Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into heidist-search

Author: HeidiSteen

articles/firewall/rule-processing.md

@@ -5,23 +5,25 @@ services: firewall
 author: vhorne
 ms.service: firewall
 ms.topic: article
-ms.date: 03/10/2020
+ms.date: 04/10/2020
 ms.author: victorh
 ---
 
 # Azure Firewall rule processing logic
-You can configure NAT rules, network rules, and applications rules on Azure Firewall. The rules are processed according to the rule type. 
+You can configure NAT rules, network rules, and applications rules on Azure Firewall. Rule collections are processed according to the rule type in priority order, lower numbers to higher numbers from 100 to 65,000. A rule collection name can have only letters, numbers, underscores, periods, or hyphens. It must begin with a letter or number, and end with a letter, number or underscore. The maximum name length is 80 characters.
+
+It's best to initially space your rule collection priority numbers in 100 increments (100, 200, 300, and so on) so you have room to add more rule collections if needed.
 
 > [!NOTE]
 > If you enable threat intelligence-based filtering, those rules are highest priority and are always processed first. Threat-intelligence filtering may deny traffic before any configured rules are processed. For more information, see [Azure Firewall threat intelligence-based filtering](threat-intel.md).
 
-## Outbound
+## Outbound connectivity
 
 ### Network rules and applications rules
 
 If you configure network rules and application rules, then network rules are applied in priority order before application rules. The rules are terminating. So if a match is found in a network rule, no other rules are processed.  If there is no network rule match, and if the protocol is HTTP, HTTPS, or MSSQL, then the packet is then evaluated by the application rules in priority order. If still no match is found, then the packet is evaluated against the [infrastructure rule collection](infrastructure-fqdns.md). If there is still no match, then the packet is denied by default.
 
-## Inbound
+## Inbound connectivity
 
 ### NAT rules
 

articles/governance/policy/concepts/guest-configuration.md

@@ -222,6 +222,7 @@ locations:
 
 ## Next steps
 
+- Learn how to view the details each setting from the [Guest Configuration compliance view](../how-to/determine-non-compliance.md#compliance-details-for-guest-configuration)
 - Review examples at [Azure Policy samples](../samples/index.md).
 - Review the [Azure Policy definition structure](definition-structure.md).
 - Review [Understanding policy effects](effects.md).

articles/lab-services/classroom-labs/administrator-guide.md

@@ -152,6 +152,9 @@ The location that a classroom lab exists in varies based on the following factor
 
     When there is **no** VNet peered and [lab creators are allowed to pick the lab location](https://docs.microsoft.com/azure/lab-services/classroom-labs/allow-lab-creator-pick-lab-location), the locations that can be selected by the lab creator are based on available capacity.
 
+> [!NOTE]
+> To help ensure that there is sufficient VM capacity for a region, it's important that you first request capacity through the lab account or when creating the lab.
+
 A general rule is to set a resource's region to one that is closest to its users. For classroom labs, this means creating the classroom lab closest to your students. For online courses where students are located all over the world, you need to use your best judgment to create a classroom lab that's centrally located. Or, split a class into multiple classroom labs based on your students' region.
 
 ### Shared image gallery
@@ -165,7 +168,7 @@ When administrators or lab creators create a classroom lab, they can choose from
 | ---- | ----- | ------ | ------------- |
 | Small| <ul><li>2 Cores</li><li>3.5 GB RAM</li> | [Standard_A2_v2](https://docs.microsoft.com/azure/virtual-machines/av2-series?toc=/azure/virtual-machines/linux/toc.json&bc=/azure/virtual-machines/linux/breadcrumb/toc.json) | This size is best suited for command line, opening web browser, low traffic web servers, small to medium databases. |
 | Medium | <ul><li>4 Cores</li><li>7 GB RAM</li> | [Standard_A4_v2](https://docs.microsoft.com/azure/virtual-machines/av2-series?toc=/azure/virtual-machines/linux/toc.json&bc=/azure/virtual-machines/linux/breadcrumb/toc.json) | This size is best suited for relational databases, in-memory caching, and analytics. |
-| Medium (Nested virtualization) | <ul><li>4 Cores</li><li>16 GB RAM</li></ul> | [Standard_DC4s_v2](https://docs.microsoft.com/azure/virtual-machines/dcv2-series?toc=/azure/virtual-machines/linux/toc.json&bc=/azure/virtual-machines/linux/breadcrumb/toc.json) | This size is best suited for relational databases, in-memory caching, and analytics.  This size also supports nested virtualization. |
+| Medium (Nested virtualization) | <ul><li>4 Cores</li><li>16 GB RAM</li></ul> | [Standard_D4s_v3](https://docs.microsoft.com/azure/virtual-machines/dv3-dsv3-series?toc=/azure/virtual-machines/linux/toc.json&bc=/azure/virtual-machines/linux/breadcrumb/toc.json#dsv3-series) | This size is best suited for relational databases, in-memory caching, and analytics.  This size also supports nested virtualization. |
 | Large | <ul><li>8 Cores</li><li>32 GB RAM</li></ul>  | [Standard_DC8_v2](https://docs.microsoft.com/azure/virtual-machines/dcv2-series?toc=/azure/virtual-machines/linux/toc.json&bc=/azure/virtual-machines/linux/breadcrumb/toc.json) | This size is best suited for applications that need faster CPUs, better local disk performance, large databases, large memory caches.  This size also supports nested virtualization. |
 | Small GPU (Visualization) | <ul><li>6 Cores</li><li>56 GB RAM</li>  | [Standard_NV6](https://docs.microsoft.com/azure/virtual-machines/nv-series) | This size is best suited for remote visualization, streaming, gaming, encoding using frameworks such as OpenGL and DirectX. |
 | Small GPU (Compute) | <ul><li>6 Cores</li><li>56 GB RAM</li></ul>  | [Standard_NC6](https://docs.microsoft.com/azure/virtual-machines/nc-series) |This size is best suited for computer-intensive applications like Artificial Intelligence and Deep Learning. |

articles/lab-services/classroom-labs/how-to-windows-shutdown.md

@@ -54,7 +54,7 @@ To set the RDP session idle time limit, you can connect to the template VM and e
 
 ```powershell
 # The MaxIdleTime is in milliseconds; by default, this script sets MaxIdleTime to 15 minutes.
-$maxIdleTime = 15 * 60 * 90
+$maxIdleTime = 15 * 60 * 1000
 
 Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" -Name "MaxIdleTime" -Value $maxIdleTime -Force
 ```
@@ -76,6 +76,9 @@ Or, you can choose to follow these manual steps using the template VM:
 
 1. Finally, to combine this behavior with the **automatic shutdown on disconnect** setting, you should follow steps in the how-to article: [Enable automatic shutdown of VMs on disconnect](https://docs.microsoft.com/azure/lab-services/classroom-labs/how-to-enable-shutdown-disconnect).
 
+> [!WARNING]
+> After configuring this setting using either PowerShell to modify the registry setting directly or manually using the Group Policy editor, you must first restart the VM for the settings to take effect.  Also, if you configure the setting using the registry, the Group Policy editor doesn't always refresh to reflect changes to the registry setting; however, the registry setting still takes effect as expected and you will see the RDP session disconnected when idle for the length of time that you've specified.
+
 ## Remove Windows shutdown command from Start menu
 
 Windows **Local Group Policy** settings also allow you to remove the shutdown command from the **Start** menu.