Merge pull request #879 from netwrix/fix/vale-dale-claudemd-privilegesecure

Fix/vale dale claudemd privilegesecure

Author: jth-nw

docs/kb/privilegesecure/active-directory-configuration/changing-the-active-directory-ou-where-users-get-created.md

@@ -43,7 +43,7 @@ The Active Directory OU where Netwrix Privilege Secure users get created can be
    }
    ```
 
-3. Example: if the desired OU's Distinguished Name (DN) is “OU=Prod,OU=PAM,OU=SbPAM Users,DC=lab,DC=local”, change `"SbPAM Users"` in the example above to `"Prod,OU=PAM,OU=SbPAM Users"`.
+3. Example: if the desired OU's Distinguished Name (DN) is “OU=Prod,OU=PAM,OU=SbPAM Users,DC=lab,DC=local”, change `"SbPAM Users"` in the preceding example to `"Prod,OU=PAM,OU=SbPAM Users"`.
 
    NOTE: The leading `OU=` and trailing `DC=` segments are dropped.
 
@@ -57,6 +57,6 @@ The Active Directory OU where Netwrix Privilege Secure users get created can be
 
 4. Save the `appsettings.json` file.
 
-After this change, users created or managed by Netwrix Privilege Secure will be created or managed in the newly specified Active Directory OU.
+After this change, users created or managed by Netwrix Privilege Secure are created or managed in the newly specified Active Directory OU.
 
 NOTE: Activities that are run with Managed login accounts, and were run before this configuration change was made, may still create user account objects in the SbPAM Users OU. To circumvent this behavior, change the **Login Account Template** on the activity. This will prevent the activity from referencing any historical Postgres data referring to the SbPAM Users OU.

docs/kb/privilegesecure/authentication-and-mfa/add-active-directory-federation-services-ad-fs-as-an-authentication-connector-openid-connect.md

@@ -138,4 +138,4 @@ Once the *Steps for AD FS* have been completed, take the following steps in Netw
 
    ![User-added image](./../0-images/ka04u000000HcZn_0EM4u000004bUgl.png)
 
-When using the OIDC log-in option, the user will be redirected to log in to AD FS. Upon successful authentication, the user will be redirected to the Netwrix Privilege Secure UI as their now logged-in user.
+When using the OIDC log-in option, the user is redirected to log in to AD FS. Upon successful authentication, the user is redirected to the Netwrix Privilege Secure UI as their now logged-in user.

docs/kb/privilegesecure/authentication-and-mfa/add-microsoft-entra-id-as-an-authentication-connector-openid-connect.md

@@ -44,7 +44,7 @@ Perform the following steps in Microsoft Entra ID as an administrator to prepare
 
    ![App registration page with Redirect URI field highlighted](./../0-images/ka0Qk000000DtGP_0EM4u000004bUjf.png)
 
-4. Click **Register**. After registration completes, you will be redirected to the new app's **Overview** page.
+4. Click **Register**. After registration completes, you are redirected to the new app's **Overview** page.
 5. In the left sidebar, click **Authentication**. Scroll down and enter the same **Callback Address** from Step 3 in the **Front-channel logout URL** field.  
    Enable the following checkboxes:
    - **Access tokens (used for implicit flows)**
@@ -54,8 +54,8 @@ Perform the following steps in Microsoft Entra ID as an administrator to prepare
 
 6. Click **Save** at the top of the page, then return to the app's **Overview** page.
 7. Click **Endpoints** near the top of the page. Copy the **OpenID Connect metadata document** URL and open it in a new browser tab.  
-   This will display JSON data. To make it easier to read, consider using a JSON browser extension such as **JSON Formatter** for Chromium-based browsers.
-8. While viewing the JSON data, find the **Issuer** key. **Copy only the value between the forward slashes**, not the entire line. In this case, it will be a URL.  
+   This displays JSON data. To make it easier to read, consider using a JSON browser extension such as **JSON Formatter** for Chromium-based browsers.
+8. While viewing the JSON data, find the **Issuer** key. **Copy only the value between the forward slashes**, not the entire line. In this case, it is a URL.  
    For example:
 
    ```text
@@ -81,7 +81,7 @@ After completing the **Steps for Microsoft Entra ID**, perform the following ste
 5. Click **Test Connection**.  
    On the Microsoft Entra ID sign-in page that loads, **do not sign in**. Once you have verified that the sign-in page loaded properly, click the back button in your browser to return to Netwrix Privilege Secure. The connection test is successful if Microsoft Entra ID did not display an error.
 6. Click **Next** to advance in the Authentication Connector Configuration Wizard. You will now be on the **Test Login** page.
-7. Click **Login** and sign in as any Microsoft Entra ID user (this does not need to be an administrator). You will be prompted to accept the app's requested permissions. Check **Consent on behalf of your organization** and click **Accept**.
+7. Click **Login** and sign in as any Microsoft Entra ID user (this does not need to be an administrator). You are prompted to accept the app's requested permissions. Check **Consent on behalf of your organization** and click **Accept**.
 
