Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into securitygroupupdateFeb2020

Author: KumudD

.openpublishing.publish.config.json

@@ -346,6 +346,26 @@
       "url": "https://github.com/Azure-Samples/azure-sdk-for-go-samples",
       "branch": "master"
     },
+    {
+      "path_to_root": "azure-sdk-for-java-event-hubs",
+      "url": "https://github.com/Azure/azure-sdk-for-java/",
+      "branch": "master"
+    },
+    {
+      "path_to_root": "azure-sdk-for-java-script-event-hubs",
+      "url": "https://github.com/Azure/azure-sdk-for-js/",
+      "branch": "master"
+    },        
+    {
+      "path_to_root": "azure-sdk-for-net-event-hubs",
+      "url": "https://github.com/Azure/azure-sdk-for-net/",
+      "branch": "master"
+    },
+    {
+      "path_to_root": "azure-sdk-for-python-event-hubs",
+      "url": "https://github.com/Azure/azure-sdk-for-python/",
+      "branch": "master"
+    },      
     {
       "path_to_root": "cosmos-dotnet-getting-started",
       "url": "https://github.com/Azure-Samples/cosmos-dotnet-getting-started",

.openpublishing.redirection.json

@@ -1745,22 +1745,22 @@
     },
     {
       "source_path": "articles/cognitive-services/Bing-Web-Search/web-search-sdk-quickstart.md",
-      "redirect_url": "/azure/cognitive-services/bing-web-search/quickstarts/client-libraries",
+      "redirect_url": "/azure/cognitive-services/bing-web-search/quickstarts/client-libraries?pivots=programming-language-csharp",
       "redirect_document_id": false
     },
     {
       "source_path": "articles/cognitive-services/Bing-Web-Search/web-sdk-java-quickstart.md",
-      "redirect_url": "/azure/cognitive-services/bing-web-search/quickstarts/client-libraries",
+      "redirect_url": "/azure/cognitive-services/bing-web-search/quickstarts/client-libraries?pivots=programming-language-java",
       "redirect_document_id": false
     },
     {
       "source_path": "articles/cognitive-services/Bing-Web-Search/web-search-sdk-node-quickstart.md",
-      "redirect_url": "/azure/cognitive-services/bing-web-search/quickstarts/client-libraries",
+      "redirect_url": "/azure/cognitive-services/bing-web-search/quickstarts/client-libraries?pivots=programming-language-javascript",
       "redirect_document_id": false
     },
     {
       "source_path": "articles/cognitive-services/Bing-Web-Search/web-sdk-python-quickstart.md",
-      "redirect_url": "/azure/cognitive-services/bing-web-search/quickstarts/client-libraries",
+      "redirect_url": "/azure/cognitive-services/bing-web-search/quickstarts/client-libraries?pivots=programming-language-python",
       "redirect_document_id": false
     },
     {
@@ -32620,17 +32620,17 @@
     },
     {
       "source_path": "articles/cognitive-services/Bing-Custom-Search/sdk-csharp-quick-start.md",
-      "redirect_url": "/azure/cognitive-services/bing-custom-search/quickstarts/client-libraries",
+      "redirect_url": "/azure/cognitive-services/bing-custom-search/quickstarts/client-libraries?pivots=programming-language-csharp",
       "redirect_document_id": false
     },
     {
       "source_path": "articles/cognitive-services/Bing-Custom-Search/sdk-java-quickstart.md",
-      "redirect_url": "/azure/cognitive-services/bing-custom-search/quickstarts/client-libraries",
+      "redirect_url": "/azure/cognitive-services/bing-custom-search/quickstarts/client-libraries?pivots=programming-language-java",
       "redirect_document_id": false
     },
     {
       "source_path": "articles/cognitive-services/Bing-Custom-Search/sdk-python-quickstart.md",
-      "redirect_url": "/azure/cognitive-services/bing-custom-search/quickstarts/client-libraries",
+      "redirect_url": "/azure/cognitive-services/bing-custom-search/quickstarts/client-libraries?pivots=programming-language-python",
       "redirect_document_id": false
     },
     {
@@ -49199,5 +49199,10 @@
       "redirect_url": "/azure/jenkins/service-fabric-cicd-your-linux-applications-with-jenkins",
       "redirect_document_id": true
     },
+    {
+      "source_path": "articles/jenkins/install-jenkins-solution-template.md",
+      "redirect_url": "/azure/jenkins/install-solution-template-tutorial",
+      "redirect_document_id": true
+    }
   ]
 }

