Merge pull request #313224 from suzuber/article-refresh-lines-56-70

Azure refresh sheet lines 56-70

Author: v-dirichards

articles/azure-vmware/azure-vmware-solution-nsx-scale-and-performance-recommendations-for-vmware-hcx.md

@@ -3,7 +3,7 @@ title: Set an external identity source for VMware NSX
 description: Learn how to use Azure VMware Solution to set an external identity source for VMware NSX.
 ms.topic: how-to
 ms.service: azure-vmware
-ms.date: 3/29/2024
+ms.date: 3/26/2026
 ms.custom:
   - engagement-fy23
   - sfi-image-nochange
@@ -14,20 +14,20 @@ ms.custom:
 
 In this article, learn how to set up an external identity source for VMware NSX in an instance of Azure VMware Solution.
 
-You can set up NSX to use an external Lightweight Directory Access Protocol (LDAP) directory service to authenticate users. A user can sign in by using their Windows Server Active Directory account credentials or credentials from a third-party LDAP server. Then, the account can be assigned an NSX role, like in an on-premises environment, to provide role-based access for NSX users.
+You can set up NSX to use an external Lightweight Directory Access Protocol (LDAP) directory service to authenticate users. A user can sign in by using their Windows Server Active Directory account credentials or credentials from a non-Microsoft LDAP server. Then, the account can be assigned an NSX role, like in an on-premises environment, to provide role-based access for NSX users.
 
 :::image type="content" source="media/nsxt/azure-vmware-solution-to-ldap-server.png" alt-text="Screenshot that shows NSX connectivity to the LDAP Windows Server Active Directory server." lightbox="media/nsxt/azure-vmware-solution-to-ldap-server.png":::
 
 ## Prerequisites
 
 - A working connection from your Windows Server Active Directory network to your Azure VMware Solution private cloud.
 - A network path from your Windows Server Active Directory server to the management network of the instance of Azure VMware Solution in which NSX is deployed.
-- A Windows Server Active Directory domain controller that has a valid certificate. The certificate can be issued by a [Windows Server Active Directory Certificate Services Certificate Authority (CA)](https://social.technet.microsoft.com/wiki/contents/articles/2980.ldap-over-ssl-ldaps-certificate.aspx) or by a [third-party CA](/troubleshoot/windows-server/identity/enable-ldap-over-ssl-3rd-certification-authority).
+- A Windows Server Active Directory domain controller that has a valid certificate. The certificate gets issued by a [Windows Server Active Directory Certificate Services Certificate Authority (CA)](https://social.technet.microsoft.com/wiki/contents/articles/2980.ldap-over-ssl-ldaps-certificate.aspx) or by a [third-party CA](/troubleshoot/windows-server/identity/enable-ldap-over-ssl-3rd-certification-authority).
 
    We recommend that you use two domain controllers that are located in the same Azure region as the Azure VMware Solution software-defined datacenter.
 
    > [!NOTE]
-   > Self-signed certificates are not recommended for production environments.
+   > Self-signed certificates aren't recommended for production environments.
 
 - An account that has Administrator permissions.
 - Azure VMware Solution DNS zones and DNS servers that are correctly configured. For more information, see [Configure NSX DNS for resolution to your Windows Server Active Directory domain and set up DNS forwarder](configure-dns-azure-vmware-solution.md).
@@ -41,7 +41,7 @@ You can set up NSX to use an external Lightweight Directory Access Protocol (LDA
 
    :::image type="content" source="media/nsxt/configure-nsx-t-pic-1.png" alt-text="Screenshot that shows NSX Manager with the options highlighted.":::
 
-1. Enter values for **Name**, **Domain Name (FQDN)**, **Type**, and **Base DN**.  You can add a description (optional).
+1. Enter values for **Name**, **Domain Name (FQDN)**, **Type**, and **Base DN**. You can add a description (optional).
 
    The base DN is the container where your user accounts are kept. The base DN is the starting point that an LDAP server uses when it searches for users in an authentication request. For example, **CN=users,dc=azfta,dc=com**.
 
@@ -50,7 +50,7 @@ You can set up NSX to use an external Lightweight Directory Access Protocol (LDA
 
    :::image type="content" source="media/nsxt/configure-nsx-t-pic-2.png" alt-text="Screenshot that shows the User Management Add Identity Source page in NSX Manager." lightbox="media/nsxt/configure-nsx-t-pic-2.png":::
 
-1. Next, under **LDAP Servers**, select **Set** as shown in the preceding screenshot.
+1. Under **LDAP Servers**, select **Set**, as shown in the previous screenshot.
 
