resolving conflicts (hopefully)

Author: Iaan D'Souza-Wiltshire

.openpublishing.publish.config.json

@@ -68,12 +68,6 @@
       "branch": "master",
       "branch_mapping": {}
     },
-    {
-      "path_to_root": "msft-shared-content",
-      "url": "https://github.com/MicrosoftDocs/reusable-content",
-      "branch": "main",
-      "branch_mapping": {}
-    },
     {
       "path_to_root": "shared-content",
       "url": "https://github.com/MicrosoftDocs/powerapps-docs-pr",
@@ -108,4 +102,4 @@
   "docs_build_engine": {
     "name": "docfx_v3"
   }
-}
+}

power-platform/admin/TOC.yml

@@ -97,7 +97,7 @@
                 - name: Add-ons
                   href: power-automate-licensing/add-ons.md
                 - name: Request a Power Automate premium license
-                  href: power-automate-licensing/request-premium-license.md 
+                  href: power-automate-licensing/request-premium-license.md
             - name: Power Platform licensing FAQs
               href: powerapps-flow-licensing-faq.md
             - name: Pay-as-you-go plan
@@ -156,10 +156,10 @@
                       href: cmk-lock-unlock.md
                     - name: Migrate from BYOK (preview)
                       href: cmk-migrate-from-byok.md
-                - name: Trial environments
-                  href: trial-environments.md
                 - name: Sandbox environment
                   href: sandbox-environments.md
+                - name: Trial environments
+                  href: trial-environments.md
                 - name: Dataverse for Teams environment
                   href: about-teams-environment.md
                 - name: View apps in your environments
@@ -180,7 +180,7 @@
                   href: managed-environment-usage-insights.md
                 - name: Data policies
                   href: managed-environment-data-policies.md
-                - name: Use solution checker (preview)
+                - name: Solution checker enforcement (preview)
                   href: managed-environment-solution-checker.md
                 - name: Licensing
                   href: managed-environment-licensing.md
@@ -457,7 +457,7 @@
                   items:
                     - name: Control user access to environments
                       href: control-user-access.md
-                    - name: "Restrict cross-tenant access (preview)"
+                    - name: Restrict cross-tenant access
                       href: cross-tenant-restrictions.md
                     - name: Content security policy
                       href: content-security-policy.md
@@ -599,7 +599,7 @@
                   href: analytics-ui-flow.md
             - name: Reports
               items:
-                - name: Tenant-level analytics (default)
+                - name: Tenant-level analytics (preview)
                   href: tenant-level-analytics.md
                 - name: Power Apps analytics
                   href: powerapps-analytics-reports.md
@@ -1099,3 +1099,9 @@
       href: ../guidance/adoption/methodology.md
     - name: Center of Excellence (CoE) Kit
       href: ../guidance/coe/starter-kit.md
+    - name: Responsible AI
+      items:
+        - name: Overview
+          href: ../transparency-note-overview.md
+        - name: Transparency note for Copilot data security and privacy
+          href: ../transparency-note-copilot-data-security-privacy.md

power-platform/admin/about-lockbox.md

@@ -4,7 +4,7 @@ description: This article covers information on how customers can review and app
 ms.subservice: admin
 ms.component: pa-admin
 ms.topic: conceptual
-ms.date: 04/24/2023
+ms.date: 05/22/2023
 author: mihaelablendea
 ms.author: mihaelab
 ms.reviewer: sericks
@@ -118,6 +118,12 @@ Admins can directly export the result set based on the filter criteria.
 
