Merge pull request #113922 from MicrosoftDocs/repo_sync_working_branch

rmca14 · web-flow · commit 5e1eb39fc277 · 2020-05-05T16:07:58.000-07:00
Confirm merge from repo_sync_working_branch to master to sync with https://github.com/Microsoft/azure-docs (branch master)
diff --git a/articles/active-directory/cloud-provisioning/how-to-prerequisites.md b/articles/active-directory/cloud-provisioning/how-to-prerequisites.md
@@ -43,6 +43,8 @@ Run the [IdFix tool](https://docs.microsoft.com/office365/enterprise/prepare-dir
 
 1. Identify a domain-joined host server running Windows Server 2012 R2 or greater with a minimum of 4-GB RAM and .NET 4.7.1+ runtime.
 
+1. The PowerShell execution policy on the local server must be set to Undefined or RemoteSigned.
+
 1. If there's a firewall between your servers and Azure AD, configure the following items:
    - Ensure that agents can make *outbound* requests to Azure AD over the following ports:
 
diff --git a/articles/active-directory/develop/active-directory-configurable-token-lifetimes.md b/articles/active-directory/develop/active-directory-configurable-token-lifetimes.md
@@ -20,7 +20,7 @@ ms.reviewer: hirsin, jlu, annaba
 You can specify the lifetime of a token issued by Azure Active Directory (Azure AD). You can set token lifetimes for all apps in your organization, for a multi-tenant (multi-organization) application, or for a specific service principal in your organization.
 
 > [!IMPORTANT]
-> After hearing from customers during the preview, we've implemented [authentication session management capabilities](https://go.microsoft.com/fwlink/?linkid=2083106) in Azure AD Conditional Access. You can use this new feature to configure refresh token lifetimes by setting sign in frequency. After May 1, 2020 you will not be able to use Configurable Token Lifetime policy to configure session and refresh tokens. You can still configure access token lifetimes after the deprecation.
+> After hearing from customers during the preview, we've implemented [authentication session management capabilities](https://go.microsoft.com/fwlink/?linkid=2083106) in Azure AD Conditional Access. You can use this new feature to configure refresh token lifetimes by setting sign in frequency. After May 30, 2020 no new tenant will be able to use Configurable Token Lifetime policy to configure session and refresh tokens. The deprecation will happen within several months after that, which means that we will stop honoring existing session and refresh tokens polices. You can still configure access token lifetimes after the deprecation.
 
 In Azure AD, a policy object represents a set of rules that are enforced on individual applications or on all applications in an organization. Each policy type has a unique structure, with a set of properties that are applied to objects to which they are assigned.
 
diff --git a/articles/active-directory/develop/quickstart-v2-aspnet-webapp.md b/articles/active-directory/develop/quickstart-v2-aspnet-webapp.md
@@ -40,7 +40,7 @@ In this quickstart, you use a code sample to learn how an ASP.NET web app to sig
 > 1. Select **New registration**.
 > 1. When the **Register an application** page appears, enter your application's registration information:
 >      - In the **Name** section, enter a meaningful application name that will be displayed to users of the app, for example `ASPNET-Quickstart`.
->      - Add `http://localhost:44368/` in **Redirect URI**, and click **Register**.
+>      - Add `https://localhost:44368/` in **Redirect URI**, and click **Register**.
 >      - From the left navigation pane under the Manage section, select **Authentication**
 >          - Under the **Implicit Grant** sub-section, select **ID tokens**.
 >          - And then select **Save**.
diff --git a/articles/active-directory/develop/single-sign-on-saml-protocol.md b/articles/active-directory/develop/single-sign-on-saml-protocol.md
@@ -149,12 +149,12 @@ The `Response` element includes the result of the authorization request. Azure A
 
 ### Issuer
 
-Azure AD sets the `Issuer` element to `https://login.microsoftonline.com/<TenantIDGUID>/` where \<TenantIDGUID> is the tenant ID of the Azure AD tenant.
+Azure AD sets the `Issuer` element to `https://sts.windows.net/<TenantIDGUID>/` where \<TenantIDGUID> is the tenant ID of the Azure AD tenant.
 
