fixed build warnings

Author: bandersmsft

articles/active-directory-b2c/active-directory-b2c-custom-rest-api-netfw-secure-basic.md

@@ -298,7 +298,7 @@ After your RESTful service is protected by the client ID (username) and secret,
 
 ## Step 5: Upload the policy to your tenant
 
-1. In the [Azure portal](https://portal.azure.com), switch to the [context of your Azure AD B2C tenant](active-directory-b2c-navigate-to-b2c-context.md), and then open **Azure AD B2C**.
+1. In the [Azure portal](https://portal.azure.com), switch to the [context of your Azure AD B2C tenant](tutorial-create-tenant.md), and then open **Azure AD B2C**.
 
 2. Select **Identity Experience Framework**.
 

articles/active-directory-b2c/active-directory-b2c-custom-rest-api-netfw-secure-cert.md

@@ -96,7 +96,7 @@ To support client certificate authentication in your custom policy, change the t
 
 ## Step 4: Upload the policy to your tenant
 
-1. In the [Azure portal](https://portal.azure.com), switch to the [context of your Azure AD B2C tenant](active-directory-b2c-navigate-to-b2c-context.md), and then select **Azure AD B2C**.
+1. In the [Azure portal](https://portal.azure.com), switch to the [context of your Azure AD B2C tenant](tutorial-create-tenant.md), and then select **Azure AD B2C**.
 
 2. Select **Identity Experience Framework**.
 

articles/active-directory-b2c/active-directory-b2c-custom-rest-api-netfw.md

@@ -333,7 +333,7 @@ After you add the new claim, the relying party code looks like this:
 
 ## Step 7: Upload the policy to your tenant
 
-1. In the [Azure portal](https://portal.azure.com), switch to the [context of your Azure AD B2C tenant](active-directory-b2c-navigate-to-b2c-context.md), and then open **Azure AD B2C**.
+1. In the [Azure portal](https://portal.azure.com), switch to the [context of your Azure AD B2C tenant](tutorial-create-tenant.md), and then open **Azure AD B2C**.
 
 1. Select **Identity Experience Framework**.
 

articles/active-directory-b2c/active-directory-b2c-how-to-enable-billing.md

@@ -130,7 +130,7 @@ The management of Azure AD B2C using role-based access control is not affected b
 
 Azure AD B2C tenants can be moved to another subscription if the source and destination subscriptions exist within the same Azure Active Directory tenant.
 
-To learn how to move Azure resources like your Azure AD B2C tenant to another subscription, see [Move resources to new resource group or subscription](../azure-resource-manager/resource-group-move-resources.md).
+To learn how to move Azure resources like your Azure AD B2C tenant to another subscription, see [Move resources to new resource group or subscription](../azure-resource-manager/management/move-resource-group-and-subscription.md).
 
 Before you initiate the move, be sure to read the entire article to fully understand the limitations and requirements for such a move. In addition to instructions for moving resources, it includes critical information like a pre-move checklist and how to validate the move operation.
 

articles/active-directory-b2c/active-directory-b2c-ui-customization-custom-dynamic.md

@@ -213,7 +213,7 @@ To configure `ContentDefinition`, do the following:
     ![Example XML snippet with LoadUri element highlighted](media/active-directory-b2c-ui-customization-custom-dynamic/aadb2c-ief-ui-customization-content-definition.png)
 
 ## Step 6: Upload the policy to your tenant
-1. In the [Azure portal](https://portal.azure.com), switch to the [context of your Azure AD B2C tenant](active-directory-b2c-navigate-to-b2c-context.md), and then select **Azure AD B2C**.
+1. In the [Azure portal](https://portal.azure.com), switch to the [context of your Azure AD B2C tenant](tutorial-create-tenant.md), and then select **Azure AD B2C**.
 
