Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into nw-agent

Author: halkazwini

.openpublishing.publish.config.json

@@ -986,6 +986,12 @@
       "branch": "main",
       "branch_mapping": {}
     },
+    {
+      "path_to_root": "msdocs-app-service-sqldb-dotnetcore",
+      "url": "https://github.com/Azure-Samples/msdocs-app-service-sqldb-dotnetcore",
+      "branch": "main",
+      "branch_mapping": {}
+    },
     {
       "path_to_root": "azuresignalr-samples",
       "url": "https://github.com/aspnet/AzureSignalR-samples",

.openpublishing.redirection.azure-monitor.json

@@ -5509,6 +5509,11 @@
             "redirect_url": "/azure/azure-monitor/logs/resource-manager-workspace",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/azure-monitor/logs/resource-manager-cluster.md",
+            "redirect_url": "/azure/azure-monitor/logs/logs-dedicated-clusters",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/azure-monitor/visualize/powerbi.md",
             "redirect_url": "/azure/azure-monitor/logs/log-powerbi",

.openpublishing.redirection.education.json

@@ -0,0 +1,9 @@
+{
+    "redirections": [
+        {
+            "source_path_from_root": "/articles/education-hub/custom-tenant-set-up-classroom.md",
+            "redirect_url": "/articles/education-hub/about-education-hub.md",
+            "redirect_document_id": false
+        }
+    ]
+    }

.openpublishing.redirection.json

@@ -1624,6 +1624,16 @@
             "source_path_from_root": "/articles/sentinel/data-connectors/fortinet.md",
             "redirect_url": "/azure/sentinel/data-connectors/deprecated-fortinet-via-legacy-agent",
             "redirect_document_id": true
+        },
+        {
+            "source_path_from_root": "/articles/sentinel/data-connectors/cisco-stealthwatch.md",
+            "redirect_url": "/azure/sentinel/data-connectors-reference",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/sentinel/data-connectors/hyas-protect.md",
+            "redirect_url": "/azure/sentinel/data-connectors-reference",
+            "redirect_document_id": false
         }
     ]
 }

.openpublishing.redirection.sentinel.json

@@ -434,6 +434,11 @@
             "source_path_from_root": "/articles/virtual-desktop/configure-rdp-shortpath-limit-ports-public-networks.md",
             "redirect_url": "/azure/virtual-desktop/configure-rdp-shortpath",
             "redirect_document_id": true
+        },
+        {
+            "source_path_from_root": "/articles/virtual-desktop/disaster-recovery.md",
+            "redirect_url": "/azure/virtual-desktop/disaster-recovery-concepts",
+            "redirect_document_id": true
         }
     ]
 }

.openpublishing.redirection.virtual-desktop.json

@@ -274,6 +274,12 @@ sections:
 
           * API connectors
           * Conditional Access
+
+      - question: |
+          I am using rolling refresh tokens for my application and I am getting an invalid_grant error on redeeming newly acquired refresh tokens well within their set validity period. Why does this happen? 
+        answer: |
+          While determining validity for rolling refresh tokens, B2C will consider the initial login time of the user in the application also to calculate the token validity skew. If the user haven't logged out of the application for a very long time, this skew value will exceed the validity period of the token and hence for security reasons the tokens will be considered as invalid. Hence the error. Inform the user to perform a proper logout and login back into the application and this should reset the skew. This scenario is not applicable if refresh token rolling is set as infinite rolling.
+             
           
       - question: |
           I've revoked the refresh token using Microsoft Graph invalidateAllRefreshTokens, or Microsoft Graph PowerShell,  Revoke-MgUserSignInSession. Why is Azure AD B2C still accepting the old refresh token?
@@ -286,6 +292,9 @@ sections:
           1. Wait for 10 minutes.
           