 For example, a response with Issuer element could look like the following sample:
 
 ```
-<Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion"> https://login.microsoftonline.com/82869000-6ad1-48f0-8171-272ed18796e9/</Issuer>
+<Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion"> https://sts.windows.net/82869000-6ad1-48f0-8171-272ed18796e9/</Issuer>
 ```
 
 ### Status
@@ -187,7 +187,7 @@ In addition to the `ID`, `IssueInstant` and `Version`, Azure AD sets the followi
 This is set to `https://sts.windows.net/<TenantIDGUID>/`where \<TenantIDGUID> is the Tenant ID of the Azure AD tenant.
 
 ```
-<Issuer>https://login.microsoftonline.com/82869000-6ad1-48f0-8171-272ed18796e9/</Issuer>
+<Issuer>https://sts.windows.net/82869000-6ad1-48f0-8171-272ed18796e9/</Issuer>
 ```
 
 #### Signature
diff --git a/articles/advisor/advisor-overview.md b/articles/advisor/advisor-overview.md
@@ -19,7 +19,7 @@ With Advisor, you can:
 
 You can access Advisor through the [Azure portal](https://aka.ms/azureadvisordashboard). Sign in to the [portal](https://portal.azure.com), locate **Advisor** in the navigation menu, or search for it in the **All services** menu.
 
-The Advisor dashboard displays personalized recommendations for all your subscriptions.  You can apply filters to display recommendations for specific subscriptions and resource types.  The recommendations are divided into four categories: 
+The Advisor dashboard displays personalized recommendations for all your subscriptions.  You can apply filters to display recommendations for specific subscriptions and resource types.  The recommendations are divided into five categories: 
 
 * **High Availability**: To ensure and improve the continuity of your business-critical applications. For more information, see [Advisor High Availability recommendations](advisor-high-availability-recommendations.md).
 * **Security**: To detect threats and vulnerabilities that might lead to security breaches. For more information, see [Advisor Security recommendations](advisor-security-recommendations.md).
diff --git a/articles/aks/use-network-policies.md b/articles/aks/use-network-policies.md
@@ -477,7 +477,7 @@ To learn more about policies, see [Kubernetes network policies][kubernetes-netwo
 
 <!-- LINKS - internal -->
 [install-azure-cli]: /cli/azure/install-azure-cli
-[use-advanced-networking]: configure-advanced-networking.md
+[use-advanced-networking]: configure-azure-cni.md
 [az-aks-get-credentials]: /cli/azure/aks?view=azure-cli-latest#az-aks-get-credentials
 [concepts-network]: concepts-network.md
 [az-feature-register]: /cli/azure/feature#az-feature-register
diff --git a/articles/aks/windows-container-cli.md b/articles/aks/windows-container-cli.md
@@ -292,7 +292,7 @@ To learn more about AKS, and walk through a complete code to deployment example,
 [kubernetes-service]: concepts-network.md#services
 [kubernetes-dashboard]: kubernetes-dashboard.md
 [restricted-vm-sizes]: quotas-skus-regions.md#restricted-vm-sizes
-[use-advanced-networking]: configure-advanced-networking.md
+[use-advanced-networking]: configure-azure-cni.md
 [aks-support-policies]: support-policies.md
 [aks-faq]: faq.md
 [az-extension-add]: /cli/azure/extension#az-extension-add
diff --git a/articles/app-service/environment/firewall-integration.md b/articles/app-service/environment/firewall-integration.md
@@ -170,6 +170,7 @@ With an Azure Firewall, you automatically get everything below configured with t
 |azglobal-red.azglobal.metrics.nsatc.net:443 |
 |antares-black.antares.metrics.nsatc.net:443 |
 |antares-red.antares.metrics.nsatc.net:443 |
+|prod.microsoftmetrics.com:443 |
 |maupdateaccount.blob.core.windows.net:443 |
 |clientconfig.passport.net:443 |
 |packages.microsoft.com:443 |
@@ -186,6 +187,8 @@ With an Azure Firewall, you automatically get everything below configured with t
 |admin.core.windows.net:443 |
 |prod.warmpath.msftcloudes.com:443 |
 |prod.warmpath.msftcloudes.com:80 |
+|gcs.prod.monitoring.core.windows.net:80|
+|gcs.prod.monitoring.core.windows.net:443|
 |azureprofileruploads.blob.core.windows.net:443 |
 |azureprofileruploads2.blob.core.windows.net:443 |
 |azureprofileruploads3.blob.core.windows.net:443 |
diff --git a/articles/azure-monitor/app/javascript.md b/articles/azure-monitor/app/javascript.md
@@ -141,7 +141,14 @@ Most configuration fields are named such that they can be defaulted to false. Al
 