 2. Select **Identity Experience Framework**.
 

articles/active-directory-b2c/cookie-definitions.md

@@ -19,14 +19,14 @@ The following table lists the cookies used in Azure Active Directory B2C.
 
 | Name | Domain | Expiration | Purpose |
 | ----------- | ------ | -------------------------- | --------- |
-| x-ms-cpim-admin | main.b2cadmin.ext.azure.com | End of [browser session](active-directory-b2c-token-session-sso.md) | Holds user membership data across tenants. The tenants a user is a member of and level of membership (Admin or User). |
-| x-ms-cpim-slice | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](active-directory-b2c-token-session-sso.md) | Used to route requests to the appropriate production instance. |
-| x-ms-cpim-trans | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](active-directory-b2c-token-session-sso.md) | Used for tracking the transactions  (number of authentication requests to Azure AD B2C) and the current transaction. |
-| x-ms-cpim-sso:{Id} | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](active-directory-b2c-token-session-sso.md) | Used for maintaining the SSO session. |
-| x-ms-cpim-cache:{id}_n | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](active-directory-b2c-token-session-sso.md), successful authentication | Used for maintaining the request state. |
-| x-ms-cpim-csrf | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](active-directory-b2c-token-session-sso.md) | Cross-Site Request Forgery token used for CRSF protection. |
-| x-ms-cpim-dc | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](active-directory-b2c-token-session-sso.md) | Used for Azure AD B2C network routing. |
-| x-ms-cpim-ctx | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](active-directory-b2c-token-session-sso.md) | Context |
-| x-ms-cpim-rp | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](active-directory-b2c-token-session-sso.md) | Used for storing membership data for the resource provider tenant. |
-| x-ms-cpim-rc | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](active-directory-b2c-token-session-sso.md) | Used for storing the relay cookie. |
+| x-ms-cpim-admin | main.b2cadmin.ext.azure.com | End of [browser session](session-behavior.md) | Holds user membership data across tenants. The tenants a user is a member of and level of membership (Admin or User). |
+| x-ms-cpim-slice | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](session-behavior.md) | Used to route requests to the appropriate production instance. |
+| x-ms-cpim-trans | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](session-behavior.md) | Used for tracking the transactions  (number of authentication requests to Azure AD B2C) and the current transaction. |
+| x-ms-cpim-sso:{Id} | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](session-behavior.md) | Used for maintaining the SSO session. |
+| x-ms-cpim-cache:{id}_n | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](session-behavior.md), successful authentication | Used for maintaining the request state. |
+| x-ms-cpim-csrf | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](session-behavior.md) | Cross-Site Request Forgery token used for CRSF protection. |
+| x-ms-cpim-dc | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](session-behavior.md) | Used for Azure AD B2C network routing. |
+| x-ms-cpim-ctx | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](session-behavior.md) | Context |
+| x-ms-cpim-rp | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](session-behavior.md) | Used for storing membership data for the resource provider tenant. |
+| x-ms-cpim-rc | login.microsoftonline.com, b2clogin.com, branded domain | End of [browser session](session-behavior.md) | Used for storing the relay cookie. |
 

articles/active-directory-b2c/relyingparty.md

@@ -204,7 +204,7 @@ The **OutputClaim** element contains the following attributes:
 ### SubjectNamingInfo
 
 With the **SubjectNameingInfo** element, you control the value of the token subject:
-- **JWT token** - the `sub` claim. This is a principal about which the token asserts information, such as the user of an application. This value is immutable and cannot be reassigned or reused. It can be used to perform safe authorization checks, such as when the token is used to access a resource. By default, the subject claim is populated with the object ID of the user in the directory. For more information, see [Token, session and single sign-on configuration](active-directory-b2c-token-session-sso.md).
+- **JWT token** - the `sub` claim. This is a principal about which the token asserts information, such as the user of an application. This value is immutable and cannot be reassigned or reused. It can be used to perform safe authorization checks, such as when the token is used to access a resource. By default, the subject claim is populated with the object ID of the user in the directory. For more information, see [Token, session and single sign-on configuration](session-behavior.md).
 - **SAML token** - the `<Subject><NameID>` element which identifies the subject element.
 
