Skip to content

Commit 0383484

Browse files
committed
Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into how-to-invoke-ssis-package-managed-instance-agent
2 parents 996b967 + cd494f8 commit 0383484

File tree

15 files changed

+217
-104
lines changed

15 files changed

+217
-104
lines changed

.openpublishing.redirection.json

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17436,6 +17436,11 @@
1743617436
"redirect_url": "/azure/storage/files/storage-troubleshoot-windows-file-connection-problems",
1743717437
"redirect_document_id": false
1743817438
},
17439+
{
17440+
"source_path": "articles/storage/common/storage-account-container-recovery.md",
17441+
"redirect_url": "/azure/storage/common/storage-redundancy",
17442+
"redirect_document_id": false
17443+
},
1743917444
{
1744017445
"source_path": "articles/storage/common/storage-quickstart-create-storage-account-cli.md",
1744117446
"redirect_url": "/azure/storage/common/storage-quickstart-create-account?tabs=azure-cli",
97.1 KB
Loading

articles/active-directory/b2b/redemption-experience.md

Lines changed: 31 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,36 @@ There are some cases where the invitation email is recommended over a direct lin
5151
- Sometimes the invited user object may not have an email address because of a conflict with a contact object (for example, an Outlook contact object). In this case, the user must click the redemption URL in the invitation email.
5252
- The user may sign in with an alias of the email address that was invited. (An alias is an additional email address associated with an email account.) In this case, the user must click the redemption URL in the invitation email.
5353

54+
## Invitation redemption flow
55+
56+
When a user clicks the **Accept invitation** link in an [invitation email](invitation-email-elements.md), Azure AD automatically redeems the invitation based on the redemption flow as shown below:
57+
58+
![Screenshot showing the redemption flow diagram](media/redemption-experience/invitation-redemption-flow.png)
59+
60+
1. The redemption process checks if the user has an existing personal [Microsoft account (MSA)](https://support.microsoft.com/help/4026324/microsoft-account-how-to-create).
61+
62+
2. If an admin has enabled [direct federation](direct-federation.md), Azure AD checks if the user’s domain suffix matches the domain of a configured SAML/WS-Fed identity provider and redirects the user to the pre-configured identity provider.
63+
64+
3. If an admin has enabled [Google federation](google-federation.md), Azure AD checks if the user’s domain suffix is gmail.com or googlemail.com and redirects the user to Google.
65+
66+
4. Azure AD performs user-based discovery to determine if the user exists in an [existing Azure AD tenant](what-is-b2b.md#easily-add-guest-users-in-the-azure-ad-portal).
67+
68+
5. Once the user’s **home directory** is identified, the user is sent to the corresponding identity provider to sign in.
69+
70+
6. If steps 1 to 4 fail to find a home directory for the invited user, Azure AD determines whether the inviting tenant has enabled the [Email one-time passcode (OTP)](one-time-passcode.md) feature for guests.
71+
72+
7. If [Email one-time passcode for guests is enabled](one-time-passcode.md#when-does-a-guest-user-get-a-one-time-passcode), a passcode is sent to the user through the invited email. The user will retrieve and enter this passcode in the Azure AD sign-in page.
73+
74+
8. If Email one-time passcode for guests is disabled, Azure AD checks the domain suffix against a consumer domain list maintained by Microsoft. If the domain matches any domain on the consumer domain list, the user is prompted to create a personal Microsoft account. If not, the user is prompted to create an [Azure AD self-service account](../users-groups-roles/directory-self-service-signup.md) (viral account).
75+
76+
9. Azure AD attempts to create an Azure AD self-service account (viral account) by verifying access to the email. Verifying the account is done by sending a code to the email, and having the user retrieve and submit it to Azure AD. However, if the invited user’s tenant is federated or if the AllowEmailVerifiedUsers field is set to false in the invited user’s tenant, the user is unable to complete the redemption and the flow results in an error. For more information, refer to [Troubleshooting Azure Active Directory B2B collaboration](troubleshoot.md#the-user-that-i-invited-is-receiving-an-error-during-redemption).
77+
78+
10. The user is prompted to create a personal Microsoft account (MSA).
79+
80+
11. After authenticating to the right identity provider, the user is redirected to Azure AD to complete the [consent experience](redemption-experience.md#consent-experience-for-the-guest).
81+
82+
For just-in-time (JIT) redemptions, where redemption is through a tenanted application link, steps 8 through 10 are not available. If a user reaches step 6 and the Email one-time passcode feature is not enabled, the user receives an error message and is unable to redeem the invitation. To prevent this, admins should either [enable Email one-time passcode](one-time-passcode.md#when-does-a-guest-user-get-a-one-time-passcode) or ensure the user clicks an invitation link.
83+
5484
## Consent experience for the guest
5585

