Merge branch 'main' of https://github.com/MicrosoftDocs/sql-docs-pr into sqlsvr-aad-p5

Author: MashaMSFT

azure-sql/database/active-directory-interactive-connect-azure-sql-db.md

@@ -16,7 +16,7 @@ ms.custom:
 # Connect to Azure SQL Database with Microsoft Entra multifactor authentication
 [!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)]
 
-This article provides a C# program that connects to Azure SQL Database. The program uses interactive mode authentication, which supports [multifactor authentication](/azure/active-directory/authentication/concept-mfa-howitworks) using Microsoft Entra ID ([formerly Azure Active Directory](/azure/active-directory/fundamentals/new-name)).
+This article provides a C# program that connects to Azure SQL Database. The program uses interactive mode authentication, which supports [multifactor authentication](/azure/active-directory/authentication/concept-mfa-howitworks) using Microsoft Entra ID ([formerly Azure Active Directory](/entra/fundamentals/new-name)).
 
 For more information about multifactor authentication support for SQL tools, see [Using Microsoft Entra multifactor authentication](./authentication-mfa-ssms-overview.md).
 

azure-sql/database/active-geo-replication-configure-portal.md

@@ -225,7 +225,7 @@ Remove-AzSqlDatabaseSecondary @parameters
 
 ## Cross-subscription geo-replication
 
-Use Transact-SQL (T-SQL) create a geo-secondary in a subscription different from the subscription of the primary (whether under the same tenant of Microsoft Entra ID ([formerly Azure Active Directory](/azure/active-directory/fundamentals/new-name)) or not), follow the steps in this section.
+Use Transact-SQL (T-SQL) create a geo-secondary in a subscription different from the subscription of the primary (whether under the same tenant of Microsoft Entra ID ([formerly Azure Active Directory](/entra/fundamentals/new-name)) or not), follow the steps in this section.
 
 1. Add the IP address of the client machine executing the T-SQL commands in this example, to the server firewalls of **both** the primary and secondary servers. You can confirm that IP address by executing the following query while connected to the primary server from the same client machine.
 

azure-sql/database/active-geo-replication-overview.md

@@ -134,7 +134,7 @@ Review [license-free standby replica](standby-replica-how-to-configure.md) to le
 
 ## Cross-subscription geo-replication
 
-Use Transact-SQL (T-SQL) create a geo-secondary in a subscription different from the subscription of the primary (whether under the same tenant of Microsoft Entra ID ([formerly Azure Active Directory](/azure/active-directory/fundamentals/new-name)) or not). Review [Configure active geo-replication](active-geo-replication-configure-portal.md) to learn more. 
+Use Transact-SQL (T-SQL) create a geo-secondary in a subscription different from the subscription of the primary (whether under the same tenant of Microsoft Entra ID ([formerly Azure Active Directory](/entra/fundamentals/new-name)) or not). Review [Configure active geo-replication](active-geo-replication-configure-portal.md) to learn more. 
 
 ## <a name="keeping-credentials-and-firewall-rules-in-sync"></a> Keep credentials and firewall rules in sync
 

azure-sql/database/active-geo-replication-security-configure.md

@@ -26,7 +26,7 @@ The main trade-off is that managing the disaster recovery process at scale is mo
 If you are using logins and users (rather than contained users), you must take extra steps to ensure that the same logins exist in the `master` database. The following sections outline the steps involved and additional considerations.
 
   >[!NOTE]
-  > It's also possible to use logins created from Microsoft Entra ID ([formerly Azure Active Directory](/azure/active-directory/fundamentals/new-name)) to manage your databases. For more information, see [Azure SQL logins and users](./logins-create-manage.md).
+  > It's also possible to use logins created from Microsoft Entra ID ([formerly Azure Active Directory](/entra/fundamentals/new-name)) to manage your databases. For more information, see [Azure SQL logins and users](./logins-create-manage.md).
 
