Merge pull request #46860 from MicrosoftDocs/master

7/17 PM Publish

Author: huypub

.openpublishing.redirection.json

@@ -1,5 +1,15 @@
 {
     "redirections": [
+        {
+            "source_path": "articles/batch/batch-dotnet-get-started.md",
+            "redirect_url": "/azure/batch/quick-run-dotnet",
+            "redirect_document_id": true
+        },
+        {
+            "source_path": "articles/batch/batch-python-tutorial.md",
+            "redirect_url": "/azure/batch/quick-run-python",
+            "redirect_document_id": true
+        },
         {
             "source_path": "articles/cognitive-services/Speech-Service/how-to-customize-speech-models.md",
             "redirect_url": "/azure/cognitive-services/Speech-Service/how-to-customize-acoustic-models",

articles/active-directory-b2c/active-directory-b2c-apps.md

@@ -19,14 +19,14 @@ and other identity management tasks to your mobile and desktop apps. This articl
 
 <!-- TODO: Need link to libraries -->
 
-The OAuth 2.0 authorization code flow is described in [section 4.1 of the OAuth 2.0 specification](http://tools.ietf.org/html/rfc6749). You can use it for authentication and authorization in most app types, including [web apps](active-directory-b2c-apps.md#web-apps) and [natively installed apps](active-directory-b2c-apps.md#mobile-and-native-apps). You can use the OAuth 2.0 authorization code flow to securely acquire *access tokens* for your apps, which can be used to access resources that are secured by an [authorization server](active-directory-b2c-reference-protocols.md#the-basics).
+The OAuth 2.0 authorization code flow is described in [section 4.1 of the OAuth 2.0 specification](http://tools.ietf.org/html/rfc6749). You can use it for authentication and authorization in most [application types](active-directory-b2c-apps.md), including web applications and natively installed applications. You can use the OAuth 2.0 authorization code flow to securely acquire access tokens for your applicationss, which can be used to access resources that are secured by an [authorization server](active-directory-b2c-reference-protocols.md).
 
-This article focuses on the **public clients** OAuth 2.0 authorization code flow. A public client is any client application that cannot be trusted to securely maintain the integrity of a secret password. This includes mobile apps, desktop apps, and essentially any application that runs on a device and needs to get access tokens. 
+This article focuses on the **public clients** OAuth 2.0 authorization code flow. A public client is any client application that cannot be trusted to securely maintain the integrity of a secret password. This includes mobile apps, desktop applications, and essentially any application that runs on a device and needs to get access tokens. 
 
 > [!NOTE]
 > To add identity management to a web app by using Azure AD B2C, use [OpenID Connect](active-directory-b2c-reference-oidc.md) instead of OAuth 2.0.
 
-Azure AD B2C extends the standard OAuth 2.0 flows to do more than simple authentication and authorization. It introduces the [policy parameter](active-directory-b2c-reference-policies.md). With built-in policies, you can use OAuth 2.0 to add user experiences to your app, such as sign-up, sign-in, and profile management. In this article, we show you how to use OAuth 2.0 and policies to implement each of these experiences in your native applications. We also show you how to get access tokens for accessing web APIs.
+Azure AD B2C extends the standard OAuth 2.0 flows to do more than simple authentication and authorization. It introduces the [policy parameter](active-directory-b2c-reference-policies.md). With built-in policies, you can use OAuth 2.0 to add user experiences to your application, such as sign-up, sign-in, and profile management. In this article, we show you how to use OAuth 2.0 and policies to implement each of these experiences in your native applications. We also show you how to get access tokens for accessing web APIs.
 
 In the example HTTP requests in this article, we use our sample Azure AD B2C directory, **fabrikamb2c.onmicrosoft.com**. We also use our sample application and policies. You can try the requests yourself by using these values, or you can replace them with your own values.
 Learn how to [get your own Azure AD B2C directory, application, and policies](#use-your-own-azure-ad-b2c-directory).
@@ -186,7 +186,7 @@ POST fabrikamb2c.onmicrosoft.com/oauth2/v2.0/token?p=b2c_1_sign_in HTTP/1.1
 Host: https://login.microsoftonline.com
 Content-Type: application/x-www-form-urlencoded
 
