Merge branch 'master' into patch-1

Author: ktoliver

.openpublishing.redirection.json

@@ -7356,7 +7356,7 @@
         },
         {
             "source_path": "articles/sql-database/sql-database-manage-single-databases-portal.md",
-            "redirect_url": "/azure/sql-database/sql-database-service-tiers",
+            "redirect_url": "/azure/sql-database/sql-database-service-tiers-vcore",
             "redirect_document_id": false
         },
         {
@@ -7421,7 +7421,7 @@
         },
         {
             "source_path": "articles/sql-database/sql-database-scale-on-the-fly.md",
-            "redirect_url": "/azure/sql-database/sql-database-service-tiers",
+            "redirect_url": "/azure/sql-database/sql-database-service-tiers-vcore",
             "redirect_document_id": false
         },
         {
@@ -7444,14 +7444,19 @@
             "redirect_url": "/azure/sql-database/sql-database-security-overview",
             "redirect_document_id": false
         },
+        {
+            "source_path": "articles/sql-database/sql-database-service-tiers.md",
+            "redirect_url": "/azure/sql-database/sql-database-service-tiers-vcore",
+            "redirect_document_id": false
+        },
         {
             "source_path": "articles/sql-database/sql-database-server-overview.md",
             "redirect_url": "/azure/sql-database/sql-database-servers-databases",
             "redirect_document_id": false
         },
         {
             "source_path": "articles/sql-database/sql-database-service-tier-advisor.md",
-            "redirect_url": "/azure/sql-database/sql-database-service-tiers",
+            "redirect_url": "/azure/sql-database/sql-database-service-tiers-vcore",
             "redirect_document_id": false
         },
         {
@@ -8285,15 +8290,40 @@
             "redirect_document_id": false
         },
         {
-            "source_path": "articles/cognitive-services/Custom-Vision-Service/index.md",
-            "redirect_url": "/azure/cognitive-services/Custom-Vision-Service/home",
+            "source_path": "articles/cognitive-services/Computer-vision/index.md",
+            "redirect_url": "/azure/cognitive-services/Computer-vision/Home",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/cognitive-services/Content-Moderator/index.md",
+            "redirect_url": "/azure/cognitive-services/content-moderator/overview",
             "redirect_document_id": false
         },
         {
             "source_path": "articles/cognitive-services/Content-Moderator/review-api-authentication.md",
             "redirect_url": "/azure/cognitive-services/content-moderator/review-api",
             "redirect_document_id": false
         },
+        {
+            "source_path": "articles/cognitive-services/Custom-Vision-Service/index.md",
+            "redirect_url": "/azure/cognitive-services/Custom-Vision-Service/home",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/cognitive-services/Emotion/index.md",
+            "redirect_url": "/azure/cognitive-services/Emotion/Home",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/cognitive-services/Face/index.md",
+            "redirect_url": "/azure/cognitive-services/Face/Overview",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/cognitive-services/video-indexer/index.md",
+            "redirect_url": "/azure/cognitive-services/video-indexer/video-indexer-overview",
+            "redirect_document_id": false
+        },
         {
             "source_path": "articles/cognitive-services/video-indexer/home.md",
             "redirect_url": "/azure/cognitive-services/video-indexer/video-indexer-get-started",
@@ -10156,7 +10186,7 @@
         },
         {
             "source_path": "articles/active-directory/active-directory-aadconnectsync-connector-domino.md",
-            "redirect_url": "/azure/active-directory/connect/active-directory-aadconnectsync-connector-domino",
+            "redirect_url": "https://docs.microsoft.com/microsoft-identity-manager/reference/microsoft-identity-manager-2016-connector-domino",
             "redirect_document_id": false
         },
         {
@@ -10166,12 +10196,12 @@
         },
         {
             "source_path": "articles/active-directory/active-directory-aadconnectsync-connector-genericldap.md",
-            "redirect_url": "/azure/active-directory/connect/active-directory-aadconnectsync-connector-genericldap",
+            "redirect_url": "https://docs.microsoft.com/microsoft-identity-manager/reference/microsoft-identity-manager-2016-connector-genericldap",
             "redirect_document_id": false
         },
         {
             "source_path": "articles/active-directory/active-directory-aadconnectsync-connector-genericsql-step-by-step.md",
-            "redirect_url": "/azure/active-directory/connect/active-directory-aadconnectsync-connector-genericsql-step-by-step",
+            "redirect_url": "https://docs.microsoft.com/microsoft-identity-manager/reference/microsoft-identity-manager-2016-connector-genericsql-step-by-step",
             "redirect_document_id": false
         },
         {
@@ -10181,7 +10211,7 @@
         },
         {
             "source_path": "articles/active-directory/active-directory-aadconnectsync-connector-genericsql.md",
-            "redirect_url": "/azure/active-directory/connect/active-directory-aadconnectsync-connector-genericsql",
