Merge pull request #9389 from MicrosoftDocs/main

Auto push to live 2025-07-22 10:01:50

Author: Simonx Xu

support/azure/azure-storage/files/file-sync/file-sync-troubleshoot-managed-identities.md

@@ -3,7 +3,7 @@ title: Troubleshoot Azure File Sync managed identity issues
 description: Troubleshoot common issues when your Azure File Sync deployment is configured to use managed identities.
 ms.service: azure-file-storage
 ms.topic: troubleshooting
-ms.date: 07/16/2025
+ms.date: 07/22/2025
 author: khdownie
 ms.author: kendownie
 ---
@@ -170,17 +170,18 @@ Set-AzStorageSyncServerEndpointPermission -ResourceGroupName <string> -StorageSy
 > The `-Name` parameter is the name of the server endpoint. It's a GUID, not the friendly name that's displayed in the Azure portal. To get the server endpoint name, run the [Get-AzStorageSyncServerEndpoint](/powershell/module/az.storagesync/get-azstoragesyncserverendpoint) cmdlet.
 
 
-### Sync Session fails with ECS_E_AUTH_IDENTITY_NOT_FOUND error
+### Sync Session fails with the ECS_E_AUTH_IDENTITY_NOT_FOUND error
 
-The `ECS_E_AUTH_IDENTITY_NOT_FOUND` error occurs when the server's managed identity used to communicate with the Azure File Sync service has changed, but the Azure File Sync service is still expecting the previous identity. This can result in authentication failures.
+The `ECS_E_AUTH_IDENTITY_NOT_FOUND` error occurs when the server's managed identity used to communicate with the Azure File Sync service has changed, but the Azure File Sync service is still expecting the previous one, causing authentication to fail.
 
-You can identify this issue by checking for **Event ID 9530** in the **Telemetry** event log within **Event Viewer**. This event indicates that the managed identity's `applicationId` has changed.
+You can identify this issue by checking for **Event ID 9530** in the **Telemetry** event log within **Event Viewer**. This event indicates that the `applicationId` of the managed identity has changed.
 
-Common scenarios that can trigger this issue include:
-- Azure Arc resource deletion and recreation
-- Toggling the system-assigned managed identity on an Azure VM off and then back on
+This issue often occurs in the following situations:
 
-When the managed identity changes, the File Sync agent will attempt to use the new identity, but the Azure File Sync service is still configured to authorize the previous one. This mismatch causes requests to fail with the `ECS_E_AUTH_IDENTITY_NOT_FOUND` error.
+- Azure Arc resource deletion and recreation.
+- Turning off and then re-enabling the system-assigned managed identity on an Azure virtual machine.
+
+When the managed identity changes, the File Sync agent tries to use the new identity, but the Azure File Sync service is still configured to authorize the previous one. This mismatch causes requests to fail with the `ECS_E_AUTH_IDENTITY_NOT_FOUND` error.
 
 To resolve this issue, run the following PowerShell command:
 

support/entra/entra-id/app-integration/application-delegated-permission-access-tokens-identity-platform.md

@@ -34,7 +34,7 @@ Delegated permission tokens can only be obtained from the following flows:
 * [Authorization code grant flow](/azure/active-directory/develop/v2-oauth2-auth-code-flow)
 * [On-Behalf-Of flow](/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow)
 * [Device authorization grant flow](/azure/active-directory/develop/v2-oauth2-device-code)
-* [Resource Owner Password Credentials grant flow](/azure/active-directory/develop/v2-oauth2-device-code)
+* [Resource Owner Password Credentials grant flow](/entra/identity-platform/v2-oauth-ropc)
 
 ## Identify the permission type for an access token
 
@@ -86,4 +86,4 @@ Users often encounter issues when their applications call Microsoft Graph REST e
 * Verify if the endpoint supports delegated permissions, application permissions, or both.
 * Verify that the access token has the correct permissions to call the endpoint.
 
-[!INCLUDE [Azure Help Support](../../../includes/azure-help-support.md)]
+[!INCLUDE [Azure Help Support](../../../includes/azure-help-support.md)]