Merging changes synced from https://github.com/MicrosoftDocs/azure-docs-pr (branch live)

Author: tynevi

.openpublishing.redirection.json

@@ -27269,6 +27269,11 @@
             "source_path": "articles/cognitive-services/speech-service/speech-scenarios.md",
             "redirect_url": "/azure/cognitive-services/speech-service/overview",
             "redirect_document_id": true
+        },
+		{
+            "source_path": "articles/cognitive-services/luis/Home.md",
+            "redirect_url": "/azure/cognitive-services/luis/what-is-luis",
+            "redirect_document_id": true
         }
 
     ]

articles/active-directory/reports-monitoring/overview-activity-logs-in-azure-monitor.md

@@ -121,7 +121,7 @@ This section answers frequently asked questions and discusses known issues with
 
 **Q: How much will it cost to store my data?**
 
-**A**: The storage costs depend on both the size of your logs and the retention period you choose. For a list of the estimated costs for tenants, which depend on the volume of logs generated, go to the [Storage size for activity logs](https://review.docs.microsoft.com/en-us/azure/active-directory/reporting-azure-monitor-diagnostics-overview?branch=pr-en-us-47660#storage-size-for-activity-logs) section.
+**A**: The storage costs depend on both the size of your logs and the retention period you choose. For a list of the estimated costs for tenants, which depend on the volume of logs generated, see the [Storage size for activity logs](#storage-size-for-activity-logs) section.
 
 ---
 

articles/active-directory/saas-apps/sharepoint-on-premises-tutorial.md

@@ -148,7 +148,7 @@ In this section, you enable Azure AD single sign-on in the Azure portal and conf
 	$map2 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" -IncomingClaimTypeDisplayName "GivenName" -SameAsIncoming
 	$map3 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" -IncomingClaimTypeDisplayName "SurName" -SameAsIncoming
 	$map4 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" -IncomingClaimTypeDisplayName "Email" -SameAsIncoming
-	$ap = New-SPTrustedIdentityTokenIssuer -Name "AzureAD" -Description "SharePoint secured by Azure AD" -realm $realm -ImportTrustCertificate $cert -ClaimsMappings $map,$map2,$map3 -SignInUrl $wsfedurl -IdentifierClaim "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"
+	$ap = New-SPTrustedIdentityTokenIssuer -Name "AzureAD" -Description "SharePoint secured by Azure AD" -realm $realm -ImportTrustCertificate $cert -ClaimsMappings $map,$map2,$map3,$map4 -SignInUrl $wsfedurl -IdentifierClaim "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"
 	```
 
 	Next, follow these steps to enable the trusted identity provider for your application:

articles/active-directory/saas-apps/workfront-tutorial.md

@@ -114,7 +114,7 @@ In this section, you enable Azure AD single sign-on in the Azure portal and conf
 	b. In the **Identifier** textbox, type a URL using the following pattern: `https://<companyname>.attasksandbox.com/SAML2`
 
 	> [!NOTE] 
-	> These values are not real. Update these values with the actual Sign-On URL and Identifier. Contact [Workfront Client support team](https://www.workfront.com/contact-us/) to get these values. 
+	> These values are not real. Update these values with the actual Sign-On URL and Identifier. Contact [Workfront Client support team](https://www.workfront.com/services-and-support) to get these values. 
 
 1. On the **SAML Signing Certificate** section, click **Certificate(Base64)** and then save the Certificate file on your computer.
 

articles/active-directory/user-help/index.md

@@ -114,8 +114,8 @@ We've created this content to help you set up and use security info, two-step ve
                     <div class="cardText">
                         <h3>Manage my devices help</h3>
                         <p>
-                        <a href="/azure/active-directory/user-help/device-management-azuread-joined-devices-setup">Join my devices</a><br/>
-                        <a href="/azure/active-directory/user-help/device-management-azuread-registered-devices-windows10-setup">Register my Windows 10 devices</a>
+                        <a href="/azure/active-directory/user-help/user-help-join-device-on-network">Join your work device</a><br/>
+                        <a href="/azure/active-directory/user-help/user-help-register-device-on-network">Register your personal device for work</a>
                         </p>
                     </div>
                 </div>

articles/aks/TOC.yml

@@ -123,6 +123,8 @@
       href: kubernetes-dashboard.md
   - name: Troubleshoot
     items:
+    - name: Common issues
+      href: troubleshooting.md
     - name: SSH node access
       href: aks-ssh.md
 - name: Reference

articles/aks/azure-files-dynamic-pv.md

@@ -3,13 +3,11 @@ title: Use Azure File with AKS
 description: Use Azure Disks with AKS
 services: container-service
 author: iainfoulds
-manager: jeconnoc
 
 ms.service: container-service
 ms.topic: article
-ms.date: 05/21/2018
+ms.date: 08/15/2018
 ms.author: iainfou
-ms.custom: mvc
 ---
 
 # Persistent volumes with Azure files
@@ -18,33 +16,32 @@ A persistent volume is a piece of storage that has been created for use in a Kub
 
 For more information on Kubernetes persistent volumes, including static creation, see [Kubernetes persistent volumes][kubernetes-volumes].
 
-## Create storage account
+## Create a storage account
 
-When dynamically creating an Azure file share as a Kubernetes volume, any storage account can be used as long as it is in the AKS **node** resource group. This is the one with the `MC_` prefix that was created by the provisioning of the resources for the AKS cluster. Get the resource group name with the [az resource show][az-resource-show] command.
+When dynamically creating an Azure file share as a Kubernetes volume, any storage account can be used as long as it is in the AKS **node** resource group. This group is the one with the *MC_* prefix that was created by the provisioning of the resources for the AKS cluster. Get the resource group name with the [az aks show][az-aks-show] command.
 
-```azurecli-interactive
-$ az resource show --resource-group myResourceGroup --name myAKSCluster --resource-type Microsoft.ContainerService/managedClusters --query properties.nodeResourceGroup -o tsv
+```azurecli
+$ az aks show --resource-group myResourceGroup --name myAKSCluster --query nodeResourceGroup -o tsv
 
 MC_myResourceGroup_myAKSCluster_eastus
 ```
 