 The **SubjectNamingInfo** element contains the following attribute:

articles/active-directory-domain-services/join-windows-vm-template.md

@@ -139,6 +139,6 @@ In this article, you used the Azure portal to configure and deploy resources usi
 [create-azure-ad-tenant]: ../active-directory/fundamentals/sign-up-organization.md
 [associate-azure-ad-tenant]: ../active-directory/fundamentals/active-directory-how-subscriptions-associated-directory.md
 [create-azure-ad-ds-instance]: tutorial-create-instance.md
-[template-overview]: ../azure-resource-manager/template-deployment-overview.md
-[deploy-powershell]: ../azure-resource-manager/resource-group-template-deploy.md
-[deploy-cli]: ../azure-resource-manager/resource-group-template-deploy-cli.md
+[template-overview]: ../azure-resource-manager/templates/overview.md
+[deploy-powershell]: ../azure-resource-manager/templates/deploy-powershell.md
+[deploy-cli]: ../azure-resource-manager/templates/deploy-cli.md

articles/active-directory/managed-identities-azure-resources/qs-configure-template-windows-vm.md

@@ -22,7 +22,7 @@ ms.collection: M365-identity-device-management
 
 [!INCLUDE [preview-notice](../../../includes/active-directory-msi-preview-notice.md)]
 
-Managed identities for Azure resources provides Azure services with an automatically managed identity in Azure Active Directory. You can use this identity to authenticate to any service that supports Azure AD authentication, without having credentials in your code. 
+Managed identities for Azure resources provides Azure services with an automatically managed identity in Azure Active Directory. You can use this identity to authenticate to any service that supports Azure AD authentication, without having credentials in your code.
 
 In this article, using the Azure Resource Manager deployment template, you learn how to perform the following managed identities for Azure resources operations on an Azure VM:
 
@@ -40,7 +40,7 @@ As with the Azure portal and scripting, [Azure Resource Manager](../../azure-res
    - Using a local [JSON editor (such as VS Code)](../../azure-resource-manager/resource-manager-create-first-template.md), and then uploading and deploying by using PowerShell or CLI.
    - Using the Visual Studio [Azure Resource Group project](../../azure-resource-manager/templates/create-visual-studio-deployment-project.md) to both create and deploy a template.  
 
-Regardless of the option you choose, template syntax is the same during initial deployment and redeployment. Enabling a system or user-assigned managed identity on a new or existing VM is done in the same manner. Also, by default, Azure Resource Manager does an [incremental update](../../azure-resource-manager/deployment-modes.md) to deployments.
+Regardless of the option you choose, template syntax is the same during initial deployment and redeployment. Enabling a system or user-assigned managed identity on a new or existing VM is done in the same manner. Also, by default, Azure Resource Manager does an [incremental update](../../azure-resource-manager/templates/deployment-modes) to deployments.
 
 ## System-assigned managed identity
 
@@ -55,7 +55,7 @@ To enable system-assigned managed identity on a VM, your account needs the [Virt
 2. To enable system-assigned managed identity, load the template into an editor, locate the `Microsoft.Compute/virtualMachines` resource of interest within the `resources` section and add the `"identity"` property at the same level as the `"type": "Microsoft.Compute/virtualMachines"` property. Use the following syntax:
 
    ```JSON
-   "identity": { 
+   "identity": {
        "type": "SystemAssigned"
    },
    ```
@@ -76,7 +76,7 @@ To enable system-assigned managed identity on a VM, your account needs the [Virt
                 "type": "SystemAssigned",
                 },
             },
-        
+
             //The following appears only if you provisioned the optional VM extension (to be deprecated)
             {
             "type": "Microsoft.Compute/virtualMachines/extensions",
@@ -106,9 +106,9 @@ After you have enabled system-assigned managed identity on your VM, you may want
 To assign a role to your VM's system-assigned identity, your account needs the [User Access Administrator](/azure/role-based-access-control/built-in-roles#user-access-administrator) role assignment.
 
 1. Whether you sign in to Azure locally or via the Azure portal, use an account that is associated with the Azure subscription that contains the VM.
- 
+
 2. Load the template into an [editor](#azure-resource-manager-templates) and add the following information to give your VM **Reader** access to the resource group in which it was created.  Your template structure may vary depending on the editor and the deployment model you choose.
-   
+
    Under the `parameters` section add the following:
 
     ```JSON
@@ -152,15 +152,15 @@ To remove system-assigned managed identity from a VM, your account needs the [Vi
 1. Whether you sign in to Azure locally or via the Azure portal, use an account that is associated with the Azure subscription that contains the VM.
 
