MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json
Lines changed: 6 additions & 1 deletion b/‎.openpublishing.redirection.json
Lines changed: 6 additions & 1 deletion
diff --git a/‎articles/active-directory-b2c/tutorial-create-user-flows.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory-b2c/tutorial-create-user-flows.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/active-directory/cloud-sync/how-to-install.md
Lines changed: 24 additions & 1 deletion b/‎articles/active-directory/cloud-sync/how-to-install.md
Lines changed: 24 additions & 1 deletion
diff --git a/‎articles/active-directory/devices/enterprise-state-roaming-windows-settings-reference.md
Lines changed: 5 additions & 1 deletion b/‎articles/active-directory/devices/enterprise-state-roaming-windows-settings-reference.md
Lines changed: 5 additions & 1 deletion
diff --git a/‎articles/active-directory/fundamentals/whats-new.md
Lines changed: 5 additions & 5 deletions b/‎articles/active-directory/fundamentals/whats-new.md
Lines changed: 5 additions & 5 deletions
diff --git a/‎articles/aks/TOC.yml
Lines changed: 2 additions & 2 deletions b/‎articles/aks/TOC.yml
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/aks/ssh.md renamed to ‎articles/aks/node-access.md
Lines changed: 29 additions & 17 deletions b/‎articles/aks/ssh.md renamed to ‎articles/aks/node-access.md
Lines changed: 29 additions & 17 deletions
diff --git a/‎articles/api-management/soft-delete.md
Lines changed: 1 addition & 1 deletion b/‎articles/api-management/soft-delete.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/app-service/tutorial-python-postgresql-app.md
Lines changed: 3 additions & 0 deletions b/‎articles/app-service/tutorial-python-postgresql-app.md
Lines changed: 3 additions & 0 deletions
diff --git a/‎articles/azure-functions/functions-app-settings.md
Lines changed: 10 additions & 0 deletions b/‎articles/azure-functions/functions-app-settings.md
Lines changed: 10 additions & 0 deletions
@@ -2385,9 +2385,14 @@
     },
     {
       "source_path_from_root": "/articles/aks/aks-ssh.md",
-      "redirect_url": "/azure/aks/ssh",
+      "redirect_url": "/azure/aks/node-access",
       "redirect_document_id": true
     },
+    {
+      "source_path_from_root": "/articles/aks/ssh.md",
+      "redirect_url": "/azure/aks/node-access",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/aks/windows-node-limitations.md",
       "redirect_url": "/azure/aks/windows-faq",
 
@@ -8,7 +8,7 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: tutorial
-ms.date: 10/18/2021
+ms.date: 03/01/2022
 ms.author: kengaderdus
 ms.subservice: B2C
 zone_pivot_groups: b2c-policy-type
@@ -274,7 +274,7 @@ Add the application IDs to the extensions file *TrustFrameworkExtensions.xml*.
 
 ## Add Facebook as an identity provider
 
-The **SocialAndLocalAccounts** starter pack includes Facebook social sign in. Facebook is *not* required for using custom policies, but we use it here to demonstrate how you can enable federated social login in a custom policy.
+The **SocialAndLocalAccounts** starter pack includes Facebook social sign in. Facebook is *not* required for using custom policies, but we use it here to demonstrate how you can enable federated social login in a custom policy. If you don't need to enable federated social login, use the **LocalAccounts** starter pack instead, and skip [Add Facebook as an identity provider](tutorial-create-user-flows.md?pivots=b2c-custom-policy#add-facebook-as-an-identity-provider) section. 
 
 ### Create Facebook application
 
 
@@ -7,7 +7,7 @@ manager: karenhoran
 ms.service: active-directory
 ms.workload: identity
 ms.topic: how-to
-ms.date: 01/31/2021
+ms.date: 03/01/2022
 ms.subservice: hybrid
 ms.author: billmath
 ms.collection: M365-identity-device-management
@@ -108,6 +108,29 @@ By default, the Azure Active Directory (Azure AD) Connect provisioning agent ins
 - In step #7 above, instead of click **Open file**, go to start run and navigate to the **AADConnectProvisioningAgentSetup.exe** file.  In the run box, after the executable, enter **ENVIRONMENTNAME=AzureUSGovernment** and click **Ok**.
  [![Screenshot showing US govt cloud install](media/how-to-install/new-install-12.png)](media/how-to-install/new-install-12.png#lightbox)</br>
 
+## Password hash synchronization and FIPS with cloud sync
+If your server has been locked down according to Federal Information Processing Standard (FIPS), then MD5 is disabled.
+
+**To enable MD5 for password hash synchronization, perform the following steps:**
+
+1. Go to %programfiles%\Microsoft Azure AD Connect Provisioning Agent.
+2. Open AADConnectProvisioningAgent.exe.config.
+3. Go to the configuration/runtime node at the top of the file.
+4. Add the following node: `<enforceFIPSPolicy enabled="false"/>`
+5. Save your changes.
+
+For reference, this snippet is what it should look like:
+
+```
+    <configuration>
+        <runtime>
+            <enforceFIPSPolicy enabled="false"/>
+        </runtime>
+    </configuration>
+```
+
+For information about security and FIPS, see [Azure AD password hash sync, encryption, and FIPS compliance](https://blogs.technet.microsoft.com/enterprisemobility/2014/06/28/aad-password-sync-encryption-and-fips-compliance/).
+
 
 ## Next steps 
 
 
@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: devices
 ms.topic: reference
-ms.date: 02/25/2022
+ms.date: 03/01/2022
 
 ms.author: joflore
 author: MicrosoftGuyJFlo
@@ -30,6 +30,10 @@ List of settings that can be configured to sync in recent Windows versions. Thes
 | Date, Time, and Region: region format (locale) | sync |
 | Language: language profile | sync |
 | Language: list of keyboards | sync |
+| Mouse: Primary Mouse Button | sync |
+| Passwords: Web Credentials | sync |
+| Pen: Pen Handedness | sync |
+| Touchpad: Scrolling Direction | sync |
 | Wi-Fi: Wi-Fi profiles (only WPA) | sync |
 
 ## Browser settings
 
@@ -154,11 +154,11 @@ Identity Protection has added two new detections from Microsoft Defender for Clo
 
 You can now automate creating, updating, and deleting user accounts for these newly integrated apps:
 
-[BullseyeTDP](../saas-apps/bullseyetdp-provisioning-tutorial.md)
-[GitHub Enterprise Managed User (OIDC)](../saas-apps/github-enterprise-managed-user-oidc-provisioning-tutorial.md)
-[Gong](../saas-apps/gong-provisioning-tutorial.md)
-[LanSchool Air](../saas-apps/lanschool-air-provisioning-tutorial.md)
-[ProdPad](../saas-apps/prodpad-provisioning-tutorial.md)
+- [BullseyeTDP](../saas-apps/bullseyetdp-provisioning-tutorial.md)
+- [GitHub Enterprise Managed User (OIDC)](../saas-apps/github-enterprise-managed-user-oidc-provisioning-tutorial.md)
+- [Gong](../saas-apps/gong-provisioning-tutorial.md)
+- [LanSchool Air](../saas-apps/lanschool-air-provisioning-tutorial.md)
+- [ProdPad](../saas-apps/prodpad-provisioning-tutorial.md)
 For more information about how to better secure your organization by using automated user account provisioning, see [Automate user provisioning to SaaS applications with Azure AD](../app-provisioning/user-provisioning.md).
 
 
 
@@ -473,8 +473,8 @@
       items:
         - name: Common issues
           href: troubleshooting.md
-        - name: SSH node access
-          href: ssh.md
+        - name: Node access
+          href: node-access.md
         - name: Linux performance tools
           href: troubleshoot-linux.md
         - name: Check for Resource Health events (preview)
 
@@ -1,20 +1,20 @@
 ---
-title: SSH into Azure Kubernetes Service (AKS) cluster nodes
-description: Learn how to create an SSH connection with Azure Kubernetes Service (AKS) cluster nodes for troubleshooting and maintenance tasks.
+title: Connect to Azure Kubernetes Service (AKS) cluster nodes
+description: Learn how to connect to Azure Kubernetes Service (AKS) cluster nodes for troubleshooting and maintenance tasks.
 services: container-service
 ms.topic: article
-ms.date: 05/17/2021
+ms.date: 02/25/2022
 
 ms.custom: contperf-fy21q4
 
-#Customer intent: As a cluster operator, I want to learn how to use SSH to connect to virtual machines in an AKS cluster to perform maintenance or troubleshoot a problem.
+#Customer intent: As a cluster operator, I want to learn how to connect to virtual machines in an AKS cluster to perform maintenance or troubleshoot a problem.
 ---
 
-# Connect with SSH to Azure Kubernetes Service (AKS) cluster nodes for maintenance or troubleshooting
+# Connect to Azure Kubernetes Service (AKS) cluster nodes for maintenance or troubleshooting
 
-Throughout the lifecycle of your Azure Kubernetes Service (AKS) cluster, you may need to access an AKS node. This access could be for maintenance, log collection, or other troubleshooting operations. You can access AKS nodes using SSH, including Windows Server nodes. You can also [connect to Windows Server nodes using remote desktop protocol (RDP) connections][aks-windows-rdp]. For security purposes, the AKS nodes aren't exposed to the internet. To SSH to the AKS nodes, you use `kubectl debug` or the private IP address.
+Throughout the lifecycle of your Azure Kubernetes Service (AKS) cluster, you may need to access an AKS node. This access could be for maintenance, log collection, or other troubleshooting operations. You can access AKS nodes using SSH, including Windows Server nodes. You can also [connect to Windows Server nodes using remote desktop protocol (RDP) connections][aks-windows-rdp]. For security purposes, the AKS nodes aren't exposed to the internet. To connect to the AKS nodes, you use `kubectl debug` or the private IP address.
 
-This article shows you how to create an SSH connection with an AKS node.
+This article shows you how to create a connection to an AKS node.
 
 ## Before you begin
 
@@ -24,9 +24,9 @@ This article also assumes you have an SSH key. You can create an SSH key using [
 
 You also need the Azure CLI version 2.0.64 or later installed and configured. Run `az --version` to find the version. If you need to install or upgrade, see [Install Azure CLI][install-azure-cli].
 
-## Create the SSH connection to a Linux node
+## Create an interactive shell connection to a Linux node
 
-To create an SSH connection to an AKS node, use `kubectl debug` to run a privileged container on your node. To list your nodes, use `kubectl get nodes`:
+To create an interactive shell connection to a Linux node, use `kubectl debug` to run a privileged container on your node. To list your nodes, use `kubectl get nodes`:
 
 ```output
 $ kubectl get nodes -o wide
@@ -40,13 +40,13 @@ aksnpwin000000                      Ready    agent   87s     v1.19.9   10.240.0.
 Use `kubectl debug` to run a container image on the node to connect to it.
 
 ```azurecli-interactive
-kubectl debug node/aks-nodepool1-12345678-vmss000000 -it --image=mcr.microsoft.com/aks/fundamental/base-ubuntu:v0.0.11
+kubectl debug node/aks-nodepool1-12345678-vmss000000 -it --image=mcr.microsoft.com/dotnet/runtime-deps:6.0
 ```
 
-This command starts a privileged container on your node and connects to it over SSH.
+This command starts a privileged container on your node and connects to it.
 
 ```output
-$ kubectl debug node/aks-nodepool1-12345678-vmss000000 -it --image=mcr.microsoft.com/aks/fundamental/base-ubuntu:v0.0.11
+$ kubectl debug node/aks-nodepool1-12345678-vmss000000 -it --image=mcr.microsoft.com/dotnet/runtime-deps:6.0
 Creating debugging pod node-debugger-aks-nodepool1-12345678-vmss000000-bkmmx with container debugger on node aks-nodepool1-12345678-vmss000000.
 If you don't see a command prompt, try pressing enter.
 root@aks-nodepool1-12345678-vmss000000:/#
@@ -57,11 +57,19 @@ This privileged container gives access to the node.
 > [!NOTE]
 > You can interact with the node session by running `chroot /host` from the privileged container.
 
+### Remove Linux node access
+
+When done, `exit` the interactive shell session. After the interactive container session closes, delete the pod used for access with `kubectl delete pod`.
+
+```output
+kubectl delete pod node-debugger-aks-nodepool1-12345678-vmss000000-bkmmx
+```
+
 ## Create the SSH connection to a Windows node
 
-At this time, you can't connect to a Windows Server node using SSH directly by using `kubectl debug`. Instead, you need to first connect to another node in the cluster, then connect to the Windows Server node from that node using SSH. Alternatively, you can [connect to Windows Server nodes using remote desktop protocol (RDP) connections][aks-windows-rdp] instead of using SSH.
+At this time, you can't connect to a Windows Server node directly by using `kubectl debug`. Instead, you need to first connect to another node in the cluster, then connect to the Windows Server node from that node using SSH. Alternatively, you can [connect to Windows Server nodes using remote desktop protocol (RDP) connections][aks-windows-rdp] instead of using SSH.
 
-To connect to another node in the cluster, use `kubectl debug`. For more information, see [Create the SSH connection to a Linux node][ssh-linux-kubectl-debug].
+To connect to another node in the cluster, use `kubectl debug`. For more information, see [Create an interactive shell connection to a Linux node][ssh-linux-kubectl-debug].
 
 To create the SSH connection to the Windows Server node from another node, use the SSH keys provided when you created the AKS cluster and the internal IP address of the Windows Server node.
 
