Merge pull request #91169 from MicrosoftDocs/master

10/09 PM Publish

Author: huypub

.openpublishing.redirection.json

@@ -42203,7 +42203,7 @@
     },
     {
       "source_path": "articles/security/fundamentals/network-security.md",
-      "redirect_url": "/azure/security/fundamentals/network-security",
+      "redirect_url": "/azure/security/fundamentals/network-overview",
       "redirect_document_id": false
     },
     {

articles/active-directory-b2c/active-directory-b2c-custom-setup-goog-idp.md

@@ -17,7 +17,7 @@ ms.subservice: B2C
 
 [!INCLUDE [active-directory-b2c-advanced-audience-warning](../../includes/active-directory-b2c-advanced-audience-warning.md)]
 
-This article shows you how to enable sign-in for users from a Google account by using [custom policies](active-directory-b2c-overview-custom.md) in Azure Active Directory B2C (Azure AD B2C).
+This article shows you how to enable sign-in for users with a Google account by using [custom policies](active-directory-b2c-overview-custom.md) in Azure Active Directory B2C (Azure AD B2C).
 
 ## Prerequisites
 

articles/active-directory/develop/active-directory-saml-claims-customization.md

@@ -62,7 +62,7 @@ From the **Choose name identifier format** dropdown, you can select one of the f
 | **EmailAddress** | Azure AD will use EmailAddress as the NameID format. |
 | **Unspecified** | Azure AD will use Unspecified as the NameID format. |
 
-To learn more about the NameIDPolicy attribute, see [Single Sign-On SAML protocol](single-sign-on-saml-protocol.md).
+Transient NameID is also supported, but is not available in the dropdown and cannot be configured on Azure's side. To learn more about the NameIDPolicy attribute, see [Single Sign-On SAML protocol](single-sign-on-saml-protocol.md).
 
 ### Attributes
 

articles/active-directory/develop/identity-platform-integration-checklist.md

@@ -84,7 +84,7 @@ Use the following checklist to ensure that your application is effectively integ
 | ![checkbox](./media/active-directory-integration-checklist/checkbox-two.svg) | [Understand the consent experience](application-consent-experience.md) and configure the pieces of your app’s consent prompt so that end users and admins have enough information to determine if they trust your app. |
 | ![checkbox](./media/active-directory-integration-checklist/checkbox-two.svg) | Minimize the number of times a user needs to enter login credentials while using your app by attempting silent authentication (silent token acquisition) before interactive flows. |
 | ![checkbox](./media/active-directory-integration-checklist/checkbox-two.svg) | Don't use “prompt=consent” for every sign-in. Only use prompt=consent if you’ve determined that you need to ask for consent for additional permissions (for example, if you’ve changed your app’s required permissions). |
-| ![checkbox](./media/active-directory-integration-checklist/checkbox-two.svg) | Where applicable, enrich your application with user data. Use the [Microsoft Graph API](https://developer.microsoft.com/graph) is an easy way to do this. The [Graph explorer](https://developer.microsoft.com/graph/graph-explorer) tool that can help you get started. |
+| ![checkbox](./media/active-directory-integration-checklist/checkbox-two.svg) | Where applicable, enrich your application with user data. Using the [Microsoft Graph API](https://developer.microsoft.com/graph) is an easy way to do this. The [Graph Explorer](https://developer.microsoft.com/graph/graph-explorer) tool that can help you get started. |
 | ![checkbox](./media/active-directory-integration-checklist/checkbox-two.svg) | Register the full set of permissions that your app requires so admins can grant consent easily to their tenant. Use [incremental consent](azure-ad-endpoint-comparison.md#incremental-and-dynamic-consent) at run time to help users understand why your app is requesting permissions that may concern or confuse users when requested on first start. |
 | ![checkbox](./media/active-directory-integration-checklist/checkbox-two.svg) | Implement a [clean single sign-out experience](https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/tree/master/1-WebApp-OIDC/1-6-SignOut). It’s a privacy and a security requirement, and makes for a good user experience. |
 