 1. On **Set LDAP Server**, select **Add LDAP Server**, and then enter or select values for the following items:
 
@@ -61,7 +61,7 @@ You can set up NSX to use an external Lightweight Directory Access Protocol (LDA
     | **Port**     | Leave the default secure LDAP port. |
     | **Enabled**              | Leave as **Yes**. |
     | **Use Start TLS**        | Required only if you use standard (unsecured) LDAP. |
-    | **Bind Identity**        | Use your account that has read permissions to directory. For example, `<[email protected]>`. |
+    | **Bind Identity**        | Use your account that read permissions to directory. For example, `<[email protected]>`. |
     | **Password**            | Enter the password for the LDAP server. This password is the one that you use with the example `<[email protected]>` account. |
     | **Certificate**          | Leave empty (see step 6). |
 
@@ -76,7 +76,7 @@ You can set up NSX to use an external Lightweight Directory Access Protocol (LDA
 1. To add a second domain controller or another external identity provider, return to step 1.
 
 > [!NOTE]
-> A recommended practice is to have two domain controllers to act as LDAP servers. You can also put the LDAP servers behind a load balancer.
+> The recommended practice is to have two domain controllers to act as LDAP servers. You can also put the LDAP servers behind a load balancer.
 
 ## Assign roles to Windows Server Active Directory identities
 
@@ -90,7 +90,7 @@ After you add an external identity, you can assign NSX roles to Windows Server A
 
    1. Select the external identity provider that you selected in step 3 in the preceding section. For example, **NSX External Identity Provider**.
 
-   1. Enter the first few characters of the user's name, the user's sign-in ID, or a group name to search the LDAP directory. Then select a user or group from the list of results.
+   1. Search the LDAP directory by entering the first few characters of the user's name, the user's sign-in ID, or a group name. Select a user or group from the list of results.
 
    1. Select a role. In this example, assign the FTAdmin user the CloudAdmin role.
 

articles/azure-vmware/configure-external-identity-source-nsx-t.md

@@ -3,7 +3,7 @@ title: Set a default internet route or turn off internet access
 description: Learn how to set a default internet route or turn off internet access in your Azure VMware Solution private cloud.
 ms.topic: how-to
 ms.service: azure-vmware
-ms.date: 3/22/2024
+ms.date: 3/26/2026
 ms.custom: engagement-fy23
 # Customer intent: "As a cloud administrator, I want to configure the default internet route for my private cloud, so that I can effectively manage internet access for my Azure VMware Solution environment."
 ---
@@ -19,13 +19,13 @@ With a default route set, you can achieve the following tasks:
 - Turn off internet access to your Azure VMware Solution private cloud.
 
   > [!NOTE]
-  > Ensure that a default route is not advertised from on-premises or from Azure. An advertised default route overrides this setup.
+  > Ensure that a default route isn't advertised from on-premises or from Azure. An advertised default route overrides this setup.
 
-- Turn on internet access by generating a default route from Azure Firewall or from a third-party NVA.
+- Turn on internet access by generating a default route from Azure Firewall or from a non-Microsoft NVA.
 
 ## Prerequisites
 
-- An Azure VMware Solution private cloud.
+- Have an Azure VMware Solution private cloud.
 - If internet access is required, a default route must be advertised from an instance of Azure Firewall, an NVA, or a virtual WAN hub.
 
 ## Set a default internet access route

articles/azure-vmware/disable-internet-access.md

@@ -3,7 +3,7 @@ title: Security solutions for Azure VMware Solution
 description: Learn about leading security solutions for your Azure VMware Solution private cloud.
 ms.topic: how-to
 ms.service: azure-vmware
-ms.date: 12/12/2023
+ms.date: 03/26/2026
 ms.custom: engagement-fy23
 # Customer intent: "As a security administrator managing a VMware-based environment, I want to integrate leading security solutions with Azure VMware Solution, so that I can ensure robust protection and compliance for my workloads in the cloud."
 ---
@@ -14,7 +14,7 @@ A fundamental part of Azure VMware Solution is security. It allows customers to
 
 Our security partners have industry-leading solutions in VMware-based environments that cover many aspects of the security ecosystem like threat protection and security scanning. Our customers adopted many of these solutions integrated with VMware NSX-T Data Center for their on-premises deployments. As one of our key principles, we want to enable them to continue to use their investments and VMware solutions running on Azure. Many of these Independent Software Vendors (ISV) validated their solutions with Azure VMware Solution.
 
