Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into azurecli3

Author: v-thepet

articles/active-directory-b2c/claimsschema.md

@@ -8,7 +8,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: reference
-ms.date: 02/24/2020
+ms.date: 03/05/2020
 ms.author: mimart
 ms.subservice: B2C
 ---
@@ -52,9 +52,12 @@ The **ClaimType** element contains the following elements:
 | Mask | 0:1 | An optional string of masking characters that can be applied when displaying the claim. For example, the phone number 324-232-4343 can be masked as XXX-XXX-4343. |
 | UserHelpText | 0:1 | A description of the claim type that can be helpful for users to understand its purpose. The value can be [localized](localization.md). |
 | UserInputType | 0:1 | The type of input control that should be available to the user when manually entering the claim data for the claim type. See the user input types defined later in this page. |
+| AdminHelpText | 0:1 | A description of the claim type that can be helpful for administrators to understand its purpose. |
 | Restriction | 0:1 | The value restrictions for this claim, such as a regular expression (Regex) or a list of acceptable values. The value can be [localized](localization.md). |
 PredicateValidationReference| 0:1 | A reference to a **PredicateValidationsInput** element. The **PredicateValidationReference** elements enable you to perform a validation process to ensure that only properly formed data is entered. For more information, see [Predicates](predicates.md). |
 
+
+
 ### DataType
 
 The **DataType** element supports the following values:

articles/active-directory-b2c/code-samples.md

@@ -42,5 +42,4 @@ The following tables provide links to samples for applications including iOS, An
 
 | Sample | Description |
 |--------| ----------- |
-| [javascript-msal-singlepageapp](https://github.com/Azure-Samples/active-directory-b2c-javascript-msal-singlepageapp) | A single page application (SPA) calling a Web API. Authentication is done with Azure AD B2C by leveraging MSAL.js. |
-| [javascript-hellojs-singlepageapp](https://github.com/Azure-Samples/active-directory-b2c-javascript-hellojs-singlepageapp) | A single page app, implemented with an ASP.NET Web API backend, that signs up & signs in users using Azure AD B2C and calls the web API using OAuth 2.0 access tokens. |
+| [javascript-msal-singlepageapp](https://github.com/Azure-Samples/active-directory-b2c-javascript-msal-singlepageapp) | A single page application (SPA) calling a Web API. Authentication is done with Azure AD B2C by using MSAL.js. |

articles/active-directory-b2c/implicit-flow-single-page-application.md

@@ -239,12 +239,12 @@ GET https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/{policy}/oauth2/v2.0/
 
 ## Next steps
 
-### Code sample: hello.js with Azure AD B2C
+### Code sample: Azure AD B2C with Microsoft Authentication Library for JavaScript
 
-[Single-page application built on hello.js with Azure AD B2C][github-hello-js-example] (GitHub)
+[Single-page application built with msal.js for Azure AD B2C][github-msal-js-example] (GitHub)
 
-This sample on GitHub is intended to help get you started with Azure AD B2C in a simple web application built on [hello.js][github-hello-js] and using pop-up-style authentication.
+This sample on GitHub is intended to help get you started to Azure AD B2C in a simple web application built with [msal.js][github-msal-js] and using pop-up-style authentication.
 
 <!-- Links - EXTERNAL -->
-[github-hello-js-example]: https://github.com/Azure-Samples/active-directory-b2c-javascript-hellojs-singlepageapp
-[github-hello-js]: https://github.com/MrSwitch/hello.js
+[github-msal-js-example]: https://github.com/Azure-Samples/active-directory-b2c-javascript-msal-singlepageapp
+[github-msal-js]: https://github.com/AzureAD/microsoft-authentication-library-for-js

articles/active-directory-domain-services/tutorial-configure-password-hash-sync.md

@@ -77,6 +77,8 @@ With Azure AD Connect installed and configured to synchronize with Azure AD, now
     # Define the Azure AD Connect connector names and import the required PowerShell module
     $azureadConnector = "<CASE SENSITIVE AZURE AD CONNECTOR NAME>"
     $adConnector = "<CASE SENSITIVE AD DS CONNECTOR NAME>"
+    
+    Import-Module "C:\Program Files\Microsoft Azure AD Sync\Bin\ADSync\ADSync.psd1"
     Import-Module "C:\Program Files\Microsoft Azure Active Directory Connect\AdSyncConfig\AdSyncConfig.psm1"
 
     # Create a new ForceFullPasswordSync configuration parameter object then

articles/active-directory/b2b/current-limitations.md

@@ -31,6 +31,21 @@ Azure AD B2B is subject to Azure AD service directory limits. For details about
 ## National clouds
 [National clouds](https://docs.microsoft.com/azure/active-directory/develop/authentication-national-cloud) are physically isolated instances of Azure. B2B collaboration is not supported across national cloud boundaries. For example, if your Azure tenant is in the public, global cloud, you can't invite a user whose account is in a national cloud. To collaborate with the user, ask them for another email address or create a member user account for them in your directory.
 
+## Azure US Government clouds
+Within the Azure US Government cloud, B2B collaboration is currently only supported between tenants that are both within Azure US Government cloud and that both support B2B collaboration. If you invite a user in a tenant that isn't part of the Azure US Government cloud or that doesn't yet support B2B collaboration, the invitation will fail or the user won't be able to redeem the invitation. For details about other limitations, see [Azure Active Directory Premium P1 and P2 Variations](https://docs.microsoft.com/azure/azure-government/documentation-government-services-securityandidentity#azure-active-directory-premium-p1-and-p2).
+
+### How can I tell if B2B collaboration is available in my Azure US Government tenant?
+To find out if your Azure US Government cloud tenant supports B2B collaboration, do the following:
+
+1. In a browser, go to the following URL, substituting your tenant name for *<tenantname>*:
+
+   `https://login.microsoftonline.com/<tenantname>/v2.0/.well-known/openid-configuration`
+
+2. Find `"tenant_region_scope"` in the JSON response:
+
+   - If `"tenant_region_scope":"USGOV”` appears, B2B is supported.
+   - If `"tenant_region_scope":"USG"` appears, B2B is not supported.
+
 ## Next steps
 
 See the following articles on Azure AD B2B collaboration:

articles/active-directory/b2b/troubleshoot.md

@@ -94,6 +94,10 @@ If the identity tenant is a just-in-time (JIT) or viral tenant (meaning it's a s
 
 As of November 18, 2019, guest users in your directory (defined as user accounts where the **userType** property equals **Guest**) are blocked from using the AzureAD PowerShell V1 module. Going forward, a user will need to either be a member user (where **userType** equals **Member**) or use the AzureAD PowerShell V2 module.
 
+## In an Azure US Government tenant, I can't invite a B2B collaboration guest user
+
+Within the Azure US Government cloud, B2B collaboration is currently only supported between tenants that are both within Azure US Government cloud and that both support B2B collaboration. If you invite a user in a tenant that isn't part of the Azure US Government cloud or that doesn't yet support B2B collaboration, you'll get an error. For details and limitations, see [Azure Active Directory Premium P1 and P2 Variations](https://docs.microsoft.com/azure/azure-government/documentation-government-services-securityandidentity#azure-active-directory-premium-p1-and-p2).
+
 ## Next steps
 
 [Get support for B2B collaboration](get-support.md)