 By default, this SDK will **not** handle state-based route changing that occurs in single page applications. To enable automatic route change tracking for your single page application, you can add `enableAutoRouteTracking: true` to your setup configuration.
 
-Currently, we offer a separate [React plugin](#react-extensions) which you can initialize with this SDK. It will also accomplish route change tracking for you, as well as collect [other React specific telemetry](https://github.com/microsoft/ApplicationInsights-JS/blob/17ef50442f73fd02a758fbd74134933d92607ecf/extensions/applicationinsights-react-js/README.md).
+Currently, we offer a separate [React plugin](#react-extensions), which you can initialize with this SDK. It will also accomplish route change tracking for you, as well as collect [other React specific telemetry](https://github.com/microsoft/ApplicationInsights-JS/blob/17ef50442f73fd02a758fbd74134933d92607ecf/extensions/applicationinsights-react-js/README.md).
+
+> [!NOTE]
+> Use `enableAutoRouteTracking: true` only if you are **not** using the React plugin. Both are capable of sending new PageViews when the route changes. If both are enabled, duplicate PageViews may be sent.
+
+## Configuration: autoTrackPageVisitTime
+
+By setting `autoTrackPageVisitTime: true`, the time a user spends on each page is tracked. On each new PageView, the duration the user spent on the *previous* page is sent as a [custom metric](https://docs.microsoft.com/azure/azure-monitor/platform/metrics-custom-overview) named `PageVisitTime`. This custom metric is viewable in the [Metrics Explorer](https://docs.microsoft.com/azure/azure-monitor/platform/metrics-getting-started) as a "log-based metric".
 
 ## React extensions
 
diff --git a/articles/azure-monitor/app/performance-counters.md b/articles/azure-monitor/app/performance-counters.md
@@ -70,7 +70,7 @@ To collect system performance counters and send them to Application Insights, yo
 ```csharp
     var perfCollectorModule = new PerformanceCollectorModule();
     perfCollectorModule.Counters.Add(new PerformanceCounterCollectionRequest(
-      @"\Process([replace-with-application-process-name])\Page Faults/sec", "PageFaultsPerfSec")));
+      @"\Process([replace-with-application-process-name])\Page Faults/sec", "PageFaultsPerfSec"));
     perfCollectorModule.Initialize(TelemetryConfiguration.Active);
 ```
 
diff --git a/articles/azure-monitor/platform/partners.md b/articles/azure-monitor/platform/partners.md
@@ -275,7 +275,7 @@ Turbonomic delivers workload automation for hybrid clouds by simultaneously opti
 [appdynamics-doc]: https://www.appdynamics.com/net/azure/ "AppDynamics documentation."
 [atlassian-doc]: https://azure.microsoft.com/blog/automated-notifications-from-azure-monitor-for-atlassian-jira/
 [botmetric-doc]: https://www.botmetric.com/blog/announcing-botmetric-cost-governance-beta-microsoft-azure/ "Botmetric introduction."
-[circonus-doc]: https://support.circonus.com/support/solutions/articles/24000013515-azure-integration 
+[circonus-doc]: https://docs.circonus.com/circonus/agents/cloud-agent/azure/ 
 [cloudhealth-doc]: https://www.cloudhealthtech.com/azure
 [cloudmonix-doc]: https://cloudmonix.com/features/azure-management/ "CloudMonix introduction."
 [datadog-doc]: https://docs.datadoghq.com/integrations/azure/ "Datadog documentation."
diff --git a/articles/azure-monitor/platform/stream-monitoring-data-event-hubs.md b/articles/azure-monitor/platform/stream-monitoring-data-event-hubs.md
@@ -18,7 +18,7 @@ Azure Monitor provides a complete full stack monitoring solution for application
 Before you configure streaming for any data source, you need to [create an Event Hubs namespace and event hub](../../event-hubs/event-hubs-create.md). This namespace and event hub is the destination for all of your monitoring data. An Event Hubs namespace is a logical grouping of event hubs that share the same access policy, much like a storage account has individual blobs within that storage account. Consider the following details about the event hubs namespace and event hubs that you use for streaming monitoring data:
 
