Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into migration-overview

Author: fauhse

articles/active-directory/devices/assign-local-admin.md

@@ -46,7 +46,7 @@ To view and update the membership of the global administrator role, see:
 
 In the Azure portal, you can manage the device administrator role on the **Devices** page. To open the **Devices** page:
 
-1. Sign in to your [Azure portal](https://portal.azure.com) as a global administrator or device administrator.
+1. Sign in to your [Azure portal](https://portal.azure.com) as a global administrator.
 1. Search for and select *Azure Active Directory*.
 1. In the **Manage** section, click **Devices**.
 1. On the **Devices** page, click **Device settings**.

articles/active-directory/devices/troubleshoot-device-dsregcmd.md

@@ -131,7 +131,7 @@ This section lists the status of various attributes for the user currently logge
 - **CanReset:** - Denotes if the Windows Hello key can be reset by the user. 
 - **Possible values:** - DestructiveOnly, NonDestructiveOnly, DestructiveAndNonDestructive, or Unknown if error. 
 - **WorkplaceJoined:** - Set to “YES” if Azure AD registered accounts have been added to the device in the current NTUSER context.
-- **WamDefaultSet:** - Set to “YES” if a WAM default WebAccount is created for the logged in user. This field could display an error if dsreg /status is run in admin context. 
+- **WamDefaultSet:** - Set to “YES” if a WAM default WebAccount is created for the logged in user. This field could display an error if dsreg /status is run from an elevated command prompt. 
 - **WamDefaultAuthority:** - Set to “organizations” for Azure AD.
 - **WamDefaultId:** - Always “https://login.microsoft.com” for Azure AD.
 - **WamDefaultGUID:** - The WAM provider’s (Azure AD/Microsoft account) GUID for the default WAM WebAccount. 

articles/active-directory/fundamentals/whats-new.md

@@ -45,7 +45,7 @@ This page is updated monthly, so revisit it regularly. If you're looking for ite
 
 We're planning to replace the current custom controls preview with an approach that allows partner-provided authentication capabilities to work seamlessly with the Azure Active Directory administrator and end user experiences. Today, partner MFA solutions face the following limitations: they work only after a password has been entered; they don't serve as MFA for step-up authentication in other key scenarios; and they don't integrate with end user or administrative credential management functions. The new implementation will allow partner-provided authentication factors to work alongside built-in factors for key scenarios, including registration, usage, MFA claims, step up authentication, reporting, and logging. 
 
-Custom controls will continue to be supported in preview alongside the new design until it reaches general availability. At that point, we'll give customers time to migrate to the new design. Because of the limitations of the current approach, we won't onboard new providers until the new design is available. We are working closely with customers and providers and will communicate the timeline as we get closer. [Learn more](https://docs.microsoft.com/azure/active-directory/conditional-access/controls).
+Custom controls will continue to be supported in preview alongside the new design until it reaches general availability. At that point, we'll give customers time to migrate to the new design. Because of the limitations of the current approach, we won't onboard new providers until the new design is available. We are working closely with customers and providers and will communicate the timeline as we get closer. [Learn more](https://techcommunity.microsoft.com/t5/azure-active-directory-identity/upcoming-changes-to-custom-controls/ba-p/1144696#).
 
 ### Identity Secure Score - MFA improvement action updates
 

articles/automation/source-control-integration.md

@@ -10,7 +10,7 @@ ms.topic: conceptual
 
  Source control integration in Azure Automation supports single-direction synchronization from your source control repository. Source control allows you to keep your runbooks in your Automation account up to date with scripts in your GitHub or Azure Repos source control repository. This feature makes it easy to promote code that has been tested in your development environment to your production Automation account.
 
- Using source control integration, you can easily collaborate with your team, track changes, and roll back to earlier versions of your runbooks. For example, source control allows you to synchronize different branches in source control with your development, test, and production Automation accounts. 
+ Source control integration lets you easily collaborate with your team, track changes, and roll back to earlier versions of your runbooks. For example, source control allows you to synchronize different branches in source control with your development, test, and production Automation accounts. 
 
 >[!NOTE]
 >This article has been updated to use the new Azure PowerShell Az module. You can still use the AzureRM module, which will continue to receive bug fixes until at least December 2020. To learn more about the new Az module and AzureRM compatibility, see [Introducing the new Azure PowerShell Az module](https://docs.microsoft.com/powershell/azure/new-azureps-module-az?view=azps-3.5.0). For Az module installation instructions on your Hybrid Runbook Worker, see [Install the Azure PowerShell Module](https://docs.microsoft.com/powershell/azure/install-az-ps?view=azps-3.5.0). For your Automation account, you can update your modules to the latest version using [How to update Azure PowerShell modules in Azure Automation](automation-update-azure-modules.md).
@@ -36,11 +36,11 @@ Azure Automation supports three types of source control:
 
 This section tells how to configure source control for your Automation account. You can use either the Azure portal or PowerShell.
 