 2. Load the template into an [editor](#azure-resource-manager-templates) and locate the `Microsoft.Compute/virtualMachines` resource of interest within the `resources` section. If you have a VM that only has system-assigned managed identity, you can disable it by changing the identity type to `None`.  
-   
+
    **Microsoft.Compute/virtualMachines API version 2018-06-01**
 
    If your VM has both system and user-assigned managed identities, remove `SystemAssigned` from the identity type and keep `UserAssigned` along with the `userAssignedIdentities` dictionary values.
 
    **Microsoft.Compute/virtualMachines API version 2018-06-01**
-   
+
    If your `apiVersion` is `2017-12-01` and your VM has both system and user-assigned managed identities, remove `SystemAssigned` from the identity type and keep `UserAssigned` along with the `identityIds` array of the user-assigned managed identities.  
-   
+
 The following example shows you how remove a system-assigned managed identity from a VM with no user-assigned managed identities:
 
  ```JSON
@@ -169,7 +169,7 @@ The following example shows you how remove a system-assigned managed identity fr
      "type": "Microsoft.Compute/virtualMachines",
      "name": "[parameters('vmName')]",
      "location": "[resourceGroup().location]",
-     "identity": { 
+     "identity": {
          "type": "None"
      }
  }
@@ -206,11 +206,11 @@ To assign a user-assigned identity to a VM, your account needs the [Virtual Mach
         }
     }
    ```
-   
+
    **Microsoft.Compute/virtualMachines API version 2017-12-01**
-    
+
    If your `apiVersion` is `2017-12-01`, your user-assigned managed identities are stored in the `identityIds` array and the `<USERASSIGNEDIDENTITYNAME>` value must be stored in a variable defined in the `variables` section of your template.
-    
+
    ```JSON
    {
        "apiVersion": "2017-12-01",
@@ -225,9 +225,9 @@ To assign a user-assigned identity to a VM, your account needs the [Virtual Mach
        }
    }
    ```
-       
+
 3. When you're done, the following sections should added to the `resource` section of your template and it should resemble the following:
-   
+
    **Microsoft.Compute/virtualMachines API version 2018-06-01**    
 
    ```JSON
@@ -267,7 +267,7 @@ To assign a user-assigned identity to a VM, your account needs the [Virtual Mach
     ]   
    ```
    **Microsoft.Compute/virtualMachines API version 2017-12-01**
-   
+
    ```JSON
    "resources": [
         {
@@ -283,7 +283,7 @@ To assign a user-assigned identity to a VM, your account needs the [Virtual Mach
                 ]
             }
         },
-                 
+
         //The following appears only if you provisioned the optional VM extension (to be deprecated)                   
         {
             "type": "Microsoft.Compute/virtualMachines/extensions",
@@ -313,33 +313,33 @@ To remove a user-assigned identity from a VM, your account needs the [Virtual Ma
 1. Whether you sign in to Azure locally or via the Azure portal, use an account that is associated with the Azure subscription that contains the VM.
 
 2. Load the template into an [editor](#azure-resource-manager-templates) and locate the `Microsoft.Compute/virtualMachines` resource of interest within the `resources` section. If you have a VM that only has user-assigned managed identity, you can disable it by changing the identity type to `None`.
- 
+
    The following example shows you how remove all user-assigned managed identities from a VM with no system-assigned managed identities:
-   
+
    ```json
     {
       "apiVersion": "2018-06-01",
       "type": "Microsoft.Compute/virtualMachines",
       "name": "[parameters('vmName')]",
       "location": "[resourceGroup().location]",
-      "identity": { 
+      "identity": {
           "type": "None"
           },
     }
    ```
-   
+
    **Microsoft.Compute/virtualMachines API version 2018-06-01**
-    
+
    To remove a single user-assigned managed identity from a VM, remove it from the `useraAssignedIdentities` dictionary.
 
    If you have a system-assigned managed identity, keep it in the in the `type` value under the `identity` value.
- 
+
    **Microsoft.Compute/virtualMachines API version 2017-12-01**
 
    To remove a single user-assigned managed identity from a VM, remove it from the `identityIds` array.
 
    If you have a system-assigned managed identity, keep it in the in the `type` value under the `identity` value.
-   
+
 ## Next steps
 
 - [Managed identities for Azure resources overview](overview.md).