MicrosoftDocs
diff --git a/‎articles/active-directory/develop/v1-protocols-oauth-code.md
Lines changed: 4 additions & 0 deletions b/‎articles/active-directory/develop/v1-protocols-oauth-code.md
Lines changed: 4 additions & 0 deletions
diff --git a/‎articles/active-directory/hybrid/plan-connect-design-concepts.md
Lines changed: 0 additions & 1 deletion b/‎articles/active-directory/hybrid/plan-connect-design-concepts.md
Lines changed: 0 additions & 1 deletion
diff --git a/‎articles/active-directory/managed-identities-azure-resources/services-support-managed-identities.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory/managed-identities-azure-resources/services-support-managed-identities.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/active-directory/reports-monitoring/reference-powershell-reporting.md
Lines changed: 3 additions & 0 deletions b/‎articles/active-directory/reports-monitoring/reference-powershell-reporting.md
Lines changed: 3 additions & 0 deletions
diff --git a/‎articles/active-directory/users-groups-roles/directory-assign-admin-roles.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory/users-groups-roles/directory-assign-admin-roles.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/cognitive-services/text-analytics/quickstarts/csharp.md
Lines changed: 38 additions & 16 deletions b/‎articles/cognitive-services/text-analytics/quickstarts/csharp.md
Lines changed: 38 additions & 16 deletions
@@ -22,6 +22,10 @@ ms.collection: M365-identity-device-management
 
 # Authorize access to Azure Active Directory web applications using the OAuth 2.0 code grant flow
 
+> [!NOTE]
+>  If you don't tell the server what resource you plan to call, then the server will not trigger the conditional access policies for that resource. So in order to have MFA trigger, you will need to include a resource in your URL. 
+>
+
 Azure Active Directory (Azure AD) uses OAuth 2.0 to enable you to authorize access to web applications and web APIs in your Azure AD tenant. This guide is language independent, and describes how to send and receive HTTP messages without using any of our [open-source libraries](active-directory-authentication-libraries.md).
 
 The OAuth 2.0 authorization code flow is described in [section 4.1 of the OAuth 2.0 specification](https://tools.ietf.org/html/rfc6749#section-4.1). It is used to perform authentication and authorization in most application types, including web apps and natively installed apps.
 
@@ -91,7 +91,6 @@ You can enable the use of ConsistencyGuid as sourceAnchor during new installatio
   > Only newer versions of Azure AD Connect (1.1.524.0 and after) support the use of ConsistencyGuid as sourceAnchor during new installation.
 
 ### How to enable the ConsistencyGuid feature
-Currently, the feature can only be enabled during new Azure AD Connect installation only.
 
 #### Express Installation
 When installing Azure AD Connect with Express mode, the Azure AD Connect wizard automatically determines the most appropriate AD attribute to use as the sourceAnchor attribute using the following logic:
 
@@ -71,8 +71,8 @@ Refer to the following list to configure managed identity for Azure App Service
 
 |Managed identity type | All Generally Available<br>Global Azure Regions | Azure Government | Azure Germany | Azure China 21Vianet |
 | --- | --- | --- | --- | --- |
-| System assigned | Preview | Not available | Not available | Not available |
-| User assigned | Preview | Not available | Not available | Not available |
+| System assigned | Available | Available | Not available | Not available |
+| User assigned | Available | Available | Not available | Not available |
 
 Refer to the following list to use a managed identity with [Azure Blueprints](../../governance/blueprints/overview.md):
 
 
@@ -22,6 +22,9 @@ ms.collection: M365-identity-device-management
 ---
 # Azure AD PowerShell cmdlets for reporting
 
+> [!NOTE] 
+> These Powershell cmdlets currently only work with the [Azure AD Preview](https://docs.microsoft.com/en-us/powershell/module/azuread/?view=azureadps-2.0-preview#directory_auditing) Module. Please note that the preview module is not suggested for production use. 
+
 With Azure Active Directory (Azure AD) reports, you can get details on activities around all the write operations in your direction (audit logs) and authentication data (sign-in logs). Although the information is available by using the MS Graph API, now you can retrieve the same data by using the Azure AD PowerShell cmdlets for reporting.
 
 This article gives you an overview of the PowerShell cmdlets to use for audit logs and sign-in logs.
 
@@ -120,7 +120,7 @@ The following administrator roles are available:
 
 * **[Device Administrator](#device-administrators)**: This role is available for assignment only as an additional local administrator in [Device settings](https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/DevicesMenuBlade/DeviceSettings/menuId/). Users with this role become local machine administrators on all Windows 10 devices that are joined to Azure Active Directory. They do not have the ability to manage devices objects in Azure Active Directory. 
 
-* **[Directory Readers](#directory-readers)**: This is a role that should be assigned only to legacy applications that do not support the [Consent Framework](../develop/quickstart-v1-integrate-apps-with-azure-ad.md). Don't assign it to users.
+* **[Directory Readers](#directory-readers)**: This is a role that should be assigned only to legacy applications that do not support the [Consent Framework](../develop/quickstart-v1-integrate-apps-with-azure-ad.md). Users in this role can read basic directory information. This role should be used for: 1) Granting a specific set of guest users read access instead of granting it to all guest users. 2) Granting a specific set of non-admin users access to Azure Portal when "Restrict access to Azure AD portal to admins only" is set to "Yes". 3) Granting service principals access to directory whereDirectory.Read.All is not an option.
 