-### Configure source control -- Azure portal
+### Configure source control in Azure portal
 
 Use this procedure to configure source control using the Azure portal.
 
-1. Within your Automation account, select **Source Control** and click **+ Add**.
+1. In your Automation account, select **Source Control** and click **Add**.
 
     ![Select source control](./media/source-control-integration/select-source-control.png)
 
@@ -66,14 +66,14 @@ Use this procedure to configure source control using the Azure portal.
    ![Source control summary](./media/source-control-integration/source-control-summary.png)
 
 > [!NOTE]
-> The login for your source control repository might be different from your login for the Azure portal. Ensure that you are logged in with the correct account for your source control repository when configuring source control. If there is a doubt, open a new tab in your browser, log out from **visualstudio.com** or **github.com**, and try connecting to source control again.
+> The login for your source control repository might be different from your login for the Azure portal. Ensure that you are logged in with the correct account for your source control repository when configuring source control. If there is a doubt, open a new tab in your browser, log out from **dev.azure.com**, **visualstudio.com**, or **github.com**, and try reconnecting to source control.
 
-### Configure source control -- PowerShell
+### Configure source control in PowerShell
 
 You can also use PowerShell to configure source control in Azure Automation. To use the PowerShell cmdlets for this operation, you need a personal access token (PAT). Use the [New-AzAutomationSourceControl](https://docs.microsoft.com/powershell/module/az.automation/new-azautomationsourcecontrol?view=azps-3.5.0
 ) cmdlet to create the source control connection. This cmdlet requires a secure string for the PAT. To learn how to create a secure string, see [ConvertTo-SecureString](/powershell/module/microsoft.powershell.security/convertto-securestring?view=powershell-6).
 
-The following subsections illustrate PowerShell creation of the source control connection for GitHub, Azure Repos (Git), and Azure Repos (TFVC).
+The following subsections illustrate PowerShell creation of the source control connection for GitHub, Azure Repos (Git), and Azure Repos (TFVC). 
 
 #### Create source control connection for GitHub
 
@@ -83,14 +83,21 @@ New-AzAutomationSourceControl -Name SCGitHub -RepoUrl https://github.com/<accoun
 
 #### Create source control connection for Azure Repos (Git)
 
+> [!NOTE]
+> Azure Repos (Git) uses a URL that accesses **dev.azure.com** instead of **visualstudio.com**, used in earlier formats. The older URL format `https://<accountname>.visualstudio.com/<projectname>/_git/<repositoryname>` is deprecated but still supported. The new format is preferred.
+
+
 ```powershell-interactive
-New-AzAutomationSourceControl -Name SCReposGit -RepoUrl https://<accountname>.visualstudio.com/<projectname>/_git/<repositoryname> -SourceType VsoGit -AccessToken <secureStringofPAT> -Branch master -ResourceGroupName <ResourceGroupName> -AutomationAccountName <AutomationAccountName> -FolderPath "/Runbooks"
+New-AzAutomationSourceControl -Name SCReposGit -RepoUrl https://dev.azure.com/<accountname>/<adoprojectname>/_git/<repositoryname> -SourceType VsoGit -AccessToken <secureStringofPAT> -Branch master -ResourceGroupName <ResourceGroupName> -AutomationAccountName <AutomationAccountName> -FolderPath "/Runbooks"
 ```
 
 #### Create source control connection for Azure Repos (TFVC)
 
+> [!NOTE]
+> Azure Repos (TFVC) uses a URL that accesses **dev.azure.com** instead of **visualstudio.com**, used in earlier formats. The older URL format `https://<accountname>.visualstudio.com/<projectname>/_versionControl` is deprecated but still supported. The new format is preferred.
+
 ```powershell-interactive
-New-AzAutomationSourceControl -Name SCReposTFVC -RepoUrl https://<accountname>.visualstudio.com/<projectname>/_versionControl -SourceType VsoTfvc -AccessToken <secureStringofPAT> -ResourceGroupName <ResourceGroupName> -AutomationAccountName <AutomationAccountName> -FolderPath "/Runbooks"
+New-AzAutomationSourceControl -Name SCReposTFVC -RepoUrl https://dev.azure.com/<accountname>/<adoprojectname>/_git/<repositoryname> -SourceType VsoTfvc -AccessToken <secureStringofPAT> -ResourceGroupName <ResourceGroupName> -AutomationAccountName <AutomationAccountName> -FolderPath "/Runbooks"
 ```
 
 #### Personal access token (PAT) permissions
@@ -117,14 +124,14 @@ The following list defines the minimum PAT permissions required for Azure Repos.
 
 | Scope  |  Access Type  |
 |---------| ----------|
-| Code      | Read  |
-| Project and team | Read |
-| Identity | Read     |
-| User profile | Read     |
-| Work items | Read    |
-| Service connections | Read, query, manage<sup>1</sup>    |
+| `Code`      | Read  |
+| `Project and team` | Read |
+| `Identity` | Read     |
+| `User profile` | Read     |
+| `Work items` | Read    |
+| `Service connections` | Read, query, manage<sup>1</sup>    |
 
-<sup>1</sup> The Service connections permission is only required if you have enabled autosync.
+<sup>1</sup> The `Service connections` permission is only required if you have enabled autosync.
 