articles/active-directory/cloud-provisioning/how-to-prerequisites.md

@@ -21,7 +21,7 @@ This article provides guidance on how to choose and use Azure Active Directory (
 ## Cloud provisioning agent requirements
 You need the following to use Azure AD Connect cloud provisioning:
 
-- A global administrator account for your Azure AD tenant.
+- A global administrator account for your Azure AD tenant that is not a guest user.
 - An on-premises server for the provisioning agent with Windows 2012 R2 or later.
 - On-premises firewall configurations.
 
@@ -35,6 +35,10 @@ The rest of the document provides step-by-step instructions for these prerequisi
 1. Create a cloud-only global administrator account on your Azure AD tenant. This way, you can manage the configuration of your tenant if your on-premises services fail or become unavailable. Learn about how to [add a cloud-only global administrator account](../active-directory-users-create-azure-portal.md). Finishing this step is critical to ensure that you don't get locked out of your tenant.
 1. Add one or more [custom domain names](../active-directory-domains-add-azure-portal.md) to your Azure AD tenant. Your users can sign in with one of these domain names.
 
+### In your directory in Active Directory
+
+Run the [IdFix tool](https://docs.microsoft.com/office365/enterprise/prepare-directory-attributes-for-synch-with-idfix) to prepare the directory attributes for synchronization.
+
 ### In your on-premises environment
 
 1. Identify a domain-joined host server running Windows Server 2012 R2 or greater with a minimum of 4-GB RAM and .NET 4.7.1+ runtime.

articles/active-directory/cloud-provisioning/reference-expressions.md

@@ -601,7 +601,7 @@ When **source** value matches a **key**, returns **value** for that **key**. If
 
    | Name | Required/ Repeating | Type | Notes |
    | --- | --- | --- | --- |
-   | **source** |Required |String |**Source** value to update. |
+   | **source** |Required |String |**Source** value to check. |
    | **defaultValue** |Optional |String |Default value to be used when source doesn't match any keys. Can be empty string (""). |
    | **key** |Required |String |**Key** to compare **source** value with. |
    | **value** |Required |String |Replacement value for the **source** matching the key. |

articles/active-directory/cloud-provisioning/tutorial-pilot-aadc-aadccp.md

@@ -7,7 +7,7 @@ manager: daveba
 ms.service: active-directory
 ms.workload: identity
 ms.topic: overview
-ms.date: 12/05/2019
+ms.date: 03/04/2020
 ms.subservice: hybrid
 ms.author: billmath
 ms.collection: M365-identity-device-management
@@ -27,7 +27,7 @@ Before you try this tutorial, consider the following items:
 3. Ensure that the objects in the pilot scope have ms-ds-consistencyGUID populated so cloud provisioning hard matches the objects. 
 
    > [!NOTE]
-   > Azure AD Connect sync does not populate *ms-ds-consistencyGUID* by default for group objects. Follow the steps documented in [this blog post](https://blogs.technet.microsoft.com/markrenoden/2017/10/13/choosing-a-sourceanchor-for-groups-in-multi-forest-sync-with-aad-connect/) to populate *ms-ds-consistencyGUID* for group objects.
+   > Azure AD Connect sync does not populate *ms-ds-consistencyGUID* by default for group objects.
 