+            "redirect_url": "https://docs.microsoft.com/microsoft-identity-manager/reference/microsoft-identity-manager-2016-connector-genericsql",
             "redirect_document_id": false
         },
         {
@@ -18624,6 +18654,17 @@
             "redirect_url": "/azure/stream-analytics/stream-analytics-test-query",
             "redirect_document_id": false
         },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-devquickstarts-windowsphone.md",
+            "redirect_url": "/azure/active-directory/develop",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-devquickstarts-windowsstore.md",
+            "redirect_url": "/azure/active-directory/develop",
+            "redirect_document_id": false
+
+        }, 
         {
             "source_path": "articles/active-directory/develop/active-directory-v2-devquickstarts-android.md",
             "redirect_url": "/azure/active-directory/develop/guidedsetups/active-directory-android",
@@ -18702,6 +18743,7 @@
         {
             "source_path": "articles/machine-learning/desktop-workbench/support-for-aml-services.md",
             "redirect_url": "/azure/machine-learning/service/support-for-aml-services",
+            "redirect_document_id": false
         },
         {
             "source_path": "articles/stream-analytics/stream-analytics-add-outputs.md",
@@ -18768,6 +18810,11 @@
             "redirect_url": "/azure/active-directory/authentication/howto-mfa-mfasettings",
             "redirect_document_id": false
         },
+        {
+            "source_path": "articles/multi-factor-authentication/multi-factor-authentication.md",
+            "redirect_url": "/azure/active-directory/authentication/multi-factor-authentication",
+            "redirect_document_id": false
+        },
         {
             "source_path": "articles/multi-factor-authentication/multi-factor-authentication-versions-plans.md",
             "redirect_url": "/azure/active-directory/authentication/concept-mfa-licensing",
@@ -18793,6 +18840,26 @@
             "redirect_url": "/azure/active-directory/authentication/concept-sspr-customization",
             "redirect_document_id": true
         },
+        {
+            "source_path": "articles/active-directory/active-directory-deploying-ws-ad-guidelines.md",
+            "redirect_url": "https://docs.microsoft.com/windows-server/identity/ad-ds/introduction-to-active-directory-domain-services-ad-ds-virtualization-level-100",
+            "redirect_document_id": true
+        },
+        {
+            "source_path": "articles/active-directory/active-directory-install-replica-active-directory-domain-controller.md",
+            "redirect_url": "https://docs.microsoft.com/windows-server/identity/ad-ds/introduction-to-active-directory-domain-services-ad-ds-virtualization-level-100",
+            "redirect_document_id": true
+        },
+        {
+            "source_path": "articles/active-directory/active-directory-new-forest-virtual-machine.md",
+            "redirect_url": "https://docs.microsoft.com/windows-server/identity/ad-ds/introduction-to-active-directory-domain-services-ad-ds-virtualization-level-100",
+            "redirect_document_id": true
+        },
+        {
+            "source_path": "articles/active-directory/virtual-networks-windows-server-active-directory-virtual-machines.md",
+            "redirect_url": "https://docs.microsoft.com/windows-server/identity/ad-ds/introduction-to-active-directory-domain-services-ad-ds-virtualization-level-100",
+            "redirect_document_id": true
+        },
         {
             "source_path": "articles/active-directory/active-directory-passwords-data.md",
             "redirect_url": "/azure/active-directory/authentication/howto-sspr-authenticationdata",
@@ -19012,11 +19079,31 @@
             "source_path": "articles/network-watcher/network-watcher-check-next-hop-powershell.md",
             "redirect_url": "/azure/network-watcher/diagnose-vm-network-routing-problem-powershell",
             "redirect_document_id": true
-        },        
+        },
+        {
+            "source_path": "articles/network-watcher/network-watcher-troubleshoot-manage-portal.md",
+            "redirect_url": "/azure/network-watcher/diagnose-communication-problem-between-networks",
+            "redirect_document_id": true
+        },         
         {
             "source_path": "articles/multi-factor-authentication/multi-factor-authentication-get-started-user-states.md",
             "redirect_url": "/azure/active-directory/authentication/howto-mfa-userstates",
             "redirect_document_id": true
+        },
+      {
+        "source_path": "articles/active-directory/active-directory-saas-successcenter-provisioning-tutorial.md",
+        "redirect_url": "/azure/active-directory/active-directory-saas-cornerstone-ondemand-provisioning-tutorial",
+        "redirect_document_id": false
+      },
+          {
+            "source_path": "articles/active-directory/privileged-identity-management/active-directory-securing-privileged-access.md",
+            "redirect_url": "/azure/active-directory/admin-roles-best-practices",
+            "redirect_document_id": false
+        },        
+        {
+            "source_path": "articles/active-directory/develop/active-directory-v2-devquickstarts-webapp-webapi-dotnet.md",
+            "redirect_url": "https://github.com/AzureADQuickStarts/AppModelv2-WebApp-WebAPI-OpenIDConnect-DotNet",
+            "redirect_document_id": false
         }
     ]
 }