 ### Set up user access to a secondary or recovered database
 

azure-sql/database/alerts-insights-configure-portal.md

@@ -1,5 +1,6 @@
 ---
 title: Setup alerts and notifications in the Azure portal
+titleSuffix: Azure SQL Database & Azure Synapse Analytics
 description: Use the Azure portal to create alerts, which can trigger notifications or automation when the conditions you specify are met.
 author: sravanisaluru
 ms.author: srsaluru

azure-sql/database/always-encrypted-enclaves-getting-started.md

@@ -11,6 +11,7 @@ ms.custom:
 ms.topic: conceptual
 ---
 # Getting started using Always Encrypted with secure enclaves
+[!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)]
 
 These tutorials teach you how to get started with [Always Encrypted with secure enclaves](/sql/relational-databases/security/encryption/always-encrypted-enclaves). They'll show you:
 

azure-sql/database/always-encrypted-with-secure-enclaves-landing.yml

@@ -15,7 +15,7 @@ metadata:
   ms.author: vanto
   ms.reviewer: mathoma
   ms.date: 04/05/2023
-  monikerRange: "=azuresql||=azuresql-db||=azuresql-mi"
+  monikerRange: "=azuresql||=azuresql-db"
 
 # linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new
 

azure-sql/database/application-authentication-get-client-id-keys.md

@@ -16,7 +16,7 @@ ms.custom:
 # Get the required values for authenticating an application to access Azure SQL Database from code
 [!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)]
 
-To create and manage an Azure SQL Database from code, you must register your app with Microsoft Entra ID ([formerly Azure Active Directory](/azure/active-directory/fundamentals/new-name)). The app must be registered in the same Microsoft Entra tenant as your Azure SQL Database resource.
+To create and manage an Azure SQL Database from code, you must register your app with Microsoft Entra ID ([formerly Azure Active Directory](/entra/fundamentals/new-name)). The app must be registered in the same Microsoft Entra tenant as your Azure SQL Database resource.
 
 
 ## Create a service principal to access resources from an application

azure-sql/database/arm-templates-content-guide.md

@@ -1,7 +1,7 @@
 ---
 title: Azure Resource Manager templates
-description: Use Azure Resource Manager templates to create and configure Azure SQL Database and Azure SQL Managed Instance.
 titleSuffix: Azure SQL Database & Azure SQL Managed Instance
+description: Use Azure Resource Manager templates to create and configure Azure SQL Database and Azure SQL Managed Instance.
 author: urosmil
 ms.author: urmilano
 ms.reviewer: wiassaf, mathoma
@@ -10,6 +10,7 @@ ms.service: sql-db-mi
 ms.subservice: deployment-configuration
 ms.topic: conceptual
 ms.custom: overview-samples sqldbrb=2, devx-track-arm-template
+monikerRange: "= azuresql || = azuresql-db || = azuresql-mi"
 ---
 
 # Azure Resource Manager templates for Azure SQL Database & Azure SQL Managed Instance

azure-sql/database/audit-log-format.md

@@ -1,5 +1,6 @@
 ---
 title: SQL Database audit log format
+titleSuffix: Azure SQL Database & Azure Synapse Analytics
 description: Understand how Azure SQL Database audit logs are structured.
 author: sravanisaluru
 ms.author: srsaluru

azure-sql/database/audit-write-storage-account-behind-vnet-firewall.md

@@ -1,5 +1,6 @@
 ---
 title: Audit to storage account behind VNet and firewall
+titleSuffix: Azure SQL Database & Azure Synapse Analytics
 description: Configure auditing to write database events on a storage account behind virtual network and firewall
 author: sravanisaluru
 ms.author: srsaluru
@@ -82,7 +83,7 @@ The sample scripts in this section require you to update the script before you r
 
 To configure SQL Audit to write events to a storage account behind a VNet or Firewall:
 
-1. Register your server with Microsoft Entra ID ([formerly Azure Active Directory](/azure/active-directory/fundamentals/new-name)). Use either PowerShell or REST API.
+1. Register your server with Microsoft Entra ID ([formerly Azure Active Directory](/entra/fundamentals/new-name)). Use either PowerShell or REST API.
 