5686
When a guest signs in to access resources in a partner organization for the first time, they're guided through the following pages.
@@ -66,8 +96,7 @@ When a guest signs in to access resources in a partner organization for the firs
6696

6797
![Screenshot showing new terms of use](media/redemption-experience/terms-of-use-accept.png)
6898

69-
> [!NOTE]
70-
> You can configure see [terms of use](../governance/active-directory-tou.md) in **Manage** > **Organizational relationships** > **Terms of use**.
99+
You can configure see [terms of use](../governance/active-directory-tou.md) in **Manage** > **Organizational relationships** > **Terms of use**.
71100

72101
3. Unless otherwise specified, the guest is redirected to the Apps access panel, which lists the applications the guest can access.
73102

articles/active-directory/saas-apps/aws-multi-accounts-tutorial.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ ms.subservice: saas-app-tutorial
1313
ms.workload: identity
1414
ms.tgt_pltfrm: na
1515
ms.topic: article
16-
ms.date: 04/03/2020
16+
ms.date: 04/16/2020
1717
ms.author: jeedes
1818

1919
ms.collection: M365-identity-device-management
@@ -33,7 +33,7 @@ If you want to know more details about SaaS app integration with Azure AD, see [
3333
![Amazon Web Services (AWS) in the results list](./media/aws-multi-accounts-tutorial/amazonwebservice.png)
3434

3535
> [!NOTE]
36-
> Please note connecting one AWS app to all your AWS accounts is not our recommended approach. Instead we recommend you to use [this](https://docs.microsoft.com/azure/active-directory/saas-apps/amazon-web-service-tutorial) approach to configure multiple instances of AWS account to Multiple instances of AWS apps in Azure AD. You should only use [this](https://docs.microsoft.com/azure/active-directory/saas-apps/amazon-web-service-tutorial) approach if you have very less number of AWS Accounts and Roles in it. [this](https://docs.microsoft.com/azure/active-directory/saas-apps/amazon-web-service-tutorial) model is not scalable as the AWS accounts and roles inside these accounts grows. Also [this](https://docs.microsoft.com/azure/active-directory/saas-apps/amazon-web-service-tutorial) approach does not use AWS Role import functionality using Azure AD User Provisioning and so you have to manually add/update/delete the roles. For other limitations on [this](https://docs.microsoft.com/azure/active-directory/saas-apps/amazon-web-service-tutorial) approach please see the details below.
36+
> Please note connecting one AWS app to all your AWS accounts is not our recommended approach. Instead we recommend you to use [this](https://docs.microsoft.com/azure/active-directory/saas-apps/amazon-web-service-tutorial) approach to configure multiple instances of AWS account to Multiple instances of AWS apps in Azure AD. You should only use this approach if you have very less number of AWS Accounts and Roles in it, this model is not scalable as the AWS accounts and roles inside these accounts grows. Also this approach does not use AWS Role import functionality using Azure AD User Provisioning and so you have to manually add/update/delete the roles. For other limitations on this approach please see the details below.
3737
3838
**Please note that we do not recommend to use this approach for following reasons:**
3939

articles/azure-monitor/insights/container-insights-prometheus-integration.md

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
title: Configure Azure Monitor for containers Prometheus Integration | Microsoft Docs
33
description: This article describes how you can configure the Azure Monitor for containers agent to scrape metrics from Prometheus with your Kubernetes cluster.
44
ms.topic: conceptual
5-
ms.date: 01/13/2020
5+
ms.date: 04/16/2020
66
---
77

88
# Configure scraping of Prometheus metrics with Azure Monitor for containers
@@ -18,7 +18,6 @@ ms.date: 01/13/2020
1818
Scraping of Prometheus metrics is supported with Kubernetes clusters hosted on:
1919