           1. Retrieve the `RefreshToken` again.
+
+          > [!TIP]
+          > With Azure AD B2C [custom policy](custom-policy-overview.md), you can reduce the above mentioned skew time of 5 minutes (300000 milliseconds)  by adjusting the value for InputParameter "TreatAsEqualIfWithinMillseconds" under claim transformation Id "AssertRefreshTokenIssuedLaterThanValidFromDate". This claim transformation can be found in the TrustFrameworkBase.xml file under latest custom policy [stater-pack](https://learn.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy#get-the-starter-pack). 
           
       - question: |
          I use multiple tabs in a web browser to sign in to multiple applications that I registered in the same Azure AD B2C tenant. When I try to perform a single sign-out, not all of the applications are signed out. Why does this happen? 

articles/active-directory-b2c/faq.yml

@@ -23,7 +23,7 @@ zone_pivot_groups: b2c-policy-type
 
 [!INCLUDE [active-directory-b2c-choose-user-flow-or-custom-policy](../../includes/active-directory-b2c-choose-user-flow-or-custom-policy.md)]
 
-With Azure Active Directory B2C (Azure AD B2C) [HTML templates](customize-ui-with-html.md), you can craft your users' identity experiences. Your HTML templates can contain only certain HTML tags and attributes. Basic HTML tags, such as &lt;b&gt;, &lt;i&gt;, &lt;u&gt;, &lt;h1&gt;, and &lt;hr&gt; are allowed. More advanced tags such as &lt;script&gt;, and &lt;iframe&gt; are removed for security reasons but the `<script>` tag should be added in the `<head>` tag.
+With Azure Active Directory B2C (Azure AD B2C) [HTML templates](customize-ui-with-html.md), you can craft your users' identity experiences. Your HTML templates can contain only certain HTML tags and attributes. Basic HTML tags, such as &lt;b&gt;, &lt;i&gt;, &lt;u&gt;, &lt;h1&gt;, and &lt;hr&gt; are allowed. More advanced tags such as &lt;script&gt;, and &lt;iframe&gt; are removed for security reasons but the `<script>` tag should be added in the `<head>` tag. From selfasserted page layout version 2.1.21 / unifiedssp version 2.1.10 / multifactor version 1.2.10 onwards B2C doesn't support adding scripts in `<body>` tag (as this can pose a risk for cross site scripting attack). Migrating existing scripts from `<body>` to `<head>` may at-times require rewriting existing scripts with mutation observers for proper working.
 
 The `<script>` tag should be added in the `<head>` tag in two ways:  
 

articles/active-directory-b2c/javascript-and-page-layout.md

@@ -22,7 +22,7 @@ ms.custom: fasttrack-edit
 
  This article discusses how you can manage the user data in Azure Active Directory B2C (Azure AD B2C) by using the operations that are provided by the [Microsoft Graph API](/graph/use-the-api). Managing user data includes deleting or exporting data from audit logs.
 
-[!INCLUDE [gdpr-intro-sentence.md](../../includes/gdpr-intro-sentence.md)]
+[!INCLUDE [gdpr-intro-sentence.md](~/reusable-content/ce-skilling/azure/includes/gdpr-intro-sentence.md)]
 
 ## Delete user data
 

articles/active-directory-b2c/manage-user-data.md

@@ -21,7 +21,7 @@ ms.subservice: B2C
 
 Azure Active Directory B2C (Azure AD B2C) provides cloud identity management to keep your application, business, and customers protected. Azure AD B2C enables your applications to authenticate to social accounts and enterprise accounts using open standard protocols. In this quickstart, you use a Windows Presentation Foundation (WPF) desktop application to sign in using a social identity provider and call an Azure AD B2C protected web API.
 
-[!INCLUDE [quickstarts-free-trial-note](../../includes/quickstarts-free-trial-note.md)]
+[!INCLUDE [quickstarts-free-trial-note](~/reusable-content/ce-skilling/azure/includes/quickstarts-free-trial-note.md)]
 
 ## Prerequisites