    **PowerShell**
 

azure-sql/database/auditing-manage-using-api.md

@@ -1,5 +1,6 @@
 ---
 title: Manage Azure SQL Database Auditing using APIs
+titleSuffix: Azure SQL Database & Azure Synapse Analytics
 description: Use Azure SQL Database auditing to track database events into an audit log.
 author: sravanisaluru
 ms.author: srsaluru

azure-sql/database/auditing-managed-identity.md

@@ -1,5 +1,6 @@
 ---
 title: Auditing using managed identity
+titleSuffix: Azure SQL Database & Azure Synapse Analytics
 description: How to use managed identity with storage accounts for auditing
 author: sravanisaluru
 ms.author: srsaluru

azure-sql/database/auditing-microsoft-support-operations.md

@@ -1,5 +1,6 @@
 ---
 title: Auditing Microsoft support operations
+titleSuffix: Azure SQL Database & Azure Synapse Analytics
 description: How to use Auditing to audit Microsoft support operations.
 author: sravanisaluru
 ms.author: srsaluru

azure-sql/database/auditing-overview.md

@@ -44,7 +44,7 @@ You can use SQL Database auditing to:
 - Enabling auditing on a paused **Azure Synapse SQL pool** isn't supported. To enable auditing, resume the **Synapse SQL pool**.
 - Enabling auditing by using User Assigned Managed Identity (UAMI) isn't supported on **Azure Synapse**.
 - Auditing for **Azure Synapse SQL pools** supports default audit action groups **only**.
-- When you configure auditing for a [logical server in Azure](logical-servers.md) or Azure SQL Database with the log destination as a storage account, the authentication mode must match the configuration for that storage account. If using storage access keys as the authentication type, the target storage account must be enabled with access to the storage account keys. If the storage account is configured to only use authentication with Microsoft Entra ID ([formerly Azure Active Directory](/azure/active-directory/fundamentals/new-name)), auditing can be configured to use managed identities for authentication.
+- When you configure auditing for a [logical server in Azure](logical-servers.md) or Azure SQL Database with the log destination as a storage account, the authentication mode must match the configuration for that storage account. If using storage access keys as the authentication type, the target storage account must be enabled with access to the storage account keys. If the storage account is configured to only use authentication with Microsoft Entra ID ([formerly Azure Active Directory](/entra/fundamentals/new-name)), auditing can be configured to use managed identities for authentication.
 
 ## Remarks
 

azure-sql/database/auditing-server-level-database-level.md

@@ -1,5 +1,6 @@
 ---
 title: Auditing policy at the server and database level
+titleSuffix: Azure SQL Database & Azure Synapse Analytics
 description: This article explains the differences for Auditing policies of Azure SQL Database and Azure Synapse Analytics at the server and database level.
 author: sravanisaluru
 ms.author: srsaluru

azure-sql/database/authentication-aad-configure.md

@@ -22,7 +22,7 @@ monikerRange: "= azuresql || = azuresql-db || = azuresql-mi"
 
 [!INCLUDE[appliesto-sqldb-sqlmi-asa](../includes/appliesto-sqldb-sqlmi-asa.md)]
 
