fix

Author: Ja-Dunn

.openpublishing.redirection.json

@@ -39472,6 +39472,71 @@
       "source_path": "articles/azure-monitor/app/app-insights-dashboards.md",
       "redirect_url": "/azure/azure-monitor/app/overview-dashboard",
       "redirect_document_id": false
+    },
+    {
+      "source_path" : "articles/active-directory-domain-services/active-directory-ds-admin-guide-administer-domain.md",
+      "redirect_url" : "/azure/active-directory-domain-services/manage-domain",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "articles/active-directory-domain-services/active-directory-ds-admin-guide-configure-secure-ldap.md",
+      "redirect_url": "/azure/active-directory-domain-services/configure-ldaps",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/active-directory-domain-services/active-directory-ds-admin-guide-create-ou.md",
+      "redirect_url": "/azure/active-directory-domain-services/create-ou",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/active-directory-domain-services/active-directory-ds-comparison.md",
+      "redirect_url": "/azure/active-directory-domain-services/comparison",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/active-directory-domain-services/active-directory-ds-contact-us.md",
+      "redirect_url": "/azure/active-directory-domain-services/contact-us",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/active-directory-domain-services/active-directory-ds-faqs.md",
+      "redirect_url": "/azure/active-directory-domain-services/faqs",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/active-directory-domain-services/active-directory-ds-getting-started.md",
+      "redirect_url": "/azure/active-directory-domain-services/create-instance",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/active-directory-domain-services/active-directory-ds-networking.md",
+      "redirect_url": "/azure/active-directory-domain-services/network-considerations",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/active-directory-domain-services/active-directory-ds-overview.md",
+      "redirect_url": "/azure/active-directory-domain-services/overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/active-directory-domain-services/active-directory-ds-synchronization.md",
+      "redirect_url": "/azure/active-directory-domain-services/synchronization",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/active-directory-domain-services/active-directory-ds-scenarios.md",
+      "redirect_url": "/azure/active-directory-domain-services/scenarios",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/active-directory-domain-services/active-directory-ds-admin-guide-join-windows-vm-portal.md",
+      "redirect_url": "/azure/active-directory-domain-services/join-windows-vm",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/active-directory-domain-services/active-directory-ds-troubleshooting.md",
+      "redirect_url": "/azure/active-directory-domain-services/troubleshoot",
+      "redirect_document_id": false
     }    
   ]
 }

articles/active-directory/authentication/howto-mfa-userdevicesettings.md

@@ -1,6 +1,6 @@
 ---
 title: Admins manage users and devices - Azure MFA - Azure Active Directory
-description: This describes how to change user settings such as forcing the users to do the proof-up process again.
+description: How can administrators change user settings such as forcing the users to do the proof-up process again.
 
 services: multi-factor-authentication
 ms.service: active-directory
@@ -32,13 +32,21 @@ This setting forces the user to complete the registration process again. Non-bro
 1. Sign in to the [Azure portal](https://portal.azure.com).
 2. On the left, select **Azure Active Directory** > **Users** > **All users**.
 3. On the right, select **Multi-Factor Authentication** on the toolbar. The multi-factor authentication page opens.
-4. Check the box next to the user or users that you wish to manage. A list of quick step options appear on the right.
+4. Check the box next to the user or users that you wish to manage. A list of quick step options appears on the right.
 5. Select **Manage user settings**.
 6. Check the box for **Require selected users to provide contact methods again**.
    ![Require users to provide contact methods again](./media/howto-mfa-userdevicesettings/reproofup.png)
 7. Click **save**.
 8. Click **close**.
 
+Organizations can complete these steps with PowerShell using the following as a guide to clear the `StrongAuthenticationMethods` attribute:
+
+```PowerShell
+$Upn = "[email protected]"
+$noMfaConfig = @()
+Set-MsolUser -UserPrincipalName $Upn -StrongAuthenticationMethods $noMfaConfig
+```
+
 ## Delete users existing app passwords
 
 This setting deletes all of the app passwords that a user has created. Non-browser apps that were associated with these app passwords stop working until a new app password is created.
@@ -48,7 +56,7 @@ This setting deletes all of the app passwords that a user has created. Non-brows
 1. Sign in to the [Azure portal](https://portal.azure.com).
 2. On the left, select **Azure Active Directory** > **Users** > **All users**.
 3. On the right, select **Multi-Factor Authentication** on the toolbar. The multi-factor authentication page opens.
-4. Check the box next to the user or users that you wish to manage. A list of quick step options appear on the right.
+4. Check the box next to the user or users that you wish to manage. A list of quick step options appears on the right.
 5. Select **Manage user settings**.
 6. Check the box for **Delete all existing app passwords generated by the selected users**.
    ![Delete all existing app passwords](./media/howto-mfa-userdevicesettings/deleteapppasswords.png)
@@ -61,14 +69,14 @@ One of the configurable features of Azure Multi-Factor Authentication is giving
 
 Users can opt out of two-step verification for a configurable number of days on their regular devices. If an account is compromised or a trusted device is lost, you need to be able to remove the trusted status and require two-step verification again.
 