 Use the [az storage account create][az-storage-account-create] command to create the storage account.
 
-Update `--resource-group` with the name of the resource group gathered in the last step, and `--name` to a name of your choice.
+Update `--resource-group` with the name of the resource group gathered in the last step, and `--name` to a name of your choice. Provide your own unique storage account name:
 
-```azurecli-interactive
-az storage account create --resource-group MC_myResourceGroup_myAKSCluster_eastus --name mystorageaccount --location eastus --sku Standard_LRS
+```azurecli
+az storage account create --resource-group MC_myResourceGroup_myAKSCluster_eastus --name mystorageaccount --sku Standard_LRS
 ```
 
-> Azure Files only currently work with standard storage. If you use premium storage, your volume will fail to provision.
+> [!NOTE]
+> Azure Files currently only work with Standard storage. If you use Premium storage, the volume fails to provision.
 
-## Create storage class
+## Create a storage class
 
-A storage class is used to define how an Azure file share is created. A specific storage account can be specified in the class. If a storage account is not specified, a `skuName` and `location` must be specified, and all storage accounts in the associated resource group are evaluated for a match.
+A storage class is used to define how an Azure file share is created. A storage account can be specified in the class. If a storage account is not specified, a *skuName* and *location* must be specified, and all storage accounts in the associated resource group are evaluated for a match. For more information on Kubernetes storage classes for Azure Files, see [Kubernetes Storage Classes][kubernetes-storage-classes].
 
-For more information on Kubernetes storage classes for Azure files, see [Kubernetes Storage Classes][kubernetes-storage-classes].
-
-Create a file named `azure-file-sc.yaml` and copy in the following manifest. Update the `storageAccount` with the name of your target storage account. See the [Mount options] section for more information on `mountOptions`.
+Create a file named `azure-file-sc.yaml` and copy in the following example manifest. Update the *storageAccount* value with the name of your storage account created in the previous step. For more information on *mountOptions*, see the [Mount options][mount-options] section.
 