articles/active-directory/develop/quickstart-v2-java-webapp.md

@@ -13,7 +13,7 @@ ms.devlang: na
 ms.topic: quickstart
 ms.tgt_pltfrm: na
 ms.workload: identity
-ms.date: 09/18/2019
+ms.date: 10/09/2019
 ms.author: sagonzal
 ms.custom: aaddev 
 ---
@@ -48,18 +48,7 @@ To run this sample you will need:
 > ### Option 2: Register and manually configure your application and code sample
 > 
 >
-> #### Step 1: Download the code sample
-> 
-> - [Download the Code Sample](https://github.com/Azure-Samples/ms-identity-java-webapp/archive/master.zip)
->
-> #### Step 2: Open application.properties
->
-> 1. Extract the zip file to a local folder.
-> 1. (Optional) If you use an integrated development environment, open the sample in your favorite IDE.
-> 1. Open the *application.properties* file. You will insert values for `aad.clientId`, `aad.authority`, and `aad.secretKey` when you register your application in the next step.
-
-
-> #### Step 3: Register your application
+> #### Step 1: Register your application
 > To register your application and manually add the app's registration information to your solution, follow these steps:
 >
 > 1. Sign in to the [Azure portal](https://portal.azure.com) using either a work or school account, or a personal Microsoft account.
@@ -69,8 +58,8 @@ To run this sample you will need:
 > 1. When the **Register an application** page appears, enter your application's registration information:
 >    - In the **Name** section, enter a meaningful application name that will be displayed to users of the app, for example `java-webapp`.
 >    - Leave **Redirect URI** blank for now, and select **Register**.
-> 1. Find the **Application (client) ID** value of the application. Update the value of `Enter_the_Application_Id_here` in the *application.properties* file.
-> 1. Find the **Directory (tenant) ID** value of the application. Update the value of `Enter_the_Tenant_Info_Here` in the *application.properties* file. 
+> 1. Find the **Application (client) ID** value of the application. Copy this value, you will need it later.
+> 1. Find the **Directory (tenant) ID** value of the application. Copy this value, you will need it later.
 > 1. Select the **Authentication** menu, and then add the following information:
 >    - In **Redirect URIs**, add `http://localhost:8080/msal4jsamples/secure/aad` and `https://localhost:8080/msal4jsamples/graph/users`.
 >    - Select **Save**.
@@ -79,7 +68,7 @@ To run this sample you will need:
 >    - Type a key description (of instance app secret).
 >    - Select a key duration of **In 1 year**.
 >    - When you click on **Add**, the key value will be displayed. 
->    - Copy the value of the key. Open the *application.properties* file that you downloaded earlier and update the value of `Enter_the_Client_Secret_Here` with the key value. 
+>    - Copy the value of the key, you will need it later.
 >
 > [!div class="sxs-lookup" renderon="portal"]
 > #### Step 1: Configure your application in the Azure portal
@@ -91,20 +80,26 @@ To run this sample you will need:
 >
 > > [!div id="appconfigured" class="alert alert-info"]
 > > ![Already configured](media/quickstart-v2-aspnet-webapp/green-check.png) Your application is configured with these attributes.
-> 
-> #### Step 2: Download the code sample
-> 
-> - [Download the Code Sample](https://github.com/Azure-Samples/ms-identity-java-webapp/archive/master.zip)
-> 
-> #### Step 3: Configure the code sample 
-> 
-> 1. Extract the zip file to a local folder.
-> 1. If you use an integrated development environment, open the sample in your favorite IDE (optional).
-> 1. Open the **application.properties** file, which can be found in *src/main/resources/*.
-> 1. Replace application properties.
->   1. Find `aad.clientId` and update the value of `Enter_the_Application_Id_here` with the **Application (client) ID** value of the application you registered. 
->   1. Find `aad.authority` and update the value of `Enter_the_Tenant_Name_Here` with the **Directory (tenant) ID** value of the application you registered.
->   1. Find `aad.secretKey` and update the value of `Enter_the_Client_Secret_Here` with the **Client Secret** you created in **Certificates & Secrets** for the application you registered.
+
+#### Step 2: Download the code sample
+ 
+ [Download the Code Sample](https://github.com/Azure-Samples/ms-identity-java-webapp/archive/master.zip)
+ 
+ #### Step 3: Configure the code sample 
+ 
+ 1. Extract the zip file to a local folder.
+ 1. If you use an integrated development environment, open the sample in your favorite IDE (optional).
+ 1. Open the **application.properties** file, which can be found in *src/main/resources/*.
+ 1. Replace application properties.
+   1. Find `aad.clientId` and update the value of `Enter_the_Application_Id_here` with the **Application (client) ID** value of the application you registered. 
+   1. Find `aad.authority` and update the value of `Enter_the_Tenant_Name_Here` with the **Directory (tenant) ID** value of the application you registered.
+   1. Find `aad.secretKey` and update the value of `Enter_the_Client_Secret_Here` with the **Client Secret** you created in **Certificates & Secrets** for the application you registered.
+
+> [!div renderon="docs"]
+> Where:
+>
+> - `Enter_the_Application_Id_here` - is the Application Id for the application you registered.
+> - `Enter_the_Client_Secret_Here` - is the **Client Secret** you created in **Certificates & Secrets** for the application you registered.
 