 * The number of throughput units allows you to increase throughput scale for your event hubs. Only one throughput unit is typically necessary. If you need to scale up as your log usage increases, you can manually increase the number of throughput units for the namespace or enable auto inflation.
-* The number of partitions allows you to parallelize consumption across many consumers. A single partition can support up to 20MBps or approximately 20,000 messages per second. Depending on the tool consuming the data, it may or may not support consuming from multiple partitions. Four partitions is reasonable to start if you're unsure about if you're not sure about the number of partitions to set.
+* The number of partitions allows you to parallelize consumption across many consumers. A single partition can support up to 20MBps or approximately 20,000 messages per second. Depending on the tool consuming the data, it may or may not support consuming from multiple partitions. Four partitions is reasonable to start with if you're not sure about the number of partitions to set.
 * You set message retention on your event hub to at least 7 days. If your consuming tool goes down for more than a day, this ensures that the tool can pick up where it left off for events up to 7 days old.
 * You should use the default consumer group for your event hub. There is no need to create other consumer groups or use a separate consumer group unless you plan to have two different tools consume the same data from the same event hub.
 * For the Azure Activity log, you pick an Event Hubs namespace, and Azure Monitor creates an event hub within that namespace called _insights-logs-operational-logs_. For other log types, you can either choose an existing event hub or have Azure Monitor create an event hub per log category.
diff --git a/articles/cognitive-services/Speech-Service/speech-container-howto.md b/articles/cognitive-services/Speech-Service/speech-container-howto.md
@@ -24,7 +24,7 @@ Speech containers enable customers to build a speech application architecture th
 | Function | Features | Latest |
 |--|--|--|
 | Speech-to-text | Analyzes sentiment and transcribes continuous real-time speech or batch audio recordings with intermediate results.  | 2.2.0 |
-| Custom Speech-to-text | Using a custom model from the [Custom Speech portal](https://speech.microsoft.com/customspeech), transcribes continuous real-time speech or batch audio recordings into text with intermediate results. | 2.1.1 |
+| Custom Speech-to-text | Using a custom model from the [Custom Speech portal](https://speech.microsoft.com/customspeech), transcribes continuous real-time speech or batch audio recordings into text with intermediate results. | 2.2.0 |
 | Text-to-speech | Converts text to natural-sounding speech with plain text input or Speech Synthesis Markup Language (SSML). | 1.3.0 |
 | Custom Text-to-speech | Using a custom model from the [Custom Voice portal](https://aka.ms/custom-voice-portal), converts text to natural-sounding speech with plain text input or Speech Synthesis Markup Language (SSML). | 1.3.0 |
 
diff --git a/articles/container-registry/container-registry-helm-repos.md b/articles/container-registry/container-registry-helm-repos.md
@@ -27,6 +27,7 @@ You can use either Helm 3 or Helm 2 to host Helm charts in Azure Container Regis
 
 * For most scenarios, we recommend using the Helm 3 workflow with native `helm chart` commands to manage charts as OCI artifacts.
 * As of Helm 3, [az acr helm][az-acr-helm] commands are supported for compatibility with the Helm 2 client and chart format. Future development of these commands isn't currently planned. See the [product roadmap](https://github.com/Azure/acr/blob/master/docs/acr-roadmap.md#acr-helm-ga).
+* Helm 2 charts cannot be viewed or managed using the Azure portal.
 
 ## Use the Helm 3 client
 
diff --git a/articles/databox/data-box-deploy-ordered.md b/articles/databox/data-box-deploy-ordered.md
@@ -84,7 +84,7 @@ Perform the following steps in the Azure portal to order a device.
 
     The storage account specified for managed disks is used as a staging storage account. The Data Box service uploads the VHDs as page blobs to the staging storage account before converting it into managed disks and moving it to the resource groups. For more information, see [Verify data upload to Azure](data-box-deploy-picked-up.md#verify-data-upload-to-azure).
 
