Merge pull request #191101 from MicrosoftDocs/main

3/09 AM Publish

Author: huypub

.openpublishing.redirection.json

@@ -698,6 +698,11 @@
       "redirect_url": "/azure/frontdoor/front-door-rules-engine",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/frontdoor/concept-caching.md",
+      "redirect_url": "/azure/frontdoor/front-door-caching",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/frontdoor/concept-route.md",
       "redirect_url": "/azure/frontdoor/front-door-route-matching",

articles/active-directory-b2c/configure-authentication-sample-web-app.md

@@ -44,14 +44,14 @@ A computer that's running either of the following:
 
 # [Visual Studio](#tab/visual-studio)
 
-* [Visual Studio 2019 16.8 or later](https://visualstudio.microsoft.com/downloads/?utm_medium=microsoft&utm_source=docs.microsoft.com&utm_campaign=inline+link&utm_content=download+vs2019), with the ASP.NET and web development workload
-* [.NET 5.0 SDK](https://dotnet.microsoft.com/download/dotnet)
+* [Visual Studio 2022 17.0 or later](https://visualstudio.microsoft.com/downloads/?utm_medium=microsoft&utm_source=docs.microsoft.com&utm_campaign=inline+link&utm_content=download+vs2019), with the ASP.NET and web development workload
+* [.NET 6.0 SDK](https://dotnet.microsoft.com/download/dotnet)
 
 # [Visual Studio Code](#tab/visual-studio-code)
 
 * [Visual Studio Code](https://code.visualstudio.com/download)
 * [C# for Visual Studio Code (latest version)](https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csharp)
-* [.NET 5.0 SDK](https://dotnet.microsoft.com/download/dotnet)
+* [.NET 6.0 SDK](https://dotnet.microsoft.com/download/dotnet)
 
 ---
 
@@ -76,7 +76,7 @@ To create the web app registration, do the following:
 1. Select **App registrations**, and then select **New registration**.
 1. Under **Name**, enter a name for the application (for example, *webapp1*).
 1. Under **Supported account types**, select **Accounts in any identity provider or organizational directory (for authenticating users with user flows)**. 
-1. Under **Redirect URI**, select **Web** and then, in the URL box, enter `https://localhost:5001/signin-oidc`.
+1. Under **Redirect URI**, select **Web** and then, in the URL box, enter `https://localhost:44316/signin-oidc`.
 1. Under **Permissions**, select the **Grant admin consent to openid and offline access permissions** checkbox.
 1. Select **Register**.
 1. Select **Overview**.
@@ -131,7 +131,7 @@ Your final configuration file should look like the following JSON:
 ## Step 5: Run the sample web app
 
 1. Build and run the project.
-1. Go to `https://localhost:5001`. 
+1. Go to `https://localhost:44316`. 
 1. Select **Sign Up/In**.
 
     ![Screenshot of the "Sign Up/In" button on the project Welcome page.](./media/configure-authentication-sample-web-app/web-app-sign-in.png)

articles/active-directory/cloud-sync/how-to-prerequisites.md

@@ -7,7 +7,7 @@ manager: karenhoran
 ms.service: active-directory
 ms.workload: identity
 ms.topic: how-to
-ms.date: 10/19/2021
+ms.date: 03/04/2022
 ms.subservice: hybrid
 ms.author: billmath
 ms.collection: M365-identity-device-management
@@ -115,6 +115,12 @@ Run the [IdFix tool](/office365/enterprise/prepare-directory-attributes-for-sync
 
     - If your firewall enforces rules according to the originating users, open these ports for traffic from Windows services that run as a network service.
     - If your firewall or proxy allows you to specify safe suffixes, add connections to \*.msappproxy.net and \*.servicebus.windows.net. If not, allow access to the [Azure datacenter IP ranges](https://www.microsoft.com/download/details.aspx?id=41653), which are updated weekly.
+   - If you are installing against the **US government** cloud, and your firewall or proxy allows you to specify safe suffixes, add connections to:
+       - *.microsoftonline.us
+       - *.microsoft.us
+       - *.msappproxy.us 
+       - *.windowsazure.us
+    
     - Your agents need access to login.windows.net and login.microsoftonline.com for initial registration. Open your firewall for those URLs as well.
     - For certificate validation, unblock the following URLs: mscrl.microsoft.com:80, crl.microsoft.com:80, ocsp.msocsp.com:80, and www\.microsoft.com:80. These URLs are used for certificate validation with other Microsoft products, so you might already have these URLs unblocked.
 