 4. This is an advanced scenario. Ensure that you follow the steps documented in this tutorial precisely.
 
@@ -115,7 +115,7 @@ Same steps need to be followed for all object types (user, group and contact).
 
 ## Install the Azure AD Connect provisioning agent
 1. Sign in to the server you will use with enterprise admin permissions.  If you are using the  [Basic AD and Azure environment](tutorial-basic-ad-azure.md) tutorial it would be CP1.
-2. Download the Azure AD Connect cloud provisioning agent [here](https://go.microsoft.com/fwlink/?linkid=2109037).
+2. Download the Azure AD Connect cloud provisioning agent using the steps outlined [here](how-to-install.md#install-the-agent).
 3. Run the Azure AD Connect cloud provisioning (AADConnectProvisioningAgent.Installer)
 3. On the splash screen, **Accept** the licensing terms and click **Install**.</br>
 ![Welcome screen](media/how-to-install/install1.png)</br>

articles/active-directory/hybrid/how-to-connect-fed-group-claims.md

@@ -26,7 +26,7 @@ Azure Active Directory can provide a users group membership information in token
 >
 >- Support for use of sAMAccountName and security identifier (SID) attributes synced from on-premises is designed to enable moving existing applications from AD FS and other identity providers. Groups managed in Azure AD do not contain the attributes necessary to emit these claims.
 >- In larger organizations the number of groups a user is a member of may exceed the limit that Azure Active Directory will add to a token. 150 groups for a SAML token, and 200 for a JWT. This can lead to unpredictable results. If your users have large numbers of group memberships, we recommend using the option to restrict the groups emitted in claims to the relevant groups for the application.  
->- For new application development, or in cases where the application can be configured for it, and where nested group support isn't required, we recommend that in-app authorization is based on application roles rather than groups.  This limits the amount of infomation that needs to go into the token, is more secure, and separates user assignment from app configuration.
+>- For new application development, or in cases where the application can be configured for it, and where nested group support isn't required, we recommend that in-app authorization is based on application roles rather than groups.  This limits the amount of information that needs to go into the token, is more secure, and separates user assignment from app configuration.
 
 ## Group claims for applications migrating from AD FS and other identity providers
 
@@ -221,4 +221,4 @@ To emit group names to be returned in netbiosDomain\samAccountName format as the
 
 [Methods for assigning users and groups to an app](../../active-directory/manage-apps/methods-for-assigning-users-and-groups.md#assign-groups)
 
-[Configure role claims](../../active-directory/develop/active-directory-enterprise-app-role-management.md)
+[Configure role claims](../../active-directory/develop/active-directory-enterprise-app-role-management.md)

articles/active-directory/hybrid/how-to-connect-pta-quick-start.md

@@ -143,7 +143,7 @@ Second, you can create and run an unattended deployment script. This is useful w
         $cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, $SecurePassword
 3. Go to **C:\Program Files\Microsoft Azure AD Connect Authentication Agent** and run the following script using the `$cred` object that you created:
 
-        RegisterConnector.ps1 -modulePath "C:\Program Files\Microsoft Azure AD Connect Authentication Agent\Modules\" -moduleName "AppProxyPSModule" -Authenticationmode Credentials -Usercredentials $cred -Feature PassthroughAuthentication
+        RegisterConnector.ps1 -modulePath "C:\Program Files\Microsoft Azure AD Connect Authentication Agent\Modules\" -moduleName "PassthroughAuthPSModule" -Authenticationmode Credentials -Usercredentials $cred -Feature PassthroughAuthentication
 
 >[!IMPORTANT]
 >If an Authentication Agent is installed on a Virtual Machine, you can't clone the Virtual Machine to setup another Authentication Agent. This method is **unsupported**.

articles/active-directory/hybrid/how-to-connect-syncservice-duplicate-attribute-resiliency.md

@@ -20,7 +20,7 @@ ms.author: billmath
 ms.collection: M365-identity-device-management
 ---
 # Identity synchronization and duplicate attribute resiliency
-Duplicate Attribute Resiliency is a feature in Azure Active Directory that will eliminate friction caused by **UserPrincipalName** and **ProxyAddress** conflicts when running one of Microsoft’s synchronization tools.
+Duplicate Attribute Resiliency is a feature in Azure Active Directory that will eliminate friction caused by **UserPrincipalName** and SMTP **ProxyAddress** conflicts when running one of Microsoft’s synchronization tools.
 