-This article shows you how to create and populate a Microsoft Entra tenant, and use Microsoft Entra ID ([formerly Azure Active Directory](/azure/active-directory/fundamentals/new-name)) with [Azure SQL Database](sql-database-paas-overview.md), [Azure SQL Managed Instance](../managed-instance/sql-managed-instance-paas-overview.md), and [Azure Synapse Analytics](/azure/synapse-analytics/sql-data-warehouse/sql-data-warehouse-overview-what-is). For an overview, see [Microsoft Entra authentication](authentication-aad-overview.md).
+This article shows you how to create and populate a Microsoft Entra tenant, and use Microsoft Entra ID ([formerly Azure Active Directory](/entra/fundamentals/new-name)) with [Azure SQL Database](sql-database-paas-overview.md), [Azure SQL Managed Instance](../managed-instance/sql-managed-instance-paas-overview.md), and [Azure Synapse Analytics](/azure/synapse-analytics/sql-data-warehouse/sql-data-warehouse-overview-what-is). For an overview, see [Microsoft Entra authentication](authentication-aad-overview.md).
 
 [!INCLUDE [entra-id](../includes/entra-id.md)]
 
@@ -534,10 +534,10 @@ To use integrated Windows authentication, your domain's Active Directory must be
 
 Your client application (or a service) connecting to the database must be running on a domain-joined machine under a user's domain credentials.
 
-To connect to a database using integrated authentication and a Microsoft Entra identity, the Authentication keyword in the database connection string must be set to `Active Directory Integrated`. The following C# code sample uses ADO .NET.
+To connect to a database using integrated authentication and a Microsoft Entra identity, the Authentication keyword in the database connection string must be set to `Active Directory Integrated`. Replace `<database_name>` with your database name. The following C# code sample uses ADO .NET.
 
 ```csharp
-string ConnectionString = @"Data Source=n9lxnyuzhv.database.windows.net; Authentication=Active Directory Integrated; Initial Catalog=testdb;";
+string ConnectionString = @"Data Source=<database_name>.database.windows.net; Authentication=Active Directory Integrated; Initial Catalog=testdb;";
 SqlConnection conn = new SqlConnection(ConnectionString);
 conn.Open();
 ```
@@ -548,11 +548,11 @@ The connection string keyword `Integrated Security=True` isn't supported for con
 
 ### Microsoft Entra password authentication
 
-To connect to a database using Microsoft Entra cloud-only identity user accounts, or those who use Microsoft Entra hybrid identities, the Authentication keyword must be set to `Active Directory Password`. The connection string must contain User ID/UID and Password/PWD keywords and values. The following C# code sample uses ADO .NET.
+To connect to a database using Microsoft Entra cloud-only identity user accounts, or those who use Microsoft Entra hybrid identities, the Authentication keyword must be set to `Active Directory Password`. The connection string must contain User ID/UID and Password/PWD keywords and values. Replace `<database_name>`, `<email_address>`, and `<password>` with the appropriate values. The following C# code sample uses ADO .NET.
 
 ```csharp
 string ConnectionString =
-@"Data Source=n9lxnyuzhv.database.windows.net; Authentication=Active Directory Password; Initial Catalog=testdb;  UID=bob@contoso.onmicrosoft.com; PWD=MyPassWord!";
+@"Data Source=<database_name>.database.windows.net; Authentication=Active Directory Password; Initial Catalog=testdb; UID=<email_address>; PWD=<password>";
 SqlConnection conn = new SqlConnection(ConnectionString);
 conn.Open();
 ```
@@ -570,10 +570,10 @@ This authentication method allows middle-tier services to obtain [JSON Web Token
 3. Create a certificate on the client computer runs the application.
 4. Add the certificate as a key for your application.
 