articles/active-directory/develop/msal-net-web-browsers.md

@@ -96,16 +96,15 @@ IPublicClientApplication pca = PublicClientApplicationBuilder
 > [!Note]
 > If you configure `http://localhost`, internally MSAL.NET will find a random open port and use it.
 
-### Linux and MAC
+### Linux and macOS
 
-On Linux, MSAL.NET will open the default OS browser using the xdg-open tool. To troubleshoot, run the tool from a terminal, for example, `xdg-open "https://www.bing.com"`. On Mac, the browser is opened by invoking `open <url>`.
+On Linux, MSAL.NET opens the default OS browser with a tool like [xdg-open](http://manpages.ubuntu.com/manpages/focal/man1/xdg-open.1.html). Opening the browser with `sudo` is unsupported by MSAL and will cause MSAL to throw an exception.
 
-### Customizing the experience
+On macOS, the browser is opened by invoking `open <url>`.
 
-> [!NOTE]
-> Customization is available in MSAL.NET 4.1.0 or later.
+### Customizing the experience
 
-MSAL.NET is able to respond with an HTTP message when a token is received or in case of error. You can display an HTML message or redirect to an URL of your choice:
+MSAL.NET can respond with an HTTP message or HTTP redirect when a token is received or an error occurs.
 
 ```csharp
 var options = new SystemWebViewOptions() 

articles/active-directory/devices/enterprise-state-roaming-enable.md

@@ -83,7 +83,6 @@ The data retention policy isn't configurable. Once the data is permanently delet
 
 ## Next steps
 
-* [Enterprise State Roaming overview](enterprise-state-roaming-overview.md)
 * [Settings and data roaming FAQ](enterprise-state-roaming-faqs.yml)
 * [Group Policy and MDM settings for settings sync](enterprise-state-roaming-group-policy-settings.md)
 * [Windows 10 roaming settings reference](enterprise-state-roaming-windows-settings-reference.md)

articles/api-management/TOC.yml

@@ -388,6 +388,12 @@
         href: https://aka.ms/apimupdates
       - name: Release notes
         href: https://aka.ms/apim/releases
+      - name: Breaking changes
+        items:
+            - name: Overview
+              href: breaking-changes/overview.md
+            - name: Virtual Network Changes (March 2023)
+              href: breaking-changes/rp-source-ip-address-change-mar2023.md
       - name: Regional availability
         href: https://azure.microsoft.com/global-infrastructure/services/
       - name: Videos

articles/api-management/api-management-sample-send-request.md

@@ -188,22 +188,22 @@ Once you have this information, you can make requests to all the backend systems
 
 ```xml
 <send-request mode="new" response-variable-name="revenuedata" timeout="20" ignore-error="true">
-  <set-url>@($"https://accounting.acme.com/salesdata?from={(string)context.Variables["fromDate"]}&to={(string)context.Variables["fromDate"]}")"</set-url>
+  <set-url>@($"https://accounting.acme.com/salesdata?from={(string)context.Variables["fromDate"]}&to={(string)context.Variables["fromDate"]}")</set-url>
   <set-method>GET</set-method>
 </send-request>
 
 <send-request mode="new" response-variable-name="materialdata" timeout="20" ignore-error="true">
-  <set-url>@($"https://inventory.acme.com/materiallevels?from={(string)context.Variables["fromDate"]}&to={(string)context.Variables["fromDate"]}")"</set-url>
+  <set-url>@($"https://inventory.acme.com/materiallevels?from={(string)context.Variables["fromDate"]}&to={(string)context.Variables["fromDate"]}")</set-url>
   <set-method>GET</set-method>
 </send-request>
 
