-
Notifications
You must be signed in to change notification settings - Fork 436
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #607 from MicrosoftDocs/main
11/29/2023 PM Publish
- Loading branch information
Showing
19 changed files
with
111 additions
and
114 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
### YamlMime:ContextObject | ||
brand: entra | ||
uhfHeaderId: entra | ||
uhfHeaderId: MSDocsHeader-Entra | ||
breadcrumb_path: ../breadcrumb/toc.yml | ||
toc_rel: ../toc.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
### YamlMime:ContextObject | ||
brand: entra | ||
uhfHeaderId: entra | ||
uhfHeaderId: MSDocsHeader-Entra | ||
breadcrumb_path: ../breadcrumb/toc.yml | ||
toc_rel: ../toc.yml |
2 changes: 1 addition & 1 deletion
2
docs/identity/app-provisioning/context/app-provisioning-context.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
### YamlMime:ContextObject | ||
brand: entra | ||
uhfHeaderId: entra | ||
uhfHeaderId: MSDocsHeader-Entra | ||
breadcrumb_path: ../breadcrumb/toc.yml | ||
toc_rel: ../toc.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
### YamlMime:ContextObject | ||
brand: azure | ||
uhfHeaderId: azure | ||
brand: entra | ||
uhfHeaderId: MSDocsHeader-Entra | ||
breadcrumb_path: ../bread/toc.yml | ||
toc_rel: ../toc.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -6,7 +6,7 @@ services: active-directory | |
ms.service: active-directory | ||
ms.subservice: authentication | ||
ms.topic: how-to | ||
ms.date: 11/15/2023 | ||
ms.date: 11/29/2023 | ||
|
||
ms.author: justinha | ||
author: vimrang | ||
|
@@ -27,14 +27,14 @@ The values stored in **certificateUserIds** should be in the format described in | |
|
||
|Certificate mapping Field | Examples of values in CertificateUserIds | | ||
|--------------------------|--------------------------------------| | ||
|PrincipalName | `X509:\<PN>[email protected]` | | ||
|PrincipalName | `X509:\<PN>bob@woodgrove` | | ||
|RFC822Name | `X509:\<RFC822>[email protected]` | | ||
|IssuerAndSubject | `X509:\<I>DC=com,DC=contoso,CN=CONTOSO-DC-CA\<S>DC=com,DC=contoso,OU=UserAccounts,CN=mfatest` | | ||
|Subject | `X509:\<S>DC=com,DC=contoso,OU=UserAccounts,CN=mfatest` | | ||
|SKI | `X509:\<SKI>123456789abcdef` | | ||
|SHA1PublicKey |`X509:\<SHA1-PUKEY>123456789abcdef` | | ||
|IssuerAndSerialNumber | `X509:\<I>DC=com,DC=contoso,CN=CONTOSO-DC-CA\<SR>b24134139f069b49997212a86ba0ef48` <br> To get the correct value for serial number, run this command and store the value shown in CertificateUserIds:<br> **Syntax**:<br> `Certutil –dump –v [~certificate path~] >> [~dumpFile path~]` <br> **Example**: <br> `certutil -dump -v firstusercert.cer >> firstCertDump.txt` | | ||
|PrincipalName | `X509:<PN>[email protected]` | | ||
|PrincipalName | `X509:<PN>bob@woodgrove` | | ||
|RFC822Name | `X509:<RFC822>[email protected]` | | ||
|IssuerAndSubject | `X509:<I>DC=com,DC=contoso,CN=CONTOSO-DC-CA<S>DC=com,DC=contoso,OU=UserAccounts,CN=mfatest` | | ||
|Subject | `X509:<S>DC=com,DC=contoso,OU=UserAccounts,CN=mfatest` | | ||
|SKI | `X509:<SKI>123456789abcdef` | | ||
|SHA1PublicKey |`X509:<SHA1-PUKEY>123456789abcdef` | | ||
|IssuerAndSerialNumber | `X509:<I>DC=com,DC=contoso,CN=CONTOSO-DC-CA<SR>b24134139f069b49997212a86ba0ef48` <br> To get the correct value for serial number, run this command and store the value shown in CertificateUserIds:<br> **Syntax**:<br> `Certutil –dump –v [~certificate path~] >> [~dumpFile path~]` <br> **Example**: <br> `certutil -dump -v firstusercert.cer >> firstCertDump.txt` | | ||
|
||
## Roles to update certificateUserIds | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -199,13 +199,13 @@ Mapping types based on user names and email addresses are considered low-affinit | |
|
||
| Certificate mapping field | Examples of values in certificateUserIds | User object attributes | Type | | ||
|:--------------------------|:----------------------------------------:|:----------------------:|:----:| | ||
|PrincipalName | `X509:\<PN>[email protected]` | userPrincipalName <br> onPremisesUserPrincipalName <br> certificateUserIds | low-affinity | | ||
|RFC822Name | `X509:\<RFC822>[email protected]` | userPrincipalName <br> onPremisesUserPrincipalName <br> certificateUserIds | low-affinity | | ||