 * **[Directory Synchronization Accounts](#directory-synchronization-accounts)**: Do not use. This role is automatically assigned to the Azure AD Connect service, and is not intended or supported for any other use.
 
@@ -656,7 +656,7 @@ Users assigned to this role are added to the local administrators group on Azure
 | microsoft.aad.directory/groupSettingTemplates/basic/read | Read basic properties on groupSettingTemplates in Azure Active Directory. |
 
 ### Directory Readers
-Can read basic directory information. For granting access to applications, not intended for users.
+Can read basic directory information. Users in this role can read basic directory information. This role should be used for: 1) Granting a specific set of guest users read access instead of granting it to all guest users. 2) Granting a specific set of non-admin users access to Azure Portal when "Restrict access to Azure AD portal to admins only" is set to "Yes". 3) Granting service principals access to directory whereDirectory.Read.All is not an option.
 
 | **Actions** | **Description** |
 | --- | --- |
 
@@ -9,7 +9,7 @@ manager: nitinme
 ms.service: cognitive-services
 ms.subservice: text-analytics
 ms.topic: quickstart
-ms.date: 08/05/2019
+ms.date: 08/28/2019
 ms.author: assafi
 ---
 # Quickstart: Text analytics client library for .NET
@@ -84,19 +84,36 @@ using Microsoft.Azure.CognitiveServices.Language.TextAnalytics.Models;
 using Microsoft.Rest;
 ```
 
-In the application's `Main` method, create variables for your resource's Azure endpoint and key. If you created the environment variable after you launched the application, you will need to close and reopen the editor, IDE, or shell running it to access the variable. You will define the methods later.
+In the application's `Program` class, create variables for your resource's Azure endpoint and subscription key. In a static constructor, obtain these values from the environment variables `TEXT_ANALYTICS_SUBSCRIPTION_KEY` and `TEXT_ANALYTICS_ENDPOINT`. If you created these environment variables after you began editing the application, you will need to close and reopen the editor, IDE, or shell you are using to access the variables.
+
+```csharp
+private const string key_var = "TEXT_ANALYTICS_SUBSCRIPTION_KEY";
+private static readonly string subscriptionKey = Environment.GetEnvironmentVariable(key_var);
+
+private const string endpoint_var = "TEXT_ANALYTICS_ENDPOINT";
+private static readonly string endpoint = Environment.GetEnvironmentVariable(endpoint_var);
+
+static Program()
+{
+    if (null == subscriptionKey)
+    {
+        throw new Exception("Please set/export the environment variable: " + key_var);
+    }
+    if (null == endpoint)
+    {
+        throw new Exception("Please set/export the environment variable: " + endpoint_var);
+    }
+}
+```
+
+In the application's `Main` method, create credentials to access the Text Analytics endpoint.  You will define the methods called by the `Main` method later.
 
 [!INCLUDE [text-analytics-find-resource-information](../includes/find-azure-resource-info.md)]
 
 ```csharp
 static void Main(string[] args)
 {
-    // replace this endpoint with the correct one for your Azure resource. 
-    string endpoint = $"https://westus.api.cognitive.microsoft.com";
-    //This sample assumes you have created an environment variable for your key
-    string key = Environment.GetEnvironmentVariable("TEXT_ANALYTICS_SUBSCRIPTION_KEY");
-
-    var credentials = new ApiKeyServiceClientCredentials(key);
+    var credentials = new ApiKeyServiceClientCredentials(subscriptionKey);
     TextAnalyticsClient client = new TextAnalyticsClient(credentials)
     {
         Endpoint = endpoint
@@ -105,9 +122,11 @@ static void Main(string[] args)
     Console.OutputEncoding = System.Text.Encoding.UTF8;
     SentimentAnalysisExample(client);
     // languageDetectionExample(client);
-    // RecognizeEntitiesExample(client);
+    // entityRecognitionExample(client);
     // KeyPhraseExtractionExample(client);
-    Console.ReadLine();
+    
+    Console.Write("Press any key to exit.");
+    Console.ReadKey();
 }
 ```
 
@@ -258,14 +277,17 @@ Entities:
 Create a new function called `KeyPhraseExtractionExample()` that takes the client that you created earlier and call its [KeyPhrases()](https://docs.microsoft.com/dotnet/api/microsoft.azure.cognitiveservices.language.textanalytics.textanalyticsclientextensions.keyphrases?view=azure-dotnet#Microsoft_Azure_CognitiveServices_Language_TextAnalytics_TextAnalyticsClientExtensions_KeyPhrases_Microsoft_Azure_CognitiveServices_Language_TextAnalytics_ITextAnalyticsClient_System_String_System_String_System_Nullable_System_Boolean__System_Threading_CancellationToken_) function. The result will contain the list of detected key phrases in `KeyPhrases` if successful, and an `errorMessage` if not. Print any detected key phrases.
 
 ```csharp
-var result = client.KeyPhrases("My cat might need to see a veterinarian.");
+static void KeyPhraseExtractionExample(TextAnalyticsClient client)
+{
+    var result = client.KeyPhrases("My cat might need to see a veterinarian.");
 
-// Printing key phrases
-Console.WriteLine("Key phrases:");
+    // Printing key phrases
+    Console.WriteLine("Key phrases:");
 
-foreach (string keyphrase in result.KeyPhrases)
-{
-    Console.WriteLine($"\t{keyphrase}");
+    foreach (string keyphrase in result.KeyPhrases)
+    {
+        Console.WriteLine($"\t{keyphrase}");
+    }
 }
 ```