    ![Microsoft Entra ID permissions consent dialog](./../0-images/ka0Qk000000DtGP_0EM4u000004bUjz.png)
 
@@ -112,4 +112,4 @@ After completing the **Steps for Microsoft Entra ID**, perform the following ste
 
     ![Netwrix Privilege Secure login screen with OpenID Connect option](./../0-images/ka0Qk000000DtGP_0EM4u000004bUkO.png)
 
-    When using the OpenID Connect log-in option, the user will be redirected to sign in to Microsoft Entra ID. Upon successful authentication, the user will be redirected to the Netwrix Privilege Secure UI as their signed-in user.
+    When using the OpenID Connect log-in option, the user is redirected to sign in to Microsoft Entra ID. Upon successful authentication, the user is redirected to the Netwrix Privilege Secure UI as their signed-in user.

docs/kb/privilegesecure/authentication-and-mfa/add-microsoft-entra-id-as-an-authentication-connector-saml.md

@@ -102,7 +102,7 @@ This article outlines the process of adding Microsoft Entra ID (formerly Azure A
 7. Open the certificate obtained during the Steps for Microsoft Entra ID. Copy the text between `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----` into the **Certificate** field in the Authentication Connector Configuration Wizard.
 8. Click **Login**, and log in as the Microsoft Entra ID user associated with the Enterprise Application from Step 8 in the Steps for Microsoft Entra ID. Upon successful sign-in, you’ll be redirected back to the wizard in Netwrix Privilege Secure.
 
-   If the sign-in was successful, the Provider User Name/Id will display. This is passed to the UserTokenController so that the user information can be extracted. Click **Next**.
+   If the sign-in was successful, the Provider User Name/Id displays. This is passed to the UserTokenController so that the user information can be extracted. Click **Next**.
 
 9. You will now be on the **Configure Id Mapping** page.
 
@@ -140,4 +140,4 @@ This article outlines the process of adding Microsoft Entra ID (formerly Azure A
 
     ![User-added image](./../0-images/ka0Qk0000003IQD_0EM4u000004bUlH.png)
 
-    When using the SAML log-in option, the user will be redirected to sign in to Microsoft Entra ID. Upon successful authentication, the user will be redirected to the Netwrix Privilege Secure UI as their now signed-in user.
+    When using the SAML log-in option, the user is redirected to sign in to Microsoft Entra ID. Upon successful authentication, the user is redirected to the Netwrix Privilege Secure UI as their now signed-in user.

docs/kb/privilegesecure/authentication-and-mfa/how-to-configure-a-duo-radius-proxy-for-multi-factor-authentication.md

@@ -30,7 +30,7 @@ This article lists the steps to configure a Duo RADIUS proxy server as a multi-f
 