 <send-request mode="new" response-variable-name="throughputdata" timeout="20" ignore-error="true">
-<set-url>@($"https://production.acme.com/throughput?from={(string)context.Variables["fromDate"]}&to={(string)context.Variables["fromDate"]}")"</set-url>
+<set-url>@($"https://production.acme.com/throughput?from={(string)context.Variables["fromDate"]}&to={(string)context.Variables["fromDate"]}")</set-url>
   <set-method>GET</set-method>
 </send-request>
 
 <send-request mode="new" response-variable-name="accidentdata" timeout="20" ignore-error="true">
-<set-url>@($"https://production.acme.com/accidentdata?from={(string)context.Variables["fromDate"]}&to={(string)context.Variables["fromDate"]}")"</set-url>
+<set-url>@($"https://production.acme.com/accidentdata?from={(string)context.Variables["fromDate"]}&to={(string)context.Variables["fromDate"]}")</set-url>
   <set-method>GET</set-method>
 </send-request>
 ```

articles/api-management/api-management-using-with-internal-vnet.md

@@ -55,7 +55,7 @@ For configurations specific to the *external* mode, where the service endpoints
 1. Continue configuring VNet settings for the remaining locations of your API Management instance.
 1. In the top navigation bar, select **Save**, then select **Apply network configuration**.
 
-    It can take 15 to 45 minutes to update the API Management instance.
+    It can take 15 to 45 minutes to update the API Management instance. The Developer tier has downtime during the process. The Basic and higher SKUs don't have downtime during the process.
 
 After successful deployment, you should see your API Management service's **private** virtual IP address and **public** virtual IP address on the **Overview** blade. For more information about the IP addresses, see [Routing](#routing) in this article.
 

articles/api-management/api-management-using-with-vnet.md

@@ -49,7 +49,7 @@ For configurations specific to the *internal* mode, where the endpoints are acce
 
 7. In the top navigation bar, select **Save**, then select **Apply network configuration**.
 
-    It can take 15 to 45 minutes to update the API Management instance.
+It can take 15 to 45 minutes to update the API Management instance. The Developer tier has downtime during the process. The Basic and higher SKUs don't have downtime during the process. 
 
 ### Enable connectivity using a Resource Manager template (`stv2` compute platform)
 
@@ -76,9 +76,10 @@ The API Management service depends on several Azure services. When API Managemen
 * For guidance on custom DNS setup, including forwarding for Azure-provided hostnames, see [Name resolution for resources in Azure virtual networks](../virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances.md#name-resolution-that-uses-your-own-dns-server).  
 * Outbound network access on port `53` is required for communication with DNS servers. For more settings, see [Virtual network configuration reference](virtual-network-reference.md).
 
-> [!IMPORTANT]
+> [!IMPORTANT] 
 > If you plan to use a custom DNS server(s) for the VNet, set it up **before** deploying an API Management service into it. Otherwise, you'll need to update the API Management service each time you change the DNS Server(s) by running the [Apply Network Configuration Operation](/rest/api/apimanagement/current-ga/api-management-service/apply-network-configuration-updates).
 
+
 ## Routing
 
 + A load-balanced public IP address (VIP) is reserved to provide access to all service endpoints and resources outside the VNet.

articles/api-management/breaking-changes/overview.md

@@ -0,0 +1,23 @@
+---
+title: Upcoming Breaking Changes in Azure API Management | Microsoft Docs
+description: A list of all the upcoming breaking changes for Azure API Management
+services: api-management
+documentationcenter: ''
+author: adrianhall
+
+ms.service: api-management
+ms.topic: reference
+ms.date: 02/07/2022
+ms.author: adhal
+---
+
+# Upcoming breaking changes
+
+The following table lists all the upcoming breaking changes and feature retirements for Azure API Management.
+
+| Change Title | Effective Date |
+|:-------------|:---------------|
+| [Resource Provider Source IP Address Update][bc1] | March 31, 2023 |
+
+<!-- Links -->
+[bc1]: ./rp-source-ip-address-change-mar2023.md