-Sample connection string:
+Sample connection string. Replace `<database_name>` with your database name:
 
 ```csharp
-string ConnectionString = @"Data Source=n9lxnyuzhv.database.windows.net; Initial Catalog=testdb;";
+string ConnectionString = @"Data Source=<database_name>.database.windows.net; Initial Catalog=testdb;";
 SqlConnection conn = new SqlConnection(ConnectionString);
 conn.AccessToken = "Your JWT token";
 conn.Open();

azure-sql/database/authentication-aad-directory-readers-role-tutorial.md

@@ -1,6 +1,6 @@
 ---
 title: Assign Directory Readers role to a Microsoft Entra group and manage role assignments
-titleSuffix: Azure SQL Database & Azure SQL Managed Instance
+titleSuffix: Azure SQL Database & Azure SQL Managed Instance & Azure Synapse Analytics
 description: This article guides you through enabling the Directory Readers role using Microsoft Entra groups to manage Microsoft Entra role assignments with Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics
 author: nofield
 ms.author: nofield
@@ -17,7 +17,7 @@ monikerRange: "= azuresql || = azuresql-db || = azuresql-mi"
 
 [!INCLUDE[appliesto-sqldb-sqlmi-asa](../includes/appliesto-sqldb-sqlmi-asa.md)]
 
-This article guides you through creating a group in Microsoft Entra ID ([formerly Azure Active Directory](/azure/active-directory/fundamentals/new-name)), and assigning that group the [**Directory Readers**](/azure/active-directory/roles/permissions-reference#directory-readers) role. The Directory Readers permissions allow the group owners to add additional members to the group, such as a [managed identity](/azure/active-directory/managed-identities-azure-resources/overview#managed-identity-types) of [Azure SQL Database](sql-database-paas-overview.md), [Azure SQL Managed Instance](../managed-instance/sql-managed-instance-paas-overview.md), and [Azure Synapse Analytics](/azure/synapse-analytics/sql-data-warehouse/sql-data-warehouse-overview-what-is). This bypasses the need for a [Global Administrator](/azure/active-directory/roles/permissions-reference#global-administrator) or [Privileged Role Administrator](/azure/active-directory/roles/permissions-reference#privileged-role-administrator) to assign the Directory Readers role directly for each [logical server](logical-servers.md) identity in the tenant.
+This article guides you through creating a group in Microsoft Entra ID ([formerly Azure Active Directory](/entra/fundamentals/new-name)), and assigning that group the [**Directory Readers**](/azure/active-directory/roles/permissions-reference#directory-readers) role. The Directory Readers permissions allow the group owners to add additional members to the group, such as a [managed identity](/azure/active-directory/managed-identities-azure-resources/overview#managed-identity-types) of [Azure SQL Database](sql-database-paas-overview.md), [Azure SQL Managed Instance](../managed-instance/sql-managed-instance-paas-overview.md), and [Azure Synapse Analytics](/azure/synapse-analytics/sql-data-warehouse/sql-data-warehouse-overview-what-is). This bypasses the need for a [Global Administrator](/azure/active-directory/roles/permissions-reference#global-administrator) or [Privileged Role Administrator](/azure/active-directory/roles/permissions-reference#privileged-role-administrator) to assign the Directory Readers role directly for each [logical server](logical-servers.md) identity in the tenant.
 
 [!INCLUDE [entra-id](../includes/entra-id.md)]
 

azure-sql/database/authentication-aad-directory-readers-role.md

@@ -17,7 +17,7 @@ monikerRange: "= azuresql || = azuresql-db || = azuresql-mi"
 
 [!INCLUDE[appliesto-sqldb-sqlmi-asa](../includes/appliesto-sqldb-sqlmi-asa.md)]
 
-Microsoft Entra ID ([formerly Azure Active Directory](/azure/active-directory/fundamentals/new-name)) has introduced [using groups to manage role assignments](/azure/active-directory/roles/groups-concept). This allows for Microsoft Entra roles to be assigned to groups.
+Microsoft Entra ID ([formerly Azure Active Directory](/entra/fundamentals/new-name)) has introduced [using groups to manage role assignments](/azure/active-directory/roles/groups-concept). This allows for Microsoft Entra roles to be assigned to groups.
 
 > [!NOTE]
 > With [Microsoft Graph](/graph/overview) support for Azure SQL, the Directory Readers role can be replaced with using lower level permissions. For more information, see [User-assigned managed identity in Microsoft Entra for Azure SQL](authentication-azure-ad-user-assigned-managed-identity.md).