@@ -125,9 +133,13 @@ The above example connects to port 22 on the Windows Server node through port 20
 >  ssh -o 'ProxyCommand ssh -p 2022 -W %h:%p [email protected]' -o PreferredAuthentications=password [email protected]
 > ```
 
-## Remove SSH access
+### Remove SSH access
+
+When done, `exit` the SSH session, stop any port forwarding, and then `exit` the interactive container session. After the interactive container session closes, delete the pod used for SSH access with `kubectl delete pod`.
 
-When done, `exit` the SSH session, stop any port forwarding, and then `exit` the interactive container session. After the interactive container session closes, the pod used for SSH access from the AKS cluster is deleted.
+```output
+kubectl delete pod node-debugger-aks-nodepool1-12345678-vmss000000-bkmmx
+```
 
 ## Next steps
 
@@ -143,4 +155,4 @@ If you need more troubleshooting data, you can [view the kubelet logs][view-kube
 [aks-windows-rdp]: rdp.md
 [ssh-nix]: ../virtual-machines/linux/mac-create-ssh-keys.md
 [ssh-windows]: ../virtual-machines/linux/ssh-from-windows.md
-[ssh-linux-kubectl-debug]: #create-the-ssh-connection-to-a-linux-node
+[ssh-linux-kubectl-debug]: #create-an-interactive-shell-connection-to-a-linux-node
@@ -23,7 +23,7 @@ Currently, depending on how you delete an API Management instance, the instance
 Recovery and other operations on a soft-deleted instance are enabled through [REST API](/rest/api/apimanagement/current-ga/api-management-service/restore) version `2020-06-01-preview` or later, or the Azure SDK for .NET, Go, or Python.
 
 > [!TIP]
-> Refer to [Azure REST API Reference](/rest/api/azure/) for tips and tools for calling Azure REST APIs.
+> Refer to [Azure REST API Reference](/rest/api/azure/) for tips and tools for calling Azure REST APIs and [API Management REST](/rest/api/apimanagement/) for additional information specific to API Management.
 
 | Operation | Description | API Management namespace | Minimum API version |
 |--|--|--|--|
 
@@ -333,6 +333,9 @@ In your Python code, you access these settings as environment variables with sta
 
 Having issues? Refer first to the [Troubleshooting guide](configure-language-python.md#troubleshooting), otherwise, [let us know](https://aka.ms/DjangoCLITutorialHelp).
 
+> [!NOTE]
+> If you want to try an alternative approach to connect your app to the Postgres database in Azure, see the [Service Connector version](../service-connector/tutorial-django-webapp-postgres-cli.md) of this tutorial. Service Connector is a new Azure service that is currently in public preview. [Section 4.2](../service-connector/tutorial-django-webapp-postgres-cli.md#42-configure-environment-variables-to-connect-the-database) of that tutorial introduces a simplified process for creating the connection.
+
 ### 4.3 Run Django database migrations
 
 Django database migrations ensure that the schema in the PostgreSQL on Azure database match those described in your code.
 
@@ -360,6 +360,16 @@ Only used when deploying to a Premium plan or to a Consumption plan running on W
 
 When using an Azure Resource Manager template to create a function app during deployment, don't include WEBSITE_CONTENTSHARE in the template. This slot setting is generated during deployment. To learn more, see [Automate resource deployment for your function app](functions-infrastructure-as-code.md?tabs=windows#create-a-function-app).
 
+## WEBSITE\_SKIP\_CONTENTSHARE\_VALIDATION
+
+The WEBSITE_CONTENTAZUREFILECONNECTIONSTRING and WEBSITE_CONTENTSHARE settings have additional validation checks to ensure that the app can be properly started. Creation of application settings will fail if the Function App cannot properly call out to the downstream Storage Account or Key Vault due to networking constraints or other limiting factors. When WEBSITE_SKIP_CONTENTSHARE_VALIDATION is set to `1`, the validation check is skipped; otherwise the value defaults to `0` and the validation will take place. 
+
+|Key|Sample value|
+|---|------------|
+|WEBSITE_SKIP_CONTENTSHARE_VALIDATION|`1`|
+
+If validation is skipped and either the connection string or content share are not valid, the app will be unable to start properly and will only serve HTTP 500 errors.
+
 ## WEBSITE\_DNS\_SERVER
 
 Sets the DNS server used by an app when resolving IP addresses. This setting is often required when using certain networking functionality, such as [Azure DNS private zones](functions-networking-options.md#azure-dns-private-zones) and [private endpoints](functions-networking-options.md#restrict-your-storage-account-to-a-virtual-network).