Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into CMKNewIns

Author: roygara

articles/active-directory-b2c/claimsproviders.md

@@ -48,7 +48,7 @@ The **ClaimsProvider** element contains the following child elements:
 | Element | Occurrences | Description |
 | ------- | ---------- | ----------- |
 | Domain | 0:1 | A string that contains the domain name for the claim provider. For example, if your claims provider includes the Facebook technical profile, the domain name is Facebook.com. This domain name is used for all technical profiles defined in the claims provider unless overridden by the technical profile. The domain name can also be referenced in a **domain_hint**. For more information, see the **Redirect sign-in to a social provider** section of [Set up direct sign-in using Azure Active Directory B2C](direct-signin.md). |
-| DisplayName | 0:1 | A string that contains the name of the claims provider that can be displayed to users. |
+| DisplayName | 1:1 | A string that contains the name of the claims provider that can be displayed to users. |
 | [TechnicalProfiles](technicalprofiles.md) | 0:1 | A set of technical profiles supported by the claim provider |
 
 **ClaimsProvider** organizes how your technical profiles relate to the claims provider. The following example shows the Azure Active Directory claims provider with the Azure Active Directory technical profiles:

articles/app-service/configure-authentication-provider-aad.md

@@ -15,9 +15,6 @@ ms.custom: fasttrack-edit
 
 This article shows you how to configure Azure App Service to use Azure Active Directory (Azure AD) as an authentication provider.
 
-> [!NOTE]
-> At this time, Azure App Service and Azure Functions are only supported by Azure AD v1.0. They're not supported by the [Microsoft identity platform v2.0](https://docs.microsoft.com/azure/active-directory/develop/v2-overview), which includes Microsoft Authentication Libraries (MSAL).
-
 Follow these best practices when setting up your app and authentication:
 
 - Give each App Service app its own permissions and consent.

articles/app-service/configure-authentication-provider-microsoft.md

@@ -13,13 +13,17 @@ ms.custom: seodec18
 
 [!INCLUDE [app-service-mobile-selector-authentication](../../includes/app-service-mobile-selector-authentication.md)]
 
-This topic shows you how to configure Azure App Service to use Microsoft Account as an authentication provider. 
+This topic shows you how to configure Azure App Service to use AAD to support personal Microsoft account logins.
+
+> [!NOTE]
+> Both personal Microsoft accounts and organizational accounts use the AAD identity provider. At this time, is not possible to configure this identity provider to support both types of log-ins.
 
 ## <a name="register-microsoft-account"> </a>Register your app with Microsoft Account
 
 1. Go to [**App registrations**](https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade) in the Azure portal. If needed, sign in with your Microsoft account.
 1. Select **New registration**, then enter an application name.
-1. In **Redirect URIs**, select **Web**, and then enter `https://<app-domain-name>/.auth/login/microsoftaccount/callback`. Replace *\<app-domain-name>* with the domain name of your app.  For example, `https://contoso.azurewebsites.net/.auth/login/microsoftaccount/callback`. Be sure to use the HTTPS scheme in the URL.
+1. Under **Supported account types**, select **Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)**
+1. In **Redirect URIs**, select **Web**, and then enter `https://<app-domain-name>/.auth/login/aad/callback`. Replace *\<app-domain-name>* with the domain name of your app.  For example, `https://contoso.azurewebsites.net/.auth/login/aad/callback`. Be sure to use the HTTPS scheme in the URL.
 
 1. Select **Register**.
 1. Copy the **Application (Client) ID**. You'll need it later.
@@ -33,12 +37,12 @@ This topic shows you how to configure Azure App Service to use Microsoft Account
 
 1. Go to your application in the [Azure portal].
 1. Select **Settings** > **Authentication / Authorization**, and make sure that **App Service Authentication** is **On**.
-1. Under **Authentication Providers**, select **Microsoft Account**. Paste in the Application (client) ID and client secret that you obtained earlier. Enable any scopes needed by your application.
+1. Under **Authentication Providers**, select **Azure Active Directory**. Select **Advanced** under **Management mode**. Paste in the Application (client) ID and client secret that you obtained earlier. Use **https://login.microsoftonline.com/9188040d-6c67-4c5b-b112-36a304b66dad/v2.0** for the **Issuer Url** field.
 1. Select **OK**.
 
    App Service provides authentication, but doesn't restrict authorized access to your site content and APIs. You must authorize users in your app code.
 
-1. (Optional) To restrict access to Microsoft account users, set **Action to take when request is not authenticated** to **Log in with Microsoft Account**. When you set this functionality, your app requires all requests to be authenticated. It also redirects all unauthenticated requests to Microsoft account for authentication.
+1. (Optional) To restrict access to Microsoft account users, set **Action to take when request is not authenticated** to **Log in with Azure Active Directory**. When you set this functionality, your app requires all requests to be authenticated. It also redirects all unauthenticated requests to use AAD for authentication. Note that becuase you have configured your **Issuer Url** to use the Microsoft Account tenant, only personal acccounts will successfully authenticate.
 