 ```yaml
 kind: StorageClass
@@ -59,21 +56,57 @@ mountOptions:
   - gid=1000
 parameters:
   skuName: Standard_LRS
+  storageAccount: mystorageaccount
 ```
 
-Create the storage class with the [kubectl apply][kubectl-apply] command.
+Create the storage class with the [kubectl apply][kubectl-apply] command:
 
-```azurecli-interactive
+```console
 kubectl apply -f azure-file-sc.yaml
 ```
 
-## Create persistent volume claim
+## Create a cluster role and binding
+
+AKS clusters use Kubernetes role-based access control (RBAC) to limit actions that can be performed. *Roles* define the permissions to grant, and *bindings* apply them to desired users. These assignments can be applied to a given namespace, or across the entire cluster. For more information, see [Using RBAC authorization][kubernetes-rbac].
+
+To allow the Azure platform to create the required storage resources, create a *clusterrole* and *clusterrolebinding*. Create a file named `azure-pvc-roles.yaml` and copy in the following YAML:
+
+```yaml
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+  name: system:azure-cloud-provider
+rules:
+- apiGroups: ['']
+  resources: ['secrets']
+  verbs:     ['get','create']
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+  name: system:azure-cloud-provider
+roleRef:
+  kind: ClusterRole
+  apiGroup: rbac.authorization.k8s.io
+  name: system:azure-cloud-provider
+subjects:
+- kind: ServiceAccount
+  name: persistent-volume-binder
+  namespace: kube-system
+```
+
+Assign the permissions with the [kubectl apply][kubectl-apply] command:
+
+```console
+kubectl apply -f azure-pvc-roles.yaml
+```
 
-A persistent volume claim (PVC) uses the storage class object to dynamically provision an Azure file share.
+## Create a persistent volume claim
 
-The following YAML can be used to create a persistent volume claim `5GB` in size with `ReadWriteMany` access. For more information on access modes, see the [Kubernetes persistent volume][access-modes] documentation.
+A persistent volume claim (PVC) uses the storage class object to dynamically provision an Azure file share. The following YAML can be used to create a persistent volume claim *5GB* in size with *ReadWriteMany* access. For more information on access modes, see the [Kubernetes persistent volume][access-modes] documentation.
 
-Create a file named `azure-file-pvc.yaml` and copy in the following YAML. Make sure that the `storageClassName` matches the storage class created in the last step.
+Now create a file named `azure-file-pvc.yaml` and copy in the following YAML. Make sure that the *storageClassName* matches the storage class created in the last step:
 
 ```yaml
 apiVersion: v1
@@ -89,19 +122,26 @@ spec:
       storage: 5Gi
 ```
 
-Create the persistent volume claim with the [kubectl apply][kubectl-apply] command.
+Create the persistent volume claim with the [kubectl apply][kubectl-apply] command:
 
-```azurecli-interactive
+```console
 kubectl apply -f azure-file-pvc.yaml
 ```
 
-Once completed, the file share will be created. A Kubernetes secret is also created that includes connection information and credentials.
+Once completed, the file share will be created. A Kubernetes secret is also created that includes connection information and credentials. You can use the [kubectl get][kubectl-get] command to view the status of the PVC:
+
+```
+$ kubectl get pvc azurefile
+
+NAME        STATUS    VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
+azurefile   Bound     pvc-8436e62e-a0d9-11e5-8521-5a8664dc0477   5Gi        RWX            azurefile      5m
+```
 
-## Using the persistent volume
+## Use the persistent volume
 
-The following YAML creates a pod that uses the persistent volume claim `azurefile` to mount the Azure file share at the `/mnt/azure` path.
+The following YAML creates a pod that uses the persistent volume claim *azurefile* to mount the Azure file share at the */mnt/azure* path.
 
-Create a file named `azure-pvc-files.yaml`, and copy in the following YAML. Make sure that the `claimName` matches the PVC created in the last step.
+Create a file named `azure-pvc-files.yaml`, and copy in the following YAML. Make sure that the *claimName* matches the PVC created in the last step.
 
 ```yaml
 kind: Pod
@@ -123,15 +163,36 @@ spec:
 
 Create the pod with the [kubectl apply][kubectl-apply] command.
 