|IssuerAndSubject | `X509:\<I>DC=com,DC=contoso,CN=CONTOSO-DC-CA\<S>DC=com,DC=contoso,OU=UserAccounts,CN=mfatest` | certificateUserIds | low-affinity | | ||
|Subject | `X509:\<S>DC=com,DC=contoso,OU=UserAccounts,CN=mfatest` | certificateUserIds | low-affinity | | ||
|SKI | `X509:\<SKI>123456789abcdef` | certificateUserIds | high-affinity | | ||
|SHA1PublicKey | `X509:\<SHA1-PUKEY>123456789abcdef` | certificateUserIds | high-affinity | | ||
|IssuerAndSerialNumber | `X509:\<I>DC=com,DC=contoso,CN=CONTOSO-DC-CA\<SR>b24134139f069b49997212a86ba0ef48` <br> To get the correct value for serial number, run this command and store the value shown in CertificateUserIds:<br> **Syntax**:<br> `Certutil –dump –v [~certificate path~] >> [~dumpFile path~]` <br> **Example**: <br> `certutil -dump -v firstusercert.cer >> firstCertDump.txt` | certificateUserIds | high-affinity | | ||
|PrincipalName | `X509:<PN>[email protected]` | userPrincipalName <br> onPremisesUserPrincipalName <br> certificateUserIds | low-affinity | | ||
|RFC822Name | `X509:<RFC822>[email protected]` | userPrincipalName <br> onPremisesUserPrincipalName <br> certificateUserIds | low-affinity | | ||
|IssuerAndSubject | `X509:<I>DC=com,DC=contoso,CN=CONTOSO-DC-CA<S>DC=com,DC=contoso,OU=UserAccounts,CN=mfatest` | certificateUserIds | low-affinity | | ||
|Subject | `X509:<S>DC=com,DC=contoso,OU=UserAccounts,CN=mfatest` | certificateUserIds | low-affinity | | ||
|SKI | `X509:<SKI>123456789abcdef` | certificateUserIds | high-affinity | | ||
|SHA1PublicKey | `X509:<SHA1-PUKEY>123456789abcdef` | certificateUserIds | high-affinity | | ||
|IssuerAndSerialNumber | `X509:<I>DC=com,DC=contoso,CN=CONTOSO-DC-CA<SR>b24134139f069b49997212a86ba0ef48` <br> To get the correct value for serial number, run this command and store the value shown in CertificateUserIds:<br> **Syntax**:<br> `Certutil –dump –v [~certificate path~] >> [~dumpFile path~]` <br> **Example**: <br> `certutil -dump -v firstusercert.cer >> firstCertDump.txt` | certificateUserIds | high-affinity | | ||
|
||
### Define Affinity binding at the tenant level and override with custom rules | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
docs/identity/conditional-access/context/conditional-access-context.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
### YamlMime:ContextObject | ||
brand: entra | ||
uhfHeaderId: entra | ||
uhfHeaderId: MSDocsHeader-Entra | ||
breadcrumb_path: ../breadcrumb/toc.yml | ||
toc_rel: ../toc.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
### YamlMime:ContextObject | ||
brand: entra | ||
uhfHeaderId: entra | ||
uhfHeaderId: MSDocsHeader-Entra | ||
breadcrumb_path: ../breadcrumb/toc.yml | ||
toc_rel: ../toc.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4 changes: 2 additions & 2 deletions
4
...-services/context/azure-ad-ds-context.yml → ...vices/context/domain-services-context.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
### YamlMime:ContextObject | ||
brand: azure | ||
uhfHeaderId: azure | ||
brand: entra | ||
uhfHeaderId: MSDocsHeader-Entra | ||
breadcrumb_path: ../breadcrumb/TOC.yml | ||
toc_rel: ../TOC.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
### YamlMime:ContextObject | ||
brand: entra | ||
uhfHeaderId: entra | ||
uhfHeaderId: MSDocsHeader-Entra | ||
breadcrumb_path: ../breadcrumb/toc.yml | ||
toc_rel: ../toc.yml |
2 changes: 1 addition & 1 deletion
2
docs/identity/managed-identities-azure-resources/context/msi-context.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
### YamlMime:ContextObject | ||
brand: entra | ||
uhfHeaderId: entra | ||
uhfHeaderId: MSDocsHeader-Entra | ||
breadcrumb_path: ../breadcrumb/toc.yml | ||
toc_rel: ../TOC.yml |
2 changes: 1 addition & 1 deletion
2
docs/identity/role-based-access-control/context/ugr-context.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
### YamlMime:ContextObject | ||
brand: entra | ||
uhfHeaderId: entra | ||
uhfHeaderId: MSDocsHeader-Entra | ||
breadcrumb_path: ../breadcrumb/toc.yml | ||
toc_rel: ../TOC.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
### YamlMime:ContextObject | ||
brand: entra | ||
uhfHeaderId: entra | ||
uhfHeaderId: MSDocsHeader-Entra | ||
breadcrumb_path: ../breadcrumb/toc.yml | ||
toc_rel: ../TOC.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters