Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into asc-melvyn-release-notes

Author: memildin

.openpublishing.redirection.json

@@ -28138,6 +28138,11 @@
       "redirect_url": "/azure/storage/blobs/access-tiers-overview",
       "redirect_document_id": true
     },
+    {
+      "source_path_from_root": "/articles/storage/common/storage-auth-aad-msi.md",
+      "redirect_url": "/azure/storage/blobs/authorize-managed-identity",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/storage/storage-c-plus-plus-how-to-use-blobs.md",
       "redirect_url": "/azure/storage/blobs/storage-c-plus-plus-how-to-use-blobs",

CODEOWNERS

@@ -10,19 +10,20 @@
 /includes/policy/ @DCtheGeek
 
 # Azure Monitor
-/articles/azure-monitor/* @bwren
-/articles/azure-monitor/agents @bwren
-/articles/azure-monitor/alerts @rboucher
-/articles/azure-monitor/app @bwren @lgayhardt
-/articles/azure-monitor/autoscale @rboucher
-/articles/azure-monitor/containers @bwren
-/articles/azure-monitor/essentials @bwren @rboucher
-/articles/azure-monitor/insights @bwren @rboucher @lgayhardt
-/articles/azure-monitor/logs @bwren
-/articles/azure-monitor/visualize @bwren @lgayhardt
-/articles/azure-monitor/vm @bwren
-/articles/advisor @rboucher
-/articles/service-health @rboucher
+articles/azure-monitor/* @bwren
+articles/azure-monitor/agents @bwren
+articles/azure-monitor/alerts @rboucher @abbyMSFT
+articles/azure-monitor/app @bwren 
+articles/azure-monitor/autoscale @rboucher
+articles/azure-monitor/containers @bwren
+articles/azure-monitor/essentials @bwren @rboucher
+articles/azure-monitor/insights @bwren @rboucher 
+articles/azure-monitor/logs @bwren @abbyMSFT
+articles/azure-monitor/visualize @bwren  @rboucher
+articles/azure-monitor/vm @bwren
+articles/advisor @rboucher
+articles/service-health @rboucher
+
 
 # Azure Active Directory
 /articles/active-directory-b2c/ @msmimart @yoelhor

articles/active-directory-b2c/add-password-reset-policy.md

@@ -144,6 +144,7 @@ A claims transformation technical profile initiates the **isForgotPassword** cla
         <OutputClaims>
           <OutputClaim ClaimTypeReferenceId="isForgotPassword" DefaultValue="true" AlwaysUseDefaultValue="true"/>
         </OutputClaims>
+        <UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
       </TechnicalProfile>
       <TechnicalProfile Id="SelfAsserted-LocalAccountSignin-Email">
         <Metadata>

articles/active-directory-b2c/deploy-custom-policies-devops.md

@@ -172,13 +172,13 @@ A pipeline task is a pre-packaged script that performs an action. Add a task tha
 
 
         ```PowerShell
-        -ClientID $(clientId) -ClientSecret $(clientSecret) -TenantId $(tenantId) -Folder $(System.DefaultWorkingDirectory)/policyRepo/B2CAssets/ -Files "TrustFrameworkBase.xml,TrustFrameworkExtensions.xml,SignUpOrSignin.xml,ProfileEdit.xml,PasswordReset.xml"
+        -ClientID $(clientId) -ClientSecret $(clientSecret) -TenantId $(tenantId) -Folder $(System.DefaultWorkingDirectory)/policyRepo/B2CAssets/ -Files "TrustFrameworkBase.xml,TrustFrameworkLocalization.xml,TrustFrameworkExtensions.xml,SignUpOrSignin.xml,ProfileEdit.xml,PasswordReset.xml"
         ```
         
         The `-Files` parameter is a comma delimiter list of policy files to deploy. Update the list with your policy files.
         
         > [!IMPORTANT]
-        >  Ensure the policies are uploaded in the correct order. First the base policy, the extensions policy, then the relying party policies. For example,  `TrustFrameworkBase.xml,TrustFrameworkExtensions.xml,SignUpOrSignin.xml`.
+        >  Ensure the policies are uploaded in the correct order. First the base policy, the extensions policy, then the relying party policies. For example,  `TrustFrameworkBase.xml,TrustFrameworkLocalization.xml,TrustFrameworkExtensions.xml,SignUpOrSignin.xml`.
         