articles/active-directory-b2c/TOC.yml

@@ -94,8 +94,6 @@
     items:
       - name: Configure identity providers
         items:
-        - name: Custom OpenID Connect
-          href: active-directory-b2c-setup-oidc-idp.md
         - name: Microsoft Account
           href: active-directory-b2c-setup-msa-app.md
         - name: Facebook
@@ -114,6 +112,10 @@
           href: active-directory-b2c-setup-qq-app.md
         - name: WeChat
           href: active-directory-b2c-setup-wechat-app.md
+        - name: Azure AD (Single Tenant)
+          href: active-directory-b2c-setup-oidc-azure-active-directory.md
+        - name: Custom OpenID Connect
+          href: active-directory-b2c-setup-oidc-idp.md
       - name: Set up self-serve-password reset
         href: active-directory-b2c-reference-sspr.md
       - name: Customizing the UI
@@ -139,8 +141,14 @@
         href: active-directory-b2c-reference-language-customization.md
       - name: Use the reporting API
         href: active-directory-b2c-reference-usage-reporting-api.md
+      - name: Access audit logs
+        href: active-directory-b2c-reference-audit-logs.md
       - name: Migrate users
         href: active-directory-b2c-user-migration.md
+      - name: Using b2clogin.com
+        href: b2clogin.md
+      - name: Using age gating
+        href: basic-age-gating.md
   - name: Identity Experience Framework
     items:
     - name: Custom policies
@@ -151,8 +159,10 @@
         href: active-directory-b2c-get-started-custom.md
       - name: Configure OIDC/OAUTH providers
         items:
-        - name: Azure AD
+        - name: Azure AD (Single-Tenant)
           href: active-directory-b2c-setup-aad-custom.md
+        - name: Azure AD (Multi-Tenant)
+          href: active-directory-b2c-setup-commonaad-custom.md 
         - name: Microsoft Account
           href: active-directory-b2c-custom-setup-msa-idp.md
         - name: Google+
@@ -161,8 +171,6 @@
           href: active-directory-b2c-custom-setup-li-idp.md
         - name: Twitter
           href: active-directory-b2c-custom-setup-twitter-idp.md
-        - name: Multi-tenant
-          href: active-directory-b2c-setup-commonaad-custom.md 
       - name: Configure SAML providers
         items:
         - name: ADFS