2020
- Azure Kubernetes Service (AKS)
21-
- Azure Container Instances
2221
- Azure Stack or on-premises
2322
- Azure Red Hat OpenShift
2423

articles/hdinsight/hdinsight-apps-use-edge-node.md

Lines changed: 36 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -1,51 +1,53 @@
11
---
22
title: Use empty edge nodes on Apache Hadoop clusters in Azure HDInsight
3-
description: How to add an empty edge node to an HDInsight cluster that can be used as a client, and then test/host your HDInsight applications.
3+
description: How to add an empty edge node to an HDInsight cluster. Used as a client, and then test, or host your HDInsight applications.
44
author: hrasheed-msft
55
ms.author: hrasheed
66
ms.reviewer: jasonh
77
ms.service: hdinsight
88
ms.topic: conceptual
99
ms.custom: hdinsightactive,hdiseo17may2017
10-
ms.date: 01/27/2020
10+
ms.date: 04/16/2020
1111
---
1212

1313
# Use empty edge nodes on Apache Hadoop clusters in HDInsight
1414

15-
Learn how to add an empty edge node to an HDInsight cluster. An empty edge node is a Linux virtual machine with the same client tools installed and configured as in the headnodes, but with no [Apache Hadoop](https://hadoop.apache.org/) services running. You can use the edge node for accessing the cluster, testing your client applications, and hosting your client applications.
15+
Learn how to add an empty edge node to an HDInsight cluster. An empty edge node is a Linux virtual machine with the same client tools installed and configured as in the headnodes. But with no [Apache Hadoop](./hadoop/apache-hadoop-introduction.md) services running. You can use the edge node for accessing the cluster, testing your client applications, and hosting your client applications.
1616

1717
You can add an empty edge node to an existing HDInsight cluster, to a new cluster when you create the cluster. Adding an empty edge node is done using Azure Resource Manager template. The following sample demonstrates how it's done using a template:
1818

19-
"resources": [
20-
{
21-
"name": "[concat(parameters('clusterName'),'/', variables('applicationName'))]",
22-
"type": "Microsoft.HDInsight/clusters/applications",
23-
"apiVersion": "2015-03-01-preview",
24-
"dependsOn": [ "[concat('Microsoft.HDInsight/clusters/',parameters('clusterName'))]" ],
25-
"properties": {
26-
"marketPlaceIdentifier": "EmptyNode",
27-
"computeProfile": {
28-
"roles": [{
29-
"name": "edgenode",
30-
"targetInstanceCount": 1,
31-
"hardwareProfile": {
32-
"vmSize": "{}"
33-
}
34-
}]
35-
},
36-
"installScriptActions": [{
37-
"name": "[concat('emptynode','-' ,uniquestring(variables('applicationName')))]",
38-
"uri": "[parameters('installScriptAction')]",
39-
"roles": ["edgenode"]
40-
}],
41-
"uninstallScriptActions": [],
42-
"httpsEndpoints": [],
43-
"applicationType": "CustomApplication"
44-
}
19+
```json
20+
"resources": [
21+
{
22+
"name": "[concat(parameters('clusterName'),'/', variables('applicationName'))]",
23+
"type": "Microsoft.HDInsight/clusters/applications",
24+
"apiVersion": "2015-03-01-preview",
25+
"dependsOn": [ "[concat('Microsoft.HDInsight/clusters/',parameters('clusterName'))]" ],
26+
"properties": {
27+
"marketPlaceIdentifier": "EmptyNode",
28+
"computeProfile": {
29+
"roles": [{
30+
"name": "edgenode",
31+
"targetInstanceCount": 1,
32+
"hardwareProfile": {
33+
"vmSize": "{}"
34+
}
35+
}]
36+
},
37+
"installScriptActions": [{
38+
"name": "[concat('emptynode','-' ,uniquestring(variables('applicationName')))]",
39+
"uri": "[parameters('installScriptAction')]",
40+
"roles": ["edgenode"]
41+
}],
42+
"uninstallScriptActions": [],
43+
"httpsEndpoints": [],
44+
"applicationType": "CustomApplication"
4545
}
46-
],
46+
}
47+
],
48+
```
4749

48-
As shown in the sample, you can optionally call a [script action](hdinsight-hadoop-customize-cluster-linux.md) to perform additional configuration, such as installing [Apache Hue](hdinsight-hadoop-hue-linux.md) in the edge node. The script action script must be publicly accessible on the web. For example, if the script is stored in Azure Storage, use either public containers or public blobs.
50+
As shown in the sample, you can optionally call a [script action](hdinsight-hadoop-customize-cluster-linux.md) to do additional configuration. Such as installing [Apache Hue](hdinsight-hadoop-hue-linux.md) in the edge node. The script action script must be publicly accessible on the web. For example, if the script is stored in Azure Storage, use either public containers or public blobs.
4951

5052
The edge node virtual machine size must meet the HDInsight cluster worker node vm size requirements. For the recommended worker node vm sizes, see [Create Apache Hadoop clusters in HDInsight](hdinsight-hadoop-provision-linux-clusters.md#cluster-type).
5153

@@ -64,7 +66,7 @@ After you've created an edge node, you can connect to the edge node using SSH, a
6466
6567
## Add an edge node to an existing cluster
6668

67-
In this section, you use a Resource Manager template to add an edge node to an existing HDInsight cluster. The Resource Manager template can be found in [GitHub](https://azure.microsoft.com/resources/templates/101-hdinsight-linux-add-edge-node/). The Resource Manager template calls a script action located at https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-hdinsight-linux-add-edge-node/scripts/EmptyNodeSetup.sh. The script doesn't perform any actions. It's to demonstrate calling script action from a Resource Manager template.
69+
In this section, you use a Resource Manager template to add an edge node to an existing HDInsight cluster. The Resource Manager template can be found in [GitHub](https://azure.microsoft.com/resources/templates/101-hdinsight-linux-add-edge-node/). The Resource Manager template calls a script action located at https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-hdinsight-linux-add-edge-node/scripts/EmptyNodeSetup.sh. The script doesn't do any actions. It's to demonstrate calling script action from a Resource Manager template.
6870

6971
1. Select the following image to sign in to Azure and open the Azure Resource Manager template in the Azure portal.
7072

@@ -86,7 +88,7 @@ In this section, you use a Resource Manager template to add an edge node to an e
8688
8789
## Add an edge node when creating a cluster
8890

89-
In this section, you use a Resource Manager template to create HDInsight cluster with an edge node. The Resource Manager template can be found in the [Azure quickstart templates gallery](https://azure.microsoft.com/documentation/templates/101-hdinsight-linux-with-edge-node/). The Resource Manager template calls a script action located at https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-hdinsight-linux-with-edge-node/scripts/EmptyNodeSetup.sh. The script doesn't perform any actions. It's to demonstrate calling script action from a Resource Manager template.
91+
In this section, you use a Resource Manager template to create HDInsight cluster with an edge node. The Resource Manager template can be found in the [Azure quickstart templates gallery](https://azure.microsoft.com/documentation/templates/101-hdinsight-linux-with-edge-node/). The Resource Manager template calls a script action located at https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-hdinsight-linux-with-edge-node/scripts/EmptyNodeSetup.sh. The script doesn't do any actions. It's to demonstrate calling script action from a Resource Manager template.
9092

9193
1. Create an HDInsight cluster if you don't have one yet. See [Get started using Hadoop in HDInsight](hadoop/apache-hadoop-linux-tutorial-get-started.md).
9294

@@ -114,7 +116,7 @@ In this section, you use a Resource Manager template to create HDInsight cluster
114116

115117
## Add multiple edge nodes
116118

117-
You can add multiple edge nodes to an HDInsight cluster. The multiple edge nodes configuration can only be done using Azure Resource Manager Templates. See the template sample at the beginning of this article. You need to update the **targetInstanceCount** to reflect the number of edge nodes you would like to create.
119+
You can add multiple edge nodes to an HDInsight cluster. The multiple edge nodes configuration can only be done using Azure Resource Manager Templates. See the template sample at the beginning of this article. Update the **targetInstanceCount** to reflect the number of edge nodes you would like to create.
118120

119121
## Access an edge node
120122

articles/lab-services/classroom-labs/TOC.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -50,6 +50,8 @@
5050
href: class-type-jupyter-notebook.md
5151
- name: Mobile app development with Android Studio
5252
href: class-type-mobile-dev-android-studio.md
53+
- name: Big data analytics
54+
href: class-type-big-data-analytics.md
5355
- name: Create and configure lab accounts (lab account owner)
5456
items:
5557
- name: Create and manage lab accounts

0 commit comments

Comments
 (0)