-The **Restore multi-factor authentication on all remembered devices** setting means that the user will be challenged to perform two-step verification the next time they sign in, regardless of whether they chose to mark their device as trusted.
+When checked, **Restore multi-factor authentication on all remembered devices** users are required to perform two-step verification the next time they sign in, even if they marked their device as trusted.
 
 ### How to restore MFA on all suspended devices for a user
 
 1. Sign in to the [Azure portal](https://portal.azure.com).
 2. On the left, select **Azure Active Directory** > **Users** > **All users**.
 3. On the right, select **Multi-Factor Authentication** on the toolbar. The multi-factor authentication page opens.
-4. Check the box next to the user or users that you wish to manage. A list of quick step options appear on the right.
+4. Check the box next to the user or users that you wish to manage. A list of quick step options appears on the right.
 5. Select **Manage user settings**.
 6. Check the box for **Restore multi-factor authentication on all remembered devices**
    ![Restore multi-factor authentication on all remembered devices](./media/howto-mfa-userdevicesettings/rememberdevices.png)

articles/active-directory/b2b/current-limitations.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: B2B
 ms.topic: conceptual
-ms.date: 05/23/2017
+ms.date: 05/29/2019
 
 ms.author: mimart
 author: msmimart
@@ -28,6 +28,9 @@ In the B2B collaboration flows, we add users to the directory and dynamically up
 ## Azure AD directories
 Azure AD B2B is subject to Azure AD service directory limits. For details about the number of directories a user can create and the number of directories to which a user or guest user can belong, see [Azure AD service limits and restrictions](https://docs.microsoft.com/azure/active-directory/users-groups-roles/directory-service-limits-restrictions).
 
+## National clouds
+[National clouds](https://docs.microsoft.com/azure/active-directory/develop/authentication-national-cloud) are physically isolated instances of Azure. B2B collaboration is not supported across national cloud boundaries. For example, if your Azure tenant is in the public, global cloud, you can't invite a user whose account is in a national cloud. To collaborate with the user, ask them for another email address or create a member user account for them in your directory.
+
 ## Next steps
 
 See the following articles on Azure AD B2B collaboration:

articles/active-directory/b2b/redemption-experience.md

@@ -55,7 +55,7 @@ For information about how you as a tenant administrator can link to your organiz
 
 ## Terms of use
 
-You can present terms of use to the guest user during the initial redemption process by using the Azure AD Terms of use feature. In Azure Active Directory, you can access this feature under **Manage** > **Organizational relationships** > **Terms of use** or under **Security** > **Conditional Access** > **Terms of use**. For details, see [Azure AD Terms of use feature](../conditional-access/terms-of-use.md).
+You can present terms of use to the guest user during the initial redemption process by using the Azure AD terms of use feature. In Azure Active Directory, you can access this feature under **Manage** > **Organizational relationships** > **Terms of use** or under **Security** > **Conditional Access** > **Terms of use**. For details, see [Azure AD terms of use feature](../conditional-access/terms-of-use.md).
 
 ![Screenshot showing new terms of use](media/redemption-experience/organizational-relationships-terms-of-use.png) 
 

articles/active-directory/conditional-access/TOC.yml

@@ -64,7 +64,7 @@
     href: ../authentication/howto-registration-mfa-sspr-combined.md#conditional-access-policies-for-combined-registration
   - name: Require MFA for access attempts from untrusted networks
     href: untrusted-networks.md
-  - name: Require Terms of use
+  - name: Require terms of use
     href: terms-of-use.md
 - name: Reference
   items:

articles/active-directory/conditional-access/best-practices.md

@@ -67,7 +67,7 @@ All policies are enforced in two phases:
 
     ![Order](./media/best-practices/06.png)
 
-    External MFA providers and Terms of Use come next.
+    External MFA providers and terms of use come next.
 
 
 

articles/active-directory/conditional-access/controls.md

@@ -106,7 +106,7 @@ Your device must be registered to Azure AD before an application can be marked a
 For a list of supported policy protected client apps, see [app protection policy requirement](technical-reference.md#app-protection-policy-requirement).
 
 
-### Terms of Use
+### Terms of use
 
 You can require a user in your tenant to consent to the terms of use before being granted access to a resource. As an administrator, you can configure and customize terms of use by uploading a PDF document. If a user falls in scope of this control access to an application is only granted if the terms of use have been agreed.
 

articles/active-directory/conditional-access/location-condition.md

@@ -54,7 +54,7 @@ A named location has the following components:
 - **Countries/Regions** - This option enables you to select one or more country or region to define a named location.
 - **Include unknown areas** - Some IP addresses are not mapped to a specific country or region. This option allows you to choose if these IP addresses should be included in the named location. Use this setting when the policy using the named location should apply to unknown locations.
 
-The number of named locations you can configure is constrained by the size of the related object in Azure AD. Organizations can configure up to 90 named locations, each configured with up to 12000 IP ranges.
+The number of named locations you can configure is constrained by the size of the related object in Azure AD. Organizations can configure up to 90 named locations, each configured with up to 1200 IP ranges.
 
 Conditional access policy applies to IPv4 and IPv6 traffic. Currently named locations do not allow IPv6 ranges to be configured. This limitation causes the following situations: