to export multiple blocked words:
 
 ``` PowerShell
 $Words = (Get-AzureADDirectorySetting).Values | Where-Object -Property Name -Value CustomBlockedWordsList -EQ 
 Add-Content "c:\work\currentblockedwordslist.txt" -Value $words.value.Split(",").Replace("`"","")  
 ```
 
-Here is an example PowerShell script to import multiple blocked words:
+Here's an example PowerShell script to import multiple blocked words:
 
 ``` PowerShell
 $BadWords = Get-Content "C:\work\currentblockedwordslist.txt"
@@ -240,14 +240,15 @@ Microsoft Teams | Microsoft Teams shows the group naming policy enforced name wh
 SharePoint | SharePoint shows the naming policy enforced name when the user types a site name or group email address. When a user enters a custom blocked word, an error message is shown, along with the blocked word so that the user can remove it.
 Microsoft Stream | Microsoft Stream shows the group naming policy enforced name when the user types a group name or group email alias. When a user enters a custom blocked word, an error message is shown with the blocked word so the user can remove it.
 Outlook iOS and Android App | Groups created in Outlook apps are compliant with the configured naming policy. Outlook mobile app doesn't yet show the preview of the naming policy enforced name, and doesn't return custom blocked word errors when the user enters the group name. However, the naming policy is automatically applied on clicking create/edit and users see error messages if there are custom blocked words in the group name or alias.
-Groups mobile app | Groups created in the Groups mobile app are compliant with the naming policy. Groups mobile app does not show the preview of the naming policy and does not return custom blocked word errors when the user enters the group name. But the naming policy is automatically applied when creating or editing a group and users is presented with appropriate errors if there are custom blocked words in the group name or alias.
+Groups mobile app | Groups created in the Groups mobile app are compliant with the naming policy. Groups mobile app doesn't show the preview of the naming policy and doesn't return custom blocked word errors when the user enters the group name. But the naming policy is automatically applied when creating or editing a group and users is presented with appropriate errors if there are custom blocked words in the group name or alias.
 Planner | Planner is compliant with the naming policy. Planner shows the naming policy preview when entering the plan name. When a user enters a custom blocked word, an error message is shown when creating the plan.
+Project for the web | Project for the web is compliant with the naming policy. 
 Dynamics 365 for Customer Engagement | Dynamics 365 for Customer Engagement is compliant with the naming policy. Dynamics 365 shows the naming policy enforced name when the user types a group name or group email alias. When the user enters a custom blocked word, an error message is shown with the blocked word so the user can remove it.
 School Data Sync (SDS) | Groups created through SDS comply with naming policy, but the naming policy isn't applied automatically. SDS administrators have to append the prefixes and suffixes to class names for which groups need to be created and then uploaded to SDS. Group create or edit would fail otherwise.
 Classroom app | Groups created in Classroom app comply with the naming policy, but the naming policy isn't applied automatically, and the naming policy preview isn't shown to the users while entering a classroom group name. Users must enter the enforced classroom group name with prefixes and suffixes. If not, the classroom group create or edit operation fails with errors.
 Power BI | Power BI workspaces are compliant with the naming policy.
-Yammer | When a user signed in to Yammer with their Microsoft Entra account creates a group or edits a group name, the group name will comply with naming policy. This applies both to Microsoft 365 connected groups and all other Yammer groups.<br>If a Microsoft 365 connected group was created before the naming policy is in place, the group name will not automatically follow the naming policies. When a user edits the group name, they will be prompted to add the prefix and suffix.
-StaffHub  | StaffHub teams do not follow the naming policy, but the underlying Microsoft 365 group does. StaffHub team name does not apply the prefixes and suffixes and does not check for custom blocked words. But StaffHub does apply the prefixes and suffixes and removes blocked words from the underlying Microsoft 365 group.
+Yammer | When a user signed in to Yammer with their Microsoft Entra account creates a group or edits a group name, the group name will comply with naming policy. This applies both to Microsoft 365 connected groups and all other Yammer groups.<br>If a Microsoft 365 connected group was created before the naming policy is in place, the group name won't automatically follow the naming policies. When a user edits the group name, they'll be prompted to add the prefix and suffix.
+StaffHub  | StaffHub teams do not follow the naming policy, but the underlying Microsoft 365 group does. StaffHub team name doesn't apply the prefixes and suffixes and doesn't check for custom blocked words. But StaffHub does apply the prefixes and suffixes and removes blocked words from the underlying Microsoft 365 group.
 Exchange PowerShell | Exchange PowerShell cmdlets are compliant with the naming policy. Users receive appropriate error messages with suggested prefixes and suffixes and for custom blocked words if they don't follow the naming policy in the group name and group alias (mailNickname).
 Azure Active Directory PowerShell cmdlets | Azure Active Directory PowerShell cmdlets are compliant with naming policy. Users receive appropriate error messages with suggested prefixes and suffixes and for custom blocked words if they don't follow the naming convention in group names and group alias.
 Exchange admin center | Exchange admin center is compliant with naming policy. Users receive appropriate error messages with suggested prefixes and suffixes and for custom blocked words if they don't follow the naming convention in the group name and group alias.

articles/active-directory/governance/configure-logic-app-lifecycle-workflows.md

@@ -260,7 +260,7 @@ If the security token type is **Normal** for your custom task extension, you'd s
 
     Policy name: AzureADLifecycleWorkflowsAuthPolicy 
 
-    Policy type: Microsoft Entra ID  
+    Policy type: AAD 
 
     |Claim  |Value  |
     |---------|---------|
@@ -270,7 +270,7 @@ If the security token type is **Normal** for your custom task extension, you'd s
 
     Policy name: AzureADLifecycleWorkflowsAuthPolicyV2App 
 
-    Policy type: Microsoft Entra ID   
+    Policy type: AAD   
 
     |Claim  |Value  |
     |---------|---------|

articles/active-directory/governance/tutorial-prepare-user-accounts.md

@@ -146,12 +146,12 @@ $Department = "Sales"
 $UPN_manager = "bsimon@<your tenant name here>"
 
 Install-Module -Name AzureAD
-Connect-AzureAD -Confirm
+Connect-MgGraph -Confirm
 
 $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile
 $PasswordProfile.Password = "<Password>"
-New-AzureADUser -DisplayName $Displayname_manager  -PasswordProfile $PasswordProfile -UserPrincipalName $UPN_manager -AccountEnabled $true -MailNickName $Name_manager -Department $Department
-New-AzureADUser -DisplayName $Displayname_employee  -PasswordProfile $PasswordProfile -UserPrincipalName $UPN_employee -AccountEnabled $true -MailNickName $Name_employee -Department $Department
+New-MgUser -DisplayName $Displayname_manager  -PasswordProfile $PasswordProfile -UserPrincipalName $UPN_manager -AccountEnabled $true -MailNickName $Name_manager -Department $Department
+New-MgUser -DisplayName $Displayname_employee  -PasswordProfile $PasswordProfile -UserPrincipalName $UPN_employee -AccountEnabled $true -MailNickName $Name_employee -Department $Department
 ```
 