 :::image type="content" source="media/lockbox-audit-search-results.png" alt-text="Lockbox audit search results.":::
 
+Customer Lockbox produces two types of audit logs:
+1.	Logs that are initiated by Microsoft and correspond to lockbox request being created, expired, or when access sessions end. This set of audit logs do not correspond to a specific user ID since the actions are initiated by Microsoft.
+2.	Logs that are initiated by end user actions, such as when a user approves or denies a lockbox request. If the user that performs these operations does not have an E5 license assigned, the logs are filtered out and will not show up in the audit logs.
+
+By default, the audit logs are preserved for a duration of one year. You need a 10-Year Audit Log Retention add-on license to retain audit records for 10 years. See [Audit (Premium)](/microsoft-365/compliance/audit-solutions-overview?view=o365-worldwide#audit-premium-1&preserve-view=true) for more details on audit log retention.
+
 ## Licensing requirements for Customer Lockbox
 
 Customer Lockbox policy will be enforced only on environments that are activated for Managed Environments. Managed Environments is included as an entitlement in standalone Power Apps, Power Automate, Power Virtual Agents, Power Pages, and Dynamics 365 licenses that give premium usage rights. To learn more about Managed Environment licensing, see [Licensing](managed-environment-licensing.md) and [Licensing overview for Microsoft Power Platform](pricing-billing-skus.md).
@@ -128,17 +134,20 @@ In addition, access to Customer Lockbox for Microsoft Power Platform and Dynamic
 - Microsoft 365 A5/E5/F5/G5 Compliance
 - Microsoft 365 F5 Security & Compliance
 - Microsoft 365 A5/E5/F5/G5 Insider Risk Management
+- Microsoft 365 A5/E5/F5/G5 Information Protection and Governance
 [Learn more](https://go.microsoft.com/fwlink/?linkid=2214240) about applicable licenses.
 
 ## Exclusions
 
-Lockbox requests aren't triggered in the following engineering support scenarios:
+- Lockbox requests aren't triggered in the following engineering support scenarios:
+
+    - Emergency scenarios that fall outside of standard operating procedures, such as a major service outage that requires immediate attention to recover or restore services in unexpected or unpredictable cases. These “break glass” events are rare and, in most instances, don't require any access to customer data to resolve.
 
-- Emergency scenarios that fall outside of standard operating procedures, such as a major service outage that requires immediate attention to recover or restore services in unexpected or unpredictable cases. These “break glass” events are rare and, in most instances, don't require any access to customer data to resolve.
+    - A Microsoft engineer accesses the underlying platform as part of troubleshooting and is inadvertently exposed to customer data. It's rare that such scenarios would result in access to meaningful quantities of customer data.  
 
-- A Microsoft engineer accesses the underlying platform as part of troubleshooting and is inadvertently exposed to customer data. It's rare that such scenarios would result in access to meaningful quantities of customer data.  
+- Customer Lockbox requests are also not triggered by external legal demands for data. For details, refer to the discussion of government requests for data in the [Microsoft Trust Center](https://www.microsoft.com/trust-center/).
 
-Customer Lockbox requests are also not triggered by external legal demands for data. For details, refer to the discussion of government requests for data in the [Microsoft Trust Center](https://www.microsoft.com/trust-center/).
+- Customer Lockbox won't apply to the access and manual review of customer data shared for Copilot AI features. Customer Lockbox will remain enabled for all in-scope data. 
 
 ## Known issues
 

power-platform/admin/analytics-powerapps.md

@@ -4,10 +4,10 @@ description: "Admins can view Microsoft Power Apps analytics in the Power Platfo
 author: tjvass
 ms.component: pa-admin
 ms.topic: conceptual
-ms.date: 10/18/2020
+ms.date: 05/04/2023
 ms.subservice: admin
 ms.author: tjvass
-ms.reviewer: jimholtz
+ms.reviewer: sericks
 search.audienceType: 
   - admin
 ---
@@ -53,7 +53,7 @@ There are six reports available for Power Apps admins. The last viewed environme
 > [!div class="mx-imgBorder"] 
 > ![Power Apps analytics error report.](media/powerapps-analytics-toast-errors.png "Power Apps analytics error report")
 
-**Service Performance** report provides details of all standard and custom connectors to understand performance bottlenecks and client versus service API issues. An environment admin will get insights into:  
+**Service Performance** report provides details of all standard and custom connectors to understand performance bottlenecks and client versus service API issues. An environment admin gets insights into:  
 
 - Connectors used in the environment. 
 - Best and least performant service and the API service response times.  
@@ -62,18 +62,18 @@ There are six reports available for Power Apps admins. The last viewed environme
 - The number of HTTP 500 error codes of connectors indicating issues around the server not responding to calls from the client. 
 - The number of successful connection requests. 
 