 #### Step 4: Run the code sample
 1. Run the code sample, and open a browser and navigate to *http://localhost:8080*.
@@ -113,7 +108,6 @@ To run this sample you will need:
     - *Sign Out*: Will sign out the current user from the application, and redirect them the home page.
     - *Show Users*: Will acquire a token for the Microsoft Graph, then call the Microsoft Graph with the token attached to the request to get all of the users in the tenant.
 
-
 ## More information
 
 ### Getting MSAL
@@ -133,7 +127,7 @@ compile group: 'com.microsoft.azure', name: 'msal4j', version: '0.5.0-preview'
 ```
 
 
-### Msal initialization
+### MSAL initialization
 You can add the reference to MSAL4J by adding the following code to the top of the file where you will be using MSAL4J: 
 
 ```Java

articles/active-directory/develop/quickstart-v2-python-webapp.md

@@ -35,8 +35,7 @@ To run this sample, you will need:
 
 - [Python 2.7+](https://www.python.org/downloads/release/python-2713) or [Python 3+](https://www.python.org/downloads/release/python-364/)
 - [Flask](http://flask.pocoo.org/), [Flask-Session](https://pythonhosted.org/Flask-Session/), [requests](https://requests.kennethreitz.org//en/master/)
-- [MSAL Python](https://github.com/AzureAD/microsoft-authentication-library-for-python) 
-- An Azure Active Directory (Azure AD) tenant. For more information on how to get an Azure AD tenant, see [how to get an Azure AD tenant.](https://docs.microsoft.com/azure/active-directory/develop/quickstart-create-new-tenant)
+- [MSAL Python](https://github.com/AzureAD/microsoft-authentication-library-for-python)
 
 > [!div renderon="docs"]
 >

articles/active-directory/manage-apps/customize-application-attributes.md

@@ -138,6 +138,7 @@ Selecting this option will effectively force a resynchronization of all users wh
 - A recommended best practice is to keep the number of consecutive changes to your attribute-mappings at a minimum.
 - Adding a photo attribute to be provisioned to an app is not supported today as you cannot specify the format to sync the photo. You can request the feature on [User Voice](https://feedback.azure.com/forums/169401-azure-active-directory)
 - The attribute IsSoftDeleted is often part of the default mappings for an application. IsSoftdeleted can be true in one of four scenarios (the user is out of scope due to being unassigned from the application, the user is out of scope due to not meeting a scoping filter, the user has been soft deleted in Azure AD, or the property AccountEnabled is set to false on the user). 
+- The Azure AD provisioning service does not support provisioning null values
 
 ## Next steps
 

articles/active-directory/reports-monitoring/concept-audit-logs.md

@@ -23,7 +23,7 @@ ms.collection: M365-identity-device-management
 ---
 # Audit activity reports in the Azure Active Directory portal 
 
-With Azure Active Directory (Azure AD) reports, you can get the information you need to determine how your environment is doing..
+With Azure Active Directory (Azure AD) reports, you can get the information you need to determine how your environment is doing.
 
 The reporting architecture consists of the following components:
 

articles/active-directory/reports-monitoring/howto-integrate-activity-logs-with-arcsight.md

@@ -33,7 +33,7 @@ To use this feature, you need:
 * An Azure event hub that contains Azure AD activity logs. Learn how to [stream your activity logs to an event hub](quickstart-azure-monitor-stream-logs-to-event-hub.md). 
 * A configured instance of ArcSight Syslog NG Daemon SmartConnector (SmartConnector) or ArcSight Load Balancer. If the events are sent to ArcSight Load Balancer, they are consequently sent to the SmartConnector by the Load Balancer.
 
-Download and open the [configuration guide for ArcSight SmartConnector for Azure Monitor Event Hub](https://community.softwaregrp.com/dcvta86296/attachments/dcvta86296/connector-documentation/1232/2/Microsoft%20Azure%20Monitor%20Event%20Hub.pdf). This guide contains the steps you need to install and configure the ArcSight SmartConnector for Azure Monitor. 
+Download and open the [configuration guide for ArcSight SmartConnector for Azure Monitor Event Hub](https://community.microfocus.com/dcvta86296/attachments/dcvta86296/connector-documentation/1232/8/Microsoft%20Azure%20Monitor%20Event%20Hub.pdf). This guide contains the steps you need to install and configure the ArcSight SmartConnector for Azure Monitor. 
 
 ## Integrate Azure AD logs with ArcSight