-7. In the **Shipping address**, provide your first and last name, name and postal address of the company, and a valid phone number. Click **Validate address**. The service validates the shipping address for service availability. If the service is available for the specified shipping address, you receive a notification to that effect. Click **Next**.
+7. In the **Shipping address**, provide your first and last name, name and postal address of the company, and a valid phone number. Click **Validate address**. The service validates the shipping address for service availability. If the service is available for the specified shipping address, you receive a notification to that effect. Customers using the service in Japan, Singapore, Korea, and West Europe have the option to select self-managed shipping while placing the order. After the order is placed successfully, you will receive an email with instructions to pick up the device from the designated Azure Datacenter. Click **Next** once the shipping details have been validated successfully.
 
 8. In the **Notification details**, specify email addresses. The service sends email notifications regarding any updates to the order status to the specified email addresses.
 
diff --git a/articles/databox/data-box-disk-deploy-ordered.md b/articles/databox/data-box-disk-deploy-ordered.md
@@ -97,7 +97,7 @@ Take the following steps to order Data Box Disk.
 
     ![Supply order details](media/data-box-disk-deploy-ordered/data-box-order-details.png)
 
-14. In the **Shipping address** tab, provide your first and last name, name and postal address of the company and a valid phone number. Click **Validate address**. The service validates the shipping address for service availability. If the service is available for the specified shipping address, you receive a notification to that effect. 
+14. In the **Shipping address** tab, provide your first and last name, name and postal address of the company and a valid phone number. Click **Validate address**. The service validates the shipping address for service availability. If the service is available for the specified shipping address, you receive a notification to that effect. Customers using the service in Japan, Singapore, Korea, and West Europe have the option to select self-managed shipping while placing the order. After the order is placed successfully, you will receive an email with instructions to pick up the device from the designated Azure Datacenter.
 
     ![Provide shipping address](media/data-box-disk-deploy-ordered/data-box-shipping-address.png)
 15. In the **Notification details**, specify email addresses. The service sends email notifications regarding any updates to the order status to the specified email addresses. 
diff --git a/articles/iot-edge/troubleshoot.md b/articles/iot-edge/troubleshoot.md
@@ -131,6 +131,20 @@ On Windows:
    . {Invoke-WebRequest -useb aka.ms/iotedge-win} | Invoke-Expression; Get-IoTEdgeLog -StartTime ([datetime]::Now.AddMinutes(-5))
    ```
 
+* View more detailed logs of the IoT Edge security manager:
+
+  * Add a system-level environment variable:
+
+      ```powershell
+      [Environment]::SetEnvironmentVariable("IOTEDGE_LOG", "edgelet=debug", [EnvironmentVariableTarget]::Machine)
+      ```
+
+  * Restart the IoT Edge Security Daemon:
+
+      ```powershell
+      Restart-Service iotedge
+      ```
+
 ### If the IoT Edge security manager is not running, verify your yaml configuration file
 
 > [!WARNING]
diff --git a/articles/machine-learning/monitor-resource-reference.md b/articles/machine-learning/monitor-resource-reference.md
@@ -5,7 +5,7 @@ description: Learn about the data and resources collected for Azure Machine Lear
 services: machine-learning
 ms.service: machine-learning
 ms.subservice: core
-ms.topic: conceptual
+ms.topic: reference
 
 ms.reviewer: larryfr
 ms.author: aashishb
diff --git a/articles/openshift/create-private-cluster.md b/articles/openshift/create-private-cluster.md
diff --git a/articles/openshift/tutorial-create-cluster.md b/articles/openshift/tutorial-create-cluster.md
diff --git a/articles/virtual-machines/linux/suse-create-upload-vhd.md b/articles/virtual-machines/linux/suse-create-upload-vhd.md
diff --git a/articles/virtual-machines/troubleshooting/troubleshoot-activation-problems.md b/articles/virtual-machines/troubleshooting/troubleshoot-activation-problems.md
diff --git a/articles/virtual-machines/windows/disk-encryption-overview.md b/articles/virtual-machines/windows/disk-encryption-overview.md