-You can find more information about these solutions here:
+Discover more information about these solutions:
 
 - [Bitdefender](https://businessinsights.bitdefender.com/expanding-security-support-for-azure-vmware-solution)
 - [Trend Micro Deep Security](https://www.trendmicro.com/en_us/business/products/hybrid-cloud/deep-security.html)

articles/azure-vmware/ecosystem-security-solutions.md

@@ -3,7 +3,7 @@ title: Support for Azure VMware Solution deployment or provisioning failure
 description: Get information from your Azure VMware Solution private cloud to file a service request for an Azure VMware Solution deployment or provisioning failure.
 ms.topic: how-to
 ms.service: azure-vmware
-ms.date: 12/13/2023
+ms.date: 03/27/2026
 ms.custom: engagement-fy23
 # Customer intent: "As a cloud administrator, I want to gather key information from my Azure VMware Solution deployment failure, so that I can file an effective support request to resolve the issue quickly."
 ---

articles/azure-vmware/fix-deployment-failures.md

@@ -3,7 +3,7 @@ title: Protect web apps on Azure VMware Solution with Azure Application Gateway
 description: Configure Azure Application Gateway to securely expose your web apps running on Azure VMware Solution.
 ms.topic: how-to
 ms.service: azure-vmware
-ms.date: 3/21/2024
+ms.date: 3/18/2026
 ms.custom:
   - engagement-fy23
   - sfi-image-nochange
@@ -57,7 +57,7 @@ The Application Gateway instance gets deployed on the hub in a dedicated subnet
     > [!NOTE]
     > Only standard and Web Application Firewall (WAF) SKUs are supported for private frontends.
 
-4. Add a backend pool of the VMs that run on Azure VMware Solution infrastructure. Provide the details of web servers that run on the Azure VMware Solution private cloud and select **Add**.  Then select **Next: Configuration>**.
+4. Add a backend pool of the VMs that run on Azure VMware Solution infrastructure. Provide the details of web servers that run on the Azure VMware Solution private cloud and select **Add**. Then select **Next: Configuration>**.
 
 5. On the **Configuration** tab, select **Add a routing rule**.
 
@@ -89,7 +89,7 @@ Now configure Application Gateway with Azure VMware Solution VMs as backend pool
 This procedure shows you how to define backend address pools using VMs running on an Azure VMware Solution private cloud on an existing application gateway.
 
 >[!NOTE]
->This procedure assumes you have multiple domains, so we'll use examples of www.contoso.com and www.contoso2.com.
+>This procedure assumes you have multiple domains, so the example uses www.contoso.com and www.contoso2.com.
 
 1. In your private cloud, create two different pools of VMs. One represents Contoso and the second contoso2.
 

articles/azure-vmware/protect-azure-vmware-solution-with-application-gateway.md

@@ -3,7 +3,7 @@ title: Remove Arc-enabled Azure VMware Solution vSphere resources from Azure
 description: Learn how to remove Arc-enabled Azure VMware Solution vSphere resources from Azure.
 ms.topic: how-to 
 ms.service: azure-vmware
-ms.date: 12/18/2023
+ms.date: 03/18/2026
 ms.custom: references_regions, engagement-fy23
 # Customer intent: As a system administrator, I want to remove Arc-enabled Azure VMware Solution vSphere resources from Azure, so that I can discontinue management and eliminate unnecessary costs associated with Azure services.
 ---
@@ -32,7 +32,7 @@ Use the following steps to uninstall extensions from the portal.
 > **Steps 2-5** must be performed for all the VMs that have VM extensions installed.
 
 1. Sign in to your Azure VMware Solution private cloud. 
-1. Select **Virtual machines** in **Private cloud**, found in the left navigation under “vCenter Server Inventory Page".
+1. Select **Virtual machines** in **Private cloud** from the left navigation under the 'vCenter Server Inventory' page.
 1. Search and select the virtual machine where you have **Guest management** enabled.
 1. Select **Extensions**.
 1. Select the extensions and select **Uninstall**.