-grant_type=refresh_token&client_id=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6&scope=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6 offline_access&refresh_token=AwABAAAAvPM1KaPlrEqdFSBzjqfTGBCmLdgfSTLEMPGYuNHSUYBrq...&redirect_uri=urn:ietf:wg:oauth:2.0:oob
+grant_type=refresh_token&client_id=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6&client_secret=JqQX2PNo9bpM0uEihUPzyrh&scope=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6 offline_access&refresh_token=AwABAAAAvPM1KaPlrEqdFSBzjqfTGBCmLdgfSTLEMPGYuNHSUYBrq...&redirect_uri=urn:ietf:wg:oauth:2.0:oob
 ```
 
 | Parameter | Required? | Description |

articles/active-directory-b2c/active-directory-b2c-reference-oauth-code.md

@@ -14,7 +14,7 @@ ms.devlang: na
 ms.topic: article
 ms.tgt_pltfrm: na
 ms.workload: identity
-ms.date: 07/16/2018
+ms.date: 07/17/2018
 ms.author: markvi
 ms.reviewer: calebb
 #Customer intent: As an IT admin, I want to configure a policy to handle suspicious sign-ins, so that they can be automatically handled.
@@ -59,14 +59,15 @@ The goal of this step is to make sure that your test account can access your ten
 
 ## Create your conditional access policy 
 
-The scenario in this quickstart uses a sign-in from a Tor Browser to generate a detected **Sign-ins from anonymous IP addresses** risk event. The risk level of this risk event is medium.   
+The scenario in this quickstart uses a sign-in from a Tor Browser to generate a detected **Sign-ins from anonymous IP addresses** risk event. The risk level of this risk event is medium. To respond to this risk event, you set the sign-in risk condition to medium. In a production environment, you should set the sign-in risk condition either to high or to medium and high.     
 
 This section shows how to create the required conditional access policy. In your policy, set:
 
 |Setting |Value|
 |---     | --- |
 | Users and groups | Alain Charon  |
 | Cloud apps | All cloud apps |
+| Sign-in risk | Medium |
 | Grant | Block access |
 
 

articles/active-directory/active-directory-conditional-access-app-sign-in-risk.md

@@ -15,7 +15,7 @@ ms.devlang: na
 ms.topic: article
 ms.tgt_pltfrm: na
 ms.workload: identity
-ms.date: 06/13/2018
+ms.date: 07/17/2018
 ms.author: markvi
 ms.reviewer: nigu
 
@@ -51,6 +51,10 @@ As a next step, you can initiate a simulation run that evaluates your settings.
 When the evaluation has finished, the tool generates a report of the affected policies.
 
 
+> [!NOTE]
+> Currently, the What If tool does not support nested groups. If a user is in a group and that group is member of another group that is used in a conditional access policy, then the what if tool does not correctly display the effect of that policy to the user. 
+
+
 ## Running the tool
 
 You can find the **what if** tool on the **[Conditional access - Policies](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ConditionalAccessBlade/Policies)** page in the Azure portal.

articles/active-directory/active-directory-conditional-access-whatif.md

@@ -54,7 +54,7 @@ To use these components, you must create one or more Access Control namespaces.
 https://<mynamespace>.accesscontrol.windows.net
 ```
 
-All communication with the STS and management operations are done at this URL. You use different paths for different purposes. To determine whether your applications or services use Access Control, monitor for any traffic to https://<namespace>.accesscontrol.windows.net. Any traffic to this URL is handled by Access Control, and needs to be discontinued. 
+All communication with the STS and management operations are done at this URL. You use different paths for different purposes. To determine whether your applications or services use Access Control, monitor for any traffic to https://&lt;namespace&gt;.accesscontrol.windows.net. Any traffic to this URL is handled by Access Control, and needs to be discontinued. 
 
 The exception to this is any traffic to `https://accounts.accesscontrol.windows.net`. Traffic to this URL is already handled by a different service and **is not** affected by the Access Control deprecation. 
 

articles/active-directory/develop/active-directory-acs-migration.md

@@ -41,6 +41,8 @@
         href: automation-update-management.md
       - name: Manage updates for multiple VMs
         href: manage-update-multi.md
+      - name: Migrate OMS update deployments to Azure
+        href: migrate-oms-update-deployments.md
       - name: Integrate SCCM with Update Management
         href: oms-solution-updatemgmt-sccmintegration.md
     - name: Change Tracking

articles/automation/TOC.yml

@@ -203,7 +203,7 @@ Select the **Update Deployments** tab to view the list of existing update deploy
 
 ## Create or edit an update deployment
 
-To create a new update deployment, select **Schedule update deployment**. The **New Update Deployment** pane opens. Enter values for the properties described in the following table:
+To create a new update deployment, select **Schedule update deployment**. The **New Update Deployment** pane opens. Enter values for the properties described in the following table and then click **Create**:
 
 | Property | Description |
 | --- | --- |