    > [!CAUTION]
    > Restricting access in this way applies to all calls to your app, which might not be desirable for apps that have a publicly available home page, as in many single-page applications. For such applications, **Allow anonymous requests (no action)** might be preferred so that the app manually starts authentication itself. For more information, see [Authentication flow](overview-authentication-authorization.md#authentication-flow).

articles/azure-resource-manager/management/azure-subscription-service-limits.md

@@ -4,7 +4,7 @@ description: Provides a list of common Azure subscription and service limits, qu
 
 tags: billing
 ms.topic: conceptual
-ms.date: 01/02/2020
+ms.date: 01/28/2020
 ---
 
 # Azure subscription and service limits, quotas, and constraints

articles/private-link/private-endpoint-overview.md

@@ -52,7 +52,7 @@ A private link resource is the destination target of a given private endpoint. T
 |**Azure SQL Database** | Microsoft.Sql/servers    |  Sql Server (sqlServer)        |
 |**Azure SQL Data Warehouse** | Microsoft.Sql/servers    |  Sql Server (sqlServer)        |
 |**Azure Storage**  | Microsoft.Storage/storageAccounts    |  Blob (blob, blob_secondary)<BR> Table (table, table_secondary)<BR> Queue (queue, queue_secondary)<BR> File (file, file_secondary)<BR> Web (web, web_secondary)        |
-|**Azure Data Lake Storage Gen2**  | Microsoft.Storage/storageAccounts    |  Blob (blob, blob_secondary)       |
+|**Azure Data Lake Storage Gen2**  | Microsoft.Storage/storageAccounts    |  Blob (blob, blob_secondary)<BR> Data Lake File System Gen2 (dfs, dfs_secondary)       |
 |**Azure Cosmos DB** | Microsoft.AzureCosmosDB/databaseAccounts	| Sql, MongoDB, Cassandra, Gremlin, Table|
 |**Azure Database for PostgreSQL -Single server** | Microsoft.DBforPostgreSQL/servers	| postgresqlServer |
 |**Azure Database for MySQL** | Microsoft.DBforMySQL/servers	| mysqlServer |
@@ -143,4 +143,4 @@ The following table includes a list of known limitations when using private endp
 - [Create your own Private Link for Azure Database for MySQL using Portal](../mysql/howto-configure-privatelink-portal.md)
 - [Create your own Private Link for Azure Database for MySQL using CLI](../mysql/howto-configure-privatelink-cli.md)
 - [Create your own Private Link for Azure Database for MariaDB using Portal](../mariadb/howto-configure-privatelink-portal.md)
-- [Create your own Private Link for Azure Database for MariaDB using CLI](../mariadb/howto-configure-privatelink-cli.md)
+- [Create your own Private Link for Azure Database for MariaDB using CLI](../mariadb/howto-configure-privatelink-cli.md)

articles/virtual-machines/troubleshooting/toc.yml

@@ -159,8 +159,6 @@
     href: troubleshoot-deploy-vm-linux.md
   - name: Windows
     href: troubleshoot-deploy-vm-windows.md
-  - name: Restarting, Shutting Down, or Stopping services
-    href: boot-error-troubleshoot-windows.md
 - name: Device names are changed
   href: troubleshoot-device-names-problems.md
 - name: VM recovery access
@@ -199,6 +197,8 @@
     href: troubleshoot-critical-service-failed-boot-error.md
   - name: Reboot loop
     href: troubleshoot-reboot-loop.md
+  - name: Restarting, Shutting Down, or Stopping services
+    href: boot-error-troubleshoot-windows.md
   - name: Stuck at Windows update
     href: troubleshoot-stuck-updating-boot-error.md
 - name: Throttling errors

includes/azure-subscription-limits-azure-resource-manager.md

@@ -16,16 +16,17 @@
 | VM total cores per [subscription](../articles/billing-buy-sign-up-azure-subscription.md) |20<sup>1</sup> per region. | Contact support. |
 | Azure Spot VM total cores per [subscription](../articles/billing-buy-sign-up-azure-subscription.md) |20<sup>1</sup> per region. | Contact support. |
 | VM per series, such as Dv2 and F, cores per [subscription](../articles/billing-buy-sign-up-azure-subscription.md) |20<sup>1</sup> per region. | Contact support. |
-| [Coadministrators](../articles/cost-management-billing/manage/add-change-subscription-administrator.md) per subscription |Unlimited. |Unlimited. |
 | [Storage accounts](../articles/storage/common/storage-account-create.md) per region per subscription |250 |250 |
-| [Resource groups](../articles/azure-resource-manager/management/overview.md) per subscription |980 |980 |
 | [Availability sets](../articles/virtual-machines/windows/manage-availability.md#configure-multiple-virtual-machines-in-an-availability-set-for-redundancy) per subscription |2,000 per region. |2,000 per region. |
+| [Affinity groups](../articles/virtual-network/virtual-networks-migrate-to-regional-vnet.md) per subscription |N/A<sup>3</sup> |N/A<sup>3</sup> |
+| [Cloud services](../articles/cloud-services/cloud-services-choose-me.md) per subscription |N/A<sup>3</sup> |N/A<sup>3</sup> |
+| [Resource groups](../articles/azure-resource-manager/management/overview.md) per subscription |980 |980 |
 | Azure Resource Manager API request size |4,194,304 bytes. |4,194,304 bytes. |
 | Tags per subscription<sup>2</sup> |Unlimited. |Unlimited. |
 | Unique tag calculations per subscription<sup>2</sup> | 10,000 | 10,000 |
-| [Cloud services](../articles/cloud-services/cloud-services-choose-me.md) per subscription |N/A<sup>3</sup> |N/A<sup>3</sup> |
-| [Affinity groups](../articles/virtual-network/virtual-networks-migrate-to-regional-vnet.md) per subscription |N/A<sup>3</sup> |N/A<sup>3</sup> |
 | [Subscription-level deployments](../articles/azure-resource-manager/templates/deploy-to-subscription.md) per location | 800<sup>4</sup> | 800 |
+| Subscriptions per Azure Active Directory tenant | Unlimited. | Unlimited. |
+| [Coadministrators](../articles/cost-management-billing/manage/add-change-subscription-administrator.md) per subscription |Unlimited. |Unlimited. |
 
 <sup>1</sup>Default limits vary by offer category type, such as Free Trial and Pay-As-You-Go, and by series, such as Dv2, F, and G. For example, the default for Enterprise Agreement subscriptions is 350.