 ## Instructions
 
-1. On your RADIUS server, follow the default path below to open the `authproxy.cfg` file.
+1. On your RADIUS server, follow the following path to open the `authproxy.cfg` file.
 
 ```
 %ProgramFiles%\Duo Security Authentication Proxy\conf\authproxy.cfg
@@ -60,10 +60,10 @@ port=1812
 
 - **IP**, **Remote Port**, and **Shared Secret** match the corresponding values in the `authproxy.cfg` file.
 - The **Prefix for Response Text** field contains a comma. In case the PAP protocol is used, no prefix is needed.
-- Both **Initial Auto-Response Text** and **Send Initial Text** features are optional. If you specify the `push` auto-response text and enable the **Send Initial Text** feature, a Duo push will be automatically initiated.
+- Both **Initial Auto-Response Text** and **Send Initial Text** features are optional. If you specify the `push` auto-response text and enable the **Send Initial Text** feature, a Duo push is automatically initiated.
 
 5. Save the changes to the configuration.
 
 > **NOTE:** You can assign Duo as an authenticator connector for any NPS user. In the main NPS screen, click **Policy** > **Users & Groups**. Select any user and proceed to the **Authenticator Connector** tab. Select the **Duo** option.
 
-On their login to NPS, the configured user should both enter their password and see the multi-factor authentication prompt from Duo. During the initial login, they will be asked to perform the initial Duo enrollment.
+On their login to NPS, the configured user should both enter their password and see the multi-factor authentication prompt from Duo. During the initial login, they are asked to perform the initial Duo enrollment.

docs/kb/privilegesecure/certificates-and-security/configure_proxy_for_rdp_connections_install_update_certificate_to_prevent_rdp_certificate_warnings.md

@@ -37,7 +37,7 @@ This article outlines the process for installing or updating a certificate to pr
 
 ### Generate Certificate
 
-> **NOTE:** If you already have a certificate to install, you can skip to the **Adding the Certificate to Each SbPAM Proxy Server** section below.
+> **NOTE:** If you already have a certificate to install, you can skip to the [Adding the Certificate to Each SbPAM Proxy Server](#adding-the-certificate-to-each-sbpam-proxy-server) section.
 
 1. Open **Certification Authority**, open your CA, right-click **Certificate Templates**, and click **Manage**.
    ![Certification Authority console with Certificate Templates context menu open](../0-images/servlet_image_ebb3b2e4c66a.png)

docs/kb/privilegesecure/certificates-and-security/installing-an-iis-certificate.md

@@ -51,7 +51,7 @@ Netwrix Privilege Secure service configuration files will need to be updated to
 ![User-added image](./../0-images/ka04u000001172V_0EM4u000004dDEz.png)
 
 Enter the FQDN that matches the name of your cert (e.g. `https://yourcert.company.com:6500`). Leave **Ignore HTTPS Certificate Errors** unchecked.
-Click the **Register Services** button. A "Services registered" pop-up will appear when the necessary changes have been made.
+Click the **Register Services** button. A "Services registered" pop-up appears when the necessary changes have been made.
 
 ### Updating Service Configuration Files (Netwrix Privilege Secure 3.5 or earlier)
 Netwrix Privilege Secure service configuration files will need to be updated to use the same DNS name as the certificate. The following files will need to be edited:

docs/kb/privilegesecure/certificates-and-security/renewing-the-jwt-signing-certificate.md

@@ -37,7 +37,7 @@ Stop-Service sbpam* -Force
 Stop-Service w3svc -Force
 ```
 
-2. In Windows Explorer, navigate to the Program Data directory for Privilege Secure (for example, `C:\ProgramData\Stealthbits\PAM\`). From here, open the **WebService** folder, and then open `appsettings.jwt.json` in Notepad. In `appsettings.jwt.json`, locate the `"Jwt"` section (such as the example below) and delete all of it. This is the trigger to generate a new JWT Signing Certificate:
+2. In Windows Explorer, navigate to the Program Data directory for Privilege Secure (for example, `C:\ProgramData\Stealthbits\PAM\`). From here, open the **WebService** folder, and then open `appsettings.jwt.json` in Notepad. In `appsettings.jwt.json`, locate the `"Jwt"` section (such as the following example) and delete all of it. This is the trigger to generate a new JWT Signing Certificate:
 
 ```json
 "Jwt": {

docs/kb/privilegesecure/client-tools-and-integrations/enable-session-extension-countdown-tab-display-for-sbpam-ssh-sessions-in-mobaxterm.md

@@ -30,7 +30,7 @@ Netwrix Privilege Secure’s SSH Session Extension countdown does not display in
 
 ## Instructions
 
-As shown in the screenshot below, the SSH session’s **"Lock terminal title"** setting should be disabled in the session’s **Bookmark Settings** within MobaXTerm.
+As shown in the following screenshot, the SSH session’s **"Lock terminal title"** setting should be disabled in the session’s **Bookmark Settings** within MobaXTerm.
 
 1. In MobaXTerm, right-click the session in the **Sessions** sidebar.
 2. Click **Edit Settings**.

docs/kb/privilegesecure/database-and-backend/least-privilege-model-for-sql-server-backend.md

@@ -40,7 +40,7 @@ The service account requires the following roles on the PAM database:
 4. ALTER permission on the dbo schema
 5. CREATE TABLE
 
-> **NOTE:** As an alternate privilege, instead of 4. and 5. in the above list, the `db_ddladmin` role may be granted. The purpose of the ALTER/CREATE permissions, whether granted directly or through `ddladmin`, is to allow for non-temporary tables to be created and dropped inside of the NPS database during regular operation of the software.
+> **NOTE:** As an alternate privilege, instead of 4. and 5. in the preceding list, the `db_ddladmin` role may be granted. The purpose of the ALTER/CREATE permissions, whether granted directly or through `ddladmin`, is to allow for non-temporary tables to be created and dropped inside of the NPS database during regular operation of the software.
 
 ### During installations and upgrades