-```azurecli-interactive
+```console
 kubectl apply -f azure-pvc-files.yaml
 ```
 
-You now have a running pod with your Azure disk mounted in the `/mnt/azure` directory. This configuration can be seen when inspecting your pod via `kubectl describe pod mypod`.
+You now have a running pod with your Azure disk mounted in the */mnt/azure* directory. This configuration can be seen when inspecting your pod via `kubectl describe pod mypod`. The following condensed example output shows the volume mounted in the container:
+
+```
+Containers:
+  myfrontend:
+    Container ID:   docker://053bc9c0df72232d755aa040bfba8b533fa696b123876108dec400e364d2523e
+    Image:          nginx
+    Image ID:       docker-pullable://nginx@sha256:d85914d547a6c92faa39ce7058bd7529baacab7e0cd4255442b04577c4d1f424
+    State:          Running
+      Started:      Wed, 15 Aug 2018 22:22:27 +0000
+    Ready:          True
+    Mounts:
+      /mnt/azure from volume (rw)
+      /var/run/secrets/kubernetes.io/serviceaccount from default-token-8rv4z (ro)
+[...]
+Volumes:
+  volume:
+    Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
+    ClaimName:  azurefile2
+    ReadOnly:   false
+[...]
+```
 
 ## Mount options
 
-Default fileMode and dirMode values differ between Kubernetes versions as described in the following table.
+Default *fileMode* and *dirMode* values differ between Kubernetes versions as described in the following table.
 
 | version | value |
 | ---- | ---- |
@@ -141,7 +202,7 @@ Default fileMode and dirMode values differ between Kubernetes versions as descri
 | v1.9.0 | 0700 |
 | v1.9.1 or above | 0755 |
 
-If using a cluster of version 1.8.5 or greater and dynamically creating the persistant volume with a storage class, mount options can be specified on the storage class object. The following example sets `0777`.
+If using a cluster of version 1.8.5 or greater and dynamically creating the persistent volume with a storage class, mount options can be specified on the storage class object. The following example sets *0777*:
 
 ```yaml
 kind: StorageClass
@@ -158,7 +219,7 @@ parameters:
   skuName: Standard_LRS
 ```
 
-If using a cluster of version 1.8.5 or greater and statically creating the persistant volume object, mount options need to be specified on the `PersistentVolume` object. for more information on statically creating a persistant volume, see [Static Persistent Volumes][pv-static].
+If using a cluster of version 1.8.5 or greater and statically creating the persistent volume object, mount options need to be specified on the *PersistentVolume* object. for more information on statically creating a persistent volume, see [Static Persistent Volumes][pv-static].
 
 ```yaml
 apiVersion: v1
@@ -181,7 +242,7 @@ spec:
   - gid=1000
   ```
 
-If using a cluster of version 1.8.0 - 1.8.4, a security context can be specified with the `runAsUser` value set to `0`. For more information on Pod security context, see [Configure a Security Context][kubernetes-security-context].
+If using a cluster of version 1.8.0 - 1.8.4, a security context can be specified with the *runAsUser* value set to *0*. For more information on Pod security context, see [Configure a Security Context][kubernetes-security-context].
 
 ## Next steps
 
@@ -193,18 +254,20 @@ Learn more about Kubernetes persistent volumes using Azure Files.
 <!-- LINKS - external -->
 [access-modes]: https://kubernetes.io/docs/concepts/storage/persistent-volumes
 [kubectl-apply]: https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#apply
-[kubectl-describe]: https://kubernetes-v1-4.github.io/docs/user-guide/kubectl/kubectl_describe/
+[kubectl-describe]: https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#describe
+[kubectl-get]: https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#get
 [kubernetes-files]: https://github.com/kubernetes/examples/blob/master/staging/volumes/azure_file/README.md
 [kubernetes-secret]: https://kubernetes.io/docs/concepts/configuration/secret/
 [kubernetes-security-context]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
 [kubernetes-storage-classes]: https://kubernetes.io/docs/concepts/storage/storage-classes/#azure-file
 [kubernetes-volumes]: https://kubernetes.io/docs/concepts/storage/persistent-volumes/
 [pv-static]: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#static
+[kubernetes-rbac]: https://kubernetes.io/docs/reference/access-authn-authz/rbac/
 
 <!-- LINKS - internal -->
 [az-group-create]: /cli/azure/group#az-group-create
 [az-group-list]: /cli/azure/group#az-group-list
-[az-resource-show]: /cli/azure/resource#az-resource-show
+[az-resource-show]: /cli/azure/aks#az-aks-show
 [az-storage-account-create]: /cli/azure/storage/account#az-storage-account-create
 [az-storage-create]: /cli/azure/storage/account#az-storage-account-create
 [az-storage-key-list]: /cli/azure/storage/account/keys#az-storage-account-keys-list