 1. Select **Save** to save the Agent job.
 

articles/active-directory-b2c/deploy-custom-policies-github-action.md

@@ -94,7 +94,7 @@ To create a workflow, follow these steps:
           uses: azure-ad-b2c/deploy-trustframework-policy@v3
           with:
             folder: "./Policies"
-            files: "TrustFrameworkBase.xml,TrustFrameworkExtensions.xml,SignUpOrSignin.xml"
+            files: "TrustFrameworkBase.xml,TrustFrameworkLocalization.xml,TrustFrameworkExtensions.xml,SignUpOrSignin.xml"
             tenant: ${{ env.tenant }}
             clientId: ${{ env.clientId }}
             clientSecret: ${{ secrets.clientSecret }}
@@ -107,12 +107,13 @@ To create a workflow, follow these steps:
     | `env` | `clientId` | **Application (client) ID** of the application you registered in the [Register an MS Graph application](#register-a-microsoft-graph-application) step. |
     |`env`| `tenant` | Your Azure AD B2C [tenant name](tenant-management.md#get-your-tenant-name) (for example, contoso.onmicrosoft.com). |
     | `with`| `folder`| A folder where the custom policies files are stored, for example, `./Policies`.|
-    | `with`| `files` | Comma-delimited list of policy files to deploy, for example, `TrustFrameworkBase.xml,TrustFrameworkExtensions.xml,SignUpOrSignin.xml`.|
+    | `with`| `files` | Comma-delimited list of policy files to deploy, for example, `TrustFrameworkBase.xml,TrustFrameworkLocalization.xml,TrustFrameworkExtensions.xml,SignUpOrSignin.xml`.|
 
     > [!IMPORTANT]
     > When running the agents and uploading the policy files, make sure they're uploaded in the correct order:
     >
     > 1. *TrustFrameworkBase.xml*
+    > 1. *TrustFrameworkLocalization.xml*
     > 1. *TrustFrameworkExtensions.xml*
     > 1. *SignUpOrSignin.xml*
     > 1. *ProfileEdit.xml*

articles/active-directory-b2c/tutorial-create-user-flows.md

@@ -8,7 +8,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: tutorial
-ms.date: 09/20/2021
+ms.date: 10/12/2021
 ms.author: mimart
 ms.subservice: B2C
 zone_pivot_groups: b2c-policy-type
@@ -251,6 +251,7 @@ Custom policies are a set of XML files you upload to your Azure AD B2C tenant to
 Each starter pack contains:
 
 - **Base file** - Few modifications are required to the base. Example: *TrustFrameworkBase.xml*
+- **Localization file** - This file is where localization changes are made. Example: *TrustFrameworkLocalization.xml*
 - **Extension file** - This file is where most configuration changes are made. Example: *TrustFrameworkExtensions.xml*
 - **Relying party files** - Task-specific files called by your application. Examples: *SignUpOrSignin.xml*, *ProfileEdit.xml*, *PasswordReset.xml*
 
@@ -285,10 +286,11 @@ Add the application IDs to the extensions file *TrustFrameworkExtensions.xml*.
 1. Select **Upload custom policy**.
 1. In this order, upload the policy files:
     1. *TrustFrameworkBase.xml*
-    1. *TrustFrameworkExtensions.xml*
-    1. *SignUpOrSignin.xml*
-    1. *ProfileEdit.xml*
-    1. *PasswordReset.xml*
+    2. *TrustFrameworkLocalization.xml*
+    3. *TrustFrameworkExtensions.xml*
+    4. *SignUpOrSignin.xml*
+    5. *ProfileEdit.xml*
+    6. *PasswordReset.xml*
 
 As you upload the files, Azure adds the prefix `B2C_1A_` to each.
 

articles/active-directory-domain-services/join-ubuntu-linux-vm.md

@@ -10,7 +10,7 @@ ms.service: active-directory
 ms.subservice: domain-services
 ms.workload: identity
 ms.topic: how-to
-ms.date: 07/13/2020
+ms.date: 10/11/2021
 ms.author: justinha
 ms.custom: fasttrack-edit
 