 ## Synchronizing
 
@@ -143,7 +150,7 @@ Follow these steps to synchronize with source control.
 5. Clicking on a job allows you to view the job output. The following example is the output from a source control sync job.
 
     ```output
-    ============================================================================
+    ===================================================================
 
     Azure Automation Source Control.
     Supported runbooks to sync: PowerShell Workflow, PowerShell Scripts, DSC Configurations, Graphical, and Python 2.
@@ -168,7 +175,7 @@ Follow these steps to synchronize with source control.
      - ExampleRunbook1.ps1
      - ExampleRunbook2.ps1
 
-     =========================================================================
+    ==================================================================
 
     ```
 
@@ -190,7 +197,7 @@ If multiple people are editing runbooks in your source control repository using
 
 ## Updating the PAT
 
-Currently, there is no way to use the Azure portal to update the PAT in source control. After your PAT has expired or been revoked, you can update source control with a new access token in one of these ways:
+Currently, you can't use the Azure portal to update the PAT in source control. When your PAT is expired or revoked, you can update source control with a new access token in one of these ways:
 
 * Use the [REST API](https://docs.microsoft.com/rest/api/automation/sourcecontrol/update).
 * Use the [Update-AzAutomationSourceControl](/powershell/module/az.automation/update-azautomationsourcecontrol) cmdlet.

articles/azure-databricks/quickstart-create-databricks-workspace-portal.md

@@ -8,7 +8,7 @@ ms.author: mamccrea
 ms.reviewer: jasonh
 ms.workload: big-data
 ms.topic: quickstart
-ms.date: 05/08/2019
+ms.date: 03/23/2020
 ms.custom: mvc
 ---
 
@@ -54,6 +54,8 @@ In this section, you create an Azure Databricks workspace using the Azure portal
 
     ![Databricks deployment tile](./media/quickstart-create-databricks-workspace-portal/databricks-deployment-tile.png "Databricks deployment tile")
 
+    When a workspace deployment fails, the workspace is still created in a failed state. Delete the failed workspace and create a new workspace that resolves the deployment errors. When you delete the failed workspace, the managed resource group and any successfully deployed resources are also deleted.
+
 ## Create a Spark cluster in Databricks
 
 > [!NOTE]

articles/azure-databricks/quickstart-create-databricks-workspace-resource-manager-template.md

@@ -9,7 +9,7 @@ ms.reviewer: jasonh
 ms.workload: big-data
 ms.topic: quickstart
 ms.custom: mvc
-ms.date: 07/12/2019
+ms.date: 03/23/2020
 ---
 
 # Quickstart: Run a Spark job on Azure Databricks using the Azure Resource Manager template
@@ -56,6 +56,8 @@ In this section, you create an Azure Databricks workspace using the Azure Resour
 
    ![Databricks deployment tile](./media/quickstart-create-databricks-workspace-resource-manager-template/databricks-deployment-tile.png "Databricks deployment tile")
 
+   When a workspace deployment fails, the workspace is still created in a failed state. Delete the failed workspace and create a new workspace that resolves the deployment errors. When you delete the failed workspace, the managed resource group and any successfully deployed resources are also deleted.
+
 ## Create a Spark cluster in Databricks
 
 1. In the Azure portal, go to the Databricks workspace that you created, and then click **Launch Workspace**.

articles/azure-databricks/quickstart-create-databricks-workspace-vnet-injection.md

@@ -7,7 +7,7 @@ ms.author: mamccrea
 ms.reviewer: jasonh
 ms.service: azure-databricks
 ms.topic: conceptual
-ms.date: 12/04/2019
+ms.date: 03/23/2020
 ---
 
 # Quickstart: Create an Azure Databricks workspace in your own Virtual Network
@@ -96,6 +96,8 @@ Sign in to the [Azure portal](https://portal.azure.com/).
 