articles/active-directory-b2c/active-directory-b2c-reference-audit-logs.md

@@ -0,0 +1,116 @@
+---
+title: 'Azure Active Directory B2C: Audit logs samples and definitions'
+description: Guide and samples on accessing the Azure AD B2C Audit logs
+services: active-directory-b2c
+author: sromeroz
+manager: sasubram
+ms.author: sezambra
+
+ms.service: active-directory-b2c
+ms.topic: article
+ms.workload: identity
+ms.date: 08/04/2017
+---
+
+# Accessing Azure AD B2C audit logs
+
+Azure Active Directory B2C (Azure AD B2C) emits audit logs containing activity information about B2C resources, issued tokens, and administrator access. This article provides a brief overview of the information available through audit logs and instructions on how to access this data for your Azure AD B2C tenant.
+
+> [!IMPORTANT]
+> Audit logs are only retained for seven days. Plan to download and store your logs using one of the methods shown below if you require a longer retention period. 
+
+##Overview of activities available in the B2C category of audit logs
+The **B2C** category in audit logs contains the following types of activities:
+|Activity type |Description  |
+|---------|---------|
+|Authorization |Activities concerning the authorization of a user to access B2C resources (for example, an administrator accessing a list of B2C policies)         |
+|Directory |Activities related to directory attributes retrieved when an administrator signs in using the Azure Portal |
+|Application | CRUD operations on B2C applications |
+|Key |CRUD operations on keys stored in B2C key container |
+|Resource |CRUD operations on B2C resources (for example, policies and identity providers)
+|Authentication |Validation of user credentials and token issuance|
+
+> [!NOTE]
+> For user object CRUD activities, refer to the **Core Directory** category.
+
+##Example activity
+The example below shows the data captured when a user signs in with an external identity provider:
+    ![Audit Logs - Example](./media/active-directory-b2c-reference-audit-logs/audit-logs-example.png)
+
+##Accessing audit logs through the Azure Portal
+1. Go to the [Azure portal](https://portal.azure.com). Make sure you are in your B2C directory.
+2. Click on **Azure Active Directory** in the favorites bar on the left 
+    
+    ![Audit Logs - AAD button](./media/active-directory-b2c-reference-audit-logs/audit-logs-portal-aad.png)
+
+1. Under **Activity**, click on **Audit Logs**
+
+    ![Audit Logs - Logs section](./media/active-directory-b2c-reference-audit-logs/audit-logs-portal-section.png)
+
+2. In the **Category** dropbox, select **B2C**
+3. Click on **Apply**
+
+    ![Audit Logs - Category](./media/active-directory-b2c-reference-audit-logs/audit-logs-portal-category.png)
+
+You will see a list of activities logged over the last seven days. 
+- Use the **Activity Resource Type** dropdown to filter by the activity types outlined above
+- Use the **Date Range** dropdown to filter the date range of the activities shown
+- If you click on a specific row in the list, a contextual box on the right will show you additional attributes associated with the activity
+- Click on **Download** to download the activities as a csv file
+
+##Accessing audit logs through the Azure AD reporting API
+Audit logs are published to the same pipeline as other activities for Azure Active Directory, so they can be accessed through the [Azure Active Directory reporting API](https://docs.microsoft.com/en-us/azure/active-directory/active-directory-reporting-api-audit-reference). 
+
+###Prerequisites
+To authenticate to the Azure AD reporting API you first need to register an application. Make sure to follow the steps in [Prerequisites to access the Azure AD reporting APIs](https://azure.microsoft.com/documentation/articles/active-directory-reporting-api-getting-started/).
+
+###Accesing the API
+To download the Azure AD B2C audit logs via the API, you'll want to filter the logs to the **B2C** category. To filter by category, use the query string parameter when calling the Azure AD reporting API endpoint, as shown below:
+
+`https://graph.windows.net/your-b2c-tentant.onmicrosoft.com/activities/audit?api-version=beta&$filter=category eq 'B2C'`
+
+###PowerShell script
+The following script provides an example of using PowerShell to query the Azure AD reporting API and store the results as a JSON file:
+
+```powershell
+# This script will require registration of a Web Application in Azure Active Directory (see https://azure.microsoft.com/documentation/articles/active-directory-reporting-api-getting-started/)
+
+# Constants
+$ClientID       = "your-client-application-id-here"       # Insert your application's Client ID, a Globally Unique ID (registered by Global Admin)
+$ClientSecret   = "your-client-application-secret-here"   # Insert your application's Client Key/Secret string
+$loginURL       = "https://login.microsoftonline.com"     
+$tenantdomain   = "your-b2c-tenant.onmicrosoft.com"       # AAD B2C Tenant; for example, contoso.onmicrosoft.com
+$resource       = "https://graph.windows.net"             # Azure AD Graph API resource URI
+$7daysago       = "{0:s}" -f (get-date).AddDays(-7) + "Z" # Use 'AddMinutes(-5)' to decrement minutes, for example
+Write-Output "Searching for events starting $7daysago"
+
+# Create HTTP header, get an OAuth2 access token based on client id, secret and tenant domain
+$body       = @{grant_type="client_credentials";resource=$resource;client_id=$ClientID;client_secret=$ClientSecret}
+$oauth      = Invoke-RestMethod -Method Post -Uri $loginURL/$tenantdomain/oauth2/token?api-version=1.0 -Body $body
+
+# Parse audit report items, save output to file(s): auditX.json, where X = 0 thru n for number of nextLink pages
+if ($oauth.access_token -ne $null) {   
+    $i=0
+    $headerParams = @{'Authorization'="$($oauth.token_type) $($oauth.access_token)"}
+    $url = 'https://graph.windows.net/' + $tenantdomain + '/activities/audit?api-version=beta&$filter=category eq ''B2C''and activityDate gt ' + $7daysago 
+
+    # loop through each query page (1 through n)
+    Do{
+        # display each event on the console window
+        Write-Output "Fetching data using Uri: $url"
+        $myReport = (Invoke-WebRequest -UseBasicParsing -Headers $headerParams -Uri $url)
+        foreach ($event in ($myReport.Content | ConvertFrom-Json).value) {
+            Write-Output ($event | ConvertTo-Json)
+        }
+
+        # save the query page to an output file
+        Write-Output "Save the output to a file audit$i.json"
+        $myReport.Content | Out-File -FilePath audit$i.json -Force
+        $url = ($myReport.Content | ConvertFrom-Json).'@odata.nextLink'
+        $i = $i+1
+    } while($url -ne $null)
+} else {
+    Write-Host "ERROR: No Access Token"
+}
+```
+