 These two attributes are generally required to be unique across all **User**, **Group**, or **Contact** objects in a given Azure Active Directory tenant.
 
@@ -36,7 +36,10 @@ If there is an attempt to provision a new object with a UPN or ProxyAddress valu
 
 ## Behavior with Duplicate Attribute Resiliency
 Instead of completely failing to provision or update an object with a duplicate attribute, Azure Active Directory “quarantines” the duplicate attribute which would violate the uniqueness constraint. If this attribute is required for provisioning, like UserPrincipalName, the service assigns a placeholder value. The format of these temporary values is  
-“***\<OriginalPrefix>+\<4DigitNumber>\@\<InitialTenantDomain>.onmicrosoft.com***”.  
+_**\<OriginalPrefix>+\<4DigitNumber>\@\<InitialTenantDomain>.onmicrosoft.com**_.
+
+The attribute resiliency process handles only UPN and SMTP **ProxyAddress** values.
+
 If the attribute is not required, like a  **ProxyAddress**, Azure Active Directory simply quarantines the conflict attribute and proceeds with the object creation or update.
 
 Upon quarantining the attribute, information about the conflict is sent in the same error report email used in the old behavior. However, this info only appears in the error report one time, when the quarantine happens, it does not continue to be logged in future emails. Also, since the export for this object has succeeded, the sync client does not log an error and does not retry the create / update operation upon subsequent sync cycles.

articles/active-directory/hybrid/how-to-connect-syncservice-features.md

@@ -91,7 +91,7 @@ Historically, updates to the UserPrincipalName attribute using the sync service
 
 For more details, see [User names in Office 365, Azure, or Intune don't match the on-premises UPN or alternate login ID](https://support.microsoft.com/kb/2523192).
 
-Enabling this feature allows the sync engine to update the userPrincipalName when it is changed on-premises and you use password hash sync or pass-through authentication. If you use federation, this feature is not supported.
+Enabling this feature allows the sync engine to update the userPrincipalName when it is changed on-premises and you use password hash sync or pass-through authentication.
 
 This feature is on by default for newly created Azure AD directories. You can see if this feature is enabled for you by running:  
 

articles/active-directory/hybrid/reference-connect-ports.md

@@ -12,7 +12,7 @@ ms.workload: identity
 ms.tgt_pltfrm: na
 ms.devlang: na
 ms.topic: reference
-ms.date: 08/02/2017
+ms.date: 03/04/2020
 ms.subservice: hybrid
 ms.author: billmath
 
@@ -46,7 +46,7 @@ This table describes the ports and protocols that are required for communication
 | HTTP |80 (TCP) |Used to download CRLs (Certificate Revocation Lists) to verify SSL certificates. |
 | HTTPS |443(TCP) |Used to synchronize with Azure AD. |
 
-For a list of URLs and IP addresses you need to open in your firewall, see [Office 365 URLs and IP address ranges](https://support.office.com/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2).
+For a list of URLs and IP addresses you need to open in your firewall, see [Office 365 URLs and IP address ranges](https://support.office.com/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2) and [Troubleshooting Azure AD Connect connectivity](tshoot-connect-connectivity.md#troubleshoot-connectivity-issues-in-the-installation-wizard).
 
 ## Table 3 - Azure AD Connect and AD FS Federation Servers/WAP
 This table describes the ports and protocols that are required for communication between the Azure AD Connect server and AD FS Federation/WAP servers.