@@ -31,7 +31,7 @@ To complete this tutorial, you need the following resources and privileges:
     * If needed, [create an Azure Active Directory tenant][create-azure-ad-tenant] or [associate an Azure subscription with your account][associate-azure-ad-tenant].
 * An Azure Active Directory Domain Services managed domain enabled and configured in your Azure AD tenant.
     * If needed, the first tutorial [creates and configures an Azure Active Directory Domain Services managed domain][create-azure-ad-ds-instance].
-* A user account that's a part of the managed domain.
+* A user account that's a part of the managed domain. Make sure the SAMAccountName attribute for the user is not autogenerated. If multiple user accounts in the Azure AD tenant have the same mailNickname attribute, the SAMAccountName attribute for each user is autogenerated. For more information, see [How objects and credentials are synchronized in an Azure Active Directory Domain Services managed domain](synchronization.md).
 * Unique Linux VM names that are a maximum of 15 characters to avoid truncated names that might cause conflicts in Active Directory.
 
 ## Create and connect to an Ubuntu Linux VM

articles/active-directory-domain-services/policy-reference.md

@@ -1,7 +1,7 @@
 ---
 title: Built-in policy definitions for Azure Active Directory Domain Services
 description: Lists Azure Policy built-in policy definitions for Azure Active Directory Domain Services. These built-in policy definitions provide common approaches to managing your Azure resources.
-ms.date: 09/17/2021
+ms.date: 10/11/2021
 ms.service: active-directory
 ms.subservice: domain-services
 author: justinha

articles/active-directory-domain-services/synchronization.md

@@ -10,7 +10,7 @@ ms.service: active-directory
 ms.subservice: domain-services
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 03/26/2021
+ms.date: 10/11/2021
 ms.author: justinha
 
 ---
@@ -72,7 +72,7 @@ The following table illustrates how specific attributes for user objects in Azur
 | mailNickname |SAMAccountName (may sometimes be autogenerated) |
 | manager |manager |
 | mobile |mobile |
-| objectid |msDS-AzureADObjectId |
+| objectid |msDS-aadObjectId |
 | onPremiseSecurityIdentifier |sidHistory |
 | passwordPolicies |userAccountControl (sets or clears the DONT_EXPIRE_PASSWORD bit) |
 | physicalDeliveryOfficeName |physicalDeliveryOfficeName |

articles/active-directory/authentication/howto-authentication-passwordless-deployment.md

@@ -297,7 +297,7 @@ Here are the sample test cases for passwordless authentication with security key
 | User can't perform combined registration.| Ensure [combined registration](concept-registration-mfa-sspr-combined.md) is enabled. |
 | User can't add a security key in their [security settings](https://aka.ms/mysecurityinfo).| Ensure that [security keys](howto-authentication-passwordless-security-key.md) are enabled. |
 | User can't add security key in Windows 10 sign-in options.| [Ensure that security keys for Windows sign in](concept-authentication-passwordless.md) are enabled |
-| **Error message**: We detected that this browser or OS doesn't support FIDO2 security keys.| Passwordless FIDO2 security devices can only be registered in supported browsers (Microsoft Edge, Firefox version 67) o Windows 10 version 1809 or higher. |
+| **Error message**: We detected that this browser or OS doesn't support FIDO2 security keys.| Passwordless FIDO2 security devices can only be registered in supported browsers (Microsoft Edge, Firefox version 67) on Windows 10 version 1809 or higher. |
 | **Error message**: Your company policy requires that you use a different method to sign in.| Ensure security keys are enabled in the tenant. |
 | User unable to manage my security key on Windows 10 version 1809| Version 1809 requires that you use the security key management software provided by the FIDO2 key vendor. Contact the vendor for support. |
 | I think my FIDO2 security key may be defective—how can I test it.| Navigate to [https://webauthntest.azurewebsites.net/](https://webauthntest.azurewebsites.net/), enter credentials for a test account, plug in the suspect security key, select the + button at the top right of the screen, select create, and go through the creation process. If this scenario fails, your device may be defective. |
@@ -382,4 +382,4 @@ Select the user row, and then select the **Authentication Details** tab to view
 
 * [Learn how passwordless authentication works](concept-authentication-passwordless.md)
 
-* [Deploy other identity features](../fundamentals/active-directory-deployment-plans.md)
+* [Deploy other identity features](../fundamentals/active-directory-deployment-plans.md)