-All the service performance KPI's can be filtered with attributes like a specific service or connector, device platform, player version, and country, state, or city to drill down into the specific API. 
+All the service performance KPIs can be filtered with attributes like a specific service or connector, device platform, player version, and country, state, or city to drill down into the specific API. 
 
 > [!div class="mx-imgBorder"] 
 > ![Power Apps analytics service performance report.](media/powerapps-analytics-service-performance.png "Power Apps analytics service performance report")
 
-**Connectors report** provides visibility into the standard and custom connectors being used by canvas apps. The last 28 days of data is visible at the environment level.  
+**Connectors report** provides visibility into the standard and custom connectors being used by canvas apps. The last 28 days of data are visible at the environment level.  
 
-Admins can gain insights into the number of connectors associated with each app, the specific connectors being used by each app, and the owner of the connector. It also provides data on the number of times the app has been shared, the number of app sessions, and the last accessed time for visibility into high usage apps and connectors.  
+Admins can gain insights into the number of connectors associated with each app, the specific connectors being used by each app, and the owner of the connector. It also provides data on the number of times the app has been shared, the number of app sessions, and the last accessed time for visibility into high usage apps and connectors. At this time, this functionality is limited to only connections that the admin owns, and only activity on those specific connections.  
 
-**A sample scenario**: An admin can gain insight into the number of shares and usage of a specific finance app using one or more connectors. This will allow the admin to engage with the app owner to ensure no sensitive data is inadvertently being shared through the app.  
+**A sample scenario**: An admin can gain insight into the number of shares and usage of a specific finance app using one or more connectors. This allows the admin to engage with the app owner to ensure no sensitive data is inadvertently being shared through the app.  
 
-Note that the current iteration of this specific report does not have a download report feature. 
+The current iteration of this specific report does not have a download report feature. 
 
 > [!div class="mx-imgBorder"] 
 > ![Power Apps analytics connector report.](media/powerapps-analytics-connector.png "Power Apps analytics connector report")

power-platform/admin/associate-email-address.md

@@ -4,10 +4,10 @@ description: Associate an email address with a row.
 author: DanaMartens
 ms.component: pa-admin
 ms.topic: conceptual
-ms.date: 11/5/2021
+ms.date: 05/05/2023
 ms.subservice: admin
 ms.author: dmartens
-ms.reviewer: jimholtz
+ms.reviewer: sericks
 search.audienceType: 
   - admin
 ---
@@ -29,7 +29,8 @@ When customer engagement apps track an email, it associates the email address to
 If the email address resolves to more than 100 rows, the **From** field will not be associated to a row and appears as unresolved.
 
 > [!NOTE]
-> The only exception is when the owner of the mailbox or queue tracking the email is the owner of the duplicated row. A row that's owned by you takes precedence over any rows that you don't own. For example, if the email address exists in a contact and account table and the mailbox owner also owns the account but not the contact, the **From** field will resolve to the account.
+> - The only exception is when the owner of the mailbox or the queue tracking the email is the owner of the duplicated row. A row that's owned by you takes precedence over any rows that you don't own. For example, if the email address exists in a contact and account table and the mailbox owner also owns the account but not the contact, the **From** field will resolve to the account.
+> - When an email is tracked immediately by an app, such as Dynamics 365 App for Outlook, the list of records which may be associated are limited to those which the user can access. However, if the email is created by Server-Side Sync, the creation of the email is performed by the SYSTEM account which has access to all records. 
 
 In the email **To** field,  all of the rows of email-enabled tables with the email address will be listed.