Add NTM Entra ID Proxy Doc

[nwx-david-wolff]

AB#440150

[github-actions]

Documentation PR Review

Editorial Review

The new appsettings.md and proxy.md files are identical between the 3.1 and 3.2 directories, so the same findings apply to each version. The secure.md changes add only a cross-reference warning admonition and read cleanly.

docs/threatmanager/3.1/install/appsettings.md (and docs/threatmanager/3.2/install/appsettings.md)

• Clarity — Line 15: The first textual reference to the product is "Threat Manager services are configured...". Per the Threat Manager naming convention, the first reference in a topic should be the full product name. Suggested fix: "Netwrix Threat Manager services are configured through JSON configuration files." (Use "Threat Manager" thereafter, as the file already does.)
• Completeness — Line 41 (Web Service row): The table lists the Web Service configuration directory as C:\Program Files\STEALTHbits\StealthDEFEND\RestServer\, but secure.md (modified in this same PR) directs readers to the Web Service config file at C:\Program Files\STEALTHbits\StealthDEFEND\WebService\appsettings.json. A reader cross-referencing the two topics will land in different directories for the same service. Verify which path is correct and reconcile them so the guidance is consistent. (The other services match their own names, so this Web Service entry is the one to confirm.)
• Completeness — Lines 67-69 (Apply Configuration Changes): The step says to "locate the service by name" in services.msc but doesn't state what those Windows service names are. The friendly names in the table (e.g., "Azure Service") may not match the registered Windows service names. Consider noting the naming pattern (e.g., "Netwrix Threat Manager Azure Service"), as used in proxy.md Step 9.

docs/threatmanager/3.1/install/proxy.md (and docs/threatmanager/3.2/install/proxy.md)

• Completeness — Lines 126-133 (Proxy Settings table): The "Config Key" column introduces the colon notation (Proxy:Enabled, Proxy:Address) without explaining that it represents the nested JSON keys shown in the example above. A newer administrator may not recognize this configuration-path convention. Consider a one-line note that, for example, Proxy:Enabled refers to the Enabled key inside the Proxy section.

docs/threatmanager/3.1/install/secure.md (and docs/threatmanager/3.2/install/secure.md)

• No issues found. The added warning admonition is well placed and the cross-reference link resolves to the correct version path.

Summary

4 editorial suggestions across 6 files (the appsettings.md and proxy.md findings each apply to both the 3.1 and 3.2 copies). Vale and Dale issues are auto-fixed separately.

---

What to do next:

Comment @claude on this PR followed by your instructions to get help:

• @claude fix all issues — fix all editorial issues
• @claude help improve the flow of this document — get writing assistance
• @claude explain the voice issues — understand why something was flagged

You can ask Claude anything about the review or about Netwrix writing standards.

Automated fixes are only available for branches in this repository, not forks.

[github-actions]

Auto-Fix Summary

22 issues fixed, 2 skipped across 6 files

Category	Fixes
Contractions	8
Dale: passive-voice	8
Dale: positional-references	4
Dale: wordiness	2

Skipped (needs manual review)	Reason

| docs/threatmanager/3.1/install/secure.md:90 — Dale: passive-voice | 'to ensure the Cert was found and loaded properly' describes log file output state; rewriting to active risks misrepresenting what the reader observes |
| docs/threatmanager/3.2/install/secure.md:90 — Dale: passive-voice | 'to ensure the Cert was found and loaded properly' describes log file output state; rewriting to active risks misrepresenting what the reader observes |

Ask @claude on this PR if you'd like an explanation of any fix.