     ![Azure Databricks managed resource group](./media/quickstart-create-databricks-workspace-vnet-injection/managed-resource-group.png)
 
+    When a workspace deployment fails, the workspace is still created in a failed state. Delete the failed workspace and create a new workspace that resolves the deployment errors. When you delete the failed workspace, the managed resource group and any successfully deployed resources are also deleted.
+
 ## Create a cluster
 
 > [!NOTE]

articles/azure-functions/durable/durable-functions-http-features.md

@@ -253,7 +253,7 @@ If any of these limitations might affect your use case, consider instead using a
 
 Customizing the behavior of the orchestration's internal HTTP client is possible using [Azure Functions .NET dependency injection](https://docs.microsoft.com/azure/azure-functions/functions-dotnet-dependency-injection). This ability can be useful for making small behavioral changes. It can also be useful for unit testing the HTTP client by injecting mock objects.
 
-The following example demonstrates using dependency injection to disable SSL certificate validation for orchestrator functions that call external HTTP endpoints.
+The following example demonstrates using dependency injection to disable TLS/SSL certificate validation for orchestrator functions that call external HTTP endpoints.
 
 ```csharp
 public class Startup : FunctionsStartup
@@ -271,7 +271,7 @@ public class MyDurableHttpMessageHandlerFactory : IDurableHttpMessageHandlerFact
 {
     public HttpMessageHandler CreateHttpMessageHandler()
     {
-        // Disable SSL certificate validation (not recommended in production!)
+        // Disable TLS/SSL certificate validation (not recommended in production!)
         return new HttpClientHandler
         {
             ServerCertificateCustomValidationCallback =

articles/azure-portal/azure-portal-dashboard-share-access.md

@@ -13,7 +13,7 @@ ms.devlang: NA
 ms.topic: conceptual
 ms.tgt_pltfrm: NA
 ms.workload: na
-ms.date: 01/29/2020
+ms.date: 03/23/2020
 ms.author: mblythe
 
 ---
@@ -36,7 +36,7 @@ With Role-Based Access Control (RBAC), you can assign users to roles at three di
 * resource group
 * resource
 
-The permissions you assign inherit from subscription down to the resource. The published dashboard is a resource. You may already have users assigned to roles for the subscription that apply for the published dashboard.
+The permissions you assign inherit from the subscription down to the resource. The published dashboard is a resource. You may already have users assigned to roles for the subscription that apply for the published dashboard.
 
 Let's say you have an Azure subscription and various members of your team have been assigned the roles of *owner*, *contributor*, or *reader* for the subscription. Users who are owners or contributors can list, view, create, modify, or delete dashboards within the subscription. Users who are readers can list and view dashboards, but can't modify or delete them. Users with reader access can make local edits to a published dashboard, such as when troubleshooting an issue, but they can't publish those changes back to the server. They can make a private copy of the dashboard for themselves.
 
@@ -56,35 +56,31 @@ Before assigning access, you must publish the dashboard.
 
     ![publish your dashboard](./media/azure-portal-dashboard-share-access/publish-dashboard-for-access-control.png)
 
-     By default, sharing publishes your dashboard to a resource group named **dashboards**.
+     By default, sharing publishes your dashboard to a resource group named **dashboards**. To select a different resource group, clear the checkbox.
 
 Your dashboard is now published. If the permissions inherited from the subscription are suitable, you don't need to do anything more. Other users in your organization can access and modify the dashboard based on their subscription level role.
 
 ## Assign access to a dashboard
 
 You can assign a group of users to a role for that dashboard.
 
-1. After publishing the dashboard, in **Sharing + access control**, select **Manage users**.
+1. After publishing the dashboard, select the **Share** or **Unshare** option to access **Sharing + access control**.
 
-    ![manage users for a dashboard](./media/azure-portal-dashboard-share-access/manage-users-for-access-control.png)
+1. In **Sharing + access control**, select **Manage users**.
 
-    To access **Sharing + access control** from a dashboard, select the **Share** or **Unshare** option.
+    ![manage users for a dashboard](./media/azure-portal-dashboard-share-access/manage-users-for-access-control.png)
 
 1. Select **Role assignments** to see existing users that are already assigned a role for this dashboard.
 
-1. To add a new user or group, select **Add**.
+1. To add a new user or group, select **Add** then **Add role assignment**.
 
     ![add a user for access to the dashboard](./media/azure-portal-dashboard-share-access/manage-users-existing-users.png)
 
 1. Select the role that represents the permissions to grant. For this example, select **Contributor**.
 
 1. Select the user or group to assign to the role. If you don't see the user or group you're looking for in the list, use the search box. Your list of available groups depends on the groups you've created in Active Directory.
 
-1. When you have finished adding users or groups, select **OK**.
-
-    The new assignment is added to the list of users. Its **Access** is listed as **Assigned** rather than **Inherited**.
-
-    ![assigned roles](./media/azure-portal-dashboard-share-access/assigned-roles.png)
+1. When you've finished adding users or groups, select **Save**.
 
 ## Next steps