 Once your user(s) has been successfully created in Microsoft Entra ID, you may proceed to follow the Lifecycle workflow tutorials for your workflow creation.  

articles/active-directory/multi-tenant-organizations/multi-tenant-organization-configure-graph.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: multi-tenant-organizations
 ms.topic: how-to
-ms.date: 08/22/2023
+ms.date: 09/22/2023
 ms.author: rolyon
 ms.custom: it-pro
 
@@ -29,13 +29,13 @@ If you instead want to use the Microsoft 365 admin center to configure a multi-t
 
 ![Icon for the owner tenant.](./media/common/icon-tenant-owner.png)<br/>**Owner tenant**
 
-- Microsoft Entra ID P1 or P2 license. For more information, see [License requirements](./multi-tenant-organization-overview.md#license-requirements).
+- For license information, see [License requirements](./multi-tenant-organization-overview.md#license-requirements).
 - [Security Administrator](../roles/permissions-reference.md#security-administrator) role to configure cross-tenant access settings and templates for the multi-tenant organization.
 - [Global Administrator](../roles/permissions-reference.md#global-administrator) role to consent to required permissions.
 
 ![Icon for the member tenant.](./media/common/icon-tenant-member.png)<br/>**Member tenant**
 
-- Microsoft Entra ID P1 or P2 license. For more information, see [License requirements](./multi-tenant-organization-overview.md#license-requirements).
+- For license information, see [License requirements](./multi-tenant-organization-overview.md#license-requirements).
 - [Security Administrator](../roles/permissions-reference.md#security-administrator) role to configure cross-tenant access settings and templates for the multi-tenant organization.
 - [Global Administrator](../roles/permissions-reference.md#global-administrator) role to consent to required permissions.
 

articles/active-directory/multi-tenant-organizations/multi-tenant-organization-configure-templates.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: multi-tenant-organizations
 ms.topic: how-to
-ms.date: 08/22/2023
+ms.date: 09/22/2023
 ms.author: rolyon
 ms.custom: it-pro
 
@@ -25,7 +25,7 @@ This article describes how to configure a policy template for your multi-tenant
 
 ## Prerequisites
 
-- Microsoft Entra ID P1 or P2 license. For more information, see [License requirements](./multi-tenant-organization-overview.md#license-requirements).
+- For license information, see [License requirements](./multi-tenant-organization-overview.md#license-requirements).
 - [Security Administrator](../roles/permissions-reference.md#security-administrator) role to configure cross-tenant access settings and templates for the multi-tenant organization.
 - [Global Administrator](../roles/permissions-reference.md#global-administrator) role to consent to required permissions.
 

articles/active-directory/reports-monitoring/howto-use-recommendations.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.topic: how-to
 ms.workload: identity
 ms.subservice: report-monitor
-ms.date: 08/24/2023
+ms.date: 09/21/2023
 ms.author: sarahlipsey
 ms.reviewer: hafowler
 ---
@@ -41,10 +41,10 @@ Some recommendations may require a P2 or other license. For more information, se
 
 ## How to read a recommendation
 
-To view the details of a recommendation:
+Most recommendations follow the same pattern. You're provided information about how the recommendation work, its value, and some action steps to address the recommendation. This section provides an overview of the details provided in a recommendation, but aren't specific to one recommendation.
 
 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Reports Reader](../roles/permissions-reference.md#reports-reader).
-1. Browse to **Identity** > **Overview** > **Recommendations tab**
+1. Browse to **Identity** > **Overview** > **Recommendations tab**.
 1. Select a recommendation from the list.
 
     ![Screenshot of the list of recommendations.](./media/howto-use-recommendations/recommendations-list.png)