Merge pull request #85698 from iainfoulds/azureadds-mvc-updatelinks

PRMerger9 · web-flow · commit 02ab20a0ad0f · 2019-08-16T13:13:40.000-07:00
[AzureADDS] Update inbound links from external doc
diff --git a/articles/vmware-cloudsimple/azure-ad.md b/articles/vmware-cloudsimple/azure-ad.md
@@ -58,16 +58,16 @@ You can optionally configure other Azure AD features.  These are not required fo
 3. Configure Administrator Group for managing Azure AD Domain Services as described in [Enable Azure Active Directory Domain Services using the Azure portal](../active-directory-domain-services/active-directory-ds-getting-started-admingroup.md).
 4. Update DNS settings for your Azure AD Domain Services as described in [Enable Azure Active Directory Domain Services](../active-directory-domain-services/active-directory-ds-getting-started-dns.md).  If you want to connect to AD over the Internet, set up the DNS record for the public IP address of the Azure AD domain services to the domain name.
 5. Enable password hash synchronization for users.  This step enables synchronization of password hashes required for NT LAN Manager (NTLM) and Kerberos authentication to Azure AD Domain Services. After you've set up password hash synchronization, users can sign in to the managed domain with their corporate credentials. See [Enable password hash synchronization to Azure Active Directory Domain Services](../active-directory-domain-services/active-directory-ds-getting-started-password-sync.md).
-    1. If cloud-only users are present, they must change their password using <a href="http://myapps.microsoft.com/" target="_blank">Azure AD access panel</a> to ensure password hashes are stored in the format required by NTLM or Kerberos.  Follow instructions in [Enable password hash synchronization to your managed domain for cloud-only user accounts](../active-directory-domain-services/active-directory-ds-getting-started-password-sync.md#task-5-enable-password-hash-synchronization-to-your-managed-domain-for-cloud-only-user-accounts).  This step must be done for individual users and any new user who is created in your Azure AD directory using the Azure portal or Azure AD PowerShell cmdlets. Users who require access to Azure AD domain services must use the <a href="http://myapps.microsoft.com/" target="_blank">Azure AD access panel</a> and access their profile to change the password.
+    1. If cloud-only users are present, they must change their password using <a href="http://myapps.microsoft.com/" target="_blank">Azure AD access panel</a> to ensure password hashes are stored in the format required by NTLM or Kerberos.  Follow instructions in [Enable password hash synchronization to your managed domain for cloud-only user accounts](../active-directory-domain-services/tutorial-create-instance.md#enable-user-accounts-for-azure-ad-ds).  This step must be done for individual users and any new user who is created in your Azure AD directory using the Azure portal or Azure AD PowerShell cmdlets. Users who require access to Azure AD domain services must use the <a href="http://myapps.microsoft.com/" target="_blank">Azure AD access panel</a> and access their profile to change the password.
 
         > [!NOTE]
         > If your organization has cloud-only user accounts, all users who need to use Azure Active Directory Domain Services must change their passwords. A cloud-only user account is an account that was created in your Azure AD directory using either the Azure portal or Azure AD PowerShell cmdlets. Such user accounts aren't synchronized from an on-premises directory.
 
-    2. If you are synchronizing passwords from your on-premises Active directory, follow the steps in the [Active Directory documentation](../active-directory-domain-services/active-directory-ds-getting-started-password-sync-synced-tenant.md.
+    2. If you are synchronizing passwords from your on-premises Active directory, follow the steps in the [Active Directory documentation](../active-directory-domain-services/active-directory-ds-getting-started-password-sync-synced-tenant.md).
 
-6.  Configure secure LDAP on your Azure Active Directory Domain Services as described in [Configure secure LDAP (LDAPS) for an Azure AD Domain Services managed domain](../active-directory-domain-services/active-directory-ds-admin-guide-configure-secure-ldap.md).
-    1. Upload a certificate for use by secure LDAP as described in the Azure topic [obtain a certificate for secure LDAP](../active-directory-domain-services/configure-ldaps.md#task-1---obtain-a-certificate-for-secure-ldap).  CloudSimple recommends using a signed certificate issued by a certificate authority to ensure that vCenter can trust the certificate.
-    2. Enable secure LDAP as described [Enable secure LDAP (LDAPS) for an Azure AD Domain Services managed domain](../active-directory-domain-services/active-directory-ds-admin-guide-configure-secure-ldap-enable-ldaps.md).
+6.  Configure secure LDAP on your Azure Active Directory Domain Services as described in [Configure secure LDAP (LDAPS) for an Azure AD Domain Services managed domain](../active-directory-domain-services/tutorial-configure-ldaps.md).
+    1. Upload a certificate for use by secure LDAP as described in the Azure topic [obtain a certificate for secure LDAP](../active-directory-domain-services/tutorial-configure-ldaps.md#create-a-certificate-for-secure-ldap).  CloudSimple recommends using a signed certificate issued by a certificate authority to ensure that vCenter can trust the certificate.
+    2. Enable secure LDAP as described [Enable secure LDAP (LDAPS) for an Azure AD Domain Services managed domain](../active-directory-domain-services/tutorial-configure-ldaps.md).
     3. Save the public part of the certificate (without the private key) in .cer format for use with vCenter while configuring the identity source.
     4. If Internet access to the Azure AD domain services is required, enable the 'Allow secure access to LDAP over internet' option.
     5. Add the inbound security rule for the Azure AD Domain services NSG for TCP port 636.
